Skip to content

Commit

Permalink
functions: en/decrypt with XChaCha20-Poly1305
Browse files Browse the repository at this point in the history
  • Loading branch information
pilinux committed Aug 28, 2024
1 parent 8dff8c7 commit 32d21a8
Show file tree
Hide file tree
Showing 4 changed files with 99 additions and 2 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/golangci-lint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ jobs:
uses: golangci/golangci-lint-action@v6
with:
# Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version
version: v1.59.1
version: v1.60.3

# Optional: working directory, useful for monorepos
# working-directory: somedir
Expand Down
1 change: 1 addition & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ cryptographic primitives.

- [AES](_example/aes/main.go)
- [ChaCha20-Poly1305 AEAD](_example/chacha20poly1305/main.go)
- [XChaCha20-Poly1305 AEAD](_example/xchacha20poly1305/main.go)
- [RSA](_example/rsa/main.go)
- [Hashing](_example/hashing/main.go)

Expand Down
48 changes: 48 additions & 0 deletions _example/xchacha20poly1305/main.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
// Package main - example usage of XChaCha20-Poly1305 encryption - decryption
package main

import (
"crypto/rand"
"fmt"

"golang.org/x/crypto/argon2"

"github.com/pilinux/crypt"
)

func main() {
text := "Hello world"
secretPass := ",D'(bHOpO#beU(Fn@~_6Enn3a2n=aEQWg''vz"

// generate a random 256-bit salt
salt := make([]byte, 32)
if _, err := rand.Read(salt); err != nil {
fmt.Println("error generating salt:", err)
return
}

// parameters for argon2 key derivation
timeCost := 2 // number of iterations
memoryCost := 64 * 1024 // memory usage in KiB
cpuCost := 2 // number of threads used
keyLength := 32 // length of the derived key in bytes

// derive a 256-bit key from the user's secret pass using argon2id
key := argon2.IDKey([]byte(secretPass), salt, uint32(timeCost), uint32(memoryCost), uint8(cpuCost), uint32(keyLength))

// encrypt the data
ciphertext, nonce, err := crypt.EncryptXChacha20poly1305(key, text)
if err != nil {
fmt.Println(err)
return
}
fmt.Println("ciphertext:", ciphertext)

// decrypt the data
plaintext, err := crypt.DecryptXChacha20poly1305(key, nonce, ciphertext)
if err != nil {
fmt.Println(err)
return
}
fmt.Println("plaintext:", plaintext)
}
50 changes: 49 additions & 1 deletion chaCha20.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ import (
)

// EncryptChacha20poly1305 encrypts and authenticates the given message with
// ChaCha20-Poly1305 AEAD using the given 256-bit key.
// ChaCha20-Poly1305 AEAD using the given 256-bit key and 96-bit nonce.
func EncryptChacha20poly1305(key []byte, text string) (ciphertext []byte, nonce []byte, err error) {
// create a new ChaCha20-Poly1305 AEAD using the given 256-bit key
aead, err := chacha20poly1305.New(key)
Expand Down Expand Up @@ -54,3 +54,51 @@ func DecryptChacha20poly1305(key, nonce, ciphertext []byte) (text string, err er

return
}

// EncryptXChacha20poly1305 encrypts and authenticates the given message with
// XChaCha20-Poly1305 AEAD using the given 256-bit key and 192-bit nonce.
func EncryptXChacha20poly1305(key []byte, text string) (ciphertext []byte, nonce []byte, err error) {
// create a new XChaCha20-Poly1305 AEAD using the given 256-bit key
aead, err := chacha20poly1305.NewX(key)
if err != nil {
err = fmt.Errorf("error creating AEAD: %v", err)
return
}

// generate a 192-bit random nonce
nonce = make([]byte, aead.NonceSize())
_, err = rand.Read(nonce)
if err != nil {
err = fmt.Errorf("error generating nonce: %v", err)
return
}

// data to be encrypted
data := []byte(text)

// encrypt the data
ciphertext = aead.Seal(nil, nonce, data, nil)

return
}

// DecryptXChacha20poly1305 decrypts and authenticates the given message with
// XChaCha20-Poly1305 AEAD using the given 256-bit key and 192-bit nonce.
func DecryptXChacha20poly1305(key, nonce, ciphertext []byte) (text string, err error) {
// create a new XChaCha20-Poly1305 AEAD using the given 256-bit key
aead, err := chacha20poly1305.NewX(key)
if err != nil {
err = fmt.Errorf("error creating AEAD: %v", err)
return
}

// decrypt the data
plaintext, err := aead.Open(nil, nonce, ciphertext, nil)
if err != nil {
err = fmt.Errorf("error decrypting data: %v", err)
return
}
text = string(plaintext)

return
}

0 comments on commit 32d21a8

Please sign in to comment.