aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/util/crypto_ecc.c48
-rw-r--r--src/util/crypto_kdf.c6
-rw-r--r--src/util/tweetnacl-gnunet.c116
-rw-r--r--src/util/tweetnacl-gnunet.h105
4 files changed, 128 insertions, 147 deletions
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c
index 86beb9109..f9efcf6e7 100644
--- a/src/util/crypto_ecc.c
+++ b/src/util/crypto_ecc.c
@@ -282,7 +282,7 @@ GNUNET_CRYPTO_eddsa_key_get_public (
282{ 282{
283#if NEW_CRYPTO 283#if NEW_CRYPTO
284 BENCHMARK_START (eddsa_key_get_public); 284 BENCHMARK_START (eddsa_key_get_public);
285 crypto_sign_pk_from_seed (pub->q_y, priv->d); 285 GNUNET_TWEETNACL_sign_pk_from_seed (pub->q_y, priv->d);
286 BENCHMARK_END (eddsa_key_get_public); 286 BENCHMARK_END (eddsa_key_get_public);
287#else 287#else
288 gcry_sexp_t sexp; 288 gcry_sexp_t sexp;
@@ -319,7 +319,7 @@ GNUNET_CRYPTO_ecdhe_key_get_public (
319{ 319{
320#if NEW_CRYPTO 320#if NEW_CRYPTO
321 BENCHMARK_START (ecdhe_key_get_public); 321 BENCHMARK_START (ecdhe_key_get_public);
322 crypto_scalarmult_curve25519_base (pub->q_y, priv->d); 322 GNUNET_TWEETNACL_scalarmult_curve25519_base (pub->q_y, priv->d);
323 BENCHMARK_END (ecdhe_key_get_public); 323 BENCHMARK_END (ecdhe_key_get_public);
324#else 324#else
325 gcry_sexp_t sexp; 325 gcry_sexp_t sexp;
@@ -1036,15 +1036,15 @@ GNUNET_CRYPTO_eddsa_sign (
1036 1036
1037#if NEW_CRYPTO 1037#if NEW_CRYPTO
1038 size_t mlen = ntohl (purpose->size); 1038 size_t mlen = ntohl (purpose->size);
1039 unsigned char sk[crypto_sign_SECRETKEYBYTES]; 1039 unsigned char sk[GNUNET_TWEETNACL_SIGN_SECRETKEYBYTES];
1040 int res; 1040 int res;
1041 1041
1042 BENCHMARK_START (eddsa_sign); 1042 BENCHMARK_START (eddsa_sign);
1043 crypto_sign_sk_from_seed (sk, priv->d); 1043 GNUNET_TWEETNACL_sign_sk_from_seed (sk, priv->d);
1044 res = crypto_sign_detached ((uint8_t *) sig, 1044 res = GNUNET_TWEETNACL_sign_detached ((uint8_t *) sig,
1045 (uint8_t *) purpose, 1045 (uint8_t *) purpose,
1046 mlen, 1046 mlen,
1047 sk); 1047 sk);
1048 BENCHMARK_END (eddsa_sign); 1048 BENCHMARK_END (eddsa_sign);
1049 return (res == 0) ? GNUNET_OK : GNUNET_SYSERR; 1049 return (res == 0) ? GNUNET_OK : GNUNET_SYSERR;
1050#else 1050#else
@@ -1189,7 +1189,7 @@ GNUNET_CRYPTO_eddsa_verify (
1189 return GNUNET_SYSERR; /* purpose mismatch */ 1189 return GNUNET_SYSERR; /* purpose mismatch */
1190 1190
1191 BENCHMARK_START (eddsa_verify); 1191 BENCHMARK_START (eddsa_verify);
1192 res = crypto_sign_detached_verify (s, m, mlen, pub->q_y); 1192 res = GNUNET_TWEETNACL_sign_detached_verify (s, m, mlen, pub->q_y);
1193 BENCHMARK_END (eddsa_verify); 1193 BENCHMARK_END (eddsa_verify);
1194 return (res == 0) ? GNUNET_OK : GNUNET_SYSERR; 1194 return (res == 0) ? GNUNET_OK : GNUNET_SYSERR;
1195#else 1195#else
@@ -1262,9 +1262,9 @@ GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
1262 struct GNUNET_HashCode *key_material) 1262 struct GNUNET_HashCode *key_material)
1263{ 1263{
1264#if NEW_CRYPTO 1264#if NEW_CRYPTO
1265 uint8_t p[crypto_scalarmult_BYTES]; 1265 uint8_t p[GNUNET_TWEETNACL_SCALARMULT_BYTES];
1266 crypto_scalarmult_curve25519 (p, priv->d, pub->q_y); 1266 GNUNET_TWEETNACL_scalarmult_curve25519 (p, priv->d, pub->q_y);
1267 GNUNET_CRYPTO_hash (p, crypto_scalarmult_BYTES, key_material); 1267 GNUNET_CRYPTO_hash (p, GNUNET_TWEETNACL_SCALARMULT_BYTES, key_material);
1268 return GNUNET_OK; 1268 return GNUNET_OK;
1269#else 1269#else
1270 gcry_mpi_point_t result; 1270 gcry_mpi_point_t result;
@@ -1592,12 +1592,16 @@ GNUNET_CRYPTO_eddsa_ecdh (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
1592{ 1592{
1593#if NEW_CRYPTO 1593#if NEW_CRYPTO
1594 struct GNUNET_HashCode hc; 1594 struct GNUNET_HashCode hc;
1595 uint8_t a[crypto_scalarmult_BYTES]; 1595 uint8_t a[GNUNET_TWEETNACL_SCALARMULT_BYTES];
1596 uint8_t p[crypto_scalarmult_BYTES]; 1596 uint8_t p[GNUNET_TWEETNACL_SCALARMULT_BYTES];
1597 GNUNET_CRYPTO_hash (priv, sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey), &hc); 1597 GNUNET_CRYPTO_hash (priv,
1598 sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey),
1599 &hc);
1598 memcpy (a, &hc, sizeof (struct GNUNET_CRYPTO_EcdhePrivateKey)); 1600 memcpy (a, &hc, sizeof (struct GNUNET_CRYPTO_EcdhePrivateKey));
1599 crypto_scalarmult_curve25519 (p, a, pub->q_y); 1601 GNUNET_TWEETNACL_scalarmult_curve25519 (p, a, pub->q_y);
1600 GNUNET_CRYPTO_hash (p, crypto_scalarmult_BYTES, key_material); 1602 GNUNET_CRYPTO_hash (p,
1603 GNUNET_TWEETNACL_SCALARMULT_BYTES,
1604 key_material);
1601 return GNUNET_OK; 1605 return GNUNET_OK;
1602#else 1606#else
1603 gcry_mpi_point_t result; 1607 gcry_mpi_point_t result;
@@ -1712,11 +1716,11 @@ GNUNET_CRYPTO_ecdh_eddsa (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
1712 struct GNUNET_HashCode *key_material) 1716 struct GNUNET_HashCode *key_material)
1713{ 1717{
1714#if NEW_CRYPTO 1718#if NEW_CRYPTO
1715 uint8_t p[crypto_scalarmult_BYTES]; 1719 uint8_t p[GNUNET_TWEETNACL_SCALARMULT_BYTES];
1716 uint8_t curve25510_pk[crypto_sign_PUBLICKEYBYTES]; 1720 uint8_t curve25510_pk[GNUNET_TWEETNACL_SIGN_PUBLICBYTES];
1717 crypto_sign_ed25519_pk_to_curve25519 (curve25510_pk, pub->q_y); 1721 GNUNET_TWEETNACL_sign_ed25519_pk_to_curve25519 (curve25510_pk, pub->q_y);
1718 crypto_scalarmult_curve25519 (p, priv->d, curve25510_pk); 1722 GNUNET_TWEETNACL_scalarmult_curve25519 (p, priv->d, curve25510_pk);
1719 GNUNET_CRYPTO_hash (p, crypto_scalarmult_BYTES, key_material); 1723 GNUNET_CRYPTO_hash (p, GNUNET_TWEETNACL_SCALARMULT_BYTES, key_material);
1720 return GNUNET_OK; 1724 return GNUNET_OK;
1721#else 1725#else
1722 gcry_mpi_point_t result; 1726 gcry_mpi_point_t result;
diff --git a/src/util/crypto_kdf.c b/src/util/crypto_kdf.c
index 43a9731ff..1b3bd686f 100644
--- a/src/util/crypto_kdf.c
+++ b/src/util/crypto_kdf.c
@@ -132,7 +132,7 @@ GNUNET_CRYPTO_kdf_mod_mpi (gcry_mpi_t *r,
132 gcry_error_t rc; 132 gcry_error_t rc;
133 unsigned int nbits; 133 unsigned int nbits;
134 size_t rsize; 134 size_t rsize;
135 unsigned int ctr; 135 uint16_t ctr;
136 136
137 nbits = gcry_mpi_get_nbits (n); 137 nbits = gcry_mpi_get_nbits (n);
138 /* GNUNET_assert (nbits > 512); */ 138 /* GNUNET_assert (nbits > 512); */
@@ -143,12 +143,14 @@ GNUNET_CRYPTO_kdf_mod_mpi (gcry_mpi_t *r,
143 /* Ain't clear if n is always divisible by 8 */ 143 /* Ain't clear if n is always divisible by 8 */
144 uint8_t buf[ (nbits - 1) / 8 + 1 ]; 144 uint8_t buf[ (nbits - 1) / 8 + 1 ];
145 145
146 uint16_t ctr_nbo = htons (ctr);
147
146 rc = GNUNET_CRYPTO_kdf (buf, 148 rc = GNUNET_CRYPTO_kdf (buf,
147 sizeof(buf), 149 sizeof(buf),
148 xts, xts_len, 150 xts, xts_len,
149 skm, skm_len, 151 skm, skm_len,
150 ctx, strlen (ctx), 152 ctx, strlen (ctx),
151 &ctr, sizeof(ctr), 153 &ctr_nbo, sizeof(ctr_nbo),
152 NULL, 0); 154 NULL, 0);
153 GNUNET_assert (GNUNET_YES == rc); 155 GNUNET_assert (GNUNET_YES == rc);
154 156
diff --git a/src/util/tweetnacl-gnunet.c b/src/util/tweetnacl-gnunet.c
index 0f3a976c1..1c27730a4 100644
--- a/src/util/tweetnacl-gnunet.c
+++ b/src/util/tweetnacl-gnunet.c
@@ -13,7 +13,6 @@
13#include "gnunet_crypto_lib.h" 13#include "gnunet_crypto_lib.h"
14#include "tweetnacl-gnunet.h" 14#include "tweetnacl-gnunet.h"
15#define FOR(i,n) for (i = 0; i < n; ++i) 15#define FOR(i,n) for (i = 0; i < n; ++i)
16#define sv static void
17 16
18typedef uint8_t u8; 17typedef uint8_t u8;
19typedef uint32_t u32; 18typedef uint32_t u32;
@@ -21,11 +20,6 @@ typedef uint64_t u64;
21typedef int64_t i64; 20typedef int64_t i64;
22typedef i64 gf[16]; 21typedef i64 gf[16];
23 22
24static void randombytes (u8 *data,u64 len)
25{
26 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE, data, len);
27}
28
29static const u8 _9[32] = {9}; 23static const u8 _9[32] = {9};
30static const gf 24static const gf
31 gf0, 25 gf0,
@@ -42,30 +36,29 @@ static const gf
42 I = {0xa0b0, 0x4a0e, 0x1b27, 0xc4ee, 0xe478, 0xad2f, 0x1806, 0x2f43, 0xd7a7, 36 I = {0xa0b0, 0x4a0e, 0x1b27, 0xc4ee, 0xe478, 0xad2f, 0x1806, 0x2f43, 0xd7a7,
43 0x3dfb, 0x0099, 0x2b4d, 0xdf0b, 0x4fc1, 0x2480, 0x2b83}; 37 0x3dfb, 0x0099, 0x2b4d, 0xdf0b, 0x4fc1, 0x2480, 0x2b83};
44 38
45static int vn (const u8 *x,const u8 *y,int n) 39static int
40vn (const u8 *x,const u8 *y,int n)
46{ 41{
47 u32 i,d = 0; 42 u32 i,d = 0;
48 FOR (i,n) d |= x[i] ^ y[i]; 43 FOR (i,n) d |= x[i] ^ y[i];
49 return (1 & ((d - 1) >> 8)) - 1; 44 return (1 & ((d - 1) >> 8)) - 1;
50} 45}
51 46
52int crypto_verify_16 (const u8 *x,const u8 *y) 47static int
53{ 48crypto_verify_32 (const u8 *x,const u8 *y)
54 return vn (x,y,16);
55}
56
57int crypto_verify_32 (const u8 *x,const u8 *y)
58{ 49{
59 return vn (x,y,32); 50 return vn (x,y,32);
60} 51}
61 52
62sv set25519 (gf r, const gf a) 53static void
54set25519 (gf r, const gf a)
63{ 55{
64 int i; 56 int i;
65 FOR (i,16) r[i] = a[i]; 57 FOR (i,16) r[i] = a[i];
66} 58}
67 59
68sv car25519 (gf o) 60static void
61car25519 (gf o)
69{ 62{
70 int i; 63 int i;
71 i64 c; 64 i64 c;
@@ -77,7 +70,8 @@ sv car25519 (gf o)
77 } 70 }
78} 71}
79 72
80sv sel25519 (gf p,gf q,int b) 73static void
74sel25519 (gf p,gf q,int b)
81{ 75{
82 i64 t,i,c = ~(b - 1); 76 i64 t,i,c = ~(b - 1);
83 FOR (i,16) { 77 FOR (i,16) {
@@ -87,7 +81,8 @@ sv sel25519 (gf p,gf q,int b)
87 } 81 }
88} 82}
89 83
90sv pack25519 (u8 *o,const gf n) 84static void
85pack25519 (u8 *o,const gf n)
91{ 86{
92 int i,j,b; 87 int i,j,b;
93 gf m,t; 88 gf m,t;
@@ -112,7 +107,8 @@ sv pack25519 (u8 *o,const gf n)
112 } 107 }
113} 108}
114 109
115static int neq25519 (const gf a, const gf b) 110static int
111neq25519 (const gf a, const gf b)
116{ 112{
117 u8 c[32],d[32]; 113 u8 c[32],d[32];
118 pack25519 (c,a); 114 pack25519 (c,a);
@@ -120,33 +116,38 @@ static int neq25519 (const gf a, const gf b)
120 return crypto_verify_32 (c,d); 116 return crypto_verify_32 (c,d);
121} 117}
122 118
123static u8 par25519 (const gf a) 119static uint8_t
120par25519 (const gf a)
124{ 121{
125 u8 d[32]; 122 u8 d[32];
126 pack25519 (d,a); 123 pack25519 (d,a);
127 return d[0] & 1; 124 return d[0] & 1;
128} 125}
129 126
130sv unpack25519 (gf o, const u8 *n) 127static void
128unpack25519 (gf o, const u8 *n)
131{ 129{
132 int i; 130 int i;
133 FOR (i,16) o[i] = n[2 * i] + ((i64) n[2 * i + 1] << 8); 131 FOR (i,16) o[i] = n[2 * i] + ((i64) n[2 * i + 1] << 8);
134 o[15] &= 0x7fff; 132 o[15] &= 0x7fff;
135} 133}
136 134
137sv A (gf o,const gf a,const gf b) 135static void
136A (gf o,const gf a,const gf b)
138{ 137{
139 int i; 138 int i;
140 FOR (i,16) o[i] = a[i] + b[i]; 139 FOR (i,16) o[i] = a[i] + b[i];
141} 140}
142 141
143sv Z (gf o,const gf a,const gf b) 142static void
143Z (gf o,const gf a,const gf b)
144{ 144{
145 int i; 145 int i;
146 FOR (i,16) o[i] = a[i] - b[i]; 146 FOR (i,16) o[i] = a[i] - b[i];
147} 147}
148 148
149sv M (gf o,const gf a,const gf b) 149static void
150M (gf o,const gf a,const gf b)
150{ 151{
151 i64 i,j,t[31]; 152 i64 i,j,t[31];
152 FOR (i,31) t[i] = 0; 153 FOR (i,31) t[i] = 0;
@@ -157,12 +158,14 @@ sv M (gf o,const gf a,const gf b)
157 car25519 (o); 158 car25519 (o);
158} 159}
159 160
160sv S (gf o,const gf a) 161static void
162S (gf o,const gf a)
161{ 163{
162 M (o,a,a); 164 M (o,a,a);
163} 165}
164 166
165sv inv25519 (gf o,const gf i) 167static void
168inv25519 (gf o,const gf i)
166{ 169{
167 gf c; 170 gf c;
168 int a; 171 int a;
@@ -175,7 +178,7 @@ sv inv25519 (gf o,const gf i)
175 FOR (a,16) o[a] = c[a]; 178 FOR (a,16) o[a] = c[a];
176} 179}
177 180
178sv pow2523 (gf o,const gf i) 181static void pow2523 (gf o,const gf i)
179{ 182{
180 gf c; 183 gf c;
181 int a; 184 int a;
@@ -188,7 +191,8 @@ sv pow2523 (gf o,const gf i)
188 FOR (a,16) o[a] = c[a]; 191 FOR (a,16) o[a] = c[a];
189} 192}
190 193
191int crypto_scalarmult (u8 *q,const u8 *n,const u8 *p) 194int
195GNUNET_TWEETNACL_scalarmult_curve25519 (u8 *q,const u8 *n,const u8 *p)
192{ 196{
193 u8 z[32]; 197 u8 z[32];
194 i64 x[80],r,i; 198 i64 x[80],r,i;
@@ -239,25 +243,22 @@ int crypto_scalarmult (u8 *q,const u8 *n,const u8 *p)
239 return 0; 243 return 0;
240} 244}
241 245
242int crypto_scalarmult_base (u8 *q,const u8 *n) 246int
243{ 247GNUNET_TWEETNACL_scalarmult_curve25519_base (u8 *q,const u8 *n)
244 return crypto_scalarmult (q,n,_9);
245}
246
247int crypto_box_keypair (u8 *y,u8 *x)
248{ 248{
249 randombytes (x,32); 249 return GNUNET_TWEETNACL_scalarmult_curve25519 (q,n,_9);
250 return crypto_scalarmult_base (y,x);
251} 250}
252 251
253int crypto_hash (u8 *out,const u8 *m,u64 n) 252static int
253crypto_hash (u8 *out,const u8 *m,u64 n)
254{ 254{
255 struct GNUNET_HashCode *hc = (void *) out; 255 struct GNUNET_HashCode *hc = (void *) out;
256 GNUNET_CRYPTO_hash (m, n, hc); 256 GNUNET_CRYPTO_hash (m, n, hc);
257 return 0; 257 return 0;
258} 258}
259 259
260sv add (gf p[4],gf q[4]) 260static void
261add (gf p[4],gf q[4])
261{ 262{
262 gf a,b,c,d,t,e,f,g,h; 263 gf a,b,c,d,t,e,f,g,h;
263 264
@@ -282,14 +283,16 @@ sv add (gf p[4],gf q[4])
282 M (p[3], e, h); 283 M (p[3], e, h);
283} 284}
284 285
285sv cswap (gf p[4],gf q[4],u8 b) 286static void
287cswap (gf p[4],gf q[4],u8 b)
286{ 288{
287 int i; 289 int i;
288 FOR (i,4) 290 FOR (i,4)
289 sel25519 (p[i],q[i],b); 291 sel25519 (p[i],q[i],b);
290} 292}
291 293
292sv pack (u8 *r,gf p[4]) 294static void
295pack (u8 *r,gf p[4])
293{ 296{
294 gf tx, ty, zi; 297 gf tx, ty, zi;
295 inv25519 (zi, p[2]); 298 inv25519 (zi, p[2]);
@@ -299,7 +302,8 @@ sv pack (u8 *r,gf p[4])
299 r[31] ^= par25519 (tx) << 7; 302 r[31] ^= par25519 (tx) << 7;
300} 303}
301 304
302sv scalarmult (gf p[4],gf q[4],const u8 *s) 305static void
306scalarmult (gf p[4],gf q[4],const u8 *s)
303{ 307{
304 int i; 308 int i;
305 set25519 (p[0],gf0); 309 set25519 (p[0],gf0);
@@ -315,7 +319,8 @@ sv scalarmult (gf p[4],gf q[4],const u8 *s)
315 } 319 }
316} 320}
317 321
318sv scalarbase (gf p[4],const u8 *s) 322static void
323scalarbase (gf p[4],const u8 *s)
319{ 324{
320 gf q[4]; 325 gf q[4];
321 set25519 (q[0],X); 326 set25519 (q[0],X);
@@ -330,7 +335,8 @@ static const u64 L[32] = {0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6,
330 0, 0, 0, 0, 0, 0, 0, 0, 335 0, 0, 0, 0, 0, 0, 0, 0,
331 0, 0, 0, 0x10}; 336 0, 0, 0, 0x10};
332 337
333sv modL (u8 *r,i64 x[64]) 338static void
339modL (u8 *r,i64 x[64])
334{ 340{
335 i64 carry,i,j; 341 i64 carry,i,j;
336 for (i = 63; i >= 32; --i) { 342 for (i = 63; i >= 32; --i) {
@@ -356,7 +362,8 @@ sv modL (u8 *r,i64 x[64])
356 } 362 }
357} 363}
358 364
359sv reduce (u8 *r) 365static void
366reduce (u8 *r)
360{ 367{
361 i64 x[64],i; 368 i64 x[64],i;
362 FOR (i,64) x[i] = (u64) r[i]; 369 FOR (i,64) x[i] = (u64) r[i];
@@ -364,7 +371,8 @@ sv reduce (u8 *r)
364 modL (r,x); 371 modL (r,x);
365} 372}
366 373
367static int unpackneg (gf r[4],const u8 p[32]) 374static int
375unpackneg (gf r[4],const u8 p[32])
368{ 376{
369 gf t, chk, num, den, den2, den4, den6; 377 gf t, chk, num, den, den2, den4, den6;
370 set25519 (r[2],gf1); 378 set25519 (r[2],gf1);
@@ -406,7 +414,7 @@ static int unpackneg (gf r[4],const u8 p[32])
406/* The following functions have been added for GNUnet */ 414/* The following functions have been added for GNUnet */
407 415
408void 416void
409crypto_sign_pk_from_seed (u8 *pk, const u8 *seed) 417GNUNET_TWEETNACL_sign_pk_from_seed (u8 *pk, const u8 *seed)
410{ 418{
411 u8 d[64]; 419 u8 d[64];
412 gf p[4]; 420 gf p[4];
@@ -421,7 +429,7 @@ crypto_sign_pk_from_seed (u8 *pk, const u8 *seed)
421} 429}
422 430
423void 431void
424crypto_sign_sk_from_seed (u8 *sk, const u8 *seed) 432GNUNET_TWEETNACL_sign_sk_from_seed (u8 *sk, const u8 *seed)
425{ 433{
426 u8 d[64]; 434 u8 d[64];
427 gf p[4]; 435 gf p[4];
@@ -440,9 +448,9 @@ crypto_sign_sk_from_seed (u8 *sk, const u8 *seed)
440 FOR (i,32) sk[32 + i] = pk[i]; 448 FOR (i,32) sk[32 + i] = pk[i];
441} 449}
442 450
443
444int 451int
445crypto_sign_ed25519_pk_to_curve25519 (u8 *x25519_pk, const u8 *ed25519_pk) 452GNUNET_TWEETNACL_sign_ed25519_pk_to_curve25519 (u8 *x25519_pk,
453 const u8 *ed25519_pk)
446{ 454{
447 gf ge_a[4]; 455 gf ge_a[4];
448 gf x; 456 gf x;
@@ -464,8 +472,10 @@ crypto_sign_ed25519_pk_to_curve25519 (u8 *x25519_pk, const u8 *ed25519_pk)
464 return 0; 472 return 0;
465} 473}
466 474
467 475int GNUNET_TWEETNACL_sign_detached_verify (const u8 *sig,
468int crypto_sign_detached_verify (const u8 *sig,const u8 *m,u64 n,const u8 *pk) 476 const u8 *m,
477 u64 n,
478 const u8 *pk)
469{ 479{
470 struct GNUNET_HashContext *hc; 480 struct GNUNET_HashContext *hc;
471 u8 t[32],h[64]; 481 u8 t[32],h[64];
@@ -492,9 +502,11 @@ int crypto_sign_detached_verify (const u8 *sig,const u8 *m,u64 n,const u8 *pk)
492 return 0; 502 return 0;
493} 503}
494 504
495
496int 505int
497crypto_sign_detached (u8 *sig,const u8 *m,u64 n,const u8 *sk) 506GNUNET_TWEETNACL_sign_detached (u8 *sig,
507 const u8 *m,
508 u64 n,
509 const u8 *sk)
498{ 510{
499 struct GNUNET_HashContext *hc; 511 struct GNUNET_HashContext *hc;
500 u8 d[64],h[64],r[64]; 512 u8 d[64],h[64],r[64];
diff --git a/src/util/tweetnacl-gnunet.h b/src/util/tweetnacl-gnunet.h
index d413541ff..239166ffc 100644
--- a/src/util/tweetnacl-gnunet.h
+++ b/src/util/tweetnacl-gnunet.h
@@ -13,75 +13,38 @@
13#ifndef TWEETNACL_H 13#ifndef TWEETNACL_H
14#define TWEETNACL_H 14#define TWEETNACL_H
15#include <stdint.h> 15#include <stdint.h>
16#define crypto_scalarmult_PRIMITIVE "curve25519" 16
17#define crypto_scalarmult crypto_scalarmult_curve25519 17
18#define crypto_scalarmult_base crypto_scalarmult_curve25519_base 18#define GNUNET_TWEETNACL_SIGN_SECRETKEYBYTES 64
19#define crypto_scalarmult_BYTES crypto_scalarmult_curve25519_BYTES 19#define GNUNET_TWEETNACL_SIGN_PUBLICBYTES 32
20#define crypto_scalarmult_SCALARBYTES crypto_scalarmult_curve25519_SCALARBYTES 20#define GNUNET_TWEETNACL_SCALARMULT_BYTES 32
21#define crypto_scalarmult_IMPLEMENTATION \ 21
22 crypto_scalarmult_curve25519_IMPLEMENTATION 22int
23#define crypto_scalarmult_VERSION crypto_scalarmult_curve25519_VERSION 23GNUNET_TWEETNACL_scalarmult_curve25519 (uint8_t *,
24#define crypto_scalarmult_curve25519_tweet_BYTES 32 24 const uint8_t *,
25#define crypto_scalarmult_curve25519_tweet_SCALARBYTES 32 25 const uint8_t *);
26extern int crypto_scalarmult_curve25519_tweet (uint8_t *, 26extern int
27 const uint8_t *, 27GNUNET_TWEETNACL_scalarmult_curve25519_base (uint8_t *,
28 const uint8_t *); 28 const uint8_t *);
29extern int crypto_scalarmult_curve25519_tweet_base (uint8_t *, 29void
30 const uint8_t *); 30GNUNET_TWEETNACL_sign_pk_from_seed (uint8_t *pk, const uint8_t *seed);
31#define crypto_scalarmult_curve25519_tweet_VERSION "-" 31
32#define crypto_scalarmult_curve25519 crypto_scalarmult_curve25519_tweet 32void
33#define crypto_scalarmult_curve25519_base \ 33GNUNET_TWEETNACL_sign_sk_from_seed (uint8_t *sk, const uint8_t *seed);
34 crypto_scalarmult_curve25519_tweet_base 34
35#define crypto_scalarmult_curve25519_BYTES \ 35int
36 crypto_scalarmult_curve25519_tweet_BYTES 36GNUNET_TWEETNACL_sign_ed25519_pk_to_curve25519 (uint8_t *x25519_pk,
37#define crypto_scalarmult_curve25519_SCALARBYTES \ 37 const uint8_t *ed25519_pk);
38 crypto_scalarmult_curve25519_tweet_SCALARBYTES 38
39#define crypto_scalarmult_curve25519_VERSION \ 39int
40 crypto_scalarmult_curve25519_tweet_VERSION 40GNUNET_TWEETNACL_sign_detached_verify (const uint8_t *sig,
41#define crypto_scalarmult_curve25519_IMPLEMENTATION \ 41 const uint8_t *m,
42 "crypto_scalarmult/curve25519/tweet" 42 uint64_t n,
43#define crypto_sign_PRIMITIVE "ed25519" 43 const uint8_t *pk);
44#define crypto_sign crypto_sign_ed25519 44
45#define crypto_sign_BYTES crypto_sign_ed25519_BYTES 45int
46#define crypto_sign_PUBLICKEYBYTES crypto_sign_ed25519_PUBLICKEYBYTES 46GNUNET_TWEETNACL_sign_detached (uint8_t *sig,
47#define crypto_sign_SECRETKEYBYTES crypto_sign_ed25519_SECRETKEYBYTES 47 const uint8_t *m,
48#define crypto_sign_IMPLEMENTATION crypto_sign_ed25519_IMPLEMENTATION 48 uint64_t n,
49#define crypto_sign_VERSION crypto_sign_ed25519_VERSION 49 const uint8_t *sk);
50#define crypto_sign_ed25519_tweet_BYTES 64
51#define crypto_sign_ed25519_tweet_PUBLICKEYBYTES 32
52#define crypto_sign_ed25519_tweet_SECRETKEYBYTES 64
53extern int crypto_sign_ed25519_tweet (uint8_t *,
54 uint64_t *,
55 const uint8_t *,
56 uint64_t,
57 const uint8_t *);
58extern int crypto_sign_ed25519_tweet_open (uint8_t *,
59 uint64_t *,
60 const uint8_t *,
61 uint64_t,
62 const uint8_t *);
63extern int crypto_sign_ed25519_tweet_keypair (uint8_t *,uint8_t *);
64#define crypto_sign_ed25519_tweet_VERSION "-"
65#define crypto_sign_ed25519 crypto_sign_ed25519_tweet
66#define crypto_sign_ed25519_open crypto_sign_ed25519_tweet_open
67#define crypto_sign_ed25519_keypair crypto_sign_ed25519_tweet_keypair
68#define crypto_sign_ed25519_BYTES crypto_sign_ed25519_tweet_BYTES
69#define crypto_sign_ed25519_PUBLICKEYBYTES \
70 crypto_sign_ed25519_tweet_PUBLICKEYBYTES
71#define crypto_sign_ed25519_SECRETKEYBYTES \
72 crypto_sign_ed25519_tweet_SECRETKEYBYTES
73#define crypto_sign_ed25519_VERSION crypto_sign_ed25519_tweet_VERSION
74#define crypto_sign_ed25519_IMPLEMENTATION "crypto_sign/ed25519/tweet"
75void crypto_sign_pk_from_seed (uint8_t *pk, const uint8_t *seed);
76void crypto_sign_sk_from_seed (uint8_t *sk, const uint8_t *seed);
77int crypto_sign_ed25519_pk_to_curve25519 (uint8_t *x25519_pk,
78 const uint8_t *ed25519_pk);
79int crypto_sign_detached_verify (const uint8_t *sig,
80 const uint8_t *m,
81 uint64_t n,
82 const uint8_t *pk);
83int crypto_sign_detached (uint8_t *sig,
84 const uint8_t *m,
85 uint64_t n,
86 const uint8_t *sk);
87#endif 50#endif