Skip to content

Instantly share code, notes, and snippets.

@alcedo

alcedo/aes_gcm.go

Created December 20, 2023 15:49
Show Gist options
  • Save alcedo/420c02d9801f35d807ceac955c5c6b44 to your computer and use it in GitHub Desktop.
Save alcedo/420c02d9801f35d807ceac955c5c6b44 to your computer and use it in GitHub Desktop.
Download ZIP
Golang AES GCM Encrypt String and File example
Raw
aes_gcm.go
package main
import (
"crypto/aes"
"crypto/cipher"
"crypto/rand"
"io"
"io/ioutil"
"log"
"os"
"fmt"
"encoding/hex"
)
func main() {
os.Remove("assets/ciphertext.bin")
os.Remove("assets/outputs/plaintext.txt")
encryptFile()
decryptFile()
decryptString( encryptString("sun moon dog cat cow moon sea breeze foundation") )
}
func encryptFile() {
// Reading plaintext file
plainText, err := ioutil.ReadFile("assets/plaintext.txt")
if err != nil {
log.Fatalf("read file err: %v", err.Error())
}
// Reading key
key, err := ioutil.ReadFile("assets/key.txt")
if err != nil {
log.Fatalf("read file err: %v", err.Error())
}
// Creating block of algorithm
block, err := aes.NewCipher(key)
if err != nil {
log.Fatalf("cipher err: %v", err.Error())
}
// Creating GCM mode
gcm, err := cipher.NewGCM(block)
if err != nil {
log.Fatalf("cipher GCM err: %v", err.Error())
}
// Generating random nonce
nonce := make([]byte, gcm.NonceSize())
if _, err := io.ReadFull(rand.Reader, nonce); err != nil {
log.Fatalf("nonce err: %v", err.Error())
}
// Encrypt file
cipherText := gcm.Seal(nonce, nonce, plainText, nil)
// Writing ciphertext file
err = ioutil.WriteFile("assets/encrypted_cipherText.bin", cipherText, 0777)
if err != nil {
log.Fatalf("write file err: %v", err.Error())
}
}
func decryptFile() {
// Reading ciphertext file
cipherText, err := ioutil.ReadFile("assets/encrypted_cipherText.bin")
if err != nil {
log.Fatal(err)
}
// Reading key
key, err := ioutil.ReadFile("assets/key.txt")
if err != nil {
log.Fatalf("read file err: %v", err.Error())
}
// Creating block of algorithm
block, err := aes.NewCipher(key)
if err != nil {
log.Fatalf("cipher err: %v", err.Error())
}
// Creating GCM mode
gcm, err := cipher.NewGCM(block)
if err != nil {
log.Fatalf("cipher GCM err: %v", err.Error())
}
// Deattached nonce and decrypt
nonce := cipherText[:gcm.NonceSize()]
cipherText = cipherText[gcm.NonceSize():]
plainText, err := gcm.Open(nil, nonce, cipherText, nil)
if err != nil {
log.Fatalf("decrypt file err: %v", err.Error())
}
// Writing decryption content
err = ioutil.WriteFile("assets/outputs/plaintext.txt", plainText, 0777)
if err != nil {
log.Fatalf("write file err: %v", err.Error())
}
}
func encryptString(plainString string) []byte {
key, _ := hex.DecodeString("6368616e676520746869732070617373")
plaintext := []byte(plainString)
block, err := aes.NewCipher(key)
if err != nil {
panic(err.Error())
}
aesgcm, err := cipher.NewGCM(block)
if err != nil {
panic(err.Error())
}
// Never use more than 2^32 random nonces with a given key because of the risk of a repeat.
nonce := make([]byte, aesgcm.NonceSize())
if _, err := io.ReadFull(rand.Reader, nonce); err != nil {
panic(err.Error())
}
ciphertext := aesgcm.Seal(nil, nonce, plaintext, nil)
ciphertext = append(nonce, ciphertext...)
fmt.Printf("encryptString to: %x\n", ciphertext)
return ciphertext
}
func decryptString(cipherText []byte) {
key, _ := hex.DecodeString("6368616e676520746869732070617373")
// Creating block of algorithm
block, err := aes.NewCipher(key)
if err != nil {
log.Fatalf("cipher err: %v", err.Error())
}
// Creating GCM mode
gcm, err := cipher.NewGCM(block)
if err != nil {
log.Fatalf("cipher GCM err: %v", err.Error())
}
// Deattached nonce and decrypt
nonce := cipherText[:gcm.NonceSize()]
cipherText = cipherText[gcm.NonceSize():]
plainText, err := gcm.Open(nil, nonce, cipherText, nil)
if err != nil {
log.Fatalf("decrypt cipher text err: %v", err.Error())
}
// Writing decryption content
fmt.Printf("%s\n", plainText)
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment