remove exposed .h crypto headers

nostr_core/crypto/nostr_aes.c

@@ -1,15 +1,76 @@
 /*
  * NOSTR AES Implementation
- * 
+ *
  * Based on tiny-AES-c by kokke (public domain)
  * Configured specifically for NIP-04: AES-256-CBC only
- * 
+ *
  * This is an implementation of the AES algorithm, specifically CBC mode.
  * Configured for AES-256 as required by NIP-04.
  */
 
+#include <stdint.h>
+#include <stddef.h>
 #include <string.h> // CBC mode, for memset
-#include "nostr_aes.h"
+
+// Configure for NIP-04 requirements: AES-256-CBC only
+#define CBC 1
+#define ECB 0
+#define CTR 0
+
+// Configure for AES-256 (required by NIP-04)
+#define AES128 0
+#define AES192 0
+#define AES256 1
+
+#define AES_BLOCKLEN 16 // Block length in bytes - AES is 128b block only
+
+#if defined(AES256) && (AES256 == 1)
+    #define AES_KEYLEN 32
+    #define AES_keyExpSize 240
+#elif defined(AES192) && (AES192 == 1)
+    #define AES_KEYLEN 24
+    #define AES_keyExpSize 208
+#else
+    #define AES_KEYLEN 16   // Key length in bytes
+    #define AES_keyExpSize 176
+#endif
+
+struct AES_ctx
+{
+  uint8_t RoundKey[AES_keyExpSize];
+#if (defined(CBC) && (CBC == 1)) || (defined(CTR) && (CTR == 1))
+  uint8_t Iv[AES_BLOCKLEN];
+#endif
+};
+
+// state - array holding the intermediate results during decryption.
+typedef uint8_t state_t[4][4];
+
+// Function prototypes (internal use only)
+static void KeyExpansion(uint8_t* RoundKey, const uint8_t* Key);
+static void AddRoundKey(uint8_t round, state_t* state, const uint8_t* RoundKey);
+static void SubBytes(state_t* state);
+static void ShiftRows(state_t* state);
+static uint8_t xtime(uint8_t x);
+static void MixColumns(state_t* state);
+static void InvMixColumns(state_t* state);
+static void InvSubBytes(state_t* state);
+static void InvShiftRows(state_t* state);
+static void Cipher(state_t* state, const uint8_t* RoundKey);
+static void InvCipher(state_t* state, const uint8_t* RoundKey);
+static void XorWithIv(uint8_t* buf, const uint8_t* Iv);
+
+// Public functions (used by NIP-04 implementation)
+void AES_init_ctx(struct AES_ctx* ctx, const uint8_t* key);
+#if (defined(CBC) && (CBC == 1)) || (defined(CTR) && (CTR == 1))
+void AES_init_ctx_iv(struct AES_ctx* ctx, const uint8_t* key, const uint8_t* iv);
+void AES_ctx_set_iv(struct AES_ctx* ctx, const uint8_t* iv);
+#endif
+
+#if defined(CBC) && (CBC == 1)
+void AES_CBC_encrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, size_t length);
+void AES_CBC_decrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, size_t length);
+#endif
 
 // The number of columns comprising a state in AES. This is a constant in AES. Value=4
 #define Nb 4

nostr_core/crypto/nostr_aes.h

@@ -1,53 +0,0 @@
-#ifndef _NOSTR_AES_H_
-#define _NOSTR_AES_H_
-
-#include <stdint.h>
-#include <stddef.h>
-
-// Configure for NIP-04 requirements: AES-256-CBC only
-#define CBC 1
-#define ECB 0
-#define CTR 0
-
-// Configure for AES-256 (required by NIP-04)
-#define AES128 0
-#define AES192 0
-#define AES256 1
-
-#define AES_BLOCKLEN 16 // Block length in bytes - AES is 128b block only
-
-#if defined(AES256) && (AES256 == 1)
-    #define AES_KEYLEN 32
-    #define AES_keyExpSize 240
-#elif defined(AES192) && (AES192 == 1)
-    #define AES_KEYLEN 24
-    #define AES_keyExpSize 208
-#else
-    #define AES_KEYLEN 16   // Key length in bytes
-    #define AES_keyExpSize 176
-#endif
-
-struct AES_ctx
-{
-  uint8_t RoundKey[AES_keyExpSize];
-#if (defined(CBC) && (CBC == 1)) || (defined(CTR) && (CTR == 1))
-  uint8_t Iv[AES_BLOCKLEN];
-#endif
-};
-
-void AES_init_ctx(struct AES_ctx* ctx, const uint8_t* key);
-#if (defined(CBC) && (CBC == 1)) || (defined(CTR) && (CTR == 1))
-void AES_init_ctx_iv(struct AES_ctx* ctx, const uint8_t* key, const uint8_t* iv);
-void AES_ctx_set_iv(struct AES_ctx* ctx, const uint8_t* iv);
-#endif
-
-#if defined(CBC) && (CBC == 1)
-// buffer size MUST be multiple of AES_BLOCKLEN;
-// Suggest https://en.wikipedia.org/wiki/Padding_(cryptography)#PKCS7 for padding scheme
-// NOTES: you need to set IV in ctx via AES_init_ctx_iv() or AES_ctx_set_iv()
-//        no IV should ever be reused with the same key 
-void AES_CBC_encrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, size_t length);
-void AES_CBC_decrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, size_t length);
-#endif // #if defined(CBC) && (CBC == 1)
-
-#endif // _NOSTR_AES_H_

nostr_core/crypto/nostr_chacha20.c

@@ -1,15 +1,47 @@
 /*
  * nostr_chacha20.c - ChaCha20 stream cipher implementation
- * 
+ *
  * Implementation based on RFC 8439 "ChaCha20 and Poly1305 for IETF Protocols"
- * 
+ *
  * This implementation is adapted from the RFC 8439 reference specification.
  * It prioritizes correctness and clarity over performance optimization.
  */
 
-#include "nostr_chacha20.h"
+#include <stdint.h>
+#include <stddef.h>
 #include <string.h>
 
+/*
+ * ============================================================================
+ * CONSTANTS AND DEFINITIONS
+ * ============================================================================
+ */
+
+#define CHACHA20_KEY_SIZE    32  /* 256 bits */
+#define CHACHA20_NONCE_SIZE  12  /* 96 bits */
+#define CHACHA20_BLOCK_SIZE  64  /* 512 bits */
+
+/*
+ * ============================================================================
+ * FUNCTION PROTOTYPES (INTERNAL USE ONLY)
+ * ============================================================================
+ */
+
+// Internal utility functions
+static uint32_t bytes_to_u32_le(const uint8_t *bytes);
+static void u32_to_bytes_le(uint32_t val, uint8_t *bytes);
+
+// Public functions (used by NIP-44 implementation)
+void chacha20_quarter_round(uint32_t state[16], int a, int b, int c, int d);
+int chacha20_block(const uint8_t key[32], uint32_t counter,
+                   const uint8_t nonce[12], uint8_t output[64]);
+int chacha20_encrypt(const uint8_t key[32], uint32_t counter,
+                     const uint8_t nonce[12], const uint8_t* input,
+                     uint8_t* output, size_t length);
+void chacha20_init_state(uint32_t state[16], const uint8_t key[32],
+                         uint32_t counter, const uint8_t nonce[12]);
+void chacha20_serialize_state(const uint32_t state[16], uint8_t output[64]);
+
 /*
  * ============================================================================
  * UTILITY MACROS AND FUNCTIONS

nostr_core/crypto/nostr_chacha20.h

@@ -1,115 +0,0 @@
-/*
- * nostr_chacha20.h - ChaCha20 stream cipher implementation
- * 
- * Implementation based on RFC 8439 "ChaCha20 and Poly1305 for IETF Protocols"
- * 
- * This is a small, portable implementation for NIP-44 support in the NOSTR library.
- * The implementation prioritizes correctness and simplicity over performance.
- */
-
-#ifndef NOSTR_CHACHA20_H
-#define NOSTR_CHACHA20_H
-
-#include <stdint.h>
-#include <stddef.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*
- * ============================================================================
- * CONSTANTS AND DEFINITIONS
- * ============================================================================
- */
-
-#define CHACHA20_KEY_SIZE    32  /* 256 bits */
-#define CHACHA20_NONCE_SIZE  12  /* 96 bits */
-#define CHACHA20_BLOCK_SIZE  64  /* 512 bits */
-
-/*
- * ============================================================================
- * CORE CHACHA20 FUNCTIONS
- * ============================================================================
- */
-
-/**
- * ChaCha20 quarter round operation
- * 
- * Operates on four 32-bit words performing the core ChaCha20 quarter round:
- * a += b; d ^= a; d <<<= 16;
- * c += d; b ^= c; b <<<= 12;
- * a += b; d ^= a; d <<<= 8;
- * c += d; b ^= c; b <<<= 7;
- * 
- * @param state[in,out] ChaCha state as 16 32-bit words
- * @param a, b, c, d    Indices into state array for quarter round
- */
-void chacha20_quarter_round(uint32_t state[16], int a, int b, int c, int d);
-
-/**
- * ChaCha20 block function
- * 
- * Transforms a 64-byte input block using ChaCha20 algorithm with 20 rounds.
- * 
- * @param key[in]       32-byte key
- * @param counter[in]   32-bit block counter
- * @param nonce[in]     12-byte nonce
- * @param output[out]   64-byte output buffer
- * @return              0 on success, negative on error
- */
-int chacha20_block(const uint8_t key[32], uint32_t counter, 
-                   const uint8_t nonce[12], uint8_t output[64]);
-
-/**
- * ChaCha20 encryption/decryption
- * 
- * Encrypts or decrypts data using ChaCha20 stream cipher.
- * Since ChaCha20 is a stream cipher, encryption and decryption are the same operation.
- * 
- * @param key[in]           32-byte key
- * @param counter[in]       Initial 32-bit counter value
- * @param nonce[in]         12-byte nonce
- * @param input[in]         Input data to encrypt/decrypt
- * @param output[out]       Output buffer (can be same as input)
- * @param length[in]        Length of input data in bytes
- * @return                  0 on success, negative on error
- */
-int chacha20_encrypt(const uint8_t key[32], uint32_t counter, 
-                     const uint8_t nonce[12], const uint8_t* input, 
-                     uint8_t* output, size_t length);
-
-/*
- * ============================================================================
- * UTILITY FUNCTIONS
- * ============================================================================
- */
-
-/**
- * Initialize ChaCha20 state matrix
- * 
- * Sets up the initial 16-word state matrix with constants, key, counter, and nonce.
- * 
- * @param state[out]    16-word state array to initialize
- * @param key[in]       32-byte key
- * @param counter[in]   32-bit block counter
- * @param nonce[in]     12-byte nonce
- */
-void chacha20_init_state(uint32_t state[16], const uint8_t key[32], 
-                         uint32_t counter, const uint8_t nonce[12]);
-
-/**
- * Serialize ChaCha20 state to bytes
- * 
- * Converts 16 32-bit words to 64 bytes in little-endian format.
- * 
- * @param state[in]     16-word state array
- * @param output[out]   64-byte output buffer
- */
-void chacha20_serialize_state(const uint32_t state[16], uint8_t output[64]);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* NOSTR_CHACHA20_H */

nostr_core/crypto/nostr_secp256k1.c

@@ -1,4 +1,3 @@
-#include "nostr_secp256k1.h"
 #include <secp256k1.h>
 #include <secp256k1_schnorrsig.h>
 #include <secp256k1_ecdh.h>
@@ -6,6 +5,33 @@
 #include <stdlib.h>
 #include <fcntl.h>
 #include <unistd.h>
+#include <stddef.h>
+
+/*
+ * PRIVATE INTERNAL FUNCTIONS - NOT EXPORTED
+ * These functions are for internal library use only.
+ */
+
+/** Opaque data structure that holds a parsed and valid public key.
+ *  Guaranteed to be 64 bytes in size, and can be safely copied/moved.
+ */
+typedef struct nostr_secp256k1_pubkey {
+    unsigned char data[64];
+} nostr_secp256k1_pubkey;
+
+/** Opaque data structure that holds a parsed keypair.
+ *  Guaranteed to be 96 bytes in size, and can be safely copied/moved.
+ */
+typedef struct nostr_secp256k1_keypair {
+    unsigned char data[96];
+} nostr_secp256k1_keypair;
+
+/** Opaque data structure that holds a parsed x-only public key.
+ *  Guaranteed to be 64 bytes in size, and can be safely copied/moved.
+ */
+typedef struct nostr_secp256k1_xonly_pubkey {
+    unsigned char data[64];
+} nostr_secp256k1_xonly_pubkey;
 
 // Global context for secp256k1 operations
 static secp256k1_context* g_ctx = NULL;

nostr_core/crypto/nostr_secp256k1.h

@@ -1,141 +0,0 @@
-#ifndef NOSTR_SECP256K1_H
-#define NOSTR_SECP256K1_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include <stddef.h>
-
-/** Opaque data structure that holds a parsed and valid public key.
- *  Guaranteed to be 64 bytes in size, and can be safely copied/moved.
- */
-typedef struct nostr_secp256k1_pubkey {
-    unsigned char data[64];
-} nostr_secp256k1_pubkey;
-
-/** Opaque data structure that holds a parsed keypair.
- *  Guaranteed to be 96 bytes in size, and can be safely copied/moved.
- */
-typedef struct nostr_secp256k1_keypair {
-    unsigned char data[96];
-} nostr_secp256k1_keypair;
-
-/** Opaque data structure that holds a parsed x-only public key.
- *  Guaranteed to be 64 bytes in size, and can be safely copied/moved.
- */
-typedef struct nostr_secp256k1_xonly_pubkey {
-    unsigned char data[64];
-} nostr_secp256k1_xonly_pubkey;
-
-/** Initialize the secp256k1 library. Must be called before any other functions.
- *  Returns: 1 on success, 0 on failure.
- */
-int nostr_secp256k1_context_create(void);
-
-/** Clean up the secp256k1 library resources.
- */
-void nostr_secp256k1_context_destroy(void);
-
-/** Verify an elliptic curve secret key.
- *  Returns: 1: secret key is valid, 0: secret key is invalid
- *  In: seckey: pointer to a 32-byte secret key.
- */
-int nostr_secp256k1_ec_seckey_verify(const unsigned char *seckey);
-
-/** Compute the public key for a secret key.
- *  Returns: 1: secret was valid, public key stored. 0: secret was invalid.
- *  Out: pubkey: pointer to the created public key.
- *  In:  seckey: pointer to a 32-byte secret key.
- */
-int nostr_secp256k1_ec_pubkey_create(nostr_secp256k1_pubkey *pubkey, const unsigned char *seckey);
-
-/** Create a keypair from a secret key.
- *  Returns: 1: keypair created, 0: secret key invalid.
- *  Out: keypair: pointer to the created keypair.
- *  In:  seckey:  pointer to a 32-byte secret key.
- */
-int nostr_secp256k1_keypair_create(nostr_secp256k1_keypair *keypair, const unsigned char *seckey);
-
-/** Get the x-only public key from a keypair.
- *  Returns: 1 always.
- *  Out: pubkey: pointer to storage for the x-only public key.
- *  In:  keypair: pointer to a keypair.
- */
-int nostr_secp256k1_keypair_xonly_pub(nostr_secp256k1_xonly_pubkey *pubkey, const nostr_secp256k1_keypair *keypair);
-
-/** Parse an x-only public key from bytes.
- *  Returns: 1: public key parsed, 0: invalid public key.
- *  Out: pubkey: pointer to the created x-only public key.
- *  In:  input32: pointer to a 32-byte x-only public key.
- */
-int nostr_secp256k1_xonly_pubkey_parse(nostr_secp256k1_xonly_pubkey *pubkey, const unsigned char *input32);
-
-/** Serialize an x-only public key to bytes.
- *  Returns: 1 always.
- *  Out: output32: pointer to a 32-byte array to store the serialized key.
- *  In:  pubkey:   pointer to an x-only public key.
- */
-int nostr_secp256k1_xonly_pubkey_serialize(unsigned char *output32, const nostr_secp256k1_xonly_pubkey *pubkey);
-
-/** Create a Schnorr signature.
- *  Returns: 1: signature created, 0: nonce generation failed or secret key invalid.
- *  Out: sig64:     pointer to a 64-byte array where the signature will be placed.
- *  In:  msghash32: the 32-byte message hash being signed.
- *       keypair:   pointer to an initialized keypair.
- *       aux_rand32: pointer to 32 bytes of auxiliary randomness (can be NULL).
- */
-int nostr_secp256k1_schnorrsig_sign32(unsigned char *sig64, const unsigned char *msghash32, const nostr_secp256k1_keypair *keypair, const unsigned char *aux_rand32);
-
-/** Verify a Schnorr signature.
- *  Returns: 1: correct signature, 0: incorrect signature
- *  In: sig64:     pointer to the 64-byte signature being verified.
- *      msghash32: the 32-byte message hash being verified.
- *      pubkey:    pointer to an x-only public key to verify with.
- */
-int nostr_secp256k1_schnorrsig_verify(const unsigned char *sig64, const unsigned char *msghash32, const nostr_secp256k1_xonly_pubkey *pubkey);
-
-/** Serialize a pubkey object into a serialized byte sequence.
- *  Returns: 1 always.
- *  Out: output:     pointer to a 33-byte array to place the serialized key in.
- *  In:  pubkey:     pointer to a secp256k1_pubkey containing an initialized public key.
- *
- *  The output will be a 33-byte compressed public key (0x02 or 0x03 prefix + 32 bytes x coordinate).
- */
-int nostr_secp256k1_ec_pubkey_serialize_compressed(unsigned char *output, const nostr_secp256k1_pubkey *pubkey);
-
-/** Tweak a secret key by adding a 32-byte tweak to it.
- *  Returns: 1: seckey was valid, 0: seckey invalid or resulting key invalid
- *  In/Out: seckey: pointer to a 32-byte secret key. Will be modified in-place.
- *  In:     tweak:  pointer to a 32-byte tweak.
- */
-int nostr_secp256k1_ec_seckey_tweak_add(unsigned char *seckey, const unsigned char *tweak);
-
-/** Parse a variable-length public key into the pubkey object.
- *  Returns: 1: public key parsed, 0: invalid public key.
- *  Out: pubkey: pointer to the created public key.
- *  In:  input:  pointer to a serialized public key
- *       inputlen: length of the array pointed to by input
- */
-int nostr_secp256k1_ec_pubkey_parse(nostr_secp256k1_pubkey *pubkey, const unsigned char *input, size_t inputlen);
-
-/** Compute an EC Diffie-Hellman secret in constant time.
- *  Returns: 1: exponentiation was successful, 0: scalar was invalid (zero or overflow)
- *  Out: result: a 32-byte array which will be populated by an ECDH secret computed from point and scalar
- *  In:  pubkey: a pointer to a secp256k1_pubkey containing an initialized public key
- *       seckey: a 32-byte scalar with which to multiply the point
- */
-int nostr_secp256k1_ecdh(unsigned char *result, const nostr_secp256k1_pubkey *pubkey, const unsigned char *seckey, void *hashfp, void *data);
-
-/** Generate cryptographically secure random bytes.
- *  Returns: 1: success, 0: failure
- *  Out: buf: buffer to fill with random bytes
- *  In:  len: number of bytes to generate
- */
-int nostr_secp256k1_get_random_bytes(unsigned char *buf, size_t len);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* NOSTR_SECP256K1_H */