diff --git a/sys/conf/files b/sys/conf/files index 6612756d081..ea562dd711c 100644 --- a/sys/conf/files +++ b/sys/conf/files @@ -188,6 +188,12 @@ include "crypto/nist_ctr_drbg/files.nist_ctr_drbg" # ChaCha-based fast PRNG include "crypto/cprng_fast/files.cprng_fast" +# BLAKE2s, a cryptographic hash function optimized for 8- to 32-bit +include "crypto/blake2/files.blake2s" + +# Various cryptography functions +include "crypto/sodium/files.sodium" + # # Kernel history/tracing. Old UVMHIST depends upon this. # diff --git a/sys/crypto/blake2/blake2.h b/sys/crypto/blake2/blake2.h new file mode 100644 index 00000000000..7236187f5e5 --- /dev/null +++ b/sys/crypto/blake2/blake2.h @@ -0,0 +1,184 @@ +/* $NetBSD$ */ +/* + BLAKE2 reference source code package - optimized C implementations + + Written in 2012 by Samuel Neves + + To the extent possible under law, the author(s) have dedicated all copyright + and related and neighboring rights to this software to the public domain + worldwide. This software is distributed without any warranty. + + You should have received a copy of the CC0 Public Domain Dedication along with + this software. If not, see . +*/ +#pragma once +#ifndef __CRYPTO_BLAKE2_H__ +#define __CRYPTO_BLAKE2_H__ + +#if 0 +#include +#include +#endif + +#if defined(_WIN32) || defined(__CYGWIN__) + #define BLAKE2_DLL_IMPORT __declspec(dllimport) + #define BLAKE2_DLL_EXPORT __declspec(dllexport) + #define BLAKE2_DLL_PRIVATE +#elif __GNUC__ >= 4 + #define BLAKE2_DLL_IMPORT __attribute__ ((visibility ("default"))) + #define BLAKE2_DLL_EXPORT __attribute__ ((visibility ("default"))) + #define BLAKE2_DLL_PRIVATE __attribute__ ((visibility ("hidden"))) +#else + #define BLAKE2_DLL_IMPORT + #define BLAKE2_DLL_EXPORT + #define BLAKE2_DLL_PRIVATE +#endif + +#if defined(BLAKE2_DLL) + #if defined(BLAKE2_DLL_EXPORTS) // defined if we are building the DLL + #define BLAKE2_API BLAKE2_DLL_EXPORT + #else + #define BLAKE2_API BLAKE2_DLL_IMPORT + #endif + #define BLAKE2_PRIVATE BLAKE2_DLL_PRIVATE // must only be used by hidden logic +#else + #define BLAKE2_API + #define BLAKE2_PRIVATE +#endif + +#if defined(__cplusplus) +extern "C" { +#elif defined(_MSC_VER) && !defined(inline) +#define inline __inline +#endif + + enum blake2s_constant + { + BLAKE2S_BLOCKBYTES = 64, + BLAKE2S_OUTBYTES = 32, + BLAKE2S_KEYBYTES = 32, + BLAKE2S_SALTBYTES = 8, + BLAKE2S_PERSONALBYTES = 8 + }; + + enum blake2b_constant + { + BLAKE2B_BLOCKBYTES = 128, + BLAKE2B_OUTBYTES = 64, + BLAKE2B_KEYBYTES = 64, + BLAKE2B_SALTBYTES = 16, + BLAKE2B_PERSONALBYTES = 16 + }; + +#pragma pack(push, 1) + typedef struct __blake2s_param + { + uint8_t digest_length; // 1 + uint8_t key_length; // 2 + uint8_t fanout; // 3 + uint8_t depth; // 4 + uint32_t leaf_length; // 8 + uint8_t node_offset[6];// 14 + uint8_t node_depth; // 15 + uint8_t inner_length; // 16 + // uint8_t reserved[0]; + uint8_t salt[BLAKE2S_SALTBYTES]; // 24 + uint8_t personal[BLAKE2S_PERSONALBYTES]; // 32 + } blake2s_param; + + typedef struct __blake2s_state + { + uint32_t h[8]; + uint32_t t[2]; + uint32_t f[2]; + uint8_t buf[2 * BLAKE2S_BLOCKBYTES]; + uint32_t buflen; + uint8_t outlen; + uint8_t last_node; + } blake2s_state; + + typedef struct __blake2b_param + { + uint8_t digest_length; // 1 + uint8_t key_length; // 2 + uint8_t fanout; // 3 + uint8_t depth; // 4 + uint32_t leaf_length; // 8 + uint64_t node_offset; // 16 + uint8_t node_depth; // 17 + uint8_t inner_length; // 18 + uint8_t reserved[14]; // 32 + uint8_t salt[BLAKE2B_SALTBYTES]; // 48 + uint8_t personal[BLAKE2B_PERSONALBYTES]; // 64 + } blake2b_param; + + typedef struct __blake2b_state + { + uint64_t h[8]; + uint64_t t[2]; + uint64_t f[2]; + uint8_t buf[2 * BLAKE2B_BLOCKBYTES]; + uint32_t buflen; + uint8_t outlen; + uint8_t last_node; + } blake2b_state; + + typedef struct __blake2sp_state + { + blake2s_state S[8][1]; + blake2s_state R[1]; + uint8_t buf[8 * BLAKE2S_BLOCKBYTES]; + uint32_t buflen; + uint8_t outlen; + } blake2sp_state; + + typedef struct __blake2bp_state + { + blake2b_state S[4][1]; + blake2b_state R[1]; + uint8_t buf[4 * BLAKE2B_BLOCKBYTES]; + uint32_t buflen; + uint8_t outlen; + } blake2bp_state; +#pragma pack(pop) + + // Streaming API + BLAKE2_API int blake2s_init( blake2s_state *S, size_t outlen ); + BLAKE2_API int blake2s_init_key( blake2s_state *S, size_t outlen, const void *key, size_t keylen ); + BLAKE2_API int blake2s_init_param( blake2s_state *S, const blake2s_param *P ); + BLAKE2_API int blake2s_update( blake2s_state *S, const uint8_t *in, size_t inlen ); + BLAKE2_API int blake2s_final( blake2s_state *S, uint8_t *out, size_t outlen ); + + BLAKE2_API int blake2b_init( blake2b_state *S, size_t outlen ); + BLAKE2_API int blake2b_init_key( blake2b_state *S, size_t outlen, const void *key, size_t keylen ); + BLAKE2_API int blake2b_init_param( blake2b_state *S, const blake2b_param *P ); + BLAKE2_API int blake2b_update( blake2b_state *S, const uint8_t *in, size_t inlen ); + BLAKE2_API int blake2b_final( blake2b_state *S, uint8_t *out, size_t outlen ); + + BLAKE2_API int blake2sp_init( blake2sp_state *S, size_t outlen ); + BLAKE2_API int blake2sp_init_key( blake2sp_state *S, size_t outlen, const void *key, size_t keylen ); + BLAKE2_API int blake2sp_update( blake2sp_state *S, const uint8_t *in, size_t inlen ); + BLAKE2_API int blake2sp_final( blake2sp_state *S, uint8_t *out, size_t outlen ); + + BLAKE2_API int blake2bp_init( blake2bp_state *S, size_t outlen ); + BLAKE2_API int blake2bp_init_key( blake2bp_state *S, size_t outlen, const void *key, size_t keylen ); + BLAKE2_API int blake2bp_update( blake2bp_state *S, const uint8_t *in, size_t inlen ); + BLAKE2_API int blake2bp_final( blake2bp_state *S, uint8_t *out, size_t outlen ); + + // Simple API + BLAKE2_API int blake2s( uint8_t *out, const void *in, const void *key, size_t outlen, size_t inlen, size_t keylen ); + BLAKE2_API int blake2b( uint8_t *out, const void *in, const void *key, size_t outlen, size_t inlen, size_t keylen ); + + BLAKE2_API int blake2sp( uint8_t *out, const void *in, const void *key, size_t outlen, size_t inlen, size_t keylen ); + BLAKE2_API int blake2bp( uint8_t *out, const void *in, const void *key, size_t outlen, size_t inlen, size_t keylen ); + + static inline int blake2( uint8_t *out, const void *in, const void *key, size_t outlen, size_t inlen, size_t keylen ) + { + return blake2b( out, in, key, outlen, inlen, keylen ); + } + +#if defined(__cplusplus) +} +#endif + +#endif /* __CRYPTO_BLAKE2_H__ */ diff --git a/sys/crypto/blake2/files.blake2s b/sys/crypto/blake2/files.blake2s new file mode 100644 index 00000000000..e942f01e1f1 --- /dev/null +++ b/sys/crypto/blake2/files.blake2s @@ -0,0 +1,3 @@ +# $NetBSD$ + +include "external/cc0/libb2/conf/files.blake2s" diff --git a/sys/crypto/sodium/crypto_aead_chacha20poly1305.h b/sys/crypto/sodium/crypto_aead_chacha20poly1305.h new file mode 100644 index 00000000000..c7dc264cd56 --- /dev/null +++ b/sys/crypto/sodium/crypto_aead_chacha20poly1305.h @@ -0,0 +1,176 @@ +#ifndef crypto_aead_chacha20poly1305_H +#define crypto_aead_chacha20poly1305_H + +#if 0 +#include +#endif +#include "export.h" + +#ifdef __cplusplus +# ifdef __GNUC__ +# pragma GCC diagnostic ignored "-Wlong-long" +# endif +extern "C" { +#endif + +/* -- IETF ChaCha20-Poly1305 construction with a 96-bit nonce and a 32-bit internal counter -- */ + +#define crypto_aead_chacha20poly1305_ietf_KEYBYTES 32U +SODIUM_EXPORT +size_t crypto_aead_chacha20poly1305_ietf_keybytes(void); + +#define crypto_aead_chacha20poly1305_ietf_NSECBYTES 0U +SODIUM_EXPORT +size_t crypto_aead_chacha20poly1305_ietf_nsecbytes(void); + +#define crypto_aead_chacha20poly1305_ietf_NPUBBYTES 12U + +SODIUM_EXPORT +size_t crypto_aead_chacha20poly1305_ietf_npubbytes(void); + +#define crypto_aead_chacha20poly1305_ietf_ABYTES 16U +SODIUM_EXPORT +size_t crypto_aead_chacha20poly1305_ietf_abytes(void); + +#define crypto_aead_chacha20poly1305_ietf_MESSAGEBYTES_MAX \ + SODIUM_MIN(SODIUM_SIZE_MAX - crypto_aead_chacha20poly1305_ietf_ABYTES, \ + (64ULL * (1ULL << 32) - 64ULL) - crypto_aead_chacha20poly1305_ietf_ABYTES) +SODIUM_EXPORT +size_t crypto_aead_chacha20poly1305_ietf_messagebytes_max(void); + +SODIUM_EXPORT +int crypto_aead_chacha20poly1305_ietf_encrypt(unsigned char *c, + unsigned long long *clen_p, + const unsigned char *m, + unsigned long long mlen, + const unsigned char *ad, + unsigned long long adlen, + const unsigned char *nsec, + const unsigned char *npub, + const unsigned char *k); + +SODIUM_EXPORT +int crypto_aead_chacha20poly1305_ietf_decrypt(unsigned char *m, + unsigned long long *mlen_p, + unsigned char *nsec, + const unsigned char *c, + unsigned long long clen, + const unsigned char *ad, + unsigned long long adlen, + const unsigned char *npub, + const unsigned char *k) + __attribute__ ((warn_unused_result)); + +SODIUM_EXPORT +int crypto_aead_chacha20poly1305_ietf_encrypt_detached(unsigned char *c, + unsigned char *mac, + unsigned long long *maclen_p, + const unsigned char *m, + unsigned long long mlen, + const unsigned char *ad, + unsigned long long adlen, + const unsigned char *nsec, + const unsigned char *npub, + const unsigned char *k); + +SODIUM_EXPORT +int crypto_aead_chacha20poly1305_ietf_decrypt_detached(unsigned char *m, + unsigned char *nsec, + const unsigned char *c, + unsigned long long clen, + const unsigned char *mac, + const unsigned char *ad, + unsigned long long adlen, + const unsigned char *npub, + const unsigned char *k) + __attribute__ ((warn_unused_result)); + +SODIUM_EXPORT +void crypto_aead_chacha20poly1305_ietf_keygen(unsigned char k[crypto_aead_chacha20poly1305_ietf_KEYBYTES]); + +/* -- Original ChaCha20-Poly1305 construction with a 64-bit nonce and a 64-bit internal counter -- */ + +#define crypto_aead_chacha20poly1305_KEYBYTES 32U +SODIUM_EXPORT +size_t crypto_aead_chacha20poly1305_keybytes(void); + +#define crypto_aead_chacha20poly1305_NSECBYTES 0U +SODIUM_EXPORT +size_t crypto_aead_chacha20poly1305_nsecbytes(void); + +#define crypto_aead_chacha20poly1305_NPUBBYTES 8U +SODIUM_EXPORT +size_t crypto_aead_chacha20poly1305_npubbytes(void); + +#define crypto_aead_chacha20poly1305_ABYTES 16U +SODIUM_EXPORT +size_t crypto_aead_chacha20poly1305_abytes(void); + +#define crypto_aead_chacha20poly1305_MESSAGEBYTES_MAX \ + (SODIUM_SIZE_MAX - crypto_aead_chacha20poly1305_ABYTES) +SODIUM_EXPORT +size_t crypto_aead_chacha20poly1305_messagebytes_max(void); + +SODIUM_EXPORT +int crypto_aead_chacha20poly1305_encrypt(unsigned char *c, + unsigned long long *clen_p, + const unsigned char *m, + unsigned long long mlen, + const unsigned char *ad, + unsigned long long adlen, + const unsigned char *nsec, + const unsigned char *npub, + const unsigned char *k); + +SODIUM_EXPORT +int crypto_aead_chacha20poly1305_decrypt(unsigned char *m, + unsigned long long *mlen_p, + unsigned char *nsec, + const unsigned char *c, + unsigned long long clen, + const unsigned char *ad, + unsigned long long adlen, + const unsigned char *npub, + const unsigned char *k) + __attribute__ ((warn_unused_result)); + +SODIUM_EXPORT +int crypto_aead_chacha20poly1305_encrypt_detached(unsigned char *c, + unsigned char *mac, + unsigned long long *maclen_p, + const unsigned char *m, + unsigned long long mlen, + const unsigned char *ad, + unsigned long long adlen, + const unsigned char *nsec, + const unsigned char *npub, + const unsigned char *k); + +SODIUM_EXPORT +int crypto_aead_chacha20poly1305_decrypt_detached(unsigned char *m, + unsigned char *nsec, + const unsigned char *c, + unsigned long long clen, + const unsigned char *mac, + const unsigned char *ad, + unsigned long long adlen, + const unsigned char *npub, + const unsigned char *k) + __attribute__ ((warn_unused_result)); + +SODIUM_EXPORT +void crypto_aead_chacha20poly1305_keygen(unsigned char k[crypto_aead_chacha20poly1305_KEYBYTES]); + +/* Aliases */ + +#define crypto_aead_chacha20poly1305_IETF_KEYBYTES crypto_aead_chacha20poly1305_ietf_KEYBYTES +#define crypto_aead_chacha20poly1305_IETF_NSECBYTES crypto_aead_chacha20poly1305_ietf_NSECBYTES +#define crypto_aead_chacha20poly1305_IETF_NPUBBYTES crypto_aead_chacha20poly1305_ietf_NPUBBYTES +#define crypto_aead_chacha20poly1305_IETF_ABYTES crypto_aead_chacha20poly1305_ietf_ABYTES +#define crypto_aead_chacha20poly1305_IETF_MESSAGEBYTES_MAX crypto_aead_chacha20poly1305_ietf_MESSAGEBYTES_MAX + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/sys/crypto/sodium/crypto_aead_xchacha20poly1305.h b/sys/crypto/sodium/crypto_aead_xchacha20poly1305.h new file mode 100644 index 00000000000..32c945dcbb8 --- /dev/null +++ b/sys/crypto/sodium/crypto_aead_xchacha20poly1305.h @@ -0,0 +1,99 @@ +#ifndef crypto_aead_xchacha20poly1305_H +#define crypto_aead_xchacha20poly1305_H + +#if 0 +#include +#endif +#include "export.h" + +#ifdef __cplusplus +# ifdef __GNUC__ +# pragma GCC diagnostic ignored "-Wlong-long" +# endif +extern "C" { +#endif + +#define crypto_aead_xchacha20poly1305_ietf_KEYBYTES 32U +SODIUM_EXPORT +size_t crypto_aead_xchacha20poly1305_ietf_keybytes(void); + +#define crypto_aead_xchacha20poly1305_ietf_NSECBYTES 0U +SODIUM_EXPORT +size_t crypto_aead_xchacha20poly1305_ietf_nsecbytes(void); + +#define crypto_aead_xchacha20poly1305_ietf_NPUBBYTES 24U +SODIUM_EXPORT +size_t crypto_aead_xchacha20poly1305_ietf_npubbytes(void); + +#define crypto_aead_xchacha20poly1305_ietf_ABYTES 16U +SODIUM_EXPORT +size_t crypto_aead_xchacha20poly1305_ietf_abytes(void); + +#define crypto_aead_xchacha20poly1305_ietf_MESSAGEBYTES_MAX \ + (SODIUM_SIZE_MAX - crypto_aead_xchacha20poly1305_ietf_ABYTES) +SODIUM_EXPORT +size_t crypto_aead_xchacha20poly1305_ietf_messagebytes_max(void); + +SODIUM_EXPORT +int crypto_aead_xchacha20poly1305_ietf_encrypt(unsigned char *c, + unsigned long long *clen_p, + const unsigned char *m, + unsigned long long mlen, + const unsigned char *ad, + unsigned long long adlen, + const unsigned char *nsec, + const unsigned char *npub, + const unsigned char *k); + +SODIUM_EXPORT +int crypto_aead_xchacha20poly1305_ietf_decrypt(unsigned char *m, + unsigned long long *mlen_p, + unsigned char *nsec, + const unsigned char *c, + unsigned long long clen, + const unsigned char *ad, + unsigned long long adlen, + const unsigned char *npub, + const unsigned char *k) + __attribute__ ((warn_unused_result)); + +SODIUM_EXPORT +int crypto_aead_xchacha20poly1305_ietf_encrypt_detached(unsigned char *c, + unsigned char *mac, + unsigned long long *maclen_p, + const unsigned char *m, + unsigned long long mlen, + const unsigned char *ad, + unsigned long long adlen, + const unsigned char *nsec, + const unsigned char *npub, + const unsigned char *k); + +SODIUM_EXPORT +int crypto_aead_xchacha20poly1305_ietf_decrypt_detached(unsigned char *m, + unsigned char *nsec, + const unsigned char *c, + unsigned long long clen, + const unsigned char *mac, + const unsigned char *ad, + unsigned long long adlen, + const unsigned char *npub, + const unsigned char *k) + __attribute__ ((warn_unused_result)); + +SODIUM_EXPORT +void crypto_aead_xchacha20poly1305_ietf_keygen(unsigned char k[crypto_aead_xchacha20poly1305_ietf_KEYBYTES]); + +/* Aliases */ + +#define crypto_aead_xchacha20poly1305_IETF_KEYBYTES crypto_aead_xchacha20poly1305_ietf_KEYBYTES +#define crypto_aead_xchacha20poly1305_IETF_NSECBYTES crypto_aead_xchacha20poly1305_ietf_NSECBYTES +#define crypto_aead_xchacha20poly1305_IETF_NPUBBYTES crypto_aead_xchacha20poly1305_ietf_NPUBBYTES +#define crypto_aead_xchacha20poly1305_IETF_ABYTES crypto_aead_xchacha20poly1305_ietf_ABYTES +#define crypto_aead_xchacha20poly1305_IETF_MESSAGEBYTES_MAX crypto_aead_xchacha20poly1305_ietf_MESSAGEBYTES_MAX + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/sys/crypto/sodium/crypto_kx.h b/sys/crypto/sodium/crypto_kx.h new file mode 100644 index 00000000000..f70c5025779 --- /dev/null +++ b/sys/crypto/sodium/crypto_kx.h @@ -0,0 +1,65 @@ +#ifndef crypto_kx_H +#define crypto_kx_H + +#if 0 +#include +#endif +#include "export.h" + +#ifdef __cplusplus +# ifdef __GNUC__ +# pragma GCC diagnostic ignored "-Wlong-long" +# endif +extern "C" { +#endif + +#define crypto_kx_PUBLICKEYBYTES 32 +SODIUM_EXPORT +size_t crypto_kx_publickeybytes(void); + +#define crypto_kx_SECRETKEYBYTES 32 +SODIUM_EXPORT +size_t crypto_kx_secretkeybytes(void); + +#define crypto_kx_SEEDBYTES 32 +SODIUM_EXPORT +size_t crypto_kx_seedbytes(void); + +#define crypto_kx_SESSIONKEYBYTES 32 +SODIUM_EXPORT +size_t crypto_kx_sessionkeybytes(void); + +#define crypto_kx_PRIMITIVE "x25519blake2b" +SODIUM_EXPORT +const char *crypto_kx_primitive(void); + +SODIUM_EXPORT +int crypto_kx_seed_keypair(unsigned char pk[crypto_kx_PUBLICKEYBYTES], + unsigned char sk[crypto_kx_SECRETKEYBYTES], + const unsigned char seed[crypto_kx_SEEDBYTES]); + +SODIUM_EXPORT +int crypto_kx_keypair(unsigned char pk[crypto_kx_PUBLICKEYBYTES], + unsigned char sk[crypto_kx_SECRETKEYBYTES]); + +SODIUM_EXPORT +int crypto_kx_client_session_keys(unsigned char rx[crypto_kx_SESSIONKEYBYTES], + unsigned char tx[crypto_kx_SESSIONKEYBYTES], + const unsigned char client_pk[crypto_kx_PUBLICKEYBYTES], + const unsigned char client_sk[crypto_kx_SECRETKEYBYTES], + const unsigned char server_pk[crypto_kx_PUBLICKEYBYTES]) + __attribute__ ((warn_unused_result)); + +SODIUM_EXPORT +int crypto_kx_server_session_keys(unsigned char rx[crypto_kx_SESSIONKEYBYTES], + unsigned char tx[crypto_kx_SESSIONKEYBYTES], + const unsigned char server_pk[crypto_kx_PUBLICKEYBYTES], + const unsigned char server_sk[crypto_kx_SECRETKEYBYTES], + const unsigned char client_pk[crypto_kx_PUBLICKEYBYTES]) + __attribute__ ((warn_unused_result)); + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/sys/crypto/sodium/crypto_scalarmult.h b/sys/crypto/sodium/crypto_scalarmult.h new file mode 100644 index 00000000000..e688f11e828 --- /dev/null +++ b/sys/crypto/sodium/crypto_scalarmult.h @@ -0,0 +1,46 @@ +#ifndef crypto_scalarmult_H +#define crypto_scalarmult_H + +#if 0 +#include +#endif +#include "crypto_scalarmult_curve25519.h" +#include "export.h" + +#ifdef __cplusplus +extern "C" { +#endif + +#define crypto_scalarmult_BYTES crypto_scalarmult_curve25519_BYTES +SODIUM_EXPORT +size_t crypto_scalarmult_bytes(void); + +#define crypto_scalarmult_SCALARBYTES crypto_scalarmult_curve25519_SCALARBYTES +SODIUM_EXPORT +size_t crypto_scalarmult_scalarbytes(void); + +#define crypto_scalarmult_PRIMITIVE "curve25519" +SODIUM_EXPORT +const char *crypto_scalarmult_primitive(void); + +SODIUM_EXPORT +int crypto_scalarmult_base(unsigned char *q, const unsigned char *n); + +/* + * NOTE: Do not use the result of this function directly. + * + * Hash the result with the public keys in order to compute a shared + * secret key: H(q || client_pk || server_pk) + * + * Or unless this is not an option, use the crypto_kx() API instead. + */ +SODIUM_EXPORT +int crypto_scalarmult(unsigned char *q, const unsigned char *n, + const unsigned char *p) + __attribute__ ((warn_unused_result)); + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/sys/crypto/sodium/crypto_scalarmult_curve25519.h b/sys/crypto/sodium/crypto_scalarmult_curve25519.h new file mode 100644 index 00000000000..92894c8519d --- /dev/null +++ b/sys/crypto/sodium/crypto_scalarmult_curve25519.h @@ -0,0 +1,42 @@ +#ifndef crypto_scalarmult_curve25519_H +#define crypto_scalarmult_curve25519_H + +#if 0 +#include +#endif + +#include "export.h" + +#ifdef __cplusplus +extern "C" { +#endif + +#define crypto_scalarmult_curve25519_BYTES 32U +SODIUM_EXPORT +size_t crypto_scalarmult_curve25519_bytes(void); + +#define crypto_scalarmult_curve25519_SCALARBYTES 32U +SODIUM_EXPORT +size_t crypto_scalarmult_curve25519_scalarbytes(void); + +/* + * NOTE: Do not use the result of this function directly. + * + * Hash the result with the public keys in order to compute a shared + * secret key: H(q || client_pk || server_pk) + * + * Or unless this is not an option, use the crypto_kx() API instead. + */ +SODIUM_EXPORT +int crypto_scalarmult_curve25519(unsigned char *q, const unsigned char *n, + const unsigned char *p) + __attribute__ ((warn_unused_result)); + +SODIUM_EXPORT +int crypto_scalarmult_curve25519_base(unsigned char *q, const unsigned char *n); + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/sys/crypto/sodium/export.h b/sys/crypto/sodium/export.h new file mode 100644 index 00000000000..0f624ae3c50 --- /dev/null +++ b/sys/crypto/sodium/export.h @@ -0,0 +1,53 @@ + +#ifndef sodium_export_H +#define sodium_export_H + +#ifndef __GNUC__ +# ifdef __attribute__ +# undef __attribute__ +# endif +# define __attribute__(a) +#endif + +#ifdef SODIUM_STATIC +# define SODIUM_EXPORT +# define SODIUM_EXPORT_WEAK +#else +# if defined(_MSC_VER) +# ifdef SODIUM_DLL_EXPORT +# define SODIUM_EXPORT __declspec(dllexport) +# else +# define SODIUM_EXPORT __declspec(dllimport) +# endif +# else +# if defined(__SUNPRO_C) +# ifndef __GNU_C__ +# define SODIUM_EXPORT __attribute__ (visibility(__global)) +# else +# define SODIUM_EXPORT __attribute__ __global +# endif +# elif defined(_MSG_VER) +# define SODIUM_EXPORT extern __declspec(dllexport) +# else +# define SODIUM_EXPORT __attribute__ ((visibility ("default"))) +# endif +# endif +# if defined(__ELF__) && !defined(SODIUM_DISABLE_WEAK_FUNCTIONS) +# define SODIUM_EXPORT_WEAK SODIUM_EXPORT __attribute__((weak)) +# else +# define SODIUM_EXPORT_WEAK SODIUM_EXPORT +# endif +#endif + +#ifndef CRYPTO_ALIGN +# if defined(__INTEL_COMPILER) || defined(_MSC_VER) +# define CRYPTO_ALIGN(x) __declspec(align(x)) +# else +# define CRYPTO_ALIGN(x) __attribute__ ((aligned(x))) +# endif +#endif + +#define SODIUM_MIN(A, B) ((A) < (B) ? (A) : (B)) +#define SODIUM_SIZE_MAX SODIUM_MIN(UINT64_MAX, SIZE_MAX) + +#endif diff --git a/sys/crypto/sodium/files.sodium b/sys/crypto/sodium/files.sodium new file mode 100644 index 00000000000..6ea8d600ad1 --- /dev/null +++ b/sys/crypto/sodium/files.sodium @@ -0,0 +1,3 @@ +# $NetBSD$ + +include "external/isc/libsodium/conf/files.libsodium" diff --git a/sys/external/cc0/libb2/conf/files.blake2s b/sys/external/cc0/libb2/conf/files.blake2s new file mode 100644 index 00000000000..45728fe730d --- /dev/null +++ b/sys/external/cc0/libb2/conf/files.blake2s @@ -0,0 +1,9 @@ +# $NetBSD$ + +#defflag BLAKE2S + +define blake2s +#makeoptions blake2s CPPFLAGS+="-I$S/external/cc0/libb2/include -Wno-cast-qual -DSUFFIX=" +makeoptions blake2s "CPPFLAGS.blake2s-ref.c"+="-I$S/external/cc0/libb2/include -Wno-cast-qual -DSUFFIX=" + +file external/cc0/libb2/dist/src/blake2s-ref.c diff --git a/sys/external/cc0/libb2/include/config.h b/sys/external/cc0/libb2/include/config.h new file mode 100644 index 00000000000..47eccb3e751 --- /dev/null +++ b/sys/external/cc0/libb2/include/config.h @@ -0,0 +1,149 @@ +/* src/config.h. Generated from config.h.in by configure. */ +/* src/config.h.in. Generated from configure.ac by autoheader. */ + +/* Define if pointers to integers require aligned access */ +/* #undef HAVE_ALIGNED_ACCESS_REQUIRED */ + +/* Support Altivec instructions */ +/* #undef HAVE_ALTIVEC */ + +/* Support AVX (Advanced Vector Extensions) instructions */ +/* #undef HAVE_AVX */ + +/* Define to 1 if you have the header file. */ +#define HAVE_DLFCN_H 1 + +/* Define to 1 if you have the header file. */ +#define HAVE_INTTYPES_H 1 + +/* Define to 1 if you have the header file. */ +#define HAVE_MEMORY_H 1 + +/* Define to 1 if you have the `memset' function. */ +#define HAVE_MEMSET 1 + +/* Support mmx instructions */ +/* #undef HAVE_MMX */ + +/* Support SSE (Streaming SIMD Extensions) instructions */ +/* #undef HAVE_SSE */ + +/* Support SSE2 (Streaming SIMD Extensions 2) instructions */ +/* #undef HAVE_SSE2 */ + +/* Support SSE3 (Streaming SIMD Extensions 3) instructions */ +/* #undef HAVE_SSE3 */ + +/* Support SSSE4.1 (Streaming SIMD Extensions 4.1) instructions */ +/* #undef HAVE_SSE4_1 */ + +/* Support SSSE4.2 (Streaming SIMD Extensions 4.2) instructions */ +/* #undef HAVE_SSE4_2 */ + +/* Support SSSE3 (Supplemental Streaming SIMD Extensions 3) instructions */ +/* #undef HAVE_SSSE3 */ + +/* Define to 1 if you have the header file. */ +#define HAVE_STDDEF_H 1 + +/* Define to 1 if you have the header file. */ +#define HAVE_STDINT_H 1 + +/* Define to 1 if you have the header file. */ +#define HAVE_STDLIB_H 1 + +/* Define to 1 if you have the header file. */ +#define HAVE_STRINGS_H 1 + +/* Define to 1 if you have the header file. */ +#define HAVE_STRING_H 1 + +/* Define to 1 if you have the header file. */ +#define HAVE_SYS_STAT_H 1 + +/* Define to 1 if you have the header file. */ +#define HAVE_SYS_TYPES_H 1 + +/* Define to 1 if you have the header file. */ +#define HAVE_UNISTD_H 1 + +/* Define to the sub-directory where libtool stores uninstalled libraries. */ +#define LT_OBJDIR ".libs/" + +/* machine is little-endian */ +#define NATIVE_LITTLE_ENDIAN 1 + +/* Name of package */ +#define PACKAGE "libb2" + +/* Define to the address where bug reports for this package should be sent. */ +#define PACKAGE_BUGREPORT "contact@blake2.net" + +/* Define to the full name of this package. */ +#define PACKAGE_NAME "libb2" + +/* Define to the full name and version of this package. */ +#define PACKAGE_STRING "libb2 0.98" + +/* Define to the one symbol short name of this package. */ +#define PACKAGE_TARNAME "libb2" + +/* Define to the home page for this package. */ +#define PACKAGE_URL "https://blake2.net" + +/* Define to the version of this package. */ +#define PACKAGE_VERSION "0.98" + +/* Define to 1 if you have the ANSI C header files. */ +#define STDC_HEADERS 1 + +/* Version number of package */ +#define VERSION "0.98" + +/* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most + significant byte first (like Motorola and SPARC, unlike Intel). */ +#if defined AC_APPLE_UNIVERSAL_BUILD +# if defined __BIG_ENDIAN__ +# define WORDS_BIGENDIAN 1 +# endif +#else +# ifndef WORDS_BIGENDIAN +/* # undef WORDS_BIGENDIAN */ +# endif +#endif + +/* Define for Solaris 2.5.1 so the uint32_t typedef from , + , or is not used. If the typedef were allowed, the + #define below would cause a syntax error. */ +/* #undef _UINT32_T */ + +/* Define for Solaris 2.5.1 so the uint64_t typedef from , + , or is not used. If the typedef were allowed, the + #define below would cause a syntax error. */ +/* #undef _UINT64_T */ + +/* Define for Solaris 2.5.1 so the uint8_t typedef from , + , or is not used. If the typedef were allowed, the + #define below would cause a syntax error. */ +/* #undef _UINT8_T */ + +/* Define to `__inline__' or `__inline' if that's what the C compiler + calls it, or to nothing if 'inline' is not supported under any name. */ +#ifndef __cplusplus +/* #undef inline */ +#endif + +/* Define to `unsigned int' if does not define. */ +/* #undef size_t */ + +/* Define to the type of an unsigned integer type of width exactly 32 bits if + such a type exists and the standard includes do not define it. */ +/* #undef uint32_t */ + +/* Define to the type of an unsigned integer type of width exactly 64 bits if + such a type exists and the standard includes do not define it. */ +/* #undef uint64_t */ + +/* Define to the type of an unsigned integer type of width exactly 8 bits if + such a type exists and the standard includes do not define it. */ +/* #undef uint8_t */ diff --git a/sys/external/cc0/libb2/include/stddef.h b/sys/external/cc0/libb2/include/stddef.h new file mode 100644 index 00000000000..c2a43e74385 --- /dev/null +++ b/sys/external/cc0/libb2/include/stddef.h @@ -0,0 +1,6 @@ +#ifdef _KERNEL +#include +#include +#include +#endif + diff --git a/sys/external/cc0/libb2/include/stdint.h b/sys/external/cc0/libb2/include/stdint.h new file mode 100644 index 00000000000..7816f2c1c7b --- /dev/null +++ b/sys/external/cc0/libb2/include/stdint.h @@ -0,0 +1,4 @@ +#ifdef _KERNEL +#include +#include +#endif diff --git a/sys/external/cc0/libb2/include/stdio.h b/sys/external/cc0/libb2/include/stdio.h new file mode 100644 index 00000000000..06102cdccec --- /dev/null +++ b/sys/external/cc0/libb2/include/stdio.h @@ -0,0 +1,7 @@ +#ifdef _KERNEL +#include +#include +#include +#include + +#endif diff --git a/sys/external/cc0/libb2/include/string.h b/sys/external/cc0/libb2/include/string.h new file mode 100644 index 00000000000..88fb59f579f --- /dev/null +++ b/sys/external/cc0/libb2/include/string.h @@ -0,0 +1,9 @@ +#ifdef _KERNEL +#include +#include + +extern void *memset(void *, int, size_t); +extern void *memcpy(void * restrict, const void * restrict, size_t); +extern void *memmove(void *, const void *, size_t); + +#endif diff --git a/sys/external/isc/libsodium/conf/files.libsodium b/sys/external/isc/libsodium/conf/files.libsodium new file mode 100644 index 00000000000..54031a27020 --- /dev/null +++ b/sys/external/isc/libsodium/conf/files.libsodium @@ -0,0 +1,34 @@ +defflag LIBSODIUM + +define libsodium +makeoptions libsodium SODIUM_CPPFLAGS+="-I$S/external/isc/libsodium/include" +makeoptions libsodium SODIUM_CPPFLAGS+="-I$S/external/isc/libsodium/dist/src/libsodium/include/sodium" +makeoptions libsodium SODIUM_CPPFLAGS+="-Wno-unused-function -Wno-unused-variable -DHAVE_TI_MODE" + +makeoptions libsodium "CPPFLAGS.x25519_ref10.c"+="${SODIUM_CPPFLAGS}" +makeoptions libsodium "CPPFLAGS.scalarmult_curve25519.c"+="${SODIUM_CPPFLAGS}" +makeoptions libsodium "CPPFLAGS.crypto_scalarmult.c"+="${SODIUM_CPPFLAGS}" +makeoptions libsodium "CPPFLAGS.poly1305_donna.c"+="${SODIUM_CPPFLAGS}" +makeoptions libsodium "CPPFLAGS.onetimeauth_poly1305.c"+="${SODIUM_CPPFLAGS}" +makeoptions libsodium "CPPFLAGS.crypto_onetimeauth.c"+="${SODIUM_CPPFLAGS}" +makeoptions libsodium "CPPFLAGS.chacha20_ref.c"+="${SODIUM_CPPFLAGS}" +makeoptions libsodium "CPPFLAGS.stream_chacha20.c"+="${SODIUM_CPPFLAGS}" +makeoptions libsodium "CPPFLAGS.aead_xchacha20poly1305.c"+="${SODIUM_CPPFLAGS}" +makeoptions libsodium "CPPFLAGS.aead_chacha20poly1305.c"+="${SODIUM_CPPFLAGS}" +makeoptions libsodium "CPPFLAGS.core_hchacha20.c"+="${SODIUM_CPPFLAGS}" +makeoptions libsodium "CPPFLAGS.ed25519_ref10.c"+="${SODIUM_CPPFLAGS}" + +file external/isc/libsodium/src/glue.c libsodium + +file external/isc/libsodium/dist/src/libsodium/crypto_scalarmult/curve25519/ref10/x25519_ref10.c libsodium +file external/isc/libsodium/dist/src/libsodium/crypto_scalarmult/curve25519/scalarmult_curve25519.c libsodium +file external/isc/libsodium/dist/src/libsodium/crypto_scalarmult/crypto_scalarmult.c libsodium +file external/isc/libsodium/dist/src/libsodium/crypto_onetimeauth/poly1305/donna/poly1305_donna.c libsodium +file external/isc/libsodium/dist/src/libsodium/crypto_onetimeauth/poly1305/onetimeauth_poly1305.c libsodium +file external/isc/libsodium/dist/src/libsodium/crypto_onetimeauth/crypto_onetimeauth.c libsodium +file external/isc/libsodium/dist/src/libsodium/crypto_stream/chacha20/ref/chacha20_ref.c libsodium +file external/isc/libsodium/dist/src/libsodium/crypto_stream/chacha20/stream_chacha20.c libsodium +file external/isc/libsodium/dist/src/libsodium/crypto_aead/xchacha20poly1305/sodium/aead_xchacha20poly1305.c libsodium +file external/isc/libsodium/dist/src/libsodium/crypto_aead/chacha20poly1305/sodium/aead_chacha20poly1305.c libsodium +file external/isc/libsodium/dist/src/libsodium/crypto_core/hchacha20/core_hchacha20.c libsodium +file external/isc/libsodium/dist/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c libsodium diff --git a/sys/external/isc/libsodium/include/assert.h b/sys/external/isc/libsodium/include/assert.h new file mode 100644 index 00000000000..a37da9764e4 --- /dev/null +++ b/sys/external/isc/libsodium/include/assert.h @@ -0,0 +1,3 @@ +#include +#include +#include diff --git a/sys/external/isc/libsodium/include/core.h b/sys/external/isc/libsodium/include/core.h new file mode 100644 index 00000000000..fecef436e11 --- /dev/null +++ b/sys/external/isc/libsodium/include/core.h @@ -0,0 +1,12 @@ +/* This overwrites dist/src/libsodium/include/sodium/core.h */ + +#include "../dist/src/libsodium/include/sodium/export.h" +#define sodium_misuse() panic("sodium_misuse") + +#ifdef __x86_64__ +/* From Makefile generated by libsodium/configure on NetBSD/amd64 */ +#define HAVE_AMD64_ASM 1 +//#define HAVE_AVX_ASM 1 +#define HAVE_CPUID 1 +//#define HAVE_TI_MODE 1 +#endif diff --git a/sys/external/isc/libsodium/include/crypto_verify_16.h b/sys/external/isc/libsodium/include/crypto_verify_16.h new file mode 100644 index 00000000000..560017f64cf --- /dev/null +++ b/sys/external/isc/libsodium/include/crypto_verify_16.h @@ -0,0 +1,9 @@ +/* This overwrites dist/src/libsodium/include/sodium/crypto_verify_16.h */ + +/* dummy */ +static inline int +crypto_verify_16(const unsigned char *x, const unsigned char *y) +{ + + return 0; +} diff --git a/sys/external/isc/libsodium/include/errno.h b/sys/external/isc/libsodium/include/errno.h new file mode 100644 index 00000000000..6ea901233e3 --- /dev/null +++ b/sys/external/isc/libsodium/include/errno.h @@ -0,0 +1,6 @@ +#include +#include + +#define errno libsodium_errno + +extern int libsodium_errno; diff --git a/sys/external/isc/libsodium/include/fcntl.h b/sys/external/isc/libsodium/include/fcntl.h new file mode 100644 index 00000000000..e69de29bb2d diff --git a/sys/external/isc/libsodium/include/limits.h b/sys/external/isc/libsodium/include/limits.h new file mode 100644 index 00000000000..e69de29bb2d diff --git a/sys/external/isc/libsodium/include/randombytes.h b/sys/external/isc/libsodium/include/randombytes.h new file mode 100644 index 00000000000..22de14d66da --- /dev/null +++ b/sys/external/isc/libsodium/include/randombytes.h @@ -0,0 +1,14 @@ +/* This overwrites dist/src/libsodium/include/sodium/randombytes.h */ + +static inline void +randombytes_buf(void * const buf, const size_t size) +{ + + extern size_t cprng_fast(void *, size_t); + cprng_fast(buf, size); +} + +static inline void +randombytes_stir(void) +{ +} diff --git a/sys/external/isc/libsodium/include/signal.h b/sys/external/isc/libsodium/include/signal.h new file mode 100644 index 00000000000..e69de29bb2d diff --git a/sys/external/isc/libsodium/include/stddef.h b/sys/external/isc/libsodium/include/stddef.h new file mode 100644 index 00000000000..8d12726645e --- /dev/null +++ b/sys/external/isc/libsodium/include/stddef.h @@ -0,0 +1,3 @@ +#include +#include +#include diff --git a/sys/external/isc/libsodium/include/stdint.h b/sys/external/isc/libsodium/include/stdint.h new file mode 100644 index 00000000000..d9b924292ec --- /dev/null +++ b/sys/external/isc/libsodium/include/stdint.h @@ -0,0 +1,2 @@ +#include +#include diff --git a/sys/external/isc/libsodium/include/stdio.h b/sys/external/isc/libsodium/include/stdio.h new file mode 100644 index 00000000000..c2c2d8c73a9 --- /dev/null +++ b/sys/external/isc/libsodium/include/stdio.h @@ -0,0 +1,4 @@ +#include +#include +#include +#include diff --git a/sys/external/isc/libsodium/include/stdlib.h b/sys/external/isc/libsodium/include/stdlib.h new file mode 100644 index 00000000000..580b647b1e7 --- /dev/null +++ b/sys/external/isc/libsodium/include/stdlib.h @@ -0,0 +1,8 @@ +#include +#include +#undef malloc +#undef free +#define malloc(size) kern_malloc(size, 0) +#define free(addr) kern_free(addr) + +#define abort() panic("abort") diff --git a/sys/external/isc/libsodium/include/string.h b/sys/external/isc/libsodium/include/string.h new file mode 100644 index 00000000000..c6964061aef --- /dev/null +++ b/sys/external/isc/libsodium/include/string.h @@ -0,0 +1,6 @@ +#include +#include + +extern void *memset(void *, int, size_t); +extern void *memcpy(void * restrict, const void * restrict, size_t); +extern void *memmove(void *, const void *, size_t); diff --git a/sys/external/isc/libsodium/include/time.h b/sys/external/isc/libsodium/include/time.h new file mode 100644 index 00000000000..e69de29bb2d diff --git a/sys/external/isc/libsodium/include/unistd.h b/sys/external/isc/libsodium/include/unistd.h new file mode 100644 index 00000000000..e69de29bb2d diff --git a/sys/external/isc/libsodium/include/utils.h b/sys/external/isc/libsodium/include/utils.h new file mode 100644 index 00000000000..0a1883f1aca --- /dev/null +++ b/sys/external/isc/libsodium/include/utils.h @@ -0,0 +1,27 @@ +#ifndef __SODIUM_UTILS_H__ +#define __SODIUM_UTILS_H__ + +/* This overwrites dist/src/libsodium/include/sodium/utils.h */ + +#define SODIUM_C99(X) X + +static inline void +sodium_memzero(void *const pnt, const size_t len) +{ + + explicit_memset(pnt, 0, len); +} + +/* Just copied from dist/src/libsodium/sodium/utils.c */ +static inline int +sodium_is_zero(const unsigned char *n, const size_t nlen) +{ + size_t i; + volatile unsigned char d = 0U; + + for (i = 0U; i < nlen; i++) { + d |= n[i]; + } + return 1 & ((d - 1) >> 8); +} +#endif /* __SODIUM_UTILS_H__ */ diff --git a/sys/external/isc/libsodium/src/glue.c b/sys/external/isc/libsodium/src/glue.c new file mode 100644 index 00000000000..4257991503b --- /dev/null +++ b/sys/external/isc/libsodium/src/glue.c @@ -0,0 +1 @@ +int libsodium_errno; diff --git a/sys/rump/kern/lib/libcrypto/Makefile b/sys/rump/kern/lib/libcrypto/Makefile index c78a6f79b25..a5dbaa35e19 100644 --- a/sys/rump/kern/lib/libcrypto/Makefile +++ b/sys/rump/kern/lib/libcrypto/Makefile @@ -1,13 +1,29 @@ # $NetBSD: Makefile,v 1.4 2015/10/19 16:16:37 pooka Exp $ # +SODIUM_IMPORTDIR=${.CURDIR}/../../../../external/isc/libsodium +SODIUM_DIR=${.CURDIR}/../../../../external/isc/libsodium/dist/src/libsodium + .PATH: ${.CURDIR}/../../../../crypto/arc4 \ ${.CURDIR}/../../../../crypto/blowfish \ ${.CURDIR}/../../../../crypto/camellia \ ${.CURDIR}/../../../../crypto/cast128 \ ${.CURDIR}/../../../../crypto/des \ ${.CURDIR}/../../../../crypto/rijndael \ - ${.CURDIR}/../../../../crypto/skipjack + ${.CURDIR}/../../../../crypto/skipjack \ + ${.CURDIR}/../../../../external/cc0/libb2/dist/src \ + ${SODIUM_DIR}/crypto_scalarmult/curve25519/ref10 \ + ${SODIUM_DIR}/crypto_scalarmult/curve25519 \ + ${SODIUM_DIR}/crypto_scalarmult \ + ${SODIUM_DIR}/crypto_onetimeauth/poly1305/donna \ + ${SODIUM_DIR}/crypto_onetimeauth/poly1305 \ + ${SODIUM_DIR}/crypto_onetimeauth \ + ${SODIUM_DIR}/crypto_stream/chacha20/ref \ + ${SODIUM_DIR}/crypto_stream/chacha20 \ + ${SODIUM_DIR}/crypto_aead/xchacha20poly1305/sodium \ + ${SODIUM_DIR}/crypto_aead/chacha20poly1305/sodium \ + ${SODIUM_DIR}/crypto_core/hchacha20 \ + ${SODIUM_DIR}/crypto_core/ed25519/ref10 LIB= rumpkern_crypto COMMENT=Cryptographic routines @@ -34,5 +50,35 @@ SRCS+= des_ecb.c des_setkey.c des_enc.c des_cbc.c des_module.c # skipjack SRCS+= skipjack.c +# BLAKE2 +SRCS+= blake2s-ref.c +CPPFLAGS.blake2s-ref.c+= -I${.CURDIR}/../../../../external/cc0/libb2/include \ + -Wno-cast-qual -DSUFFIX= + +# Various cryptography functions +SODIUM_CPPFLAGS= +SODIUM_CPPFLAGS+= -I${SODIUM_IMPORTDIR}/include +SODIUM_CPPFLAGS+= -I${SODIUM_IMPORTDIR}/dist/src/libsodium/include/sodium +SODIUM_CPPFLAGS+= -Wno-unused-function -Wno-unused-variable -DHAVE_TI_MODE + +CPPFLAGS.x25519_ref10.c+= ${SODIUM_CPPFLAGS} +CPPFLAGS.scalarmult_curve25519.c+= ${SODIUM_CPPFLAGS} +CPPFLAGS.crypto_scalarmult.c+= ${SODIUM_CPPFLAGS} +CPPFLAGS.poly1305_donna.c+= ${SODIUM_CPPFLAGS} +CPPFLAGS.onetimeauth_poly1305.c+= ${SODIUM_CPPFLAGS} +CPPFLAGS.crypto_onetimeauth.c+= ${SODIUM_CPPFLAGS} +CPPFLAGS.chacha20_ref.c+= ${SODIUM_CPPFLAGS} +CPPFLAGS.stream_chacha20.c+= ${SODIUM_CPPFLAGS} +CPPFLAGS.aead_xchacha20poly1305.c+= ${SODIUM_CPPFLAGS} +CPPFLAGS.aead_chacha20poly1305.c+= ${SODIUM_CPPFLAGS} +CPPFLAGS.core_hchacha20.c+= ${SODIUM_CPPFLAGS} +CPPFLAGS.ed25519_ref10.c+= ${SODIUM_CPPFLAGS} + +SRCS+= x25519_ref10.c scalarmult_curve25519.c crypto_scalarmult.c +SRCS+= poly1305_donna.c onetimeauth_poly1305.c +SRCS+= crypto_onetimeauth.c chacha20_ref.c stream_chacha20.c +SRCS+= aead_xchacha20poly1305.c aead_chacha20poly1305.c +SRCS+= core_hchacha20.c ed25519_ref10.c + .include .include