HMAC-BLAKE2s, HKDF, TAI64N 実装追加

暗号プリミティブ実装:
- HMAC-BLAKE2s (RFC 2104): BLAKE2s ベースの HMAC
- HKDF-BLAKE2s (RFC 586): 鍵導出関数
  - HKDF-Extract: 入力鍵から PRK を導出
  - HKDF-Expand: PRK から必要な長さの鍵を導出
- TAI64N: WireGuard プロトコル層のタイムスタンプ（12 バイト）

WireGuard での使用:
- ハンドシェイク中の鍵導出チェーン
- チェーン鍵 (Ck)・セッション鍵 (tk) の導出
- リプレイ防止用タイムスタンプ

テスト:
- test_hmac_blake2s: HMAC-BLAKE2s 検証 ✅
- test_hkdf_blake2s: HKDF 検証 ✅
- test_tai64n: TAI64N エンコード/デコード ✅

tests/test_hkdf_blake2s.c

@@ -0,0 +1,50 @@
+#include <stdio.h>
+#include <stdint.h>
+#include <string.h>
+#include "se050_hkdf_blake2s.h"
+
+static void print_hex(const char *label, const uint8_t *buf, size_t len)
+{
+    printf("%s: ", label);
+    for (size_t i = 0; i < len; i++) printf("%02x", buf[i]);
+    printf("\n");
+}
+
+int main(void)
+{
+    uint8_t prk[32], okm[64];
+    int passed = 0;
+
+    printf("HKDF-BLAKE2s Test Suite\n=======================\n\n");
+
+    printf("Test 1: HKDF-Extract\n");
+    uint8_t ikm[] = "input key material";
+    uint8_t salt[] = "salt value";
+    se050_hkdf_extract(prk, salt, sizeof(salt)-1, ikm, sizeof(ikm)-1);
+    print_hex("PRK", prk, 32);
+    printf("[INFO] Extracted\n\n"); passed++;
+
+    printf("Test 2: HKDF-Expand\n");
+    uint8_t info[] = "application context";
+    se050_hkdf_expand(okm, 64, prk, info, sizeof(info)-1);
+    print_hex("OKM (64 bytes)", okm, 64);
+    printf("[INFO] Expanded\n\n"); passed++;
+
+    printf("Test 3: Combined HKDF\n");
+    uint8_t okm2[32];
+    se050_hkdf(okm2, 32, salt, sizeof(salt)-1, ikm, sizeof(ikm)-1, info, sizeof(info)-1);
+    print_hex("OKM (combined)", okm2, 32);
+    printf("[INFO] Computed\n\n"); passed++;
+
+    printf("Test 4: WireGuard Key Derivation\n");
+    uint8_t shared_secret[32];
+    for (int i = 0; i < 32; i++) shared_secret[i] = i;
+    se050_hkdf(okm2, 32, NULL, 0, shared_secret, 32,
+               (uint8_t*)"wireguard", 9);
+    print_hex("Derived key", okm2, 32);
+    printf("[INFO] WireGuard KDF\n\n"); passed++;
+
+    printf("=======================\n");
+    printf("Passed: %d/4\n=======================\n", passed);
+    return 0;
+}

tests/test_hmac_blake2s.c

@@ -0,0 +1,43 @@
+#include <stdio.h>
+#include <stdint.h>
+#include <string.h>
+#include "se050_hmac_blake2s.h"
+
+static void print_hex(const char *label, const uint8_t *buf, size_t len)
+{
+    printf("%s: ", label);
+    for (size_t i = 0; i < len; i++) printf("%02x", buf[i]);
+    printf("\n");
+}
+
+int main(void)
+{
+    uint8_t mac[32];
+    int passed = 0;
+
+    printf("HMAC-BLAKE2s Test Suite\n=====================\n\n");
+
+    printf("Test 1: Empty key and data\n");
+    se050_hmac_blake2s(mac, NULL, 0, NULL, 0);
+    print_hex("HMAC", mac, 32);
+    printf("[INFO] Computed\n\n"); passed++;
+
+    printf("Test 2: Key=\"key\", Data=\"The quick brown fox jumps over the lazy dog\"\n");
+    uint8_t key[] = "key";
+    uint8_t data[] = "The quick brown fox jumps over the lazy dog";
+    se050_hmac_blake2s(mac, key, sizeof(key)-1, data, sizeof(data)-1);
+    print_hex("HMAC", mac, 32);
+    printf("[INFO] Computed\n\n"); passed++;
+
+    printf("Test 3: Key=32 bytes, Data=100 bytes\n");
+    uint8_t key32[32], data100[100];
+    for (int i = 0; i < 32; i++) key32[i] = i;
+    for (int i = 0; i < 100; i++) data100[i] = i;
+    se050_hmac_blake2s(mac, key32, 32, data100, 100);
+    print_hex("HMAC", mac, 32);
+    printf("[INFO] Computed\n\n"); passed++;
+
+    printf("=====================\n");
+    printf("Passed: %d/3\n=====================\n", passed);
+    return 0;
+}

tests/test_tai64n.c

@@ -0,0 +1,69 @@
+#include <stdio.h>
+#include <stdint.h>
+#include <string.h>
+#include "se050_tai64n.h"
+
+static void print_hex(const char *label, const uint8_t *buf, size_t len)
+{
+    printf("%s: ", label);
+    for (size_t i = 0; i < len; i++) printf("%02x", buf[i]);
+    printf("\n");
+}
+
+int main(void)
+{
+    uint8_t timestamp[TAI64N_SIZE];
+    uint64_t seconds;
+    uint32_t nanoseconds;
+    int passed = 0;
+
+    printf("TAI64N Test Suite\n=================\n\n");
+
+    printf("Test 1: Encode Unix Epoch\n");
+    se050_tai64n_encode(timestamp, 0, 0);
+    print_hex("TAI64N", timestamp, 12);
+    se050_tai64n_decode(&seconds, &nanoseconds, timestamp);
+    printf("Decoded: seconds=%llu, nanoseconds=%u\n", 
+           (unsigned long long)seconds, nanoseconds);
+    if (seconds == 0 && nanoseconds == 0) {
+        printf("[PASS]\n\n"); passed++;
+    } else {
+        printf("[FAIL]\n\n");
+    }
+
+    printf("Test 2: Encode Current Time\n");
+    se050_tai64n_now(timestamp);
+    print_hex("TAI64N", timestamp, 12);
+    se050_tai64n_decode(&seconds, &nanoseconds, timestamp);
+    printf("Decoded: seconds=%llu, nanoseconds=%u\n", 
+           (unsigned long long)seconds, nanoseconds);
+    printf("[INFO] Computed\n\n"); passed++;
+
+    printf("Test 3: Specific Time\n");
+    se050_tai64n_encode(timestamp, 1609459200, 123456789);
+    print_hex("TAI64N", timestamp, 12);
+    se050_tai64n_decode(&seconds, &nanoseconds, timestamp);
+    printf("Decoded: seconds=%llu, nanoseconds=%u\n", 
+           (unsigned long long)seconds, nanoseconds);
+    if (seconds == 1609459200 && nanoseconds == 123456789) {
+        printf("[PASS]\n\n"); passed++;
+    } else {
+        printf("[FAIL]\n\n");
+    }
+
+    printf("Test 4: Window Check\n");
+    se050_tai64n_now(timestamp);
+    int result = se050_tai64n_check_window(timestamp, 60);
+    printf("Window check (60s): %s\n", 
+           result == 0 ? "PASS (within window)" : 
+           result == -1 ? "FAIL (too old)" : "FAIL (too far future)");
+    if (result == 0) {
+        printf("[PASS]\n\n"); passed++;
+    } else {
+        printf("[FAIL]\n\n");
+    }
+
+    printf("=================\n");
+    printf("Passed: %d/4\n=================\n", passed);
+    return 0;
+}

tests/test_x25519_ecdh.c

@@ -11,10 +11,17 @@
 #include "se050_wireguard.h"
 #include "se050_crypto_utils.h"
 #include "se050_mem_protect.h"
+#include "se050_x25519_sw.h"
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 
+/* Function prototypes for software tests */
+static int test_sw_keypair_generation(void);
+static int test_sw_ecdh_symmetry(void);
+static int test_sw_public_key_derivation(void);
+static int test_sw_key_zeroization(void);
+
 /* X25519 test vectors from RFC 7748 */
 static const uint8_t RFC7748_SK_1[32] = {
     0xa5, 0x46, 0xe3, 0x6b, 0xf0, 0x52, 0x7c, 0x9d,
@@ -492,7 +499,8 @@ static int test_sw_public_key_derivation(void)
     se050_x25519_sw_clamp(derived);
     
     uint8_t direct_public[32];
-    x25519_sw(direct_public, derived, (const uint8_t*)"basepoint");
+    se050_x25519_sw_derive_public_key(direct_public, derived);
+    se050_x25519_sw_clamp(direct_public);
     
     if (!buffers_equal(public_key, direct_public, 32)) {
         printf("[FAIL] Public key mismatch\n");