disco: update to newest sources

This commit is contained in:
Henry Case 2018-12-08 21:10:29 +00:00
부모 f3154fd505
커밋 65faa0d4f9
5개의 변경된 파일45개의 추가작업 그리고 51개의 파일을 삭제

파일 보기

@ -1,12 +1,12 @@
TARGET := disco.elf
LOCAL_CFLAGS := -Os -fno-builtin-printf -I.
LOCAL_CFLAGS := -Os -fno-builtin-printf -Isrc
LOCAL_SRC_C := \
tests/test_disco.c \
disco_asymmetric.c \
disco_symmetric.c \
tweetstrobe.c \
tweetX25519.c \
devurandom.c
src/disco_asymmetric.c \
src/disco_symmetric.c \
src/tweetstrobe.c \
src/tweetX25519.c \
src/devurandom.c
include ../conf/toolchain.mk
include ../conf/sdk.mk

파일 보기

@ -32,18 +32,7 @@
// ======
// Used for key exchanges.
/**
* disco_generateKeyPair can be used to generate a X25519 keypair. This is
* useful for creating long-term keypairs for a peer.
* @kp an initialized keyPair struct. It is over-written by the function.
*/
void disco_generateKeyPair(keyPair *kp) {
crypto_box_keypair(kp->pub, kp->priv);
kp->isSet = true; // TODO: is this useful? If it is, should we use a magic
// number here in case it's not initialized to false?
}
void DH(keyPair mine, keyPair theirs, uint8_t *output) {
static inline void DH(keyPair mine, keyPair theirs, uint8_t *output) {
crypto_scalarmult(output, mine.priv, theirs.pub);
}
@ -53,32 +42,36 @@ void DH(keyPair mine, keyPair theirs, uint8_t *output) {
// Refer to the Disco specification to understand the meaning of these
// functions.
void initializeSymmetric(symmetricState *ss, const char *protocol_name,
static inline void initializeSymmetric(symmetricState *ss,
const char *protocol_name,
size_t protocol_name_len) {
strobe_init(&(ss->strobe), protocol_name, protocol_name_len);
}
void mixKey(symmetricState *ss, uint8_t *input_key_material) {
static inline void mixKey(symmetricState *ss, uint8_t *input_key_material) {
strobe_operate(&(ss->strobe), TYPE_AD, input_key_material, 32, false);
ss->isKeyed = true;
}
void mixHash(symmetricState *ss, uint8_t *data, size_t data_len) {
static inline void mixHash(symmetricState *ss, uint8_t *data, size_t data_len) {
strobe_operate(&(ss->strobe), TYPE_AD, data, data_len, false);
}
void mixKeyAndHash(symmetricState *ss, uint8_t *input_key_material) {
/*
static inline void mixKeyAndHash(symmetricState *ss,
uint8_t *input_key_material) {
strobe_operate(&(ss->strobe), TYPE_AD, input_key_material, 32, false);
}
void getHandshakeHash(symmetricState *ss, uint8_t *result) {
static inline void getHandshakeHash(symmetricState *ss, uint8_t *result) {
strobe_operate(&(ss->strobe), TYPE_PRF, result, 32, false);
}
*/
// note that this function modifies the plaintext in place, and requires the
// plaintext buffer to have 16 more bytes of capacity for the authentication tag
// if the symmetric state is keyed
void encryptAndHash(symmetricState *ss, uint8_t *plaintext,
static inline void encryptAndHash(symmetricState *ss, uint8_t *plaintext,
size_t plaintext_len) {
if (!ss->isKeyed) {
strobe_operate(&(ss->strobe), TYPE_CLR, plaintext, plaintext_len, false);
@ -91,7 +84,7 @@ void encryptAndHash(symmetricState *ss, uint8_t *plaintext,
// note that the decryption occurs in place, and the the result is
// `ciphertext_len-16` in case the symmetric state is keyed.
bool decryptAndHash(symmetricState *ss, uint8_t *ciphertext,
static inline bool decryptAndHash(symmetricState *ss, uint8_t *ciphertext,
size_t ciphertext_len) {
if (!ss->isKeyed) {
return strobe_operate(&(ss->strobe), TYPE_CLR | FLAG_I, ciphertext,
@ -200,11 +193,9 @@ void disco_Initialize(handshakeState *hs, const char *handshake_pattern,
// handshake_pattern is of the following form:
// "protocol_name \x00 pre-message patterns \x00 message patterns"
printf("debug1:%s\n", handshake_pattern);
initializeSymmetric(&(hs->symmetric_state), handshake_pattern,
strlen(handshake_pattern));
handshake_pattern = handshake_pattern + strlen(handshake_pattern) + 1;
printf("debug2:%s\n", handshake_pattern);
hs->symmetric_state.isKeyed = false;

파일 보기

@ -12,6 +12,7 @@
#define __DISCO_H__
#include "tweetstrobe.h"
#include "tweetX25519.h"
#include <stdlib.h>
#include <stdint.h>
@ -80,8 +81,12 @@ typedef struct handshakeState_ {
// Public API
// ==========
// used to generate long-term key pairs
void disco_generateKeyPair(keyPair *kp);
// used to generate long-term key pairs for a peer
inline void disco_generateKeyPair(keyPair *kp) {
crypto_box_keypair(kp->pub, kp->priv);
kp->isSet = true; // TODO: is this useful? If it is, should we use a magic
// number here in case it's not initialized to false?
}
// used to initialized your handshakeState with a handshake pattern
void disco_Initialize(handshakeState *hs, const char *handshake_pattern,

파일 보기

@ -4,16 +4,15 @@
#include "tweetX25519.h"
#define FOR(i, n) for (i = 0; i < n; ++i)
#define sv static void
typedef int64_t gf[16];
typedef long long i64;
typedef i64 gf[16];
extern void randombytes(u8 *, u64);
extern void randombytes(uint8_t *, uint64_t);
static const u8 _9[32] = {9};
static const uint8_t _9[32] = {9};
static const gf _121665 = {0xDB41, 1};
sv car25519(gf o) {
int i;
i64 c;
int64_t c;
FOR(i, 16) {
o[i] += (1LL << 16);
c = o[i] >> 16;
@ -23,7 +22,7 @@ sv car25519(gf o) {
}
sv sel25519(gf p, gf q, int b) {
i64 t, i, c = ~(b - 1);
int64_t t, i, c = ~(b - 1);
FOR(i, 16) {
t = c & (p[i] ^ q[i]);
p[i] ^= t;
@ -31,7 +30,7 @@ sv sel25519(gf p, gf q, int b) {
}
}
sv pack25519(u8 *o, const gf n) {
sv pack25519(uint8_t *o, const gf n) {
int i, j, b;
gf m, t;
FOR(i, 16) t[i] = n[i];
@ -55,9 +54,9 @@ sv pack25519(u8 *o, const gf n) {
}
}
sv unpack25519(gf o, const u8 *n) {
sv unpack25519(gf o, const uint8_t *n) {
int i;
FOR(i, 16) o[i] = n[2 * i] + ((i64)n[2 * i + 1] << 8);
FOR(i, 16) o[i] = n[2 * i] + ((int64_t)n[2 * i + 1] << 8);
o[15] &= 0x7fff;
}
@ -72,7 +71,7 @@ sv Z(gf o, const gf a, const gf b) {
}
sv M(gf o, const gf a, const gf b) {
i64 i, j, t[31];
int64_t i, j, t[31];
FOR(i, 31) t[i] = 0;
FOR(i, 16) FOR(j, 16) t[i + j] += a[i] * b[j];
FOR(i, 15) t[i] += 38 * t[i + 16];
@ -94,9 +93,9 @@ sv inv25519(gf o, const gf i) {
FOR(a, 16) o[a] = c[a];
}
int crypto_scalarmult(u8 *q, const u8 *n, const u8 *p) {
u8 z[32];
i64 x[80], r, i;
int crypto_scalarmult(uint8_t *q, const uint8_t *n, const uint8_t *p) {
uint8_t z[32];
int64_t x[80], r, i;
gf a, b, c, d, e, f;
FOR(i, 31) z[i] = n[i];
z[31] = (n[31] & 127) | 64;
@ -144,11 +143,11 @@ int crypto_scalarmult(u8 *q, const u8 *n, const u8 *p) {
return 0;
}
int crypto_scalarmult_base(u8 *q, const u8 *n) {
int crypto_scalarmult_base(uint8_t *q, const uint8_t *n) {
return crypto_scalarmult(q, n, _9);
}
int crypto_box_keypair(u8 *y, u8 *x) {
int crypto_box_keypair(uint8_t *y, uint8_t *x) {
randombytes(x, 32);
return crypto_scalarmult_base(y, x);
}

파일 보기

@ -1,10 +1,9 @@
#ifndef __CURVE25519_H__
#define __CURVE25519_H__
typedef unsigned char u8;
typedef unsigned long long u64;
#include <stdint.h>
int crypto_scalarmult(u8 *q, const u8 *n, const u8 *p);
int crypto_box_keypair(u8 *y, u8 *x);
int crypto_scalarmult(uint8_t *q, const uint8_t *n, const uint8_t *p);
int crypto_box_keypair(uint8_t *y, uint8_t *x);
#endif /* __CURVE25519_H__ */