作者:jwilkin
项目:pon
// Encrypt acts like append() but appends an encrypted version of msg to out.
func (r *Ratchet) Encrypt(out, msg []byte) []byte {
if r.ratchet {
r.randBytes(r.sendRatchetPrivate[:])
copy(r.sendHeaderKey[:], r.nextSendHeaderKey[:])
var sharedKey, keyMaterial [32]byte
curve25519.ScalarMult(&sharedKey, &r.sendRatchetPrivate, &r.recvRatchetPublic)
sha := sha256.New()
sha.Write(rootKeyUpdateLabel)
sha.Write(r.rootKey[:])
sha.Write(sharedKey[:])
if r.v2 {
sha.Sum(keyMaterial[:0])
h := hmac.New(sha256.New, keyMaterial[:])
deriveKey(&r.rootKey, rootKeyLabel, h)
deriveKey(&r.nextSendHeaderKey, sendHeaderKeyLabel, h)
deriveKey(&r.sendChainKey, chainKeyLabel, h)
} else {
sha.Sum(r.rootKey[:0])
h := hmac.New(sha256.New, r.rootKey[:])
deriveKey(&r.nextSendHeaderKey, sendHeaderKeyLabel, h)
deriveKey(&r.sendChainKey, chainKeyLabel, h)
}
r.prevSendCount, r.sendCount = r.sendCount, 0
r.ratchet = false
}
h := hmac.New(sha256.New, r.sendChainKey[:])
var messageKey [32]byte
deriveKey(&messageKey, messageKeyLabel, h)
deriveKey(&r.sendChainKey, chainKeyStepLabel, h)
var sendRatchetPublic [32]byte
curve25519.ScalarBaseMult(&sendRatchetPublic, &r.sendRatchetPrivate)
var header [headerSize]byte
var headerNonce, messageNonce [24]byte
r.randBytes(headerNonce[:])
r.randBytes(messageNonce[:])
binary.LittleEndian.PutUint32(header[0:4], r.sendCount)
binary.LittleEndian.PutUint32(header[4:8], r.prevSendCount)
copy(header[8:], sendRatchetPublic[:])
copy(header[nonceInHeaderOffset:], messageNonce[:])
out = append(out, headerNonce[:]...)
out = secretbox.Seal(out, header[:], &headerNonce, &r.sendHeaderKey)
r.sendCount++
return secretbox.Seal(out, msg, &messageNonce, &messageKey)
}
作者:kiso
项目:gosf20140
func main() {
password := []byte("password")
secretKey, err := NewSecret(password) // Use Scrypt to hash password
if err != nil {
log.Fatal("%v", err)
}
// Get a valid nonce, never before used.
var nonce = getNonce()
message := []byte("Gophers of the world, unite!")
encrypted := secretbox.Seal(nil, message, &nonce, &secretKey.Key)
out := make([]byte, len(secretKey.Salt)+len(encrypted))
// Encrypted message is prepended salt (for decryption) and ciphertext
copy(out, secretKey.Salt)
copy(out[len(secretKey.Salt):], encrypted)
// Only use the nonce once with this key.
updateNonce(&nonce)
err = ioutil.WriteFile("secretmessage", out, 0644)
if err != nil {
log.Fatal("%v", err)
}
updateNonce(&nonce)
}
作者:houndbe
项目:pon
func (kx *KeyExchange) exchange1() error {
reply, err := kx.meetingPlace.Exchange(kx.Log, kx.meeting1[:], kx.message1[:], kx.ShutdownChan)
if err != nil {
return err
}
var peerDHPublic, encryptedPeerDHPublic [32]byte
if len(reply) < len(encryptedPeerDHPublic) {
return errors.New("panda: meeting point reply too small")
}
copy(encryptedPeerDHPublic[:], reply)
rijndael.NewCipher(&kx.key).Decrypt(&peerDHPublic, &encryptedPeerDHPublic)
curve25519.ScalarMult(&kx.sharedKey, &kx.dhPrivate, &peerDHPublic)
paddedLen := kx.meetingPlace.Padding()
padded := make([]byte, paddedLen-24 /* nonce */ -secretbox.Overhead)
binary.LittleEndian.PutUint32(padded, uint32(len(kx.kxBytes)))
copy(padded[4:], kx.kxBytes)
if _, err := io.ReadFull(kx.rand, padded[4+len(kx.kxBytes):]); err != nil {
return err
}
var nonce [24]byte
if _, err := io.ReadFull(kx.rand, nonce[:]); err != nil {
return err
}
kx.message2 = make([]byte, paddedLen)
copy(kx.message2, nonce[:])
secretbox.Seal(kx.message2[24:24], padded, &nonce, &kx.sharedKey)
return nil
}
作者:kevinmel200
项目:tweetnacl-j
func main() {
var rs [768][4][]byte
for i := range rs {
var k [32]byte
var n [24]byte
if _, err := io.ReadFull(rand.Reader, k[:]); err != nil {
panic(err)
}
if _, err := io.ReadFull(rand.Reader, n[:]); err != nil {
panic(err)
}
m := make([]byte, i)
if _, err := io.ReadFull(rand.Reader, m[:]); err != nil {
panic(err)
}
b := secretbox.Seal(nil, m, &n, &k)
rs[i][0] = k[:]
rs[i][1] = n[:]
rs[i][2] = m
rs[i][3] = b
}
out, err := json.MarshalIndent(rs, "", "")
if err != nil {
panic(err)
}
fmt.Print("module.exports = ")
fmt.Print(string(out))
fmt.Println(";")
}
作者:rahulxkrishn
项目:weav
func (sender *EncryptedTCPSender) Send(msg []byte) error {
sender.Lock()
defer sender.Unlock()
encodedMsg := secretbox.Seal(nil, msg, &sender.state.nonce, sender.state.sessionKey)
sender.state.advance()
return sender.SimpleTCPSender.Send(encodedMsg)
}
作者:voidExceptio
项目:bazi
func (s *Convergent) Put(key []byte, value []byte) error {
nonce := s.makeNonce(key)
box := secretbox.Seal(nil, value, nonce, s.secret)
boxedkey := s.computeBoxedKey(key)
err := s.untrusted.Put(boxedkey, box)
return err
}
作者:jrwre
项目:macaroon-baker
func encrypt(key, text []byte, r io.Reader) ([]byte, error) {
nonce, err := newNonce(r)
if err != nil {
return nil, err
}
out := make([]byte, 0, len(nonce)+secretbox.Overhead+len(text))
out = append(out, nonce[:]...)
return secretbox.Seal(out, text, nonce, makeKey(key)), nil
}
作者:jansfe
项目:pon
func (c *Conn) encrypt(data []byte) []byte {
if !c.writeKeyValid {
return data
}
encrypted := secretbox.Seal(nil, data, &c.writeSequence, &c.writeKey)
incSequence(&c.writeSequence)
return encrypted
}
作者:houndbe
项目:pon
// entomb encrypts and *destroys* the statefile. The encrypted statefile is
// written to tombFile (with tombPath). The function log will be called during
// the process to give status updates. It returns the random key of the
// encrypted statefile and whether the process was successful. If unsuccessful,
// the original statefile will not be destroyed.
func (c *client) entomb(tombPath string, tombFile *os.File, log func(string, ...interface{})) (keyHex *[32]byte, ok bool) {
log("Emtombing statefile to %s\n", tombPath)
log("Stopping network processing...\n")
if c.fetchNowChan != nil {
close(c.fetchNowChan)
}
log("Stopping active key exchanges...\n")
for _, contact := range c.contacts {
if contact.pandaShutdownChan != nil {
close(contact.pandaShutdownChan)
}
}
log("Serialising state...\n")
stateBytes := c.marshal()
var key [32]byte
c.randBytes(key[:])
var nonce [24]byte
log("Encrypting...\n")
encrypted := secretbox.Seal(nil, stateBytes, &nonce, &key)
log("Writing...\n")
if _, err := tombFile.Write(encrypted); err != nil {
log("Error writing: %s\n", err)
return nil, false
}
log("Syncing...\n")
if err := tombFile.Sync(); err != nil {
log("Error syncing: %s\n", err)
return nil, false
}
if err := tombFile.Close(); err != nil {
log("Error closing: %s\n", err)
return nil, false
}
readBack, err := ioutil.ReadFile(tombPath)
if err != nil {
log("Error rereading: %s\n", err)
return nil, false
}
if !bytes.Equal(readBack, encrypted) {
log("Contents of tomb file incorrect\n")
return nil, false
}
log("The ephemeral key is: %x\n", key)
log("You must write the ephemeral key down now! Store it somewhat erasable!\n")
log("Erasing statefile... ")
c.writerChan <- disk.NewState{stateBytes, false, true /* destruct */}
<-c.writerDone
log("done\n")
return &key, true
}
作者:jhautefeuill
项目:filecryp
// encrypt generates a random nonce and encrypts the input using
// NaCl's secretbox package. The nonce is prepended to the ciphertext.
// A sealed message will the same size as the original message plus
// secretbox.Overhead bytes long.
func encrypt(key *[keySize]byte, message []byte) ([]byte, error) {
nonce, err := generateNonce()
if err != nil {
return nil, ErrEncrypt
}
out := make([]byte, len(nonce))
copy(out, nonce[:])
out = secretbox.Seal(out, message, nonce, key)
return out, nil
}
作者:kiso
项目:passwor
// encrypt generates a random nonce and encrypts the input using
// NaCl's secretbox package. The nonce is prepended to the ciphertext.
func encrypt(key *[keySize]byte, in []byte) ([]byte, bool) {
var out = make([]byte, nonceSize)
nonce := newNonce()
if nonce == nil {
return nil, false
}
copy(out, nonce[:])
out = secretbox.Seal(out, in, nonce, key)
return out, true
}
作者:shpedoika
项目:pon
func stateWriter(stateFilename string, key *[32]byte, salt *[sCryptSaltLen]byte, states chan []byte, done chan bool) {
for {
s, ok := <-states
if !ok {
close(done)
return
}
length := uint32(len(s)) + 4
for i := uint(17); i < 32; i++ {
if n := (uint32(1) << i); n >= length {
length = n
break
}
}
plaintext := make([]byte, length)
copy(plaintext[4:], s)
if _, err := io.ReadFull(rand.Reader, plaintext[len(s)+4:]); err != nil {
panic(err)
}
binary.LittleEndian.PutUint32(plaintext, uint32(len(s)))
var nonceSmear [24 * smearedCopies]byte
if _, err := io.ReadFull(rand.Reader, nonceSmear[:]); err != nil {
panic(err)
}
var nonce [24]byte
for i := 0; i < smearedCopies; i++ {
for j := 0; j < 24; j++ {
nonce[j] ^= nonceSmear[24*i+j]
}
}
ciphertext := secretbox.Seal(nil, plaintext, &nonce, key)
out, err := os.Create(stateFilename)
if err != nil {
panic(err)
}
if _, err := out.Write(salt[:]); err != nil {
panic(err)
}
if _, err := out.Write(nonceSmear[:]); err != nil {
panic(err)
}
if _, err := out.Write(ciphertext); err != nil {
panic(err)
}
out.Close()
}
}
作者:carriercom
项目:grumbl
// Encrypt encrypts a message using XSalsa20-Poly1305 and outputs it to dst.
func (sb *secretBoxMode) Encrypt(dst []byte, src []byte, nonce []byte) {
if len(dst) <= sb.Overhead() {
panic("cryptstate: bad dst")
}
if len(nonce) != 24 {
panic("cryptstate: bad nonce length")
}
noncePtr := (*[24]byte)(unsafe.Pointer(&nonce[0]))
secretbox.Seal(dst[0:0], src, noncePtr, &sb.key)
}
作者:postfi
项目:holepunc
func (m *secretboxMode) Encrypt(input []byte) []byte {
var out []byte
var nonce [24]byte
n, err := io.ReadFull(rand.Reader, nonce[:])
if n != len(nonce) || err != nil {
panic("could not read from random number generator")
}
out = secretbox.Seal(out[:0], input, &nonce, &m.key)
out = append(out, nonce[:]...)
return out
}
作者:jaekwo
项目:gouram
// encrypt chunk & write, and increment this.Written
func (this *CipherWriter) encryptWriteChunk() error {
// write nonce if it hasn't already been written
if this.written == 0 {
written, err := this.Writer.Write(this.Nonce[:])
if err != nil {
return err
}
this.written += int64(written)
}
// chunk
cipherChunk := secretbox.Seal(nil, this.chunk, this.Nonce, this.Key)
written, err := this.Writer.Write(cipherChunk)
this.written += int64(written)
return err
}
作者:jimja
项目:strowge
func (s *httpService) getNewBackendSticky() (*httputil.ClientConn, *http.Cookie) {
backend, addr := s.connectBackend()
if backend == nil {
return nil, nil
}
var nonce [24]byte
_, err := io.ReadFull(rand.Reader, nonce[:])
if err != nil {
panic(err)
}
out := make([]byte, len(nonce), len(nonce)+len(addr)+secretbox.Overhead)
copy(out, nonce[:])
out = secretbox.Seal(out, []byte(addr), &nonce, s.cookieKey)
return backend, &http.Cookie{Name: stickyCookie, Value: base64.StdEncoding.EncodeToString(out), Path: "/"}
}
作者:ag
项目:pand
func padAndBox(key *[32]byte, body []byte) []byte {
nonceSlice := deriveKey(key, string(body))
var nonce [24]byte
copy(nonce[:], nonceSlice)
padded := make([]byte, bodySize-len(nonce)-secretbox.Overhead)
padded[0] = byte(len(body))
padded[1] = byte(len(body) >> 8)
if n := copy(padded[2:], body); n < len(body) {
panic("argument to padAndBox too large: " + strconv.Itoa(len(body)))
}
box := make([]byte, bodySize)
copy(box, nonce[:])
secretbox.Seal(box[len(nonce):len(nonce)], padded, &nonce, key)
return box
}
作者:postfi
项目:lemm
// SealWithKey does the same thing as Seal, but a different key can be passed in.
func (s *Service) SealWithKey(value []byte, secretKey *[SecretKeyLength]byte) (*SealedBytes, error) {
// check that we either initialized with a key or one was passed in
if secretKey == nil {
return nil, fmt.Errorf("secret key is nil")
}
// generate nonce
nonce, err := generateNonce()
if err != nil {
return nil, fmt.Errorf("unable to generate nonce: %v", err)
}
// use nacl secret box to encrypt plaintext
var encrypted []byte
encrypted = secretbox.Seal(encrypted, value, nonce, secretKey)
// return sealed ciphertext
return &SealedBytes{
Ciphertext: encrypted,
Nonce: nonce[:],
}, nil
}
作者:rahulxkrishn
项目:weav
func (ne *NaClEncryptor) Bytes() ([]byte, error) {
plaintext, err := ne.NonEncryptor.Bytes()
if err != nil {
return nil, err
}
// We carry the DF flag in the (unencrypted portion of the)
// payload, rather than just extracting it from the packet headers
// at the receiving end, since we do not trust routers not to mess
// with headers. As we have different decryptors for non-DF and
// DF, that would result in hard to track down packet drops due to
// crypto errors.
seqNoAndDF := ne.seqNo
if ne.df {
seqNoAndDF |= (1 << 63)
}
ciphertext := ne.buf
binary.BigEndian.PutUint64(ciphertext[ne.prefixLen:], seqNoAndDF)
binary.BigEndian.PutUint64(ne.nonce[16:24], seqNoAndDF)
// Seal *appends* to ciphertext
ciphertext = secretbox.Seal(ciphertext[:ne.prefixLen+8], plaintext, &ne.nonce, ne.sessionKey)
ne.seqNo++
return ciphertext, nil
}
作者:houndbe
项目:pon
func (c *Conn) Write(buf []byte) (n int, err error) {
if c.writeBuffer == nil {
c.writeBuffer = make([]byte, blockSize+2)
}
for len(buf) > 0 {
m := len(buf)
if m > blockSize-secretbox.Overhead {
m = blockSize - secretbox.Overhead
}
l := len(secretbox.Seal(c.writeBuffer[2:2], buf[:m], &c.writeSequence, &c.writeKey))
c.writeBuffer[0] = byte(l)
c.writeBuffer[1] = byte(l >> 8)
if _, err = c.conn.Write(c.writeBuffer[:2+l]); err != nil {
return n, err
}
n += m
buf = buf[m:]
incSequence(&c.writeSequence)
}
return
}
