104 lines
3.3 KiB
Factor
104 lines
3.3 KiB
Factor
! Copyright (C) 2017 Alexander Ilin.
|
|
! See http://factorcode.org/license.txt for BSD license.
|
|
USING: byte-arrays init io.encodings.string io.encodings.utf8
|
|
kernel math sequences sodium.ffi ;
|
|
IN: sodium
|
|
|
|
ERROR: sodium-init-fail ;
|
|
ERROR: call-fail ;
|
|
ERROR: buffer-too-small ;
|
|
|
|
! Call this before any other function, may be called multiple times.
|
|
: sodium-init ( -- ) sodium_init 0 < [ sodium-init-fail ] when ;
|
|
|
|
<PRIVATE
|
|
|
|
: cipher-buf ( message-length n -- byte-array )
|
|
+ <byte-array> ;
|
|
|
|
: message-buf ( cipher-length n -- byte-array )
|
|
- <byte-array> ;
|
|
|
|
: secretbox-cipher-buf ( message-length -- byte-array )
|
|
crypto_secretbox_macbytes cipher-buf ;
|
|
|
|
: secretbox-message-buf ( cipher-length -- byte-array )
|
|
crypto_secretbox_macbytes message-buf ;
|
|
|
|
: box-cipher-buf ( message-length -- byte-array )
|
|
crypto_box_macbytes cipher-buf ;
|
|
|
|
: box-message-buf ( cipher-length -- byte-array )
|
|
crypto_box_macbytes message-buf ;
|
|
|
|
PRIVATE>
|
|
|
|
: random-bytes ( byte-array -- byte-array' )
|
|
dup dup length randombytes_buf ;
|
|
|
|
: n-random-bytes ( n -- byte-array )
|
|
<byte-array> random-bytes ;
|
|
|
|
: check0 ( n -- ) 0 = [ call-fail ] unless ;
|
|
|
|
: crypto-pwhash-str ( password opslimit memlimit -- str )
|
|
[ crypto_pwhash_strbytes <byte-array> dup ] 3dip
|
|
[ utf8 encode dup length ] 2dip crypto_pwhash_str check0
|
|
utf8 decode ;
|
|
|
|
: crypto-pwhash-str-verify ( str password -- ? )
|
|
[ utf8 encode ] bi@ dup length crypto_pwhash_str_verify 0 = ;
|
|
|
|
: crypto-generichash ( out-bytes in-bytes key-bytes/f -- out-bytes' )
|
|
[ dup ] 2dip [ dup length ] tri@ crypto_generichash check0 ;
|
|
|
|
: check-length ( byte-array min-length -- byte-array )
|
|
[ dup length ] dip < [ buffer-too-small ] when ;
|
|
|
|
: crypto-secretbox-easy ( msg-bytes nonce-bytes key-bytes -- cipher-bytes )
|
|
[ dup length [ secretbox-cipher-buf swap dupd ] keep ]
|
|
[ crypto_secretbox_noncebytes check-length ]
|
|
[ crypto_secretbox_keybytes check-length ] tri*
|
|
crypto_secretbox_easy check0 ;
|
|
|
|
: crypto-secretbox-open-easy ( cipher-bytes nonce-bytes key-bytes -- msg-bytes/f )
|
|
[
|
|
crypto_secretbox_macbytes check-length
|
|
dup length [ secretbox-message-buf swap dupd ] keep
|
|
]
|
|
[ crypto_secretbox_noncebytes check-length ]
|
|
[ crypto_secretbox_keybytes check-length ] tri*
|
|
crypto_secretbox_open_easy 0 = [ drop f ] unless ;
|
|
|
|
: crypto-box-keypair ( -- public-key secret-key )
|
|
crypto_box_publickeybytes <byte-array>
|
|
crypto_box_secretkeybytes <byte-array>
|
|
2dup crypto_box_keypair check0 ;
|
|
|
|
: crypto-sign-keypair ( -- public-key secret-key )
|
|
crypto_sign_publickeybytes <byte-array>
|
|
crypto_sign_secretkeybytes <byte-array>
|
|
2dup crypto_sign_keypair check0 ;
|
|
|
|
: crypto-sign ( message secret-key -- signature )
|
|
[ crypto_sign_bytes <byte-array> dup f ] 2dip
|
|
[ dup length ] dip crypto_sign_detached check0 ;
|
|
|
|
: crypto-sign-verify ( signature message public-key -- ? )
|
|
[ dup length ] dip crypto_sign_verify_detached 0 = ;
|
|
|
|
: crypto-box-nonce ( -- nonce-bytes )
|
|
crypto_box_noncebytes n-random-bytes ;
|
|
|
|
: crypto-box-easy ( message nonce public-key private-key -- cipher-bytes )
|
|
[
|
|
dup length [ box-cipher-buf dup rot ] keep
|
|
] 3dip crypto_box_easy check0 ;
|
|
|
|
: crypto-box-open-easy ( cipher-bytes nonce public-key private-key -- message )
|
|
[
|
|
dup length [ box-message-buf dup rot ] keep
|
|
] 3dip crypto_box_open_easy check0 ;
|
|
|
|
[ sodium-init ] "sodium" add-startup-hook
|