-
Notifications
You must be signed in to change notification settings - Fork 1
/
crypt.cpp
49 lines (41 loc) · 1.49 KB
/
crypt.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
/**
* Copyright Martin Raiber. All Rights Reserved.
* SPDX-License-Identifier: LGPL-3.0-or-later
*/
#include <folly/String.h>
#include <folly/base64.h>
#include <string>
#include <assert.h>
#include <sodium.h>
#include <vector>
std::string cryptId(int64_t id, unsigned char* key)
{
unsigned char nonce[crypto_secretbox_NONCEBYTES];
randombytes_buf(nonce, sizeof(nonce));
std::vector<unsigned char> encbuf(crypto_secretbox_MACBYTES + sizeof(id));
if(crypto_secretbox_easy(&encbuf[0], reinterpret_cast<unsigned char*>(&id), sizeof(id), nonce, key)!=0)
return std::string();
std::string_view nonce_view(reinterpret_cast<char*>(nonce), sizeof(nonce));
std::string_view encbuf_view(reinterpret_cast<char*>(encbuf.data()), encbuf.size());
return folly::base64URLEncode(nonce_view) +
folly::base64URLEncode(encbuf_view);
}
int64_t decryptId(const std::string& encryptedId, unsigned char* key)
{
std::string binEncId;
try
{
binEncId = folly::base64URLDecode(encryptedId);
}
catch(folly::base64_decode_error&)
{
return -1;
}
int64_t ret;
if(binEncId.size()!=crypto_secretbox_NONCEBYTES+crypto_secretbox_MACBYTES + sizeof(ret))
return -1;
const unsigned char* ptr = reinterpret_cast<const unsigned char*>(&binEncId[0]);
if(crypto_secretbox_open_easy(reinterpret_cast<unsigned char*>(&ret), ptr+crypto_secretbox_NONCEBYTES, crypto_secretbox_MACBYTES + sizeof(ret), ptr, key)!=0)
return -1;
return ret;
}