Encrypt encrypts data using 256-bit AES-GCM. This both hides the content of the data and provides a check that it hasn't been altered. Output takes the form nonce|ciphertext|tag where '|' indicates concatenation.
(plaintext []byte, key *[32]byte)
| 35 | // the data and provides a check that it hasn't been altered. Output takes the |
| 36 | // form nonce|ciphertext|tag where '|' indicates concatenation. |
| 37 | func Encrypt(plaintext []byte, key *[32]byte) (ciphertext []byte, err error) { |
| 38 | block, err := aes.NewCipher(key[:]) |
| 39 | if err != nil { |
| 40 | return nil, err |
| 41 | } |
| 42 | |
| 43 | gcm, err := cipher.NewGCM(block) |
| 44 | if err != nil { |
| 45 | return nil, err |
| 46 | } |
| 47 | |
| 48 | nonce := make([]byte, gcm.NonceSize()) |
| 49 | _, err = io.ReadFull(rand.Reader, nonce) |
| 50 | if err != nil { |
| 51 | return nil, err |
| 52 | } |
| 53 | |
| 54 | return gcm.Seal(nonce, nonce, plaintext, nil), nil |
| 55 | } |
| 56 | |
| 57 | // Decrypt decrypts data using 256-bit AES-GCM. This both hides the content of |
| 58 | // the data and provides a check that it hasn't been altered. Expects input |
no outgoing calls