Exemple #1
0
int oqs_kex_mcbits_encrypt(
    unsigned char *c, size_t *clen,
    const unsigned char *m, unsigned long long mlen,
    const unsigned char *pk,
    OQS_RAND *r) {
	unsigned char e[1 << (GFBITS - 3)];
	unsigned char key[64];
	unsigned char nonce[8] = {0};

//

#define ct (c + SYND_BYTES)
#define tag (ct + mlen)

	encrypt(c, e, pk, r);

	//crypto_hash_keccakc1024(key, e, sizeof(e)); TODO is this ok to replace with the below?
	OQS_SHA3_sha3512(key, e, sizeof(e));

	crypto_stream_salsa20_xor(ct, m, mlen, nonce, key);
	crypto_onetimeauth_poly1305(tag, ct, mlen, key + 32);

	*clen = SYND_BYTES + mlen + 16;

#undef ct
#undef tag

	return 0;
}
int crypto_stream_salsa20(
    unsigned char *c,crypto_uint16 clen,
    const unsigned char *n,
    const unsigned char *k
    )
{
  return crypto_stream_salsa20_xor(c,0,clen,n,k);
}
Exemple #3
0
SODIUM_EXPORT int
crypto_stream_salsa20_ref_xor(unsigned char *c,
                              const unsigned char *m,
                              unsigned long long mlen,
                              const unsigned char *n,
                              const unsigned char *k)
{
    return crypto_stream_salsa20_xor(c, m, mlen, n, k);
}
Exemple #4
0
int crypto_stream_xor(
        unsigned char *c,
  const unsigned char *m,uint64_t mlen,
  const unsigned char *n,
  const unsigned char *k
)
{
  unsigned char subkey[32];
  crypto_core_hsalsa20(subkey,n,k,sigma);
  return crypto_stream_salsa20_xor(c,m,mlen,n + 16,subkey);
}
Exemple #5
0
int crypto_secretbox(
  unsigned char *c,
  const unsigned char *m,unsigned long long mlen,
  const unsigned char *n,
  const unsigned char *k
)
{
  if (mlen < 32) return -1;
  crypto_stream_salsa20_xor(c,m,mlen,n,k);
  return crypto_auth_hmacsha512256(c,c + 32,mlen - 32,c);
}
Exemple #6
0
static int
crypto_xsalsa20(unsigned char *c, const unsigned char *m, unsigned long long mlen,
  const unsigned char *n, const unsigned char *k, int klen)
{
	unsigned char subkey[32];

	assert(klen == 32 || klen == 16);
	if (klen < XSALSA20_CRYPTO_KEYBYTES)
		crypto_core_hsalsa20(subkey,n,k,tau);
	else
		crypto_core_hsalsa20(subkey,n,k,sigma);
	return crypto_stream_salsa20_xor(c,m,mlen,n + 16,subkey);
}
Exemple #7
0
int crypto_secretbox_open(
  unsigned char *m,
  const unsigned char *c,unsigned long long clen,
  const unsigned char *n,
  const unsigned char *k
)
{
  int i;
  unsigned char subkey[32];
  if (clen < 32) return -1;
  crypto_stream_salsa20(subkey,32,n,k);
  if (crypto_auth_hmacsha512256_verify(c,c + 32,clen - 32,subkey) != 0) return -1;
  crypto_stream_salsa20_xor(m,c,clen,n,k);
  for (i = 0;i < 32;++i) m[i] = 0;
  return 0;
}
Exemple #8
0
int oqs_kex_mcbits_decrypt(
    unsigned char *m, size_t *mlen,
    const unsigned char *c, unsigned long long clen,
    const unsigned char *sk) {
	int ret;
	int ret_verify;
	int ret_decrypt;

	unsigned char key[64];
	unsigned char nonce[8] = {0};
	unsigned char e[1 << (GFBITS - 3)];

	//

	if (clen < SYND_BYTES + 16)
		return -1;
	else
		*mlen = clen - SYND_BYTES - 16;

#define ct (c + SYND_BYTES)
#define tag (ct + *mlen)

	ret_decrypt = decrypt(e, sk, c);

	//crypto_hash_keccakc1024(key, e, sizeof(e)); TODO is this ok to replace with the below?
	OQS_SHA3_sha3512(key, e, sizeof(e));

	ret_verify = crypto_onetimeauth_poly1305_verify(tag, ct, *mlen, key + 32);
	crypto_stream_salsa20_xor(m, ct, *mlen, nonce, key);

	ret = ret_verify | ret_decrypt;

#undef ct
#undef tag

	return ret;
}
Exemple #9
0
/**
 * Encipher the content without any authentication.
 * Encryption is the same function as decryption.
 *
 * @param nonce a number which is used only once.
 * @param msg a message to encipher.
 * @param secret a shared secret.
 */
static inline int cipher(uint8_t nonce[8],
                          struct Message* msg,
                          uint8_t secret[20])
{
    return crypto_stream_salsa20_xor(msg->bytes, msg->bytes, msg->length, nonce, secret);
}
Exemple #10
0
/** XORs data with the Salsa20 cipher stream */
static bool salsa20_crypt(const fastd_cipher_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t len, const uint8_t *iv) {
	crypto_stream_salsa20_xor(out->b, in->b, len, iv, state->key);
	return true;
}