public byte[] blake2(byte[] message) throws UnsupportedOperationException { byte[] buffer = new byte[CRYPTO_GENERICHASH_BLAKE2B_BYTES]; sodium().crypto_generichash_blake2b(buffer, CRYPTO_GENERICHASH_BLAKE2B_BYTES, message, message.length, null, 0); return buffer; }
/** * This is a Java synchronized wrapper around libsodium's init function. * LibSodium's init function is not thread-safe. * * Check libsodium's documentation for more info. */ public static synchronized int init() { return sodium().sodium_init(); } }
public Aead useAesGcm() { if (sodium().crypto_aead_aes256gcm_is_available() != 1) { throw new RuntimeException("AES-GCM requires hardware support"); } aesGcm = true; return this; }
public byte[] sha512(byte[] message) { byte[] buffer = new byte[CRYPTO_HASH_SHA512_BYTES]; sodium().crypto_hash_sha512(buffer, message, message.length); return buffer; }
public byte[] deriveKey(int length, byte[] passwd, byte[] salt, int opslimit, long memlimit) { byte[] buffer = new byte[length]; sodium().crypto_pwhash_scryptsalsa208sha256(buffer, buffer.length, passwd, passwd.length, salt, opslimit, memlimit); return buffer; }
public boolean verify(byte[] hashed_passwd, byte[] passwd) { int result = sodium().crypto_pwhash_scryptsalsa208sha256_str_verify(hashed_passwd, passwd, passwd.length); return result == 0; } }
public byte[] randomBytes() { byte[] buffer = new byte[DEFAULT_SIZE]; sodium().randombytes(buffer, DEFAULT_SIZE); return buffer; } }
public byte[] encrypt(byte[] message) { if (publicKey == null) throw new RuntimeException("Encryption failed. Public key not available."); byte[] ct = new byte[message.length + CRYPTO_BOX_SEALBYTES]; isValid(sodium().crypto_box_seal( ct, message, message.length, publicKey), "Encryption failed"); return ct; }
public Aead(byte[] key) { this.key = key; // both CHACHAPOLY and AESGCM use 32 byte keys checkLength(key, CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES); sodium().sodium_init(); // needs to be called here for aes256gcm_is_available() to work }
public byte[] sign(byte[] message) { byte[] signature = new byte[CRYPTO_SIGN_ED25519_BYTES]; LongLongByReference bufferLen = new LongLongByReference(0); sodium().crypto_sign_ed25519_detached(signature, bufferLen, message, message.length, secretKey); return signature; }
public String hash(byte[] passwd, Encoder encoder, int opslimit, long memlimit) { byte[] buffer = new byte[CRYPTO_PWHASH_SCRYPTSALSA208SHA256_STRBYTES]; sodium().crypto_pwhash_scryptsalsa208sha256_str(buffer, passwd, passwd.length, opslimit, memlimit); return encoder.encode(buffer); }
public byte[] siphash24(byte[] message, byte[] key) { byte[] buffer = new byte[CRYPTO_SHORTHASH_SIPHASH24_BYTES]; checkLength(key, CRYPTO_SHORTHASH_SIPHASH24_KEYBYTES); isValid(sodium().crypto_shorthash_siphash24(buffer, message, message.length, key), "Hashing failed"); return buffer; }
public KeyPair() { this.secretKey = zeros(CRYPTO_BOX_CURVE25519XSALSA20POLY1305_SECRETKEYBYTES); this.publicKey = zeros(CRYPTO_BOX_CURVE25519XSALSA20POLY1305_PUBLICKEYBYTES); sodium().crypto_box_curve25519xsalsa20poly1305_keypair(publicKey, secretKey); }
protected byte[] decryptChaChaPoly(byte[] publicNonce, byte[] ciphertext, byte[] additionalData) { checkLength(publicNonce, CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES); byte[] msg = zeros(ciphertext.length - CRYPTO_AEAD_CHACHA20POLY1305_ABYTES); isValid(sodium().crypto_aead_chacha20poly1305_decrypt(msg, null, null, ciphertext, ciphertext.length, additionalData, additionalData.length, publicNonce, key), "Decryption failed. Ciphertext failed verification"); return msg; }
protected byte[] decryptAesGcm(byte[] publicNonce, byte[] ciphertext, byte[] additionalData) { checkLength(publicNonce, CRYPTO_AEAD_AES256GCM_NPUBBYTES); byte[] msg = zeros(ciphertext.length - CRYPTO_AEAD_AES256GCM_ABYTES); isValid(sodium().crypto_aead_aes256gcm_decrypt(msg, null, null, ciphertext, ciphertext.length, additionalData, additionalData.length, publicNonce, key), "Decryption failed. Ciphertext failed verification"); return msg; } }
protected byte[] encryptChaChaPoly(byte[] publicNonce, byte[] message, byte[] additionalData) { checkLength(publicNonce, CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES); byte[] ct = zeros(message.length + CRYPTO_AEAD_CHACHA20POLY1305_ABYTES); isValid(sodium().crypto_aead_chacha20poly1305_encrypt(ct, null, message, message.length, additionalData, additionalData.length, null, publicNonce, key), "Encryption failed"); return ct; }
public Box(byte[] publicKey, byte[] privateKey) { checkLength(publicKey, CRYPTO_BOX_CURVE25519XSALSA20POLY1305_PUBLICKEYBYTES); checkLength(privateKey, CRYPTO_BOX_CURVE25519XSALSA20POLY1305_SECRETKEYBYTES); sharedKey = new byte[NaCl.Sodium.CRYPTO_BOX_CURVE25519XSALSA20POLY1305_BEFORENMBYTES]; isValid(sodium().crypto_box_curve25519xsalsa20poly1305_beforenm( sharedKey, publicKey, privateKey), "Key agreement failed"); }
public byte[] encrypt(byte[] nonce, byte[] message) { checkLength(nonce, CRYPTO_BOX_CURVE25519XSALSA20POLY1305_NONCEBYTES); byte[] msg = prependZeros(CRYPTO_BOX_CURVE25519XSALSA20POLY1305_ZEROBYTES, message); byte[] ct = new byte[msg.length]; isValid(sodium().crypto_box_curve25519xsalsa20poly1305_afternm(ct, msg, msg.length, nonce, sharedKey), "Encryption failed"); return removeZeros(CRYPTO_BOX_CURVE25519XSALSA20POLY1305_BOXZEROBYTES, ct); }
public byte[] decrypt(byte[] nonce, byte[] ciphertext) { checkLength(nonce, CRYPTO_BOX_CURVE25519XSALSA20POLY1305_NONCEBYTES); byte[] ct = prependZeros(CRYPTO_BOX_CURVE25519XSALSA20POLY1305_BOXZEROBYTES, ciphertext); byte[] message = new byte[ct.length]; isValid(sodium().crypto_box_curve25519xsalsa20poly1305_open_afternm( message, ct, message.length, nonce, sharedKey), "Decryption failed. Ciphertext failed verification."); return removeZeros(CRYPTO_BOX_CURVE25519XSALSA20POLY1305_ZEROBYTES, message); }
public byte[] decrypt(byte[] nonce, byte[] ciphertext) { checkLength(nonce, CRYPTO_SECRETBOX_XSALSA20POLY1305_NONCEBYTES); byte[] ct = Util.prependZeros(CRYPTO_BOX_CURVE25519XSALSA20POLY1305_BOXZEROBYTES, ciphertext); byte[] message = Util.zeros(ct.length); isValid(sodium().crypto_secretbox_xsalsa20poly1305_open(message, ct, ct.length, nonce, key), "Decryption failed. Ciphertext failed verification"); return removeZeros(CRYPTO_BOX_CURVE25519XSALSA20POLY1305_ZEROBYTES, message); } }