-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathchaCha20.go
226 lines (193 loc) · 8.2 KB
/
chaCha20.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
package crypt
import (
"crypto/rand"
"errors"
"fmt"
"golang.org/x/crypto/chacha20poly1305"
)
// EncryptByteChacha20poly1305 encrypts and authenticates the given message (bytes) with
// ChaCha20-Poly1305 AEAD using the given 256-bit key and 96-bit nonce.
func EncryptByteChacha20poly1305(key []byte, input []byte) (ciphertext []byte, nonce []byte, err error) {
// create a new ChaCha20-Poly1305 AEAD using the given 256-bit key
aead, err := chacha20poly1305.New(key)
if err != nil {
err = fmt.Errorf("error creating AEAD: %v", err)
return
}
// generate a 96-bit random nonce
nonce = make([]byte, aead.NonceSize())
_, err = rand.Read(nonce)
if err != nil {
err = fmt.Errorf("error generating nonce: %v", err)
return
}
// encrypt the data
ciphertext = aead.Seal(nil, nonce, input, nil)
return
}
// EncryptChacha20poly1305 encrypts and authenticates the given message (string) with
// ChaCha20-Poly1305 AEAD using the given 256-bit key and 96-bit nonce.
func EncryptChacha20poly1305(key []byte, text string) (ciphertext []byte, nonce []byte, err error) {
return EncryptByteChacha20poly1305(key, []byte(text))
}
// DecryptByteChacha20poly1305 decrypts and authenticates the given ciphertext with
// ChaCha20-Poly1305 AEAD using the given 256-bit key and 96-bit nonce.
func DecryptByteChacha20poly1305(key, nonce, ciphertext []byte) (plaintext []byte, err error) {
// create a new ChaCha20-Poly1305 AEAD using the given 256-bit key
aead, err := chacha20poly1305.New(key)
if err != nil {
err = fmt.Errorf("error creating AEAD: %v", err)
return
}
// decrypt the data
plaintext, err = aead.Open(nil, nonce, ciphertext, nil)
if err != nil {
err = fmt.Errorf("error decrypting data: %v", err)
return
}
return
}
// DecryptChacha20poly1305 decrypts and authenticates the given ciphertext with
// ChaCha20-Poly1305 AEAD using the given 256-bit key and 96-bit nonce.
func DecryptChacha20poly1305(key, nonce, ciphertext []byte) (text string, err error) {
// decrypt the data
plaintext, err := DecryptByteChacha20poly1305(key, nonce, ciphertext)
if err != nil {
return
}
text = string(plaintext)
return
}
// EncryptByteChacha20poly1305WithNonceAppended encrypts and authenticates the given message (bytes) with
// ChaCha20-Poly1305 AEAD using the given 256-bit key and 96-bit nonce.
// It appends the ciphertext to the nonce [ciphertext = nonce + ciphertext].
func EncryptByteChacha20poly1305WithNonceAppended(key []byte, input []byte) (ciphertext []byte, err error) {
ciphertext, nonce, err := EncryptByteChacha20poly1305(key, input)
if err != nil {
return
}
ciphertext = append(nonce, ciphertext...)
return
}
// EncryptChacha20poly1305WithNonceAppended encrypts and authenticates the given message (string) with
// ChaCha20-Poly1305 AEAD using the given 256-bit key and 96-bit nonce.
// It appends the ciphertext to the nonce [ciphertext = nonce + ciphertext].
func EncryptChacha20poly1305WithNonceAppended(key []byte, text string) (ciphertext []byte, err error) {
return EncryptByteChacha20poly1305WithNonceAppended(key, []byte(text))
}
// DecryptByteChacha20poly1305WithNonceAppended decrypts and authenticates the given ciphertext with
// ChaCha20-Poly1305 AEAD using the given 256-bit key and 96-bit nonce.
// It expects the ciphertext along with the nonce [ciphertext = nonce + ciphertext].
func DecryptByteChacha20poly1305WithNonceAppended(key, ciphertext []byte) (plaintext []byte, err error) {
nonceSize := chacha20poly1305.NonceSize
if len(ciphertext) < nonceSize {
err = errors.New("ciphertext is too short")
return
}
nonce, ciphertext := ciphertext[:nonceSize], ciphertext[nonceSize:]
return DecryptByteChacha20poly1305(key, nonce, ciphertext)
}
// DecryptChacha20poly1305WithNonceAppended decrypts and authenticates the given ciphertext with
// ChaCha20-Poly1305 AEAD using the given 256-bit key and 96-bit nonce.
// It expects the ciphertext along with the nonce [ciphertext = nonce + ciphertext].
func DecryptChacha20poly1305WithNonceAppended(key, ciphertext []byte) (text string, err error) {
plaintext, err := DecryptByteChacha20poly1305WithNonceAppended(key, ciphertext)
if err != nil {
return
}
text = string(plaintext)
return
}
// EncryptByteXChacha20poly1305 encrypts and authenticates the given message (bytes) with
// XChaCha20-Poly1305 AEAD using the given 256-bit key and 192-bit nonce.
func EncryptByteXChacha20poly1305(key []byte, input []byte) (ciphertext []byte, nonce []byte, err error) {
// create a new XChaCha20-Poly1305 AEAD using the given 256-bit key
aead, err := chacha20poly1305.NewX(key)
if err != nil {
err = fmt.Errorf("error creating AEAD: %v", err)
return
}
// generate a 192-bit random nonce
nonce = make([]byte, aead.NonceSize())
_, err = rand.Read(nonce)
if err != nil {
err = fmt.Errorf("error generating nonce: %v", err)
return
}
// encrypt the data
ciphertext = aead.Seal(nil, nonce, input, nil)
return
}
// EncryptXChacha20poly1305 encrypts and authenticates the given message (string) with
// XChaCha20-Poly1305 AEAD using the given 256-bit key and 192-bit nonce.
func EncryptXChacha20poly1305(key []byte, text string) (ciphertext []byte, nonce []byte, err error) {
return EncryptByteXChacha20poly1305(key, []byte(text))
}
// DecryptByteXChacha20poly1305 decrypts and authenticates the given ciphertext with
// XChaCha20-Poly1305 AEAD using the given 256-bit key and 192-bit nonce.
func DecryptByteXChacha20poly1305(key, nonce, ciphertext []byte) (plaintext []byte, err error) {
// create a new XChaCha20-Poly1305 AEAD using the given 256-bit key
aead, err := chacha20poly1305.NewX(key)
if err != nil {
err = fmt.Errorf("error creating AEAD: %v", err)
return
}
// decrypt the data
plaintext, err = aead.Open(nil, nonce, ciphertext, nil)
if err != nil {
err = fmt.Errorf("error decrypting data: %v", err)
return
}
return
}
// DecryptXChacha20poly1305 decrypts and authenticates the given ciphertext with
// XChaCha20-Poly1305 AEAD using the given 256-bit key and 192-bit nonce.
func DecryptXChacha20poly1305(key, nonce, ciphertext []byte) (text string, err error) {
// decrypt the data
plaintext, err := DecryptByteXChacha20poly1305(key, nonce, ciphertext)
if err != nil {
return
}
text = string(plaintext)
return
}
// EncryptByteXChacha20poly1305WithNonceAppended encrypts and authenticates the given message (bytes) with
// XChaCha20-Poly1305 AEAD using the given 256-bit key and 192-bit nonce.
// It appends the ciphertext to the nonce [ciphertext = nonce + ciphertext].
func EncryptByteXChacha20poly1305WithNonceAppended(key []byte, input []byte) (ciphertext []byte, err error) {
ciphertext, nonce, err := EncryptByteXChacha20poly1305(key, input)
if err != nil {
return
}
ciphertext = append(nonce, ciphertext...)
return
}
// EncryptXChacha20poly1305WithNonceAppended encrypts and authenticates the given message (string) with
// XChaCha20-Poly1305 AEAD using the given 256-bit key and 192-bit nonce.
// It appends the ciphertext to the nonce [ciphertext = nonce + ciphertext].
func EncryptXChacha20poly1305WithNonceAppended(key []byte, text string) (ciphertext []byte, err error) {
return EncryptByteXChacha20poly1305WithNonceAppended(key, []byte(text))
}
// DecryptByteXChacha20poly1305WithNonceAppended decrypts and authenticates the given ciphertext with
// XChaCha20-Poly1305 AEAD using the given 256-bit key and 192-bit nonce.
// It expects the ciphertext along with the nonce [ciphertext = nonce + ciphertext].
func DecryptByteXChacha20poly1305WithNonceAppended(key, ciphertext []byte) (plaintext []byte, err error) {
nonceSize := chacha20poly1305.NonceSizeX
if len(ciphertext) < nonceSize {
err = errors.New("ciphertext is too short")
return
}
nonce, ciphertext := ciphertext[:nonceSize], ciphertext[nonceSize:]
return DecryptByteXChacha20poly1305(key, nonce, ciphertext)
}
// DecryptXChacha20poly1305WithNonceAppended decrypts and authenticates the given ciphertext with
// XChaCha20-Poly1305 AEAD using the given 256-bit key and 192-bit nonce.
// It expects the ciphertext along with the nonce [ciphertext = nonce + ciphertext].
func DecryptXChacha20poly1305WithNonceAppended(key, ciphertext []byte) (text string, err error) {
plaintext, err := DecryptByteXChacha20poly1305WithNonceAppended(key, ciphertext)
if err != nil {
return
}
text = string(plaintext)
return
}