QPQ-AG/enacl
11
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Implement cryptography for secret boxes.

Browse Source
This commit is contained in:
Jesper Louis Andersen
2014-11-21 17:42:32 +01:00
parent ff5196b99f
commit c08f83a755
4 changed files with 187 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
c_src/enacl_nif.c
+107 -1
View File
@@ -124,7 +124,7 @@ ERL_NIF_TERM enif_crypto_box_open(ErlNifEnv *env, int argc, ERL_NIF_TERM const a
return nacl_error_tuple(env, "alloc_failed");
}
if (crypto_box_open(result.data, padded_ciphertext.data, padded_ciphertext.size, nonce.data, pk.data, sk.data)) {
if (crypto_box_open(result.data, padded_ciphertext.data, padded_ciphertext.size, nonce.data, pk.data, sk.data) != 0) {
enif_release_binary(&result);
return nacl_error_tuple(env, "failed_verification");
}
@@ -135,7 +135,103 @@ ERL_NIF_TERM enif_crypto_box_open(ErlNifEnv *env, int argc, ERL_NIF_TERM const a
crypto_box_ZEROBYTES,
padded_ciphertext.size - crypto_box_ZEROBYTES);
}
/* Secret key cryptography */
static
ERL_NIF_TERM enif_crypto_secretbox_NONCEBYTES(ErlNifEnv *env, int argc, ERL_NIF_TERM const argv[]) {
return enif_make_int64(env, crypto_secretbox_NONCEBYTES);
}
static
ERL_NIF_TERM enif_crypto_secretbox_KEYBYTES(ErlNifEnv *env, int argc, ERL_NIF_TERM const argv[]) {
return enif_make_int64(env, crypto_secretbox_KEYBYTES);
}
static
ERL_NIF_TERM enif_crypto_secretbox_ZEROBYTES(ErlNifEnv *env, int argc, ERL_NIF_TERM const argv[]) {
return enif_make_int64(env, crypto_secretbox_ZEROBYTES);
}
static
ERL_NIF_TERM enif_crypto_secretbox_BOXZEROBYTES(ErlNifEnv *env, int argc, ERL_NIF_TERM const argv[]) {
return enif_make_int64(env, crypto_secretbox_BOXZEROBYTES);
}
static
ERL_NIF_TERM enif_crypto_secretbox(ErlNifEnv *env, int argc, ERL_NIF_TERM const argv[]) {
ErlNifBinary key, nonce, padded_msg, padded_ciphertext;
if (
(argc != 3) ||
(!enif_inspect_iolist_as_binary(env, argv[0], &padded_msg)) ||
(!enif_inspect_iolist_as_binary(env, argv[1], &nonce)) ||
(!enif_inspect_iolist_as_binary(env, argv[2], &key))) {
return enif_make_badarg(env);
}
if (
(key.size != crypto_secretbox_KEYBYTES) ||
(nonce.size != crypto_secretbox_NONCEBYTES) ||
(padded_msg.size < crypto_secretbox_ZEROBYTES)) {
return enif_make_badarg(env);
}
if (!enif_alloc_binary(padded_msg.size, &padded_ciphertext)) {
return nacl_error_tuple(env, "alloc_failed");
}
crypto_secretbox(
padded_ciphertext.data,
padded_msg.data, padded_msg.size,
nonce.data,
key.data);
return enif_make_sub_binary(env,
enif_make_binary(env, &padded_ciphertext),
crypto_secretbox_BOXZEROBYTES,
padded_msg.size - crypto_secretbox_BOXZEROBYTES);
}
static
ERL_NIF_TERM enif_crypto_secretbox_open(ErlNifEnv *env, int argc, ERL_NIF_TERM const argv[]) {
ErlNifBinary key, nonce, padded_ciphertext, padded_msg;
if (
(argc != 3) ||
(!enif_inspect_iolist_as_binary(env, argv[0], &padded_ciphertext)) ||
(!enif_inspect_iolist_as_binary(env, argv[1], &nonce)) ||
(!enif_inspect_iolist_as_binary(env, argv[2], &key))) {
return enif_make_badarg(env);
}
if (
(key.size != crypto_secretbox_KEYBYTES) ||
(nonce.size != crypto_secretbox_NONCEBYTES) ||
(padded_ciphertext.size < crypto_secretbox_BOXZEROBYTES)) {
return enif_make_badarg(env);
}
if (!enif_alloc_binary(padded_ciphertext.size, &padded_msg)) {
return nacl_error_tuple(env, "alloc_failed");
}
if (crypto_secretbox_open(
padded_msg.data,
padded_ciphertext.data,
padded_ciphertext.size,
nonce.data,
key.data) != 0) {
enif_release_binary(&padded_msg);
return nacl_error_tuple(env, "failed_verification");
}
return enif_make_sub_binary(
env,
enif_make_binary(env, &padded_msg),
crypto_secretbox_ZEROBYTES,
padded_ciphertext.size - crypto_secretbox_ZEROBYTES);
}
/* Tie the knot to the Erlang world */
static ErlNifFunc nif_funcs[] = {
{"crypto_box_NONCEBYTES", 0, enif_crypto_box_NONCEBYTES},
@@ -144,7 +240,17 @@ static ErlNifFunc nif_funcs[] = {
{"crypto_box_keypair", 0, enif_crypto_box_keypair},
{"crypto_box", 4, enif_crypto_box, ERL_NIF_DIRTY_JOB_CPU_BOUND},
{"crypto_box_open", 4, enif_crypto_box_open, ERL_NIF_DIRTY_JOB_CPU_BOUND},
{"crypto_secretbox_NONCEBYTES", 0, enif_crypto_secretbox_NONCEBYTES},
{"crypto_secretbox_ZEROBYTES", 0, enif_crypto_secretbox_ZEROBYTES},
{"crypto_secretbox_BOXZEROBYTES", 0, enif_crypto_secretbox_BOXZEROBYTES},
{"crypto_secretbox_KEYBYTES", 0, enif_crypto_secretbox_KEYBYTES},
{"crypto_secretbox", 3, enif_crypto_secretbox, ERL_NIF_DIRTY_JOB_CPU_BOUND},
{"crypto_secretbox_open", 3, enif_crypto_secretbox_open, ERL_NIF_DIRTY_JOB_CPU_BOUND},
{"crypto_hash", 1, enif_crypto_hash, ERL_NIF_DIRTY_JOB_CPU_BOUND}
};
ERL_NIF_INIT(enacl_nif, nif_funcs, NULL, NULL, NULL, NULL);