-
Notifications
You must be signed in to change notification settings - Fork 426
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Replace libsodium with cryptology (#558)
* use bouncycastle in cryptosign auth * add missing space * add unit tests for CryptosignAuth * replace libsodium with bouncy castle in SecretBox * add missing EOL * add function to create sealedbox nonce * add function to compute shared secret for sealedbox * implement the libsodium compatible seal function * implement the libsodium compatible unseal function * make encrypt to only use the new code * remove dependency of libsodium * use correct version of web3j * use correct dependencies * add HSalsa20 implementation based on bouncy castle * make HSALSA20_SEED global,static variable * add lisence for HSalsa20 * update web3j and java * use cryptology * exclude bouncy-castle from cryptology * remove unnecessary checkLength() function * update cryptology --------- Co-authored-by: Omer Akram <omer@thing.com>
- Loading branch information
1 parent
23673d3
commit 9236159
Showing
13 changed files
with
305 additions
and
112 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,65 +1,39 @@ | ||
package xbr.network.crypto; | ||
|
||
import org.libsodium.jni.crypto.Random; | ||
import org.libsodium.jni.crypto.Util; | ||
import org.libsodium.jni.encoders.Encoder; | ||
|
||
import java.util.Arrays; | ||
|
||
import static org.libsodium.jni.NaCl.sodium; | ||
import static org.libsodium.jni.SodiumConstants.BOXZERO_BYTES; | ||
import static org.libsodium.jni.SodiumConstants.XSALSA20_POLY1305_SECRETBOX_KEYBYTES; | ||
import static org.libsodium.jni.SodiumConstants.XSALSA20_POLY1305_SECRETBOX_NONCEBYTES; | ||
import static org.libsodium.jni.SodiumConstants.ZERO_BYTES; | ||
import static org.libsodium.jni.crypto.Util.checkLength; | ||
import static org.libsodium.jni.crypto.Util.isValid; | ||
import static org.libsodium.jni.crypto.Util.removeZeros; | ||
import static io.xconn.cryptology.SecretBox.box; | ||
import static io.xconn.cryptology.SecretBox.boxOpen; | ||
import static io.xconn.cryptology.Util.checkLength; | ||
import static io.xconn.cryptology.Util.generateRandomBytesArray; | ||
|
||
import static xbr.network.Util.NONCE_SIZE; | ||
import static xbr.network.Util.SECRET_KEY_LEN; | ||
|
||
public class SecretBox { | ||
|
||
private byte[] mKey; | ||
private Encoder mEncoder; | ||
private final byte[] mKey; | ||
|
||
public SecretBox(byte[] key) { | ||
checkLength(key, XSALSA20_POLY1305_SECRETBOX_KEYBYTES); | ||
mEncoder = Encoder.RAW; | ||
mKey = key; | ||
checkLength(key, SECRET_KEY_LEN); | ||
mKey = Arrays.copyOf(key, key.length); | ||
} | ||
|
||
public byte[] encrypt(byte[] message) { | ||
byte[] nonce = new Random().randomBytes(XSALSA20_POLY1305_SECRETBOX_NONCEBYTES); | ||
byte[] nonce = generateRandomBytesArray(NONCE_SIZE); | ||
return encrypt(nonce, message); | ||
} | ||
|
||
public byte[] encrypt(byte[] nonce, byte[] message) { | ||
checkLength(nonce, XSALSA20_POLY1305_SECRETBOX_NONCEBYTES); | ||
byte[] msg = org.libsodium.jni.crypto.Util.prependZeros(ZERO_BYTES, message); | ||
byte[] ct = org.libsodium.jni.crypto.Util.zeros(msg.length); | ||
isValid(sodium().crypto_secretbox_xsalsa20poly1305(ct, msg, msg.length, | ||
nonce, mKey), "Encryption failed"); | ||
byte[] cipherWithoutNonce = removeZeros(BOXZERO_BYTES, ct); | ||
byte[] ciphertext = new byte[cipherWithoutNonce.length + | ||
XSALSA20_POLY1305_SECRETBOX_NONCEBYTES]; | ||
public byte[] encrypt(byte[] nonce, byte[] plaintext) { | ||
byte[] cipherWithoutNonce = box(nonce, plaintext, mKey); | ||
byte[] ciphertext = new byte[cipherWithoutNonce.length + NONCE_SIZE]; | ||
System.arraycopy(nonce, 0, ciphertext, 0, nonce.length); | ||
System.arraycopy(cipherWithoutNonce, 0, ciphertext, nonce.length, | ||
cipherWithoutNonce.length); | ||
System.arraycopy(cipherWithoutNonce, 0, ciphertext, nonce.length, cipherWithoutNonce.length); | ||
return ciphertext; | ||
} | ||
|
||
public byte[] decrypt(byte[] ciphertext) { | ||
byte[] nonce = Arrays.copyOfRange(ciphertext, 0, XSALSA20_POLY1305_SECRETBOX_NONCEBYTES); | ||
byte[] message = Arrays.copyOfRange(ciphertext, XSALSA20_POLY1305_SECRETBOX_NONCEBYTES, | ||
ciphertext.length); | ||
return decrypt(nonce, message); | ||
} | ||
|
||
public byte[] decrypt(byte[] nonce, byte[] ciphertext) { | ||
checkLength(nonce, XSALSA20_POLY1305_SECRETBOX_NONCEBYTES); | ||
byte[] ct = org.libsodium.jni.crypto.Util.prependZeros(BOXZERO_BYTES, ciphertext); | ||
byte[] message = Util.zeros(ct.length); | ||
isValid(sodium().crypto_secretbox_xsalsa20poly1305_open(message, ct, | ||
ct.length, nonce, mKey), "Decryption failed. Ciphertext failed verification"); | ||
return removeZeros(ZERO_BYTES, message); | ||
byte[] nonce = Arrays.copyOfRange(ciphertext, 0, NONCE_SIZE); | ||
byte[] message = Arrays.copyOfRange(ciphertext, NONCE_SIZE, ciphertext.length); | ||
return boxOpen(nonce, message, mKey); | ||
} | ||
} |
Oops, something went wrong.