int
crypto_generichash_final(crypto_generichash_state *state,
unsigned char *out, const size_t outlen)
{
return crypto_generichash_blake2b_final
((crypto_generichash_blake2b_state *) state, out, outlen);
}
std::array<unsigned char, 11> default_diversifier(const uint256& sk)
{
std::array<unsigned char, 11> res;
unsigned char blob[34];
memcpy(&blob[0], sk.begin(), 32);
blob[32] = 3;
blob[33] = 0;
while (true) {
crypto_generichash_blake2b_state state;
crypto_generichash_blake2b_init_salt_personal(&state, nullptr, 0, 64, nullptr, ZCASH_EXPANDSEED_PERSONALIZATION);
crypto_generichash_blake2b_update(&state, blob, 34);
crypto_generichash_blake2b_final(&state, res.data(), 11);
if (librustzcash_check_diversifier(res.data())) {
break;
} else if (blob[33] == 255) {
throw std::runtime_error("librustzcash_check_diversifier did not return valid diversifier");
}
blob[33] += 1;
}
return res;
}
int main(void)
{
#define MAXLEN 64
crypto_generichash_blake2b_state st;
crypto_uint8 salt[crypto_generichash_blake2b_SALTBYTES] = {
'5', 'b', '6', 'b', '4', '1', 'e', 'd', '9', 'b', '3', '4', '3', 'f', 'e', '0'
};
crypto_uint8 personal[crypto_generichash_blake2b_PERSONALBYTES] = {
'5', '1', '2', '6', 'f', 'b', '2', 'a', '3', '7', '4', '0', '0', 'd', '2', 'a'
};
crypto_uint8 in[MAXLEN], out[crypto_generichash_blake2b_BYTES_MAX], k[crypto_generichash_blake2b_KEYBYTES_MAX];
size_t h,i,j;
for(h = 0; h < crypto_generichash_blake2b_KEYBYTES_MAX; ++h) k[h] = h;
for(i = 0; i < MAXLEN; ++i) {
in[i]=i;
crypto_generichash_blake2b_init_salt_personal(&st, k, 1 + i % crypto_generichash_blake2b_KEYBYTES_MAX,
1 + i % crypto_generichash_blake2b_BYTES_MAX,
salt, personal);
crypto_generichash_blake2b_update(&st, in, i);
crypto_generichash_blake2b_final(&st, out, 1 + i % crypto_generichash_blake2b_BYTES_MAX);
for (j = 0; j < 1 + i % crypto_generichash_blake2b_BYTES_MAX; ++j) {
printf("%02x",(unsigned int) out[j]);
}
printf("\n");
}
return 0;
}
// Sapling
std::array<unsigned char, 64> PRF_expand(const uint256& sk, unsigned char t)
{
std::array<unsigned char, 64> res;
unsigned char blob[33];
memcpy(&blob[0], sk.begin(), 32);
blob[32] = t;
crypto_generichash_blake2b_state state;
crypto_generichash_blake2b_init_salt_personal(&state, nullptr, 0, 64, nullptr, ZCASH_EXPANDSEED_PERSONALIZATION);
crypto_generichash_blake2b_update(&state, blob, 33);
crypto_generichash_blake2b_final(&state, res.data(), 64);
return res;
}
int main(void)
{
#define MAXLEN 64
crypto_generichash_blake2b_state st;
unsigned char salt[crypto_generichash_blake2b_SALTBYTES]
= { '5', 'b', '6', 'b', '4', '1', 'e', 'd',
'9', 'b', '3', '4', '3', 'f', 'e', '0' };
unsigned char personal[crypto_generichash_blake2b_PERSONALBYTES]
= { '5', '1', '2', '6', 'f', 'b', '2', 'a',
'3', '7', '4', '0', '0', 'd', '2', 'a' };
unsigned char in[MAXLEN], out[crypto_generichash_blake2b_BYTES_MAX],
k[crypto_generichash_blake2b_KEYBYTES_MAX];
size_t h, i, j;
for (h = 0; h < crypto_generichash_blake2b_KEYBYTES_MAX; ++h)
k[h] = h;
for (i = 0; i < MAXLEN; ++i) {
in[i] = i;
crypto_generichash_blake2b_init_salt_personal(
&st, k, 1 + i % crypto_generichash_blake2b_KEYBYTES_MAX,
1 + i % crypto_generichash_blake2b_BYTES_MAX, salt, personal);
crypto_generichash_blake2b_update(&st, in, i);
crypto_generichash_blake2b_final(
&st, out, 1 + i % crypto_generichash_blake2b_BYTES_MAX);
for (j = 0; j < 1 + i % crypto_generichash_blake2b_BYTES_MAX; ++j) {
printf("%02x", (unsigned int)out[j]);
}
printf("\n");
}
memset(out, 0, sizeof out);
crypto_generichash_blake2b_init_salt_personal(
&st, k, 0U, crypto_generichash_blake2b_BYTES_MAX, salt, personal);
crypto_generichash_blake2b_update(&st, in, MAXLEN);
crypto_generichash_blake2b_final(&st, out,
crypto_generichash_blake2b_BYTES_MAX);
for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) {
printf("%02x", (unsigned int)out[j]);
}
printf("\n");
memset(out, 0, sizeof out);
crypto_generichash_blake2b_init_salt_personal(
&st, NULL, 1U, crypto_generichash_blake2b_BYTES_MAX, salt, personal);
crypto_generichash_blake2b_update(&st, in, MAXLEN);
crypto_generichash_blake2b_final(&st, out,
crypto_generichash_blake2b_BYTES_MAX);
for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) {
printf("%02x", (unsigned int)out[j]);
}
printf("\n");
memset(out, 0, sizeof out);
crypto_generichash_blake2b_init_salt_personal(
&st, k, crypto_generichash_blake2b_KEYBYTES_MAX,
crypto_generichash_blake2b_BYTES_MAX, NULL, personal);
crypto_generichash_blake2b_update(&st, in, MAXLEN);
crypto_generichash_blake2b_final(&st, out,
crypto_generichash_blake2b_BYTES_MAX);
for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) {
printf("%02x", (unsigned int)out[j]);
}
printf("\n");
memset(out, 0, sizeof out);
crypto_generichash_blake2b_init_salt_personal(
&st, k, crypto_generichash_blake2b_KEYBYTES_MAX,
crypto_generichash_blake2b_BYTES_MAX, salt, NULL);
crypto_generichash_blake2b_update(&st, in, MAXLEN);
assert(crypto_generichash_blake2b_final(
&st, out, crypto_generichash_blake2b_BYTES_MAX + 1U) == -1);
crypto_generichash_blake2b_final(
&st, out, crypto_generichash_blake2b_BYTES_MAX);
for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) {
printf("%02x", (unsigned int)out[j]);
}
printf("\n");
memset(out, 0, sizeof out);
crypto_generichash_blake2b_salt_personal(
out, crypto_generichash_blake2b_BYTES_MAX, in, MAXLEN,
k, 0U, salt, personal);
for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) {
printf("%02x", (unsigned int)out[j]);
}
printf("\n");
memset(out, 0, sizeof out);
crypto_generichash_blake2b_salt_personal(
out, crypto_generichash_blake2b_BYTES_MAX, in, MAXLEN,
NULL, crypto_generichash_blake2b_KEYBYTES_MAX, salt, personal);
for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) {
printf("%02x", (unsigned int)out[j]);
}
printf("\n");
memset(out, 0, sizeof out);
crypto_generichash_blake2b_salt_personal(
out, crypto_generichash_blake2b_BYTES_MAX, in, MAXLEN,
k, crypto_generichash_blake2b_KEYBYTES_MAX, salt, personal);
for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) {
printf("%02x", (unsigned int)out[j]);
}
printf("\n");
memset(out, 0, sizeof out);
crypto_generichash_blake2b_salt_personal(
out, crypto_generichash_blake2b_BYTES_MAX, in, MAXLEN,
k, crypto_generichash_blake2b_KEYBYTES_MAX, NULL, personal);
for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) {
printf("%02x", (unsigned int)out[j]);
}
printf("\n");
memset(out, 0, sizeof out);
crypto_generichash_blake2b_salt_personal(
out, crypto_generichash_blake2b_BYTES_MAX, in, MAXLEN,
k, crypto_generichash_blake2b_KEYBYTES_MAX, salt, NULL);
for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) {
printf("%02x", (unsigned int)out[j]);
}
printf("\n");
crypto_generichash_blake2b_init_salt_personal(&st, NULL, 0U, crypto_generichash_BYTES,
NULL, personal);
crypto_generichash_blake2b_update(&st, in, MAXLEN);
crypto_generichash_blake2b_final(&st, out, crypto_generichash_blake2b_BYTES_MAX);
for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) {
printf("%02x", (unsigned int)out[j]);
}
printf("\n");
crypto_generichash_blake2b_init_salt_personal(&st, NULL, 0U, crypto_generichash_BYTES,
salt, NULL);
crypto_generichash_blake2b_update(&st, in, MAXLEN);
crypto_generichash_blake2b_final(&st, out, crypto_generichash_blake2b_BYTES_MAX);
for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) {
printf("%02x", (unsigned int)out[j]);
}
printf("\n");
assert(crypto_generichash_blake2b_init_salt_personal(&st, k, sizeof k, 0U,
salt, personal) == -1);
assert(crypto_generichash_blake2b_init_salt_personal(&st, k, sizeof k,
crypto_generichash_BYTES_MAX + 1U,
salt, personal) == -1);
assert(crypto_generichash_blake2b_init_salt_personal(&st, k,
crypto_generichash_KEYBYTES_MAX + 1U,
sizeof out, salt, personal) == -1);
assert(crypto_generichash_blake2b_salt_personal(out, 0U, in, MAXLEN,
k, sizeof k,
salt, personal) == -1);
assert(crypto_generichash_blake2b_salt_personal(out, crypto_generichash_BYTES_MAX + 1U,
in, MAXLEN, k, sizeof k,
salt, personal) == -1);
assert(crypto_generichash_blake2b_salt_personal(out, sizeof out, in, MAXLEN,
k, crypto_generichash_KEYBYTES_MAX + 1U,
salt, personal) == -1);
assert(crypto_generichash_blake2b_init_salt_personal(&st, k, sizeof k, crypto_generichash_BYTES,
NULL, personal) == 0);
assert(crypto_generichash_blake2b_init_salt_personal(&st, k, sizeof k, crypto_generichash_BYTES,
salt, NULL) == 0);
return 0;
}
