From b619b2948380b55622b0abaff6f342cf76770d5b Mon Sep 17 00:00:00 2001 From: Marco Stronati Date: Thu, 5 Apr 2018 23:21:16 +0200 Subject: [PATCH] Vendors: removed ocaml-tweetnacl --- vendors/ocaml-tweetnacl/LICENSE.md | 13 - vendors/ocaml-tweetnacl/src/jbuild | 8 - vendors/ocaml-tweetnacl/src/tweetnacl.h | 272 ----- vendors/ocaml-tweetnacl/src/tweetnacl.ml | 447 ------- vendors/ocaml-tweetnacl/src/tweetnacl.mli | 154 --- vendors/ocaml-tweetnacl/src/tweetnacl_stubs.c | 1079 ----------------- vendors/ocaml-tweetnacl/test/jbuild | 14 - vendors/ocaml-tweetnacl/test/test.ml | 198 --- vendors/ocaml-tweetnacl/tweetnacl.opam | 24 - 9 files changed, 2209 deletions(-) delete mode 100644 vendors/ocaml-tweetnacl/LICENSE.md delete mode 100644 vendors/ocaml-tweetnacl/src/jbuild delete mode 100644 vendors/ocaml-tweetnacl/src/tweetnacl.h delete mode 100644 vendors/ocaml-tweetnacl/src/tweetnacl.ml delete mode 100644 vendors/ocaml-tweetnacl/src/tweetnacl.mli delete mode 100644 vendors/ocaml-tweetnacl/src/tweetnacl_stubs.c delete mode 100644 vendors/ocaml-tweetnacl/test/jbuild delete mode 100644 vendors/ocaml-tweetnacl/test/test.ml delete mode 100644 vendors/ocaml-tweetnacl/tweetnacl.opam diff --git a/vendors/ocaml-tweetnacl/LICENSE.md b/vendors/ocaml-tweetnacl/LICENSE.md deleted file mode 100644 index 52b5f8cd7..000000000 --- a/vendors/ocaml-tweetnacl/LICENSE.md +++ /dev/null @@ -1,13 +0,0 @@ -Copyright (c) 2017 Vincent Bernardoff - -Permission to use, copy, modify, and/or distribute this software for any -purpose with or without fee is hereby granted, provided that the above -copyright notice and this permission notice appear in all copies. - -THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/vendors/ocaml-tweetnacl/src/jbuild b/vendors/ocaml-tweetnacl/src/jbuild deleted file mode 100644 index ab0bf36c2..000000000 --- a/vendors/ocaml-tweetnacl/src/jbuild +++ /dev/null @@ -1,8 +0,0 @@ -(jbuild_version 1) - -(library - ((name tweetnacl) - (public_name tweetnacl) - (libraries (bigstring ocplib-endian.bigstring zarith)) - (c_names (tweetnacl_stubs)) - (c_flags (-O3)))) diff --git a/vendors/ocaml-tweetnacl/src/tweetnacl.h b/vendors/ocaml-tweetnacl/src/tweetnacl.h deleted file mode 100644 index 9277fbf8f..000000000 --- a/vendors/ocaml-tweetnacl/src/tweetnacl.h +++ /dev/null @@ -1,272 +0,0 @@ -#ifndef TWEETNACL_H -#define TWEETNACL_H -#define crypto_auth_PRIMITIVE "hmacsha512256" -#define crypto_auth crypto_auth_hmacsha512256 -#define crypto_auth_verify crypto_auth_hmacsha512256_verify -#define crypto_auth_BYTES crypto_auth_hmacsha512256_BYTES -#define crypto_auth_KEYBYTES crypto_auth_hmacsha512256_KEYBYTES -#define crypto_auth_IMPLEMENTATION crypto_auth_hmacsha512256_IMPLEMENTATION -#define crypto_auth_VERSION crypto_auth_hmacsha512256_VERSION -#define crypto_auth_hmacsha512256_tweet_BYTES 32 -#define crypto_auth_hmacsha512256_tweet_KEYBYTES 32 -extern int crypto_auth_hmacsha512256_tweet(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *); -extern int crypto_auth_hmacsha512256_tweet_verify(const unsigned char *,const unsigned char *,unsigned long long,const unsigned char *); -#define crypto_auth_hmacsha512256_tweet_VERSION "-" -#define crypto_auth_hmacsha512256 crypto_auth_hmacsha512256_tweet -#define crypto_auth_hmacsha512256_verify crypto_auth_hmacsha512256_tweet_verify -#define crypto_auth_hmacsha512256_BYTES crypto_auth_hmacsha512256_tweet_BYTES -#define crypto_auth_hmacsha512256_KEYBYTES crypto_auth_hmacsha512256_tweet_KEYBYTES -#define crypto_auth_hmacsha512256_VERSION crypto_auth_hmacsha512256_tweet_VERSION -#define crypto_auth_hmacsha512256_IMPLEMENTATION "crypto_auth/hmacsha512256/tweet" -#define crypto_box_PRIMITIVE "curve25519xsalsa20poly1305" -#define crypto_box crypto_box_curve25519xsalsa20poly1305 -#define crypto_box_open crypto_box_curve25519xsalsa20poly1305_open -#define crypto_box_keypair crypto_box_curve25519xsalsa20poly1305_keypair -#define crypto_box_beforenm crypto_box_curve25519xsalsa20poly1305_beforenm -#define crypto_box_afternm crypto_box_curve25519xsalsa20poly1305_afternm -#define crypto_box_open_afternm crypto_box_curve25519xsalsa20poly1305_open_afternm -#define crypto_box_PUBLICKEYBYTES crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES -#define crypto_box_SECRETKEYBYTES crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES -#define crypto_box_BEFORENMBYTES crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES -#define crypto_box_NONCEBYTES crypto_box_curve25519xsalsa20poly1305_NONCEBYTES -#define crypto_box_ZEROBYTES crypto_box_curve25519xsalsa20poly1305_ZEROBYTES -#define crypto_box_BOXZEROBYTES crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES -#define crypto_box_IMPLEMENTATION crypto_box_curve25519xsalsa20poly1305_IMPLEMENTATION -#define crypto_box_VERSION crypto_box_curve25519xsalsa20poly1305_VERSION -#define crypto_box_curve25519xsalsa20poly1305_tweet_PUBLICKEYBYTES 32 -#define crypto_box_curve25519xsalsa20poly1305_tweet_SECRETKEYBYTES 32 -#define crypto_box_curve25519xsalsa20poly1305_tweet_BEFORENMBYTES 32 -#define crypto_box_curve25519xsalsa20poly1305_tweet_NONCEBYTES 24 -#define crypto_box_curve25519xsalsa20poly1305_tweet_ZEROBYTES 32 -#define crypto_box_curve25519xsalsa20poly1305_tweet_BOXZEROBYTES 16 -extern int crypto_box_curve25519xsalsa20poly1305_tweet(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *,const unsigned char *); -extern int crypto_box_curve25519xsalsa20poly1305_tweet_open(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *,const unsigned char *); -extern int crypto_box_curve25519xsalsa20poly1305_tweet_keypair(unsigned char *,unsigned char *); -extern int crypto_box_curve25519xsalsa20poly1305_tweet_beforenm(unsigned char *,const unsigned char *,const unsigned char *); -extern int crypto_box_curve25519xsalsa20poly1305_tweet_afternm(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *); -extern int crypto_box_curve25519xsalsa20poly1305_tweet_open_afternm(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *); -#define crypto_box_curve25519xsalsa20poly1305_tweet_VERSION "-" -#define crypto_box_curve25519xsalsa20poly1305 crypto_box_curve25519xsalsa20poly1305_tweet -#define crypto_box_curve25519xsalsa20poly1305_open crypto_box_curve25519xsalsa20poly1305_tweet_open -#define crypto_box_curve25519xsalsa20poly1305_keypair crypto_box_curve25519xsalsa20poly1305_tweet_keypair -#define crypto_box_curve25519xsalsa20poly1305_beforenm crypto_box_curve25519xsalsa20poly1305_tweet_beforenm -#define crypto_box_curve25519xsalsa20poly1305_afternm crypto_box_curve25519xsalsa20poly1305_tweet_afternm -#define crypto_box_curve25519xsalsa20poly1305_open_afternm crypto_box_curve25519xsalsa20poly1305_tweet_open_afternm -#define crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES crypto_box_curve25519xsalsa20poly1305_tweet_PUBLICKEYBYTES -#define crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES crypto_box_curve25519xsalsa20poly1305_tweet_SECRETKEYBYTES -#define crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES crypto_box_curve25519xsalsa20poly1305_tweet_BEFORENMBYTES -#define crypto_box_curve25519xsalsa20poly1305_NONCEBYTES crypto_box_curve25519xsalsa20poly1305_tweet_NONCEBYTES -#define crypto_box_curve25519xsalsa20poly1305_ZEROBYTES crypto_box_curve25519xsalsa20poly1305_tweet_ZEROBYTES -#define crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES crypto_box_curve25519xsalsa20poly1305_tweet_BOXZEROBYTES -#define crypto_box_curve25519xsalsa20poly1305_VERSION crypto_box_curve25519xsalsa20poly1305_tweet_VERSION -#define crypto_box_curve25519xsalsa20poly1305_IMPLEMENTATION "crypto_box/curve25519xsalsa20poly1305/tweet" -#define crypto_core_PRIMITIVE "salsa20" -#define crypto_core crypto_core_salsa20 -#define crypto_core_OUTPUTBYTES crypto_core_salsa20_OUTPUTBYTES -#define crypto_core_INPUTBYTES crypto_core_salsa20_INPUTBYTES -#define crypto_core_KEYBYTES crypto_core_salsa20_KEYBYTES -#define crypto_core_CONSTBYTES crypto_core_salsa20_CONSTBYTES -#define crypto_core_IMPLEMENTATION crypto_core_salsa20_IMPLEMENTATION -#define crypto_core_VERSION crypto_core_salsa20_VERSION -#define crypto_core_salsa20_tweet_OUTPUTBYTES 64 -#define crypto_core_salsa20_tweet_INPUTBYTES 16 -#define crypto_core_salsa20_tweet_KEYBYTES 32 -#define crypto_core_salsa20_tweet_CONSTBYTES 16 -extern int crypto_core_salsa20_tweet(unsigned char *,const unsigned char *,const unsigned char *,const unsigned char *); -#define crypto_core_salsa20_tweet_VERSION "-" -#define crypto_core_salsa20 crypto_core_salsa20_tweet -#define crypto_core_salsa20_OUTPUTBYTES crypto_core_salsa20_tweet_OUTPUTBYTES -#define crypto_core_salsa20_INPUTBYTES crypto_core_salsa20_tweet_INPUTBYTES -#define crypto_core_salsa20_KEYBYTES crypto_core_salsa20_tweet_KEYBYTES -#define crypto_core_salsa20_CONSTBYTES crypto_core_salsa20_tweet_CONSTBYTES -#define crypto_core_salsa20_VERSION crypto_core_salsa20_tweet_VERSION -#define crypto_core_salsa20_IMPLEMENTATION "crypto_core/salsa20/tweet" -#define crypto_core_hsalsa20_tweet_OUTPUTBYTES 32 -#define crypto_core_hsalsa20_tweet_INPUTBYTES 16 -#define crypto_core_hsalsa20_tweet_KEYBYTES 32 -#define crypto_core_hsalsa20_tweet_CONSTBYTES 16 -extern int crypto_core_hsalsa20_tweet(unsigned char *,const unsigned char *,const unsigned char *,const unsigned char *); -#define crypto_core_hsalsa20_tweet_VERSION "-" -#define crypto_core_hsalsa20 crypto_core_hsalsa20_tweet -#define crypto_core_hsalsa20_OUTPUTBYTES crypto_core_hsalsa20_tweet_OUTPUTBYTES -#define crypto_core_hsalsa20_INPUTBYTES crypto_core_hsalsa20_tweet_INPUTBYTES -#define crypto_core_hsalsa20_KEYBYTES crypto_core_hsalsa20_tweet_KEYBYTES -#define crypto_core_hsalsa20_CONSTBYTES crypto_core_hsalsa20_tweet_CONSTBYTES -#define crypto_core_hsalsa20_VERSION crypto_core_hsalsa20_tweet_VERSION -#define crypto_core_hsalsa20_IMPLEMENTATION "crypto_core/hsalsa20/tweet" -#define crypto_hashblocks_PRIMITIVE "sha512" -#define crypto_hashblocks crypto_hashblocks_sha512 -#define crypto_hashblocks_STATEBYTES crypto_hashblocks_sha512_STATEBYTES -#define crypto_hashblocks_BLOCKBYTES crypto_hashblocks_sha512_BLOCKBYTES -#define crypto_hashblocks_IMPLEMENTATION crypto_hashblocks_sha512_IMPLEMENTATION -#define crypto_hashblocks_VERSION crypto_hashblocks_sha512_VERSION -#define crypto_hashblocks_sha512_tweet_STATEBYTES 64 -#define crypto_hashblocks_sha512_tweet_BLOCKBYTES 128 -extern int crypto_hashblocks_sha512_tweet(unsigned char *,const unsigned char *,unsigned long long); -#define crypto_hashblocks_sha512_tweet_VERSION "-" -#define crypto_hashblocks_sha512 crypto_hashblocks_sha512_tweet -#define crypto_hashblocks_sha512_STATEBYTES crypto_hashblocks_sha512_tweet_STATEBYTES -#define crypto_hashblocks_sha512_BLOCKBYTES crypto_hashblocks_sha512_tweet_BLOCKBYTES -#define crypto_hashblocks_sha512_VERSION crypto_hashblocks_sha512_tweet_VERSION -#define crypto_hashblocks_sha512_IMPLEMENTATION "crypto_hashblocks/sha512/tweet" -#define crypto_hashblocks_sha256_tweet_STATEBYTES 32 -#define crypto_hashblocks_sha256_tweet_BLOCKBYTES 64 -extern int crypto_hashblocks_sha256_tweet(unsigned char *,const unsigned char *,unsigned long long); -#define crypto_hashblocks_sha256_tweet_VERSION "-" -#define crypto_hashblocks_sha256 crypto_hashblocks_sha256_tweet -#define crypto_hashblocks_sha256_STATEBYTES crypto_hashblocks_sha256_tweet_STATEBYTES -#define crypto_hashblocks_sha256_BLOCKBYTES crypto_hashblocks_sha256_tweet_BLOCKBYTES -#define crypto_hashblocks_sha256_VERSION crypto_hashblocks_sha256_tweet_VERSION -#define crypto_hashblocks_sha256_IMPLEMENTATION "crypto_hashblocks/sha256/tweet" -#define crypto_hash_PRIMITIVE "sha512" -#define crypto_hash crypto_hash_sha512 -#define crypto_hash_BYTES crypto_hash_sha512_BYTES -#define crypto_hash_IMPLEMENTATION crypto_hash_sha512_IMPLEMENTATION -#define crypto_hash_VERSION crypto_hash_sha512_VERSION -#define crypto_hash_sha512_tweet_BYTES 64 -extern int crypto_hash_sha512_tweet(unsigned char *,const unsigned char *,unsigned long long); -#define crypto_hash_sha512_tweet_VERSION "-" -#define crypto_hash_sha512 crypto_hash_sha512_tweet -#define crypto_hash_sha512_BYTES crypto_hash_sha512_tweet_BYTES -#define crypto_hash_sha512_VERSION crypto_hash_sha512_tweet_VERSION -#define crypto_hash_sha512_IMPLEMENTATION "crypto_hash/sha512/tweet" -#define crypto_hash_sha256_tweet_BYTES 32 -extern int crypto_hash_sha256_tweet(unsigned char *,const unsigned char *,unsigned long long); -#define crypto_hash_sha256_tweet_VERSION "-" -#define crypto_hash_sha256 crypto_hash_sha256_tweet -#define crypto_hash_sha256_BYTES crypto_hash_sha256_tweet_BYTES -#define crypto_hash_sha256_VERSION crypto_hash_sha256_tweet_VERSION -#define crypto_hash_sha256_IMPLEMENTATION "crypto_hash/sha256/tweet" -#define crypto_onetimeauth_PRIMITIVE "poly1305" -#define crypto_onetimeauth crypto_onetimeauth_poly1305 -#define crypto_onetimeauth_verify crypto_onetimeauth_poly1305_verify -#define crypto_onetimeauth_BYTES crypto_onetimeauth_poly1305_BYTES -#define crypto_onetimeauth_KEYBYTES crypto_onetimeauth_poly1305_KEYBYTES -#define crypto_onetimeauth_IMPLEMENTATION crypto_onetimeauth_poly1305_IMPLEMENTATION -#define crypto_onetimeauth_VERSION crypto_onetimeauth_poly1305_VERSION -#define crypto_onetimeauth_poly1305_tweet_BYTES 16 -#define crypto_onetimeauth_poly1305_tweet_KEYBYTES 32 -extern int crypto_onetimeauth_poly1305_tweet(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *); -extern int crypto_onetimeauth_poly1305_tweet_verify(const unsigned char *,const unsigned char *,unsigned long long,const unsigned char *); -#define crypto_onetimeauth_poly1305_tweet_VERSION "-" -#define crypto_onetimeauth_poly1305 crypto_onetimeauth_poly1305_tweet -#define crypto_onetimeauth_poly1305_verify crypto_onetimeauth_poly1305_tweet_verify -#define crypto_onetimeauth_poly1305_BYTES crypto_onetimeauth_poly1305_tweet_BYTES -#define crypto_onetimeauth_poly1305_KEYBYTES crypto_onetimeauth_poly1305_tweet_KEYBYTES -#define crypto_onetimeauth_poly1305_VERSION crypto_onetimeauth_poly1305_tweet_VERSION -#define crypto_onetimeauth_poly1305_IMPLEMENTATION "crypto_onetimeauth/poly1305/tweet" -#define crypto_scalarmult_PRIMITIVE "curve25519" -#define crypto_scalarmult crypto_scalarmult_curve25519 -#define crypto_scalarmult_base crypto_scalarmult_curve25519_base -#define crypto_scalarmult_BYTES crypto_scalarmult_curve25519_BYTES -#define crypto_scalarmult_SCALARBYTES crypto_scalarmult_curve25519_SCALARBYTES -#define crypto_scalarmult_IMPLEMENTATION crypto_scalarmult_curve25519_IMPLEMENTATION -#define crypto_scalarmult_VERSION crypto_scalarmult_curve25519_VERSION -#define crypto_scalarmult_curve25519_tweet_BYTES 32 -#define crypto_scalarmult_curve25519_tweet_SCALARBYTES 32 -extern int crypto_scalarmult_curve25519_tweet(unsigned char *,const unsigned char *,const unsigned char *); -extern int crypto_scalarmult_curve25519_tweet_base(unsigned char *,const unsigned char *); -#define crypto_scalarmult_curve25519_tweet_VERSION "-" -#define crypto_scalarmult_curve25519 crypto_scalarmult_curve25519_tweet -#define crypto_scalarmult_curve25519_base crypto_scalarmult_curve25519_tweet_base -#define crypto_scalarmult_curve25519_BYTES crypto_scalarmult_curve25519_tweet_BYTES -#define crypto_scalarmult_curve25519_SCALARBYTES crypto_scalarmult_curve25519_tweet_SCALARBYTES -#define crypto_scalarmult_curve25519_VERSION crypto_scalarmult_curve25519_tweet_VERSION -#define crypto_scalarmult_curve25519_IMPLEMENTATION "crypto_scalarmult/curve25519/tweet" -#define crypto_secretbox_PRIMITIVE "xsalsa20poly1305" -#define crypto_secretbox crypto_secretbox_xsalsa20poly1305 -#define crypto_secretbox_open crypto_secretbox_xsalsa20poly1305_open -#define crypto_secretbox_KEYBYTES crypto_secretbox_xsalsa20poly1305_KEYBYTES -#define crypto_secretbox_NONCEBYTES crypto_secretbox_xsalsa20poly1305_NONCEBYTES -#define crypto_secretbox_ZEROBYTES crypto_secretbox_xsalsa20poly1305_ZEROBYTES -#define crypto_secretbox_BOXZEROBYTES crypto_secretbox_xsalsa20poly1305_BOXZEROBYTES -#define crypto_secretbox_IMPLEMENTATION crypto_secretbox_xsalsa20poly1305_IMPLEMENTATION -#define crypto_secretbox_VERSION crypto_secretbox_xsalsa20poly1305_VERSION -#define crypto_secretbox_xsalsa20poly1305_tweet_KEYBYTES 32 -#define crypto_secretbox_xsalsa20poly1305_tweet_NONCEBYTES 24 -#define crypto_secretbox_xsalsa20poly1305_tweet_ZEROBYTES 32 -#define crypto_secretbox_xsalsa20poly1305_tweet_BOXZEROBYTES 16 -extern int crypto_secretbox_xsalsa20poly1305_tweet(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *); -extern int crypto_secretbox_xsalsa20poly1305_tweet_open(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *); -#define crypto_secretbox_xsalsa20poly1305_tweet_VERSION "-" -#define crypto_secretbox_xsalsa20poly1305 crypto_secretbox_xsalsa20poly1305_tweet -#define crypto_secretbox_xsalsa20poly1305_open crypto_secretbox_xsalsa20poly1305_tweet_open -#define crypto_secretbox_xsalsa20poly1305_KEYBYTES crypto_secretbox_xsalsa20poly1305_tweet_KEYBYTES -#define crypto_secretbox_xsalsa20poly1305_NONCEBYTES crypto_secretbox_xsalsa20poly1305_tweet_NONCEBYTES -#define crypto_secretbox_xsalsa20poly1305_ZEROBYTES crypto_secretbox_xsalsa20poly1305_tweet_ZEROBYTES -#define crypto_secretbox_xsalsa20poly1305_BOXZEROBYTES crypto_secretbox_xsalsa20poly1305_tweet_BOXZEROBYTES -#define crypto_secretbox_xsalsa20poly1305_VERSION crypto_secretbox_xsalsa20poly1305_tweet_VERSION -#define crypto_secretbox_xsalsa20poly1305_IMPLEMENTATION "crypto_secretbox/xsalsa20poly1305/tweet" -#define crypto_sign_PRIMITIVE "ed25519" -#define crypto_sign crypto_sign_ed25519 -#define crypto_sign_open crypto_sign_ed25519_open -#define crypto_sign_keypair crypto_sign_ed25519_keypair -#define crypto_sign_BYTES crypto_sign_ed25519_BYTES -#define crypto_sign_PUBLICKEYBYTES crypto_sign_ed25519_PUBLICKEYBYTES -#define crypto_sign_SECRETKEYBYTES crypto_sign_ed25519_SECRETKEYBYTES -#define crypto_sign_IMPLEMENTATION crypto_sign_ed25519_IMPLEMENTATION -#define crypto_sign_VERSION crypto_sign_ed25519_VERSION -#define crypto_sign_ed25519_tweet_BYTES 64 -#define crypto_sign_ed25519_tweet_PUBLICKEYBYTES 32 -#define crypto_sign_ed25519_tweet_SECRETKEYBYTES 64 -extern int crypto_sign_ed25519_tweet(unsigned char *,unsigned long long *,const unsigned char *,unsigned long long,const unsigned char *); -extern int crypto_sign_ed25519_tweet_open(unsigned char *,unsigned long long *,const unsigned char *,unsigned long long,const unsigned char *); -extern int crypto_sign_ed25519_tweet_keypair(unsigned char *,unsigned char *); -#define crypto_sign_ed25519_tweet_VERSION "-" -#define crypto_sign_ed25519 crypto_sign_ed25519_tweet -#define crypto_sign_ed25519_open crypto_sign_ed25519_tweet_open -#define crypto_sign_ed25519_keypair crypto_sign_ed25519_tweet_keypair -#define crypto_sign_ed25519_BYTES crypto_sign_ed25519_tweet_BYTES -#define crypto_sign_ed25519_PUBLICKEYBYTES crypto_sign_ed25519_tweet_PUBLICKEYBYTES -#define crypto_sign_ed25519_SECRETKEYBYTES crypto_sign_ed25519_tweet_SECRETKEYBYTES -#define crypto_sign_ed25519_VERSION crypto_sign_ed25519_tweet_VERSION -#define crypto_sign_ed25519_IMPLEMENTATION "crypto_sign/ed25519/tweet" -#define crypto_stream_PRIMITIVE "xsalsa20" -#define crypto_stream crypto_stream_xsalsa20 -#define crypto_stream_xor crypto_stream_xsalsa20_xor -#define crypto_stream_KEYBYTES crypto_stream_xsalsa20_KEYBYTES -#define crypto_stream_NONCEBYTES crypto_stream_xsalsa20_NONCEBYTES -#define crypto_stream_IMPLEMENTATION crypto_stream_xsalsa20_IMPLEMENTATION -#define crypto_stream_VERSION crypto_stream_xsalsa20_VERSION -#define crypto_stream_xsalsa20_tweet_KEYBYTES 32 -#define crypto_stream_xsalsa20_tweet_NONCEBYTES 24 -extern int crypto_stream_xsalsa20_tweet(unsigned char *,unsigned long long,const unsigned char *,const unsigned char *); -extern int crypto_stream_xsalsa20_tweet_xor(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *); -#define crypto_stream_xsalsa20_tweet_VERSION "-" -#define crypto_stream_xsalsa20 crypto_stream_xsalsa20_tweet -#define crypto_stream_xsalsa20_xor crypto_stream_xsalsa20_tweet_xor -#define crypto_stream_xsalsa20_KEYBYTES crypto_stream_xsalsa20_tweet_KEYBYTES -#define crypto_stream_xsalsa20_NONCEBYTES crypto_stream_xsalsa20_tweet_NONCEBYTES -#define crypto_stream_xsalsa20_VERSION crypto_stream_xsalsa20_tweet_VERSION -#define crypto_stream_xsalsa20_IMPLEMENTATION "crypto_stream/xsalsa20/tweet" -#define crypto_stream_salsa20_tweet_KEYBYTES 32 -#define crypto_stream_salsa20_tweet_NONCEBYTES 8 -extern int crypto_stream_salsa20_tweet(unsigned char *,unsigned long long,const unsigned char *,const unsigned char *); -extern int crypto_stream_salsa20_tweet_xor(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *); -#define crypto_stream_salsa20_tweet_VERSION "-" -#define crypto_stream_salsa20 crypto_stream_salsa20_tweet -#define crypto_stream_salsa20_xor crypto_stream_salsa20_tweet_xor -#define crypto_stream_salsa20_KEYBYTES crypto_stream_salsa20_tweet_KEYBYTES -#define crypto_stream_salsa20_NONCEBYTES crypto_stream_salsa20_tweet_NONCEBYTES -#define crypto_stream_salsa20_VERSION crypto_stream_salsa20_tweet_VERSION -#define crypto_stream_salsa20_IMPLEMENTATION "crypto_stream/salsa20/tweet" -#define crypto_verify_PRIMITIVE "16" -#define crypto_verify crypto_verify_16 -#define crypto_verify_BYTES crypto_verify_16_BYTES -#define crypto_verify_IMPLEMENTATION crypto_verify_16_IMPLEMENTATION -#define crypto_verify_VERSION crypto_verify_16_VERSION -#define crypto_verify_16_tweet_BYTES 16 -extern int crypto_verify_16_tweet(const unsigned char *,const unsigned char *); -#define crypto_verify_16_tweet_VERSION "-" -#define crypto_verify_16 crypto_verify_16_tweet -#define crypto_verify_16_BYTES crypto_verify_16_tweet_BYTES -#define crypto_verify_16_VERSION crypto_verify_16_tweet_VERSION -#define crypto_verify_16_IMPLEMENTATION "crypto_verify/16/tweet" -#define crypto_verify_32_tweet_BYTES 32 -extern int crypto_verify_32_tweet(const unsigned char *,const unsigned char *); -#define crypto_verify_32_tweet_VERSION "-" -#define crypto_verify_32 crypto_verify_32_tweet -#define crypto_verify_32_BYTES crypto_verify_32_tweet_BYTES -#define crypto_verify_32_VERSION crypto_verify_32_tweet_VERSION -#define crypto_verify_32_IMPLEMENTATION "crypto_verify/32/tweet" -#endif diff --git a/vendors/ocaml-tweetnacl/src/tweetnacl.ml b/vendors/ocaml-tweetnacl/src/tweetnacl.ml deleted file mode 100644 index 2456b73c0..000000000 --- a/vendors/ocaml-tweetnacl/src/tweetnacl.ml +++ /dev/null @@ -1,447 +0,0 @@ -(*--------------------------------------------------------------------------- - Copyright (c) 2017 Vincent Bernardoff. All rights reserved. - Distributed under the ISC license, see terms at the end of the file. - ---------------------------------------------------------------------------*) - -open EndianBigstring - -module Rand = struct - external randombytes : Bigstring.t -> int -> unit = - "ml_randombytes" [@@noalloc] - - let gen sz = - let buf = Bigstring.create sz in - randombytes buf sz ; - buf - - let write buf = - randombytes buf (Bigstring.length buf) -end - -module Hash = struct - let bytes = 64 - - external sha512 : - Bigstring.t -> Bigstring.t -> int -> unit = - "ml_crypto_hash" [@@noalloc] - - let sha512 msg = - let q = Bigstring.create bytes in - sha512 q msg (Bigstring.length msg) ; - q -end - -let buf_of_z buf z = - Bigstring.fill buf '\x00' ; - let bits = Z.to_bits z in - Bigstring.blit_of_string bits 0 buf 0 (String.length bits) - -let unopt_invalid_arg1 ~msg f buf = - match f buf with - | Some v -> v - | None -> invalid_arg msg - -module Nonce = struct - type t = Bigstring.t - let bytes = 24 - - let gen () = - Rand.gen bytes - - let rec incr_byte b step byteno = - let res = BigEndian.get_uint16 b byteno + step in - let lo = res land 0xffff in - let hi = res asr 16 in - BigEndian.set_int16 b byteno lo ; - if hi = 0 || byteno = 0 then () - else incr_byte b hi (byteno - 2) - - let increment ?(step = 1) nonce = - let new_nonce = Bigstring.create 24 in - Bigstring.blit nonce 0 new_nonce 0 24 ; - incr_byte new_nonce step 22 ; - new_nonce - - let of_bytes buf = - try Some (Bigstring.sub buf 0 bytes) with _ -> None - - let of_bytes_exn = - unopt_invalid_arg1 ~msg:"Box.Nonce.of_bytes_exn" of_bytes - - let to_bytes nonce = nonce -end - -module Secretbox = struct - type key = Bigstring.t - - let keybytes = 32 - let zerobytes = 32 - let boxzerobytes = 16 - - let genkey () = - Rand.gen 32 - - let of_bytes buf = - if Bigstring.length buf < keybytes then None - else Some (Bigstring.sub buf 0 keybytes) - - let of_bytes_exn = - unopt_invalid_arg1 ~msg:"Secret_box.of_bytes_exn" of_bytes - - external secretbox : - Bigstring.t -> Bigstring.t -> - Bigstring.t -> Bigstring.t -> unit = "ml_secretbox" [@@noalloc] - - external secretbox_open : - Bigstring.t -> Bigstring.t -> - Bigstring.t -> Bigstring.t -> int = "ml_secretbox_open" [@@noalloc] - - let box ~key ~nonce ~msg = - let msglen = Bigstring.length msg in - let buflen = msglen + zerobytes in - let buf = Bigstring.create buflen in - Bigstring.fill buf '\x00' ; - Bigstring.blit msg 0 buf zerobytes msglen ; - secretbox buf buf nonce key ; - Bigstring.sub buf boxzerobytes (buflen - boxzerobytes) - - let box_noalloc ~key ~nonce ~msg = - secretbox msg msg nonce key - - let box_open ~key ~nonce ~cmsg = - let msglen = Bigstring.length cmsg - boxzerobytes in - let buf = Bigstring.create (zerobytes + msglen) in - Bigstring.fill buf '\x00' ; - Bigstring.blit cmsg 0 buf boxzerobytes (msglen + boxzerobytes) ; - match secretbox_open buf buf nonce key with - | 0 -> Some (Bigstring.sub buf zerobytes msglen) - | _ -> None - - let box_open_noalloc ~key ~nonce ~cmsg = - match secretbox_open cmsg cmsg nonce key with - | 0 -> true - | _ -> false -end - -module Box = struct - type secret - type public - type combined - type _ key = - | Sk : Bigstring.t -> secret key - | Pk : Bigstring.t -> public key - | Ck : Bigstring.t -> combined key - - let skbytes = 32 - let pkbytes = 32 - let beforenmbytes = 32 - let zerobytes = 32 - let boxzerobytes = 16 - - let to_bytes : type a. a key -> Bigstring.t = function - | Pk buf -> buf - | Sk buf -> buf - | Ck buf -> buf - - let blit_to_bytes : - type a. a key -> ?pos:int -> Bigstring.t -> unit = fun key ?(pos=0) buf -> - match key with - | Pk pk -> Bigstring.blit pk 0 buf pos pkbytes - | Sk sk -> Bigstring.blit sk 0 buf pos skbytes - | Ck ck -> Bigstring.blit ck 0 buf pos beforenmbytes - - let equal : - type a. a key -> a key -> bool = fun a b -> match a, b with - | Pk a, Pk b -> Bigstring.equal a b - | Sk a, Sk b -> Bigstring.equal a b - | Ck a, Ck b -> Bigstring.equal a b - - let sk_of_bytes buf = - try Some (Sk (Bigstring.sub buf 0 skbytes)) with _ -> None - let pk_of_bytes buf = - try Some (Pk (Bigstring.sub buf 0 pkbytes)) with _ -> None - let ck_of_bytes buf = - try Some (Ck (Bigstring.sub buf 0 beforenmbytes)) with _ -> None - - let sk_of_bytes_exn = - unopt_invalid_arg1 ~msg:"Box.sk_of_bytes_exn" sk_of_bytes - let pk_of_bytes_exn = - unopt_invalid_arg1 ~msg:"Box.pk_of_bytes_exn" pk_of_bytes - let ck_of_bytes_exn = - unopt_invalid_arg1 ~msg:"Box.ck_of_bytes_exn" ck_of_bytes - - external keypair : - Bigstring.t -> Bigstring.t -> unit = - "ml_crypto_box_keypair" [@@noalloc] - - let keypair () = - let sk = Bigstring.create skbytes in - let pk = Bigstring.create pkbytes in - keypair pk sk ; - Pk pk, Sk sk - - external box_stub : - Bigstring.t -> Bigstring.t -> Bigstring.t -> - Bigstring.t -> Bigstring.t -> unit = - "ml_crypto_box" [@@noalloc] - - let box ~pk:(Pk pk) ~sk:(Sk sk) ~nonce ~msg = - let msglen = Bigstring.length msg in - let buflen = msglen + zerobytes in - let buf = Bigstring.create buflen in - Bigstring.fill buf '\x00' ; - Bigstring.blit msg 0 buf zerobytes msglen ; - box_stub buf buf nonce pk sk ; - Bigstring.sub buf boxzerobytes (buflen - boxzerobytes) - - let box_noalloc ~pk:(Pk pk) ~sk:(Sk sk) ~nonce ~msg = - box_stub msg msg nonce pk sk - - external box_open_stub : - Bigstring.t -> Bigstring.t -> Bigstring.t -> - Bigstring.t -> Bigstring.t -> int = - "ml_crypto_box_open" [@@noalloc] - - let box_open ~pk:(Pk pk) ~sk:(Sk sk) ~nonce ~cmsg = - let msglen = Bigstring.length cmsg - boxzerobytes in - let buf = Bigstring.create (zerobytes + msglen) in - Bigstring.fill buf '\x00' ; - Bigstring.blit cmsg 0 buf boxzerobytes (msglen + boxzerobytes) ; - match box_open_stub buf buf nonce pk sk with - | 0 -> Some (Bigstring.sub buf zerobytes msglen) - | _ -> None - - let box_open_noalloc ~pk:(Pk pk) ~sk:(Sk sk) ~nonce ~cmsg = - match box_open_stub cmsg cmsg nonce pk sk with - | 0 -> true - | _ -> false - - external box_beforenm : - Bigstring.t -> Bigstring.t -> Bigstring.t -> unit = - "ml_crypto_box_beforenm" [@@noalloc] - - let combine (Pk pk) (Sk sk) = - let combined = Bigstring.create beforenmbytes in - box_beforenm combined pk sk ; - Ck combined - - external box_afternm : - Bigstring.t -> Bigstring.t -> - Bigstring.t -> Bigstring.t -> unit = - "ml_crypto_box_afternm" [@@noalloc] - - let box_combined ~k:(Ck k) ~nonce ~msg = - let msglen = Bigstring.length msg in - let buflen = msglen + zerobytes in - let buf = Bigstring.create buflen in - Bigstring.fill buf '\x00' ; - Bigstring.blit msg 0 buf zerobytes msglen ; - box_afternm buf buf nonce k ; - Bigstring.sub buf boxzerobytes (buflen - boxzerobytes) - - let box_combined_noalloc ~k:(Ck k) ~nonce ~msg = - box_afternm msg msg nonce k - - external box_open_afternm : - Bigstring.t -> Bigstring.t -> - Bigstring.t -> Bigstring.t -> int = - "ml_crypto_box_open_afternm" [@@noalloc] - - let box_open_combined ~k:(Ck k) ~nonce ~cmsg = - let msglen = Bigstring.length cmsg - boxzerobytes in - let buflen = msglen + zerobytes in - let buf = Bigstring.create buflen in - Bigstring.fill buf '\x00' ; - Bigstring.blit cmsg 0 buf boxzerobytes (msglen + boxzerobytes) ; - match box_open_afternm buf buf nonce k with - | 0 -> Some (Bigstring.sub buf zerobytes msglen) - | _ -> None - - let box_open_combined_noalloc ~k:(Ck k) ~nonce ~cmsg = - match box_open_afternm cmsg cmsg nonce k with - | 0 -> true - | _ -> false -end - -module Sign = struct - type secret - type extended - type public - type _ key = - | Sk : Bigstring.t -> secret key - | Ek : Bigstring.t -> extended key - | Pk : Bigstring.t -> public key - - let bytes = 64 - let pkbytes = 32 - let skbytes = 64 - let ekbytes = 64 - let seedbytes = 32 - - let sk_of_bytes buf = - try Some (Sk (Bigstring.sub buf 0 skbytes)) with _ -> None - let ek_of_bytes buf = - try Some (Ek (Bigstring.sub buf 0 ekbytes)) with _ -> None - let pk_of_bytes buf = - try Some (Pk (Bigstring.sub buf 0 pkbytes)) with _ -> None - - let sk_of_bytes_exn = - unopt_invalid_arg1 ~msg:"Sign.sk_of_bytes_exn" sk_of_bytes - let ek_of_bytes_exn = - unopt_invalid_arg1 ~msg:"Sign.ek_of_bytes_exn" ek_of_bytes - let pk_of_bytes_exn = - unopt_invalid_arg1 ~msg:"Sign.pk_of_bytes_exn" pk_of_bytes - - let to_bytes : type a. a key -> Bigstring.t = function - | Pk buf -> buf - | Sk buf -> buf - | Ek buf -> buf - - let seed (Sk buf) = Bigstring.sub buf 0 seedbytes - - let blit_to_bytes : - type a. a key -> ?pos:int -> Bigstring.t -> unit = fun key ?(pos=0) buf -> - match key with - | Pk pk -> Bigstring.blit pk 0 buf pos pkbytes - | Sk sk -> Bigstring.blit sk 0 buf pos skbytes - | Ek ek -> Bigstring.blit ek 0 buf pos ekbytes - - let equal : - type a. a key -> a key -> bool = fun a b -> match a, b with - | Pk a, Pk b -> Bigstring.equal a b - | Sk a, Sk b -> Bigstring.equal a b - | Ek a, Ek b -> Bigstring.equal a b - - external keypair : - Bigstring.t -> Bigstring.t -> unit = - "ml_crypto_sign_keypair" [@@noalloc] - - external keypair_seed : - Bigstring.t -> Bigstring.t -> unit = - "ml_crypto_sign_keypair_seed" [@@noalloc] - - let keypair ?seed () = - let pk = Bigstring.create pkbytes in - let sk = Bigstring.create skbytes in - begin match seed with - | None -> keypair pk sk - | Some buf -> - if Bigstring.length buf < seedbytes then - invalid_arg "Sign.keypair: seed must be at least 32 bytes long" ; - Bigstring.blit buf 0 sk 0 pkbytes ; - keypair_seed pk sk - end ; - Pk pk, Sk sk - - let extended (Sk sk) = - let buf = Hash.sha512 (Bigstring.sub sk 0 pkbytes) in - BigEndian.(set_int8 buf 0 (get_uint8 buf 0 land 248)) ; - BigEndian.(set_int8 buf 31 (get_uint8 buf 31 land 127)) ; - BigEndian.(set_int8 buf 31 (get_uint8 buf 31 lor 64)) ; - Ek buf - - external sign : - Bigstring.t -> Bigstring.t -> unit = - "ml_crypto_sign" [@@noalloc] - - external sign_extended : - Bigstring.t -> Bigstring.t -> unit = - "ml_crypto_sign_extended" [@@noalloc] - - let sign ~key:(Sk sk) msg = - let msglen = Bigstring.length msg in - let buf = Bigstring.create (bytes + msglen) in - Bigstring.blit msg 0 buf bytes msglen ; - sign buf sk ; - buf - - let sign_extended ~key:(Ek ek) msg = - let msglen = Bigstring.length msg in - let buf = Bigstring.create (bytes + msglen) in - Bigstring.blit msg 0 buf bytes msglen ; - sign_extended buf ek ; - buf - - let detached ~key msg = - Bigstring.sub (sign ~key msg) 0 bytes - - let detached_extended ~key msg = - Bigstring.sub (sign_extended ~key msg) 0 bytes - - external verify : - Bigstring.t -> Bigstring.t -> Bigstring.t -> int = - "ml_crypto_sign_open" [@@noalloc] - - let verify ~key:(Pk pk) smsg = - let msg = Bigstring.(create (length smsg)) in - match verify msg smsg pk with - | -1 -> None - | len -> Some (Bigstring.sub msg 0 len) - - let verify_detached ~key ~signature msg = - let msglen = Bigstring.length msg in - let buf = Bigstring.create (bytes + msglen) in - Bigstring.blit signature 0 buf 0 bytes ; - Bigstring.blit msg 0 buf bytes msglen ; - match verify ~key buf with - | None -> false - | Some _ -> true - - external add : - Bigstring.t -> Bigstring.t -> unit = - "ml_add" [@@noalloc] - - let add (Pk p) (Pk q) = - let buf = Bigstring.create pkbytes in - Bigstring.blit p 0 buf 0 pkbytes ; - add buf q ; - Pk buf - - external mult : - Bigstring.t -> Bigstring.t -> Bigstring.t -> unit = - "ml_scalarmult" [@@noalloc] - - external base : - Bigstring.t -> Bigstring.t -> unit = - "ml_scalarbase" [@@noalloc] - - let mult (Pk q) s = - let r = Bigstring.create pkbytes in - let scalar = Bigstring.create pkbytes in - buf_of_z scalar s ; - mult r q scalar ; - Pk r - - let base_direct s = - let buf = Bigstring.create pkbytes in - base buf s ; - buf - - let base s = - let r = Bigstring.create pkbytes in - let scalar = Bigstring.create pkbytes in - buf_of_z scalar s ; - base r scalar ; - Pk r - - let public : type a. a key -> public key = function - | Pk _ as pk -> pk - | Sk buf -> Pk (Bigstring.sub buf 32 32) - | Ek buf -> Pk (base_direct (Bigstring.sub buf 0 32)) -end - -(*--------------------------------------------------------------------------- - Copyright (c) 2017 Vincent Bernardoff - - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - - THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - ---------------------------------------------------------------------------*) diff --git a/vendors/ocaml-tweetnacl/src/tweetnacl.mli b/vendors/ocaml-tweetnacl/src/tweetnacl.mli deleted file mode 100644 index 78b57142c..000000000 --- a/vendors/ocaml-tweetnacl/src/tweetnacl.mli +++ /dev/null @@ -1,154 +0,0 @@ -(*--------------------------------------------------------------------------- - Copyright (c) 2017 Vincent Bernardoff. All rights reserved. - Distributed under the ISC license, see terms at the end of the file. - ---------------------------------------------------------------------------*) - -module Rand : sig - val gen : int -> Bigstring.t - val write : Bigstring.t -> unit -end - -module Hash : sig - val sha512 : Bigstring.t -> Bigstring.t -end - -module Nonce : sig - type t - val bytes : int - val gen : unit -> t - val increment : ?step:int -> t -> t - val of_bytes : Bigstring.t -> t option - val of_bytes_exn : Bigstring.t -> t - val to_bytes : t -> Bigstring.t -end - -module Secretbox : sig - type key - - val keybytes : int - val zerobytes : int - val boxzerobytes : int - - val genkey : unit -> key - val of_bytes : Bigstring.t -> key option - val of_bytes_exn : Bigstring.t -> key - - val box : key:key -> nonce:Nonce.t -> msg:Bigstring.t -> Bigstring.t - val box_open : key:key -> nonce:Nonce.t -> cmsg:Bigstring.t -> Bigstring.t option - - val box_noalloc : key:key -> nonce:Nonce.t -> msg:Bigstring.t -> unit - val box_open_noalloc : key:key -> nonce:Nonce.t -> cmsg:Bigstring.t -> bool -end - -module Box : sig - type secret - type public - type combined - - type _ key - - val skbytes : int - val pkbytes : int - val beforenmbytes : int - val zerobytes : int - val boxzerobytes : int - - val equal : 'a key -> 'a key -> bool - val to_bytes : _ key -> Bigstring.t - val blit_to_bytes : _ key -> ?pos:int -> Bigstring.t -> unit - - val sk_of_bytes : Bigstring.t -> secret key option - val pk_of_bytes : Bigstring.t -> public key option - val ck_of_bytes : Bigstring.t -> combined key option - - val sk_of_bytes_exn : Bigstring.t -> secret key - val pk_of_bytes_exn : Bigstring.t -> public key - val ck_of_bytes_exn : Bigstring.t -> combined key - - val keypair : unit -> public key * secret key - - val box : - pk:public key -> sk:secret key -> - nonce:Nonce.t -> msg:Bigstring.t -> Bigstring.t - val box_open : - pk:public key -> sk:secret key -> - nonce:Nonce.t -> cmsg:Bigstring.t -> Bigstring.t option - - val box_noalloc : - pk:public key -> sk:secret key -> - nonce:Nonce.t -> msg:Bigstring.t -> unit - val box_open_noalloc : - pk:public key -> sk:secret key -> - nonce:Nonce.t -> cmsg:Bigstring.t -> bool - - val combine : public key -> secret key -> combined key - val box_combined : - k:combined key -> nonce:Nonce.t -> msg:Bigstring.t -> Bigstring.t - val box_open_combined : - k:combined key -> nonce:Nonce.t -> cmsg:Bigstring.t -> Bigstring.t option - - val box_combined_noalloc : - k:combined key -> nonce:Nonce.t -> msg:Bigstring.t -> unit - val box_open_combined_noalloc : - k:combined key -> nonce:Nonce.t -> cmsg:Bigstring.t -> bool -end - -module Sign : sig - type secret - type extended - type public - type _ key - - val bytes : int - val pkbytes : int - val skbytes : int - val ekbytes : int - val seedbytes : int - - val to_bytes : _ key -> Bigstring.t - val blit_to_bytes : _ key -> ?pos:int -> Bigstring.t -> unit - - val sk_of_bytes : Bigstring.t -> secret key option - val ek_of_bytes : Bigstring.t -> extended key option - val pk_of_bytes : Bigstring.t -> public key option - - val sk_of_bytes_exn : Bigstring.t -> secret key - val ek_of_bytes_exn : Bigstring.t -> extended key - val pk_of_bytes_exn : Bigstring.t -> public key - - val keypair : ?seed:Bigstring.t -> unit -> public key * secret key - val equal : 'a key -> 'a key -> bool - - val extended : secret key -> extended key - val seed : secret key -> Bigstring.t - val public : _ key -> public key - - val sign : key:secret key -> Bigstring.t -> Bigstring.t - val sign_extended : key:extended key -> Bigstring.t -> Bigstring.t - - val detached : key:secret key -> Bigstring.t -> Bigstring.t - val detached_extended : key:extended key -> Bigstring.t -> Bigstring.t - - val verify : key:public key -> Bigstring.t -> Bigstring.t option - val verify_detached : key:public key -> signature:Bigstring.t -> Bigstring.t -> bool - - val add : public key -> public key -> public key - val mult : public key -> Z.t -> public key - val base : Z.t -> public key -end - -(*--------------------------------------------------------------------------- - Copyright (c) 2017 Vincent Bernardoff - - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - - THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - ---------------------------------------------------------------------------*) diff --git a/vendors/ocaml-tweetnacl/src/tweetnacl_stubs.c b/vendors/ocaml-tweetnacl/src/tweetnacl_stubs.c deleted file mode 100644 index f961fdad9..000000000 --- a/vendors/ocaml-tweetnacl/src/tweetnacl_stubs.c +++ /dev/null @@ -1,1079 +0,0 @@ -#include "tweetnacl.h" -#define FOR(i,n) for (i = 0;i < n;++i) -#define sv static void - -typedef unsigned char u8; -typedef unsigned long u32; -typedef unsigned long long u64; -typedef long long i64; -typedef i64 gf[16]; -extern void randombytes(u8 *,u64); - -static const u8 - _0[16], - _9[32] = {9}; -static const gf - gf0, - gf1 = {1}, - _121665 = {0xDB41,1}, - D = {0x78a3, 0x1359, 0x4dca, 0x75eb, 0xd8ab, 0x4141, 0x0a4d, 0x0070, 0xe898, 0x7779, 0x4079, 0x8cc7, 0xfe73, 0x2b6f, 0x6cee, 0x5203}, - D2 = {0xf159, 0x26b2, 0x9b94, 0xebd6, 0xb156, 0x8283, 0x149a, 0x00e0, 0xd130, 0xeef3, 0x80f2, 0x198e, 0xfce7, 0x56df, 0xd9dc, 0x2406}, - X = {0xd51a, 0x8f25, 0x2d60, 0xc956, 0xa7b2, 0x9525, 0xc760, 0x692c, 0xdc5c, 0xfdd6, 0xe231, 0xc0a4, 0x53fe, 0xcd6e, 0x36d3, 0x2169}, - Y = {0x6658, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666}, - I = {0xa0b0, 0x4a0e, 0x1b27, 0xc4ee, 0xe478, 0xad2f, 0x1806, 0x2f43, 0xd7a7, 0x3dfb, 0x0099, 0x2b4d, 0xdf0b, 0x4fc1, 0x2480, 0x2b83}; - -static u32 L32(u32 x,int c) { return (x << c) | ((x&0xffffffff) >> (32 - c)); } - -static u32 ld32(const u8 *x) -{ - u32 u = x[3]; - u = (u<<8)|x[2]; - u = (u<<8)|x[1]; - return (u<<8)|x[0]; -} - -static u64 dl64(const u8 *x) -{ - u64 i,u=0; - FOR(i,8) u=(u<<8)|x[i]; - return u; -} - -sv st32(u8 *x,u32 u) -{ - int i; - FOR(i,4) { x[i] = u; u >>= 8; } -} - -sv ts64(u8 *x,u64 u) -{ - int i; - for (i = 7;i >= 0;--i) { x[i] = u; u >>= 8; } -} - -static int vn(const u8 *x,const u8 *y,int n) -{ - u32 i,d = 0; - FOR(i,n) d |= x[i]^y[i]; - return (1 & ((d - 1) >> 8)) - 1; -} - -int crypto_verify_16(const u8 *x,const u8 *y) -{ - return vn(x,y,16); -} - -int crypto_verify_32(const u8 *x,const u8 *y) -{ - return vn(x,y,32); -} - -sv core(u8 *out,const u8 *in,const u8 *k,const u8 *c,int h) -{ - u32 w[16],x[16],y[16],t[4]; - int i,j,m; - - FOR(i,4) { - x[5*i] = ld32(c+4*i); - x[1+i] = ld32(k+4*i); - x[6+i] = ld32(in+4*i); - x[11+i] = ld32(k+16+4*i); - } - - FOR(i,16) y[i] = x[i]; - - FOR(i,20) { - FOR(j,4) { - FOR(m,4) t[m] = x[(5*j+4*m)%16]; - t[1] ^= L32(t[0]+t[3], 7); - t[2] ^= L32(t[1]+t[0], 9); - t[3] ^= L32(t[2]+t[1],13); - t[0] ^= L32(t[3]+t[2],18); - FOR(m,4) w[4*j+(j+m)%4] = t[m]; - } - FOR(m,16) x[m] = w[m]; - } - - if (h) { - FOR(i,16) x[i] += y[i]; - FOR(i,4) { - x[5*i] -= ld32(c+4*i); - x[6+i] -= ld32(in+4*i); - } - FOR(i,4) { - st32(out+4*i,x[5*i]); - st32(out+16+4*i,x[6+i]); - } - } else - FOR(i,16) st32(out + 4 * i,x[i] + y[i]); -} - -int crypto_core_salsa20(u8 *out,const u8 *in,const u8 *k,const u8 *c) -{ - core(out,in,k,c,0); - return 0; -} - -int crypto_core_hsalsa20(u8 *out,const u8 *in,const u8 *k,const u8 *c) -{ - core(out,in,k,c,1); - return 0; -} - -static const u8 sigma[16] = "expand 32-byte k"; - -int crypto_stream_salsa20_xor(u8 *c,const u8 *m,u64 b,const u8 *n,const u8 *k) -{ - u8 z[16],x[64]; - u32 u,i; - if (!b) return 0; - FOR(i,16) z[i] = 0; - FOR(i,8) z[i] = n[i]; - while (b >= 64) { - crypto_core_salsa20(x,z,k,sigma); - FOR(i,64) c[i] = (m?m[i]:0) ^ x[i]; - u = 1; - for (i = 8;i < 16;++i) { - u += (u32) z[i]; - z[i] = u; - u >>= 8; - } - b -= 64; - c += 64; - if (m) m += 64; - } - if (b) { - crypto_core_salsa20(x,z,k,sigma); - FOR(i,b) c[i] = (m?m[i]:0) ^ x[i]; - } - return 0; -} - -int crypto_stream_salsa20(u8 *c,u64 d,const u8 *n,const u8 *k) -{ - return crypto_stream_salsa20_xor(c,0,d,n,k); -} - -int crypto_stream(u8 *c,u64 d,const u8 *n,const u8 *k) -{ - u8 s[32]; - crypto_core_hsalsa20(s,n,k,sigma); - return crypto_stream_salsa20(c,d,n+16,s); -} - -int crypto_stream_xor(u8 *c,const u8 *m,u64 d,const u8 *n,const u8 *k) -{ - u8 s[32]; - crypto_core_hsalsa20(s,n,k,sigma); - return crypto_stream_salsa20_xor(c,m,d,n+16,s); -} - -sv add1305(u32 *h,const u32 *c) -{ - u32 j,u = 0; - FOR(j,17) { - u += h[j] + c[j]; - h[j] = u & 255; - u >>= 8; - } -} - -static const u32 minusp[17] = { - 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 252 -} ; - -int crypto_onetimeauth(u8 *out,const u8 *m,u64 n,const u8 *k) -{ - u32 s,i,j,u,x[17],r[17],h[17],c[17],g[17]; - - FOR(j,17) r[j]=h[j]=0; - FOR(j,16) r[j]=k[j]; - r[3]&=15; - r[4]&=252; - r[7]&=15; - r[8]&=252; - r[11]&=15; - r[12]&=252; - r[15]&=15; - - while (n > 0) { - FOR(j,17) c[j] = 0; - for (j = 0;(j < 16) && (j < n);++j) c[j] = m[j]; - c[j] = 1; - m += j; n -= j; - add1305(h,c); - FOR(i,17) { - x[i] = 0; - FOR(j,17) x[i] += h[j] * ((j <= i) ? r[i - j] : 320 * r[i + 17 - j]); - } - FOR(i,17) h[i] = x[i]; - u = 0; - FOR(j,16) { - u += h[j]; - h[j] = u & 255; - u >>= 8; - } - u += h[16]; h[16] = u & 3; - u = 5 * (u >> 2); - FOR(j,16) { - u += h[j]; - h[j] = u & 255; - u >>= 8; - } - u += h[16]; h[16] = u; - } - - FOR(j,17) g[j] = h[j]; - add1305(h,minusp); - s = -(h[16] >> 7); - FOR(j,17) h[j] ^= s & (g[j] ^ h[j]); - - FOR(j,16) c[j] = k[j + 16]; - c[16] = 0; - add1305(h,c); - FOR(j,16) out[j] = h[j]; - return 0; -} - -int crypto_onetimeauth_verify(const u8 *h,const u8 *m,u64 n,const u8 *k) -{ - u8 x[16]; - crypto_onetimeauth(x,m,n,k); - return crypto_verify_16(h,x); -} - -int crypto_secretbox(u8 *c,const u8 *m,u64 d,const u8 *n,const u8 *k) -{ - int i; - if (d < 32) return -1; - crypto_stream_xor(c,m,d,n,k); - crypto_onetimeauth(c + 16,c + 32,d - 32,c); - FOR(i,16) c[i] = 0; - return 0; -} - -int crypto_secretbox_open(u8 *m,const u8 *c,u64 d,const u8 *n,const u8 *k) -{ - int i; - u8 x[32]; - if (d < 32) return -1; - crypto_stream(x,32,n,k); - if (crypto_onetimeauth_verify(c + 16,c + 32,d - 32,x) != 0) return -1; - crypto_stream_xor(m,c,d,n,k); - FOR(i,32) m[i] = 0; - return 0; -} - -sv set25519(gf r, const gf a) -{ - int i; - FOR(i,16) r[i]=a[i]; -} - -sv car25519(gf o) -{ - int i; - i64 c; - FOR(i,16) { - o[i]+=(1LL<<16); - c=o[i]>>16; - o[(i+1)*(i<15)]+=c-1+37*(c-1)*(i==15); - o[i]-=c<<16; - } -} - -sv sel25519(gf p,gf q,int b) -{ - i64 t,i,c=~(b-1); - FOR(i,16) { - t= c&(p[i]^q[i]); - p[i]^=t; - q[i]^=t; - } -} - -sv pack25519(u8 *o,const gf n) -{ - int i,j,b; - gf m,t; - FOR(i,16) t[i]=n[i]; - car25519(t); - car25519(t); - car25519(t); - FOR(j,2) { - m[0]=t[0]-0xffed; - for(i=1;i<15;i++) { - m[i]=t[i]-0xffff-((m[i-1]>>16)&1); - m[i-1]&=0xffff; - } - m[15]=t[15]-0x7fff-((m[14]>>16)&1); - b=(m[15]>>16)&1; - m[14]&=0xffff; - sel25519(t,m,1-b); - } - FOR(i,16) { - o[2*i]=t[i]&0xff; - o[2*i+1]=t[i]>>8; - } -} - -static int neq25519(const gf a, const gf b) -{ - u8 c[32],d[32]; - pack25519(c,a); - pack25519(d,b); - return crypto_verify_32(c,d); -} - -static u8 par25519(const gf a) -{ - u8 d[32]; - pack25519(d,a); - return d[0]&1; -} - -sv unpack25519(gf o, const u8 *n) -{ - int i; - FOR(i,16) o[i]=n[2*i]+((i64)n[2*i+1]<<8); - o[15]&=0x7fff; -} - -sv A(gf o,const gf a,const gf b) -{ - int i; - FOR(i,16) o[i]=a[i]+b[i]; -} - -sv Z(gf o,const gf a,const gf b) -{ - int i; - FOR(i,16) o[i]=a[i]-b[i]; -} - -sv M(gf o,const gf a,const gf b) -{ - i64 i,j,t[31]; - FOR(i,31) t[i]=0; - FOR(i,16) FOR(j,16) t[i+j]+=a[i]*b[j]; - FOR(i,15) t[i]+=38*t[i+16]; - FOR(i,16) o[i]=t[i]; - car25519(o); - car25519(o); -} - -sv S(gf o,const gf a) -{ - M(o,a,a); -} - -sv inv25519(gf o,const gf i) -{ - gf c; - int a; - FOR(a,16) c[a]=i[a]; - for(a=253;a>=0;a--) { - S(c,c); - if(a!=2&&a!=4) M(c,c,i); - } - FOR(a,16) o[a]=c[a]; -} - -sv pow2523(gf o,const gf i) -{ - gf c; - int a; - FOR(a,16) c[a]=i[a]; - for(a=250;a>=0;a--) { - S(c,c); - if(a!=1) M(c,c,i); - } - FOR(a,16) o[a]=c[a]; -} - -int crypto_scalarmult(u8 *q,const u8 *n,const u8 *p) -{ - u8 z[32]; - i64 x[80],r,i; - gf a,b,c,d,e,f; - FOR(i,31) z[i]=n[i]; - z[31]=(n[31]&127)|64; - z[0]&=248; - unpack25519(x,p); - FOR(i,16) { - b[i]=x[i]; - d[i]=a[i]=c[i]=0; - } - a[0]=d[0]=1; - for(i=254;i>=0;--i) { - r=(z[i>>3]>>(i&7))&1; - sel25519(a,b,r); - sel25519(c,d,r); - A(e,a,c); - Z(a,a,c); - A(c,b,d); - Z(b,b,d); - S(d,e); - S(f,a); - M(a,c,a); - M(c,b,e); - A(e,a,c); - Z(a,a,c); - S(b,a); - Z(c,d,f); - M(a,c,_121665); - A(a,a,d); - M(c,c,a); - M(a,d,f); - M(d,b,x); - S(b,e); - sel25519(a,b,r); - sel25519(c,d,r); - } - FOR(i,16) { - x[i+16]=a[i]; - x[i+32]=c[i]; - x[i+48]=b[i]; - x[i+64]=d[i]; - } - inv25519(x+32,x+32); - M(x+16,x+16,x+32); - pack25519(q,x+16); - return 0; -} - -int crypto_scalarmult_base(u8 *q,const u8 *n) -{ - return crypto_scalarmult(q,n,_9); -} - -int crypto_box_keypair(u8 *y,u8 *x) -{ - randombytes(x,32); - return crypto_scalarmult_base(y,x); -} - -int crypto_box_beforenm(u8 *k,const u8 *y,const u8 *x) -{ - u8 s[32]; - crypto_scalarmult(s,x,y); - return crypto_core_hsalsa20(k,_0,s,sigma); -} - -int crypto_box_afternm(u8 *c,const u8 *m,u64 d,const u8 *n,const u8 *k) -{ - return crypto_secretbox(c,m,d,n,k); -} - -int crypto_box_open_afternm(u8 *m,const u8 *c,u64 d,const u8 *n,const u8 *k) -{ - return crypto_secretbox_open(m,c,d,n,k); -} - -int crypto_box(u8 *c,const u8 *m,u64 d,const u8 *n,const u8 *y,const u8 *x) -{ - u8 k[32]; - crypto_box_beforenm(k,y,x); - return crypto_box_afternm(c,m,d,n,k); -} - -int crypto_box_open(u8 *m,const u8 *c,u64 d,const u8 *n,const u8 *y,const u8 *x) -{ - u8 k[32]; - crypto_box_beforenm(k,y,x); - return crypto_box_open_afternm(m,c,d,n,k); -} - -static u64 R(u64 x,int c) { return (x >> c) | (x << (64 - c)); } -static u64 Ch(u64 x,u64 y,u64 z) { return (x & y) ^ (~x & z); } -static u64 Maj(u64 x,u64 y,u64 z) { return (x & y) ^ (x & z) ^ (y & z); } -static u64 Sigma0(u64 x) { return R(x,28) ^ R(x,34) ^ R(x,39); } -static u64 Sigma1(u64 x) { return R(x,14) ^ R(x,18) ^ R(x,41); } -static u64 sigma0(u64 x) { return R(x, 1) ^ R(x, 8) ^ (x >> 7); } -static u64 sigma1(u64 x) { return R(x,19) ^ R(x,61) ^ (x >> 6); } - -static const u64 K[80] = -{ - 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, 0xb5c0fbcfec4d3b2fULL, 0xe9b5dba58189dbbcULL, - 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL, 0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL, - 0xd807aa98a3030242ULL, 0x12835b0145706fbeULL, 0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL, - 0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL, 0x9bdc06a725c71235ULL, 0xc19bf174cf692694ULL, - 0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL, 0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL, - 0x2de92c6f592b0275ULL, 0x4a7484aa6ea6e483ULL, 0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL, - 0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL, 0xb00327c898fb213fULL, 0xbf597fc7beef0ee4ULL, - 0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL, 0x06ca6351e003826fULL, 0x142929670a0e6e70ULL, - 0x27b70a8546d22ffcULL, 0x2e1b21385c26c926ULL, 0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL, - 0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL, 0x81c2c92e47edaee6ULL, 0x92722c851482353bULL, - 0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL, 0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL, - 0xd192e819d6ef5218ULL, 0xd69906245565a910ULL, 0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL, - 0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL, 0x2748774cdf8eeb99ULL, 0x34b0bcb5e19b48a8ULL, - 0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL, 0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL, - 0x748f82ee5defb2fcULL, 0x78a5636f43172f60ULL, 0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL, - 0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL, 0xbef9a3f7b2c67915ULL, 0xc67178f2e372532bULL, - 0xca273eceea26619cULL, 0xd186b8c721c0c207ULL, 0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL, - 0x06f067aa72176fbaULL, 0x0a637dc5a2c898a6ULL, 0x113f9804bef90daeULL, 0x1b710b35131c471bULL, - 0x28db77f523047d84ULL, 0x32caab7b40c72493ULL, 0x3c9ebe0a15c9bebcULL, 0x431d67c49c100d4cULL, - 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL, 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL -}; - -int crypto_hashblocks(u8 *x,const u8 *m,u64 n) -{ - u64 z[8],b[8],a[8],w[16],t; - int i,j; - - FOR(i,8) z[i] = a[i] = dl64(x + 8 * i); - - while (n >= 128) { - FOR(i,16) w[i] = dl64(m + 8 * i); - - FOR(i,80) { - FOR(j,8) b[j] = a[j]; - t = a[7] + Sigma1(a[4]) + Ch(a[4],a[5],a[6]) + K[i] + w[i%16]; - b[7] = t + Sigma0(a[0]) + Maj(a[0],a[1],a[2]); - b[3] += t; - FOR(j,8) a[(j+1)%8] = b[j]; - if (i%16 == 15) - FOR(j,16) - w[j] += w[(j+9)%16] + sigma0(w[(j+1)%16]) + sigma1(w[(j+14)%16]); - } - - FOR(i,8) { a[i] += z[i]; z[i] = a[i]; } - - m += 128; - n -= 128; - } - - FOR(i,8) ts64(x+8*i,z[i]); - - return n; -} - -static const u8 iv[64] = { - 0x6a,0x09,0xe6,0x67,0xf3,0xbc,0xc9,0x08, - 0xbb,0x67,0xae,0x85,0x84,0xca,0xa7,0x3b, - 0x3c,0x6e,0xf3,0x72,0xfe,0x94,0xf8,0x2b, - 0xa5,0x4f,0xf5,0x3a,0x5f,0x1d,0x36,0xf1, - 0x51,0x0e,0x52,0x7f,0xad,0xe6,0x82,0xd1, - 0x9b,0x05,0x68,0x8c,0x2b,0x3e,0x6c,0x1f, - 0x1f,0x83,0xd9,0xab,0xfb,0x41,0xbd,0x6b, - 0x5b,0xe0,0xcd,0x19,0x13,0x7e,0x21,0x79 -} ; - -int crypto_hash(u8 *out,const u8 *m,u64 n) -{ - u8 h[64],x[256]; - u64 i,b = n; - - FOR(i,64) h[i] = iv[i]; - - crypto_hashblocks(h,m,n); - m += n; - n &= 127; - m -= n; - - FOR(i,256) x[i] = 0; - FOR(i,n) x[i] = m[i]; - x[n] = 128; - - n = 256-128*(n<112); - x[n-9] = b >> 61; - ts64(x+n-8,b<<3); - crypto_hashblocks(h,x,n); - - FOR(i,64) out[i] = h[i]; - - return 0; -} - -sv add(gf p[4],gf q[4]) -{ - gf a,b,c,d,t,e,f,g,h; - - Z(a, p[1], p[0]); - Z(t, q[1], q[0]); - M(a, a, t); - A(b, p[0], p[1]); - A(t, q[0], q[1]); - M(b, b, t); - M(c, p[3], q[3]); - M(c, c, D2); - M(d, p[2], q[2]); - A(d, d, d); - Z(e, b, a); - Z(f, d, c); - A(g, d, c); - A(h, b, a); - - M(p[0], e, f); - M(p[1], h, g); - M(p[2], g, f); - M(p[3], e, h); -} - -sv cswap(gf p[4],gf q[4],u8 b) -{ - int i; - FOR(i,4) - sel25519(p[i],q[i],b); -} - -sv pack(u8 *r,gf p[4]) -{ - gf tx, ty, zi; - inv25519(zi, p[2]); - M(tx, p[0], zi); - M(ty, p[1], zi); - pack25519(r, ty); - r[31] ^= par25519(tx) << 7; -} - -sv scalarmult(gf p[4],gf q[4],const u8 *s) -{ - int i; - set25519(p[0],gf0); - set25519(p[1],gf1); - set25519(p[2],gf1); - set25519(p[3],gf0); - for (i = 255;i >= 0;--i) { - u8 b = (s[i/8]>>(i&7))&1; - cswap(p,q,b); - add(q,p); - add(p,p); - cswap(p,q,b); - } -} - -sv scalarbase(gf p[4],const u8 *s) -{ - gf q[4]; - set25519(q[0],X); - set25519(q[1],Y); - set25519(q[2],gf1); - M(q[3],X,Y); - scalarmult(p,q,s); -} - -int crypto_sign_keypair(u8 *pk, u8 *sk) -{ - u8 d[64]; - gf p[4]; - int i; - - randombytes(sk, 32); - crypto_hash(d, sk, 32); - d[0] &= 248; - d[31] &= 127; - d[31] |= 64; - - scalarbase(p,d); - pack(pk,p); - - FOR(i,32) sk[32 + i] = pk[i]; - return 0; -} - -static const u64 L[32] = {0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x10}; - -sv modL(u8 *r,i64 x[64]) -{ - i64 carry,i,j; - for (i = 63;i >= 32;--i) { - carry = 0; - for (j = i - 32;j < i - 12;++j) { - x[j] += carry - 16 * x[i] * L[j - (i - 32)]; - carry = (x[j] + 128) >> 8; - x[j] -= carry << 8; - } - x[j] += carry; - x[i] = 0; - } - carry = 0; - FOR(j,32) { - x[j] += carry - (x[31] >> 4) * L[j]; - carry = x[j] >> 8; - x[j] &= 255; - } - FOR(j,32) x[j] -= carry * L[j]; - FOR(i,32) { - x[i+1] += x[i] >> 8; - r[i] = x[i] & 255; - } -} - -sv reduce(u8 *r) -{ - i64 x[64],i; - FOR(i,64) x[i] = (u64) r[i]; - FOR(i,64) r[i] = 0; - modL(r,x); -} - -int crypto_sign(u8 *sm,u64 *smlen,const u8 *m,u64 n,const u8 *sk) -{ - u8 d[64],h[64],r[64]; - i64 i,j,x[64]; - gf p[4]; - - crypto_hash(d, sk, 32); - d[0] &= 248; - d[31] &= 127; - d[31] |= 64; - - *smlen = n+64; - FOR(i,n) sm[64 + i] = m[i]; - FOR(i,32) sm[32 + i] = d[32 + i]; - - crypto_hash(r, sm+32, n+32); - reduce(r); - scalarbase(p,r); - pack(sm,p); - - FOR(i,32) sm[i+32] = sk[i+32]; - crypto_hash(h,sm,n + 64); - reduce(h); - - FOR(i,64) x[i] = 0; - FOR(i,32) x[i] = (u64) r[i]; - FOR(i,32) FOR(j,32) x[i+j] += h[i] * (u64) d[j]; - modL(sm + 32,x); - - return 0; -} - -static int unpackneg(gf r[4],const u8 p[32]) -{ - gf t, chk, num, den, den2, den4, den6; - set25519(r[2],gf1); - unpack25519(r[1],p); - S(num,r[1]); - M(den,num,D); - Z(num,num,r[2]); - A(den,r[2],den); - - S(den2,den); - S(den4,den2); - M(den6,den4,den2); - M(t,den6,num); - M(t,t,den); - - pow2523(t,t); - M(t,t,num); - M(t,t,den); - M(t,t,den); - M(r[0],t,den); - - S(chk,r[0]); - M(chk,chk,den); - if (neq25519(chk, num)) M(r[0],r[0],I); - - S(chk,r[0]); - M(chk,chk,den); - if (neq25519(chk, num)) return -1; - - if (par25519(r[0]) == (p[31]>>7)) Z(r[0],gf0,r[0]); - - M(r[3],r[0],r[1]); - return 0; -} - -int crypto_sign_open(u8 *m,u64 *mlen,const u8 *sm,u64 n,const u8 *pk) -{ - int i; - u8 t[32],h[64]; - gf p[4],q[4]; - - *mlen = -1; - if (n < 64) return -1; - - if (unpackneg(q,pk)) return -1; - - FOR(i,n) m[i] = sm[i]; - FOR(i,32) m[i+32] = pk[i]; - crypto_hash(h,m,n); - reduce(h); - scalarmult(p,q,h); - - scalarbase(q,sm + 32); - add(p,q); - pack(t,p); - - n -= 64; - if (crypto_verify_32(sm, t)) { - FOR(i,n) m[i] = 0; - return -1; - } - - FOR(i,n) m[i] = sm[i + 64]; - *mlen = n; - return 0; -} - -/********************************************************************* - * START OF CUSTOM C CODE - ********************************************************************/ - -#include -#include -#include -#include - -/* it's really stupid that there isn't a syscall for this */ - -static int fd = -1; - -void randombytes(u8 *x,u64 xlen) -{ - int i; - - if (fd == -1) { - for (;;) { - fd = open("/dev/urandom",O_RDONLY); - if (fd != -1) break; - sleep(1); - } - } - - while (xlen > 0) { - if (xlen < 1048576) i = xlen; else i = 1048576; - - i = read(fd,x,i); - if (i < 1) { - sleep(1); - continue; - } - - x += i; - xlen -= i; - } -} - -int crypto_sign_keypair_seed(u8 *pk, u8 *sk) -{ - u8 d[64]; - gf p[4]; - int i; - - crypto_hash(d, sk, 32); - d[0] &= 248; - d[31] &= 127; - d[31] |= 64; - - scalarbase(p,d); - pack(pk,p); - - FOR(i,32) sk[32 + i] = pk[i]; - return 0; -} - -int crypto_sign_extended(u8 *sm,u64 *smlen,const u8 *m,u64 n,const u8 *d) -{ - u8 pk[32],h[64],r[64]; - i64 i,j,x[64]; - gf p[4]; - - scalarbase(p,d); - pack(pk,p); - - *smlen = n+64; - FOR(i,n) sm[64 + i] = m[i]; - FOR(i,32) sm[32 + i] = d[32 + i]; - - crypto_hash(r, sm+32, n+32); - reduce(r); - scalarbase(p,r); - pack(sm,p); - - FOR(i,32) sm[i+32] = pk[i]; - crypto_hash(h,sm,n + 64); - reduce(h); - - FOR(i,64) x[i] = 0; - FOR(i,32) x[i] = (u64) r[i]; - FOR(i,32) FOR(j,32) x[i+j] += h[i] * (u64) d[j]; - modL(sm + 32,x); - - return 0; -} - -static int unpack(gf r[4],const u8 p[32]) -{ - gf t, chk, num, den, den2, den4, den6; - set25519(r[2],gf1); - unpack25519(r[1],p); - S(num,r[1]); - M(den,num,D); - Z(num,num,r[2]); - A(den,r[2],den); - - S(den2,den); - S(den4,den2); - M(den6,den4,den2); - M(t,den6,num); - M(t,t,den); - - pow2523(t,t); - M(t,t,num); - M(t,t,den); - M(t,t,den); - M(r[0],t,den); - - S(chk,r[0]); - M(chk,chk,den); - if (neq25519(chk, num)) M(r[0],r[0],I); - - S(chk,r[0]); - M(chk,chk,den); - if (neq25519(chk, num)) return -1; - - if (par25519(r[0]) != (p[31]>>7)) Z(r[0],gf0,r[0]); - - M(r[3],r[0],r[1]); - return 0; -} - -/********************************************************************* - * START OF OCAML BINDINGS - ********************************************************************/ - -#include -#include - -CAMLprim value ml_randombytes(value x, value xlen) { - randombytes(Caml_ba_data_val(x), Long_val(xlen)); - return Val_unit; -} - -CAMLprim value ml_secretbox(value c, value m, value n, value k) { - crypto_secretbox(Caml_ba_data_val(c), - Caml_ba_data_val(m), - Caml_ba_array_val(m)->dim[0], - Caml_ba_data_val(n), - Caml_ba_data_val(k)); - return Val_unit; -} - -CAMLprim value ml_secretbox_open(value m, value c, value n, value k) { - return Val_int(crypto_secretbox_open(Caml_ba_data_val(m), - Caml_ba_data_val(c), - Caml_ba_array_val(c)->dim[0], - Caml_ba_data_val(n), - Caml_ba_data_val(k))); -} - -CAMLprim value ml_crypto_hash(value r, value a, value size) { - crypto_hash(Caml_ba_data_val(r), Caml_ba_data_val(a), Long_val(size)); - return Val_unit; -} - -CAMLprim value ml_crypto_box_keypair(value pk, value sk) { - crypto_box_keypair(Caml_ba_data_val(pk), Caml_ba_data_val(sk)); - return Val_unit; -} - -CAMLprim value ml_crypto_box(value c, value m, value n, value pk, value sk) { - crypto_box(Caml_ba_data_val(c), - Caml_ba_data_val(m), - Caml_ba_array_val(m)->dim[0], - Caml_ba_data_val(n), - Caml_ba_data_val(pk), - Caml_ba_data_val(sk)); - return Val_unit; -} - -CAMLprim value ml_crypto_box_open(value m, value c, value n, value pk, value sk) { - return Val_int(crypto_box_open(Caml_ba_data_val(m), - Caml_ba_data_val(c), - Caml_ba_array_val(c)->dim[0], - Caml_ba_data_val(n), - Caml_ba_data_val(pk), - Caml_ba_data_val(sk))); -} - -CAMLprim value ml_crypto_box_beforenm(value k, value pk, value sk) { - crypto_box_beforenm(Caml_ba_data_val(k), - Caml_ba_data_val(pk), - Caml_ba_data_val(sk)); - return Val_unit; -} - -CAMLprim value ml_crypto_box_afternm(value c, value m, value n, value k) { - crypto_box_afternm(Caml_ba_data_val(c), - Caml_ba_data_val(m), - Caml_ba_array_val(m)->dim[0], - Caml_ba_data_val(n), - Caml_ba_data_val(k)); - return Val_unit; -} - -CAMLprim value ml_crypto_box_open_afternm(value m, value c, value n, value k) { - return Val_int(crypto_box_open_afternm(Caml_ba_data_val(m), - Caml_ba_data_val(c), - Caml_ba_array_val(c)->dim[0], - Caml_ba_data_val(n), - Caml_ba_data_val(k))); -} - -CAMLprim value ml_crypto_sign(value sm, value sk) { - unsigned long long smlen; - crypto_sign(Caml_ba_data_val(sm), - &smlen, - (unsigned char*) Caml_ba_data_val(sm) + 64, - Caml_ba_array_val(sm)->dim[0] - 64, - Caml_ba_data_val(sk)); - return Val_unit; -} - -CAMLprim value ml_crypto_sign_extended(value sm, value d) { - unsigned long long smlen; - crypto_sign_extended(Caml_ba_data_val(sm), - &smlen, - (unsigned char*) Caml_ba_data_val(sm) + 64, - Caml_ba_array_val(sm)->dim[0] - 64, - Caml_ba_data_val(d)); - return Val_unit; -} - -CAMLprim value ml_crypto_sign_open(value m, value sm, value pk) { - i64 mlen; - int ret = crypto_sign_open(Caml_ba_data_val(m), - &mlen, - Caml_ba_data_val(sm), - Caml_ba_array_val(sm)->dim[0], - Caml_ba_data_val(pk)); - return (ret == -1 ? Val_long(-1) : Val_long(mlen)); -} - -CAMLprim value ml_crypto_sign_keypair(value pk, value sk) { - crypto_sign_keypair(Caml_ba_data_val(pk), Caml_ba_data_val(sk)); - return Val_unit; -} - -CAMLprim value ml_crypto_sign_keypair_seed(value pk, value sk) { - crypto_sign_keypair_seed(Caml_ba_data_val(pk), Caml_ba_data_val(sk)); - return Val_unit; -} - -CAMLprim value ml_scalarmult(value p, value q, value s) { - gf pp[4], qq[4]; - unpack(qq, Caml_ba_data_val(q)); - scalarmult(pp, qq, Caml_ba_data_val(s)); - pack(Caml_ba_data_val(p), pp); - return Val_unit; -} - -CAMLprim value ml_scalarbase(value p, value s) { - gf pp[4]; - unpack(pp, Caml_ba_data_val(p)); - scalarbase(pp, Caml_ba_data_val(s)); - pack(Caml_ba_data_val(p), pp); - return Val_unit; -} - -CAMLprim value ml_add(value p, value q) { - gf pp[4], qq[4]; - unpack(pp, Caml_ba_data_val(p)); - unpack(qq, Caml_ba_data_val(q)); - add(pp, qq); - pack(Caml_ba_data_val(p), pp); - return Val_unit; -} diff --git a/vendors/ocaml-tweetnacl/test/jbuild b/vendors/ocaml-tweetnacl/test/jbuild deleted file mode 100644 index fcfd10d52..000000000 --- a/vendors/ocaml-tweetnacl/test/jbuild +++ /dev/null @@ -1,14 +0,0 @@ -(jbuild_version 1) - -(executable - ((name test) - (libraries (hex tweetnacl alcotest)))) - -(alias - ((name runtest-tweetnacl) - (deps (test.exe)) - (action (run ${<})))) - -(alias - ((name runtest) - (deps ((alias runtest-tweetnacl))))) diff --git a/vendors/ocaml-tweetnacl/test/test.ml b/vendors/ocaml-tweetnacl/test/test.ml deleted file mode 100644 index e16539ee7..000000000 --- a/vendors/ocaml-tweetnacl/test/test.ml +++ /dev/null @@ -1,198 +0,0 @@ -open Tweetnacl - -let pp_bigstring ppf buf = - Format.fprintf ppf "%a" Hex.pp (Hex.of_cstruct (Cstruct.of_bigarray buf)) - -let bigstring = Alcotest.testable pp_bigstring Bigstring.equal - -let msg = Bigstring.of_string "Voulez-vous coucher avec moi, ce soir ?" -let msglen = Bigstring.length msg - -let sha512 () = - let resp = `Hex "7941f442d956f124d77ee1d1f0ba3db100751090462cdce4aed5fcd240529097bc666bf9c424becde760910df652c7aefec50b02d7f6efe666f79e5242fb755b" in - let digest = Hash.sha512 msg in - assert (resp = (Hex.of_cstruct (Cstruct.of_bigarray digest))) - -let keypair () = - let seed = Rand.gen 32 in - let pk, sk = Sign.keypair ~seed () in - let pk', sk' = Sign.keypair ~seed () in - assert (Sign.equal pk pk') ; - assert (Sign.equal sk sk') - -let sign () = - let pk, sk = Sign.keypair () in - let signed_msg = Sign.sign ~key:sk msg in - match Sign.verify ~key:pk signed_msg with - | None -> assert false - | Some verified_msg -> - Alcotest.check bigstring "sign" msg verified_msg - -let sign_detached () = - let pk, sk = Sign.keypair () in - let signature = Sign.detached ~key:sk msg in - match Sign.verify_detached ~key:pk ~signature msg with - | false -> assert false - | true -> () - -let sign_extended () = - let pk, sk = Sign.keypair () in - let ek = Sign.extended sk in - let signed_msg = Sign.sign_extended ~key:ek msg in - match Sign.verify ~key:pk signed_msg with - | None -> assert false - | Some verified_msg -> - Alcotest.check bigstring "sign_extended" msg verified_msg - -let sign_extended_detached () = - let pk, sk = Sign.keypair () in - let ek = Sign.extended sk in - let signature = Sign.detached_extended ~key:ek msg in - match Sign.verify_detached ~key:pk ~signature msg with - | false -> assert false - | true -> () - -let public () = - let pk, sk = Sign.keypair () in - let pk' = Sign.to_bytes pk in - let ek = Sign.extended sk in - let ppk = Sign.(to_bytes (public pk)) in - let psk = Sign.(to_bytes (public sk)) in - let pek = Sign.(to_bytes (public ek)) in - Alcotest.check bigstring "public" pk' ppk ; - Alcotest.check bigstring "public" pk' psk ; - Alcotest.check bigstring "public" pk' pek - -let base () = - let pk, sk = Sign.keypair () in - let ek = Sign.(to_bytes (extended sk)) in - let z = Z.of_bits Bigstring.(to_string (sub ek 0 32)) in - let pk' = Sign.base z in - assert (Sign.equal pk pk') - -let comm () = - let pk1, _ = Sign.keypair () in - let pk2, _ = Sign.keypair () in - let pk3 = Sign.add pk1 pk2 in - let pk3' = Sign.add pk2 pk1 in - assert (Sign.equal pk3 pk3') - -let assoc () = - let pk1, _ = Sign.keypair () in - let pk2, _ = Sign.keypair () in - let pk3, _ = Sign.keypair () in - let sum12 = Sign.add pk1 pk2 in - let sum23 = Sign.add pk2 pk3 in - let a = Sign.add sum12 pk3 in - let b = Sign.add pk1 sum23 in - assert (Sign.equal a b) - -let arith () = - let pk, _sk = Sign.keypair () in - let pk2 = Sign.mult pk (Z.of_int 3) in - let pk2' = Sign.(add (add pk pk) pk) in - assert (Sign.equal pk2 pk2') - -let arith2 () = - let a = Sign.base (Z.of_int 3) in - let b = Sign.mult a (Z.of_int 2) in - let b' = Sign.base (Z.of_int 6) in - assert (Sign.equal b b') - -let hash = [ - "sha512", `Quick, sha512 ; -] - -let secretbox () = - let open Secretbox in - let key = genkey () in - let nonce = Nonce.gen () in - let cmsg = box ~key ~nonce ~msg in - assert (Bigstring.length cmsg = msglen + boxzerobytes) ; - begin match box_open ~key ~nonce ~cmsg with - | None -> assert false - | Some msg' -> Alcotest.check bigstring "secretbox" msg msg' - end - -let secretbox_noalloc () = - let open Secretbox in - let buflen = msglen + zerobytes in - let buf = Bigstring.create buflen in - Bigstring.fill buf '\x00' ; - Bigstring.blit msg 0 buf zerobytes msglen ; - let key = genkey () in - let nonce = Nonce.gen () in - box_noalloc ~key ~nonce ~msg:buf ; - let res = box_open_noalloc ~key ~nonce ~cmsg:buf in - assert res ; - Alcotest.check - bigstring "secretbox_noalloc" msg (Bigstring.sub buf zerobytes msglen) - -let secretbox = [ - "secretbox", `Quick, secretbox ; - "secretbox_noalloc", `Quick, secretbox_noalloc ; -] - -let box () = - let open Box in - let pk, sk = keypair () in - let k = combine pk sk in - let nonce = Nonce.gen () in - let cmsg = box ~pk ~sk ~nonce ~msg in - assert (Bigstring.length cmsg = msglen + boxzerobytes) ; - begin match box_open ~pk ~sk ~nonce ~cmsg with - | None -> assert false - | Some msg' -> Alcotest.check bigstring "box" msg msg' - end ; - let cmsg = box_combined ~k ~nonce ~msg in - begin match box_open_combined ~k ~nonce ~cmsg with - | None -> assert false - | Some msg' -> Alcotest.check bigstring "box" msg msg' - end - -let box_noalloc () = - let open Box in - let buflen = msglen + zerobytes in - let buf = Bigstring.create buflen in - Bigstring.fill buf '\x00' ; - Bigstring.blit msg 0 buf zerobytes msglen ; - let pk, sk = keypair () in - let k = combine pk sk in - let nonce = Nonce.gen () in - box_noalloc ~pk ~sk ~nonce ~msg:buf ; - let res = box_open_noalloc ~pk ~sk ~nonce ~cmsg:buf in - assert res ; - Alcotest.check bigstring - "box_noalloc" msg (Bigstring.sub buf zerobytes msglen) ; - box_combined_noalloc ~k ~nonce ~msg:buf ; - let res = box_open_combined_noalloc ~k ~nonce ~cmsg:buf in - assert res ; - Alcotest.check bigstring - "box_noalloc" msg (Bigstring.sub buf zerobytes msglen) - -let box = [ - "box", `Quick, box ; - "box_noalloc", `Quick, box_noalloc ; -] - -let sign = [ - "keypair", `Quick, keypair ; - "sign", `Quick, sign ; - "sign_detached", `Quick, sign_detached ; - "sign_extended", `Quick, sign_extended ; - "sign_extended_detached", `Quick, sign_extended_detached ; - "public", `Quick, public ; - "base", `Quick, base ; - "comm", `Quick, comm ; - "assoc", `Quick, assoc ; - "arith", `Quick, arith ; - "arith2", `Quick, arith2 ; -] - -let () = - Alcotest.run "tweetnacl" [ - "hash", hash ; - "secretbox", secretbox ; - "box", box ; - "sign", sign ; - ] diff --git a/vendors/ocaml-tweetnacl/tweetnacl.opam b/vendors/ocaml-tweetnacl/tweetnacl.opam deleted file mode 100644 index a5f3adeb4..000000000 --- a/vendors/ocaml-tweetnacl/tweetnacl.opam +++ /dev/null @@ -1,24 +0,0 @@ -opam-version: "1.2" -name: "tweetnacl" -version: "dev" -authors: "Vincent Bernardoff " -maintainer: "Vincent Bernardoff " -license: "ISC" -homepage: "https://github.com/vbmithr/ocaml-tweetnacl" -bug-reports: "https://github.com/vbmithr/ocaml-tweetnacl/issues" -dev-repo: "git://github.com/vbmithr/ocaml-tweetnacl" - -available: [ - ocaml-version >= "4.02.0" -] - -build: [ "jbuilder" "build" "-j" jobs "-p" name "@install" ] -build-test: [ "jbuilder" "runtest" "-p" name "-j" jobs ] -depends: [ - "jbuilder" {build & >= "1.0+beta16"} - "bigstring" {>= "0.1.1"} - "ocplib-endian" {>= "1.0"} - "zarith" {>= "1.7"} - "alcotest" {test & >= "0.8.1"} - "hex" {test & >= "1.2.0"} -]