mirrors
/
enchive
mirror of https://github.com/skeeto/enchive.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Add format description.

pull/2/head
Christopher Wellons 2017-03-03 14:48:59 -05:00
parent a18b8987a5
commit 0ca842f188
1 changed files with 24 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
README.md
View File

@ -36,3 +36,27 @@ This will reproduce `file.tar.gz`.
## Notes
There's no effort at error recovery. It bails out on the first error.
## Format
The process for encrypting a file:
1. Generate an ephemeral 256-bit Curve25519 key pair.
2. Perform a Curve25519 Diffie-Hellman key exchange with the master
key to produce a shared secret.
3. Generate a 64-bit IV for ChaCha20.
5. Initialize ChaCha20 with the shared secret as the key.
4. Write the 8-byte IV.
5. Write the 32-byte ephemeral public key.
6. Encrypt the file with ChaCha20 and write the ciphertext.
7. Write the SHA-224 hash of IV+plaintext.
The process for decrypting a file:
1. Read the 8-byte ChaCha20 IV.
2. Read the 32-byte ephemeral public key
3. Perform a Curve25519 Diffie-Hellman key exchange with the ephemeral
public key.
4. Initialize ChaCha20 with the shared secret as the key.
5. Decrypt the ciphertext using ChaCha20.
6. Verify the SHA-224 hash of IV+plaintext at the end of the file.