@ -108,28 +108,8 @@ namespace llarp
return false ;
return false ;
}
}
Crypto : : Crypto ( )
{
if ( sodium_init ( ) = = - 1 )
{
throw std : : runtime_error ( " sodium_init() returned -1 " ) ;
}
char * avx2 = std : : getenv ( " AVX2_FORCE_DISABLE " ) ;
if ( avx2 & & std : : string ( avx2 ) = = " 1 " )
{
ntru_init ( 1 ) ;
}
else
{
ntru_init ( 0 ) ;
}
int seed = 0 ;
randombytes ( reinterpret_cast < unsigned char * > ( & seed ) , sizeof ( seed ) ) ;
srand ( seed ) ;
}
std : : optional < AlignedBuffer < 32 > >
std : : optional < AlignedBuffer < 32 > >
C rypto: : maybe_decrypt_name ( std : : string_view ciphertext , SymmNonce nounce , std : : string_view name )
crypto : : maybe_decrypt_name ( std : : string_view ciphertext , SymmNonce nounce , std : : string_view name )
{
{
const auto payloadsize = ciphertext . size ( ) - crypto_aead_xchacha20poly1305_ietf_ABYTES ;
const auto payloadsize = ciphertext . size ( ) - crypto_aead_xchacha20poly1305_ietf_ABYTES ;
if ( payloadsize ! = 32 )
if ( payloadsize ! = 32 )
@ -162,32 +142,33 @@ namespace llarp
}
}
bool
bool
C rypto: : xchacha20 ( uint8_t * buf , size_t size , const SharedSecret & k , const TunnelNonce & n )
c rypto: : xchacha20 ( uint8_t * buf , size_t size , const SharedSecret & k , const TunnelNonce & n )
{
{
return crypto_stream_ xchacha20_xor ( buf , buf , size , n . data ( ) , k . data ( ) ) = = 0 ;
return xchacha20( buf , size , n . data ( ) , k . data ( ) ) ;
}
}
bool
bool
C rypto: : xchacha20 ( uint8_t * buf , size_t size , const uint8_t * secret , const uint8_t * nonce )
c rypto: : xchacha20 ( uint8_t * buf , size_t size , const uint8_t * secret , const uint8_t * nonce )
{
{
return crypto_stream_xchacha20_xor ( buf , buf , size , nonce , secret ) = = 0 ;
return crypto_stream_xchacha20_xor ( buf , buf , size , nonce , secret ) = = 0 ;
}
}
bool
bool
C rypto: : dh_client (
c rypto: : dh_client (
llarp : : SharedSecret & shared , const PubKey & pk , const SecretKey & sk , const TunnelNonce & n )
llarp : : SharedSecret & shared , const PubKey & pk , const SecretKey & sk , const TunnelNonce & n )
{
{
return dh_client_priv ( shared , pk , sk , n ) ;
return dh_client_priv ( shared , pk , sk , n ) ;
}
}
/// path dh relay side
/// path dh relay side
bool
bool
C rypto: : dh_server (
c rypto: : dh_server (
llarp : : SharedSecret & shared , const PubKey & pk , const SecretKey & sk , const TunnelNonce & n )
llarp : : SharedSecret & shared , const PubKey & pk , const SecretKey & sk , const TunnelNonce & n )
{
{
return dh_server_priv ( shared , pk , sk , n ) ;
return dh_server_priv ( shared , pk , sk , n ) ;
}
}
bool
bool
C rypto: : dh_server (
c rypto: : dh_server (
uint8_t * shared_secret ,
uint8_t * shared_secret ,
const uint8_t * other_pk ,
const uint8_t * other_pk ,
const uint8_t * local_pk ,
const uint8_t * local_pk ,
@ -197,27 +178,27 @@ namespace llarp
}
}
/// transport dh client side
/// transport dh client side
bool
bool
C rypto: : transport_dh_client (
c rypto: : transport_dh_client (
llarp : : SharedSecret & shared , const PubKey & pk , const SecretKey & sk , const TunnelNonce & n )
llarp : : SharedSecret & shared , const PubKey & pk , const SecretKey & sk , const TunnelNonce & n )
{
{
return dh_client_priv ( shared , pk , sk , n ) ;
return dh_client_priv ( shared , pk , sk , n ) ;
}
}
/// transport dh server side
/// transport dh server side
bool
bool
C rypto: : transport_dh_server (
c rypto: : transport_dh_server (
llarp : : SharedSecret & shared , const PubKey & pk , const SecretKey & sk , const TunnelNonce & n )
llarp : : SharedSecret & shared , const PubKey & pk , const SecretKey & sk , const TunnelNonce & n )
{
{
return dh_server_priv ( shared , pk , sk , n ) ;
return dh_server_priv ( shared , pk , sk , n ) ;
}
}
bool
bool
C rypto: : shorthash ( ShortHash & result , uint8_t * buf , size_t size )
c rypto: : shorthash ( ShortHash & result , uint8_t * buf , size_t size )
{
{
return crypto_generichash_blake2b ( result . data ( ) , ShortHash : : SIZE , buf , size , nullptr , 0 ) ! = - 1 ;
return crypto_generichash_blake2b ( result . data ( ) , ShortHash : : SIZE , buf , size , nullptr , 0 ) ! = - 1 ;
}
}
bool
bool
C rypto: : hmac ( uint8_t * result , uint8_t * buf , size_t size , const SharedSecret & secret )
c rypto: : hmac ( uint8_t * result , uint8_t * buf , size_t size , const SharedSecret & secret )
{
{
return crypto_generichash_blake2b ( result , HMACSIZE , buf , size , secret . data ( ) , HMACSECSIZE )
return crypto_generichash_blake2b ( result , HMACSIZE , buf , size , secret . data ( ) , HMACSECSIZE )
! = - 1 ;
! = - 1 ;
@ -230,25 +211,25 @@ namespace llarp
}
}
bool
bool
C rypto: : sign ( Signature & sig , const SecretKey & secret , uint8_t * buf , size_t size )
c rypto: : sign ( Signature & sig , const SecretKey & secret , uint8_t * buf , size_t size )
{
{
return crypto_sign_detached ( sig . data ( ) , nullptr , buf , size , secret . data ( ) ) ! = - 1 ;
return crypto_sign_detached ( sig . data ( ) , nullptr , buf , size , secret . data ( ) ) ! = - 1 ;
}
}
bool
bool
C rypto: : sign ( uint8_t * sig , uint8_t * sk , uint8_t * buf , size_t size )
c rypto: : sign ( uint8_t * sig , uint8_t * sk , uint8_t * buf , size_t size )
{
{
return crypto_sign_detached ( sig , nullptr , buf , size , sk ) ! = - 1 ;
return crypto_sign_detached ( sig , nullptr , buf , size , sk ) ! = - 1 ;
}
}
bool
bool
C rypto: : sign ( uint8_t * sig , const SecretKey & sk , ustring_view buf )
c rypto: : sign ( uint8_t * sig , const SecretKey & sk , ustring_view buf )
{
{
return crypto_sign_detached ( sig , nullptr , buf . data ( ) , buf . size ( ) , sk . data ( ) ) ! = - 1 ;
return crypto_sign_detached ( sig , nullptr , buf . data ( ) , buf . size ( ) , sk . data ( ) ) ! = - 1 ;
}
}
bool
bool
C rypto: : sign ( Signature & sig , const PrivateKey & privkey , uint8_t * buf , size_t size )
c rypto: : sign ( Signature & sig , const PrivateKey & privkey , uint8_t * buf , size_t size )
{
{
PubKey pubkey ;
PubKey pubkey ;
@ -292,13 +273,13 @@ namespace llarp
}
}
bool
bool
C rypto: : verify ( const PubKey & pub , uint8_t * buf , size_t size , const Signature & sig )
c rypto: : verify ( const PubKey & pub , uint8_t * buf , size_t size , const Signature & sig )
{
{
return crypto_sign_verify_detached ( sig . data ( ) , buf , size , pub . data ( ) ) ! = - 1 ;
return crypto_sign_verify_detached ( sig . data ( ) , buf , size , pub . data ( ) ) ! = - 1 ;
}
}
bool
bool
C rypto: : verify ( ustring_view pub , ustring_view buf , ustring_view sig )
c rypto: : verify ( ustring_view pub , ustring_view buf , ustring_view sig )
{
{
return ( pub . size ( ) = = 32 & & sig . size ( ) = = 64 )
return ( pub . size ( ) = = 32 & & sig . size ( ) = = 64 )
? crypto_sign_verify_detached ( sig . data ( ) , buf . data ( ) , buf . size ( ) , pub . data ( ) ) ! = - 1
? crypto_sign_verify_detached ( sig . data ( ) , buf . data ( ) , buf . size ( ) , pub . data ( ) ) ! = - 1
@ -306,7 +287,7 @@ namespace llarp
}
}
bool
bool
C rypto: : verify ( uint8_t * pub , uint8_t * buf , size_t size , uint8_t * sig )
c rypto: : verify ( uint8_t * pub , uint8_t * buf , size_t size , uint8_t * sig )
{
{
return crypto_sign_verify_detached ( sig , buf , size , pub ) ! = - 1 ;
return crypto_sign_verify_detached ( sig , buf , size , pub ) ! = - 1 ;
}
}
@ -363,7 +344,7 @@ namespace llarp
static AlignedBuffer < 32 > zero ;
static AlignedBuffer < 32 > zero ;
bool
bool
C rypto: : derive_subkey (
c rypto: : derive_subkey (
PubKey & out_pubkey , const PubKey & root_pubkey , uint64_t key_n , const AlignedBuffer < 32 > * hash )
PubKey & out_pubkey , const PubKey & root_pubkey , uint64_t key_n , const AlignedBuffer < 32 > * hash )
{
{
// scalar h = H( BLIND-STRING || root_pubkey || key_n )
// scalar h = H( BLIND-STRING || root_pubkey || key_n )
@ -380,7 +361,7 @@ namespace llarp
}
}
bool
bool
C rypto: : derive_subkey_private (
c rypto: : derive_subkey_private (
PrivateKey & out_key , const SecretKey & root_key , uint64_t key_n , const AlignedBuffer < 32 > * hash )
PrivateKey & out_key , const SecretKey & root_key , uint64_t key_n , const AlignedBuffer < 32 > * hash )
{
{
// Derives a private subkey from a root key.
// Derives a private subkey from a root key.
@ -447,24 +428,24 @@ namespace llarp
}
}
bool
bool
C rypto: : seed_to_secretkey ( llarp : : SecretKey & secret , const llarp : : IdentitySecret & seed )
c rypto: : seed_to_secretkey ( llarp : : SecretKey & secret , const llarp : : IdentitySecret & seed )
{
{
return crypto_sign_ed25519_seed_keypair ( secret . data ( ) + 32 , secret . data ( ) , seed . data ( ) ) ! = - 1 ;
return crypto_sign_ed25519_seed_keypair ( secret . data ( ) + 32 , secret . data ( ) , seed . data ( ) ) ! = - 1 ;
}
}
void
void
C rypto: : randomize ( uint8_t * buf , size_t len )
c rypto: : randomize ( uint8_t * buf , size_t len )
{
{
randombytes ( buf , len ) ;
randombytes ( buf , len ) ;
}
}
void
void
C rypto: : randbytes ( byte_t * ptr , size_t sz )
c rypto: : randbytes ( byte_t * ptr , size_t sz )
{
{
randombytes ( ( unsigned char * ) ptr , sz ) ;
randombytes ( ( unsigned char * ) ptr , sz ) ;
}
}
void
void
C rypto: : identity_keygen ( llarp : : SecretKey & keys )
c rypto: : identity_keygen ( llarp : : SecretKey & keys )
{
{
PubKey pk ;
PubKey pk ;
int result = crypto_sign_keypair ( pk . data ( ) , keys . data ( ) ) ;
int result = crypto_sign_keypair ( pk . data ( ) , keys . data ( ) ) ;
@ -478,7 +459,7 @@ namespace llarp
}
}
bool
bool
C rypto: : check_identity_privkey ( const llarp : : SecretKey & keys )
c rypto: : check_identity_privkey ( const llarp : : SecretKey & keys )
{
{
AlignedBuffer < crypto_sign_SEEDBYTES > seed ;
AlignedBuffer < crypto_sign_SEEDBYTES > seed ;
llarp : : PubKey pk ;
llarp : : PubKey pk ;
@ -491,7 +472,7 @@ namespace llarp
}
}
void
void
C rypto: : encryption_keygen ( llarp : : SecretKey & keys )
c rypto: : encryption_keygen ( llarp : : SecretKey & keys )
{
{
auto d = keys . data ( ) ;
auto d = keys . data ( ) ;
randbytes ( d , 32 ) ;
randbytes ( d , 32 ) ;
@ -499,26 +480,26 @@ namespace llarp
}
}
bool
bool
C rypto: : pqe_encrypt ( PQCipherBlock & ciphertext , SharedSecret & sharedkey , const PQPubKey & pubkey )
c rypto: : pqe_encrypt ( PQCipherBlock & ciphertext , SharedSecret & sharedkey , const PQPubKey & pubkey )
{
{
return crypto_kem_enc ( ciphertext . data ( ) , sharedkey . data ( ) , pubkey . data ( ) ) ! = - 1 ;
return crypto_kem_enc ( ciphertext . data ( ) , sharedkey . data ( ) , pubkey . data ( ) ) ! = - 1 ;
}
}
bool
bool
C rypto: : pqe_decrypt (
c rypto: : pqe_decrypt (
const PQCipherBlock & ciphertext , SharedSecret & sharedkey , const byte_t * secretkey )
const PQCipherBlock & ciphertext , SharedSecret & sharedkey , const byte_t * secretkey )
{
{
return crypto_kem_dec ( sharedkey . data ( ) , ciphertext . data ( ) , secretkey ) ! = - 1 ;
return crypto_kem_dec ( sharedkey . data ( ) , ciphertext . data ( ) , secretkey ) ! = - 1 ;
}
}
void
void
C rypto: : pqe_keygen ( PQKeyPair & keypair )
c rypto: : pqe_keygen ( PQKeyPair & keypair )
{
{
auto d = keypair . data ( ) ;
auto d = keypair . data ( ) ;
crypto_kem_keypair ( d + PQ_SECRETKEYSIZE , d ) ;
crypto_kem_keypair ( d + PQ_SECRETKEYSIZE , d ) ;
}
}
bool
bool
C rypto: : check_passwd_hash ( std : : string pwhash , std : : string challenge )
c rypto: : check_passwd_hash ( std : : string pwhash , std : : string challenge )
{
{
( void ) pwhash ;
( void ) pwhash ;
( void ) challenge ;
( void ) challenge ;
@ -561,4 +542,23 @@ namespace llarp
randombytes ( ( byte_t * ) & i , sizeof ( i ) ) ;
randombytes ( ( byte_t * ) & i , sizeof ( i ) ) ;
return i ;
return i ;
}
}
// Called during static initialization to initialize libsodium and ntru. (The CSRNG return is not
// useful, but just here to get this called during static initialization of `llarp::csrng`).
static CSRNG
_initialize_crypto ( )
{
if ( sodium_init ( ) = = - 1 )
{
log : : critical ( log : : Cat ( " initialization " ) , " sodium_init() failed, unable to continue! " ) ;
std : : abort ( ) ;
}
char * avx2 = std : : getenv ( " AVX2_FORCE_DISABLE " ) ;
ntru_init ( avx2 & & avx2 = = " 1 " sv ) ;
return CSRNG { } ;
}
CSRNG csrng = _initialize_crypto ( ) ;
} // namespace llarp
} // namespace llarp