...
1
2
3
4
5
6
7
8 package chacha20poly1305
9
10 import (
11 "crypto/cipher"
12 "errors"
13 )
14
15 const (
16
17 KeySize = 32
18
19
20
21
22
23
24 NonceSize = 12
25
26
27
28 NonceSizeX = 24
29
30
31
32 Overhead = 16
33 )
34
35 type chacha20poly1305 struct {
36 key [KeySize]byte
37 }
38
39
40 func New(key []byte) (cipher.AEAD, error) {
41 if len(key) != KeySize {
42 return nil, errors.New("chacha20poly1305: bad key length")
43 }
44 ret := new(chacha20poly1305)
45 copy(ret.key[:], key)
46 return ret, nil
47 }
48
49 func (c *chacha20poly1305) NonceSize() int {
50 return NonceSize
51 }
52
53 func (c *chacha20poly1305) Overhead() int {
54 return Overhead
55 }
56
57 func (c *chacha20poly1305) Seal(dst, nonce, plaintext, additionalData []byte) []byte {
58 if len(nonce) != NonceSize {
59 panic("chacha20poly1305: bad nonce length passed to Seal")
60 }
61
62 if uint64(len(plaintext)) > (1<<38)-64 {
63 panic("chacha20poly1305: plaintext too large")
64 }
65
66 return c.seal(dst, nonce, plaintext, additionalData)
67 }
68
69 var errOpen = errors.New("chacha20poly1305: message authentication failed")
70
71 func (c *chacha20poly1305) Open(dst, nonce, ciphertext, additionalData []byte) ([]byte, error) {
72 if len(nonce) != NonceSize {
73 panic("chacha20poly1305: bad nonce length passed to Open")
74 }
75 if len(ciphertext) < 16 {
76 return nil, errOpen
77 }
78 if uint64(len(ciphertext)) > (1<<38)-48 {
79 panic("chacha20poly1305: ciphertext too large")
80 }
81
82 return c.open(dst, nonce, ciphertext, additionalData)
83 }
84
85
86
87
88
89 func sliceForAppend(in []byte, n int) (head, tail []byte) {
90 if total := len(in) + n; cap(in) >= total {
91 head = in[:total]
92 } else {
93 head = make([]byte, total)
94 copy(head, in)
95 }
96 tail = head[len(in):]
97 return
98 }
99
View as plain text