aboutsummaryrefslogtreecommitdiff
path: root/src/noscrypt.h
diff options
context:
space:
mode:
authorLibravatar vnugent <public@vaughnnugent.com>2024-03-03 15:02:02 -0500
committerLibravatar vnugent <public@vaughnnugent.com>2024-03-03 15:02:02 -0500
commit21f6c0a9cdd5ed67e48bb1f39f72217b5fe4758f (patch)
treeb081f9ccae15037372bfd906767247bbd58c2907 /src/noscrypt.h
parent120022aa349f5e4cac28da74d568373c49245884 (diff)
Squashed commit of the following:
commit 490dfee4ef22479009627435c6ad728c3cbbab54 Author: vnugent <public@vaughnnugent.com> Date: Sun Mar 3 14:59:25 2024 -0500 test: #3 tests for encryption/description and Macs commit efa97490b7ed47f4e2f05bee52e2b33e14e439e6 Merge: 1b84e3c 120022a Author: vnugent <public@vaughnnugent.com> Date: Sun Mar 3 14:55:48 2024 -0500 merge master commit 1b84e3c7c2e55b1ff9ffdd09b66873e11c131441 Author: vnugent <public@vaughnnugent.com> Date: Sat Mar 2 22:57:36 2024 -0500 fix: #2 constent usage of sizeof() operator on struct types commit 9de5a214c66adea0ef2d0bac63c59449de202a88 Author: vnugent <public@vaughnnugent.com> Date: Fri Mar 1 14:30:36 2024 -0500 perf: avoid nc_key struct copy, cast and verify instead commit b917b761120ed684af28d0707673ffadcf14b8fe Author: vnugent <public@vaughnnugent.com> Date: Mon Feb 12 22:06:50 2024 -0500 fix: found the constant time memcompare function commit 9f85fff3b9f25da7410569ea94f994b88feb3910 Author: vnugent <public@vaughnnugent.com> Date: Fri Feb 9 22:48:35 2024 -0500 feat: added/update MAC functions to sign or verify nip44 payload commit aa5113741bb419b02d6ea416bba571fa3d65db46 Author: vnugent <public@vaughnnugent.com> Date: Wed Feb 7 01:37:53 2024 -0500 add missing hmac-key output buffer commit 55f47d22cc9ce4d1e22b70814d608c7ef3b1bbc9 Author: vnugent <public@vaughnnugent.com> Date: Sun Feb 4 21:08:13 2024 -0500 simple bug fixes, and public api argument validation tests commit 73c5a713fb164ae8b4ac8a891a8020e08eae0a3b Author: vnugent <public@vaughnnugent.com> Date: Fri Feb 2 23:05:48 2024 -0500 update api to return secpvalidate return code instead of internal return codes commit 06c73004e1a39a7ea4ea3a89c22dee0f66adb236 Author: vnugent <public@vaughnnugent.com> Date: Fri Feb 2 19:25:17 2024 -0500 change to lgpl license commit 6e79fdb3b6b6739fc7797d47e55a7691306cf736 Author: vnugent <public@vaughnnugent.com> Date: Wed Jan 31 21:30:49 2024 -0500 move validation macros, and optionally disable them commit ac1e58837f1ba687939f78b5c03cadd346c10ddd Author: vnugent <public@vaughnnugent.com> Date: Tue Jan 30 12:25:05 2024 -0500 couple more tests, renable range checks, set flags for all projects
Diffstat (limited to 'src/noscrypt.h')
-rw-r--r--src/noscrypt.h86
1 files changed, 84 insertions, 2 deletions
diff --git a/src/noscrypt.h b/src/noscrypt.h
index f6bfe76..f7265ad 100644
--- a/src/noscrypt.h
+++ b/src/noscrypt.h
@@ -72,6 +72,8 @@
#define NC_PUBKEY_SIZE 32
#define NC_SHARED_SEC_SIZE 32
#define NC_CONV_KEY_SIZE 32
+#define NC_HMAC_KEY_SIZE 32
+#define NC_ENCRYPTION_MAC_SIZE 32
#define NC_MESSAGE_KEY_SIZE NIP44_MESSAGE_KEY_SIZE
/*
@@ -80,8 +82,6 @@
*/
#define NIP44_MIN_ENC_MESSAGE_SIZE 1
#define NIP44_MAX_ENC_MESSAGE_SIZE 65535
-#define NIP44_MIN_DEC_MESSAGE_SIZE 99
-#define NIP44_MAX_DEC_MESSAGE_SIZE 65603
/*
* The Nip44 constant salt
@@ -169,14 +169,45 @@ typedef struct nc_encryption_struct {
} NCCryptoData;
/*
+* A structure for Nip44 message authentication code verification. This structure
+* is used to pass arguments to the NCVerifyMac and NCVerifyMacEx functions.
+*/
+typedef struct nc_mac_verify {
+
+ /* The message authentication code certifying the Nip44 payload */
+ uint8_t mac[NC_ENCRYPTION_MAC_SIZE];
+
+ /* The nonce used for the original message encryption */
+ uint8_t nonce[NC_ENCRYPTION_NONCE_SIZE];
+
+ /* The message payload data */
+ const uint8_t* payload;
+
+ /* The size of the payload data */
+ size_t payloadSize;
+
+} NCMacVerifyArgs;
+
+
+/*
API FUNCTIONS
*/
+/*
+* A helper function to cast a 32byte buffer to a NCSecretKey struct
+* @param key The 32byte buffer to cast
+* @return A pointer to the NCSecretKey struct
+*/
static inline NCSecretKey* NCToSecKey(uint8_t key[NC_SEC_KEY_SIZE])
{
return (NCSecretKey*)key;
}
+/*
+* A helper function to cast a 32byte buffer to a NCPublicKey struct
+* @param key The 32byte buffer to cast
+* @return A pointer to the NCPublicKey struct
+*/
static inline NCPublicKey* NCToPubKey(uint8_t key[NC_PUBKEY_SIZE])
{
return (NCPublicKey*)key;
@@ -377,6 +408,7 @@ NC_EXPORT NCResult NC_CC NCEncrypt(
const NCContext* ctx,
const NCSecretKey* sk,
const NCPublicKey* pk,
+ uint8_t hmacKeyOut[NC_HMAC_KEY_SIZE],
NCCryptoData* args
);
@@ -397,6 +429,22 @@ NC_EXPORT NCResult NC_CC NCDecrypt(
NCCryptoData* args
);
+/*
+* High level api for verifying a Nip44 message authentication code using a secret key
+and a public key. Use the NCVerifyMacEx functions for extended verification functionality.
+* @param ctx A pointer to an existing library context
+* @param sk A pointer to the secret key
+* @param pk A pointer to the 32byte compressed public key (x-only serialized public key)
+* @param args A pointer to the mac verification arguments
+* @return NC_SUCCESS if the operation was successful, otherwise an error code. Use NCParseErrorCode to
+* the error code and positional argument that caused the error
+*/
+NC_EXPORT NCResult NC_CC NCVerifyMac(
+ const NCContext* ctx,
+ const NCSecretKey* sk,
+ const NCPublicKey* pk,
+ NCMacVerifyArgs* args
+);
/*--------------------------------------
* EXTENDED ENCRYPTION API
@@ -462,6 +510,7 @@ the error code and positional argument that caused the error.
NC_EXPORT NCResult NC_CC NCEncryptEx(
const NCContext* ctx,
const uint8_t conversationKey[NC_CONV_KEY_SIZE],
+ uint8_t hmacKeyOut[NC_HMAC_KEY_SIZE],
NCCryptoData* args
);
@@ -480,4 +529,37 @@ NC_EXPORT NCResult NC_CC NCDecryptEx(
NCCryptoData* args
);
+/*
+* Verifies a Nip44 message authentication code using the given conversation key.
+* @param ctx A pointer to the existing library context
+* @param conversationKey A pointer to the 32byte conversation key
+* @param args A pointer to the mac verification arguments
+* @return NC_SUCCESS if the operation was successful, otherwise an error code. Use NCParseErrorCode to
+* the error code and positional argument that caused the error.
+*/
+NC_EXPORT NCResult NC_CC NCVerifyMacEx(
+ const NCContext* ctx,
+ const uint8_t conversationKey[NC_CONV_KEY_SIZE],
+ NCMacVerifyArgs* args
+);
+
+/*
+* Computes a message authentication code for a given payload using the given hmacKey and writes the
+* mac to the hmacOut buffer.
+* @param ctx A pointer to the existing library context
+* @param hmacKey A pointer to the 32byte hmac key
+* @param payload A pointer to the payload data buffer
+* @param payloadSize The size of the payload data buffer
+* @param hmacOut A pointer to the 32byte buffer to write the mac to
+* @return NC_SUCCESS if the operation was successful, otherwise an error code. Use NCParseErrorCode to
+* the error code and positional argument that caused the error.
+*/
+NC_EXPORT NCResult NCComputeMac(
+ const NCContext* ctx,
+ const uint8_t hmacKey[NC_HMAC_KEY_SIZE],
+ const uint8_t* payload,
+ size_t payloadSize,
+ uint8_t hmacOut[NC_ENCRYPTION_MAC_SIZE]
+);
+
#endif // !NOSCRYPT_H