本文整理汇总了Golang中golang.org/x/crypto/nacl/box.Open函数的典型用法代码示例。如果您正苦于以下问题:Golang Open函数的具体用法?Golang Open怎么用?Golang Open使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了Open函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。
示例1: decryptMessageInner
func decryptMessageInner(sealed []byte, nonce *[24]byte, from *Contact) ([]byte, bool) {
if plaintext, ok := box.Open(nil, sealed, nonce, &from.theirLastDHPublic, &from.lastDHPrivate); ok {
return plaintext, true
}
if plaintext, ok := box.Open(nil, sealed, nonce, &from.theirCurrentDHPublic, &from.lastDHPrivate); ok {
return plaintext, true
}
plaintext, ok := box.Open(nil, sealed, nonce, &from.theirLastDHPublic, &from.currentDHPrivate)
if !ok {
plaintext, ok = box.Open(nil, sealed, nonce, &from.theirCurrentDHPublic, &from.currentDHPrivate)
if !ok {
return nil, false
}
}
// They have clearly received our current DH value. Time to
// rotate.
copy(from.lastDHPrivate[:], from.currentDHPrivate[:])
if _, err := io.ReadFull(rand.Reader, from.currentDHPrivate[:]); err != nil {
panic(err)
}
return plaintext, true
}示例2: decryptMessage
func decryptMessage(sealed []byte, from *Contact) ([]byte, error) {
if from.ratchet != nil {
plaintext, err := from.ratchet.Decrypt(sealed)
if err != nil {
return nil, err
}
return plaintext, nil
}
var nonce [24]byte
if len(sealed) < len(nonce) {
return nil, errors.New("message shorter than nonce")
}
copy(nonce[:], sealed)
sealed = sealed[24:]
headerLen := ephemeralBlockLen - len(nonce)
if len(sealed) < headerLen {
return nil, errors.New("message shorter than header")
}
publicBytes, ok := decryptMessageInner(sealed[:headerLen], &nonce, from)
if !ok || len(publicBytes) != 32 {
return nil, errors.New("failed to decrypt inner message")
}
var innerNonce [nonceLen]byte
sealed = sealed[headerLen:]
copy(innerNonce[:], sealed)
sealed = sealed[nonceLen:]
var ephemeralPublicKey [32]byte
copy(ephemeralPublicKey[:], publicBytes)
if plaintext, ok := box.Open(nil, sealed, &innerNonce, &ephemeralPublicKey, &from.lastDHPrivate); ok {
return plaintext, nil
}
plaintext, ok := box.Open(nil, sealed, &innerNonce, &ephemeralPublicKey, &from.currentDHPrivate)
if !ok {
return nil, errors.New("failed to decrypt with either DH values (old ratchet)")
}
// They have clearly received our current DH value. Time to
// rotate.
copy(from.lastDHPrivate[:], from.currentDHPrivate[:])
if _, err := io.ReadFull(rand.Reader, from.currentDHPrivate[:]); err != nil {
panic(err)
}
return plaintext, nil
}示例3: Read
// Reads an encrypted message from the reader expecting the following structure:
// The first two bytes are the length(x) of the encrypted message.
// The next 24 bytes are the nonce.
// The next x bytes is the encrypted message.
func (s *SecureReader) Read(p []byte) (int, error) {
er := &errReader{r: s.reader}
plen := make([]byte, 2)
er.read(plen)
payloadLen, err := binary.ReadVarint(bytes.NewBuffer(plen))
if err != nil {
return 0, errors.New("Invalid length bytes")
}
nonce := make([]byte, 24)
er.read(nonce)
payload := make([]byte, payloadLen)
er.read(payload)
if er.err != nil {
return 0, er.err
}
nonceArray := &[24]byte{}
copy(nonceArray[:], nonce)
message, success := box.Open(nil, payload, nonceArray, s.pub, s.priv)
if !success {
return 0, errors.New("Decrypt failure")
}
copy(p, message)
return len(message), nil
}示例4: Read
// Read decrypts a stream encrypted with box.Seal.
// It expects the nonce used to be prepended
// to the ciphertext
func (s Reader) Read(p []byte) (int, error) {
// make a buffer large enough to handle
// the overhead associated with an encrypted message
// (the tag and nonce)
enc := make([]byte, (len(p) + TotalOverhead))
n, err := s.r.Read(enc)
if err != nil {
return n, err
}
// strip off the nonce
// and any extra space at the end of the buffer
nonceSlice := enc[:NonceSize]
enc = enc[NonceSize:n]
// convert the slice to an array
// for use in box.Open
var nonce [NonceSize]byte
copy(nonce[:], nonceSlice)
decrypt, auth := box.Open(nil, enc, &nonce, s.pub, s.priv)
// if authentication failed, output bottom
if !auth {
return 0, ErrDecrypt
}
if len(decrypt) > len(p) {
return 0, ErrDecrypt
}
n = copy(p, decrypt)
return n, nil
}示例5: boxOpen
func boxOpen(encryptedData []byte, nonce [24]byte, peersPublicKey NaclDHKeyPublic, privateKey *NaclDHKeyPrivate) ([]byte, error) {
data, ok := box.Open(nil, encryptedData, &nonce, (*[32]byte)(&peersPublicKey), (*[32]byte)(privateKey))
if ok {
return data, nil
}
return data, DecryptionError{}
}示例6: decrypt
func (d *Decrypter) decrypt(bm *boxedMessage) ([]byte, error) {
plaintext, ok := box.Open(nil, bm.Box, &bm.Nonce, &bm.EncrypterPublic, &d.Keypair.Private)
if !ok {
return nil, ErrDecryptionFailed
}
return plaintext, nil
}示例7: Open
func (c *Conversation) Open(ctxt []byte, round uint32, role byte) ([]byte, bool) {
var nonce [24]byte
binary.BigEndian.PutUint32(nonce[:], round)
nonce[23] = role
return box.Open(nil, ctxt, &nonce, c.peerPublicKey.Key(), c.myPrivateKey.Key())
}示例8: Read
// Read decrypts a message from the underlying data stream, and stores
// the contents into out, returning the number of bytes read, and any
// error occurred while reading the data. The encrypted data contains
// the nonce (24 bytes), box size (2 bytes), and box (remaining bytes).
func (r *SecureReader) Read(out []byte) (n int, err error) {
// "Sticky error" read function.
read := func(buf []byte) {
if err != nil {
return
}
_, err = io.ReadFull(r.r, buf)
}
var (
nonce [24]byte
size = make([]byte, 2)
)
read(nonce[:])
read(size)
boxed := make([]byte, binary.LittleEndian.Uint16(size)) // Allocate the box bytes.
read(boxed)
if err != nil {
return
}
message, ok := box.Open(out[:0], boxed, &nonce, r.ppub, r.priv)
if !ok {
err = errors.New("cannot open box")
}
n = len(message)
return
}示例9: decode
func (h *decodeHeader) decode() (data []byte, version int, err error) {
if !h.gotRecipient {
err = errors.New("Cannot decode header until recipient defined")
panic(err)
}
// Length to decode should be lenEndBytes plus the NaCl Box overhead
var senderPK [32]byte
copy(senderPK[:], h.header[16:48])
var nonce [24]byte
copy(nonce[:], h.header[48:72])
data, auth := box.Open(
nil,
h.header[72:248],
&nonce,
&senderPK,
&h.recipientSK,
)
if !auth {
err = errors.New("Authentication failed decrypting slot data")
return
}
// Version number is the first byte of decrypted data
version = int(data[0])
return
}示例10: Read
// Read reads a complete length-prefixed message from sr.from and
// decrypts it into p. It returns the number of bytes read from thea
// reader.
//
// If the message has a wrong signature, it returns
// an ErrBadMessage.
func (sr secureReader) Read(p []byte) (n int, err error) {
var l uint16
err = binary.Read(sr.from, binary.BigEndian, &l)
if err != nil {
return 0, err
}
content := make([]byte, l)
nn, err := sr.from.Read(content)
if err != nil {
return 0, err
}
if nn != len(content) {
return 0, ErrShortSecureRead
}
// Make sure p is big enough
if len(p) < int(l)-24-box.Overhead {
return 0, ErrShortSecureRead
}
var nonce [24]byte
copy(nonce[:], content[:])
_, ok := box.Open(p[:0], content[len(nonce):], &nonce, sr.pub, sr.priv)
if !ok {
err = ErrBadMessage
}
return int(l) - len(nonce) - box.Overhead, err
}示例11: Read
// Read a decrypted message into p.
//
// The SecureReader reads the contents written by a SecureWriter.
// It will attempt to read/parse according to the following format:
//
// - Nonce: nonceSize bytes (in this case, 24)
// - Message Length (uint32): length of the encrypted message, in bytes.
// - Encrypted Message: the encrypted message itself.
//
// It decrypts the message using the nonce and the values of the
// SecureReader's public and private keys and copies the decrypted
// message into the first n bytes of p.
//
// Returns the length (in bytes) of the decrypted message.
func (r SecureReader) Read(p []byte) (n int, err error) {
// read the nonce
var nonce [nonceSize]byte
err = binary.Read(r.reader, binary.LittleEndian, &nonce)
if err != nil && err != io.EOF {
return 0, errors.New("could not read nonce: " + err.Error())
}
// read the length of the encrypted message
var msgLen uint32
err = binary.Read(r.reader, binary.LittleEndian, &msgLen)
if err != nil && err != io.EOF {
return 0, errors.New("could not read message length: " + err.Error())
}
// read the encrypted message itself
encrypted := make([]byte, msgLen)
err = binary.Read(r.reader, binary.LittleEndian, &encrypted)
if err != nil && err != io.EOF {
return 0, errors.New("could not read encrypted message: " + err.Error())
}
// decrypt the message
decrypted, res := box.Open(nil, encrypted, &nonce, r.publicKey, r.privateKey)
if res == false {
return 0, errors.New("error decrypting mesage with box.Open")
}
copy(p, decrypted)
return int(msgLen) - secretbox.Overhead, nil
}示例12: Open
func (t KeyPairType) Open(message, nonce, peersPublicKey, privateKey []byte) ([]byte, error) {
if err := t.checkNonceAndKeys(nonce, peersPublicKey, privateKey); err != nil {
return nil, err
}
switch t {
case Curve25519:
var (
ok bool
pubKey, privKey [32]byte
n [24]byte
)
copy(n[:], nonce)
copy(pubKey[:], peersPublicKey)
copy(privKey[:], privateKey)
out := make([]byte, 0, len(message)-box.Overhead)
out, ok = box.Open(out, message, &n, &pubKey, &privKey)
if !ok {
return nil, ErrMessageIntegrityFailed
}
return out, nil
default:
return nil, ErrInvalidKey
}
}示例13: ReadNextEncryptedMessage
// Blocking read until the whole encrypted message is received
// Encrypted messages are in the format:
// message = | 4-byte little-endian uint32 for payload size | payload |
// payload = | 24-byte nonce | encrypted message |
func (sr *SecureReader) ReadNextEncryptedMessage() error {
// Read the payload size out of the buffer
var payloadSize uint32
err := binary.Read(sr.r, binary.LittleEndian, &payloadSize)
if err != nil {
if err != io.EOF {
log.Println("Error reading payloadSize from buffer", err)
}
return err
}
// Read the payload
data := make([]byte, payloadSize)
_, err = io.ReadFull(sr.r, data)
if err != nil {
log.Println("Error reading payload from buffer", err)
return err
}
// Unpack the nonce and encrypted message
nonce := data[0:24]
encrypted := data[24:]
// Decrypt the encrypted message
var nonceBuf [24]byte
copy(nonceBuf[:], nonce)
decrypted, success := box.Open(make([]byte, 0), encrypted, &nonceBuf, sr.pub, sr.priv)
if success {
sr.leftover = decrypted
return nil
} else {
log.Println("Error decrypting message")
return &ReadError{"Error decrypting message"}
}
}示例14: Unbox
// Unbox runs the NaCl unbox operation on the given ciphertext and nonce,
// using the receiver as the secret key.
func (k SecretKey) Unbox(sender saltpack.BoxPublicKey, nonce *saltpack.Nonce, msg []byte) ([]byte, error) {
ret, ok := box.Open([]byte{}, msg, (*[24]byte)(nonce), (*[32]byte)(sender.ToRawBoxKeyPointer()), (*[32]byte)(&k.sec))
if !ok {
return nil, saltpack.ErrDecryptionFailed
}
return ret, nil
}示例15: decodeCaveatIdV0
// decodeCaveatIdV0 decodes a version 0 caveat id.
func decodeCaveatIdV0(key *KeyPair, id []byte) (caveatInfo, error) {
if len(id) < 1+publicKeyPrefixLen+KeyLen+NonceLen+box.Overhead {
return caveatInfo{}, errgo.New("caveat id too short")
}
id = id[1:] // skip version (already checked)
publicKeyPrefix, id := id[:publicKeyPrefixLen], id[publicKeyPrefixLen:]
if !bytes.Equal(key.Public.Key[:publicKeyPrefixLen], publicKeyPrefix) {
return caveatInfo{}, errgo.New("public key mismatch")
}
var peerPublicKey PublicKey
copy(peerPublicKey.Key[:], id[:KeyLen])
id = id[KeyLen:]
var nonce [NonceLen]byte
copy(nonce[:], id[:NonceLen])
id = id[NonceLen:]
data, ok := box.Open(nil, id, &nonce, peerPublicKey.boxKey(), key.Private.boxKey())
if !ok {
return caveatInfo{}, errgo.Newf("cannot decrypt caveat id")
}
ci, err := decodeSecretPartV0(data)
if err != nil {
return caveatInfo{}, errgo.Notef(err, "invalid secret part")
}
ci.peerPublicKey = &peerPublicKey
return ci, nil
}