From a53da7eecd02e01e6b2eb3d0d1112de4184abd1f Mon Sep 17 00:00:00 2001 From: Loup Vaillant Date: Thu, 11 Jan 2018 17:55:37 +0100 Subject: [PATCH] Adds high-level aliases to some low-level primitives Some low-level primitives are actually suitable as high-level functions. However, using them as such makes naming inconsistent and confusing. Proper aliases have been added to make user code more consistent. Macros (#define) have been used instead of function pointers to avoid various compilation problems. --- src/monocypher.h | 21 ++++++++++----------- tests/test.c | 30 +++++++++++++++--------------- 2 files changed, 25 insertions(+), 26 deletions(-) diff --git a/src/monocypher.h b/src/monocypher.h index 0324f20..41f15be 100644 --- a/src/monocypher.h +++ b/src/monocypher.h @@ -32,6 +32,7 @@ typedef struct { crypto_chacha_ctx chacha; crypto_poly1305_ctx poly; } crypto_lock_ctx; +#define crypto_unlock_ctx crypto_lock_ctx // Hash (Blake2b) typedef struct { @@ -112,9 +113,7 @@ int crypto_aead_unlock(uint8_t *plain_text, void crypto_lock_init(crypto_lock_ctx *ctx, const uint8_t key[32], const uint8_t nonce[24]); -void crypto_lock_auth(crypto_lock_ctx *ctx, - const uint8_t *message, - size_t message_size); +#define crypto_lock_aead_auth crypto_lock_auth void crypto_lock_update(crypto_lock_ctx *ctx, uint8_t *cipher_text, const uint8_t *plain_text, @@ -122,8 +121,8 @@ void crypto_lock_update(crypto_lock_ctx *ctx, void crypto_lock_final(crypto_lock_ctx *ctx, uint8_t mac[16]); // Incremental interface (decryption) -// crypto_lock_init() -// crypto_lock_auth() +#define crypto_unlock_init crypto_lock_init +#define crypto_unlock_aead_auth crypto_lock_auth void crypto_unlock_update(crypto_lock_ctx *ctx, uint8_t *plain_text, const uint8_t *cipher_text, @@ -171,8 +170,7 @@ void crypto_argon2i_general(uint8_t *hash, uint32_t hash_size, // >= // Key exchange (x25519 + HChacha20) // --------------------------------- -void crypto_x25519_public_key(uint8_t public_key[32], - const uint8_t secret_key[32]); +#define crypto_key_exchange_public_key crypto_x25519_public_key int crypto_key_exchange(uint8_t shared_key [32], const uint8_t your_secret_key [32], const uint8_t their_public_key[32]); @@ -267,8 +265,8 @@ void crypto_poly1305_final (crypto_poly1305_ctx *ctx, uint8_t mac[16]); // X-25519 // ------- - -// Hash the shared secret before using it. +void crypto_x25519_public_key(uint8_t public_key[32], + const uint8_t secret_key[32]); int crypto_x25519(uint8_t raw_shared_secret[32], const uint8_t your_secret_key [32], const uint8_t their_public_key [32]); @@ -276,11 +274,12 @@ int crypto_x25519(uint8_t raw_shared_secret[32], // Building block for authenticated encryption // ------------------------------------------- - -// Encrypts (or decrypts), but does not authenticate. void crypto_lock_encrypt(crypto_lock_ctx *ctx, uint8_t *cipher_text, const uint8_t *plain_text, size_t text_size); +void crypto_lock_auth(crypto_lock_ctx *ctx, + const uint8_t *message, + size_t message_size); #endif // MONOCYPHER_H diff --git a/tests/test.c b/tests/test.c index bd25d21..966845a 100644 --- a/tests/test.c +++ b/tests/test.c @@ -662,12 +662,12 @@ static int p_lock_incremental() crypto_aead_lock(mac1, cipher1, key, nonce, ad, ad_size, plain, text_size); crypto_lock_ctx ctx; - crypto_lock_init (&ctx, key, nonce); - crypto_lock_auth (&ctx, ad1, ad_size1); // just to show ad also have - crypto_lock_auth (&ctx, ad2, ad_size2); // an incremental interface - crypto_lock_update(&ctx, cipher2 , plain1, text_size1); - crypto_lock_update(&ctx, cipher2 + text_size1, plain2, text_size2); - crypto_lock_final (&ctx, mac2); + crypto_lock_init (&ctx, key, nonce); + crypto_lock_aead_auth(&ctx, ad1, ad_size1); // just to show ad also have + crypto_lock_aead_auth(&ctx, ad2, ad_size2); // an incremental interface + crypto_lock_update (&ctx, cipher2 , plain1, text_size1); + crypto_lock_update (&ctx, cipher2 + text_size1, plain2, text_size2); + crypto_lock_final (&ctx, mac2); status |= memcmp(mac1 , mac2 , 16 ); status |= memcmp(cipher1, cipher2, text_size); @@ -676,25 +676,25 @@ static int p_lock_incremental() u8 re_plain2[256]; status |= crypto_aead_unlock(re_plain1, key, nonce, mac1, ad, ad_size, cipher1, text_size); - crypto_lock_init (&ctx, key, nonce); - crypto_lock_auth (&ctx, ad, ad_size); - crypto_unlock_update(&ctx, re_plain2, cipher2, text_size); + crypto_unlock_init (&ctx, key, nonce); + crypto_unlock_aead_auth(&ctx, ad, ad_size); + crypto_unlock_update (&ctx, re_plain2, cipher2, text_size); status |= crypto_unlock_final(&ctx, mac2); status |= memcmp(mac1 , mac2 , 16 ); status |= memcmp(plain, re_plain1, text_size); status |= memcmp(plain, re_plain2, text_size); // Test authentication without decryption - crypto_lock_init(&ctx, key, nonce); - crypto_lock_auth(&ctx, ad , ad_size ); - crypto_lock_auth(&ctx, cipher2, text_size); + crypto_lock_init (&ctx, key, nonce); + crypto_lock_aead_auth(&ctx, ad , ad_size ); + crypto_lock_aead_auth(&ctx, cipher2, text_size); status |= crypto_unlock_final(&ctx, mac2); // The same, except we're supposed to reject forgeries if (text_size > 0) { cipher2[0]++; // forgery attempt - crypto_lock_init(&ctx, key, nonce); - crypto_lock_auth(&ctx, ad , ad_size ); - crypto_lock_auth(&ctx, cipher2, text_size); + crypto_lock_init (&ctx, key, nonce); + crypto_lock_aead_auth(&ctx, ad , ad_size ); + crypto_lock_aead_auth(&ctx, cipher2, text_size); status |= !crypto_unlock_final(&ctx, mac2); } } -- 2.47.3