pact

package module
v0.1.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 13, 2024 License: MIT Imports: 4 Imported by: 0

README

go-pact

Go Reference

This package implements the PACT/comPACT AEAD context commitment scheme, as described in Universal Context Commitment without Ciphertext Expansion.

Installation

go get git.sr.ht/~fantomebeignet/go-pact

Usage

// newAead combines the creation of an AES cipher and the accompanying
// GCM authenticated cipher in one function.
// This creates a GCM AEAD with the same interface as ChaCha20Poly1305.New
func newAead(k []byte) (cipher.AEAD, error) {
	aes, err := aes.NewCipher(k)
	if err != nil {
		return nil, err
	}
	gcm, err := cipher.NewGCM(aes)
	if err != nil {
		return nil, err
	}
	return gcm, nil
}

func main() {
    var key [32]byte
    if _, err := rand.Read(key[:]); err != nil {
        panic(err)
    }
    var nonce [12]byte
    if _, err := rand.Read(nonce[:]); err != nil {
    	panic(err)
    }

    plaintext := []byte("example plaintext to encrypt and authenticate")

    additionalData := []byte("example additional authenticated data")

    pact, err := pact.NewPACT(newAead, sha256.New, aes.NewCipher, key[:])
    if err != nil {
        panic(err)
    }

    ciphertext := pact.Seal(nil, nonce[:], plaintext, additionalData)

    decrypted, err := pact.Open(nil, nonce[:], ciphertext, additionalData)
    if err != nil {
        // Authentication failed
    	panic(err)
    }
}

Security

This library has been audited by no one, I am not a cryptographer nor am I a cryptography engineer. That is to say, you probably should not use this library under any circumstances other than experimenting and having some cryptographic fun.

Documentation

Overview

Package pact implements the PACT and comPACT transforms to convert any AEAD into a context-committing one without any output length expansion.

These transforms were described in Universal Context Commitment without Ciphertext Expansion

Example 
// import "git.sr.ht/~fantomebeignet/go-pact"
// import "crypto/rand"
// import "fmt"

// func newAead(k []byte) (cipher.AEAD, error) {
// 	aes, err := aes.NewCipher(k)
// 	if err != nil {
// 		return nil, err
// 	}
// 	gcm, err := cipher.NewGCM(aes)
// 	if err != nil {
// 		return nil, err
// 	}
// 	return gcm, nil
// }

// Generate a random key and nonce
var key [32]byte
if _, err := rand.Read(key[:]); err != nil {
	panic(err)
}
var nonce [12]byte
if _, err := rand.Read(nonce[:]); err != nil {
	panic(err)
}

additionalData := []byte("example additionnal data")
plaintext := []byte("example plaintext")

// Create a transformed AEAD
pact, err := pact.NewPACT(newAead, sha256.New, aes.NewCipher, key[:])
if err != nil {
	panic(err)
}

// Encrypt the plaintext
ciphertext := pact.Seal(nil, nonce[:], plaintext, additionalData)

// Decrypt the ciphertext
decrypted, err := pact.Open(nil, nonce[:], ciphertext, additionalData)
if err != nil {
	panic(err)
}

// Ciphertext was decrypted successfully
fmt.Println(bytes.Equal(plaintext, decrypted))

Output:

true

Index

Examples

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewComPACT 

func NewComPACT[P cipher.AEAD, H hash.Hash, E cipher.Block](
	aead func([]byte) (P, error),
	hash func() H,
	blockCipher func([]byte) (E, error),
	key []byte,
) (cipher.AEAD, error)

NewComPACT returns a transformed version of the provided AEAD using the comPACT transform. This transformed AEAD is context-committing without any ciphertext expansion, meaning it has the same overhead as the original AEAD. The transformed AEAD does not preserve the nonce misuse-resistance properties (MRAE) of the underlying AEAD.

Compared to the underlying AEAD, the Seal and Open function on this new AEAD involve a call to the hash function hash and a call to the block cipher blockCipher.

The key size of blockCipher should be equal to the output size of hash, and the block size of blockCipher should be equal to the tag size of aead.

func NewPACT 

func NewPACT[P cipher.AEAD, H hash.Hash, E cipher.Block](
	aead func([]byte) (P, error),
	hash func() H,
	blockCipher func([]byte) (E, error),
	key []byte,
) (cipher.AEAD, error)

NewPACT returns a transformed version of the provided AEAD using the PACT transform. This transformed AEAD is context-committing without any ciphertext expansion, meaning it has the same overhead as the original AEAD. The transformed AEAD preserves the nonce misuse-resistance properties (MRAE) of the underlying AEAD.

Compared to the underlying AEAD, the Seal and Open function on this new AEAD involve a call to the hash function hash and a call to the block cipher blockCipher.

The key size of blockCipher should be equal to the output size of hash, and the block size of blockCipher should be equal to the tag size of aead.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.