cheng/libsodium
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add a xchacha version of crypto_box_seal

Browse Source 
No high level API for it, no reasons to, so not available in minimal mode.
This commit is contained in:
Frank Denis 2017-07-06 15:19:13 +02:00
parent c77ba98d7b
commit ccb842f488
5 changed files with 108 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog
View File

@ -14,6 +14,8 @@ the algorithm and can verify both Argon2i and Argon2id hashed passwords.
The default algorithm for newly hashed passwords remains Argon2i in
this version to avoid breaking compatibility with verifiers running
libsodium <= 1.0.12.
- A `crypto_box_curve25519xchacha20poly1305_seal*()` function set was
implemented.
* Version 1.0.12
- Ed25519ph was implemented, adding a multi-part signature API

3
dist-build/emscripten-symbols.def
View File

@ -93,6 +93,9 @@ _crypto_box_curve25519xchacha20poly1305_open_detached_afternm 0 1
_crypto_box_curve25519xchacha20poly1305_open_easy 0 1
_crypto_box_curve25519xchacha20poly1305_open_easy_afternm 0 1
_crypto_box_curve25519xchacha20poly1305_publickeybytes 0 1
_crypto_box_curve25519xchacha20poly1305_seal 0 1
_crypto_box_curve25519xchacha20poly1305_seal_open 0 1
_crypto_box_curve25519xchacha20poly1305_sealbytes 0 1
_crypto_box_curve25519xchacha20poly1305_secretkeybytes 0 1
_crypto_box_curve25519xchacha20poly1305_seed_keypair 0 1
_crypto_box_curve25519xchacha20poly1305_seedbytes 0 1

1
src/libsodium/Makefile.am
View File

@ -162,6 +162,7 @@ endif
if !MINIMAL
libsodium_la_SOURCES += \
crypto_box/curve25519xchacha20poly1305/box_curve25519xchacha20poly1305.c \
crypto_box/curve25519xchacha20poly1305/box_seal_curve25519xchacha20poly1305.c \
crypto_secretbox/xchacha20poly1305/secretbox_xchacha20poly1305.c \
crypto_shorthash/siphash24/shorthash_siphashx24.c \
crypto_shorthash/siphash24/ref/shorthash_siphashx24_ref.c \

79
src/libsodium/crypto_box/curve25519xchacha20poly1305/box_seal_curve25519xchacha20poly1305.c Normal file
View File

@ -0,0 +1,79 @@
#include <string.h>
#include "crypto_box_curve25519xchacha20poly1305.h"
#include "crypto_generichash.h"
#include "private/common.h"
#include "utils.h"
static int
_crypto_box_curve25519xchacha20poly1305_seal_nonce(unsigned char *nonce,
const unsigned char *pk1,
const unsigned char *pk2)
{
crypto_generichash_state st;
crypto_generichash_init(&st, NULL, 0U,
crypto_box_curve25519xchacha20poly1305_NONCEBYTES);
crypto_generichash_update(&st, pk1,
crypto_box_curve25519xchacha20poly1305_PUBLICKEYBYTES);
crypto_generichash_update(&st, pk2,
crypto_box_curve25519xchacha20poly1305_PUBLICKEYBYTES);
crypto_generichash_final(&st, nonce,
crypto_box_curve25519xchacha20poly1305_NONCEBYTES);
return 0;
}
int
crypto_box_curve25519xchacha20poly1305_seal(unsigned char *c, const unsigned char *m,
unsigned long long mlen,
const unsigned char *pk)
{
unsigned char nonce[crypto_box_curve25519xchacha20poly1305_NONCEBYTES];
unsigned char epk[crypto_box_curve25519xchacha20poly1305_PUBLICKEYBYTES];
unsigned char esk[crypto_box_curve25519xchacha20poly1305_SECRETKEYBYTES];
int ret;
if (crypto_box_curve25519xchacha20poly1305_keypair(epk, esk) != 0) {
return -1; /* LCOV_EXCL_LINE */
}
memcpy(c, epk, crypto_box_curve25519xchacha20poly1305_PUBLICKEYBYTES);
_crypto_box_curve25519xchacha20poly1305_seal_nonce(nonce, epk, pk);
ret = crypto_box_curve25519xchacha20poly1305_easy(
c + crypto_box_curve25519xchacha20poly1305_PUBLICKEYBYTES, m, mlen,
nonce, pk, esk);
sodium_memzero(esk, sizeof esk);
sodium_memzero(epk, sizeof epk);
sodium_memzero(nonce, sizeof nonce);
return ret;
}
int
crypto_box_curve25519xchacha20poly1305_seal_open(unsigned char *m, const unsigned char *c,
unsigned long long clen,
const unsigned char *pk,
const unsigned char *sk)
{
unsigned char nonce[crypto_box_curve25519xchacha20poly1305_NONCEBYTES];
if (clen < crypto_box_curve25519xchacha20poly1305_SEALBYTES) {
return -1;
}
_crypto_box_curve25519xchacha20poly1305_seal_nonce(nonce, c, pk);
COMPILER_ASSERT(crypto_box_curve25519xchacha20poly1305_PUBLICKEYBYTES <
crypto_box_curve25519xchacha20poly1305_SEALBYTES);
return crypto_box_curve25519xchacha20poly1305_open_easy(
m, c + crypto_box_curve25519xchacha20poly1305_PUBLICKEYBYTES,
clen - crypto_box_curve25519xchacha20poly1305_PUBLICKEYBYTES,
nonce, c, sk);
}
size_t
crypto_box_curve25519xchacha20poly1305_sealbytes(void)
{
return crypto_box_curve25519xchacha20poly1305_SEALBYTES;
}

23
src/libsodium/include/sodium/crypto_box_curve25519xchacha20poly1305.h
View File

@ -123,6 +123,29 @@ int crypto_box_curve25519xchacha20poly1305_open_detached_afternm(unsigned char *
const unsigned char *k)
__attribute__ ((warn_unused_result));
/* -- Ephemeral SK interface -- */
#define crypto_box_curve25519xchacha20poly1305_SEALBYTES \
(crypto_box_curve25519xchacha20poly1305_PUBLICKEYBYTES + \
crypto_box_curve25519xchacha20poly1305_MACBYTES)
SODIUM_EXPORT
size_t crypto_box_curve25519xchacha20poly1305_sealbytes(void);
SODIUM_EXPORT
int crypto_box_curve25519xchacha20poly1305_seal(unsigned char *c,
const unsigned char *m,
unsigned long long mlen,
const unsigned char *pk);
SODIUM_EXPORT
int crypto_box_curve25519xchacha20poly1305_seal_open(unsigned char *m,
const unsigned char *c,
unsigned long long clen,
const unsigned char *pk,
const unsigned char *sk)
__attribute__ ((warn_unused_result));
#ifdef __cplusplus
}
#endif