/
chacha20.go
90 lines (71 loc) · 2.68 KB
/
chacha20.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
// Copyright © 2023 Ory Corp
// SPDX-License-Identifier: Apache-2.0
package cipher
import (
"context"
"crypto/rand"
"encoding/hex"
"io"
"github.com/pkg/errors"
"golang.org/x/crypto/chacha20poly1305"
"github.com/ory/herodot"
"github.com/ory/kratos/driver/config"
)
type ChaCha20Configuration interface {
config.Provider
}
type XChaCha20Poly1305 struct {
c ChaCha20Configuration
}
func NewCryptChaCha20(c ChaCha20Configuration) *XChaCha20Poly1305 {
return &XChaCha20Poly1305{c: c}
}
// Encrypt returns a ChaCha encryption of plaintext
func (c *XChaCha20Poly1305) Encrypt(ctx context.Context, message []byte) (string, error) {
if len(message) == 0 {
return "", nil
}
if len(c.c.Config().SecretsCipher(ctx)) == 0 {
return "", errors.WithStack(herodot.ErrInternalServerError.WithReason("Unable to encrypt message because no cipher secrets were configured."))
}
aead, err := chacha20poly1305.NewX(c.c.Config().SecretsCipher(ctx)[0][:])
if err != nil {
return "", herodot.ErrInternalServerError.WithWrap(err).WithReason("Unable to generate key")
}
nonce := make([]byte, aead.NonceSize(), aead.NonceSize()+len(message)+aead.Overhead())
_, err = io.ReadFull(rand.Reader, nonce)
if err != nil {
return "", errors.WithStack(herodot.ErrInternalServerError.WithWrap(err).WithReason("Unable to generate nonce"))
}
encryptedMsg := aead.Seal(nonce, nonce, message, nil)
return hex.EncodeToString(encryptedMsg), nil
}
// Decrypt decrypts data using 256 bit key
func (c *XChaCha20Poly1305) Decrypt(ctx context.Context, ciphertext string) ([]byte, error) {
if len(ciphertext) == 0 {
return nil, nil
}
secrets := c.c.Config().SecretsCipher(ctx)
if len(secrets) == 0 {
return nil, errors.WithStack(herodot.ErrInternalServerError.WithReason("Unable to decipher the encrypted message because no cipher secrets were configured."))
}
rawCiphertext, err := hex.DecodeString(ciphertext)
if err != nil {
return nil, errors.WithStack(herodot.ErrInternalServerError.WithWrap(err).WithReason("Unable to decode hex encrypted string"))
}
for i := range secrets {
aead, err := chacha20poly1305.NewX(secrets[i][:])
if err != nil {
return nil, errors.WithStack(herodot.ErrInternalServerError.WithWrap(err).WithReason("Unable to instanciate chacha20"))
}
if len(ciphertext) < aead.NonceSize() {
return nil, errors.WithStack(herodot.ErrInternalServerError.WithReason("cipher text too short"))
}
nonce, ciphertext := rawCiphertext[:aead.NonceSize()], rawCiphertext[aead.NonceSize():]
plaintext, err := aead.Open(nil, nonce, ciphertext, nil)
if err == nil {
return plaintext, nil
}
}
return nil, errors.WithStack(herodot.ErrInternalServerError.WithReason("Unable to decrypt string"))
}