108 lines
2.5 KiB
Go
108 lines
2.5 KiB
Go
|
|
// kyber provides functions to encrypt and decrypt data using Kyber
|
|
|
|
package kyber
|
|
|
|
// Public key is 1568 bytes long
|
|
// Private key is 1536 bytes long
|
|
// Encrypted key is 1568 bytes long
|
|
|
|
// When the keys need to be encoded as strings:
|
|
// Kyber Public keys are encoded Base64
|
|
// Kyber private keys are encoded Hex
|
|
|
|
import "seekia/internal/encoding"
|
|
|
|
import "crypto/rand"
|
|
|
|
import "github.com/cloudflare/circl/pke/kyber/kyber1024"
|
|
|
|
import "errors"
|
|
|
|
func VerifyKyberPublicKeyString(inputKey string)bool{
|
|
|
|
_, err := ReadKyberPublicKeyString(inputKey)
|
|
if (err != nil) {
|
|
return false
|
|
}
|
|
|
|
return true
|
|
}
|
|
|
|
func ReadKyberPublicKeyString(inputKey string)([1568]byte, error){
|
|
|
|
decodedBytes, err := encoding.DecodeBase64StringToBytes(inputKey)
|
|
if (err != nil) {
|
|
return [1568]byte{}, errors.New("ReadKyberPublicKeyString called with invalid key: " + inputKey)
|
|
}
|
|
|
|
if (len(decodedBytes) != 1568){
|
|
return [1568]byte{}, errors.New("ReadKyberPublicKeyString called with invalid key: " + inputKey)
|
|
}
|
|
|
|
publicKey := [1568]byte(decodedBytes)
|
|
|
|
return publicKey, nil
|
|
}
|
|
|
|
func GetNewRandomPublicKyberKey()([1568]byte, error){
|
|
|
|
var kyberPublicKeyArray [1568]byte
|
|
|
|
_, err := rand.Read(kyberPublicKeyArray[:])
|
|
if (err != nil) { return [1568]byte{}, err }
|
|
|
|
return kyberPublicKeyArray, nil
|
|
}
|
|
|
|
func GetNewRandomPublicPrivateKyberKeys()([1568]byte, [1536]byte, error){
|
|
|
|
publicKeyObject, privateKeyObject, err := kyber1024.GenerateKey(nil)
|
|
if (err != nil) { return [1568]byte{}, [1536]byte{}, err }
|
|
|
|
var publicKeyArray [1568]byte
|
|
publicKeyObject.Pack(publicKeyArray[:])
|
|
|
|
var privateKeyArray [1536]byte
|
|
privateKeyObject.Pack(privateKeyArray[:])
|
|
|
|
return publicKeyArray, privateKeyArray, nil
|
|
}
|
|
|
|
//Outputs:
|
|
// -[1568]byte: Kyber Encrypted key bytes
|
|
// -error
|
|
func EncryptKeyWithKyber(publicKyberKey [1568]byte, keyToEncrypt [32]byte)([1568]byte, error){
|
|
|
|
randomSeed := make([]byte, 32)
|
|
|
|
_, err := rand.Read(randomSeed[:])
|
|
if (err != nil) { return [1568]byte{}, err }
|
|
|
|
var publicKeyObject kyber1024.PublicKey
|
|
|
|
publicKeyObject.Unpack(publicKyberKey[:])
|
|
|
|
var encryptedResult [1568]byte
|
|
|
|
publicKeyObject.EncryptTo(encryptedResult[:], keyToEncrypt[:], randomSeed)
|
|
|
|
return encryptedResult, nil
|
|
}
|
|
|
|
//Outputs:
|
|
// -[32]byte: Decrypted key
|
|
// -error: Will return err if inputs are invalid.
|
|
func DecryptKyberEncryptedKey(inputEncryptedKey [1568]byte, privateKey [1536]byte)([32]byte, error){
|
|
|
|
var privateKeyObject kyber1024.PrivateKey
|
|
privateKeyObject.Unpack(privateKey[:])
|
|
|
|
var decryptedKey [32]byte
|
|
|
|
privateKeyObject.DecryptTo(decryptedKey[:], inputEncryptedKey[:])
|
|
|
|
return decryptedKey, nil
|
|
}
|
|
|
|
|