diff options
Diffstat (limited to 'src/util')
-rw-r--r-- | src/util/crypto_ecc.c | 48 | ||||
-rw-r--r-- | src/util/crypto_kdf.c | 6 | ||||
-rw-r--r-- | src/util/tweetnacl-gnunet.c | 116 | ||||
-rw-r--r-- | src/util/tweetnacl-gnunet.h | 105 |
4 files changed, 128 insertions, 147 deletions
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c index 86beb9109..f9efcf6e7 100644 --- a/src/util/crypto_ecc.c +++ b/src/util/crypto_ecc.c | |||
@@ -282,7 +282,7 @@ GNUNET_CRYPTO_eddsa_key_get_public ( | |||
282 | { | 282 | { |
283 | #if NEW_CRYPTO | 283 | #if NEW_CRYPTO |
284 | BENCHMARK_START (eddsa_key_get_public); | 284 | BENCHMARK_START (eddsa_key_get_public); |
285 | crypto_sign_pk_from_seed (pub->q_y, priv->d); | 285 | GNUNET_TWEETNACL_sign_pk_from_seed (pub->q_y, priv->d); |
286 | BENCHMARK_END (eddsa_key_get_public); | 286 | BENCHMARK_END (eddsa_key_get_public); |
287 | #else | 287 | #else |
288 | gcry_sexp_t sexp; | 288 | gcry_sexp_t sexp; |
@@ -319,7 +319,7 @@ GNUNET_CRYPTO_ecdhe_key_get_public ( | |||
319 | { | 319 | { |
320 | #if NEW_CRYPTO | 320 | #if NEW_CRYPTO |
321 | BENCHMARK_START (ecdhe_key_get_public); | 321 | BENCHMARK_START (ecdhe_key_get_public); |
322 | crypto_scalarmult_curve25519_base (pub->q_y, priv->d); | 322 | GNUNET_TWEETNACL_scalarmult_curve25519_base (pub->q_y, priv->d); |
323 | BENCHMARK_END (ecdhe_key_get_public); | 323 | BENCHMARK_END (ecdhe_key_get_public); |
324 | #else | 324 | #else |
325 | gcry_sexp_t sexp; | 325 | gcry_sexp_t sexp; |
@@ -1036,15 +1036,15 @@ GNUNET_CRYPTO_eddsa_sign ( | |||
1036 | 1036 | ||
1037 | #if NEW_CRYPTO | 1037 | #if NEW_CRYPTO |
1038 | size_t mlen = ntohl (purpose->size); | 1038 | size_t mlen = ntohl (purpose->size); |
1039 | unsigned char sk[crypto_sign_SECRETKEYBYTES]; | 1039 | unsigned char sk[GNUNET_TWEETNACL_SIGN_SECRETKEYBYTES]; |
1040 | int res; | 1040 | int res; |
1041 | 1041 | ||
1042 | BENCHMARK_START (eddsa_sign); | 1042 | BENCHMARK_START (eddsa_sign); |
1043 | crypto_sign_sk_from_seed (sk, priv->d); | 1043 | GNUNET_TWEETNACL_sign_sk_from_seed (sk, priv->d); |
1044 | res = crypto_sign_detached ((uint8_t *) sig, | 1044 | res = GNUNET_TWEETNACL_sign_detached ((uint8_t *) sig, |
1045 | (uint8_t *) purpose, | 1045 | (uint8_t *) purpose, |
1046 | mlen, | 1046 | mlen, |
1047 | sk); | 1047 | sk); |
1048 | BENCHMARK_END (eddsa_sign); | 1048 | BENCHMARK_END (eddsa_sign); |
1049 | return (res == 0) ? GNUNET_OK : GNUNET_SYSERR; | 1049 | return (res == 0) ? GNUNET_OK : GNUNET_SYSERR; |
1050 | #else | 1050 | #else |
@@ -1189,7 +1189,7 @@ GNUNET_CRYPTO_eddsa_verify ( | |||
1189 | return GNUNET_SYSERR; /* purpose mismatch */ | 1189 | return GNUNET_SYSERR; /* purpose mismatch */ |
1190 | 1190 | ||
1191 | BENCHMARK_START (eddsa_verify); | 1191 | BENCHMARK_START (eddsa_verify); |
1192 | res = crypto_sign_detached_verify (s, m, mlen, pub->q_y); | 1192 | res = GNUNET_TWEETNACL_sign_detached_verify (s, m, mlen, pub->q_y); |
1193 | BENCHMARK_END (eddsa_verify); | 1193 | BENCHMARK_END (eddsa_verify); |
1194 | return (res == 0) ? GNUNET_OK : GNUNET_SYSERR; | 1194 | return (res == 0) ? GNUNET_OK : GNUNET_SYSERR; |
1195 | #else | 1195 | #else |
@@ -1262,9 +1262,9 @@ GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, | |||
1262 | struct GNUNET_HashCode *key_material) | 1262 | struct GNUNET_HashCode *key_material) |
1263 | { | 1263 | { |
1264 | #if NEW_CRYPTO | 1264 | #if NEW_CRYPTO |
1265 | uint8_t p[crypto_scalarmult_BYTES]; | 1265 | uint8_t p[GNUNET_TWEETNACL_SCALARMULT_BYTES]; |
1266 | crypto_scalarmult_curve25519 (p, priv->d, pub->q_y); | 1266 | GNUNET_TWEETNACL_scalarmult_curve25519 (p, priv->d, pub->q_y); |
1267 | GNUNET_CRYPTO_hash (p, crypto_scalarmult_BYTES, key_material); | 1267 | GNUNET_CRYPTO_hash (p, GNUNET_TWEETNACL_SCALARMULT_BYTES, key_material); |
1268 | return GNUNET_OK; | 1268 | return GNUNET_OK; |
1269 | #else | 1269 | #else |
1270 | gcry_mpi_point_t result; | 1270 | gcry_mpi_point_t result; |
@@ -1592,12 +1592,16 @@ GNUNET_CRYPTO_eddsa_ecdh (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, | |||
1592 | { | 1592 | { |
1593 | #if NEW_CRYPTO | 1593 | #if NEW_CRYPTO |
1594 | struct GNUNET_HashCode hc; | 1594 | struct GNUNET_HashCode hc; |
1595 | uint8_t a[crypto_scalarmult_BYTES]; | 1595 | uint8_t a[GNUNET_TWEETNACL_SCALARMULT_BYTES]; |
1596 | uint8_t p[crypto_scalarmult_BYTES]; | 1596 | uint8_t p[GNUNET_TWEETNACL_SCALARMULT_BYTES]; |
1597 | GNUNET_CRYPTO_hash (priv, sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey), &hc); | 1597 | GNUNET_CRYPTO_hash (priv, |
1598 | sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey), | ||
1599 | &hc); | ||
1598 | memcpy (a, &hc, sizeof (struct GNUNET_CRYPTO_EcdhePrivateKey)); | 1600 | memcpy (a, &hc, sizeof (struct GNUNET_CRYPTO_EcdhePrivateKey)); |
1599 | crypto_scalarmult_curve25519 (p, a, pub->q_y); | 1601 | GNUNET_TWEETNACL_scalarmult_curve25519 (p, a, pub->q_y); |
1600 | GNUNET_CRYPTO_hash (p, crypto_scalarmult_BYTES, key_material); | 1602 | GNUNET_CRYPTO_hash (p, |
1603 | GNUNET_TWEETNACL_SCALARMULT_BYTES, | ||
1604 | key_material); | ||
1601 | return GNUNET_OK; | 1605 | return GNUNET_OK; |
1602 | #else | 1606 | #else |
1603 | gcry_mpi_point_t result; | 1607 | gcry_mpi_point_t result; |
@@ -1712,11 +1716,11 @@ GNUNET_CRYPTO_ecdh_eddsa (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, | |||
1712 | struct GNUNET_HashCode *key_material) | 1716 | struct GNUNET_HashCode *key_material) |
1713 | { | 1717 | { |
1714 | #if NEW_CRYPTO | 1718 | #if NEW_CRYPTO |
1715 | uint8_t p[crypto_scalarmult_BYTES]; | 1719 | uint8_t p[GNUNET_TWEETNACL_SCALARMULT_BYTES]; |
1716 | uint8_t curve25510_pk[crypto_sign_PUBLICKEYBYTES]; | 1720 | uint8_t curve25510_pk[GNUNET_TWEETNACL_SIGN_PUBLICBYTES]; |
1717 | crypto_sign_ed25519_pk_to_curve25519 (curve25510_pk, pub->q_y); | 1721 | GNUNET_TWEETNACL_sign_ed25519_pk_to_curve25519 (curve25510_pk, pub->q_y); |
1718 | crypto_scalarmult_curve25519 (p, priv->d, curve25510_pk); | 1722 | GNUNET_TWEETNACL_scalarmult_curve25519 (p, priv->d, curve25510_pk); |
1719 | GNUNET_CRYPTO_hash (p, crypto_scalarmult_BYTES, key_material); | 1723 | GNUNET_CRYPTO_hash (p, GNUNET_TWEETNACL_SCALARMULT_BYTES, key_material); |
1720 | return GNUNET_OK; | 1724 | return GNUNET_OK; |
1721 | #else | 1725 | #else |
1722 | gcry_mpi_point_t result; | 1726 | gcry_mpi_point_t result; |
diff --git a/src/util/crypto_kdf.c b/src/util/crypto_kdf.c index 43a9731ff..1b3bd686f 100644 --- a/src/util/crypto_kdf.c +++ b/src/util/crypto_kdf.c | |||
@@ -132,7 +132,7 @@ GNUNET_CRYPTO_kdf_mod_mpi (gcry_mpi_t *r, | |||
132 | gcry_error_t rc; | 132 | gcry_error_t rc; |
133 | unsigned int nbits; | 133 | unsigned int nbits; |
134 | size_t rsize; | 134 | size_t rsize; |
135 | unsigned int ctr; | 135 | uint16_t ctr; |
136 | 136 | ||
137 | nbits = gcry_mpi_get_nbits (n); | 137 | nbits = gcry_mpi_get_nbits (n); |
138 | /* GNUNET_assert (nbits > 512); */ | 138 | /* GNUNET_assert (nbits > 512); */ |
@@ -143,12 +143,14 @@ GNUNET_CRYPTO_kdf_mod_mpi (gcry_mpi_t *r, | |||
143 | /* Ain't clear if n is always divisible by 8 */ | 143 | /* Ain't clear if n is always divisible by 8 */ |
144 | uint8_t buf[ (nbits - 1) / 8 + 1 ]; | 144 | uint8_t buf[ (nbits - 1) / 8 + 1 ]; |
145 | 145 | ||
146 | uint16_t ctr_nbo = htons (ctr); | ||
147 | |||
146 | rc = GNUNET_CRYPTO_kdf (buf, | 148 | rc = GNUNET_CRYPTO_kdf (buf, |
147 | sizeof(buf), | 149 | sizeof(buf), |
148 | xts, xts_len, | 150 | xts, xts_len, |
149 | skm, skm_len, | 151 | skm, skm_len, |
150 | ctx, strlen (ctx), | 152 | ctx, strlen (ctx), |
151 | &ctr, sizeof(ctr), | 153 | &ctr_nbo, sizeof(ctr_nbo), |
152 | NULL, 0); | 154 | NULL, 0); |
153 | GNUNET_assert (GNUNET_YES == rc); | 155 | GNUNET_assert (GNUNET_YES == rc); |
154 | 156 | ||
diff --git a/src/util/tweetnacl-gnunet.c b/src/util/tweetnacl-gnunet.c index 0f3a976c1..1c27730a4 100644 --- a/src/util/tweetnacl-gnunet.c +++ b/src/util/tweetnacl-gnunet.c | |||
@@ -13,7 +13,6 @@ | |||
13 | #include "gnunet_crypto_lib.h" | 13 | #include "gnunet_crypto_lib.h" |
14 | #include "tweetnacl-gnunet.h" | 14 | #include "tweetnacl-gnunet.h" |
15 | #define FOR(i,n) for (i = 0; i < n; ++i) | 15 | #define FOR(i,n) for (i = 0; i < n; ++i) |
16 | #define sv static void | ||
17 | 16 | ||
18 | typedef uint8_t u8; | 17 | typedef uint8_t u8; |
19 | typedef uint32_t u32; | 18 | typedef uint32_t u32; |
@@ -21,11 +20,6 @@ typedef uint64_t u64; | |||
21 | typedef int64_t i64; | 20 | typedef int64_t i64; |
22 | typedef i64 gf[16]; | 21 | typedef i64 gf[16]; |
23 | 22 | ||
24 | static void randombytes (u8 *data,u64 len) | ||
25 | { | ||
26 | GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE, data, len); | ||
27 | } | ||
28 | |||
29 | static const u8 _9[32] = {9}; | 23 | static const u8 _9[32] = {9}; |
30 | static const gf | 24 | static const gf |
31 | gf0, | 25 | gf0, |
@@ -42,30 +36,29 @@ static const gf | |||
42 | I = {0xa0b0, 0x4a0e, 0x1b27, 0xc4ee, 0xe478, 0xad2f, 0x1806, 0x2f43, 0xd7a7, | 36 | I = {0xa0b0, 0x4a0e, 0x1b27, 0xc4ee, 0xe478, 0xad2f, 0x1806, 0x2f43, 0xd7a7, |
43 | 0x3dfb, 0x0099, 0x2b4d, 0xdf0b, 0x4fc1, 0x2480, 0x2b83}; | 37 | 0x3dfb, 0x0099, 0x2b4d, 0xdf0b, 0x4fc1, 0x2480, 0x2b83}; |
44 | 38 | ||
45 | static int vn (const u8 *x,const u8 *y,int n) | 39 | static int |
40 | vn (const u8 *x,const u8 *y,int n) | ||
46 | { | 41 | { |
47 | u32 i,d = 0; | 42 | u32 i,d = 0; |
48 | FOR (i,n) d |= x[i] ^ y[i]; | 43 | FOR (i,n) d |= x[i] ^ y[i]; |
49 | return (1 & ((d - 1) >> 8)) - 1; | 44 | return (1 & ((d - 1) >> 8)) - 1; |
50 | } | 45 | } |
51 | 46 | ||
52 | int crypto_verify_16 (const u8 *x,const u8 *y) | 47 | static int |
53 | { | 48 | crypto_verify_32 (const u8 *x,const u8 *y) |
54 | return vn (x,y,16); | ||
55 | } | ||
56 | |||
57 | int crypto_verify_32 (const u8 *x,const u8 *y) | ||
58 | { | 49 | { |
59 | return vn (x,y,32); | 50 | return vn (x,y,32); |
60 | } | 51 | } |
61 | 52 | ||
62 | sv set25519 (gf r, const gf a) | 53 | static void |
54 | set25519 (gf r, const gf a) | ||
63 | { | 55 | { |
64 | int i; | 56 | int i; |
65 | FOR (i,16) r[i] = a[i]; | 57 | FOR (i,16) r[i] = a[i]; |
66 | } | 58 | } |
67 | 59 | ||
68 | sv car25519 (gf o) | 60 | static void |
61 | car25519 (gf o) | ||
69 | { | 62 | { |
70 | int i; | 63 | int i; |
71 | i64 c; | 64 | i64 c; |
@@ -77,7 +70,8 @@ sv car25519 (gf o) | |||
77 | } | 70 | } |
78 | } | 71 | } |
79 | 72 | ||
80 | sv sel25519 (gf p,gf q,int b) | 73 | static void |
74 | sel25519 (gf p,gf q,int b) | ||
81 | { | 75 | { |
82 | i64 t,i,c = ~(b - 1); | 76 | i64 t,i,c = ~(b - 1); |
83 | FOR (i,16) { | 77 | FOR (i,16) { |
@@ -87,7 +81,8 @@ sv sel25519 (gf p,gf q,int b) | |||
87 | } | 81 | } |
88 | } | 82 | } |
89 | 83 | ||
90 | sv pack25519 (u8 *o,const gf n) | 84 | static void |
85 | pack25519 (u8 *o,const gf n) | ||
91 | { | 86 | { |
92 | int i,j,b; | 87 | int i,j,b; |
93 | gf m,t; | 88 | gf m,t; |
@@ -112,7 +107,8 @@ sv pack25519 (u8 *o,const gf n) | |||
112 | } | 107 | } |
113 | } | 108 | } |
114 | 109 | ||
115 | static int neq25519 (const gf a, const gf b) | 110 | static int |
111 | neq25519 (const gf a, const gf b) | ||
116 | { | 112 | { |
117 | u8 c[32],d[32]; | 113 | u8 c[32],d[32]; |
118 | pack25519 (c,a); | 114 | pack25519 (c,a); |
@@ -120,33 +116,38 @@ static int neq25519 (const gf a, const gf b) | |||
120 | return crypto_verify_32 (c,d); | 116 | return crypto_verify_32 (c,d); |
121 | } | 117 | } |
122 | 118 | ||
123 | static u8 par25519 (const gf a) | 119 | static uint8_t |
120 | par25519 (const gf a) | ||
124 | { | 121 | { |
125 | u8 d[32]; | 122 | u8 d[32]; |
126 | pack25519 (d,a); | 123 | pack25519 (d,a); |
127 | return d[0] & 1; | 124 | return d[0] & 1; |
128 | } | 125 | } |
129 | 126 | ||
130 | sv unpack25519 (gf o, const u8 *n) | 127 | static void |
128 | unpack25519 (gf o, const u8 *n) | ||
131 | { | 129 | { |
132 | int i; | 130 | int i; |
133 | FOR (i,16) o[i] = n[2 * i] + ((i64) n[2 * i + 1] << 8); | 131 | FOR (i,16) o[i] = n[2 * i] + ((i64) n[2 * i + 1] << 8); |
134 | o[15] &= 0x7fff; | 132 | o[15] &= 0x7fff; |
135 | } | 133 | } |
136 | 134 | ||
137 | sv A (gf o,const gf a,const gf b) | 135 | static void |
136 | A (gf o,const gf a,const gf b) | ||
138 | { | 137 | { |
139 | int i; | 138 | int i; |
140 | FOR (i,16) o[i] = a[i] + b[i]; | 139 | FOR (i,16) o[i] = a[i] + b[i]; |
141 | } | 140 | } |
142 | 141 | ||
143 | sv Z (gf o,const gf a,const gf b) | 142 | static void |
143 | Z (gf o,const gf a,const gf b) | ||
144 | { | 144 | { |
145 | int i; | 145 | int i; |
146 | FOR (i,16) o[i] = a[i] - b[i]; | 146 | FOR (i,16) o[i] = a[i] - b[i]; |
147 | } | 147 | } |
148 | 148 | ||
149 | sv M (gf o,const gf a,const gf b) | 149 | static void |
150 | M (gf o,const gf a,const gf b) | ||
150 | { | 151 | { |
151 | i64 i,j,t[31]; | 152 | i64 i,j,t[31]; |
152 | FOR (i,31) t[i] = 0; | 153 | FOR (i,31) t[i] = 0; |
@@ -157,12 +158,14 @@ sv M (gf o,const gf a,const gf b) | |||
157 | car25519 (o); | 158 | car25519 (o); |
158 | } | 159 | } |
159 | 160 | ||
160 | sv S (gf o,const gf a) | 161 | static void |
162 | S (gf o,const gf a) | ||
161 | { | 163 | { |
162 | M (o,a,a); | 164 | M (o,a,a); |
163 | } | 165 | } |
164 | 166 | ||
165 | sv inv25519 (gf o,const gf i) | 167 | static void |
168 | inv25519 (gf o,const gf i) | ||
166 | { | 169 | { |
167 | gf c; | 170 | gf c; |
168 | int a; | 171 | int a; |
@@ -175,7 +178,7 @@ sv inv25519 (gf o,const gf i) | |||
175 | FOR (a,16) o[a] = c[a]; | 178 | FOR (a,16) o[a] = c[a]; |
176 | } | 179 | } |
177 | 180 | ||
178 | sv pow2523 (gf o,const gf i) | 181 | static void pow2523 (gf o,const gf i) |
179 | { | 182 | { |
180 | gf c; | 183 | gf c; |
181 | int a; | 184 | int a; |
@@ -188,7 +191,8 @@ sv pow2523 (gf o,const gf i) | |||
188 | FOR (a,16) o[a] = c[a]; | 191 | FOR (a,16) o[a] = c[a]; |
189 | } | 192 | } |
190 | 193 | ||
191 | int crypto_scalarmult (u8 *q,const u8 *n,const u8 *p) | 194 | int |
195 | GNUNET_TWEETNACL_scalarmult_curve25519 (u8 *q,const u8 *n,const u8 *p) | ||
192 | { | 196 | { |
193 | u8 z[32]; | 197 | u8 z[32]; |
194 | i64 x[80],r,i; | 198 | i64 x[80],r,i; |
@@ -239,25 +243,22 @@ int crypto_scalarmult (u8 *q,const u8 *n,const u8 *p) | |||
239 | return 0; | 243 | return 0; |
240 | } | 244 | } |
241 | 245 | ||
242 | int crypto_scalarmult_base (u8 *q,const u8 *n) | 246 | int |
243 | { | 247 | GNUNET_TWEETNACL_scalarmult_curve25519_base (u8 *q,const u8 *n) |
244 | return crypto_scalarmult (q,n,_9); | ||
245 | } | ||
246 | |||
247 | int crypto_box_keypair (u8 *y,u8 *x) | ||
248 | { | 248 | { |
249 | randombytes (x,32); | 249 | return GNUNET_TWEETNACL_scalarmult_curve25519 (q,n,_9); |
250 | return crypto_scalarmult_base (y,x); | ||
251 | } | 250 | } |
252 | 251 | ||
253 | int crypto_hash (u8 *out,const u8 *m,u64 n) | 252 | static int |
253 | crypto_hash (u8 *out,const u8 *m,u64 n) | ||
254 | { | 254 | { |
255 | struct GNUNET_HashCode *hc = (void *) out; | 255 | struct GNUNET_HashCode *hc = (void *) out; |
256 | GNUNET_CRYPTO_hash (m, n, hc); | 256 | GNUNET_CRYPTO_hash (m, n, hc); |
257 | return 0; | 257 | return 0; |
258 | } | 258 | } |
259 | 259 | ||
260 | sv add (gf p[4],gf q[4]) | 260 | static void |
261 | add (gf p[4],gf q[4]) | ||
261 | { | 262 | { |
262 | gf a,b,c,d,t,e,f,g,h; | 263 | gf a,b,c,d,t,e,f,g,h; |
263 | 264 | ||
@@ -282,14 +283,16 @@ sv add (gf p[4],gf q[4]) | |||
282 | M (p[3], e, h); | 283 | M (p[3], e, h); |
283 | } | 284 | } |
284 | 285 | ||
285 | sv cswap (gf p[4],gf q[4],u8 b) | 286 | static void |
287 | cswap (gf p[4],gf q[4],u8 b) | ||
286 | { | 288 | { |
287 | int i; | 289 | int i; |
288 | FOR (i,4) | 290 | FOR (i,4) |
289 | sel25519 (p[i],q[i],b); | 291 | sel25519 (p[i],q[i],b); |
290 | } | 292 | } |
291 | 293 | ||
292 | sv pack (u8 *r,gf p[4]) | 294 | static void |
295 | pack (u8 *r,gf p[4]) | ||
293 | { | 296 | { |
294 | gf tx, ty, zi; | 297 | gf tx, ty, zi; |
295 | inv25519 (zi, p[2]); | 298 | inv25519 (zi, p[2]); |
@@ -299,7 +302,8 @@ sv pack (u8 *r,gf p[4]) | |||
299 | r[31] ^= par25519 (tx) << 7; | 302 | r[31] ^= par25519 (tx) << 7; |
300 | } | 303 | } |
301 | 304 | ||
302 | sv scalarmult (gf p[4],gf q[4],const u8 *s) | 305 | static void |
306 | scalarmult (gf p[4],gf q[4],const u8 *s) | ||
303 | { | 307 | { |
304 | int i; | 308 | int i; |
305 | set25519 (p[0],gf0); | 309 | set25519 (p[0],gf0); |
@@ -315,7 +319,8 @@ sv scalarmult (gf p[4],gf q[4],const u8 *s) | |||
315 | } | 319 | } |
316 | } | 320 | } |
317 | 321 | ||
318 | sv scalarbase (gf p[4],const u8 *s) | 322 | static void |
323 | scalarbase (gf p[4],const u8 *s) | ||
319 | { | 324 | { |
320 | gf q[4]; | 325 | gf q[4]; |
321 | set25519 (q[0],X); | 326 | set25519 (q[0],X); |
@@ -330,7 +335,8 @@ static const u64 L[32] = {0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, | |||
330 | 0, 0, 0, 0, 0, 0, 0, 0, | 335 | 0, 0, 0, 0, 0, 0, 0, 0, |
331 | 0, 0, 0, 0x10}; | 336 | 0, 0, 0, 0x10}; |
332 | 337 | ||
333 | sv modL (u8 *r,i64 x[64]) | 338 | static void |
339 | modL (u8 *r,i64 x[64]) | ||
334 | { | 340 | { |
335 | i64 carry,i,j; | 341 | i64 carry,i,j; |
336 | for (i = 63; i >= 32; --i) { | 342 | for (i = 63; i >= 32; --i) { |
@@ -356,7 +362,8 @@ sv modL (u8 *r,i64 x[64]) | |||
356 | } | 362 | } |
357 | } | 363 | } |
358 | 364 | ||
359 | sv reduce (u8 *r) | 365 | static void |
366 | reduce (u8 *r) | ||
360 | { | 367 | { |
361 | i64 x[64],i; | 368 | i64 x[64],i; |
362 | FOR (i,64) x[i] = (u64) r[i]; | 369 | FOR (i,64) x[i] = (u64) r[i]; |
@@ -364,7 +371,8 @@ sv reduce (u8 *r) | |||
364 | modL (r,x); | 371 | modL (r,x); |
365 | } | 372 | } |
366 | 373 | ||
367 | static int unpackneg (gf r[4],const u8 p[32]) | 374 | static int |
375 | unpackneg (gf r[4],const u8 p[32]) | ||
368 | { | 376 | { |
369 | gf t, chk, num, den, den2, den4, den6; | 377 | gf t, chk, num, den, den2, den4, den6; |
370 | set25519 (r[2],gf1); | 378 | set25519 (r[2],gf1); |
@@ -406,7 +414,7 @@ static int unpackneg (gf r[4],const u8 p[32]) | |||
406 | /* The following functions have been added for GNUnet */ | 414 | /* The following functions have been added for GNUnet */ |
407 | 415 | ||
408 | void | 416 | void |
409 | crypto_sign_pk_from_seed (u8 *pk, const u8 *seed) | 417 | GNUNET_TWEETNACL_sign_pk_from_seed (u8 *pk, const u8 *seed) |
410 | { | 418 | { |
411 | u8 d[64]; | 419 | u8 d[64]; |
412 | gf p[4]; | 420 | gf p[4]; |
@@ -421,7 +429,7 @@ crypto_sign_pk_from_seed (u8 *pk, const u8 *seed) | |||
421 | } | 429 | } |
422 | 430 | ||
423 | void | 431 | void |
424 | crypto_sign_sk_from_seed (u8 *sk, const u8 *seed) | 432 | GNUNET_TWEETNACL_sign_sk_from_seed (u8 *sk, const u8 *seed) |
425 | { | 433 | { |
426 | u8 d[64]; | 434 | u8 d[64]; |
427 | gf p[4]; | 435 | gf p[4]; |
@@ -440,9 +448,9 @@ crypto_sign_sk_from_seed (u8 *sk, const u8 *seed) | |||
440 | FOR (i,32) sk[32 + i] = pk[i]; | 448 | FOR (i,32) sk[32 + i] = pk[i]; |
441 | } | 449 | } |
442 | 450 | ||
443 | |||
444 | int | 451 | int |
445 | crypto_sign_ed25519_pk_to_curve25519 (u8 *x25519_pk, const u8 *ed25519_pk) | 452 | GNUNET_TWEETNACL_sign_ed25519_pk_to_curve25519 (u8 *x25519_pk, |
453 | const u8 *ed25519_pk) | ||
446 | { | 454 | { |
447 | gf ge_a[4]; | 455 | gf ge_a[4]; |
448 | gf x; | 456 | gf x; |
@@ -464,8 +472,10 @@ crypto_sign_ed25519_pk_to_curve25519 (u8 *x25519_pk, const u8 *ed25519_pk) | |||
464 | return 0; | 472 | return 0; |
465 | } | 473 | } |
466 | 474 | ||
467 | 475 | int GNUNET_TWEETNACL_sign_detached_verify (const u8 *sig, | |
468 | int crypto_sign_detached_verify (const u8 *sig,const u8 *m,u64 n,const u8 *pk) | 476 | const u8 *m, |
477 | u64 n, | ||
478 | const u8 *pk) | ||
469 | { | 479 | { |
470 | struct GNUNET_HashContext *hc; | 480 | struct GNUNET_HashContext *hc; |
471 | u8 t[32],h[64]; | 481 | u8 t[32],h[64]; |
@@ -492,9 +502,11 @@ int crypto_sign_detached_verify (const u8 *sig,const u8 *m,u64 n,const u8 *pk) | |||
492 | return 0; | 502 | return 0; |
493 | } | 503 | } |
494 | 504 | ||
495 | |||
496 | int | 505 | int |
497 | crypto_sign_detached (u8 *sig,const u8 *m,u64 n,const u8 *sk) | 506 | GNUNET_TWEETNACL_sign_detached (u8 *sig, |
507 | const u8 *m, | ||
508 | u64 n, | ||
509 | const u8 *sk) | ||
498 | { | 510 | { |
499 | struct GNUNET_HashContext *hc; | 511 | struct GNUNET_HashContext *hc; |
500 | u8 d[64],h[64],r[64]; | 512 | u8 d[64],h[64],r[64]; |
diff --git a/src/util/tweetnacl-gnunet.h b/src/util/tweetnacl-gnunet.h index d413541ff..239166ffc 100644 --- a/src/util/tweetnacl-gnunet.h +++ b/src/util/tweetnacl-gnunet.h | |||
@@ -13,75 +13,38 @@ | |||
13 | #ifndef TWEETNACL_H | 13 | #ifndef TWEETNACL_H |
14 | #define TWEETNACL_H | 14 | #define TWEETNACL_H |
15 | #include <stdint.h> | 15 | #include <stdint.h> |
16 | #define crypto_scalarmult_PRIMITIVE "curve25519" | 16 | |
17 | #define crypto_scalarmult crypto_scalarmult_curve25519 | 17 | |
18 | #define crypto_scalarmult_base crypto_scalarmult_curve25519_base | 18 | #define GNUNET_TWEETNACL_SIGN_SECRETKEYBYTES 64 |
19 | #define crypto_scalarmult_BYTES crypto_scalarmult_curve25519_BYTES | 19 | #define GNUNET_TWEETNACL_SIGN_PUBLICBYTES 32 |
20 | #define crypto_scalarmult_SCALARBYTES crypto_scalarmult_curve25519_SCALARBYTES | 20 | #define GNUNET_TWEETNACL_SCALARMULT_BYTES 32 |
21 | #define crypto_scalarmult_IMPLEMENTATION \ | 21 | |
22 | crypto_scalarmult_curve25519_IMPLEMENTATION | 22 | int |
23 | #define crypto_scalarmult_VERSION crypto_scalarmult_curve25519_VERSION | 23 | GNUNET_TWEETNACL_scalarmult_curve25519 (uint8_t *, |
24 | #define crypto_scalarmult_curve25519_tweet_BYTES 32 | 24 | const uint8_t *, |
25 | #define crypto_scalarmult_curve25519_tweet_SCALARBYTES 32 | 25 | const uint8_t *); |
26 | extern int crypto_scalarmult_curve25519_tweet (uint8_t *, | 26 | extern int |
27 | const uint8_t *, | 27 | GNUNET_TWEETNACL_scalarmult_curve25519_base (uint8_t *, |
28 | const uint8_t *); | 28 | const uint8_t *); |
29 | extern int crypto_scalarmult_curve25519_tweet_base (uint8_t *, | 29 | void |
30 | const uint8_t *); | 30 | GNUNET_TWEETNACL_sign_pk_from_seed (uint8_t *pk, const uint8_t *seed); |
31 | #define crypto_scalarmult_curve25519_tweet_VERSION "-" | 31 | |
32 | #define crypto_scalarmult_curve25519 crypto_scalarmult_curve25519_tweet | 32 | void |
33 | #define crypto_scalarmult_curve25519_base \ | 33 | GNUNET_TWEETNACL_sign_sk_from_seed (uint8_t *sk, const uint8_t *seed); |
34 | crypto_scalarmult_curve25519_tweet_base | 34 | |
35 | #define crypto_scalarmult_curve25519_BYTES \ | 35 | int |
36 | crypto_scalarmult_curve25519_tweet_BYTES | 36 | GNUNET_TWEETNACL_sign_ed25519_pk_to_curve25519 (uint8_t *x25519_pk, |
37 | #define crypto_scalarmult_curve25519_SCALARBYTES \ | 37 | const uint8_t *ed25519_pk); |
38 | crypto_scalarmult_curve25519_tweet_SCALARBYTES | 38 | |
39 | #define crypto_scalarmult_curve25519_VERSION \ | 39 | int |
40 | crypto_scalarmult_curve25519_tweet_VERSION | 40 | GNUNET_TWEETNACL_sign_detached_verify (const uint8_t *sig, |
41 | #define crypto_scalarmult_curve25519_IMPLEMENTATION \ | 41 | const uint8_t *m, |
42 | "crypto_scalarmult/curve25519/tweet" | 42 | uint64_t n, |
43 | #define crypto_sign_PRIMITIVE "ed25519" | 43 | const uint8_t *pk); |
44 | #define crypto_sign crypto_sign_ed25519 | 44 | |
45 | #define crypto_sign_BYTES crypto_sign_ed25519_BYTES | 45 | int |
46 | #define crypto_sign_PUBLICKEYBYTES crypto_sign_ed25519_PUBLICKEYBYTES | 46 | GNUNET_TWEETNACL_sign_detached (uint8_t *sig, |
47 | #define crypto_sign_SECRETKEYBYTES crypto_sign_ed25519_SECRETKEYBYTES | 47 | const uint8_t *m, |
48 | #define crypto_sign_IMPLEMENTATION crypto_sign_ed25519_IMPLEMENTATION | 48 | uint64_t n, |
49 | #define crypto_sign_VERSION crypto_sign_ed25519_VERSION | 49 | const uint8_t *sk); |
50 | #define crypto_sign_ed25519_tweet_BYTES 64 | ||
51 | #define crypto_sign_ed25519_tweet_PUBLICKEYBYTES 32 | ||
52 | #define crypto_sign_ed25519_tweet_SECRETKEYBYTES 64 | ||
53 | extern int crypto_sign_ed25519_tweet (uint8_t *, | ||
54 | uint64_t *, | ||
55 | const uint8_t *, | ||
56 | uint64_t, | ||
57 | const uint8_t *); | ||
58 | extern int crypto_sign_ed25519_tweet_open (uint8_t *, | ||
59 | uint64_t *, | ||
60 | const uint8_t *, | ||
61 | uint64_t, | ||
62 | const uint8_t *); | ||
63 | extern int crypto_sign_ed25519_tweet_keypair (uint8_t *,uint8_t *); | ||
64 | #define crypto_sign_ed25519_tweet_VERSION "-" | ||
65 | #define crypto_sign_ed25519 crypto_sign_ed25519_tweet | ||
66 | #define crypto_sign_ed25519_open crypto_sign_ed25519_tweet_open | ||
67 | #define crypto_sign_ed25519_keypair crypto_sign_ed25519_tweet_keypair | ||
68 | #define crypto_sign_ed25519_BYTES crypto_sign_ed25519_tweet_BYTES | ||
69 | #define crypto_sign_ed25519_PUBLICKEYBYTES \ | ||
70 | crypto_sign_ed25519_tweet_PUBLICKEYBYTES | ||
71 | #define crypto_sign_ed25519_SECRETKEYBYTES \ | ||
72 | crypto_sign_ed25519_tweet_SECRETKEYBYTES | ||
73 | #define crypto_sign_ed25519_VERSION crypto_sign_ed25519_tweet_VERSION | ||
74 | #define crypto_sign_ed25519_IMPLEMENTATION "crypto_sign/ed25519/tweet" | ||
75 | void crypto_sign_pk_from_seed (uint8_t *pk, const uint8_t *seed); | ||
76 | void crypto_sign_sk_from_seed (uint8_t *sk, const uint8_t *seed); | ||
77 | int crypto_sign_ed25519_pk_to_curve25519 (uint8_t *x25519_pk, | ||
78 | const uint8_t *ed25519_pk); | ||
79 | int crypto_sign_detached_verify (const uint8_t *sig, | ||
80 | const uint8_t *m, | ||
81 | uint64_t n, | ||
82 | const uint8_t *pk); | ||
83 | int crypto_sign_detached (uint8_t *sig, | ||
84 | const uint8_t *m, | ||
85 | uint64_t n, | ||
86 | const uint8_t *sk); | ||
87 | #endif | 50 | #endif |