Skip to content

Commit

Permalink
Merge pull request #18 from D3vl0per/attestation
Browse files Browse the repository at this point in the history 
Attestation, symmetric, compression, insecure-symmetric and tests
  • Loading branch information
@D3vl0per
D3vl0per authored Jan 7, 2024
2 parents 0f144e7 + bace9d8 commit e06ec51
Show file tree
Hide file tree
Showing 97 changed files with 258,320 additions and 429 deletions.
3 changes: 2 additions & 1 deletion .gitignore
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
lint
.env
coverage.html
coverage.txt
coverage.txt
*.out
3 changes: 3 additions & 0 deletions Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,9 @@ test-v:
golangci-lint-install:
go install github.com/golangci/golangci-lint/cmd/[email protected]

benchmark-compression:
go test -benchmem -bench BenchmarkRoundTrip github.com/D3vl0per/crypt/compression -timeout 30m -benchtime=1s -count=6 | tee "compression-$(shell date --iso-8601=seconds).out"

coverage:
go test -coverprofile=coverage.out ./...
go tool cover -html=coverage.out -o coverage.html
Expand Down
16 changes: 12 additions & 4 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,9 +20,13 @@ This project is a comprehensive toolkit for developers who need to implement var
- PKCS
- Symmetric
- XChacha20-poly1305
- XChacha20-poly1305 Stream (modified age code)
- XChacha20-poly1305 Stream (utilized age code)
- XOR
- AES-GCM
- "Insecure"
- SecretBox
- AES-CTR
- AES-CBC
- Asymmetric
- ECDSA
- ed25519
Expand All @@ -36,9 +40,9 @@ This project is a comprehensive toolkit for developers who need to implement var
- SHA3-256
- SHA3-384
- SHA3-512
- SHAKE-128 (planed)
- SHAKE-256 (planed)
- go_simhash (planed)
- SHAKE-128 (planned)
- SHAKE-256 (planned)
- go_simhash (planned)
- Argon2id
- Scrypt (planed)
- HKDF (planed)
Expand All @@ -47,6 +51,10 @@ This project is a comprehensive toolkit for developers who need to implement var
- gzip
- zlib
- zstd
- brotli
- huff0X1 (in progress)
- huff0X4 (in progress)

- Aged
- Age encryption suite
- Age header obfuscation v1
Expand Down
40 changes: 20 additions & 20 deletions aged/age_bind.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -71,20 +71,20 @@ func (k Keychain) Encrypt(p Parameters) ([]byte, error) {

in, err := compressor(p)
if err != nil {
return []byte{}, err
return nil, err
}

out := &bytes.Buffer{}
w, err := age.Encrypt(out, k.recipients...)
if err != nil {
return []byte{}, err
return nil, err
}

if _, err := io.Copy(w, in); err != nil {
return []byte{}, err
return nil, err
}
if err := w.Close(); err != nil {
return []byte{}, err
return nil, err
}

return obfuscator(p, out.Bytes())
Expand All @@ -93,15 +93,15 @@ func (k Keychain) Encrypt(p Parameters) ([]byte, error) {
func (k Keychain) Decrypt(p Parameters) ([]byte, error) {
cipherData, err := deobfuscator(p)
if err != nil {
return []byte{}, err
return nil, err
}
r, err := age.Decrypt(bytes.NewReader(cipherData), k.secretKey)
if err != nil {
return []byte{}, err
return nil, err
}
out := &bytes.Buffer{}
if _, err := io.Copy(out, r); err != nil {
return []byte{}, err
return nil, err
}

return decompressor(p, out.Bytes())
Expand All @@ -110,29 +110,29 @@ func (k Keychain) Decrypt(p Parameters) ([]byte, error) {
func EncryptWithPwd(p Parameters, pwd string) ([]byte, error) {
in, err := compressor(p)
if err != nil {
return []byte{}, err
return nil, err
}

pwdRecepient, err := age.NewScryptRecipient(pwd)
if err != nil {
return []byte{}, err
return nil, err
}

out := &bytes.Buffer{}
w, err := age.Encrypt(out, pwdRecepient)
if err != nil {
return []byte{}, err
return nil, err
}

if err != nil {
return []byte{}, err
return nil, err
}

if _, err := io.Copy(w, in); err != nil {
return []byte{}, err
return nil, err
}
if err := w.Close(); err != nil {
return []byte{}, err
return nil, err
}

return obfuscator(p, out.Bytes())
Expand All @@ -141,22 +141,22 @@ func EncryptWithPwd(p Parameters, pwd string) ([]byte, error) {
func DecryptWithPwd(p Parameters, pwd string) ([]byte, error) {
cipherData, err := deobfuscator(p)
if err != nil {
return []byte{}, err
return nil, err
}

pwdIdentity, err := age.NewScryptIdentity(pwd)
if err != nil {
return []byte{}, err
return nil, err
}

r, err := age.Decrypt(bytes.NewReader(cipherData), pwdIdentity)
if err != nil {
return []byte{}, err
return nil, err
}

out := &bytes.Buffer{}
if _, err := io.Copy(out, r); err != nil {
return []byte{}, err
return nil, err
}

return decompressor(p, out.Bytes())
Expand Down Expand Up @@ -186,7 +186,7 @@ func decompressor(p Parameters, data []byte) ([]byte, error) {
if p.Compress {
raw, err := p.Compressor.Decompress(data)
if err != nil {
return []byte{}, err
return nil, err
}
return raw, nil
}
Expand All @@ -197,7 +197,7 @@ func obfuscator(p Parameters, in []byte) ([]byte, error) {
if p.Obfuscation {
obf, err := p.Obfuscator.Obfuscate(in)
if err != nil {
return []byte{}, errors.New("failed to obfuscate header")
return nil, errors.New("failed to obfuscate header")
}
return obf, nil
}
Expand All @@ -210,7 +210,7 @@ func deobfuscator(p Parameters) ([]byte, error) {
var err error
cipherData, err = p.Obfuscator.Deobfuscate(p.Data)
if err != nil {
return []byte{}, errors.New("failed to deobfuscate header, maybe not obfuscated?")
return nil, errors.New("failed to deobfuscate header, maybe not obfuscated?")
}
} else {
cipherData = p.Data
Expand Down
2 changes: 1 addition & 1 deletion aged/age_bind_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -236,7 +236,7 @@ func TestRoundTrips(t *testing.T) {
r.Equal(t, tt.parameter.Data, decryptedData2, "Decrypted data is equal with the plaintext data by different valid keychain")

decryptedData3, err4 := config.keychainWrong.Decrypt(decryptParam)
r.Equal(t, []byte{}, decryptedData3)
r.Nil(t, decryptedData3)
r.EqualError(t, err4, "no identity matched any of the recipients")

pwd, err := generic.CSPRNG(32)
Expand Down
10 changes: 5 additions & 5 deletions aged/obf.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,10 +28,10 @@ func (a *AgeV1Obf) Obfuscate(payload []byte) ([]byte, error) {

headerIndex := bytes.Index(payload, endOfHeader)
if headerIndex == -1 {
return []byte{}, errors.New("missing end flag")
return nil, errors.New("missing end flag")
}
if headerIndex+lengthOfKey > len(payload) {
return []byte{}, errors.New("invalid header length")
return nil, errors.New("invalid header length")
}
header := payload[:headerIndex+lengthOfKey]
pad := make([]byte, len(header))
Expand All @@ -49,14 +49,14 @@ func (a *AgeV1Obf) Obfuscate(payload []byte) ([]byte, error) {
func (a *AgeV1Obf) Deobfuscate(payload []byte) ([]byte, error) {
headerIndex := bytes.Index(payload, endFlag)
if headerIndex == -1 {
return []byte{}, errors.New("missing end flag")
return nil, errors.New("missing end flag")
}
if headerIndex+len(endFlag) > len(payload) {
return []byte{}, errors.New("invalid header")
return nil, errors.New("invalid header")
}
header := payload[:headerIndex+len(endFlag)]
if len(header) < len(endFlag) {
return []byte{}, errors.New("invalid header length")
return nil, errors.New("invalid header length")
}

pad := make([]byte, len(header)-len(endFlag))
Expand Down
Loading

0 comments on commit e06ec51

Please sign in to comment.