BLAKE2s ハッシュ関数実装の追加
新規ファイル: - include/se050_blake2s.h: BLAKE2s API ヘッダー - src/se050_blake2s.c: BLAKE2s 実装 機能: - BLAKE2s-256 ハッシュ(RFC 7693) - 可変長キー対応(最大 64 バイト) - 可変長出力(1-32 バイト) - ESP32 32 ビット最適化 - 安全な関数使用(memzero_explicit) WireGuard 固有関数: - se050_wireguard_derive_key(): キー導出 - se050_wireguard_generate_secret(): シークレット生成 API: - se050_blake2s_init() - se050_blake2s_init_key() - se050_blake2s_update() - se050_blake2s_final() - se050_blake2s() (one-shot) - se050_blake2s_keyed() (one-shot with key) テスト: - BLAKE2S_TEST マクロでテストビルド - RFC 7693 テストベクトル(実装修正必要) 注:RFC 7693 テストベクトル通過には圧縮関数のさらなる修正が必要
This commit is contained in:
km
@@ -0,0 +1,157 @@
|
||||
/**
|
||||
* @file se050_blake2s.h
|
||||
* @brief BLAKE2s Hash Function Implementation
|
||||
*
|
||||
* Based on RFC 7693. Supports variable-length keys and outputs.
|
||||
* Used in WireGuard for key derivation.
|
||||
*
|
||||
* License: MIT (Clean-room implementation)
|
||||
*/
|
||||
|
||||
#ifndef SE050_BLAKE2S_H
|
||||
#define SE050_BLAKE2S_H
|
||||
|
||||
#include <stdint.h>
|
||||
#include <stddef.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/* ============================================================================
|
||||
* Constants
|
||||
* ============================================================================ */
|
||||
|
||||
#define BLAKE2S_BLOCK_SIZE 64
|
||||
#define BLAKE2S_DIGEST_SIZE 32
|
||||
#define BLAKE2S_KEY_SIZE 64
|
||||
#define BLAKE2S_MIN_KEY_SIZE 1
|
||||
#define BLAKE2S_MAX_KEY_SIZE 64
|
||||
#define BLAKE2S_MIN_OUTLEN 1
|
||||
#define BLAKE2S_MAX_OUTLEN 32
|
||||
|
||||
/* ============================================================================
|
||||
* Type Definitions
|
||||
* ============================================================================ */
|
||||
|
||||
/**
|
||||
* @brief BLAKE2s context
|
||||
*/
|
||||
typedef struct {
|
||||
uint32_t h[8]; /* Hash state */
|
||||
uint32_t t[2]; /* Counter */
|
||||
uint32_t f[2]; /* Block flag */
|
||||
uint8_t buf[BLAKE2S_BLOCK_SIZE]; /* Input buffer */
|
||||
size_t buflen; /* Current buffer size */
|
||||
size_t outlen; /* Desired output length */
|
||||
uint8_t last_node; /* Last node flag */
|
||||
} se050_blake2s_ctx_t;
|
||||
|
||||
/* ============================================================================
|
||||
* API Functions
|
||||
* ============================================================================ */
|
||||
|
||||
/**
|
||||
* @brief Initialize BLAKE2s context
|
||||
*
|
||||
* @param ctx Context to initialize
|
||||
* @param outlen Output length (1-32 bytes)
|
||||
* @return 0 on success, -1 on error
|
||||
*/
|
||||
int se050_blake2s_init(se050_blake2s_ctx_t *ctx, size_t outlen);
|
||||
|
||||
/**
|
||||
* @brief Initialize BLAKE2s with key
|
||||
*
|
||||
* @param ctx Context to initialize
|
||||
* @param outlen Output length (1-32 bytes)
|
||||
* @param key Key (1-64 bytes)
|
||||
* @param keylen Key length
|
||||
* @return 0 on success, -1 on error
|
||||
*/
|
||||
int se050_blake2s_init_key(se050_blake2s_ctx_t *ctx, size_t outlen,
|
||||
const void *key, size_t keylen);
|
||||
|
||||
/**
|
||||
* @brief Update hash with data
|
||||
*
|
||||
* @param ctx Context
|
||||
* @param data Data to hash
|
||||
* @param len Data length
|
||||
* @return 0 on success, -1 on error
|
||||
*/
|
||||
int se050_blake2s_update(se050_blake2s_ctx_t *ctx, const void *data, size_t len);
|
||||
|
||||
/**
|
||||
* @brief Finalize hash and get digest
|
||||
*
|
||||
* @param ctx Context
|
||||
* @param out Output buffer (at least outlen bytes)
|
||||
* @param outlen Output length
|
||||
* @return 0 on success, -1 on error
|
||||
*/
|
||||
int se050_blake2s_final(se050_blake2s_ctx_t *ctx, void *out, size_t outlen);
|
||||
|
||||
/**
|
||||
* @brief Compute BLAKE2s hash (one-shot)
|
||||
*
|
||||
* @param out Output buffer (at least outlen bytes)
|
||||
* @param outlen Output length
|
||||
* @param data Data to hash
|
||||
* @param len Data length
|
||||
* @return 0 on success, -1 on error
|
||||
*/
|
||||
int se050_blake2s(void *out, size_t outlen, const void *data, size_t len);
|
||||
|
||||
/**
|
||||
* @brief Compute BLAKE2s hash with key (one-shot)
|
||||
*
|
||||
* @param out Output buffer (at least outlen bytes)
|
||||
* @param outlen Output length
|
||||
* @param key Key
|
||||
* @param keylen Key length
|
||||
* @param data Data to hash
|
||||
* @param len Data length
|
||||
* @return 0 on success, -1 on error
|
||||
*/
|
||||
int se050_blake2s_keyed(void *out, size_t outlen, const void *key, size_t keylen,
|
||||
const void *data, size_t len);
|
||||
|
||||
/**
|
||||
* @brief Securely zeroize context
|
||||
*
|
||||
* @param ctx Context to zeroize
|
||||
*/
|
||||
void se050_blake2s_zeroize(se050_blake2s_ctx_t *ctx);
|
||||
|
||||
/* ============================================================================
|
||||
* WireGuard-Specific Functions
|
||||
* ============================================================================ */
|
||||
|
||||
/**
|
||||
* @brief WireGuard key derivation using BLAKE2s
|
||||
*
|
||||
* Computes: BLAKE2s("wireguard key derivation", input, 32)
|
||||
*
|
||||
* @param out Output (32 bytes)
|
||||
* @param input Input data
|
||||
* @param inlen Input length
|
||||
* @return 0 on success, -1 on error
|
||||
*/
|
||||
int se050_wireguard_derive_key(uint8_t out[32], const uint8_t *input, size_t inlen);
|
||||
|
||||
/**
|
||||
* @brief WireGuard secret key generation
|
||||
*
|
||||
* @param out Output (32 bytes)
|
||||
* @param input Input data
|
||||
* @param inlen Input length
|
||||
* @return 0 on success, -1 on error
|
||||
*/
|
||||
int se050_wireguard_generate_secret(uint8_t out[32], const uint8_t *input, size_t inlen);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* SE050_BLAKE2S_H */
|
||||
Reference in New Issue
Block a user