-
Notifications
You must be signed in to change notification settings - Fork 3
/
crypto.go
85 lines (66 loc) · 1.53 KB
/
crypto.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
package macaroon
import (
"bytes"
"crypto/hmac"
"crypto/rand"
"crypto/sha256"
"fmt"
"log"
"golang.org/x/crypto/chacha20poly1305"
)
const (
nonceLen = 12
EncryptionKeySize = 32
)
type SigningKey []byte
type EncryptionKey []byte
func NewSigningKey() SigningKey {
return SigningKey(rbuf(sha256.Size))
}
func NewEncryptionKey() EncryptionKey {
return EncryptionKey(rbuf(EncryptionKeySize))
}
func seal(key EncryptionKey, buf []byte) []byte {
aead, err := chacha20poly1305.New([]byte(key))
if err != nil {
log.Panicf("seal: bad input for key: %s", err)
}
nonce := sealNonce()
rct := aead.Seal(nil, nonce, buf, nil)
ct := &bytes.Buffer{}
ct.Write(nonce)
ct.Write(rct)
return ct.Bytes()
}
func unseal(key EncryptionKey, buf []byte) ([]byte, error) {
if len(buf) < nonceLen+1 {
return nil, fmt.Errorf("unseal: malformed input")
}
aead, err := chacha20poly1305.New([]byte(key))
if err != nil {
return nil, fmt.Errorf("unseal: bad input for key: %s", err)
}
nonce := buf[:nonceLen]
ct := buf[nonceLen:]
return aead.Open(nil, nonce, ct, nil)
}
func digest(buf []byte) []byte {
hash := sha256.New()
hash.Write(buf)
return hash.Sum(nil)
}
func sign(key SigningKey, buf []byte) []byte {
mac := hmac.New(sha256.New, []byte(key))
mac.Write(buf)
return mac.Sum(nil)
}
func sealNonce() []byte {
return rbuf(nonceLen)
}
func rbuf(sz int) []byte {
buf := make([]byte, sz)
if n, err := rand.Read(buf); n != sz || err != nil {
log.Panicf("crypto random failed: %d read of %d: err: %s", n, sz, err)
}
return buf
}