jmg
/
ed448goldilocks
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

change __attribute__((nonnull(list of pointers))) to __attribute__((nonnull))

master
Michael Hamburg 9 years ago
parent
0a043c34ec
commit
1f54f5c8ed
6 changed files with 80 additions and 86 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +8
    -8
      src/per_curve/crypto.tmpl.h
  2. +40
    -40
      src/per_curve/decaf.tmpl.h
  3. +3
    -9
      src/public_include/decaf/common.h
  4. +12
    -12
      src/public_include/decaf/shake.h
  5. +3
    -3
      src/public_include/decaf/spongerng.h
  6. +14
    -14
      src/public_include/decaf/strobe.h

+ 8
- 8
src/per_curve/crypto.tmpl.h View File

@@ -49,14 +49,14 @@ typedef struct {
void $(c_ns)_derive_private_key ( void $(c_ns)_derive_private_key (
$(c_ns)_private_key_t priv, $(c_ns)_private_key_t priv,
const $(c_ns)_symmetric_key_t proto const $(c_ns)_symmetric_key_t proto
) NONNULL2 API_VIS;
) NONNULL API_VIS;


/** /**
* Destroy a private key. * Destroy a private key.
*/ */
void $(c_ns)_destroy_private_key ( void $(c_ns)_destroy_private_key (
$(c_ns)_private_key_t priv $(c_ns)_private_key_t priv
) NONNULL1 API_VIS;
) NONNULL API_VIS;


/** /**
* Convert a private key to a public one. * Convert a private key to a public one.
@@ -66,7 +66,7 @@ void $(c_ns)_destroy_private_key (
void $(c_ns)_private_to_public ( void $(c_ns)_private_to_public (
$(c_ns)_public_key_t pub, $(c_ns)_public_key_t pub,
const $(c_ns)_private_key_t priv const $(c_ns)_private_key_t priv
) NONNULL2 API_VIS;
) NONNULL API_VIS;
/** /**
* Compute a Diffie-Hellman shared secret. * Compute a Diffie-Hellman shared secret.
@@ -90,7 +90,7 @@ $(c_ns)_shared_secret (
const $(c_ns)_private_key_t my_privkey, const $(c_ns)_private_key_t my_privkey,
const $(c_ns)_public_key_t your_pubkey, const $(c_ns)_public_key_t your_pubkey,
int me_first int me_first
) NONNULL134 WARN_UNUSED API_VIS;
) NONNULL WARN_UNUSED API_VIS;
/** /**
* Sign a message from a STROBE context. * Sign a message from a STROBE context.
@@ -104,7 +104,7 @@ $(c_ns)_sign_strobe (
keccak_strobe_t strobe, keccak_strobe_t strobe,
$(c_ns)_signature_t sig, $(c_ns)_signature_t sig,
const $(c_ns)_private_key_t priv const $(c_ns)_private_key_t priv
) NONNULL3 API_VIS;
) NONNULL API_VIS;


/** /**
* Sign a message. * Sign a message.
@@ -120,7 +120,7 @@ $(c_ns)_sign (
const $(c_ns)_private_key_t priv, const $(c_ns)_private_key_t priv,
const unsigned char *message, const unsigned char *message,
size_t message_len size_t message_len
) NONNULL3 API_VIS;
) NONNULL API_VIS;


/** /**
* Verify a signed message from its STROBE context. * Verify a signed message from its STROBE context.
@@ -137,7 +137,7 @@ $(c_ns)_verify_strobe (
keccak_strobe_t strobe, keccak_strobe_t strobe,
const $(c_ns)_signature_t sig, const $(c_ns)_signature_t sig,
const $(c_ns)_public_key_t pub const $(c_ns)_public_key_t pub
) NONNULL3 API_VIS WARN_UNUSED;
) NONNULL API_VIS WARN_UNUSED;


/** /**
* Verify a signed message. * Verify a signed message.
@@ -156,7 +156,7 @@ $(c_ns)_verify (
const $(c_ns)_public_key_t pub, const $(c_ns)_public_key_t pub,
const unsigned char *message, const unsigned char *message,
size_t message_len size_t message_len
) NONNULL3 API_VIS WARN_UNUSED;
) NONNULL API_VIS WARN_UNUSED;


#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */


+ 40
- 40
src/per_curve/decaf.tmpl.h View File

@@ -93,7 +93,7 @@ extern const struct $(c_ns)_precomputed_s *$(c_ns)_precomputed_base API_VIS;
decaf_error_t $(c_ns)_scalar_decode ( decaf_error_t $(c_ns)_scalar_decode (
$(c_ns)_scalar_t out, $(c_ns)_scalar_t out,
const unsigned char ser[$(C_NS)_SCALAR_BYTES] const unsigned char ser[$(C_NS)_SCALAR_BYTES]
) API_VIS WARN_UNUSED NONNULL2 NOINLINE;
) API_VIS WARN_UNUSED NONNULL NOINLINE;


/** /**
* @brief Read a scalar from wire format or from bytes. Reduces mod * @brief Read a scalar from wire format or from bytes. Reduces mod
@@ -107,7 +107,7 @@ void $(c_ns)_scalar_decode_long (
$(c_ns)_scalar_t out, $(c_ns)_scalar_t out,
const unsigned char *ser, const unsigned char *ser,
size_t ser_len size_t ser_len
) API_VIS NONNULL2 NOINLINE;
) API_VIS NONNULL NOINLINE;
/** /**
* @brief Serialize a scalar to wire format. * @brief Serialize a scalar to wire format.
@@ -118,7 +118,7 @@ void $(c_ns)_scalar_decode_long (
void $(c_ns)_scalar_encode ( void $(c_ns)_scalar_encode (
unsigned char ser[$(C_NS)_SCALAR_BYTES], unsigned char ser[$(C_NS)_SCALAR_BYTES],
const $(c_ns)_scalar_t s const $(c_ns)_scalar_t s
) API_VIS NONNULL2 NOINLINE NOINLINE;
) API_VIS NONNULL NOINLINE NOINLINE;
/** /**
* @brief Add two scalars. The scalars may use the same memory. * @brief Add two scalars. The scalars may use the same memory.
@@ -130,7 +130,7 @@ void $(c_ns)_scalar_add (
$(c_ns)_scalar_t out, $(c_ns)_scalar_t out,
const $(c_ns)_scalar_t a, const $(c_ns)_scalar_t a,
const $(c_ns)_scalar_t b const $(c_ns)_scalar_t b
) API_VIS NONNULL3 NOINLINE;
) API_VIS NONNULL NOINLINE;


/** /**
* @brief Compare two scalars. * @brief Compare two scalars.
@@ -142,7 +142,7 @@ void $(c_ns)_scalar_add (
decaf_bool_t $(c_ns)_scalar_eq ( decaf_bool_t $(c_ns)_scalar_eq (
const $(c_ns)_scalar_t a, const $(c_ns)_scalar_t a,
const $(c_ns)_scalar_t b const $(c_ns)_scalar_t b
) API_VIS WARN_UNUSED NONNULL2 NOINLINE;
) API_VIS WARN_UNUSED NONNULL NOINLINE;


/** /**
* @brief Subtract two scalars. The scalars may use the same memory. * @brief Subtract two scalars. The scalars may use the same memory.
@@ -154,7 +154,7 @@ void $(c_ns)_scalar_sub (
$(c_ns)_scalar_t out, $(c_ns)_scalar_t out,
const $(c_ns)_scalar_t a, const $(c_ns)_scalar_t a,
const $(c_ns)_scalar_t b const $(c_ns)_scalar_t b
) API_VIS NONNULL3 NOINLINE;
) API_VIS NONNULL NOINLINE;


/** /**
* @brief Multiply two scalars. The scalars may use the same memory. * @brief Multiply two scalars. The scalars may use the same memory.
@@ -166,7 +166,7 @@ void $(c_ns)_scalar_mul (
$(c_ns)_scalar_t out, $(c_ns)_scalar_t out,
const $(c_ns)_scalar_t a, const $(c_ns)_scalar_t a,
const $(c_ns)_scalar_t b const $(c_ns)_scalar_t b
) API_VIS NONNULL3 NOINLINE;
) API_VIS NONNULL NOINLINE;
/** /**
* @brief Halve a scalar. The scalars may use the same memory. * @brief Halve a scalar. The scalars may use the same memory.
@@ -176,7 +176,7 @@ void $(c_ns)_scalar_mul (
void $(c_ns)_scalar_halve ( void $(c_ns)_scalar_halve (
$(c_ns)_scalar_t out, $(c_ns)_scalar_t out,
const $(c_ns)_scalar_t a const $(c_ns)_scalar_t a
) API_VIS NONNULL2 NOINLINE;
) API_VIS NONNULL NOINLINE;


/** /**
* @brief Invert a scalar. When passed zero, return 0. The input and output may alias. * @brief Invert a scalar. When passed zero, return 0. The input and output may alias.
@@ -187,7 +187,7 @@ void $(c_ns)_scalar_halve (
decaf_error_t $(c_ns)_scalar_invert ( decaf_error_t $(c_ns)_scalar_invert (
$(c_ns)_scalar_t out, $(c_ns)_scalar_t out,
const $(c_ns)_scalar_t a const $(c_ns)_scalar_t a
) API_VIS WARN_UNUSED NONNULL2 NOINLINE;
) API_VIS WARN_UNUSED NONNULL NOINLINE;


/** /**
* @brief Copy a scalar. The scalars may use the same memory, in which * @brief Copy a scalar. The scalars may use the same memory, in which
@@ -195,7 +195,7 @@ decaf_error_t $(c_ns)_scalar_invert (
* @param [in] a A scalar. * @param [in] a A scalar.
* @param [out] out Will become a copy of a. * @param [out] out Will become a copy of a.
*/ */
static inline void NONNULL2 $(c_ns)_scalar_copy (
static inline void NONNULL $(c_ns)_scalar_copy (
$(c_ns)_scalar_t out, $(c_ns)_scalar_t out,
const $(c_ns)_scalar_t a const $(c_ns)_scalar_t a
) { ) {
@@ -210,7 +210,7 @@ static inline void NONNULL2 $(c_ns)_scalar_copy (
void $(c_ns)_scalar_set_unsigned ( void $(c_ns)_scalar_set_unsigned (
$(c_ns)_scalar_t out, $(c_ns)_scalar_t out,
uint64_t a uint64_t a
) API_VIS NONNULL1;
) API_VIS NONNULL;


/** /**
* @brief Encode a point as a sequence of bytes. * @brief Encode a point as a sequence of bytes.
@@ -221,7 +221,7 @@ void $(c_ns)_scalar_set_unsigned (
void $(c_ns)_point_encode ( void $(c_ns)_point_encode (
uint8_t ser[$(C_NS)_SER_BYTES], uint8_t ser[$(C_NS)_SER_BYTES],
const $(c_ns)_point_t pt const $(c_ns)_point_t pt
) API_VIS NONNULL2 NOINLINE;
) API_VIS NONNULL NOINLINE;


/** /**
* @brief Decode a point from a sequence of bytes. * @brief Decode a point from a sequence of bytes.
@@ -241,7 +241,7 @@ decaf_error_t $(c_ns)_point_decode (
$(c_ns)_point_t pt, $(c_ns)_point_t pt,
const uint8_t ser[$(C_NS)_SER_BYTES], const uint8_t ser[$(C_NS)_SER_BYTES],
decaf_bool_t allow_identity decaf_bool_t allow_identity
) API_VIS WARN_UNUSED NONNULL2 NOINLINE;
) API_VIS WARN_UNUSED NONNULL NOINLINE;


/** /**
* @brief Copy a point. The input and output may alias, * @brief Copy a point. The input and output may alias,
@@ -250,7 +250,7 @@ decaf_error_t $(c_ns)_point_decode (
* @param [out] a A copy of the point. * @param [out] a A copy of the point.
* @param [in] b Any point. * @param [in] b Any point.
*/ */
static inline void NONNULL2 $(c_ns)_point_copy (
static inline void NONNULL $(c_ns)_point_copy (
$(c_ns)_point_t a, $(c_ns)_point_t a,
const $(c_ns)_point_t b const $(c_ns)_point_t b
) { ) {
@@ -269,7 +269,7 @@ static inline void NONNULL2 $(c_ns)_point_copy (
decaf_bool_t $(c_ns)_point_eq ( decaf_bool_t $(c_ns)_point_eq (
const $(c_ns)_point_t a, const $(c_ns)_point_t a,
const $(c_ns)_point_t b const $(c_ns)_point_t b
) API_VIS WARN_UNUSED NONNULL2 NOINLINE;
) API_VIS WARN_UNUSED NONNULL NOINLINE;


/** /**
* @brief Add two points to produce a third point. The * @brief Add two points to produce a third point. The
@@ -284,7 +284,7 @@ void $(c_ns)_point_add (
$(c_ns)_point_t sum, $(c_ns)_point_t sum,
const $(c_ns)_point_t a, const $(c_ns)_point_t a,
const $(c_ns)_point_t b const $(c_ns)_point_t b
) API_VIS NONNULL3;
) API_VIS NONNULL;


/** /**
* @brief Double a point. Equivalent to * @brief Double a point. Equivalent to
@@ -296,7 +296,7 @@ void $(c_ns)_point_add (
void $(c_ns)_point_double ( void $(c_ns)_point_double (
$(c_ns)_point_t two_a, $(c_ns)_point_t two_a,
const $(c_ns)_point_t a const $(c_ns)_point_t a
) API_VIS NONNULL2;
) API_VIS NONNULL;


/** /**
* @brief Subtract two points to produce a third point. The * @brief Subtract two points to produce a third point. The
@@ -311,7 +311,7 @@ void $(c_ns)_point_sub (
$(c_ns)_point_t diff, $(c_ns)_point_t diff,
const $(c_ns)_point_t a, const $(c_ns)_point_t a,
const $(c_ns)_point_t b const $(c_ns)_point_t b
) API_VIS NONNULL3;
) API_VIS NONNULL;
/** /**
* @brief Negate a point to produce another point. The input * @brief Negate a point to produce another point. The input
@@ -323,7 +323,7 @@ void $(c_ns)_point_sub (
void $(c_ns)_point_negate ( void $(c_ns)_point_negate (
$(c_ns)_point_t nega, $(c_ns)_point_t nega,
const $(c_ns)_point_t a const $(c_ns)_point_t a
) API_VIS NONNULL2;
) API_VIS NONNULL;


/** /**
* @brief Multiply a base point by a scalar: scaled = scalar*base. * @brief Multiply a base point by a scalar: scaled = scalar*base.
@@ -336,7 +336,7 @@ void $(c_ns)_point_scalarmul (
$(c_ns)_point_t scaled, $(c_ns)_point_t scaled,
const $(c_ns)_point_t base, const $(c_ns)_point_t base,
const $(c_ns)_scalar_t scalar const $(c_ns)_scalar_t scalar
) API_VIS NONNULL3 NOINLINE;
) API_VIS NONNULL NOINLINE;


/** /**
* @brief Multiply a base point by a scalar: scaled = scalar*base. * @brief Multiply a base point by a scalar: scaled = scalar*base.
@@ -361,7 +361,7 @@ decaf_error_t $(c_ns)_direct_scalarmul (
const $(c_ns)_scalar_t scalar, const $(c_ns)_scalar_t scalar,
decaf_bool_t allow_identity, decaf_bool_t allow_identity,
decaf_bool_t short_circuit decaf_bool_t short_circuit
) API_VIS NONNULL3 WARN_UNUSED NOINLINE;
) API_VIS NONNULL WARN_UNUSED NOINLINE;


/** /**
* @brief RFC 7748 Diffie-Hellman scalarmul. This function uses a different * @brief RFC 7748 Diffie-Hellman scalarmul. This function uses a different
@@ -379,7 +379,7 @@ decaf_error_t $(c_ns)_x_direct_scalarmul ( /* TODO: rename? */
uint8_t out[X$(gf_shortname)_PUBLIC_BYTES], uint8_t out[X$(gf_shortname)_PUBLIC_BYTES],
const uint8_t base[X$(gf_shortname)_PUBLIC_BYTES], const uint8_t base[X$(gf_shortname)_PUBLIC_BYTES],
const uint8_t scalar[X$(gf_shortname)_PRIVATE_BYTES] const uint8_t scalar[X$(gf_shortname)_PRIVATE_BYTES]
) API_VIS NONNULL3 WARN_UNUSED NOINLINE;
) API_VIS NONNULL WARN_UNUSED NOINLINE;


/** The base point for X$(gf_shortname) Diffie-Hellman */ /** The base point for X$(gf_shortname) Diffie-Hellman */
extern const uint8_t $(c_ns)_x_base_point[X$(gf_shortname)_PUBLIC_BYTES] API_VIS; extern const uint8_t $(c_ns)_x_base_point[X$(gf_shortname)_PUBLIC_BYTES] API_VIS;
@@ -394,7 +394,7 @@ extern const uint8_t $(c_ns)_x_base_point[X$(gf_shortname)_PUBLIC_BYTES] API_VIS
void $(c_ns)_x_base_scalarmul ( void $(c_ns)_x_base_scalarmul (
uint8_t out[X$(gf_shortname)_PUBLIC_BYTES], uint8_t out[X$(gf_shortname)_PUBLIC_BYTES],
const uint8_t scalar[X$(gf_shortname)_PRIVATE_BYTES] const uint8_t scalar[X$(gf_shortname)_PRIVATE_BYTES]
) API_VIS NONNULL2 NOINLINE;
) API_VIS NONNULL NOINLINE;


/** /**
* @brief Precompute a table for fast scalar multiplication. * @brief Precompute a table for fast scalar multiplication.
@@ -408,7 +408,7 @@ void $(c_ns)_x_base_scalarmul (
void $(c_ns)_precompute ( void $(c_ns)_precompute (
$(c_ns)_precomputed_s *a, $(c_ns)_precomputed_s *a,
const $(c_ns)_point_t b const $(c_ns)_point_t b
) API_VIS NONNULL2 NOINLINE;
) API_VIS NONNULL NOINLINE;


/** /**
* @brief Multiply a precomputed base point by a scalar: * @brief Multiply a precomputed base point by a scalar:
@@ -425,7 +425,7 @@ void $(c_ns)_precomputed_scalarmul (
$(c_ns)_point_t scaled, $(c_ns)_point_t scaled,
const $(c_ns)_precomputed_s *base, const $(c_ns)_precomputed_s *base,
const $(c_ns)_scalar_t scalar const $(c_ns)_scalar_t scalar
) API_VIS NONNULL3 NOINLINE;
) API_VIS NONNULL NOINLINE;


/** /**
* @brief Multiply two base points by two scalars: * @brief Multiply two base points by two scalars:
@@ -446,7 +446,7 @@ void $(c_ns)_point_double_scalarmul (
const $(c_ns)_scalar_t scalar1, const $(c_ns)_scalar_t scalar1,
const $(c_ns)_point_t base2, const $(c_ns)_point_t base2,
const $(c_ns)_scalar_t scalar2 const $(c_ns)_scalar_t scalar2
) API_VIS NONNULL5 NOINLINE;
) API_VIS NONNULL NOINLINE;
/** /**
* Multiply one base point by two scalars: * Multiply one base point by two scalars:
@@ -469,7 +469,7 @@ void $(c_ns)_point_dual_scalarmul (
const $(c_ns)_point_t base1, const $(c_ns)_point_t base1,
const $(c_ns)_scalar_t scalar1, const $(c_ns)_scalar_t scalar1,
const $(c_ns)_scalar_t scalar2 const $(c_ns)_scalar_t scalar2
) API_VIS NONNULL5 NOINLINE;
) API_VIS NONNULL NOINLINE;


/** /**
* @brief Multiply two base points by two scalars: * @brief Multiply two base points by two scalars:
@@ -491,7 +491,7 @@ void $(c_ns)_base_double_scalarmul_non_secret (
const $(c_ns)_scalar_t scalar1, const $(c_ns)_scalar_t scalar1,
const $(c_ns)_point_t base2, const $(c_ns)_point_t base2,
const $(c_ns)_scalar_t scalar2 const $(c_ns)_scalar_t scalar2
) API_VIS NONNULL4 NOINLINE;
) API_VIS NONNULL NOINLINE;


/** /**
* @brief Constant-time decision between two points. If pick_b * @brief Constant-time decision between two points. If pick_b
@@ -507,7 +507,7 @@ void $(c_ns)_point_cond_sel (
const $(c_ns)_point_t a, const $(c_ns)_point_t a,
const $(c_ns)_point_t b, const $(c_ns)_point_t b,
decaf_word_t pick_b decaf_word_t pick_b
) API_VIS NONNULL3 NOINLINE;
) API_VIS NONNULL NOINLINE;


/** /**
* @brief Constant-time decision between two scalars. If pick_b * @brief Constant-time decision between two scalars. If pick_b
@@ -523,7 +523,7 @@ void $(c_ns)_scalar_cond_sel (
const $(c_ns)_scalar_t a, const $(c_ns)_scalar_t a,
const $(c_ns)_scalar_t b, const $(c_ns)_scalar_t b,
decaf_word_t pick_b decaf_word_t pick_b
) API_VIS NONNULL3 NOINLINE;
) API_VIS NONNULL NOINLINE;


/** /**
* @brief Test that a point is valid, for debugging purposes. * @brief Test that a point is valid, for debugging purposes.
@@ -534,7 +534,7 @@ void $(c_ns)_scalar_cond_sel (
*/ */
decaf_bool_t $(c_ns)_point_valid ( decaf_bool_t $(c_ns)_point_valid (
const $(c_ns)_point_t toTest const $(c_ns)_point_t toTest
) API_VIS WARN_UNUSED NONNULL1 NOINLINE;
) API_VIS WARN_UNUSED NONNULL NOINLINE;


/** /**
* @brief Torque a point, for debugging purposes. The output * @brief Torque a point, for debugging purposes. The output
@@ -546,7 +546,7 @@ decaf_bool_t $(c_ns)_point_valid (
void $(c_ns)_point_debugging_torque ( void $(c_ns)_point_debugging_torque (
$(c_ns)_point_t q, $(c_ns)_point_t q,
const $(c_ns)_point_t p const $(c_ns)_point_t p
) API_VIS NONNULL2 NOINLINE;
) API_VIS NONNULL NOINLINE;


/** /**
* @brief Projectively scale a point, for debugging purposes. * @brief Projectively scale a point, for debugging purposes.
@@ -561,7 +561,7 @@ void $(c_ns)_point_debugging_pscale (
$(c_ns)_point_t q, $(c_ns)_point_t q,
const $(c_ns)_point_t p, const $(c_ns)_point_t p,
const unsigned char factor[$(C_NS)_SER_BYTES] const unsigned char factor[$(C_NS)_SER_BYTES]
) API_VIS NONNULL2 NOINLINE;
) API_VIS NONNULL NOINLINE;


/** /**
* @brief Almost-Elligator-like hash to curve. * @brief Almost-Elligator-like hash to curve.
@@ -595,7 +595,7 @@ void
$(c_ns)_point_from_hash_nonuniform ( $(c_ns)_point_from_hash_nonuniform (
$(c_ns)_point_t pt, $(c_ns)_point_t pt,
const unsigned char hashed_data[$(C_NS)_SER_BYTES] const unsigned char hashed_data[$(C_NS)_SER_BYTES]
) API_VIS NONNULL2 NOINLINE;
) API_VIS NONNULL NOINLINE;


/** /**
* @brief Indifferentiable hash function encoding to curve. * @brief Indifferentiable hash function encoding to curve.
@@ -608,7 +608,7 @@ $(c_ns)_point_from_hash_nonuniform (
void $(c_ns)_point_from_hash_uniform ( void $(c_ns)_point_from_hash_uniform (
$(c_ns)_point_t pt, $(c_ns)_point_t pt,
const unsigned char hashed_data[2*$(C_NS)_SER_BYTES] const unsigned char hashed_data[2*$(C_NS)_SER_BYTES]
) API_VIS NONNULL2 NOINLINE;
) API_VIS NONNULL NOINLINE;


/** /**
* @brief Inverse of elligator-like hash to curve. * @brief Inverse of elligator-like hash to curve.
@@ -633,7 +633,7 @@ $(c_ns)_invert_elligator_nonuniform (
unsigned char recovered_hash[$(C_NS)_SER_BYTES], unsigned char recovered_hash[$(C_NS)_SER_BYTES],
const $(c_ns)_point_t pt, const $(c_ns)_point_t pt,
uint16_t which uint16_t which
) API_VIS NONNULL2 NOINLINE WARN_UNUSED;
) API_VIS NONNULL NOINLINE WARN_UNUSED;


/** /**
* @brief Inverse of elligator-like hash to curve. * @brief Inverse of elligator-like hash to curve.
@@ -658,14 +658,14 @@ $(c_ns)_invert_elligator_uniform (
unsigned char recovered_hash[2*$(C_NS)_SER_BYTES], unsigned char recovered_hash[2*$(C_NS)_SER_BYTES],
const $(c_ns)_point_t pt, const $(c_ns)_point_t pt,
uint16_t which uint16_t which
) API_VIS NONNULL2 NOINLINE WARN_UNUSED;
) API_VIS NONNULL NOINLINE WARN_UNUSED;


/** /**
* @brief Overwrite scalar with zeros. * @brief Overwrite scalar with zeros.
*/ */
void $(c_ns)_scalar_destroy ( void $(c_ns)_scalar_destroy (
$(c_ns)_scalar_t scalar $(c_ns)_scalar_t scalar
) NONNULL1 API_VIS;
) NONNULL API_VIS;


/** /**
* @brief Overwrite point with zeros. * @brief Overwrite point with zeros.
@@ -673,14 +673,14 @@ void $(c_ns)_scalar_destroy (
*/ */
void $(c_ns)_point_destroy ( void $(c_ns)_point_destroy (
$(c_ns)_point_t point $(c_ns)_point_t point
) NONNULL1 API_VIS;
) NONNULL API_VIS;


/** /**
* @brief Overwrite precomputed table with zeros. * @brief Overwrite precomputed table with zeros.
*/ */
void $(c_ns)_precomputed_destroy ( void $(c_ns)_precomputed_destroy (
$(c_ns)_precomputed_s *pre $(c_ns)_precomputed_s *pre
) NONNULL1 API_VIS;
) NONNULL API_VIS;


#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */


+ 3
- 9
src/public_include/decaf/common.h View File

@@ -27,13 +27,7 @@ extern "C" {
#define API_VIS __attribute__((visibility("default"))) #define API_VIS __attribute__((visibility("default")))
#define NOINLINE __attribute__((noinline)) #define NOINLINE __attribute__((noinline))
#define WARN_UNUSED __attribute__((warn_unused_result)) #define WARN_UNUSED __attribute__((warn_unused_result))
#define NONNULL1 __attribute__((nonnull(1)))
#define NONNULL2 __attribute__((nonnull(1,2)))
#define NONNULL3 __attribute__((nonnull(1,2,3)))
#define NONNULL13 __attribute__((nonnull(1,3)))
#define NONNULL134 __attribute__((nonnull(1,3,4)))
#define NONNULL4 __attribute__((nonnull(1,2,3,4)))
#define NONNULL5 __attribute__((nonnull(1,2,3,4,5)))
#define NONNULL __attribute__((nonnull))
#define INLINE inline __attribute__((always_inline)) #define INLINE inline __attribute__((always_inline))
#define UNUSED __attribute__((unused)) #define UNUSED __attribute__((unused))
/** @endcond */ /** @endcond */
@@ -101,14 +95,14 @@ decaf_successful(decaf_error_t e) {
void decaf_bzero ( void decaf_bzero (
void *data, void *data,
size_t size size_t size
) NONNULL1 API_VIS;
) NONNULL API_VIS;


/** Compare two buffers, returning DECAF_TRUE if they are equal. */ /** Compare two buffers, returning DECAF_TRUE if they are equal. */
decaf_bool_t decaf_memeq ( decaf_bool_t decaf_memeq (
const void *data1, const void *data1,
const void *data2, const void *data2,
size_t size size_t size
) NONNULL2 WARN_UNUSED API_VIS;
) NONNULL WARN_UNUSED API_VIS;
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */


+ 12
- 12
src/public_include/decaf/shake.h View File

@@ -116,46 +116,46 @@ void sponge_hash (
#define DECSHAKE(n) \ #define DECSHAKE(n) \
extern const struct kparams_s SHAKE##n##_params_s API_VIS; \ extern const struct kparams_s SHAKE##n##_params_s API_VIS; \
typedef struct shake##n##_ctx_s { keccak_sponge_t s; } shake##n##_ctx_t[1]; \ typedef struct shake##n##_ctx_s { keccak_sponge_t s; } shake##n##_ctx_t[1]; \
static inline void NONNULL1 shake##n##_init(shake##n##_ctx_t sponge) { \
static inline void NONNULL shake##n##_init(shake##n##_ctx_t sponge) { \
sponge_init(sponge->s, &SHAKE##n##_params_s); \ sponge_init(sponge->s, &SHAKE##n##_params_s); \
} \ } \
static inline void NONNULL1 shake##n##_gen_init(keccak_sponge_t sponge) { \
static inline void NONNULL shake##n##_gen_init(keccak_sponge_t sponge) { \
sponge_init(sponge, &SHAKE##n##_params_s); \ sponge_init(sponge, &SHAKE##n##_params_s); \
} \ } \
static inline void NONNULL2 shake##n##_update(shake##n##_ctx_t sponge, const uint8_t *in, size_t inlen ) { \
static inline void NONNULL shake##n##_update(shake##n##_ctx_t sponge, const uint8_t *in, size_t inlen ) { \
sha3_update(sponge->s, in, inlen); \ sha3_update(sponge->s, in, inlen); \
} \ } \
static inline void NONNULL2 shake##n##_final(shake##n##_ctx_t sponge, uint8_t *out, size_t outlen ) { \
static inline void NONNULL shake##n##_final(shake##n##_ctx_t sponge, uint8_t *out, size_t outlen ) { \
sha3_output(sponge->s, out, outlen); \ sha3_output(sponge->s, out, outlen); \
sponge_init(sponge->s, &SHAKE##n##_params_s); \ sponge_init(sponge->s, &SHAKE##n##_params_s); \
} \ } \
static inline void NONNULL13 shake##n##_hash(uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen) { \
static inline void NONNULL shake##n##_hash(uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen) { \
sponge_hash(in,inlen,out,outlen,&SHAKE##n##_params_s); \ sponge_hash(in,inlen,out,outlen,&SHAKE##n##_params_s); \
} \ } \
static inline void NONNULL1 shake##n##_destroy( shake##n##_ctx_t sponge ) { \
static inline void NONNULL shake##n##_destroy( shake##n##_ctx_t sponge ) { \
sponge_destroy(sponge->s); \ sponge_destroy(sponge->s); \
} }


#define DECSHA3(n) \ #define DECSHA3(n) \
extern const struct kparams_s SHA3_##n##_params_s API_VIS; \ extern const struct kparams_s SHA3_##n##_params_s API_VIS; \
typedef struct sha3_##n##_ctx_s { keccak_sponge_t s; } sha3_##n##_ctx_t[1]; \ typedef struct sha3_##n##_ctx_s { keccak_sponge_t s; } sha3_##n##_ctx_t[1]; \
static inline void NONNULL1 sha3_##n##_init(sha3_##n##_ctx_t sponge) { \
static inline void NONNULL sha3_##n##_init(sha3_##n##_ctx_t sponge) { \
sponge_init(sponge->s, &SHA3_##n##_params_s); \ sponge_init(sponge->s, &SHA3_##n##_params_s); \
} \ } \
static inline void NONNULL1 sha3_##n##_gen_init(keccak_sponge_t sponge) { \
static inline void NONNULL sha3_##n##_gen_init(keccak_sponge_t sponge) { \
sponge_init(sponge, &SHA3_##n##_params_s); \ sponge_init(sponge, &SHA3_##n##_params_s); \
} \ } \
static inline void NONNULL2 sha3_##n##_update(sha3_##n##_ctx_t sponge, const uint8_t *in, size_t inlen ) { \
static inline void NONNULL sha3_##n##_update(sha3_##n##_ctx_t sponge, const uint8_t *in, size_t inlen ) { \
sha3_update(sponge->s, in, inlen); \ sha3_update(sponge->s, in, inlen); \
} \ } \
static inline void NONNULL2 sha3_##n##_final(sha3_##n##_ctx_t sponge, uint8_t *out, size_t outlen ) { \
static inline void NONNULL sha3_##n##_final(sha3_##n##_ctx_t sponge, uint8_t *out, size_t outlen ) { \
sha3_output(sponge->s, out, outlen); \ sha3_output(sponge->s, out, outlen); \
sponge_init(sponge->s, &SHA3_##n##_params_s); \ sponge_init(sponge->s, &SHA3_##n##_params_s); \
} \ } \
static inline void NONNULL13 sha3_##n##_hash(uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen) { \
static inline void NONNULL sha3_##n##_hash(uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen) { \
sponge_hash(in,inlen,out,outlen,&SHA3_##n##_params_s); \ sponge_hash(in,inlen,out,outlen,&SHA3_##n##_params_s); \
} \ } \
static inline void NONNULL1 sha3_##n##_destroy(sha3_##n##_ctx_t sponge) { \
static inline void NONNULL sha3_##n##_destroy(sha3_##n##_ctx_t sponge) { \
sponge_destroy(sponge->s); \ sponge_destroy(sponge->s); \
} }
/** @endcond */ /** @endcond */


+ 3
- 3
src/public_include/decaf/spongerng.h View File

@@ -32,7 +32,7 @@ void spongerng_init_from_buffer (
const uint8_t *__restrict__ in, /**< [in] The initialization data. */ const uint8_t *__restrict__ in, /**< [in] The initialization data. */
size_t len, /**< [in] The length of the initialization data. */ size_t len, /**< [in] The length of the initialization data. */
int deterministic /**< [in] If zero, allow RNG to stir in nondeterministic data from RDRAND or RDTSC.*/ int deterministic /**< [in] If zero, allow RNG to stir in nondeterministic data from RDRAND or RDTSC.*/
) NONNULL2 API_VIS;
) NONNULL API_VIS;
/** /**
* @brief Initialize a sponge-based CSPRNG from a file. * @brief Initialize a sponge-based CSPRNG from a file.
@@ -45,7 +45,7 @@ decaf_error_t spongerng_init_from_file (
const char *file, /**< [in] A name of a file containing initial data. */ const char *file, /**< [in] A name of a file containing initial data. */
size_t len, /**< [in] The length of the initial data. Must be positive. */ size_t len, /**< [in] The length of the initial data. Must be positive. */
int deterministic /**< [in] If zero, allow RNG to stir in nondeterministic data from RDRAND or RDTSC. */ int deterministic /**< [in] If zero, allow RNG to stir in nondeterministic data from RDRAND or RDTSC. */
) NONNULL2 API_VIS WARN_UNUSED;
) NONNULL API_VIS WARN_UNUSED;


/** /**
* @brief Initialize a nondeterministic sponge-based CSPRNG from /dev/urandom. * @brief Initialize a nondeterministic sponge-based CSPRNG from /dev/urandom.
@@ -69,7 +69,7 @@ void spongerng_stir (
keccak_prng_t prng, /**< [out] The PRNG object. */ keccak_prng_t prng, /**< [out] The PRNG object. */
const uint8_t * __restrict__ in, /**< [in] The entropy data. */ const uint8_t * __restrict__ in, /**< [in] The entropy data. */
size_t len /**< [in] The length of the initial data. */ size_t len /**< [in] The length of the initial data. */
) NONNULL2 API_VIS;
) NONNULL API_VIS;
/** Securely destroy a sponge RNG object by overwriting it. */ /** Securely destroy a sponge RNG object by overwriting it. */
static INLINE UNUSED void static INLINE UNUSED void


+ 14
- 14
src/public_include/decaf/strobe.h View File

@@ -44,7 +44,7 @@ void strobe_init (
const struct kparams_s *params, /**< [in] Parameter set descriptor. */ const struct kparams_s *params, /**< [in] Parameter set descriptor. */
const char *proto, /**< [in] Unique identifier for the protocol. TODO: define namespaces for this */ const char *proto, /**< [in] Unique identifier for the protocol. TODO: define namespaces for this */
uint8_t am_client /**< [in] Nonzero if this party. */ uint8_t am_client /**< [in] Nonzero if this party. */
) NONNULL2 API_VIS;
) NONNULL API_VIS;


/** Run a transaction against a STROBE state. */ /** Run a transaction against a STROBE state. */
void strobe_transact ( void strobe_transact (
@@ -53,10 +53,10 @@ void strobe_transact (
const unsigned char *in, /**< [in] The input. */ const unsigned char *in, /**< [in] The input. */
size_t len, /**< [in] The length of the input/output. */ size_t len, /**< [in] The length of the input/output. */
uint32_t cw_flags /**< [in] The control word with flags. */ uint32_t cw_flags /**< [in] The control word with flags. */
) NONNULL1 API_VIS;
) __attribute__((nonnull(1))) API_VIS;


/** Record a message sent in plaintext */ /** Record a message sent in plaintext */
static INLINE UNUSED void strobe_plaintext (
static INLINE UNUSED NONNULL void strobe_plaintext (
keccak_strobe_t strobe, /**< [inout] The STROBE object */ keccak_strobe_t strobe, /**< [inout] The STROBE object */
const unsigned char *in, /**< [in] The message. */ const unsigned char *in, /**< [in] The message. */
uint16_t len, /**< [in] The length of the message. */ uint16_t len, /**< [in] The length of the message. */
@@ -64,7 +64,7 @@ static INLINE UNUSED void strobe_plaintext (
); );


/** Report authenticated data in strobe context. */ /** Report authenticated data in strobe context. */
static INLINE UNUSED void
static INLINE UNUSED NONNULL void
strobe_ad ( strobe_ad (
keccak_strobe_t strobe, /**< [inout] The strobe object. */ keccak_strobe_t strobe, /**< [inout] The strobe object. */
const unsigned char *in, /**< [in] The plaintext. */ const unsigned char *in, /**< [in] The plaintext. */
@@ -72,7 +72,7 @@ strobe_ad (
); );


/** Set nonce in strobe context. */ /** Set nonce in strobe context. */
static INLINE UNUSED void
static INLINE UNUSED NONNULL void
strobe_nonce ( strobe_nonce (
keccak_strobe_t strobe, /**< [inout] The initialized strobe object. */ keccak_strobe_t strobe, /**< [inout] The initialized strobe object. */
const unsigned char *in, /**< [in] The nonce. */ const unsigned char *in, /**< [in] The nonce. */
@@ -80,7 +80,7 @@ strobe_nonce (
); );


/** Set fixed key in strobe context. */ /** Set fixed key in strobe context. */
static INLINE UNUSED void
static INLINE UNUSED NONNULL void
strobe_fixed_key ( strobe_fixed_key (
keccak_strobe_t strobe, /**< [inout] The initialized strobe object. */ keccak_strobe_t strobe, /**< [inout] The initialized strobe object. */
const unsigned char *in, /**< [in] The key. */ const unsigned char *in, /**< [in] The key. */
@@ -88,7 +88,7 @@ strobe_fixed_key (
); );


/** Set Diffie-Hellman key in strobe context. */ /** Set Diffie-Hellman key in strobe context. */
static INLINE UNUSED void
static INLINE UNUSED NONNULL void
strobe_dh_key ( strobe_dh_key (
keccak_strobe_t strobe, /**< [inout] The initialized strobe object. */ keccak_strobe_t strobe, /**< [inout] The initialized strobe object. */
const unsigned char *in, /**< [in] The key. */ const unsigned char *in, /**< [in] The key. */
@@ -99,7 +99,7 @@ strobe_dh_key (
#define STROBE_MAX_AUTH_BYTES 32 #define STROBE_MAX_AUTH_BYTES 32
/** Produce an authenticator. */ /** Produce an authenticator. */
static INLINE UNUSED void
static INLINE UNUSED NONNULL void
strobe_produce_auth ( strobe_produce_auth (
keccak_strobe_t strobe, /**< [inout] The Strobe protocol context. */ keccak_strobe_t strobe, /**< [inout] The Strobe protocol context. */
unsigned char *out, /**< [out] The authenticator. */ unsigned char *out, /**< [out] The authenticator. */
@@ -116,13 +116,13 @@ decaf_error_t strobe_verify_auth (
keccak_strobe_t strobe, /**< [inout] The Strobe protocol context */ keccak_strobe_t strobe, /**< [inout] The Strobe protocol context */
const unsigned char *in, /**< [in] The authenticator */ const unsigned char *in, /**< [in] The authenticator */
uint16_t len /**< [in] The length, at most STROBE_MAX_AUTH_BYTES. */ uint16_t len /**< [in] The length, at most STROBE_MAX_AUTH_BYTES. */
) WARN_UNUSED NONNULL2 API_VIS;
) WARN_UNUSED NONNULL API_VIS;


/** /**
* @brief Encrypt bytes from in to out. * @brief Encrypt bytes from in to out.
* @warning Doesn't produce an auth tag. * @warning Doesn't produce an auth tag.
*/ */
static INLINE UNUSED void
static INLINE UNUSED NONNULL void
strobe_encrypt ( strobe_encrypt (
keccak_strobe_t strobe, /**< [inout] strobe The Strobe protocol context. */ keccak_strobe_t strobe, /**< [inout] strobe The Strobe protocol context. */
unsigned char *out, /**< [out] The ciphertext. */ unsigned char *out, /**< [out] The ciphertext. */
@@ -134,7 +134,7 @@ strobe_encrypt (
* Decrypt bytes from in to out. * Decrypt bytes from in to out.
* @warning Doesn't check an auth tag. * @warning Doesn't check an auth tag.
*/ */
static INLINE UNUSED void
static INLINE UNUSED NONNULL void
strobe_decrypt ( strobe_decrypt (
keccak_strobe_t strobe, /**< [inout] The Strobe protocol context. */ keccak_strobe_t strobe, /**< [inout] The Strobe protocol context. */
unsigned char *out, /**< [out] The plaintext. */ unsigned char *out, /**< [out] The plaintext. */
@@ -149,7 +149,7 @@ strobe_decrypt (
* refreshing forward secrecy! It's to replace things * refreshing forward secrecy! It's to replace things
* like TCP session hash. * like TCP session hash.
*/ */
static inline void strobe_prng (
static inline void NONNULL strobe_prng (
keccak_strobe_t strobe, /**< [inout] The Strobe protocol context */ keccak_strobe_t strobe, /**< [inout] The Strobe protocol context */
unsigned char *out, /**< [out] The output random data. */ unsigned char *out, /**< [out] The output random data. */
uint16_t len /**< The length. */ uint16_t len /**< The length. */
@@ -159,10 +159,10 @@ static inline void strobe_prng (
void strobe_respec ( void strobe_respec (
keccak_strobe_t strobe, /**< [inout] The initialized strobe context. */ keccak_strobe_t strobe, /**< [inout] The initialized strobe context. */
const struct kparams_s *params /**< [in] Strobe parameter descriptor. */ const struct kparams_s *params /**< [in] Strobe parameter descriptor. */
) NONNULL2 API_VIS;
) NONNULL API_VIS;


/** Securely destroy a STROBE object by overwriting it. */ /** Securely destroy a STROBE object by overwriting it. */
static INLINE UNUSED void
static INLINE UNUSED NONNULL void
strobe_destroy ( strobe_destroy (
keccak_strobe_t doomed /**< [in] The object to destroy. */ keccak_strobe_t doomed /**< [in] The object to destroy. */
); );


Write Preview
Loading…
Cancel
Save