Python equivalent of this is from cryptography.hazmat.backends import default_backend from cryptography.hazmat.primitives import ciphers ... mode = ciphers.modes.GCM(b'\0' * 16, ciphertext[-16:], 16) decryptor = ciphers.Cipher(ciphers.algorithms.AES(symmetric_key), mode, backend=default_backend()).decryptor() print decryptor.update(cipherdata[:-16]) + decryptor.finalize()
Basically, how do I do this in Go using std crypto library? On Thursday, November 16, 2017 at 12:21:51 AM UTC-8, Chetan Gowda wrote: > > Hello, > In Go's standard implementation of AES-256 GCM cipher, how do I specify an > initialization vector while decrypting data? I would really appreciate if > someone can provide me some pointers here. > > More context: > I'm trying to decrypt ApplePay tokens. Apple requires the data to be > decrypted using AES–256 GCM with an initialization vector of 16 null bytes > and no authentication data (step-4 in > https://developer.apple.com/library/content/documentation/PassKit/Reference/PaymentTokenJSON/PaymentTokenJSON.html > ) > > - >> >> For ECC (EC_v1), Decrypt the data key using AES–256 (id-aes256-GCM >> 2.16.840.1.101.3.4.1.46), with an initialization vector of 16 null bytes >> and no associated authentication data. > > > How do I do this using the standard crypto/aes library which doesn't take > initialization vector as a param? > Below is my reference implementation (error checking ignored for brevity). > This code fails with the error "cipher: message authentication failed". > > symmetricKey := []byte("derived_symmetric_key_32chars_xx") > ciphertext := []byte("applepay_encrypted_data") > > block, _ := aes.NewCipher(symmetricKey) > aesgcm, _ := cipher.NewGCM(block) > nonce := make([]byte, aesgcm.NonceSize()) > > plaintext, err := aesgcm.Open(cipherText[:0], nonce, cipherText, nil) > if err != nil { > panic(err) > } > > playground link <https://play.golang.org/p/ddmtv5agkc> > -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
