From bb5512bb4bd057dcf973ca1b0f65efc780a672e0 Mon Sep 17 00:00:00 2001 From: Arte Ebrahimi Date: Thu, 14 Jun 2018 14:27:34 -0700 Subject: [PATCH 1/2] added box detached api --- src/caesium/binding.clj | 17 ++++++++++++++++ src/caesium/crypto/box.clj | 35 ++++++++++++++++++++++++++++++++ test/caesium/crypto/box_test.clj | 19 +++++++++++++++++ 3 files changed, 71 insertions(+) diff --git a/src/caesium/binding.clj b/src/caesium/binding.clj index a61bd29..6a1cacb 100644 --- a/src/caesium/binding.clj +++ b/src/caesium/binding.clj @@ -111,6 +111,23 @@ ^bytes ^{Pinned {}} pk ^bytes ^{Pinned {}} sk]] + [^int crypto_box_detached + [^bytes ^{Pinned {}} c + ^bytes ^{Pinned {}} mac + ^bytes ^{Pinned {}} m + ^long ^{LongLong {}} mlen + ^bytes ^{Pinned {}} n + ^bytes ^{Pinned {}} pk + ^bytes ^{Pinned {}} sk]] + [^int crypto_box_open_detached + [^bytes ^{Pinned {}} m + ^bytes ^{Pinned {}} c + ^bytes ^{Pinned {}} mac + ^long ^{LongLong {}} clen + ^bytes ^{Pinned {}} n + ^bytes ^{Pinned {}} pk + ^bytes ^{Pinned {}} sk]] + [^long ^{size_t {}} crypto_sign_bytes []] [^long ^{size_t {}} crypto_sign_seedbytes []] [^long ^{size_t {}} crypto_sign_publickeybytes []] diff --git a/src/caesium/crypto/box.clj b/src/caesium/crypto/box.clj index f3baaa6..00b761e 100644 --- a/src/caesium/crypto/box.clj +++ b/src/caesium/crypto/box.clj @@ -253,3 +253,38 @@ libsodium function." [pk sk ctext] (box-seal-open ctext pk sk)) + +(defn box-detached-to-bufs! [c mac m mlen n pk sk] + (b/call! detached c mac m mlen n pk sk)) + +(defn box-detached [ptext nonce pk sk] + (let [c (bb/alloc (bb/buflen ptext)) + mac (bb/alloc macbytes)] + (box-detached-to-bufs! + c + mac + (bb/->indirect-byte-buf ptext) + (bb/buflen ptext) + (bb/->indirect-byte-buf nonce) + (bb/->indirect-byte-buf pk) + (bb/->indirect-byte-buf sk)) + {:ctext (bb/->bytes c) + :mac (bb/->bytes mac)})) + +(defn box-open-detached-to-bufs! [m c mac clen n pk sk] + (let [res (b/call! open_detached m c mac clen n pk sk)] + (if (zero? res) + m + (throw (RuntimeException. "Ciphertext verification failed"))))) + +(defn box-open-detached [ctext mac nonce pk sk] + (let [m (bb/alloc (bb/buflen ctext))] + (box-open-detached-to-bufs! + m + (bb/->indirect-byte-buf ctext) + (bb/->indirect-byte-buf mac) + (bb/buflen ctext) + (bb/->indirect-byte-buf nonce) + (bb/->indirect-byte-buf pk) + (bb/->indirect-byte-buf sk)) + (bb/->bytes m))) diff --git a/test/caesium/crypto/box_test.clj b/test/caesium/crypto/box_test.clj index b6b8c3a..2f33f49 100644 --- a/test/caesium/crypto/box_test.clj +++ b/test/caesium/crypto/box_test.clj @@ -62,3 +62,22 @@ (is (thrown-with-msg? RuntimeException #"Ciphertext verification failed" (b/anonymous-decrypt bob-pk bob-sk forgery)))))) + +(deftest detached-test + (let [nonce (box-vector "nonce") + ptext (box-vector "plaintext") + ctext-kat (box-vector "ciphertext") + bob-pk (box-vector "bob-public-key") + bob-sk (box-vector "bob-secret-key") + alice-pk (box-vector "alice-public-key") + alice-sk (box-vector "alice-secret-key") + {:keys [ctext mac]} (b/box-detached ptext nonce alice-pk bob-sk) + open-detached (b/box-open-detached ctext mac nonce bob-pk alice-sk)] + (is (bb/bytes= (byte-array (drop b/macbytes ctext-kat)) ctext)) + (is (bb/bytes= (byte-array (take b/macbytes ctext-kat)) mac)) + (is (bb/bytes= ptext open-detached)) + (let [forged-ctext (r/randombytes (- (alength ^bytes ctext) b/macbytes)) + forged-mac (r/randombytes b/macbytes)] + (is (thrown-with-msg? + RuntimeException #"Ciphertext verification failed" + (b/box-open-detached forged-ctext forged-mac nonce bob-pk alice-sk)))))) From 1948f55c6e0bc9615c0679c9c2c1b02e4ddcd1eb Mon Sep 17 00:00:00 2001 From: Arte Ebrahimi Date: Thu, 14 Jun 2018 15:16:20 -0700 Subject: [PATCH 2/2] fixed keyword to match upstream api --- src/caesium/crypto/box.clj | 2 +- test/caesium/crypto/box_test.clj | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/src/caesium/crypto/box.clj b/src/caesium/crypto/box.clj index 00b761e..326ea0c 100644 --- a/src/caesium/crypto/box.clj +++ b/src/caesium/crypto/box.clj @@ -268,7 +268,7 @@ (bb/->indirect-byte-buf nonce) (bb/->indirect-byte-buf pk) (bb/->indirect-byte-buf sk)) - {:ctext (bb/->bytes c) + {:c (bb/->bytes c) :mac (bb/->bytes mac)})) (defn box-open-detached-to-bufs! [m c mac clen n pk sk] diff --git a/test/caesium/crypto/box_test.clj b/test/caesium/crypto/box_test.clj index 2f33f49..a916067 100644 --- a/test/caesium/crypto/box_test.clj +++ b/test/caesium/crypto/box_test.clj @@ -66,18 +66,18 @@ (deftest detached-test (let [nonce (box-vector "nonce") ptext (box-vector "plaintext") - ctext-kat (box-vector "ciphertext") + c-kat (box-vector "ciphertext") bob-pk (box-vector "bob-public-key") bob-sk (box-vector "bob-secret-key") alice-pk (box-vector "alice-public-key") alice-sk (box-vector "alice-secret-key") - {:keys [ctext mac]} (b/box-detached ptext nonce alice-pk bob-sk) - open-detached (b/box-open-detached ctext mac nonce bob-pk alice-sk)] - (is (bb/bytes= (byte-array (drop b/macbytes ctext-kat)) ctext)) - (is (bb/bytes= (byte-array (take b/macbytes ctext-kat)) mac)) + {:keys [c mac]} (b/box-detached ptext nonce alice-pk bob-sk) + open-detached (b/box-open-detached c mac nonce bob-pk alice-sk)] + (is (bb/bytes= (byte-array (drop b/macbytes c-kat)) c)) + (is (bb/bytes= (byte-array (take b/macbytes c-kat)) mac)) (is (bb/bytes= ptext open-detached)) - (let [forged-ctext (r/randombytes (- (alength ^bytes ctext) b/macbytes)) + (let [forged-c (r/randombytes (- (alength ^bytes c-kat) b/macbytes)) forged-mac (r/randombytes b/macbytes)] (is (thrown-with-msg? RuntimeException #"Ciphertext verification failed" - (b/box-open-detached forged-ctext forged-mac nonce bob-pk alice-sk)))))) + (b/box-open-detached forged-c forged-mac nonce bob-pk alice-sk))))))