Electroneum
chacha.h
Go to the documentation of this file.
1 // Copyright (c) 2014-2019, The Monero Project
2 //
3 // All rights reserved.
4 //
5 // Redistribution and use in source and binary forms, with or without modification, are
6 // permitted provided that the following conditions are met:
7 //
8 // 1. Redistributions of source code must retain the above copyright notice, this list of
9 // conditions and the following disclaimer.
10 //
11 // 2. Redistributions in binary form must reproduce the above copyright notice, this list
12 // of conditions and the following disclaimer in the documentation and/or other
13 // materials provided with the distribution.
14 //
15 // 3. Neither the name of the copyright holder nor the names of its contributors may be
16 // used to endorse or promote products derived from this software without specific
17 // prior written permission.
18 //
19 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
24 // PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 //
29 // Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers
30 
31 #pragma once
32 
33 #include <stdint.h>
34 #include <stddef.h>
35 
36 #define CHACHA_KEY_SIZE 32
37 #define CHACHA_IV_SIZE 8
38 
39 #if defined(__cplusplus)
40 #include <memory.h>
41 
42 #include "memwipe.h"
43 #include "mlocker.h"
44 #include "hash.h"
45 
46 namespace crypto {
47  extern "C" {
48 #endif
49  void chacha8(const void* data, size_t length, const uint8_t* key, const uint8_t* iv, char* cipher);
50  void chacha20(const void* data, size_t length, const uint8_t* key, const uint8_t* iv, char* cipher);
51 #if defined(__cplusplus)
52  }
53 
55 
56 #pragma pack(push, 1)
57  // MS VC 2012 doesn't interpret `class chacha_iv` as POD in spite of [9.0.10], so it is a struct
58  struct chacha_iv {
59  uint8_t data[CHACHA_IV_SIZE];
60  };
61 #pragma pack(pop)
62 
63  static_assert(sizeof(chacha_key) == CHACHA_KEY_SIZE && sizeof(chacha_iv) == CHACHA_IV_SIZE, "Invalid structure size");
64 
65  inline void chacha8(const void* data, std::size_t length, const chacha_key& key, const chacha_iv& iv, char* cipher) {
66  chacha8(data, length, key.data(), reinterpret_cast<const uint8_t*>(&iv), cipher);
67  }
68 
69  inline void chacha20(const void* data, std::size_t length, const chacha_key& key, const chacha_iv& iv, char* cipher) {
70  chacha20(data, length, key.data(), reinterpret_cast<const uint8_t*>(&iv), cipher);
71  }
72 
73  inline void generate_chacha_key(const void *data, size_t size, chacha_key& key, uint64_t kdf_rounds) {
74  static_assert(sizeof(chacha_key) <= sizeof(hash), "Size of hash must be at least that of chacha_key");
76  crypto::cn_slow_hash(data, size, pwd_hash.data(), 0/*variant*/, 0/*prehashed*/, 0/*height*/);
77  for (uint64_t n = 1; n < kdf_rounds; ++n)
78  crypto::cn_slow_hash(pwd_hash.data(), pwd_hash.size(), pwd_hash.data(), 0/*variant*/, 0/*prehashed*/, 0/*height*/);
79  memcpy(&unwrap(unwrap(key)), pwd_hash.data(), sizeof(key));
80  }
81 
82  inline void generate_chacha_key_prehashed(const void *data, size_t size, chacha_key& key, uint64_t kdf_rounds) {
83  static_assert(sizeof(chacha_key) <= sizeof(hash), "Size of hash must be at least that of chacha_key");
85  crypto::cn_slow_hash(data, size, pwd_hash.data(), 0/*variant*/, 1/*prehashed*/, 0/*height*/);
86  for (uint64_t n = 1; n < kdf_rounds; ++n)
87  crypto::cn_slow_hash(pwd_hash.data(), pwd_hash.size(), pwd_hash.data(), 0/*variant*/, 0/*prehashed*/, 0/*height*/);
88  memcpy(&unwrap(unwrap(key)), pwd_hash.data(), sizeof(key));
89  }
90 
91  inline void generate_chacha_key(std::string password, chacha_key& key, uint64_t kdf_rounds) {
92  return generate_chacha_key(password.data(), password.size(), key, kdf_rounds);
93  }
94 }
95 
96 #endif
::std::string string
Definition: gtest-port.h:1097
void chacha20(const void *data, size_t length, const uint8_t *key, const uint8_t *iv, char *cipher)
const char * key
Definition: hmac_keccak.cpp:39
crypto namespace.
Definition: crypto.cpp:58
unsigned char uint8_t
Definition: stdint.h:124
void chacha8(const void *data, size_t length, const uint8_t *key, const uint8_t *iv, char *cipher)
unsigned __int64 uint64_t
Definition: stdint.h:136
void * memcpy(void *a, const void *b, size_t c)
#define CHACHA_IV_SIZE
Definition: chacha.h:37
T & unwrap(mlocked< T > &src)
Definition: mlocker.h:80
POD_CLASS hash
Definition: hash.h:50
void cn_slow_hash(const void *data, size_t length, char *hash, int variant, int prehashed, uint64_t height)
#define CHACHA_KEY_SIZE
Definition: chacha.h:36