void ccpoly_encrypt(uchar *dat, ulong ndat, uchar *aad, ulong naad, uchar tag[16], Chachastate *cs);
int ccpoly_decrypt(uchar *dat, ulong ndat, uchar *aad, ulong naad, uchar tag[16], Chachastate *cs);
+/*
+ * Salsa definitions
+ */
+enum
+{
+ SalsaBsize= 64,
+ SalsaKeylen= 256/8,
+ SalsaIVlen= 64/8,
+ XSalsaIVlen= 192/8,
+};
+
+typedef struct Salsastate Salsastate;
+struct Salsastate
+{
+ u32int input[16];
+ u32int key[8];
+ int rounds;
+ int ivwords;
+};
+
+void setupSalsastate(Salsastate*, uchar*, ulong, uchar*, ulong, int);
+void salsa_setiv(Salsastate*, uchar*);
+void salsa_setblock(Salsastate*, u64int);
+void salsa_encrypt(uchar*, ulong, Salsastate*);
+void salsa_encrypt2(uchar*, uchar*, ulong, Salsastate*);
+
+void hsalsa(uchar h[32], uchar *key, ulong keylen, uchar nonce[16], int rounds);
+
/*
* DES definitions
*/
void asn1dump(uchar *der, int len);
uchar* decodePEM(char *s, char *type, int *len, char **new_s);
PEMChain* decodepemchain(char *s, char *type);
-uchar* X509gen(RSApriv *priv, char *subj, ulong valid[2], int *certlen);
-uchar* X509req(RSApriv *priv, char *subj, int *certlen);
-char* X509verifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, RSApub *pk);
-char* X509verifydata(uchar *sig, int siglen, uchar *data, int datalen, RSApub *pk);
-char* X509verify(uchar *cert, int ncert, RSApub *pk);
+uchar* X509rsagen(RSApriv *priv, char *subj, ulong valid[2], int *certlen);
+uchar* X509rsareq(RSApriv *priv, char *subj, int *certlen);
+char* X509rsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, RSApub *pk);
+char* X509rsaverify(uchar *cert, int ncert, RSApub *pk);
+
void X509dump(uchar *cert, int ncert);
/*
char dir[40]; /* connection directory */
uchar *cert; /* certificate (local on input, remote on output) */
uchar *sessionID;
+ uchar *psk;
int certlen;
int sessionIDlen;
+ int psklen;
int (*trace)(char*fmt, ...);
PEMChain*chain; /* optional extra certificate evidence for servers to present */
char *sessionType;
int sessionKeylen;
char *sessionConst;
char *serverName;
+ char *pskID;
} TLSconn;
/* tlshand.c */
mpint *p;
mpint *a;
mpint *b;
- ECpoint *G;
+ ECpoint G;
mpint *n;
mpint *h;
} ECdomain;
+void ecdominit(ECdomain *, void (*init)(mpint *p, mpint *a, mpint *b, mpint *x, mpint *y, mpint *n, mpint *h));
+void ecdomfree(ECdomain *);
+
void ecassign(ECdomain *, ECpoint *old, ECpoint *new);
void ecadd(ECdomain *, ECpoint *a, ECpoint *b, ECpoint *s);
void ecmul(ECdomain *, ECpoint *a, mpint *k, ECpoint *s);
void base58enc(uchar *, char *, int);
int base58dec(char *, uchar *, int);
+ECpub* ecdecodepub(ECdomain *dom, uchar *, int);
+int ecencodepub(ECdomain *dom, ECpub *, uchar *, int);
+void ecpubfree(ECpub *);
+
+ECpub* X509toECpub(uchar *cert, int ncert, ECdomain *dom);
+char* X509ecdsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, ECdomain *dom, ECpub *pub);
+char* X509ecdsaverify(uchar *sig, int siglen, ECdomain *dom, ECpub *pub);
+
+/* curves */
+void secp256r1(mpint *p, mpint *a, mpint *b, mpint *x, mpint *y, mpint *n, mpint *h);
+void secp256k1(mpint *p, mpint *a, mpint *b, mpint *x, mpint *y, mpint *n, mpint *h);
+
DigestState* ripemd160(uchar *, ulong, uchar *, DigestState *);
/*