reduce size by using equivalent code from libc instead of nacl

ok deraadt

diff --git a/usr.bin/signify/Makefile b/usr.bin/signify/Makefile
index 7ec0a9e..aca7b57 100644 (file)
--- a/usr.bin/signify/Makefile
+++ b/usr.bin/signify/Makefile
@@ -1,11 +1,11 @@
-#      $OpenBSD: Makefile,v 1.1 2013/12/31 03:03:32 tedu Exp $
+#      $OpenBSD: Makefile,v 1.2 2014/01/08 03:59:46 tedu Exp $
 
 .PATH: ${.CURDIR}/../ssh
 CPPFLAGS += -I${.CURDIR}/../ssh
 
 SRCS=  signify.c
 SRCS+= ed25519.c fe25519.c ge25519.c sc25519.c smult_curve25519_ref.c
-SRCS+= blocks.c hash.c verify.c
+SRCS+= crypto_api.c
 
 PROG=  signify
 

diff --git a/usr.bin/signify/crypto_api.c b/usr.bin/signify/crypto_api.c
new file mode 100644 (file)
index 0000000..36b7348
--- /dev/null
+++ b/usr.bin/signify/crypto_api.c
@@ -0,0 +1,29 @@
+/* $OpenBSD: crypto_api.c,v 1.1 2014/01/08 03:59:46 tedu Exp $ */
+/*
+ * Public domain. Author: Ted Unangst <tedu@openbsd.org>
+ * API compatible reimplementation of functions from nacl
+ */
+#include <sys/types.h>
+
+#include <string.h>
+#include <sha2.h>
+
+#include "crypto_api.h"
+
+int
+crypto_hash_sha512(unsigned char *out, const unsigned char *in,
+    unsigned long long inlen)
+{
+       SHA2_CTX ctx;
+
+       SHA512Init(&ctx);
+       SHA512Update(&ctx, in, inlen);
+       SHA512Final(out, &ctx);
+       return 0;
+}
+
+int
+crypto_verify_32(const unsigned char *x, const unsigned char *y)
+{
+       return timingsafe_bcmp(x, y, 32) ? -1 : 0;
+}