YoungBlood/libsodium_wasm_experimental
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Started adding Auth doc, added aead doc for specific functions

Browse Source
This commit is contained in:
Ugljesa Jovanovic 2020-11-18 22:28:57 +01:00
parent 6183a2eb6b
commit 1cfff4dd43
No known key found for this signature in database
GPG Key ID: 178E6DFCECCB0E0F
10 changed files with 242 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
multiplatform-crypto-libsodium-bindings/src/commonMain/kotlin/com.ionspin.kotlin.crypto/aead/Aead.md
View File

@ -2,7 +2,8 @@
## Authenticated encryption with associated data
This is a form of symmetric encryption, that assures both confidentiality and authenticity of the data.
This is a form of symmetric encryption, that assures both confidentiality and authenticity of the data to be encrypted as well
as associated data that will not be encrypted.
In general it works like this:
@ -14,11 +15,11 @@ Inputs:
Simplified encryption algorithm:
1. Encrypt message with key and nonce
1. Apply MAC to encrypted message + unencrypted associated data to generate authentication data (tag)
1. Apply MAC algorithm to encrypted message + unencrypted associated data to generate authentication data (tag)
1. Send the encrypted data + associated data + authentication data + nonce
Simplified decryption algorithm:
1. Apply MAC to encrypted message + unencrypted associated data to generate authentication data
1. Apply MAC algorithm to encrypted message + unencrypted associated data to generate authentication data
1. If the generated authenticated data, and the received authentication data match, proceed, otherwise sound the alarm and stop.
1. Decrypt the encrypted data
1. Return the decrypted data and associated data to the user

169
multiplatform-crypto-libsodium-bindings/src/commonMain/kotlin/com.ionspin.kotlin.crypto/aead/AuthenticatedEncryptionWithAssociatedData.kt
View File

@ -30,13 +30,15 @@ data class AeadEncryptedDataAndTag(val data: UByteArray, val tag: UByteArray)
/**
* An exception thrown when tag generated from received data and key doesn't match the received tag
*/
class AeadCorrupedOrTamperedDataException() : RuntimeException("Tag (authentication data) validation failed. Data is corrupted or tampered with.")
class AeadCorrupedOrTamperedDataException() :
RuntimeException("Tag (authentication data) validation failed. Data is corrupted or tampered with.")
/**
* This is a form of symmetric encryption, that assures both confidentiality and authenticity of the data.
* This is a form of symmetric encryption, that assures both confidentiality and authenticity of the data to be encrypted as well
as associated data that will not be encrypted.
*
* Offered here are three implementations of (x)ChaCha20-Poly1305 construction:
* - ChaCha20Poly1305 - uses 64bit nonce
* - ChaCha20Poly1305 - uses 64bit nonce, safe to encrypt
* - ChaCha20Poly1305-IETF - uses 96bit nonce (standardised by [RFC8439](https://tools.ietf.org/html/rfc8439)
* - XChaCha20Poly1305 - uses 192bit nonce - recommended choice
*
@ -51,9 +53,21 @@ class AeadCorrupedOrTamperedDataException() : RuntimeException("Tag (authenticat
*
* Combined mode returns encrypted data and tag as one UByteArray, while detached mode returns them as separate UByteArrays.
* To be kotlin idiomatic we are returning detached tag and encrypted data inside a wrapper data class [AeadEncryptedDataAndTag]
*
* Also provided are key generation convenience functions for each variant. (Which is in practice the same, since the keys
* same length for each variant)
*/
expect object AuthenticatedEncryptionWithAssociatedData {
// X - Ietf
/**
* Encrypt the message and return encrypted data and tag using xChaChaPoly1305 (192 bit nonce)
*
* @param message message to encrypt
* @param associatedData associated data the won't be encrypted, but will be authenticated
* @param nonce a **unique** nonce
* @param key secret key
* @return encrypted data and tag (in that order)
*/
fun xChaCha20Poly1305IetfEncrypt(
message: UByteArray,
associatedData: UByteArray,
@ -61,13 +75,34 @@ expect object AuthenticatedEncryptionWithAssociatedData {
key: UByteArray
): UByteArray
/**
* Check if authentication data (tag) is correct, then decrypt the message and return decrypted data.
* Using xChaChaPoly1305 (192 bit nonce)
*
* @param ciphertextAndTag message to decrypt
* @param associatedData associated data the won't be encrypted, but will be authenticated
* @param nonce a nonce used to encrypt the message
* @param key secret key
* @return decrypted data
* @throws AeadCorrupedOrTamperedDataException if authentication data (tag) cannot be verified
*/
fun xChaCha20Poly1305IetfDecrypt(
ciphertext: UByteArray,
ciphertextAndTag: UByteArray,
associatedData: UByteArray,
nonce: UByteArray,
key: UByteArray
): UByteArray
/**
* Encrypt the message and return encrypted data and tag using xChaChaPoly1305 (192 bit nonce) as
* separate arrays (but wrapped inside [AeadEncryptedDataAndTag]
*
* @param message message to encrypt
* @param associatedData associated data the won't be encrypted, but will be authenticated
* @param nonce a **unique** nonce
* @param key secret key
* @return encrypted data and tag wrapped inside [AeadEncryptedDataAndTag] data class instance
*/
fun xChaCha20Poly1305IetfEncryptDetached(
message: UByteArray,
associatedData: UByteArray,
@ -75,6 +110,18 @@ expect object AuthenticatedEncryptionWithAssociatedData {
key: UByteArray
): AeadEncryptedDataAndTag
/**
* Check if authentication data (tag) is correct, then decrypt the message and return decrypted data.
* Using xChaChaPoly1305 (192 bit nonce)
*
* @param ciphertext message to decrypt
* @param tag authenticatoin data (tag)
* @param associatedData associated data the won't be encrypted, but will be authenticated
* @param nonce a nonce used to encrypt the message
* @param key secret key
* @return decrypted data
* @throws AeadCorrupedOrTamperedDataException if authentication data (tag) cannot be verified
*/
fun xChaCha20Poly1305IetfDecryptDetached(
ciphertext: UByteArray,
tag: UByteArray,
@ -84,21 +131,48 @@ expect object AuthenticatedEncryptionWithAssociatedData {
): UByteArray
// Ietf
/**
* Encrypt the message and return encrypted data and tag using ChaChaPoly1305-IETF (96 bit nonce)
*
* @param message message to encrypt
* @param associatedData associated data the won't be encrypted, but will be authenticated
* @param nonce a **unique** nonce
* @param key secret key
* @return encrypted data and tag (in that order)
*/
fun chaCha20Poly1305IetfEncrypt(
message: UByteArray,
associatedData: UByteArray,
nonce: UByteArray,
key: UByteArray
): UByteArray
/**
* Check if authentication data (tag) is correct, then decrypt the message and return decrypted data.
* Using ChaChaPoly1305-IETF (96 bit nonce)
*
* @param ciphertextAndTag message to decrypt
* @param associatedData associated data the won't be encrypted, but will be authenticated
* @param nonce a nonce used to encrypt the message
* @param key secret key
* @return decrypted data
* @throws AeadCorrupedOrTamperedDataException if authentication data (tag) cannot be verified
*/
fun chaCha20Poly1305IetfDecrypt(
ciphertext: UByteArray,
ciphertextAndTag: UByteArray,
associatedData: UByteArray,
nonce: UByteArray,
key: UByteArray
): UByteArray
/**
* Encrypt the message and return encrypted data and tag using ChaChaPoly1305-IETF (96 bit nonce) as
* separate arrays (but wrapped inside [AeadEncryptedDataAndTag]
*
* @param message message to encrypt
* @param associatedData associated data the won't be encrypted, but will be authenticated
* @param nonce a **unique** nonce
* @param key secret key
* @return encrypted data and tag wrapped inside [AeadEncryptedDataAndTag] data class instance
*/
fun chaCha20Poly1305IetfEncryptDetached(
message: UByteArray,
associatedData: UByteArray,
@ -106,6 +180,18 @@ expect object AuthenticatedEncryptionWithAssociatedData {
key: UByteArray
): AeadEncryptedDataAndTag
/**
* Check if authentication data (tag) is correct, then decrypt the message and return decrypted data.
* Using xChaChaPoly1305 (96 bit nonce)
*
* @param ciphertext message to decrypt
* @param tag authenticatoin data (tag)
* @param associatedData associated data the won't be encrypted, but will be authenticated
* @param nonce a nonce used to encrypt the message
* @param key secret key
* @return decrypted data
* @throws AeadCorrupedOrTamperedDataException if authentication data (tag) cannot be verified
*/
fun chaCha20Poly1305IetfDecryptDetached(
ciphertext: UByteArray,
tag: UByteArray,
@ -115,28 +201,66 @@ expect object AuthenticatedEncryptionWithAssociatedData {
): UByteArray
// Original chacha20poly1305
/**
* Encrypt the message and return encrypted data and tag using ChaChaPoly1305 (64 bit nonce)
*
* @param message message to encrypt
* @param associatedData associated data the won't be encrypted, but will be authenticated
* @param nonce a **unique** nonce
* @param key secret key
* @return encrypted data and tag (in that order)
*/
fun chaCha20Poly1305Encrypt(
message: UByteArray,
associatedData: UByteArray,
nonce: UByteArray,
key: UByteArray
): UByteArray
/**
* Check if authentication data (tag) is correct, then decrypt the message and return decrypted data.
* Using ChaChaPoly1305 (64 bit nonce)
*
* @param ciphertextAndTag message to decrypt
* @param associatedData associated data the won't be encrypted, but will be authenticated
* @param nonce a nonce used to encrypt the message
* @param key secret key
* @return decrypted data
* @throws AeadCorrupedOrTamperedDataException if authentication data (tag) cannot be verified
*/
fun chaCha20Poly1305Decrypt(
ciphertext: UByteArray,
ciphertextAndTag: UByteArray,
associatedData: UByteArray,
nonce: UByteArray,
key: UByteArray
): UByteArray
/**
* Encrypt the message and return encrypted data and tag using ChaChaPoly1305 (64 bit nonce) as
* separate arrays (but wrapped inside [AeadEncryptedDataAndTag]
*
* @param message message to encrypt
* @param associatedData associated data the won't be encrypted, but will be authenticated
* @param nonce a **unique** nonce
* @param key secret key
* @return encrypted data and tag wrapped inside [AeadEncryptedDataAndTag] data class instance
*/
fun chaCha20Poly1305EncryptDetached(
message: UByteArray,
associatedData: UByteArray,
nonce: UByteArray,
key: UByteArray
): AeadEncryptedDataAndTag
/**
* Check if authentication data (tag) is correct, then decrypt the message and return decrypted data.
* Using xChaChaPoly1305 (64 bit nonce)
*
* @param ciphertext message to decrypt
* @param tag authenticatoin data (tag)
* @param associatedData associated data the won't be encrypted, but will be authenticated
* @param nonce a nonce used to encrypt the message
* @param key secret key
* @return decrypted data
* @throws AeadCorrupedOrTamperedDataException if authentication data (tag) cannot be verified
*/
fun chaCha20Poly1305DecryptDetached(
ciphertext: UByteArray,
tag: UByteArray,
@ -145,9 +269,20 @@ expect object AuthenticatedEncryptionWithAssociatedData {
key: UByteArray
): UByteArray
fun xChaCha20Poly1305IetfKeygen() : UByteArray
fun chaCha20Poly1305IetfKeygen() : UByteArray
fun chaCha20Poly1305Keygen() : UByteArray
/**
* Generate a random 32byte key for use with xChaCha20Poly1305
* @return secret key
*/
fun xChaCha20Poly1305IetfKeygen(): UByteArray
/**
* Generate a random 32 byte key for use with ChaCha20Poly1305-IETF
* @return secret key
*/
fun chaCha20Poly1305IetfKeygen(): UByteArray
/**
* Generate a random 32 byte key for use with ChaCha20Poly1305
* @return secret key
*/
fun chaCha20Poly1305Keygen(): UByteArray
}

20
multiplatform-crypto-libsodium-bindings/src/commonMain/kotlin/com.ionspin.kotlin.crypto/auth/Auth.kt
View File

@ -19,18 +19,32 @@ val crypto_auth_hmacsha256_BYTES = 32
val crypto_auth_hmacsha512_KEYBYTES = 32
val crypto_auth_hmacsha512_BYTES = 64
/**
* Authentication is a process of generating authentication data (tag) for a certain message. Its purpose is to assure
* that the data hasn't been corrupted or tampered with during the transport.
*
* We support 3 variants:
* - without suffix - HMAC-SHA512-256 (HMAC SHA512 with just the first 256 bits used)
* - *HmacSha256 - HMAC-SHA256
* - *HmacSha512 - HMAC-SHA512
*
* Each variant supports three operations:
* - keygen - generate appropriate key for MAC function
* - auth - generate the authentication data (tag/mac)
* - verify - verify that the authenticatoin data (tag/mac) is correct
*/
expect object Auth {
fun authKeygen() : UByteArray
fun auth(message: UByteArray, key: UByteArray) : UByteArray
fun authVerify(mac: UByteArray, message: UByteArray, key: UByteArray) : Boolean
fun authVerify(tag: UByteArray, message: UByteArray, key: UByteArray) : Boolean
fun authHmacSha256Keygen() : UByteArray
fun authHmacSha256(message: UByteArray, key: UByteArray) : UByteArray
fun authHmacSha256Verify(mac: UByteArray, message: UByteArray, key: UByteArray) : Boolean
fun authHmacSha256Verify(tag: UByteArray, message: UByteArray, key: UByteArray) : Boolean
fun authHmacSha512Keygen() : UByteArray
fun authHmacSha512(message: UByteArray, key: UByteArray) : UByteArray
fun authHmacSha512Verify(mac: UByteArray, message: UByteArray, key: UByteArray) : Boolean
fun authHmacSha512Verify(tag: UByteArray, message: UByteArray, key: UByteArray) : Boolean
}

21
multiplatform-crypto-libsodium-bindings/src/commonMain/kotlin/com.ionspin.kotlin.crypto/auth/Auth.md Normal file
View File

@ -0,0 +1,21 @@
# Package com.ionspin.kotlin.crypto.auth
## Authentication
Authentication is a process of generating authentication data (tag) for a certain message. Its purpose is to assure
that the data hasn't been corrupted or tampered with during the transport.
In general, it works like this:
Inputs:
- Message to authenticate
- Key to use for authentication
Sending side algorithm:
1. Apply MAC to message
1. Send the message + authentication data (tag)
Receiving side:
1. Apply the MAC to the received message
1. If the generated authenticated data (tag), and the received authentication data (received tag) match, proceed, otherwise sound the alarm and stop.
1. Return the message to the user

12
multiplatform-crypto-libsodium-bindings/src/jsMain/kotlin/com/ionspin/kotlin/crypto/aead/AuthenticatedEncryptionWithAssociatedData.kt
View File

@ -26,7 +26,7 @@ actual object AuthenticatedEncryptionWithAssociatedData {
}
actual fun xChaCha20Poly1305IetfDecrypt(
ciphertext: UByteArray,
ciphertextAndTag: UByteArray,
associatedData: UByteArray,
nonce: UByteArray,
key: UByteArray
@ -34,7 +34,7 @@ actual object AuthenticatedEncryptionWithAssociatedData {
try {
return getSodium().crypto_aead_xchacha20poly1305_ietf_decrypt(
null,
ciphertext.toUInt8Array(),
ciphertextAndTag.toUInt8Array(),
associatedData.toUInt8Array(),
nonce.toUInt8Array(),
key.toUInt8Array()
@ -100,7 +100,7 @@ actual object AuthenticatedEncryptionWithAssociatedData {
}
actual fun chaCha20Poly1305IetfDecrypt(
ciphertext: UByteArray,
ciphertextAndTag: UByteArray,
associatedData: UByteArray,
nonce: UByteArray,
key: UByteArray
@ -108,7 +108,7 @@ actual object AuthenticatedEncryptionWithAssociatedData {
try {
return getSodium().crypto_aead_chacha20poly1305_ietf_decrypt(
null,
ciphertext.toUInt8Array(),
ciphertextAndTag.toUInt8Array(),
associatedData.toUInt8Array(),
nonce.toUInt8Array(),
key.toUInt8Array()
@ -174,7 +174,7 @@ actual object AuthenticatedEncryptionWithAssociatedData {
}
actual fun chaCha20Poly1305Decrypt(
ciphertext: UByteArray,
ciphertextAndTag: UByteArray,
associatedData: UByteArray,
nonce: UByteArray,
key: UByteArray
@ -182,7 +182,7 @@ actual object AuthenticatedEncryptionWithAssociatedData {
try {
return getSodium().crypto_aead_chacha20poly1305_decrypt(
null,
ciphertext.toUInt8Array(),
ciphertextAndTag.toUInt8Array(),
associatedData.toUInt8Array(),
nonce.toUInt8Array(),
key.toUInt8Array()

13
multiplatform-crypto-libsodium-bindings/src/jsMain/kotlin/com/ionspin/kotlin/crypto/auth/Auth.kt
View File

@ -3,7 +3,6 @@ package com.ionspin.kotlin.crypto.auth
import com.ionspin.kotlin.crypto.getSodium
import ext.libsodium.com.ionspin.kotlin.crypto.toUByteArray
import ext.libsodium.com.ionspin.kotlin.crypto.toUInt8Array
import org.khronos.webgl.Uint8Array
actual object Auth {
actual fun authKeygen(): UByteArray {
@ -18,9 +17,9 @@ actual object Auth {
}
actual fun authVerify(mac: UByteArray, message: UByteArray, key: UByteArray): Boolean {
actual fun authVerify(tag: UByteArray, message: UByteArray, key: UByteArray): Boolean {
return getSodium().crypto_auth_verify(
mac.toUInt8Array(),
tag.toUInt8Array(),
message.toUInt8Array(),
key.toUInt8Array()
)
@ -38,12 +37,12 @@ actual object Auth {
}
actual fun authHmacSha256Verify(
mac: UByteArray,
tag: UByteArray,
message: UByteArray,
key: UByteArray
): Boolean {
return getSodium().crypto_auth_hmacsha256_verify(
mac.toUInt8Array(),
tag.toUInt8Array(),
message.toUInt8Array(),
key.toUInt8Array()
)
@ -61,12 +60,12 @@ actual object Auth {
}
actual fun authHmacSha512Verify(
mac: UByteArray,
tag: UByteArray,
message: UByteArray,
key: UByteArray
): Boolean {
return getSodium().crypto_auth_hmacsha512_verify(
mac.toUInt8Array(),
tag.toUInt8Array(),
message.toUInt8Array(),
key.toUInt8Array()
)

24
multiplatform-crypto-libsodium-bindings/src/jvmMain/kotlin/com/ionspin/kotlin/crypto/aead/AuthenticatedEncryptionWithAssociatedData.kt
View File

@ -29,18 +29,18 @@ actual object AuthenticatedEncryptionWithAssociatedData {
}
actual fun xChaCha20Poly1305IetfDecrypt(
ciphertext: UByteArray,
ciphertextAndTag: UByteArray,
associatedData: UByteArray,
nonce: UByteArray,
key: UByteArray
): UByteArray {
val message = UByteArray(ciphertext.size - crypto_aead_xchacha20poly1305_ietf_ABYTES)
val message = UByteArray(ciphertextAndTag.size - crypto_aead_xchacha20poly1305_ietf_ABYTES)
val validationResult = sodium.crypto_aead_xchacha20poly1305_ietf_decrypt(
message.asByteArray(),
null,
null,
ciphertext.asByteArray(),
ciphertext.size.toLong(),
ciphertextAndTag.asByteArray(),
ciphertextAndTag.size.toLong(),
associatedData.asByteArray(),
associatedData.size.toLong(),
nonce.asByteArray(),
@ -122,18 +122,18 @@ actual object AuthenticatedEncryptionWithAssociatedData {
}
actual fun chaCha20Poly1305IetfDecrypt(
ciphertext: UByteArray,
ciphertextAndTag: UByteArray,
associatedData: UByteArray,
nonce: UByteArray,
key: UByteArray
): UByteArray {
val message = UByteArray(ciphertext.size - crypto_aead_chacha20poly1305_ietf_ABYTES)
val message = UByteArray(ciphertextAndTag.size - crypto_aead_chacha20poly1305_ietf_ABYTES)
val validationResult = sodium.crypto_aead_chacha20poly1305_ietf_decrypt(
message.asByteArray(),
null,
null,
ciphertext.asByteArray(),
ciphertext.size.toLong(),
ciphertextAndTag.asByteArray(),
ciphertextAndTag.size.toLong(),
associatedData.asByteArray(),
associatedData.size.toLong(),
nonce.asByteArray(),
@ -215,18 +215,18 @@ actual object AuthenticatedEncryptionWithAssociatedData {
}
actual fun chaCha20Poly1305Decrypt(
ciphertext: UByteArray,
ciphertextAndTag: UByteArray,
associatedData: UByteArray,
nonce: UByteArray,
key: UByteArray
): UByteArray {
val message = UByteArray(ciphertext.size - crypto_aead_chacha20poly1305_ABYTES)
val message = UByteArray(ciphertextAndTag.size - crypto_aead_chacha20poly1305_ABYTES)
val validationResult = sodium.crypto_aead_chacha20poly1305_decrypt(
message.asByteArray(),
null,
null,
ciphertext.asByteArray(),
ciphertext.size.toLong(),
ciphertextAndTag.asByteArray(),
ciphertextAndTag.size.toLong(),
associatedData.asByteArray(),
associatedData.size.toLong(),
nonce.asByteArray(),

12
multiplatform-crypto-libsodium-bindings/src/jvmMain/kotlin/com/ionspin/kotlin/crypto/auth/Auth.kt
View File

@ -20,9 +20,9 @@ actual object Auth {
return mac
}
actual fun authVerify(mac: UByteArray, message: UByteArray, key: UByteArray): Boolean {
actual fun authVerify(tag: UByteArray, message: UByteArray, key: UByteArray): Boolean {
return sodium.crypto_auth_verify(
mac.asByteArray(),
tag.asByteArray(),
message.asByteArray(),
message.size.toLong(),
key.asByteArray()
@ -47,12 +47,12 @@ actual object Auth {
}
actual fun authHmacSha256Verify(
mac: UByteArray,
tag: UByteArray,
message: UByteArray,
key: UByteArray
): Boolean {
return sodium.crypto_auth_hmacsha256_verify(
mac.asByteArray(),
tag.asByteArray(),
message.asByteArray(),
message.size.toLong(),
key.asByteArray()
@ -77,12 +77,12 @@ actual object Auth {
}
actual fun authHmacSha512Verify(
mac: UByteArray,
tag: UByteArray,
message: UByteArray,
key: UByteArray
): Boolean {
return sodium.crypto_auth_hmacsha512_verify(
mac.asByteArray(),
tag.asByteArray(),
message.asByteArray(),
message.size.toLong(),
key.asByteArray()

24
multiplatform-crypto-libsodium-bindings/src/nativeMain/kotlin/com/ionspin/kotlin/crypto/aead/AuthenticatedEncryptionWithAssociatedData.kt
View File

@ -62,17 +62,17 @@ actual object AuthenticatedEncryptionWithAssociatedData {
}
actual fun xChaCha20Poly1305IetfDecrypt(
ciphertext: UByteArray,
ciphertextAndTag: UByteArray,
associatedData: UByteArray,
nonce: UByteArray,
key: UByteArray
): UByteArray {
val ciphertextPinned = ciphertext.pin()
val ciphertextPinned = ciphertextAndTag.pin()
val associatedDataPinned = associatedData.pin()
val noncePinned = nonce.pin()
val keyPinned = key.pin()
val message = UByteArray(ciphertext.size - crypto_aead_xchacha20poly1305_ietf_ABYTES)
val message = UByteArray(ciphertextAndTag.size - crypto_aead_xchacha20poly1305_ietf_ABYTES)
val messagePinned = message.pin()
val validationResult = crypto_aead_xchacha20poly1305_ietf_decrypt(
@ -80,7 +80,7 @@ actual object AuthenticatedEncryptionWithAssociatedData {
null,
null,
ciphertextPinned.toPtr(),
ciphertext.size.convert(),
ciphertextAndTag.size.convert(),
associatedDataPinned.toPtr(),
associatedData.size.convert(),
noncePinned.toPtr(),
@ -223,17 +223,17 @@ actual object AuthenticatedEncryptionWithAssociatedData {
}
actual fun chaCha20Poly1305IetfDecrypt(
ciphertext: UByteArray,
ciphertextAndTag: UByteArray,
associatedData: UByteArray,
nonce: UByteArray,
key: UByteArray
): UByteArray {
val ciphertextPinned = ciphertext.pin()
val ciphertextPinned = ciphertextAndTag.pin()
val associatedDataPinned = associatedData.pin()
val noncePinned = nonce.pin()
val keyPinned = key.pin()
val message = UByteArray(ciphertext.size - crypto_aead_chacha20poly1305_ietf_ABYTES)
val message = UByteArray(ciphertextAndTag.size - crypto_aead_chacha20poly1305_ietf_ABYTES)
val messagePinned = message.pin()
val validationResult = crypto_aead_chacha20poly1305_ietf_decrypt(
@ -241,7 +241,7 @@ actual object AuthenticatedEncryptionWithAssociatedData {
null,
null,
ciphertextPinned.toPtr(),
ciphertext.size.convert(),
ciphertextAndTag.size.convert(),
associatedDataPinned.toPtr(),
associatedData.size.convert(),
noncePinned.toPtr(),
@ -384,17 +384,17 @@ actual object AuthenticatedEncryptionWithAssociatedData {
}
actual fun chaCha20Poly1305Decrypt(
ciphertext: UByteArray,
ciphertextAndTag: UByteArray,
associatedData: UByteArray,
nonce: UByteArray,
key: UByteArray
): UByteArray {
val ciphertextPinned = ciphertext.pin()
val ciphertextPinned = ciphertextAndTag.pin()
val associatedDataPinned = associatedData.pin()
val noncePinned = nonce.pin()
val keyPinned = key.pin()
val message = UByteArray(ciphertext.size - crypto_aead_chacha20poly1305_ABYTES)
val message = UByteArray(ciphertextAndTag.size - crypto_aead_chacha20poly1305_ABYTES)
val messagePinned = message.pin()
val validationResult = crypto_aead_chacha20poly1305_decrypt(
@ -402,7 +402,7 @@ actual object AuthenticatedEncryptionWithAssociatedData {
null,
null,
ciphertextPinned.toPtr(),
ciphertext.size.convert(),
ciphertextAndTag.size.convert(),
associatedDataPinned.toPtr(),
associatedData.size.convert(),
noncePinned.toPtr(),

12
multiplatform-crypto-libsodium-bindings/src/nativeMain/kotlin/com/ionspin/kotlin/crypto/auth/Auth.kt
View File

@ -43,8 +43,8 @@ actual object Auth {
return mac
}
actual fun authVerify(mac: UByteArray, message: UByteArray, key: UByteArray): Boolean {
val macPinned = mac.pin()
actual fun authVerify(tag: UByteArray, message: UByteArray, key: UByteArray): Boolean {
val macPinned = tag.pin()
val messagePinned = message.pin()
val keyPinned = key.pin()
val verify = crypto_auth_verify(
@ -90,11 +90,11 @@ actual object Auth {
}
actual fun authHmacSha256Verify(
mac: UByteArray,
tag: UByteArray,
message: UByteArray,
key: UByteArray
): Boolean {
val macPinned = mac.pin()
val macPinned = tag.pin()
val messagePinned = message.pin()
val keyPinned = key.pin()
@ -141,11 +141,11 @@ actual object Auth {
}
actual fun authHmacSha512Verify(
mac: UByteArray,
tag: UByteArray,
message: UByteArray,
key: UByteArray
): Boolean {
val macPinned = mac.pin()
val macPinned = tag.pin()
val messagePinned = message.pin()
val keyPinned = key.pin()