package mainimport ( "bufio" "crypto/aes" "crypto/cipher" "crypto/rand" "

1. package main
2.  
3. import (
4. "bufio"
5. "crypto/aes"
6. "crypto/cipher"
7. "crypto/rand"
8. "encoding/hex"
9. "fmt"
10. "github.com/urfave/cli"
11. "io/ioutil"
12. "log"
13. "os"
14. )
15.  
16. const BLOCKSIZE_BYTE = 16
17. const BLOCKSIZE_BIT = 16 * 8
18.  
19. func main() {
20. app := cli.NewApp()
21. app.Name = "pscrypt"
22. app.Usage = "pscrypt "
23. app.Description = "Encrypt video files in AES CTR provided a key and optionally and IV"
24. app.Version = "0.1.0"
25. app.Action = pscrypt
26.  
27. app.Flags = []cli.Flag{
28. cli.StringFlag{
29. Name: "in, i",
30. Usage: "Input file",
31. },
32. cli.StringFlag{
33. Name: "out, o",
34. Usage: "Output file",
35. },
36. cli.StringFlag{
37. Name: "key, k",
38. Usage: fmt.Sprintf("Key as %d-byte hex string (%d characters)", BLOCKSIZE_BYTE, hex.EncodedLen(BLOCKSIZE_BYTE)),
39. },
40. cli.BoolFlag{
41. Name: "implicit-encrypt, E",
42. Usage: fmt.Sprintf("Generate a random %d-byte IV and prepend it to the output file", BLOCKSIZE_BYTE),
43. },
44. cli.BoolFlag{
45. Name: "implicit-decrypt, D",
46. Usage: fmt.Sprintf("Use first %d bytes of file as IV for decryption", BLOCKSIZE_BYTE),
47. },
48. cli.StringFlag{
49. Name: "iv",
50. Usage: fmt.Sprintf("IV as %d-byte hex string (%d characters)", BLOCKSIZE_BYTE, hex.EncodedLen(BLOCKSIZE_BYTE)),
51. Value: "",
52. },
53. }
54.  
55. app.Run(os.Args)
56. }
57.  
58. func pscrypt(ctx *cli.Context) error {
59. if ctx.String("in") == "" ||
60. ctx.String("out") == "" ||
61. ctx.String("key") == "" ||
62. ctx.Bool("implicit-decrypt") && ctx.Bool("implicit-encrypt") ||
63. (ctx.String("iv") == "" && !(ctx.Bool("implicit-decrypt") || ctx.Bool("implicit-encrypt"))) {
64.  
65. cli.ShowAppHelp(ctx)
66. return nil
67. }
68.  
69. in, err := os.Open(ctx.String("in"))
70. check(err)
71.  
72. ir := bufio.NewReader(in)
73.  
74. out, err := os.Create(ctx.String("out"))
75. check(err)
76.  
77. ow := bufio.NewWriter(out)
78.  
79. key := make([]byte, BLOCKSIZE_BYTE)
80. n, err := hex.Decode(key, []byte(ctx.String("key")))
81. check(err)
82. if n != BLOCKSIZE_BYTE {
83. log.Fatalf("Provided key is not %d b long", BLOCKSIZE_BIT)
84. }
85.  
86. iv := make([]byte, BLOCKSIZE_BYTE)
87.  
88. source, err := ioutil.ReadAll(ir)
89.  
90. if ctx.String("iv") != "" {
91. n, err = hex.Decode(key, []byte(ctx.String("iv")))
92. check(err)
93. if n != BLOCKSIZE_BYTE {
94. log.Fatalf("Provided IV is not %d b long", BLOCKSIZE_BIT)
95. }
96. } else {
97. if ctx.Bool("implicit-decrypt") {
98. copy(iv, source[:BLOCKSIZE_BYTE])
99. source = source[BLOCKSIZE_BYTE:]
100. } else if ctx.Bool("implicit-encrypt") {
101. n, err = rand.Read(iv)
102. check(err)
103. if n != BLOCKSIZE_BYTE {
104. log.Fatalf("Error gathering %d random bytes for IV", BLOCKSIZE_BIT)
105. }
106. ow.Write(iv)
107. } else {
108. log.Fatal("You need to provide an IV or use -I/-E option.")
109. }
110. }
111.  
112. aesCipher, err := aes.NewCipher(key)
113. check(err)
114.  
115. ctr := cipher.NewCTR(aesCipher, iv)
116.  
117. destination := make([]byte, len(source))
118. check(err)
119.  
120. ctr.XORKeyStream(destination, source)
121.  
122. ow.Write(destination)
123.  
124. return nil
125. }
126.  
127. func check(err error) {
128. if err != nil {
129. log.Fatal(err)
130. }
131. }