YoungBlood/libsodium_wasm_experimental
3
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Aead docs

Browse Source
This commit is contained in:
Ugljesa Jovanovic 2020-11-18 21:03:21 +01:00
parent a70bb5243c
commit 6183a2eb6b
No known key found for this signature in database
GPG Key ID: 178E6DFCECCB0E0F
2 changed files with 51 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
multiplatform-crypto-libsodium-bindings/src/commonMain/kotlin/com.ionspin.kotlin.crypto/aead/Aead.md
View File

@ -1,4 +1,27 @@
# Package com.ionspin.kotlin.crypto.aead # Package com.ionspin.kotlin.crypto.aead
Package AEAD stuff here ## Authenticated encryption with associated data
This is a form of symmetric encryption, that assures both confidentiality and authenticity of the data.
In general it works like this:
Inputs:
- Message to encrypt and authenticate
- Key to use for encryption
- **Unique** nonce
- Additional data that is not encrypted but also authenticated
Simplified encryption algorithm:
1. Encrypt message with key and nonce
1. Apply MAC to encrypted message + unencrypted associated data to generate authentication data (tag)
1. Send the encrypted data + associated data + authentication data + nonce
Simplified decryption algorithm:
1. Apply MAC to encrypted message + unencrypted associated data to generate authentication data
1. If the generated authenticated data, and the received authentication data match, proceed, otherwise sound the alarm and stop.
1. Decrypt the encrypted data
1. Return the decrypted data and associated data to the user

29
multiplatform-crypto-libsodium-bindings/src/commonMain/kotlin/com.ionspin.kotlin.crypto/aead/AuthenticatedEncryptionWithAssociatedData.kt
View File

@ -22,11 +22,36 @@ val crypto_aead_chacha20poly1305_KEYBYTES = 32
val crypto_aead_chacha20poly1305_NPUBBYTES = 8 val crypto_aead_chacha20poly1305_NPUBBYTES = 8
val crypto_aead_chacha20poly1305_ABYTES = 16 val crypto_aead_chacha20poly1305_ABYTES = 16
/**
* A data class wrapping returned encrypted data and and tag from aead encrypt functions.
*/
data class AeadEncryptedDataAndTag(val data: UByteArray, val tag: UByteArray) data class AeadEncryptedDataAndTag(val data: UByteArray, val tag: UByteArray)
class AeadCorrupedOrTamperedDataException() : RuntimeException("MAC validation failed. Data is corrupted or tampered with.") /**
* An exception thrown when tag generated from received data and key doesn't match the received tag
*/
class AeadCorrupedOrTamperedDataException() : RuntimeException("Tag (authentication data) validation failed. Data is corrupted or tampered with.")
/**
* This is a form of symmetric encryption, that assures both confidentiality and authenticity of the data.
*
* Offered here are three implementations of (x)ChaCha20-Poly1305 construction:
* - ChaCha20Poly1305 - uses 64bit nonce
* - ChaCha20Poly1305-IETF - uses 96bit nonce (standardised by [RFC8439](https://tools.ietf.org/html/rfc8439)
* - XChaCha20Poly1305 - uses 192bit nonce - recommended choice
*
* The only difference is the size of the nonce, and how is the nonce used.
*
* (x)ChaCha20 is a streaming cipher develop by Daniel J. Bernstein. He is also the author of Poly1305 a fast Message
* Authentication Code system
*
* Libsodium offers two additional variants for each of the aforementioned variants:
* - Combined
* - Detached
*
* Combined mode returns encrypted data and tag as one UByteArray, while detached mode returns them as separate UByteArrays.
* To be kotlin idiomatic we are returning detached tag and encrypted data inside a wrapper data class [AeadEncryptedDataAndTag]
*/
expect object AuthenticatedEncryptionWithAssociatedData { expect object AuthenticatedEncryptionWithAssociatedData {
// X - Ietf // X - Ietf
fun xChaCha20Poly1305IetfEncrypt( fun xChaCha20Poly1305IetfEncrypt(