예제 #1
0
int oqs_kex_mcbits_encrypt(
    unsigned char *c, size_t *clen,
    const unsigned char *m, unsigned long long mlen,
    const unsigned char *pk,
    OQS_RAND *r) {
	unsigned char e[1 << (GFBITS - 3)];
	unsigned char key[64];
	unsigned char nonce[8] = {0};

//

#define ct (c + SYND_BYTES)
#define tag (ct + mlen)

	encrypt(c, e, pk, r);

	//crypto_hash_keccakc1024(key, e, sizeof(e)); TODO is this ok to replace with the below?
	OQS_SHA3_sha3512(key, e, sizeof(e));

	crypto_stream_salsa20_xor(ct, m, mlen, nonce, key);
	crypto_onetimeauth_poly1305(tag, ct, mlen, key + 32);

	*clen = SYND_BYTES + mlen + 16;

#undef ct
#undef tag

	return 0;
}
예제 #2
0
파일: compat.c 프로젝트: NieHao/Tomato-RAF 
SODIUM_EXPORT int
crypto_onetimeauth_poly1305_ref(unsigned char *out,
                                const unsigned char *in,
                                unsigned long long inlen,
                                const unsigned char *k)
{
    return crypto_onetimeauth_poly1305(out, in, inlen, k);
}
예제 #3
0
int main(void)
{
  int i;
  crypto_onetimeauth_poly1305(a,c,131,rs);
  for (i = 0;i < 16;++i) {
    printf(",0x%02x",(unsigned int) a[i]);
    if (i % 8 == 7) printf("\n");
  }
  return 0;
}
예제 #4
0
static int
salsa208poly1305_encrypt(uint8_t *c, const uint8_t *m, const uint32_t mlen,
  const uint8_t *n, const uint8_t *k) {
    uint8_t c*k[COKB];

    crypto_stream_salsa208(c*k, COKB, n, k);
    crypto_stream_salsa208_xor(c + COB, m, mlen, n, k);
    crypto_onetimeauth_poly1305(c, c + COB, mlen, c*k);

    return 0;
}
예제 #5
0
int crypto_secretbox(
  unsigned char *c,
  const unsigned char *m,unsigned long long mlen,
  const unsigned char *n,
  const unsigned char *k
)
{
  int i;
  if (mlen < 32) return -1;
  crypto_stream_xsalsa20_xor(c,m,mlen,n,k);
  crypto_onetimeauth_poly1305(c + 16,c + 32,mlen - 32,c);
  for (i = 0;i < 16;++i) c[i] = 0;
  return 0;
}
예제 #6
0
void crypto_encryptAndSeal(const uint8_t* key, uint8_t* nonce, uint8_t* plain, uint16_t length, uint8_t* output_buf, uint8_t* output_mac)
{
  uint8_t polykey[sizeof(zeros64)];
  crypto_stream_chacha20_xor(polykey, zeros64, sizeof(zeros64), nonce, key, 0);

  uint8_t padding = (16 - length % 16) % 16;
  uint8_t message[length + padding + 16];

  crypto_stream_chacha20_xor(message, plain, length, nonce, key, 1);
  memset(message + length, 0, padding + 16);
  message[length + padding + 8] = (uint8_t)length;
  message[length + padding + 9] = (uint8_t)(length >> 8);

  crypto_onetimeauth_poly1305(output_mac, message, sizeof(message), polykey);

  memcpy(output_buf, message, length);
}