git.sr.ht/~pingoo/stdx@v0.0.0-20240218134121-094174641f6e/crypto/schacha20blake3/schacha20blake3.go

git.sr.ht/~pingoo/stdx@v0.0.0-20240218134121-094174641f6e/crypto/schacha20blake3/schacha20blake3.go (about)

     1  package schacha20blake3
     2  
     3  import (
     4  	"crypto/cipher"
     5  	"errors"
     6  
     7  	"git.sr.ht/~pingoo/stdx/crypto/chacha20"
     8  	"git.sr.ht/~pingoo/stdx/crypto/chacha20blake3"
     9  	// "golang.org/x/crypto/chacha20"
    10  	// "git.sr.ht/~pingoo/stdx/crypto/chacha20"
    11  )
    12  
    13  const (
    14  	KeySize   = 32
    15  	NonceSize = 32
    16  	TagSize   = 32
    17  )
    18  
    19  var (
    20  	ErrOpen = errors.New("xchacha20blake3: error decrypting ciphertext")
    21  )
    22  
    23  type SChaCha20Blake3 struct {
    24  	key [KeySize]byte
    25  }
    26  
    27  // ensure that SChaCha20Blake3 implements `cipher.AEAD` interface at build time
    28  var _ cipher.AEAD = (*SChaCha20Blake3)(nil)
    29  
    30  func New(key []byte) (*SChaCha20Blake3, error) {
    31  	ret := new(SChaCha20Blake3)
    32  	copy(ret.key[:], key)
    33  	return ret, nil
    34  }
    35  
    36  func (*SChaCha20Blake3) NonceSize() int {
    37  	return NonceSize
    38  }
    39  
    40  func (*SChaCha20Blake3) Overhead() int {
    41  	return TagSize
    42  }
    43  
    44  func (x *SChaCha20Blake3) Seal(dst, nonce, plaintext, additionalData []byte) []byte {
    45  	// ret, out := sliceForAppend(dst, len(plaintext)+TagSize)
    46  	// ciphertext, tag := out[:len(plaintext)], out[len(plaintext):]
    47  
    48  	// var authenticationKey [32]byte
    49  	var subKey [32]byte
    50  	copy(subKey[0:16], nonce[8:24])
    51  
    52  	chacha20Kdf, _ := chacha20.New(x.key[:], nonce[0:8])
    53  	chacha20Kdf.XORKeyStream(subKey[:], subKey[:])
    54  
    55  	chacha20Blake3Cipher, _ := chacha20blake3.New(subKey[:])
    56  	return chacha20Blake3Cipher.Seal(dst, nonce[24:32], plaintext, additionalData)
    57  
    58  	// chacha20Cipher.(authenticationKey[:], authenticationKey[:])
    59  	// chacha20Cipher.SetCounter(1)
    60  	// chacha20Cipher.XORKeyStream(ciphertext, plaintext)
    61  
    62  	// macHasher, _ := blake3.NewKeyed(authenticationKey[:])
    63  	// macHasher.Write(additionalData)
    64  	// macHasher.Write(ciphertext)
    65  	// writeUint64(macHasher, uint64(len(additionalData)))
    66  	// writeUint64(macHasher, uint64(len(ciphertext)))
    67  	// macHasher.Sum(tag[:0])
    68  
    69  	// return ret
    70  }
    71  
    72  func (x *SChaCha20Blake3) Open(dst, nonce, ciphertext, additionalData []byte) ([]byte, error) {
    73  	var subKey [32]byte
    74  	copy(subKey[0:16], nonce[8:24])
    75  
    76  	chacha20Kdf, _ := chacha20.New(x.key[:], nonce[0:8])
    77  	chacha20Kdf.XORKeyStream(subKey[:], subKey[:])
    78  
    79  	chacha20Blake3Cipher, _ := chacha20blake3.New(subKey[:])
    80  	ret, err := chacha20Blake3Cipher.Open(dst, nonce[24:32], ciphertext, additionalData)
    81  	if err != nil {
    82  		return nil, ErrOpen
    83  	}
    84  	return ret, nil
    85  }