Merge pull request #7 from franks42/master

In TweetNacl.java, added additional methods for Box' box, open, after…

Author: sequoiar

src/com/iwebpp/crypto/TweetNacl.java

@@ -83,14 +83,29 @@ private byte[] generateNonce() {
 		 * */
 		///public byte_buf_t box(byte [] message) {
 		public byte [] box(byte [] message) {
+		
+		  return box(message, generateNonce());
+
+		}
+
+		/*
+		 * @description 
+		 *   Encrypt and authenticates message using peer's public key, 
+		 *   our secret key, and the explicitly provided nonce.
+		 *   Caller is responsible for ensuring that nonce is unique 
+		 *   for each distinct message for a key pair.
+		 *   
+		 *   Returns an encrypted and authenticated message, 
+		 *   which is nacl.box.overheadLength longer than the original message.
+		 * */
+		///public byte_buf_t box(byte [] message) {
+		public byte [] box(byte [] message, byte [] theNonce) {
 
 			// check message
-			if (!(message!=null && message.length>0))
+			if (!(message!=null && message.length>0 &&
+			      theNonce!=null && theNonce.length==nonceLength))
 				return null;
 
-			// generate nonce
-			byte [] n = generateNonce();
-
 			// message buffer
 			byte [] m = new byte[message.length + zerobytesLength];
 
@@ -100,7 +115,7 @@ private byte[] generateNonce() {
 			for (int i = 0; i < message.length; i ++)
 				m[i+zerobytesLength] = message[i];
 
-			if (0 != crypto_box(c, m, m.length, n, theirPublicKey, mySecretKey))
+			if (0 != crypto_box(c, m, m.length, theNonce, theirPublicKey, mySecretKey))
 				return null;
 
 			// wrap byte_buf_t on c offset@boxzerobytesLength
@@ -121,13 +136,24 @@ private byte[] generateNonce() {
 		 *   Returns the original message, or null if authentication fails.
 		 * */
 		public byte [] open(byte [] box) {
+		
+		  return open(box, generateNonce());
+
+		}
+
+		/*
+		 * @description 
+		 *   Authenticates and decrypts the given box with peer's public key, 
+		 *   our secret key, and the explicitly provided nonce.
+		 *   
+		 *   Returns the original message, or null if authentication fails.
+		 * */
+		public byte [] open(byte [] box, byte [] theNonce) {
 			// check message
-			if (!(box!=null && box.length>boxzerobytesLength))
+			if (!(box!=null && box.length>boxzerobytesLength &&
+			      theNonce!=null && theNonce.length==nonceLength))
 				return null;
 
-			// generate nonce
-			byte [] n = generateNonce();
-
 			// cipher buffer
 			byte [] c = new byte[box.length + boxzerobytesLength];
 
@@ -137,7 +163,7 @@ private byte[] generateNonce() {
 			for (int i = 0; i < box.length; i++) 
 				c[i+boxzerobytesLength] = box[i];
 
-			if (0 != crypto_box_open(m, c, c.length, n, theirPublicKey, mySecretKey))
+			if (0 != crypto_box_open(m, c, c.length, theNonce, theirPublicKey, mySecretKey))
 				return null;
 
 			// wrap byte_buf_t on m offset@zerobytesLength
@@ -169,13 +195,22 @@ private byte[] generateNonce() {
 		 *   Same as nacl.box, but uses a shared key precomputed with nacl.box.before.
 		 * */
 		public byte [] after(byte [] message) {
+		
+		  return after(message, generateNonce());
+
+		}
+
+		/*
+		 * @description 
+		 *   Same as nacl.box, but uses a shared key precomputed with nacl.box.before
+		 *   and explicitly provided nonce
+		 * */
+		public byte [] after(byte [] message, byte [] theNonce) {
 			// check message
-			if (!(message!=null && message.length>0))
+			if (!(message!=null && message.length>0 &&
+			      theNonce!=null && theNonce.length==nonceLength))
 				return null;
 
-			// generate nonce
-			byte [] n = generateNonce();
-
 			// message buffer
 			byte [] m = new byte[message.length + zerobytesLength];
 
@@ -185,7 +220,7 @@ private byte[] generateNonce() {
 			for (int i = 0; i < message.length; i ++)
 				m[i+zerobytesLength] = message[i];
 
-			if (0 != crypto_box_afternm(c, m, m.length, n, sharedKey))
+			if (0 != crypto_box_afternm(c, m, m.length, theNonce, sharedKey))
 				return null;
 
 			// wrap byte_buf_t on c offset@boxzerobytesLength
@@ -204,13 +239,23 @@ private byte[] generateNonce() {
 		 *   but uses a shared key pre-computed with nacl.box.before.
 		 * */
 		public byte [] open_after(byte [] box) {
+		
+		  return open_after(box, generateNonce());
+
+		}
+
+		/*
+		 * @description 
+		 *   Same as nacl.box.open, 
+		 *   but uses a shared key pre-computed with nacl.box.before,
+		 *   and explicitly passed nonce
+		 * */
+		public byte [] open_after(byte [] box, byte [] theNonce) {
 			// check message
-			if (!(box!=null && box.length>boxzerobytesLength))
+			if (!(box!=null && box.length>boxzerobytesLength &&
+			      theNonce!=null && theNonce.length==nonceLength))
 				return null;
 
-			// generate nonce
-			byte [] n = generateNonce();
-
 			// cipher buffer
 			byte [] c = new byte[box.length + boxzerobytesLength];
 
@@ -220,7 +265,7 @@ private byte[] generateNonce() {
 			for (int i = 0; i < box.length; i++) 
 				c[i+boxzerobytesLength] = box[i];
 
-			if (crypto_box_open_afternm(m, c, c.length, n, sharedKey) != 0) 
+			if (crypto_box_open_afternm(m, c, c.length, theNonce, sharedKey) != 0) 
 				return null;
 
 			// wrap byte_buf_t on m offset@zerobytesLength
@@ -379,13 +424,27 @@ private byte[] generateNonce() {
 		 * */
 		///public byte_buf_t box(byte [] message) {
 		public byte [] box(byte [] message) {
+		
+		  return box(message, generateNonce());
+
+		}
+
+		/*
+		 * @description 
+		 *   Encrypt and authenticates message using the key 
+		 *   and the explicitly passed nonce. 
+		 *   The nonce must be unique for each distinct message for this key.
+		 *   
+		 *   Returns an encrypted and authenticated message, 
+		 *   which is nacl.secretbox.overheadLength longer than the original message.
+		 * */
+		///public byte_buf_t box(byte [] message) {
+		public byte [] box(byte [] message, byte [] theNonce) {
 			// check message
-			if (!(message!=null && message.length>0))
+			if (!(message!=null && message.length>0 &&
+			      theNonce!=null && theNonce.length==nonceLength))
 				return null;
 
-			// generate nonce
-			byte [] n = generateNonce();
-
 			// message buffer
 			byte [] m = new byte[message.length + zerobytesLength];
 
@@ -395,7 +454,7 @@ private byte[] generateNonce() {
 			for (int i = 0; i < message.length; i ++)
 				m[i+zerobytesLength] = message[i];
 
-			if (0 != crypto_secretbox(c, m, m.length, n, key))
+			if (0 != crypto_secretbox(c, m, m.length, theNonce, key))
 				return null;
 
 			// TBD optimizing ...
@@ -417,13 +476,24 @@ private byte[] generateNonce() {
 		 *   Returns the original message, or null if authentication fails.
 		 * */
 		public byte [] open(byte [] box) {
+		
+		  return open(box, generateNonce());
+
+		}
+
+		/*
+		 * @description 
+		 *   Authenticates and decrypts the given secret box 
+		 *   using the key and the explicitly passed nonce.
+		 *   
+		 *   Returns the original message, or null if authentication fails.
+		 * */
+		public byte [] open(byte [] box, byte [] theNonce) {
 			// check message
-			if (!(box!=null && box.length>boxzerobytesLength))
+			if (!(box!=null && box.length>boxzerobytesLength &&
+			      theNonce!=null && theNonce.length==nonceLength))
 				return null;
 
-			// generate nonce
-			byte [] n = generateNonce();
-
 			// cipher buffer
 			byte [] c = new byte[box.length + boxzerobytesLength];
 
@@ -433,7 +503,7 @@ private byte[] generateNonce() {
 			for (int i = 0; i < box.length; i++) 
 				c[i+boxzerobytesLength] = box[i];
 
-			if (0 != crypto_secretbox_open(m, c, c.length, n, key))
+			if (0 != crypto_secretbox_open(m, c, c.length, theNonce, key))
 				return null;
 
 			// wrap byte_buf_t on m offset@zerobytesLength
@@ -1885,7 +1955,7 @@ public static int crypto_sign_open(byte [] m, long dummy /* *mlen not used*/, by
 	 * */
 	private static final SecureRandom jrandom = new SecureRandom();
 
-	private static void randombytes(byte [] x, int len) {
+	public static void randombytes(byte [] x, int len) {
 		int ret = len % 8;
 		long rnd;