rbnacl-libsodium 1.0.3 → 1.0.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGES.md +4 -0
- data/lib/rbnacl/libsodium/version.rb +1 -1
- data/vendor/libsodium/AUTHORS +3 -0
- data/vendor/libsodium/ChangeLog +21 -0
- data/vendor/libsodium/Makefile.in +9 -0
- data/vendor/libsodium/THANKS +3 -0
- data/vendor/libsodium/aclocal.m4 +1 -0
- data/vendor/libsodium/autom4te.cache/output.1 +919 -85
- data/vendor/libsodium/autom4te.cache/output.5 +18351 -0
- data/vendor/libsodium/autom4te.cache/requests +960 -725
- data/vendor/libsodium/autom4te.cache/traces.1 +289 -247
- data/vendor/libsodium/autom4te.cache/traces.5 +3032 -0
- data/vendor/libsodium/build-aux/ltmain.sh +70 -11
- data/vendor/libsodium/builds/msvc/properties/ARM.props +20 -0
- data/vendor/libsodium/builds/msvc/properties/ReleaseDEXE.props +1 -1
- data/vendor/libsodium/builds/msvc/version.h +2 -2
- data/vendor/libsodium/builds/msvc/vs2010/libsodium/libsodium.vcxproj +3 -1
- data/vendor/libsodium/builds/msvc/vs2010/libsodium/libsodium.vcxproj.filters +13 -1
- data/vendor/libsodium/builds/msvc/vs2010/test/test.vcxproj +244 -241
- data/vendor/libsodium/builds/msvc/vs2010/test/test.vcxproj.filters +192 -189
- data/vendor/libsodium/builds/msvc/vs2012/libsodium/libsodium.vcxproj +2 -0
- data/vendor/libsodium/builds/msvc/vs2012/libsodium/libsodium.vcxproj.filters +13 -1
- data/vendor/libsodium/builds/msvc/vs2012/test/test.vcxproj +244 -241
- data/vendor/libsodium/builds/msvc/vs2012/test/test.vcxproj.filters +192 -189
- data/vendor/libsodium/builds/msvc/vs2013/libsodium/libsodium.vcxproj +3 -1
- data/vendor/libsodium/builds/msvc/vs2013/libsodium/libsodium.vcxproj.filters +13 -1
- data/vendor/libsodium/builds/msvc/vs2013/test/test.vcxproj +244 -241
- data/vendor/libsodium/builds/msvc/vs2013/test/test.vcxproj.filters +192 -189
- data/vendor/libsodium/builds/msvc/vs2015/libsodium/libsodium.vcxproj +3 -1
- data/vendor/libsodium/builds/msvc/vs2015/libsodium/libsodium.vcxproj.filters +13 -1
- data/vendor/libsodium/builds/msvc/vs2015/test/test.vcxproj +244 -241
- data/vendor/libsodium/builds/msvc/vs2015/test/test.vcxproj.filters +192 -189
- data/vendor/libsodium/configure +918 -84
- data/vendor/libsodium/configure.ac +89 -15
- data/vendor/libsodium/dist-build/Makefile.am +6 -2
- data/vendor/libsodium/dist-build/Makefile.in +15 -2
- data/vendor/libsodium/dist-build/android-armv8-a.sh +4 -0
- data/vendor/libsodium/dist-build/android-build.sh +9 -9
- data/vendor/libsodium/dist-build/android-mips64.sh +4 -0
- data/vendor/libsodium/dist-build/android-x86-64.sh +4 -0
- data/vendor/libsodium/dist-build/emscripten.sh +3 -3
- data/vendor/libsodium/dist-build/ios.sh +5 -5
- data/vendor/libsodium/dist-build/nativeclient.sh +28 -0
- data/vendor/libsodium/examples/Makefile +21 -0
- data/vendor/libsodium/examples/auth.c +68 -0
- data/vendor/libsodium/examples/box.c +133 -0
- data/vendor/libsodium/examples/box_detached.c +132 -0
- data/vendor/libsodium/examples/generichash.c +80 -0
- data/vendor/libsodium/examples/generichash_stream.c +58 -0
- data/vendor/libsodium/examples/shorthash.c +58 -0
- data/vendor/libsodium/examples/sign.c +78 -0
- data/vendor/libsodium/examples/utils.h +106 -0
- data/vendor/libsodium/libsodium-uninstalled.pc.in +1 -1
- data/vendor/libsodium/libsodium.vcxproj +2 -0
- data/vendor/libsodium/libsodium.vcxproj.filters +6 -0
- data/vendor/libsodium/m4/ax_check_compile_flag.m4 +2 -2
- data/vendor/libsodium/m4/ax_check_define.m4 +92 -0
- data/vendor/libsodium/m4/ax_check_link_flag.m4 +3 -2
- data/vendor/libsodium/m4/libtool.m4 +111 -60
- data/vendor/libsodium/m4/ltoptions.m4 +1 -1
- data/vendor/libsodium/m4/ltsugar.m4 +1 -1
- data/vendor/libsodium/m4/ltversion.m4 +6 -6
- data/vendor/libsodium/m4/lt~obsolete.m4 +1 -1
- data/vendor/libsodium/msvc-scripts/Makefile.in +9 -0
- data/vendor/libsodium/msvc-scripts/process.bat +2 -2
- data/vendor/libsodium/src/Makefile.in +9 -0
- data/vendor/libsodium/src/libsodium/Makefile.am +27 -3
- data/vendor/libsodium/src/libsodium/Makefile.in +170 -63
- data/vendor/libsodium/src/libsodium/crypto_aead/aes256gcm/aesni/aead_aes256gcm_aesni.c +852 -0
- data/vendor/libsodium/src/libsodium/crypto_aead/chacha20poly1305/sodium/aead_chacha20poly1305.c +137 -17
- data/vendor/libsodium/src/libsodium/crypto_auth/hmacsha256/cp/hmac_hmacsha256.c +1 -0
- data/vendor/libsodium/src/libsodium/crypto_auth/hmacsha512/cp/hmac_hmacsha512.c +1 -0
- data/vendor/libsodium/src/libsodium/crypto_generichash/blake2/ref/blake2b-ref.c +10 -6
- data/vendor/libsodium/src/libsodium/crypto_generichash/crypto_generichash.c +1 -1
- data/vendor/libsodium/src/libsodium/crypto_hash/sha256/cp/hash_sha256.c +29 -23
- data/vendor/libsodium/src/libsodium/crypto_hash/sha512/cp/hash_sha512.c +9 -10
- data/vendor/libsodium/src/libsodium/crypto_pwhash/scryptsalsa208sha256/crypto_scrypt-common.c +4 -2
- data/vendor/libsodium/src/libsodium/crypto_pwhash/scryptsalsa208sha256/crypto_scrypt.h +1 -0
- data/vendor/libsodium/src/libsodium/crypto_pwhash/scryptsalsa208sha256/nosse/pwhash_scryptsalsa208sha256_nosse.c +4 -0
- data/vendor/libsodium/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pbkdf2-sha256.c +3 -0
- data/vendor/libsodium/src/libsodium/crypto_pwhash/scryptsalsa208sha256/sse/pwhash_scryptsalsa208sha256_sse.c +2 -1
- data/vendor/libsodium/src/libsodium/crypto_scalarmult/curve25519/ref10/fe_frombytes_curve25519_ref10.c +10 -10
- data/vendor/libsodium/src/libsodium/crypto_stream/chacha20/ref/api.h +10 -0
- data/vendor/libsodium/src/libsodium/crypto_stream/chacha20/ref/stream_chacha20_ref.c +51 -0
- data/vendor/libsodium/src/libsodium/crypto_stream/chacha20/stream_chacha20_api.c +29 -0
- data/vendor/libsodium/src/libsodium/include/Makefile.am +6 -0
- data/vendor/libsodium/src/libsodium/include/Makefile.in +67 -40
- data/vendor/libsodium/src/libsodium/include/sodium.h +4 -0
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_aead_aes256gcm.h +88 -0
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_aead_chacha20poly1305.h +28 -2
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_generichash_blake2b.h +0 -6
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_hash_sha256.h +1 -1
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_stream_chacha20.h +23 -0
- data/vendor/libsodium/src/libsodium/include/sodium/export.h +8 -0
- data/vendor/libsodium/src/libsodium/include/sodium/randombytes_nativeclient.h +37 -0
- data/vendor/libsodium/src/libsodium/include/sodium/randombytes_salsa20_random.h +3 -2
- data/vendor/libsodium/src/libsodium/include/sodium/runtime.h +6 -0
- data/vendor/libsodium/src/libsodium/include/sodium/utils.h +15 -1
- data/vendor/libsodium/src/libsodium/randombytes/nativeclient/randombytes_nativeclient.c +49 -0
- data/vendor/libsodium/src/libsodium/randombytes/randombytes.c +11 -1
- data/vendor/libsodium/src/libsodium/randombytes/salsa20/randombytes_salsa20_random.c +71 -45
- data/vendor/libsodium/src/libsodium/randombytes/sysrandom/randombytes_sysrandom.c +12 -2
- data/vendor/libsodium/src/libsodium/sodium/runtime.c +26 -3
- data/vendor/libsodium/src/libsodium/sodium/utils.c +86 -13
- data/vendor/libsodium/test/Makefile.in +9 -0
- data/vendor/libsodium/test/default/Makefile.am +130 -0
- data/vendor/libsodium/test/default/Makefile.in +197 -50
- data/vendor/libsodium/test/default/aead_aes256gcm.c +3197 -0
- data/vendor/libsodium/test/default/aead_aes256gcm.exp +1 -0
- data/vendor/libsodium/test/default/aead_chacha20poly1305.c +150 -17
- data/vendor/libsodium/test/default/aead_chacha20poly1305.exp +51 -0
- data/vendor/libsodium/test/default/chacha20.c +80 -5
- data/vendor/libsodium/test/default/chacha20.exp +11 -0
- data/vendor/libsodium/test/default/generichash.c +1332 -1
- data/vendor/libsodium/test/default/generichash.exp +1 -1
- data/vendor/libsodium/test/default/generichash2.c +3 -2
- data/vendor/libsodium/test/default/generichash3.c +2 -1
- data/vendor/libsodium/test/default/nacl-test-wrapper.sh +26 -0
- data/vendor/libsodium/test/default/randombytes.c +4 -0
- data/vendor/libsodium/test/default/scalarmult.c +33 -14
- data/vendor/libsodium/test/default/scalarmult.exp +4 -4
- data/vendor/libsodium/test/default/secretbox.c +9 -0
- data/vendor/libsodium/test/default/secretbox.exp +19 -0
- data/vendor/libsodium/test/default/secretbox_easy.c +40 -4
- data/vendor/libsodium/test/default/secretbox_easy.exp +58 -1
- data/vendor/libsodium/test/default/sodium_core.c +2 -0
- data/vendor/libsodium/test/default/sodium_utils.c +46 -7
- data/vendor/libsodium/test/default/sodium_utils.exp +5 -0
- data/vendor/libsodium/test/default/stream.c +1 -0
- metadata +28 -3
@@ -0,0 +1,133 @@
|
|
1
|
+
/*
|
2
|
+
* GraxRabble
|
3
|
+
* example programs for libsodium.
|
4
|
+
*/
|
5
|
+
|
6
|
+
#include <sodium.h> /* library header */
|
7
|
+
|
8
|
+
#include "utils.h" /* utility functions shared by examples */
|
9
|
+
|
10
|
+
/*
|
11
|
+
* Using public-key authenticated encryption, Bob can encrypt a
|
12
|
+
* confidential message specifically for Alice, using Alice's public
|
13
|
+
* key.
|
14
|
+
*
|
15
|
+
* Using Bob's public key, Alice can verify that the encrypted
|
16
|
+
* message was actually created by Bob and was not tampered with,
|
17
|
+
* before eventually decrypting it.
|
18
|
+
*
|
19
|
+
* Alice only needs Bob's public key, the nonce and the ciphertext.
|
20
|
+
* Bob should never ever share his secret key, even with Alice.
|
21
|
+
*
|
22
|
+
* And in order to send messages to Alice, Bob only needs Alice's
|
23
|
+
* public key. Alice should never ever share her secret key either,
|
24
|
+
* even with Bob.
|
25
|
+
*
|
26
|
+
* Alice can reply to Bob using the same system, without having to
|
27
|
+
* generate a distinct key pair.
|
28
|
+
*
|
29
|
+
* The nonce doesn't have to be confidential, but it should be used
|
30
|
+
* with just one invokation of crypto_box_open_easy() for a
|
31
|
+
* particular pair of public and secret keys.
|
32
|
+
*
|
33
|
+
* One easy way to generate a nonce is to use randombytes_buf(),
|
34
|
+
* considering the size of nonces the risk of any random collisions
|
35
|
+
* is negligible. For some applications, if you wish to use nonces to
|
36
|
+
* detect missing messages or to ignore replayed messages, it is also
|
37
|
+
* ok to use a simple incrementing counter as a nonce.
|
38
|
+
*
|
39
|
+
* When doing so you must ensure that the same value can never be
|
40
|
+
* re-used (for example you may have multiple threads or even hosts
|
41
|
+
* generating messages using the same key pairs).
|
42
|
+
*
|
43
|
+
* This system provides mutual authentication. However, a typical use
|
44
|
+
* case is to secure communications between a server, whose public
|
45
|
+
* key is known in advance, and clients connecting anonymously.
|
46
|
+
*/
|
47
|
+
static int
|
48
|
+
box(void)
|
49
|
+
{
|
50
|
+
unsigned char bob_pk[crypto_box_PUBLICKEYBYTES]; /* Bob's public key */
|
51
|
+
unsigned char bob_sk[crypto_box_SECRETKEYBYTES]; /* Bob's secret key */
|
52
|
+
|
53
|
+
unsigned char alice_pk[crypto_box_PUBLICKEYBYTES]; /* Alice's public key */
|
54
|
+
unsigned char alice_sk[crypto_box_SECRETKEYBYTES]; /* Alice's secret key */
|
55
|
+
|
56
|
+
unsigned char nonce[crypto_box_NONCEBYTES];
|
57
|
+
unsigned char message[MAX_INPUT_LEN];
|
58
|
+
unsigned char ciphertext[crypto_box_MACBYTES + MAX_INPUT_LEN];
|
59
|
+
size_t message_len;
|
60
|
+
size_t ciphertext_len;
|
61
|
+
int ret;
|
62
|
+
|
63
|
+
puts("Example: crypto_box_easy\n");
|
64
|
+
|
65
|
+
puts("Generating keypairs...\n");
|
66
|
+
crypto_box_keypair(bob_pk, bob_sk); /* generate Bob's keys */
|
67
|
+
crypto_box_keypair(alice_pk, alice_sk); /* generate Alice's keys */
|
68
|
+
|
69
|
+
puts("Bob");
|
70
|
+
printf("Public key: ");
|
71
|
+
print_hex(bob_pk, sizeof bob_pk);
|
72
|
+
printf("Secret key: ");
|
73
|
+
print_hex(bob_sk, sizeof bob_sk);
|
74
|
+
|
75
|
+
puts("Alice");
|
76
|
+
printf("Public key: ");
|
77
|
+
print_hex(alice_pk, sizeof alice_pk);
|
78
|
+
printf("Secret key: ");
|
79
|
+
print_hex(alice_sk, sizeof alice_sk);
|
80
|
+
|
81
|
+
/* nonce must be unique per (key, message) - it can be public and deterministic */
|
82
|
+
puts("Generating nonce...");
|
83
|
+
randombytes_buf(nonce, sizeof nonce);
|
84
|
+
printf("Nonce: ");
|
85
|
+
print_hex(nonce, sizeof nonce);
|
86
|
+
|
87
|
+
/* read input */
|
88
|
+
message_len = prompt_input("a message", (char*)message, sizeof message, 1);
|
89
|
+
|
90
|
+
print_hex(message, message_len);
|
91
|
+
|
92
|
+
/* encrypt and authenticate the message */
|
93
|
+
printf("Encrypting and authenticating with %s\n\n", crypto_box_primitive());
|
94
|
+
crypto_box_easy(ciphertext, message, message_len, nonce, alice_pk, bob_sk);
|
95
|
+
ciphertext_len = crypto_box_MACBYTES + message_len;
|
96
|
+
|
97
|
+
/* send the nonce and the ciphertext */
|
98
|
+
puts("Bob sends the nonce and the ciphertext...\n");
|
99
|
+
printf("Ciphertext len: %zu bytes - Original message length: %zu bytes\n",
|
100
|
+
ciphertext_len, message_len);
|
101
|
+
puts("Notice the prepended 16 byte authentication token\n");
|
102
|
+
printf("Nonce: ");
|
103
|
+
print_hex(nonce, sizeof nonce);
|
104
|
+
printf("Ciphertext: ");
|
105
|
+
print_hex(ciphertext, ciphertext_len);
|
106
|
+
|
107
|
+
/* decrypt the message */
|
108
|
+
puts("Alice verifies and decrypts the ciphertext...");
|
109
|
+
ret = crypto_box_open_easy(message, ciphertext, ciphertext_len, nonce, bob_pk,
|
110
|
+
alice_sk);
|
111
|
+
print_hex(message, message_len);
|
112
|
+
|
113
|
+
print_verification(ret);
|
114
|
+
if (ret == 0) {
|
115
|
+
printf("Plaintext: ");
|
116
|
+
fwrite(message, 1U, message_len, stdout);
|
117
|
+
putchar('\n');
|
118
|
+
}
|
119
|
+
sodium_memzero(bob_sk, sizeof bob_sk); /* wipe sensitive data */
|
120
|
+
sodium_memzero(alice_sk, sizeof alice_sk);
|
121
|
+
sodium_memzero(message, sizeof message);
|
122
|
+
sodium_memzero(ciphertext, sizeof ciphertext);
|
123
|
+
|
124
|
+
return ret;
|
125
|
+
}
|
126
|
+
|
127
|
+
int
|
128
|
+
main(void)
|
129
|
+
{
|
130
|
+
init();
|
131
|
+
|
132
|
+
return box() != 0;
|
133
|
+
}
|
@@ -0,0 +1,132 @@
|
|
1
|
+
/*
|
2
|
+
* GraxRabble
|
3
|
+
* example programs for libsodium.
|
4
|
+
*/
|
5
|
+
|
6
|
+
#include <sodium.h> /* library header */
|
7
|
+
|
8
|
+
#include "utils.h" /* utility functions shared by examples */
|
9
|
+
|
10
|
+
/*
|
11
|
+
* Using public-key authenticated encryption, Bob can encrypt a
|
12
|
+
* confidential message specifically for Alice, using Alice's public
|
13
|
+
* key.
|
14
|
+
*
|
15
|
+
* Using Bob's public key, Alice can verify that the encrypted
|
16
|
+
* message was actually created by Bob and was not tampered with,
|
17
|
+
* before eventually decrypting it.
|
18
|
+
*
|
19
|
+
* Alice only needs Bob's public key, the nonce and the ciphertext.
|
20
|
+
* Bob should never ever share his secret key, even with Alice.
|
21
|
+
*
|
22
|
+
* And in order to send messages to Alice, Bob only needs Alice's
|
23
|
+
* public key. Alice should never ever share her secret key either,
|
24
|
+
* even with Bob.
|
25
|
+
*
|
26
|
+
* Alice can reply to Bob using the same system, without having to
|
27
|
+
* generate a distinct key pair.
|
28
|
+
*
|
29
|
+
* The nonce doesn't have to be confidential, but it should be used
|
30
|
+
* with just one invokation of crypto_box_open_easy() for a
|
31
|
+
* particular pair of public and secret keys.
|
32
|
+
*
|
33
|
+
* One easy way to generate a nonce is to use randombytes_buf(),
|
34
|
+
* considering the size of nonces the risk of any random collisions
|
35
|
+
* is negligible. For some applications, if you wish to use nonces to
|
36
|
+
* detect missing messages or to ignore replayed messages, it is also
|
37
|
+
* ok to use a simple incrementing counter as a nonce.
|
38
|
+
*
|
39
|
+
* When doing so you must ensure that the same value can never be
|
40
|
+
* re-used (for example you may have multiple threads or even hosts
|
41
|
+
* generating messages using the same key pairs).
|
42
|
+
*
|
43
|
+
* This system provides mutual authentication. However, a typical use
|
44
|
+
* case is to secure communications between a server, whose public
|
45
|
+
* key is known in advance, and clients connecting anonymously.
|
46
|
+
*/
|
47
|
+
static int
|
48
|
+
box_detached(void)
|
49
|
+
{
|
50
|
+
unsigned char bob_pk[crypto_box_PUBLICKEYBYTES]; /* Bob's public key */
|
51
|
+
unsigned char bob_sk[crypto_box_SECRETKEYBYTES]; /* Bob's secret key */
|
52
|
+
|
53
|
+
unsigned char alice_pk[crypto_box_PUBLICKEYBYTES]; /* Alice's public key */
|
54
|
+
unsigned char alice_sk[crypto_box_SECRETKEYBYTES]; /* Alice's secret key */
|
55
|
+
|
56
|
+
unsigned char nonce[crypto_box_NONCEBYTES];
|
57
|
+
unsigned char message[MAX_INPUT_LEN];
|
58
|
+
unsigned char mac[crypto_box_MACBYTES];
|
59
|
+
unsigned char ciphertext[MAX_INPUT_LEN];
|
60
|
+
size_t message_len;
|
61
|
+
int ret;
|
62
|
+
|
63
|
+
puts("Example: crypto_box_detached\n");
|
64
|
+
|
65
|
+
puts("Generating keypairs...\n");
|
66
|
+
crypto_box_keypair(bob_pk, bob_sk); /* generate Bob's keys */
|
67
|
+
crypto_box_keypair(alice_pk, alice_sk); /* generate Alice's keys */
|
68
|
+
|
69
|
+
puts("Bob");
|
70
|
+
printf("Public key: ");
|
71
|
+
print_hex(bob_pk, sizeof bob_pk);
|
72
|
+
printf("Secret key: ");
|
73
|
+
print_hex(bob_sk, sizeof bob_sk);
|
74
|
+
|
75
|
+
puts("Alice");
|
76
|
+
printf("Public key: ");
|
77
|
+
print_hex(alice_pk, sizeof alice_pk);
|
78
|
+
printf("Secret key: ");
|
79
|
+
print_hex(alice_sk, sizeof alice_sk);
|
80
|
+
|
81
|
+
/* nonce must be unique per (key, message) - it can be public and deterministic */
|
82
|
+
puts("Generating nonce...");
|
83
|
+
randombytes_buf(nonce, sizeof nonce);
|
84
|
+
printf("Nonce: ");
|
85
|
+
print_hex(nonce, sizeof nonce);
|
86
|
+
|
87
|
+
/* read input */
|
88
|
+
message_len = prompt_input("a message", (char*)message, sizeof message, 1);
|
89
|
+
|
90
|
+
print_hex(message, message_len);
|
91
|
+
|
92
|
+
/* encrypt and authenticate the message */
|
93
|
+
printf("Encrypting and authenticating with %s\n\n", crypto_box_primitive());
|
94
|
+
crypto_box_detached(ciphertext, mac, message, message_len, nonce,
|
95
|
+
alice_pk, bob_sk);
|
96
|
+
|
97
|
+
/* send the nonce, the MAC and the ciphertext */
|
98
|
+
puts("Bob sends the nonce, the MAC and the ciphertext...\n");
|
99
|
+
printf("Nonce: ");
|
100
|
+
print_hex(nonce, sizeof nonce);
|
101
|
+
printf("MAC: ");
|
102
|
+
print_hex(mac, sizeof mac);
|
103
|
+
printf("Ciphertext: ");
|
104
|
+
print_hex(ciphertext, message_len);
|
105
|
+
|
106
|
+
/* decrypt the message */
|
107
|
+
puts("Alice verifies the MAC and decrypts the ciphertext...");
|
108
|
+
ret = crypto_box_open_detached(message, ciphertext, mac, message_len, nonce,
|
109
|
+
bob_pk, alice_sk);
|
110
|
+
print_hex(message, message_len);
|
111
|
+
|
112
|
+
print_verification(ret);
|
113
|
+
if (ret == 0) {
|
114
|
+
printf("Plaintext: ");
|
115
|
+
fwrite(message, 1U, message_len, stdout);
|
116
|
+
putchar('\n');
|
117
|
+
}
|
118
|
+
sodium_memzero(bob_sk, sizeof bob_sk); /* wipe sensitive data */
|
119
|
+
sodium_memzero(alice_sk, sizeof alice_sk);
|
120
|
+
sodium_memzero(message, sizeof message);
|
121
|
+
sodium_memzero(ciphertext, sizeof ciphertext);
|
122
|
+
|
123
|
+
return ret;
|
124
|
+
}
|
125
|
+
|
126
|
+
int
|
127
|
+
main(void)
|
128
|
+
{
|
129
|
+
init();
|
130
|
+
|
131
|
+
return box_detached() != 0;
|
132
|
+
}
|
@@ -0,0 +1,80 @@
|
|
1
|
+
/*
|
2
|
+
* GraxRabble
|
3
|
+
* example programs for libsodium.
|
4
|
+
*/
|
5
|
+
|
6
|
+
#include <sodium.h> /* library header */
|
7
|
+
|
8
|
+
#include "utils.h" /* utility functions shared by examples */
|
9
|
+
|
10
|
+
/*
|
11
|
+
* This function computes a fixed-length fingerprint for an arbitrary long message.
|
12
|
+
*
|
13
|
+
* Sample use cases:
|
14
|
+
*
|
15
|
+
* File integrity checking
|
16
|
+
* Creating unique identifiers to index arbitrary long data
|
17
|
+
*
|
18
|
+
* The crypto_generichash() function puts a fingerprint of the
|
19
|
+
* message in whose length is inlen bytes into out. The output size
|
20
|
+
* can be chosen by the application.
|
21
|
+
*
|
22
|
+
* The minimum recommended output size is crypto_generichash_BYTES.
|
23
|
+
* This size makes it practically impossible for two messages to
|
24
|
+
* produce the same fingerprint.
|
25
|
+
*
|
26
|
+
* But for specific use cases, the size can be any value between
|
27
|
+
* crypto_generichash_BYTES_MIN (included) and
|
28
|
+
* crypto_generichash_BYTES_MAX (included).
|
29
|
+
*
|
30
|
+
* key can be NULL and keylen can be 0. In this case, a message will
|
31
|
+
* always have the same fingerprint, similar to the MD5 or SHA-1
|
32
|
+
* functions for which crypto_generichash() is a faster and more
|
33
|
+
* secure alternative.
|
34
|
+
*
|
35
|
+
* But a key can also be specified. A message will always have the
|
36
|
+
* same fingerprint for a given key, but different keys used to hash
|
37
|
+
* the same message are very likely to produce distinct fingerprints.
|
38
|
+
*
|
39
|
+
* In particular, the key can be used to make sure that different
|
40
|
+
* applications generate different fingerprints even if they process
|
41
|
+
* the same data.
|
42
|
+
*
|
43
|
+
* The recommended key size is crypto_generichash_KEYBYTES bytes.
|
44
|
+
*
|
45
|
+
* However, the key size can by any value between
|
46
|
+
* crypto_generichash_KEYBYTES_MIN (included) and
|
47
|
+
* crypto_generichash_KEYBYTES_MAX (included).
|
48
|
+
*/
|
49
|
+
void
|
50
|
+
generichash(void)
|
51
|
+
{
|
52
|
+
unsigned char key[crypto_generichash_KEYBYTES_MAX];
|
53
|
+
unsigned char hash[crypto_generichash_BYTES];
|
54
|
+
unsigned char message[MAX_INPUT_LEN];
|
55
|
+
size_t message_len;
|
56
|
+
size_t key_len;
|
57
|
+
|
58
|
+
puts("Example: crypto_generichash\n");
|
59
|
+
|
60
|
+
key_len = prompt_input("a key", (char*)key, sizeof key, 1);
|
61
|
+
message_len = prompt_input("a message", (char*)message, sizeof message, 1);
|
62
|
+
|
63
|
+
printf("Hashing message with %s\n", crypto_generichash_primitive());
|
64
|
+
if (crypto_generichash(hash, sizeof hash, message, message_len,
|
65
|
+
key, key_len) != 0) {
|
66
|
+
puts("Couldn't hash the message, probably due to the key length");
|
67
|
+
} else {
|
68
|
+
printf("Hash: ");
|
69
|
+
print_hex(hash, sizeof hash);
|
70
|
+
}
|
71
|
+
}
|
72
|
+
|
73
|
+
int
|
74
|
+
main(void)
|
75
|
+
{
|
76
|
+
init();
|
77
|
+
generichash();
|
78
|
+
|
79
|
+
return 0;
|
80
|
+
}
|
@@ -0,0 +1,58 @@
|
|
1
|
+
/*
|
2
|
+
* GraxRabble
|
3
|
+
* example programs for libsodium.
|
4
|
+
*/
|
5
|
+
|
6
|
+
#include <sodium.h> /* library header */
|
7
|
+
|
8
|
+
#include "utils.h" /* utility functions shared by examples */
|
9
|
+
|
10
|
+
/*
|
11
|
+
* Streaming variant of generic hash. This has the ability to hash
|
12
|
+
* data in chunks at a time and compute the same result as hashing
|
13
|
+
* all of the data at once.
|
14
|
+
*/
|
15
|
+
void
|
16
|
+
generichash_stream(void)
|
17
|
+
{
|
18
|
+
unsigned char key[crypto_generichash_KEYBYTES_MAX];
|
19
|
+
unsigned char hash[crypto_generichash_BYTES];
|
20
|
+
unsigned char message_part[MAX_INPUT_LEN];
|
21
|
+
crypto_generichash_state state;
|
22
|
+
size_t message_part_len;
|
23
|
+
|
24
|
+
puts("Example: crypto_generichashstream\n");
|
25
|
+
|
26
|
+
prompt_input("a key", (char*)key, sizeof key, 1);
|
27
|
+
|
28
|
+
printf("Hashing message with %s\n", crypto_generichash_primitive());
|
29
|
+
|
30
|
+
/* initialize the stream */
|
31
|
+
if (crypto_generichash_init(&state, key, sizeof key, sizeof hash) != 0) {
|
32
|
+
puts("Couldn't hash the message, probably due to the key length");
|
33
|
+
exit(EXIT_FAILURE);
|
34
|
+
}
|
35
|
+
|
36
|
+
for(;;) {
|
37
|
+
message_part_len = prompt_input("the next part of the message",
|
38
|
+
(char*)message_part, sizeof message_part, 1);
|
39
|
+
if (message_part_len == 0)
|
40
|
+
break;
|
41
|
+
|
42
|
+
/* keep appending data */
|
43
|
+
crypto_generichash_update(&state, message_part, message_part_len);
|
44
|
+
}
|
45
|
+
crypto_generichash_final(&state, hash, sizeof hash);
|
46
|
+
|
47
|
+
printf("Hash: ");
|
48
|
+
print_hex(hash, sizeof hash);
|
49
|
+
}
|
50
|
+
|
51
|
+
int
|
52
|
+
main(void)
|
53
|
+
{
|
54
|
+
init();
|
55
|
+
generichash_stream();
|
56
|
+
|
57
|
+
return 0;
|
58
|
+
}
|
@@ -0,0 +1,58 @@
|
|
1
|
+
/*
|
2
|
+
* GraxRabble
|
3
|
+
* example programs for libsodium.
|
4
|
+
*/
|
5
|
+
|
6
|
+
#include <sodium.h> /* library header */
|
7
|
+
|
8
|
+
#include "utils.h" /* utility functions shared by examples */
|
9
|
+
|
10
|
+
/*
|
11
|
+
* Many applications and programming language implementations were
|
12
|
+
* recently found to be vulnerable to denial-of-service attacks when
|
13
|
+
* a hash function with weak security guarantees, such as Murmurhash
|
14
|
+
* 3, was used to construct a hash table.
|
15
|
+
*
|
16
|
+
* In order to address this, Sodium provides the crypto_shorthash()
|
17
|
+
* function, which outputs short but unpredictable (without knowing
|
18
|
+
* the secret key) values suitable for picking a list in a hash table
|
19
|
+
* for a given key.
|
20
|
+
*
|
21
|
+
* This function is optimized for short inputs.
|
22
|
+
*
|
23
|
+
* The output of this function is only 64 bits. Therefore, it should
|
24
|
+
* not be considered collision-resistant.
|
25
|
+
*
|
26
|
+
* Use cases:
|
27
|
+
*
|
28
|
+
* - Hash tables
|
29
|
+
* - Probabilistic data structures such as Bloom filters
|
30
|
+
* - Integrity checking in interactive protocols
|
31
|
+
*/
|
32
|
+
void
|
33
|
+
shorthash(void)
|
34
|
+
{
|
35
|
+
unsigned char key[crypto_shorthash_KEYBYTES];
|
36
|
+
unsigned char hash[crypto_shorthash_BYTES];
|
37
|
+
unsigned char message[MAX_INPUT_LEN];
|
38
|
+
size_t message_len;
|
39
|
+
|
40
|
+
puts("Example: crypto_shorthash\n");
|
41
|
+
|
42
|
+
prompt_input("a key", (char*)key, sizeof key, 0);
|
43
|
+
message_len = prompt_input("a message", (char*)message, sizeof message, 1);
|
44
|
+
|
45
|
+
printf("Hashing the message with %s\n", crypto_shorthash_primitive());
|
46
|
+
crypto_shorthash(hash, message, message_len, key);
|
47
|
+
printf("Hash: ");
|
48
|
+
print_hex(hash, sizeof hash);
|
49
|
+
}
|
50
|
+
|
51
|
+
int
|
52
|
+
main(void)
|
53
|
+
{
|
54
|
+
init();
|
55
|
+
shorthash();
|
56
|
+
|
57
|
+
return 0;
|
58
|
+
}
|