Encrypt encrypts plaintext using AES-256-GCM. Format: iv:authTag:ciphertext (all hex encoded), matching Node.
(plaintext string)
| 64 | // Encrypt encrypts plaintext using AES-256-GCM. |
| 65 | // Format: iv:authTag:ciphertext (all hex encoded), matching Node. |
| 66 | func (e *Encryption) Encrypt(plaintext string) (string, error) { |
| 67 | if plaintext == "" { |
| 68 | return "", nil |
| 69 | } |
| 70 | block, err := aes.NewCipher(e.key) |
| 71 | if err != nil { |
| 72 | return "", err |
| 73 | } |
| 74 | aead, err := cipher.NewGCM(block) |
| 75 | if err != nil { |
| 76 | return "", err |
| 77 | } |
| 78 | iv := make([]byte, ivLength) |
| 79 | if _, err := io.ReadFull(rand.Reader, iv); err != nil { |
| 80 | return "", err |
| 81 | } |
| 82 | ciphertext := aead.Seal(nil, iv, []byte(plaintext), nil) |
| 83 | authTag := ciphertext[len(ciphertext)-authTagLength:] |
| 84 | ct := ciphertext[:len(ciphertext)-authTagLength] |
| 85 | return hex.EncodeToString(iv) + ":" + hex.EncodeToString(authTag) + ":" + hex.EncodeToString(ct), nil |
| 86 | } |
| 87 | |
| 88 | // IsEncrypted returns true if the string appears to be in encrypted format (iv:authTag:ciphertext). |
| 89 | func IsEncrypted(s string) bool { |
no outgoing calls
no test coverage detected