allemang.d/zig-experiments
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

WIP: dh / aes testing

Browse Source
This commit is contained in:
David Allemang
2024-03-04 17:24:44 -05:00
parent 09e08c3c4c
commit 7cd5f61256
1 changed files with 110 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

120
src/main.zig
View File

@@ -1,19 +1,119 @@
const std = @import("std");
const DH = std.crypto.dh.X25519;
const AES = std.crypto.aead.aes_gcm.Aes256Gcm;
const SHA = std.crypto.hash.sha2.Sha256;
const Encryptor = struct {
const Self = @This();
kp: DH.KeyPair,
pub fn init() !Self {
const self = Self{};
var seed: [DH.seed_length]u8 = undefined;
std.crypto.random.bytes(&seed);
self.kp = try DH.KeyPair.create(seed);
@memset(seed, 0);
return self;
}
};
const Peer = struct {
const Self = @This();
public_key: [DH.public_length]u8,
shared_key: [AES.key_length]u8,
pub fn init(me: DH.KeyPair, peer_key: [DH.public_length]u8) Self {
const self = Self{ .public_key = peer_key };
const secret = try DH.scalarmult(me.secret_key, peer_key);
SHA.hash(&secret, self.shared_key, .{});
return self;
}
pub fn encrypt(ally: std.mem.Allocator, msg: []const u8) !Packet {
var pkt: Packet = undefined;
std.crypto.random.bytes(&pkt.nonce);
}
};
const Packet = struct {
ally: std.mem.Allocator,
nonce: [AES.tag_length]u8,
cipher_text: []u8,
};
pub fn main() !void {
// Prints to stderr (it's a shortcut based on `std.io.getStdErr()`)
std.debug.print("All your {s} are belong to us.\n", .{"codebase"});
const me = try Encryptor.init();
const him = try Encryptor.init();
// stdout is for the actual output of your application, for example if you
// are implementing gzip, then only the compressed bytes should be sent to
// stdout, not any debugging messages.
const stdout_file = std.io.getStdOut().writer();
var bw = std.io.bufferedWriter(stdout_file);
const stdout = bw.writer();
const my_peer = Peer.init(me, him.kp.public_key);
const his_peer = Peer.init(him, me.kp.public_key);
try stdout.print("Run `zig build test` to run the tests.\n", .{});
var seed: [dh.X25519.seed_length]u8 = undefined;
std.crypto.random.bytes(&seed);
const kp1 = try dh.X25519.KeyPair.create(seed);
std.crypto.random.bytes(&seed);
const kp2 = try dh.X25519.KeyPair.create(seed);
try bw.flush(); // don't forget to flush!
std.debug.print("{any}\n{any}\n\n", .{ kp1.public_key, kp1.secret_key });
std.debug.print("{any}\n{any}\n\n", .{ kp2.public_key, kp2.secret_key });
const sec_1 = try dh.X25519.scalarmult(kp1.secret_key, kp2.public_key);
const sec_2 = try dh.X25519.scalarmult(kp2.secret_key, kp1.public_key);
var key: [aead.aes_gcm.Aes256Gcm.key_length]u8 = undefined;
std.crypto.hash.sha2.Sha256.hash(&sec_1, &key, .{});
std.debug.print("{any}\n", .{sec_1});
std.debug.print("{any}\n", .{sec_2});
var gpa = std.heap.GeneralPurposeAllocator(.{}){};
const ally = gpa.allocator();
const m: []const u8 = "hello world!";
const ad: []const u8 = "foo";
// see https://crypto.stackexchange.com/a/5818
// the nonce does not need to be random, it can be a counter
// it can be sent in clear, or each end may deduce it
// but it ___MUST___ be unique and unrelated to the key
var iv: [aead.aes_gcm.Aes256Gcm.nonce_length]u8 = undefined;
std.crypto.random.bytes(&iv);
const c: []u8 = try ally.alloc(u8, m.len);
defer ally.free(c);
@memset(c, 0);
var tag: [aead.aes_gcm.Aes256Gcm.tag_length]u8 = undefined;
std.debug.print("c: {any}\n", .{c});
aead.aes_gcm.Aes256Gcm.encrypt(c, &tag, m, ad, iv, key);
std.debug.print("{any} {any} {any}\n", .{ c, tag, iv });
// aead.aes_gcm.Aes256Gcm.encrypt(c: []u8, tag: *[tag_length]u8, m: []const u8, ad: []const u8, npub: [nonce_length]u8, key: [key_length]u8)
// var seed_a = [sign.Ed25519.KeyPair.seed_length]u8;
// std.crypto.random.bytes(&seed_a);
// const pair_a = try sign.Ed25519.KeyPair.create(seed_a);
// var pubkey_a = dh.X25519.publicKeyFromEd25519(pair_a.public_key);
//
// var seed_b = [sign.Ed25519.KeyPair.seed_length]u8;
// std.crypto.random.bytes(&seed_b);
// const pair_b = try sign.Ed25519.KeyPair.create(seed_b);
// var pubkey_b = try dh.X25519.publicKeyFromEd25519(pair_b.public_key);
// var buf: [64]u8 = undefined;
// @memset(&buf, 0);
// std.debug.print("{any}\n", .{buf});
// std.crypto.random.bytes(&buf);
// std.debug.print("{any}\n", .{buf});
}
test "simple test" {