2021-03-09 22:24:35 +00:00
|
|
|
#pragma once
|
2018-12-12 00:38:58 +00:00
|
|
|
|
2023-10-19 21:59:57 +00:00
|
|
|
#include "constants.hpp"
|
|
|
|
#include "types.hpp"
|
|
|
|
|
2023-10-24 13:18:03 +00:00
|
|
|
#include <llarp/util/buffer.hpp>
|
|
|
|
|
|
|
|
#include <cstdint>
|
|
|
|
#include <functional>
|
|
|
|
|
2018-12-12 00:38:58 +00:00
|
|
|
namespace llarp
|
|
|
|
{
|
2023-10-06 15:34:50 +00:00
|
|
|
/*
|
|
|
|
TODO:
|
|
|
|
- make uint8_t pointers const where needed
|
|
|
|
*/
|
|
|
|
|
2023-10-19 23:09:22 +00:00
|
|
|
namespace crypto
|
2018-12-13 21:28:50 +00:00
|
|
|
{
|
2023-09-27 14:09:48 +00:00
|
|
|
/// decrypt cipherText given the key generated from name
|
|
|
|
std::optional<AlignedBuffer<32>>
|
2023-10-23 22:58:58 +00:00
|
|
|
maybe_decrypt_name(std::string_view ciphertext, SymmNonce nonce, std::string_view name);
|
2020-09-17 19:18:08 +00:00
|
|
|
|
2019-01-02 01:04:03 +00:00
|
|
|
/// xchacha symmetric cipher
|
2023-09-27 14:09:48 +00:00
|
|
|
bool
|
2023-11-06 20:59:33 +00:00
|
|
|
xchacha20(uint8_t*, size_t size, const SharedSecret&, const SymmNonce&);
|
2023-10-16 13:39:57 +00:00
|
|
|
bool
|
|
|
|
xchacha20(uint8_t*, size_t size, const uint8_t*, const uint8_t*);
|
2019-01-26 15:40:58 +00:00
|
|
|
|
2023-11-06 20:59:33 +00:00
|
|
|
SymmNonce
|
2023-10-21 03:30:10 +00:00
|
|
|
onion(
|
|
|
|
unsigned char* buf,
|
|
|
|
size_t size,
|
|
|
|
const SharedSecret& k,
|
2023-11-06 20:59:33 +00:00
|
|
|
const SymmNonce& nonce,
|
|
|
|
const SymmNonce& xor_factor);
|
2023-10-21 03:30:10 +00:00
|
|
|
|
2018-12-13 21:28:50 +00:00
|
|
|
/// path dh creator's side
|
2023-09-27 14:09:48 +00:00
|
|
|
bool
|
2023-11-06 20:59:33 +00:00
|
|
|
dh_client(SharedSecret&, const PubKey&, const SecretKey&, const SymmNonce&);
|
2018-12-13 21:28:50 +00:00
|
|
|
/// path dh relay side
|
2023-09-27 14:09:48 +00:00
|
|
|
bool
|
2023-11-06 20:59:33 +00:00
|
|
|
dh_server(SharedSecret&, const PubKey&, const SecretKey&, const SymmNonce&);
|
2023-10-16 13:39:57 +00:00
|
|
|
bool
|
|
|
|
dh_server(
|
|
|
|
uint8_t* shared_secret,
|
|
|
|
const uint8_t* other_pk,
|
|
|
|
const uint8_t* local_pk,
|
|
|
|
const uint8_t* nonce);
|
2018-12-13 21:28:50 +00:00
|
|
|
/// blake2b 256 bit
|
2023-09-27 14:09:48 +00:00
|
|
|
bool
|
|
|
|
shorthash(ShortHash&, uint8_t*, size_t size);
|
|
|
|
/// blake2s 256 bit hmac
|
|
|
|
bool
|
|
|
|
hmac(uint8_t*, uint8_t*, size_t, const SharedSecret&);
|
2018-12-13 21:28:50 +00:00
|
|
|
/// ed25519 sign
|
2023-09-27 14:09:48 +00:00
|
|
|
bool
|
|
|
|
sign(Signature&, const SecretKey&, uint8_t* buf, size_t size);
|
2023-10-06 15:34:50 +00:00
|
|
|
/// ed25519 sign, using pointers
|
|
|
|
bool
|
|
|
|
sign(uint8_t* sig, uint8_t* sk, uint8_t* buf, size_t size);
|
|
|
|
bool
|
|
|
|
sign(uint8_t* sig, const SecretKey& sk, ustring_view buf);
|
2020-01-31 04:27:13 +00:00
|
|
|
/// ed25519 sign (custom with derived keys)
|
2023-09-27 14:09:48 +00:00
|
|
|
bool
|
|
|
|
sign(Signature&, const PrivateKey&, uint8_t* buf, size_t size);
|
2018-12-13 21:28:50 +00:00
|
|
|
/// ed25519 verify
|
2023-09-27 14:09:48 +00:00
|
|
|
bool
|
2023-10-31 20:49:01 +00:00
|
|
|
verify(const PubKey&, ustring_view, ustring_view);
|
|
|
|
bool
|
2023-09-27 14:09:48 +00:00
|
|
|
verify(const PubKey&, uint8_t*, size_t, const Signature&);
|
2023-11-02 12:30:38 +00:00
|
|
|
bool verify(ustring_view, ustring_view, ustring_view);
|
2023-09-27 14:09:48 +00:00
|
|
|
bool
|
|
|
|
verify(uint8_t*, uint8_t*, size_t, uint8_t*);
|
|
|
|
|
|
|
|
/// derive sub keys for public keys. hash is really only intended for
|
|
|
|
/// testing ands key_n if given.
|
|
|
|
bool
|
|
|
|
derive_subkey(
|
|
|
|
PubKey& derived,
|
|
|
|
const PubKey& root,
|
|
|
|
uint64_t key_n,
|
|
|
|
const AlignedBuffer<32>* hash = nullptr);
|
|
|
|
|
|
|
|
/// derive sub keys for private keys. hash is really only intended for
|
|
|
|
/// testing ands key_n if given.
|
|
|
|
bool
|
2020-04-07 18:38:56 +00:00
|
|
|
derive_subkey_private(
|
2023-09-27 14:09:48 +00:00
|
|
|
PrivateKey& derived,
|
|
|
|
const SecretKey& root,
|
|
|
|
uint64_t key_n,
|
|
|
|
const AlignedBuffer<32>* hash = nullptr);
|
2020-01-27 21:30:41 +00:00
|
|
|
|
2018-12-13 21:28:50 +00:00
|
|
|
/// randomize buffer
|
2023-09-27 14:09:48 +00:00
|
|
|
void
|
2023-10-17 15:42:27 +00:00
|
|
|
randomize(uint8_t* buf, size_t len);
|
2018-12-13 21:28:50 +00:00
|
|
|
/// randomizer memory
|
2023-09-27 14:09:48 +00:00
|
|
|
void
|
|
|
|
randbytes(byte_t*, size_t);
|
2018-12-13 21:28:50 +00:00
|
|
|
/// generate signing keypair
|
2023-09-27 14:09:48 +00:00
|
|
|
void
|
|
|
|
identity_keygen(SecretKey&);
|
2018-12-13 21:28:50 +00:00
|
|
|
/// generate encryption keypair
|
2023-09-27 14:09:48 +00:00
|
|
|
void
|
|
|
|
encryption_keygen(SecretKey&);
|
2018-12-13 21:28:50 +00:00
|
|
|
/// generate post quantum encrytion key
|
2023-09-27 14:09:48 +00:00
|
|
|
void
|
|
|
|
pqe_keygen(PQKeyPair&);
|
2018-12-13 21:28:50 +00:00
|
|
|
/// post quantum decrypt (buffer, sharedkey_dst, sec)
|
2023-09-27 14:09:48 +00:00
|
|
|
bool
|
|
|
|
pqe_decrypt(const PQCipherBlock&, SharedSecret&, const byte_t*);
|
2018-12-13 21:28:50 +00:00
|
|
|
/// post quantum encrypt (buffer, sharedkey_dst, pub)
|
2023-09-27 14:09:48 +00:00
|
|
|
bool
|
|
|
|
pqe_encrypt(PQCipherBlock&, SharedSecret&, const PQPubKey&);
|
2019-11-27 01:40:55 +00:00
|
|
|
|
2023-09-27 14:09:48 +00:00
|
|
|
bool
|
|
|
|
check_identity_privkey(const SecretKey&);
|
2022-04-01 16:52:25 +00:00
|
|
|
|
2023-09-27 14:09:48 +00:00
|
|
|
bool
|
|
|
|
check_passwd_hash(std::string pwhash, std::string challenge);
|
2023-10-23 22:58:58 +00:00
|
|
|
}; // namespace crypto
|
2018-12-13 21:28:50 +00:00
|
|
|
|
|
|
|
/// return random 64bit unsigned interger
|
|
|
|
uint64_t
|
|
|
|
randint();
|
|
|
|
|
2020-04-07 18:38:56 +00:00
|
|
|
const byte_t*
|
2023-10-31 20:49:01 +00:00
|
|
|
seckey_to_pubkey(const SecretKey& secret);
|
2018-12-13 21:28:50 +00:00
|
|
|
|
2020-04-07 18:38:56 +00:00
|
|
|
const byte_t*
|
2023-10-31 20:49:01 +00:00
|
|
|
pq_keypair_to_pubkey(const PQKeyPair& keypair);
|
2018-12-13 21:28:50 +00:00
|
|
|
|
2020-04-07 18:38:56 +00:00
|
|
|
const byte_t*
|
2023-10-31 20:49:01 +00:00
|
|
|
pq_keypair_to_seckey(const PQKeyPair& keypair);
|
2018-12-12 00:38:58 +00:00
|
|
|
|
2021-02-25 19:42:49 +00:00
|
|
|
/// rng type that uses llarp::randint(), which is cryptographically secure
|
|
|
|
struct CSRNG
|
|
|
|
{
|
|
|
|
using result_type = uint64_t;
|
|
|
|
|
|
|
|
static constexpr uint64_t
|
|
|
|
min()
|
|
|
|
{
|
|
|
|
return std::numeric_limits<uint64_t>::min();
|
2023-10-19 23:09:22 +00:00
|
|
|
}
|
2021-02-25 19:42:49 +00:00
|
|
|
|
|
|
|
static constexpr uint64_t
|
|
|
|
max()
|
|
|
|
{
|
|
|
|
return std::numeric_limits<uint64_t>::max();
|
2023-10-19 23:09:22 +00:00
|
|
|
}
|
2021-02-25 19:42:49 +00:00
|
|
|
|
|
|
|
uint64_t
|
|
|
|
operator()()
|
|
|
|
{
|
|
|
|
return llarp::randint();
|
2023-10-19 23:09:22 +00:00
|
|
|
}
|
2021-02-25 19:42:49 +00:00
|
|
|
};
|
|
|
|
|
2023-10-19 23:09:22 +00:00
|
|
|
extern CSRNG csrng;
|
|
|
|
|
2018-12-12 00:38:58 +00:00
|
|
|
} // namespace llarp
|