X-Git-Url: https://git.distorted.org.uk/~mdw/catacomb/blobdiff_plain/025c793f03564bfa2ead5fd64d26586f8b3009e4..1519ef6617fd7351bd40026b9eeb47c7f7f42234:/progs/cc-kem.c diff --git a/progs/cc-kem.c b/progs/cc-kem.c index 0942a2e5..36dfdb3d 100644 --- a/progs/cc-kem.c +++ b/progs/cc-kem.c @@ -33,6 +33,7 @@ #include #include +#include #include #include @@ -58,115 +59,6 @@ /*----- Bulk crypto -------------------------------------------------------*/ -/* --- NaCl `secretbox' --- */ - -typedef struct naclbox_encctx { - bulk b; - const gccipher *cc; - gcipher *c; -} naclbox_encctx; - -static bulk *naclbox_init(key *k, const char *calg, const char *halg) -{ - naclbox_encctx *ctx = CREATE(naclbox_encctx); - dstr t = DSTR_INIT; - const char *q; - - key_fulltag(k, &t); - - if ((q = key_getattr(0, k, "cipher")) != 0) calg = q; - if (!calg || strcmp(calg, "salsa20") == 0) ctx->cc = &salsa20; - else if (strcmp(calg, "salsa20/12") == 0) ctx->cc = &salsa2012; - else if (strcmp(calg, "salsa20/8") == 0) ctx->cc = &salsa208; - else if (strcmp(calg, "chacha20") == 0) ctx->cc = &chacha20; - else if (strcmp(calg, "chacha12") == 0) ctx->cc = &chacha12; - else if (strcmp(calg, "chacha8") == 0) ctx->cc = &chacha8; - else { - die(EXIT_FAILURE, - "unknown or inappropriate encryption scheme `%s' in key `%s'", - calg, t.buf); - } - - dstr_destroy(&t); - return (&ctx->b); -} - -static int naclbox_setup(bulk *b, gcipher *cx) -{ - naclbox_encctx *ctx = (naclbox_encctx *)b; - octet k[SALSA20_KEYSZ]; - - GC_ENCRYPT(cx, 0, k, sizeof(k)); - ctx->c = GC_INIT(ctx->cc, k, sizeof(k)); - return (0); -} - -static size_t naclbox_overhead(bulk *b) { return (POLY1305_TAGSZ); } - -static void naclbox_destroy(bulk *b) -{ - naclbox_encctx *ctx = (naclbox_encctx *)b; - - GC_DESTROY(ctx->c); - DESTROY(ctx); -} - -static const char *naclbox_encdoit(bulk *b, uint32 seq, buf *bb, - const void *p, size_t sz) -{ - naclbox_encctx *ctx = (naclbox_encctx *)b; - octet t[32]; - poly1305_key ak; - poly1305_ctx a; - octet *tag, *ct; - - STORE32(t, seq); STORE32(t + 4, 0); GC_SETIV(ctx->c, t); - GC_ENCRYPT(ctx->c, 0, t, POLY1305_KEYSZ + POLY1305_MASKSZ); - poly1305_keyinit(&ak, t, POLY1305_KEYSZ); - poly1305_macinit(&a, &ak, t + POLY1305_KEYSZ); - - tag = buf_get(bb, POLY1305_TAGSZ); assert(tag); - ct = buf_get(bb, sz); assert(ct); - GC_ENCRYPT(ctx->c, p, ct, sz); - poly1305_hash(&a, ct, sz); - poly1305_done(&a, tag); - return (0); -} - -static const char *naclbox_decdoit(bulk *b, uint32 seq, buf *bb, - const void *p, size_t sz) -{ - naclbox_encctx *ctx = (naclbox_encctx *)b; - buf bin; - octet t[32]; - poly1305_key ak; - poly1305_ctx a; - octet *tag, *ct, *pt; - - STORE32(t, seq); STORE32(t + 4, 0); GC_SETIV(ctx->c, t); - GC_ENCRYPT(ctx->c, 0, t, POLY1305_KEYSZ + POLY1305_MASKSZ); - poly1305_keyinit(&ak, t, POLY1305_KEYSZ); - poly1305_macinit(&a, &ak, t + POLY1305_KEYSZ); - - buf_init(&bin, (/*unconst*/ void *)p, sz); - if ((tag = buf_get(&bin, POLY1305_TAGSZ)) == 0) return ("no tag"); - ct = BCUR(&bin); sz = BLEFT(&bin); - poly1305_hash(&a, ct, sz); - poly1305_done(&a, t); - if (!ct_memeq(t, tag, POLY1305_TAGSZ)) return ("authentication failure"); - pt = buf_get(bb, sz); assert(pt); - GC_DECRYPT(ctx->c, ct, pt, sz); - return (0); -} - -static const bulkops naclbox_encops = { - naclbox_init, naclbox_setup, naclbox_overhead, - naclbox_encdoit, naclbox_destroy -}, naclbox_decops = { - naclbox_init, naclbox_setup, naclbox_overhead, - naclbox_decdoit, naclbox_destroy -}; - /* --- Authenticated encryption schemes --- */ typedef struct aead_encctx { @@ -308,6 +200,41 @@ static const struct bulkops aead_encops = { aead_decdoit, aead_decdestroy }; +/* --- NaCl `secretbox' in terms of AEAD --- */ + +static bulk *naclbox_init(key *k, const char *calg, const char *halg) +{ + const gcaead *aec; + dstr t = DSTR_INIT; + const char *q; + + key_fulltag(k, &t); + + if ((q = key_getattr(0, k, "cipher")) != 0) calg = q; + if (!calg || STRCMP(calg, ==, "salsa20")) aec = &salsa20_naclbox; + else if (STRCMP(calg, ==, "salsa20/12")) aec = &salsa2012_naclbox; + else if (STRCMP(calg, ==, "salsa20/8")) aec = &salsa208_naclbox; + else if (STRCMP(calg, ==, "chacha20")) aec = &chacha20_naclbox; + else if (STRCMP(calg, ==, "chacha12")) aec = &chacha12_naclbox; + else if (STRCMP(calg, ==, "chacha8")) aec = &chacha8_naclbox; + else { + die(EXIT_FAILURE, + "unknown or inappropriate encryption scheme `%s' in key `%s'", + calg, t.buf); + } + + dstr_destroy(&t); + return (aead_internalinit(k, aec)); +} + +static const bulkops naclbox_encops = { + naclbox_init, aead_encsetup, aead_overhead, + aead_encdoit, aead_encdestroy +}, naclbox_decops = { + naclbox_init, aead_decsetup, aead_overhead, + aead_decdoit, aead_decdestroy +}; + /* --- Generic composition --- */ typedef struct gencomp_encctx { @@ -940,7 +867,7 @@ kem *getkem(key *k, const char *app, int wantpriv, bulk **bc) if ((q = key_getattr(0, k, "kem")) != 0) { dstr_puts(&d, q); p = d.buf; - } else if (strncmp(k->type, app, n) == 0 && k->type[n] == '-') { + } else if (STRNCMP(k->type, ==, app, n) && k->type[n] == '-') { dstr_puts(&d, k->type); p = d.buf + n + 1; } else @@ -971,7 +898,7 @@ kem *getkem(key *k, const char *app, int wantpriv, bulk **bc) /* --- Instantiate the KEM --- */ for (kt = kemtab; kt->name; kt++) { - if (strcmp(kt->name, kalg) == 0) + if (STRCMP(kt->name, ==, kalg)) goto k_found; } die(EXIT_FAILURE, "key encapsulation mechanism `%s' not found in key `%s'", @@ -1008,10 +935,10 @@ k_found:; bt = bulktab; else { for (bt = bulktab, bo = 0; bt->name; bt++) { - if (strcmp(balg, bt->name) == 0) + if (STRCMP(balg, ==, bt->name)) { balg = 0; goto b_found; } n = strlen(bt->name); - if (strncmp(balg, bt->name, n) == 0 && balg[n] == '-') + if (STRNCMP(balg, ==, bt->name, n) && balg[n] == '-') { balg += n + 1; goto b_found; } } bt = bulktab;