simplified interface

inc/lc6_crypto.h

@@ -5,35 +5,19 @@
 
 int lc6crypto_init(void);
 
-int lc6crypto_public_encrypt(
+int lc6crypto_encrypt(
         const unsigned char *data,
         const int data_len,
-        const unsigned char *priv,
-        const unsigned char *pub,
+        const unsigned char *skey,
+        const unsigned char *dkey,
         unsigned char **enc_data,
         unsigned char **nonce);
 
-int lc6crypto_private_decrypt(
+int lc6crypto_decrypt(
         const unsigned char *enc_data,
         const int enc_len,
-        const unsigned char *priv,
-        const unsigned char *pub,
-        unsigned char **data,
-        const unsigned char *nonce);
-
-int lc6crypto_private_encrypt(
-        const unsigned char *data,
-        const int data_len,
-        const unsigned char *priv,
-        const unsigned char *pub,
-        unsigned char **enc_data,
-        unsigned char **nonce);
-
-int lc6crypto_public_decrypt(
-        const unsigned char *enc_data,
-        const int enc_len,
-        const unsigned char *priv,
-        const unsigned char *pub,
+        const unsigned char *skey,
+        const unsigned char *dkey,
         unsigned char **data,
         const unsigned char *nonce);
 

src/lc6_crypto.c

@@ -18,70 +18,62 @@ LC6_USER* lc6crypto_genuserkey(LC6_USER *user) {
 	return user;
 }
 
-int lc6crypto_public_encrypt(
+int lc6crypto_encrypt(
 	const unsigned char *data,
 	const int data_len,
-	const unsigned char *priv,
-	const unsigned char *pub,
+	const unsigned char *skey,
+	const unsigned char *dkey,
 	unsigned char **enc_data,
 	unsigned char **nonce)
 {
+	assert(enc_data);
+	assert(nonce);
+
 	*nonce = malloc(crypto_box_NONCEBYTES);
 	assert(*nonce);
+	memset(*nonce, 0, crypto_box_NONCEBYTES);
 
 	*enc_data = malloc(crypto_box_MACBYTES + data_len);
 	assert(*enc_data);
+	memset(*enc_data, 0, crypto_box_MACBYTES + data_len);
 
 	randombytes_buf(*nonce, crypto_box_NONCEBYTES);
 
-	if ( crypto_box_easy(*enc_data, data, data_len, *nonce, pub, priv) == -1 )
-		return 0;
+	if ( crypto_box_easy(*enc_data, data, data_len, *nonce, dkey, skey) == -1 ) {
+		free(*enc_data);
+		free(*nonce);
+		*enc_data = NULL;
+		*nonce = NULL;
+		return -1;
+}
 
 	return crypto_box_MACBYTES + data_len;
 }
 
-int lc6crypto_private_decrypt(
+int lc6crypto_decrypt(
 	const unsigned char *enc_data,
 	const int enc_len,
-	const unsigned char *priv,
-	const unsigned char *pub,
+	const unsigned char *skey,
+	const unsigned char *dkey,
 	unsigned char **data,
 	const unsigned char *nonce)
 {
-	*data = malloc(enc_len - crypto_box_MACBYTES);
-	assert(data);
+	assert(enc_data);
 
-	if ( crypto_box_open_easy(*data, enc_data, enc_len, nonce, pub, priv) != 0 )
-		return 0;
-	return enc_len - crypto_box_MACBYTES;
-}
+	if ( enc_len < crypto_box_MACBYTES )
+		return -1;
 
-int lc6crypto_private_encrypt(
-	const unsigned char *data,
-	const int data_len,
-	const unsigned char *priv,
-	const unsigned char *pub,
-	unsigned char **enc_data,
-	unsigned char **nonce)
-{
-	return lc6crypto_public_encrypt(
-		data, data_len,
-		pub, priv,
-		enc_data, nonce);
-}
+	*data = malloc(enc_len - crypto_box_MACBYTES);
+	assert(*data);
+	memset(*data, 0, enc_len - crypto_box_MACBYTES);
 
-int lc6crypto_public_decrypt(
-	const unsigned char *enc_data,
-	const int enc_len,
-	const unsigned char *priv,
-	const unsigned char *pub,
-	unsigned char **data,
-	const unsigned char *nonce)
-{
-	return lc6crypto_private_decrypt(
-		enc_data, enc_len,
-		pub, priv,
-		data, nonce);
+	if ( crypto_box_open_easy(*data, enc_data, enc_len, nonce, dkey, skey) != 0 ) {
+		free(*data);
+		*data = NULL;
+		return -1;
+	}
+
+	return enc_len - crypto_box_MACBYTES;
 }
 
 int lc6crypto_readfile(
@@ -191,5 +183,6 @@ unsigned char* lc6crypto_hash(
 }
 
 void lc6crypto_random(unsigned char *data, int data_len) {
+	assert(data);
 	randombytes_buf(data, data_len);
 }