r00t2/go_chacha20poly1305_openssh
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

initial release. tests pass at least.

Browse Source
This commit is contained in:
brent s.
2023-01-10 07:24:12 -05:00
parent 7b000530f3
commit 29dea9ae1f
19 changed files with 3443 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
funcs.go Normal file
View File

@@ -0,0 +1,33 @@
package cc20p1305ssh
/*
New returns a cipher.AEAD from KDF-derived key.
Currently, key should be KDFKeySize bytes and returned by bcrypt_pbkdf as it's currently the
only OpenSSH-supported KDF. It is up to the caller to perform the appropriate KDF.
Per the chacha20polycom1305@openssh.com specification, only the first KeySize bytes of key
is used for encrypting the private key. The second half (the canonical key is 64 bytes)
would be used for traffic purposes, but since this is a static blob it is not used.
If key is nil or <KDFKeySize bytes in length, an error ErrInvalidKeySize will be returned.
*DO NOT USE crypter FOR STREAMS. THIS SHOULD ONLY BE USED TO ENCRYPT AN OPENSSH PRIVATE KEY.*
*/
func New(key []byte) (crypter *ChaCha20Poly1305OpenSSH, err error) {
var crypterReal ChaCha20Poly1305OpenSSH
if key == nil || len(key) < KDFKeySize {
err = ErrInvalidKeySize
return
}
crypterReal = ChaCha20Poly1305OpenSSH{}
copy(crypterReal.kdfKey[:], key[:KDFKeySize])
copy(crypterReal.realKey[:], key[:KeySize])
crypter = &crypterReal
return
}