Go to file

Ken Johnson e2ac43f9d2 v0.2.0: add cr.x25519 and cr.chacha20

Carved out of fpc-comet's cm.crypto.pas.  Both are pure
crypto primitives that belong in fpc-crypto regardless of
whether there's a second consumer yet -- the "wait for a
third consumer" rule that was appropriate for MD5 doesn't
apply the same way to clearly-cryptographic surfaces like
X25519 + ChaCha20 where pre-carving now avoids a coordinated
release later.

cr.x25519 -- Curve25519 scalar multiplication (RFC 7748).
  Shares field arithmetic with cr.ed25519 since the two
  schemes ride on the same curve.  Exposes X25519Keypair,
  X25519ScalarMult (exported for testability), and
  X25519SharedSecret with zero-point rejection.

cr.chacha20 -- ChaCha20 stream cipher (RFC 8439).
  Standalone, no deps beyond SysUtils.  Exposes ChaCha20Init
  and ChaCha20Crypt over a TChacha20State record (256-bit
  key + 96-bit nonce + 64-bit counter + 64-byte keystream
  buffer).

Known-answer tests added for both -- RFC 7748 §5.2 vectors
+ DH round-trip for X25519, RFC 8439 §2.4.2 vector + round-
trip for ChaCha20.  All 5 tests PASS, all 6 targets still
green.

Existing v0.1.0 API (MD5 / SHA / Ed25519) unchanged.  Pure
additive release; no ABI break.
CRYPTO_MIN_COMPATIBLE_VERSION stays at 0.1.0.

2026-04-24 12:05:09 -07:00

docs

README/CHANGELOG/tests: surface SHA-384 + SHA-512 (already in cr.sha)

2026-04-24 10:38:42 -07:00

src

v0.2.0: add cr.x25519 and cr.chacha20

2026-04-24 12:05:09 -07:00

tests

v0.2.0: add cr.x25519 and cr.chacha20

2026-04-24 12:05:09 -07:00

.gitignore

Initial release: fpc-crypto v0.1.0

2026-04-24 10:35:56 -07:00

build.sh

v0.2.0: add cr.x25519 and cr.chacha20

2026-04-24 12:05:09 -07:00

CHANGELOG.md

v0.2.0: add cr.x25519 and cr.chacha20

2026-04-24 12:05:09 -07:00

README.md

v0.2.0: add cr.x25519 and cr.chacha20

2026-04-24 12:05:09 -07:00

run_tests.sh

Initial release: fpc-crypto v0.1.0

2026-04-24 10:35:56 -07:00

README.md

fpc-crypto

Pure-Pascal cryptographic primitives shared across the FidoNet / Comet / Fimail ecosystem. One source of truth for the hash and signature algorithms used by fpc-binkp (CRAM-MD5), fpc-comet (pre-auth hash + Ed25519 peer auth), and fpc-emsi (FSC-0056 shared-secret auth).

What's in v0.2.0

Unit	Primitive	Spec
`cr.md5`	MD5	RFC 1321
`cr.sha`	SHA-256 + SHA-384 + SHA-512	FIPS 180-4
`cr.ed25519`	Ed25519 sign/verify	RFC 8032
`cr.ed25519.sc`	Scalar arithmetic	(internal to Ed25519)
`cr.ed25519.ge`	Group element ops	(internal to Ed25519)
`cr.ed25519.bp`	Precomputed base	(internal to Ed25519)
`cr.x25519`	X25519 DH key exchange	RFC 7748
`cr.chacha20`	ChaCha20 stream cipher	RFC 8439

v0.2.0 carves X25519 + ChaCha20 out of fpc-comet's cm.crypto — they're crypto primitives that belong in the crypto library even with a single consumer today.

The go32v2 MD5 subtlety

cr.md5 is the go32v2-safe standalone MD5 implementation originally carved from Comet's cm.md5. It is not a wrapper over the FPC RTL md5.ppu, because the RTL unit has a sysutils-checksum bug that corrupts MD5 output on i386-go32v2. Consumers who need MD5 on DOS (or anywhere else) should call cr.md5 directly and avoid the RTL.

Building

./build.sh                # all seven targets
./build.sh x86_64-linux   # single target
./run_tests.sh            # host-side known-answer tests

Target matrix

x86_64-linux, i386-linux, i386-freebsd, i386-go32v2, i386-os2, i386-win32 — same matrix as fpc-emsi / fpc-log.

Consumers

Vendor via cp -r src into the downstream tree, or pin at a tag and git submodule. Downstream libraries currently vendoring fpc-crypto:

fpc-binkp v0.3.0+ (CRAM-MD5)
fpc-comet v0.2.0+ (pre-auth + Ed25519)
fpc-emsi v0.2.0+ (FSC-0056)

Dependencies

FPC RTL only (SysUtils).
No external crypto library.
No linkage against OpenSSL / libsodium / any other native lib.

License

GPL-2.0, same as the rest of the ecosystem.