.\"
.\" ----------------------------------------------------------------------------
.\"
-.\" Copyright (c) 2020 Fabio Scotoni
+.\" Copyright (c) 2020, 2022 Fabio Scotoni
.\" All rights reserved.
.\"
.\"
.\"
.\" ----------------------------------------------------------------------------
.\"
-.\" Written in 2020 by Fabio Scotoni
+.\" Written in 2020 and 2022 by Fabio Scotoni
.\"
.\" To the extent possible under law, the author(s) have dedicated all copyright
.\" and related neighboring rights to this software to the public domain
.\" with this software. If not, see
.\" <https://creativecommons.org/publicdomain/zero/1.0/>
.\"
-.Dd March 31, 2020
+.Dd February 13, 2022
.Dt CRYPTO_CURVE_TO_HIDDEN 3MONOCYPHER
.Os
.Sh NAME
Unless you are implementing an protocol that requires
indistinguishability of all communications from random noise,
consider
-.Xr crypto_key_exchange_public_key 3monocypher
+.Xr crypto_x25519 3monocypher
instead.
+Both this family of functions and
+.Xr crypto_x25519 3monocypher
+should be used as a building block to implement a key exchange protocol.
.Pp
For understanding what these functions do, it is important to note that
a
uint8_t your_sk [32]; /* Your secret key */
uint8_t shared_key[32]; /* Shared session key */
crypto_hidden_to_curve(their_pk, hidden_pk);
-crypto_key_exchange(shared_key, your_sk, their_pk);
+crypto_x25519(shared_key, your_sk, their_pk);
/* Wipe secrets if they are no longer needed */
crypto_wipe(your_sk, 32);
.Ed
.Sh SEE ALSO
-.Xr crypto_key_exchange 3monocypher ,
.Xr crypto_x25519 3monocypher ,
.Xr crypto_x25519_dirty_small 3monocypher ,
.Xr intro 3monocypher
.\"
.\" ----------------------------------------------------------------------------
.\"
-.\" Copyright (c) 2020 Fabio Scotoni
+.\" Copyright (c) 2020, 2022 Fabio Scotoni
.\" All rights reserved.
.\"
.\"
.\"
.\" ----------------------------------------------------------------------------
.\"
-.\" Written in 2020 by Fabio Scotoni
+.\" Written in 2020 and 2022 by Fabio Scotoni
.\"
.\" To the extent possible under law, the author(s) have dedicated all copyright
.\" and related neighboring rights to this software to the public domain
.\" with this software. If not, see
.\" <https://creativecommons.org/publicdomain/zero/1.0/>
.\"
-.Dd March 25, 2020
+.Dd February 13, 2022
.Dt CRYPTO_FROM_EDDSA_PRIVATE 3MONOCYPHER
.Os
.Sh NAME
.Xr crypto_sign 3monocypher
(EdDSA with the BLAKE2b hash function)
to keys for use with
-.Xr crypto_key_exchange 3monocypher
+.Xr crypto_x25519 3monocypher
and
.Xr crypto_x25519 3monocypher .
This may be useful in some resource-constrained contexts or when no
These functions return nothing.
They cannot fail.
.Sh SEE ALSO
-.Xr crypto_key_exchange_public_key 3monocypher ,
+.Xr crypto_x25519 3monocypher ,
.Xr crypto_sign_public_key 3monocypher ,
.Xr intro 3monocypher
.Sh HISTORY
.\"
.\" Copyright (c) 2017-2019 Loup Vaillant
.\" Copyright (c) 2017-2018 Michael Savage
-.\" Copyright (c) 2019-2021 Fabio Scotoni
+.\" Copyright (c) 2019-2022 Fabio Scotoni
.\" All rights reserved.
.\"
.\"
.\"
.\" ----------------------------------------------------------------------------
.\"
-.\" Written in 2017-2021 by Loup Vaillant, Michael Savage and Fabio Scotoni
+.\" Written in 2017-2022 by Loup Vaillant, Michael Savage and Fabio Scotoni
.\"
.\" To the extent possible under law, the author(s) have dedicated all copyright
.\" and related neighboring rights to this software to the public domain
.\" with this software. If not, see
.\" <https://creativecommons.org/publicdomain/zero/1.0/>
.\"
-.Dd June 11, 2021
+.Dd February 13, 2022
.Dt CRYPTO_HCHACHA20 3MONOCYPHER
.Os
.Sh NAME
.Ed
.Sh SEE ALSO
.Xr crypto_chacha20_encrypt 3monocypher ,
-.Xr crypto_key_exchange 3monocypher ,
.Xr intro 3monocypher
.Sh STANDARDS
This function implements HChaCha20.
.\"
.\" Copyright (c) 2017-2021 Loup Vaillant
.\" Copyright (c) 2017-2018 Michael Savage
-.\" Copyright (c) 2017, 2019-2021 Fabio Scotoni
+.\" Copyright (c) 2017, 2019-2022 Fabio Scotoni
.\" All rights reserved.
.\"
.\"
.\"
.\" ----------------------------------------------------------------------------
.\"
-.\" Written in 2017-2021 by Loup Vaillant, Michael Savage and Fabio Scotoni
+.\" Written in 2017-2022 by Loup Vaillant, Michael Savage and Fabio Scotoni
.\"
.\" To the extent possible under law, the author(s) have dedicated all copyright
.\" and related neighboring rights to this software to the public domain
.\" with this software. If not, see
.\" <https://creativecommons.org/publicdomain/zero/1.0/>
.\"
-.Dd June 11, 2021
+.Dd February 13, 2022
.Dt CRYPTO_SIGN_INIT_FIRST_PASS 3MONOCYPHER
.Os
.Sh NAME
.Ed
.Sh SEE ALSO
.Xr crypto_blake2b 3monocypher ,
-.Xr crypto_key_exchange 3monocypher ,
+.Xr crypto_x25519 3monocypher ,
.Xr crypto_lock 3monocypher ,
.Xr crypto_sign 3monocypher ,
.Xr crypto_wipe 3monocypher ,
.\"
.\" ----------------------------------------------------------------------------
.\"
-.\" Copyright (c) 2020 Fabio Scotoni
+.\" Copyright (c) 2020, 2022 Fabio Scotoni
.\" All rights reserved.
.\"
.\"
.\"
.\" ----------------------------------------------------------------------------
.\"
-.\" Written in 2020 by Fabio Scotoni
+.\" Written in 2020 and 2022 by Fabio Scotoni
.\"
.\" To the extent possible under law, the author(s) have dedicated all copyright
.\" and related neighboring rights to this software to the public domain
.\" with this software. If not, see
.\" <https://creativecommons.org/publicdomain/zero/1.0/>
.\"
-.Dd March 24, 2020
+.Dd February 13, 2022
.Dt CRYPTO_X25519_DIRTY_FAST 3monocypher
.Os
.Sh NAME
.Xr crypto_curve_to_hidden 3monocypher ,
.Sy you likely have no reason to be using these functions
and are probably looking for
-.Xr crypto_key_exchange 3monocypher
-or
.Xr crypto_x25519 3monocypher
instead.
Expect elliptic curve jargon on this page.
.Fn crypto_x25519_dirty_fast .
.Pp
The resulting public keys are to be used with
-.Xr crypto_x25519 3monocypher
-or
-.Xr crypto_key_exchange 3monocypher ,
-which clear the cofactor.
+.Xr crypto_x25519 3monocypher ,
+which clears the cofactor.
.Sh RETURN VALUES
These functions have no return value.
They cannot fail.
.Sh SEE ALSO
.Xr crypto_curve_to_hidden 3monocypher ,
-.Xr crypto_key_exchange_public_key 3monocypher ,
.Xr crypto_x25519_public_key 3monocypher ,
.Xr intro 3monocypher
.Sh HISTORY
.\"
.\" ----------------------------------------------------------------------------
.\"
-.\" Copyright (c) 2020 Fabio Scotoni
+.\" Copyright (c) 2020, 2022 Fabio Scotoni
.\" All rights reserved.
.\"
.\"
.\"
.\" ----------------------------------------------------------------------------
.\"
-.\" Written in 2020 by Fabio Scotoni
+.\" Written in 2020 and 2022 by Fabio Scotoni
.\"
.\" To the extent possible under law, the author(s) have dedicated all copyright
.\" and related neighboring rights to this software to the public domain
.\" with this software. If not, see
.\" <https://creativecommons.org/publicdomain/zero/1.0/>
.\"
-.Dd March 24, 2020
+.Dd February 13, 2022
.Dt CRYPTO_X25519_INVERSE 3MONOCYPHER
.Os
.Sh NAME
unless you are implementing a protocol that requires this specifically,
.Sy you likely have no reason to be using these functions
and are probably looking for
-.Xr crypto_key_exchange 3monocypher
-or
.Xr crypto_x25519 3monocypher
instead.
Expect elliptic curve jargon on this page.
.\"
.\" Copyright (c) 2017-2019 Loup Vaillant
.\" Copyright (c) 2018 Michael Savage
-.\" Copyright (c) 2017, 2020-2021 Fabio Scotoni
+.\" Copyright (c) 2017, 2020-2022 Fabio Scotoni
.\" All rights reserved.
.\"
.\"
.\"
.\" ----------------------------------------------------------------------------
.\"
-.\" Written in 2017-2021 by Loup Vaillant, Michael Savage and Fabio Scotoni
+.\" Written in 2017-2022 by Loup Vaillant, Michael Savage and Fabio Scotoni
.\"
.\" To the extent possible under law, the author(s) have dedicated all copyright
.\" and related neighboring rights to this software to the public domain
.\" with this software. If not, see
.\" <https://creativecommons.org/publicdomain/zero/1.0/>
.\"
-.Dd June 11, 2021
+.Dd February 13, 2022
.Dt CRYPTO_BLAKE2B 3MONOCYPHER
.Os
.Sh NAME
crypto_blake2b_final(&ctx, hash);
.Ed
.Sh SEE ALSO
-.Xr crypto_key_exchange 3monocypher ,
+.Xr crypto_x25519 3monocypher ,
.Xr crypto_lock 3monocypher ,
.Xr intro 3monocypher
.Sh STANDARDS
.\"
.\" Copyright (c) 2017-2019 Loup Vaillant
.\" Copyright (c) 2017-2018 Michael Savage
-.\" Copyright (c) 2017, 2019-2021 Fabio Scotoni
+.\" Copyright (c) 2017, 2019-2022 Fabio Scotoni
.\" All rights reserved.
.\"
.\"
.\"
.\" ----------------------------------------------------------------------------
.\"
-.\" Written in 2017-2021 by Loup Vaillant, Michael Savage and Fabio Scotoni
+.\" Written in 2017-2022 by Loup Vaillant, Michael Savage and Fabio Scotoni
.\"
.\" To the extent possible under law, the author(s) have dedicated all copyright
.\" and related neighboring rights to this software to the public domain
.\" with this software. If not, see
.\" <https://creativecommons.org/publicdomain/zero/1.0/>
.\"
-.Dd June 11, 2021
+.Dd February 13, 2022
.Dt CRYPTO_LOCK 3MONOCYPHER
.Os
.Sh NAME
(the password must be communicated on a secure channel),
or even meeting physically.
See
-.Xr crypto_key_exchange 3monocypher
-for key exchange and
+.Xr crypto_x25519 3monocypher
+for a bulding block for a key exchange protocol and
.Xr crypto_argon2i 3monocypher
for password-based key derivation.
.It Fa nonce
}
.Ed
.Sh SEE ALSO
-.Xr crypto_key_exchange 3monocypher ,
+.Xr crypto_x25519 3monocypher ,
.Xr crypto_wipe 3monocypher ,
.Xr intro 3monocypher
.Sh STANDARDS
.\"
.\" Copyright (c) 2017-2019 Loup Vaillant
.\" Copyright (c) 2017-2018 Michael Savage
-.\" Copyright (c) 2017, 2019-2021 Fabio Scotoni
+.\" Copyright (c) 2017, 2019-2022 Fabio Scotoni
.\" All rights reserved.
.\"
.\"
.\"
.\" ----------------------------------------------------------------------------
.\"
-.\" Written in 2017-2021 by Loup Vaillant, Michael Savage and Fabio Scotoni
+.\" Written in 2017-2022 by Loup Vaillant, Michael Savage and Fabio Scotoni
.\"
.\" To the extent possible under law, the author(s) have dedicated all copyright
.\" and related neighboring rights to this software to the public domain
.\" with this software. If not, see
.\" <https://creativecommons.org/publicdomain/zero/1.0/>
.\"
-.Dd June 11, 2021
+.Dd February 13, 2022
.Dt CRYPTO_SIGN 3MONOCYPHER
.Os
.Sh NAME
everyone knows the public key, and the signature and message are
rarely secret.
If the message needs to be secret, use
-.Xr crypto_key_exchange 3monocypher
-and
+a key exchange protocol involving
+.Xr crypto_x25519 3monocypher
+and then
.Xr crypto_lock_aead 3monocypher
instead.
.Pp
.Ed
.Sh SEE ALSO
.Xr crypto_blake2b 3monocypher ,
-.Xr crypto_key_exchange 3monocypher ,
+.Xr crypto_x25519 3monocypher ,
.Xr crypto_lock 3monocypher ,
.Xr intro 3monocypher
.Sh STANDARDS
.\"
.\" Copyright (c) 2017-2021 Loup Vaillant
.\" Copyright (c) 2017-2018 Michael Savage
-.\" Copyright (c) 2017, 2019-2020 Fabio Scotoni
+.\" Copyright (c) 2017, 2019-2020, 2022 Fabio Scotoni
.\" Copyright (c) 2020 Richard Walmsley
.\" All rights reserved.
.\"
.\"
.\" ----------------------------------------------------------------------------
.\"
-.\" Written in 2017-2021 by Loup Vaillant, Michael Savage, Fabio Scotoni and
+.\" Written in 2017-2022 by Loup Vaillant, Michael Savage, Fabio Scotoni and
.\" Richard Walmsley
.\"
.\" To the extent possible under law, the author(s) have dedicated all copyright
.\" with this software. If not, see
.\" <https://creativecommons.org/publicdomain/zero/1.0/>
.\"
-.Dd June 6, 2021
+.Dd February 13, 2022
.Dt CRYPTO_X25519 3MONOCYPHER
.Os
.Sh NAME
.Fa your_secret_key
and
.Fa their_public_key .
-It is a low-level primitive.
-Use
-.Xr crypto_key_exchange 3monocypher
-unless you have a specific reason not to.
+It is a low-level primitive;
+X25519 is a building block for protocols.
+To perform a key exchange,
+use a higher level protocol,
+such as the X3DH key agreement protocol.
.Pp
.Fn crypto_x25519_public_key
-is the same as
-.Xr crypto_key_exchange_public_key 3monocypher .
-It deterministically computes the public key from a random secret key.
+deterministically computes the public key from a random secret key.
.Pp
The arguments are:
.Bl -tag -width Ds
crypto_wipe(shared_secret, 32);
.Ed
.Sh SEE ALSO
-.Xr crypto_key_exchange 3monocypher ,
.Xr intro 3monocypher
.Sh STANDARDS
This function implements X25519, described in RFC 7748.
.Fn crypto_key_exchange_public_key
deterministically computes the public key from a random secret key.
.Pp
+These functions are
+.Sy deprecated
+in favor of using a higher level protocol with
+.Xr crypto_x25519 3monocypher .
+.Pp
The arguments are:
.Bl -tag -width Ds
.It Fa shared_key
The
.Fn crypto_key_exchange_public_key
macro alias first appeared in Monocypher 1.1.0.
+Both were deprecated in Monocypher 3.1.3
+and are planned to be removed in Monocypher 4.0.0.
.Sh SECURITY CONSIDERATIONS
If either of the long-term secret keys leaks, it may compromise
.Em all past messages .
.\"
.\" Copyright (c) 2017-2021 Loup Vaillant
.\" Copyright (c) 2018 Michael Savage
-.\" Copyright (c) 2017, 2019-2021 Fabio Scotoni
+.\" Copyright (c) 2017, 2019-2022 Fabio Scotoni
.\" All rights reserved.
.\"
.\"
.\"
.\" ----------------------------------------------------------------------------
.\"
-.\" Written in 2017-2021 by Loup Vaillant, Michael Savage and Fabio Scotoni
+.\" Written in 2017-2022 by Loup Vaillant, Michael Savage and Fabio Scotoni
.\"
.\" To the extent possible under law, the author(s) have dedicated all copyright
.\" and related neighboring rights to this software to the public domain
.\" with this software. If not, see
.\" <https://creativecommons.org/publicdomain/zero/1.0/>
.\"
-.Dd June 11, 2021
+.Dd February 13, 2022
.Dt INTRO 3MONOCYPHER
.Os
.Sh NAME
Argon2 won the password hashing competition in 2015.
Unlike scrypt, Argon2i is immune to timing attacks.
.Ss Key exchange (Public Key Cryptography)
-.Xr crypto_key_exchange 3monocypher
+.Xr crypto_x25519 3monocypher
implements X25519, an elliptic curve Diffie Hellman key exchange
algorithm based on Curve25519.
X25519 derives a shared secret from two private/public key pairs.
.Xr crypto_hidden_to_curve 3monocypher ,
.Xr crypto_ietf_chacha20 3monocypher ,
.Xr crypto_ietf_chacha20_ctr 3monocypher ,
-.Xr crypto_key_exchange 3monocypher ,
.Xr crypto_lock 3monocypher ,
.Xr crypto_lock_aead 3monocypher ,
.Xr crypto_poly1305 3monocypher ,
.\"
.\" ----------------------------------------------------------------------------
.\"
-.\" Copyright (c) 2019-2020 Fabio Scotoni
+.\" Copyright (c) 2019-2020, 2022 Fabio Scotoni
.\" All rights reserved.
.\"
.\"
.\"
.\" ----------------------------------------------------------------------------
.\"
-.\" Written in 2019-2020 by Fabio Scotoni
+.\" Written in 2019-2020 and 2022 by Fabio Scotoni
.\"
.\" To the extent possible under law, the author(s) have dedicated all copyright
.\" and related neighboring rights to this software to the public domain
.\" with this software. If not, see
.\" <https://creativecommons.org/publicdomain/zero/1.0/>
.\"
-.Dd May 24, 2020
+.Dd February 13, 2022
.Dt CRYPTO_ED25519_SIGN 3MONOCYPHER
.Os
.Sh NAME
returns 0 for legitimate messages and -1 for forgeries.
.Sh SEE ALSO
.Xr crypto_check 3monocypher ,
-.Xr crypto_key_exchange 3monocypher ,
+.Xr crypto_x25519 3monocypher ,
.Xr crypto_lock 3monocypher ,
.Xr crypto_sha512 3monocypher ,
.Xr intro 3monocypher
.\"
.\" ----------------------------------------------------------------------------
.\"
-.\" Copyright (c) 2019-2020 Fabio Scotoni
+.\" Copyright (c) 2019-2020, 2022 Fabio Scotoni
.\" All rights reserved.
.\"
.\"
.\"
.\" ----------------------------------------------------------------------------
.\"
-.\" Written in 2019-2020 by Fabio Scotoni
+.\" Written in 2019-2020 and 2022 by Fabio Scotoni
.\"
.\" To the extent possible under law, the author(s) have dedicated all copyright
.\" and related neighboring rights to this software to the public domain
.\" with this software. If not, see
.\" <https://creativecommons.org/publicdomain/zero/1.0/>
.\"
-.Dd May 24,2020
+.Dd February 13, 2022
.Dt CRYPTO_ED25519_SIGN_INIT_FIRST_PASS 3MONOCYPHER
.Os
.Sh NAME
returns 0 for legitimate messages and -1 for forgeries.
.Sh SEE ALSO
.Xr crypto_blake2b 3monocypher ,
-.Xr crypto_key_exchange 3monocypher ,
+.Xr crypto_x25519 3monocypher ,
.Xr crypto_lock 3monocypher ,
.Xr crypto_ed25519_sign 3monocypher ,
.Xr crypto_sign 3monocypher ,
projects / Monocypher.git / commitdiff