Chalsa:
Prefer .random over .new Add #decrypt_secret Add #decrypt_string Optimize #decrypt*
This commit is contained in:
parent
ee884e431e
commit
475ce2e5c8
@ -28,7 +28,7 @@ end
|
|||||||
{% for name in %w(XChaCha20Poly1305Ietf) %}
|
{% for name in %w(XChaCha20Poly1305Ietf) %}
|
||||||
describe Sodium::Cipher::Aead::{{ name.id }} do
|
describe Sodium::Cipher::Aead::{{ name.id }} do
|
||||||
it "encrypts/decrypts in combined mode" do
|
it "encrypts/decrypts in combined mode" do
|
||||||
box = Sodium::Cipher::Aead::{{ name.id }}.new
|
box = Sodium::Cipher::Aead::{{ name.id }}.random
|
||||||
|
|
||||||
message = "foo"
|
message = "foo"
|
||||||
additional = "bar"
|
additional = "bar"
|
||||||
@ -53,7 +53,7 @@ end
|
|||||||
end
|
end
|
||||||
|
|
||||||
it "encrypts/decrypts in detached mode" do
|
it "encrypts/decrypts in detached mode" do
|
||||||
box = Sodium::Cipher::Aead::{{ name.id }}.new
|
box = Sodium::Cipher::Aead::{{ name.id }}.random
|
||||||
|
|
||||||
message = "foo"
|
message = "foo"
|
||||||
additional = "bar"
|
additional = "bar"
|
||||||
@ -78,7 +78,7 @@ end
|
|||||||
end
|
end
|
||||||
|
|
||||||
it "can't encrypt twice using the same nonce" do
|
it "can't encrypt twice using the same nonce" do
|
||||||
box = Sodium::Cipher::Aead::{{ name.id }}.new
|
box = Sodium::Cipher::Aead::{{ name.id }}.random
|
||||||
|
|
||||||
message = "foo"
|
message = "foo"
|
||||||
mac, encrypted, nonce = box.encrypt_detached message
|
mac, encrypted, nonce = box.encrypt_detached message
|
||||||
|
@ -34,6 +34,17 @@ module Sodium::Cipher::Aead
|
|||||||
{dst, nonce}
|
{dst, nonce}
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# Decrypts `src` and returns plaintext as a `Crypto::Secret`
|
||||||
|
# Must supply `nonce`
|
||||||
|
# Must supply `additional` if supplied to #encrypt
|
||||||
|
def decrypt_secret(src, dst : Crypto::Secret? = nil, *, nonce : Nonce, additional = nil) : Crypto::Secret
|
||||||
|
dst ||= Sodium::SecureBuffer.new(src.bytesize - mac_size)
|
||||||
|
dst.readwrite do |dslice|
|
||||||
|
decrypt src, dslice, nonce: nonce, additional: additional
|
||||||
|
end
|
||||||
|
dst.readonly
|
||||||
|
end
|
||||||
|
|
||||||
# Decrypts `src` and returns plaintext
|
# Decrypts `src` and returns plaintext
|
||||||
# Must supply `nonce`
|
# Must supply `nonce`
|
||||||
# Must supply `additional` if supplied to #encrypt
|
# Must supply `additional` if supplied to #encrypt
|
||||||
@ -48,10 +59,12 @@ module Sodium::Cipher::Aead
|
|||||||
# Decrypts `src` and returns plaintext
|
# Decrypts `src` and returns plaintext
|
||||||
# Must supply `nonce`
|
# Must supply `nonce`
|
||||||
# Must supply `additional` if supplied to #encrypt
|
# Must supply `additional` if supplied to #encrypt
|
||||||
def decrypt_string(src, dst : Bytes? = nil, *, nonce : Nonce, additional = nil) : String
|
def decrypt_string(src, *, nonce : Nonce, additional = nil) : String
|
||||||
buf = decrypt src, dst, nonce: nonce, additional: additional
|
dsize = src.bytesize - mac_size
|
||||||
# TODO: optimize
|
String.new(dsize) do |dst|
|
||||||
String.new buf
|
decrypt src, dst.to_slice(dsize), nonce: nonce, additional: additional
|
||||||
|
{dsize, dsize}
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
# Encrypts `src` and returns {mac, ciphertext, nonce}
|
# Encrypts `src` and returns {mac, ciphertext, nonce}
|
||||||
@ -69,10 +82,12 @@ module Sodium::Cipher::Aead
|
|||||||
# Decrypts `src` and returns plaintext
|
# Decrypts `src` and returns plaintext
|
||||||
# Must supply `mac` and `nonce`
|
# Must supply `mac` and `nonce`
|
||||||
# Must supply `additional` if supplied to #encrypt
|
# Must supply `additional` if supplied to #encrypt
|
||||||
def decrypt_detached_string(src, dst : Bytes? = nil, *, nonce = nil, mac : Bytes? = nil, additional = nil) : String
|
def decrypt_detached_string(src, *, nonce = nil, mac : Bytes? = nil, additional = nil) : String
|
||||||
buf = decrypt_detached src.to_slice, dst, mac: mac, nonce: nonce, additional: additional
|
dsize = src.bytesize
|
||||||
# TODO: optimize
|
String.new(dsize) do |dst|
|
||||||
String.new buf
|
decrypt_detached src.to_slice, dst.to_slice(dsize), mac: mac, nonce: nonce, additional: additional
|
||||||
|
{dsize, dsize}
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
abstract def encrypt_detached(src : Bytes, dst : Bytes? = nil, *, nonce : Sodium::Nonce? = nil, mac : Bytes? = nil, additional : String | Bytes | Nil = nil) : {Bytes, Bytes, Sodium::Nonce}
|
abstract def encrypt_detached(src : Bytes, dst : Bytes? = nil, *, nonce : Sodium::Nonce? = nil, mac : Bytes? = nil, additional : String | Bytes | Nil = nil) : {Bytes, Bytes, Sodium::Nonce}
|
||||||
|
Loading…
Reference in New Issue
Block a user