// BoxBeforeNm is the first have of the box operation and generates a unique key per
// public, secret key pair (recipient, sender). The key is returned in KeyOut which can
// then be pssed to BoxAfterNm or BoxOpenAfterNm. The same key can be used for all messages between
// the same recipient/sender (same key pairs) provided that a unique nonce is used each time.
// This function is an optimization as it allows the shared key to be generated once for
// multiple messages.
//
// Returns 0 on sucess, non-zero result on error.
func BoxBeforeNm(keyOut []byte, pk, sk []byte) int {
support.CheckSize(keyOut, BoxBeforeNmBytes(), "key output")
support.CheckSize(pk, BoxPublicKeyBytes(), "public key")
support.CheckSize(sk, BoxSecretKeyBytes(), "secret key")
return int(C.crypto_box_beforenm((*C.uchar)(&keyOut[0]), (*C.uchar)(&pk[0]), (*C.uchar)(&sk[0])))
}
func BoxSeedKeyPair(pkOut []byte, skOut []byte, seed []byte) int {
support.CheckSize(pkOut, BoxPublicKeyBytes(), "public key")
support.CheckSize(skOut, BoxSecretKeyBytes(), "secret key")
support.CheckSize(seed, BoxSeedBytes(), "seed")
return int(C.crypto_box_seed_keypair((*C.uchar)(&pkOut[0]), (*C.uchar)(&skOut[0]), (*C.uchar)(&seed[0])))
}
func SignEd25519SKToCurve25519(curve25519SK []byte, ed25519SK []byte) int {
support.CheckSize(curve25519SK, scalarmult.ScalarMultBytes(), "curve25519 secret key output")
support.CheckSize(ed25519SK, SignSecretKeyBytes(), "ed25519 secret key")
return int(C.crypto_sign_ed25519_sk_to_curve25519(
(*C.uchar)(&curve25519SK[0]), (*C.uchar)(&ed25519SK[0])))
}
func SignEd25519PKToCurve25519(curve25519PK []byte, ed25519PK []byte) int {
support.CheckSize(curve25519PK, scalarmult.ScalarMultBytes(), "curve25519 public key output")
support.CheckSize(ed25519PK, SignPublicKeyBytes(), "ed25519 public key")
return int(C.crypto_sign_ed25519_pk_to_curve25519(
(*C.uchar)(&curve25519PK[0]), (*C.uchar)(&ed25519PK[0])))
}
func SignEd25519SKToSeed(seed []byte, sk []byte) int {
support.CheckSize(seed, SignSeedBytes(), "seed output")
support.CheckSize(sk, SignSecretKeyBytes(), "secret key")
return int(C.crypto_sign_ed25519_sk_to_seed(
(*C.uchar)(&seed[0]), (*C.uchar)(&sk[0])))
}
func SignEd25519SKToPK(pkOut []byte, sk []byte) int {
support.CheckSize(pkOut, SignPublicKeyBytes(), "public key output")
support.CheckSize(sk, SignSecretKeyBytes(), "secret key")
return int(C.crypto_sign_ed25519_sk_to_pk(
(*C.uchar)(&pkOut[0]), (*C.uchar)(&sk[0])))
}
// OneTimeAuth computes a message authentication code (MAC) for the given input buffer and writes
// it to 'out'. 'out' must be a []byte of OneTimeAuthBytes() bytes. 'key' must not be used with
// any other messages.
//
// Returns: 0
// TODO: Can this ever return non-zero? If not should not return a value.
func OneTimeAuth(macOut []byte, message []byte, key []byte) int {
support.CheckSize(macOut, OneTimeAuthBytes(), "MAC output buffer")
support.CheckSize(key, OneTimeAuthKeyBytes(), "key")
return int(C.crypto_onetimeauth(
(*C.uchar)(&macOut[0]),
(*C.uchar)(&message[0]), (C.ulonglong)(len(message)),
(*C.uchar)(&key[0])))
}
// OneTimeAuthVerify verifies a message authentication code (MAC) for a given message and key.
//
// Returns: 0 if the MAC authenticates the message, -1 if not.
func OneTimeAuthVerify(mac, message, key []byte) int {
support.CheckSize(mac, OneTimeAuthBytes(), "MAC")
support.CheckSize(key, OneTimeAuthKeyBytes(), "key")
return int(C.crypto_onetimeauth_verify(
(*C.uchar)(&mac[0]),
(*C.uchar)(&message[0]), (C.ulonglong)(len(message)),
(*C.uchar)(&key[0])))
}
func BoxAfterNm(cypherTextOut []byte, message []byte, nonce, key []byte) int {
support.CheckSize(cypherTextOut, len(message), "cypher text output")
support.CheckSize(nonce, BoxNonceBytes(), "nonce")
support.CheckSize(key, BoxBeforeNmBytes(), "intermediate key")
return int(C.crypto_box_afternm((*C.uchar)(&cypherTextOut[0]),
(*C.uchar)(&message[0]), (C.ulonglong)(len(message)),
(*C.uchar)(&nonce[0]),
(*C.uchar)(&key[0])))
}
func SignOpen(messageOut []byte, sealedMessage []byte, pk []byte) int {
support.CheckSize(messageOut, len(sealedMessage)-SignBytes(), "message output")
support.CheckSize(pk, SignPublicKeyBytes(), "public key")
lenMessageOut := (C.ulonglong)(len(messageOut))
return int(C.crypto_sign_open(
(*C.uchar)(&messageOut[0]), (*C.ulonglong)(&lenMessageOut),
(*C.uchar)(&sealedMessage[0]), (C.ulonglong)(len(sealedMessage)),
(*C.uchar)(&pk[0])))
}
func boxSeal(cipherTextOut []byte, message []byte, pk []byte) int {
support.CheckSize(cipherTextOut, BoxMacBytes()+len(message), "cypher text output")
support.CheckSize(pk, BoxPublicKeyBytes(), "public key")
return int(C.crypto_box_seal(
(*C.uchar)(&cipherTextOut[0]),
(*C.uchar)(&message[0]),
(C.ulonglong)(len(message)),
(*C.uchar)(&pk[0])))
}
// SecretBoxOpen opens the authenticated cypher text produced by SecretBox and returns the original
// message plain text. The cypher text is authenticated prior to decryption to ensure it has not
// been modified from the original. The messageOut buffer must be the same size as the cypherText
// buffer and will be padded with SecretBoxZeroBytes() worth of leading zero bytes.
//
// Returns: 0 on success, non-zero on failure
func SecretBoxOpen(messageOut, cypherText, nonce, key []byte) int {
support.CheckSize(messageOut, len(cypherText), "message output")
support.CheckSize(nonce, SecretBoxNonceBytes(), "nonce")
support.CheckSize(key, SecretBoxKeyBytes(), "key")
return int(C.crypto_secretbox_open(
(*C.uchar)(&messageOut[0]),
(*C.uchar)(&cypherText[0]), (C.ulonglong)(len(cypherText)),
(*C.uchar)(&nonce[0]),
(*C.uchar)(&key[0])))
}
// SecretBox takes a message buffer, a random nonce, and a key and writes the encrypted, authenticated
// cypher text into the cypherTextOut buffer. The message buffer must have SecretBoxZeroBytes() worth
// of zero-padding at the start of it. The key may be reused across messages, but the nonce must be
// used only once for a given key. \
//
// Returns: 0 on success, non-zero on failure.
func SecretBox(cypherTextOut, message, nonce, key []byte) int {
support.CheckSize(cypherTextOut, len(message), "cypher text output")
support.CheckSize(nonce, SecretBoxNonceBytes(), "nonce")
support.CheckSize(key, SecretBoxKeyBytes(), "key")
return int(C.crypto_secretbox(
(*C.uchar)(&cypherTextOut[0]),
(*C.uchar)(&message[0]), (C.ulonglong)(len(message)),
(*C.uchar)(&nonce[0]),
(*C.uchar)(&key[0])))
}
func Sign(sealedMessageOut []byte, message []byte, sk []byte) int {
support.CheckSize(sealedMessageOut, SignBytes()+len(message), "sealed message output")
support.CheckSize(sk, SignSecretKeyBytes(), "secret key")
lenSealedMessageOut := (C.ulonglong)(len(sealedMessageOut))
return int(C.crypto_sign(
(*C.uchar)(&sealedMessageOut[0]), (*C.ulonglong)(&lenSealedMessageOut),
(*C.uchar)(&message[0]), (C.ulonglong)(len(message)),
(*C.uchar)(&sk[0])))
}
func BoxOpenAfterNm(messageOut []byte, cypherText []byte, nonce, key []byte) int {
support.CheckSize(messageOut, len(cypherText), "message output")
support.CheckSize(nonce, BoxNonceBytes(), "nonce")
support.CheckSize(key, BoxBeforeNmBytes(), "key")
return int(C.crypto_box_open_afternm(
(*C.uchar)(&messageOut[0]),
(*C.uchar)(&cypherText[0]), (C.ulonglong)(len(cypherText)),
(*C.uchar)(&nonce[0]),
(*C.uchar)(&key[0])))
}
func boxSealOpen(messageOut []byte, cypherText []byte, pk, sk []byte) int {
support.CheckSize(messageOut, BoxMacBytes()+len(cypherText), "message output")
support.CheckSize(pk, BoxPublicKeyBytes(), "public key")
support.CheckSize(sk, BoxSecretKeyBytes(), "secret key")
return int(C.crypto_box_seal_open(
(*C.uchar)(&messageOut[0]),
(*C.uchar)(&cypherText[0]),
(C.ulonglong)(len(cypherText)),
(*C.uchar)(&pk[0]),
(*C.uchar)(&sk[0])))
}
func Box(cypherTextOut []byte, message []byte, nonce, pk, sk []byte) int {
support.CheckSize(cypherTextOut, len(message), "cypher text output")
support.CheckSize(nonce, BoxNonceBytes(), "nonce")
support.CheckSize(pk, BoxPublicKeyBytes(), "public key")
support.CheckSize(sk, BoxSecretKeyBytes(), "secret key")
return int(C.crypto_box((*C.uchar)(&cypherTextOut[0]),
(*C.uchar)(&message[0]), (C.ulonglong)(len(message)),
(*C.uchar)(&nonce[0]),
(*C.uchar)(&pk[0]),
(*C.uchar)(&sk[0])))
}
func BoxEasyDetachedAfterNm(cipherTextOut []byte, message []byte, nonce, key []byte) int {
support.CheckSize(cipherTextOut, BoxMacBytes()+len(message), "cypher text output")
support.CheckSize(nonce, BoxNonceBytes(), "nonce")
support.CheckSize(key, BoxBeforeNmBytes(), "key")
return int(C.crypto_box_easy_afternm(
(*C.uchar)(&cipherTextOut[0]),
(*C.uchar)(&message[0]),
(C.ulonglong)(len(message)),
(*C.uchar)(&nonce[0]),
(*C.uchar)(&key[0])))
}
func BoxOpenEasy(messageOut []byte, cypherText []byte, nonce, pk, sk []byte) int {
support.CheckSize(messageOut, BoxMacBytes()+len(cypherText), "message output")
support.CheckSize(nonce, BoxNonceBytes(), "nonce")
support.CheckSize(pk, BoxPublicKeyBytes(), "public key")
support.CheckSize(sk, BoxSecretKeyBytes(), "secret key")
return int(C.crypto_box_open_easy(
(*C.uchar)(&messageOut[0]),
(*C.uchar)(&cypherText[0]),
(C.ulonglong)(len(cypherText)),
(*C.uchar)(&nonce[0]),
(*C.uchar)(&pk[0]),
(*C.uchar)(&sk[0])))
}
func boxOpenDetached(messageOut []byte, message []byte, mac, nonce, pk, sk []byte) int {
support.CheckSize(messageOut, BoxMacBytes()+len(message), "cipher text output")
support.CheckSize(mac, BoxMacBytes(), "mac")
support.CheckSize(nonce, BoxNonceBytes(), "nonce")
support.CheckSize(pk, BoxPublicKeyBytes(), "public key")
support.CheckSize(sk, BoxSecretKeyBytes(), "secret key")
return int(C.crypto_box_detached(
(*C.uchar)(&messageOut[0]),
(*C.uchar)(&message[0]),
(*C.uchar)(&mac[0]),
(C.ulonglong)(len(message)),
(*C.uchar)(&nonce[0]),
(*C.uchar)(&pk[0]),
(*C.uchar)(&sk[0])))
}
// OneTimeAuthFinal writes the final message authentication code to macOut based on the
// state computed by OneTimeAuthInit and OneTimeAuthUpdate. Once this function is called
// state is deallocated and may never be accessed again; this function must be called
// exactly once for each call to OneTimeAuthInit to avoid leaking memory.
func OneTimeAuthFinal(state OneTimeAuthState, macOut []byte) int {
support.CheckSize(macOut, OneTimeAuthBytes(), "MAC output buffer")
r := int(C.crypto_onetimeauth_final((*C.crypto_onetimeauth_state)(state),
(*C.uchar)(&macOut[0])))
C.free((unsafe.Pointer)(state))
return r
}
func GenericHashSaltPersonal(hashOut []byte, message []byte, key []byte, salt []byte, personal []byte) int {
checkHashOutSize(hashOut)
checkKeySize(key)
support.CheckSize(salt, GenericHashSaltBytes(), "salt")
support.CheckSize(personal, GenericHashPersonalBytes(), "personal")
if key == []byte(nil) {
return int(C.crypto_generichash_blake2b_salt_personal(
(*C.uchar)(&hashOut[0]), (C.size_t)(len(hashOut)),
(*C.uchar)(&message[0]), (C.ulonglong)(len(message)),
nil, (C.size_t)(0),
(*C.uchar)(&salt[0]),
(*C.uchar)(&personal[0])))
}
return int(C.crypto_generichash_blake2b_salt_personal(
(*C.uchar)(&hashOut[0]), (C.size_t)(len(hashOut)),
(*C.uchar)(&message[0]), (C.ulonglong)(len(message)),
(*C.uchar)(&key[0]), (C.size_t)(len(key)),
(*C.uchar)(&salt[0]),
(*C.uchar)(&personal[0])))
}
func ScalarMultBase(pkOut []byte, skIn []byte) int {
support.CheckSize(pkOut, cryptobox.BoxPublicKeyBytes(), "public key")
support.CheckSize(skIn, cryptobox.BoxSecretKeyBytes(), "secret key")
return int(C.crypto_scalarmult_base((*C.uchar)(&pkOut[0]), (*C.uchar)(&skIn[0])))
}
func SignKeyPair(pkOut []byte, skOut []byte) int {
support.CheckSize(pkOut, SignPublicKeyBytes(), "sign key pair public")
support.CheckSize(skOut, SignSecretKeyBytes(), "sign key pair secret")
return int(C.crypto_sign_keypair((*C.uchar)(&pkOut[0]), (*C.uchar)(&skOut[0])))
}