make ED*_NO_CONTEXT actually a pointer

src/GENERATED/c/curve25519/eddsa.c

@@ -32,6 +32,11 @@
 #define EDDSA_USE_SIGMA_ISOGENY 1
 #define COFACTOR 8
 
+#if NO_CONTEXT
+const uint8_t NO_CONTEXT_POINTS_HERE = 0;
+const uint8_t * const ED25519_NO_CONTEXT = &NO_CONTEXT_POINTS_HERE;
+#endif
+
 /* EDDSA_BASE_POINT_RATIO = 1 or 2
  * Because EdDSA25519 is not on E_d but on the isogenous E_sigma_d,
  * its base point is twice ours.

src/GENERATED/c/ed448goldilocks/eddsa.c

@@ -32,6 +32,11 @@
 #define EDDSA_USE_SIGMA_ISOGENY 0
 #define COFACTOR 4
 
+#if NO_CONTEXT
+const uint8_t NO_CONTEXT_POINTS_HERE = 0;
+const uint8_t * const ED448_NO_CONTEXT = &NO_CONTEXT_POINTS_HERE;
+#endif
+
 /* EDDSA_BASE_POINT_RATIO = 1 or 2
  * Because EdDSA25519 is not on E_d but on the isogenous E_sigma_d,
  * its base point is twice ours.

src/GENERATED/include/decaf/ed255.h

@@ -34,7 +34,7 @@ extern "C" {
 
 /** Does EdDSA support non-contextual signatures? */
 #define DECAF_EDDSA_25519_NO_CONTEXT 1
-const uint8_t * const ED25519_NO_CONTEXT = (const uint8_t * const)(25519);
+extern const uint8_t * const ED25519_NO_CONTEXT API_VIS;
 
 /** Prehash context renaming macros. */
 #define decaf_ed25519_prehash_ctx_s   decaf_sha512_ctx_s

src/GENERATED/include/decaf/ed255.hxx

@@ -55,6 +55,13 @@ typedef class PrivateKeyBase PrivateKey, PrivateKeyPure, PrivateKeyPh;
 typedef class PublicKeyBase PublicKey, PublicKeyPure, PublicKeyPh;
 /** @endcond */
 
+
+#if DECAF_EDDSA_25519_NO_CONTEXT
+static inline const Block NO_CONTEXT() { return Block(ED25519_NO_CONTEXT,0); }
+#else
+static inline const Block NO_CONTEXT() { return Block(NULL,0); }
+#endif
+
 /** Prehash context for EdDSA. */
 class Prehash : public SHA512 {
 private:
@@ -78,7 +85,7 @@ public:
     static const size_t OUTPUT_BYTES = Super::DEFAULT_OUTPUT_BYTES;
     
     /** Create the prehash */
-    Prehash(Block context = Block(NULL,0)) throw(LengthException) {
+    Prehash(const Block &context = NO_CONTEXT()) throw(LengthException) {
         context_ = context;
         init();
     }
@@ -122,7 +129,7 @@ public:
     /* Sign a message using the prehasher */
     inline SecureBuffer sign_with_prehash (
         const Block &message,
-        const Block &context = Block(NULL,0)
+        const Block &context = NO_CONTEXT()
     ) const /*throw(LengthException,CryptoException)*/ {
         Prehash ph(context);
         ph += message;
@@ -141,7 +148,7 @@ public:
      */
     inline SecureBuffer sign (
         const Block &message,
-        const Block &context = Block(NULL,0)
+        const Block &context = NO_CONTEXT()
     ) const /* TODO: this exn spec tickles a Clang bug?
              * throw(LengthException, std::bad_alloc)
              */ {
@@ -245,7 +252,7 @@ public:
     inline decaf_error_t WARN_UNUSED verify_noexcept (
         const FixedBlock<DECAF_EDDSA_25519_SIGNATURE_BYTES> &sig,
         const Block &message,
-        const Block &context = Block(NULL,0)
+        const Block &context = NO_CONTEXT()
     ) const /*NOEXCEPT*/ {
         if (context.size() > 255) {
             return DECAF_FAILURE;
@@ -272,7 +279,7 @@ public:
     inline void verify (
         const FixedBlock<DECAF_EDDSA_25519_SIGNATURE_BYTES> &sig,
         const Block &message,
-        const Block &context = Block(NULL,0)
+        const Block &context = NO_CONTEXT()
     ) const /*throw(LengthException,CryptoException)*/ {
         if (context.size() > 255) {
             throw LengthException();
@@ -321,7 +328,7 @@ public:
     inline void verify_with_prehash (
         const FixedBlock<DECAF_EDDSA_25519_SIGNATURE_BYTES> &sig,
         const Block &message,
-        const Block &context = Block(NULL,0)
+        const Block &context = NO_CONTEXT()
     ) const /*throw(LengthException,CryptoException)*/ {
         Prehash ph(context);
         ph += message;

src/GENERATED/include/decaf/ed448.hxx

@@ -55,6 +55,13 @@ typedef class PrivateKeyBase PrivateKey, PrivateKeyPure, PrivateKeyPh;
 typedef class PublicKeyBase PublicKey, PublicKeyPure, PublicKeyPh;
 /** @endcond */
 
+
+#if DECAF_EDDSA_448_NO_CONTEXT
+static inline const Block NO_CONTEXT() { return Block(ED448_NO_CONTEXT,0); }
+#else
+static inline const Block NO_CONTEXT() { return Block(NULL,0); }
+#endif
+
 /** Prehash context for EdDSA. */
 class Prehash : public SHAKE<256> {
 private:
@@ -78,7 +85,7 @@ public:
     static const size_t OUTPUT_BYTES = Super::DEFAULT_OUTPUT_BYTES;
     
     /** Create the prehash */
-    Prehash(Block context = Block(NULL,0)) throw(LengthException) {
+    Prehash(const Block &context = NO_CONTEXT()) throw(LengthException) {
         context_ = context;
         init();
     }
@@ -122,7 +129,7 @@ public:
     /* Sign a message using the prehasher */
     inline SecureBuffer sign_with_prehash (
         const Block &message,
-        const Block &context = Block(NULL,0)
+        const Block &context = NO_CONTEXT()
     ) const /*throw(LengthException,CryptoException)*/ {
         Prehash ph(context);
         ph += message;
@@ -141,7 +148,7 @@ public:
      */
     inline SecureBuffer sign (
         const Block &message,
-        const Block &context = Block(NULL,0)
+        const Block &context = NO_CONTEXT()
     ) const /* TODO: this exn spec tickles a Clang bug?
              * throw(LengthException, std::bad_alloc)
              */ {
@@ -245,7 +252,7 @@ public:
     inline decaf_error_t WARN_UNUSED verify_noexcept (
         const FixedBlock<DECAF_EDDSA_448_SIGNATURE_BYTES> &sig,
         const Block &message,
-        const Block &context = Block(NULL,0)
+        const Block &context = NO_CONTEXT()
     ) const /*NOEXCEPT*/ {
         if (context.size() > 255) {
             return DECAF_FAILURE;
@@ -272,7 +279,7 @@ public:
     inline void verify (
         const FixedBlock<DECAF_EDDSA_448_SIGNATURE_BYTES> &sig,
         const Block &message,
-        const Block &context = Block(NULL,0)
+        const Block &context = NO_CONTEXT()
     ) const /*throw(LengthException,CryptoException)*/ {
         if (context.size() > 255) {
             throw LengthException();
@@ -321,7 +328,7 @@ public:
     inline void verify_with_prehash (
         const FixedBlock<DECAF_EDDSA_448_SIGNATURE_BYTES> &sig,
         const Block &message,
-        const Block &context = Block(NULL,0)
+        const Block &context = NO_CONTEXT()
     ) const /*throw(LengthException,CryptoException)*/ {
         Prehash ph(context);
         ph += message;

src/per_curve/eddsa.tmpl.c

@@ -23,6 +23,11 @@
 #define EDDSA_USE_SIGMA_ISOGENY $(eddsa_sigma_iso)
 #define COFACTOR $(cofactor)
 
+#if NO_CONTEXT
+const uint8_t NO_CONTEXT_POINTS_HERE = 0;
+$("const uint8_t * const ED" + gf_shortname + "_NO_CONTEXT") = &NO_CONTEXT_POINTS_HERE;
+#endif
+
 /* EDDSA_BASE_POINT_RATIO = 1 or 2
  * Because EdDSA25519 is not on E_d but on the isogenous E_sigma_d,
  * its base point is twice ours.

src/per_curve/eddsa.tmpl.h

@@ -19,7 +19,7 @@ extern "C" {
 
 /** Does EdDSA support non-contextual signatures? */
 #define DECAF_EDDSA_$(gf_shortname)_NO_CONTEXT $(eddsa_no_context)
-$("const uint8_t * const ED" + gf_shortname + "_NO_CONTEXT = (const uint8_t * const)(" + gf_shortname + ");\n" if eddsa_no_context else "")
+$("extern const uint8_t * const ED" + gf_shortname + "_NO_CONTEXT API_VIS;\n" if eddsa_no_context else "")
 /** Prehash context renaming macros. */
 #define decaf_ed$(gf_shortname)_prehash_ctx_s   decaf_$(eddsa_hash)_ctx_s
 #define decaf_ed$(gf_shortname)_prehash_ctx_t   decaf_$(eddsa_hash)_ctx_t

src/per_curve/eddsa.tmpl.hxx

@@ -39,6 +39,13 @@ typedef class PrivateKeyBase PrivateKey, PrivateKeyPure, PrivateKeyPh;
 typedef class PublicKeyBase PublicKey, PublicKeyPure, PublicKeyPh;
 /** @endcond */
 
+
+#if DECAF_EDDSA_$(gf_shortname)_NO_CONTEXT
+static inline const Block NO_CONTEXT() { return Block(ED$(gf_shortname)_NO_CONTEXT,0); }
+#else
+static inline const Block NO_CONTEXT() { return Block(NULL,0); }
+#endif
+
 /** Prehash context for EdDSA. */
 class Prehash : public $(re.sub(r"SHAKE(\d+)",r"SHAKE<\1>", eddsa_hash.upper())) {
 private:
@@ -62,7 +69,7 @@ public:
     static const size_t OUTPUT_BYTES = Super::DEFAULT_OUTPUT_BYTES;
     
     /** Create the prehash */
-    Prehash(Block context = Block(NULL,0)) throw(LengthException) {
+    Prehash(const Block &context = NO_CONTEXT()) throw(LengthException) {
         context_ = context;
         init();
     }
@@ -106,7 +113,7 @@ public:
     /* Sign a message using the prehasher */
     inline SecureBuffer sign_with_prehash (
         const Block &message,
-        const Block &context = Block(NULL,0)
+        const Block &context = NO_CONTEXT()
     ) const /*throw(LengthException,CryptoException)*/ {
         Prehash ph(context);
         ph += message;
@@ -125,7 +132,7 @@ public:
      */
     inline SecureBuffer sign (
         const Block &message,
-        const Block &context = Block(NULL,0)
+        const Block &context = NO_CONTEXT()
     ) const /* TODO: this exn spec tickles a Clang bug?
              * throw(LengthException, std::bad_alloc)
              */ {
@@ -229,7 +236,7 @@ public:
     inline decaf_error_t WARN_UNUSED verify_noexcept (
         const FixedBlock<DECAF_EDDSA_$(gf_shortname)_SIGNATURE_BYTES> &sig,
         const Block &message,
-        const Block &context = Block(NULL,0)
+        const Block &context = NO_CONTEXT()
     ) const /*NOEXCEPT*/ {
         if (context.size() > 255) {
             return DECAF_FAILURE;
@@ -256,7 +263,7 @@ public:
     inline void verify (
         const FixedBlock<DECAF_EDDSA_$(gf_shortname)_SIGNATURE_BYTES> &sig,
         const Block &message,
-        const Block &context = Block(NULL,0)
+        const Block &context = NO_CONTEXT()
     ) const /*throw(LengthException,CryptoException)*/ {
         if (context.size() > 255) {
             throw LengthException();
@@ -305,7 +312,7 @@ public:
     inline void verify_with_prehash (
         const FixedBlock<DECAF_EDDSA_$(gf_shortname)_SIGNATURE_BYTES> &sig,
         const Block &message,
-        const Block &context = Block(NULL,0)
+        const Block &context = NO_CONTEXT()
     ) const /*throw(LengthException,CryptoException)*/ {
         Prehash ph(context);
         ph += message;