I’m trying to create a DLL in Go for protection of royalty-free content via cryptography so users of a product I’m making in C++ can’t modify the content or steel it. I’m doing this because encryption and decryption in Go is (IMO) far less dangerous than it is in C++, and I feel more comfortable writing this part in Go than I do in C++. (And by dangerous, I don’t mean security wise, but considering that I don’t use pointers anywhere in my go code, far less dangerous in the memory department than it would be in C++). And no, I’m not writing my own crypto library, either – just writing functions to use to go crypto functions already there.
The encryption works. What doesn’t is the decryption. Whenever I run a decryption cycle in a test C++ app, it panics:
panic: runtime error: cgo result has Go pointer
goroutine 17 [running, locked to thread]:
main._cgoexpwrap_2edcd036b113_LoadRFMusic.func1(0xc000041ea0)
_cgo_gotypes.go:59 +0x75
main._cgoexpwrap_2edcd036b113_LoadRFMusic(0x4e7f75fbf0, 0xc, 0xc00165c000, 0x1593742, 0x1593742)
_cgo_gotypes.go:61 +0x96
I’ve pasted some of my decryption code (though not all of it for obvious reasons). LoadRFMusic() is supposed to return a go slice ([]byte). Something in Cgo doesn’t like that, apparently…
Here it is:
//export LoadRFMusic
func LoadRFMusic(file string) []byte {
// Check to make sure input file exists. Redundant, but good in case ioutil misses something.
if _, err := os.Stat(file); err==nil {
message, err := ioutil.ReadFile(file)
if err != nil {
return nil
}
if len(message) <= NonceSize+15 {
return nil
}
// Determine canary identifier and make sure it matches the right one.
// Unnecessary for GCM, but I do it anyway. :)
idReader:=bytes.NewReader(message[:15])
id, err := binary.ReadUvarint(idReader)
if err!=nil {
return nil
}
if id!=/*...*/ {
return nil
}
// set up GCM cipher, determine nonce, and decrypt. (Other code omitted.)
out, err := gcm.Open(nil, nonce, message[15+NonceSize:], aad)
if err != nil {
return nil
}
return out
} else {
return nil
}
}
Does anyone have any ideas of what’s going on?