remove exposed .h crypto headers
This commit is contained in:
@@ -9,14 +9,28 @@
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
// Include our secp256k1 wrapper for elliptic curve operations
|
||||
#include "crypto/nostr_secp256k1.h"
|
||||
// Forward declarations for crypto functions (private API)
|
||||
// These functions are implemented in crypto/ but not exposed through public headers
|
||||
|
||||
// Include our self-contained AES implementation for NIP-04
|
||||
#include "crypto/nostr_aes.h"
|
||||
// secp256k1 functions
|
||||
typedef struct {
|
||||
unsigned char data[64];
|
||||
} nostr_secp256k1_pubkey;
|
||||
|
||||
// Include our ChaCha20 implementation for NIP-44
|
||||
#include "crypto/nostr_chacha20.h"
|
||||
typedef struct {
|
||||
unsigned char data[96];
|
||||
} nostr_secp256k1_keypair;
|
||||
|
||||
int nostr_secp256k1_context_create(void);
|
||||
void nostr_secp256k1_context_destroy(void);
|
||||
int nostr_secp256k1_ec_pubkey_parse(nostr_secp256k1_pubkey* pubkey, const unsigned char* input, size_t inputlen);
|
||||
int nostr_secp256k1_ecdh(unsigned char* output, const nostr_secp256k1_pubkey* pubkey, const unsigned char* privkey, void* hashfp, void* data);
|
||||
int nostr_secp256k1_ec_seckey_verify(const unsigned char* seckey);
|
||||
int nostr_secp256k1_ec_pubkey_create(nostr_secp256k1_pubkey* pubkey, const unsigned char* privkey);
|
||||
int nostr_secp256k1_ec_pubkey_serialize_compressed(unsigned char* output, const nostr_secp256k1_pubkey* pubkey);
|
||||
int nostr_secp256k1_keypair_create(nostr_secp256k1_keypair* keypair, const unsigned char* privkey);
|
||||
int nostr_secp256k1_schnorrsig_sign32(unsigned char* sig, const unsigned char* msg32, const nostr_secp256k1_keypair* keypair, const unsigned char* aux_rand32);
|
||||
int nostr_secp256k1_ec_seckey_tweak_add(unsigned char* seckey, const unsigned char* tweak);
|
||||
|
||||
|
||||
// =============================================================================
|
||||
@@ -328,6 +342,125 @@ int nostr_sha256(const unsigned char* data, size_t len, unsigned char* hash) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
// =============================================================================
|
||||
// STREAMING SHA-256 IMPLEMENTATION
|
||||
// =============================================================================
|
||||
|
||||
int nostr_sha256_init(nostr_sha256_ctx_t* ctx) {
|
||||
if (!ctx) return -1;
|
||||
|
||||
// Initialize SHA-256 state
|
||||
ctx->state[0] = 0x6a09e667;
|
||||
ctx->state[1] = 0xbb67ae85;
|
||||
ctx->state[2] = 0x3c6ef372;
|
||||
ctx->state[3] = 0xa54ff53a;
|
||||
ctx->state[4] = 0x510e527f;
|
||||
ctx->state[5] = 0x9b05688c;
|
||||
ctx->state[6] = 0x1f83d9ab;
|
||||
ctx->state[7] = 0x5be0cd19;
|
||||
|
||||
// Initialize counters and buffer
|
||||
ctx->bitlen = 0;
|
||||
ctx->buflen = 0;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int nostr_sha256_update(nostr_sha256_ctx_t* ctx, const unsigned char* data, size_t len) {
|
||||
if (!ctx || !data) return -1;
|
||||
|
||||
for (size_t i = 0; i < len; i++) {
|
||||
ctx->buffer[ctx->buflen] = data[i];
|
||||
ctx->buflen++;
|
||||
|
||||
// Process complete blocks
|
||||
if (ctx->buflen == 64) {
|
||||
sha256_transform(ctx->state, ctx->buffer);
|
||||
ctx->bitlen += 512; // 64 bytes * 8 bits
|
||||
ctx->buflen = 0;
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int nostr_sha256_final(nostr_sha256_ctx_t* ctx, unsigned char* hash) {
|
||||
if (!ctx || !hash) return -1;
|
||||
|
||||
// Calculate final bit length
|
||||
uint64_t final_bitlen = ctx->bitlen + (ctx->buflen * 8);
|
||||
|
||||
// Pad the message
|
||||
ctx->buffer[ctx->buflen] = 0x80;
|
||||
ctx->buflen++;
|
||||
|
||||
// If not enough space for length, pad and process another block
|
||||
if (ctx->buflen > 56) {
|
||||
while (ctx->buflen < 64) {
|
||||
ctx->buffer[ctx->buflen] = 0x00;
|
||||
ctx->buflen++;
|
||||
}
|
||||
sha256_transform(ctx->state, ctx->buffer);
|
||||
ctx->buflen = 0;
|
||||
}
|
||||
|
||||
// Pad with zeros up to 56 bytes
|
||||
while (ctx->buflen < 56) {
|
||||
ctx->buffer[ctx->buflen] = 0x00;
|
||||
ctx->buflen++;
|
||||
}
|
||||
|
||||
// Append length as big-endian 64-bit integer
|
||||
for (int i = 0; i < 8; i++) {
|
||||
ctx->buffer[56 + i] = (final_bitlen >> (56 - i * 8)) & 0xff;
|
||||
}
|
||||
|
||||
// Process final block
|
||||
sha256_transform(ctx->state, ctx->buffer);
|
||||
|
||||
// Convert state to output bytes
|
||||
for (int i = 0; i < 8; i++) {
|
||||
hash[i * 4] = (ctx->state[i] >> 24) & 0xff;
|
||||
hash[i * 4 + 1] = (ctx->state[i] >> 16) & 0xff;
|
||||
hash[i * 4 + 2] = (ctx->state[i] >> 8) & 0xff;
|
||||
hash[i * 4 + 3] = ctx->state[i] & 0xff;
|
||||
}
|
||||
|
||||
// Clear sensitive data
|
||||
memory_clear(ctx, sizeof(nostr_sha256_ctx_t));
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int nostr_sha256_file_stream(const char* filename, unsigned char* hash) {
|
||||
if (!filename || !hash) return -1;
|
||||
|
||||
FILE* file = fopen(filename, "rb");
|
||||
if (!file) return -1;
|
||||
|
||||
nostr_sha256_ctx_t ctx;
|
||||
if (nostr_sha256_init(&ctx) != 0) {
|
||||
fclose(file);
|
||||
return -1;
|
||||
}
|
||||
|
||||
// Process file in 4KB chunks for memory efficiency
|
||||
unsigned char buffer[4096];
|
||||
size_t bytes_read;
|
||||
|
||||
while ((bytes_read = fread(buffer, 1, sizeof(buffer), file)) > 0) {
|
||||
if (nostr_sha256_update(&ctx, buffer, bytes_read) != 0) {
|
||||
fclose(file);
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
fclose(file);
|
||||
|
||||
// Finalize and return result
|
||||
return nostr_sha256_final(&ctx, hash);
|
||||
}
|
||||
|
||||
// =============================================================================
|
||||
// HMAC IMPLEMENTATION
|
||||
// =============================================================================
|
||||
|
||||
Reference in New Issue
Block a user