20314806283

Committed 17 Dec 2025 07:12PM UTC coverage: 46.561% (-9.6%) from 56.117%

Build # 20314806283

Build Type

push

github

Committed by

rokath

Commit Message

minor corrections

Run Details

2532 of 5438 relevant lines covered (46.56%)

868.71 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

93.83

/pkg/cipher/cipher.go

// Copyright 2020 Thomas.Hoehenleitner [at] seerose.net
// Use of this source code is governed by a license that can be found in the LICENSE file.

// Package cipher provides an encryption and decryption interface.
//
// It abstracts from the used cipher algorithm
package cipher

import (
        "crypto/sha1"
        "fmt"
        "io"

        "github.com/rokath/trice/pkg/msg"
        "golang.org/x/crypto/xtea"
)

// local config values
var (
        // Password is the key one needs to decrypt trice logs if encrypted
        Password string

        // ShowKey if set, allows to see the encryption passphrase
        ShowKey bool

        key []byte

        // cipher is a pointer to the crypto struct filled during initialization
        ci *xtea.Cipher

        // enabled set to true if a -password other than "" was given
        enabled bool
)

// SetUp uses the Password to create a cipher. If Password is "" encryption/decryption is disabled.
func SetUp(w io.Writer) error {
        var err error
        ci, enabled, err = createCipher(w)
        msg.FatalOnErr(err)

        bsize := ci.BlockSize()
        msg.FatalOnTrue(8 != bsize)

        return nil
}

// createCipher prepares decryption, with password "none" the encryption flag is set false, otherwise true
func createCipher(w io.Writer) (*xtea.Cipher, bool, error) {
        switch Password {
        case "0000000000000000":
                key = []byte{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} // used for checking only
        case "1000000000000000":
                key = []byte{1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} // used for checking only
        case "0001000000000000":
                key = []byte{0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} // used for checking only
        default:
                h := sha1.New() // https://gobyexample.com/sha1-hashes
                h.Write([]byte(Password))
                key = h.Sum(nil)
                key = key[:16] // only first 16 bytes needed as key
        }
        c, err := xtea.NewCipher(key)
        msg.FatalOnErr(err)

        var e bool
        if "" != Password {
                e = true
                if ShowKey {
                        fmt.Fprintf(w, "% 20x is XTEA encryption key\n", key)
                }
        }
        return c, e, nil
}

//! tested with little endian embedded device
func swap8Bytes(src []byte) []byte {
        b := make([]byte, 8)
        copy(b, src)
        return []byte{b[3], b[2], b[1], b[0], b[7], b[6], b[5], b[4]}
}

// Encrypt8 translates a byte slice in a protected slice of length 8.
//
// Shorter slices are extended with 0x16 until length 8.
// Longer slices are truncated to length 8.
func Encrypt8(b []byte) (e []byte) {
        msg.InfoOnFalse(8 == len(b), "Buffer len is not 8.")
        if enabled {
                src := swap8Bytes(b) // HtoN
                dst := make([]byte, 8)
                ci.Encrypt(dst, src) // assumes network order
                e = swap8Bytes(dst)  // NtoH (should be done in target before decrypt)
        } else {
                e = b
        }
        return
}

// Decrypt8 translates an encryption protected byte slice back in a slice of length 8.
//
// Shorter slices are extended with 0 until length 8.
// Longer slices are truncated to length 8.
func Decrypt8(b []byte) (d []byte) {
        msg.InfoOnFalse(8 == len(b), "Buffer len is not 8.")
        if enabled {
                src := swap8Bytes(b) // HtoN (not done in Target after encrypt)
                dst := make([]byte, 8)
                ci.Decrypt(dst, src) // assumes network order
                d = swap8Bytes(dst)  // NtoH
        } else {
                d = b
        }
        return
}

// decrypt8 translates src, an encryption protected byte slice, back in dst, a byte slice of length 8.
//
// Shorter slices are extended with 0 until length 8.
// Longer slices are truncated to length 8.
func decrypt8(dst, src []byte) {
        swap := src
        if enabled {
                swap = swap8Bytes(src) // HtoN (not done in Target after encrypt)
                ci.Decrypt(dst, swap)  // assumes network order
                swap = swap8Bytes(dst) // NtoH
        }
        _ = copy(dst, swap)
}

// encrypt8 translates byte slice src, in an encryption protected byte slice dst.
//
// Shorter slices are extended with 0 until length 8.
// Longer slices are truncated to length 8.
func encrypt8(dst, src []byte) {
        swap := src
        if enabled {
                swap = swap8Bytes(src) // HtoN
                ci.Encrypt(dst, swap)  // assumes network order
                swap = swap8Bytes(dst) // NtoH (not done in Target after receive)
        }
        _ = copy(dst, swap)
}

// Decrypt converts src into dst and returns count of converted bytes.
// Only multiple of 8 are convertable, so last 0-7 bytes are not convertable and c is a multiple of 8.
// The smaller byte slice limits the conversion.
func Decrypt(dst, src []byte) (c int) {
        for c = 0; c+8 <= len(dst) && c+8 <= len(src); c += 8 {
                decrypt8(dst[c:c+8], src[c:c+8])
        }
        return
}

//  // Encrypt converts src into dst and returns count of converted bytes.
//  // Only multiple of 8 are convertable, so last 0-7 bytes are not convertable and c is a multiple of 8.
//  // The smaller byte slice limits the conversion.
//  func Encrypt(dst, src []byte) (c int) {
//          for c = 0; c+8 <= len(dst) && c+8 <= len(src); c += 8 {
//                  encrypt8(dst[c:c+8], src[c:c+8])
//          }
//          return
//  }

1	// Copyright 2020 Thomas.Hoehenleitner [at] seerose.net
2	// Use of this source code is governed by a license that can be found in the LICENSE file.
3
4	// Package cipher provides an encryption and decryption interface.
5	//
6	// It abstracts from the used cipher algorithm
7	package cipher
8
9	import (
10	"crypto/sha1"
11	"fmt"
12	"io"
13
14	"github.com/rokath/trice/pkg/msg"
15	"golang.org/x/crypto/xtea"
16	)
17
18	// local config values
19	var (
20	// Password is the key one needs to decrypt trice logs if encrypted
21	Password string
22
23	// ShowKey if set, allows to see the encryption passphrase
24	ShowKey bool
25
26	key []byte
27
28	// cipher is a pointer to the crypto struct filled during initialization
29	ci *xtea.Cipher
30
31	// enabled set to true if a -password other than "" was given
32	enabled bool
33	)
34
35	// SetUp uses the Password to create a cipher. If Password is "" encryption/decryption is disabled.
36	func SetUp(w io.Writer) error {	12✔
37	var err error	12✔
38	ci, enabled, err = createCipher(w)	12✔
39	msg.FatalOnErr(err)	12✔
40		12✔
41	bsize := ci.BlockSize()	12✔
42	msg.FatalOnTrue(8 != bsize)	12✔
43		12✔
44	return nil	12✔
45	}	12✔
46
47	// createCipher prepares decryption, with password "none" the encryption flag is set false, otherwise true
48	func createCipher(w io.Writer) (*xtea.Cipher, bool, error) {	12✔
49	switch Password {	12✔
50	case "0000000000000000":	1✔
51	key = []byte{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} // used for checking only	1✔
52	case "1000000000000000":	1✔
53	key = []byte{1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} // used for checking only	1✔
54	case "0001000000000000":	1✔
55	key = []byte{0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} // used for checking only	1✔
56	default:	9✔
57	h := sha1.New() // https://gobyexample.com/sha1-hashes	9✔
58	h.Write([]byte(Password))	9✔
59	key = h.Sum(nil)	9✔
60	key = key[:16] // only first 16 bytes needed as key	9✔
61	}
62	c, err := xtea.NewCipher(key)	12✔
63	msg.FatalOnErr(err)	12✔
64		12✔
65	var e bool	12✔
66	if "" != Password {	20✔
67	e = true	8✔
68	if ShowKey {	13✔
69	fmt.Fprintf(w, "% 20x is XTEA encryption key\n", key)	5✔
70	}	5✔
71	}
72	return c, e, nil	12✔
73	}
74
75	//! tested with little endian embedded device
76	func swap8Bytes(src []byte) []byte {	32✔
77	b := make([]byte, 8)	32✔
78	copy(b, src)	32✔
79	return []byte{b[3], b[2], b[1], b[0], b[7], b[6], b[5], b[4]}	32✔
80	}	32✔
81
82	// Encrypt8 translates a byte slice in a protected slice of length 8.
83	//
84	// Shorter slices are extended with 0x16 until length 8.
85	// Longer slices are truncated to length 8.
86	func Encrypt8(b []byte) (e []byte) {	10✔
87	msg.InfoOnFalse(8 == len(b), "Buffer len is not 8.")	10✔
88	if enabled {	17✔
89	src := swap8Bytes(b) // HtoN	7✔
90	dst := make([]byte, 8)	7✔
91	ci.Encrypt(dst, src) // assumes network order	7✔
92	e = swap8Bytes(dst) // NtoH (should be done in target before decrypt)	7✔
93	} else {	10✔
94	e = b	3✔
95	}	3✔
96	return	10✔
97	}
98
99	// Decrypt8 translates an encryption protected byte slice back in a slice of length 8.
100	//
101	// Shorter slices are extended with 0 until length 8.
102	// Longer slices are truncated to length 8.
103	func Decrypt8(b []byte) (d []byte) {	8✔
104	msg.InfoOnFalse(8 == len(b), "Buffer len is not 8.")	8✔
105	if enabled {	14✔
106	src := swap8Bytes(b) // HtoN (not done in Target after encrypt)	6✔
107	dst := make([]byte, 8)	6✔
108	ci.Decrypt(dst, src) // assumes network order	6✔
109	d = swap8Bytes(dst) // NtoH	6✔
110	} else {	8✔
111	d = b	2✔
112	}	2✔
113	return	8✔
114	}
115
116	// decrypt8 translates src, an encryption protected byte slice, back in dst, a byte slice of length 8.
117	//
118	// Shorter slices are extended with 0 until length 8.
119	// Longer slices are truncated to length 8.
120	func decrypt8(dst, src []byte) {	4✔
121	swap := src	4✔
122	if enabled {	6✔
123	swap = swap8Bytes(src) // HtoN (not done in Target after encrypt)	2✔
124	ci.Decrypt(dst, swap) // assumes network order	2✔
125	swap = swap8Bytes(dst) // NtoH	2✔
126	}	2✔
127	_ = copy(dst, swap)	4✔
128	}
129
130	// encrypt8 translates byte slice src, in an encryption protected byte slice dst.
131	//
132	// Shorter slices are extended with 0 until length 8.
133	// Longer slices are truncated to length 8.
134	func encrypt8(dst, src []byte) {	2✔
135	swap := src	2✔
136	if enabled {	3✔
137	swap = swap8Bytes(src) // HtoN	1✔
138	ci.Encrypt(dst, swap) // assumes network order	1✔
139	swap = swap8Bytes(dst) // NtoH (not done in Target after receive)	1✔
140	}	1✔
141	_ = copy(dst, swap)	2✔
142	}
143
144	// Decrypt converts src into dst and returns count of converted bytes.
145	// Only multiple of 8 are convertable, so last 0-7 bytes are not convertable and c is a multiple of 8.
146	// The smaller byte slice limits the conversion.
147	func Decrypt(dst, src []byte) (c int) {	×
148	for c = 0; c+8 <= len(dst) && c+8 <= len(src); c += 8 {	×
149	decrypt8(dst[c:c+8], src[c:c+8])	×
150	}	×
151	return	×
152	}
153
154	// // Encrypt converts src into dst and returns count of converted bytes.
155	// // Only multiple of 8 are convertable, so last 0-7 bytes are not convertable and c is a multiple of 8.
156	// // The smaller byte slice limits the conversion.
157	// func Encrypt(dst, src []byte) (c int) {
158	// for c = 0; c+8 <= len(dst) && c+8 <= len(src); c += 8 {
159	// encrypt8(dst[c:c+8], src[c:c+8])
160	// }
161	// return
162	// }

rokath / trice / 20314806283

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous