feat(libcrypto): move into the Portainer repository EE-5476 (#10230)

2025-07-24 15:59:41 +02:00 · 2023-09-01 17:27:19 -03:00 · 2023-09-01 17:27:19 -03:00 · 090fa4aeb3
commit 090fa4aeb3
parent 9a234204fa
12 changed files with 194 additions and 7 deletions
--- a/pkg/libcrypto/decrypt.go
+++ b/pkg/libcrypto/decrypt.go
@ -0,0 +1,35 @@
+package libcrypto
+
+import (
+	"crypto/aes"
+	"crypto/cipher"
+	"errors"
+)
+
+// Decrypt decrypts data using 256-bit AES-GCM.  This both hides the content of
+// the data and provides a check that it hasn't been altered. Expects input
+// form nonce|ciphertext|tag where '|' indicates concatenation.
+// Creates a 32bit hash of the key before decrypting the data.
+func Decrypt(data []byte, key []byte) ([]byte, error) {
+	hashKey := Hash32Bit(key)
+
+	block, err := aes.NewCipher(hashKey)
+	if err != nil {
+		return nil, err
+	}
+
+	gcm, err := cipher.NewGCM(block)
+	if err != nil {
+		return nil, err
+	}
+
+	if len(data) < gcm.NonceSize() {
+		return nil, errors.New("malformed ciphertext")
+	}
+
+	return gcm.Open(nil,
+		data[:gcm.NonceSize()],
+		data[gcm.NonceSize():],
+		nil,
+	)
+}