0

I tried to use the following tutorial:

https://golangdocs.com/aes-encryption-decryption-in-golang

In order to encrypt/decrypt text using AES256 with Go,

It seems to work with plain strings, but not with JSON encoded structure.

I don't understand why, because I thought JSON encoded data were strings as well.

The part of the code dealing with plain strings is commented with Using trings.

    // Using strings

    pt := "This is a secret"
    c := EncryptAES([]byte(key), []byte(pt))
    fmt.Printf("Initial string: %#v\n", pt)
    fmt.Printf("Coded: %v\n", c)
    decoded := DecryptAES([]byte(key), c)
    fmt.Printf("Decoded: %s\n", decoded)

The part of the code after the comment Using JSON strings is the part which doesn't seem to word as expected.

    // Using JSON strings

    p2 := []record{{Name: "John", Age: 20}, {Name: "Jane", Age: 25}}
    m2, _ := json.Marshal(p2)
    fmt.Printf("m2 = %s\n", string(m2))
    fmt.Printf("m2 = %#v\n", string(m2))
    coded := EncryptAES([]byte(key), m2)
    decoded = DecryptAES([]byte(key), coded)
    fmt.Printf("Decoded: %s\n", decoded)

What am I doing wrong?

I'm using Go: go version go1.18 darwin/arm64

package main

import (
    "crypto/aes"
    "encoding/json"
    "fmt"
)

func CheckError(err error) {
    if err != nil {
        panic(err)
    }
}

type record struct {
    Name string `json:"first_name"`
    Age  int    `json:"age"`
}

func main() {

    // cipher key
    key := "thisis32bitlongpassphraseimusing"
    fmt.Printf("len of key %d\n", len(key))

    // Using strings
    pt := "This is a secret"
    c := EncryptAES([]byte(key), []byte(pt))
    fmt.Printf("Initial string: %#v\n", pt)
    fmt.Printf("Coded: %v\n", c)
    decoded := DecryptAES([]byte(key), c)
    fmt.Printf("Decoded: %s\n", decoded)

    // Using JSON strings
    p2 := []record{{Name: "John", Age: 20}, {Name: "Jane", Age: 25}}
    m2, _ := json.Marshal(p2)
    fmt.Printf("m2 = %s\n", string(m2))
    fmt.Printf("m2 = %#v\n", string(m2))
    coded := EncryptAES([]byte(key), m2)
    decoded = DecryptAES([]byte(key), coded)
    fmt.Printf("Decoded: %s\n", decoded)

}

func EncryptAES(key []byte, plaintext []byte) []byte {
    c, err := aes.NewCipher(key)
    CheckError(err)
    out := make([]byte, len(plaintext))
    c.Encrypt(out, []byte(plaintext))
    return out
}

func DecryptAES(key []byte, ct []byte) []byte {
    c, err := aes.NewCipher(key)
    CheckError(err)
    pt := make([]byte, len(ct))
    c.Decrypt(pt, ct)
    return pt
}
Serge Hulne
  • 594
  • 5
  • 17
  • 1
    Unfortunately this article does not provide the full story. Please see [this question](https://stackoverflow.com/questions/75064248/golang-aes-decryption-is-not-returning-same-text) for an explanation (I'll email the author as there have been a few questions due to this article). – Brits Jan 16 '23 at 00:55
  • 1
    Does this answer your question? [Golang- AES Decryption is not returning same Text](https://stackoverflow.com/questions/75064248/golang-aes-decryption-is-not-returning-same-text) – Brits Jan 16 '23 at 01:01
  • 1
    You can check this tutorial too. https://tutorialedge.net/golang/go-encrypt-decrypt-aes-tutorial/ – Minh Jan 16 '23 at 01:17
  • 2
    Basic answer is that `aes.NewCipher` returns a `cipher.Block`; calling the `Encrypt` function on that "encrypts the **first** block" (so only 16 bytes in this case). To encrypt longer messages you need a [blockmode](https://pkg.go.dev/crypto/cipher#BlockMode) - for example [CBC](https://pkg.go.dev/crypto/cipher#NewCBCDecrypter). – Brits Jan 16 '23 at 01:19

1 Answers1

0

Here is a working implementation of the encryptFile and decryptFile functions:

(Based on: https://medium.com/@mertkimyonsen/encrypt-a-file-using-go-f1fe3bc7c635)

func encryptFile(key []byte, plainText []byte) []byte {

    // Creating block of algorithm
    block, err := aes.NewCipher(key)
    if err != nil {
        log.Fatalf("cipher err: %v", err.Error())
    }

    // Creating GCM mode
    gcm, err := cipher.NewGCM(block)
    if err != nil {
        log.Fatalf("cipher GCM err: %v", err.Error())
    }

    // Generating random nonce
    nonce := make([]byte, gcm.NonceSize())
    if _, err := io.ReadFull(rand.Reader, nonce); err != nil {
        log.Fatalf("nonce  err: %v", err.Error())
    }

    // Decrypt file
    cipherText := gcm.Seal(nonce, nonce, plainText, nil)
    return cipherText

}

func decryptFile(key []byte, cipherText []byte) []byte {

    // Creating block of algorithm
    block, err := aes.NewCipher(key)
    if err != nil {
        log.Fatalf("cipher err: %v", err.Error())
    }

    // Creating GCM mode
    gcm, err := cipher.NewGCM(block)
    if err != nil {
        log.Fatalf("cipher GCM err: %v", err.Error())
    }

    // Deattached nonce and decrypt
    nonce := cipherText[:gcm.NonceSize()]
    cipherText = cipherText[gcm.NonceSize():]
    plainText, err := gcm.Open(nil, nonce, cipherText, nil)

    if err != nil {
        log.Fatalf("decrypt file err: %v", err.Error())
    }

    return plainText

}
Serge Hulne
  • 594
  • 5
  • 17