Import

Author: jedisct1

.github/workflows/go.yml

@@ -0,0 +1,31 @@
+# This workflow will build a golang project
+# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-go
+
+name: CI
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+
+jobs:
+
+  build:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        fetch-depth: 1
+        submodules: 'recursive'
+
+    - name: Set up Go
+      uses: actions/setup-go@v4
+      with:
+        go-version: '1'
+
+    - name: Build
+      run: go build -v ./...
+
+    - name: Test
+      run: go test -v ./...

.gitignore

@@ -23,3 +23,9 @@ go.work.sum
 
 # env file
 .env
+
+# Zig
+.zig-cache
+
+# temp files
+*~

.gitmodules

@@ -0,0 +1,3 @@
+[submodule "common/libaegis"]
+	path = common/libaegis
+	url = https://github.com/aegis-aead/libaegis

README.md

@@ -0,0 +1,82 @@
+# go-libaegis
+
+[![Go Reference](https://pkg.go.dev/badge/github.com/jedisct1/go-libaegis.svg)](https://pkg.go.dev/github.com/jedisct1/go-libaegis)
+[![License](https://img.shields.io/github/license/jedisct1/go-libaegis)](https://github.com/jedisct1/go-libaegis/blob/main/LICENSE)
+
+A Go binding for [libaegis](https://github.com/jedisct1/libaegis), implementing a family of fast and modern authenticated encryption algorithms designed for high performance and security.
+
+## Features
+
+- Provides a Go wrapper around `libaegis` for seamless integration.
+- Implements AEGIS-128L, AEGIS-128X, AEGIS-256 and AEGIS-256X.
+- Optimized for modern CPUs with hardware acceleration.
+- Lightweight and easy to use within Go applications.
+
+## Installation
+
+To install `go-libaegis`, use:
+
+```sh
+go get github.com/jedisct1/go-libaegis
+```
+
+## Usage
+
+```go
+package main
+
+import (
+    "crypto/rand"
+    "fmt"
+    // other options:
+    // aegis128l, aegis128x4, aegis256, aegis256x2, aegis256x4    
+    "github.com/jedisct1/go-libaegis/aegis128x2"
+)
+
+func main() {
+    key := make([]byte, aegis128x2.KeySize)
+    rand.Read(key)
+
+    nonce := make([]byte, aegis128x2.NonceSize)
+    rand.Read(nonce)
+
+    plaintext := []byte("Hello, world!")
+    associatedData := []byte("metadata")
+
+    // tag size can be 16 or 32 bytes
+    aead := aegis128x2.New(key, 16)
+
+    ciphertext := aead.Seal(nil, nonce, plaintext, associatedData)
+
+    decrypted, err := aead.Open(nil, nonce, ciphertext, associatedData)
+    if err != nil {
+        panic(err)
+    }
+
+    fmt.Println("Decrypted message:", string(decrypted))
+}
+```
+
+## API Reference
+
+- `Encrypt(plaintext, associatedData, nonce, key []byte) ([]byte, error)`
+- `Decrypt(ciphertext, associatedData, nonce, key []byte) ([]byte, error)`
+- `KeySize` (constant): Size of the encryption key in bytes.
+- `NonceSize` (constant): Size of the nonce in bytes.
+
+## Requirements
+
+- Go 1.16+
+- A C compiler
+
+## License
+
+This project is licensed under the MIT License. See the [LICENSE](LICENSE) file for details.
+
+## Contributing
+
+Contributions are welcome! Feel free to open an issue or submit a pull request.
+
+## Security Notice
+
+Always ensure that you use randomly generated keys and unique nonces when using authenticated encryption to maintain security.

aegis128l/aegis128l.go

@@ -0,0 +1,99 @@
+package aegis128l
+
+// #include <aegis.h>
+// #cgo CFLAGS: -I../common/libaegis/src/include
+import "C"
+
+import (
+	"crypto/cipher"
+
+	"github.com/jedisct1/go-libaegis/common"
+)
+
+const (
+	KeySize   = 16
+	NonceSize = 16
+)
+
+type Aegis128L struct {
+	common.Aegis
+}
+
+// The nonce size, in bytes.
+func (aead *Aegis128L) NonceSize() int {
+	return NonceSize
+}
+
+// New returns a new AEAD that uses the provided key and tag length.
+// The key must be 16 bytes long.
+// The tag length must be 16 or 32.
+func New(key []byte, tagLen int) (cipher.AEAD, error) {
+	if len(key) != KeySize {
+		return nil, common.ErrBadKeyLength
+	}
+	if tagLen != 16 && tagLen != 32 {
+		return nil, common.ErrBadTagLength
+	}
+	a := new(Aegis128L)
+	a.TagLen = tagLen
+	a.Key = key
+	return a, nil
+}
+
+func (aead *Aegis128L) Seal(dst, nonce, cleartext, additionalData []byte) []byte {
+	if len(nonce) != aead.NonceSize() {
+		panic("aegis: invalid nonce length")
+	}
+	outLen := len(cleartext) + aead.TagLen
+	var buf []byte
+	inplace := false
+	if cap(dst)-len(dst) >= outLen {
+		inplace = true
+		buf = dst[len(dst) : len(dst)+outLen]
+	} else {
+		buf = make([]byte, outLen)
+	}
+	res := C.aegis128l_encrypt((*C.uchar)(&buf[0]), C.size_t(aead.TagLen), slicePointerOrNull(cleartext),
+		C.size_t(len(cleartext)), slicePointerOrNull(additionalData), C.size_t(len(additionalData)), (*C.uchar)(&nonce[0]), (*C.uchar)(&aead.Key[0]))
+	if res != 0 {
+		panic("encryption failed")
+	}
+	if inplace {
+		return dst[:len(dst)+outLen]
+	}
+	return append(dst, buf...)
+}
+
+func (aead *Aegis128L) Open(plaintext, nonce, ciphertext, additionalData []byte) ([]byte, error) {
+	if len(nonce) != aead.NonceSize() {
+		return nil, common.ErrBadNonceLength
+	}
+	if len(ciphertext) < aead.TagLen {
+		return nil, common.ErrTruncated
+	}
+	outLen := len(ciphertext) - aead.TagLen
+	var buf []byte
+	inplace := false
+	if cap(plaintext)-len(plaintext) >= outLen {
+		inplace = true
+		buf = plaintext[len(plaintext) : len(plaintext)+outLen]
+	} else {
+		buf = make([]byte, len(ciphertext)-aead.TagLen)
+	}
+	res := C.aegis128l_decrypt((*C.uchar)(&buf[0]), slicePointerOrNull(ciphertext),
+		C.size_t(len(ciphertext)), C.size_t(aead.TagLen), slicePointerOrNull(additionalData), C.size_t(len(additionalData)), (*C.uchar)(&nonce[0]), (*C.uchar)(&aead.Key[0]))
+	if res != 0 {
+		return nil, common.ErrAuth
+	}
+	if inplace {
+		return plaintext[:len(plaintext)+outLen], nil
+	}
+	return append(plaintext, buf...), nil
+}
+
+func slicePointerOrNull(s []byte) (ptr *C.uchar) {
+	if len(s) == 0 {
+		return
+	}
+	return (*C.uchar)(&s[0])
+}

aegis128l/aegis128l_test.go

@@ -0,0 +1,28 @@
+package aegis128l
+
+import (
+	"crypto/rand"
+	"fmt"
+)
+
+func Example() {
+	key := make([]byte, KeySize)
+	rand.Read(key)
+	aead, err := New(key, 16)
+	if err != nil {
+		panic(err)
+	}
+
+	nonce := make([]byte, aead.NonceSize())
+	rand.Read(nonce)
+
+	ciphertext := aead.Seal(nil, nonce, []byte("hello, world!"), nil)
+
+	plaintext, err := aead.Open(nil, nonce, ciphertext, nil)
+	if err != nil {
+		panic(err)
+	}
+
+	fmt.Println(string(plaintext))
+	// Output: hello, world!
+}

aegis128x2/aegis128x2.go

@@ -0,0 +1,99 @@
+package aegis128x2
+
+// #include <aegis.h>
+// #cgo CFLAGS: -I../common/libaegis/src/include
+import "C"
+
+import (
+	"crypto/cipher"
+
+	"github.com/jedisct1/go-libaegis/common"
+)
+
+const (
+	KeySize   = 16
+	NonceSize = 16
+)
+
+type Aegis128X2 struct {
+	common.Aegis
+}
+
+// The nonce size, in bytes.
+func (aead *Aegis128X2) NonceSize() int {
+	return NonceSize
+}
+
+// New returns a new AEAD that uses the provided key and tag length.
+// The key must be 16 bytes long.
+// The tag length must be 16 or 32.
+func New(key []byte, tagLen int) (cipher.AEAD, error) {
+	if len(key) != KeySize {
+		return nil, common.ErrBadKeyLength
+	}
+	if tagLen != 16 && tagLen != 32 {
+		return nil, common.ErrBadTagLength
+	}
+	a := new(Aegis128X2)
+	a.TagLen = tagLen
+	a.Key = key
+	return a, nil
+}
+
+func (aead *Aegis128X2) Seal(dst, nonce, cleartext, additionalData []byte) []byte {
+	if len(nonce) != aead.NonceSize() {
+		panic("aegis: invalid nonce length")
+	}
+	outLen := len(cleartext) + aead.TagLen
+	var buf []byte
+	inplace := false
+	if cap(dst)-len(dst) >= outLen {
+		inplace = true
+		buf = dst[len(dst) : len(dst)+outLen]
+	} else {
+		buf = make([]byte, outLen)
+	}
+	res := C.aegis128x2_encrypt((*C.uchar)(&buf[0]), C.size_t(aead.TagLen), slicePointerOrNull(cleartext),
+		C.size_t(len(cleartext)), slicePointerOrNull(additionalData), C.size_t(len(additionalData)), (*C.uchar)(&nonce[0]), (*C.uchar)(&aead.Key[0]))
+	if res != 0 {
+		panic("encryption failed")
+	}
+	if inplace {
+		return dst[:len(dst)+outLen]
+	}
+	return append(dst, buf...)
+}
+
+func (aead *Aegis128X2) Open(plaintext, nonce, ciphertext, additionalData []byte) ([]byte, error) {
+	if len(nonce) != aead.NonceSize() {
+		return nil, common.ErrBadNonceLength
+	}
+	if len(ciphertext) < aead.TagLen {
+		return nil, common.ErrTruncated
+	}
+	outLen := len(ciphertext) - aead.TagLen
+	var buf []byte
+	inplace := false
+	if cap(plaintext)-len(plaintext) >= outLen {
+		inplace = true
+		buf = plaintext[len(plaintext) : len(plaintext)+outLen]
+	} else {
+		buf = make([]byte, len(ciphertext)-aead.TagLen)
+	}
+	res := C.aegis128x2_decrypt((*C.uchar)(&buf[0]), slicePointerOrNull(ciphertext),
+		C.size_t(len(ciphertext)), C.size_t(aead.TagLen), slicePointerOrNull(additionalData), C.size_t(len(additionalData)), (*C.uchar)(&nonce[0]), (*C.uchar)(&aead.Key[0]))
+	if res != 0 {
+		return nil, common.ErrAuth
+	}
+	if inplace {
+		return plaintext[:len(plaintext)+outLen], nil
+	}
+	return append(plaintext, buf...), nil
+}
+
+func slicePointerOrNull(s []byte) (ptr *C.uchar) {
+	if len(s) == 0 {
+		return
+	}
+	return (*C.uchar)(&s[0])
+}

aegis128x2/aegis128x2_test.go

@@ -0,0 +1,28 @@
+package aegis128x2
+
+import (
+	"crypto/rand"
+	"fmt"
+)
+
+func Example() {
+	key := make([]byte, KeySize)
+	rand.Read(key)
+	aead, err := New(key, 16)
+	if err != nil {
+		panic(err)
+	}
+
+	nonce := make([]byte, aead.NonceSize())
+	rand.Read(nonce)
+
+	ciphertext := aead.Seal(nil, nonce, []byte("hello, world!"), nil)
+
+	plaintext, err := aead.Open(nil, nonce, ciphertext, nil)
+	if err != nil {
+		panic(err)
+	}
+
+	fmt.Println(string(plaintext))
+	// Output: hello, world!
+}