diff --git a/.gitignore b/.gitignore index 98497ac1..db4e462a 100644 --- a/.gitignore +++ b/.gitignore @@ -112,6 +112,7 @@ test/default/generichash3 test/default/hash test/default/hash3 test/default/kdf +test/default/keygen test/default/onetimeauth test/default/onetimeauth2 test/default/onetimeauth7 diff --git a/src/libsodium/crypto_aead/aes256gcm/aesni/aead_aes256gcm_aesni.c b/src/libsodium/crypto_aead/aes256gcm/aesni/aead_aes256gcm_aesni.c index 47d40aec..6c235f3d 100644 --- a/src/libsodium/crypto_aead/aes256gcm/aesni/aead_aes256gcm_aesni.c +++ b/src/libsodium/crypto_aead/aes256gcm/aesni/aead_aes256gcm_aesni.c @@ -12,6 +12,7 @@ #include "crypto_aead_aes256gcm.h" #include "export.h" +#include "randombytes.h" #include "runtime.h" #include "utils.h" @@ -1043,3 +1044,9 @@ crypto_aead_aes256gcm_statebytes(void) { return (sizeof(crypto_aead_aes256gcm_state) + (size_t) 15U) & ~(size_t) 15U; } + +void +crypto_aead_aes256gcm_keygen(unsigned char k[crypto_aead_aes256gcm_KEYBYTES]) +{ + randombytes_buf(k, crypto_aead_aes256gcm_KEYBYTES); +} diff --git a/src/libsodium/crypto_aead/chacha20poly1305/sodium/aead_chacha20poly1305.c b/src/libsodium/crypto_aead/chacha20poly1305/sodium/aead_chacha20poly1305.c index 89165186..cbab7d59 100644 --- a/src/libsodium/crypto_aead/chacha20poly1305/sodium/aead_chacha20poly1305.c +++ b/src/libsodium/crypto_aead/chacha20poly1305/sodium/aead_chacha20poly1305.c @@ -8,6 +8,7 @@ #include "crypto_onetimeauth_poly1305.h" #include "crypto_stream_chacha20.h" #include "crypto_verify_16.h" +#include "randombytes.h" #include "utils.h" #include "private/common.h" @@ -325,41 +326,61 @@ crypto_aead_chacha20poly1305_ietf_decrypt(unsigned char *m, } size_t -crypto_aead_chacha20poly1305_ietf_keybytes(void) { +crypto_aead_chacha20poly1305_ietf_keybytes(void) +{ return crypto_aead_chacha20poly1305_ietf_KEYBYTES; } size_t -crypto_aead_chacha20poly1305_ietf_npubbytes(void) { +crypto_aead_chacha20poly1305_ietf_npubbytes(void) +{ return crypto_aead_chacha20poly1305_ietf_NPUBBYTES; } size_t -crypto_aead_chacha20poly1305_ietf_nsecbytes(void) { +crypto_aead_chacha20poly1305_ietf_nsecbytes(void) +{ return crypto_aead_chacha20poly1305_ietf_NSECBYTES; } size_t -crypto_aead_chacha20poly1305_ietf_abytes(void) { +crypto_aead_chacha20poly1305_ietf_abytes(void) +{ return crypto_aead_chacha20poly1305_ietf_ABYTES; } +void +crypto_aead_chacha20poly1305_ietf_keygen(unsigned char k[crypto_aead_chacha20poly1305_ietf_KEYBYTES]) +{ + randombytes_buf(k, crypto_aead_chacha20poly1305_ietf_KEYBYTES); +} + size_t -crypto_aead_chacha20poly1305_keybytes(void) { +crypto_aead_chacha20poly1305_keybytes(void) +{ return crypto_aead_chacha20poly1305_KEYBYTES; } size_t -crypto_aead_chacha20poly1305_npubbytes(void) { +crypto_aead_chacha20poly1305_npubbytes(void) +{ return crypto_aead_chacha20poly1305_NPUBBYTES; } size_t -crypto_aead_chacha20poly1305_nsecbytes(void) { +crypto_aead_chacha20poly1305_nsecbytes(void) +{ return crypto_aead_chacha20poly1305_NSECBYTES; } size_t -crypto_aead_chacha20poly1305_abytes(void) { +crypto_aead_chacha20poly1305_abytes(void) +{ return crypto_aead_chacha20poly1305_ABYTES; } + +void +crypto_aead_chacha20poly1305_keygen(unsigned char k[crypto_aead_chacha20poly1305_KEYBYTES]) +{ + randombytes_buf(k, crypto_aead_chacha20poly1305_KEYBYTES); +} diff --git a/src/libsodium/crypto_aead/xchacha20poly1305/sodium/aead_xchacha20poly1305.c b/src/libsodium/crypto_aead/xchacha20poly1305/sodium/aead_xchacha20poly1305.c index cada02d5..38385c84 100644 --- a/src/libsodium/crypto_aead/xchacha20poly1305/sodium/aead_xchacha20poly1305.c +++ b/src/libsodium/crypto_aead/xchacha20poly1305/sodium/aead_xchacha20poly1305.c @@ -7,6 +7,7 @@ #include "crypto_aead_xchacha20poly1305.h" #include "crypto_aead_chacha20poly1305.h" #include "crypto_core_hchacha20.h" +#include "randombytes.h" #include "utils.h" #include "private/common.h" @@ -122,21 +123,31 @@ crypto_aead_xchacha20poly1305_ietf_decrypt(unsigned char *m, } size_t -crypto_aead_xchacha20poly1305_ietf_keybytes(void) { +crypto_aead_xchacha20poly1305_ietf_keybytes(void) +{ return crypto_aead_xchacha20poly1305_ietf_KEYBYTES; } size_t -crypto_aead_xchacha20poly1305_ietf_npubbytes(void) { +crypto_aead_xchacha20poly1305_ietf_npubbytes(void) +{ return crypto_aead_xchacha20poly1305_ietf_NPUBBYTES; } size_t -crypto_aead_xchacha20poly1305_ietf_nsecbytes(void) { +crypto_aead_xchacha20poly1305_ietf_nsecbytes(void) +{ return crypto_aead_xchacha20poly1305_ietf_NSECBYTES; } size_t -crypto_aead_xchacha20poly1305_ietf_abytes(void) { +crypto_aead_xchacha20poly1305_ietf_abytes(void) +{ return crypto_aead_xchacha20poly1305_ietf_ABYTES; } + +void +crypto_aead_xchacha20poly1305_ietf_keygen(unsigned char k[crypto_aead_xchacha20poly1305_ietf_KEYBYTES]) +{ + randombytes_buf(k, crypto_aead_xchacha20poly1305_ietf_KEYBYTES); +} diff --git a/src/libsodium/crypto_auth/crypto_auth.c b/src/libsodium/crypto_auth/crypto_auth.c index e76b1494..d061c8c1 100644 --- a/src/libsodium/crypto_auth/crypto_auth.c +++ b/src/libsodium/crypto_auth/crypto_auth.c @@ -1,5 +1,6 @@ #include "crypto_auth.h" +#include "randombytes.h" size_t crypto_auth_bytes(void) @@ -32,3 +33,9 @@ crypto_auth_verify(const unsigned char *h, const unsigned char *in, { return crypto_auth_hmacsha512256_verify(h, in, inlen, k); } + +void +crypto_auth_keygen(unsigned char k[crypto_auth_KEYBYTES]) +{ + randombytes_buf(k, crypto_auth_KEYBYTES); +} diff --git a/src/libsodium/crypto_auth/hmacsha256/auth_hmacsha256_api.c b/src/libsodium/crypto_auth/hmacsha256/auth_hmacsha256_api.c index 9b8353f5..84f7d663 100644 --- a/src/libsodium/crypto_auth/hmacsha256/auth_hmacsha256_api.c +++ b/src/libsodium/crypto_auth/hmacsha256/auth_hmacsha256_api.c @@ -1,16 +1,26 @@ #include "crypto_auth_hmacsha256.h" +#include "randombytes.h" size_t -crypto_auth_hmacsha256_bytes(void) { +crypto_auth_hmacsha256_bytes(void) +{ return crypto_auth_hmacsha256_BYTES; } size_t -crypto_auth_hmacsha256_keybytes(void) { +crypto_auth_hmacsha256_keybytes(void) +{ return crypto_auth_hmacsha256_KEYBYTES; } size_t -crypto_auth_hmacsha256_statebytes(void) { +crypto_auth_hmacsha256_statebytes(void) +{ return sizeof(crypto_auth_hmacsha256_state); } + +void +crypto_auth_hmacsha256_keygen(unsigned char k[crypto_auth_hmacsha256_KEYBYTES]) +{ + randombytes_buf(k, crypto_auth_hmacsha256_KEYBYTES); +} diff --git a/src/libsodium/crypto_auth/hmacsha512/auth_hmacsha512_api.c b/src/libsodium/crypto_auth/hmacsha512/auth_hmacsha512_api.c index 49b8c2d6..5be56568 100644 --- a/src/libsodium/crypto_auth/hmacsha512/auth_hmacsha512_api.c +++ b/src/libsodium/crypto_auth/hmacsha512/auth_hmacsha512_api.c @@ -1,4 +1,5 @@ #include "crypto_auth_hmacsha512.h" +#include "randombytes.h" size_t crypto_auth_hmacsha512_bytes(void) { @@ -14,3 +15,9 @@ size_t crypto_auth_hmacsha512_statebytes(void) { return sizeof(crypto_auth_hmacsha512_state); } + +void +crypto_auth_hmacsha512_keygen(unsigned char k[crypto_auth_hmacsha512_KEYBYTES]) +{ + randombytes_buf(k, crypto_auth_hmacsha512_KEYBYTES); +} diff --git a/src/libsodium/crypto_auth/hmacsha512256/auth_hmacsha512256_api.c b/src/libsodium/crypto_auth/hmacsha512256/auth_hmacsha512256_api.c index 9405bbbb..1441f717 100644 --- a/src/libsodium/crypto_auth/hmacsha512256/auth_hmacsha512256_api.c +++ b/src/libsodium/crypto_auth/hmacsha512256/auth_hmacsha512256_api.c @@ -1,4 +1,5 @@ #include "crypto_auth_hmacsha512256.h" +#include "randombytes.h" size_t crypto_auth_hmacsha512256_bytes(void) { @@ -14,3 +15,9 @@ size_t crypto_auth_hmacsha512256_statebytes(void) { return sizeof(crypto_auth_hmacsha512256_state); } + +void +crypto_auth_hmacsha512256_keygen(unsigned char k[crypto_auth_hmacsha512256_KEYBYTES]) +{ + randombytes_buf(k, crypto_auth_hmacsha512256_KEYBYTES); +} diff --git a/src/libsodium/crypto_generichash/blake2b/generichash_blake2_api.c b/src/libsodium/crypto_generichash/blake2b/generichash_blake2_api.c index 14f16e42..781d4c58 100644 --- a/src/libsodium/crypto_generichash/blake2b/generichash_blake2_api.c +++ b/src/libsodium/crypto_generichash/blake2b/generichash_blake2_api.c @@ -1,4 +1,5 @@ #include "crypto_generichash_blake2b.h" +#include "randombytes.h" size_t crypto_generichash_blake2b_bytes_min(void) { @@ -46,3 +47,9 @@ crypto_generichash_blake2b_statebytes(void) return (sizeof(crypto_generichash_blake2b_state) + (size_t) 63U) & ~(size_t) 63U; } + +void +crypto_generichash_blake2b_keygen(unsigned char k[crypto_generichash_blake2b_KEYBYTES]) +{ + randombytes_buf(k, crypto_generichash_blake2b_KEYBYTES); +} diff --git a/src/libsodium/crypto_generichash/crypto_generichash.c b/src/libsodium/crypto_generichash/crypto_generichash.c index ffe2f503..a9a14e99 100644 --- a/src/libsodium/crypto_generichash/crypto_generichash.c +++ b/src/libsodium/crypto_generichash/crypto_generichash.c @@ -1,5 +1,6 @@ #include "crypto_generichash.h" +#include "randombytes.h" size_t crypto_generichash_bytes_min(void) @@ -82,3 +83,9 @@ crypto_generichash_final(crypto_generichash_state *state, return crypto_generichash_blake2b_final ((crypto_generichash_blake2b_state *) state, out, outlen); } + +void +crypto_generichash_keygen(unsigned char k[crypto_generichash_KEYBYTES]) +{ + randombytes_buf(k, crypto_generichash_KEYBYTES); +} diff --git a/src/libsodium/crypto_kdf/crypto_kdf.c b/src/libsodium/crypto_kdf/crypto_kdf.c index b975ebe1..b80cd053 100644 --- a/src/libsodium/crypto_kdf/crypto_kdf.c +++ b/src/libsodium/crypto_kdf/crypto_kdf.c @@ -1,5 +1,6 @@ #include "crypto_kdf.h" +#include "randombytes.h" size_t crypto_kdf_bytes_min(void) @@ -25,11 +26,18 @@ crypto_kdf_keybytes(void) return crypto_kdf_KEYBYTES; } -int crypto_kdf_derive_from_key(unsigned char *subkey, size_t subkey_len, - uint64_t subkey_id, - const char ctx[crypto_kdf_CONTEXTBYTES], - const unsigned char key[crypto_kdf_KEYBYTES]) +int +crypto_kdf_derive_from_key(unsigned char *subkey, size_t subkey_len, + uint64_t subkey_id, + const char ctx[crypto_kdf_CONTEXTBYTES], + const unsigned char key[crypto_kdf_KEYBYTES]) { return crypto_kdf_blake2b_derive_from_key(subkey, subkey_len, subkey_id, ctx, key); } + +void +crypto_kdf_keygen(unsigned char k[crypto_kdf_KEYBYTES]) +{ + randombytes_buf(k, crypto_kdf_KEYBYTES); +} diff --git a/src/libsodium/crypto_onetimeauth/crypto_onetimeauth.c b/src/libsodium/crypto_onetimeauth/crypto_onetimeauth.c index 1e90d620..93567aae 100644 --- a/src/libsodium/crypto_onetimeauth/crypto_onetimeauth.c +++ b/src/libsodium/crypto_onetimeauth/crypto_onetimeauth.c @@ -1,5 +1,6 @@ #include "crypto_onetimeauth.h" +#include "randombytes.h" size_t crypto_onetimeauth_statebytes(void) @@ -63,3 +64,8 @@ crypto_onetimeauth_primitive(void) { return crypto_onetimeauth_PRIMITIVE; } + +void crypto_onetimeauth_keygen(unsigned char k[crypto_onetimeauth_KEYBYTES]) +{ + randombytes_buf(k, crypto_onetimeauth_KEYBYTES); +} diff --git a/src/libsodium/crypto_onetimeauth/poly1305/onetimeauth_poly1305.c b/src/libsodium/crypto_onetimeauth/poly1305/onetimeauth_poly1305.c index f313363b..d1c69590 100644 --- a/src/libsodium/crypto_onetimeauth/poly1305/onetimeauth_poly1305.c +++ b/src/libsodium/crypto_onetimeauth/poly1305/onetimeauth_poly1305.c @@ -1,6 +1,7 @@ #include "crypto_onetimeauth_poly1305.h" #include "onetimeauth_poly1305.h" +#include "randombytes.h" #include "runtime.h" #include "donna/poly1305_donna.h" #if defined(HAVE_TI_MODE) && defined(HAVE_EMMINTRIN_H) @@ -58,6 +59,12 @@ crypto_onetimeauth_poly1305_keybytes(void) { return crypto_onetimeauth_poly1305_KEYBYTES; } +void +crypto_onetimeauth_poly1305_keygen(unsigned char k[crypto_onetimeauth_poly1305_KEYBYTES]) +{ + randombytes_buf(k, crypto_onetimeauth_poly1305_KEYBYTES); +} + int _crypto_onetimeauth_poly1305_pick_best_implementation(void) { diff --git a/src/libsodium/crypto_secretbox/crypto_secretbox.c b/src/libsodium/crypto_secretbox/crypto_secretbox.c index 456f9f0a..669b5742 100644 --- a/src/libsodium/crypto_secretbox/crypto_secretbox.c +++ b/src/libsodium/crypto_secretbox/crypto_secretbox.c @@ -1,5 +1,6 @@ #include "crypto_secretbox.h" +#include "randombytes.h" size_t crypto_secretbox_keybytes(void) @@ -52,3 +53,9 @@ crypto_secretbox_open(unsigned char *m, const unsigned char *c, { return crypto_secretbox_xsalsa20poly1305_open(m, c, clen, n, k); } + +void +crypto_secretbox_keygen(unsigned char k[crypto_secretbox_KEYBYTES]) +{ + randombytes_buf(k, crypto_secretbox_KEYBYTES); +} diff --git a/src/libsodium/crypto_secretbox/xsalsa20poly1305/secretbox_xsalsa20poly1305.c b/src/libsodium/crypto_secretbox/xsalsa20poly1305/secretbox_xsalsa20poly1305.c index aa1931be..1094c1f2 100644 --- a/src/libsodium/crypto_secretbox/xsalsa20poly1305/secretbox_xsalsa20poly1305.c +++ b/src/libsodium/crypto_secretbox/xsalsa20poly1305/secretbox_xsalsa20poly1305.c @@ -1,6 +1,7 @@ #include "crypto_onetimeauth_poly1305.h" #include "crypto_secretbox_xsalsa20poly1305.h" #include "crypto_stream_xsalsa20.h" +#include "randombytes.h" int crypto_secretbox_xsalsa20poly1305(unsigned char *c, const unsigned char *m, @@ -74,3 +75,9 @@ crypto_secretbox_xsalsa20poly1305_macbytes(void) { return crypto_secretbox_xsalsa20poly1305_MACBYTES; } + +void +crypto_secretbox_xsalsa20poly1305_keygen(unsigned char k[crypto_secretbox_xsalsa20poly1305_KEYBYTES]) +{ + randombytes_buf(k, crypto_secretbox_xsalsa20poly1305_KEYBYTES); +} diff --git a/src/libsodium/crypto_shorthash/crypto_shorthash.c b/src/libsodium/crypto_shorthash/crypto_shorthash.c index b68b58a4..95f52f83 100644 --- a/src/libsodium/crypto_shorthash/crypto_shorthash.c +++ b/src/libsodium/crypto_shorthash/crypto_shorthash.c @@ -1,5 +1,6 @@ #include "crypto_shorthash.h" +#include "randombytes.h" size_t crypto_shorthash_bytes(void) @@ -25,3 +26,9 @@ crypto_shorthash(unsigned char *out, const unsigned char *in, { return crypto_shorthash_siphash24(out, in, inlen, k); } + +void +crypto_shorthash_keygen(unsigned char k[crypto_shorthash_KEYBYTES]) +{ + randombytes_buf(k, crypto_shorthash_KEYBYTES); +} diff --git a/src/libsodium/crypto_stream/chacha20/stream_chacha20.c b/src/libsodium/crypto_stream/chacha20/stream_chacha20.c index 65585ddd..5f65de16 100644 --- a/src/libsodium/crypto_stream/chacha20/stream_chacha20.c +++ b/src/libsodium/crypto_stream/chacha20/stream_chacha20.c @@ -1,5 +1,6 @@ #include "crypto_stream_chacha20.h" #include "stream_chacha20.h" +#include "randombytes.h" #include "runtime.h" #include "ref/stream_chacha20_ref.h" #if (defined(HAVE_EMMINTRIN_H) && defined(HAVE_TMMINTRIN_H) && defined(__GNUC__)) @@ -77,6 +78,18 @@ crypto_stream_chacha20_ietf_xor(unsigned char *c, const unsigned char *m, return implementation->stream_ietf_xor_ic(c, m, mlen, n, 0U, k); } +void +crypto_stream_chacha20_ietf_keygen(unsigned char k[crypto_stream_chacha20_ietf_KEYBYTES]) +{ + randombytes_buf(k, crypto_stream_chacha20_ietf_KEYBYTES); +} + +void +crypto_stream_chacha20_keygen(unsigned char k[crypto_stream_chacha20_KEYBYTES]) +{ + randombytes_buf(k, crypto_stream_chacha20_KEYBYTES); +} + int _crypto_stream_chacha20_pick_best_implementation(void) { diff --git a/src/libsodium/crypto_stream/crypto_stream.c b/src/libsodium/crypto_stream/crypto_stream.c index 50a9c1c0..7d93243b 100644 --- a/src/libsodium/crypto_stream/crypto_stream.c +++ b/src/libsodium/crypto_stream/crypto_stream.c @@ -1,5 +1,6 @@ #include "crypto_stream.h" +#include "randombytes.h" size_t crypto_stream_keybytes(void) @@ -34,3 +35,9 @@ crypto_stream_xor(unsigned char *c, const unsigned char *m, { return crypto_stream_xsalsa20_xor(c, m, mlen, n, k); } + +void +crypto_stream_keygen(unsigned char k[crypto_stream_KEYBYTES]) +{ + randombytes_buf(k, crypto_stream_KEYBYTES); +} diff --git a/src/libsodium/crypto_stream/salsa20/stream_salsa20_api.c b/src/libsodium/crypto_stream/salsa20/stream_salsa20_api.c index 3bc05801..ae951a0a 100644 --- a/src/libsodium/crypto_stream/salsa20/stream_salsa20_api.c +++ b/src/libsodium/crypto_stream/salsa20/stream_salsa20_api.c @@ -1,12 +1,15 @@ #include "crypto_stream_salsa20.h" +#include "randombytes.h" size_t -crypto_stream_salsa20_keybytes(void) { +crypto_stream_salsa20_keybytes(void) +{ return crypto_stream_salsa20_KEYBYTES; } size_t -crypto_stream_salsa20_noncebytes(void) { +crypto_stream_salsa20_noncebytes(void) +{ return crypto_stream_salsa20_NONCEBYTES; } @@ -17,3 +20,9 @@ crypto_stream_salsa20_xor(unsigned char *c, const unsigned char *m, { return crypto_stream_salsa20_xor_ic(c, m, mlen, n, 0U, k); } + +void +crypto_stream_salsa20_keygen(unsigned char k[crypto_stream_salsa20_KEYBYTES]) +{ + randombytes_buf(k, crypto_stream_salsa20_KEYBYTES); +} diff --git a/src/libsodium/crypto_stream/salsa2012/stream_salsa2012_api.c b/src/libsodium/crypto_stream/salsa2012/stream_salsa2012_api.c index 3b5685f3..d6c01b82 100644 --- a/src/libsodium/crypto_stream/salsa2012/stream_salsa2012_api.c +++ b/src/libsodium/crypto_stream/salsa2012/stream_salsa2012_api.c @@ -1,11 +1,20 @@ #include "crypto_stream_salsa2012.h" +#include "randombytes.h" size_t -crypto_stream_salsa2012_keybytes(void) { +crypto_stream_salsa2012_keybytes(void) +{ return crypto_stream_salsa2012_KEYBYTES; } size_t -crypto_stream_salsa2012_noncebytes(void) { +crypto_stream_salsa2012_noncebytes(void) +{ return crypto_stream_salsa2012_NONCEBYTES; } + +void +crypto_stream_salsa2012_keygen(unsigned char k[crypto_stream_salsa2012_KEYBYTES]) +{ + randombytes_buf(k, crypto_stream_salsa2012_KEYBYTES); +} diff --git a/src/libsodium/crypto_stream/salsa208/stream_salsa208_api.c b/src/libsodium/crypto_stream/salsa208/stream_salsa208_api.c index 640a8b2e..1a7752af 100644 --- a/src/libsodium/crypto_stream/salsa208/stream_salsa208_api.c +++ b/src/libsodium/crypto_stream/salsa208/stream_salsa208_api.c @@ -1,11 +1,20 @@ #include "crypto_stream_salsa208.h" +#include "randombytes.h" size_t -crypto_stream_salsa208_keybytes(void) { +crypto_stream_salsa208_keybytes(void) +{ return crypto_stream_salsa208_KEYBYTES; } size_t -crypto_stream_salsa208_noncebytes(void) { +crypto_stream_salsa208_noncebytes(void) +{ return crypto_stream_salsa208_NONCEBYTES; } + +void +crypto_stream_salsa208_keygen(unsigned char k[crypto_stream_salsa208_KEYBYTES]) +{ + randombytes_buf(k, crypto_stream_salsa208_KEYBYTES); +} diff --git a/src/libsodium/crypto_stream/xchacha20/stream_xchacha20.c b/src/libsodium/crypto_stream/xchacha20/stream_xchacha20.c index 57ed7ea3..dc5696dd 100644 --- a/src/libsodium/crypto_stream/xchacha20/stream_xchacha20.c +++ b/src/libsodium/crypto_stream/xchacha20/stream_xchacha20.c @@ -4,6 +4,7 @@ #include "crypto_core_hchacha20.h" #include "crypto_stream_chacha20.h" #include "crypto_stream_xchacha20.h" +#include "randombytes.h" size_t crypto_stream_xchacha20_keybytes(void) { @@ -51,3 +52,9 @@ crypto_stream_xchacha20_xor(unsigned char *c, const unsigned char *m, { return crypto_stream_xchacha20_xor_ic(c, m, mlen, n, 0U, k); } + +void +crypto_stream_xchacha20_keygen(unsigned char k[crypto_stream_xchacha20_KEYBYTES]) +{ + randombytes_buf(k, crypto_stream_xchacha20_KEYBYTES); +} diff --git a/src/libsodium/crypto_stream/xsalsa20/stream_xsalsa20.c b/src/libsodium/crypto_stream/xsalsa20/stream_xsalsa20.c index a178459c..3eb7564c 100644 --- a/src/libsodium/crypto_stream/xsalsa20/stream_xsalsa20.c +++ b/src/libsodium/crypto_stream/xsalsa20/stream_xsalsa20.c @@ -1,6 +1,7 @@ #include "crypto_core_hsalsa20.h" #include "crypto_stream_salsa20.h" #include "crypto_stream_xsalsa20.h" +#include "randombytes.h" #include "utils.h" int @@ -49,3 +50,9 @@ size_t crypto_stream_xsalsa20_noncebytes(void) { return crypto_stream_xsalsa20_NONCEBYTES; } + +void +crypto_stream_xsalsa20_keygen(unsigned char k[crypto_stream_xsalsa20_KEYBYTES]) +{ + randombytes_buf(k, crypto_stream_xsalsa20_KEYBYTES); +} diff --git a/src/libsodium/include/sodium/crypto_aead_aes256gcm.h b/src/libsodium/include/sodium/crypto_aead_aes256gcm.h index 6df68cf1..54361712 100644 --- a/src/libsodium/include/sodium/crypto_aead_aes256gcm.h +++ b/src/libsodium/include/sodium/crypto_aead_aes256gcm.h @@ -134,6 +134,9 @@ int crypto_aead_aes256gcm_decrypt_detached_afternm(unsigned char *m, const crypto_aead_aes256gcm_state *ctx_) __attribute__ ((warn_unused_result)); +SODIUM_EXPORT +void crypto_aead_aes256gcm_keygen(unsigned char k[crypto_aead_aes256gcm_KEYBYTES]); + #ifdef __cplusplus } #endif diff --git a/src/libsodium/include/sodium/crypto_aead_chacha20poly1305.h b/src/libsodium/include/sodium/crypto_aead_chacha20poly1305.h index 6fe4cf06..0bbc6885 100644 --- a/src/libsodium/include/sodium/crypto_aead_chacha20poly1305.h +++ b/src/libsodium/include/sodium/crypto_aead_chacha20poly1305.h @@ -77,6 +77,9 @@ int crypto_aead_chacha20poly1305_ietf_decrypt_detached(unsigned char *m, const unsigned char *k) __attribute__ ((warn_unused_result)); +SODIUM_EXPORT +void crypto_aead_chacha20poly1305_ietf_keygen(unsigned char k[crypto_aead_chacha20poly1305_ietf_KEYBYTES]); + /* -- Original ChaCha20-Poly1305 construction with a 64-bit nonce and a 64-bit internal counter -- */ #define crypto_aead_chacha20poly1305_KEYBYTES 32U @@ -142,6 +145,9 @@ int crypto_aead_chacha20poly1305_decrypt_detached(unsigned char *m, const unsigned char *k) __attribute__ ((warn_unused_result)); +SODIUM_EXPORT +void crypto_aead_chacha20poly1305_keygen(unsigned char k[crypto_aead_chacha20poly1305_KEYBYTES]); + /* Aliases */ #define crypto_aead_chacha20poly1305_IETF_KEYBYTES crypto_aead_chacha20poly1305_ietf_KEYBYTES diff --git a/src/libsodium/include/sodium/crypto_aead_xchacha20poly1305.h b/src/libsodium/include/sodium/crypto_aead_xchacha20poly1305.h index 81ed0bd6..f863ce88 100644 --- a/src/libsodium/include/sodium/crypto_aead_xchacha20poly1305.h +++ b/src/libsodium/include/sodium/crypto_aead_xchacha20poly1305.h @@ -74,6 +74,9 @@ int crypto_aead_xchacha20poly1305_ietf_decrypt_detached(unsigned char *m, const unsigned char *k) __attribute__ ((warn_unused_result)); +SODIUM_EXPORT +void crypto_aead_xchacha20poly1305_ietf_keygen(unsigned char k[crypto_aead_xchacha20poly1305_ietf_KEYBYTES]); + /* Aliases */ #define crypto_aead_xchacha20poly1305_IETF_KEYBYTES crypto_aead_xchacha20poly1305_ietf_KEYBYTES diff --git a/src/libsodium/include/sodium/crypto_auth.h b/src/libsodium/include/sodium/crypto_auth.h index ddb73b0c..7174e7bc 100644 --- a/src/libsodium/include/sodium/crypto_auth.h +++ b/src/libsodium/include/sodium/crypto_auth.h @@ -34,6 +34,9 @@ int crypto_auth_verify(const unsigned char *h, const unsigned char *in, unsigned long long inlen, const unsigned char *k) __attribute__ ((warn_unused_result)); +SODIUM_EXPORT +void crypto_auth_keygen(unsigned char k[crypto_auth_KEYBYTES]); + #ifdef __cplusplus } #endif diff --git a/src/libsodium/include/sodium/crypto_auth_hmacsha256.h b/src/libsodium/include/sodium/crypto_auth_hmacsha256.h index c3fbf3cf..660cb613 100644 --- a/src/libsodium/include/sodium/crypto_auth_hmacsha256.h +++ b/src/libsodium/include/sodium/crypto_auth_hmacsha256.h @@ -56,6 +56,10 @@ SODIUM_EXPORT int crypto_auth_hmacsha256_final(crypto_auth_hmacsha256_state *state, unsigned char *out); + +SODIUM_EXPORT +void crypto_auth_hmacsha256_keygen(unsigned char k[crypto_auth_hmacsha256_KEYBYTES]); + #ifdef __cplusplus } #endif diff --git a/src/libsodium/include/sodium/crypto_auth_hmacsha512.h b/src/libsodium/include/sodium/crypto_auth_hmacsha512.h index 7386c15a..f7866394 100644 --- a/src/libsodium/include/sodium/crypto_auth_hmacsha512.h +++ b/src/libsodium/include/sodium/crypto_auth_hmacsha512.h @@ -56,6 +56,9 @@ SODIUM_EXPORT int crypto_auth_hmacsha512_final(crypto_auth_hmacsha512_state *state, unsigned char *out); +SODIUM_EXPORT +void crypto_auth_hmacsha512_keygen(unsigned char k[crypto_auth_hmacsha512_KEYBYTES]); + #ifdef __cplusplus } #endif diff --git a/src/libsodium/include/sodium/crypto_auth_hmacsha512256.h b/src/libsodium/include/sodium/crypto_auth_hmacsha512256.h index c205b7dd..c0d3f7c9 100644 --- a/src/libsodium/include/sodium/crypto_auth_hmacsha512256.h +++ b/src/libsodium/include/sodium/crypto_auth_hmacsha512256.h @@ -51,6 +51,9 @@ SODIUM_EXPORT int crypto_auth_hmacsha512256_final(crypto_auth_hmacsha512256_state *state, unsigned char *out); +SODIUM_EXPORT +void crypto_auth_hmacsha512256_keygen(unsigned char k[crypto_auth_hmacsha512256_KEYBYTES]); + #ifdef __cplusplus } #endif diff --git a/src/libsodium/include/sodium/crypto_generichash.h b/src/libsodium/include/sodium/crypto_generichash.h index 998d860d..39ed5ea3 100644 --- a/src/libsodium/include/sodium/crypto_generichash.h +++ b/src/libsodium/include/sodium/crypto_generichash.h @@ -64,6 +64,9 @@ SODIUM_EXPORT int crypto_generichash_final(crypto_generichash_state *state, unsigned char *out, const size_t outlen); +SODIUM_EXPORT +void crypto_generichash_keygen(unsigned char k[crypto_generichash_KEYBYTES]); + #ifdef __cplusplus } #endif diff --git a/src/libsodium/include/sodium/crypto_generichash_blake2b.h b/src/libsodium/include/sodium/crypto_generichash_blake2b.h index d86c4429..7b0c0820 100644 --- a/src/libsodium/include/sodium/crypto_generichash_blake2b.h +++ b/src/libsodium/include/sodium/crypto_generichash_blake2b.h @@ -107,6 +107,9 @@ int crypto_generichash_blake2b_final(crypto_generichash_blake2b_state *state, unsigned char *out, const size_t outlen); +SODIUM_EXPORT +void crypto_generichash_blake2b_keygen(unsigned char k[crypto_generichash_blake2b_KEYBYTES]); + /* ------------------------------------------------------------------------- */ int _crypto_generichash_blake2b_pick_best_implementation(void); diff --git a/src/libsodium/include/sodium/crypto_kdf.h b/src/libsodium/include/sodium/crypto_kdf.h index 78f1784b..abfdd177 100644 --- a/src/libsodium/include/sodium/crypto_kdf.h +++ b/src/libsodium/include/sodium/crypto_kdf.h @@ -35,6 +35,10 @@ int crypto_kdf_derive_from_key(unsigned char *subkey, size_t subkey_len, uint64_t subkey_id, const char ctx[crypto_kdf_CONTEXTBYTES], const unsigned char key[crypto_kdf_KEYBYTES]); + +SODIUM_EXPORT +void crypto_kdf_keygen(unsigned char k[crypto_kdf_KEYBYTES]); + #ifdef __cplusplus } #endif diff --git a/src/libsodium/include/sodium/crypto_onetimeauth.h b/src/libsodium/include/sodium/crypto_onetimeauth.h index bc2dd86c..d71593d0 100644 --- a/src/libsodium/include/sodium/crypto_onetimeauth.h +++ b/src/libsodium/include/sodium/crypto_onetimeauth.h @@ -51,6 +51,9 @@ SODIUM_EXPORT int crypto_onetimeauth_final(crypto_onetimeauth_state *state, unsigned char *out); +SODIUM_EXPORT +void crypto_onetimeauth_keygen(unsigned char k[crypto_onetimeauth_KEYBYTES]); + #ifdef __cplusplus } #endif diff --git a/src/libsodium/include/sodium/crypto_onetimeauth_poly1305.h b/src/libsodium/include/sodium/crypto_onetimeauth_poly1305.h index 6bf9221e..c3cb31a0 100644 --- a/src/libsodium/include/sodium/crypto_onetimeauth_poly1305.h +++ b/src/libsodium/include/sodium/crypto_onetimeauth_poly1305.h @@ -54,6 +54,9 @@ SODIUM_EXPORT int crypto_onetimeauth_poly1305_final(crypto_onetimeauth_poly1305_state *state, unsigned char *out); +SODIUM_EXPORT +void crypto_onetimeauth_poly1305_keygen(unsigned char k[crypto_onetimeauth_poly1305_KEYBYTES]); + /* ------------------------------------------------------------------------- */ int _crypto_onetimeauth_poly1305_pick_best_implementation(void); diff --git a/src/libsodium/include/sodium/crypto_secretbox.h b/src/libsodium/include/sodium/crypto_secretbox.h index b535d9c0..9b098200 100644 --- a/src/libsodium/include/sodium/crypto_secretbox.h +++ b/src/libsodium/include/sodium/crypto_secretbox.h @@ -56,6 +56,9 @@ int crypto_secretbox_open_detached(unsigned char *m, const unsigned char *k) __attribute__ ((warn_unused_result)); +SODIUM_EXPORT +void crypto_secretbox_keygen(unsigned char k[crypto_secretbox_KEYBYTES]); + /* -- NaCl compatibility interface ; Requires padding -- */ #define crypto_secretbox_ZEROBYTES crypto_secretbox_xsalsa20poly1305_ZEROBYTES diff --git a/src/libsodium/include/sodium/crypto_secretbox_xsalsa20poly1305.h b/src/libsodium/include/sodium/crypto_secretbox_xsalsa20poly1305.h index 99e760f8..5aa30805 100644 --- a/src/libsodium/include/sodium/crypto_secretbox_xsalsa20poly1305.h +++ b/src/libsodium/include/sodium/crypto_secretbox_xsalsa20poly1305.h @@ -48,6 +48,9 @@ int crypto_secretbox_xsalsa20poly1305_open(unsigned char *m, const unsigned char *k) __attribute__ ((warn_unused_result)); +SODIUM_EXPORT +void crypto_secretbox_xsalsa20poly1305_keygen(unsigned char k[crypto_secretbox_xsalsa20poly1305_KEYBYTES]); + #ifdef __cplusplus } #endif diff --git a/src/libsodium/include/sodium/crypto_shorthash.h b/src/libsodium/include/sodium/crypto_shorthash.h index 78732808..a4988082 100644 --- a/src/libsodium/include/sodium/crypto_shorthash.h +++ b/src/libsodium/include/sodium/crypto_shorthash.h @@ -29,6 +29,9 @@ SODIUM_EXPORT int crypto_shorthash(unsigned char *out, const unsigned char *in, unsigned long long inlen, const unsigned char *k); +SODIUM_EXPORT +void crypto_shorthash_keygen(unsigned char k[crypto_shorthash_KEYBYTES]); + #ifdef __cplusplus } #endif diff --git a/src/libsodium/include/sodium/crypto_stream.h b/src/libsodium/include/sodium/crypto_stream.h index 734dd579..22de6ff5 100644 --- a/src/libsodium/include/sodium/crypto_stream.h +++ b/src/libsodium/include/sodium/crypto_stream.h @@ -42,6 +42,9 @@ int crypto_stream_xor(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, const unsigned char *k); +SODIUM_EXPORT +void crypto_stream_keygen(unsigned char k[crypto_stream_KEYBYTES]); + #ifdef __cplusplus } #endif diff --git a/src/libsodium/include/sodium/crypto_stream_chacha20.h b/src/libsodium/include/sodium/crypto_stream_chacha20.h index a6a9ab24..cf3ffe89 100644 --- a/src/libsodium/include/sodium/crypto_stream_chacha20.h +++ b/src/libsodium/include/sodium/crypto_stream_chacha20.h @@ -45,6 +45,9 @@ int crypto_stream_chacha20_xor_ic(unsigned char *c, const unsigned char *m, const unsigned char *n, uint64_t ic, const unsigned char *k); +SODIUM_EXPORT +void crypto_stream_chacha20_keygen(unsigned char k[crypto_stream_chacha20_KEYBYTES]); + /* ChaCha20 with a 96-bit nonce and a 32-bit counter (IETF) */ #define crypto_stream_chacha20_ietf_KEYBYTES 32U @@ -70,6 +73,9 @@ int crypto_stream_chacha20_ietf_xor_ic(unsigned char *c, const unsigned char *m, const unsigned char *n, uint32_t ic, const unsigned char *k); +SODIUM_EXPORT +void crypto_stream_chacha20_ietf_keygen(unsigned char k[crypto_stream_chacha20_ietf_KEYBYTES]); + /* ------------------------------------------------------------------------- */ int _crypto_stream_chacha20_pick_best_implementation(void); diff --git a/src/libsodium/include/sodium/crypto_stream_salsa20.h b/src/libsodium/include/sodium/crypto_stream_salsa20.h index a2593d54..961e5c1c 100644 --- a/src/libsodium/include/sodium/crypto_stream_salsa20.h +++ b/src/libsodium/include/sodium/crypto_stream_salsa20.h @@ -42,6 +42,10 @@ int crypto_stream_salsa20_xor_ic(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, uint64_t ic, const unsigned char *k); + +SODIUM_EXPORT +void crypto_stream_salsa20_keygen(unsigned char k[crypto_stream_salsa20_KEYBYTES]); + #ifdef __cplusplus } #endif diff --git a/src/libsodium/include/sodium/crypto_stream_salsa2012.h b/src/libsodium/include/sodium/crypto_stream_salsa2012.h index a90f0da9..d5c44282 100644 --- a/src/libsodium/include/sodium/crypto_stream_salsa2012.h +++ b/src/libsodium/include/sodium/crypto_stream_salsa2012.h @@ -36,6 +36,9 @@ int crypto_stream_salsa2012_xor(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, const unsigned char *k); +SODIUM_EXPORT +void crypto_stream_salsa2012_keygen(unsigned char k[crypto_stream_salsa2012_KEYBYTES]); + #ifdef __cplusplus } #endif diff --git a/src/libsodium/include/sodium/crypto_stream_salsa208.h b/src/libsodium/include/sodium/crypto_stream_salsa208.h index 00ae7e2b..02b4166e 100644 --- a/src/libsodium/include/sodium/crypto_stream_salsa208.h +++ b/src/libsodium/include/sodium/crypto_stream_salsa208.h @@ -36,6 +36,9 @@ int crypto_stream_salsa208_xor(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, const unsigned char *k); +SODIUM_EXPORT +void crypto_stream_salsa208_keygen(unsigned char k[crypto_stream_salsa208_KEYBYTES]); + #ifdef __cplusplus } #endif diff --git a/src/libsodium/include/sodium/crypto_stream_xchacha20.h b/src/libsodium/include/sodium/crypto_stream_xchacha20.h index 5da0f584..f884798e 100644 --- a/src/libsodium/include/sodium/crypto_stream_xchacha20.h +++ b/src/libsodium/include/sodium/crypto_stream_xchacha20.h @@ -43,6 +43,9 @@ int crypto_stream_xchacha20_xor_ic(unsigned char *c, const unsigned char *m, const unsigned char *n, uint64_t ic, const unsigned char *k); +SODIUM_EXPORT +void crypto_stream_xchacha20_keygen(unsigned char k[crypto_stream_xchacha20_KEYBYTES]); + #ifdef __cplusplus } #endif diff --git a/src/libsodium/include/sodium/crypto_stream_xsalsa20.h b/src/libsodium/include/sodium/crypto_stream_xsalsa20.h index f142005c..ed5ae3c3 100644 --- a/src/libsodium/include/sodium/crypto_stream_xsalsa20.h +++ b/src/libsodium/include/sodium/crypto_stream_xsalsa20.h @@ -42,6 +42,10 @@ int crypto_stream_xsalsa20_xor_ic(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, uint64_t ic, const unsigned char *k); + +SODIUM_EXPORT +void crypto_stream_xsalsa20_keygen(unsigned char k[crypto_stream_xsalsa20_KEYBYTES]); + #ifdef __cplusplus } #endif diff --git a/test/default/Makefile.am b/test/default/Makefile.am index 809f03a1..20e3a3b8 100644 --- a/test/default/Makefile.am +++ b/test/default/Makefile.am @@ -35,6 +35,7 @@ EXTRA_DIST = \ hash2.exp \ hash3.exp \ kdf.exp \ + keygen.exp \ onetimeauth.exp \ onetimeauth2.exp \ onetimeauth7.exp \ @@ -100,6 +101,7 @@ DISTCLEANFILES = \ hash2.res \ hash3.res \ kdf.res \ + keygen.res \ onetimeauth.res \ onetimeauth2.res \ onetimeauth7.res \ @@ -166,6 +168,7 @@ CLEANFILES = \ hash2.final \ hash3.final \ kdf.final \ + keygen.final \ onetimeauth.final \ onetimeauth2.final \ onetimeauth7.final \ @@ -227,6 +230,7 @@ CLEANFILES = \ hash2.nexe \ hash3.nexe \ kdf.nexe \ + keygen.nexe \ onetimeauth.nexe \ onetimeauth2.nexe \ onetimeauth7.nexe \ @@ -299,6 +303,7 @@ TESTS_TARGETS = \ hash \ hash3 \ kdf \ + keygen \ onetimeauth \ onetimeauth2 \ onetimeauth7 \ @@ -436,6 +441,9 @@ hash3_LDADD = $(TESTS_LDADD) kdf_SOURCE = cmptest.h kdf.c kdf_LDADD = $(TESTS_LDADD) +keygen_SOURCE = cmptest.h keygen.c +keygen_LDADD = $(TESTS_LDADD) + onetimeauth_SOURCE = cmptest.h onetimeauth.c onetimeauth_LDADD = $(TESTS_LDADD) diff --git a/test/default/keygen.c b/test/default/keygen.c new file mode 100644 index 00000000..ba1d0841 --- /dev/null +++ b/test/default/keygen.c @@ -0,0 +1,64 @@ + +#define TEST_NAME "keygen" +#include "cmptest.h" + +typedef struct KeygenTV_ { + void (*fn)(unsigned char *k); + size_t key_len; +} KeygenTV; + +static void +tv_keygen(void) +{ + const static KeygenTV tvs[] = { + { crypto_auth_keygen, crypto_auth_KEYBYTES }, + { crypto_auth_hmacsha256_keygen, crypto_auth_hmacsha256_KEYBYTES }, + { crypto_aead_aes256gcm_keygen, crypto_aead_aes256gcm_KEYBYTES }, + { crypto_auth_hmacsha512_keygen, crypto_auth_hmacsha512_KEYBYTES }, + { crypto_auth_hmacsha512256_keygen, crypto_auth_hmacsha512256_KEYBYTES }, + { crypto_generichash_keygen, crypto_generichash_KEYBYTES }, + { crypto_generichash_blake2b_keygen, crypto_generichash_blake2b_KEYBYTES }, + { crypto_kdf_keygen, crypto_kdf_KEYBYTES }, + { crypto_onetimeauth_keygen, crypto_onetimeauth_KEYBYTES }, + { crypto_onetimeauth_poly1305_keygen, crypto_onetimeauth_poly1305_KEYBYTES }, + { crypto_aead_chacha20poly1305_ietf_keygen, crypto_aead_chacha20poly1305_ietf_KEYBYTES }, + { crypto_aead_chacha20poly1305_keygen, crypto_aead_chacha20poly1305_KEYBYTES }, + { crypto_secretbox_xsalsa20poly1305_keygen, crypto_secretbox_xsalsa20poly1305_KEYBYTES }, + { crypto_secretbox_keygen, crypto_secretbox_KEYBYTES }, + { crypto_shorthash_keygen, crypto_shorthash_KEYBYTES }, + { crypto_stream_keygen, crypto_stream_KEYBYTES }, + { crypto_stream_chacha20_keygen, crypto_stream_chacha20_KEYBYTES }, + { crypto_stream_chacha20_ietf_keygen, crypto_stream_chacha20_ietf_KEYBYTES }, + { crypto_stream_salsa20_keygen, crypto_stream_salsa20_KEYBYTES }, + { crypto_stream_xsalsa20_keygen, crypto_stream_xsalsa20_KEYBYTES } + }; + const KeygenTV *tv; + unsigned char *key; + int i; + int j; + + for (i = 0; i < (sizeof tvs) / (sizeof tvs[0]); i++) { + tv = &tvs[i]; + key = sodium_malloc(tv->key_len); + key[tv->key_len - 1U] = 0; + for (j = 0; j < 10000; j++) { + tv->fn(key); + if (key[tv->key_len - 1U] != 0) { + break; + } + } + sodium_free(key); + if (j >= 10000) { + printf("Buffer underflow with test vector %d\n", i); + } + } + printf("tv_keygen: ok\n"); +} + +int +main(void) +{ + tv_keygen(); + + return 0; +} diff --git a/test/default/keygen.exp b/test/default/keygen.exp new file mode 100644 index 00000000..4d10017f --- /dev/null +++ b/test/default/keygen.exp @@ -0,0 +1 @@ +tv_keygen: ok