feat:Add AES-GCM encryption and decryption utilities with tests (#237)

betterlmy · web-flow · commit 6ce815692abf · 2026-03-16T11:00:26.000+08:00
* Add AES-GCM encryption and decryption utilities

Implement AES-GCM encryption and decryption functions with key and nonce validation.

* Add AES GCM encryption and decryption tests

* Potential fix for pull request finding
diff --git a/x/encodes/secutil/aes_gcm.go b/x/encodes/secutil/aes_gcm.go
@@ -0,0 +1,69 @@
+package secutil
+
+import (
+	"crypto/aes"
+	"crypto/cipher"
+	"crypto/rand"
+	"errors"
+	"io"
+)
+
+var (
+	// ErrInvalidAESKeySize means the AES key length is not 16, 24 or 32 bytes.
+	ErrInvalidAESKeySize = errors.New("secutil: invalid AES key size")
+	// ErrInvalidGCMNonceSize means the GCM nonce length does not match AEAD requirements.
+	ErrInvalidGCMNonceSize = errors.New("secutil: invalid GCM nonce size")
+)
+
+// EncryptGCM encrypts plaintext with AES-GCM.
+//
+// The key length must be 16, 24 or 32 bytes. A random nonce is generated and
+// returned alongside the ciphertext.
+func EncryptGCM(key, plaintext []byte) (ciphertext, nonce []byte, err error) {
+	aead, err := newGCM(key)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	nonce = make([]byte, aead.NonceSize())
+	if _, err = io.ReadFull(rand.Reader, nonce); err != nil {
+		return nil, nil, err
+	}
+
+	ciphertext = aead.Seal(nil, nonce, plaintext, nil)
+	return ciphertext, nonce, nil
+}
+
+// DecryptGCM decrypts ciphertext with AES-GCM.
+func DecryptGCM(key, nonce, ciphertext []byte) ([]byte, error) {
+	aead, err := newGCM(key)
+	if err != nil {
+		return nil, err
+	}
+	if len(nonce) != aead.NonceSize() {
+		return nil, ErrInvalidGCMNonceSize
+	}
+
+	return aead.Open(nil, nonce, ciphertext, nil)
+}
+
+func newGCM(key []byte) (cipher.AEAD, error) {
+	if err := validateAESKeySize(len(key)); err != nil {
+		return nil, err
+	}
+
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		return nil, err
+	}
+	return cipher.NewGCM(block)
+}
+
+func validateAESKeySize(n int) error {
+	switch n {
+	case 16, 24, 32:
+		return nil
+	default:
+		return ErrInvalidAESKeySize
+	}
+}
diff --git a/x/encodes/secutil/aes_gcm_test.go b/x/encodes/secutil/aes_gcm_test.go
@@ -0,0 +1,78 @@
+package secutil_test
+
+import (
+	"testing"
+
+	"github.com/gookit/goutil/testutil/assert"
+	"github.com/gookit/goutil/x/encodes/secutil"
+)
+
+func TestEncryptGCM(t *testing.T) {
+	t.Run("round trip for valid key sizes", func(t *testing.T) {
+		cases := []struct {
+			name string
+			key  []byte
+		}{
+			{name: "aes-128", key: []byte("1234567890abcdef")},
+			{name: "aes-192", key: []byte("1234567890abcdefghijklmn")},
+			{name: "aes-256", key: []byte("1234567890abcdefghijklmnopqrstuv")},
+		}
+
+		plaintext := []byte("hello from secutil aes gcm")
+		for _, tc := range cases {
+			tc := tc
+			t.Run(tc.name, func(t *testing.T) {
+				ciphertext, nonce, err := secutil.EncryptGCM(tc.key, plaintext)
+				assert.NoErr(t, err)
+				assert.NotEmpty(t, ciphertext)
+				assert.Eq(t, 12, len(nonce))
+
+				got, err := secutil.DecryptGCM(tc.key, nonce, ciphertext)
+				assert.NoErr(t, err)
+				assert.Eq(t, string(plaintext), string(got))
+			})
+		}
+	})
+
+	t.Run("allow empty plaintext", func(t *testing.T) {
+		key := []byte("1234567890abcdef")
+
+		ciphertext, nonce, err := secutil.EncryptGCM(key, nil)
+		assert.NoErr(t, err)
+		assert.NotEmpty(t, ciphertext)
+		assert.Eq(t, 12, len(nonce))
+
+		got, err := secutil.DecryptGCM(key, nonce, ciphertext)
+		assert.NoErr(t, err)
+		assert.Empty(t, got)
+	})
+
+	t.Run("reject invalid key size", func(t *testing.T) {
+		_, _, err := secutil.EncryptGCM([]byte("short-key"), []byte("hello"))
+		assert.ErrIs(t, err, secutil.ErrInvalidAESKeySize)
+	})
+}
+
+func TestDecryptGCM(t *testing.T) {
+	key := []byte("1234567890abcdefghijklmnopqrstuv")
+	plaintext := []byte("hello from secutil aes gcm")
+
+	ciphertext, nonce, err := secutil.EncryptGCM(key, plaintext)
+	assert.NoErr(t, err)
+
+	t.Run("reject wrong nonce size", func(t *testing.T) {
+		_, err := secutil.DecryptGCM(key, nonce[:len(nonce)-1], ciphertext)
+		assert.ErrIs(t, err, secutil.ErrInvalidGCMNonceSize)
+	})
+
+	t.Run("reject wrong key", func(t *testing.T) {
+		wrongKey := []byte("abcdef1234567890abcdefghijklmnop")
+		_, err := secutil.DecryptGCM(wrongKey, nonce, ciphertext)
+		assert.Err(t, err)
+	})
+
+	t.Run("reject invalid key size", func(t *testing.T) {
+		_, err := secutil.DecryptGCM([]byte("short-key"), nonce, ciphertext)
+		assert.ErrIs(t, err, secutil.ErrInvalidAESKeySize)
+	})
+}
