sodium: add authenticated encryption and decryption (secretbox) functions

2017-03-02 03:37:45 +03:00 · 2017-03-02 03:37:45 +03:00 · 70eb4f1d34
parent 60ff8c00aa
commit 70eb4f1d34
2 changed files with 45 additions and 0 deletions
--- a/extra/sodium/ffi/ffi.factor
+++ b/extra/sodium/ffi/ffi.factor
@ -75,3 +75,23 @@ FUNCTION: int crypto_generichash_update (
    crypto_generichash_state* state, uchar* in, ulonglong inlen )
 FUNCTION: int crypto_generichash_final (
    crypto_generichash_state* state, uchar* out, size_t outlen )
+
+! crypto_secretbox_H
+FUNCTION: size_t crypto_secretbox_keybytes ( )
+FUNCTION: size_t crypto_secretbox_noncebytes ( )
+FUNCTION: size_t crypto_secretbox_macbytes ( )
+FUNCTION: char *crypto_secretbox_primitive ( )
+FUNCTION: int crypto_secretbox_easy (
+    uchar* c, uchar* m, ulonglong mlen,
+    uchar* n, uchar* k )
+FUNCTION: int crypto_secretbox_open_easy (
+    uchar* m, uchar* c, ulonglong clen,
+    uchar* n, uchar* k )
+FUNCTION: int crypto_secretbox_detached (
+    uchar* c, uchar* mac, uchar* m, ulonglong mlen,
+    uchar* n, uchar* k )
+FUNCTION: int crypto_secretbox_open_detached (
+    uchar *m, uchar* c, uchar* mac, ulonglong clen,
+    uchar* n, uchar* k )
+FUNCTION: void crypto_secretbox_keygen (
+    uchar k[crypto_secretbox_KEYBYTES] )
--- a/extra/sodium/sodium.factor
+++ b/extra/sodium/sodium.factor
@ -6,6 +6,7 @@ IN: sodium

 ERROR: sodium-init-fail ;
 ERROR: call-fail ;
+ERROR: buffer-too-small ;

 ! Call this before any other function, may be called multiple times.
 : sodium-init ( -- ) sodium_init 0 < [ sodium-init-fail ] when ;
@ -29,4 +30,28 @@ ERROR: call-fail ;
 : crypto-generichash ( out-bytes in-bytes key-bytes/f -- out-bytes' )
    [ dup ] 2dip [ dup length ] tri@ crypto_generichash check0 ;

+: cipher-buf ( msg-length -- byte-array )
+    crypto_secretbox_macbytes + <byte-array> ;
+
+: message-buf ( msg-length -- byte-array )
+    crypto_secretbox_macbytes - <byte-array> ;
+
+: check-length ( byte-array min-length -- byte-array )
+    [ dup length ] dip < [ buffer-too-small ] when ;
+
+: crypto-secretbox-easy ( msg-bytes nonce-bytes key-bytes -- cipher-bytes )
+    [ dup length [ cipher-buf swap dupd ] keep ]
+    [ crypto_secretbox_noncebytes check-length ]
+    [ crypto_secretbox_keybytes check-length ] tri*
+    crypto_secretbox_easy check0 ;
+
+: crypto-secretbox-open-easy ( cipher-bytes nonce-bytes key-bytes -- msg-bytes/f )
+    [
+        crypto_secretbox_macbytes check-length
+        dup length [ message-buf swap dupd ] keep
+    ]
+    [ crypto_secretbox_noncebytes check-length ]
+    [ crypto_secretbox_keybytes check-length ] tri*
+    crypto_secretbox_open_easy 0 = [ drop f ] unless ;
+
 [ sodium-init ] "sodium" add-startup-hook