47 lines
1.7 KiB
Go
Raw Normal View History

package noise
import (
"errors"
)
// encrypt calls the cipher's encryption. It encrypts the provided plaintext,
// slice-appending the ciphertext on out.
//
// Usually you want to pass a 0-len slice to this method, with enough capacity
// to accommodate the ciphertext in order to spare allocs.
//
// encrypt returns a new slice header, whose len is the length of the resulting
// ciphertext, including the authentication tag.
//
// This method will not allocate if the supplied slice is large enough to
// accommodate the encrypted data + authentication tag. If so, the returned
// slice header should be a view of the original slice.
//
// With the poly1305 MAC function that noise-libp2p uses, the authentication tag
// adds an overhead of 16 bytes.
func (s *secureSession) encrypt(out, plaintext []byte) ([]byte, error) {
if s.enc == nil {
return nil, errors.New("cannot encrypt, handshake incomplete")
}
return s.enc.Encrypt(out, nil, plaintext), nil
}
// decrypt calls the cipher's decryption. It decrypts the provided ciphertext,
// slice-appending the plaintext on out.
//
// Usually you want to pass a 0-len slice to this method, with enough capacity
// to accommodate the plaintext in order to spare allocs.
//
// decrypt returns a new slice header, whose len is the length of the resulting
// plaintext, without the authentication tag.
//
// This method will not allocate if the supplied slice is large enough to
// accommodate the plaintext. If so, the returned slice header should be a view
// of the original slice.
func (s *secureSession) decrypt(out, ciphertext []byte) ([]byte, error) {
if s.dec == nil {
return nil, errors.New("cannot decrypt, handshake incomplete")
}
return s.dec.Decrypt(out, nil, ciphertext)
}