diff options
Diffstat (limited to 'vendor/golang.org/x/crypto/nacl/box')
-rw-r--r-- | vendor/golang.org/x/crypto/nacl/box/box.go | 103 | ||||
-rw-r--r-- | vendor/golang.org/x/crypto/nacl/box/box_test.go | 78 | ||||
-rw-r--r-- | vendor/golang.org/x/crypto/nacl/box/example_test.go | 95 |
3 files changed, 0 insertions, 276 deletions
diff --git a/vendor/golang.org/x/crypto/nacl/box/box.go b/vendor/golang.org/x/crypto/nacl/box/box.go deleted file mode 100644 index 31b697be4..000000000 --- a/vendor/golang.org/x/crypto/nacl/box/box.go +++ /dev/null @@ -1,103 +0,0 @@ -// Copyright 2012 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -/* -Package box authenticates and encrypts small messages using public-key cryptography. - -Box uses Curve25519, XSalsa20 and Poly1305 to encrypt and authenticate -messages. The length of messages is not hidden. - -It is the caller's responsibility to ensure the uniqueness of nonces—for -example, by using nonce 1 for the first message, nonce 2 for the second -message, etc. Nonces are long enough that randomly generated nonces have -negligible risk of collision. - -Messages should be small because: - -1. The whole message needs to be held in memory to be processed. - -2. Using large messages pressures implementations on small machines to decrypt -and process plaintext before authenticating it. This is very dangerous, and -this API does not allow it, but a protocol that uses excessive message sizes -might present some implementations with no other choice. - -3. Fixed overheads will be sufficiently amortised by messages as small as 8KB. - -4. Performance may be improved by working with messages that fit into data caches. - -Thus large amounts of data should be chunked so that each message is small. -(Each message still needs a unique nonce.) If in doubt, 16KB is a reasonable -chunk size. - -This package is interoperable with NaCl: https://nacl.cr.yp.to/box.html. -*/ -package box // import "golang.org/x/crypto/nacl/box" - -import ( - "io" - - "golang.org/x/crypto/curve25519" - "golang.org/x/crypto/nacl/secretbox" - "golang.org/x/crypto/salsa20/salsa" -) - -// Overhead is the number of bytes of overhead when boxing a message. -const Overhead = secretbox.Overhead - -// GenerateKey generates a new public/private key pair suitable for use with -// Seal and Open. -func GenerateKey(rand io.Reader) (publicKey, privateKey *[32]byte, err error) { - publicKey = new([32]byte) - privateKey = new([32]byte) - _, err = io.ReadFull(rand, privateKey[:]) - if err != nil { - publicKey = nil - privateKey = nil - return - } - - curve25519.ScalarBaseMult(publicKey, privateKey) - return -} - -var zeros [16]byte - -// Precompute calculates the shared key between peersPublicKey and privateKey -// and writes it to sharedKey. The shared key can be used with -// OpenAfterPrecomputation and SealAfterPrecomputation to speed up processing -// when using the same pair of keys repeatedly. -func Precompute(sharedKey, peersPublicKey, privateKey *[32]byte) { - curve25519.ScalarMult(sharedKey, privateKey, peersPublicKey) - salsa.HSalsa20(sharedKey, &zeros, sharedKey, &salsa.Sigma) -} - -// Seal appends an encrypted and authenticated copy of message to out, which -// will be Overhead bytes longer than the original and must not overlap it. The -// nonce must be unique for each distinct message for a given pair of keys. -func Seal(out, message []byte, nonce *[24]byte, peersPublicKey, privateKey *[32]byte) []byte { - var sharedKey [32]byte - Precompute(&sharedKey, peersPublicKey, privateKey) - return secretbox.Seal(out, message, nonce, &sharedKey) -} - -// SealAfterPrecomputation performs the same actions as Seal, but takes a -// shared key as generated by Precompute. -func SealAfterPrecomputation(out, message []byte, nonce *[24]byte, sharedKey *[32]byte) []byte { - return secretbox.Seal(out, message, nonce, sharedKey) -} - -// Open authenticates and decrypts a box produced by Seal and appends the -// message to out, which must not overlap box. The output will be Overhead -// bytes smaller than box. -func Open(out, box []byte, nonce *[24]byte, peersPublicKey, privateKey *[32]byte) ([]byte, bool) { - var sharedKey [32]byte - Precompute(&sharedKey, peersPublicKey, privateKey) - return secretbox.Open(out, box, nonce, &sharedKey) -} - -// OpenAfterPrecomputation performs the same actions as Open, but takes a -// shared key as generated by Precompute. -func OpenAfterPrecomputation(out, box []byte, nonce *[24]byte, sharedKey *[32]byte) ([]byte, bool) { - return secretbox.Open(out, box, nonce, sharedKey) -} diff --git a/vendor/golang.org/x/crypto/nacl/box/box_test.go b/vendor/golang.org/x/crypto/nacl/box/box_test.go deleted file mode 100644 index 481ade28a..000000000 --- a/vendor/golang.org/x/crypto/nacl/box/box_test.go +++ /dev/null @@ -1,78 +0,0 @@ -// Copyright 2012 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package box - -import ( - "bytes" - "crypto/rand" - "encoding/hex" - "testing" - - "golang.org/x/crypto/curve25519" -) - -func TestSealOpen(t *testing.T) { - publicKey1, privateKey1, _ := GenerateKey(rand.Reader) - publicKey2, privateKey2, _ := GenerateKey(rand.Reader) - - if *privateKey1 == *privateKey2 { - t.Fatalf("private keys are equal!") - } - if *publicKey1 == *publicKey2 { - t.Fatalf("public keys are equal!") - } - message := []byte("test message") - var nonce [24]byte - - box := Seal(nil, message, &nonce, publicKey1, privateKey2) - opened, ok := Open(nil, box, &nonce, publicKey2, privateKey1) - if !ok { - t.Fatalf("failed to open box") - } - - if !bytes.Equal(opened, message) { - t.Fatalf("got %x, want %x", opened, message) - } - - for i := range box { - box[i] ^= 0x40 - _, ok := Open(nil, box, &nonce, publicKey2, privateKey1) - if ok { - t.Fatalf("opened box with byte %d corrupted", i) - } - box[i] ^= 0x40 - } -} - -func TestBox(t *testing.T) { - var privateKey1, privateKey2 [32]byte - for i := range privateKey1[:] { - privateKey1[i] = 1 - } - for i := range privateKey2[:] { - privateKey2[i] = 2 - } - - var publicKey1 [32]byte - curve25519.ScalarBaseMult(&publicKey1, &privateKey1) - var message [64]byte - for i := range message[:] { - message[i] = 3 - } - - var nonce [24]byte - for i := range nonce[:] { - nonce[i] = 4 - } - - box := Seal(nil, message[:], &nonce, &publicKey1, &privateKey2) - - // expected was generated using the C implementation of NaCl. - expected, _ := hex.DecodeString("78ea30b19d2341ebbdba54180f821eec265cf86312549bea8a37652a8bb94f07b78a73ed1708085e6ddd0e943bbdeb8755079a37eb31d86163ce241164a47629c0539f330b4914cd135b3855bc2a2dfc") - - if !bytes.Equal(box, expected) { - t.Fatalf("box didn't match, got\n%x\n, expected\n%x", box, expected) - } -} diff --git a/vendor/golang.org/x/crypto/nacl/box/example_test.go b/vendor/golang.org/x/crypto/nacl/box/example_test.go deleted file mode 100644 index 25e42d2be..000000000 --- a/vendor/golang.org/x/crypto/nacl/box/example_test.go +++ /dev/null @@ -1,95 +0,0 @@ -package box_test - -import ( - crypto_rand "crypto/rand" // Custom so it's clear which rand we're using. - "fmt" - "io" - - "golang.org/x/crypto/nacl/box" -) - -func Example() { - senderPublicKey, senderPrivateKey, err := box.GenerateKey(crypto_rand.Reader) - if err != nil { - panic(err) - } - - recipientPublicKey, recipientPrivateKey, err := box.GenerateKey(crypto_rand.Reader) - if err != nil { - panic(err) - } - - // You must use a different nonce for each message you encrypt with the - // same key. Since the nonce here is 192 bits long, a random value - // provides a sufficiently small probability of repeats. - var nonce [24]byte - if _, err := io.ReadFull(crypto_rand.Reader, nonce[:]); err != nil { - panic(err) - } - - msg := []byte("Alas, poor Yorick! I knew him, Horatio") - // This encrypts msg and appends the result to the nonce. - encrypted := box.Seal(nonce[:], msg, &nonce, recipientPublicKey, senderPrivateKey) - - // The recipient can decrypt the message using their private key and the - // sender's public key. When you decrypt, you must use the same nonce you - // used to encrypt the message. One way to achieve this is to store the - // nonce alongside the encrypted message. Above, we stored the nonce in the - // first 24 bytes of the encrypted text. - var decryptNonce [24]byte - copy(decryptNonce[:], encrypted[:24]) - decrypted, ok := box.Open(nil, encrypted[24:], &decryptNonce, senderPublicKey, recipientPrivateKey) - if !ok { - panic("decryption error") - } - fmt.Println(string(decrypted)) - // Output: Alas, poor Yorick! I knew him, Horatio -} - -func Example_precompute() { - senderPublicKey, senderPrivateKey, err := box.GenerateKey(crypto_rand.Reader) - if err != nil { - panic(err) - } - - recipientPublicKey, recipientPrivateKey, err := box.GenerateKey(crypto_rand.Reader) - if err != nil { - panic(err) - } - - // The shared key can be used to speed up processing when using the same - // pair of keys repeatedly. - sharedEncryptKey := new([32]byte) - box.Precompute(sharedEncryptKey, recipientPublicKey, senderPrivateKey) - - // You must use a different nonce for each message you encrypt with the - // same key. Since the nonce here is 192 bits long, a random value - // provides a sufficiently small probability of repeats. - var nonce [24]byte - if _, err := io.ReadFull(crypto_rand.Reader, nonce[:]); err != nil { - panic(err) - } - - msg := []byte("A fellow of infinite jest, of most excellent fancy") - // This encrypts msg and appends the result to the nonce. - encrypted := box.SealAfterPrecomputation(nonce[:], msg, &nonce, sharedEncryptKey) - - // The shared key can be used to speed up processing when using the same - // pair of keys repeatedly. - var sharedDecryptKey [32]byte - box.Precompute(&sharedDecryptKey, senderPublicKey, recipientPrivateKey) - - // The recipient can decrypt the message using the shared key. When you - // decrypt, you must use the same nonce you used to encrypt the message. - // One way to achieve this is to store the nonce alongside the encrypted - // message. Above, we stored the nonce in the first 24 bytes of the - // encrypted text. - var decryptNonce [24]byte - copy(decryptNonce[:], encrypted[:24]) - decrypted, ok := box.OpenAfterPrecomputation(nil, encrypted[24:], &decryptNonce, &sharedDecryptKey) - if !ok { - panic("decryption error") - } - fmt.Println(string(decrypted)) - // Output: A fellow of infinite jest, of most excellent fancy -} |