Michael Hamburg
9 years ago
2 changed files with 34 additions and 19 deletions
Unified View
Diff Options
-
+18 -2src/gen_headers/crypto_hxx.py
-
+16 -17src/public_include/decaf/strobe.hxx
+ 18
- 2
src/gen_headers/crypto_hxx.py
View File
| @@ -13,6 +13,7 @@ crypto_hxx = gen_file( | |||||
| """, code = """ | """, code = """ | ||||
| #include <decaf.hxx> | #include <decaf.hxx> | ||||
| #include <decaf/shake.hxx> | #include <decaf/shake.hxx> | ||||
| #include <decaf/strobe.hxx> | |||||
| /** @cond internal */ | /** @cond internal */ | ||||
| #if __cplusplus >= 201103L | #if __cplusplus >= 201103L | ||||
| @@ -68,8 +69,6 @@ public: | |||||
| /** Serialization size. */ | /** Serialization size. */ | ||||
| inline size_t serSize() const NOEXCEPT { return SER_BYTES; } | inline size_t serSize() const NOEXCEPT { return SER_BYTES; } | ||||
| /* FUTURE: verify_strobe */ | |||||
| /** Verify a message */ | /** Verify a message */ | ||||
| inline void verify( | inline void verify( | ||||
| const Block &message, | const Block &message, | ||||
| @@ -79,6 +78,16 @@ public: | |||||
| throw(CryptoException()); | throw(CryptoException()); | ||||
| } | } | ||||
| } | } | ||||
| /** Verify a message */ | |||||
| inline void verify( | |||||
| Strobe &context, | |||||
| const FixedBlock<SIG_BYTES> &sig | |||||
| ) const throw(CryptoException) { | |||||
| if (DECAF_SUCCESS != %(c_ns)s_verify_strobe(context.wrapped,sig.data(),wrapped)) { | |||||
| throw(CryptoException()); | |||||
| } | |||||
| } | |||||
| }; | }; | ||||
| /** A private key for crypto over %(name)s */ | /** A private key for crypto over %(name)s */ | ||||
| @@ -176,6 +185,13 @@ public: | |||||
| %(c_ns)s_sign(sig.data(), wrapped, message.data(), message.size()); | %(c_ns)s_sign(sig.data(), wrapped, message.data(), message.size()); | ||||
| return sig; | return sig; | ||||
| } | } | ||||
| /** Sign a message. */ | |||||
| inline SecureBuffer verify(Strobe &context) const { | |||||
| SecureBuffer sig(SIG_BYTES); | |||||
| %(c_ns)s_sign_strobe(context.wrapped, sig.data(), wrapped); | |||||
| return sig; | |||||
| } | |||||
| }; | }; | ||||
| /** @cond internal */ | /** @cond internal */ | ||||
+ 16
- 17
src/public_include/decaf/strobe.hxx
View File
| @@ -39,11 +39,10 @@ public: | |||||
| /** STROBE protocol framework object */ | /** STROBE protocol framework object */ | ||||
| class Strobe { | class Strobe { | ||||
| private: | |||||
| public: | |||||
| /** The wrapped object */ | /** The wrapped object */ | ||||
| keccak_strobe_t sp; | |||||
| keccak_strobe_t wrapped; | |||||
| public: | |||||
| /** Number of bytes in a default authentication size. */ | /** Number of bytes in a default authentication size. */ | ||||
| static const uint16_t DEFAULT_AUTH_SIZE = 16; | static const uint16_t DEFAULT_AUTH_SIZE = 16; | ||||
| @@ -56,18 +55,18 @@ public: | |||||
| client_or_server whoami, /**< Am I client or server? */ | client_or_server whoami, /**< Am I client or server? */ | ||||
| const kparams_s ¶ms = STROBE_256 /**< Strength parameters */ | const kparams_s ¶ms = STROBE_256 /**< Strength parameters */ | ||||
| ) NOEXCEPT { | ) NOEXCEPT { | ||||
| strobe_init(sp, ¶ms, description, whoami == CLIENT); | |||||
| strobe_init(wrapped, ¶ms, description, whoami == CLIENT); | |||||
| keyed = false; | keyed = false; | ||||
| } | } | ||||
| /** Securely destroy by overwriting state. */ | /** Securely destroy by overwriting state. */ | ||||
| inline ~Strobe() NOEXCEPT { strobe_destroy(sp); } | |||||
| inline ~Strobe() NOEXCEPT { strobe_destroy(wrapped); } | |||||
| /** Stir in fixed key, from a C++ block. */ | /** Stir in fixed key, from a C++ block. */ | ||||
| inline void fixed_key ( | inline void fixed_key ( | ||||
| const Block &data /**< The key. */ | const Block &data /**< The key. */ | ||||
| ) throw(ProtocolException) { | ) throw(ProtocolException) { | ||||
| strobe_fixed_key(sp, data.data(), data.size()); | |||||
| strobe_fixed_key(wrapped, data.data(), data.size()); | |||||
| keyed = true; | keyed = true; | ||||
| } | } | ||||
| @@ -82,7 +81,7 @@ public: | |||||
| inline void dh_key ( | inline void dh_key ( | ||||
| const Block &data /**< The key. */ | const Block &data /**< The key. */ | ||||
| ) throw(ProtocolException) { | ) throw(ProtocolException) { | ||||
| strobe_dh_key(sp, data.data(), data.size()); | |||||
| strobe_dh_key(wrapped, data.data(), data.size()); | |||||
| keyed = true; | keyed = true; | ||||
| } | } | ||||
| @@ -95,12 +94,12 @@ public: | |||||
| /** Stir in an explicit nonce. */ | /** Stir in an explicit nonce. */ | ||||
| inline void nonce(const Block &data) NOEXCEPT { | inline void nonce(const Block &data) NOEXCEPT { | ||||
| strobe_nonce(sp, data.data(), data.size()); | |||||
| strobe_nonce(wrapped, data.data(), data.size()); | |||||
| } | } | ||||
| /** Stir in data we sent as plaintext. NB This doesn't actually send anything. */ | /** Stir in data we sent as plaintext. NB This doesn't actually send anything. */ | ||||
| inline void send_plaintext(const Block &data) NOEXCEPT { | inline void send_plaintext(const Block &data) NOEXCEPT { | ||||
| strobe_plaintext(sp, data.data(), data.size(), true); | |||||
| strobe_plaintext(wrapped, data.data(), data.size(), true); | |||||
| } | } | ||||
| /** Stir in serializeable data we sent as plaintext. NB This doesn't actually send anything. */ | /** Stir in serializeable data we sent as plaintext. NB This doesn't actually send anything. */ | ||||
| @@ -110,12 +109,12 @@ public: | |||||
| /** Stir in data we received as plaintext. NB This doesn't actually receive anything. */ | /** Stir in data we received as plaintext. NB This doesn't actually receive anything. */ | ||||
| inline void recv_plaintext(const Block &data) NOEXCEPT { | inline void recv_plaintext(const Block &data) NOEXCEPT { | ||||
| strobe_plaintext(sp, data.data(), data.size(), false); | |||||
| strobe_plaintext(wrapped, data.data(), data.size(), false); | |||||
| } | } | ||||
| /** Stir in associated data. */ | /** Stir in associated data. */ | ||||
| inline void ad(const Block &data) { | inline void ad(const Block &data) { | ||||
| strobe_ad(sp, data.data(), data.size()); | |||||
| strobe_ad(wrapped, data.data(), data.size()); | |||||
| } | } | ||||
| /** Stir in associated serializable data. */ | /** Stir in associated serializable data. */ | ||||
| @@ -127,7 +126,7 @@ public: | |||||
| inline void encrypt_no_auth(Buffer out, const Block &data) throw(LengthException,ProtocolException) { | inline void encrypt_no_auth(Buffer out, const Block &data) throw(LengthException,ProtocolException) { | ||||
| if (!keyed) throw ProtocolException(); | if (!keyed) throw ProtocolException(); | ||||
| if (out.size() != data.size()) throw LengthException(); | if (out.size() != data.size()) throw LengthException(); | ||||
| strobe_encrypt(sp, out.data(), data.data(), data.size()); | |||||
| strobe_encrypt(wrapped, out.data(), data.data(), data.size()); | |||||
| } | } | ||||
| /** Encrypt, without appending authentication data */ | /** Encrypt, without appending authentication data */ | ||||
| @@ -144,7 +143,7 @@ public: | |||||
| inline void decrypt_no_auth(Buffer out, const Block &data) throw(LengthException,ProtocolException) { | inline void decrypt_no_auth(Buffer out, const Block &data) throw(LengthException,ProtocolException) { | ||||
| if (!keyed) throw ProtocolException(); | if (!keyed) throw ProtocolException(); | ||||
| if (out.size() != data.size()) throw LengthException(); | if (out.size() != data.size()) throw LengthException(); | ||||
| strobe_decrypt(sp, out.data(), data.data(), data.size()); | |||||
| strobe_decrypt(wrapped, out.data(), data.data(), data.size()); | |||||
| } | } | ||||
| /** Decrypt, without checking authentication data. */ | /** Decrypt, without checking authentication data. */ | ||||
| @@ -156,7 +155,7 @@ public: | |||||
| inline void produce_auth(Buffer out, bool even_though_unkeyed = false) throw(LengthException,ProtocolException) { | inline void produce_auth(Buffer out, bool even_though_unkeyed = false) throw(LengthException,ProtocolException) { | ||||
| if (!keyed && !even_though_unkeyed) throw ProtocolException(); | if (!keyed && !even_though_unkeyed) throw ProtocolException(); | ||||
| if (out.size() > STROBE_MAX_AUTH_BYTES) throw LengthException(); | if (out.size() > STROBE_MAX_AUTH_BYTES) throw LengthException(); | ||||
| strobe_produce_auth(sp, out.data(), out.size()); | |||||
| strobe_produce_auth(wrapped, out.data(), out.size()); | |||||
| } | } | ||||
| /** Produce an authenticator. */ | /** Produce an authenticator. */ | ||||
| @@ -207,12 +206,12 @@ public: | |||||
| /** Check authentication data */ | /** Check authentication data */ | ||||
| inline void verify_auth(const Block &auth) throw(LengthException,CryptoException) { | inline void verify_auth(const Block &auth) throw(LengthException,CryptoException) { | ||||
| if (auth.size() == 0 || auth.size() > STROBE_MAX_AUTH_BYTES) throw LengthException(); | if (auth.size() == 0 || auth.size() > STROBE_MAX_AUTH_BYTES) throw LengthException(); | ||||
| if (strobe_verify_auth(sp, auth.data(), auth.size()) != DECAF_SUCCESS) throw CryptoException(); | |||||
| if (strobe_verify_auth(wrapped, auth.data(), auth.size()) != DECAF_SUCCESS) throw CryptoException(); | |||||
| } | } | ||||
| /** Fill pseudorandom data into a buffer */ | /** Fill pseudorandom data into a buffer */ | ||||
| inline void prng(Buffer out) NOEXCEPT { | inline void prng(Buffer out) NOEXCEPT { | ||||
| (void)strobe_prng(sp, out.data(), out.size()); | |||||
| (void)strobe_prng(wrapped, out.data(), out.size()); | |||||
| } | } | ||||
| /** Return pseudorandom data */ | /** Return pseudorandom data */ | ||||
| @@ -225,7 +224,7 @@ public: | |||||
| */ | */ | ||||
| inline void respec(const kparams_s ¶ms) throw(ProtocolException) { | inline void respec(const kparams_s ¶ms) throw(ProtocolException) { | ||||
| if (!keyed) throw(ProtocolException()); | if (!keyed) throw(ProtocolException()); | ||||
| strobe_respec(sp, ¶ms); | |||||
| strobe_respec(wrapped, ¶ms); | |||||
| } | } | ||||
| private: | private: | ||||