|
 |
ca16be |
|
|
|
ca16be |
#include <string.h>
|
|
|
ca16be |
|
|
|
ca16be |
#include "crypto_box.h"
|
|
|
ca16be |
#include "crypto_generichash.h"
|
|
|
ca16be |
#include "private/common.h"
|
|
|
ca16be |
#include "utils.h"
|
|
|
ca16be |
|
|
|
ca16be |
static int
|
|
|
ca16be |
_crypto_box_seal_nonce(unsigned char *nonce,
|
|
|
ca16be |
const unsigned char *pk1, const unsigned char *pk2)
|
|
|
ca16be |
{
|
|
|
ca16be |
crypto_generichash_state st;
|
|
|
ca16be |
|
|
|
ca16be |
crypto_generichash_init(&st, NULL, 0U, crypto_box_NONCEBYTES);
|
|
|
ca16be |
crypto_generichash_update(&st, pk1, crypto_box_PUBLICKEYBYTES);
|
|
|
ca16be |
crypto_generichash_update(&st, pk2, crypto_box_PUBLICKEYBYTES);
|
|
|
ca16be |
crypto_generichash_final(&st, nonce, crypto_box_NONCEBYTES);
|
|
|
ca16be |
|
|
|
ca16be |
return 0;
|
|
|
ca16be |
}
|
|
|
ca16be |
|
|
|
ca16be |
int
|
|
|
ca16be |
crypto_box_seal(unsigned char *c, const unsigned char *m,
|
|
|
ca16be |
unsigned long long mlen, const unsigned char *pk)
|
|
|
ca16be |
{
|
|
|
ca16be |
unsigned char nonce[crypto_box_NONCEBYTES];
|
|
|
ca16be |
unsigned char epk[crypto_box_PUBLICKEYBYTES];
|
|
|
ca16be |
unsigned char esk[crypto_box_SECRETKEYBYTES];
|
|
|
ca16be |
int ret;
|
|
|
ca16be |
|
|
|
ca16be |
if (crypto_box_keypair(epk, esk) != 0) {
|
|
|
ca16be |
return -1; /* LCOV_EXCL_LINE */
|
|
|
ca16be |
}
|
|
|
ca16be |
memcpy(c, epk, crypto_box_PUBLICKEYBYTES);
|
|
|
ca16be |
_crypto_box_seal_nonce(nonce, epk, pk);
|
|
|
ca16be |
ret = crypto_box_easy(c + crypto_box_PUBLICKEYBYTES, m, mlen,
|
|
|
ca16be |
nonce, pk, esk);
|
|
|
ca16be |
sodium_memzero(esk, sizeof esk);
|
|
|
ca16be |
sodium_memzero(epk, sizeof epk);
|
|
|
ca16be |
sodium_memzero(nonce, sizeof nonce);
|
|
|
ca16be |
|
|
|
ca16be |
return ret;
|
|
|
ca16be |
}
|
|
|
ca16be |
|
|
|
ca16be |
int
|
|
|
ca16be |
crypto_box_seal_open(unsigned char *m, const unsigned char *c,
|
|
|
ca16be |
unsigned long long clen,
|
|
|
ca16be |
const unsigned char *pk, const unsigned char *sk)
|
|
|
ca16be |
{
|
|
|
ca16be |
unsigned char nonce[crypto_box_NONCEBYTES];
|
|
|
ca16be |
|
|
|
ca16be |
if (clen < crypto_box_SEALBYTES) {
|
|
|
ca16be |
return -1;
|
|
|
ca16be |
}
|
|
|
ca16be |
_crypto_box_seal_nonce(nonce, c, pk);
|
|
|
ca16be |
|
|
|
ca16be |
COMPILER_ASSERT(crypto_box_PUBLICKEYBYTES < crypto_box_SEALBYTES);
|
|
|
ca16be |
return crypto_box_open_easy(m, c + crypto_box_PUBLICKEYBYTES,
|
|
|
ca16be |
clen - crypto_box_PUBLICKEYBYTES,
|
|
|
ca16be |
nonce, c, sk);
|
|
|
ca16be |
}
|
|
|
ca16be |
|
|
|
ca16be |
size_t
|
|
|
ca16be |
crypto_box_sealbytes(void)
|
|
|
ca16be |
{
|
|
|
ca16be |
return crypto_box_SEALBYTES;
|
|
|
ca16be |
}
|