From c4797b14ed1ccf70d2882aa9e9075ebef564d34b Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Tue, 26 Nov 2019 21:20:02 +0100 Subject: DCE / GNUNET_TWEETNACL prefix for exported symbols --- src/util/crypto_ecc.c | 48 +++++++++--------- src/util/tweetnacl-gnunet.c | 116 ++++++++++++++++++++++++-------------------- src/util/tweetnacl-gnunet.h | 105 +++++++++++++-------------------------- 3 files changed, 124 insertions(+), 145 deletions(-) diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c index 86beb9109..f9efcf6e7 100644 --- a/src/util/crypto_ecc.c +++ b/src/util/crypto_ecc.c @@ -282,7 +282,7 @@ GNUNET_CRYPTO_eddsa_key_get_public ( { #if NEW_CRYPTO BENCHMARK_START (eddsa_key_get_public); - crypto_sign_pk_from_seed (pub->q_y, priv->d); + GNUNET_TWEETNACL_sign_pk_from_seed (pub->q_y, priv->d); BENCHMARK_END (eddsa_key_get_public); #else gcry_sexp_t sexp; @@ -319,7 +319,7 @@ GNUNET_CRYPTO_ecdhe_key_get_public ( { #if NEW_CRYPTO BENCHMARK_START (ecdhe_key_get_public); - crypto_scalarmult_curve25519_base (pub->q_y, priv->d); + GNUNET_TWEETNACL_scalarmult_curve25519_base (pub->q_y, priv->d); BENCHMARK_END (ecdhe_key_get_public); #else gcry_sexp_t sexp; @@ -1036,15 +1036,15 @@ GNUNET_CRYPTO_eddsa_sign ( #if NEW_CRYPTO size_t mlen = ntohl (purpose->size); - unsigned char sk[crypto_sign_SECRETKEYBYTES]; + unsigned char sk[GNUNET_TWEETNACL_SIGN_SECRETKEYBYTES]; int res; BENCHMARK_START (eddsa_sign); - crypto_sign_sk_from_seed (sk, priv->d); - res = crypto_sign_detached ((uint8_t *) sig, - (uint8_t *) purpose, - mlen, - sk); + GNUNET_TWEETNACL_sign_sk_from_seed (sk, priv->d); + res = GNUNET_TWEETNACL_sign_detached ((uint8_t *) sig, + (uint8_t *) purpose, + mlen, + sk); BENCHMARK_END (eddsa_sign); return (res == 0) ? GNUNET_OK : GNUNET_SYSERR; #else @@ -1189,7 +1189,7 @@ GNUNET_CRYPTO_eddsa_verify ( return GNUNET_SYSERR; /* purpose mismatch */ BENCHMARK_START (eddsa_verify); - res = crypto_sign_detached_verify (s, m, mlen, pub->q_y); + res = GNUNET_TWEETNACL_sign_detached_verify (s, m, mlen, pub->q_y); BENCHMARK_END (eddsa_verify); return (res == 0) ? GNUNET_OK : GNUNET_SYSERR; #else @@ -1262,9 +1262,9 @@ GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, struct GNUNET_HashCode *key_material) { #if NEW_CRYPTO - uint8_t p[crypto_scalarmult_BYTES]; - crypto_scalarmult_curve25519 (p, priv->d, pub->q_y); - GNUNET_CRYPTO_hash (p, crypto_scalarmult_BYTES, key_material); + uint8_t p[GNUNET_TWEETNACL_SCALARMULT_BYTES]; + GNUNET_TWEETNACL_scalarmult_curve25519 (p, priv->d, pub->q_y); + GNUNET_CRYPTO_hash (p, GNUNET_TWEETNACL_SCALARMULT_BYTES, key_material); return GNUNET_OK; #else gcry_mpi_point_t result; @@ -1592,12 +1592,16 @@ GNUNET_CRYPTO_eddsa_ecdh (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, { #if NEW_CRYPTO struct GNUNET_HashCode hc; - uint8_t a[crypto_scalarmult_BYTES]; - uint8_t p[crypto_scalarmult_BYTES]; - GNUNET_CRYPTO_hash (priv, sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey), &hc); + uint8_t a[GNUNET_TWEETNACL_SCALARMULT_BYTES]; + uint8_t p[GNUNET_TWEETNACL_SCALARMULT_BYTES]; + GNUNET_CRYPTO_hash (priv, + sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey), + &hc); memcpy (a, &hc, sizeof (struct GNUNET_CRYPTO_EcdhePrivateKey)); - crypto_scalarmult_curve25519 (p, a, pub->q_y); - GNUNET_CRYPTO_hash (p, crypto_scalarmult_BYTES, key_material); + GNUNET_TWEETNACL_scalarmult_curve25519 (p, a, pub->q_y); + GNUNET_CRYPTO_hash (p, + GNUNET_TWEETNACL_SCALARMULT_BYTES, + key_material); return GNUNET_OK; #else gcry_mpi_point_t result; @@ -1712,11 +1716,11 @@ GNUNET_CRYPTO_ecdh_eddsa (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, struct GNUNET_HashCode *key_material) { #if NEW_CRYPTO - uint8_t p[crypto_scalarmult_BYTES]; - uint8_t curve25510_pk[crypto_sign_PUBLICKEYBYTES]; - crypto_sign_ed25519_pk_to_curve25519 (curve25510_pk, pub->q_y); - crypto_scalarmult_curve25519 (p, priv->d, curve25510_pk); - GNUNET_CRYPTO_hash (p, crypto_scalarmult_BYTES, key_material); + uint8_t p[GNUNET_TWEETNACL_SCALARMULT_BYTES]; + uint8_t curve25510_pk[GNUNET_TWEETNACL_SIGN_PUBLICBYTES]; + GNUNET_TWEETNACL_sign_ed25519_pk_to_curve25519 (curve25510_pk, pub->q_y); + GNUNET_TWEETNACL_scalarmult_curve25519 (p, priv->d, curve25510_pk); + GNUNET_CRYPTO_hash (p, GNUNET_TWEETNACL_SCALARMULT_BYTES, key_material); return GNUNET_OK; #else gcry_mpi_point_t result; diff --git a/src/util/tweetnacl-gnunet.c b/src/util/tweetnacl-gnunet.c index 0f3a976c1..1c27730a4 100644 --- a/src/util/tweetnacl-gnunet.c +++ b/src/util/tweetnacl-gnunet.c @@ -13,7 +13,6 @@ #include "gnunet_crypto_lib.h" #include "tweetnacl-gnunet.h" #define FOR(i,n) for (i = 0; i < n; ++i) -#define sv static void typedef uint8_t u8; typedef uint32_t u32; @@ -21,11 +20,6 @@ typedef uint64_t u64; typedef int64_t i64; typedef i64 gf[16]; -static void randombytes (u8 *data,u64 len) -{ - GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE, data, len); -} - static const u8 _9[32] = {9}; static const gf gf0, @@ -42,30 +36,29 @@ static const gf I = {0xa0b0, 0x4a0e, 0x1b27, 0xc4ee, 0xe478, 0xad2f, 0x1806, 0x2f43, 0xd7a7, 0x3dfb, 0x0099, 0x2b4d, 0xdf0b, 0x4fc1, 0x2480, 0x2b83}; -static int vn (const u8 *x,const u8 *y,int n) +static int +vn (const u8 *x,const u8 *y,int n) { u32 i,d = 0; FOR (i,n) d |= x[i] ^ y[i]; return (1 & ((d - 1) >> 8)) - 1; } -int crypto_verify_16 (const u8 *x,const u8 *y) -{ - return vn (x,y,16); -} - -int crypto_verify_32 (const u8 *x,const u8 *y) +static int +crypto_verify_32 (const u8 *x,const u8 *y) { return vn (x,y,32); } -sv set25519 (gf r, const gf a) +static void +set25519 (gf r, const gf a) { int i; FOR (i,16) r[i] = a[i]; } -sv car25519 (gf o) +static void +car25519 (gf o) { int i; i64 c; @@ -77,7 +70,8 @@ sv car25519 (gf o) } } -sv sel25519 (gf p,gf q,int b) +static void +sel25519 (gf p,gf q,int b) { i64 t,i,c = ~(b - 1); FOR (i,16) { @@ -87,7 +81,8 @@ sv sel25519 (gf p,gf q,int b) } } -sv pack25519 (u8 *o,const gf n) +static void +pack25519 (u8 *o,const gf n) { int i,j,b; gf m,t; @@ -112,7 +107,8 @@ sv pack25519 (u8 *o,const gf n) } } -static int neq25519 (const gf a, const gf b) +static int +neq25519 (const gf a, const gf b) { u8 c[32],d[32]; pack25519 (c,a); @@ -120,33 +116,38 @@ static int neq25519 (const gf a, const gf b) return crypto_verify_32 (c,d); } -static u8 par25519 (const gf a) +static uint8_t +par25519 (const gf a) { u8 d[32]; pack25519 (d,a); return d[0] & 1; } -sv unpack25519 (gf o, const u8 *n) +static void +unpack25519 (gf o, const u8 *n) { int i; FOR (i,16) o[i] = n[2 * i] + ((i64) n[2 * i + 1] << 8); o[15] &= 0x7fff; } -sv A (gf o,const gf a,const gf b) +static void +A (gf o,const gf a,const gf b) { int i; FOR (i,16) o[i] = a[i] + b[i]; } -sv Z (gf o,const gf a,const gf b) +static void +Z (gf o,const gf a,const gf b) { int i; FOR (i,16) o[i] = a[i] - b[i]; } -sv M (gf o,const gf a,const gf b) +static void +M (gf o,const gf a,const gf b) { i64 i,j,t[31]; FOR (i,31) t[i] = 0; @@ -157,12 +158,14 @@ sv M (gf o,const gf a,const gf b) car25519 (o); } -sv S (gf o,const gf a) +static void +S (gf o,const gf a) { M (o,a,a); } -sv inv25519 (gf o,const gf i) +static void +inv25519 (gf o,const gf i) { gf c; int a; @@ -175,7 +178,7 @@ sv inv25519 (gf o,const gf i) FOR (a,16) o[a] = c[a]; } -sv pow2523 (gf o,const gf i) +static void pow2523 (gf o,const gf i) { gf c; int a; @@ -188,7 +191,8 @@ sv pow2523 (gf o,const gf i) FOR (a,16) o[a] = c[a]; } -int crypto_scalarmult (u8 *q,const u8 *n,const u8 *p) +int +GNUNET_TWEETNACL_scalarmult_curve25519 (u8 *q,const u8 *n,const u8 *p) { u8 z[32]; i64 x[80],r,i; @@ -239,25 +243,22 @@ int crypto_scalarmult (u8 *q,const u8 *n,const u8 *p) return 0; } -int crypto_scalarmult_base (u8 *q,const u8 *n) -{ - return crypto_scalarmult (q,n,_9); -} - -int crypto_box_keypair (u8 *y,u8 *x) +int +GNUNET_TWEETNACL_scalarmult_curve25519_base (u8 *q,const u8 *n) { - randombytes (x,32); - return crypto_scalarmult_base (y,x); + return GNUNET_TWEETNACL_scalarmult_curve25519 (q,n,_9); } -int crypto_hash (u8 *out,const u8 *m,u64 n) +static int +crypto_hash (u8 *out,const u8 *m,u64 n) { struct GNUNET_HashCode *hc = (void *) out; GNUNET_CRYPTO_hash (m, n, hc); return 0; } -sv add (gf p[4],gf q[4]) +static void +add (gf p[4],gf q[4]) { gf a,b,c,d,t,e,f,g,h; @@ -282,14 +283,16 @@ sv add (gf p[4],gf q[4]) M (p[3], e, h); } -sv cswap (gf p[4],gf q[4],u8 b) +static void +cswap (gf p[4],gf q[4],u8 b) { int i; FOR (i,4) sel25519 (p[i],q[i],b); } -sv pack (u8 *r,gf p[4]) +static void +pack (u8 *r,gf p[4]) { gf tx, ty, zi; inv25519 (zi, p[2]); @@ -299,7 +302,8 @@ sv pack (u8 *r,gf p[4]) r[31] ^= par25519 (tx) << 7; } -sv scalarmult (gf p[4],gf q[4],const u8 *s) +static void +scalarmult (gf p[4],gf q[4],const u8 *s) { int i; set25519 (p[0],gf0); @@ -315,7 +319,8 @@ sv scalarmult (gf p[4],gf q[4],const u8 *s) } } -sv scalarbase (gf p[4],const u8 *s) +static void +scalarbase (gf p[4],const u8 *s) { gf q[4]; set25519 (q[0],X); @@ -330,7 +335,8 @@ static const u64 L[32] = {0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x10}; -sv modL (u8 *r,i64 x[64]) +static void +modL (u8 *r,i64 x[64]) { i64 carry,i,j; for (i = 63; i >= 32; --i) { @@ -356,7 +362,8 @@ sv modL (u8 *r,i64 x[64]) } } -sv reduce (u8 *r) +static void +reduce (u8 *r) { i64 x[64],i; FOR (i,64) x[i] = (u64) r[i]; @@ -364,7 +371,8 @@ sv reduce (u8 *r) modL (r,x); } -static int unpackneg (gf r[4],const u8 p[32]) +static int +unpackneg (gf r[4],const u8 p[32]) { gf t, chk, num, den, den2, den4, den6; set25519 (r[2],gf1); @@ -406,7 +414,7 @@ static int unpackneg (gf r[4],const u8 p[32]) /* The following functions have been added for GNUnet */ void -crypto_sign_pk_from_seed (u8 *pk, const u8 *seed) +GNUNET_TWEETNACL_sign_pk_from_seed (u8 *pk, const u8 *seed) { u8 d[64]; gf p[4]; @@ -421,7 +429,7 @@ crypto_sign_pk_from_seed (u8 *pk, const u8 *seed) } void -crypto_sign_sk_from_seed (u8 *sk, const u8 *seed) +GNUNET_TWEETNACL_sign_sk_from_seed (u8 *sk, const u8 *seed) { u8 d[64]; gf p[4]; @@ -440,9 +448,9 @@ crypto_sign_sk_from_seed (u8 *sk, const u8 *seed) FOR (i,32) sk[32 + i] = pk[i]; } - int -crypto_sign_ed25519_pk_to_curve25519 (u8 *x25519_pk, const u8 *ed25519_pk) +GNUNET_TWEETNACL_sign_ed25519_pk_to_curve25519 (u8 *x25519_pk, + const u8 *ed25519_pk) { gf ge_a[4]; gf x; @@ -464,8 +472,10 @@ crypto_sign_ed25519_pk_to_curve25519 (u8 *x25519_pk, const u8 *ed25519_pk) return 0; } - -int crypto_sign_detached_verify (const u8 *sig,const u8 *m,u64 n,const u8 *pk) +int GNUNET_TWEETNACL_sign_detached_verify (const u8 *sig, + const u8 *m, + u64 n, + const u8 *pk) { struct GNUNET_HashContext *hc; u8 t[32],h[64]; @@ -492,9 +502,11 @@ int crypto_sign_detached_verify (const u8 *sig,const u8 *m,u64 n,const u8 *pk) return 0; } - int -crypto_sign_detached (u8 *sig,const u8 *m,u64 n,const u8 *sk) +GNUNET_TWEETNACL_sign_detached (u8 *sig, + const u8 *m, + u64 n, + const u8 *sk) { struct GNUNET_HashContext *hc; u8 d[64],h[64],r[64]; diff --git a/src/util/tweetnacl-gnunet.h b/src/util/tweetnacl-gnunet.h index d413541ff..239166ffc 100644 --- a/src/util/tweetnacl-gnunet.h +++ b/src/util/tweetnacl-gnunet.h @@ -13,75 +13,38 @@ #ifndef TWEETNACL_H #define TWEETNACL_H #include -#define crypto_scalarmult_PRIMITIVE "curve25519" -#define crypto_scalarmult crypto_scalarmult_curve25519 -#define crypto_scalarmult_base crypto_scalarmult_curve25519_base -#define crypto_scalarmult_BYTES crypto_scalarmult_curve25519_BYTES -#define crypto_scalarmult_SCALARBYTES crypto_scalarmult_curve25519_SCALARBYTES -#define crypto_scalarmult_IMPLEMENTATION \ - crypto_scalarmult_curve25519_IMPLEMENTATION -#define crypto_scalarmult_VERSION crypto_scalarmult_curve25519_VERSION -#define crypto_scalarmult_curve25519_tweet_BYTES 32 -#define crypto_scalarmult_curve25519_tweet_SCALARBYTES 32 -extern int crypto_scalarmult_curve25519_tweet (uint8_t *, - const uint8_t *, - const uint8_t *); -extern int crypto_scalarmult_curve25519_tweet_base (uint8_t *, - const uint8_t *); -#define crypto_scalarmult_curve25519_tweet_VERSION "-" -#define crypto_scalarmult_curve25519 crypto_scalarmult_curve25519_tweet -#define crypto_scalarmult_curve25519_base \ - crypto_scalarmult_curve25519_tweet_base -#define crypto_scalarmult_curve25519_BYTES \ - crypto_scalarmult_curve25519_tweet_BYTES -#define crypto_scalarmult_curve25519_SCALARBYTES \ - crypto_scalarmult_curve25519_tweet_SCALARBYTES -#define crypto_scalarmult_curve25519_VERSION \ - crypto_scalarmult_curve25519_tweet_VERSION -#define crypto_scalarmult_curve25519_IMPLEMENTATION \ - "crypto_scalarmult/curve25519/tweet" -#define crypto_sign_PRIMITIVE "ed25519" -#define crypto_sign crypto_sign_ed25519 -#define crypto_sign_BYTES crypto_sign_ed25519_BYTES -#define crypto_sign_PUBLICKEYBYTES crypto_sign_ed25519_PUBLICKEYBYTES -#define crypto_sign_SECRETKEYBYTES crypto_sign_ed25519_SECRETKEYBYTES -#define crypto_sign_IMPLEMENTATION crypto_sign_ed25519_IMPLEMENTATION -#define crypto_sign_VERSION crypto_sign_ed25519_VERSION -#define crypto_sign_ed25519_tweet_BYTES 64 -#define crypto_sign_ed25519_tweet_PUBLICKEYBYTES 32 -#define crypto_sign_ed25519_tweet_SECRETKEYBYTES 64 -extern int crypto_sign_ed25519_tweet (uint8_t *, - uint64_t *, - const uint8_t *, - uint64_t, - const uint8_t *); -extern int crypto_sign_ed25519_tweet_open (uint8_t *, - uint64_t *, - const uint8_t *, - uint64_t, - const uint8_t *); -extern int crypto_sign_ed25519_tweet_keypair (uint8_t *,uint8_t *); -#define crypto_sign_ed25519_tweet_VERSION "-" -#define crypto_sign_ed25519 crypto_sign_ed25519_tweet -#define crypto_sign_ed25519_open crypto_sign_ed25519_tweet_open -#define crypto_sign_ed25519_keypair crypto_sign_ed25519_tweet_keypair -#define crypto_sign_ed25519_BYTES crypto_sign_ed25519_tweet_BYTES -#define crypto_sign_ed25519_PUBLICKEYBYTES \ - crypto_sign_ed25519_tweet_PUBLICKEYBYTES -#define crypto_sign_ed25519_SECRETKEYBYTES \ - crypto_sign_ed25519_tweet_SECRETKEYBYTES -#define crypto_sign_ed25519_VERSION crypto_sign_ed25519_tweet_VERSION -#define crypto_sign_ed25519_IMPLEMENTATION "crypto_sign/ed25519/tweet" -void crypto_sign_pk_from_seed (uint8_t *pk, const uint8_t *seed); -void crypto_sign_sk_from_seed (uint8_t *sk, const uint8_t *seed); -int crypto_sign_ed25519_pk_to_curve25519 (uint8_t *x25519_pk, - const uint8_t *ed25519_pk); -int crypto_sign_detached_verify (const uint8_t *sig, - const uint8_t *m, - uint64_t n, - const uint8_t *pk); -int crypto_sign_detached (uint8_t *sig, - const uint8_t *m, - uint64_t n, - const uint8_t *sk); + + +#define GNUNET_TWEETNACL_SIGN_SECRETKEYBYTES 64 +#define GNUNET_TWEETNACL_SIGN_PUBLICBYTES 32 +#define GNUNET_TWEETNACL_SCALARMULT_BYTES 32 + +int +GNUNET_TWEETNACL_scalarmult_curve25519 (uint8_t *, + const uint8_t *, + const uint8_t *); +extern int +GNUNET_TWEETNACL_scalarmult_curve25519_base (uint8_t *, + const uint8_t *); +void +GNUNET_TWEETNACL_sign_pk_from_seed (uint8_t *pk, const uint8_t *seed); + +void +GNUNET_TWEETNACL_sign_sk_from_seed (uint8_t *sk, const uint8_t *seed); + +int +GNUNET_TWEETNACL_sign_ed25519_pk_to_curve25519 (uint8_t *x25519_pk, + const uint8_t *ed25519_pk); + +int +GNUNET_TWEETNACL_sign_detached_verify (const uint8_t *sig, + const uint8_t *m, + uint64_t n, + const uint8_t *pk); + +int +GNUNET_TWEETNACL_sign_detached (uint8_t *sig, + const uint8_t *m, + uint64_t n, + const uint8_t *sk); #endif -- cgit v1.2.3