Commit ff5196b9 authored by Jesper Louis Andersen's avatar Jesper Louis Andersen
Browse files

Implement crypto boxing/unboxing for public key cryptographic systems.

parent c074a4b1
......@@ -5,6 +5,10 @@
%% CRYPTO BOX
%% ---------------------------
nonce() ->
Sz = enacl:box_nonce_size(),
binary(Sz).
prop_box_keypair() ->
?FORALL(_X, return(dummy),
ok_box(enacl:box_keypair())).
......@@ -12,6 +16,25 @@ prop_box_keypair() ->
ok_box({ok, _PK, _SK}) -> true;
ok_box(_) -> false.
prop_box_correct() ->
?FORALL({Msg, Nonce}, {binary(), nonce()},
begin
{ok, PK1, SK1} = enacl:box_keypair(),
{ok, PK2, SK2} = enacl:box_keypair(),
CipherText = enacl:box(Msg, Nonce, PK2, SK1),
{ok, DecodedMsg} = enacl:box_open(CipherText, Nonce, PK1, SK2),
equals(Msg, DecodedMsg)
end).
prop_box_failure_integrity() ->
?FORALL({Msg, Nonce}, {binary(), nonce()},
begin
{ok, PK1, SK1} = enacl:box_keypair(),
{ok, PK2, SK2} = enacl:box_keypair(),
CipherText = enacl:box(Msg, Nonce, PK2, SK1),
Err = enacl:box_open([<<"x">>, CipherText], Nonce, PK1, SK2),
equals(Err, {error, failed_verification})
end).
%% HASHING
%% ---------------------------
......
-module(enacl).
-export([
hash/1,
box_keypair/0
box_keypair/0,
box/4,
box_open/4,
box_nonce_size/0
]).
-export([
hash/1
]).
hash(Bin) ->
......@@ -11,3 +17,21 @@ hash(Bin) ->
box_keypair() ->
enacl_nif:crypto_box_keypair().
box(Msg, Nonce, PK, SK) ->
enacl_nif:crypto_box([zerobytes(), Msg], Nonce, PK, SK).
box_open(CipherText, Nonce, PK, SK) ->
case enacl_nif:crypto_box_open([box_zerobytes(), CipherText], Nonce, PK, SK) of
{error, Err} -> {error, Err};
Bin when is_binary(Bin) -> {ok, Bin}
end.
box_nonce_size() ->
enacl_nif:crypto_box_NONCEBYTES().
%% Helpers
zerobytes() ->
binary:copy(<<0>>, enacl_nif:crypto_box_ZEROBYTES()).
box_zerobytes() ->
binary:copy(<<0>>, enacl_nif:crypto_box_BOXZEROBYTES()).
%%% @doc module enacl_nif provides the low-level interface to the NaCl/Sodium NIFs.
%%% @end
-module(enacl_nif).
%% Public key auth
-export([
crypto_hash/1,
crypto_box_keypair/0
crypto_box_keypair/0,
crypto_box/4,
crypto_box_open/4,
crypto_box_NONCEBYTES/0,
crypto_box_ZEROBYTES/0,
crypto_box_BOXZEROBYTES/0
]).
%% Miscellaneous helper functions
-export([
crypto_hash/1
]).
-on_load(init/0).
init() ->
......@@ -16,6 +29,16 @@ init() ->
end, atom_to_list(?MODULE)),
erlang:load_nif(SoName, 0).
crypto_hash(Input) when is_binary(Input) -> error({nif_not_loaded, ?MODULE}).
crypto_box_keypair() -> error({nif_not_loaded, ?MODULE}).
not_loaded() ->
error({nif_not_loaded, ?MODULE}).
crypto_box_NONCEBYTES() -> not_loaded().
crypto_box_ZEROBYTES() -> not_loaded().
crypto_box_BOXZEROBYTES() -> not_loaded().
crypto_box_keypair() -> not_loaded().
crypto_box(_PaddedMsg, _Nonce, _PK, _SK) -> not_loaded().
crypto_box_open(_CipherText, _Nonce, _PK, _SK) -> not_loaded().
crypto_hash(Input) when is_binary(Input) -> not_loaded().
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment