zolfa
/
tendermint
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 221 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7040 Commits
183 Branches
291 MiB
Tree: 146540c112
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '146540c112'
${ noResults }
tendermint/crypto/xsalsa20symmetric/symmetric.go

56 lines
1.9 KiB
Raw Normal View History

crypto: Fix package imports from the refactor
6 years ago
mv go-crypto files to crypto dir
6 years ago
libs: Remove usage of custom Fmt, in favor of fmt.Sprintf (#2199) * libs: Remove usage of custom Fmt, in favor of fmt.Sprintf Closes #2193 * Fix bug that was masked by custom Fmt!
6 years ago
mv go-crypto files to crypto dir
6 years ago
crypto: revert to mainline Go crypto lib (#3027) * crypto: revert to mainline Go crypto lib We used to use a fork for a modified bcrypt so we could pass our own randomness but this was largely unecessary, unused, and a burden. So now we just use the mainline Go crypto lib. * changelog * fix tests * version and changelog
6 years ago
ed25519: use golang/x/crypto fork (#2558) * ed25519: use golang/x/crypto fork * changelog * gix GenerateFromPassword * fixes from review
6 years ago
crypto: Refactor to move files out of the top level directory Currently the top level directory contains basically all of the code for the crypto package. This PR moves the crypto code into submodules in a similar manner to what `golang/x/crypto` does. This improves code organization. Ref discussion: https://github.com/tendermint/tendermint/pull/1966 Closes #1956
6 years ago
mv go-crypto files to crypto dir
6 years ago
crypto: Refactor to move files out of the top level directory Currently the top level directory contains basically all of the code for the crypto package. This PR moves the crypto code into submodules in a similar manner to what `golang/x/crypto` does. This improves code organization. Ref discussion: https://github.com/tendermint/tendermint/pull/1966 Closes #1956
6 years ago
mv go-crypto files to crypto dir
6 years ago
libs: Remove usage of custom Fmt, in favor of fmt.Sprintf (#2199) * libs: Remove usage of custom Fmt, in favor of fmt.Sprintf Closes #2193 * Fix bug that was masked by custom Fmt!
6 years ago
mv go-crypto files to crypto dir
6 years ago
crypto: Refactor to move files out of the top level directory Currently the top level directory contains basically all of the code for the crypto package. This PR moves the crypto code into submodules in a similar manner to what `golang/x/crypto` does. This improves code organization. Ref discussion: https://github.com/tendermint/tendermint/pull/1966 Closes #1956
6 years ago
mv go-crypto files to crypto dir
6 years ago
libs: Remove usage of custom Fmt, in favor of fmt.Sprintf (#2199) * libs: Remove usage of custom Fmt, in favor of fmt.Sprintf Closes #2193 * Fix bug that was masked by custom Fmt!
6 years ago
mv go-crypto files to crypto dir
6 years ago
 
  1. package xsalsa20symmetric
  2. 

  3. import (
  4. 	"errors"
  5. 	"fmt"
  6. 

  7. 	"golang.org/x/crypto/nacl/secretbox"
  8. 

  9. 	"github.com/tendermint/tendermint/crypto"
  10. 	cmn "github.com/tendermint/tendermint/libs/common"
  11. )
  12. 

  13. // TODO, make this into a struct that implements crypto.Symmetric.

  14. 

  15. const nonceLen = 24
  16. const secretLen = 32
  17. 

  18. // secret must be 32 bytes long. Use something like Sha256(Bcrypt(passphrase))

  19. // The ciphertext is (secretbox.Overhead + 24) bytes longer than the plaintext.

  20. // NOTE: call crypto.MixEntropy() first.

  21. func EncryptSymmetric(plaintext []byte, secret []byte) (ciphertext []byte) {
  22. 	if len(secret) != secretLen {
  23. 		cmn.PanicSanity(fmt.Sprintf("Secret must be 32 bytes long, got len %v", len(secret)))
  24. 	}
  25. 	nonce := crypto.CRandBytes(nonceLen)
  26. 	nonceArr := [nonceLen]byte{}
  27. 	copy(nonceArr[:], nonce)
  28. 	secretArr := [secretLen]byte{}
  29. 	copy(secretArr[:], secret)
  30. 	ciphertext = make([]byte, nonceLen+secretbox.Overhead+len(plaintext))
  31. 	copy(ciphertext, nonce)
  32. 	secretbox.Seal(ciphertext[nonceLen:nonceLen], plaintext, &nonceArr, &secretArr)
  33. 	return ciphertext
  34. }
  35. 

  36. // secret must be 32 bytes long. Use something like Sha256(Bcrypt(passphrase))

  37. // The ciphertext is (secretbox.Overhead + 24) bytes longer than the plaintext.

  38. func DecryptSymmetric(ciphertext []byte, secret []byte) (plaintext []byte, err error) {
  39. 	if len(secret) != secretLen {
  40. 		cmn.PanicSanity(fmt.Sprintf("Secret must be 32 bytes long, got len %v", len(secret)))
  41. 	}
  42. 	if len(ciphertext) <= secretbox.Overhead+nonceLen {
  43. 		return nil, errors.New("Ciphertext is too short")
  44. 	}
  45. 	nonce := ciphertext[:nonceLen]
  46. 	nonceArr := [nonceLen]byte{}
  47. 	copy(nonceArr[:], nonce)
  48. 	secretArr := [secretLen]byte{}
  49. 	copy(secretArr[:], secret)
  50. 	plaintext = make([]byte, len(ciphertext)-nonceLen-secretbox.Overhead)
  51. 	_, ok := secretbox.Open(plaintext[:0], ciphertext[nonceLen:], &nonceArr, &secretArr)
  52. 	if !ok {
  53. 		return nil, errors.New("Ciphertext decryption failed")
  54. 	}
  55. 	return plaintext, nil
  56. }