2 NNCP -- Node to Node copy, utilities for store-and-forward data exchange
3 Copyright (C) 2016-2019 Sergey Matveev <stargrave@stargrave.org>
5 This program is free software: you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation, either version 3 of the License, or
8 (at your option) any later version.
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
26 "cypherpunks.ru/balloon"
27 "github.com/davecgh/go-xdr/xdr2"
28 "golang.org/x/crypto/blake2b"
29 "golang.org/x/crypto/chacha20poly1305"
33 DefaultS = 1 << 20 / 32
39 MagicNNCPBv3 [8]byte = [8]byte{'N', 'N', 'C', 'P', 'B', 0, 0, 3}
51 func blake256() hash.Hash {
52 h, err := blake2b.New256(nil)
59 // Create an encrypted blob. sCost -- memory space requirements, number
60 // of hash-output sized (32 bytes) blocks. tCost -- time requirements,
61 // number of rounds. pCost -- number of parallel jobs.
62 func NewEBlob(sCost, tCost, pCost int, password, data []byte) ([]byte, error) {
65 if _, err = rand.Read(salt[:]); err != nil {
76 var eblobBuf bytes.Buffer
77 if _, err = xdr.Marshal(&eblobBuf, &eblob); err != nil {
80 key := balloon.H(blake256, password, salt[:], sCost, tCost, pCost)
81 aead, err := chacha20poly1305.New(key)
85 buf := make([]byte, 0, len(data)+aead.Overhead())
86 buf = aead.Seal(buf, make([]byte, aead.NonceSize()), data, eblobBuf.Bytes())
89 if _, err = xdr.Marshal(&eblobBuf, &eblob); err != nil {
92 return eblobBuf.Bytes(), nil
95 func DeEBlob(eblobRaw, password []byte) ([]byte, error) {
98 if _, err = xdr.Unmarshal(bytes.NewReader(eblobRaw), &eblob); err != nil {
101 if eblob.Magic != MagicNNCPBv3 {
112 aead, err := chacha20poly1305.New(key)
117 ciphertext := eblob.Blob
119 var eblobBuf bytes.Buffer
120 if _, err = xdr.Marshal(&eblobBuf, &eblob); err != nil {
123 data, err := aead.Open(
125 make([]byte, aead.NonceSize()),