Kill nacl/box

2025-04-04 21:57:44 +03:00 · 2019-06-24 19:13:34 +02:00 · 2019-06-24 19:13:34 +02:00 · dd9cf5cc9a
commit dd9cf5cc9a
parent d80e72365f
23 changed files with 60 additions and 3085 deletions
--- a/vendor/github.com/jedisct1/xsecretbox/go.mod
+++ b/vendor/github.com/jedisct1/xsecretbox/go.mod
@ -5,6 +5,6 @@ go 1.12
 require (
 	github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da
 	github.com/aead/poly1305 v0.0.0-20180717145839-3fee0db0b635
-	golang.org/x/crypto v0.0.0-20190621222207-cc06ce4a13d4
-	golang.org/x/sys v0.0.0-20190621203818-d432491b9138 // indirect
+	github.com/cloudflare/circl v0.0.0-20190621185434-0ba9a9382e8b
+	golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0 // indirect
 )
--- a/vendor/github.com/jedisct1/xsecretbox/go.sum
+++ b/vendor/github.com/jedisct1/xsecretbox/go.sum
@ -2,12 +2,8 @@ github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da h1:KjTM2ks9d14ZYCvmH
 github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da/go.mod h1:eHEWzANqSiWQsof+nXEI9bUVUyV6F53Fp89EuCh2EAA=
 github.com/aead/poly1305 v0.0.0-20180717145839-3fee0db0b635 h1:52m0LGchQBBVqJRyYYufQuIbVqRawmubW3OFGqK1ekw=
 github.com/aead/poly1305 v0.0.0-20180717145839-3fee0db0b635/go.mod h1:lmLxL+FV291OopO93Bwf9fQLQeLyt33VJRUg5VJ30us=
-golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.0.0-20190621222207-cc06ce4a13d4 h1:ydJNl0ENAG67pFbB+9tfhiL2pYqLhfoaZFw/cjLhY4A=
-golang.org/x/crypto v0.0.0-20190621222207-cc06ce4a13d4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190621203818-d432491b9138 h1:t8BZD9RDjkm9/h7yYN6kE8oaeov5r9aztkB7zKA5Tkg=
-golang.org/x/sys v0.0.0-20190621203818-d432491b9138/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+github.com/cloudflare/circl v0.0.0-20190621185434-0ba9a9382e8b h1:yGcUL49UXXtIcd8FIkrxCZ7N96l16UM1C0VcA4UOVH4=
+github.com/cloudflare/circl v0.0.0-20190621185434-0ba9a9382e8b/go.mod h1:MhjB3NEEhJbTOdLLq964NIUisXDxaE1WkQPUxtgZXiY=
+golang.org/x/sys v0.0.0-20190602015325-4c4f7f33c9ed/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0 h1:HyfiK1WMnHj5FXFXatD+Qs1A/xC2Run6RzeW1SyHxpc=
+golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
--- a/vendor/github.com/jedisct1/xsecretbox/sharedkey.go
+++ b/vendor/github.com/jedisct1/xsecretbox/sharedkey.go
@ -4,21 +4,24 @@ import (
 	"errors"

 	"github.com/aead/chacha20/chacha"
-	"golang.org/x/crypto/curve25519"
+	"github.com/cloudflare/circl/dh/x25519"
 )

 // SharedKey computes a shared secret compatible with the one used by `crypto_box_xchacha20poly1305``
 func SharedKey(secretKey [32]byte, publicKey [32]byte) ([32]byte, error) {
 	var sharedKey [32]byte
-	curve25519.ScalarMult(&sharedKey, &secretKey, &publicKey)
-	c := byte(0)
-	for i := 0; i < 32; i++ {
-		c |= sharedKey[i]
-	}
-	if c == 0 {
+	var cfSharedKey, cfSecretKey, cfPublicKey x25519.Key
+	copy(cfSecretKey[:], secretKey[:])
+	copy(cfPublicKey[:], publicKey[:])
+	if !x25519.Shared(&cfSharedKey, &cfSecretKey, &cfPublicKey) {
 		return sharedKey, errors.New("weak public key")
 	}
-	var nonce [16]byte
-	chacha.HChaCha20(&sharedKey, &nonce, &sharedKey)
+	HChaCha20(&sharedKey)
 	return sharedKey, nil
 }
+
+// HChaCha20 - Hash the result of an X25519 key exchange in order to get a box-compatible shared secret
+func HChaCha20(sharedKey *[32]byte) {
+	var zeroNonce [16]byte
+	chacha.HChaCha20(sharedKey, &zeroNonce, sharedKey)
+}