First run of HimboCrypt

2025-12-11 14:53:01 -07:00
commit 2284c4d562
6 changed files with 352 additions and 0 deletions
--- a/pkg/engine/engine.go
+++ b/pkg/engine/engine.go
@@ -0,0 +1,156 @@
+package engine
+
+import (
+"crypto/ecdh"
+"crypto/rand"
+"crypto/sha256"
+"encoding/hex"
+"errors"
+"fmt"
+"io"
+
+"golang.org/x/crypto/chacha20poly1305"
+"golang.org/x/crypto/hkdf"
+)
+
+type KeyPair struct {
+	PrivateKey *ecdh.PrivateKey
+	PublicKey  *ecdh.PublicKey
+}
+
+type Engine struct{}
+
+func NewEngine() *Engine {
+	return &Engine{}
+}
+
+func (e *Engine) GenerateKeyPair() (*KeyPair, error) {
+	curve := ecdh.X25519()
+	priv, err := curve.GenerateKey(rand.Reader)
+	if err != nil {
+		return nil, fmt.Errorf("failed to generate private key: %w", err)
+	}
+	return &KeyPair{
+		PrivateKey: priv,
+		PublicKey:  priv.PublicKey(),
+	}, nil
+}
+
+func (kp *KeyPair) EncodePublicKey() string {
+	return hex.EncodeToString(kp.PublicKey.Bytes())
+}
+
+func (kp *KeyPair) EncodePrivateKey() string {
+	return hex.EncodeToString(kp.PrivateKey.Bytes())
+}
+
+func (e *Engine) DecodePrivateKey(hexKey string) (*ecdh.PrivateKey, error) {
+	bytes, err := hex.DecodeString(hexKey)
+	if err != nil {
+		return nil, err
+	}
+	return ecdh.X25519().NewPrivateKey(bytes)
+}
+
+func (e *Engine) DecodePublicKey(hexKey string) (*ecdh.PublicKey, error) {
+	bytes, err := hex.DecodeString(hexKey)
+	if err != nil {
+		return nil, err
+	}
+	return ecdh.X25519().NewPublicKey(bytes)
+}
+
+// Encrypt uses a hybrid scheme:
+// 1. Ephemeral-Static ECDH (Forward Secrecy)
+// 2. Static-Static ECDH (Auth)
+// 3. XChaCha20-Poly1305 (AEAD)
+// Output: [EphemeralPub] [Nonce] [Ciphertext]
+func (e *Engine) Encrypt(senderPriv *ecdh.PrivateKey, recipientPub *ecdh.PublicKey, plaintext []byte) ([]byte, error) {
+	// Generate ephemeral keys for forward secrecy
+	ephemeralPriv, err := ecdh.X25519().GenerateKey(rand.Reader)
+	if err != nil {
+		return nil, fmt.Errorf("failed to generate ephemeral key: %w", err)
+	}
+	ephemeralPub := ephemeralPriv.PublicKey()
+
+	// Calculate shared secrets
+	ss1, err := ephemeralPriv.ECDH(recipientPub)
+	if err != nil {
+		return nil, fmt.Errorf("ecdh ss1 failed: %w", err)
+	}
+
+	ss2, err := senderPriv.ECDH(recipientPub)
+	if err != nil {
+		return nil, fmt.Errorf("ecdh ss2 failed: %w", err)
+	}
+
+	// Create nonce
+	nonce := make([]byte, chacha20poly1305.NonceSizeX)
+	if _, err := io.ReadFull(rand.Reader, nonce); err != nil {
+		return nil, fmt.Errorf("failed to generate nonce: %w", err)
+	}
+
+	// Derive key from both secrets
+	ikm := append(ss1, ss2...)
+	kdf := hkdf.New(sha256.New, ikm, nonce, []byte("HIMBOCRYPT_V1"))
+	symmetricKey := make([]byte, chacha20poly1305.KeySize)
+	if _, err := io.ReadFull(kdf, symmetricKey); err != nil {
+		return nil, fmt.Errorf("key derivation failed: %w", err)
+	}
+
+	aead, err := chacha20poly1305.NewX(symmetricKey)
+	if err != nil {
+		return nil, fmt.Errorf("failed to create aead: %w", err)
+	}
+
+	// Pack it all up
+	dst := make([]byte, 0, len(ephemeralPub.Bytes())+len(nonce)+len(plaintext)+aead.Overhead())
+	dst = append(dst, ephemeralPub.Bytes()...)
+	dst = append(dst, nonce...)
+	return aead.Seal(dst, nonce, plaintext, nil), nil
+}
+
+func (e *Engine) Decrypt(recipientPriv *ecdh.PrivateKey, senderPub *ecdh.PublicKey, encryptedMsg []byte) ([]byte, error) {
+	const pubKeySize = 32
+	const nonceSize = 24
+
+	if len(encryptedMsg) < pubKeySize+nonceSize {
+		return nil, errors.New("message too short")
+	}
+
+	// Unpack
+	ephemeralPubBytes := encryptedMsg[:pubKeySize]
+	nonce := encryptedMsg[pubKeySize : pubKeySize+nonceSize]
+	ciphertext := encryptedMsg[pubKeySize+nonceSize:]
+
+	ephemeralPub, err := ecdh.X25519().NewPublicKey(ephemeralPubBytes)
+	if err != nil {
+		return nil, fmt.Errorf("invalid ephemeral public key: %w", err)
+	}
+
+	// Reconstruct secrets
+	ss1, err := recipientPriv.ECDH(ephemeralPub)
+	if err != nil {
+		return nil, fmt.Errorf("ecdh ss1 failed: %w", err)
+	}
+
+	ss2, err := recipientPriv.ECDH(senderPub)
+	if err != nil {
+		return nil, fmt.Errorf("ecdh ss2 failed: %w", err)
+	}
+
+	// Derive key
+	ikm := append(ss1, ss2...)
+	kdf := hkdf.New(sha256.New, ikm, nonce, []byte("HIMBOCRYPT_V1"))
+	symmetricKey := make([]byte, chacha20poly1305.KeySize)
+	if _, err := io.ReadFull(kdf, symmetricKey); err != nil {
+		return nil, fmt.Errorf("key derivation failed: %w", err)
+	}
+
+	aead, err := chacha20poly1305.NewX(symmetricKey)
+	if err != nil {
+		return nil, fmt.Errorf("failed to create aead: %w", err)
+	}
+
+	return aead.Open(nil, nonce, ciphertext, nil)
+}