diff options
Diffstat (limited to 'include')
| -rw-r--r-- | include/noscrypt.h | 119 | ||||
| -rw-r--r-- | include/noscryptutil.h | 183 |
2 files changed, 263 insertions, 39 deletions
diff --git a/include/noscrypt.h b/include/noscrypt.h index cdc74fe..faad1f1 100644 --- a/include/noscrypt.h +++ b/include/noscrypt.h @@ -58,7 +58,7 @@ extern "C" { #ifdef _NC_IS_WINDOWS #define NC_EXPORT __declspec(dllimport) #else - #define NC_EXPORT + #define NC_EXPORT extern #endif /* _NC_IS_WINDOWS */ #endif /* !NOSCRYPT_EXPORTING */ #endif /* !NC_EXPORT */ @@ -76,15 +76,16 @@ extern "C" { #define NC_CONV_KEY_SIZE 0x20 #define NC_HMAC_KEY_SIZE 0x20 #define NC_ENCRYPTION_MAC_SIZE 0x20 -#define NC_MESSAGE_KEY_SIZE NIP44_MESSAGE_KEY_SIZE -#define NC_NIP04_AES_IV_SIZE 0x10 /* AES IV size is 16 bytes (block size) */ +#define NC_MESSAGE_KEY_SIZE NIP44_MESSAGE_KEY_SIZE +#define NC_NIP04_AES_IV_SIZE 0x10 /* AES IV size is 16 bytes (aka cipher block size) */ +#define NC_NIP04_AES_KEY_SIZE 0x20 /* AES 256 key size */ /* * From spec * https://github.com/nostr-protocol/nips/blob/master/44.md#decryption */ #define NIP44_MIN_ENC_MESSAGE_SIZE 0x01 -#define NIP44_MAX_ENC_MESSAGE_SIZE 0xffff +#define NIP44_MAX_ENC_MESSAGE_SIZE UINT16_MAX #define NC_ENC_VERSION_NIP04 0x04 #define NC_ENC_VERSION_NIP44 0x2c @@ -112,6 +113,20 @@ extern "C" { #define E_VERSION_NOT_SUPPORTED -6 +/* +* ENCRYPTION ALTERATION PROPERTEIS +* +* Codes for assigning values to an NCEncryptionArgs +* structure. +*/ + +#define NC_ENC_SET_VERSION 0x01 +#define NC_ENC_SET_NIP44_NONCE 0x02 +#define NC_ENC_SET_NIP44_MAC_KEY 0x03 +#define NC_ENC_SET_NIP04_KEY 0x04 +#define NC_ENC_SET_NIP04_IV 0x05 + + /* A compressed resul/return value, negative values are failure, 0 is success and positive values are defined by the operation. @@ -149,11 +164,11 @@ data buffers and required nonce used for the stream cipher. typedef struct nc_encryption_struct { /* The nonce used for the stream cipher. */ - const uint8_t* nonce32; + const uint8_t* nonceData; /* Writes the hmac key to the buffer during encryption events. Set to NULL on decryption */ - uint8_t* hmacKeyOut32; + uint8_t* keyData; /* The input data buffer to encrypt/decrypt */ const uint8_t* inputData; @@ -197,51 +212,26 @@ typedef struct nc_mac_verify { */ /* -* A helper function to cast a buffer to a NCSecretKey struct -* @param key The buffer to cast -* @return A pointer to the NCSecretKey struct +* Casts a buffer pointer to a NCSecretKey pointer */ -static _nc_fn_inline NCSecretKey* NCToSecKey(uint8_t key[NC_SEC_KEY_SIZE]) -{ - return (NCSecretKey*)key; -} +#define NCByteCastToSecretKey(key) (NCSecretKey*)key /* -* A helper function to cast a buffer to a NCPublicKey struct -* @param key The buffer to cast -* @return A pointer to the NCPublicKey struct +* Casts a buffer pointer to a NCPublicKey pointer */ -static _nc_fn_inline NCPublicKey* NCToPubKey(uint8_t key[NC_PUBKEY_SIZE]) -{ - return (NCPublicKey*)key; -} +#define NCByteCastToPublicKey(key) (NCPublicKey*)key -static _nc_fn_inline NCResult NCResultWithArgPosition(NCResult err, uint8_t argPosition) -{ - return -(((NCResult)argPosition << NC_ARG_POSITION_OFFSET) | -err); -} + +NC_EXPORT NCResult NC_CC NCResultWithArgPosition(NCResult err, uint8_t argPosition); /* * Parses an error code and returns the error code and the argument position that caused the error. * @param result The error code to parse -* @param argPositionOut A pointer to the argument position to write to +* @param argPositionOut A pointer to the argument position to write to (optionall, set to NULL of unobserved) * @return The error code */ -static _nc_fn_inline int NCParseErrorCode(NCResult result, uint8_t* argPositionOut) -{ - NCResult asPositive; - int code; - - /* convert result to a positive value*/ - asPositive = -result; - - /* Get the error code from the lower 8 bits and the argument position from the upper 8 bits*/ - code = -(asPositive & NC_ERROR_CODE_MASK); - *argPositionOut = (asPositive >> NC_ARG_POSITION_OFFSET) & 0xFF; - - return code; -} +NC_EXPORT int NC_CC NCParseErrorCode(NCResult result, uint8_t* argPositionOut); /*-------------------------------------- * LIB CONTEXT API @@ -578,6 +568,57 @@ NC_EXPORT NCResult NCComputeMac( uint8_t hmacOut[NC_ENCRYPTION_MAC_SIZE] ); + +/* +* A special function that configures custom properties on +* the NCEncryptionArgs structure for a given operation. +* @param args A pointer to the encryption arguments structure +* @param property The ID property to set +* @param value The value to set the property to as a 32-bit integer +* @return NC_SUCCESS if the operation was successful, otherwise an error code. Use NCParseErrorCode to +* the error code and positional argument that caused the error. +*/ +NC_EXPORT NCResult NCSetEncryptionProperty( + NCEncryptionArgs* args, + uint32_t property, + uint32_t value +); + +/* +* A special function that configures custom properties on +* the NCEncryptionArgs structure for a given operation. +* +* @param args A pointer to the encryption arguments structure +* @param property The ID property to set +* @param value The value to set the property to as a byte buffer +* @param valueLen The length of the value buffer +* @return NC_SUCCESS if the operation was successful, otherwise an error code. Use NCParseErrorCode to +* the error code and positional argument that caused the error. +*/ +NC_EXPORT NCResult NCSetEncryptionPropertyEx( + NCEncryptionArgs* args, + uint32_t property, + uint8_t* value, + uint32_t valueLen +); + +/* +* Sets the encryption data buffers for the encryption/decryption +* operation. +* @param args A pointer to the encryption arguments structure +* @param input The input data buffer +* @param output The output data buffer +* @param dataSize The size of the data buffers +* @return NC_SUCCESS if the operation was successful, otherwise an error code. Use NCParseErrorCode to +* the error code and positional argument that caused the error. +*/ +NC_EXPORT NCResult NCSetEncryptionData( + NCEncryptionArgs* args, + const uint8_t* input, + uint8_t* output, + uint32_t dataSize +); + #ifdef __cplusplus } #endif /* __cplusplus */ diff --git a/include/noscryptutil.h b/include/noscryptutil.h new file mode 100644 index 0000000..bd60c79 --- /dev/null +++ b/include/noscryptutil.h @@ -0,0 +1,183 @@ +/* +* Copyright (c) 2024 Vaughn Nugent +* +* Package: noscrypt +* File: noscryptutil.h +* +* This library is free software; you can redistribute it and/or +* modify it under the terms of the GNU Lesser General Public License +* as published by the Free Software Foundation; either version 2.1 +* of the License, or (at your option) any later version. +* +* This library is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public License +* along with noscrypt. If not, see http://www.gnu.org/licenses/. +*/ + +/* +* This header includes some optional high-level nostr crypto utility functions +* for much easer app development. +*/ + +#pragma once + +#ifndef NOSCRYPTUTIL_H +#define NOSCRYPTUTIL_H + +#ifdef __cplusplus +extern "C" { +#endif + +#include "noscrypt.h" + +#define E_OUT_OF_MEMORY -10 + +#define E_CIPHER_INVALID_FORMAT -11 +#define E_CIPHER_BAD_NONCE -12 +#define E_CIPHER_MAC_INVALID -13 +#define E_CIPHER_NO_OUTPUT -14 +#define E_CIPHER_BAD_INPUT -15 +#define E_CIPHER_BAD_INPUT_SIZE -16 + +#define NC_UTIL_CIPHER_MODE_ENCRYPT 0x00u +#define NC_UTIL_CIPHER_MODE_DECRYPT 0x01u +#define NC_UTIL_CIPHER_ZERO_ON_FREE 0x02u +#define NC_UTIL_CIPHER_MAC_NO_VERIFY 0x04u +#define NC_UTIL_CIPHER_REUSEABLE 0x08u + +/* +* The encryption context structure. This structure is used to store the state +* of the encryption operation. The structure is opaque and should not be accessed +* directly. +*/ +typedef struct nc_util_enc_struct NCUtilCipherContext; + +/* +* Gets the size of the padded buffer required for an encryption operation. +* @param encVersion The encryption specification version to use +* @param plaintextSize The size of the plaintext buffer in bytes +* @return The size of the padded buffer in bytes +*/ +NC_EXPORT NCResult NC_CC NCUtilGetEncryptionPaddedSize(uint32_t encVersion, uint32_t plaintextSize); + +/* +* Gets the size of the payload buffer required for an encryption operation. +* @param encVersion The encryption specification version to use +* @param plaintextSize The size of the plaintext buffer in bytes +* @return The size of the payload buffer in bytes +* @note The payload buffer is the final buffer to be sent to a nostr user. For nip04 this +* is a raw AES message, for nip44 this is a mucher lager buffer. See the nostr specifications +* for more information. +*/ +NC_EXPORT NCResult NC_CC NCUtilGetEncryptionBufferSize(uint32_t encVersion, uint32_t plaintextSize); + +/* +* Allocates a new encryption context and sets the encryption version and flags. The encryption context +* must be freed with NCUtilCipherFree when it is no longer needed. +* @param encVersion The encryption specification version to use +* @param flags The flags to set on the encryption context +* @return A valid pointer to an encryption context or NULL if the operation failed +*/ +NC_EXPORT NCUtilCipherContext* NC_CC NCUtilCipherAlloc(uint32_t encVersion, uint32_t flags); + +/* +* Initializes the cipher context with the input data and size. This function will + internally allocate a the required output buffer for the cipher operation. You may only call + this function once. +* @param encCtx A valid pointer to an allocated encryption context +* @param inputData A pointer to the input data for the Cipher +* @param inputSize The size of the input data +* @return NC_SUCCESS if the operation was successful, otherwise an error code. Use NCParseErrorCode to +the error code and positional argument that caused the error +*/ +NC_EXPORT NCResult NC_CC NCUtilCipherInit( + NCUtilCipherContext* encCtx, + const uint8_t* inputData, + uint32_t inputSize +); + +/* +* Frees the encryption context and clears the memory if the NC_UTIL_CIPHER_ZERO_ON_FREE +* flag is set. +* @param encCtx A valid pointer to an allocated encryption context to free +*/ +NC_EXPORT void NC_CC NCUtilCipherFree(NCUtilCipherContext* encCtx); + +/* +* Gets the output size of the encryption context. This function will return the size of +* the output buffer that will be written to when calling NCUtilCipherReadOutput. +* @param encCtx A valid pointer to an allocated encryption context +* @return The size of the output buffer in bytes +*/ +NC_EXPORT NCResult NC_CC NCUtilCipherGetOutputSize(const NCUtilCipherContext* encCtx); + +/* +* Reads the output buffer from the encryption context. This function will copy the output +* buffer to the output buffer provided. The output buffer must be at least the size of the +* output buffer returned by NCUtilCipherGetOutputSize. +* @param encCtx A valid pointer to an initialized encryption context +* @param output A pointer to the output buffer to copy the output to +* @param outputSize The size of the output buffer in bytes +* @returns The number of bytes written to the output buffer or an error code. Use NCParseErrorCode +* to get the error code and positional argument that caused the error +*/ +NC_EXPORT NCResult NC_CC NCUtilCipherReadOutput( + const NCUtilCipherContext* encCtx, + uint8_t* output, + uint32_t outputSize +); + +/* +* Sets a property on the encryption context. Equivalent to calling NCSetEncryptionPropertyEx +* @param ctx A valid pointer to an encryption context +* @param property The property to set +* @param value A pointer to the value to set +* @param valueLen The length of the value +* @return NC_SUCCESS if the operation was successful, otherwise an error code. Use NCParseErrorCode to +* get the error code and positional argument that caused the error +*/ +NC_EXPORT NCResult NC_CC NCUtilCipherSetProperty( + NCUtilCipherContext* ctx, + uint32_t property, + uint8_t* value, + uint32_t valueLen +); + +/* +* Gets the flags set on the encryption context during initialization. +* @param ctx A valid pointer to an encryption context +* @return The flags set on the encryption context cast to a NCResult, or +* an error code if the context is invalid. Use NCParseErrorCode to get the error code +* and positional argument that caused the error. +*/ +NC_EXPORT NCResult NC_CC NCUtilCipherGetFlags(const NCUtilCipherContext* ctx); + +/* +* Performs the desired Cipher option once. This may either cause an encryption +* or decryption operation to be performed. Regardless of the operation, input data +* is consumed and output data is produced. +* @param encCtx A valid pointer to an initialized encryption context +* @param libContext A valid pointer to an NCContext structure +* @param sk A valid pointer to the sender's private key +* @param pk A valid pointer to the receivers public key +* @return NC_SUCCESS if the operation was successful, otherwise an error code. Use NCParseErrorCode to +* get the error code and positional argument that caused the error. +* @note This function should only be called once. However it is indempotent and deterministic +* so the exact same operation should happen if called again. +*/ +NC_EXPORT NCResult NC_CC NCUtilCipherUpdate( + NCUtilCipherContext* encCtx, + const NCContext* libContext, + const NCSecretKey* sk, + const NCPublicKey* pk +); + +#ifdef __cplusplus +} +#endif + +#endif /* NOSCRYPTUTIL_H */
\ No newline at end of file |