package cc20p1305ssh

/*
	New returns a cipher.AEAD from KDF-derived key.

	Currently, key should be KDFKeySize bytes and returned by bcrypt_pbkdf as it's currently the
	only OpenSSH-supported KDF. It is up to the caller to perform the appropriate KDF.

	Per the chacha20polycom1305@openssh.com specification, only the first KeySize bytes of key
	is used for encrypting the private key. The second half (the canonical key is 64 bytes)
	would be used for traffic purposes, but since this is a static blob it is not used.

	If key is nil or <KDFKeySize bytes in length, an error ErrInvalidKeySize will be returned.

	*DO NOT USE crypter FOR STREAMS. THIS SHOULD ONLY BE USED TO ENCRYPT AN OPENSSH PRIVATE KEY.*
*/
func New(key []byte) (crypter *ChaCha20Poly1305OpenSSH, err error) {

	var crypterReal ChaCha20Poly1305OpenSSH

	if key == nil || len(key) < KDFKeySize {
		err = ErrInvalidKeySize
		return
	}

	crypterReal = ChaCha20Poly1305OpenSSH{}
	copy(crypterReal.kdfKey[:], key[:KDFKeySize])
	copy(crypterReal.realKey[:], key[:KeySize])

	crypter = &crypterReal

	return
}