Update to Crypto lib in Meshtatic org

arch/esp32/esp32.ini

@@ -59,7 +59,7 @@ lib_deps =
   # renovate: datasource=git-refs depName=meshtastic-ESP32_Codec2 packageName=https://github.com/meshtastic/ESP32_Codec2 gitBranch=master
   https://github.com/meshtastic/ESP32_Codec2/archive/633326c78ac251c059ab3a8c430fcdf25b41672f.zip
   # renovate: datasource=custom.pio depName=rweather/Crypto packageName=rweather/library/Crypto
-  https://github.com/jp-bennett/crypto/archive/148e65930c5bea2b4f1bddfcb200f585413e8961.zip
+  https://github.com/meshtastic/Crypto/archive/9c003141c18d0b79e7f68e0343a67b1bd8e6fab0.zip
 
 lib_ignore = 
   segger_rtt

arch/esp32/esp32c6.ini

@@ -32,7 +32,7 @@ lib_deps =
   # renovate: datasource=git-refs depName=meshtastic-ESP32_Codec2 packageName=https://github.com/meshtastic/ESP32_Codec2 gitBranch=master
   https://github.com/meshtastic/ESP32_Codec2/archive/633326c78ac251c059ab3a8c430fcdf25b41672f.zip
   # renovate: datasource=custom.pio depName=rweather/Crypto packageName=rweather/library/Crypto
-  https://github.com/jp-bennett/crypto/archive/148e65930c5bea2b4f1bddfcb200f585413e8961.zip
+  https://github.com/meshtastic/Crypto/archive/9c003141c18d0b79e7f68e0343a67b1bd8e6fab0.zip
 
 build_src_filter = 
  ${esp32_base.build_src_filter} -<mesh/http> 

arch/nrf52/nrf52.ini

@@ -29,7 +29,7 @@ lib_deps=
   ${arduino_base.lib_deps}
   ${radiolib_base.lib_deps}
   # renovate: datasource=custom.pio depName=rweather/Crypto packageName=rweather/library/Crypto
-  https://github.com/jp-bennett/crypto/archive/148e65930c5bea2b4f1bddfcb200f585413e8961.zip
+  https://github.com/meshtastic/Crypto/archive/9c003141c18d0b79e7f68e0343a67b1bd8e6fab0.zip
 
 lib_ignore =
   BluetoothOTA

arch/portduino/portduino.ini

@@ -26,7 +26,7 @@ lib_deps =
   ${environmental_base.lib_deps}
   # renovate: datasource=custom.pio depName=rweather/Crypto packageName=rweather/library/Crypto
   #rweather/Crypto@0.4.0
-  https://github.com/jp-bennett/crypto/archive/148e65930c5bea2b4f1bddfcb200f585413e8961.zip
+  https://github.com/meshtastic/Crypto/archive/9c003141c18d0b79e7f68e0343a67b1bd8e6fab0.zip
   # renovate: datasource=custom.pio depName=LovyanGFX packageName=lovyan03/library/LovyanGFX
   lovyan03/LovyanGFX@^1.2.0
   # renovate: datasource=git-refs depName=libch341-spi-userspace packageName=https://github.com/pine64/libch341-spi-userspace gitBranch=main

arch/rp2xx0/rp2040.ini

@@ -31,4 +31,4 @@ lib_deps =
   ${environmental_extra.lib_deps}
   ${radiolib_base.lib_deps}
   # renovate: datasource=custom.pio depName=rweather/Crypto packageName=rweather/library/Crypto
-  https://github.com/jp-bennett/crypto/archive/148e65930c5bea2b4f1bddfcb200f585413e8961.zip
+  https://github.com/meshtastic/Crypto/archive/9c003141c18d0b79e7f68e0343a67b1bd8e6fab0.zip

arch/rp2xx0/rp2350.ini

@@ -28,4 +28,4 @@ lib_deps =
   ${environmental_extra.lib_deps}
   ${radiolib_base.lib_deps}
   # renovate: datasource=custom.pio depName=rweather/Crypto packageName=rweather/library/Crypto
-  https://github.com/jp-bennett/crypto/archive/148e65930c5bea2b4f1bddfcb200f585413e8961.zip
+  https://github.com/meshtastic/Crypto/archive/9c003141c18d0b79e7f68e0343a67b1bd8e6fab0.zip

arch/stm32/stm32.ini

@@ -50,7 +50,7 @@ lib_deps =
   ${radiolib_base.lib_deps}
 
   # renovate: datasource=git-refs depName=caveman99-stm32-Crypto packageName=https://github.com/caveman99/Crypto gitBranch=main
-  https://github.com/caveman99/Crypto/archive/eae9c768054118a9399690f8af202853d1ae8516.zip
+  https://github.com/meshtastic/Crypto/archive/9c003141c18d0b79e7f68e0343a67b1bd8e6fab0.zip
 
 lib_ignore =
   OneButton

src/mesh/CryptoEngine.cpp

@@ -4,9 +4,9 @@
 
 #if !(MESHTASTIC_EXCLUDE_PKI)
 #include "NodeDB.h"
+#include "XEdDSA.h"
 #include "aes-ccm.h"
 #include "meshUtils.h"
-#include "xeddsa.h"
 #include <Crypto.h>
 #include <Curve25519.h>
 #include <Ed25519.h>
@@ -19,9 +19,6 @@
 #endif
 
 #if !(MESHTASTIC_EXCLUDE_PKI_KEYGEN)
-#if !defined(ARCH_STM32WL)
-#define CryptRNG RNG
-#endif
 
 /**
  * Create a public/private key pair with Curve25519.
@@ -43,7 +40,7 @@ void CryptoEngine::generateKeyPair(uint8_t *pubKey, uint8_t *privKey)
     Curve25519::dh1(public_key, private_key);
     memcpy(pubKey, public_key, sizeof(public_key));
     memcpy(privKey, private_key, sizeof(private_key));
-    priv_curve_to_ed_keys(private_key, xeddsa_private_key, xeddsa_public_key);
+    XEdDSA::priv_curve_to_ed_keys(private_key, xeddsa_private_key, xeddsa_public_key);
 }
 
 /**
@@ -63,7 +60,7 @@ bool CryptoEngine::regeneratePublicKey(uint8_t *pubKey, uint8_t *privKey)
         }
         memcpy(private_key, privKey, sizeof(private_key));
         memcpy(public_key, pubKey, sizeof(public_key));
-        priv_curve_to_ed_keys(private_key, xeddsa_private_key, xeddsa_public_key);
+        XEdDSA::priv_curve_to_ed_keys(private_key, xeddsa_private_key, xeddsa_public_key);
     } else {
         LOG_WARN("X25519 key generation failed due to blank private key");
         return false;
@@ -73,7 +70,7 @@ bool CryptoEngine::regeneratePublicKey(uint8_t *pubKey, uint8_t *privKey)
 
 bool CryptoEngine::xeddsa_sign(uint8_t *message, size_t len, uint8_t *signature)
 {
-    Ed25519::sign(signature, xeddsa_private_key, xeddsa_public_key, message,
+    XEdDSA::sign(signature, xeddsa_private_key, xeddsa_public_key, message,
                  len); // sign will need modified to use the raw secret scalar, and not hash it first.
     return true;
 }
@@ -82,7 +79,7 @@ bool CryptoEngine::xeddsa_verify(uint8_t *pubKey, uint8_t *message, size_t len,
     uint8_t publicKey[32] = {0};
     curve_to_ed_pub(pubKey, publicKey);
 
-    return Ed25519::verify(signature, publicKey, message, len);
+    return XEdDSA::verify(signature, publicKey, message, len);
 }
 
 void CryptoEngine::curve_to_ed_pub(uint8_t *curve_pubkey, uint8_t *ed_pubkey)
@@ -122,49 +119,6 @@ void CryptoEngine::curve_to_ed_pub(uint8_t *curve_pubkey, uint8_t *ed_pubkey)
 
     // need to convert the pubkey y = ( u - 1) * inv( u + 1) (mod p).
 }
-void CryptoEngine::priv_curve_to_ed_keys(uint8_t *curve_privkey, uint8_t *ed_privkey, uint8_t *ed_pubkey)
-{
-    limb_t a[NUM_LIMBS_256BIT];
-    limb_t a2[NUM_LIMBS_256BIT];
-    uint8_t negKey[32] = {0};
-    Ed25519::Point ptA;
-    Ed25519::Point ptA2;
-
-    for (uint8_t i = 0; i < 32; i++) {
-        ed_privkey[i] = curve_privkey[i];
-    }
-
-    ed_privkey[0] &= 0xF8;
-    ed_privkey[31] &= 0x7F;
-    ed_privkey[31] |= 0x40;
-
-    Ed25519::deriveKeys(nullptr, a, ed_privkey);
-    Ed25519::mul(ptA, a);
-    Ed25519::encodePoint(ed_pubkey, ptA);
-
-    clean(a);
-    clean(ptA);
-
-    // check sign
-    if ((ed_pubkey[31] & 0x80) >> 7 == 0) {
-        return;
-    }
-    sc_muladd(negKey, MINUS_ONE, ed_privkey, ZERO);
-
-    for (uint8_t i = 0; i < 32; i++) {
-        ed_privkey[i] = negKey[i];
-    }
-
-    BigNumberUtil::unpackLE(a2, NUM_LIMBS_256BIT, negKey, 32);
-    Ed25519::mul(ptA2, a2);
-    Ed25519::encodePoint(ed_pubkey, ptA2);
-    if ((ed_pubkey[31] & 0x80) >> 7 == 0) {
-    }
-
-    // Clean up and exit.
-    clean(a);
-    clean(ptA);
-}
 
 #endif
 void CryptoEngine::clearKeys()

src/mesh/CryptoEngine.h

@@ -87,7 +87,6 @@ class CryptoEngine
     uint8_t xeddsa_public_key[32] = {0};
     uint8_t xeddsa_private_key[32] = {0};
     void curve_to_ed_pub(uint8_t *curve_pubkey, uint8_t *ed_pubkey);
-    void priv_curve_to_ed_keys(uint8_t *curve_privkey, uint8_t *ed_privkey, uint8_t *ed_pubkey);
 #endif
     /**
      * Init our 128 bit nonce for a new packet

src/mesh/xeddsa.h

@@ -1,40 +0,0 @@
-#include <Arduino.h>
-// imported from SUPERCOP by Daniel J. Bernstein which is public domain
-
-// Byte-representation of the scalar value of 0 on the Ed25519 curve. Needed by `sc_neg`.
-static const uint8_t ZERO[32] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-                                 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
-
-// Byte-representation of the scalar value of -1 on the Ed25519 curve. Needed by `sc_neg`.
-static const uint8_t MINUS_ONE[32] = {0xec, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7,
-                                      0xa2, 0xde, 0xf9, 0xde, 0x14, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-                                      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10};
-
-typedef uint64_t crypto_uint64;
-typedef int64_t crypto_int64;
-
-typedef int32_t crypto_int32;
-
-typedef crypto_int32 fe[10];
-
-static crypto_uint64 load_3(const unsigned char *in);
-
-static crypto_uint64 load_4(const unsigned char *in);
-
-void sc_muladd(unsigned char *s, const unsigned char *a, const unsigned char *b, const unsigned char *c);
-
-void fe_sub(fe h, fe f, fe g);
-
-void fe_frombytes(fe h, const unsigned char *s);
-
-void fe_1(fe h);
-
-void fe_add(fe h, const fe f, const fe g);
-
-void fe_sq(fe h, const fe f);
-
-void fe_mul(fe h, const fe f, const fe g);
-
-void fe_invert(fe out, const fe z);
-
-void fe_tobytes(unsigned char *s, const fe h);

test/test_crypto/test_main.cpp

@@ -2,6 +2,7 @@
 #include "CryptoEngine.h"
 
 #include "TestUtil.h"
+#include <XEdDSA.h>
 #include <unity.h>
 
 void HexToBytes(uint8_t *result, const std::string hex, size_t len = 0)
@@ -167,11 +168,11 @@ void test_XEdDSA(void)
         printf("Start of time %u\n", times);
         crypto->generateKeyPair(x_public_key, private_key);
         // crypto->setDHPrivateKey(private_key);
-        crypto->priv_curve_to_ed_keys(private_key, ed_private_key, ed_public_key);
+        XEdDSA::priv_curve_to_ed_keys(private_key, ed_private_key, ed_public_key);
         crypto->curve_to_ed_pub(x_public_key, ed_public_key2);
         TEST_ASSERT_EQUAL_MEMORY(ed_public_key, ed_public_key2, 32);
 
-        crypto->xeddsa_sign(private_key, message, sizeof(message), signature);
+        crypto->xeddsa_sign(message, sizeof(message), signature);
         TEST_ASSERT(crypto->xeddsa_verify(x_public_key, message, sizeof(message), signature));
         TEST_ASSERT_FALSE(crypto->xeddsa_verify(x_public_key, message2, sizeof(message), signature));
     }