diff --git a/pkg/cryptography/aes.go b/pkg/cryptography/aes.go index 97b08f3..a31cdd9 100644 --- a/pkg/cryptography/aes.go +++ b/pkg/cryptography/aes.go @@ -13,7 +13,7 @@ const ( AES128KeySize = 16 // 128 bits AES192KeySize = 24 // 192 bits AES256KeySize = 32 // 256 bits - + // Default to AES-256 DefaultKeySize = AES256KeySize ) @@ -23,7 +23,7 @@ func GenerateAESKey(keySize int) ([]byte, error) { if keySize != AES128KeySize && keySize != AES192KeySize && keySize != AES256KeySize { return nil, errors.New("invalid key size: must be 16, 24, or 32 bytes") } - + key := make([]byte, keySize) if _, err := io.ReadFull(rand.Reader, key); err != nil { return nil, err @@ -117,19 +117,18 @@ func DecryptAESCBC(key, ciphertext []byte) ([]byte, error) { if len(plaintext) == 0 { return nil, errors.New("invalid padding: empty plaintext") } - + padding := int(plaintext[len(plaintext)-1]) if padding == 0 || padding > aes.BlockSize || padding > len(plaintext) { return nil, errors.New("invalid PKCS7 padding") } - + // Verify all padding bytes are correct for i := len(plaintext) - padding; i < len(plaintext); i++ { if plaintext[i] != byte(padding) { return nil, errors.New("invalid PKCS7 padding") } } - + return plaintext[:len(plaintext)-padding], nil } - diff --git a/pkg/cryptography/aes_test.go b/pkg/cryptography/aes_test.go index a685b12..ea472ae 100644 --- a/pkg/cryptography/aes_test.go +++ b/pkg/cryptography/aes_test.go @@ -74,7 +74,7 @@ func TestAES256CBCEncryptionDecryption(t *testing.T) { } if !bytes.Equal(tc.plaintext, decrypted) { - t.Errorf("Decrypted text does not match original plaintext.\nGot: %q (%x)\nWant: %q (%x)", + t.Errorf("Decrypted text does not match original plaintext.\nGot: %q (%x)\nWant: %q (%x)", decrypted, decrypted, tc.plaintext, tc.plaintext) } }) @@ -83,7 +83,7 @@ func TestAES256CBCEncryptionDecryption(t *testing.T) { func TestAES256CBC_InvalidKeySize(t *testing.T) { plaintext := []byte("test message") - + invalidKeys := [][]byte{ make([]byte, 16), // AES-128 make([]byte, 24), // AES-192 @@ -112,7 +112,7 @@ func TestAES256CBC_InvalidKeySize(t *testing.T) { func TestAESCBCEncryptionDecryption(t *testing.T) { keySizes := []int{AES128KeySize, AES192KeySize, AES256KeySize} - + for _, keySize := range keySizes { t.Run(fmt.Sprintf("AES_%d", keySize*8), func(t *testing.T) { key, err := GenerateAESKey(keySize) @@ -166,10 +166,10 @@ func TestDecryptAESCBCErrorCases(t *testing.T) { }) t.Run("InvalidKeySize", func(t *testing.T) { - invalidKey := make([]byte, 17) // Invalid key size + invalidKey := make([]byte, 17) // Invalid key size validCiphertext := make([]byte, 32) // IV + one block rand.Read(validCiphertext) - + _, err := DecryptAESCBC(invalidKey, validCiphertext) if err == nil { t.Error("DecryptAESCBC should have failed for invalid key size") diff --git a/pkg/interfaces/tcp_common.go b/pkg/interfaces/tcp_common.go index 4ee727b..622cceb 100644 --- a/pkg/interfaces/tcp_common.go +++ b/pkg/interfaces/tcp_common.go @@ -11,4 +11,4 @@ import ( // Default implementation for non-Linux platforms func platformGetRTT(fd uintptr) time.Duration { return 0 -} \ No newline at end of file +} diff --git a/pkg/interfaces/tcp_linux.go b/pkg/interfaces/tcp_linux.go index e335b5d..b3c3024 100644 --- a/pkg/interfaces/tcp_linux.go +++ b/pkg/interfaces/tcp_linux.go @@ -29,4 +29,4 @@ func platformGetRTT(fd uintptr) time.Duration { // RTT is in microseconds, convert to Duration return time.Duration(info.Rtt) * time.Microsecond -} \ No newline at end of file +}