Encrypt a File using Go
With the growing of the software, there are many algorithms and methods to ensure data security. We need to keep sensitive information secure in many fields such as user passwords, file encryption, hard-disk encryption, phone encryption, email content encryption, data encryption in cloud environments etc.
The Symmetric Encryption is one of these method. In this article, We are going to encrypt and decrypt a file using symmetric encryption technique.
Before continue, I have published post about TLS and Digital Certificate that contains Symmetric Encryption process. You can read it and learn about Symmetric Encryption.
Encryption
To encrypt a file, we are going to use crypto package that Go’s built-in package.
First, we need a basic plain text to encrypt. To fill plain text, go this website take lorem-ipsum text and add it into the plain text.
Next step, we are going to read this file.
After we read the file contents, we need a block cipher algorithm.
The Block cipher is a deterministic algorithm operating on fixed-length groups of bits.
Some Block Ciphers: AES (Advanced Encryption System), DES (Data Encryption Standart), RC6 (Rives Cipher 6) ...In this tutorial, we are going to use AES encryption algorithm. To create block cipher algorithm, we need a secret key as we’ve mentioned before.
The key must be following for AES
- AES-128 bit (16 bytes)
- AES-192 bit (24 bytes)
- AES-256 bit (32 bytes)
We have to read secret key from a file and send it to AES to create block cipher algorithm.
After created block of algorithm, we are going to use GCM (Galois/Counter Mode) mode. The GCM is a stream mode and provides data authenticity and confidentially.
Thanks to Go built-in package, it is already implemented the package crypto/cipher
To encrypt the data, we are going to use Seal function. The Seal function takes random nonce (number used once) array and additional data. The nonce has to be unique and it changes every time when data is encrypted.
To generate random nonce, we are going to use the package crypto/rand
The final step, we will save the cipher text file into the destination path.
That’s all. We’ve encrypted plain text file.
Decryption
To decrypt the file, it is a simple reverse process. First we are going to read cipher text file.
After that, we’ve mentioned before the symmetric encryption is using the secret key for encryption and decryption process. So we are going to use the same secret key that we used it in encryption.
Now, we need a block of algorithm and GCM mode as we used in encryption process.
We are going to decrypt a file using Open function. The Open function takes random nonce that we used in the encryption process, cipher text and additional data. The nonce is saved the beginning of the file.
Final step, the Open function decrypts and returns the file contents as byte array. We just have to save it into the destination path.
That’s all. The complete code as following:
