static int crypto_xsalsa20(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, const unsigned char *k, int klen) { unsigned char subkey[32]; assert(klen == 32 || klen == 16); if (klen < XSALSA20_CRYPTO_KEYBYTES) crypto_core_hsalsa20(subkey,n,k,tau); else crypto_core_hsalsa20(subkey,n,k,sigma); return crypto_stream_salsa20_xor(c,m,mlen,n + 16,subkey); }
/** * Get a shared secret. * * @param outputSecret an array to place the shared secret in. * @param myPrivateKey * @param herPublicKey * @param logger * @param passwordHash a 32 byte value known to both ends, this must be provably pseudorandom * the first 32 bytes of a sha256 output from hashing a password is ok, * whatever she happens to send me in the Auth field is NOT ok. * If this field is null, the secret will be generated without the password. */ static inline void getSharedSecret(uint8_t outputSecret[32], uint8_t myPrivateKey[32], uint8_t herPublicKey[32], uint8_t passwordHash[32], struct Log* logger) { uint8_t tempBuff[64]; crypto_scalarmult_curve25519(tempBuff, myPrivateKey, herPublicKey); if (passwordHash == NULL) { crypto_core_hsalsa20(outputSecret, keyHashNonce, tempBuff, keyHashSigma); } else { memcpy(&tempBuff[32], passwordHash, 32); crypto_hash_sha256(outputSecret, tempBuff, 64); } #ifdef Log_KEYS uint8_t myPublicKeyHex[65]; printHexPubKey(myPublicKeyHex, myPrivateKey); uint8_t herPublicKeyHex[65]; printHexKey(herPublicKeyHex, herPublicKey); uint8_t passwordHashHex[65]; printHexKey(passwordHashHex, passwordHash); uint8_t outputSecretHex[65] = "NULL"; printHexKey(outputSecretHex, outputSecret); Log_keys4(logger, "Generated a shared secret:\n" " myPublicKey=%s\n" " herPublicKey=%s\n" " passwordHash=%s\n" " outputSecret=%s\n", myPublicKeyHex, herPublicKeyHex, passwordHashHex, outputSecretHex); #endif }
int crypto_box_beforenm( unsigned char *k, const unsigned char *pk, const unsigned char *sk ) { unsigned char s[32]; crypto_scalarmult_curve25519(s,sk,pk); return crypto_core_hsalsa20(k,n,s,sigma); }
int crypto_stream( unsigned char *c,unsigned long long clen, const unsigned char *n, const unsigned char *k ) { unsigned char subkey[32]; crypto_core_hsalsa20(subkey,n,k,sigma); return crypto_stream_salsa20(c,clen,n + 16,subkey); }
main() { int i; crypto_core_hsalsa20(out,in,k,c); for (i = 0;i < 32;++i) { printf(",0x%02x",(unsigned int) out[i]); if (i % 8 == 7) printf("\n"); } return 0; }
int crypto_stream_xor( unsigned char *c, const unsigned char *m,uint64_t mlen, const unsigned char *n, const unsigned char *k ) { unsigned char subkey[32]; crypto_core_hsalsa20(subkey,n,k,sigma); return crypto_stream_salsa20_xor(c,m,mlen,n + 16,subkey); }
int crypto_box_curve25519xsalsa20poly1305_beforenm( unsigned char *k, const unsigned char *pk, const unsigned char *sk ) { unsigned char s[32]; if (crypto_scalarmult_curve25519(s,sk,pk) != 0) { return -1; } return crypto_core_hsalsa20(k,n,s,NULL); }
int main(void) { int i; crypto_core_hsalsa20(firstkey, zero, shared, c); for (i = 0; i < 32; ++i) { if (i > 0) { printf(","); } else { printf(" "); } printf("0x%02x", (unsigned int)firstkey[i]); if (i % 8 == 7) { printf("\n"); } } assert(crypto_core_hsalsa20_outputbytes() > 0U); assert(crypto_core_hsalsa20_inputbytes() > 0U); assert(crypto_core_hsalsa20_keybytes() > 0U); assert(crypto_core_hsalsa20_constbytes() > 0U); return 0; }