disco: update to newest sources

2018-12-08 21:10:29 +00:00 · 2018-12-08 21:10:29 +00:00 · 65faa0d4f9
--- a/disco/Makefile
+++ b/disco/Makefile
@ -1,12 +1,12 @@
 TARGET		:= disco.elf
-LOCAL_CFLAGS	:= -Os -fno-builtin-printf -I.
+LOCAL_CFLAGS	:= -Os -fno-builtin-printf -Isrc
 LOCAL_SRC_C	:= \
 	tests/test_disco.c \
-	disco_asymmetric.c \
-	disco_symmetric.c \
-	tweetstrobe.c \
-	tweetX25519.c \
-	devurandom.c
+	src/disco_asymmetric.c \
+	src/disco_symmetric.c \
+	src/tweetstrobe.c \
+	src/tweetX25519.c \
+	src/devurandom.c

 include ../conf/toolchain.mk
 include ../conf/sdk.mk
--- a/disco/src/disco_asymmetric.c
+++ b/disco/src/disco_asymmetric.c
@ -32,18 +32,7 @@
 // ======
 // Used for key exchanges.

-/**
- * disco_generateKeyPair can be used to generate a X25519 keypair. This is
- * useful for creating long-term keypairs for a peer.
- * @kp an initialized keyPair struct. It is over-written by the function.
- */
-void disco_generateKeyPair(keyPair *kp) {
-  crypto_box_keypair(kp->pub, kp->priv);
-  kp->isSet = true;  // TODO: is this useful? If it is, should we use a magic
-                     // number here in case it's not initialized to false?
-}
-
-void DH(keyPair mine, keyPair theirs, uint8_t *output) {
+static inline void DH(keyPair mine, keyPair theirs, uint8_t *output) {
  crypto_scalarmult(output, mine.priv, theirs.pub);
 }

@ -53,32 +42,36 @@ void DH(keyPair mine, keyPair theirs, uint8_t *output) {
 // Refer to the Disco specification to understand the meaning of these
 // functions.

-void initializeSymmetric(symmetricState *ss, const char *protocol_name,
+static inline void initializeSymmetric(symmetricState *ss,
+                                       const char *protocol_name,
                                       size_t protocol_name_len) {
  strobe_init(&(ss->strobe), protocol_name, protocol_name_len);
 }

-void mixKey(symmetricState *ss, uint8_t *input_key_material) {
+static inline void mixKey(symmetricState *ss, uint8_t *input_key_material) {
  strobe_operate(&(ss->strobe), TYPE_AD, input_key_material, 32, false);
  ss->isKeyed = true;
 }

-void mixHash(symmetricState *ss, uint8_t *data, size_t data_len) {
+static inline void mixHash(symmetricState *ss, uint8_t *data, size_t data_len) {
  strobe_operate(&(ss->strobe), TYPE_AD, data, data_len, false);
 }

-void mixKeyAndHash(symmetricState *ss, uint8_t *input_key_material) {
+/*
+static inline void mixKeyAndHash(symmetricState *ss,
+                                 uint8_t *input_key_material) {
  strobe_operate(&(ss->strobe), TYPE_AD, input_key_material, 32, false);
 }

-void getHandshakeHash(symmetricState *ss, uint8_t *result) {
+static inline void getHandshakeHash(symmetricState *ss, uint8_t *result) {
  strobe_operate(&(ss->strobe), TYPE_PRF, result, 32, false);
 }
+*/

 // note that this function modifies the plaintext in place, and requires the
 // plaintext buffer to have 16 more bytes of capacity for the authentication tag
 // if the symmetric state is keyed
-void encryptAndHash(symmetricState *ss, uint8_t *plaintext,
+static inline void encryptAndHash(symmetricState *ss, uint8_t *plaintext,
                                  size_t plaintext_len) {
  if (!ss->isKeyed) {
    strobe_operate(&(ss->strobe), TYPE_CLR, plaintext, plaintext_len, false);
@ -91,7 +84,7 @@ void encryptAndHash(symmetricState *ss, uint8_t *plaintext,

 // note that the decryption occurs in place, and the the result is
 // `ciphertext_len-16` in case the symmetric state is keyed.
-bool decryptAndHash(symmetricState *ss, uint8_t *ciphertext,
+static inline bool decryptAndHash(symmetricState *ss, uint8_t *ciphertext,
                                  size_t ciphertext_len) {
  if (!ss->isKeyed) {
    return strobe_operate(&(ss->strobe), TYPE_CLR | FLAG_I, ciphertext,
@ -200,11 +193,9 @@ void disco_Initialize(handshakeState *hs, const char *handshake_pattern,

  // handshake_pattern is of the following form:
  // "protocol_name \x00 pre-message patterns \x00 message patterns"
-  printf("debug1:%s\n", handshake_pattern);
  initializeSymmetric(&(hs->symmetric_state), handshake_pattern,
                      strlen(handshake_pattern));
  handshake_pattern = handshake_pattern + strlen(handshake_pattern) + 1;
-  printf("debug2:%s\n", handshake_pattern);

  hs->symmetric_state.isKeyed = false;

--- a/disco/src/disco_asymmetric.h
+++ b/disco/src/disco_asymmetric.h
@ -12,6 +12,7 @@
 #define __DISCO_H__

 #include "tweetstrobe.h"
+#include "tweetX25519.h"

 #include <stdlib.h>
 #include <stdint.h>
@ -80,8 +81,12 @@ typedef struct handshakeState_ {
 // Public API
 // ==========

-// used to generate long-term key pairs
-void disco_generateKeyPair(keyPair *kp);
+// used to generate long-term key pairs for a peer
+inline void disco_generateKeyPair(keyPair *kp) {
+  crypto_box_keypair(kp->pub, kp->priv);
+  kp->isSet = true;  // TODO: is this useful? If it is, should we use a magic
+                     // number here in case it's not initialized to false?
+}

 // used to initialized your handshakeState with a handshake pattern
 void disco_Initialize(handshakeState *hs, const char *handshake_pattern,
--- a/disco/src/tweetX25519.c
+++ b/disco/src/tweetX25519.c
@ -4,16 +4,15 @@
 #include "tweetX25519.h"
 #define FOR(i, n) for (i = 0; i < n; ++i)
 #define sv static void
+typedef int64_t gf[16];

-typedef long long i64;
-typedef i64 gf[16];
-extern void randombytes(u8 *, u64);
+extern void randombytes(uint8_t *, uint64_t);

-static const u8 _9[32] = {9};
+static const uint8_t _9[32] = {9};
 static const gf _121665 = {0xDB41, 1};
 sv car25519(gf o) {
  int i;
-  i64 c;
+  int64_t c;
  FOR(i, 16) {
    o[i] += (1LL << 16);
    c = o[i] >> 16;
@ -23,7 +22,7 @@ sv car25519(gf o) {
 }

 sv sel25519(gf p, gf q, int b) {
-  i64 t, i, c = ~(b - 1);
+  int64_t t, i, c = ~(b - 1);
  FOR(i, 16) {
    t = c & (p[i] ^ q[i]);
    p[i] ^= t;
@ -31,7 +30,7 @@ sv sel25519(gf p, gf q, int b) {
  }
 }

-sv pack25519(u8 *o, const gf n) {
+sv pack25519(uint8_t *o, const gf n) {
  int i, j, b;
  gf m, t;
  FOR(i, 16) t[i] = n[i];
@ -55,9 +54,9 @@ sv pack25519(u8 *o, const gf n) {
  }
 }

-sv unpack25519(gf o, const u8 *n) {
+sv unpack25519(gf o, const uint8_t *n) {
  int i;
-  FOR(i, 16) o[i] = n[2 * i] + ((i64)n[2 * i + 1] << 8);
+  FOR(i, 16) o[i] = n[2 * i] + ((int64_t)n[2 * i + 1] << 8);
  o[15] &= 0x7fff;
 }

@ -72,7 +71,7 @@ sv Z(gf o, const gf a, const gf b) {
 }

 sv M(gf o, const gf a, const gf b) {
-  i64 i, j, t[31];
+  int64_t i, j, t[31];
  FOR(i, 31) t[i] = 0;
  FOR(i, 16) FOR(j, 16) t[i + j] += a[i] * b[j];
  FOR(i, 15) t[i] += 38 * t[i + 16];
@ -94,9 +93,9 @@ sv inv25519(gf o, const gf i) {
  FOR(a, 16) o[a] = c[a];
 }

-int crypto_scalarmult(u8 *q, const u8 *n, const u8 *p) {
-  u8 z[32];
-  i64 x[80], r, i;
+int crypto_scalarmult(uint8_t *q, const uint8_t *n, const uint8_t *p) {
+  uint8_t z[32];
+  int64_t x[80], r, i;
  gf a, b, c, d, e, f;
  FOR(i, 31) z[i] = n[i];
  z[31] = (n[31] & 127) | 64;
@ -144,11 +143,11 @@ int crypto_scalarmult(u8 *q, const u8 *n, const u8 *p) {
  return 0;
 }

-int crypto_scalarmult_base(u8 *q, const u8 *n) {
+int crypto_scalarmult_base(uint8_t *q, const uint8_t *n) {
  return crypto_scalarmult(q, n, _9);
 }

-int crypto_box_keypair(u8 *y, u8 *x) {
+int crypto_box_keypair(uint8_t *y, uint8_t *x) {
  randombytes(x, 32);
  return crypto_scalarmult_base(y, x);
 }
--- a/disco/src/tweetX25519.h
+++ b/disco/src/tweetX25519.h
@ -1,10 +1,9 @@
 #ifndef __CURVE25519_H__
 #define __CURVE25519_H__

-typedef unsigned char u8;
-typedef unsigned long long u64;
+#include <stdint.h>

-int crypto_scalarmult(u8 *q, const u8 *n, const u8 *p);
-int crypto_box_keypair(u8 *y, u8 *x);
+int crypto_scalarmult(uint8_t *q, const uint8_t *n, const uint8_t *p);
+int crypto_box_keypair(uint8_t *y, uint8_t *x);

 #endif /* __CURVE25519_H__ */