fixed

Author: deatil

cipher/salsa20/salsa20.go

@@ -18,26 +18,20 @@ type Cipher struct {
 
 // key is 32 bytes, nonce is 8 bytes.
 func NewCipher(key, nonce []byte) (cipher.Stream, error) {
-    var fixedSizedKey [32]byte
-    if len(key) != 32 {
-        return nil, errors.New("go-cryptobin/salsa20: key size must be 32")
-    }
-
-    copy(fixedSizedKey[:], key)
-
-    return &Cipher{
-        key:   fixedSizedKey,
-        nonce: nonce,
-    }, nil
+    return NewCipherWithCounter(key, nonce, 0)
 }
 
 // key is 32 bytes, nonce is 8 bytes.
 func NewCipherWithCounter(key, nonce []byte, counter uint64) (cipher.Stream, error) {
-    var fixedSizedKey [32]byte
     if len(key) != 32 {
         return nil, errors.New("go-cryptobin/salsa20: key size must be 32")
     }
 
+    if len(nonce) != 8 {
+        return nil, errors.New("go-cryptobin/salsa20: nonce size must be 8 bytes")
+    }
+
+    var fixedSizedKey [32]byte
     copy(fixedSizedKey[:], key)
 
     return &Cipher{

cipher/salsa20/salsa20_test.go

@@ -6,7 +6,7 @@ import (
     "math/rand"
 )
 
-func Test_Salsa20(t *testing.T) {
+func Test_NewCipher(t *testing.T) {
     random := rand.New(rand.NewSource(99))
     max := 5000
 
@@ -18,7 +18,7 @@ func Test_Salsa20(t *testing.T) {
         random.Read(key)
         value := make([]byte, 12)
         random.Read(value)
-        nonce := make([]byte, 16)
+        nonce := make([]byte, 8)
         random.Read(nonce)
 
         cipher1, err := NewCipher(key, nonce)
@@ -44,3 +44,42 @@ func Test_Salsa20(t *testing.T) {
         }
     }
 }
+
+func Test_NewCipherWithCounter(t *testing.T) {
+    random := rand.New(rand.NewSource(99))
+    max := 5000
+
+    var encrypted [12]byte
+    var decrypted [12]byte
+
+    for i := 0; i < max; i++ {
+        key := make([]byte, 32)
+        random.Read(key)
+        value := make([]byte, 12)
+        random.Read(value)
+        nonce := make([]byte, 8)
+        random.Read(nonce)
+
+        cipher1, err := NewCipherWithCounter(key, nonce, 1)
+        if err != nil {
+            t.Fatal(err.Error())
+        }
+
+        cipher1.XORKeyStream(encrypted[:], value)
+
+        if bytes.Equal(encrypted[:], value[:]) {
+            t.Errorf("fail: encrypted equal value\n")
+        }
+
+        cipher2, err := NewCipherWithCounter(key, nonce, 1)
+        if err != nil {
+            t.Fatal(err.Error())
+        }
+
+        cipher2.XORKeyStream(decrypted[:], encrypted[:])
+
+        if !bytes.Equal(decrypted[:], value[:]) {
+            t.Errorf("encryption/decryption failed: % 02x != % 02x\n", decrypted, value)
+        }
+    }
+}

cipher/xsalsa20/xsalsa20.go

@@ -0,0 +1,74 @@
+package xsalsa20
+
+import (
+    "errors"
+    "crypto/cipher"
+    "encoding/binary"
+
+    "golang.org/x/crypto/salsa20/salsa"
+
+    "github.com/deatil/go-cryptobin/tool/alias"
+)
+
+type Cipher struct {
+    nonce   []byte
+    key     [32]byte
+    counter uint64
+}
+
+// key is 32 bytes, nonce is 24 bytes.
+func NewCipher(key, nonce []byte) (cipher.Stream, error) {
+    return NewCipherWithCounter(key, nonce, 0)
+}
+
+// key is 32 bytes, nonce is 24 bytes.
+func NewCipherWithCounter(key, nonce []byte, counter uint64) (cipher.Stream, error) {
+    if len(key) != 32 {
+        return nil, errors.New("go-cryptobin/xsalsa20: key size must be 32")
+    }
+
+    if len(nonce) != 24 {
+        return nil, errors.New("go-cryptobin/xsalsa20: nonce size must be 24 bytes")
+    }
+
+    var fixedSizedKey [32]byte
+    copy(fixedSizedKey[:], key)
+
+    var subKey [32]byte
+    var hNonce [16]byte
+    copy(hNonce[:], nonce[:16])
+    salsa.HSalsa20(&subKey, &hNonce, &fixedSizedKey, &salsa.Sigma)
+    nonce = nonce[16:]
+    fixedSizedKey = subKey
+
+    return &Cipher{
+        key:     fixedSizedKey,
+        nonce:   nonce,
+        counter: counter,
+    }, nil
+}
+
+func (c *Cipher) XORKeyStream(dst, src []byte) {
+    if len(src) == 0 {
+        return
+    }
+    if len(dst) < len(src) {
+        panic("go-cryptobin/xsalsa20: output smaller than input")
+    }
+    if alias.InexactOverlap(dst[:len(src)], src) {
+        panic("go-cryptobin/xsalsa20: invalid buffer overlap")
+    }
+
+    paddingLength := int(c.counter % 64)
+    buf := make([]byte, len(src)+paddingLength)
+
+    var subNonce [16]byte
+    copy(subNonce[:], c.nonce)
+    binary.LittleEndian.PutUint64(subNonce[8:], c.counter/64)
+
+    copy(buf[paddingLength:], src)
+    salsa.XORKeyStream(buf, buf, &subNonce, &c.key)
+    copy(dst, buf[paddingLength:])
+
+    c.counter += uint64(len(src))
+}

cipher/xsalsa20/xsalsa20_test.go

@@ -0,0 +1,85 @@
+package xsalsa20
+
+import (
+    "bytes"
+    "testing"
+    "math/rand"
+)
+
+func Test_NewCipher(t *testing.T) {
+    random := rand.New(rand.NewSource(99))
+    max := 5000
+
+    var encrypted [12]byte
+    var decrypted [12]byte
+
+    for i := 0; i < max; i++ {
+        key := make([]byte, 32)
+        random.Read(key)
+        value := make([]byte, 12)
+        random.Read(value)
+        nonce := make([]byte, 24)
+        random.Read(nonce)
+
+        cipher1, err := NewCipher(key, nonce)
+        if err != nil {
+            t.Fatal(err.Error())
+        }
+
+        cipher1.XORKeyStream(encrypted[:], value)
+
+        if bytes.Equal(encrypted[:], value[:]) {
+            t.Errorf("fail: encrypted equal value\n")
+        }
+
+        cipher2, err := NewCipher(key, nonce)
+        if err != nil {
+            t.Fatal(err.Error())
+        }
+
+        cipher2.XORKeyStream(decrypted[:], encrypted[:])
+
+        if !bytes.Equal(decrypted[:], value[:]) {
+            t.Errorf("encryption/decryption failed: % 02x != % 02x\n", decrypted, value)
+        }
+    }
+}
+
+func Test_NewCipherWithCounter(t *testing.T) {
+    random := rand.New(rand.NewSource(99))
+    max := 5000
+
+    var encrypted [12]byte
+    var decrypted [12]byte
+
+    for i := 0; i < max; i++ {
+        key := make([]byte, 32)
+        random.Read(key)
+        value := make([]byte, 12)
+        random.Read(value)
+        nonce := make([]byte, 24)
+        random.Read(nonce)
+
+        cipher1, err := NewCipherWithCounter(key, nonce, 2)
+        if err != nil {
+            t.Fatal(err.Error())
+        }
+
+        cipher1.XORKeyStream(encrypted[:], value)
+
+        if bytes.Equal(encrypted[:], value[:]) {
+            t.Errorf("fail: encrypted equal value\n")
+        }
+
+        cipher2, err := NewCipherWithCounter(key, nonce, 2)
+        if err != nil {
+            t.Fatal(err.Error())
+        }
+
+        cipher2.XORKeyStream(decrypted[:], encrypted[:])
+
+        if !bytes.Equal(decrypted[:], value[:]) {
+            t.Errorf("encryption/decryption failed: % 02x != % 02x\n", decrypted, value)
+        }
+    }
+}