2019-05-25 17:40:28 -07:00
|
|
|
require "random/secure"
|
|
|
|
|
|
|
|
|
|
module Cox
|
|
|
|
|
class Error < ::Exception
|
|
|
|
|
end
|
2019-06-27 17:20:02 -07:00
|
|
|
|
2019-05-25 17:40:28 -07:00
|
|
|
class VerificationFailed < Error
|
|
|
|
|
end
|
2019-06-27 17:20:02 -07:00
|
|
|
|
2019-05-25 17:40:28 -07:00
|
|
|
class DecryptionFailed < Error
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2019-06-27 17:35:31 -07:00
|
|
|
require "./cox/**"
|
2017-07-11 22:13:52 -05:00
|
|
|
|
|
|
|
|
module Cox
|
|
|
|
|
def self.encrypt(data, nonce : Nonce, recipient_public_key : PublicKey, sender_secret_key : SecretKey)
|
|
|
|
|
data_buffer = data.to_slice
|
|
|
|
|
data_size = data_buffer.bytesize
|
2019-06-25 09:29:16 -07:00
|
|
|
output_buffer = Bytes.new(data_buffer.bytesize + LibSodium::MAC_SIZE)
|
2019-06-27 17:35:31 -07:00
|
|
|
if LibSodium.crypto_box_easy(output_buffer.to_slice, data_buffer, data_size, nonce.to_slice, recipient_public_key.to_slice, sender_secret_key.to_slice) != 0
|
2019-05-25 17:40:28 -07:00
|
|
|
raise Error.new("crypto_box_easy")
|
|
|
|
|
end
|
2017-07-11 22:13:52 -05:00
|
|
|
output_buffer
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def self.encrypt(data, recipient_public_key : PublicKey, sender_secret_key : SecretKey)
|
|
|
|
|
nonce = Nonce.new
|
|
|
|
|
{nonce, encrypt(data, nonce, recipient_public_key, sender_secret_key)}
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def self.decrypt(data, nonce : Nonce, sender_public_key : PublicKey, recipient_secret_key : SecretKey)
|
|
|
|
|
data_buffer = data.to_slice
|
|
|
|
|
data_size = data_buffer.bytesize
|
2019-06-25 09:29:16 -07:00
|
|
|
output_buffer = Bytes.new(data_buffer.bytesize - LibSodium::MAC_SIZE)
|
2019-06-27 17:35:31 -07:00
|
|
|
if LibSodium.crypto_box_open_easy(output_buffer.to_slice, data_buffer.to_slice, data_size, nonce.to_slice, sender_public_key.to_slice, recipient_secret_key.to_slice) != 0
|
2019-05-25 17:40:28 -07:00
|
|
|
raise DecryptionFailed.new("crypto_box_open_easy")
|
|
|
|
|
end
|
2017-07-11 22:13:52 -05:00
|
|
|
output_buffer
|
|
|
|
|
end
|
2018-02-11 23:06:34 -08:00
|
|
|
|
2018-02-13 20:20:27 -08:00
|
|
|
def self.sign_detached(message, secret_key : SignSecretKey)
|
2018-02-11 23:06:34 -08:00
|
|
|
message_buffer = message.to_slice
|
|
|
|
|
message_buffer_size = message_buffer.bytesize
|
2019-06-25 09:29:16 -07:00
|
|
|
signature_output_buffer = Bytes.new(LibSodium::SIGNATURE_SIZE)
|
2018-02-11 23:06:34 -08:00
|
|
|
|
2019-06-27 17:35:31 -07:00
|
|
|
if LibSodium.crypto_sign_detached(signature_output_buffer.to_slice, 0, message_buffer.to_slice, message_buffer_size, secret_key.to_slice) != 0
|
2019-05-25 17:40:28 -07:00
|
|
|
raise Error.new("crypto_sign_detached")
|
|
|
|
|
end
|
2018-02-11 23:06:34 -08:00
|
|
|
signature_output_buffer
|
|
|
|
|
end
|
|
|
|
|
|
2018-02-13 20:20:27 -08:00
|
|
|
def self.verify_detached(signature, message, public_key : SignPublicKey)
|
2018-02-11 23:06:34 -08:00
|
|
|
signature_buffer = signature.to_slice
|
|
|
|
|
message_buffer = message.to_slice
|
|
|
|
|
message_buffer_size = message_buffer.bytesize
|
|
|
|
|
|
2019-06-27 17:35:31 -07:00
|
|
|
verified = LibSodium.crypto_sign_verify_detached(signature_buffer.to_slice, message_buffer.to_slice, message_buffer_size, public_key.to_slice)
|
2018-02-11 23:06:34 -08:00
|
|
|
verified.zero?
|
|
|
|
|
end
|
2017-07-11 22:13:52 -05:00
|
|
|
end
|
|
|
|
|
|
2019-06-27 17:20:02 -07:00
|
|
|
if Cox::LibSodium.sodium_init == -1
|
2019-06-27 17:35:31 -07:00
|
|
|
abort "Failed to init libsodium"
|
2017-07-11 22:13:52 -05:00
|
|
|
end
|
