Remove base64 encode/decode step

Remove the base64 encode/decode step as it only increases the size of the cipher but not the security.
develop
trivernis 5 years ago
parent 29b0ed32f2
commit 2136543726

@ -25,11 +25,10 @@ image data. The steps for encrypting are:
1. Parse the png file and split it into chunks.
2. Prompt for a password and use the sha512 32byte value with a generated salt.
3. Store the salt in the `saLt` chunk.
4. Create a base64 string out of the data.
5. Encrypt the base64 string using aes and the provided hashed key.
6. Split the data into parts of 1 MiB of size.
7. Store every data part into a separate `crPt` chunk.
8. Write the png header and chunks to the output file.
4. Encrypt the data using aes and the provided hashed key.
5. Split the data into parts of 1 MiB of size.
6. Store every data part into a separate `crPt` chunk.
7. Write the png header and chunks to the output file.
### Decrypt
@ -38,5 +37,4 @@ image data. The steps for encrypting are:
3. Get the `crPt` chunks and and concat the data.
4. Prompt for the password and create the sha512 32byte hash with the salt.
5. Decrypt the data using aes and the provided hash key.
6. Decode the base64 data.
7. Write the data to the specified output file.
6. Write the data to the specified output file.

@ -5,7 +5,6 @@ import (
"crypto/cipher"
"crypto/rand"
"crypto/sha512"
"encoding/base64"
"errors"
"flag"
"fmt"
@ -145,40 +144,32 @@ func readPassword(passwordSalt *[]byte) ([]byte, []byte) {
}
}
// encrypt and decrypt functions taken from
// https://stackoverflow.com/questions/18817336/golang-encrypting-a-string-with-aes-and-base64
func encrypt(key, text []byte) ([]byte, error) {
func encrypt(key, data []byte) ([]byte, error) {
block, err := aes.NewCipher(key)
if err != nil {
return nil, err
}
b := base64.StdEncoding.EncodeToString(text)
cipherText := make([]byte, aes.BlockSize+len(b))
cipherText := make([]byte, aes.BlockSize+len(data))
iv := cipherText[:aes.BlockSize]
if _, err := io.ReadFull(rand.Reader, iv); err != nil {
return nil, err
}
cfb := cipher.NewCFBEncrypter(block, iv)
cfb.XORKeyStream(cipherText[aes.BlockSize:], []byte(b))
cfb.XORKeyStream(cipherText[aes.BlockSize:], data)
return cipherText, nil
}
func decrypt(key, text []byte) ([]byte, error) {
func decrypt(key, data []byte) ([]byte, error) {
block, err := aes.NewCipher(key)
if err != nil {
return nil, err
}
if len(text) < aes.BlockSize {
if len(data) < aes.BlockSize {
return nil, errors.New("ciphertext too short")
}
iv := text[:aes.BlockSize]
text = text[aes.BlockSize:]
iv := data[:aes.BlockSize]
data = data[aes.BlockSize:]
cfb := cipher.NewCFBDecrypter(block, iv)
cfb.XORKeyStream(text, text)
data, err := base64.StdEncoding.DecodeString(string(text))
if err != nil {
return nil, err
}
cfb.XORKeyStream(data, data)
return data, nil
}
Loading…
Cancel
Save