Browse Source
fix most of SUPERCOP stuff. However, the results of `make bat` still are not portable because the generated tables use arch specific field element layout
master
Mike Hamburg
9 years ago
5 changed files with 51 additions and 22 deletions
Unified View
Diff Options
-
+4 -4Makefile
-
+1 -1src/bat/api_sign.h
-
+5 -11src/bat/dh.c
-
+4 -6src/bat/sign.c
-
+37 -0test/test_decaf.cxx
+ 4
- 4
Makefile
View File
| @@ -75,7 +75,7 @@ endif | |||||
| BENCHCOMPONENTS = build/bench.o build/shake.o | BENCHCOMPONENTS = build/bench.o build/shake.o | ||||
| BATBASE=ed448goldilocks-decaf-bats-$(TODAY) | |||||
| BATBASE=ed448goldilocks_decaf_bats_$(TODAY) | |||||
| BATNAME=build/$(BATBASE) | BATNAME=build/$(BATBASE) | ||||
| all: lib build/test build/bench build/shakesum | all: lib build/test build/bench build/shakesum | ||||
| @@ -159,13 +159,13 @@ doc: Doxyfile doc/timestamp include/*.h src/*.c src/include/*.h src/$(FIELD)/$(A | |||||
| bat: $(BATNAME) | bat: $(BATNAME) | ||||
| $(BATNAME): include/* src/* src/*/* test/batarch.map | |||||
| $(BATNAME): include/* src/* src/*/* test/batarch.map build/decaf_tables.c # TODO tables some other way | |||||
| rm -fr $@ | rm -fr $@ | ||||
| for prim in dh sign; do \ | for prim in dh sign; do \ | ||||
| targ="$@/crypto_$$prim/ed448goldilocks-decaf"; \ | |||||
| targ="$@/crypto_$$prim/ed448goldilocks_decaf"; \ | |||||
| (while read arch where; do \ | (while read arch where; do \ | ||||
| mkdir -p $$targ/`basename $$arch`; \ | mkdir -p $$targ/`basename $$arch`; \ | ||||
| cp include/*.h src/*.c src/include/*.h src/bat/$$prim.c src/p448/$$where/*.c src/p448/$$where/*.h src/p448/*.c src/p448/*.h $$targ/`basename $$arch`; \ | |||||
| cp include/*.h build/decaf_tables.c src/decaf_fast.c src/decaf_crypto.c src/shake.c src/include/*.h src/bat/$$prim.c src/p448/$$where/*.c src/p448/$$where/*.h src/p448/*.c src/p448/*.h $$targ/`basename $$arch`; \ | |||||
| cp src/bat/api_$$prim.h $$targ/`basename $$arch`/api.h; \ | cp src/bat/api_$$prim.h $$targ/`basename $$arch`/api.h; \ | ||||
| perl -p -i -e 's/SYSNAME/'`basename $(BATNAME)`_`basename $$arch`'/g' $$targ/`basename $$arch`/api.h; \ | perl -p -i -e 's/SYSNAME/'`basename $(BATNAME)`_`basename $$arch`'/g' $$targ/`basename $$arch`/api.h; \ | ||||
| perl -p -i -e 's/__TODAY__/'$(TODAY)'/g' $$targ/`basename $$arch`/api.h; \ | perl -p -i -e 's/__TODAY__/'$(TODAY)'/g' $$targ/`basename $$arch`/api.h; \ | ||||
+ 1
- 1
src/bat/api_sign.h
View File
| @@ -8,7 +8,7 @@ | |||||
| */ | */ | ||||
| #include <string.h> | #include <string.h> | ||||
| #include "goldilocks.h" | |||||
| #include "decaf_crypto.h" | |||||
| #define PUBLICKEY_BYTES (sizeof(decaf_448_public_key_t)) | #define PUBLICKEY_BYTES (sizeof(decaf_448_public_key_t)) | ||||
| #define SECRETKEY_BYTES (sizeof(decaf_448_private_key_t)) | #define SECRETKEY_BYTES (sizeof(decaf_448_private_key_t)) | ||||
+ 5
- 11
src/bat/dh.c
View File
| @@ -14,16 +14,13 @@ | |||||
| #include "randombytes.h" | #include "randombytes.h" | ||||
| int crypto_dh_keypair ( | int crypto_dh_keypair ( | ||||
| unsigned char pk[SECRETKEY_BYTES], | |||||
| unsigned char sk[PUBLICKEY_BYTES] | |||||
| unsigned char pk[PUBLICKEY_BYTES], | |||||
| unsigned char sk[SECRETKEY_BYTES] | |||||
| ) { | ) { | ||||
| decaf_448_symmetric_key_t proto; | decaf_448_symmetric_key_t proto; | ||||
| randombytes(proto,sizeof(proto)); | randombytes(proto,sizeof(proto)); | ||||
| decaf_448_derive_private_key((decaf_448_private_key_s *)sk,proto); | decaf_448_derive_private_key((decaf_448_private_key_s *)sk,proto); | ||||
| decaf_448_private_to_public( | |||||
| (decaf_448_public_key_s *)pk, | |||||
| (decaf_448_private_key_s *)sk | |||||
| ); | |||||
| decaf_448_private_to_public(pk,(decaf_448_private_key_s *)sk); | |||||
| return 0; | return 0; | ||||
| } | } | ||||
| @@ -32,10 +29,7 @@ int crypto_dh ( | |||||
| const unsigned char pk[PUBLICKEY_BYTES], | const unsigned char pk[PUBLICKEY_BYTES], | ||||
| const unsigned char sk[SECRETKEY_BYTES] | const unsigned char sk[SECRETKEY_BYTES] | ||||
| ) { | ) { | ||||
| return !decaf_448_shared_secret ( | |||||
| s, | |||||
| SHAREDSECRET_BYTES, | |||||
| (const decaf_448_private_key_s *)sk, | |||||
| (const decaf_448_public_key_s *)pk | |||||
| return !decaf_448_shared_secret (s,SHAREDSECRET_BYTES, | |||||
| (const decaf_448_private_key_s *)sk, pk | |||||
| ); | ); | ||||
| } | } | ||||
+ 4
- 6
src/bat/sign.c
View File
| @@ -13,14 +13,13 @@ | |||||
| #include "crypto_sign.h" | #include "crypto_sign.h" | ||||
| int crypto_sign_keypair ( | int crypto_sign_keypair ( | ||||
| unsigned char pk[SECRETKEY_BYTES], | |||||
| unsigned char sk[PUBLICKEY_BYTES] | |||||
| unsigned char pk[PUBLICKEY_BYTES], | |||||
| unsigned char sk[SECRETKEY_BYTES] | |||||
| ) { | ) { | ||||
| decaf_448_symmetric_key_t proto; | decaf_448_symmetric_key_t proto; | ||||
| randombytes(proto,sizeof(proto)); | randombytes(proto,sizeof(proto)); | ||||
| decaf_448_derive_private_key((decaf_448_private_key_s *)sk,proto); | decaf_448_derive_private_key((decaf_448_private_key_s *)sk,proto); | ||||
| decaf_448_private_to_public( | |||||
| (decaf_448_public_key_s *)pk, | |||||
| decaf_448_private_to_public(pk, | |||||
| (decaf_448_private_key_s *)sk | (decaf_448_private_key_s *)sk | ||||
| ); | ); | ||||
| return 0; | return 0; | ||||
| @@ -53,8 +52,7 @@ int crypto_sign_open ( | |||||
| const unsigned char pk[PUBLICKEY_BYTES] | const unsigned char pk[PUBLICKEY_BYTES] | ||||
| ) { | ) { | ||||
| int ret = decaf_448_verify( | int ret = decaf_448_verify( | ||||
| sm, | |||||
| (const struct goldilocks_public_key_t *)pk, | |||||
| sm,pk, | |||||
| sm + SIGNATURE_BYTES, smlen - SIGNATURE_BYTES | sm + SIGNATURE_BYTES, smlen - SIGNATURE_BYTES | ||||
| ); | ); | ||||
| if (ret) { | if (ret) { | ||||
+ 37
- 0
test/test_decaf.cxx
View File
| @@ -11,6 +11,7 @@ | |||||
| #include "decaf.hxx" | #include "decaf.hxx" | ||||
| #include "shake.hxx" | #include "shake.hxx" | ||||
| #include "decaf_crypto.h" | |||||
| #include <stdio.h> | #include <stdio.h> | ||||
| @@ -196,11 +197,47 @@ static void test_ec() { | |||||
| }; // template<decaf::GroupId GROUP> | }; // template<decaf::GroupId GROUP> | ||||
| static void test_decaf() { | |||||
| Test test("Sample crypto"); | |||||
| decaf::SpongeRng rng(decaf::Block("test_decaf")); | |||||
| decaf_448_symmetric_key_t proto1,proto2; | |||||
| decaf_448_private_key_t s1,s2; | |||||
| decaf_448_public_key_t p1,p2; | |||||
| decaf_448_signature_t sig; | |||||
| unsigned char shared1[1234],shared2[1234]; | |||||
| const char *message = "Hello, world!"; | |||||
| for (int i=0; i<NTESTS && test.passing_now; i++) { | |||||
| rng.read(decaf::TmpBuffer(proto1,sizeof(proto1))); | |||||
| rng.read(decaf::TmpBuffer(proto2,sizeof(proto2))); | |||||
| decaf_448_derive_private_key(s1,proto1); | |||||
| decaf_448_private_to_public(p1,s1); | |||||
| decaf_448_derive_private_key(s2,proto2); | |||||
| decaf_448_private_to_public(p2,s2); | |||||
| if (!decaf_448_shared_secret (shared1,sizeof(shared1),s1,p2)) { | |||||
| test.fail(); printf("Fail ss12\n"); | |||||
| } | |||||
| if (!decaf_448_shared_secret (shared2,sizeof(shared2),s2,p1)) { | |||||
| test.fail(); printf("Fail ss21\n"); | |||||
| } | |||||
| if (memcmp(shared1,shared2,sizeof(shared1))) { | |||||
| test.fail(); printf("Fail ss21 == ss12\n"); | |||||
| } | |||||
| decaf_448_sign (sig,s1,(const unsigned char *)message,strlen(message)); | |||||
| if (!decaf_448_verify (sig,p1,(const unsigned char *)message,strlen(message))) { | |||||
| test.fail(); printf("Fail sig ver\n"); | |||||
| } | |||||
| } | |||||
| } | |||||
| int main(int argc, char **argv) { | int main(int argc, char **argv) { | ||||
| (void) argc; (void) argv; | (void) argc; (void) argv; | ||||
| Tests<decaf::Ed448>::test_arithmetic(); | Tests<decaf::Ed448>::test_arithmetic(); | ||||
| Tests<decaf::Ed448>::test_ec(); | Tests<decaf::Ed448>::test_ec(); | ||||
| test_decaf(); | |||||
| if (passing) printf("Passed all tests.\n"); | if (passing) printf("Passed all tests.\n"); | ||||