-- token here
local key = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
local random = require("ccryptolib.random")
local aead = require("ccryptolib.aead")
local seed = ""
-- this isnt exactly secure, but its fine, probably..
for i=1,64 do
seed = seed .. string.char(math.random(0, 255))
end
random.init(seed)
local function encrypt(message)
local nonce = random.random(12)
local ciphertext, tag = aead.encrypt(key, nonce, message, "")
return nonce..tag..ciphertext
end
local function decrypt(message)
local ciphertextLength = #message-12-16
if ciphertextLength < 0 then
printError("message too short, this may be caused by other traffic on the same port")
return
end
if ciphertextLength >= 32768 then
printError("message too large, this may be caused by other traffic on the same port")
return
end
local nonce, tag, endPos = string.unpack("c12c16", message)
local ciphertext = message:sub(endPos)
local decryptedMessage = aead.decrypt(key, nonce, tag, ciphertext, "") -- this is nil if auth failed
if not decryptedMessage then
printError("message auth invalid")
return
end
return decryptedMessage
end