// Encrypts plaintext ptxt, stores as ciphertext ctxt void encrypt_phrase(dheluks_ctx_t *ctx, dheluks_pkg_t *pkg, dheluks_kys_t *skr, dheluks_txt_t *txt) { chacha_poly1305_set_key(&ctx->ciph, skr->sharekey); //set key gen_random(&ctx->rand, NONCE_SIZE, pkg->nonce); //generate nonce chacha_poly1305_set_nonce(&ctx->ciph, pkg->nonce); //set nonce chacha_poly1305_encrypt(&ctx->ciph, pkg->csize, pkg->cphtxt, txt->plntxt); //encrypt chacha_poly1305_digest(&ctx->ciph, DIGEST_SIZE, pkg->digest); }
// Send a record (datagram version, accepts all record types, handles encryption and authentication). static bool send_record_priv_datagram(sptps_t *s, uint8_t type, const void *data, uint16_t len) { char buffer[len + 21UL]; // Create header with sequence number, length and record type uint32_t seqno = s->outseqno++; uint32_t netseqno = ntohl(seqno); memcpy(buffer, &netseqno, 4); buffer[4] = type; memcpy(buffer + 5, data, len); if(s->outstate) { // If first handshake has finished, encrypt and HMAC chacha_poly1305_encrypt(s->outcipher, seqno, buffer + 4, len + 1, buffer + 4, NULL); return s->send_data(s->handle, type, buffer, len + 21UL); } else { // Otherwise send as plaintext return s->send_data(s->handle, type, buffer, len + 5UL); } }