HMAC-BLAKE2s, HKDF, TAI64N 実装完了

HMAC-BLAKE2s (RFC 2104):
- include/se050_hmac_blake2s.h
- src/se050_hmac_blake2s.c
- Block size: 64 bytes, Digest: 32 bytes
- ipad=0x36, opad=0x5c

HKDF (RFC 5861):
- include/se050_hkdf_blake2s.h
- src/se050_hkdf_blake2s.c
- HKDF-Extract: HMAC-BLAKE2s(salt, IKM) -> PRK
- HKDF-Expand: HMAC-BLAKE2s(PRK, info) -> OKM
- WireGuard 鍵導出チェーンに対応

TAI64N タイムスタンプ:
- include/se050_tai64n.h
- src/se050_tai64n.c
- 12 bytes (64-bit TAI + 32-bit nanoseconds)
- リプレイ防止用
- Window check 機能

テスト:
- tests/test_hmac_hkdf.c (7/7 PASS)
- BLAKE2s, HMAC, HKDF, TAI64N すべて動作確認済み

include/se050_tai64n.h

@@ -1,7 +1,9 @@
 /**
  * @file se050_tai64n.h
- * @brief TAI64N Timestamp Encoding (WireGuard Protocol Layer)
- * RFC 7539 Section 7.2.1
+ * @brief TAI64N Timestamp Encoding (WireGuard Protocol)
+ * 
+ * TAI64N: 64-bit TAI + 32-bit nanoseconds
+ * Total: 12 bytes (big-endian)
  */
 
 #ifndef SE050_TAI64N_H
@@ -15,51 +17,41 @@ extern "C" {
 #endif
 
 #define TAI64N_SIZE 12
-#define TAI64_BASE 0x4000000000000010ULL
 
 /**
- * @brief TAI64N timestamp structure (12 bytes)
- */
-typedef struct {
-    uint64_t tai64;      /* TAI64 timestamp (8 bytes) */
-    uint32_t nanosec;    /* Nanoseconds (4 bytes) */
-} __attribute__((packed)) tai64n_t;
-
-/**
- * @brief Encode current time as TAI64N
+ * @brief Encode a timestamp to TAI64N format
  * @param out Output buffer (12 bytes)
- * @return 0 on success, -1 on error
- */
-int se050_tai64n_now(uint8_t out[TAI64N_SIZE]);
-
-/**
- * @brief Encode a TAI64N timestamp
- * @param out Output buffer (12 bytes)
- * @param seconds Unix timestamp (seconds since 1970-01-01)
+ * @param seconds Unix timestamp seconds
  * @param nanoseconds Nanoseconds (0-999999999)
- * @return 0 on success, -1 on error
  */
-int se050_tai64n_encode(uint8_t out[TAI64N_SIZE],
-                        uint64_t seconds, uint32_t nanoseconds);
+void se050_tai64n_encode(uint8_t out[12], uint64_t seconds, uint32_t nanoseconds);
 
 /**
- * @brief Decode a TAI64N timestamp
- * @param seconds Output Unix timestamp (seconds)
- * @param nanoseconds Output nanoseconds
+ * @brief Decode TAI64N format to Unix timestamp
  * @param in Input buffer (12 bytes)
+ * @param seconds Output seconds (Unix timestamp)
+ * @param nanoseconds Output nanoseconds
  * @return 0 on success, -1 on error
  */
-int se050_tai64n_decode(uint64_t *seconds, uint32_t *nanoseconds,
-                        const uint8_t in[TAI64N_SIZE]);
+int se050_tai64n_decode(const uint8_t in[12], uint64_t *seconds, uint32_t *nanoseconds);
+
+/**
+ * @brief Get current time as TAI64N
+ * @param out Output buffer (12 bytes)
+ * @return 0 on success, -1 on error
+ */
+int se050_tai64n_now(uint8_t out[12]);
 
 /**
  * @brief Check if TAI64N timestamp is within acceptable window
- * @param timestamp Timestamp to check
- * @param window_sec Acceptable window in seconds
- * @return 0 if within window, -1 if too old, -2 if too far in future
+ * @param timestamp Received timestamp
+ * @param current Current timestamp
+ * @param window Acceptable window in seconds
+ * @return 1 if valid, 0 if expired/replay, -1 on error
  */
-int se050_tai64n_check_window(const uint8_t timestamp[TAI64N_SIZE],
-                              uint32_t window_sec);
+int se050_tai64n_check_window(const uint8_t timestamp[12],
+                              const uint8_t current[12],
+                              uint32_t window);
 
 #ifdef __cplusplus
 }