1
mirror of https://github.com/jedisct1/libsodium.git synced 2024-12-19 01:55:02 -07:00

+ crypto_kx_*() API

This doesn't include a full key exchange API yet.
This commit is contained in:
Frank Denis 2017-03-12 13:05:24 +01:00
parent e6934d3eb3
commit 849a35bd82
24 changed files with 419 additions and 8 deletions

1
.gitignore vendored
View File

@ -113,6 +113,7 @@ test/default/hash
test/default/hash3
test/default/kdf
test/default/keygen
test/default/kx
test/default/onetimeauth
test/default/onetimeauth2
test/default/onetimeauth7

View File

@ -25,6 +25,7 @@ from being partially initialized.
- A new `randombytes_buf_deterministic()` function was added to
deterministically fill a memory region with pseudorandom data. This
function can especially be useful to write reproducible tests.
- A priminary `crypto_kx_*()` API was added to compute shared session keys.
- AVX2 detection is more reliable.
- The pthreads library is not required any more when using MingW.
- `contrib/Findsodium.cmake` was added as an example to include

View File

@ -109,6 +109,7 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_hash\sha512\cp\hash_sha512_cp.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_kdf\crypto_kdf.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_kdf\blake2b\kdf_blake2b.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_kx\crypto_kx.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_onetimeauth\crypto_onetimeauth.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_onetimeauth\poly1305\onetimeauth_poly1305.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_onetimeauth\poly1305\donna\poly1305_donna.c" />
@ -265,6 +266,7 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_int64.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_kdf.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_kdf_blake2b.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_kx.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_onetimeauth.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_onetimeauth_poly1305.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_pwhash.h" />

View File

@ -117,6 +117,9 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_kdf\blake2b\kdf_blake2b.c">
<Filter>crypto_kdf\blake2b</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_kx\crypto_kx.c">
<Filter>crypto_kx</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_onetimeauth\crypto_onetimeauth.c">
<Filter>crypto_onetimeauth</Filter>
</ClCompile>
@ -581,6 +584,9 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_kdf_blake2b.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_kx.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_onetimeauth.h">
<Filter>include\sodium</Filter>
</ClInclude>
@ -802,6 +808,9 @@
<Filter Include="crypto_kdf\blake2b">
<UniqueIdentifier>{3d42d2a2-b192-33dd-9162-508916414707}</UniqueIdentifier>
</Filter>
<Filter Include="crypto_kx">
<UniqueIdentifier>{898b6bd5-1360-3a34-adcd-0fade7561685}</UniqueIdentifier>
</Filter>
<Filter Include="crypto_onetimeauth">
<UniqueIdentifier>{323c0a15-3c1d-39b2-9ec1-299deb299497}</UniqueIdentifier>
</Filter>

View File

@ -109,6 +109,7 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_hash\sha512\cp\hash_sha512_cp.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_kdf\crypto_kdf.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_kdf\blake2b\kdf_blake2b.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_kx\crypto_kx.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_onetimeauth\crypto_onetimeauth.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_onetimeauth\poly1305\onetimeauth_poly1305.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_onetimeauth\poly1305\donna\poly1305_donna.c" />
@ -265,6 +266,7 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_int64.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_kdf.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_kdf_blake2b.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_kx.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_onetimeauth.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_onetimeauth_poly1305.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_pwhash.h" />

View File

@ -117,6 +117,9 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_kdf\blake2b\kdf_blake2b.c">
<Filter>crypto_kdf\blake2b</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_kx\crypto_kx.c">
<Filter>crypto_kx</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_onetimeauth\crypto_onetimeauth.c">
<Filter>crypto_onetimeauth</Filter>
</ClCompile>
@ -581,6 +584,9 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_kdf_blake2b.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_kx.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_onetimeauth.h">
<Filter>include\sodium</Filter>
</ClInclude>
@ -802,6 +808,9 @@
<Filter Include="crypto_kdf\blake2b">
<UniqueIdentifier>{3d42d2a2-b192-33dd-9162-508916414707}</UniqueIdentifier>
</Filter>
<Filter Include="crypto_kx">
<UniqueIdentifier>{898b6bd5-1360-3a34-adcd-0fade7561685}</UniqueIdentifier>
</Filter>
<Filter Include="crypto_onetimeauth">
<UniqueIdentifier>{323c0a15-3c1d-39b2-9ec1-299deb299497}</UniqueIdentifier>
</Filter>

View File

@ -109,6 +109,7 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_hash\sha512\cp\hash_sha512_cp.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_kdf\crypto_kdf.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_kdf\blake2b\kdf_blake2b.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_kx\crypto_kx.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_onetimeauth\crypto_onetimeauth.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_onetimeauth\poly1305\onetimeauth_poly1305.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_onetimeauth\poly1305\donna\poly1305_donna.c" />
@ -265,6 +266,7 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_int64.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_kdf.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_kdf_blake2b.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_kx.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_onetimeauth.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_onetimeauth_poly1305.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_pwhash.h" />

View File

@ -117,6 +117,9 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_kdf\blake2b\kdf_blake2b.c">
<Filter>crypto_kdf\blake2b</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_kx\crypto_kx.c">
<Filter>crypto_kx</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_onetimeauth\crypto_onetimeauth.c">
<Filter>crypto_onetimeauth</Filter>
</ClCompile>
@ -581,6 +584,9 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_kdf_blake2b.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_kx.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_onetimeauth.h">
<Filter>include\sodium</Filter>
</ClInclude>
@ -802,6 +808,9 @@
<Filter Include="crypto_kdf\blake2b">
<UniqueIdentifier>{3d42d2a2-b192-33dd-9162-508916414707}</UniqueIdentifier>
</Filter>
<Filter Include="crypto_kx">
<UniqueIdentifier>{898b6bd5-1360-3a34-adcd-0fade7561685}</UniqueIdentifier>
</Filter>
<Filter Include="crypto_onetimeauth">
<UniqueIdentifier>{323c0a15-3c1d-39b2-9ec1-299deb299497}</UniqueIdentifier>
</Filter>

View File

@ -109,6 +109,7 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_hash\sha512\cp\hash_sha512_cp.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_kdf\crypto_kdf.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_kdf\blake2b\kdf_blake2b.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_kx\crypto_kx.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_onetimeauth\crypto_onetimeauth.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_onetimeauth\poly1305\onetimeauth_poly1305.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_onetimeauth\poly1305\donna\poly1305_donna.c" />
@ -265,6 +266,7 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_int64.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_kdf.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_kdf_blake2b.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_kx.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_onetimeauth.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_onetimeauth_poly1305.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_pwhash.h" />

View File

@ -117,6 +117,9 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_kdf\blake2b\kdf_blake2b.c">
<Filter>crypto_kdf\blake2b</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_kx\crypto_kx.c">
<Filter>crypto_kx</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_onetimeauth\crypto_onetimeauth.c">
<Filter>crypto_onetimeauth</Filter>
</ClCompile>
@ -581,6 +584,9 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_kdf_blake2b.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_kx.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_onetimeauth.h">
<Filter>include\sodium</Filter>
</ClInclude>
@ -802,6 +808,9 @@
<Filter Include="crypto_kdf\blake2b">
<UniqueIdentifier>{3d42d2a2-b192-33dd-9162-508916414707}</UniqueIdentifier>
</Filter>
<Filter Include="crypto_kx">
<UniqueIdentifier>{898b6bd5-1360-3a34-adcd-0fade7561685}</UniqueIdentifier>
</Filter>
<Filter Include="crypto_onetimeauth">
<UniqueIdentifier>{323c0a15-3c1d-39b2-9ec1-299deb299497}</UniqueIdentifier>
</Filter>

View File

@ -109,6 +109,7 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_hash\sha512\cp\hash_sha512_cp.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_kdf\crypto_kdf.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_kdf\blake2b\kdf_blake2b.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_kx\crypto_kx.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_onetimeauth\crypto_onetimeauth.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_onetimeauth\poly1305\onetimeauth_poly1305.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_onetimeauth\poly1305\donna\poly1305_donna.c" />
@ -265,6 +266,7 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_int64.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_kdf.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_kdf_blake2b.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_kx.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_onetimeauth.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_onetimeauth_poly1305.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_pwhash.h" />

View File

@ -117,6 +117,9 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_kdf\blake2b\kdf_blake2b.c">
<Filter>crypto_kdf\blake2b</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_kx\crypto_kx.c">
<Filter>crypto_kx</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_onetimeauth\crypto_onetimeauth.c">
<Filter>crypto_onetimeauth</Filter>
</ClCompile>
@ -581,6 +584,9 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_kdf_blake2b.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_kx.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_onetimeauth.h">
<Filter>include\sodium</Filter>
</ClInclude>
@ -802,6 +808,9 @@
<Filter Include="crypto_kdf\blake2b">
<UniqueIdentifier>{3d42d2a2-b192-33dd-9162-508916414707}</UniqueIdentifier>
</Filter>
<Filter Include="crypto_kx">
<UniqueIdentifier>{898b6bd5-1360-3a34-adcd-0fade7561685}</UniqueIdentifier>
</Filter>
<Filter Include="crypto_onetimeauth">
<UniqueIdentifier>{323c0a15-3c1d-39b2-9ec1-299deb299497}</UniqueIdentifier>
</Filter>

View File

@ -58,10 +58,10 @@ _crypto_auth_hmacsha512256_bytes 0 1
_crypto_auth_hmacsha512256_final 0 1
_crypto_auth_hmacsha512256_init 0 1
_crypto_auth_hmacsha512256_keybytes 0 1
_crypto_auth_hmacsha512256_keygen 0 1
_crypto_auth_hmacsha512256_statebytes 0 1
_crypto_auth_hmacsha512256_update 0 1
_crypto_auth_hmacsha512256_verify 0 1
_crypto_auth_hmacsha512256_keygen 0 1
_crypto_auth_hmacsha512_bytes 0 1
_crypto_auth_hmacsha512_final 0 1
_crypto_auth_hmacsha512_init 0 1
@ -169,12 +169,12 @@ _crypto_generichash_blake2b_init_salt_personal 0 1
_crypto_generichash_blake2b_keybytes 0 1
_crypto_generichash_blake2b_keybytes_max 0 1
_crypto_generichash_blake2b_keybytes_min 0 1
_crypto_generichash_blake2b_keygen 0 1
_crypto_generichash_blake2b_personalbytes 0 1
_crypto_generichash_blake2b_salt_personal 0 1
_crypto_generichash_blake2b_saltbytes 0 1
_crypto_generichash_blake2b_statebytes 0 1
_crypto_generichash_blake2b_update 0 1
_crypto_generichash_blake2b_keygen 0 1
_crypto_generichash_bytes 1 1
_crypto_generichash_bytes_max 1 1
_crypto_generichash_bytes_min 1 1
@ -214,6 +214,15 @@ _crypto_kdf_derive_from_key 1 1
_crypto_kdf_keybytes 1 1
_crypto_kdf_keygen 1 1
_crypto_kdf_primitive 0 1
_crypto_kx_client_session_keys 1 1
_crypto_kx_keypair 1 1
_crypto_kx_primitive 0 1
_crypto_kx_publickeybytes 1 1
_crypto_kx_secretkeybytes 1 1
_crypto_kx_seed_keypair 1 1
_crypto_kx_seedbytes 1 1
_crypto_kx_server_session_keys 1 1
_crypto_kx_sessionkeybytes 1 1
_crypto_onetimeauth 0 1
_crypto_onetimeauth_bytes 0 1
_crypto_onetimeauth_final 0 1
@ -225,10 +234,10 @@ _crypto_onetimeauth_poly1305_bytes 0 1
_crypto_onetimeauth_poly1305_final 0 1
_crypto_onetimeauth_poly1305_init 0 1
_crypto_onetimeauth_poly1305_keybytes 0 1
_crypto_onetimeauth_poly1305_update 0 1
_crypto_onetimeauth_poly1305_verify 0 1
_crypto_onetimeauth_poly1305_keygen 0 1
_crypto_onetimeauth_poly1305_statebytes 0 1
_crypto_onetimeauth_poly1305_update 0 1
_crypto_onetimeauth_poly1305_verify 0 1
_crypto_onetimeauth_primitive 0 1
_crypto_onetimeauth_statebytes 0 1
_crypto_onetimeauth_update 0 1
@ -393,11 +402,11 @@ _crypto_stream_aes128ctr_xor 0 1
_crypto_stream_aes128ctr_xor_afternm 0 1
_crypto_stream_chacha20 0 1
_crypto_stream_chacha20_ietf 0 1
_crypto_stream_chacha20_ietf_keybytes 0 1
_crypto_stream_chacha20_ietf_keygen 0 1
_crypto_stream_chacha20_ietf_noncebytes 0 1
_crypto_stream_chacha20_ietf_xor 0 1
_crypto_stream_chacha20_ietf_xor_ic 0 1
_crypto_stream_chacha20_ietf_keybytes 0 1
_crypto_stream_chacha20_ietf_keygen 0 1
_crypto_stream_chacha20_keybytes 0 1
_crypto_stream_chacha20_keygen 0 1
_crypto_stream_chacha20_noncebytes 0 1

File diff suppressed because one or more lines are too long

View File

@ -347,6 +347,7 @@
<ClCompile Include="src\libsodium\crypto_hash\sha512\cp\hash_sha512_cp.c" />
<ClCompile Include="src\libsodium\crypto_kdf\crypto_kdf.c" />
<ClCompile Include="src\libsodium\crypto_kdf\blake2b\kdf_blake2b.c" />
<ClCompile Include="src\libsodium\crypto_kx\crypto_kx.c" />
<ClCompile Include="src\libsodium\crypto_onetimeauth\crypto_onetimeauth.c" />
<ClCompile Include="src\libsodium\crypto_onetimeauth\poly1305\onetimeauth_poly1305.c" />
<ClCompile Include="src\libsodium\crypto_onetimeauth\poly1305\donna\poly1305_donna.c" />
@ -503,6 +504,7 @@
<ClInclude Include="src\libsodium\include\sodium\crypto_int64.h" />
<ClInclude Include="src\libsodium\include\sodium\crypto_kdf.h" />
<ClInclude Include="src\libsodium\include\sodium\crypto_kdf_blake2b.h" />
<ClInclude Include="src\libsodium\include\sodium\crypto_kx.h" />
<ClInclude Include="src\libsodium\include\sodium\crypto_onetimeauth.h" />
<ClInclude Include="src\libsodium\include\sodium\crypto_onetimeauth_poly1305.h" />
<ClInclude Include="src\libsodium\include\sodium\crypto_pwhash.h" />

View File

@ -111,6 +111,9 @@
<ClCompile Include="src\libsodium\crypto_kdf\blake2b\kdf_blake2b.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="src\libsodium\crypto_kx\crypto_kx.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="src\libsodium\crypto_onetimeauth\crypto_onetimeauth.c">
<Filter>Source Files</Filter>
</ClCompile>
@ -575,6 +578,9 @@
<ClInclude Include="src\libsodium\include\sodium\crypto_kdf_blake2b.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="src\libsodium\include\sodium\crypto_kx.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="src\libsodium\include\sodium\crypto_onetimeauth.h">
<Filter>Header Files</Filter>
</ClInclude>

View File

@ -35,6 +35,7 @@ libsodium_la_SOURCES = \
crypto_hash/sha512/cp/hash_sha512_cp.c \
crypto_kdf/blake2b/kdf_blake2b.c \
crypto_kdf/crypto_kdf.c \
crypto_kx/crypto_kx.c \
crypto_onetimeauth/crypto_onetimeauth.c \
crypto_onetimeauth/poly1305/onetimeauth_poly1305.c \
crypto_onetimeauth/poly1305/onetimeauth_poly1305.h \

View File

@ -0,0 +1,136 @@
#include <stddef.h>
#include "crypto_generichash.h"
#include "crypto_kx.h"
#include "crypto_scalarmult.h"
#include "private/common.h"
#include "randombytes.h"
#include "utils.h"
int
crypto_kx_seed_keypair(unsigned char pk[crypto_kx_PUBLICKEYBYTES],
unsigned char sk[crypto_kx_SECRETKEYBYTES],
const unsigned char seed[crypto_kx_SEEDBYTES])
{
crypto_generichash(sk, crypto_kx_SECRETKEYBYTES,
seed, crypto_kx_SEEDBYTES, NULL, 0);
return crypto_scalarmult_base(pk, sk);
}
int
crypto_kx_keypair(unsigned char pk[crypto_kx_PUBLICKEYBYTES],
unsigned char sk[crypto_kx_SECRETKEYBYTES])
{
COMPILER_ASSERT(crypto_kx_SECRETKEYBYTES == crypto_scalarmult_SCALARBYTES);
COMPILER_ASSERT(crypto_kx_PUBLICKEYBYTES == crypto_scalarmult_BYTES);
randombytes_buf(sk, crypto_kx_SECRETKEYBYTES);
return crypto_scalarmult_base(pk, sk);
}
int
crypto_kx_client_session_keys(unsigned char rx[crypto_kx_SESSIONKEYBYTES],
unsigned char tx[crypto_kx_SESSIONKEYBYTES],
const unsigned char client_pk[crypto_kx_PUBLICKEYBYTES],
const unsigned char client_sk[crypto_kx_SECRETKEYBYTES],
const unsigned char server_pk[crypto_kx_PUBLICKEYBYTES])
{
crypto_generichash_state h;
unsigned char q[crypto_scalarmult_BYTES];
unsigned char keys[2 * crypto_kx_SESSIONKEYBYTES];
int i;
if (rx == NULL) {
rx = tx;
}
if (tx == NULL) {
tx = rx;
}
if (crypto_scalarmult(q, client_sk, server_pk) != 0) {
return -1;
}
COMPILER_ASSERT(sizeof keys <= crypto_generichash_BYTES_MAX);
crypto_generichash_init(&h, NULL, 0U, sizeof keys);
crypto_generichash_update(&h, q, crypto_scalarmult_BYTES);
sodium_memzero(q, sizeof q);
crypto_generichash_update(&h, client_pk, crypto_kx_PUBLICKEYBYTES);
crypto_generichash_update(&h, server_pk, crypto_kx_PUBLICKEYBYTES);
crypto_generichash_final(&h, keys, sizeof keys);
sodium_memzero(&h, sizeof h);
for (i = 0; i < crypto_kx_SESSIONKEYBYTES; i++) {
rx[i] = keys[i];
tx[i] = keys[i + crypto_kx_SESSIONKEYBYTES];
}
sodium_memzero(keys, sizeof keys);
return 0;
}
int
crypto_kx_server_session_keys(unsigned char rx[crypto_kx_SESSIONKEYBYTES],
unsigned char tx[crypto_kx_SESSIONKEYBYTES],
const unsigned char server_pk[crypto_kx_PUBLICKEYBYTES],
const unsigned char server_sk[crypto_kx_SECRETKEYBYTES],
const unsigned char client_pk[crypto_kx_PUBLICKEYBYTES])
{
crypto_generichash_state h;
unsigned char q[crypto_scalarmult_BYTES];
unsigned char keys[2 * crypto_kx_SESSIONKEYBYTES];
int i;
if (rx == NULL) {
rx = tx;
}
if (tx == NULL) {
tx = rx;
}
if (crypto_scalarmult(q, server_sk, client_pk) != 0) {
return -1;
}
COMPILER_ASSERT(sizeof keys <= crypto_generichash_BYTES_MAX);
crypto_generichash_init(&h, NULL, 0U, sizeof keys);
crypto_generichash_update(&h, q, crypto_scalarmult_BYTES);
sodium_memzero(q, sizeof q);
crypto_generichash_update(&h, client_pk, crypto_kx_PUBLICKEYBYTES);
crypto_generichash_update(&h, server_pk, crypto_kx_PUBLICKEYBYTES);
crypto_generichash_final(&h, keys, sizeof keys);
sodium_memzero(&h, sizeof h);
for (i = 0; i < crypto_kx_SESSIONKEYBYTES; i++) {
tx[i] = keys[i];
rx[i] = keys[i + crypto_kx_SESSIONKEYBYTES];
}
sodium_memzero(keys, sizeof keys);
return 0;
}
size_t
crypto_kx_publickeybytes(void)
{
return crypto_kx_PUBLICKEYBYTES;
}
size_t
crypto_kx_secretkeybytes(void)
{
return crypto_kx_SECRETKEYBYTES;
}
size_t
crypto_kx_seedbytes(void)
{
return crypto_kx_SEEDBYTES;
}
size_t
crypto_kx_sessionkeybytes(void)
{
return crypto_kx_SESSIONKEYBYTES;
}
const char *
crypto_kx_primitive(void)
{
return crypto_kx_PRIMITIVE;
}

View File

@ -24,6 +24,7 @@ SODIUM_EXPORT = \
sodium/crypto_hash_sha512.h \
sodium/crypto_kdf.h \
sodium/crypto_kdf_blake2b.h \
sodium/crypto_kx.h \
sodium/crypto_onetimeauth.h \
sodium/crypto_onetimeauth_poly1305.h \
sodium/crypto_pwhash.h \

View File

@ -26,6 +26,7 @@
#include "sodium/crypto_hash_sha512.h"
#include "sodium/crypto_kdf.h"
#include "sodium/crypto_kdf_blake2b.h"
#include "sodium/crypto_kx.h"
#include "sodium/crypto_onetimeauth.h"
#include "sodium/crypto_onetimeauth_poly1305.h"
#include "sodium/crypto_pwhash.h"

View File

@ -0,0 +1,64 @@
#ifndef crypto_kx_H
#define crypto_kx_H
#include <stddef.h>
#include "export.h"
#ifdef __cplusplus
# ifdef __GNUC__
# pragma GCC diagnostic ignored "-Wlong-long"
# endif
extern "C" {
#endif
#define crypto_kx_PUBLICKEYBYTES 32
SODIUM_EXPORT
size_t crypto_kx_publickeybytes(void);
#define crypto_kx_SECRETKEYBYTES 32
SODIUM_EXPORT
size_t crypto_kx_secretkeybytes(void);
#define crypto_kx_SEEDBYTES 32
SODIUM_EXPORT
size_t crypto_kx_seedbytes(void);
#define crypto_kx_SESSIONKEYBYTES 32
SODIUM_EXPORT
size_t crypto_kx_sessionkeybytes(void);
#define crypto_kx_PRIMITIVE "x25519blake2b"
SODIUM_EXPORT
const char *crypto_kx_primitive(void);
SODIUM_EXPORT
int crypto_kx_seed_keypair(unsigned char pk[crypto_kx_PUBLICKEYBYTES],
unsigned char sk[crypto_kx_SECRETKEYBYTES],
const unsigned char seed[crypto_kx_SEEDBYTES]);
SODIUM_EXPORT
int crypto_kx_keypair(unsigned char pk[crypto_kx_PUBLICKEYBYTES],
unsigned char sk[crypto_kx_SECRETKEYBYTES]);
SODIUM_EXPORT
int crypto_kx_client_session_keys(unsigned char rx[crypto_kx_SESSIONKEYBYTES],
unsigned char tx[crypto_kx_SESSIONKEYBYTES],
const unsigned char client_pk[crypto_kx_PUBLICKEYBYTES],
const unsigned char client_sk[crypto_kx_SECRETKEYBYTES],
const unsigned char server_pk[crypto_kx_PUBLICKEYBYTES])
__attribute__ ((warn_unused_result));
SODIUM_EXPORT
int crypto_kx_server_session_keys(unsigned char rx[crypto_kx_SESSIONKEYBYTES],
unsigned char tx[crypto_kx_SESSIONKEYBYTES],
const unsigned char server_pk[crypto_kx_PUBLICKEYBYTES],
const unsigned char server_sk[crypto_kx_SECRETKEYBYTES],
const unsigned char client_pk[crypto_kx_PUBLICKEYBYTES])
__attribute__ ((warn_unused_result));
#ifdef __cplusplus
}
#endif
#endif

View File

@ -36,6 +36,7 @@ EXTRA_DIST = \
hash3.exp \
kdf.exp \
keygen.exp \
kx.exp \
onetimeauth.exp \
onetimeauth2.exp \
onetimeauth7.exp \
@ -103,6 +104,7 @@ DISTCLEANFILES = \
hash3.res \
kdf.res \
keygen.res \
kx.res \
onetimeauth.res \
onetimeauth2.res \
onetimeauth7.res \
@ -171,6 +173,7 @@ CLEANFILES = \
hash3.final \
kdf.final \
keygen.final \
kx.final \
onetimeauth.final \
onetimeauth2.final \
onetimeauth7.final \
@ -234,6 +237,7 @@ CLEANFILES = \
hash3.nexe \
kdf.nexe \
keygen.nexe \
kx.nexe \
onetimeauth.nexe \
onetimeauth2.nexe \
onetimeauth7.nexe \
@ -309,6 +313,7 @@ TESTS_TARGETS = \
hash3 \
kdf \
keygen \
kx \
onetimeauth \
onetimeauth2 \
onetimeauth7 \
@ -449,6 +454,9 @@ kdf_LDADD = $(TESTS_LDADD)
keygen_SOURCE = cmptest.h keygen.c
keygen_LDADD = $(TESTS_LDADD)
kx_SOURCE = cmptest.h kx.c
kx_LDADD = $(TESTS_LDADD)
onetimeauth_SOURCE = cmptest.h onetimeauth.c
onetimeauth_LDADD = $(TESTS_LDADD)

119
test/default/kx.c Normal file
View File

@ -0,0 +1,119 @@
#define TEST_NAME "kx"
#include "cmptest.h"
static void
tv_kx(void)
{
unsigned char *seed;
unsigned char *client_pk, *client_sk;
unsigned char *client_rx, *client_tx;
unsigned char *server_pk, *server_sk;
unsigned char *server_rx, *server_tx;
char hex[65];
int i;
seed = (unsigned char *) sodium_malloc(crypto_kx_SEEDBYTES);
for (i = 0; i < crypto_kx_SEEDBYTES; i++) {
seed[i] = (unsigned char) i;
}
client_pk = (unsigned char *) sodium_malloc(crypto_kx_PUBLICKEYBYTES);
client_sk = (unsigned char *) sodium_malloc(crypto_kx_SECRETKEYBYTES);
crypto_kx_seed_keypair(client_pk, client_sk, seed);
sodium_bin2hex(hex, sizeof hex, client_pk, crypto_kx_PUBLICKEYBYTES);
printf("client_pk: [%s]\n", hex);
sodium_bin2hex(hex, sizeof hex, client_sk, crypto_kx_SECRETKEYBYTES);
printf("client_sk: [%s]\n", hex);
server_pk = (unsigned char *) sodium_malloc(crypto_kx_PUBLICKEYBYTES);
server_sk = (unsigned char *) sodium_malloc(crypto_kx_SECRETKEYBYTES);
crypto_kx_keypair(server_pk, server_sk);
client_rx = (unsigned char *) sodium_malloc(crypto_kx_SESSIONKEYBYTES);
client_tx = (unsigned char *) sodium_malloc(crypto_kx_SESSIONKEYBYTES);
if (crypto_kx_client_session_keys(client_rx, client_tx,
client_pk, client_sk, server_pk) != 0) {
printf("crypto_kx_client_session_keys() failed\n");
}
server_rx = (unsigned char *) sodium_malloc(crypto_kx_SESSIONKEYBYTES);
server_tx = (unsigned char *) sodium_malloc(crypto_kx_SESSIONKEYBYTES);
if (crypto_kx_server_session_keys(server_rx, server_tx,
server_pk, server_sk, client_pk) != 0) {
printf("crypto_kx_server_session_keys() failed\n");
}
if (memcmp(server_rx, client_tx, crypto_kx_SESSIONKEYBYTES) != 0 ||
memcmp(server_tx, client_rx, crypto_kx_SESSIONKEYBYTES) != 0) {
printf("client session keys != server session keys\n");
}
sodium_increment(client_pk, crypto_kx_PUBLICKEYBYTES);
if (crypto_kx_server_session_keys(server_rx, server_tx,
server_pk, server_sk, client_pk) != 0) {
printf("crypto_kx_server_session_keys() failed\n");
}
if (memcmp(server_rx, client_tx, crypto_kx_SESSIONKEYBYTES) == 0 &&
memcmp(server_tx, client_rx, crypto_kx_SESSIONKEYBYTES) == 0) {
printf("peer's public key is ignored\n");
}
crypto_kx_keypair(client_pk, client_sk);
if (crypto_kx_server_session_keys(server_rx, server_tx,
server_pk, server_sk, client_pk) != 0) {
printf("crypto_kx_server_session_keys() failed\n");
}
if (memcmp(server_rx, client_tx, crypto_kx_SESSIONKEYBYTES) == 0 ||
memcmp(server_tx, client_rx, crypto_kx_SESSIONKEYBYTES) == 0) {
printf("session keys are constant\n");
}
crypto_kx_seed_keypair(client_pk, client_sk, seed);
sodium_increment(seed, crypto_kx_SEEDBYTES);
crypto_kx_seed_keypair(server_pk, server_sk, seed);
if (crypto_kx_server_session_keys(server_rx, server_tx,
server_pk, server_sk, client_pk) != 0) {
printf("crypto_kx_server_session_keys() failed\n");
}
sodium_bin2hex(hex, sizeof hex, server_rx, crypto_kx_SESSIONKEYBYTES);
printf("server_rx: [%s]\n", hex);
sodium_bin2hex(hex, sizeof hex, server_tx, crypto_kx_SESSIONKEYBYTES);
printf("server_tx: [%s]\n", hex);
if (crypto_kx_client_session_keys(client_rx, client_tx,
client_pk, client_sk, server_pk) != 0) {
printf("crypto_kx_client_session_keys() failed\n");
}
sodium_bin2hex(hex, sizeof hex, client_rx, crypto_kx_SESSIONKEYBYTES);
printf("client_rx: [%s]\n", hex);
sodium_bin2hex(hex, sizeof hex, client_tx, crypto_kx_SESSIONKEYBYTES);
printf("client_tx: [%s]\n", hex);
sodium_free(client_rx);
sodium_free(client_tx);
sodium_free(server_rx);
sodium_free(server_tx);
sodium_free(server_sk);
sodium_free(server_pk);
sodium_free(client_sk);
sodium_free(client_pk);
sodium_free(seed);
assert(strcmp(crypto_kx_primitive(), crypto_kx_PRIMITIVE) == 0);
assert(crypto_kx_publickeybytes() == crypto_kx_PUBLICKEYBYTES);
assert(crypto_kx_secretkeybytes() == crypto_kx_SECRETKEYBYTES);
assert(crypto_kx_seedbytes() == crypto_kx_SEEDBYTES);
assert(crypto_kx_sessionkeybytes() == crypto_kx_SESSIONKEYBYTES);
printf("tv_kx: ok\n");
}
int
main(void)
{
tv_kx();
return 0;
}

7
test/default/kx.exp Normal file
View File

@ -0,0 +1,7 @@
client_pk: [0e0216223f147143d32615a91189c288c1728cba3cc5f9f621b1026e03d83129]
client_sk: [cb2f5160fc1f7e05a55ef49d340b48da2e5a78099d53393351cd579dd42503d6]
server_rx: [62c8f4fa81800abd0577d99918d129b65deb789af8c8351f391feb0cbf238604]
server_tx: [749519c68059bce69f7cfcc7b387a3de1a1e8237d110991323bf62870115731a]
client_rx: [749519c68059bce69f7cfcc7b387a3de1a1e8237d110991323bf62870115731a]
client_tx: [62c8f4fa81800abd0577d99918d129b65deb789af8c8351f391feb0cbf238604]
tv_kx: ok