diff --git a/extra/sodium/ffi/ffi.factor b/extra/sodium/ffi/ffi.factor index 58b5887474..18ccdd69c6 100644 --- a/extra/sodium/ffi/ffi.factor +++ b/extra/sodium/ffi/ffi.factor @@ -75,3 +75,23 @@ FUNCTION: int crypto_generichash_update ( crypto_generichash_state* state, uchar* in, ulonglong inlen ) FUNCTION: int crypto_generichash_final ( crypto_generichash_state* state, uchar* out, size_t outlen ) + +! crypto_secretbox_H +FUNCTION: size_t crypto_secretbox_keybytes ( ) +FUNCTION: size_t crypto_secretbox_noncebytes ( ) +FUNCTION: size_t crypto_secretbox_macbytes ( ) +FUNCTION: char *crypto_secretbox_primitive ( ) +FUNCTION: int crypto_secretbox_easy ( + uchar* c, uchar* m, ulonglong mlen, + uchar* n, uchar* k ) +FUNCTION: int crypto_secretbox_open_easy ( + uchar* m, uchar* c, ulonglong clen, + uchar* n, uchar* k ) +FUNCTION: int crypto_secretbox_detached ( + uchar* c, uchar* mac, uchar* m, ulonglong mlen, + uchar* n, uchar* k ) +FUNCTION: int crypto_secretbox_open_detached ( + uchar *m, uchar* c, uchar* mac, ulonglong clen, + uchar* n, uchar* k ) +FUNCTION: void crypto_secretbox_keygen ( + uchar k[crypto_secretbox_KEYBYTES] ) diff --git a/extra/sodium/sodium.factor b/extra/sodium/sodium.factor index 490eb8d068..fb16111373 100644 --- a/extra/sodium/sodium.factor +++ b/extra/sodium/sodium.factor @@ -6,6 +6,7 @@ IN: sodium ERROR: sodium-init-fail ; ERROR: call-fail ; +ERROR: buffer-too-small ; ! Call this before any other function, may be called multiple times. : sodium-init ( -- ) sodium_init 0 < [ sodium-init-fail ] when ; @@ -29,4 +30,28 @@ ERROR: call-fail ; : crypto-generichash ( out-bytes in-bytes key-bytes/f -- out-bytes' ) [ dup ] 2dip [ dup length ] tri@ crypto_generichash check0 ; +: cipher-buf ( msg-length -- byte-array ) + crypto_secretbox_macbytes + ; + +: message-buf ( msg-length -- byte-array ) + crypto_secretbox_macbytes - ; + +: check-length ( byte-array min-length -- byte-array ) + [ dup length ] dip < [ buffer-too-small ] when ; + +: crypto-secretbox-easy ( msg-bytes nonce-bytes key-bytes -- cipher-bytes ) + [ dup length [ cipher-buf swap dupd ] keep ] + [ crypto_secretbox_noncebytes check-length ] + [ crypto_secretbox_keybytes check-length ] tri* + crypto_secretbox_easy check0 ; + +: crypto-secretbox-open-easy ( cipher-bytes nonce-bytes key-bytes -- msg-bytes/f ) + [ + crypto_secretbox_macbytes check-length + dup length [ message-buf swap dupd ] keep + ] + [ crypto_secretbox_noncebytes check-length ] + [ crypto_secretbox_keybytes check-length ] tri* + crypto_secretbox_open_easy 0 = [ drop f ] unless ; + [ sodium-init ] "sodium" add-startup-hook