int crypto_generichash_final(crypto_generichash_state *state, unsigned char *out, const size_t outlen) { return crypto_generichash_blake2b_final ((crypto_generichash_blake2b_state *) state, out, outlen); }
std::array<unsigned char, 11> default_diversifier(const uint256& sk) { std::array<unsigned char, 11> res; unsigned char blob[34]; memcpy(&blob[0], sk.begin(), 32); blob[32] = 3; blob[33] = 0; while (true) { crypto_generichash_blake2b_state state; crypto_generichash_blake2b_init_salt_personal(&state, nullptr, 0, 64, nullptr, ZCASH_EXPANDSEED_PERSONALIZATION); crypto_generichash_blake2b_update(&state, blob, 34); crypto_generichash_blake2b_final(&state, res.data(), 11); if (librustzcash_check_diversifier(res.data())) { break; } else if (blob[33] == 255) { throw std::runtime_error("librustzcash_check_diversifier did not return valid diversifier"); } blob[33] += 1; } return res; }
int main(void) { #define MAXLEN 64 crypto_generichash_blake2b_state st; crypto_uint8 salt[crypto_generichash_blake2b_SALTBYTES] = { '5', 'b', '6', 'b', '4', '1', 'e', 'd', '9', 'b', '3', '4', '3', 'f', 'e', '0' }; crypto_uint8 personal[crypto_generichash_blake2b_PERSONALBYTES] = { '5', '1', '2', '6', 'f', 'b', '2', 'a', '3', '7', '4', '0', '0', 'd', '2', 'a' }; crypto_uint8 in[MAXLEN], out[crypto_generichash_blake2b_BYTES_MAX], k[crypto_generichash_blake2b_KEYBYTES_MAX]; size_t h,i,j; for(h = 0; h < crypto_generichash_blake2b_KEYBYTES_MAX; ++h) k[h] = h; for(i = 0; i < MAXLEN; ++i) { in[i]=i; crypto_generichash_blake2b_init_salt_personal(&st, k, 1 + i % crypto_generichash_blake2b_KEYBYTES_MAX, 1 + i % crypto_generichash_blake2b_BYTES_MAX, salt, personal); crypto_generichash_blake2b_update(&st, in, i); crypto_generichash_blake2b_final(&st, out, 1 + i % crypto_generichash_blake2b_BYTES_MAX); for (j = 0; j < 1 + i % crypto_generichash_blake2b_BYTES_MAX; ++j) { printf("%02x",(unsigned int) out[j]); } printf("\n"); } return 0; }
// Sapling std::array<unsigned char, 64> PRF_expand(const uint256& sk, unsigned char t) { std::array<unsigned char, 64> res; unsigned char blob[33]; memcpy(&blob[0], sk.begin(), 32); blob[32] = t; crypto_generichash_blake2b_state state; crypto_generichash_blake2b_init_salt_personal(&state, nullptr, 0, 64, nullptr, ZCASH_EXPANDSEED_PERSONALIZATION); crypto_generichash_blake2b_update(&state, blob, 33); crypto_generichash_blake2b_final(&state, res.data(), 64); return res; }
int main(void) { #define MAXLEN 64 crypto_generichash_blake2b_state st; unsigned char salt[crypto_generichash_blake2b_SALTBYTES] = { '5', 'b', '6', 'b', '4', '1', 'e', 'd', '9', 'b', '3', '4', '3', 'f', 'e', '0' }; unsigned char personal[crypto_generichash_blake2b_PERSONALBYTES] = { '5', '1', '2', '6', 'f', 'b', '2', 'a', '3', '7', '4', '0', '0', 'd', '2', 'a' }; unsigned char in[MAXLEN], out[crypto_generichash_blake2b_BYTES_MAX], k[crypto_generichash_blake2b_KEYBYTES_MAX]; size_t h, i, j; for (h = 0; h < crypto_generichash_blake2b_KEYBYTES_MAX; ++h) k[h] = h; for (i = 0; i < MAXLEN; ++i) { in[i] = i; crypto_generichash_blake2b_init_salt_personal( &st, k, 1 + i % crypto_generichash_blake2b_KEYBYTES_MAX, 1 + i % crypto_generichash_blake2b_BYTES_MAX, salt, personal); crypto_generichash_blake2b_update(&st, in, i); crypto_generichash_blake2b_final( &st, out, 1 + i % crypto_generichash_blake2b_BYTES_MAX); for (j = 0; j < 1 + i % crypto_generichash_blake2b_BYTES_MAX; ++j) { printf("%02x", (unsigned int)out[j]); } printf("\n"); } memset(out, 0, sizeof out); crypto_generichash_blake2b_init_salt_personal( &st, k, 0U, crypto_generichash_blake2b_BYTES_MAX, salt, personal); crypto_generichash_blake2b_update(&st, in, MAXLEN); crypto_generichash_blake2b_final(&st, out, crypto_generichash_blake2b_BYTES_MAX); for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { printf("%02x", (unsigned int)out[j]); } printf("\n"); memset(out, 0, sizeof out); crypto_generichash_blake2b_init_salt_personal( &st, NULL, 1U, crypto_generichash_blake2b_BYTES_MAX, salt, personal); crypto_generichash_blake2b_update(&st, in, MAXLEN); crypto_generichash_blake2b_final(&st, out, crypto_generichash_blake2b_BYTES_MAX); for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { printf("%02x", (unsigned int)out[j]); } printf("\n"); memset(out, 0, sizeof out); crypto_generichash_blake2b_init_salt_personal( &st, k, crypto_generichash_blake2b_KEYBYTES_MAX, crypto_generichash_blake2b_BYTES_MAX, NULL, personal); crypto_generichash_blake2b_update(&st, in, MAXLEN); crypto_generichash_blake2b_final(&st, out, crypto_generichash_blake2b_BYTES_MAX); for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { printf("%02x", (unsigned int)out[j]); } printf("\n"); memset(out, 0, sizeof out); crypto_generichash_blake2b_init_salt_personal( &st, k, crypto_generichash_blake2b_KEYBYTES_MAX, crypto_generichash_blake2b_BYTES_MAX, salt, NULL); crypto_generichash_blake2b_update(&st, in, MAXLEN); assert(crypto_generichash_blake2b_final( &st, out, crypto_generichash_blake2b_BYTES_MAX + 1U) == -1); crypto_generichash_blake2b_final( &st, out, crypto_generichash_blake2b_BYTES_MAX); for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { printf("%02x", (unsigned int)out[j]); } printf("\n"); memset(out, 0, sizeof out); crypto_generichash_blake2b_salt_personal( out, crypto_generichash_blake2b_BYTES_MAX, in, MAXLEN, k, 0U, salt, personal); for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { printf("%02x", (unsigned int)out[j]); } printf("\n"); memset(out, 0, sizeof out); crypto_generichash_blake2b_salt_personal( out, crypto_generichash_blake2b_BYTES_MAX, in, MAXLEN, NULL, crypto_generichash_blake2b_KEYBYTES_MAX, salt, personal); for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { printf("%02x", (unsigned int)out[j]); } printf("\n"); memset(out, 0, sizeof out); crypto_generichash_blake2b_salt_personal( out, crypto_generichash_blake2b_BYTES_MAX, in, MAXLEN, k, crypto_generichash_blake2b_KEYBYTES_MAX, salt, personal); for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { printf("%02x", (unsigned int)out[j]); } printf("\n"); memset(out, 0, sizeof out); crypto_generichash_blake2b_salt_personal( out, crypto_generichash_blake2b_BYTES_MAX, in, MAXLEN, k, crypto_generichash_blake2b_KEYBYTES_MAX, NULL, personal); for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { printf("%02x", (unsigned int)out[j]); } printf("\n"); memset(out, 0, sizeof out); crypto_generichash_blake2b_salt_personal( out, crypto_generichash_blake2b_BYTES_MAX, in, MAXLEN, k, crypto_generichash_blake2b_KEYBYTES_MAX, salt, NULL); for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { printf("%02x", (unsigned int)out[j]); } printf("\n"); crypto_generichash_blake2b_init_salt_personal(&st, NULL, 0U, crypto_generichash_BYTES, NULL, personal); crypto_generichash_blake2b_update(&st, in, MAXLEN); crypto_generichash_blake2b_final(&st, out, crypto_generichash_blake2b_BYTES_MAX); for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { printf("%02x", (unsigned int)out[j]); } printf("\n"); crypto_generichash_blake2b_init_salt_personal(&st, NULL, 0U, crypto_generichash_BYTES, salt, NULL); crypto_generichash_blake2b_update(&st, in, MAXLEN); crypto_generichash_blake2b_final(&st, out, crypto_generichash_blake2b_BYTES_MAX); for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { printf("%02x", (unsigned int)out[j]); } printf("\n"); assert(crypto_generichash_blake2b_init_salt_personal(&st, k, sizeof k, 0U, salt, personal) == -1); assert(crypto_generichash_blake2b_init_salt_personal(&st, k, sizeof k, crypto_generichash_BYTES_MAX + 1U, salt, personal) == -1); assert(crypto_generichash_blake2b_init_salt_personal(&st, k, crypto_generichash_KEYBYTES_MAX + 1U, sizeof out, salt, personal) == -1); assert(crypto_generichash_blake2b_salt_personal(out, 0U, in, MAXLEN, k, sizeof k, salt, personal) == -1); assert(crypto_generichash_blake2b_salt_personal(out, crypto_generichash_BYTES_MAX + 1U, in, MAXLEN, k, sizeof k, salt, personal) == -1); assert(crypto_generichash_blake2b_salt_personal(out, sizeof out, in, MAXLEN, k, crypto_generichash_KEYBYTES_MAX + 1U, salt, personal) == -1); assert(crypto_generichash_blake2b_init_salt_personal(&st, k, sizeof k, crypto_generichash_BYTES, NULL, personal) == 0); assert(crypto_generichash_blake2b_init_salt_personal(&st, k, sizeof k, crypto_generichash_BYTES, salt, NULL) == 0); return 0; }