crypto_chacha_ctx chacha;
crypto_poly1305_ctx poly;
} crypto_lock_ctx;
+#define crypto_unlock_ctx crypto_lock_ctx
// Hash (Blake2b)
typedef struct {
void crypto_lock_init(crypto_lock_ctx *ctx,
const uint8_t key[32],
const uint8_t nonce[24]);
-void crypto_lock_auth(crypto_lock_ctx *ctx,
- const uint8_t *message,
- size_t message_size);
+#define crypto_lock_aead_auth crypto_lock_auth
void crypto_lock_update(crypto_lock_ctx *ctx,
uint8_t *cipher_text,
const uint8_t *plain_text,
void crypto_lock_final(crypto_lock_ctx *ctx, uint8_t mac[16]);
// Incremental interface (decryption)
-// crypto_lock_init()
-// crypto_lock_auth()
+#define crypto_unlock_init crypto_lock_init
+#define crypto_unlock_aead_auth crypto_lock_auth
void crypto_unlock_update(crypto_lock_ctx *ctx,
uint8_t *plain_text,
const uint8_t *cipher_text,
// Key exchange (x25519 + HChacha20)
// ---------------------------------
-void crypto_x25519_public_key(uint8_t public_key[32],
- const uint8_t secret_key[32]);
+#define crypto_key_exchange_public_key crypto_x25519_public_key
int crypto_key_exchange(uint8_t shared_key [32],
const uint8_t your_secret_key [32],
const uint8_t their_public_key[32]);
// X-25519
// -------
-
-// Hash the shared secret before using it.
+void crypto_x25519_public_key(uint8_t public_key[32],
+ const uint8_t secret_key[32]);
int crypto_x25519(uint8_t raw_shared_secret[32],
const uint8_t your_secret_key [32],
const uint8_t their_public_key [32]);
// Building block for authenticated encryption
// -------------------------------------------
-
-// Encrypts (or decrypts), but does not authenticate.
void crypto_lock_encrypt(crypto_lock_ctx *ctx,
uint8_t *cipher_text,
const uint8_t *plain_text,
size_t text_size);
+void crypto_lock_auth(crypto_lock_ctx *ctx,
+ const uint8_t *message,
+ size_t message_size);
#endif // MONOCYPHER_H
crypto_aead_lock(mac1, cipher1, key, nonce,
ad, ad_size, plain, text_size);
crypto_lock_ctx ctx;
- crypto_lock_init (&ctx, key, nonce);
- crypto_lock_auth (&ctx, ad1, ad_size1); // just to show ad also have
- crypto_lock_auth (&ctx, ad2, ad_size2); // an incremental interface
- crypto_lock_update(&ctx, cipher2 , plain1, text_size1);
- crypto_lock_update(&ctx, cipher2 + text_size1, plain2, text_size2);
- crypto_lock_final (&ctx, mac2);
+ crypto_lock_init (&ctx, key, nonce);
+ crypto_lock_aead_auth(&ctx, ad1, ad_size1); // just to show ad also have
+ crypto_lock_aead_auth(&ctx, ad2, ad_size2); // an incremental interface
+ crypto_lock_update (&ctx, cipher2 , plain1, text_size1);
+ crypto_lock_update (&ctx, cipher2 + text_size1, plain2, text_size2);
+ crypto_lock_final (&ctx, mac2);
status |= memcmp(mac1 , mac2 , 16 );
status |= memcmp(cipher1, cipher2, text_size);
u8 re_plain2[256];
status |= crypto_aead_unlock(re_plain1, key, nonce, mac1,
ad, ad_size, cipher1, text_size);
- crypto_lock_init (&ctx, key, nonce);
- crypto_lock_auth (&ctx, ad, ad_size);
- crypto_unlock_update(&ctx, re_plain2, cipher2, text_size);
+ crypto_unlock_init (&ctx, key, nonce);
+ crypto_unlock_aead_auth(&ctx, ad, ad_size);
+ crypto_unlock_update (&ctx, re_plain2, cipher2, text_size);
status |= crypto_unlock_final(&ctx, mac2);
status |= memcmp(mac1 , mac2 , 16 );
status |= memcmp(plain, re_plain1, text_size);
status |= memcmp(plain, re_plain2, text_size);
// Test authentication without decryption
- crypto_lock_init(&ctx, key, nonce);
- crypto_lock_auth(&ctx, ad , ad_size );
- crypto_lock_auth(&ctx, cipher2, text_size);
+ crypto_lock_init (&ctx, key, nonce);
+ crypto_lock_aead_auth(&ctx, ad , ad_size );
+ crypto_lock_aead_auth(&ctx, cipher2, text_size);
status |= crypto_unlock_final(&ctx, mac2);
// The same, except we're supposed to reject forgeries
if (text_size > 0) {
cipher2[0]++; // forgery attempt
- crypto_lock_init(&ctx, key, nonce);
- crypto_lock_auth(&ctx, ad , ad_size );
- crypto_lock_auth(&ctx, cipher2, text_size);
+ crypto_lock_init (&ctx, key, nonce);
+ crypto_lock_aead_auth(&ctx, ad , ad_size );
+ crypto_lock_aead_auth(&ctx, cipher2, text_size);
status |= !crypto_unlock_final(&ctx, mac2);
}
}
projects / Monocypher.git / commitdiff