Hello, In Go's standard implementation of AES-256 GCM cipher, how do I specify an initialization vector while decrypting data? I would really appreciate if someone can provide me some pointers here.
More context: I'm trying to decrypt ApplePay tokens. Apple requires the data to be decrypted using AES–256 GCM with an initialization vector of 16 null bytes and no authentication data (step-4 in https://developer.apple.com/library/content/documentation/PassKit/Reference/PaymentTokenJSON/PaymentTokenJSON.html) - > > For ECC (EC_v1), Decrypt the data key using AES–256 (id-aes256-GCM > 2.16.840.1.101.3.4.1.46), with an initialization vector of 16 null bytes > and no associated authentication data. How do I do this using the standard crypto/aes library which doesn't take initialization vector as a param? Below is my reference implementation (error checking ignored for brevity). This code fails with the error "cipher: message authentication failed". symmetricKey := []byte("derived_symmetric_key_32chars_xx") ciphertext := []byte("applepay_encrypted_data") block, _ := aes.NewCipher(symmetricKey) aesgcm, _ := cipher.NewGCM(block) nonce := make([]byte, aesgcm.NonceSize()) plaintext, err := aesgcm.Open(cipherText[:0], nonce, cipherText, nil) if err != nil { panic(err) } playground link <https://play.golang.org/p/ddmtv5agkc> -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
