From ac115b592a0ec584e018f80700bf2d82b98781c3 Mon Sep 17 00:00:00 2001
From: Arsen Musayelyan <moussaelianarsen@gmail.com>
Date: Fri, 26 Feb 2021 01:48:26 -0800
Subject: [PATCH] Switch from AES-256-GCM to ChaCha20-Poly1305

---
 fileCrypto.go | 28 ++++++++++------------------
 go.mod        |  1 +
 2 files changed, 11 insertions(+), 18 deletions(-)

diff --git a/fileCrypto.go b/fileCrypto.go
index 656b990..407465e 100644
--- a/fileCrypto.go
+++ b/fileCrypto.go
@@ -18,14 +18,13 @@ package main
 
 import (
 	"bytes"
-	"crypto/aes"
-	"crypto/cipher"
 	"crypto/md5"
 	"crypto/rand"
 	"encoding/hex"
 	"github.com/klauspost/compress/zstd"
 	"github.com/rs/zerolog"
 	"github.com/rs/zerolog/log"
+	"golang.org/x/crypto/chacha20poly1305"
 	"io"
 	"io/ioutil"
 	"os"
@@ -67,25 +66,20 @@ func CompressAndEncryptFile(filePath string, newFilePath string, sharedKey strin
 	md5Hash.Write([]byte(sharedKey))
 	// Encode md5 hash bytes into hexadecimal
 	hashedKey := hex.EncodeToString(md5Hash.Sum(nil))
-	// Create new AES cipher
-	block, err := aes.NewCipher([]byte(hashedKey))
+	// Create new AES c20cipher
+	c20cipher, err := chacha20poly1305.NewX([]byte(hashedKey))
 	if err != nil {
-		log.Fatal().Err(err).Msg("Error creating AES cipher")
-	}
-	// Create GCM for AES cipher
-	gcm, err := cipher.NewGCM(block)
-	if err != nil {
-		log.Fatal().Err(err).Msg("Error creating GCM")
+		log.Fatal().Err(err).Msg("Error creating ChaCha20-Poly1305 cipher")
 	}
 	// Make byte slice for nonce
-	nonce := make([]byte, gcm.NonceSize())
+	nonce := make([]byte, c20cipher.NonceSize())
 	// Read random bytes into nonce slice
 	_, err = io.ReadFull(rand.Reader, nonce)
 	if err != nil {
 		log.Fatal().Err(err).Msg("Error creating nonce")
 	}
 	// Encrypt data
-	ciphertext := gcm.Seal(nonce, nonce, data, nil)
+	ciphertext := c20cipher.Seal(nonce, nonce, data, nil)
 	// Create new file
 	newFile, err := os.Create(newFilePath)
 	if err != nil {
@@ -116,18 +110,16 @@ func DecryptAndDecompressFile(filePath string, newFilePath string, sharedKey str
 	md5Hash.Write([]byte(sharedKey))
 	hashedKey := hex.EncodeToString(md5Hash.Sum(nil))
 	// Create new AES cipher
-	block, _ := aes.NewCipher([]byte(hashedKey))
-	// Create GCM for AES cipher
-	gcm, err := cipher.NewGCM(block)
+	c20cipher, err := chacha20poly1305.NewX([]byte(hashedKey))
 	if err != nil {
-		log.Fatal().Err(err).Msg("Error creating GCM")
+		log.Fatal().Err(err).Msg("Error creating ChaCha20-Poly1305 cipher")
 	}
 	// Get standard GCM nonce size
-	nonceSize := gcm.NonceSize()
+	nonceSize := c20cipher.NonceSize()
 	// Get nonce and ciphertext from data
 	nonce, ciphertext := data[:nonceSize], data[nonceSize:]
 	// Decrypt data
-	plaintext, err := gcm.Open(nil, nonce, ciphertext, nil)
+	plaintext, err := c20cipher.Open(nil, nonce, ciphertext, nil)
 	if err != nil {
 		log.Fatal().Err(err).Msg("Error decrypting data")
 	}
diff --git a/go.mod b/go.mod
index b67ed97..d00f94d 100644
--- a/go.mod
+++ b/go.mod
@@ -10,4 +10,5 @@ require (
 	github.com/pkg/browser v0.0.0-20201112035734-206646e67786
 	github.com/rs/zerolog v1.20.0
 	github.com/spf13/pflag v1.0.5
+	golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550
 )