v1.0.12

Author: jamesruan

README.md

@@ -22,6 +22,7 @@ Following functions included:
  - `crypto_pwhash_opslimit_sensitive` `crypto_pwhash_memlimit_sensitive`
  - `crypto_shorthash` `crypto_generichash_init` `crypto_generichash_update` `crypto_generichash_final`
  - `crypto_kdf_keygen` `crypto_kdf_derive_from_key`
+ - `crypto_kx_keypair` `crypto_kx_seed_keypair` `crypto_kx_server_session_keys` `crypto_kx_client_session_keys`
  - `crypto_aead_chacha20poly1305_ietf_encrypt` `crypto_aead_chacha20poly1305_ietf_decrypt` `crypto_aead_chacha20poly1305_ietf_encrypt_detached` `crypto_aead_chacha20poly1305_ietf_decrypt_detached`
  - `sodium_memzero` `sodium_memcmp` `sodium_increment`
 

box.go

@@ -27,14 +27,6 @@ func (k BoxPublicKey) Size() int {
 	return cryptoBoxPublicKeyBytes
 }
 
-type CommonKey struct {
-	Bytes
-}
-
-func (k CommonKey) Size() int {
-	return cryptoScalarmultBytes
-}
-
 type BoxSecretKey struct {
 	Bytes
 }
@@ -50,13 +42,6 @@ func (k BoxSecretKey) PublicKey() BoxPublicKey {
 	return BoxPublicKey(CryptoScalarmultBase(Scalar(k)))
 }
 
-//CommonKey calculates common key from BoxSecretKey and other's BoxPublicKey.
-func (k BoxSecretKey) CommonKey(p BoxPublicKey) CommonKey {
-	checkTypedSize(&p, "PublicKey")
-
-	return CommonKey(CryptoScalarmult(Scalar(k), Scalar(p)))
-}
-
 type BoxSeed struct {
 	Bytes
 }

exchange.go

@@ -0,0 +1,141 @@
+package sodium
+
+// #cgo pkg-config: libsodium
+// #include <stdlib.h>
+// #include <sodium.h>
+import "C"
+
+var (
+	cryptoKXPublicKeyBytes  = int(C.crypto_kx_publickeybytes())
+	cryptoKXSecretKeyBytes  = int(C.crypto_kx_secretkeybytes())
+	cryptoKXSeedBytes       = int(C.crypto_kx_seedbytes())
+	cryptoKXSessionKeyBytes = int(C.crypto_kx_sessionkeybytes())
+)
+
+type KXKP struct {
+	PublicKey KXPublicKey
+	SecretKey KXSecretKey
+}
+
+//MakeKXKP generates a keypair for signing
+func MakeKXKP() KXKP {
+	pkb := make([]byte, cryptoKXPublicKeyBytes)
+	skb := make([]byte, cryptoKXSecretKeyBytes)
+	if int(C.crypto_kx_keypair(
+		(*C.uchar)(&pkb[0]),
+		(*C.uchar)(&skb[0]))) != 0 {
+		panic("see libsodium")
+	}
+
+	return KXKP{
+		KXPublicKey{pkb},
+		KXSecretKey{skb},
+	}
+}
+
+//SeedKXKP generates a keypair for exchanging from a KXSeed.
+//
+//The same pair of keys will be generated with the same 'seed'
+func SeedKXKP(seed KXSeed) KXKP {
+	checkTypedSize(&seed, "seed")
+	pkb := make([]byte, cryptoKXPublicKeyBytes)
+	skb := make([]byte, cryptoKXSecretKeyBytes)
+	if int(C.crypto_kx_seed_keypair(
+		(*C.uchar)(&pkb[0]),
+		(*C.uchar)(&skb[0]),
+		(*C.uchar)(&seed.Bytes[0]))) != 0 {
+		panic("see libsodium")
+	}
+
+	return KXKP{
+		KXPublicKey{pkb},
+		KXSecretKey{skb},
+	}
+}
+
+// ClientSessionKeys calculates Rx (for receving) and Tx (for sending) session keys
+// with server's public key.
+// return error when server_pk is not acceptable.
+func (kp KXKP) ClientSessionKeys(server_pk KXPublicKey) (*KXSessionKeys, error) {
+	checkTypedSize(&kp.PublicKey, "Client Public Key")
+	checkTypedSize(&kp.SecretKey, "Client Secret Key")
+	checkTypedSize(&server_pk, "Server Public Key")
+
+	rxb := make([]byte, cryptoKXSessionKeyBytes)
+	txb := make([]byte, cryptoKXSessionKeyBytes)
+	if int(C.crypto_kx_client_session_keys(
+		(*C.uchar)(&rxb[0]),
+		(*C.uchar)(&txb[0]),
+		(*C.uchar)(&kp.PublicKey.Bytes[0]),
+		(*C.uchar)(&kp.SecretKey.Bytes[0]),
+		(*C.uchar)(&server_pk.Bytes[0]))) != 0 {
+		return nil, ErrInvalidKey
+	}
+
+	return &KXSessionKeys{
+		Rx: KXSessionKey{rxb},
+		Tx: KXSessionKey{txb},
+	}, nil
+}
+
+// ServerSessionKeys calculates Rx (for receving) and Tx (for sending) session keys
+// with client's public key.
+// return error when client_pk is not acceptable.
+func (kp KXKP) ServerSessionKeys(client_pk KXPublicKey) (*KXSessionKeys, error) {
+	checkTypedSize(&kp.PublicKey, "Server Public Key")
+	checkTypedSize(&kp.SecretKey, "Server Secret Key")
+	checkTypedSize(&client_pk, "Client Public Key")
+
+	rxb := make([]byte, cryptoKXSessionKeyBytes)
+	txb := make([]byte, cryptoKXSessionKeyBytes)
+	if int(C.crypto_kx_server_session_keys(
+		(*C.uchar)(&rxb[0]),
+		(*C.uchar)(&txb[0]),
+		(*C.uchar)(&kp.PublicKey.Bytes[0]),
+		(*C.uchar)(&kp.SecretKey.Bytes[0]),
+		(*C.uchar)(&client_pk.Bytes[0]))) != 0 {
+		return nil, ErrInvalidKey
+	}
+
+	return &KXSessionKeys{
+		Rx: KXSessionKey{rxb},
+		Tx: KXSessionKey{txb},
+	}, nil
+}
+
+type KXSessionKeys struct {
+	Rx KXSessionKey
+	Tx KXSessionKey
+}
+
+type KXPublicKey struct {
+	Bytes
+}
+
+func (k KXPublicKey) Size() int {
+	return cryptoKXPublicKeyBytes
+}
+
+type KXSecretKey struct {
+	Bytes
+}
+
+func (k KXSecretKey) Size() int {
+	return cryptoKXSecretKeyBytes
+}
+
+type KXSessionKey struct {
+	Bytes
+}
+
+func (k KXSessionKey) Size() int {
+	return cryptoKXSessionKeyBytes
+}
+
+type KXSeed struct {
+	Bytes
+}
+
+func (k KXSeed) Size() int {
+	return cryptoKXSeedBytes
+}

sodium.go

@@ -86,25 +86,32 @@
 //
 //(X25519-XSalsa20-Poly1305)
 //
-//Diffie-Hellman Key Exchange
+//Key Exchanging
 //
-//BoxPublicKey can be calculated from BoxSecretKey:
+//Server and Client exchange their public key and calculates a common session key with their own
+//secret key.
 //
-//    //High-level function should be used most of the time.
-//    func (k BoxSecretKey) PublicKey() BoxPublicKey
-//
-//    //Low-level function:
-//    func CryptoScalarmultBase(n Scalar) (q Scalar)
+//    type KXKP struct {
+//        PublicKey KXPublicKey
+//        SecretKey KXSecretKey
+//    }
+//    func MakeKXKP() KXKP
+//    func SeedKXKP(seed KXSeed) KXKP
 //
-//A CommonKey can be calculated from BoxSecretKey and other's BoxPublicKey:
+//    type KXSessionKeys struct {
+//        Rx KXSessionKey
+//        Tx KXSessionKey
+//    }
 //
-//    //High-level function should be used most of the time.
-//    func (k BoxSecretKey) CommonKey(p BoxPublicKey) CommonKey
+//    // session keys for client
+//    func (kp KXKP) ClientSessionKeys(server_pk KXPublicKey) (*KXSessionKeys, error)
 //
-//    //Low-level function.
-//    func CryptoScalarmult(n, p Scalar) (q ScalarMult)
+//    // session keys for server
+//    func (kp KXKP) ServerSessionKeys(client_pk KXPublicKey) (*KXSessionKeys, error) {
+//    // client's rx == server's tx
+//    // client's tx == server's rx
 //
-//(X25519)
+//(rx || tx = BLAKE2B-512(p.n || client_pk || server_pk))
 //
 //Secret Key Authentication
 //
@@ -176,6 +183,7 @@ var (
 	ErrOpenSign    = errors.New("sodium: Signature forged")
 	ErrDecryptAEAD = errors.New("sodium: Can't decrypt message")
 	ErrPassword    = errors.New("sodium: Password not matched")
+	ErrInvalidKey  = errors.New("sodium: Invalid key")
 )
 
 //Typed has pre-defined size.

sodium_test.go

@@ -143,16 +143,6 @@ func ExampleBoxSecretKey_PublicKey() {
 	//Output: true
 }
 
-func ExampleBoxSecretKey_CommonKey() {
-	skp := MakeBoxKP()
-	rkp := MakeBoxKP()
-	sck := skp.SecretKey.CommonKey(rkp.PublicKey)
-	rck := rkp.SecretKey.CommonKey(skp.PublicKey)
-
-	fmt.Println(MemCmp(sck.Bytes, rck.Bytes, sck.Length()) == 0)
-	//Output: true
-}
-
 func ExampleNewGenericHashKeyed() {
 	kp := MakeBoxKP()
 	key := GenericHashKey{kp.SecretKey.Bytes}
@@ -336,3 +326,21 @@ func ExampleMasterKey_Derive() {
 	//Output: testblab
 	//true
 }
+
+func ExampleMakeKXKP() {
+	skp := MakeKXKP()
+	ckp := MakeKXKP()
+
+	sss, _ := skp.ServerSessionKeys(ckp.PublicKey)
+	css, _ := ckp.ClientSessionKeys(skp.PublicKey)
+
+	fmt.Println(MemCmp(sss.Tx.Bytes, css.Rx.Bytes, sss.Tx.Size()) == 0)
+	fmt.Println(MemCmp(sss.Rx.Bytes, css.Tx.Bytes, sss.Rx.Size()) == 0)
+
+	fmt.Println(MemCmp(sss.Tx.Bytes, sss.Rx.Bytes, sss.Tx.Size()) == 0)
+	fmt.Println(MemCmp(css.Tx.Bytes, css.Rx.Bytes, css.Tx.Size()) == 0)
+	//Output: true
+	//true
+	//false
+	//false
+}