diff --git a/src/GENERATED/c/curve25519/eddsa.c b/src/GENERATED/c/curve25519/eddsa.c index 7e50ab0..c3d81c5 100644 --- a/src/GENERATED/c/curve25519/eddsa.c +++ b/src/GENERATED/c/curve25519/eddsa.c @@ -32,6 +32,11 @@ #define EDDSA_USE_SIGMA_ISOGENY 1 #define COFACTOR 8 +#if NO_CONTEXT +const uint8_t NO_CONTEXT_POINTS_HERE = 0; +const uint8_t * const ED25519_NO_CONTEXT = &NO_CONTEXT_POINTS_HERE; +#endif + /* EDDSA_BASE_POINT_RATIO = 1 or 2 * Because EdDSA25519 is not on E_d but on the isogenous E_sigma_d, * its base point is twice ours. diff --git a/src/GENERATED/c/ed448goldilocks/eddsa.c b/src/GENERATED/c/ed448goldilocks/eddsa.c index 4cfbf3c..bb662b8 100644 --- a/src/GENERATED/c/ed448goldilocks/eddsa.c +++ b/src/GENERATED/c/ed448goldilocks/eddsa.c @@ -32,6 +32,11 @@ #define EDDSA_USE_SIGMA_ISOGENY 0 #define COFACTOR 4 +#if NO_CONTEXT +const uint8_t NO_CONTEXT_POINTS_HERE = 0; +const uint8_t * const ED448_NO_CONTEXT = &NO_CONTEXT_POINTS_HERE; +#endif + /* EDDSA_BASE_POINT_RATIO = 1 or 2 * Because EdDSA25519 is not on E_d but on the isogenous E_sigma_d, * its base point is twice ours. diff --git a/src/GENERATED/include/decaf/ed255.h b/src/GENERATED/include/decaf/ed255.h index 27fa44f..f9aab4b 100644 --- a/src/GENERATED/include/decaf/ed255.h +++ b/src/GENERATED/include/decaf/ed255.h @@ -34,7 +34,7 @@ extern "C" { /** Does EdDSA support non-contextual signatures? */ #define DECAF_EDDSA_25519_NO_CONTEXT 1 -const uint8_t * const ED25519_NO_CONTEXT = (const uint8_t * const)(25519); +extern const uint8_t * const ED25519_NO_CONTEXT API_VIS; /** Prehash context renaming macros. */ #define decaf_ed25519_prehash_ctx_s decaf_sha512_ctx_s diff --git a/src/GENERATED/include/decaf/ed255.hxx b/src/GENERATED/include/decaf/ed255.hxx index 26ebc80..fa53859 100644 --- a/src/GENERATED/include/decaf/ed255.hxx +++ b/src/GENERATED/include/decaf/ed255.hxx @@ -55,6 +55,13 @@ typedef class PrivateKeyBase PrivateKey, PrivateKeyPure, PrivateKeyPh; typedef class PublicKeyBase PublicKey, PublicKeyPure, PublicKeyPh; /** @endcond */ + +#if DECAF_EDDSA_25519_NO_CONTEXT +static inline const Block NO_CONTEXT() { return Block(ED25519_NO_CONTEXT,0); } +#else +static inline const Block NO_CONTEXT() { return Block(NULL,0); } +#endif + /** Prehash context for EdDSA. */ class Prehash : public SHA512 { private: @@ -78,7 +85,7 @@ public: static const size_t OUTPUT_BYTES = Super::DEFAULT_OUTPUT_BYTES; /** Create the prehash */ - Prehash(Block context = Block(NULL,0)) throw(LengthException) { + Prehash(const Block &context = NO_CONTEXT()) throw(LengthException) { context_ = context; init(); } @@ -122,7 +129,7 @@ public: /* Sign a message using the prehasher */ inline SecureBuffer sign_with_prehash ( const Block &message, - const Block &context = Block(NULL,0) + const Block &context = NO_CONTEXT() ) const /*throw(LengthException,CryptoException)*/ { Prehash ph(context); ph += message; @@ -141,7 +148,7 @@ public: */ inline SecureBuffer sign ( const Block &message, - const Block &context = Block(NULL,0) + const Block &context = NO_CONTEXT() ) const /* TODO: this exn spec tickles a Clang bug? * throw(LengthException, std::bad_alloc) */ { @@ -245,7 +252,7 @@ public: inline decaf_error_t WARN_UNUSED verify_noexcept ( const FixedBlock &sig, const Block &message, - const Block &context = Block(NULL,0) + const Block &context = NO_CONTEXT() ) const /*NOEXCEPT*/ { if (context.size() > 255) { return DECAF_FAILURE; @@ -272,7 +279,7 @@ public: inline void verify ( const FixedBlock &sig, const Block &message, - const Block &context = Block(NULL,0) + const Block &context = NO_CONTEXT() ) const /*throw(LengthException,CryptoException)*/ { if (context.size() > 255) { throw LengthException(); @@ -321,7 +328,7 @@ public: inline void verify_with_prehash ( const FixedBlock &sig, const Block &message, - const Block &context = Block(NULL,0) + const Block &context = NO_CONTEXT() ) const /*throw(LengthException,CryptoException)*/ { Prehash ph(context); ph += message; diff --git a/src/GENERATED/include/decaf/ed448.hxx b/src/GENERATED/include/decaf/ed448.hxx index 4b1e26b..a06d9d9 100644 --- a/src/GENERATED/include/decaf/ed448.hxx +++ b/src/GENERATED/include/decaf/ed448.hxx @@ -55,6 +55,13 @@ typedef class PrivateKeyBase PrivateKey, PrivateKeyPure, PrivateKeyPh; typedef class PublicKeyBase PublicKey, PublicKeyPure, PublicKeyPh; /** @endcond */ + +#if DECAF_EDDSA_448_NO_CONTEXT +static inline const Block NO_CONTEXT() { return Block(ED448_NO_CONTEXT,0); } +#else +static inline const Block NO_CONTEXT() { return Block(NULL,0); } +#endif + /** Prehash context for EdDSA. */ class Prehash : public SHAKE<256> { private: @@ -78,7 +85,7 @@ public: static const size_t OUTPUT_BYTES = Super::DEFAULT_OUTPUT_BYTES; /** Create the prehash */ - Prehash(Block context = Block(NULL,0)) throw(LengthException) { + Prehash(const Block &context = NO_CONTEXT()) throw(LengthException) { context_ = context; init(); } @@ -122,7 +129,7 @@ public: /* Sign a message using the prehasher */ inline SecureBuffer sign_with_prehash ( const Block &message, - const Block &context = Block(NULL,0) + const Block &context = NO_CONTEXT() ) const /*throw(LengthException,CryptoException)*/ { Prehash ph(context); ph += message; @@ -141,7 +148,7 @@ public: */ inline SecureBuffer sign ( const Block &message, - const Block &context = Block(NULL,0) + const Block &context = NO_CONTEXT() ) const /* TODO: this exn spec tickles a Clang bug? * throw(LengthException, std::bad_alloc) */ { @@ -245,7 +252,7 @@ public: inline decaf_error_t WARN_UNUSED verify_noexcept ( const FixedBlock &sig, const Block &message, - const Block &context = Block(NULL,0) + const Block &context = NO_CONTEXT() ) const /*NOEXCEPT*/ { if (context.size() > 255) { return DECAF_FAILURE; @@ -272,7 +279,7 @@ public: inline void verify ( const FixedBlock &sig, const Block &message, - const Block &context = Block(NULL,0) + const Block &context = NO_CONTEXT() ) const /*throw(LengthException,CryptoException)*/ { if (context.size() > 255) { throw LengthException(); @@ -321,7 +328,7 @@ public: inline void verify_with_prehash ( const FixedBlock &sig, const Block &message, - const Block &context = Block(NULL,0) + const Block &context = NO_CONTEXT() ) const /*throw(LengthException,CryptoException)*/ { Prehash ph(context); ph += message; diff --git a/src/per_curve/eddsa.tmpl.c b/src/per_curve/eddsa.tmpl.c index cd0f81b..eade6ae 100644 --- a/src/per_curve/eddsa.tmpl.c +++ b/src/per_curve/eddsa.tmpl.c @@ -23,6 +23,11 @@ #define EDDSA_USE_SIGMA_ISOGENY $(eddsa_sigma_iso) #define COFACTOR $(cofactor) +#if NO_CONTEXT +const uint8_t NO_CONTEXT_POINTS_HERE = 0; +$("const uint8_t * const ED" + gf_shortname + "_NO_CONTEXT") = &NO_CONTEXT_POINTS_HERE; +#endif + /* EDDSA_BASE_POINT_RATIO = 1 or 2 * Because EdDSA25519 is not on E_d but on the isogenous E_sigma_d, * its base point is twice ours. diff --git a/src/per_curve/eddsa.tmpl.h b/src/per_curve/eddsa.tmpl.h index 44883c5..de362ab 100644 --- a/src/per_curve/eddsa.tmpl.h +++ b/src/per_curve/eddsa.tmpl.h @@ -19,7 +19,7 @@ extern "C" { /** Does EdDSA support non-contextual signatures? */ #define DECAF_EDDSA_$(gf_shortname)_NO_CONTEXT $(eddsa_no_context) -$("const uint8_t * const ED" + gf_shortname + "_NO_CONTEXT = (const uint8_t * const)(" + gf_shortname + ");\n" if eddsa_no_context else "") +$("extern const uint8_t * const ED" + gf_shortname + "_NO_CONTEXT API_VIS;\n" if eddsa_no_context else "") /** Prehash context renaming macros. */ #define decaf_ed$(gf_shortname)_prehash_ctx_s decaf_$(eddsa_hash)_ctx_s #define decaf_ed$(gf_shortname)_prehash_ctx_t decaf_$(eddsa_hash)_ctx_t diff --git a/src/per_curve/eddsa.tmpl.hxx b/src/per_curve/eddsa.tmpl.hxx index 4bdeddd..2fa9e66 100644 --- a/src/per_curve/eddsa.tmpl.hxx +++ b/src/per_curve/eddsa.tmpl.hxx @@ -39,6 +39,13 @@ typedef class PrivateKeyBase PrivateKey, PrivateKeyPure, PrivateKeyPh; typedef class PublicKeyBase PublicKey, PublicKeyPure, PublicKeyPh; /** @endcond */ + +#if DECAF_EDDSA_$(gf_shortname)_NO_CONTEXT +static inline const Block NO_CONTEXT() { return Block(ED$(gf_shortname)_NO_CONTEXT,0); } +#else +static inline const Block NO_CONTEXT() { return Block(NULL,0); } +#endif + /** Prehash context for EdDSA. */ class Prehash : public $(re.sub(r"SHAKE(\d+)",r"SHAKE<\1>", eddsa_hash.upper())) { private: @@ -62,7 +69,7 @@ public: static const size_t OUTPUT_BYTES = Super::DEFAULT_OUTPUT_BYTES; /** Create the prehash */ - Prehash(Block context = Block(NULL,0)) throw(LengthException) { + Prehash(const Block &context = NO_CONTEXT()) throw(LengthException) { context_ = context; init(); } @@ -106,7 +113,7 @@ public: /* Sign a message using the prehasher */ inline SecureBuffer sign_with_prehash ( const Block &message, - const Block &context = Block(NULL,0) + const Block &context = NO_CONTEXT() ) const /*throw(LengthException,CryptoException)*/ { Prehash ph(context); ph += message; @@ -125,7 +132,7 @@ public: */ inline SecureBuffer sign ( const Block &message, - const Block &context = Block(NULL,0) + const Block &context = NO_CONTEXT() ) const /* TODO: this exn spec tickles a Clang bug? * throw(LengthException, std::bad_alloc) */ { @@ -229,7 +236,7 @@ public: inline decaf_error_t WARN_UNUSED verify_noexcept ( const FixedBlock &sig, const Block &message, - const Block &context = Block(NULL,0) + const Block &context = NO_CONTEXT() ) const /*NOEXCEPT*/ { if (context.size() > 255) { return DECAF_FAILURE; @@ -256,7 +263,7 @@ public: inline void verify ( const FixedBlock &sig, const Block &message, - const Block &context = Block(NULL,0) + const Block &context = NO_CONTEXT() ) const /*throw(LengthException,CryptoException)*/ { if (context.size() > 255) { throw LengthException(); @@ -305,7 +312,7 @@ public: inline void verify_with_prehash ( const FixedBlock &sig, const Block &message, - const Block &context = Block(NULL,0) + const Block &context = NO_CONTEXT() ) const /*throw(LengthException,CryptoException)*/ { Prehash ph(context); ph += message;