diff options
Diffstat (limited to 'nacl/crypto_auth')
-rw-r--r-- | nacl/crypto_auth/hmacsha256/checksum | 1 | ||||
-rw-r--r-- | nacl/crypto_auth/hmacsha256/ref/api.h | 2 | ||||
-rw-r--r-- | nacl/crypto_auth/hmacsha256/ref/hmac.c | 83 | ||||
-rw-r--r-- | nacl/crypto_auth/hmacsha256/ref/verify.c | 9 | ||||
-rw-r--r-- | nacl/crypto_auth/hmacsha256/used | 0 | ||||
-rw-r--r-- | nacl/crypto_auth/hmacsha512256/checksum | 1 | ||||
-rw-r--r-- | nacl/crypto_auth/hmacsha512256/ref/api.h | 2 | ||||
-rw-r--r-- | nacl/crypto_auth/hmacsha512256/ref/hmac.c | 86 | ||||
-rw-r--r-- | nacl/crypto_auth/hmacsha512256/ref/verify.c | 9 | ||||
-rw-r--r-- | nacl/crypto_auth/hmacsha512256/selected | 0 | ||||
-rw-r--r-- | nacl/crypto_auth/hmacsha512256/used | 0 | ||||
-rw-r--r-- | nacl/crypto_auth/measure.c | 69 | ||||
-rw-r--r-- | nacl/crypto_auth/try.c | 119 | ||||
-rw-r--r-- | nacl/crypto_auth/wrapper-auth.cpp | 11 | ||||
-rw-r--r-- | nacl/crypto_auth/wrapper-verify.cpp | 14 |
15 files changed, 406 insertions, 0 deletions
diff --git a/nacl/crypto_auth/hmacsha256/checksum b/nacl/crypto_auth/hmacsha256/checksum new file mode 100644 index 00000000..2fa9604b --- /dev/null +++ b/nacl/crypto_auth/hmacsha256/checksum | |||
@@ -0,0 +1 @@ | |||
3bd7abd4f4dce04396f2ac7cb1cff70607f692411c49a1563b037d31e1662632 | |||
diff --git a/nacl/crypto_auth/hmacsha256/ref/api.h b/nacl/crypto_auth/hmacsha256/ref/api.h new file mode 100644 index 00000000..c224d9d5 --- /dev/null +++ b/nacl/crypto_auth/hmacsha256/ref/api.h | |||
@@ -0,0 +1,2 @@ | |||
1 | #define CRYPTO_BYTES 32 | ||
2 | #define CRYPTO_KEYBYTES 32 | ||
diff --git a/nacl/crypto_auth/hmacsha256/ref/hmac.c b/nacl/crypto_auth/hmacsha256/ref/hmac.c new file mode 100644 index 00000000..8ab30bb4 --- /dev/null +++ b/nacl/crypto_auth/hmacsha256/ref/hmac.c | |||
@@ -0,0 +1,83 @@ | |||
1 | /* | ||
2 | * 20080913 | ||
3 | * D. J. Bernstein | ||
4 | * Public domain. | ||
5 | * */ | ||
6 | |||
7 | #include "crypto_hashblocks_sha256.h" | ||
8 | #include "crypto_auth.h" | ||
9 | |||
10 | #define blocks crypto_hashblocks_sha256 | ||
11 | |||
12 | typedef unsigned int uint32; | ||
13 | |||
14 | static const char iv[32] = { | ||
15 | 0x6a,0x09,0xe6,0x67, | ||
16 | 0xbb,0x67,0xae,0x85, | ||
17 | 0x3c,0x6e,0xf3,0x72, | ||
18 | 0xa5,0x4f,0xf5,0x3a, | ||
19 | 0x51,0x0e,0x52,0x7f, | ||
20 | 0x9b,0x05,0x68,0x8c, | ||
21 | 0x1f,0x83,0xd9,0xab, | ||
22 | 0x5b,0xe0,0xcd,0x19, | ||
23 | } ; | ||
24 | |||
25 | int crypto_auth(unsigned char *out,const unsigned char *in,unsigned long long inlen,const unsigned char *k) | ||
26 | { | ||
27 | unsigned char h[32]; | ||
28 | unsigned char padded[128]; | ||
29 | int i; | ||
30 | unsigned long long bits = 512 + (inlen << 3); | ||
31 | |||
32 | for (i = 0;i < 32;++i) h[i] = iv[i]; | ||
33 | |||
34 | for (i = 0;i < 32;++i) padded[i] = k[i] ^ 0x36; | ||
35 | for (i = 32;i < 64;++i) padded[i] = 0x36; | ||
36 | |||
37 | blocks(h,padded,64); | ||
38 | blocks(h,in,inlen); | ||
39 | in += inlen; | ||
40 | inlen &= 63; | ||
41 | in -= inlen; | ||
42 | |||
43 | for (i = 0;i < inlen;++i) padded[i] = in[i]; | ||
44 | padded[inlen] = 0x80; | ||
45 | |||
46 | if (inlen < 56) { | ||
47 | for (i = inlen + 1;i < 56;++i) padded[i] = 0; | ||
48 | padded[56] = bits >> 56; | ||
49 | padded[57] = bits >> 48; | ||
50 | padded[58] = bits >> 40; | ||
51 | padded[59] = bits >> 32; | ||
52 | padded[60] = bits >> 24; | ||
53 | padded[61] = bits >> 16; | ||
54 | padded[62] = bits >> 8; | ||
55 | padded[63] = bits; | ||
56 | blocks(h,padded,64); | ||
57 | } else { | ||
58 | for (i = inlen + 1;i < 120;++i) padded[i] = 0; | ||
59 | padded[120] = bits >> 56; | ||
60 | padded[121] = bits >> 48; | ||
61 | padded[122] = bits >> 40; | ||
62 | padded[123] = bits >> 32; | ||
63 | padded[124] = bits >> 24; | ||
64 | padded[125] = bits >> 16; | ||
65 | padded[126] = bits >> 8; | ||
66 | padded[127] = bits; | ||
67 | blocks(h,padded,128); | ||
68 | } | ||
69 | |||
70 | for (i = 0;i < 32;++i) padded[i] = k[i] ^ 0x5c; | ||
71 | for (i = 32;i < 64;++i) padded[i] = 0x5c; | ||
72 | for (i = 0;i < 32;++i) padded[64 + i] = h[i]; | ||
73 | |||
74 | for (i = 0;i < 32;++i) out[i] = iv[i]; | ||
75 | |||
76 | for (i = 32;i < 64;++i) padded[64 + i] = 0; | ||
77 | padded[64 + 32] = 0x80; | ||
78 | padded[64 + 62] = 3; | ||
79 | |||
80 | blocks(out,padded,128); | ||
81 | |||
82 | return 0; | ||
83 | } | ||
diff --git a/nacl/crypto_auth/hmacsha256/ref/verify.c b/nacl/crypto_auth/hmacsha256/ref/verify.c new file mode 100644 index 00000000..96ff0ea8 --- /dev/null +++ b/nacl/crypto_auth/hmacsha256/ref/verify.c | |||
@@ -0,0 +1,9 @@ | |||
1 | #include "crypto_verify_32.h" | ||
2 | #include "crypto_auth.h" | ||
3 | |||
4 | int crypto_auth_verify(const unsigned char *h,const unsigned char *in,unsigned long long inlen,const unsigned char *k) | ||
5 | { | ||
6 | unsigned char correct[32]; | ||
7 | crypto_auth(correct,in,inlen,k); | ||
8 | return crypto_verify_32(h,correct); | ||
9 | } | ||
diff --git a/nacl/crypto_auth/hmacsha256/used b/nacl/crypto_auth/hmacsha256/used new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/nacl/crypto_auth/hmacsha256/used | |||
diff --git a/nacl/crypto_auth/hmacsha512256/checksum b/nacl/crypto_auth/hmacsha512256/checksum new file mode 100644 index 00000000..1c037f2d --- /dev/null +++ b/nacl/crypto_auth/hmacsha512256/checksum | |||
@@ -0,0 +1 @@ | |||
2f5e8a6a0cac012d8d001351d7d583e69f91390df46305c3608e0c2893491886 | |||
diff --git a/nacl/crypto_auth/hmacsha512256/ref/api.h b/nacl/crypto_auth/hmacsha512256/ref/api.h new file mode 100644 index 00000000..c224d9d5 --- /dev/null +++ b/nacl/crypto_auth/hmacsha512256/ref/api.h | |||
@@ -0,0 +1,2 @@ | |||
1 | #define CRYPTO_BYTES 32 | ||
2 | #define CRYPTO_KEYBYTES 32 | ||
diff --git a/nacl/crypto_auth/hmacsha512256/ref/hmac.c b/nacl/crypto_auth/hmacsha512256/ref/hmac.c new file mode 100644 index 00000000..56ebfa6b --- /dev/null +++ b/nacl/crypto_auth/hmacsha512256/ref/hmac.c | |||
@@ -0,0 +1,86 @@ | |||
1 | /* | ||
2 | * 20080913 | ||
3 | * D. J. Bernstein | ||
4 | * Public domain. | ||
5 | * */ | ||
6 | |||
7 | #include "crypto_hashblocks_sha512.h" | ||
8 | #include "crypto_auth.h" | ||
9 | |||
10 | #define blocks crypto_hashblocks_sha512 | ||
11 | |||
12 | typedef unsigned long long uint64; | ||
13 | |||
14 | static const unsigned char iv[64] = { | ||
15 | 0x6a,0x09,0xe6,0x67,0xf3,0xbc,0xc9,0x08, | ||
16 | 0xbb,0x67,0xae,0x85,0x84,0xca,0xa7,0x3b, | ||
17 | 0x3c,0x6e,0xf3,0x72,0xfe,0x94,0xf8,0x2b, | ||
18 | 0xa5,0x4f,0xf5,0x3a,0x5f,0x1d,0x36,0xf1, | ||
19 | 0x51,0x0e,0x52,0x7f,0xad,0xe6,0x82,0xd1, | ||
20 | 0x9b,0x05,0x68,0x8c,0x2b,0x3e,0x6c,0x1f, | ||
21 | 0x1f,0x83,0xd9,0xab,0xfb,0x41,0xbd,0x6b, | ||
22 | 0x5b,0xe0,0xcd,0x19,0x13,0x7e,0x21,0x79 | ||
23 | } ; | ||
24 | |||
25 | int crypto_auth(unsigned char *out,const unsigned char *in,unsigned long long inlen,const unsigned char *k) | ||
26 | { | ||
27 | unsigned char h[64]; | ||
28 | unsigned char padded[256]; | ||
29 | int i; | ||
30 | unsigned long long bytes = 128 + inlen; | ||
31 | |||
32 | for (i = 0;i < 64;++i) h[i] = iv[i]; | ||
33 | |||
34 | for (i = 0;i < 32;++i) padded[i] = k[i] ^ 0x36; | ||
35 | for (i = 32;i < 128;++i) padded[i] = 0x36; | ||
36 | |||
37 | blocks(h,padded,128); | ||
38 | blocks(h,in,inlen); | ||
39 | in += inlen; | ||
40 | inlen &= 127; | ||
41 | in -= inlen; | ||
42 | |||
43 | for (i = 0;i < inlen;++i) padded[i] = in[i]; | ||
44 | padded[inlen] = 0x80; | ||
45 | |||
46 | if (inlen < 112) { | ||
47 | for (i = inlen + 1;i < 119;++i) padded[i] = 0; | ||
48 | padded[119] = bytes >> 61; | ||
49 | padded[120] = bytes >> 53; | ||
50 | padded[121] = bytes >> 45; | ||
51 | padded[122] = bytes >> 37; | ||
52 | padded[123] = bytes >> 29; | ||
53 | padded[124] = bytes >> 21; | ||
54 | padded[125] = bytes >> 13; | ||
55 | padded[126] = bytes >> 5; | ||
56 | padded[127] = bytes << 3; | ||
57 | blocks(h,padded,128); | ||
58 | } else { | ||
59 | for (i = inlen + 1;i < 247;++i) padded[i] = 0; | ||
60 | padded[247] = bytes >> 61; | ||
61 | padded[248] = bytes >> 53; | ||
62 | padded[249] = bytes >> 45; | ||
63 | padded[250] = bytes >> 37; | ||
64 | padded[251] = bytes >> 29; | ||
65 | padded[252] = bytes >> 21; | ||
66 | padded[253] = bytes >> 13; | ||
67 | padded[254] = bytes >> 5; | ||
68 | padded[255] = bytes << 3; | ||
69 | blocks(h,padded,256); | ||
70 | } | ||
71 | |||
72 | for (i = 0;i < 32;++i) padded[i] = k[i] ^ 0x5c; | ||
73 | for (i = 32;i < 128;++i) padded[i] = 0x5c; | ||
74 | |||
75 | for (i = 0;i < 64;++i) padded[128 + i] = h[i]; | ||
76 | for (i = 0;i < 64;++i) h[i] = iv[i]; | ||
77 | |||
78 | for (i = 64;i < 128;++i) padded[128 + i] = 0; | ||
79 | padded[128 + 64] = 0x80; | ||
80 | padded[128 + 126] = 6; | ||
81 | |||
82 | blocks(h,padded,256); | ||
83 | for (i = 0;i < 32;++i) out[i] = h[i]; | ||
84 | |||
85 | return 0; | ||
86 | } | ||
diff --git a/nacl/crypto_auth/hmacsha512256/ref/verify.c b/nacl/crypto_auth/hmacsha512256/ref/verify.c new file mode 100644 index 00000000..96ff0ea8 --- /dev/null +++ b/nacl/crypto_auth/hmacsha512256/ref/verify.c | |||
@@ -0,0 +1,9 @@ | |||
1 | #include "crypto_verify_32.h" | ||
2 | #include "crypto_auth.h" | ||
3 | |||
4 | int crypto_auth_verify(const unsigned char *h,const unsigned char *in,unsigned long long inlen,const unsigned char *k) | ||
5 | { | ||
6 | unsigned char correct[32]; | ||
7 | crypto_auth(correct,in,inlen,k); | ||
8 | return crypto_verify_32(h,correct); | ||
9 | } | ||
diff --git a/nacl/crypto_auth/hmacsha512256/selected b/nacl/crypto_auth/hmacsha512256/selected new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/nacl/crypto_auth/hmacsha512256/selected | |||
diff --git a/nacl/crypto_auth/hmacsha512256/used b/nacl/crypto_auth/hmacsha512256/used new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/nacl/crypto_auth/hmacsha512256/used | |||
diff --git a/nacl/crypto_auth/measure.c b/nacl/crypto_auth/measure.c new file mode 100644 index 00000000..e5209903 --- /dev/null +++ b/nacl/crypto_auth/measure.c | |||
@@ -0,0 +1,69 @@ | |||
1 | #include "crypto_auth.h" | ||
2 | #include "randombytes.h" | ||
3 | #include "cpucycles.h" | ||
4 | |||
5 | extern void printentry(long long,const char *,long long *,long long); | ||
6 | extern unsigned char *alignedcalloc(unsigned long long); | ||
7 | extern const char *primitiveimplementation; | ||
8 | extern const char *implementationversion; | ||
9 | extern const char *sizenames[]; | ||
10 | extern const long long sizes[]; | ||
11 | extern void allocate(void); | ||
12 | extern void measure(void); | ||
13 | |||
14 | const char *primitiveimplementation = crypto_auth_IMPLEMENTATION; | ||
15 | const char *implementationversion = crypto_auth_VERSION; | ||
16 | const char *sizenames[] = { "outputbytes", "keybytes", 0 }; | ||
17 | const long long sizes[] = { crypto_auth_BYTES, crypto_auth_KEYBYTES }; | ||
18 | |||
19 | #define MAXTEST_BYTES 4096 | ||
20 | #ifdef SUPERCOP | ||
21 | #define MGAP 8192 | ||
22 | #else | ||
23 | #define MGAP 8 | ||
24 | #endif | ||
25 | |||
26 | static unsigned char *k; | ||
27 | static unsigned char *m; | ||
28 | static unsigned char *h; | ||
29 | |||
30 | void preallocate(void) | ||
31 | { | ||
32 | } | ||
33 | |||
34 | void allocate(void) | ||
35 | { | ||
36 | k = alignedcalloc(crypto_auth_KEYBYTES); | ||
37 | m = alignedcalloc(MAXTEST_BYTES); | ||
38 | h = alignedcalloc(crypto_auth_BYTES); | ||
39 | } | ||
40 | |||
41 | #define TIMINGS 15 | ||
42 | static long long cycles[TIMINGS + 1]; | ||
43 | |||
44 | void measure(void) | ||
45 | { | ||
46 | int i; | ||
47 | int loop; | ||
48 | int mlen; | ||
49 | |||
50 | for (loop = 0;loop < LOOPS;++loop) { | ||
51 | for (mlen = 0;mlen <= MAXTEST_BYTES;mlen += 1 + mlen / MGAP) { | ||
52 | randombytes(k,crypto_auth_KEYBYTES); | ||
53 | randombytes(m,mlen); | ||
54 | randombytes(h,crypto_auth_BYTES); | ||
55 | for (i = 0;i <= TIMINGS;++i) { | ||
56 | cycles[i] = cpucycles(); | ||
57 | crypto_auth(h,m,mlen,k); | ||
58 | } | ||
59 | for (i = 0;i < TIMINGS;++i) cycles[i] = cycles[i + 1] - cycles[i]; | ||
60 | printentry(mlen,"cycles",cycles,TIMINGS); | ||
61 | for (i = 0;i <= TIMINGS;++i) { | ||
62 | cycles[i] = cpucycles(); | ||
63 | crypto_auth_verify(h,m,mlen,k); | ||
64 | } | ||
65 | for (i = 0;i < TIMINGS;++i) cycles[i] = cycles[i + 1] - cycles[i]; | ||
66 | printentry(mlen,"verify_cycles",cycles,TIMINGS); | ||
67 | } | ||
68 | } | ||
69 | } | ||
diff --git a/nacl/crypto_auth/try.c b/nacl/crypto_auth/try.c new file mode 100644 index 00000000..6f855dc9 --- /dev/null +++ b/nacl/crypto_auth/try.c | |||
@@ -0,0 +1,119 @@ | |||
1 | /* | ||
2 | * crypto_auth/try.c version 20090118 | ||
3 | * D. J. Bernstein | ||
4 | * Public domain. | ||
5 | */ | ||
6 | |||
7 | #include "crypto_hash_sha256.h" | ||
8 | #include "crypto_auth.h" | ||
9 | |||
10 | extern unsigned char *alignedcalloc(unsigned long long); | ||
11 | |||
12 | const char *primitiveimplementation = crypto_auth_IMPLEMENTATION; | ||
13 | |||
14 | #define MAXTEST_BYTES 10000 | ||
15 | #define CHECKSUM_BYTES 4096 | ||
16 | #define TUNE_BYTES 1536 | ||
17 | |||
18 | static unsigned char *h; | ||
19 | static unsigned char *m; | ||
20 | static unsigned char *k; | ||
21 | static unsigned char *h2; | ||
22 | static unsigned char *m2; | ||
23 | static unsigned char *k2; | ||
24 | |||
25 | void preallocate(void) | ||
26 | { | ||
27 | } | ||
28 | |||
29 | void allocate(void) | ||
30 | { | ||
31 | h = alignedcalloc(crypto_auth_BYTES); | ||
32 | m = alignedcalloc(MAXTEST_BYTES); | ||
33 | k = alignedcalloc(crypto_auth_KEYBYTES); | ||
34 | h2 = alignedcalloc(crypto_auth_BYTES); | ||
35 | m2 = alignedcalloc(MAXTEST_BYTES + crypto_auth_BYTES); | ||
36 | k2 = alignedcalloc(crypto_auth_KEYBYTES + crypto_auth_BYTES); | ||
37 | } | ||
38 | |||
39 | void predoit(void) | ||
40 | { | ||
41 | } | ||
42 | |||
43 | void doit(void) | ||
44 | { | ||
45 | crypto_auth(h,m,TUNE_BYTES,k); | ||
46 | crypto_auth_verify(h,m,TUNE_BYTES,k); | ||
47 | } | ||
48 | |||
49 | char checksum[crypto_auth_BYTES * 2 + 1]; | ||
50 | |||
51 | const char *checksum_compute(void) | ||
52 | { | ||
53 | long long i; | ||
54 | long long j; | ||
55 | |||
56 | for (i = 0;i < CHECKSUM_BYTES;++i) { | ||
57 | long long mlen = i; | ||
58 | long long klen = crypto_auth_KEYBYTES; | ||
59 | long long hlen = crypto_auth_BYTES; | ||
60 | |||
61 | for (j = -16;j < 0;++j) h[j] = random(); | ||
62 | for (j = -16;j < 0;++j) k[j] = random(); | ||
63 | for (j = -16;j < 0;++j) m[j] = random(); | ||
64 | for (j = hlen;j < hlen + 16;++j) h[j] = random(); | ||
65 | for (j = klen;j < klen + 16;++j) k[j] = random(); | ||
66 | for (j = mlen;j < mlen + 16;++j) m[j] = random(); | ||
67 | for (j = -16;j < hlen + 16;++j) h2[j] = h[j]; | ||
68 | for (j = -16;j < klen + 16;++j) k2[j] = k[j]; | ||
69 | for (j = -16;j < mlen + 16;++j) m2[j] = m[j]; | ||
70 | |||
71 | if (crypto_auth(h,m,mlen,k) != 0) return "crypto_auth returns nonzero"; | ||
72 | |||
73 | for (j = -16;j < klen + 16;++j) if (k[j] != k2[j]) return "crypto_auth overwrites k"; | ||
74 | for (j = -16;j < mlen + 16;++j) if (m[j] != m2[j]) return "crypto_auth overwrites m"; | ||
75 | for (j = -16;j < 0;++j) if (h[j] != h2[j]) return "crypto_auth writes before output"; | ||
76 | for (j = hlen;j < hlen + 16;++j) if (h[j] != h2[j]) return "crypto_auth writes after output"; | ||
77 | |||
78 | for (j = -16;j < 0;++j) h[j] = random(); | ||
79 | for (j = -16;j < 0;++j) k[j] = random(); | ||
80 | for (j = -16;j < 0;++j) m[j] = random(); | ||
81 | for (j = hlen;j < hlen + 16;++j) h[j] = random(); | ||
82 | for (j = klen;j < klen + 16;++j) k[j] = random(); | ||
83 | for (j = mlen;j < mlen + 16;++j) m[j] = random(); | ||
84 | for (j = -16;j < hlen + 16;++j) h2[j] = h[j]; | ||
85 | for (j = -16;j < klen + 16;++j) k2[j] = k[j]; | ||
86 | for (j = -16;j < mlen + 16;++j) m2[j] = m[j]; | ||
87 | |||
88 | if (crypto_auth(m2,m2,mlen,k) != 0) return "crypto_auth returns nonzero"; | ||
89 | for (j = 0;j < hlen;++j) if (m2[j] != h[j]) return "crypto_auth does not handle m overlap"; | ||
90 | for (j = 0;j < hlen;++j) m2[j] = m[j]; | ||
91 | if (crypto_auth(k2,m2,mlen,k2) != 0) return "crypto_auth returns nonzero"; | ||
92 | for (j = 0;j < hlen;++j) if (k2[j] != h[j]) return "crypto_auth does not handle k overlap"; | ||
93 | for (j = 0;j < hlen;++j) k2[j] = k[j]; | ||
94 | |||
95 | if (crypto_auth_verify(h,m,mlen,k) != 0) return "crypto_auth_verify returns nonzero"; | ||
96 | |||
97 | for (j = -16;j < hlen + 16;++j) if (h[j] != h2[j]) return "crypto_auth overwrites h"; | ||
98 | for (j = -16;j < klen + 16;++j) if (k[j] != k2[j]) return "crypto_auth overwrites k"; | ||
99 | for (j = -16;j < mlen + 16;++j) if (m[j] != m2[j]) return "crypto_auth overwrites m"; | ||
100 | |||
101 | crypto_hash_sha256(h2,h,hlen); | ||
102 | for (j = 0;j < klen;++j) k[j] ^= h2[j % 32]; | ||
103 | if (crypto_auth(h,m,mlen,k) != 0) return "crypto_auth returns nonzero"; | ||
104 | if (crypto_auth_verify(h,m,mlen,k) != 0) return "crypto_auth_verify returns nonzero"; | ||
105 | |||
106 | crypto_hash_sha256(h2,h,hlen); | ||
107 | for (j = 0;j < mlen;++j) m[j] ^= h2[j % 32]; | ||
108 | m[mlen] = h2[0]; | ||
109 | } | ||
110 | if (crypto_auth(h,m,CHECKSUM_BYTES,k) != 0) return "crypto_auth returns nonzero"; | ||
111 | if (crypto_auth_verify(h,m,CHECKSUM_BYTES,k) != 0) return "crypto_auth_verify returns nonzero"; | ||
112 | |||
113 | for (i = 0;i < crypto_auth_BYTES;++i) { | ||
114 | checksum[2 * i] = "0123456789abcdef"[15 & (h[i] >> 4)]; | ||
115 | checksum[2 * i + 1] = "0123456789abcdef"[15 & h[i]]; | ||
116 | } | ||
117 | checksum[2 * i] = 0; | ||
118 | return 0; | ||
119 | } | ||
diff --git a/nacl/crypto_auth/wrapper-auth.cpp b/nacl/crypto_auth/wrapper-auth.cpp new file mode 100644 index 00000000..2108aa31 --- /dev/null +++ b/nacl/crypto_auth/wrapper-auth.cpp | |||
@@ -0,0 +1,11 @@ | |||
1 | #include <string> | ||
2 | using std::string; | ||
3 | #include "crypto_auth.h" | ||
4 | |||
5 | string crypto_auth(const string &m,const string &k) | ||
6 | { | ||
7 | if (k.size() != crypto_auth_KEYBYTES) throw "incorrect key length"; | ||
8 | unsigned char a[crypto_auth_BYTES]; | ||
9 | crypto_auth(a,(const unsigned char *) m.c_str(),m.size(),(const unsigned char *) k.c_str()); | ||
10 | return string((char *) a,crypto_auth_BYTES); | ||
11 | } | ||
diff --git a/nacl/crypto_auth/wrapper-verify.cpp b/nacl/crypto_auth/wrapper-verify.cpp new file mode 100644 index 00000000..57e25a26 --- /dev/null +++ b/nacl/crypto_auth/wrapper-verify.cpp | |||
@@ -0,0 +1,14 @@ | |||
1 | #include <string> | ||
2 | using std::string; | ||
3 | #include "crypto_auth.h" | ||
4 | |||
5 | void crypto_auth_verify(const string &a,const string &m,const string &k) | ||
6 | { | ||
7 | if (k.size() != crypto_auth_KEYBYTES) throw "incorrect key length"; | ||
8 | if (a.size() != crypto_auth_BYTES) throw "incorrect authenticator length"; | ||
9 | if (crypto_auth_verify( | ||
10 | (const unsigned char *) a.c_str(), | ||
11 | (const unsigned char *) m.c_str(),m.size(), | ||
12 | (const unsigned char *) k.c_str()) == 0) return; | ||
13 | throw "invalid authenticator"; | ||
14 | } | ||