evp

README

go-evp

An implementation of the Openssl EVP_BytesToKey function.

Overview

This library can be used to provide the key and IV for a given salt and passphrase. Note that although it implements the logic, the function signature does not match. See BytesToKeyAES256CBC for a helper function that works with aes-256-cbc.

Usage

The example below demonstrates how you would use go-evp to decrypt a file which has been encrypted with openssl using the aes-256-cbc cipher type with the salt option.

package main

import (
	"crypto/aes"
	"crypto/cipher"
	"fmt"
	"github.com/walkert/go-evp"
	"io/ioutil"
)

const salted string = "Salted__"

func main() {
	data, _ := ioutil.ReadFile("encrypted.file")
	salt := data[len(salted):aes.BlockSize]
	payload := data[aes.BlockSize:]
	key, iv := evp.BytesToKeyAES256CBC(salt, []byte("password"))
	block, err := aes.NewCipher(key)
	if err != nil {
		panic(err)
	}
	cbc := cipher.NewCBCDecrypter(block, iv)
	cbc.CryptBlocks(payload, payload)
	fmt.Println("Decrypted =", string(payload))
}

Documentation

Index

• func BytesToKey(salt, data []byte, h hash.Hash, keyLen, blockLen int) (key, iv []byte)
• func BytesToKeyAES256CBC(salt, data []byte) (key []byte, iv []byte)
• func BytesToKeyAES256CBCMD5(salt, data []byte) (key []byte, iv []byte)

Functions

func BytesToKey

func BytesToKey(salt, data []byte, h hash.Hash, keyLen, blockLen int) (key, iv []byte)

BytesToKey implements the Openssl EVP_BytesToKey logic. It takes the salt, data, a hash type and the key/block length used by that type. As such it differs considerably from the openssl method in C.

func BytesToKeyAES256CBC

func BytesToKeyAES256CBC(salt, data []byte) (key []byte, iv []byte)

BytesToKeyAES256CBC implements the SHA256 version of EVP_BytesToKey using AES CBC

func BytesToKeyAES256CBCMD5

func BytesToKeyAES256CBCMD5(salt, data []byte) (key []byte, iv []byte)

BytesToKeyAES256CBCMD5 implements the MD5 version of EVP_BytesToKey using AES CBC