Home | History | Annotate | Line # | Download | only in curve25519xsalsa20poly1305 
      1 #include <string.h>
      2 
      3 #include "crypto_box_curve25519xsalsa20poly1305.h"
      4 #include "crypto_core_hsalsa20.h"
      5 #include "crypto_hash_sha512.h"
      6 #include "crypto_scalarmult_curve25519.h"
      7 #include "crypto_secretbox_xsalsa20poly1305.h"
      8 #include "randombytes.h"
      9 #include "utils.h"
     10 
     11 int
     12 crypto_box_curve25519xsalsa20poly1305_seed_keypair(unsigned char *pk,
     13                                                    unsigned char *sk,
     14                                                    const unsigned char *seed)
     15 {
     16     unsigned char hash[64];
     17 
     18     crypto_hash_sha512(hash, seed, 32);
     19     memcpy(sk, hash, 32);
     20     sodium_memzero(hash, sizeof hash);
     21 
     22     return crypto_scalarmult_curve25519_base(pk, sk);
     23 }
     24 
     25 int
     26 crypto_box_curve25519xsalsa20poly1305_keypair(unsigned char *pk,
     27                                               unsigned char *sk)
     28 {
     29     randombytes_buf(sk, 32);
     30 
     31     return crypto_scalarmult_curve25519_base(pk, sk);
     32 }
     33 
     34 int
     35 crypto_box_curve25519xsalsa20poly1305_beforenm(unsigned char *k,
     36                                                const unsigned char *pk,
     37                                                const unsigned char *sk)
     38 {
     39     static const unsigned char zero[16] = { 0 };
     40     unsigned char s[32];
     41 
     42     if (crypto_scalarmult_curve25519(s, sk, pk) != 0) {
     43         return -1;
     44     }
     45     return crypto_core_hsalsa20(k, zero, s, NULL);
     46 }
     47 
     48 int
     49 crypto_box_curve25519xsalsa20poly1305_afternm(unsigned char *c,
     50                                               const unsigned char *m,
     51                                               unsigned long long mlen,
     52                                               const unsigned char *n,
     53                                               const unsigned char *k)
     54 {
     55     return crypto_secretbox_xsalsa20poly1305(c, m, mlen, n, k);
     56 }
     57 
     58 int
     59 crypto_box_curve25519xsalsa20poly1305_open_afternm(unsigned char *m,
     60                                                    const unsigned char *c,
     61                                                    unsigned long long clen,
     62                                                    const unsigned char *n,
     63                                                    const unsigned char *k)
     64 {
     65     return crypto_secretbox_xsalsa20poly1305_open(m, c, clen, n, k);
     66 }
     67 
     68 int
     69 crypto_box_curve25519xsalsa20poly1305(unsigned char *c, const unsigned char *m,
     70                                       unsigned long long   mlen,
     71                                       const unsigned char *n,
     72                                       const unsigned char *pk,
     73                                       const unsigned char *sk)
     74 {
     75     unsigned char k[crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES];
     76     int           ret;
     77 
     78     if (crypto_box_curve25519xsalsa20poly1305_beforenm(k, pk, sk) != 0) {
     79         return -1;
     80     }
     81     ret = crypto_box_curve25519xsalsa20poly1305_afternm(c, m, mlen, n, k);
     82     sodium_memzero(k, sizeof k);
     83 
     84     return ret;
     85 }
     86 
     87 int
     88 crypto_box_curve25519xsalsa20poly1305_open(
     89     unsigned char *m, const unsigned char *c, unsigned long long clen,
     90     const unsigned char *n, const unsigned char *pk, const unsigned char *sk)
     91 {
     92     unsigned char k[crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES];
     93     int           ret;
     94 
     95     if (crypto_box_curve25519xsalsa20poly1305_beforenm(k, pk, sk) != 0) {
     96         return -1;
     97     }
     98     ret = crypto_box_curve25519xsalsa20poly1305_open_afternm(m, c, clen, n, k);
     99     sodium_memzero(k, sizeof k);
    100 
    101     return ret;
    102 }
    103 
    104 size_t
    105 crypto_box_curve25519xsalsa20poly1305_seedbytes(void)
    106 {
    107     return crypto_box_curve25519xsalsa20poly1305_SEEDBYTES;
    108 }
    109 
    110 size_t
    111 crypto_box_curve25519xsalsa20poly1305_publickeybytes(void)
    112 {
    113     return crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES;
    114 }
    115 
    116 size_t
    117 crypto_box_curve25519xsalsa20poly1305_secretkeybytes(void)
    118 {
    119     return crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES;
    120 }
    121 
    122 size_t
    123 crypto_box_curve25519xsalsa20poly1305_beforenmbytes(void)
    124 {
    125     return crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES;
    126 }
    127 
    128 size_t
    129 crypto_box_curve25519xsalsa20poly1305_noncebytes(void)
    130 {
    131     return crypto_box_curve25519xsalsa20poly1305_NONCEBYTES;
    132 }
    133 
    134 size_t
    135 crypto_box_curve25519xsalsa20poly1305_zerobytes(void)
    136 {
    137     return crypto_box_curve25519xsalsa20poly1305_ZEROBYTES;
    138 }
    139 
    140 size_t
    141 crypto_box_curve25519xsalsa20poly1305_boxzerobytes(void)
    142 {
    143     return crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES;
    144 }
    145 
    146 size_t
    147 crypto_box_curve25519xsalsa20poly1305_macbytes(void)
    148 {
    149     return crypto_box_curve25519xsalsa20poly1305_MACBYTES;
    150 }
    151 
    152 size_t
    153 crypto_box_curve25519xsalsa20poly1305_messagebytes_max(void)
    154 {
    155     return crypto_box_curve25519xsalsa20poly1305_MESSAGEBYTES_MAX;
    156 }
    157