From cd846d601227db0047c35b551858d62d6b794127 Mon Sep 17 00:00:00 2001
From: Uros Majstorovic <majstor@majstor.org>
Date: Wed, 2 Feb 2022 06:21:09 +0100
Subject: fixed new crypto
---
ecp/src/crypto/Makefile | 22 ++++++++++------------
ecp/src/crypto/crypto.c | 38 +++++++++++++++++++++++++++-----------
ecp/src/crypto/crypto.h | 23 +++++++++++++++++++----
3 files changed, 56 insertions(+), 27 deletions(-)
(limited to 'ecp/src/crypto')
diff --git a/ecp/src/crypto/Makefile b/ecp/src/crypto/Makefile
index cbbc60f..b1d2996 100644
--- a/ecp/src/crypto/Makefile
+++ b/ecp/src/crypto/Makefile
@@ -1,14 +1,12 @@
-include ../Makefile.platform
-CFLAGS += $(PIC) -Iinclude -I.. -D__BEGIN_HIDDEN_DECLS= -D__END_HIDDEN_DECLS=
+include ../common.mk
+ssl_dir = ../../../ext/libressl
+CFLAGS += -I$(ssl_dir)/include
+MAKEFLAGS += -I$(pwd)/..
-obj = crypto.o e_chacha20poly1305.o
-obj_dep = compat/explicit_bzero.o compat/timingsafe_memcmp.o compat/timingsafe_bcmp.o \
- chacha/chacha.o poly1305/poly1305.o \
- curve25519/curve25519.o curve25519/curve25519-generic.o \
- sha/sha256.o sha/sha512.o \
- arc4random/arc4random.o
-
-subdirs = compat curve25519 chacha poly1305 sha arc4random
+include $(ssl_dir)/ssl_obj.mk
+obj = crypto.o
+obj_ssl = $(addprefix $(ssl_dir)/,$(obj_dep))
+subdirs = $(ssl_dir)
%.o: %.c
@@ -18,10 +16,10 @@ all: $(obj)
for i in $(subdirs); do \
(cd $$i && $(MAKE)) || exit; \
done
- $(AR) rcs libecpcr.a $(obj) $(obj_dep)
+ $(AR) rcs libecpcr.a $(obj) $(obj_ssl)
clean:
- for i in $(subdirs) test; do \
+ for i in $(subdirs); do \
(cd $$i && $(MAKE) clean) || exit; \
done
rm -f *.o *.a
diff --git a/ecp/src/crypto/crypto.c b/ecp/src/crypto/crypto.c
index ae0b3d3..e1d06b3 100644
--- a/ecp/src/crypto/crypto.c
+++ b/ecp/src/crypto/crypto.c
@@ -1,16 +1,17 @@
#include <core.h>
#include <cr.h>
-#include <curve25519.h>
+#include <openssl/curve25519.h>
int ecp_cr_dh_mkpair(ecp_dh_public_t *pub, ecp_dh_private_t *priv, ecp_rng_t rand_buf) {
- int rv = X25519_keypair(*pub, *priv, rand_buf);
- if (!rv) return ECP_ERR;
+ X25519_keypair(*pub, *priv);
return ECP_OK;
}
int ecp_cr_dh_shsec(ecp_aead_key_t *shared, ecp_dh_public_t *pub, ecp_dh_private_t *priv) {
- int rv = X25519(*shared, *priv, *pub);
+ int rv;
+
+ rv = X25519(*shared, *priv, *pub);
if (!rv) return ECP_ERR;
return ECP_OK;
}
@@ -40,38 +41,53 @@ int ecp_cr_dh_pub_hash_eq(unsigned char *p1, unsigned char *p2) {
}
ssize_t ecp_cr_aead_enc(unsigned char *ct, size_t cl, unsigned char *pt, size_t pl, ecp_aead_key_t *k, unsigned char *n) {
+ uint8_t _n[ECP_AEAD_SIZE_NONCE + 4];
size_t ol;
- int rv = aead_chacha20_poly1305_seal(ct, &ol, cl, *k, ECP_AEAD_SIZE_TAG, n, ECP_AEAD_SIZE_NONCE, pt, pl, NULL, 0);
+ int rv;
+
+ memset(_n, 0, 4);
+ memcpy(_n + 4, n, ECP_AEAD_SIZE_NONCE);
+ rv = aead_chacha20_poly1305_seal(*k, ECP_AEAD_SIZE_TAG, ct, &ol, cl, _n, ECP_AEAD_SIZE_NONCE + 4, pt, pl, NULL, 0);
if (!rv) return ECP_ERR;
return ol;
}
ssize_t ecp_cr_aead_dec(unsigned char *pt, size_t pl, unsigned char *ct, size_t cl, ecp_aead_key_t *k, unsigned char *n) {
+ uint8_t _n[ECP_AEAD_SIZE_NONCE + 4];
size_t ol;
- int rv = aead_chacha20_poly1305_open(pt, &ol, pl, *k, ECP_AEAD_SIZE_TAG, n, ECP_AEAD_SIZE_NONCE, ct, cl, NULL, 0);
+ int rv;
+
+ memset(_n, 0, 4);
+ memcpy(_n + 4, n, ECP_AEAD_SIZE_NONCE);
+ rv = aead_chacha20_poly1305_open(*k, ECP_AEAD_SIZE_TAG, pt, &ol, pl, _n, ECP_AEAD_SIZE_NONCE + 4, ct, cl, NULL, 0);
if (!rv) return ECP_ERR;
return ol;
}
int ecp_cr_dsa_mkpair(ecp_dsa_public_t *pub, ecp_dsa_private_t *priv, ecp_rng_t rand_buf) {
- unsigned char key[2*ECP_DSA_SIZE_KEY];
+ unsigned char key[2*ECP_DSA_SIZE_KEY];
- int rv = ED25519_keypair(*pub, key, rand_buf);
- if (!rv) return ECP_ERR;
+ ED25519_keypair(*pub, key);
memcpy(priv, key, ECP_DSA_SIZE_KEY);
return ECP_OK;
}
int ecp_cr_dsa_sign(unsigned char *sig, unsigned char *m, size_t ml, ecp_dsa_public_t *p, ecp_dsa_private_t *s) {
unsigned char key[2*ECP_DSA_SIZE_KEY];
+ int rv;
+
memcpy(key, s, ECP_DSA_SIZE_KEY);
memcpy(key+ECP_DSA_SIZE_KEY, p, ECP_DSA_SIZE_KEY);
- int rv = ED25519_sign(sig, m, ml, key);
+ rv = ED25519_sign(sig, m, ml, key);
if (!rv) return ECP_ERR;
return ECP_OK;
}
int ecp_cr_dsa_verify(unsigned char *m, size_t ml, unsigned char *sig, ecp_dsa_public_t *p) {
- return ED25519_verify(m, ml, sig, *p);
+ int rv;
+
+ rv = ED25519_verify(m, ml, sig, *p);
+ if (rv == 1) return ECP_OK;
+ return ECP_ERR;
}
diff --git a/ecp/src/crypto/crypto.h b/ecp/src/crypto/crypto.h
index 86b072c..378500c 100644
--- a/ecp/src/crypto/crypto.h
+++ b/ecp/src/crypto/crypto.h
@@ -9,6 +9,7 @@
#define ECP_AEAD_SIZE_NONCE 8
#define ECP_DSA_SIZE_KEY 32
+#define ECP_DSA_SIZE_SIGNATURE 32
typedef uint8_t ecp_dh_public_t[ECP_ECDH_SIZE_KEY];
typedef uint8_t ecp_dh_private_t[ECP_ECDH_SIZE_KEY];
@@ -17,15 +18,29 @@ typedef uint8_t ecp_dsa_public_t[ECP_DSA_SIZE_KEY];
typedef uint8_t ecp_dsa_private_t[ECP_DSA_SIZE_KEY];
int
-aead_chacha20_poly1305_seal(unsigned char *out, size_t *out_len,
- size_t max_out_len, unsigned char key[32], unsigned char tag_len,
+aead_chacha20_poly1305_seal(unsigned char key[32], unsigned char tag_len,
+ unsigned char *out, size_t *out_len, size_t max_out_len,
const unsigned char *nonce, size_t nonce_len,
const unsigned char *in, size_t in_len,
const unsigned char *ad, size_t ad_len);
int
-aead_chacha20_poly1305_open(unsigned char *out, size_t *out_len,
- size_t max_out_len, unsigned char key[32], unsigned char tag_len,
+aead_chacha20_poly1305_open(unsigned char key[32], unsigned char tag_len,
+ unsigned char *out, size_t *out_len, size_t max_out_len,
+ const unsigned char *nonce, size_t nonce_len,
+ const unsigned char *in, size_t in_len,
+ const unsigned char *ad, size_t ad_len);
+
+int
+aead_xchacha20_poly1305_seal(unsigned char key[32], unsigned char tag_len,
+ unsigned char *out, size_t *out_len, size_t max_out_len,
+ const unsigned char *nonce, size_t nonce_len,
+ const unsigned char *in, size_t in_len,
+ const unsigned char *ad, size_t ad_len);
+
+int
+aead_xchacha20_poly1305_open(unsigned char key[32], unsigned char tag_len,
+ unsigned char *out, size_t *out_len, size_t max_out_len,
const unsigned char *nonce, size_t nonce_len,
const unsigned char *in, size_t in_len,
const unsigned char *ad, size_t ad_len);
--
cgit v1.2.3