On Thursday, November 16, 2017 at 6:21:51 AM UTC-2, Chetan Gowda wrote: > > More context: > I'm trying to decrypt ApplePay tokens. Apple requires the data to be > decrypted using AES–256 GCM with an initialization vector of 16 null bytes > and no authentication data (step-4 in > https://developer.apple.com/library/content/documentation/PassKit/Reference/PaymentTokenJSON/PaymentTokenJSON.html > ) > > - >> >> For ECC (EC_v1), Decrypt the data key using AES–256 (id-aes256-GCM >> 2.16.840.1.101.3.4.1.46), with an initialization vector of 16 null bytes >> and no associated authentication data. > > > How do I do this using the standard crypto/aes library which doesn't take > initialization vector as a param? > Below is my reference implementation (error checking ignored for brevity). > This code fails with the error "cipher: message authentication failed". > >
What they call "initialization vector", the Go documentation calls "nonce". So you need to use cipher.NewGCMWithNonceSize, passing 16 as size. Also change the nonce allocation to allocate 16 bytes instead of aesgcm.NonceSize() (which is 12). (The Apple spec is strange in this aspect, the default nonce size is really 12) -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
