kris/riscv-sandbox
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

disco: update to newest sources

Browse Source
This commit is contained in:
Henry Case 2018-12-08 21:10:29 +00:00
parent f3154fd505
commit 65faa0d4f9
5 changed files with 45 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
disco/Makefile
View File

@ -1,12 +1,12 @@
TARGET := disco.elf TARGET := disco.elf
LOCAL_CFLAGS := -Os -fno-builtin-printf -I. LOCAL_CFLAGS := -Os -fno-builtin-printf -Isrc
LOCAL_SRC_C := \ LOCAL_SRC_C := \
tests/test_disco.c \ tests/test_disco.c \
disco_asymmetric.c \ src/disco_asymmetric.c \
disco_symmetric.c \ src/disco_symmetric.c \
tweetstrobe.c \ src/tweetstrobe.c \
tweetX25519.c \ src/tweetX25519.c \
devurandom.c src/devurandom.c
include ../conf/toolchain.mk include ../conf/toolchain.mk
include ../conf/sdk.mk include ../conf/sdk.mk

33
disco/src/disco_asymmetric.c
View File

@ -32,18 +32,7 @@
// ====== // ======
// Used for key exchanges. // Used for key exchanges.
/** static inline void DH(keyPair mine, keyPair theirs, uint8_t *output) {
* disco_generateKeyPair can be used to generate a X25519 keypair. This is
* useful for creating long-term keypairs for a peer.
* @kp an initialized keyPair struct. It is over-written by the function.
*/
void disco_generateKeyPair(keyPair *kp) {
crypto_box_keypair(kp->pub, kp->priv);
kp->isSet = true; // TODO: is this useful? If it is, should we use a magic
// number here in case it's not initialized to false?
}
void DH(keyPair mine, keyPair theirs, uint8_t *output) {
crypto_scalarmult(output, mine.priv, theirs.pub); crypto_scalarmult(output, mine.priv, theirs.pub);
} }
@ -53,32 +42,36 @@ void DH(keyPair mine, keyPair theirs, uint8_t *output) {
// Refer to the Disco specification to understand the meaning of these // Refer to the Disco specification to understand the meaning of these
// functions. // functions.
void initializeSymmetric(symmetricState *ss, const char *protocol_name, static inline void initializeSymmetric(symmetricState *ss,
const char *protocol_name,
size_t protocol_name_len) { size_t protocol_name_len) {
strobe_init(&(ss->strobe), protocol_name, protocol_name_len); strobe_init(&(ss->strobe), protocol_name, protocol_name_len);
} }
void mixKey(symmetricState *ss, uint8_t *input_key_material) { static inline void mixKey(symmetricState *ss, uint8_t *input_key_material) {
strobe_operate(&(ss->strobe), TYPE_AD, input_key_material, 32, false); strobe_operate(&(ss->strobe), TYPE_AD, input_key_material, 32, false);
ss->isKeyed = true; ss->isKeyed = true;
} }
void mixHash(symmetricState *ss, uint8_t *data, size_t data_len) { static inline void mixHash(symmetricState *ss, uint8_t *data, size_t data_len) {
strobe_operate(&(ss->strobe), TYPE_AD, data, data_len, false); strobe_operate(&(ss->strobe), TYPE_AD, data, data_len, false);
} }
void mixKeyAndHash(symmetricState *ss, uint8_t *input_key_material) { /*
static inline void mixKeyAndHash(symmetricState *ss,
uint8_t *input_key_material) {
strobe_operate(&(ss->strobe), TYPE_AD, input_key_material, 32, false); strobe_operate(&(ss->strobe), TYPE_AD, input_key_material, 32, false);
} }
void getHandshakeHash(symmetricState *ss, uint8_t *result) { static inline void getHandshakeHash(symmetricState *ss, uint8_t *result) {
strobe_operate(&(ss->strobe), TYPE_PRF, result, 32, false); strobe_operate(&(ss->strobe), TYPE_PRF, result, 32, false);
} }
*/
// note that this function modifies the plaintext in place, and requires the // note that this function modifies the plaintext in place, and requires the
// plaintext buffer to have 16 more bytes of capacity for the authentication tag // plaintext buffer to have 16 more bytes of capacity for the authentication tag
// if the symmetric state is keyed // if the symmetric state is keyed
void encryptAndHash(symmetricState *ss, uint8_t *plaintext, static inline void encryptAndHash(symmetricState *ss, uint8_t *plaintext,
size_t plaintext_len) { size_t plaintext_len) {
if (!ss->isKeyed) { if (!ss->isKeyed) {
strobe_operate(&(ss->strobe), TYPE_CLR, plaintext, plaintext_len, false); strobe_operate(&(ss->strobe), TYPE_CLR, plaintext, plaintext_len, false);
@ -91,7 +84,7 @@ void encryptAndHash(symmetricState *ss, uint8_t *plaintext,
// note that the decryption occurs in place, and the the result is // note that the decryption occurs in place, and the the result is
// `ciphertext_len-16` in case the symmetric state is keyed. // `ciphertext_len-16` in case the symmetric state is keyed.
bool decryptAndHash(symmetricState *ss, uint8_t *ciphertext, static inline bool decryptAndHash(symmetricState *ss, uint8_t *ciphertext,
size_t ciphertext_len) { size_t ciphertext_len) {
if (!ss->isKeyed) { if (!ss->isKeyed) {
return strobe_operate(&(ss->strobe), TYPE_CLR | FLAG_I, ciphertext, return strobe_operate(&(ss->strobe), TYPE_CLR | FLAG_I, ciphertext,
@ -200,11 +193,9 @@ void disco_Initialize(handshakeState *hs, const char *handshake_pattern,
// handshake_pattern is of the following form: // handshake_pattern is of the following form:
// "protocol_name \x00 pre-message patterns \x00 message patterns" // "protocol_name \x00 pre-message patterns \x00 message patterns"
printf("debug1:%s\n", handshake_pattern);
initializeSymmetric(&(hs->symmetric_state), handshake_pattern, initializeSymmetric(&(hs->symmetric_state), handshake_pattern,
strlen(handshake_pattern)); strlen(handshake_pattern));
handshake_pattern = handshake_pattern + strlen(handshake_pattern) + 1; handshake_pattern = handshake_pattern + strlen(handshake_pattern) + 1;
printf("debug2:%s\n", handshake_pattern);
hs->symmetric_state.isKeyed = false; hs->symmetric_state.isKeyed = false;

9
disco/src/disco_asymmetric.h
View File

@ -12,6 +12,7 @@
#define __DISCO_H__ #define __DISCO_H__
#include "tweetstrobe.h" #include "tweetstrobe.h"
#include "tweetX25519.h"
#include <stdlib.h> #include <stdlib.h>
#include <stdint.h> #include <stdint.h>
@ -80,8 +81,12 @@ typedef struct handshakeState_ {
// Public API // Public API
// ========== // ==========
// used to generate long-term key pairs // used to generate long-term key pairs for a peer
void disco_generateKeyPair(keyPair *kp); inline void disco_generateKeyPair(keyPair *kp) {
crypto_box_keypair(kp->pub, kp->priv);
kp->isSet = true; // TODO: is this useful? If it is, should we use a magic
// number here in case it's not initialized to false?
}
// used to initialized your handshakeState with a handshake pattern // used to initialized your handshakeState with a handshake pattern
void disco_Initialize(handshakeState *hs, const char *handshake_pattern, void disco_Initialize(handshakeState *hs, const char *handshake_pattern,

29
disco/src/tweetX25519.c
View File

@ -4,16 +4,15 @@
#include "tweetX25519.h" #include "tweetX25519.h"
#define FOR(i, n) for (i = 0; i < n; ++i) #define FOR(i, n) for (i = 0; i < n; ++i)
#define sv static void #define sv static void
typedef int64_t gf[16];
typedef long long i64; extern void randombytes(uint8_t *, uint64_t);
typedef i64 gf[16];
extern void randombytes(u8 *, u64);
static const u8 _9[32] = {9}; static const uint8_t _9[32] = {9};
static const gf _121665 = {0xDB41, 1}; static const gf _121665 = {0xDB41, 1};
sv car25519(gf o) { sv car25519(gf o) {
int i; int i;
i64 c; int64_t c;
FOR(i, 16) { FOR(i, 16) {
o[i] += (1LL << 16); o[i] += (1LL << 16);
c = o[i] >> 16; c = o[i] >> 16;
@ -23,7 +22,7 @@ sv car25519(gf o) {
} }
sv sel25519(gf p, gf q, int b) { sv sel25519(gf p, gf q, int b) {
i64 t, i, c = ~(b - 1); int64_t t, i, c = ~(b - 1);
FOR(i, 16) { FOR(i, 16) {
t = c & (p[i] ^ q[i]); t = c & (p[i] ^ q[i]);
p[i] ^= t; p[i] ^= t;
@ -31,7 +30,7 @@ sv sel25519(gf p, gf q, int b) {
} }
} }
sv pack25519(u8 *o, const gf n) { sv pack25519(uint8_t *o, const gf n) {
int i, j, b; int i, j, b;
gf m, t; gf m, t;
FOR(i, 16) t[i] = n[i]; FOR(i, 16) t[i] = n[i];
@ -55,9 +54,9 @@ sv pack25519(u8 *o, const gf n) {
} }
} }
sv unpack25519(gf o, const u8 *n) { sv unpack25519(gf o, const uint8_t *n) {
int i; int i;
FOR(i, 16) o[i] = n[2 * i] + ((i64)n[2 * i + 1] << 8); FOR(i, 16) o[i] = n[2 * i] + ((int64_t)n[2 * i + 1] << 8);
o[15] &= 0x7fff; o[15] &= 0x7fff;
} }
@ -72,7 +71,7 @@ sv Z(gf o, const gf a, const gf b) {
} }
sv M(gf o, const gf a, const gf b) { sv M(gf o, const gf a, const gf b) {
i64 i, j, t[31]; int64_t i, j, t[31];
FOR(i, 31) t[i] = 0; FOR(i, 31) t[i] = 0;
FOR(i, 16) FOR(j, 16) t[i + j] += a[i] * b[j]; FOR(i, 16) FOR(j, 16) t[i + j] += a[i] * b[j];
FOR(i, 15) t[i] += 38 * t[i + 16]; FOR(i, 15) t[i] += 38 * t[i + 16];
@ -94,9 +93,9 @@ sv inv25519(gf o, const gf i) {
FOR(a, 16) o[a] = c[a]; FOR(a, 16) o[a] = c[a];
} }
int crypto_scalarmult(u8 *q, const u8 *n, const u8 *p) { int crypto_scalarmult(uint8_t *q, const uint8_t *n, const uint8_t *p) {
u8 z[32]; uint8_t z[32];
i64 x[80], r, i; int64_t x[80], r, i;
gf a, b, c, d, e, f; gf a, b, c, d, e, f;
FOR(i, 31) z[i] = n[i]; FOR(i, 31) z[i] = n[i];
z[31] = (n[31] & 127) | 64; z[31] = (n[31] & 127) | 64;
@ -144,11 +143,11 @@ int crypto_scalarmult(u8 *q, const u8 *n, const u8 *p) {
return 0; return 0;
} }
int crypto_scalarmult_base(u8 *q, const u8 *n) { int crypto_scalarmult_base(uint8_t *q, const uint8_t *n) {
return crypto_scalarmult(q, n, _9); return crypto_scalarmult(q, n, _9);
} }
int crypto_box_keypair(u8 *y, u8 *x) { int crypto_box_keypair(uint8_t *y, uint8_t *x) {
randombytes(x, 32); randombytes(x, 32);
return crypto_scalarmult_base(y, x); return crypto_scalarmult_base(y, x);
} }

7
disco/src/tweetX25519.h
View File

@ -1,10 +1,9 @@
#ifndef __CURVE25519_H__ #ifndef __CURVE25519_H__
#define __CURVE25519_H__ #define __CURVE25519_H__
typedef unsigned char u8; #include <stdint.h>
typedef unsigned long long u64;
int crypto_scalarmult(u8 *q, const u8 *n, const u8 *p); int crypto_scalarmult(uint8_t *q, const uint8_t *n, const uint8_t *p);
int crypto_box_keypair(u8 *y, u8 *x); int crypto_box_keypair(uint8_t *y, uint8_t *x);
#endif /* __CURVE25519_H__ */ #endif /* __CURVE25519_H__ */