sodium.cr/src/sodium/crypto_box.cr

require "./lib_sodium"
require "./wipe"
require "./crypto_box/secret_key"
require "./nonce"

module Sodium
  # Use Sodium::CryptoBox::SecretKey#box
  class CryptoBox
    include Wipe

    MAC_SIZE = LibSodium.crypto_box_macbytes.to_i
    # :nodoc:
    NM_SIZE = LibSodium.crypto_box_beforenmbytes.to_i
    raise "NM_SIZE=#{NM_SIZE}, assumed it was 32" if NM_SIZE != 32

    @[Wipe::Var]
    @key = StaticArray(UInt8, 32).new 0

    # :nodoc:
    # Used by SecretKey#box
    def initialize(@secret_key : SecretKey, @public_key : PublicKey)
      # Precalculate key for later use.
      # Large speed gains with small data sizes and many messages.
      # Small speed gains with large data sizes or few messages.
      if LibSodium.crypto_box_beforenm(@key, @public_key.to_slice, @secret_key.to_slice) != 0
        raise Error.new("crypto_box_beforenm")
      end
    end

    # Encrypts data and returns {ciphertext, nonce}
    def encrypt(src)
      encrypt src.to_slice
    end

    # Encrypts data and returns {ciphertext, nonce}
    #
    # Optionally supply a destination buffer.
    def encrypt(src : Bytes, dst = Bytes.new(src.bytesize + MAC_SIZE), nonce = Nonce.random) : {Bytes, Nonce}
      nonce.used!
      if LibSodium.crypto_box_easy_afternm(dst, src, src.bytesize, nonce.to_slice, @key.to_slice) != 0
        raise Error.new("crypto_box_easy")
      end
      {dst, nonce}
    end

    # Returns decrypted message.
    #
    def decrypt(src)
      decrypt src.to_slice
    end

    # Returns decrypted message.
    #
    # Optionally supply a destination buffer.
    def decrypt(src : Bytes, dst = Bytes.new(src.bytesize - MAC_SIZE), nonce = Nonce.random) : Bytes
      if LibSodium.crypto_box_open_easy_afternm(dst, src, src.bytesize, nonce.to_slice, @key) != 0
        raise Error::DecryptionFailed.new("crypto_box_open_easy")
      end
      dst
    end

    # TODO detached
  end
end
Version 0.9.0 Rearrange CryptoBox. Move Sodium::Error to it's own file. Requiring individual files is now possible. Individual require now possible. 2019-07-01 15:24:26 +02:00			`require "./lib_sodium"`
			`require "./wipe"`
			`require "./crypto_box/secret_key"`
Add Pwhash test vectors from PyNaCl and RbNaCl. Pwhash::Algorithm renamed to Mode to be more like other libsodium bindings. Cryptobox#encrypt now returns {encrypted, nonce} identical to SecretBox. 2019-07-01 19:37:45 +02:00			`require "./nonce"`
Breaking API changes: SecretKey renamed to CryptoBox::SecretKey PublicKey renamed to CryptoBox::PublicKey KeyPair removed. Use CryptoBox::SecretKey instead. Cox.encrypt was removed. Use `secret_key.pair(...).encrypt` Cox.decrypt was removed. Use `secret_key.pair(...).decrypt` 2019-06-28 13:32:16 +02:00
Version 0.9.0 Rearrange CryptoBox. Move Sodium::Error to it's own file. Requiring individual files is now possible. Individual require now possible. 2019-07-01 15:24:26 +02:00			`module Sodium`
Use crypto_box_beforenmbytes to precompute CryptoBox shared key. 2019-08-06 23:27:19 +02:00			`# Use Sodium::CryptoBox::SecretKey#box`
Version 0.9.0 Rearrange CryptoBox. Move Sodium::Error to it's own file. Requiring individual files is now possible. Individual require now possible. 2019-07-01 15:24:26 +02:00			`class CryptoBox`
Breaking API changes: SecretKey renamed to SecretBox. Start of automatic wiping. Documentation additions and corrections. 2019-06-28 14:20:56 +02:00			`include Wipe`

API changed all Key classes .bytes to .to_slice Switched most custom Wipe implementation to libsodium guarded memory. 2019-07-04 02:56:02 +02:00			`MAC_SIZE = LibSodium.crypto_box_macbytes.to_i`
Use crypto_box_beforenmbytes to precompute CryptoBox shared key. 2019-08-06 23:27:19 +02:00			`# :nodoc:`
			`NM_SIZE = LibSodium.crypto_box_beforenmbytes.to_i`
			`raise "NM_SIZE=#{NM_SIZE}, assumed it was 32" if NM_SIZE != 32`
Add unauthenticated secret/public key encryption. 2019-06-30 03:19:01 +02:00
Add seed support to CryptoBox and Sign. Wiping now supports multiple variables by Annotation. 2019-06-30 02:21:00 +02:00			`@[Wipe::Var]`
Use crypto_box_beforenmbytes to precompute CryptoBox shared key. 2019-08-06 23:27:19 +02:00			`@key = StaticArray(UInt8, 32).new 0`
Breaking API changes: SecretKey renamed to SecretBox. Start of automatic wiping. Documentation additions and corrections. 2019-06-28 14:20:56 +02:00
Use crypto_box_beforenmbytes to precompute CryptoBox shared key. 2019-08-06 23:27:19 +02:00			`# :nodoc:`
			`# Used by SecretKey#box`
Breaking API changes: SecretKey renamed to CryptoBox::SecretKey PublicKey renamed to CryptoBox::PublicKey KeyPair removed. Use CryptoBox::SecretKey instead. Cox.encrypt was removed. Use `secret_key.pair(...).encrypt` Cox.decrypt was removed. Use `secret_key.pair(...).decrypt` 2019-06-28 13:32:16 +02:00			`def initialize(@secret_key : SecretKey, @public_key : PublicKey)`
Use crypto_box_beforenmbytes to precompute CryptoBox shared key. 2019-08-06 23:27:19 +02:00			`# Precalculate key for later use.`
			`# Large speed gains with small data sizes and many messages.`
			`# Small speed gains with large data sizes or few messages.`
			`if LibSodium.crypto_box_beforenm(@key, @public_key.to_slice, @secret_key.to_slice) != 0`
			`raise Error.new("crypto_box_beforenm")`
			`end`
Breaking API changes: SecretKey renamed to CryptoBox::SecretKey PublicKey renamed to CryptoBox::PublicKey KeyPair removed. Use CryptoBox::SecretKey instead. Cox.encrypt was removed. Use `secret_key.pair(...).encrypt` Cox.decrypt was removed. Use `secret_key.pair(...).decrypt` 2019-06-28 13:32:16 +02:00			`end`

Add Documentation. 2019-08-06 13:09:08 +02:00			`# Encrypts data and returns {ciphertext, nonce}`
Rename Sodium::Pwhash#store to #create. Rename Sodium::Pwhash#key_derive to #derive_key. Rename Sodium::Pwhash#kdf_derive to #derive_kdf. Rename Sodium::CryptoBox#encrypt_easy to #encrypt. Rename Sodium::CryptoBox#decrypt_easy to #decrypt. Rename Sodium::SecretBox#encrypt_easy to #encrypt. Rename Sodium::SecretBox#decrypt_easy to #decrypt. Remove redundant Sodium::SecretBox#encrypt methods. 2019-08-06 12:30:16 +02:00			`def encrypt(src)`
			`encrypt src.to_slice`
Breaking API changes: SecretKey renamed to CryptoBox::SecretKey PublicKey renamed to CryptoBox::PublicKey KeyPair removed. Use CryptoBox::SecretKey instead. Cox.encrypt was removed. Use `secret_key.pair(...).encrypt` Cox.decrypt was removed. Use `secret_key.pair(...).decrypt` 2019-06-28 13:32:16 +02:00			`end`

Add Documentation. 2019-08-06 13:09:08 +02:00			`# Encrypts data and returns {ciphertext, nonce}`
			`#`
			`# Optionally supply a destination buffer.`
Sodium::Nonce reuse detection. 2019-08-06 23:30:16 +02:00			`def encrypt(src : Bytes, dst = Bytes.new(src.bytesize + MAC_SIZE), nonce = Nonce.random) : {Bytes, Nonce}`
			`nonce.used!`
Use crypto_box_beforenmbytes to precompute CryptoBox shared key. 2019-08-06 23:27:19 +02:00			`if LibSodium.crypto_box_easy_afternm(dst, src, src.bytesize, nonce.to_slice, @key.to_slice) != 0`
Breaking API changes: SecretKey renamed to CryptoBox::SecretKey PublicKey renamed to CryptoBox::PublicKey KeyPair removed. Use CryptoBox::SecretKey instead. Cox.encrypt was removed. Use `secret_key.pair(...).encrypt` Cox.decrypt was removed. Use `secret_key.pair(...).decrypt` 2019-06-28 13:32:16 +02:00			`raise Error.new("crypto_box_easy")`
			`end`
Add Pwhash test vectors from PyNaCl and RbNaCl. Pwhash::Algorithm renamed to Mode to be more like other libsodium bindings. Cryptobox#encrypt now returns {encrypted, nonce} identical to SecretBox. 2019-07-01 19:37:45 +02:00			`{dst, nonce}`
Breaking API changes: SecretKey renamed to CryptoBox::SecretKey PublicKey renamed to CryptoBox::PublicKey KeyPair removed. Use CryptoBox::SecretKey instead. Cox.encrypt was removed. Use `secret_key.pair(...).encrypt` Cox.decrypt was removed. Use `secret_key.pair(...).decrypt` 2019-06-28 13:32:16 +02:00			`end`

Add Documentation. 2019-08-06 13:09:08 +02:00			`# Returns decrypted message.`
			`#`
Rename Sodium::Pwhash#store to #create. Rename Sodium::Pwhash#key_derive to #derive_key. Rename Sodium::Pwhash#kdf_derive to #derive_kdf. Rename Sodium::CryptoBox#encrypt_easy to #encrypt. Rename Sodium::CryptoBox#decrypt_easy to #decrypt. Rename Sodium::SecretBox#encrypt_easy to #encrypt. Rename Sodium::SecretBox#decrypt_easy to #decrypt. Remove redundant Sodium::SecretBox#encrypt methods. 2019-08-06 12:30:16 +02:00			`def decrypt(src)`
			`decrypt src.to_slice`
Version 0.9.0 Rearrange CryptoBox. Move Sodium::Error to it's own file. Requiring individual files is now possible. Individual require now possible. 2019-07-01 15:24:26 +02:00			`end`

Add Documentation. 2019-08-06 13:09:08 +02:00			`# Returns decrypted message.`
			`#`
			`# Optionally supply a destination buffer.`
Use crypto_box_beforenmbytes to precompute CryptoBox shared key. 2019-08-06 23:27:19 +02:00			`def decrypt(src : Bytes, dst = Bytes.new(src.bytesize - MAC_SIZE), nonce = Nonce.random) : Bytes`
			`if LibSodium.crypto_box_open_easy_afternm(dst, src, src.bytesize, nonce.to_slice, @key) != 0`
Breaking API changes: SecretKey renamed to CryptoBox::SecretKey PublicKey renamed to CryptoBox::PublicKey KeyPair removed. Use CryptoBox::SecretKey instead. Cox.encrypt was removed. Use `secret_key.pair(...).encrypt` Cox.decrypt was removed. Use `secret_key.pair(...).decrypt` 2019-06-28 13:32:16 +02:00			`raise Error::DecryptionFailed.new("crypto_box_open_easy")`
			`end`
			`dst`
			`end`

			`# TODO detached`
			`end`
			`end`