From e69e00269fe179c8dbc07a38f714a03da40682b5 Mon Sep 17 00:00:00 2001 From: Michael Hamburg Date: Tue, 2 May 2017 16:56:44 -0700 Subject: [PATCH] rename publicly-visible macros to DECAF_ namespace --- src/GENERATED/c/curve25519/decaf.c | 18 +- src/GENERATED/c/curve25519/elligator.c | 2 +- src/GENERATED/c/curve25519/scalar.c | 8 +- src/GENERATED/c/ed448goldilocks/decaf.c | 18 +- src/GENERATED/c/ed448goldilocks/elligator.c | 2 +- src/GENERATED/c/ed448goldilocks/scalar.c | 8 +- src/GENERATED/include/decaf/common.h | 25 ++- src/GENERATED/include/decaf/ed255.h | 25 +-- src/GENERATED/include/decaf/ed255.hxx | 52 ++--- src/GENERATED/include/decaf/ed448.h | 23 ++- src/GENERATED/include/decaf/ed448.hxx | 52 ++--- src/GENERATED/include/decaf/point_255.h | 96 +++++----- src/GENERATED/include/decaf/point_255.hxx | 178 +++++++++--------- src/GENERATED/include/decaf/point_448.h | 96 +++++----- src/GENERATED/include/decaf/point_448.hxx | 178 +++++++++--------- src/GENERATED/include/decaf/secure_buffer.hxx | 114 +++++------ src/GENERATED/include/decaf/sha512.h | 12 +- src/GENERATED/include/decaf/sha512.hxx | 20 +- src/GENERATED/include/decaf/shake.h | 66 +++---- src/GENERATED/include/decaf/shake.hxx | 34 ++-- src/GENERATED/include/decaf/spongerng.h | 12 +- src/GENERATED/include/decaf/spongerng.hxx | 26 +-- src/include/field.h | 6 +- src/include/word.h | 28 +-- src/per_curve/decaf.tmpl.c | 18 +- src/per_curve/eddsa.tmpl.h | 25 +-- src/per_curve/eddsa.tmpl.hxx | 52 ++--- src/per_curve/elligator.tmpl.c | 2 +- src/per_curve/point.tmpl.h | 96 +++++----- src/per_curve/point.tmpl.hxx | 178 +++++++++--------- src/per_curve/scalar.tmpl.c | 8 +- src/public_include/decaf/common.h | 25 ++- src/public_include/decaf/secure_buffer.hxx | 114 +++++------ src/public_include/decaf/sha512.h | 12 +- src/public_include/decaf/sha512.hxx | 20 +- src/public_include/decaf/shake.h | 66 +++---- src/public_include/decaf/shake.hxx | 34 ++-- src/public_include/decaf/spongerng.h | 12 +- src/public_include/decaf/spongerng.hxx | 26 +-- src/sha512.c | 2 +- 40 files changed, 896 insertions(+), 893 deletions(-) diff --git a/src/GENERATED/c/curve25519/decaf.c b/src/GENERATED/c/curve25519/decaf.c index fa4f8fd..c6538ae 100644 --- a/src/GENERATED/c/curve25519/decaf.c +++ b/src/GENERATED/c/curve25519/decaf.c @@ -364,7 +364,7 @@ void API_NS(point_add) ( gf_mul ( p->t, b, c ); } -static NOINLINE void +static DECAF_NOINLINE void point_double_internal ( point_t p, const point_t q, @@ -403,7 +403,7 @@ void API_NS(point_negate) ( } /* Operations on [p]niels */ -static INLINE void +static DECAF_INLINE void cond_neg_niels ( niels_t n, mask_t neg @@ -412,7 +412,7 @@ cond_neg_niels ( gf_cond_neg(n->c, neg); } -static NOINLINE void pt_to_pniels ( +static DECAF_NOINLINE void pt_to_pniels ( pniels_t b, const point_t a ) { @@ -422,7 +422,7 @@ static NOINLINE void pt_to_pniels ( gf_add ( b->z, a->z, a->z ); } -static NOINLINE void pniels_to_pt ( +static DECAF_NOINLINE void pniels_to_pt ( point_t e, const pniels_t d ) { @@ -435,7 +435,7 @@ static NOINLINE void pniels_to_pt ( gf_sqr ( e->z, d->z ); } -static NOINLINE void +static DECAF_NOINLINE void niels_to_pt ( point_t e, const niels_t n @@ -446,7 +446,7 @@ niels_to_pt ( gf_copy ( e->z, ONE ); } -static NOINLINE void +static DECAF_NOINLINE void add_niels_to_pt ( point_t d, const niels_t e, @@ -468,7 +468,7 @@ add_niels_to_pt ( if (!before_double) gf_mul ( d->t, b, c ); } -static NOINLINE void +static DECAF_NOINLINE void sub_niels_from_pt ( point_t d, const niels_t e, @@ -514,7 +514,7 @@ sub_pniels_from_pt ( sub_niels_from_pt( p, pn->n, before_double ); } -static NOINLINE void +static DECAF_NOINLINE void prepare_fixed_window( pniels_t *multiples, const point_t b, @@ -973,7 +973,7 @@ void API_NS(precompute) ( decaf_bzero(doubles,sizeof(doubles)); } -static INLINE void +static DECAF_INLINE void constant_time_lookup_niels ( niels_s *__restrict__ ni, const niels_t *table, diff --git a/src/GENERATED/c/curve25519/elligator.c b/src/GENERATED/c/curve25519/elligator.c index 553e55d..9791475 100644 --- a/src/GENERATED/c/curve25519/elligator.c +++ b/src/GENERATED/c/curve25519/elligator.c @@ -109,7 +109,7 @@ void API_NS(point_from_hash_uniform) ( #define MAX(A,B) (((A)>(B)) ? (A) : (B)) #define PKP_MASK ((1<<(MAX(8*SER_BYTES + 0 - 255,0)))-1) #if PKP_MASK != 0 -static UNUSED mask_t plus_k_p ( +static DECAF_INLINE mask_t plus_k_p ( uint8_t x[SER_BYTES], uint32_t factor_ ) { diff --git a/src/GENERATED/c/curve25519/scalar.c b/src/GENERATED/c/curve25519/scalar.c index 352158b..04a3425 100644 --- a/src/GENERATED/c/curve25519/scalar.c +++ b/src/GENERATED/c/curve25519/scalar.c @@ -37,7 +37,7 @@ const scalar_t API_NS(scalar_one) = {{{1}}}, API_NS(scalar_zero) = {{{0}}}; /** {extra,accum} - sub +? p * Must have extra <= 1 */ -static NOINLINE void sc_subx( +static DECAF_NOINLINE void sc_subx( scalar_t out, const decaf_word_t accum[SCALAR_LIMBS], const scalar_t sub, @@ -61,7 +61,7 @@ static NOINLINE void sc_subx( } } -static NOINLINE void sc_montmul ( +static DECAF_NOINLINE void sc_montmul ( scalar_t out, const scalar_t a, const scalar_t b @@ -109,7 +109,7 @@ void API_NS(scalar_mul) ( } /* PERF: could implement this */ -static INLINE void sc_montsqr (scalar_t out, const scalar_t a) { +static DECAF_INLINE void sc_montsqr (scalar_t out, const scalar_t a) { sc_montmul(out,a,a); } @@ -222,7 +222,7 @@ API_NS(scalar_eq) ( return mask_to_bool(word_is_zero(diff)); } -static INLINE void scalar_decode_short ( +static DECAF_INLINE void scalar_decode_short ( scalar_t s, const unsigned char *ser, unsigned int nbytes diff --git a/src/GENERATED/c/ed448goldilocks/decaf.c b/src/GENERATED/c/ed448goldilocks/decaf.c index 4b664fa..7554443 100644 --- a/src/GENERATED/c/ed448goldilocks/decaf.c +++ b/src/GENERATED/c/ed448goldilocks/decaf.c @@ -364,7 +364,7 @@ void API_NS(point_add) ( gf_mul ( p->t, b, c ); } -static NOINLINE void +static DECAF_NOINLINE void point_double_internal ( point_t p, const point_t q, @@ -403,7 +403,7 @@ void API_NS(point_negate) ( } /* Operations on [p]niels */ -static INLINE void +static DECAF_INLINE void cond_neg_niels ( niels_t n, mask_t neg @@ -412,7 +412,7 @@ cond_neg_niels ( gf_cond_neg(n->c, neg); } -static NOINLINE void pt_to_pniels ( +static DECAF_NOINLINE void pt_to_pniels ( pniels_t b, const point_t a ) { @@ -422,7 +422,7 @@ static NOINLINE void pt_to_pniels ( gf_add ( b->z, a->z, a->z ); } -static NOINLINE void pniels_to_pt ( +static DECAF_NOINLINE void pniels_to_pt ( point_t e, const pniels_t d ) { @@ -435,7 +435,7 @@ static NOINLINE void pniels_to_pt ( gf_sqr ( e->z, d->z ); } -static NOINLINE void +static DECAF_NOINLINE void niels_to_pt ( point_t e, const niels_t n @@ -446,7 +446,7 @@ niels_to_pt ( gf_copy ( e->z, ONE ); } -static NOINLINE void +static DECAF_NOINLINE void add_niels_to_pt ( point_t d, const niels_t e, @@ -468,7 +468,7 @@ add_niels_to_pt ( if (!before_double) gf_mul ( d->t, b, c ); } -static NOINLINE void +static DECAF_NOINLINE void sub_niels_from_pt ( point_t d, const niels_t e, @@ -514,7 +514,7 @@ sub_pniels_from_pt ( sub_niels_from_pt( p, pn->n, before_double ); } -static NOINLINE void +static DECAF_NOINLINE void prepare_fixed_window( pniels_t *multiples, const point_t b, @@ -973,7 +973,7 @@ void API_NS(precompute) ( decaf_bzero(doubles,sizeof(doubles)); } -static INLINE void +static DECAF_INLINE void constant_time_lookup_niels ( niels_s *__restrict__ ni, const niels_t *table, diff --git a/src/GENERATED/c/ed448goldilocks/elligator.c b/src/GENERATED/c/ed448goldilocks/elligator.c index 66b398f..6edb008 100644 --- a/src/GENERATED/c/ed448goldilocks/elligator.c +++ b/src/GENERATED/c/ed448goldilocks/elligator.c @@ -109,7 +109,7 @@ void API_NS(point_from_hash_uniform) ( #define MAX(A,B) (((A)>(B)) ? (A) : (B)) #define PKP_MASK ((1<<(MAX(8*SER_BYTES + 0 - 448,0)))-1) #if PKP_MASK != 0 -static UNUSED mask_t plus_k_p ( +static DECAF_INLINE mask_t plus_k_p ( uint8_t x[SER_BYTES], uint32_t factor_ ) { diff --git a/src/GENERATED/c/ed448goldilocks/scalar.c b/src/GENERATED/c/ed448goldilocks/scalar.c index d5fd3a2..03d58e8 100644 --- a/src/GENERATED/c/ed448goldilocks/scalar.c +++ b/src/GENERATED/c/ed448goldilocks/scalar.c @@ -37,7 +37,7 @@ const scalar_t API_NS(scalar_one) = {{{1}}}, API_NS(scalar_zero) = {{{0}}}; /** {extra,accum} - sub +? p * Must have extra <= 1 */ -static NOINLINE void sc_subx( +static DECAF_NOINLINE void sc_subx( scalar_t out, const decaf_word_t accum[SCALAR_LIMBS], const scalar_t sub, @@ -61,7 +61,7 @@ static NOINLINE void sc_subx( } } -static NOINLINE void sc_montmul ( +static DECAF_NOINLINE void sc_montmul ( scalar_t out, const scalar_t a, const scalar_t b @@ -109,7 +109,7 @@ void API_NS(scalar_mul) ( } /* PERF: could implement this */ -static INLINE void sc_montsqr (scalar_t out, const scalar_t a) { +static DECAF_INLINE void sc_montsqr (scalar_t out, const scalar_t a) { sc_montmul(out,a,a); } @@ -222,7 +222,7 @@ API_NS(scalar_eq) ( return mask_to_bool(word_is_zero(diff)); } -static INLINE void scalar_decode_short ( +static DECAF_INLINE void scalar_decode_short ( scalar_t s, const unsigned char *ser, unsigned int nbytes diff --git a/src/GENERATED/include/decaf/common.h b/src/GENERATED/include/decaf/common.h index 694bfca..64719ad 100644 --- a/src/GENERATED/include/decaf/common.h +++ b/src/GENERATED/include/decaf/common.h @@ -24,19 +24,18 @@ extern "C" { #if defined(DOXYGEN) && !defined(__attribute__) #define __attribute__((x)) #endif -#define API_VIS __attribute__((visibility("default"))) -#define NOINLINE __attribute__((noinline)) -#define WARN_UNUSED __attribute__((warn_unused_result)) -#define NONNULL __attribute__((nonnull)) -#define INLINE inline __attribute__((always_inline)) -#define UNUSED __attribute__((unused)) +#define DECAF_API_VIS __attribute__((visibility("default"))) +#define DECAF_NOINLINE __attribute__((noinline)) +#define DECAF_WARN_UNUSED __attribute__((warn_unused_result)) +#define DECAF_NONNULL __attribute__((nonnull)) +#define DECAF_INLINE inline __attribute__((always_inline,unused)) // Cribbed from libnotmuch #if defined (__clang_major__) && __clang_major__ >= 3 \ || defined (__GNUC__) && __GNUC__ >= 5 \ || defined (__GNUC__) && __GNUC__ == 4 && __GNUC_MINOR__ >= 5 -#define DEPRECATED(msg) __attribute__ ((deprecated(msg))) +#define DECAF_DEPRECATED(msg) __attribute__ ((deprecated(msg))) #else -#define DEPRECATED(msg) __attribute__ ((deprecated)) +#define DECAF_DEPRECATED(msg) __attribute__ ((deprecated)) #endif /** @endcond */ @@ -85,15 +84,13 @@ typedef enum { /** Return success if x is true */ -static UNUSED INLINE -decaf_error_t +static DECAF_INLINE decaf_error_t decaf_succeed_if(decaf_bool_t x) { return (decaf_error_t)x; } /** Return DECAF_TRUE iff x == DECAF_SUCCESS */ -static UNUSED INLINE -decaf_bool_t +static DECAF_INLINE decaf_bool_t decaf_successful(decaf_error_t e) { decaf_dword_t w = ((decaf_word_t)e) ^ ((decaf_word_t)DECAF_SUCCESS); return (w-1)>>DECAF_WORD_BITS; @@ -103,14 +100,14 @@ decaf_successful(decaf_error_t e) { void decaf_bzero ( void *data, size_t size -) NONNULL API_VIS; +) DECAF_NONNULL DECAF_API_VIS; /** Compare two buffers, returning DECAF_TRUE if they are equal. */ decaf_bool_t decaf_memeq ( const void *data1, const void *data2, size_t size -) NONNULL WARN_UNUSED API_VIS; +) DECAF_NONNULL DECAF_WARN_UNUSED DECAF_API_VIS; #ifdef __cplusplus } /* extern "C" */ diff --git a/src/GENERATED/include/decaf/ed255.h b/src/GENERATED/include/decaf/ed255.h index 99e1ebc..c1dbbdb 100644 --- a/src/GENERATED/include/decaf/ed255.h +++ b/src/GENERATED/include/decaf/ed255.h @@ -34,7 +34,7 @@ extern "C" { /** Does EdDSA support non-contextual signatures? */ #define DECAF_EDDSA_25519_SUPPORTS_CONTEXTLESS_SIGS 1 -extern const uint8_t * const DECAF_ED25519_NO_CONTEXT API_VIS; +extern const uint8_t * const DECAF_ED25519_NO_CONTEXT DECAF_API_VIS; /** Prehash context renaming macros. */ #define decaf_ed25519_prehash_ctx_s decaf_sha512_ctx_s @@ -52,7 +52,7 @@ extern const uint8_t * const DECAF_ED25519_NO_CONTEXT API_VIS; void decaf_ed25519_derive_public_key ( uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES], const uint8_t privkey[DECAF_EDDSA_25519_PRIVATE_BYTES] -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief EdDSA signing. @@ -80,7 +80,7 @@ void decaf_ed25519_sign ( uint8_t prehashed, const uint8_t *context, uint8_t context_len -) API_VIS __attribute__((nonnull(1,2,3))) NOINLINE; +) DECAF_API_VIS __attribute__((nonnull(1,2,3))) DECAF_NOINLINE; /** * @brief EdDSA signing with prehash. @@ -104,7 +104,7 @@ void decaf_ed25519_sign_prehash ( const decaf_ed25519_prehash_ctx_t hash, const uint8_t *context, uint8_t context_len -) API_VIS __attribute__((nonnull(1,2,3,4))) NOINLINE; +) DECAF_API_VIS __attribute__((nonnull(1,2,3,4))) DECAF_NOINLINE; /** * @brief Prehash initialization, with contexts if supported. @@ -113,7 +113,7 @@ void decaf_ed25519_sign_prehash ( */ void decaf_ed25519_prehash_init ( decaf_ed25519_prehash_ctx_t hash -) API_VIS __attribute__((nonnull(1))) NOINLINE; +) DECAF_API_VIS __attribute__((nonnull(1))) DECAF_NOINLINE; /** * @brief EdDSA signature verification. @@ -141,7 +141,7 @@ decaf_error_t decaf_ed25519_verify ( uint8_t prehashed, const uint8_t *context, uint8_t context_len -) API_VIS __attribute__((nonnull(1,2))) NOINLINE; +) DECAF_API_VIS __attribute__((nonnull(1,2))) DECAF_NOINLINE; /** * @brief EdDSA signature verification. @@ -165,7 +165,7 @@ decaf_error_t decaf_ed25519_verify_prehash ( const decaf_ed25519_prehash_ctx_t hash, const uint8_t *context, uint8_t context_len -) API_VIS __attribute__((nonnull(1,2))) NOINLINE; +) DECAF_API_VIS __attribute__((nonnull(1,2))) DECAF_NOINLINE; /** * @brief EdDSA point encoding. Used internally, exposed externally. @@ -177,7 +177,7 @@ decaf_error_t decaf_ed25519_verify_prehash ( void decaf_255_point_mul_by_cofactor_and_encode_like_eddsa ( uint8_t enc[DECAF_EDDSA_25519_PUBLIC_BYTES], const decaf_255_point_t p -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief EdDSA point decoding. Remember that while points on the @@ -190,20 +190,23 @@ void decaf_255_point_mul_by_cofactor_and_encode_like_eddsa ( decaf_error_t decaf_255_point_decode_like_eddsa_and_ignore_cofactor ( decaf_255_point_t p, const uint8_t enc[DECAF_EDDSA_25519_PUBLIC_BYTES] -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief EdDSA to ECDH public key conversion * Deserialize the point to get y on Edwards curve, * Convert it to u coordinate on Montgomery curve. * + * @warning This function does not check that the public key being converted + * is a valid EdDSA public key (FUTURE?) + * * @param[out] x The ECDH public key as in RFC7748(point on Montgomery curve) * @param[in] ed The EdDSA public key(point on Edwards curve) */ void decaf_ed25519_convert_public_key_to_x25519 ( uint8_t x[DECAF_X25519_PUBLIC_BYTES], const uint8_t ed[DECAF_EDDSA_25519_PUBLIC_BYTES] -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief EdDSA to ECDH private key conversion @@ -216,7 +219,7 @@ void decaf_ed25519_convert_public_key_to_x25519 ( void decaf_ed25519_convert_private_key_to_x25519 ( uint8_t x[DECAF_X25519_PRIVATE_BYTES], const uint8_t ed[DECAF_EDDSA_25519_PRIVATE_BYTES] -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; #ifdef __cplusplus } /* extern "C" */ diff --git a/src/GENERATED/include/decaf/ed255.hxx b/src/GENERATED/include/decaf/ed255.hxx index d80f83e..ea629aa 100644 --- a/src/GENERATED/include/decaf/ed255.hxx +++ b/src/GENERATED/include/decaf/ed255.hxx @@ -32,9 +32,9 @@ /** @cond internal */ #if __cplusplus >= 201103L -#define NOEXCEPT noexcept +#define DECAF_NOEXCEPT noexcept #else -#define NOEXCEPT throw() +#define DECAF_NOEXCEPT throw() #endif /** @endcond */ @@ -91,7 +91,7 @@ public: } /** Reset this hash */ - void reset() NOEXCEPT { init(); } + void reset() DECAF_NOEXCEPT { init(); } /** Output from this hash */ SecureBuffer final() throw(std::bad_alloc) { @@ -202,38 +202,38 @@ public: /** Create but don't initialize */ - inline explicit PrivateKeyBase(const NOINIT&) NOEXCEPT : priv_((NOINIT())), pub_((NOINIT())) { } + inline explicit PrivateKeyBase(const NOINIT&) DECAF_NOEXCEPT : priv_((NOINIT())), pub_((NOINIT())) { } /** Read a private key from a string */ - inline explicit PrivateKeyBase(const FixedBlock &b) NOEXCEPT { *this = b; } + inline explicit PrivateKeyBase(const FixedBlock &b) DECAF_NOEXCEPT { *this = b; } /** Copy constructor */ - inline PrivateKeyBase(const PrivateKey &k) NOEXCEPT { *this = k; } + inline PrivateKeyBase(const PrivateKey &k) DECAF_NOEXCEPT { *this = k; } /** Create at random */ - inline explicit PrivateKeyBase(Rng &r) NOEXCEPT : priv_(r) { + inline explicit PrivateKeyBase(Rng &r) DECAF_NOEXCEPT : priv_(r) { decaf_ed25519_derive_public_key(pub_.data(), priv_.data()); } /** Assignment from string */ - inline PrivateKeyBase &operator=(const FixedBlock &b) NOEXCEPT { + inline PrivateKeyBase &operator=(const FixedBlock &b) DECAF_NOEXCEPT { memcpy(priv_.data(),b.data(),b.size()); decaf_ed25519_derive_public_key(pub_.data(), priv_.data()); return *this; } /** Copy assignment */ - inline PrivateKeyBase &operator=(const PrivateKey &k) NOEXCEPT { + inline PrivateKeyBase &operator=(const PrivateKey &k) DECAF_NOEXCEPT { memcpy(priv_.data(),k.priv_.data(), priv_.size()); memcpy(pub_.data(),k.pub_.data(), pub_.size()); return *this; } /** Serialization size. */ - inline size_t ser_size() const NOEXCEPT { return SER_BYTES; } + inline size_t ser_size() const DECAF_NOEXCEPT { return SER_BYTES; } /** Serialize into a buffer. */ - inline void serialize_into(unsigned char *x) const NOEXCEPT { + inline void serialize_into(unsigned char *x) const DECAF_NOEXCEPT { memcpy(x,priv_.data(), priv_.size()); } @@ -245,7 +245,7 @@ public: } /** Return the corresponding public key */ - inline MyPublicKey pub() const NOEXCEPT { + inline MyPublicKey pub() const DECAF_NOEXCEPT { MyPublicKey pub(*this); return pub; } @@ -256,11 +256,11 @@ public: template class Verification { public: /** Verify a signature, returning DECAF_FAILURE if verification fails */ - inline decaf_error_t WARN_UNUSED verify_noexcept ( + inline decaf_error_t DECAF_WARN_UNUSED verify_noexcept ( const FixedBlock &sig, const Block &message, const Block &context = NO_CONTEXT() - ) const /*NOEXCEPT*/ { + ) const /*DECAF_NOEXCEPT*/ { if (context.size() > 255) { return DECAF_FAILURE; } @@ -302,10 +302,10 @@ public: template class Verification { public: /* Verify a prehash context. */ - inline decaf_error_t WARN_UNUSED verify_prehashed_noexcept ( + inline decaf_error_t DECAF_WARN_UNUSED verify_prehashed_noexcept ( const FixedBlock &sig, const Prehash &ph - ) const /*NOEXCEPT*/ { + ) const /*DECAF_NOEXCEPT*/ { return decaf_ed25519_verify_prehash ( sig.data(), ((const CRTP*)this)->pub_.data(), @@ -376,38 +376,38 @@ public: /** Create but don't initialize */ - inline explicit PublicKeyBase(const NOINIT&) NOEXCEPT : pub_((NOINIT())) { } + inline explicit PublicKeyBase(const NOINIT&) DECAF_NOEXCEPT : pub_((NOINIT())) { } /** Read a private key from a string */ - inline explicit PublicKeyBase(const FixedBlock &b) NOEXCEPT { *this = b; } + inline explicit PublicKeyBase(const FixedBlock &b) DECAF_NOEXCEPT { *this = b; } /** Copy constructor */ - inline PublicKeyBase(const PublicKeyBase &k) NOEXCEPT { *this = k; } + inline PublicKeyBase(const PublicKeyBase &k) DECAF_NOEXCEPT { *this = k; } /** Copy constructor */ - inline explicit PublicKeyBase(const MyPrivateKey &k) NOEXCEPT { *this = k; } + inline explicit PublicKeyBase(const MyPrivateKey &k) DECAF_NOEXCEPT { *this = k; } /** Assignment from string */ - inline PublicKey &operator=(const FixedBlock &b) NOEXCEPT { + inline PublicKey &operator=(const FixedBlock &b) DECAF_NOEXCEPT { memcpy(pub_.data(),b.data(),b.size()); return *this; } /** Assignment from private key */ - inline PublicKey &operator=(const PublicKey &p) NOEXCEPT { + inline PublicKey &operator=(const PublicKey &p) DECAF_NOEXCEPT { return *this = p.pub_; } /** Assignment from private key */ - inline PublicKey &operator=(const MyPrivateKey &p) NOEXCEPT { + inline PublicKey &operator=(const MyPrivateKey &p) DECAF_NOEXCEPT { return *this = p.pub_; } /** Serialization size. */ - inline size_t ser_size() const NOEXCEPT { return SER_BYTES; } + inline size_t ser_size() const DECAF_NOEXCEPT { return SER_BYTES; } /** Serialize into a buffer. */ - inline void serialize_into(unsigned char *x) const NOEXCEPT { + inline void serialize_into(unsigned char *x) const DECAF_NOEXCEPT { memcpy(x,pub_.data(), pub_.size()); } @@ -421,7 +421,7 @@ public: }; /* template<> struct EdDSA */ -#undef NOEXCEPT +#undef DECAF_NOEXCEPT } /* namespace decaf */ #endif /* __DECAF_ED255_HXX__ */ diff --git a/src/GENERATED/include/decaf/ed448.h b/src/GENERATED/include/decaf/ed448.h index 7a56e92..c249762 100644 --- a/src/GENERATED/include/decaf/ed448.h +++ b/src/GENERATED/include/decaf/ed448.h @@ -51,7 +51,7 @@ extern "C" { void decaf_ed448_derive_public_key ( uint8_t pubkey[DECAF_EDDSA_448_PUBLIC_BYTES], const uint8_t privkey[DECAF_EDDSA_448_PRIVATE_BYTES] -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief EdDSA signing. @@ -79,7 +79,7 @@ void decaf_ed448_sign ( uint8_t prehashed, const uint8_t *context, uint8_t context_len -) API_VIS __attribute__((nonnull(1,2,3))) NOINLINE; +) DECAF_API_VIS __attribute__((nonnull(1,2,3))) DECAF_NOINLINE; /** * @brief EdDSA signing with prehash. @@ -103,7 +103,7 @@ void decaf_ed448_sign_prehash ( const decaf_ed448_prehash_ctx_t hash, const uint8_t *context, uint8_t context_len -) API_VIS __attribute__((nonnull(1,2,3,4))) NOINLINE; +) DECAF_API_VIS __attribute__((nonnull(1,2,3,4))) DECAF_NOINLINE; /** * @brief Prehash initialization, with contexts if supported. @@ -112,7 +112,7 @@ void decaf_ed448_sign_prehash ( */ void decaf_ed448_prehash_init ( decaf_ed448_prehash_ctx_t hash -) API_VIS __attribute__((nonnull(1))) NOINLINE; +) DECAF_API_VIS __attribute__((nonnull(1))) DECAF_NOINLINE; /** * @brief EdDSA signature verification. @@ -140,7 +140,7 @@ decaf_error_t decaf_ed448_verify ( uint8_t prehashed, const uint8_t *context, uint8_t context_len -) API_VIS __attribute__((nonnull(1,2))) NOINLINE; +) DECAF_API_VIS __attribute__((nonnull(1,2))) DECAF_NOINLINE; /** * @brief EdDSA signature verification. @@ -164,7 +164,7 @@ decaf_error_t decaf_ed448_verify_prehash ( const decaf_ed448_prehash_ctx_t hash, const uint8_t *context, uint8_t context_len -) API_VIS __attribute__((nonnull(1,2))) NOINLINE; +) DECAF_API_VIS __attribute__((nonnull(1,2))) DECAF_NOINLINE; /** * @brief EdDSA point encoding. Used internally, exposed externally. @@ -176,7 +176,7 @@ decaf_error_t decaf_ed448_verify_prehash ( void decaf_448_point_mul_by_cofactor_and_encode_like_eddsa ( uint8_t enc[DECAF_EDDSA_448_PUBLIC_BYTES], const decaf_448_point_t p -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief EdDSA point decoding. Remember that while points on the @@ -189,20 +189,23 @@ void decaf_448_point_mul_by_cofactor_and_encode_like_eddsa ( decaf_error_t decaf_448_point_decode_like_eddsa_and_ignore_cofactor ( decaf_448_point_t p, const uint8_t enc[DECAF_EDDSA_448_PUBLIC_BYTES] -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief EdDSA to ECDH public key conversion * Deserialize the point to get y on Edwards curve, * Convert it to u coordinate on Montgomery curve. * + * @warning This function does not check that the public key being converted + * is a valid EdDSA public key (FUTURE?) + * * @param[out] x The ECDH public key as in RFC7748(point on Montgomery curve) * @param[in] ed The EdDSA public key(point on Edwards curve) */ void decaf_ed448_convert_public_key_to_x448 ( uint8_t x[DECAF_X448_PUBLIC_BYTES], const uint8_t ed[DECAF_EDDSA_448_PUBLIC_BYTES] -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief EdDSA to ECDH private key conversion @@ -215,7 +218,7 @@ void decaf_ed448_convert_public_key_to_x448 ( void decaf_ed448_convert_private_key_to_x448 ( uint8_t x[DECAF_X448_PRIVATE_BYTES], const uint8_t ed[DECAF_EDDSA_448_PRIVATE_BYTES] -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; #ifdef __cplusplus } /* extern "C" */ diff --git a/src/GENERATED/include/decaf/ed448.hxx b/src/GENERATED/include/decaf/ed448.hxx index d299939..1c79887 100644 --- a/src/GENERATED/include/decaf/ed448.hxx +++ b/src/GENERATED/include/decaf/ed448.hxx @@ -32,9 +32,9 @@ /** @cond internal */ #if __cplusplus >= 201103L -#define NOEXCEPT noexcept +#define DECAF_NOEXCEPT noexcept #else -#define NOEXCEPT throw() +#define DECAF_NOEXCEPT throw() #endif /** @endcond */ @@ -91,7 +91,7 @@ public: } /** Reset this hash */ - void reset() NOEXCEPT { init(); } + void reset() DECAF_NOEXCEPT { init(); } /** Output from this hash */ SecureBuffer final() throw(std::bad_alloc) { @@ -202,38 +202,38 @@ public: /** Create but don't initialize */ - inline explicit PrivateKeyBase(const NOINIT&) NOEXCEPT : priv_((NOINIT())), pub_((NOINIT())) { } + inline explicit PrivateKeyBase(const NOINIT&) DECAF_NOEXCEPT : priv_((NOINIT())), pub_((NOINIT())) { } /** Read a private key from a string */ - inline explicit PrivateKeyBase(const FixedBlock &b) NOEXCEPT { *this = b; } + inline explicit PrivateKeyBase(const FixedBlock &b) DECAF_NOEXCEPT { *this = b; } /** Copy constructor */ - inline PrivateKeyBase(const PrivateKey &k) NOEXCEPT { *this = k; } + inline PrivateKeyBase(const PrivateKey &k) DECAF_NOEXCEPT { *this = k; } /** Create at random */ - inline explicit PrivateKeyBase(Rng &r) NOEXCEPT : priv_(r) { + inline explicit PrivateKeyBase(Rng &r) DECAF_NOEXCEPT : priv_(r) { decaf_ed448_derive_public_key(pub_.data(), priv_.data()); } /** Assignment from string */ - inline PrivateKeyBase &operator=(const FixedBlock &b) NOEXCEPT { + inline PrivateKeyBase &operator=(const FixedBlock &b) DECAF_NOEXCEPT { memcpy(priv_.data(),b.data(),b.size()); decaf_ed448_derive_public_key(pub_.data(), priv_.data()); return *this; } /** Copy assignment */ - inline PrivateKeyBase &operator=(const PrivateKey &k) NOEXCEPT { + inline PrivateKeyBase &operator=(const PrivateKey &k) DECAF_NOEXCEPT { memcpy(priv_.data(),k.priv_.data(), priv_.size()); memcpy(pub_.data(),k.pub_.data(), pub_.size()); return *this; } /** Serialization size. */ - inline size_t ser_size() const NOEXCEPT { return SER_BYTES; } + inline size_t ser_size() const DECAF_NOEXCEPT { return SER_BYTES; } /** Serialize into a buffer. */ - inline void serialize_into(unsigned char *x) const NOEXCEPT { + inline void serialize_into(unsigned char *x) const DECAF_NOEXCEPT { memcpy(x,priv_.data(), priv_.size()); } @@ -245,7 +245,7 @@ public: } /** Return the corresponding public key */ - inline MyPublicKey pub() const NOEXCEPT { + inline MyPublicKey pub() const DECAF_NOEXCEPT { MyPublicKey pub(*this); return pub; } @@ -256,11 +256,11 @@ public: template class Verification { public: /** Verify a signature, returning DECAF_FAILURE if verification fails */ - inline decaf_error_t WARN_UNUSED verify_noexcept ( + inline decaf_error_t DECAF_WARN_UNUSED verify_noexcept ( const FixedBlock &sig, const Block &message, const Block &context = NO_CONTEXT() - ) const /*NOEXCEPT*/ { + ) const /*DECAF_NOEXCEPT*/ { if (context.size() > 255) { return DECAF_FAILURE; } @@ -302,10 +302,10 @@ public: template class Verification { public: /* Verify a prehash context. */ - inline decaf_error_t WARN_UNUSED verify_prehashed_noexcept ( + inline decaf_error_t DECAF_WARN_UNUSED verify_prehashed_noexcept ( const FixedBlock &sig, const Prehash &ph - ) const /*NOEXCEPT*/ { + ) const /*DECAF_NOEXCEPT*/ { return decaf_ed448_verify_prehash ( sig.data(), ((const CRTP*)this)->pub_.data(), @@ -376,38 +376,38 @@ public: /** Create but don't initialize */ - inline explicit PublicKeyBase(const NOINIT&) NOEXCEPT : pub_((NOINIT())) { } + inline explicit PublicKeyBase(const NOINIT&) DECAF_NOEXCEPT : pub_((NOINIT())) { } /** Read a private key from a string */ - inline explicit PublicKeyBase(const FixedBlock &b) NOEXCEPT { *this = b; } + inline explicit PublicKeyBase(const FixedBlock &b) DECAF_NOEXCEPT { *this = b; } /** Copy constructor */ - inline PublicKeyBase(const PublicKeyBase &k) NOEXCEPT { *this = k; } + inline PublicKeyBase(const PublicKeyBase &k) DECAF_NOEXCEPT { *this = k; } /** Copy constructor */ - inline explicit PublicKeyBase(const MyPrivateKey &k) NOEXCEPT { *this = k; } + inline explicit PublicKeyBase(const MyPrivateKey &k) DECAF_NOEXCEPT { *this = k; } /** Assignment from string */ - inline PublicKey &operator=(const FixedBlock &b) NOEXCEPT { + inline PublicKey &operator=(const FixedBlock &b) DECAF_NOEXCEPT { memcpy(pub_.data(),b.data(),b.size()); return *this; } /** Assignment from private key */ - inline PublicKey &operator=(const PublicKey &p) NOEXCEPT { + inline PublicKey &operator=(const PublicKey &p) DECAF_NOEXCEPT { return *this = p.pub_; } /** Assignment from private key */ - inline PublicKey &operator=(const MyPrivateKey &p) NOEXCEPT { + inline PublicKey &operator=(const MyPrivateKey &p) DECAF_NOEXCEPT { return *this = p.pub_; } /** Serialization size. */ - inline size_t ser_size() const NOEXCEPT { return SER_BYTES; } + inline size_t ser_size() const DECAF_NOEXCEPT { return SER_BYTES; } /** Serialize into a buffer. */ - inline void serialize_into(unsigned char *x) const NOEXCEPT { + inline void serialize_into(unsigned char *x) const DECAF_NOEXCEPT { memcpy(x,pub_.data(), pub_.size()); } @@ -421,7 +421,7 @@ public: }; /* template<> struct EdDSA */ -#undef NOEXCEPT +#undef DECAF_NOEXCEPT } /* namespace decaf */ #endif /* __DECAF_ED448_HXX__ */ diff --git a/src/GENERATED/include/decaf/point_255.h b/src/GENERATED/include/decaf/point_255.h index 4de6c24..7e1e2d6 100644 --- a/src/GENERATED/include/decaf/point_255.h +++ b/src/GENERATED/include/decaf/point_255.h @@ -72,7 +72,7 @@ struct decaf_255_precomputed_s; typedef struct decaf_255_precomputed_s decaf_255_precomputed_s; /** Size and alignment of precomputed point tables. */ -extern const size_t decaf_255_sizeof_precomputed_s API_VIS, decaf_255_alignof_precomputed_s API_VIS; +extern const size_t decaf_255_sizeof_precomputed_s DECAF_API_VIS, decaf_255_alignof_precomputed_s DECAF_API_VIS; /** Scalar is stored packed, because we don't need the speed. */ typedef struct decaf_255_scalar_s { @@ -82,19 +82,19 @@ typedef struct decaf_255_scalar_s { } decaf_255_scalar_t[1]; /** A scalar equal to 1. */ -extern const decaf_255_scalar_t decaf_255_scalar_one API_VIS; +extern const decaf_255_scalar_t decaf_255_scalar_one DECAF_API_VIS; /** A scalar equal to 0. */ -extern const decaf_255_scalar_t decaf_255_scalar_zero API_VIS; +extern const decaf_255_scalar_t decaf_255_scalar_zero DECAF_API_VIS; /** The identity point on the curve. */ -extern const decaf_255_point_t decaf_255_point_identity API_VIS; +extern const decaf_255_point_t decaf_255_point_identity DECAF_API_VIS; /** An arbitrarily chosen base point on the curve. */ -extern const decaf_255_point_t decaf_255_point_base API_VIS; +extern const decaf_255_point_t decaf_255_point_base DECAF_API_VIS; /** Precomputed table for the base point on the curve. */ -extern const struct decaf_255_precomputed_s *decaf_255_precomputed_base API_VIS; +extern const struct decaf_255_precomputed_s *decaf_255_precomputed_base DECAF_API_VIS; /** * @brief Read a scalar from wire format or from bytes. @@ -109,7 +109,7 @@ extern const struct decaf_255_precomputed_s *decaf_255_precomputed_base API_VIS; decaf_error_t decaf_255_scalar_decode ( decaf_255_scalar_t out, const unsigned char ser[DECAF_255_SCALAR_BYTES] -) API_VIS WARN_UNUSED NONNULL NOINLINE; +) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE; /** * @brief Read a scalar from wire format or from bytes. Reduces mod @@ -123,7 +123,7 @@ void decaf_255_scalar_decode_long ( decaf_255_scalar_t out, const unsigned char *ser, size_t ser_len -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Serialize a scalar to wire format. @@ -134,7 +134,7 @@ void decaf_255_scalar_decode_long ( void decaf_255_scalar_encode ( unsigned char ser[DECAF_255_SCALAR_BYTES], const decaf_255_scalar_t s -) API_VIS NONNULL NOINLINE NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE DECAF_NOINLINE; /** * @brief Add two scalars. The scalars may use the same memory. @@ -146,7 +146,7 @@ void decaf_255_scalar_add ( decaf_255_scalar_t out, const decaf_255_scalar_t a, const decaf_255_scalar_t b -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Compare two scalars. @@ -158,7 +158,7 @@ void decaf_255_scalar_add ( decaf_bool_t decaf_255_scalar_eq ( const decaf_255_scalar_t a, const decaf_255_scalar_t b -) API_VIS WARN_UNUSED NONNULL NOINLINE; +) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE; /** * @brief Subtract two scalars. The scalars may use the same memory. @@ -170,7 +170,7 @@ void decaf_255_scalar_sub ( decaf_255_scalar_t out, const decaf_255_scalar_t a, const decaf_255_scalar_t b -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Multiply two scalars. The scalars may use the same memory. @@ -182,7 +182,7 @@ void decaf_255_scalar_mul ( decaf_255_scalar_t out, const decaf_255_scalar_t a, const decaf_255_scalar_t b -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Halve a scalar. The scalars may use the same memory. @@ -192,7 +192,7 @@ void decaf_255_scalar_mul ( void decaf_255_scalar_halve ( decaf_255_scalar_t out, const decaf_255_scalar_t a -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Invert a scalar. When passed zero, return 0. The input and output may alias. @@ -203,7 +203,7 @@ void decaf_255_scalar_halve ( decaf_error_t decaf_255_scalar_invert ( decaf_255_scalar_t out, const decaf_255_scalar_t a -) API_VIS WARN_UNUSED NONNULL NOINLINE; +) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE; /** * @brief Copy a scalar. The scalars may use the same memory, in which @@ -211,7 +211,7 @@ decaf_error_t decaf_255_scalar_invert ( * @param [in] a A scalar. * @param [out] out Will become a copy of a. */ -static inline void NONNULL decaf_255_scalar_copy ( +static inline void DECAF_NONNULL decaf_255_scalar_copy ( decaf_255_scalar_t out, const decaf_255_scalar_t a ) { @@ -226,7 +226,7 @@ static inline void NONNULL decaf_255_scalar_copy ( void decaf_255_scalar_set_unsigned ( decaf_255_scalar_t out, uint64_t a -) API_VIS NONNULL; +) DECAF_API_VIS DECAF_NONNULL; /** * @brief Encode a point as a sequence of bytes. @@ -237,7 +237,7 @@ void decaf_255_scalar_set_unsigned ( void decaf_255_point_encode ( uint8_t ser[DECAF_255_SER_BYTES], const decaf_255_point_t pt -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Decode a point from a sequence of bytes. @@ -257,7 +257,7 @@ decaf_error_t decaf_255_point_decode ( decaf_255_point_t pt, const uint8_t ser[DECAF_255_SER_BYTES], decaf_bool_t allow_identity -) API_VIS WARN_UNUSED NONNULL NOINLINE; +) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE; /** * @brief Copy a point. The input and output may alias, @@ -266,7 +266,7 @@ decaf_error_t decaf_255_point_decode ( * @param [out] a A copy of the point. * @param [in] b Any point. */ -static inline void NONNULL decaf_255_point_copy ( +static inline void DECAF_NONNULL decaf_255_point_copy ( decaf_255_point_t a, const decaf_255_point_t b ) { @@ -285,7 +285,7 @@ static inline void NONNULL decaf_255_point_copy ( decaf_bool_t decaf_255_point_eq ( const decaf_255_point_t a, const decaf_255_point_t b -) API_VIS WARN_UNUSED NONNULL NOINLINE; +) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE; /** * @brief Add two points to produce a third point. The @@ -300,7 +300,7 @@ void decaf_255_point_add ( decaf_255_point_t sum, const decaf_255_point_t a, const decaf_255_point_t b -) API_VIS NONNULL; +) DECAF_API_VIS DECAF_NONNULL; /** * @brief Double a point. Equivalent to @@ -312,7 +312,7 @@ void decaf_255_point_add ( void decaf_255_point_double ( decaf_255_point_t two_a, const decaf_255_point_t a -) API_VIS NONNULL; +) DECAF_API_VIS DECAF_NONNULL; /** * @brief Subtract two points to produce a third point. The @@ -327,7 +327,7 @@ void decaf_255_point_sub ( decaf_255_point_t diff, const decaf_255_point_t a, const decaf_255_point_t b -) API_VIS NONNULL; +) DECAF_API_VIS DECAF_NONNULL; /** * @brief Negate a point to produce another point. The input @@ -339,7 +339,7 @@ void decaf_255_point_sub ( void decaf_255_point_negate ( decaf_255_point_t nega, const decaf_255_point_t a -) API_VIS NONNULL; +) DECAF_API_VIS DECAF_NONNULL; /** * @brief Multiply a base point by a scalar: scaled = scalar*base. @@ -352,7 +352,7 @@ void decaf_255_point_scalarmul ( decaf_255_point_t scaled, const decaf_255_point_t base, const decaf_255_scalar_t scalar -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Multiply a base point by a scalar: scaled = scalar*base. @@ -377,7 +377,7 @@ decaf_error_t decaf_255_direct_scalarmul ( const decaf_255_scalar_t scalar, decaf_bool_t allow_identity, decaf_bool_t short_circuit -) API_VIS NONNULL WARN_UNUSED NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_WARN_UNUSED DECAF_NOINLINE; /** * @brief RFC 7748 Diffie-Hellman scalarmul. This function uses a different @@ -395,10 +395,10 @@ decaf_error_t decaf_x25519 ( uint8_t out[DECAF_X25519_PUBLIC_BYTES], const uint8_t base[DECAF_X25519_PUBLIC_BYTES], const uint8_t scalar[DECAF_X25519_PRIVATE_BYTES] -) API_VIS NONNULL WARN_UNUSED NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_WARN_UNUSED DECAF_NOINLINE; /** The base point for X25519 Diffie-Hellman */ -extern const uint8_t decaf_x25519_base_point[DECAF_X25519_PUBLIC_BYTES] API_VIS; +extern const uint8_t decaf_x25519_base_point[DECAF_X25519_PUBLIC_BYTES] DECAF_API_VIS; /** * @brief RFC 7748 Diffie-Hellman base point scalarmul. This function uses @@ -413,7 +413,7 @@ extern const uint8_t decaf_x25519_base_point[DECAF_X25519_PUBLIC_BYTES] API_VIS; void decaf_x25519_generate_key ( uint8_t out[DECAF_X25519_PUBLIC_BYTES], const uint8_t scalar[DECAF_X25519_PRIVATE_BYTES] -) API_VIS NONNULL NOINLINE DEPRECATED("Renamed to decaf_x25519_derive_public_key"); +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE DECAF_DEPRECATED("Renamed to decaf_x25519_derive_public_key"); /** * @brief RFC 7748 Diffie-Hellman base point scalarmul. This function uses @@ -428,7 +428,7 @@ void decaf_x25519_generate_key ( void decaf_x25519_derive_public_key ( uint8_t out[DECAF_X25519_PUBLIC_BYTES], const uint8_t scalar[DECAF_X25519_PRIVATE_BYTES] -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /* FUTURE: uint8_t decaf_255_encode_like_curve25519) */ @@ -444,7 +444,7 @@ void decaf_x25519_derive_public_key ( void decaf_255_precompute ( decaf_255_precomputed_s *a, const decaf_255_point_t b -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Multiply a precomputed base point by a scalar: @@ -461,7 +461,7 @@ void decaf_255_precomputed_scalarmul ( decaf_255_point_t scaled, const decaf_255_precomputed_s *base, const decaf_255_scalar_t scalar -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Multiply two base points by two scalars: @@ -482,7 +482,7 @@ void decaf_255_point_double_scalarmul ( const decaf_255_scalar_t scalar1, const decaf_255_point_t base2, const decaf_255_scalar_t scalar2 -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * Multiply one base point by two scalars: @@ -505,7 +505,7 @@ void decaf_255_point_dual_scalarmul ( const decaf_255_point_t base1, const decaf_255_scalar_t scalar1, const decaf_255_scalar_t scalar2 -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Multiply two base points by two scalars: @@ -527,7 +527,7 @@ void decaf_255_base_double_scalarmul_non_secret ( const decaf_255_scalar_t scalar1, const decaf_255_point_t base2, const decaf_255_scalar_t scalar2 -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Constant-time decision between two points. If pick_b @@ -543,7 +543,7 @@ void decaf_255_point_cond_sel ( const decaf_255_point_t a, const decaf_255_point_t b, decaf_word_t pick_b -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Constant-time decision between two scalars. If pick_b @@ -559,7 +559,7 @@ void decaf_255_scalar_cond_sel ( const decaf_255_scalar_t a, const decaf_255_scalar_t b, decaf_word_t pick_b -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Test that a point is valid, for debugging purposes. @@ -570,7 +570,7 @@ void decaf_255_scalar_cond_sel ( */ decaf_bool_t decaf_255_point_valid ( const decaf_255_point_t to_test -) API_VIS WARN_UNUSED NONNULL NOINLINE; +) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE; /** * @brief Torque a point, for debugging purposes. The output @@ -582,7 +582,7 @@ decaf_bool_t decaf_255_point_valid ( void decaf_255_point_debugging_torque ( decaf_255_point_t q, const decaf_255_point_t p -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Projectively scale a point, for debugging purposes. @@ -597,7 +597,7 @@ void decaf_255_point_debugging_pscale ( decaf_255_point_t q, const decaf_255_point_t p, const unsigned char factor[DECAF_255_SER_BYTES] -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Almost-Elligator-like hash to curve. @@ -631,7 +631,7 @@ void decaf_255_point_from_hash_nonuniform ( decaf_255_point_t pt, const unsigned char hashed_data[DECAF_255_HASH_BYTES] -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Indifferentiable hash function encoding to curve. @@ -644,7 +644,7 @@ decaf_255_point_from_hash_nonuniform ( void decaf_255_point_from_hash_uniform ( decaf_255_point_t pt, const unsigned char hashed_data[2*DECAF_255_HASH_BYTES] -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Inverse of elligator-like hash to curve. @@ -669,7 +669,7 @@ decaf_255_invert_elligator_nonuniform ( unsigned char recovered_hash[DECAF_255_HASH_BYTES], const decaf_255_point_t pt, uint32_t which -) API_VIS NONNULL NOINLINE WARN_UNUSED; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE DECAF_WARN_UNUSED; /** * @brief Inverse of elligator-like hash to curve. @@ -694,28 +694,28 @@ decaf_255_invert_elligator_uniform ( unsigned char recovered_hash[2*DECAF_255_HASH_BYTES], const decaf_255_point_t pt, uint32_t which -) API_VIS NONNULL NOINLINE WARN_UNUSED; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE DECAF_WARN_UNUSED; /** * @brief Overwrite scalar with zeros. */ void decaf_255_scalar_destroy ( decaf_255_scalar_t scalar -) NONNULL API_VIS; +) DECAF_NONNULL DECAF_API_VIS; /** * @brief Overwrite point with zeros. */ void decaf_255_point_destroy ( decaf_255_point_t point -) NONNULL API_VIS; +) DECAF_NONNULL DECAF_API_VIS; /** * @brief Overwrite precomputed table with zeros. */ void decaf_255_precomputed_destroy ( decaf_255_precomputed_s *pre -) NONNULL API_VIS; +) DECAF_NONNULL DECAF_API_VIS; #ifdef __cplusplus } /* extern "C" */ diff --git a/src/GENERATED/include/decaf/point_255.hxx b/src/GENERATED/include/decaf/point_255.hxx index 7abf046..dd8ab3a 100644 --- a/src/GENERATED/include/decaf/point_255.hxx +++ b/src/GENERATED/include/decaf/point_255.hxx @@ -42,9 +42,9 @@ /** @cond internal */ #if __cplusplus >= 201103L -#define NOEXCEPT noexcept +#define DECAF_NOEXCEPT noexcept #else -#define NOEXCEPT throw() +#define DECAF_NOEXCEPT throw() #endif /** @endcond */ @@ -86,53 +86,53 @@ public: /** @cond internal */ /** Don't initialize. */ - inline Scalar(const NOINIT &) NOEXCEPT {} + inline Scalar(const NOINIT &) DECAF_NOEXCEPT {} /** @endcond */ /** Set to an unsigned word */ - inline Scalar(uint64_t w) NOEXCEPT { *this = w; } + inline Scalar(uint64_t w) DECAF_NOEXCEPT { *this = w; } /** Set to a signed word */ - inline Scalar(int64_t w) NOEXCEPT { *this = w; } + inline Scalar(int64_t w) DECAF_NOEXCEPT { *this = w; } /** Set to an unsigned word */ - inline Scalar(unsigned int w) NOEXCEPT { *this = w; } + inline Scalar(unsigned int w) DECAF_NOEXCEPT { *this = w; } /** Set to a signed word */ - inline Scalar(int w) NOEXCEPT { *this = w; } + inline Scalar(int w) DECAF_NOEXCEPT { *this = w; } /** Construct from RNG */ - inline explicit Scalar(Rng &rng) NOEXCEPT { + inline explicit Scalar(Rng &rng) DECAF_NOEXCEPT { FixedArrayBuffer sb(rng); *this = sb; } /** Construct from decaf_scalar_t object. */ - inline Scalar(const Wrapped &t = decaf_255_scalar_zero) NOEXCEPT { decaf_255_scalar_copy(s,t); } + inline Scalar(const Wrapped &t = decaf_255_scalar_zero) DECAF_NOEXCEPT { decaf_255_scalar_copy(s,t); } /** Copy constructor. */ - inline Scalar(const Scalar &x) NOEXCEPT { *this = x; } + inline Scalar(const Scalar &x) DECAF_NOEXCEPT { *this = x; } /** Construct from arbitrary-length little-endian byte sequence. */ - inline Scalar(const Block &buffer) NOEXCEPT { *this = buffer; } + inline Scalar(const Block &buffer) DECAF_NOEXCEPT { *this = buffer; } /** Serializable instance */ - inline size_t ser_size() const NOEXCEPT { return SER_BYTES; } + inline size_t ser_size() const DECAF_NOEXCEPT { return SER_BYTES; } /** Serializable instance */ - inline void serialize_into(unsigned char *buffer) const NOEXCEPT { + inline void serialize_into(unsigned char *buffer) const DECAF_NOEXCEPT { decaf_255_scalar_encode(buffer, s); } /** Assignment. */ - inline Scalar& operator=(const Scalar &x) NOEXCEPT { decaf_255_scalar_copy(s,x.s); return *this; } + inline Scalar& operator=(const Scalar &x) DECAF_NOEXCEPT { decaf_255_scalar_copy(s,x.s); return *this; } /** Assign from unsigned 64-bit integer. */ - inline Scalar& operator=(uint64_t w) NOEXCEPT { decaf_255_scalar_set_unsigned(s,w); return *this; } + inline Scalar& operator=(uint64_t w) DECAF_NOEXCEPT { decaf_255_scalar_set_unsigned(s,w); return *this; } /** Assign from signed int. */ - inline Scalar& operator=(int64_t w) NOEXCEPT { + inline Scalar& operator=(int64_t w) DECAF_NOEXCEPT { Scalar t(-(uint64_t)INT_MIN); decaf_255_scalar_set_unsigned(s,(uint64_t)w - (uint64_t)INT_MIN); *this -= t; @@ -140,16 +140,16 @@ public: } /** Assign from unsigned int. */ - inline Scalar& operator=(unsigned int w) NOEXCEPT { return *this = (uint64_t)w; } + inline Scalar& operator=(unsigned int w) DECAF_NOEXCEPT { return *this = (uint64_t)w; } /** Assign from signed int. */ - inline Scalar& operator=(int w) NOEXCEPT { return *this = (int64_t)w; } + inline Scalar& operator=(int w) DECAF_NOEXCEPT { return *this = (int64_t)w; } /** Destructor securely zeorizes the scalar. */ - inline ~Scalar() NOEXCEPT { decaf_255_scalar_destroy(s); } + inline ~Scalar() DECAF_NOEXCEPT { decaf_255_scalar_destroy(s); } /** Assign from arbitrary-length little-endian byte sequence in a Block. */ - inline Scalar &operator=(const Block &bl) NOEXCEPT { + inline Scalar &operator=(const Block &bl) DECAF_NOEXCEPT { decaf_255_scalar_decode_long(s,bl.data(),bl.size()); return *this; } @@ -157,32 +157,32 @@ public: * Decode from correct-length little-endian byte sequence. * @return DECAF_FAILURE if the scalar is greater than or equal to the group order q. */ - static inline decaf_error_t WARN_UNUSED decode ( + static inline decaf_error_t DECAF_WARN_UNUSED decode ( Scalar &sc, const FixedBlock buffer - ) NOEXCEPT { + ) DECAF_NOEXCEPT { return decaf_255_scalar_decode(sc.s,buffer.data()); } /** Add. */ - inline Scalar operator+ (const Scalar &q) const NOEXCEPT { Scalar r((NOINIT())); decaf_255_scalar_add(r.s,s,q.s); return r; } + inline Scalar operator+ (const Scalar &q) const DECAF_NOEXCEPT { Scalar r((NOINIT())); decaf_255_scalar_add(r.s,s,q.s); return r; } /** Add to this. */ - inline Scalar &operator+=(const Scalar &q) NOEXCEPT { decaf_255_scalar_add(s,s,q.s); return *this; } + inline Scalar &operator+=(const Scalar &q) DECAF_NOEXCEPT { decaf_255_scalar_add(s,s,q.s); return *this; } /** Subtract. */ - inline Scalar operator- (const Scalar &q) const NOEXCEPT { Scalar r((NOINIT())); decaf_255_scalar_sub(r.s,s,q.s); return r; } + inline Scalar operator- (const Scalar &q) const DECAF_NOEXCEPT { Scalar r((NOINIT())); decaf_255_scalar_sub(r.s,s,q.s); return r; } /** Subtract from this. */ - inline Scalar &operator-=(const Scalar &q) NOEXCEPT { decaf_255_scalar_sub(s,s,q.s); return *this; } + inline Scalar &operator-=(const Scalar &q) DECAF_NOEXCEPT { decaf_255_scalar_sub(s,s,q.s); return *this; } /** Multiply */ - inline Scalar operator* (const Scalar &q) const NOEXCEPT { Scalar r((NOINIT())); decaf_255_scalar_mul(r.s,s,q.s); return r; } + inline Scalar operator* (const Scalar &q) const DECAF_NOEXCEPT { Scalar r((NOINIT())); decaf_255_scalar_mul(r.s,s,q.s); return r; } /** Multiply into this. */ - inline Scalar &operator*=(const Scalar &q) NOEXCEPT { decaf_255_scalar_mul(s,s,q.s); return *this; } + inline Scalar &operator*=(const Scalar &q) DECAF_NOEXCEPT { decaf_255_scalar_mul(s,s,q.s); return *this; } /** Negate */ - inline Scalar operator- () const NOEXCEPT { Scalar r((NOINIT())); decaf_255_scalar_sub(r.s,decaf_255_scalar_zero,s); return r; } + inline Scalar operator- () const DECAF_NOEXCEPT { Scalar r((NOINIT())); decaf_255_scalar_sub(r.s,decaf_255_scalar_zero,s); return r; } /** Invert with Fermat's Little Theorem (slow!). If *this == 0, * throw CryptoException. */ @@ -196,8 +196,8 @@ public: /** Invert with Fermat's Little Theorem (slow!). If *this == 0, set r=0 * and return DECAF_FAILURE. */ - inline decaf_error_t WARN_UNUSED - inverse_noexcept(Scalar &r) const NOEXCEPT { + inline decaf_error_t DECAF_WARN_UNUSED + inverse_noexcept(Scalar &r) const DECAF_NOEXCEPT { return decaf_255_scalar_invert(r.s,s); } @@ -211,16 +211,16 @@ public: inline Scalar half() const { Scalar out; decaf_255_scalar_halve(out.s,s); return out; } /** Compare in constant time */ - inline bool operator!=(const Scalar &q) const NOEXCEPT { return !(*this == q); } + inline bool operator!=(const Scalar &q) const DECAF_NOEXCEPT { return !(*this == q); } /** Compare in constant time */ - inline bool operator==(const Scalar &q) const NOEXCEPT { return !!decaf_255_scalar_eq(s,q.s); } + inline bool operator==(const Scalar &q) const DECAF_NOEXCEPT { return !!decaf_255_scalar_eq(s,q.s); } /** Scalarmul with scalar on left. */ - inline Point operator* (const Point &q) const NOEXCEPT { return q * (*this); } + inline Point operator* (const Point &q) const DECAF_NOEXCEPT { return q * (*this); } /** Scalarmul-precomputed with scalar on left. */ - inline Point operator* (const Precomputed &q) const NOEXCEPT { return q * (*this); } + inline Point operator* (const Precomputed &q) const DECAF_NOEXCEPT { return q * (*this); } /** Direct scalar multiplication. */ inline SecureBuffer direct_scalarmul( @@ -266,23 +266,23 @@ public: /** @cond internal */ /** Don't initialize. */ - inline Point(const NOINIT &) NOEXCEPT {} + inline Point(const NOINIT &) DECAF_NOEXCEPT {} /** @endcond */ /** Constructor sets to identity by default. */ - inline Point(const Wrapped &q = decaf_255_point_identity) NOEXCEPT { decaf_255_point_copy(p,q); } + inline Point(const Wrapped &q = decaf_255_point_identity) DECAF_NOEXCEPT { decaf_255_point_copy(p,q); } /** Copy constructor. */ - inline Point(const Point &q) NOEXCEPT { *this = q; } + inline Point(const Point &q) DECAF_NOEXCEPT { *this = q; } /** Assignment. */ - inline Point& operator=(const Point &q) NOEXCEPT { decaf_255_point_copy(p,q.p); return *this; } + inline Point& operator=(const Point &q) DECAF_NOEXCEPT { decaf_255_point_copy(p,q.p); return *this; } /** Destructor securely zeorizes the point. */ - inline ~Point() NOEXCEPT { decaf_255_point_destroy(p); } + inline ~Point() DECAF_NOEXCEPT { decaf_255_point_destroy(p); } /** Construct from RNG */ - inline explicit Point(Rng &rng, bool uniform = true) NOEXCEPT { + inline explicit Point(Rng &rng, bool uniform = true) DECAF_NOEXCEPT { if (uniform) { FixedArrayBuffer<2*HASH_BYTES> b(rng); set_to_hash(b); @@ -314,9 +314,9 @@ public: * @return DECAF_FAILURE the string was the wrong length, or wasn't the encoding of a point, * or was the identity and allow_identity was DECAF_FALSE. Contents of the buffer are undefined. */ - inline decaf_error_t WARN_UNUSED decode ( + inline decaf_error_t DECAF_WARN_UNUSED decode ( const FixedBlock &buffer, decaf_bool_t allow_identity=DECAF_TRUE - ) NOEXCEPT { + ) DECAF_NOEXCEPT { return decaf_255_point_decode(p,buffer.data(),allow_identity); } @@ -328,9 +328,9 @@ public: * @return DECAF_FAILURE the string was the wrong length, or wasn't the encoding of a point. * Contents of the point are undefined. */ - inline decaf_error_t WARN_UNUSED decode_like_eddsa_and_ignore_cofactor_noexcept ( + inline decaf_error_t DECAF_WARN_UNUSED decode_like_eddsa_and_ignore_cofactor_noexcept ( const FixedBlock &buffer - ) NOEXCEPT { + ) DECAF_NOEXCEPT { return decaf_255_point_decode_like_eddsa_and_ignore_cofactor(p,buffer.data()); } @@ -353,7 +353,7 @@ public: * If the buffer is shorter than 2*HASH_BYTES, well, it won't be as uniform, * but the buffer will be zero-padded on the right. */ - static inline Point from_hash ( const Block &s ) NOEXCEPT { + static inline Point from_hash ( const Block &s ) DECAF_NOEXCEPT { Point p((NOINIT())); p.set_to_hash(s); return p; } @@ -363,7 +363,7 @@ public: * If the buffer is shorter than 2*HASH_BYTES, well, it won't be as uniform, * but the buffer will be zero-padded on the right. */ - inline void set_to_hash( const Block &s ) NOEXCEPT { + inline void set_to_hash( const Block &s ) DECAF_NOEXCEPT { if (s.size() < HASH_BYTES) { SecureBuffer b(HASH_BYTES); memcpy(b.data(), s.data(), s.size()); @@ -389,45 +389,45 @@ public: } /** Serializable instance */ - inline size_t ser_size() const NOEXCEPT { return SER_BYTES; } + inline size_t ser_size() const DECAF_NOEXCEPT { return SER_BYTES; } /** Serializable instance */ - inline void serialize_into(unsigned char *buffer) const NOEXCEPT { + inline void serialize_into(unsigned char *buffer) const DECAF_NOEXCEPT { decaf_255_point_encode(buffer, p); } /** Point add. */ - inline Point operator+ (const Point &q) const NOEXCEPT { Point r((NOINIT())); decaf_255_point_add(r.p,p,q.p); return r; } + inline Point operator+ (const Point &q) const DECAF_NOEXCEPT { Point r((NOINIT())); decaf_255_point_add(r.p,p,q.p); return r; } /** Point add. */ - inline Point &operator+=(const Point &q) NOEXCEPT { decaf_255_point_add(p,p,q.p); return *this; } + inline Point &operator+=(const Point &q) DECAF_NOEXCEPT { decaf_255_point_add(p,p,q.p); return *this; } /** Point subtract. */ - inline Point operator- (const Point &q) const NOEXCEPT { Point r((NOINIT())); decaf_255_point_sub(r.p,p,q.p); return r; } + inline Point operator- (const Point &q) const DECAF_NOEXCEPT { Point r((NOINIT())); decaf_255_point_sub(r.p,p,q.p); return r; } /** Point subtract. */ - inline Point &operator-=(const Point &q) NOEXCEPT { decaf_255_point_sub(p,p,q.p); return *this; } + inline Point &operator-=(const Point &q) DECAF_NOEXCEPT { decaf_255_point_sub(p,p,q.p); return *this; } /** Point negate. */ - inline Point operator- () const NOEXCEPT { Point r((NOINIT())); decaf_255_point_negate(r.p,p); return r; } + inline Point operator- () const DECAF_NOEXCEPT { Point r((NOINIT())); decaf_255_point_negate(r.p,p); return r; } /** Double the point out of place. */ - inline Point times_two () const NOEXCEPT { Point r((NOINIT())); decaf_255_point_double(r.p,p); return r; } + inline Point times_two () const DECAF_NOEXCEPT { Point r((NOINIT())); decaf_255_point_double(r.p,p); return r; } /** Double the point in place. */ - inline Point &double_in_place() NOEXCEPT { decaf_255_point_double(p,p); return *this; } + inline Point &double_in_place() DECAF_NOEXCEPT { decaf_255_point_double(p,p); return *this; } /** Constant-time compare. */ - inline bool operator!=(const Point &q) const NOEXCEPT { return ! decaf_255_point_eq(p,q.p); } + inline bool operator!=(const Point &q) const DECAF_NOEXCEPT { return ! decaf_255_point_eq(p,q.p); } /** Constant-time compare. */ - inline bool operator==(const Point &q) const NOEXCEPT { return !!decaf_255_point_eq(p,q.p); } + inline bool operator==(const Point &q) const DECAF_NOEXCEPT { return !!decaf_255_point_eq(p,q.p); } /** Scalar multiply. */ - inline Point operator* (const Scalar &s) const NOEXCEPT { Point r((NOINIT())); decaf_255_point_scalarmul(r.p,p,s.s); return r; } + inline Point operator* (const Scalar &s) const DECAF_NOEXCEPT { Point r((NOINIT())); decaf_255_point_scalarmul(r.p,p,s.s); return r; } /** Scalar multiply in place. */ - inline Point &operator*=(const Scalar &s) NOEXCEPT { decaf_255_point_scalarmul(p,p,s.s); return *this; } + inline Point &operator*=(const Scalar &s) DECAF_NOEXCEPT { decaf_255_point_scalarmul(p,p,s.s); return *this; } /** Multiply by s.inverse(). If s=0, maps to the identity. */ inline Point operator/ (const Scalar &s) const throw(CryptoException) { return (*this) * s.inverse(); } @@ -436,19 +436,19 @@ public: inline Point &operator/=(const Scalar &s) throw(CryptoException) { return (*this) *= s.inverse(); } /** Validate / sanity check */ - inline bool validate() const NOEXCEPT { return decaf_255_point_valid(p); } + inline bool validate() const DECAF_NOEXCEPT { return decaf_255_point_valid(p); } /** Double-scalar multiply, equivalent to q*qs + r*rs but faster. */ static inline Point double_scalarmul ( const Point &q, const Scalar &qs, const Point &r, const Scalar &rs - ) NOEXCEPT { + ) DECAF_NOEXCEPT { Point p((NOINIT())); decaf_255_point_double_scalarmul(p.p,q.p,qs.s,r.p,rs.s); return p; } /** Dual-scalar multiply, equivalent to this*r1, this*r2 but faster. */ inline void dual_scalarmul ( Point &q1, Point &q2, const Scalar &r1, const Scalar &r2 - ) const NOEXCEPT { + ) const DECAF_NOEXCEPT { decaf_255_point_dual_scalarmul(q1.p,q2.p,p,r1.s,r2.s); } @@ -458,7 +458,7 @@ public: */ static inline Point double_scalarmul ( const Scalar &qs, const Point &q, const Scalar &rs, const Point &r - ) NOEXCEPT { + ) DECAF_NOEXCEPT { return double_scalarmul(q,qs,r,rs); } @@ -467,26 +467,26 @@ public: * @warning This function takes variable time, and may leak the scalars (or points, but currently * it doesn't). */ - inline Point non_secret_combo_with_base(const Scalar &s, const Scalar &s_base) NOEXCEPT { + inline Point non_secret_combo_with_base(const Scalar &s, const Scalar &s_base) DECAF_NOEXCEPT { Point r((NOINIT())); decaf_255_base_double_scalarmul_non_secret(r.p,s_base.s,p,s.s); return r; } /** Return a point equal to *this, whose internal data is rotated by a torsion element. */ - inline Point debugging_torque() const NOEXCEPT { + inline Point debugging_torque() const DECAF_NOEXCEPT { Point q; decaf_255_point_debugging_torque(q.p,p); return q; } /** Return a point equal to *this, whose internal data has a modified representation. */ - inline Point debugging_pscale(const FixedBlock factor) const NOEXCEPT { + inline Point debugging_pscale(const FixedBlock factor) const DECAF_NOEXCEPT { Point q; decaf_255_point_debugging_pscale(q.p,p,factor.data()); return q; } /** Return a point equal to *this, whose internal data has a randomized representation. */ - inline Point debugging_pscale(Rng &r) const NOEXCEPT { + inline Point debugging_pscale(Rng &r) const DECAF_NOEXCEPT { FixedArrayBuffer sb(r); return debugging_pscale(sb); } @@ -497,7 +497,7 @@ public: */ inline decaf_error_t invert_elligator ( Buffer buf, uint32_t hint - ) const NOEXCEPT { + ) const DECAF_NOEXCEPT { unsigned char buf2[2*HASH_BYTES]; memset(buf2,0,sizeof(buf2)); memcpy(buf2,buf.data(),(buf.size() > 2*HASH_BYTES) ? 2*HASH_BYTES : buf.size()); @@ -532,10 +532,10 @@ public: } /** Return the base point */ - static inline const Point base() NOEXCEPT { return Point(decaf_255_point_base); } + static inline const Point base() DECAF_NOEXCEPT { return Point(decaf_255_point_base); } /** Return the identity point */ - static inline const Point identity() NOEXCEPT { return Point(decaf_255_point_identity); } + static inline const Point identity() DECAF_NOEXCEPT { return Point(decaf_255_point_identity); } }; /** @@ -556,7 +556,7 @@ class Precomputed public: /** Destructor securely zeorizes the memory. */ - inline ~Precomputed() NOEXCEPT { clear(); } + inline ~Precomputed() DECAF_NOEXCEPT { clear(); } /** * Initialize from underlying type, declared as a reference to prevent @@ -571,23 +571,23 @@ public: */ inline Precomputed ( const Precomputed_U &yours = *default_value() - ) NOEXCEPT : OwnedOrUnowned(yours) {} + ) DECAF_NOEXCEPT : OwnedOrUnowned(yours) {} #if __cplusplus >= 201103L /** Move-assign operator */ - inline Precomputed &operator=(Precomputed &&it) NOEXCEPT { + inline Precomputed &operator=(Precomputed &&it) DECAF_NOEXCEPT { OwnedOrUnowned::operator= (it); return *this; } /** Move constructor */ - inline Precomputed(Precomputed &&it) NOEXCEPT : OwnedOrUnowned() { + inline Precomputed(Precomputed &&it) DECAF_NOEXCEPT : OwnedOrUnowned() { *this = it; } /** Undelete copy operator */ - inline Precomputed &operator=(const Precomputed &it) NOEXCEPT { + inline Precomputed &operator=(const Precomputed &it) DECAF_NOEXCEPT { OwnedOrUnowned::operator= (it); return *this; } @@ -615,20 +615,20 @@ public: : OwnedOrUnowned() { *this = it; } /** Fixed base scalarmul. */ - inline Point operator* (const Scalar &s) const NOEXCEPT { Point r; decaf_255_precomputed_scalarmul(r.p,get(),s.s); return r; } + inline Point operator* (const Scalar &s) const DECAF_NOEXCEPT { Point r; decaf_255_precomputed_scalarmul(r.p,get(),s.s); return r; } /** Multiply by s.inverse(). If s=0, maps to the identity. */ inline Point operator/ (const Scalar &s) const throw(CryptoException) { return (*this) * s.inverse(); } /** Return the table for the base point. */ - static inline const Precomputed base() NOEXCEPT { return Precomputed(); } + static inline const Precomputed base() DECAF_NOEXCEPT { return Precomputed(); } public: /** @cond internal */ friend class OwnedOrUnowned; - static inline size_t size() NOEXCEPT { return decaf_255_sizeof_precomputed_s; } - static inline size_t alignment() NOEXCEPT { return decaf_255_alignof_precomputed_s; } - static inline const Precomputed_U * default_value() NOEXCEPT { return decaf_255_precomputed_base; } + static inline size_t size() DECAF_NOEXCEPT { return decaf_255_sizeof_precomputed_s; } + static inline size_t alignment() DECAF_NOEXCEPT { return decaf_255_alignof_precomputed_s; } + static inline const Precomputed_U * default_value() DECAF_NOEXCEPT { return decaf_255_precomputed_base; } /** @endcond */ }; @@ -641,7 +641,7 @@ public: static const size_t PRIVATE_BYTES = DECAF_X25519_PRIVATE_BYTES; /** Base point for a scalar multiplication. */ - static const FixedBlock base_point() NOEXCEPT { + static const FixedBlock base_point() DECAF_NOEXCEPT { return FixedBlock(decaf_x25519_base_point); } @@ -658,12 +658,12 @@ public: } /** Calculate and write into out a shared secret with public key, noexcept version. */ - static inline decaf_error_t WARN_UNUSED + static inline decaf_error_t DECAF_WARN_UNUSED shared_secret_noexcept ( FixedBuffer &out, const FixedBlock &pk, const FixedBlock &scalar - ) NOEXCEPT { + ) DECAF_NOEXCEPT { return decaf_x25519(out.data(), pk.data(), scalar.data()); } @@ -671,7 +671,7 @@ public: * but possibly faster. * @deprecated Renamed to derive_public_key. */ - static inline SecureBuffer DEPRECATED("Renamed to derive_public_key") + static inline SecureBuffer DECAF_DEPRECATED("Renamed to derive_public_key") generate_key( const FixedBlock &scalar ) throw(std::bad_alloc) { @@ -698,7 +698,7 @@ public: derive_public_key_noexcept ( FixedBuffer &out, const FixedBlock &scalar - ) NOEXCEPT { + ) DECAF_NOEXCEPT { decaf_x25519_derive_public_key(out.data(), scalar.data()); } @@ -706,11 +706,11 @@ public: * equivalent to shared_secret(base_point(),scalar) but possibly faster. * @deprecated Renamed to derive_public_key_noexcept. */ - static inline void DEPRECATED("Renamed to derive_public_key_noexcept") + static inline void DECAF_DEPRECATED("Renamed to derive_public_key_noexcept") generate_key_noexcept ( FixedBuffer &out, const FixedBlock &scalar - ) NOEXCEPT { + ) DECAF_NOEXCEPT { decaf_x25519_derive_public_key(out.data(), scalar.data()); } }; @@ -733,7 +733,7 @@ inline SecureBuffer IsoEd25519::Scalar::direct_scalarmul ( } /** @endcond */ -#undef NOEXCEPT +#undef DECAF_NOEXCEPT } /* namespace decaf */ #endif /* __DECAF_POINT_255_HXX__ */ diff --git a/src/GENERATED/include/decaf/point_448.h b/src/GENERATED/include/decaf/point_448.h index cf488e8..a291e58 100644 --- a/src/GENERATED/include/decaf/point_448.h +++ b/src/GENERATED/include/decaf/point_448.h @@ -72,7 +72,7 @@ struct decaf_448_precomputed_s; typedef struct decaf_448_precomputed_s decaf_448_precomputed_s; /** Size and alignment of precomputed point tables. */ -extern const size_t decaf_448_sizeof_precomputed_s API_VIS, decaf_448_alignof_precomputed_s API_VIS; +extern const size_t decaf_448_sizeof_precomputed_s DECAF_API_VIS, decaf_448_alignof_precomputed_s DECAF_API_VIS; /** Scalar is stored packed, because we don't need the speed. */ typedef struct decaf_448_scalar_s { @@ -82,19 +82,19 @@ typedef struct decaf_448_scalar_s { } decaf_448_scalar_t[1]; /** A scalar equal to 1. */ -extern const decaf_448_scalar_t decaf_448_scalar_one API_VIS; +extern const decaf_448_scalar_t decaf_448_scalar_one DECAF_API_VIS; /** A scalar equal to 0. */ -extern const decaf_448_scalar_t decaf_448_scalar_zero API_VIS; +extern const decaf_448_scalar_t decaf_448_scalar_zero DECAF_API_VIS; /** The identity point on the curve. */ -extern const decaf_448_point_t decaf_448_point_identity API_VIS; +extern const decaf_448_point_t decaf_448_point_identity DECAF_API_VIS; /** An arbitrarily chosen base point on the curve. */ -extern const decaf_448_point_t decaf_448_point_base API_VIS; +extern const decaf_448_point_t decaf_448_point_base DECAF_API_VIS; /** Precomputed table for the base point on the curve. */ -extern const struct decaf_448_precomputed_s *decaf_448_precomputed_base API_VIS; +extern const struct decaf_448_precomputed_s *decaf_448_precomputed_base DECAF_API_VIS; /** * @brief Read a scalar from wire format or from bytes. @@ -109,7 +109,7 @@ extern const struct decaf_448_precomputed_s *decaf_448_precomputed_base API_VIS; decaf_error_t decaf_448_scalar_decode ( decaf_448_scalar_t out, const unsigned char ser[DECAF_448_SCALAR_BYTES] -) API_VIS WARN_UNUSED NONNULL NOINLINE; +) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE; /** * @brief Read a scalar from wire format or from bytes. Reduces mod @@ -123,7 +123,7 @@ void decaf_448_scalar_decode_long ( decaf_448_scalar_t out, const unsigned char *ser, size_t ser_len -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Serialize a scalar to wire format. @@ -134,7 +134,7 @@ void decaf_448_scalar_decode_long ( void decaf_448_scalar_encode ( unsigned char ser[DECAF_448_SCALAR_BYTES], const decaf_448_scalar_t s -) API_VIS NONNULL NOINLINE NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE DECAF_NOINLINE; /** * @brief Add two scalars. The scalars may use the same memory. @@ -146,7 +146,7 @@ void decaf_448_scalar_add ( decaf_448_scalar_t out, const decaf_448_scalar_t a, const decaf_448_scalar_t b -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Compare two scalars. @@ -158,7 +158,7 @@ void decaf_448_scalar_add ( decaf_bool_t decaf_448_scalar_eq ( const decaf_448_scalar_t a, const decaf_448_scalar_t b -) API_VIS WARN_UNUSED NONNULL NOINLINE; +) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE; /** * @brief Subtract two scalars. The scalars may use the same memory. @@ -170,7 +170,7 @@ void decaf_448_scalar_sub ( decaf_448_scalar_t out, const decaf_448_scalar_t a, const decaf_448_scalar_t b -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Multiply two scalars. The scalars may use the same memory. @@ -182,7 +182,7 @@ void decaf_448_scalar_mul ( decaf_448_scalar_t out, const decaf_448_scalar_t a, const decaf_448_scalar_t b -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Halve a scalar. The scalars may use the same memory. @@ -192,7 +192,7 @@ void decaf_448_scalar_mul ( void decaf_448_scalar_halve ( decaf_448_scalar_t out, const decaf_448_scalar_t a -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Invert a scalar. When passed zero, return 0. The input and output may alias. @@ -203,7 +203,7 @@ void decaf_448_scalar_halve ( decaf_error_t decaf_448_scalar_invert ( decaf_448_scalar_t out, const decaf_448_scalar_t a -) API_VIS WARN_UNUSED NONNULL NOINLINE; +) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE; /** * @brief Copy a scalar. The scalars may use the same memory, in which @@ -211,7 +211,7 @@ decaf_error_t decaf_448_scalar_invert ( * @param [in] a A scalar. * @param [out] out Will become a copy of a. */ -static inline void NONNULL decaf_448_scalar_copy ( +static inline void DECAF_NONNULL decaf_448_scalar_copy ( decaf_448_scalar_t out, const decaf_448_scalar_t a ) { @@ -226,7 +226,7 @@ static inline void NONNULL decaf_448_scalar_copy ( void decaf_448_scalar_set_unsigned ( decaf_448_scalar_t out, uint64_t a -) API_VIS NONNULL; +) DECAF_API_VIS DECAF_NONNULL; /** * @brief Encode a point as a sequence of bytes. @@ -237,7 +237,7 @@ void decaf_448_scalar_set_unsigned ( void decaf_448_point_encode ( uint8_t ser[DECAF_448_SER_BYTES], const decaf_448_point_t pt -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Decode a point from a sequence of bytes. @@ -257,7 +257,7 @@ decaf_error_t decaf_448_point_decode ( decaf_448_point_t pt, const uint8_t ser[DECAF_448_SER_BYTES], decaf_bool_t allow_identity -) API_VIS WARN_UNUSED NONNULL NOINLINE; +) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE; /** * @brief Copy a point. The input and output may alias, @@ -266,7 +266,7 @@ decaf_error_t decaf_448_point_decode ( * @param [out] a A copy of the point. * @param [in] b Any point. */ -static inline void NONNULL decaf_448_point_copy ( +static inline void DECAF_NONNULL decaf_448_point_copy ( decaf_448_point_t a, const decaf_448_point_t b ) { @@ -285,7 +285,7 @@ static inline void NONNULL decaf_448_point_copy ( decaf_bool_t decaf_448_point_eq ( const decaf_448_point_t a, const decaf_448_point_t b -) API_VIS WARN_UNUSED NONNULL NOINLINE; +) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE; /** * @brief Add two points to produce a third point. The @@ -300,7 +300,7 @@ void decaf_448_point_add ( decaf_448_point_t sum, const decaf_448_point_t a, const decaf_448_point_t b -) API_VIS NONNULL; +) DECAF_API_VIS DECAF_NONNULL; /** * @brief Double a point. Equivalent to @@ -312,7 +312,7 @@ void decaf_448_point_add ( void decaf_448_point_double ( decaf_448_point_t two_a, const decaf_448_point_t a -) API_VIS NONNULL; +) DECAF_API_VIS DECAF_NONNULL; /** * @brief Subtract two points to produce a third point. The @@ -327,7 +327,7 @@ void decaf_448_point_sub ( decaf_448_point_t diff, const decaf_448_point_t a, const decaf_448_point_t b -) API_VIS NONNULL; +) DECAF_API_VIS DECAF_NONNULL; /** * @brief Negate a point to produce another point. The input @@ -339,7 +339,7 @@ void decaf_448_point_sub ( void decaf_448_point_negate ( decaf_448_point_t nega, const decaf_448_point_t a -) API_VIS NONNULL; +) DECAF_API_VIS DECAF_NONNULL; /** * @brief Multiply a base point by a scalar: scaled = scalar*base. @@ -352,7 +352,7 @@ void decaf_448_point_scalarmul ( decaf_448_point_t scaled, const decaf_448_point_t base, const decaf_448_scalar_t scalar -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Multiply a base point by a scalar: scaled = scalar*base. @@ -377,7 +377,7 @@ decaf_error_t decaf_448_direct_scalarmul ( const decaf_448_scalar_t scalar, decaf_bool_t allow_identity, decaf_bool_t short_circuit -) API_VIS NONNULL WARN_UNUSED NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_WARN_UNUSED DECAF_NOINLINE; /** * @brief RFC 7748 Diffie-Hellman scalarmul. This function uses a different @@ -395,10 +395,10 @@ decaf_error_t decaf_x448 ( uint8_t out[DECAF_X448_PUBLIC_BYTES], const uint8_t base[DECAF_X448_PUBLIC_BYTES], const uint8_t scalar[DECAF_X448_PRIVATE_BYTES] -) API_VIS NONNULL WARN_UNUSED NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_WARN_UNUSED DECAF_NOINLINE; /** The base point for X448 Diffie-Hellman */ -extern const uint8_t decaf_x448_base_point[DECAF_X448_PUBLIC_BYTES] API_VIS; +extern const uint8_t decaf_x448_base_point[DECAF_X448_PUBLIC_BYTES] DECAF_API_VIS; /** * @brief RFC 7748 Diffie-Hellman base point scalarmul. This function uses @@ -413,7 +413,7 @@ extern const uint8_t decaf_x448_base_point[DECAF_X448_PUBLIC_BYTES] API_VIS; void decaf_x448_generate_key ( uint8_t out[DECAF_X448_PUBLIC_BYTES], const uint8_t scalar[DECAF_X448_PRIVATE_BYTES] -) API_VIS NONNULL NOINLINE DEPRECATED("Renamed to decaf_x448_derive_public_key"); +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE DECAF_DEPRECATED("Renamed to decaf_x448_derive_public_key"); /** * @brief RFC 7748 Diffie-Hellman base point scalarmul. This function uses @@ -428,7 +428,7 @@ void decaf_x448_generate_key ( void decaf_x448_derive_public_key ( uint8_t out[DECAF_X448_PUBLIC_BYTES], const uint8_t scalar[DECAF_X448_PRIVATE_BYTES] -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /* FUTURE: uint8_t decaf_448_encode_like_curve448) */ @@ -444,7 +444,7 @@ void decaf_x448_derive_public_key ( void decaf_448_precompute ( decaf_448_precomputed_s *a, const decaf_448_point_t b -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Multiply a precomputed base point by a scalar: @@ -461,7 +461,7 @@ void decaf_448_precomputed_scalarmul ( decaf_448_point_t scaled, const decaf_448_precomputed_s *base, const decaf_448_scalar_t scalar -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Multiply two base points by two scalars: @@ -482,7 +482,7 @@ void decaf_448_point_double_scalarmul ( const decaf_448_scalar_t scalar1, const decaf_448_point_t base2, const decaf_448_scalar_t scalar2 -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * Multiply one base point by two scalars: @@ -505,7 +505,7 @@ void decaf_448_point_dual_scalarmul ( const decaf_448_point_t base1, const decaf_448_scalar_t scalar1, const decaf_448_scalar_t scalar2 -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Multiply two base points by two scalars: @@ -527,7 +527,7 @@ void decaf_448_base_double_scalarmul_non_secret ( const decaf_448_scalar_t scalar1, const decaf_448_point_t base2, const decaf_448_scalar_t scalar2 -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Constant-time decision between two points. If pick_b @@ -543,7 +543,7 @@ void decaf_448_point_cond_sel ( const decaf_448_point_t a, const decaf_448_point_t b, decaf_word_t pick_b -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Constant-time decision between two scalars. If pick_b @@ -559,7 +559,7 @@ void decaf_448_scalar_cond_sel ( const decaf_448_scalar_t a, const decaf_448_scalar_t b, decaf_word_t pick_b -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Test that a point is valid, for debugging purposes. @@ -570,7 +570,7 @@ void decaf_448_scalar_cond_sel ( */ decaf_bool_t decaf_448_point_valid ( const decaf_448_point_t to_test -) API_VIS WARN_UNUSED NONNULL NOINLINE; +) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE; /** * @brief Torque a point, for debugging purposes. The output @@ -582,7 +582,7 @@ decaf_bool_t decaf_448_point_valid ( void decaf_448_point_debugging_torque ( decaf_448_point_t q, const decaf_448_point_t p -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Projectively scale a point, for debugging purposes. @@ -597,7 +597,7 @@ void decaf_448_point_debugging_pscale ( decaf_448_point_t q, const decaf_448_point_t p, const unsigned char factor[DECAF_448_SER_BYTES] -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Almost-Elligator-like hash to curve. @@ -631,7 +631,7 @@ void decaf_448_point_from_hash_nonuniform ( decaf_448_point_t pt, const unsigned char hashed_data[DECAF_448_HASH_BYTES] -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Indifferentiable hash function encoding to curve. @@ -644,7 +644,7 @@ decaf_448_point_from_hash_nonuniform ( void decaf_448_point_from_hash_uniform ( decaf_448_point_t pt, const unsigned char hashed_data[2*DECAF_448_HASH_BYTES] -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Inverse of elligator-like hash to curve. @@ -669,7 +669,7 @@ decaf_448_invert_elligator_nonuniform ( unsigned char recovered_hash[DECAF_448_HASH_BYTES], const decaf_448_point_t pt, uint32_t which -) API_VIS NONNULL NOINLINE WARN_UNUSED; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE DECAF_WARN_UNUSED; /** * @brief Inverse of elligator-like hash to curve. @@ -694,28 +694,28 @@ decaf_448_invert_elligator_uniform ( unsigned char recovered_hash[2*DECAF_448_HASH_BYTES], const decaf_448_point_t pt, uint32_t which -) API_VIS NONNULL NOINLINE WARN_UNUSED; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE DECAF_WARN_UNUSED; /** * @brief Overwrite scalar with zeros. */ void decaf_448_scalar_destroy ( decaf_448_scalar_t scalar -) NONNULL API_VIS; +) DECAF_NONNULL DECAF_API_VIS; /** * @brief Overwrite point with zeros. */ void decaf_448_point_destroy ( decaf_448_point_t point -) NONNULL API_VIS; +) DECAF_NONNULL DECAF_API_VIS; /** * @brief Overwrite precomputed table with zeros. */ void decaf_448_precomputed_destroy ( decaf_448_precomputed_s *pre -) NONNULL API_VIS; +) DECAF_NONNULL DECAF_API_VIS; #ifdef __cplusplus } /* extern "C" */ diff --git a/src/GENERATED/include/decaf/point_448.hxx b/src/GENERATED/include/decaf/point_448.hxx index 5a01dea..7d73ce5 100644 --- a/src/GENERATED/include/decaf/point_448.hxx +++ b/src/GENERATED/include/decaf/point_448.hxx @@ -42,9 +42,9 @@ /** @cond internal */ #if __cplusplus >= 201103L -#define NOEXCEPT noexcept +#define DECAF_NOEXCEPT noexcept #else -#define NOEXCEPT throw() +#define DECAF_NOEXCEPT throw() #endif /** @endcond */ @@ -86,53 +86,53 @@ public: /** @cond internal */ /** Don't initialize. */ - inline Scalar(const NOINIT &) NOEXCEPT {} + inline Scalar(const NOINIT &) DECAF_NOEXCEPT {} /** @endcond */ /** Set to an unsigned word */ - inline Scalar(uint64_t w) NOEXCEPT { *this = w; } + inline Scalar(uint64_t w) DECAF_NOEXCEPT { *this = w; } /** Set to a signed word */ - inline Scalar(int64_t w) NOEXCEPT { *this = w; } + inline Scalar(int64_t w) DECAF_NOEXCEPT { *this = w; } /** Set to an unsigned word */ - inline Scalar(unsigned int w) NOEXCEPT { *this = w; } + inline Scalar(unsigned int w) DECAF_NOEXCEPT { *this = w; } /** Set to a signed word */ - inline Scalar(int w) NOEXCEPT { *this = w; } + inline Scalar(int w) DECAF_NOEXCEPT { *this = w; } /** Construct from RNG */ - inline explicit Scalar(Rng &rng) NOEXCEPT { + inline explicit Scalar(Rng &rng) DECAF_NOEXCEPT { FixedArrayBuffer sb(rng); *this = sb; } /** Construct from decaf_scalar_t object. */ - inline Scalar(const Wrapped &t = decaf_448_scalar_zero) NOEXCEPT { decaf_448_scalar_copy(s,t); } + inline Scalar(const Wrapped &t = decaf_448_scalar_zero) DECAF_NOEXCEPT { decaf_448_scalar_copy(s,t); } /** Copy constructor. */ - inline Scalar(const Scalar &x) NOEXCEPT { *this = x; } + inline Scalar(const Scalar &x) DECAF_NOEXCEPT { *this = x; } /** Construct from arbitrary-length little-endian byte sequence. */ - inline Scalar(const Block &buffer) NOEXCEPT { *this = buffer; } + inline Scalar(const Block &buffer) DECAF_NOEXCEPT { *this = buffer; } /** Serializable instance */ - inline size_t ser_size() const NOEXCEPT { return SER_BYTES; } + inline size_t ser_size() const DECAF_NOEXCEPT { return SER_BYTES; } /** Serializable instance */ - inline void serialize_into(unsigned char *buffer) const NOEXCEPT { + inline void serialize_into(unsigned char *buffer) const DECAF_NOEXCEPT { decaf_448_scalar_encode(buffer, s); } /** Assignment. */ - inline Scalar& operator=(const Scalar &x) NOEXCEPT { decaf_448_scalar_copy(s,x.s); return *this; } + inline Scalar& operator=(const Scalar &x) DECAF_NOEXCEPT { decaf_448_scalar_copy(s,x.s); return *this; } /** Assign from unsigned 64-bit integer. */ - inline Scalar& operator=(uint64_t w) NOEXCEPT { decaf_448_scalar_set_unsigned(s,w); return *this; } + inline Scalar& operator=(uint64_t w) DECAF_NOEXCEPT { decaf_448_scalar_set_unsigned(s,w); return *this; } /** Assign from signed int. */ - inline Scalar& operator=(int64_t w) NOEXCEPT { + inline Scalar& operator=(int64_t w) DECAF_NOEXCEPT { Scalar t(-(uint64_t)INT_MIN); decaf_448_scalar_set_unsigned(s,(uint64_t)w - (uint64_t)INT_MIN); *this -= t; @@ -140,16 +140,16 @@ public: } /** Assign from unsigned int. */ - inline Scalar& operator=(unsigned int w) NOEXCEPT { return *this = (uint64_t)w; } + inline Scalar& operator=(unsigned int w) DECAF_NOEXCEPT { return *this = (uint64_t)w; } /** Assign from signed int. */ - inline Scalar& operator=(int w) NOEXCEPT { return *this = (int64_t)w; } + inline Scalar& operator=(int w) DECAF_NOEXCEPT { return *this = (int64_t)w; } /** Destructor securely zeorizes the scalar. */ - inline ~Scalar() NOEXCEPT { decaf_448_scalar_destroy(s); } + inline ~Scalar() DECAF_NOEXCEPT { decaf_448_scalar_destroy(s); } /** Assign from arbitrary-length little-endian byte sequence in a Block. */ - inline Scalar &operator=(const Block &bl) NOEXCEPT { + inline Scalar &operator=(const Block &bl) DECAF_NOEXCEPT { decaf_448_scalar_decode_long(s,bl.data(),bl.size()); return *this; } @@ -157,32 +157,32 @@ public: * Decode from correct-length little-endian byte sequence. * @return DECAF_FAILURE if the scalar is greater than or equal to the group order q. */ - static inline decaf_error_t WARN_UNUSED decode ( + static inline decaf_error_t DECAF_WARN_UNUSED decode ( Scalar &sc, const FixedBlock buffer - ) NOEXCEPT { + ) DECAF_NOEXCEPT { return decaf_448_scalar_decode(sc.s,buffer.data()); } /** Add. */ - inline Scalar operator+ (const Scalar &q) const NOEXCEPT { Scalar r((NOINIT())); decaf_448_scalar_add(r.s,s,q.s); return r; } + inline Scalar operator+ (const Scalar &q) const DECAF_NOEXCEPT { Scalar r((NOINIT())); decaf_448_scalar_add(r.s,s,q.s); return r; } /** Add to this. */ - inline Scalar &operator+=(const Scalar &q) NOEXCEPT { decaf_448_scalar_add(s,s,q.s); return *this; } + inline Scalar &operator+=(const Scalar &q) DECAF_NOEXCEPT { decaf_448_scalar_add(s,s,q.s); return *this; } /** Subtract. */ - inline Scalar operator- (const Scalar &q) const NOEXCEPT { Scalar r((NOINIT())); decaf_448_scalar_sub(r.s,s,q.s); return r; } + inline Scalar operator- (const Scalar &q) const DECAF_NOEXCEPT { Scalar r((NOINIT())); decaf_448_scalar_sub(r.s,s,q.s); return r; } /** Subtract from this. */ - inline Scalar &operator-=(const Scalar &q) NOEXCEPT { decaf_448_scalar_sub(s,s,q.s); return *this; } + inline Scalar &operator-=(const Scalar &q) DECAF_NOEXCEPT { decaf_448_scalar_sub(s,s,q.s); return *this; } /** Multiply */ - inline Scalar operator* (const Scalar &q) const NOEXCEPT { Scalar r((NOINIT())); decaf_448_scalar_mul(r.s,s,q.s); return r; } + inline Scalar operator* (const Scalar &q) const DECAF_NOEXCEPT { Scalar r((NOINIT())); decaf_448_scalar_mul(r.s,s,q.s); return r; } /** Multiply into this. */ - inline Scalar &operator*=(const Scalar &q) NOEXCEPT { decaf_448_scalar_mul(s,s,q.s); return *this; } + inline Scalar &operator*=(const Scalar &q) DECAF_NOEXCEPT { decaf_448_scalar_mul(s,s,q.s); return *this; } /** Negate */ - inline Scalar operator- () const NOEXCEPT { Scalar r((NOINIT())); decaf_448_scalar_sub(r.s,decaf_448_scalar_zero,s); return r; } + inline Scalar operator- () const DECAF_NOEXCEPT { Scalar r((NOINIT())); decaf_448_scalar_sub(r.s,decaf_448_scalar_zero,s); return r; } /** Invert with Fermat's Little Theorem (slow!). If *this == 0, * throw CryptoException. */ @@ -196,8 +196,8 @@ public: /** Invert with Fermat's Little Theorem (slow!). If *this == 0, set r=0 * and return DECAF_FAILURE. */ - inline decaf_error_t WARN_UNUSED - inverse_noexcept(Scalar &r) const NOEXCEPT { + inline decaf_error_t DECAF_WARN_UNUSED + inverse_noexcept(Scalar &r) const DECAF_NOEXCEPT { return decaf_448_scalar_invert(r.s,s); } @@ -211,16 +211,16 @@ public: inline Scalar half() const { Scalar out; decaf_448_scalar_halve(out.s,s); return out; } /** Compare in constant time */ - inline bool operator!=(const Scalar &q) const NOEXCEPT { return !(*this == q); } + inline bool operator!=(const Scalar &q) const DECAF_NOEXCEPT { return !(*this == q); } /** Compare in constant time */ - inline bool operator==(const Scalar &q) const NOEXCEPT { return !!decaf_448_scalar_eq(s,q.s); } + inline bool operator==(const Scalar &q) const DECAF_NOEXCEPT { return !!decaf_448_scalar_eq(s,q.s); } /** Scalarmul with scalar on left. */ - inline Point operator* (const Point &q) const NOEXCEPT { return q * (*this); } + inline Point operator* (const Point &q) const DECAF_NOEXCEPT { return q * (*this); } /** Scalarmul-precomputed with scalar on left. */ - inline Point operator* (const Precomputed &q) const NOEXCEPT { return q * (*this); } + inline Point operator* (const Precomputed &q) const DECAF_NOEXCEPT { return q * (*this); } /** Direct scalar multiplication. */ inline SecureBuffer direct_scalarmul( @@ -266,23 +266,23 @@ public: /** @cond internal */ /** Don't initialize. */ - inline Point(const NOINIT &) NOEXCEPT {} + inline Point(const NOINIT &) DECAF_NOEXCEPT {} /** @endcond */ /** Constructor sets to identity by default. */ - inline Point(const Wrapped &q = decaf_448_point_identity) NOEXCEPT { decaf_448_point_copy(p,q); } + inline Point(const Wrapped &q = decaf_448_point_identity) DECAF_NOEXCEPT { decaf_448_point_copy(p,q); } /** Copy constructor. */ - inline Point(const Point &q) NOEXCEPT { *this = q; } + inline Point(const Point &q) DECAF_NOEXCEPT { *this = q; } /** Assignment. */ - inline Point& operator=(const Point &q) NOEXCEPT { decaf_448_point_copy(p,q.p); return *this; } + inline Point& operator=(const Point &q) DECAF_NOEXCEPT { decaf_448_point_copy(p,q.p); return *this; } /** Destructor securely zeorizes the point. */ - inline ~Point() NOEXCEPT { decaf_448_point_destroy(p); } + inline ~Point() DECAF_NOEXCEPT { decaf_448_point_destroy(p); } /** Construct from RNG */ - inline explicit Point(Rng &rng, bool uniform = true) NOEXCEPT { + inline explicit Point(Rng &rng, bool uniform = true) DECAF_NOEXCEPT { if (uniform) { FixedArrayBuffer<2*HASH_BYTES> b(rng); set_to_hash(b); @@ -314,9 +314,9 @@ public: * @return DECAF_FAILURE the string was the wrong length, or wasn't the encoding of a point, * or was the identity and allow_identity was DECAF_FALSE. Contents of the buffer are undefined. */ - inline decaf_error_t WARN_UNUSED decode ( + inline decaf_error_t DECAF_WARN_UNUSED decode ( const FixedBlock &buffer, decaf_bool_t allow_identity=DECAF_TRUE - ) NOEXCEPT { + ) DECAF_NOEXCEPT { return decaf_448_point_decode(p,buffer.data(),allow_identity); } @@ -328,9 +328,9 @@ public: * @return DECAF_FAILURE the string was the wrong length, or wasn't the encoding of a point. * Contents of the point are undefined. */ - inline decaf_error_t WARN_UNUSED decode_like_eddsa_and_ignore_cofactor_noexcept ( + inline decaf_error_t DECAF_WARN_UNUSED decode_like_eddsa_and_ignore_cofactor_noexcept ( const FixedBlock &buffer - ) NOEXCEPT { + ) DECAF_NOEXCEPT { return decaf_448_point_decode_like_eddsa_and_ignore_cofactor(p,buffer.data()); } @@ -353,7 +353,7 @@ public: * If the buffer is shorter than 2*HASH_BYTES, well, it won't be as uniform, * but the buffer will be zero-padded on the right. */ - static inline Point from_hash ( const Block &s ) NOEXCEPT { + static inline Point from_hash ( const Block &s ) DECAF_NOEXCEPT { Point p((NOINIT())); p.set_to_hash(s); return p; } @@ -363,7 +363,7 @@ public: * If the buffer is shorter than 2*HASH_BYTES, well, it won't be as uniform, * but the buffer will be zero-padded on the right. */ - inline void set_to_hash( const Block &s ) NOEXCEPT { + inline void set_to_hash( const Block &s ) DECAF_NOEXCEPT { if (s.size() < HASH_BYTES) { SecureBuffer b(HASH_BYTES); memcpy(b.data(), s.data(), s.size()); @@ -389,45 +389,45 @@ public: } /** Serializable instance */ - inline size_t ser_size() const NOEXCEPT { return SER_BYTES; } + inline size_t ser_size() const DECAF_NOEXCEPT { return SER_BYTES; } /** Serializable instance */ - inline void serialize_into(unsigned char *buffer) const NOEXCEPT { + inline void serialize_into(unsigned char *buffer) const DECAF_NOEXCEPT { decaf_448_point_encode(buffer, p); } /** Point add. */ - inline Point operator+ (const Point &q) const NOEXCEPT { Point r((NOINIT())); decaf_448_point_add(r.p,p,q.p); return r; } + inline Point operator+ (const Point &q) const DECAF_NOEXCEPT { Point r((NOINIT())); decaf_448_point_add(r.p,p,q.p); return r; } /** Point add. */ - inline Point &operator+=(const Point &q) NOEXCEPT { decaf_448_point_add(p,p,q.p); return *this; } + inline Point &operator+=(const Point &q) DECAF_NOEXCEPT { decaf_448_point_add(p,p,q.p); return *this; } /** Point subtract. */ - inline Point operator- (const Point &q) const NOEXCEPT { Point r((NOINIT())); decaf_448_point_sub(r.p,p,q.p); return r; } + inline Point operator- (const Point &q) const DECAF_NOEXCEPT { Point r((NOINIT())); decaf_448_point_sub(r.p,p,q.p); return r; } /** Point subtract. */ - inline Point &operator-=(const Point &q) NOEXCEPT { decaf_448_point_sub(p,p,q.p); return *this; } + inline Point &operator-=(const Point &q) DECAF_NOEXCEPT { decaf_448_point_sub(p,p,q.p); return *this; } /** Point negate. */ - inline Point operator- () const NOEXCEPT { Point r((NOINIT())); decaf_448_point_negate(r.p,p); return r; } + inline Point operator- () const DECAF_NOEXCEPT { Point r((NOINIT())); decaf_448_point_negate(r.p,p); return r; } /** Double the point out of place. */ - inline Point times_two () const NOEXCEPT { Point r((NOINIT())); decaf_448_point_double(r.p,p); return r; } + inline Point times_two () const DECAF_NOEXCEPT { Point r((NOINIT())); decaf_448_point_double(r.p,p); return r; } /** Double the point in place. */ - inline Point &double_in_place() NOEXCEPT { decaf_448_point_double(p,p); return *this; } + inline Point &double_in_place() DECAF_NOEXCEPT { decaf_448_point_double(p,p); return *this; } /** Constant-time compare. */ - inline bool operator!=(const Point &q) const NOEXCEPT { return ! decaf_448_point_eq(p,q.p); } + inline bool operator!=(const Point &q) const DECAF_NOEXCEPT { return ! decaf_448_point_eq(p,q.p); } /** Constant-time compare. */ - inline bool operator==(const Point &q) const NOEXCEPT { return !!decaf_448_point_eq(p,q.p); } + inline bool operator==(const Point &q) const DECAF_NOEXCEPT { return !!decaf_448_point_eq(p,q.p); } /** Scalar multiply. */ - inline Point operator* (const Scalar &s) const NOEXCEPT { Point r((NOINIT())); decaf_448_point_scalarmul(r.p,p,s.s); return r; } + inline Point operator* (const Scalar &s) const DECAF_NOEXCEPT { Point r((NOINIT())); decaf_448_point_scalarmul(r.p,p,s.s); return r; } /** Scalar multiply in place. */ - inline Point &operator*=(const Scalar &s) NOEXCEPT { decaf_448_point_scalarmul(p,p,s.s); return *this; } + inline Point &operator*=(const Scalar &s) DECAF_NOEXCEPT { decaf_448_point_scalarmul(p,p,s.s); return *this; } /** Multiply by s.inverse(). If s=0, maps to the identity. */ inline Point operator/ (const Scalar &s) const throw(CryptoException) { return (*this) * s.inverse(); } @@ -436,19 +436,19 @@ public: inline Point &operator/=(const Scalar &s) throw(CryptoException) { return (*this) *= s.inverse(); } /** Validate / sanity check */ - inline bool validate() const NOEXCEPT { return decaf_448_point_valid(p); } + inline bool validate() const DECAF_NOEXCEPT { return decaf_448_point_valid(p); } /** Double-scalar multiply, equivalent to q*qs + r*rs but faster. */ static inline Point double_scalarmul ( const Point &q, const Scalar &qs, const Point &r, const Scalar &rs - ) NOEXCEPT { + ) DECAF_NOEXCEPT { Point p((NOINIT())); decaf_448_point_double_scalarmul(p.p,q.p,qs.s,r.p,rs.s); return p; } /** Dual-scalar multiply, equivalent to this*r1, this*r2 but faster. */ inline void dual_scalarmul ( Point &q1, Point &q2, const Scalar &r1, const Scalar &r2 - ) const NOEXCEPT { + ) const DECAF_NOEXCEPT { decaf_448_point_dual_scalarmul(q1.p,q2.p,p,r1.s,r2.s); } @@ -458,7 +458,7 @@ public: */ static inline Point double_scalarmul ( const Scalar &qs, const Point &q, const Scalar &rs, const Point &r - ) NOEXCEPT { + ) DECAF_NOEXCEPT { return double_scalarmul(q,qs,r,rs); } @@ -467,26 +467,26 @@ public: * @warning This function takes variable time, and may leak the scalars (or points, but currently * it doesn't). */ - inline Point non_secret_combo_with_base(const Scalar &s, const Scalar &s_base) NOEXCEPT { + inline Point non_secret_combo_with_base(const Scalar &s, const Scalar &s_base) DECAF_NOEXCEPT { Point r((NOINIT())); decaf_448_base_double_scalarmul_non_secret(r.p,s_base.s,p,s.s); return r; } /** Return a point equal to *this, whose internal data is rotated by a torsion element. */ - inline Point debugging_torque() const NOEXCEPT { + inline Point debugging_torque() const DECAF_NOEXCEPT { Point q; decaf_448_point_debugging_torque(q.p,p); return q; } /** Return a point equal to *this, whose internal data has a modified representation. */ - inline Point debugging_pscale(const FixedBlock factor) const NOEXCEPT { + inline Point debugging_pscale(const FixedBlock factor) const DECAF_NOEXCEPT { Point q; decaf_448_point_debugging_pscale(q.p,p,factor.data()); return q; } /** Return a point equal to *this, whose internal data has a randomized representation. */ - inline Point debugging_pscale(Rng &r) const NOEXCEPT { + inline Point debugging_pscale(Rng &r) const DECAF_NOEXCEPT { FixedArrayBuffer sb(r); return debugging_pscale(sb); } @@ -497,7 +497,7 @@ public: */ inline decaf_error_t invert_elligator ( Buffer buf, uint32_t hint - ) const NOEXCEPT { + ) const DECAF_NOEXCEPT { unsigned char buf2[2*HASH_BYTES]; memset(buf2,0,sizeof(buf2)); memcpy(buf2,buf.data(),(buf.size() > 2*HASH_BYTES) ? 2*HASH_BYTES : buf.size()); @@ -532,10 +532,10 @@ public: } /** Return the base point */ - static inline const Point base() NOEXCEPT { return Point(decaf_448_point_base); } + static inline const Point base() DECAF_NOEXCEPT { return Point(decaf_448_point_base); } /** Return the identity point */ - static inline const Point identity() NOEXCEPT { return Point(decaf_448_point_identity); } + static inline const Point identity() DECAF_NOEXCEPT { return Point(decaf_448_point_identity); } }; /** @@ -556,7 +556,7 @@ class Precomputed public: /** Destructor securely zeorizes the memory. */ - inline ~Precomputed() NOEXCEPT { clear(); } + inline ~Precomputed() DECAF_NOEXCEPT { clear(); } /** * Initialize from underlying type, declared as a reference to prevent @@ -571,23 +571,23 @@ public: */ inline Precomputed ( const Precomputed_U &yours = *default_value() - ) NOEXCEPT : OwnedOrUnowned(yours) {} + ) DECAF_NOEXCEPT : OwnedOrUnowned(yours) {} #if __cplusplus >= 201103L /** Move-assign operator */ - inline Precomputed &operator=(Precomputed &&it) NOEXCEPT { + inline Precomputed &operator=(Precomputed &&it) DECAF_NOEXCEPT { OwnedOrUnowned::operator= (it); return *this; } /** Move constructor */ - inline Precomputed(Precomputed &&it) NOEXCEPT : OwnedOrUnowned() { + inline Precomputed(Precomputed &&it) DECAF_NOEXCEPT : OwnedOrUnowned() { *this = it; } /** Undelete copy operator */ - inline Precomputed &operator=(const Precomputed &it) NOEXCEPT { + inline Precomputed &operator=(const Precomputed &it) DECAF_NOEXCEPT { OwnedOrUnowned::operator= (it); return *this; } @@ -615,20 +615,20 @@ public: : OwnedOrUnowned() { *this = it; } /** Fixed base scalarmul. */ - inline Point operator* (const Scalar &s) const NOEXCEPT { Point r; decaf_448_precomputed_scalarmul(r.p,get(),s.s); return r; } + inline Point operator* (const Scalar &s) const DECAF_NOEXCEPT { Point r; decaf_448_precomputed_scalarmul(r.p,get(),s.s); return r; } /** Multiply by s.inverse(). If s=0, maps to the identity. */ inline Point operator/ (const Scalar &s) const throw(CryptoException) { return (*this) * s.inverse(); } /** Return the table for the base point. */ - static inline const Precomputed base() NOEXCEPT { return Precomputed(); } + static inline const Precomputed base() DECAF_NOEXCEPT { return Precomputed(); } public: /** @cond internal */ friend class OwnedOrUnowned; - static inline size_t size() NOEXCEPT { return decaf_448_sizeof_precomputed_s; } - static inline size_t alignment() NOEXCEPT { return decaf_448_alignof_precomputed_s; } - static inline const Precomputed_U * default_value() NOEXCEPT { return decaf_448_precomputed_base; } + static inline size_t size() DECAF_NOEXCEPT { return decaf_448_sizeof_precomputed_s; } + static inline size_t alignment() DECAF_NOEXCEPT { return decaf_448_alignof_precomputed_s; } + static inline const Precomputed_U * default_value() DECAF_NOEXCEPT { return decaf_448_precomputed_base; } /** @endcond */ }; @@ -641,7 +641,7 @@ public: static const size_t PRIVATE_BYTES = DECAF_X448_PRIVATE_BYTES; /** Base point for a scalar multiplication. */ - static const FixedBlock base_point() NOEXCEPT { + static const FixedBlock base_point() DECAF_NOEXCEPT { return FixedBlock(decaf_x448_base_point); } @@ -658,12 +658,12 @@ public: } /** Calculate and write into out a shared secret with public key, noexcept version. */ - static inline decaf_error_t WARN_UNUSED + static inline decaf_error_t DECAF_WARN_UNUSED shared_secret_noexcept ( FixedBuffer &out, const FixedBlock &pk, const FixedBlock &scalar - ) NOEXCEPT { + ) DECAF_NOEXCEPT { return decaf_x448(out.data(), pk.data(), scalar.data()); } @@ -671,7 +671,7 @@ public: * but possibly faster. * @deprecated Renamed to derive_public_key. */ - static inline SecureBuffer DEPRECATED("Renamed to derive_public_key") + static inline SecureBuffer DECAF_DEPRECATED("Renamed to derive_public_key") generate_key( const FixedBlock &scalar ) throw(std::bad_alloc) { @@ -698,7 +698,7 @@ public: derive_public_key_noexcept ( FixedBuffer &out, const FixedBlock &scalar - ) NOEXCEPT { + ) DECAF_NOEXCEPT { decaf_x448_derive_public_key(out.data(), scalar.data()); } @@ -706,11 +706,11 @@ public: * equivalent to shared_secret(base_point(),scalar) but possibly faster. * @deprecated Renamed to derive_public_key_noexcept. */ - static inline void DEPRECATED("Renamed to derive_public_key_noexcept") + static inline void DECAF_DEPRECATED("Renamed to derive_public_key_noexcept") generate_key_noexcept ( FixedBuffer &out, const FixedBlock &scalar - ) NOEXCEPT { + ) DECAF_NOEXCEPT { decaf_x448_derive_public_key(out.data(), scalar.data()); } }; @@ -733,7 +733,7 @@ inline SecureBuffer Ed448Goldilocks::Scalar::direct_scalarmul ( } /** @endcond */ -#undef NOEXCEPT +#undef DECAF_NOEXCEPT } /* namespace decaf */ #endif /* __DECAF_POINT_448_HXX__ */ diff --git a/src/GENERATED/include/decaf/secure_buffer.hxx b/src/GENERATED/include/decaf/secure_buffer.hxx index d306cf0..aa57d29 100644 --- a/src/GENERATED/include/decaf/secure_buffer.hxx +++ b/src/GENERATED/include/decaf/secure_buffer.hxx @@ -21,11 +21,11 @@ /** @cond internal */ #if __cplusplus >= 201103L -#define NOEXCEPT noexcept -#define DELETE = delete +#define DECAF_NOEXCEPT noexcept +#define DECAF_DELETE = delete #else -#define NOEXCEPT throw() -#define DELETE +#define DECAF_NOEXCEPT throw() +#define DECAF_DELETE #endif /** @endcond */ @@ -50,24 +50,24 @@ public: typedef std::ptrdiff_t difference_type; template struct rebind { typedef SanitizingAllocator other; }; - inline SanitizingAllocator() NOEXCEPT {} - inline ~SanitizingAllocator() NOEXCEPT {} - inline SanitizingAllocator(const SanitizingAllocator &) NOEXCEPT {} - template inline SanitizingAllocator(const SanitizingAllocator &) NOEXCEPT {} + inline SanitizingAllocator() DECAF_NOEXCEPT {} + inline ~SanitizingAllocator() DECAF_NOEXCEPT {} + inline SanitizingAllocator(const SanitizingAllocator &) DECAF_NOEXCEPT {} + template inline SanitizingAllocator(const SanitizingAllocator &) DECAF_NOEXCEPT {} - inline T* address(T& r) const NOEXCEPT { return &r; } - inline const T* address(const T& r) const NOEXCEPT { return &r; } + inline T* address(T& r) const DECAF_NOEXCEPT { return &r; } + inline const T* address(const T& r) const DECAF_NOEXCEPT { return &r; } inline T* allocate ( size_type cnt, typename std::allocator::const_pointer = 0 ) throw(std::bad_alloc); - inline void deallocate(T* p, size_t size) NOEXCEPT; - inline size_t max_size() const NOEXCEPT { return std::numeric_limits::max() / sizeof(T); } + inline void deallocate(T* p, size_t size) DECAF_NOEXCEPT; + inline size_t max_size() const DECAF_NOEXCEPT { return std::numeric_limits::max() / sizeof(T); } inline void construct(T* p, const T& t) { new(p) T(t); } inline void destroy(T* p) { p->~T(); } - inline bool operator==(SanitizingAllocator const&) const NOEXCEPT { return true; } - inline bool operator!=(SanitizingAllocator const&) const NOEXCEPT { return false; } + inline bool operator==(SanitizingAllocator const&) const DECAF_NOEXCEPT { return true; } + inline bool operator!=(SanitizingAllocator const&) const DECAF_NOEXCEPT { return false; } /** @endcond */ }; @@ -85,10 +85,10 @@ inline bool memeq(const std::vector &a, const std::vector &b) { template class Serializable { public: /** @brief Return the number of bytes needed to serialize this object */ - inline size_t ser_size() const NOEXCEPT { return static_cast(this)->ser_size(); } + inline size_t ser_size() const DECAF_NOEXCEPT { return static_cast(this)->ser_size(); } /** @brief Serialize this object into a buffer */ - inline void serialize_into(unsigned char *buf) const NOEXCEPT { + inline void serialize_into(unsigned char *buf) const DECAF_NOEXCEPT { static_cast(this)->serialize_into(buf); } @@ -115,14 +115,14 @@ class Buffer; class CryptoException : public std::exception { public: /** @return "CryptoException" */ - virtual const char * what() const NOEXCEPT { return "CryptoException"; } + virtual const char * what() const DECAF_NOEXCEPT { return "CryptoException"; } }; /** @brief An exception for when crypto (ie point decode) has failed. */ class LengthException : public std::exception { public: /** @return "CryptoException" */ - virtual const char * what() const NOEXCEPT { return "LengthException"; } + virtual const char * what() const DECAF_NOEXCEPT { return "LengthException"; } }; /** @brief Passed to constructors to avoid (conservative) initialization */ @@ -137,14 +137,14 @@ protected: Rng() {} /** Not copyable */ - Rng(const Rng &) DELETE; + Rng(const Rng &) DECAF_DELETE; /** Not copyable */ - Rng &operator=(const Rng &) DELETE; + Rng &operator=(const Rng &) DECAF_DELETE; public: /** @brief Read into a Buffer */ - virtual void read(Buffer buffer) NOEXCEPT = 0; + virtual void read(Buffer buffer) DECAF_NOEXCEPT = 0; /** @brief Read into a SecureBuffer. */ inline SecureBuffer read(size_t length) throw(std::bad_alloc); @@ -165,11 +165,11 @@ public: inline Block() : data_(NULL), size_(0), zero_on_destroy_(false) {} /** Init from C string */ - inline Block(const char *data) NOEXCEPT : data_((unsigned char *)data), + inline Block(const char *data) DECAF_NOEXCEPT : data_((unsigned char *)data), size_(strlen(data)), zero_on_destroy_(false) {} /** Unowned init */ - inline Block(const unsigned char *data, size_t size, bool zero_on_destroy=false) NOEXCEPT : data_((unsigned char *)data), + inline Block(const unsigned char *data, size_t size, bool zero_on_destroy=false) DECAF_NOEXCEPT : data_((unsigned char *)data), size_(size), zero_on_destroy_(zero_on_destroy) {} /** Block from std::string */ @@ -186,7 +186,7 @@ public: : data_(((unsigned char *)&(s)[0])), size_(s.size()), zero_on_destroy_(false) {} /** Get const data */ - inline const unsigned char *data() const NOEXCEPT { return data_; } + inline const unsigned char *data() const DECAF_NOEXCEPT { return data_; } /** Subscript */ inline const unsigned char &operator[](size_t off) const throw(std::out_of_range) { @@ -195,7 +195,7 @@ public: } /** Get the size */ - inline size_t size() const NOEXCEPT { return size_; } + inline size_t size() const DECAF_NOEXCEPT { return size_; } /** Convert to C++ string */ inline std::string get_string() const { @@ -209,7 +209,7 @@ public: } /** Content-wise comparison; constant-time if they are the same length. */ - inline decaf_bool_t contents_equal(const Block &b) const NOEXCEPT { + inline decaf_bool_t contents_equal(const Block &b) const DECAF_NOEXCEPT { if (b.size() != size()) return false; return decaf_memeq(b.data(),data(),size()); } @@ -220,7 +220,7 @@ public: } /** Securely set the buffer to 0. */ - inline void zeroize() NOEXCEPT { really_bzero(data_,size()); } + inline void zeroize() DECAF_NOEXCEPT { really_bzero(data_,size()); } /** Debugging print in hex */ inline void debug_print_hex(const char *name = NULL) { @@ -231,11 +231,11 @@ public: private: /** @cond internal */ - inline decaf_bool_t operator>=(const Block &b) const NOEXCEPT DELETE; - inline decaf_bool_t operator<=(const Block &b) const NOEXCEPT DELETE; - inline decaf_bool_t operator> (const Block &b) const NOEXCEPT DELETE; - inline decaf_bool_t operator< (const Block &b) const NOEXCEPT DELETE; - inline void operator= (const Block &b) const NOEXCEPT DELETE; + inline decaf_bool_t operator>=(const Block &b) const DECAF_NOEXCEPT DECAF_DELETE; + inline decaf_bool_t operator<=(const Block &b) const DECAF_NOEXCEPT DECAF_DELETE; + inline decaf_bool_t operator> (const Block &b) const DECAF_NOEXCEPT DECAF_DELETE; + inline decaf_bool_t operator< (const Block &b) const DECAF_NOEXCEPT DECAF_DELETE; + inline void operator= (const Block &b) const DECAF_NOEXCEPT DECAF_DELETE; /** @endcond */ }; @@ -253,26 +253,26 @@ public: } /** Explicitly pass a C buffer. */ - inline explicit FixedBlock(const uint8_t data[Size]) NOEXCEPT : Block(data,Size) {} + inline explicit FixedBlock(const uint8_t data[Size]) DECAF_NOEXCEPT : Block(data,Size) {} }; /** A reference to a writable block of data */ class Buffer : public Block { public: /** Null init */ - inline Buffer() NOEXCEPT : Block() {} + inline Buffer() DECAF_NOEXCEPT : Block() {} /** Unowned init */ - inline Buffer(unsigned char *data, size_t size, bool zero_on_destroy=false) NOEXCEPT : Block(data,size,zero_on_destroy) {} + inline Buffer(unsigned char *data, size_t size, bool zero_on_destroy=false) DECAF_NOEXCEPT : Block(data,size,zero_on_destroy) {} /** Block from std::vector */ template inline Buffer(std::vector &s) : Block(s) {} /** Get const data */ - inline const unsigned char *data() const NOEXCEPT { return data_; } + inline const unsigned char *data() const DECAF_NOEXCEPT { return data_; } /** Cast to unsigned char */ - inline unsigned char* data() NOEXCEPT { return data_; } + inline unsigned char* data() DECAF_NOEXCEPT { return data_; } /** Slice the buffer*/ inline Buffer slice(size_t off, size_t length) throw(LengthException); @@ -291,7 +291,7 @@ public: private: /** @cond internal */ - inline void operator= (const Block &b) const NOEXCEPT DELETE; + inline void operator= (const Block &b) const DECAF_NOEXCEPT DECAF_DELETE; /** @endcond */ }; @@ -310,20 +310,20 @@ public: } /** Explicitly pass a C buffer. */ - inline explicit FixedBuffer(uint8_t dat[Size],bool zero_on_destroy = false) NOEXCEPT : Buffer(dat,Size,zero_on_destroy) {} + inline explicit FixedBuffer(uint8_t dat[Size],bool zero_on_destroy = false) DECAF_NOEXCEPT : Buffer(dat,Size,zero_on_destroy) {} /** Cast to a FixedBlock. */ - inline operator FixedBlock() const NOEXCEPT { + inline operator FixedBlock() const DECAF_NOEXCEPT { return FixedBlock(data()); } private: /** @cond internal */ - inline void operator= (const Block &b) const NOEXCEPT DELETE; + inline void operator= (const Block &b) const DECAF_NOEXCEPT DECAF_DELETE; /** @endcond */ }; -/** A fixed-size stack-allocated buffer (for NOEXCEPT semantics) */ +/** A fixed-size stack-allocated buffer (for DECAF_NOEXCEPT semantics) */ template class FixedArrayBuffer : public FixedBuffer { private: uint8_t storage[Size]; @@ -331,26 +331,26 @@ public: using Buffer::zeroize; /** New buffer initialized to zero. */ - inline explicit FixedArrayBuffer() NOEXCEPT : FixedBuffer(storage,true) { memset(storage,0,Size); } + inline explicit FixedArrayBuffer() DECAF_NOEXCEPT : FixedBuffer(storage,true) { memset(storage,0,Size); } /** New uninitialized buffer. */ - inline explicit FixedArrayBuffer(const NOINIT &) NOEXCEPT : FixedBuffer(storage,true) { } + inline explicit FixedArrayBuffer(const NOINIT &) DECAF_NOEXCEPT : FixedBuffer(storage,true) { } /** New random buffer */ - inline explicit FixedArrayBuffer(Rng &r) NOEXCEPT : FixedBuffer(storage,true) { r.read(*this); } + inline explicit FixedArrayBuffer(Rng &r) DECAF_NOEXCEPT : FixedBuffer(storage,true) { r.read(*this); } /** Copy constructor */ - inline explicit FixedArrayBuffer(const FixedBlock &b) NOEXCEPT : FixedBuffer(storage,true) { + inline explicit FixedArrayBuffer(const FixedBlock &b) DECAF_NOEXCEPT : FixedBuffer(storage,true) { memcpy(storage,b.data(),Size); } /** Copy operator */ - inline FixedArrayBuffer& operator=(const FixedBlock &b) NOEXCEPT { + inline FixedArrayBuffer& operator=(const FixedBlock &b) DECAF_NOEXCEPT { memcpy(storage,b.data(),Size); return *this; } /** Copy operator */ - inline FixedArrayBuffer& operator=(const FixedArrayBuffer &b) NOEXCEPT { + inline FixedArrayBuffer& operator=(const FixedArrayBuffer &b) DECAF_NOEXCEPT { memcpy(storage,b.data(),Size); return *this; } @@ -366,12 +366,12 @@ public: } /** Copy constructor */ - inline explicit FixedArrayBuffer(const FixedArrayBuffer &b) NOEXCEPT : FixedBuffer(storage,true) { + inline explicit FixedArrayBuffer(const FixedArrayBuffer &b) DECAF_NOEXCEPT : FixedBuffer(storage,true) { memcpy(storage,b.data(),Size); } /** Destroy the buffer */ - ~FixedArrayBuffer() NOEXCEPT { zeroize(); } + ~FixedArrayBuffer() DECAF_NOEXCEPT { zeroize(); } }; /** @cond internal */ @@ -398,7 +398,7 @@ protected: } ours; bool is_mine; - inline void clear() NOEXCEPT { + inline void clear() DECAF_NOEXCEPT { if (is_mine) { really_bzero(ours.mine, T::size()); free(ours.mine); @@ -415,11 +415,11 @@ protected: } is_mine = true; } - inline const Wrapped *get() const NOEXCEPT { return is_mine ? ours.mine : ours.yours; } + inline const Wrapped *get() const DECAF_NOEXCEPT { return is_mine ? ours.mine : ours.yours; } inline OwnedOrUnowned( const Wrapped &yours = *T::default_value() - ) NOEXCEPT { + ) DECAF_NOEXCEPT { ours.yours = &yours; is_mine = false; } @@ -441,7 +441,7 @@ protected: } #if __cplusplus >= 201103L - inline T &operator=(OwnedOrUnowned &&it) NOEXCEPT { + inline T &operator=(OwnedOrUnowned &&it) DECAF_NOEXCEPT { if (this == &it) return *(T*)this; clear(); ours = it.ours; @@ -475,7 +475,7 @@ T* SanitizingAllocator::allocate ( } template -void SanitizingAllocator::deallocate(T* p, size_t size) NOEXCEPT { +void SanitizingAllocator::deallocate(T* p, size_t size) DECAF_NOEXCEPT { if (p==NULL) return; really_bzero(reinterpret_cast(p), size); free(reinterpret_cast(p)); @@ -486,7 +486,7 @@ void SanitizingAllocator::deallocate(T* p, size_t size) NOEXCEPT { } /* namespace decaf */ -#undef NOEXCEPT -#undef DELETE +#undef DECAF_NOEXCEPT +#undef DECAF_DELETE #endif /* __DECAF_SECURE_BUFFER_HXX__ */ diff --git a/src/GENERATED/include/decaf/sha512.h b/src/GENERATED/include/decaf/sha512.h index d0fd8ce..3c8ec70 100644 --- a/src/GENERATED/include/decaf/sha512.h +++ b/src/GENERATED/include/decaf/sha512.h @@ -5,8 +5,8 @@ * @brief SHA2-512 */ -#ifndef __SHA512_H__ -#define __SHA512_H__ +#ifndef __DECAF_SHA512_H__ +#define __DECAF_SHA512_H__ #include #include @@ -25,9 +25,9 @@ typedef struct decaf_sha512_ctx_s { uint64_t bytes_processed; } decaf_sha512_ctx_s, decaf_sha512_ctx_t[1]; -void decaf_sha512_init(decaf_sha512_ctx_t ctx) NONNULL API_VIS; -void decaf_sha512_update(decaf_sha512_ctx_t ctx, const uint8_t *message, size_t length) NONNULL API_VIS; -void decaf_sha512_final(decaf_sha512_ctx_t ctx, uint8_t *out, size_t length) NONNULL API_VIS; +void decaf_sha512_init(decaf_sha512_ctx_t ctx) DECAF_NONNULL DECAF_API_VIS; +void decaf_sha512_update(decaf_sha512_ctx_t ctx, const uint8_t *message, size_t length) DECAF_NONNULL DECAF_API_VIS; +void decaf_sha512_final(decaf_sha512_ctx_t ctx, uint8_t *out, size_t length) DECAF_NONNULL DECAF_API_VIS; static inline void decaf_sha512_destroy(decaf_sha512_ctx_t ctx) { decaf_bzero(ctx,sizeof(*ctx)); @@ -50,4 +50,4 @@ static inline void decaf_sha512_hash( } /* extern "C" */ #endif -#endif /* __SHA512_H__ */ +#endif /* __DECAF_SHA512_H__ */ diff --git a/src/GENERATED/include/decaf/sha512.hxx b/src/GENERATED/include/decaf/sha512.hxx index 031e6bc..c7f160b 100644 --- a/src/GENERATED/include/decaf/sha512.hxx +++ b/src/GENERATED/include/decaf/sha512.hxx @@ -17,9 +17,9 @@ /** @cond internal */ #if __cplusplus >= 201103L - #define NOEXCEPT noexcept + #define DECAF_NOEXCEPT noexcept #else - #define NOEXCEPT throw() + #define DECAF_NOEXCEPT throw() #endif /** @endcond */ @@ -44,13 +44,13 @@ public: static const size_t DEFAULT_OUTPUT_BYTES = OUTPUT_BYTES; /** Constructor */ - inline SHA512() NOEXCEPT { decaf_sha512_init(wrapped); } + inline SHA512() DECAF_NOEXCEPT { decaf_sha512_init(wrapped); } /** Add more data to running hash */ - inline void update(const uint8_t *__restrict__ in, size_t len) NOEXCEPT { decaf_sha512_update(wrapped,in,len); } + inline void update(const uint8_t *__restrict__ in, size_t len) DECAF_NOEXCEPT { decaf_sha512_update(wrapped,in,len); } /** Add more data to running hash, C++ version. */ - inline void update(const Block &s) NOEXCEPT { update(s.data(),s.size()); } + inline void update(const Block &s) DECAF_NOEXCEPT { update(s.data(),s.size()); } /** Add more data, stream version. */ inline SHA512 &operator<<(const Block &s) { update(s); return *this; } @@ -65,7 +65,7 @@ public: } /** Resets the SHA context */ - inline void reset() NOEXCEPT { decaf_sha512_init(wrapped); } + inline void reset() DECAF_NOEXCEPT { decaf_sha512_init(wrapped); } /** @brief Output bytes from the sponge. */ inline SecureBuffer final(size_t len = OUTPUT_BYTES) throw(LengthException) { @@ -76,10 +76,10 @@ public: } /** @brief Return the sponge's default output size. */ - inline size_t default_output_size() const NOEXCEPT { return OUTPUT_BYTES; } + inline size_t default_output_size() const DECAF_NOEXCEPT { return OUTPUT_BYTES; } /** @brief Return the sponge's maximum output size. */ - inline size_t max_output_size() const NOEXCEPT { return MAX_OUTPUT_BYTES; } + inline size_t max_output_size() const DECAF_NOEXCEPT { return MAX_OUTPUT_BYTES; } /** @brief Hash a message in one pass */ static inline SecureBuffer hash ( @@ -93,11 +93,11 @@ public: } /** Destructor zeroizes state */ - inline ~SHA512() NOEXCEPT { decaf_sha512_destroy(wrapped); } + inline ~SHA512() DECAF_NOEXCEPT { decaf_sha512_destroy(wrapped); } }; } /* namespace decaf */ -#undef NOEXCEPT +#undef DECAF_NOEXCEPT #endif /* __DECAF_SHA512_HXX__ */ diff --git a/src/GENERATED/include/decaf/shake.h b/src/GENERATED/include/decaf/shake.h index e949071..7f92dda 100644 --- a/src/GENERATED/include/decaf/shake.h +++ b/src/GENERATED/include/decaf/shake.h @@ -46,7 +46,7 @@ extern "C" { void decaf_sponge_init ( decaf_keccak_sponge_t sponge, const struct decaf_kparams_s *params -) API_VIS; +) DECAF_API_VIS; /** * @brief Absorb data into a DECAF_SHA3 or DECAF_SHAKE hash context. @@ -58,7 +58,7 @@ void decaf_sha3_update ( struct decaf_keccak_sponge_s * __restrict__ sponge, const uint8_t *in, size_t len -) API_VIS; +) DECAF_API_VIS; /** * @brief Squeeze output data from a DECAF_SHA3 or DECAF_SHAKE hash context. @@ -75,7 +75,7 @@ decaf_error_t decaf_sha3_output ( decaf_keccak_sponge_t sponge, uint8_t * __restrict__ out, size_t len -) API_VIS; +) DECAF_API_VIS; /** * @brief Squeeze output data from a DECAF_SHA3 or DECAF_SHAKE hash context. @@ -89,7 +89,7 @@ decaf_error_t decaf_sha3_final ( decaf_keccak_sponge_t sponge, uint8_t * __restrict__ out, size_t len -) API_VIS; +) DECAF_API_VIS; /** * @brief Reset the sponge to the empty string. @@ -98,7 +98,7 @@ decaf_error_t decaf_sha3_final ( */ void decaf_sha3_reset ( decaf_keccak_sponge_t sponge -) API_VIS; +) DECAF_API_VIS; /** * @brief Return the default output length of the sponge construction, @@ -108,7 +108,7 @@ void decaf_sha3_reset ( */ size_t decaf_sponge_default_output_bytes ( const decaf_keccak_sponge_t sponge /**< [inout] The context. */ -) API_VIS; +) DECAF_API_VIS; /** * @brief Return the default output length of the sponge construction, @@ -118,7 +118,7 @@ size_t decaf_sponge_default_output_bytes ( */ size_t decaf_sponge_max_output_bytes ( const decaf_keccak_sponge_t sponge /**< [inout] The context. */ -) API_VIS; +) DECAF_API_VIS; /** * @brief Destroy a DECAF_SHA3 or DECAF_SHAKE sponge context by overwriting it with 0. @@ -126,7 +126,7 @@ size_t decaf_sponge_max_output_bytes ( */ void decaf_sponge_destroy ( decaf_keccak_sponge_t sponge -) API_VIS; +) DECAF_API_VIS; /** * @brief Hash (in) to (out) @@ -142,66 +142,66 @@ void decaf_sponge_hash ( uint8_t *out, size_t outlen, const struct decaf_kparams_s *params -) API_VIS; +) DECAF_API_VIS; /* FUTURE: expand/doxygenate individual DECAF_SHAKE/DECAF_SHA3 instances? */ /** @cond internal */ -#define DEC_SHAKE(n) \ - extern const struct decaf_kparams_s DECAF_SHAKE##n##_params_s API_VIS; \ +#define DECAF_DEC_SHAKE(n) \ + extern const struct decaf_kparams_s DECAF_SHAKE##n##_params_s DECAF_API_VIS; \ typedef struct decaf_shake##n##_ctx_s { decaf_keccak_sponge_t s; } decaf_shake##n##_ctx_t[1]; \ - static inline void NONNULL decaf_shake##n##_init(decaf_shake##n##_ctx_t sponge) { \ + static inline void DECAF_NONNULL decaf_shake##n##_init(decaf_shake##n##_ctx_t sponge) { \ decaf_sponge_init(sponge->s, &DECAF_SHAKE##n##_params_s); \ } \ - static inline void NONNULL decaf_shake##n##_gen_init(decaf_keccak_sponge_t sponge) { \ + static inline void DECAF_NONNULL decaf_shake##n##_gen_init(decaf_keccak_sponge_t sponge) { \ decaf_sponge_init(sponge, &DECAF_SHAKE##n##_params_s); \ } \ - static inline void NONNULL decaf_shake##n##_update(decaf_shake##n##_ctx_t sponge, const uint8_t *in, size_t inlen ) { \ + static inline void DECAF_NONNULL decaf_shake##n##_update(decaf_shake##n##_ctx_t sponge, const uint8_t *in, size_t inlen ) { \ decaf_sha3_update(sponge->s, in, inlen); \ } \ - static inline void NONNULL decaf_shake##n##_final(decaf_shake##n##_ctx_t sponge, uint8_t *out, size_t outlen ) { \ + static inline void DECAF_NONNULL decaf_shake##n##_final(decaf_shake##n##_ctx_t sponge, uint8_t *out, size_t outlen ) { \ decaf_sha3_output(sponge->s, out, outlen); \ decaf_sponge_init(sponge->s, &DECAF_SHAKE##n##_params_s); \ } \ - static inline void NONNULL decaf_shake##n##_hash(uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen) { \ + static inline void DECAF_NONNULL decaf_shake##n##_hash(uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen) { \ decaf_sponge_hash(in,inlen,out,outlen,&DECAF_SHAKE##n##_params_s); \ } \ - static inline void NONNULL decaf_shake##n##_destroy( decaf_shake##n##_ctx_t sponge ) { \ + static inline void DECAF_NONNULL decaf_shake##n##_destroy( decaf_shake##n##_ctx_t sponge ) { \ decaf_sponge_destroy(sponge->s); \ } -#define DEC_SHA3(n) \ - extern const struct decaf_kparams_s DECAF_SHA3_##n##_params_s API_VIS; \ +#define DECAF_DEC_SHA3(n) \ + extern const struct decaf_kparams_s DECAF_SHA3_##n##_params_s DECAF_API_VIS; \ typedef struct decaf_sha3_##n##_ctx_s { decaf_keccak_sponge_t s; } decaf_sha3_##n##_ctx_t[1]; \ - static inline void NONNULL decaf_sha3_##n##_init(decaf_sha3_##n##_ctx_t sponge) { \ + static inline void DECAF_NONNULL decaf_sha3_##n##_init(decaf_sha3_##n##_ctx_t sponge) { \ decaf_sponge_init(sponge->s, &DECAF_SHA3_##n##_params_s); \ } \ - static inline void NONNULL decaf_sha3_##n##_gen_init(decaf_keccak_sponge_t sponge) { \ + static inline void DECAF_NONNULL decaf_sha3_##n##_gen_init(decaf_keccak_sponge_t sponge) { \ decaf_sponge_init(sponge, &DECAF_SHA3_##n##_params_s); \ } \ - static inline void NONNULL decaf_sha3_##n##_update(decaf_sha3_##n##_ctx_t sponge, const uint8_t *in, size_t inlen ) { \ + static inline void DECAF_NONNULL decaf_sha3_##n##_update(decaf_sha3_##n##_ctx_t sponge, const uint8_t *in, size_t inlen ) { \ decaf_sha3_update(sponge->s, in, inlen); \ } \ - static inline void NONNULL decaf_sha3_##n##_final(decaf_sha3_##n##_ctx_t sponge, uint8_t *out, size_t outlen ) { \ + static inline void DECAF_NONNULL decaf_sha3_##n##_final(decaf_sha3_##n##_ctx_t sponge, uint8_t *out, size_t outlen ) { \ decaf_sha3_output(sponge->s, out, outlen); \ decaf_sponge_init(sponge->s, &DECAF_SHA3_##n##_params_s); \ } \ - static inline void NONNULL decaf_sha3_##n##_hash(uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen) { \ + static inline void DECAF_NONNULL decaf_sha3_##n##_hash(uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen) { \ decaf_sponge_hash(in,inlen,out,outlen,&DECAF_SHA3_##n##_params_s); \ } \ - static inline void NONNULL decaf_sha3_##n##_destroy(decaf_sha3_##n##_ctx_t sponge) { \ + static inline void DECAF_NONNULL decaf_sha3_##n##_destroy(decaf_sha3_##n##_ctx_t sponge) { \ decaf_sponge_destroy(sponge->s); \ } /** @endcond */ -DEC_SHAKE(128) -DEC_SHAKE(256) -DEC_SHA3(224) -DEC_SHA3(256) -DEC_SHA3(384) -DEC_SHA3(512) -#undef DEC_SHAKE -#undef DEC_SHA3 +DECAF_DEC_SHAKE(128) +DECAF_DEC_SHAKE(256) +DECAF_DEC_SHA3(224) +DECAF_DEC_SHA3(256) +DECAF_DEC_SHA3(384) +DECAF_DEC_SHA3(512) +#undef DECAF_DEC_SHAKE +#undef DECAF_DEC_SHA3 #ifdef __cplusplus } /* extern "C" */ diff --git a/src/GENERATED/include/decaf/shake.hxx b/src/GENERATED/include/decaf/shake.hxx index 1ea9c4a..aae66e8 100644 --- a/src/GENERATED/include/decaf/shake.hxx +++ b/src/GENERATED/include/decaf/shake.hxx @@ -17,11 +17,11 @@ /** @cond internal */ #if __cplusplus >= 201103L -#define NOEXCEPT noexcept -#define DELETE = delete +#define DECAF_NOEXCEPT noexcept +#define DECAF_DELETE = delete #else -#define NOEXCEPT throw() -#define DELETE +#define DECAF_NOEXCEPT throw() +#define DECAF_DELETE #endif /** @endcond */ @@ -38,21 +38,21 @@ protected: decaf_keccak_sponge_t wrapped; /** Initialize from parameters */ - inline KeccakHash(const decaf_kparams_s *params) NOEXCEPT { decaf_sponge_init(wrapped, params); } + inline KeccakHash(const decaf_kparams_s *params) DECAF_NOEXCEPT { decaf_sponge_init(wrapped, params); } /** @endcond */ public: /** Add more data to running hash */ - inline void update(const uint8_t *__restrict__ in, size_t len) NOEXCEPT { decaf_sha3_update(wrapped,in,len); } + inline void update(const uint8_t *__restrict__ in, size_t len) DECAF_NOEXCEPT { decaf_sha3_update(wrapped,in,len); } /** Add more data to running hash, C++ version. */ - inline void update(const Block &s) NOEXCEPT { decaf_sha3_update(wrapped,s.data(),s.size()); } + inline void update(const Block &s) DECAF_NOEXCEPT { decaf_sha3_update(wrapped,s.data(),s.size()); } /** Add more data, stream version. */ - inline KeccakHash &operator<<(const Block &s) NOEXCEPT { update(s); return *this; } + inline KeccakHash &operator<<(const Block &s) DECAF_NOEXCEPT { update(s); return *this; } /** Same as <<. */ - inline KeccakHash &operator+=(const Block &s) NOEXCEPT { return *this << s; } + inline KeccakHash &operator+=(const Block &s) DECAF_NOEXCEPT { return *this << s; } /** @brief Output bytes from the sponge. */ inline SecureBuffer output(size_t len) throw(std::bad_alloc, LengthException) { @@ -93,12 +93,12 @@ public: } /** @brief Return the sponge's default output size. */ - inline size_t default_output_size() const NOEXCEPT { + inline size_t default_output_size() const DECAF_NOEXCEPT { return decaf_sponge_default_output_bytes(wrapped); } /** @brief Return the sponge's maximum output size. */ - inline size_t max_output_size() const NOEXCEPT { + inline size_t max_output_size() const DECAF_NOEXCEPT { return decaf_sponge_max_output_bytes(wrapped); } @@ -113,10 +113,10 @@ public: } /** Reset the hash to the empty string */ - inline void reset() NOEXCEPT { decaf_sha3_reset(wrapped); } + inline void reset() DECAF_NOEXCEPT { decaf_sha3_reset(wrapped); } /** Destructor zeroizes state */ - inline ~KeccakHash() NOEXCEPT { decaf_sponge_destroy(wrapped); } + inline ~KeccakHash() DECAF_NOEXCEPT { decaf_sponge_destroy(wrapped); } }; /** Fixed-output-length SHA3 */ @@ -133,7 +133,7 @@ public: static const size_t DEFAULT_OUTPUT_BYTES = bits/8; /** Initializer */ - inline SHA3() NOEXCEPT : KeccakHash(get_params()) {} + inline SHA3() DECAF_NOEXCEPT : KeccakHash(get_params()) {} /** Hash bytes with this SHA3 instance. * @throw LengthException if nbytes > MAX_OUTPUT_BYTES @@ -165,7 +165,7 @@ public: static const size_t DEFAULT_OUTPUT_BYTES = bits/4; /** Initializer */ - inline SHAKE() NOEXCEPT : KeccakHash(get_params()) {} + inline SHAKE() DECAF_NOEXCEPT : KeccakHash(get_params()) {} /** Hash bytes with this SHAKE instance */ static inline SecureBuffer hash(const Block &b, size_t outlen) throw(std::bad_alloc) { @@ -184,7 +184,7 @@ template<> inline const struct decaf_kparams_s *SHA3<512>::get_params() { return } /* namespace decaf */ -#undef NOEXCEPT -#undef DELETE +#undef DECAF_NOEXCEPT +#undef DECAF_DELETE #endif /* __DECAF_SHAKE_HXX__ */ diff --git a/src/GENERATED/include/decaf/spongerng.h b/src/GENERATED/include/decaf/spongerng.h index 2e0e816..f03b7eb 100644 --- a/src/GENERATED/include/decaf/spongerng.h +++ b/src/GENERATED/include/decaf/spongerng.h @@ -32,7 +32,7 @@ void decaf_spongerng_init_from_buffer ( const uint8_t *__restrict__ in, /**< [in] The initialization data. */ size_t len, /**< [in] The length of the initialization data. */ int deterministic /**< [in] If zero, allow RNG to stir in nondeterministic data from RDRAND or RDTSC.*/ -) NONNULL API_VIS; +) DECAF_NONNULL DECAF_API_VIS; /** * @brief Initialize a sponge-based CSPRNG from a file. @@ -45,7 +45,7 @@ decaf_error_t decaf_spongerng_init_from_file ( const char *file, /**< [in] A name of a file containing initial data. */ size_t len, /**< [in] The length of the initial data. Must be positive. */ int deterministic /**< [in] If zero, allow RNG to stir in nondeterministic data from RDRAND or RDTSC. */ -) NONNULL API_VIS WARN_UNUSED; +) DECAF_NONNULL DECAF_API_VIS DECAF_WARN_UNUSED; /** * @brief Initialize a nondeterministic sponge-based CSPRNG from /dev/urandom. @@ -55,24 +55,24 @@ decaf_error_t decaf_spongerng_init_from_file ( */ decaf_error_t decaf_spongerng_init_from_dev_urandom ( decaf_keccak_prng_t prng /**< [out] sponge The sponge object. */ -) API_VIS WARN_UNUSED; +) DECAF_API_VIS DECAF_WARN_UNUSED; /** Output bytes from a sponge-based CSPRNG. */ void decaf_spongerng_next ( decaf_keccak_prng_t prng, /**< [inout] The PRNG object. */ uint8_t * __restrict__ out, /**< [out] Output buffer. */ size_t len /**< [in] Number of bytes to output. */ -) API_VIS; +) DECAF_API_VIS; /** Stir entropy data into a sponge-based CSPRNG from a buffer. */ void decaf_spongerng_stir ( decaf_keccak_prng_t prng, /**< [out] The PRNG object. */ const uint8_t * __restrict__ in, /**< [in] The entropy data. */ size_t len /**< [in] The length of the initial data. */ -) NONNULL API_VIS; +) DECAF_NONNULL DECAF_API_VIS; /** Securely destroy a sponge RNG object by overwriting it. */ -static INLINE UNUSED void +static DECAF_INLINE void decaf_spongerng_destroy ( decaf_keccak_prng_t doomed /**< [in] The object to destroy. */ ); diff --git a/src/GENERATED/include/decaf/spongerng.hxx b/src/GENERATED/include/decaf/spongerng.hxx index 0513687..f3dbd3a 100644 --- a/src/GENERATED/include/decaf/spongerng.hxx +++ b/src/GENERATED/include/decaf/spongerng.hxx @@ -24,11 +24,11 @@ /** @cond internal */ #if __cplusplus >= 201103L -#define NOEXCEPT noexcept -#define DELETE = delete +#define DECAF_NOEXCEPT noexcept +#define DECAF_DELETE = delete #else -#define NOEXCEPT throw() -#define DELETE +#define DECAF_NOEXCEPT throw() +#define DECAF_DELETE #endif /** @endcond */ @@ -55,8 +55,8 @@ public: /** @endcond */ public: const int err_code; /**< errno that caused the reseed to fail. */ - const char *what() const NOEXCEPT { return what_; } /**< Description of exception. */ - RngException(int err_code, const char *what_) NOEXCEPT : what_(what_), err_code(err_code) {} /**< Construct */ + const char *what() const DECAF_NOEXCEPT { return what_; } /**< Description of exception. */ + RngException(int err_code, const char *what_) DECAF_NOEXCEPT : what_(what_), err_code(err_code) {} /**< Construct */ }; /** Initialize, deterministically by default, from block */ @@ -74,31 +74,31 @@ public: } /** Stir in new data */ - inline void stir( const Block &data ) NOEXCEPT { + inline void stir( const Block &data ) DECAF_NOEXCEPT { decaf_spongerng_stir(sp,data.data(),data.size()); } /** Securely destroy by overwriting state. */ - inline ~SpongeRng() NOEXCEPT { decaf_spongerng_destroy(sp); } + inline ~SpongeRng() DECAF_NOEXCEPT { decaf_spongerng_destroy(sp); } using Rng::read; /** Read data to a buffer. */ - virtual inline void read(Buffer buffer) NOEXCEPT + virtual inline void read(Buffer buffer) DECAF_NOEXCEPT #if __cplusplus >= 201103L final #endif { decaf_spongerng_next(sp,buffer.data(),buffer.size()); } private: - SpongeRng(const SpongeRng &) DELETE; - SpongeRng &operator=(const SpongeRng &) DELETE; + SpongeRng(const SpongeRng &) DECAF_DELETE; + SpongeRng &operator=(const SpongeRng &) DECAF_DELETE; }; /**@endcond*/ } /* namespace decaf */ -#undef NOEXCEPT -#undef DELETE +#undef DECAF_NOEXCEPT +#undef DECAF_DELETE #endif /* __DECAF_SPONGERNG_HXX__ */ diff --git a/src/include/field.h b/src/include/field.h index 766677a..fa23869 100644 --- a/src/include/field.h +++ b/src/include/field.h @@ -15,7 +15,7 @@ #include /** Square x, n times. */ -static INLINE UNUSED void gf_sqrn ( +static DECAF_INLINE void gf_sqrn ( gf_s *__restrict__ y, const gf x, int n @@ -80,7 +80,7 @@ gf_cond_swap(gf x, gf_s *__restrict__ y, mask_t swap) { constant_time_cond_swap(x,y,sizeof(gf_s),swap); } -static INLINE void gf_mul_qnr(gf_s *__restrict__ out, const gf x) { +static DECAF_INLINE void gf_mul_qnr(gf_s *__restrict__ out, const gf x) { #if P_MOD_8 == 5 /* r = QNR * r0^2 */ gf_mul(out,x,SQRT_MINUS_ONE); @@ -91,7 +91,7 @@ static INLINE void gf_mul_qnr(gf_s *__restrict__ out, const gf x) { #endif } -static INLINE void gf_div_qnr(gf_s *__restrict__ out, const gf x) { +static DECAF_INLINE void gf_div_qnr(gf_s *__restrict__ out, const gf x) { #if P_MOD_8 == 5 /* r = QNR * r0^2 */ gf_mul(out,x,SQRT_MINUS_ONE); diff --git a/src/include/word.h b/src/include/word.h index c4bfa9c..f06aa16 100644 --- a/src/include/word.h +++ b/src/include/word.h @@ -98,7 +98,7 @@ extern int posix_memalign(void **, size_t, size_t); typedef uint64x4_t uint64xn_t; typedef uint32x8_t uint32xn_t; - static INLINE big_register_t + static DECAF_INLINE big_register_t br_set_to_mask(mask_t x) { uint32_t y = (uint32_t)x; big_register_t ret = {y,y,y,y,y,y,y,y}; @@ -110,7 +110,7 @@ extern int posix_memalign(void **, size_t, size_t); typedef uint64x2_t uint64xn_t; typedef uint32x4_t uint32xn_t; - static INLINE big_register_t + static DECAF_INLINE big_register_t br_set_to_mask(mask_t x) { uint32_t y = x; big_register_t ret = {y,y,y,y}; @@ -122,7 +122,7 @@ extern int posix_memalign(void **, size_t, size_t); typedef uint64x2_t uint64xn_t; typedef uint32x4_t uint32xn_t; - static INLINE big_register_t + static DECAF_INLINE big_register_t br_set_to_mask(mask_t x) { return vdupq_n_u32(x); } @@ -131,7 +131,7 @@ extern int posix_memalign(void **, size_t, size_t); typedef uint64_t big_register_t, uint64xn_t; typedef uint32_t uint32xn_t; - static INLINE big_register_t + static DECAF_INLINE big_register_t br_set_to_mask(mask_t x) { return (big_register_t)x; } @@ -141,7 +141,7 @@ extern int posix_memalign(void **, size_t, size_t); typedef uint32_t uint32xn_t; typedef uint32_t big_register_t; - static INLINE big_register_t + static DECAF_INLINE big_register_t br_set_to_mask(mask_t x) { return (big_register_t)x; } @@ -156,18 +156,18 @@ typedef struct { } __attribute__((packed)) unaligned_uint32xn_t; #if __AVX2__ - static INLINE big_register_t + static DECAF_INLINE big_register_t br_is_zero(big_register_t x) { return (big_register_t)(x == br_set_to_mask(0)); } #elif __SSE2__ - static INLINE big_register_t + static DECAF_INLINE big_register_t br_is_zero(big_register_t x) { return (big_register_t)_mm_cmpeq_epi32((__m128i)x, _mm_setzero_si128()); //return (big_register_t)(x == br_set_to_mask(0)); } #elif __ARM_NEON__ - static INLINE big_register_t + static DECAF_INLINE big_register_t br_is_zero(big_register_t x) { return vceqq_u32(x,x^x); } @@ -193,13 +193,13 @@ typedef struct { #ifdef NEED_MEMSET_S_EXTERN extern int memset_s(void *, size_t, int, size_t); #endif - static INLINE void + static DECAF_INLINE void really_memset(void *p, char c, size_t s) { memset_s(p, s, c, s); } #else /* PERF: use words? */ - static INLINE UNUSED void + static DECAF_INLINE void really_memset(void *p, char c, size_t s) { volatile char *pv = (volatile char *)p; size_t i; @@ -218,7 +218,7 @@ typedef struct { * @return A suitable pointer, which can be free'd with free(), * or NULL if no memory can be allocated. */ -static INLINE UNUSED void * +static DECAF_INLINE void * malloc_vector(size_t size) { void *out = NULL; @@ -255,11 +255,11 @@ malloc_vector(size_t size) { * On the third hand, we have success vs boolean types, but that's handled in * common.h: it converts between decaf_bool_t and decaf_error_t. */ -static INLINE decaf_bool_t mask_to_bool (mask_t m) { +static DECAF_INLINE decaf_bool_t mask_to_bool (mask_t m) { return (decaf_sword_t)(sword_t)m; } -static INLINE mask_t bool_to_mask (decaf_bool_t m) { +static DECAF_INLINE mask_t bool_to_mask (decaf_bool_t m) { /* On most arches this will be optimized to a simple cast. */ mask_t ret = 0; unsigned int limit = sizeof(decaf_bool_t)/sizeof(mask_t); @@ -270,7 +270,7 @@ static INLINE mask_t bool_to_mask (decaf_bool_t m) { return ret; } -static INLINE void ignore_result ( decaf_bool_t boo ) { +static DECAF_INLINE void ignore_result ( decaf_bool_t boo ) { (void)boo; } diff --git a/src/per_curve/decaf.tmpl.c b/src/per_curve/decaf.tmpl.c index 842369e..852e97c 100644 --- a/src/per_curve/decaf.tmpl.c +++ b/src/per_curve/decaf.tmpl.c @@ -353,7 +353,7 @@ void API_NS(point_add) ( gf_mul ( p->t, b, c ); } -static NOINLINE void +static DECAF_NOINLINE void point_double_internal ( point_t p, const point_t q, @@ -392,7 +392,7 @@ void API_NS(point_negate) ( } /* Operations on [p]niels */ -static INLINE void +static DECAF_INLINE void cond_neg_niels ( niels_t n, mask_t neg @@ -401,7 +401,7 @@ cond_neg_niels ( gf_cond_neg(n->c, neg); } -static NOINLINE void pt_to_pniels ( +static DECAF_NOINLINE void pt_to_pniels ( pniels_t b, const point_t a ) { @@ -411,7 +411,7 @@ static NOINLINE void pt_to_pniels ( gf_add ( b->z, a->z, a->z ); } -static NOINLINE void pniels_to_pt ( +static DECAF_NOINLINE void pniels_to_pt ( point_t e, const pniels_t d ) { @@ -424,7 +424,7 @@ static NOINLINE void pniels_to_pt ( gf_sqr ( e->z, d->z ); } -static NOINLINE void +static DECAF_NOINLINE void niels_to_pt ( point_t e, const niels_t n @@ -435,7 +435,7 @@ niels_to_pt ( gf_copy ( e->z, ONE ); } -static NOINLINE void +static DECAF_NOINLINE void add_niels_to_pt ( point_t d, const niels_t e, @@ -457,7 +457,7 @@ add_niels_to_pt ( if (!before_double) gf_mul ( d->t, b, c ); } -static NOINLINE void +static DECAF_NOINLINE void sub_niels_from_pt ( point_t d, const niels_t e, @@ -503,7 +503,7 @@ sub_pniels_from_pt ( sub_niels_from_pt( p, pn->n, before_double ); } -static NOINLINE void +static DECAF_NOINLINE void prepare_fixed_window( pniels_t *multiples, const point_t b, @@ -962,7 +962,7 @@ void API_NS(precompute) ( decaf_bzero(doubles,sizeof(doubles)); } -static INLINE void +static DECAF_INLINE void constant_time_lookup_niels ( niels_s *__restrict__ ni, const niels_t *table, diff --git a/src/per_curve/eddsa.tmpl.h b/src/per_curve/eddsa.tmpl.h index 26e5a2f..c567216 100644 --- a/src/per_curve/eddsa.tmpl.h +++ b/src/per_curve/eddsa.tmpl.h @@ -19,7 +19,7 @@ extern "C" { /** Does EdDSA support non-contextual signatures? */ #define DECAF_EDDSA_$(gf_shortname)_SUPPORTS_CONTEXTLESS_SIGS $(eddsa_no_context) -$("extern const uint8_t * const DECAF_ED" + gf_shortname + "_NO_CONTEXT API_VIS;\n" if eddsa_no_context else "") +$("extern const uint8_t * const DECAF_ED" + gf_shortname + "_NO_CONTEXT DECAF_API_VIS;\n" if eddsa_no_context else "") /** Prehash context renaming macros. */ #define decaf_ed$(gf_shortname)_prehash_ctx_s decaf_$(eddsa_hash)_ctx_s #define decaf_ed$(gf_shortname)_prehash_ctx_t decaf_$(eddsa_hash)_ctx_t @@ -36,7 +36,7 @@ $("extern const uint8_t * const DECAF_ED" + gf_shortname + "_NO_CONTEXT API_VIS; void decaf_ed$(gf_shortname)_derive_public_key ( uint8_t pubkey[DECAF_EDDSA_$(gf_shortname)_PUBLIC_BYTES], const uint8_t privkey[DECAF_EDDSA_$(gf_shortname)_PRIVATE_BYTES] -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief EdDSA signing. @@ -64,7 +64,7 @@ void decaf_ed$(gf_shortname)_sign ( uint8_t prehashed, const uint8_t *context, uint8_t context_len -) API_VIS __attribute__((nonnull(1,2,3))) NOINLINE; +) DECAF_API_VIS __attribute__((nonnull(1,2,3))) DECAF_NOINLINE; /** * @brief EdDSA signing with prehash. @@ -88,7 +88,7 @@ void decaf_ed$(gf_shortname)_sign_prehash ( const decaf_ed$(gf_shortname)_prehash_ctx_t hash, const uint8_t *context, uint8_t context_len -) API_VIS __attribute__((nonnull(1,2,3,4))) NOINLINE; +) DECAF_API_VIS __attribute__((nonnull(1,2,3,4))) DECAF_NOINLINE; /** * @brief Prehash initialization, with contexts if supported. @@ -97,7 +97,7 @@ void decaf_ed$(gf_shortname)_sign_prehash ( */ void decaf_ed$(gf_shortname)_prehash_init ( decaf_ed$(gf_shortname)_prehash_ctx_t hash -) API_VIS __attribute__((nonnull(1))) NOINLINE; +) DECAF_API_VIS __attribute__((nonnull(1))) DECAF_NOINLINE; /** * @brief EdDSA signature verification. @@ -125,7 +125,7 @@ decaf_error_t decaf_ed$(gf_shortname)_verify ( uint8_t prehashed, const uint8_t *context, uint8_t context_len -) API_VIS __attribute__((nonnull(1,2))) NOINLINE; +) DECAF_API_VIS __attribute__((nonnull(1,2))) DECAF_NOINLINE; /** * @brief EdDSA signature verification. @@ -149,7 +149,7 @@ decaf_error_t decaf_ed$(gf_shortname)_verify_prehash ( const decaf_ed$(gf_shortname)_prehash_ctx_t hash, const uint8_t *context, uint8_t context_len -) API_VIS __attribute__((nonnull(1,2))) NOINLINE; +) DECAF_API_VIS __attribute__((nonnull(1,2))) DECAF_NOINLINE; /** * @brief EdDSA point encoding. Used internally, exposed externally. @@ -161,7 +161,7 @@ decaf_error_t decaf_ed$(gf_shortname)_verify_prehash ( void $(c_ns)_point_mul_by_cofactor_and_encode_like_eddsa ( uint8_t enc[DECAF_EDDSA_$(gf_shortname)_PUBLIC_BYTES], const $(c_ns)_point_t p -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief EdDSA point decoding. Remember that while points on the @@ -174,20 +174,23 @@ void $(c_ns)_point_mul_by_cofactor_and_encode_like_eddsa ( decaf_error_t $(c_ns)_point_decode_like_eddsa_and_ignore_cofactor ( $(c_ns)_point_t p, const uint8_t enc[DECAF_EDDSA_$(gf_shortname)_PUBLIC_BYTES] -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief EdDSA to ECDH public key conversion * Deserialize the point to get y on Edwards curve, * Convert it to u coordinate on Montgomery curve. * + * @warning This function does not check that the public key being converted + * is a valid EdDSA public key (FUTURE?) + * * @param[out] x The ECDH public key as in RFC7748(point on Montgomery curve) * @param[in] ed The EdDSA public key(point on Edwards curve) */ void decaf_ed$(gf_shortname)_convert_public_key_to_x$(gf_shortname) ( uint8_t x[DECAF_X$(gf_shortname)_PUBLIC_BYTES], const uint8_t ed[DECAF_EDDSA_$(gf_shortname)_PUBLIC_BYTES] -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief EdDSA to ECDH private key conversion @@ -200,7 +203,7 @@ void decaf_ed$(gf_shortname)_convert_public_key_to_x$(gf_shortname) ( void decaf_ed$(gf_shortname)_convert_private_key_to_x$(gf_shortname) ( uint8_t x[DECAF_X$(gf_shortname)_PRIVATE_BYTES], const uint8_t ed[DECAF_EDDSA_$(gf_shortname)_PRIVATE_BYTES] -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; #ifdef __cplusplus } /* extern "C" */ diff --git a/src/per_curve/eddsa.tmpl.hxx b/src/per_curve/eddsa.tmpl.hxx index cc47ac1..1c6ae54 100644 --- a/src/per_curve/eddsa.tmpl.hxx +++ b/src/per_curve/eddsa.tmpl.hxx @@ -16,9 +16,9 @@ /** @cond internal */ #if __cplusplus >= 201103L -#define NOEXCEPT noexcept +#define DECAF_NOEXCEPT noexcept #else -#define NOEXCEPT throw() +#define DECAF_NOEXCEPT throw() #endif /** @endcond */ @@ -75,7 +75,7 @@ public: } /** Reset this hash */ - void reset() NOEXCEPT { init(); } + void reset() DECAF_NOEXCEPT { init(); } /** Output from this hash */ SecureBuffer final() throw(std::bad_alloc) { @@ -186,38 +186,38 @@ public: /** Create but don't initialize */ - inline explicit PrivateKeyBase(const NOINIT&) NOEXCEPT : priv_((NOINIT())), pub_((NOINIT())) { } + inline explicit PrivateKeyBase(const NOINIT&) DECAF_NOEXCEPT : priv_((NOINIT())), pub_((NOINIT())) { } /** Read a private key from a string */ - inline explicit PrivateKeyBase(const FixedBlock &b) NOEXCEPT { *this = b; } + inline explicit PrivateKeyBase(const FixedBlock &b) DECAF_NOEXCEPT { *this = b; } /** Copy constructor */ - inline PrivateKeyBase(const PrivateKey &k) NOEXCEPT { *this = k; } + inline PrivateKeyBase(const PrivateKey &k) DECAF_NOEXCEPT { *this = k; } /** Create at random */ - inline explicit PrivateKeyBase(Rng &r) NOEXCEPT : priv_(r) { + inline explicit PrivateKeyBase(Rng &r) DECAF_NOEXCEPT : priv_(r) { decaf_ed$(gf_shortname)_derive_public_key(pub_.data(), priv_.data()); } /** Assignment from string */ - inline PrivateKeyBase &operator=(const FixedBlock &b) NOEXCEPT { + inline PrivateKeyBase &operator=(const FixedBlock &b) DECAF_NOEXCEPT { memcpy(priv_.data(),b.data(),b.size()); decaf_ed$(gf_shortname)_derive_public_key(pub_.data(), priv_.data()); return *this; } /** Copy assignment */ - inline PrivateKeyBase &operator=(const PrivateKey &k) NOEXCEPT { + inline PrivateKeyBase &operator=(const PrivateKey &k) DECAF_NOEXCEPT { memcpy(priv_.data(),k.priv_.data(), priv_.size()); memcpy(pub_.data(),k.pub_.data(), pub_.size()); return *this; } /** Serialization size. */ - inline size_t ser_size() const NOEXCEPT { return SER_BYTES; } + inline size_t ser_size() const DECAF_NOEXCEPT { return SER_BYTES; } /** Serialize into a buffer. */ - inline void serialize_into(unsigned char *x) const NOEXCEPT { + inline void serialize_into(unsigned char *x) const DECAF_NOEXCEPT { memcpy(x,priv_.data(), priv_.size()); } @@ -229,7 +229,7 @@ public: } /** Return the corresponding public key */ - inline MyPublicKey pub() const NOEXCEPT { + inline MyPublicKey pub() const DECAF_NOEXCEPT { MyPublicKey pub(*this); return pub; } @@ -240,11 +240,11 @@ public: template class Verification { public: /** Verify a signature, returning DECAF_FAILURE if verification fails */ - inline decaf_error_t WARN_UNUSED verify_noexcept ( + inline decaf_error_t DECAF_WARN_UNUSED verify_noexcept ( const FixedBlock &sig, const Block &message, const Block &context = NO_CONTEXT() - ) const /*NOEXCEPT*/ { + ) const /*DECAF_NOEXCEPT*/ { if (context.size() > 255) { return DECAF_FAILURE; } @@ -286,10 +286,10 @@ public: template class Verification { public: /* Verify a prehash context. */ - inline decaf_error_t WARN_UNUSED verify_prehashed_noexcept ( + inline decaf_error_t DECAF_WARN_UNUSED verify_prehashed_noexcept ( const FixedBlock &sig, const Prehash &ph - ) const /*NOEXCEPT*/ { + ) const /*DECAF_NOEXCEPT*/ { return decaf_ed$(gf_shortname)_verify_prehash ( sig.data(), ((const CRTP*)this)->pub_.data(), @@ -360,38 +360,38 @@ public: /** Create but don't initialize */ - inline explicit PublicKeyBase(const NOINIT&) NOEXCEPT : pub_((NOINIT())) { } + inline explicit PublicKeyBase(const NOINIT&) DECAF_NOEXCEPT : pub_((NOINIT())) { } /** Read a private key from a string */ - inline explicit PublicKeyBase(const FixedBlock &b) NOEXCEPT { *this = b; } + inline explicit PublicKeyBase(const FixedBlock &b) DECAF_NOEXCEPT { *this = b; } /** Copy constructor */ - inline PublicKeyBase(const PublicKeyBase &k) NOEXCEPT { *this = k; } + inline PublicKeyBase(const PublicKeyBase &k) DECAF_NOEXCEPT { *this = k; } /** Copy constructor */ - inline explicit PublicKeyBase(const MyPrivateKey &k) NOEXCEPT { *this = k; } + inline explicit PublicKeyBase(const MyPrivateKey &k) DECAF_NOEXCEPT { *this = k; } /** Assignment from string */ - inline PublicKey &operator=(const FixedBlock &b) NOEXCEPT { + inline PublicKey &operator=(const FixedBlock &b) DECAF_NOEXCEPT { memcpy(pub_.data(),b.data(),b.size()); return *this; } /** Assignment from private key */ - inline PublicKey &operator=(const PublicKey &p) NOEXCEPT { + inline PublicKey &operator=(const PublicKey &p) DECAF_NOEXCEPT { return *this = p.pub_; } /** Assignment from private key */ - inline PublicKey &operator=(const MyPrivateKey &p) NOEXCEPT { + inline PublicKey &operator=(const MyPrivateKey &p) DECAF_NOEXCEPT { return *this = p.pub_; } /** Serialization size. */ - inline size_t ser_size() const NOEXCEPT { return SER_BYTES; } + inline size_t ser_size() const DECAF_NOEXCEPT { return SER_BYTES; } /** Serialize into a buffer. */ - inline void serialize_into(unsigned char *x) const NOEXCEPT { + inline void serialize_into(unsigned char *x) const DECAF_NOEXCEPT { memcpy(x,pub_.data(), pub_.size()); } @@ -405,5 +405,5 @@ public: }; /* template<> struct EdDSA<$(cxx_ns)> */ -#undef NOEXCEPT +#undef DECAF_NOEXCEPT } /* namespace decaf */ diff --git a/src/per_curve/elligator.tmpl.c b/src/per_curve/elligator.tmpl.c index 3d96fd5..254b05a 100644 --- a/src/per_curve/elligator.tmpl.c +++ b/src/per_curve/elligator.tmpl.c @@ -98,7 +98,7 @@ void API_NS(point_from_hash_uniform) ( #define MAX(A,B) (((A)>(B)) ? (A) : (B)) #define PKP_MASK ((1<<(MAX(8*SER_BYTES + $(elligator_onto) - $(gf_bits),0)))-1) #if PKP_MASK != 0 -static UNUSED mask_t plus_k_p ( +static DECAF_INLINE mask_t plus_k_p ( uint8_t x[SER_BYTES], uint32_t factor_ ) { diff --git a/src/per_curve/point.tmpl.h b/src/per_curve/point.tmpl.h index c1709fd..bf3762d 100644 --- a/src/per_curve/point.tmpl.h +++ b/src/per_curve/point.tmpl.h @@ -57,7 +57,7 @@ struct $(c_ns)_precomputed_s; typedef struct $(c_ns)_precomputed_s $(c_ns)_precomputed_s; /** Size and alignment of precomputed point tables. */ -extern const size_t $(c_ns)_sizeof_precomputed_s API_VIS, $(c_ns)_alignof_precomputed_s API_VIS; +extern const size_t $(c_ns)_sizeof_precomputed_s DECAF_API_VIS, $(c_ns)_alignof_precomputed_s DECAF_API_VIS; /** Scalar is stored packed, because we don't need the speed. */ typedef struct $(c_ns)_scalar_s { @@ -67,19 +67,19 @@ typedef struct $(c_ns)_scalar_s { } $(c_ns)_scalar_t[1]; /** A scalar equal to 1. */ -extern const $(c_ns)_scalar_t $(c_ns)_scalar_one API_VIS; +extern const $(c_ns)_scalar_t $(c_ns)_scalar_one DECAF_API_VIS; /** A scalar equal to 0. */ -extern const $(c_ns)_scalar_t $(c_ns)_scalar_zero API_VIS; +extern const $(c_ns)_scalar_t $(c_ns)_scalar_zero DECAF_API_VIS; /** The identity point on the curve. */ -extern const $(c_ns)_point_t $(c_ns)_point_identity API_VIS; +extern const $(c_ns)_point_t $(c_ns)_point_identity DECAF_API_VIS; /** An arbitrarily chosen base point on the curve. */ -extern const $(c_ns)_point_t $(c_ns)_point_base API_VIS; +extern const $(c_ns)_point_t $(c_ns)_point_base DECAF_API_VIS; /** Precomputed table for the base point on the curve. */ -extern const struct $(c_ns)_precomputed_s *$(c_ns)_precomputed_base API_VIS; +extern const struct $(c_ns)_precomputed_s *$(c_ns)_precomputed_base DECAF_API_VIS; /** * @brief Read a scalar from wire format or from bytes. @@ -94,7 +94,7 @@ extern const struct $(c_ns)_precomputed_s *$(c_ns)_precomputed_base API_VIS; decaf_error_t $(c_ns)_scalar_decode ( $(c_ns)_scalar_t out, const unsigned char ser[$(C_NS)_SCALAR_BYTES] -) API_VIS WARN_UNUSED NONNULL NOINLINE; +) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE; /** * @brief Read a scalar from wire format or from bytes. Reduces mod @@ -108,7 +108,7 @@ void $(c_ns)_scalar_decode_long ( $(c_ns)_scalar_t out, const unsigned char *ser, size_t ser_len -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Serialize a scalar to wire format. @@ -119,7 +119,7 @@ void $(c_ns)_scalar_decode_long ( void $(c_ns)_scalar_encode ( unsigned char ser[$(C_NS)_SCALAR_BYTES], const $(c_ns)_scalar_t s -) API_VIS NONNULL NOINLINE NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE DECAF_NOINLINE; /** * @brief Add two scalars. The scalars may use the same memory. @@ -131,7 +131,7 @@ void $(c_ns)_scalar_add ( $(c_ns)_scalar_t out, const $(c_ns)_scalar_t a, const $(c_ns)_scalar_t b -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Compare two scalars. @@ -143,7 +143,7 @@ void $(c_ns)_scalar_add ( decaf_bool_t $(c_ns)_scalar_eq ( const $(c_ns)_scalar_t a, const $(c_ns)_scalar_t b -) API_VIS WARN_UNUSED NONNULL NOINLINE; +) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE; /** * @brief Subtract two scalars. The scalars may use the same memory. @@ -155,7 +155,7 @@ void $(c_ns)_scalar_sub ( $(c_ns)_scalar_t out, const $(c_ns)_scalar_t a, const $(c_ns)_scalar_t b -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Multiply two scalars. The scalars may use the same memory. @@ -167,7 +167,7 @@ void $(c_ns)_scalar_mul ( $(c_ns)_scalar_t out, const $(c_ns)_scalar_t a, const $(c_ns)_scalar_t b -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Halve a scalar. The scalars may use the same memory. @@ -177,7 +177,7 @@ void $(c_ns)_scalar_mul ( void $(c_ns)_scalar_halve ( $(c_ns)_scalar_t out, const $(c_ns)_scalar_t a -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Invert a scalar. When passed zero, return 0. The input and output may alias. @@ -188,7 +188,7 @@ void $(c_ns)_scalar_halve ( decaf_error_t $(c_ns)_scalar_invert ( $(c_ns)_scalar_t out, const $(c_ns)_scalar_t a -) API_VIS WARN_UNUSED NONNULL NOINLINE; +) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE; /** * @brief Copy a scalar. The scalars may use the same memory, in which @@ -196,7 +196,7 @@ decaf_error_t $(c_ns)_scalar_invert ( * @param [in] a A scalar. * @param [out] out Will become a copy of a. */ -static inline void NONNULL $(c_ns)_scalar_copy ( +static inline void DECAF_NONNULL $(c_ns)_scalar_copy ( $(c_ns)_scalar_t out, const $(c_ns)_scalar_t a ) { @@ -211,7 +211,7 @@ static inline void NONNULL $(c_ns)_scalar_copy ( void $(c_ns)_scalar_set_unsigned ( $(c_ns)_scalar_t out, uint64_t a -) API_VIS NONNULL; +) DECAF_API_VIS DECAF_NONNULL; /** * @brief Encode a point as a sequence of bytes. @@ -222,7 +222,7 @@ void $(c_ns)_scalar_set_unsigned ( void $(c_ns)_point_encode ( uint8_t ser[$(C_NS)_SER_BYTES], const $(c_ns)_point_t pt -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Decode a point from a sequence of bytes. @@ -242,7 +242,7 @@ decaf_error_t $(c_ns)_point_decode ( $(c_ns)_point_t pt, const uint8_t ser[$(C_NS)_SER_BYTES], decaf_bool_t allow_identity -) API_VIS WARN_UNUSED NONNULL NOINLINE; +) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE; /** * @brief Copy a point. The input and output may alias, @@ -251,7 +251,7 @@ decaf_error_t $(c_ns)_point_decode ( * @param [out] a A copy of the point. * @param [in] b Any point. */ -static inline void NONNULL $(c_ns)_point_copy ( +static inline void DECAF_NONNULL $(c_ns)_point_copy ( $(c_ns)_point_t a, const $(c_ns)_point_t b ) { @@ -270,7 +270,7 @@ static inline void NONNULL $(c_ns)_point_copy ( decaf_bool_t $(c_ns)_point_eq ( const $(c_ns)_point_t a, const $(c_ns)_point_t b -) API_VIS WARN_UNUSED NONNULL NOINLINE; +) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE; /** * @brief Add two points to produce a third point. The @@ -285,7 +285,7 @@ void $(c_ns)_point_add ( $(c_ns)_point_t sum, const $(c_ns)_point_t a, const $(c_ns)_point_t b -) API_VIS NONNULL; +) DECAF_API_VIS DECAF_NONNULL; /** * @brief Double a point. Equivalent to @@ -297,7 +297,7 @@ void $(c_ns)_point_add ( void $(c_ns)_point_double ( $(c_ns)_point_t two_a, const $(c_ns)_point_t a -) API_VIS NONNULL; +) DECAF_API_VIS DECAF_NONNULL; /** * @brief Subtract two points to produce a third point. The @@ -312,7 +312,7 @@ void $(c_ns)_point_sub ( $(c_ns)_point_t diff, const $(c_ns)_point_t a, const $(c_ns)_point_t b -) API_VIS NONNULL; +) DECAF_API_VIS DECAF_NONNULL; /** * @brief Negate a point to produce another point. The input @@ -324,7 +324,7 @@ void $(c_ns)_point_sub ( void $(c_ns)_point_negate ( $(c_ns)_point_t nega, const $(c_ns)_point_t a -) API_VIS NONNULL; +) DECAF_API_VIS DECAF_NONNULL; /** * @brief Multiply a base point by a scalar: scaled = scalar*base. @@ -337,7 +337,7 @@ void $(c_ns)_point_scalarmul ( $(c_ns)_point_t scaled, const $(c_ns)_point_t base, const $(c_ns)_scalar_t scalar -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Multiply a base point by a scalar: scaled = scalar*base. @@ -362,7 +362,7 @@ decaf_error_t $(c_ns)_direct_scalarmul ( const $(c_ns)_scalar_t scalar, decaf_bool_t allow_identity, decaf_bool_t short_circuit -) API_VIS NONNULL WARN_UNUSED NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_WARN_UNUSED DECAF_NOINLINE; /** * @brief RFC 7748 Diffie-Hellman scalarmul. This function uses a different @@ -380,10 +380,10 @@ decaf_error_t decaf_x$(gf_shortname) ( uint8_t out[DECAF_X$(gf_shortname)_PUBLIC_BYTES], const uint8_t base[DECAF_X$(gf_shortname)_PUBLIC_BYTES], const uint8_t scalar[DECAF_X$(gf_shortname)_PRIVATE_BYTES] -) API_VIS NONNULL WARN_UNUSED NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_WARN_UNUSED DECAF_NOINLINE; /** The base point for X$(gf_shortname) Diffie-Hellman */ -extern const uint8_t decaf_x$(gf_shortname)_base_point[DECAF_X$(gf_shortname)_PUBLIC_BYTES] API_VIS; +extern const uint8_t decaf_x$(gf_shortname)_base_point[DECAF_X$(gf_shortname)_PUBLIC_BYTES] DECAF_API_VIS; /** * @brief RFC 7748 Diffie-Hellman base point scalarmul. This function uses @@ -398,7 +398,7 @@ extern const uint8_t decaf_x$(gf_shortname)_base_point[DECAF_X$(gf_shortname)_PU void decaf_x$(gf_shortname)_generate_key ( uint8_t out[DECAF_X$(gf_shortname)_PUBLIC_BYTES], const uint8_t scalar[DECAF_X$(gf_shortname)_PRIVATE_BYTES] -) API_VIS NONNULL NOINLINE DEPRECATED("Renamed to decaf_x$(gf_shortname)_derive_public_key"); +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE DECAF_DEPRECATED("Renamed to decaf_x$(gf_shortname)_derive_public_key"); /** * @brief RFC 7748 Diffie-Hellman base point scalarmul. This function uses @@ -413,7 +413,7 @@ void decaf_x$(gf_shortname)_generate_key ( void decaf_x$(gf_shortname)_derive_public_key ( uint8_t out[DECAF_X$(gf_shortname)_PUBLIC_BYTES], const uint8_t scalar[DECAF_X$(gf_shortname)_PRIVATE_BYTES] -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /* FUTURE: uint8_t $(c_ns)_encode_like_curve$(gf_shortname)) */ @@ -429,7 +429,7 @@ void decaf_x$(gf_shortname)_derive_public_key ( void $(c_ns)_precompute ( $(c_ns)_precomputed_s *a, const $(c_ns)_point_t b -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Multiply a precomputed base point by a scalar: @@ -446,7 +446,7 @@ void $(c_ns)_precomputed_scalarmul ( $(c_ns)_point_t scaled, const $(c_ns)_precomputed_s *base, const $(c_ns)_scalar_t scalar -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Multiply two base points by two scalars: @@ -467,7 +467,7 @@ void $(c_ns)_point_double_scalarmul ( const $(c_ns)_scalar_t scalar1, const $(c_ns)_point_t base2, const $(c_ns)_scalar_t scalar2 -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * Multiply one base point by two scalars: @@ -490,7 +490,7 @@ void $(c_ns)_point_dual_scalarmul ( const $(c_ns)_point_t base1, const $(c_ns)_scalar_t scalar1, const $(c_ns)_scalar_t scalar2 -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Multiply two base points by two scalars: @@ -512,7 +512,7 @@ void $(c_ns)_base_double_scalarmul_non_secret ( const $(c_ns)_scalar_t scalar1, const $(c_ns)_point_t base2, const $(c_ns)_scalar_t scalar2 -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Constant-time decision between two points. If pick_b @@ -528,7 +528,7 @@ void $(c_ns)_point_cond_sel ( const $(c_ns)_point_t a, const $(c_ns)_point_t b, decaf_word_t pick_b -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Constant-time decision between two scalars. If pick_b @@ -544,7 +544,7 @@ void $(c_ns)_scalar_cond_sel ( const $(c_ns)_scalar_t a, const $(c_ns)_scalar_t b, decaf_word_t pick_b -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Test that a point is valid, for debugging purposes. @@ -555,7 +555,7 @@ void $(c_ns)_scalar_cond_sel ( */ decaf_bool_t $(c_ns)_point_valid ( const $(c_ns)_point_t to_test -) API_VIS WARN_UNUSED NONNULL NOINLINE; +) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE; /** * @brief Torque a point, for debugging purposes. The output @@ -567,7 +567,7 @@ decaf_bool_t $(c_ns)_point_valid ( void $(c_ns)_point_debugging_torque ( $(c_ns)_point_t q, const $(c_ns)_point_t p -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Projectively scale a point, for debugging purposes. @@ -582,7 +582,7 @@ void $(c_ns)_point_debugging_pscale ( $(c_ns)_point_t q, const $(c_ns)_point_t p, const unsigned char factor[$(C_NS)_SER_BYTES] -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Almost-Elligator-like hash to curve. @@ -616,7 +616,7 @@ void $(c_ns)_point_from_hash_nonuniform ( $(c_ns)_point_t pt, const unsigned char hashed_data[$(C_NS)_HASH_BYTES] -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Indifferentiable hash function encoding to curve. @@ -629,7 +629,7 @@ $(c_ns)_point_from_hash_nonuniform ( void $(c_ns)_point_from_hash_uniform ( $(c_ns)_point_t pt, const unsigned char hashed_data[2*$(C_NS)_HASH_BYTES] -) API_VIS NONNULL NOINLINE; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE; /** * @brief Inverse of elligator-like hash to curve. @@ -654,7 +654,7 @@ $(c_ns)_invert_elligator_nonuniform ( unsigned char recovered_hash[$(C_NS)_HASH_BYTES], const $(c_ns)_point_t pt, uint32_t which -) API_VIS NONNULL NOINLINE WARN_UNUSED; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE DECAF_WARN_UNUSED; /** * @brief Inverse of elligator-like hash to curve. @@ -679,28 +679,28 @@ $(c_ns)_invert_elligator_uniform ( unsigned char recovered_hash[2*$(C_NS)_HASH_BYTES], const $(c_ns)_point_t pt, uint32_t which -) API_VIS NONNULL NOINLINE WARN_UNUSED; +) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE DECAF_WARN_UNUSED; /** * @brief Overwrite scalar with zeros. */ void $(c_ns)_scalar_destroy ( $(c_ns)_scalar_t scalar -) NONNULL API_VIS; +) DECAF_NONNULL DECAF_API_VIS; /** * @brief Overwrite point with zeros. */ void $(c_ns)_point_destroy ( $(c_ns)_point_t point -) NONNULL API_VIS; +) DECAF_NONNULL DECAF_API_VIS; /** * @brief Overwrite precomputed table with zeros. */ void $(c_ns)_precomputed_destroy ( $(c_ns)_precomputed_s *pre -) NONNULL API_VIS; +) DECAF_NONNULL DECAF_API_VIS; #ifdef __cplusplus } /* extern "C" */ diff --git a/src/per_curve/point.tmpl.hxx b/src/per_curve/point.tmpl.hxx index d3243ca..8181901 100644 --- a/src/per_curve/point.tmpl.hxx +++ b/src/per_curve/point.tmpl.hxx @@ -29,9 +29,9 @@ /** @cond internal */ #if __cplusplus >= 201103L -#define NOEXCEPT noexcept +#define DECAF_NOEXCEPT noexcept #else -#define NOEXCEPT throw() +#define DECAF_NOEXCEPT throw() #endif /** @endcond */ @@ -73,53 +73,53 @@ public: /** @cond internal */ /** Don't initialize. */ - inline Scalar(const NOINIT &) NOEXCEPT {} + inline Scalar(const NOINIT &) DECAF_NOEXCEPT {} /** @endcond */ /** Set to an unsigned word */ - inline Scalar(uint64_t w) NOEXCEPT { *this = w; } + inline Scalar(uint64_t w) DECAF_NOEXCEPT { *this = w; } /** Set to a signed word */ - inline Scalar(int64_t w) NOEXCEPT { *this = w; } + inline Scalar(int64_t w) DECAF_NOEXCEPT { *this = w; } /** Set to an unsigned word */ - inline Scalar(unsigned int w) NOEXCEPT { *this = w; } + inline Scalar(unsigned int w) DECAF_NOEXCEPT { *this = w; } /** Set to a signed word */ - inline Scalar(int w) NOEXCEPT { *this = w; } + inline Scalar(int w) DECAF_NOEXCEPT { *this = w; } /** Construct from RNG */ - inline explicit Scalar(Rng &rng) NOEXCEPT { + inline explicit Scalar(Rng &rng) DECAF_NOEXCEPT { FixedArrayBuffer sb(rng); *this = sb; } /** Construct from decaf_scalar_t object. */ - inline Scalar(const Wrapped &t = $(c_ns)_scalar_zero) NOEXCEPT { $(c_ns)_scalar_copy(s,t); } + inline Scalar(const Wrapped &t = $(c_ns)_scalar_zero) DECAF_NOEXCEPT { $(c_ns)_scalar_copy(s,t); } /** Copy constructor. */ - inline Scalar(const Scalar &x) NOEXCEPT { *this = x; } + inline Scalar(const Scalar &x) DECAF_NOEXCEPT { *this = x; } /** Construct from arbitrary-length little-endian byte sequence. */ - inline Scalar(const Block &buffer) NOEXCEPT { *this = buffer; } + inline Scalar(const Block &buffer) DECAF_NOEXCEPT { *this = buffer; } /** Serializable instance */ - inline size_t ser_size() const NOEXCEPT { return SER_BYTES; } + inline size_t ser_size() const DECAF_NOEXCEPT { return SER_BYTES; } /** Serializable instance */ - inline void serialize_into(unsigned char *buffer) const NOEXCEPT { + inline void serialize_into(unsigned char *buffer) const DECAF_NOEXCEPT { $(c_ns)_scalar_encode(buffer, s); } /** Assignment. */ - inline Scalar& operator=(const Scalar &x) NOEXCEPT { $(c_ns)_scalar_copy(s,x.s); return *this; } + inline Scalar& operator=(const Scalar &x) DECAF_NOEXCEPT { $(c_ns)_scalar_copy(s,x.s); return *this; } /** Assign from unsigned 64-bit integer. */ - inline Scalar& operator=(uint64_t w) NOEXCEPT { $(c_ns)_scalar_set_unsigned(s,w); return *this; } + inline Scalar& operator=(uint64_t w) DECAF_NOEXCEPT { $(c_ns)_scalar_set_unsigned(s,w); return *this; } /** Assign from signed int. */ - inline Scalar& operator=(int64_t w) NOEXCEPT { + inline Scalar& operator=(int64_t w) DECAF_NOEXCEPT { Scalar t(-(uint64_t)INT_MIN); $(c_ns)_scalar_set_unsigned(s,(uint64_t)w - (uint64_t)INT_MIN); *this -= t; @@ -127,16 +127,16 @@ public: } /** Assign from unsigned int. */ - inline Scalar& operator=(unsigned int w) NOEXCEPT { return *this = (uint64_t)w; } + inline Scalar& operator=(unsigned int w) DECAF_NOEXCEPT { return *this = (uint64_t)w; } /** Assign from signed int. */ - inline Scalar& operator=(int w) NOEXCEPT { return *this = (int64_t)w; } + inline Scalar& operator=(int w) DECAF_NOEXCEPT { return *this = (int64_t)w; } /** Destructor securely zeorizes the scalar. */ - inline ~Scalar() NOEXCEPT { $(c_ns)_scalar_destroy(s); } + inline ~Scalar() DECAF_NOEXCEPT { $(c_ns)_scalar_destroy(s); } /** Assign from arbitrary-length little-endian byte sequence in a Block. */ - inline Scalar &operator=(const Block &bl) NOEXCEPT { + inline Scalar &operator=(const Block &bl) DECAF_NOEXCEPT { $(c_ns)_scalar_decode_long(s,bl.data(),bl.size()); return *this; } @@ -144,32 +144,32 @@ public: * Decode from correct-length little-endian byte sequence. * @return DECAF_FAILURE if the scalar is greater than or equal to the group order q. */ - static inline decaf_error_t WARN_UNUSED decode ( + static inline decaf_error_t DECAF_WARN_UNUSED decode ( Scalar &sc, const FixedBlock buffer - ) NOEXCEPT { + ) DECAF_NOEXCEPT { return $(c_ns)_scalar_decode(sc.s,buffer.data()); } /** Add. */ - inline Scalar operator+ (const Scalar &q) const NOEXCEPT { Scalar r((NOINIT())); $(c_ns)_scalar_add(r.s,s,q.s); return r; } + inline Scalar operator+ (const Scalar &q) const DECAF_NOEXCEPT { Scalar r((NOINIT())); $(c_ns)_scalar_add(r.s,s,q.s); return r; } /** Add to this. */ - inline Scalar &operator+=(const Scalar &q) NOEXCEPT { $(c_ns)_scalar_add(s,s,q.s); return *this; } + inline Scalar &operator+=(const Scalar &q) DECAF_NOEXCEPT { $(c_ns)_scalar_add(s,s,q.s); return *this; } /** Subtract. */ - inline Scalar operator- (const Scalar &q) const NOEXCEPT { Scalar r((NOINIT())); $(c_ns)_scalar_sub(r.s,s,q.s); return r; } + inline Scalar operator- (const Scalar &q) const DECAF_NOEXCEPT { Scalar r((NOINIT())); $(c_ns)_scalar_sub(r.s,s,q.s); return r; } /** Subtract from this. */ - inline Scalar &operator-=(const Scalar &q) NOEXCEPT { $(c_ns)_scalar_sub(s,s,q.s); return *this; } + inline Scalar &operator-=(const Scalar &q) DECAF_NOEXCEPT { $(c_ns)_scalar_sub(s,s,q.s); return *this; } /** Multiply */ - inline Scalar operator* (const Scalar &q) const NOEXCEPT { Scalar r((NOINIT())); $(c_ns)_scalar_mul(r.s,s,q.s); return r; } + inline Scalar operator* (const Scalar &q) const DECAF_NOEXCEPT { Scalar r((NOINIT())); $(c_ns)_scalar_mul(r.s,s,q.s); return r; } /** Multiply into this. */ - inline Scalar &operator*=(const Scalar &q) NOEXCEPT { $(c_ns)_scalar_mul(s,s,q.s); return *this; } + inline Scalar &operator*=(const Scalar &q) DECAF_NOEXCEPT { $(c_ns)_scalar_mul(s,s,q.s); return *this; } /** Negate */ - inline Scalar operator- () const NOEXCEPT { Scalar r((NOINIT())); $(c_ns)_scalar_sub(r.s,$(c_ns)_scalar_zero,s); return r; } + inline Scalar operator- () const DECAF_NOEXCEPT { Scalar r((NOINIT())); $(c_ns)_scalar_sub(r.s,$(c_ns)_scalar_zero,s); return r; } /** Invert with Fermat's Little Theorem (slow!). If *this == 0, * throw CryptoException. */ @@ -183,8 +183,8 @@ public: /** Invert with Fermat's Little Theorem (slow!). If *this == 0, set r=0 * and return DECAF_FAILURE. */ - inline decaf_error_t WARN_UNUSED - inverse_noexcept(Scalar &r) const NOEXCEPT { + inline decaf_error_t DECAF_WARN_UNUSED + inverse_noexcept(Scalar &r) const DECAF_NOEXCEPT { return $(c_ns)_scalar_invert(r.s,s); } @@ -198,16 +198,16 @@ public: inline Scalar half() const { Scalar out; $(c_ns)_scalar_halve(out.s,s); return out; } /** Compare in constant time */ - inline bool operator!=(const Scalar &q) const NOEXCEPT { return !(*this == q); } + inline bool operator!=(const Scalar &q) const DECAF_NOEXCEPT { return !(*this == q); } /** Compare in constant time */ - inline bool operator==(const Scalar &q) const NOEXCEPT { return !!$(c_ns)_scalar_eq(s,q.s); } + inline bool operator==(const Scalar &q) const DECAF_NOEXCEPT { return !!$(c_ns)_scalar_eq(s,q.s); } /** Scalarmul with scalar on left. */ - inline Point operator* (const Point &q) const NOEXCEPT { return q * (*this); } + inline Point operator* (const Point &q) const DECAF_NOEXCEPT { return q * (*this); } /** Scalarmul-precomputed with scalar on left. */ - inline Point operator* (const Precomputed &q) const NOEXCEPT { return q * (*this); } + inline Point operator* (const Precomputed &q) const DECAF_NOEXCEPT { return q * (*this); } /** Direct scalar multiplication. */ inline SecureBuffer direct_scalarmul( @@ -253,23 +253,23 @@ public: /** @cond internal */ /** Don't initialize. */ - inline Point(const NOINIT &) NOEXCEPT {} + inline Point(const NOINIT &) DECAF_NOEXCEPT {} /** @endcond */ /** Constructor sets to identity by default. */ - inline Point(const Wrapped &q = $(c_ns)_point_identity) NOEXCEPT { $(c_ns)_point_copy(p,q); } + inline Point(const Wrapped &q = $(c_ns)_point_identity) DECAF_NOEXCEPT { $(c_ns)_point_copy(p,q); } /** Copy constructor. */ - inline Point(const Point &q) NOEXCEPT { *this = q; } + inline Point(const Point &q) DECAF_NOEXCEPT { *this = q; } /** Assignment. */ - inline Point& operator=(const Point &q) NOEXCEPT { $(c_ns)_point_copy(p,q.p); return *this; } + inline Point& operator=(const Point &q) DECAF_NOEXCEPT { $(c_ns)_point_copy(p,q.p); return *this; } /** Destructor securely zeorizes the point. */ - inline ~Point() NOEXCEPT { $(c_ns)_point_destroy(p); } + inline ~Point() DECAF_NOEXCEPT { $(c_ns)_point_destroy(p); } /** Construct from RNG */ - inline explicit Point(Rng &rng, bool uniform = true) NOEXCEPT { + inline explicit Point(Rng &rng, bool uniform = true) DECAF_NOEXCEPT { if (uniform) { FixedArrayBuffer<2*HASH_BYTES> b(rng); set_to_hash(b); @@ -301,9 +301,9 @@ public: * @return DECAF_FAILURE the string was the wrong length, or wasn't the encoding of a point, * or was the identity and allow_identity was DECAF_FALSE. Contents of the buffer are undefined. */ - inline decaf_error_t WARN_UNUSED decode ( + inline decaf_error_t DECAF_WARN_UNUSED decode ( const FixedBlock &buffer, decaf_bool_t allow_identity=DECAF_TRUE - ) NOEXCEPT { + ) DECAF_NOEXCEPT { return $(c_ns)_point_decode(p,buffer.data(),allow_identity); } @@ -315,9 +315,9 @@ public: * @return DECAF_FAILURE the string was the wrong length, or wasn't the encoding of a point. * Contents of the point are undefined. */ - inline decaf_error_t WARN_UNUSED decode_like_eddsa_and_ignore_cofactor_noexcept ( + inline decaf_error_t DECAF_WARN_UNUSED decode_like_eddsa_and_ignore_cofactor_noexcept ( const FixedBlock &buffer - ) NOEXCEPT { + ) DECAF_NOEXCEPT { return $(c_ns)_point_decode_like_eddsa_and_ignore_cofactor(p,buffer.data()); } @@ -340,7 +340,7 @@ public: * If the buffer is shorter than 2*HASH_BYTES, well, it won't be as uniform, * but the buffer will be zero-padded on the right. */ - static inline Point from_hash ( const Block &s ) NOEXCEPT { + static inline Point from_hash ( const Block &s ) DECAF_NOEXCEPT { Point p((NOINIT())); p.set_to_hash(s); return p; } @@ -350,7 +350,7 @@ public: * If the buffer is shorter than 2*HASH_BYTES, well, it won't be as uniform, * but the buffer will be zero-padded on the right. */ - inline void set_to_hash( const Block &s ) NOEXCEPT { + inline void set_to_hash( const Block &s ) DECAF_NOEXCEPT { if (s.size() < HASH_BYTES) { SecureBuffer b(HASH_BYTES); memcpy(b.data(), s.data(), s.size()); @@ -376,45 +376,45 @@ public: } /** Serializable instance */ - inline size_t ser_size() const NOEXCEPT { return SER_BYTES; } + inline size_t ser_size() const DECAF_NOEXCEPT { return SER_BYTES; } /** Serializable instance */ - inline void serialize_into(unsigned char *buffer) const NOEXCEPT { + inline void serialize_into(unsigned char *buffer) const DECAF_NOEXCEPT { $(c_ns)_point_encode(buffer, p); } /** Point add. */ - inline Point operator+ (const Point &q) const NOEXCEPT { Point r((NOINIT())); $(c_ns)_point_add(r.p,p,q.p); return r; } + inline Point operator+ (const Point &q) const DECAF_NOEXCEPT { Point r((NOINIT())); $(c_ns)_point_add(r.p,p,q.p); return r; } /** Point add. */ - inline Point &operator+=(const Point &q) NOEXCEPT { $(c_ns)_point_add(p,p,q.p); return *this; } + inline Point &operator+=(const Point &q) DECAF_NOEXCEPT { $(c_ns)_point_add(p,p,q.p); return *this; } /** Point subtract. */ - inline Point operator- (const Point &q) const NOEXCEPT { Point r((NOINIT())); $(c_ns)_point_sub(r.p,p,q.p); return r; } + inline Point operator- (const Point &q) const DECAF_NOEXCEPT { Point r((NOINIT())); $(c_ns)_point_sub(r.p,p,q.p); return r; } /** Point subtract. */ - inline Point &operator-=(const Point &q) NOEXCEPT { $(c_ns)_point_sub(p,p,q.p); return *this; } + inline Point &operator-=(const Point &q) DECAF_NOEXCEPT { $(c_ns)_point_sub(p,p,q.p); return *this; } /** Point negate. */ - inline Point operator- () const NOEXCEPT { Point r((NOINIT())); $(c_ns)_point_negate(r.p,p); return r; } + inline Point operator- () const DECAF_NOEXCEPT { Point r((NOINIT())); $(c_ns)_point_negate(r.p,p); return r; } /** Double the point out of place. */ - inline Point times_two () const NOEXCEPT { Point r((NOINIT())); $(c_ns)_point_double(r.p,p); return r; } + inline Point times_two () const DECAF_NOEXCEPT { Point r((NOINIT())); $(c_ns)_point_double(r.p,p); return r; } /** Double the point in place. */ - inline Point &double_in_place() NOEXCEPT { $(c_ns)_point_double(p,p); return *this; } + inline Point &double_in_place() DECAF_NOEXCEPT { $(c_ns)_point_double(p,p); return *this; } /** Constant-time compare. */ - inline bool operator!=(const Point &q) const NOEXCEPT { return ! $(c_ns)_point_eq(p,q.p); } + inline bool operator!=(const Point &q) const DECAF_NOEXCEPT { return ! $(c_ns)_point_eq(p,q.p); } /** Constant-time compare. */ - inline bool operator==(const Point &q) const NOEXCEPT { return !!$(c_ns)_point_eq(p,q.p); } + inline bool operator==(const Point &q) const DECAF_NOEXCEPT { return !!$(c_ns)_point_eq(p,q.p); } /** Scalar multiply. */ - inline Point operator* (const Scalar &s) const NOEXCEPT { Point r((NOINIT())); $(c_ns)_point_scalarmul(r.p,p,s.s); return r; } + inline Point operator* (const Scalar &s) const DECAF_NOEXCEPT { Point r((NOINIT())); $(c_ns)_point_scalarmul(r.p,p,s.s); return r; } /** Scalar multiply in place. */ - inline Point &operator*=(const Scalar &s) NOEXCEPT { $(c_ns)_point_scalarmul(p,p,s.s); return *this; } + inline Point &operator*=(const Scalar &s) DECAF_NOEXCEPT { $(c_ns)_point_scalarmul(p,p,s.s); return *this; } /** Multiply by s.inverse(). If s=0, maps to the identity. */ inline Point operator/ (const Scalar &s) const throw(CryptoException) { return (*this) * s.inverse(); } @@ -423,19 +423,19 @@ public: inline Point &operator/=(const Scalar &s) throw(CryptoException) { return (*this) *= s.inverse(); } /** Validate / sanity check */ - inline bool validate() const NOEXCEPT { return $(c_ns)_point_valid(p); } + inline bool validate() const DECAF_NOEXCEPT { return $(c_ns)_point_valid(p); } /** Double-scalar multiply, equivalent to q*qs + r*rs but faster. */ static inline Point double_scalarmul ( const Point &q, const Scalar &qs, const Point &r, const Scalar &rs - ) NOEXCEPT { + ) DECAF_NOEXCEPT { Point p((NOINIT())); $(c_ns)_point_double_scalarmul(p.p,q.p,qs.s,r.p,rs.s); return p; } /** Dual-scalar multiply, equivalent to this*r1, this*r2 but faster. */ inline void dual_scalarmul ( Point &q1, Point &q2, const Scalar &r1, const Scalar &r2 - ) const NOEXCEPT { + ) const DECAF_NOEXCEPT { $(c_ns)_point_dual_scalarmul(q1.p,q2.p,p,r1.s,r2.s); } @@ -445,7 +445,7 @@ public: */ static inline Point double_scalarmul ( const Scalar &qs, const Point &q, const Scalar &rs, const Point &r - ) NOEXCEPT { + ) DECAF_NOEXCEPT { return double_scalarmul(q,qs,r,rs); } @@ -454,26 +454,26 @@ public: * @warning This function takes variable time, and may leak the scalars (or points, but currently * it doesn't). */ - inline Point non_secret_combo_with_base(const Scalar &s, const Scalar &s_base) NOEXCEPT { + inline Point non_secret_combo_with_base(const Scalar &s, const Scalar &s_base) DECAF_NOEXCEPT { Point r((NOINIT())); $(c_ns)_base_double_scalarmul_non_secret(r.p,s_base.s,p,s.s); return r; } /** Return a point equal to *this, whose internal data is rotated by a torsion element. */ - inline Point debugging_torque() const NOEXCEPT { + inline Point debugging_torque() const DECAF_NOEXCEPT { Point q; $(c_ns)_point_debugging_torque(q.p,p); return q; } /** Return a point equal to *this, whose internal data has a modified representation. */ - inline Point debugging_pscale(const FixedBlock factor) const NOEXCEPT { + inline Point debugging_pscale(const FixedBlock factor) const DECAF_NOEXCEPT { Point q; $(c_ns)_point_debugging_pscale(q.p,p,factor.data()); return q; } /** Return a point equal to *this, whose internal data has a randomized representation. */ - inline Point debugging_pscale(Rng &r) const NOEXCEPT { + inline Point debugging_pscale(Rng &r) const DECAF_NOEXCEPT { FixedArrayBuffer sb(r); return debugging_pscale(sb); } @@ -484,7 +484,7 @@ public: */ inline decaf_error_t invert_elligator ( Buffer buf, uint32_t hint - ) const NOEXCEPT { + ) const DECAF_NOEXCEPT { unsigned char buf2[2*HASH_BYTES]; memset(buf2,0,sizeof(buf2)); memcpy(buf2,buf.data(),(buf.size() > 2*HASH_BYTES) ? 2*HASH_BYTES : buf.size()); @@ -519,10 +519,10 @@ public: } /** Return the base point */ - static inline const Point base() NOEXCEPT { return Point($(c_ns)_point_base); } + static inline const Point base() DECAF_NOEXCEPT { return Point($(c_ns)_point_base); } /** Return the identity point */ - static inline const Point identity() NOEXCEPT { return Point($(c_ns)_point_identity); } + static inline const Point identity() DECAF_NOEXCEPT { return Point($(c_ns)_point_identity); } }; /** @@ -543,7 +543,7 @@ class Precomputed public: /** Destructor securely zeorizes the memory. */ - inline ~Precomputed() NOEXCEPT { clear(); } + inline ~Precomputed() DECAF_NOEXCEPT { clear(); } /** * Initialize from underlying type, declared as a reference to prevent @@ -558,23 +558,23 @@ public: */ inline Precomputed ( const Precomputed_U &yours = *default_value() - ) NOEXCEPT : OwnedOrUnowned(yours) {} + ) DECAF_NOEXCEPT : OwnedOrUnowned(yours) {} #if __cplusplus >= 201103L /** Move-assign operator */ - inline Precomputed &operator=(Precomputed &&it) NOEXCEPT { + inline Precomputed &operator=(Precomputed &&it) DECAF_NOEXCEPT { OwnedOrUnowned::operator= (it); return *this; } /** Move constructor */ - inline Precomputed(Precomputed &&it) NOEXCEPT : OwnedOrUnowned() { + inline Precomputed(Precomputed &&it) DECAF_NOEXCEPT : OwnedOrUnowned() { *this = it; } /** Undelete copy operator */ - inline Precomputed &operator=(const Precomputed &it) NOEXCEPT { + inline Precomputed &operator=(const Precomputed &it) DECAF_NOEXCEPT { OwnedOrUnowned::operator= (it); return *this; } @@ -602,20 +602,20 @@ public: : OwnedOrUnowned() { *this = it; } /** Fixed base scalarmul. */ - inline Point operator* (const Scalar &s) const NOEXCEPT { Point r; $(c_ns)_precomputed_scalarmul(r.p,get(),s.s); return r; } + inline Point operator* (const Scalar &s) const DECAF_NOEXCEPT { Point r; $(c_ns)_precomputed_scalarmul(r.p,get(),s.s); return r; } /** Multiply by s.inverse(). If s=0, maps to the identity. */ inline Point operator/ (const Scalar &s) const throw(CryptoException) { return (*this) * s.inverse(); } /** Return the table for the base point. */ - static inline const Precomputed base() NOEXCEPT { return Precomputed(); } + static inline const Precomputed base() DECAF_NOEXCEPT { return Precomputed(); } public: /** @cond internal */ friend class OwnedOrUnowned; - static inline size_t size() NOEXCEPT { return $(c_ns)_sizeof_precomputed_s; } - static inline size_t alignment() NOEXCEPT { return $(c_ns)_alignof_precomputed_s; } - static inline const Precomputed_U * default_value() NOEXCEPT { return $(c_ns)_precomputed_base; } + static inline size_t size() DECAF_NOEXCEPT { return $(c_ns)_sizeof_precomputed_s; } + static inline size_t alignment() DECAF_NOEXCEPT { return $(c_ns)_alignof_precomputed_s; } + static inline const Precomputed_U * default_value() DECAF_NOEXCEPT { return $(c_ns)_precomputed_base; } /** @endcond */ }; @@ -628,7 +628,7 @@ public: static const size_t PRIVATE_BYTES = DECAF_X$(gf_shortname)_PRIVATE_BYTES; /** Base point for a scalar multiplication. */ - static const FixedBlock base_point() NOEXCEPT { + static const FixedBlock base_point() DECAF_NOEXCEPT { return FixedBlock(decaf_x$(gf_shortname)_base_point); } @@ -645,12 +645,12 @@ public: } /** Calculate and write into out a shared secret with public key, noexcept version. */ - static inline decaf_error_t WARN_UNUSED + static inline decaf_error_t DECAF_WARN_UNUSED shared_secret_noexcept ( FixedBuffer &out, const FixedBlock &pk, const FixedBlock &scalar - ) NOEXCEPT { + ) DECAF_NOEXCEPT { return decaf_x$(gf_shortname)(out.data(), pk.data(), scalar.data()); } @@ -658,7 +658,7 @@ public: * but possibly faster. * @deprecated Renamed to derive_public_key. */ - static inline SecureBuffer DEPRECATED("Renamed to derive_public_key") + static inline SecureBuffer DECAF_DEPRECATED("Renamed to derive_public_key") generate_key( const FixedBlock &scalar ) throw(std::bad_alloc) { @@ -685,7 +685,7 @@ public: derive_public_key_noexcept ( FixedBuffer &out, const FixedBlock &scalar - ) NOEXCEPT { + ) DECAF_NOEXCEPT { decaf_x$(gf_shortname)_derive_public_key(out.data(), scalar.data()); } @@ -693,11 +693,11 @@ public: * equivalent to shared_secret(base_point(),scalar) but possibly faster. * @deprecated Renamed to derive_public_key_noexcept. */ - static inline void DEPRECATED("Renamed to derive_public_key_noexcept") + static inline void DECAF_DEPRECATED("Renamed to derive_public_key_noexcept") generate_key_noexcept ( FixedBuffer &out, const FixedBlock &scalar - ) NOEXCEPT { + ) DECAF_NOEXCEPT { decaf_x$(gf_shortname)_derive_public_key(out.data(), scalar.data()); } }; @@ -720,5 +720,5 @@ inline SecureBuffer $(cxx_ns)::Scalar::direct_scalarmul ( } /** @endcond */ -#undef NOEXCEPT +#undef DECAF_NOEXCEPT } /* namespace decaf */ diff --git a/src/per_curve/scalar.tmpl.c b/src/per_curve/scalar.tmpl.c index 94c6a1b..5a5b91d 100644 --- a/src/per_curve/scalar.tmpl.c +++ b/src/per_curve/scalar.tmpl.c @@ -26,7 +26,7 @@ const scalar_t API_NS(scalar_one) = {{{1}}}, API_NS(scalar_zero) = {{{0}}}; /** {extra,accum} - sub +? p * Must have extra <= 1 */ -static NOINLINE void sc_subx( +static DECAF_NOINLINE void sc_subx( scalar_t out, const decaf_word_t accum[SCALAR_LIMBS], const scalar_t sub, @@ -50,7 +50,7 @@ static NOINLINE void sc_subx( } } -static NOINLINE void sc_montmul ( +static DECAF_NOINLINE void sc_montmul ( scalar_t out, const scalar_t a, const scalar_t b @@ -98,7 +98,7 @@ void API_NS(scalar_mul) ( } /* PERF: could implement this */ -static INLINE void sc_montsqr (scalar_t out, const scalar_t a) { +static DECAF_INLINE void sc_montsqr (scalar_t out, const scalar_t a) { sc_montmul(out,a,a); } @@ -211,7 +211,7 @@ API_NS(scalar_eq) ( return mask_to_bool(word_is_zero(diff)); } -static INLINE void scalar_decode_short ( +static DECAF_INLINE void scalar_decode_short ( scalar_t s, const unsigned char *ser, unsigned int nbytes diff --git a/src/public_include/decaf/common.h b/src/public_include/decaf/common.h index 694bfca..64719ad 100644 --- a/src/public_include/decaf/common.h +++ b/src/public_include/decaf/common.h @@ -24,19 +24,18 @@ extern "C" { #if defined(DOXYGEN) && !defined(__attribute__) #define __attribute__((x)) #endif -#define API_VIS __attribute__((visibility("default"))) -#define NOINLINE __attribute__((noinline)) -#define WARN_UNUSED __attribute__((warn_unused_result)) -#define NONNULL __attribute__((nonnull)) -#define INLINE inline __attribute__((always_inline)) -#define UNUSED __attribute__((unused)) +#define DECAF_API_VIS __attribute__((visibility("default"))) +#define DECAF_NOINLINE __attribute__((noinline)) +#define DECAF_WARN_UNUSED __attribute__((warn_unused_result)) +#define DECAF_NONNULL __attribute__((nonnull)) +#define DECAF_INLINE inline __attribute__((always_inline,unused)) // Cribbed from libnotmuch #if defined (__clang_major__) && __clang_major__ >= 3 \ || defined (__GNUC__) && __GNUC__ >= 5 \ || defined (__GNUC__) && __GNUC__ == 4 && __GNUC_MINOR__ >= 5 -#define DEPRECATED(msg) __attribute__ ((deprecated(msg))) +#define DECAF_DEPRECATED(msg) __attribute__ ((deprecated(msg))) #else -#define DEPRECATED(msg) __attribute__ ((deprecated)) +#define DECAF_DEPRECATED(msg) __attribute__ ((deprecated)) #endif /** @endcond */ @@ -85,15 +84,13 @@ typedef enum { /** Return success if x is true */ -static UNUSED INLINE -decaf_error_t +static DECAF_INLINE decaf_error_t decaf_succeed_if(decaf_bool_t x) { return (decaf_error_t)x; } /** Return DECAF_TRUE iff x == DECAF_SUCCESS */ -static UNUSED INLINE -decaf_bool_t +static DECAF_INLINE decaf_bool_t decaf_successful(decaf_error_t e) { decaf_dword_t w = ((decaf_word_t)e) ^ ((decaf_word_t)DECAF_SUCCESS); return (w-1)>>DECAF_WORD_BITS; @@ -103,14 +100,14 @@ decaf_successful(decaf_error_t e) { void decaf_bzero ( void *data, size_t size -) NONNULL API_VIS; +) DECAF_NONNULL DECAF_API_VIS; /** Compare two buffers, returning DECAF_TRUE if they are equal. */ decaf_bool_t decaf_memeq ( const void *data1, const void *data2, size_t size -) NONNULL WARN_UNUSED API_VIS; +) DECAF_NONNULL DECAF_WARN_UNUSED DECAF_API_VIS; #ifdef __cplusplus } /* extern "C" */ diff --git a/src/public_include/decaf/secure_buffer.hxx b/src/public_include/decaf/secure_buffer.hxx index d306cf0..aa57d29 100644 --- a/src/public_include/decaf/secure_buffer.hxx +++ b/src/public_include/decaf/secure_buffer.hxx @@ -21,11 +21,11 @@ /** @cond internal */ #if __cplusplus >= 201103L -#define NOEXCEPT noexcept -#define DELETE = delete +#define DECAF_NOEXCEPT noexcept +#define DECAF_DELETE = delete #else -#define NOEXCEPT throw() -#define DELETE +#define DECAF_NOEXCEPT throw() +#define DECAF_DELETE #endif /** @endcond */ @@ -50,24 +50,24 @@ public: typedef std::ptrdiff_t difference_type; template struct rebind { typedef SanitizingAllocator other; }; - inline SanitizingAllocator() NOEXCEPT {} - inline ~SanitizingAllocator() NOEXCEPT {} - inline SanitizingAllocator(const SanitizingAllocator &) NOEXCEPT {} - template inline SanitizingAllocator(const SanitizingAllocator &) NOEXCEPT {} + inline SanitizingAllocator() DECAF_NOEXCEPT {} + inline ~SanitizingAllocator() DECAF_NOEXCEPT {} + inline SanitizingAllocator(const SanitizingAllocator &) DECAF_NOEXCEPT {} + template inline SanitizingAllocator(const SanitizingAllocator &) DECAF_NOEXCEPT {} - inline T* address(T& r) const NOEXCEPT { return &r; } - inline const T* address(const T& r) const NOEXCEPT { return &r; } + inline T* address(T& r) const DECAF_NOEXCEPT { return &r; } + inline const T* address(const T& r) const DECAF_NOEXCEPT { return &r; } inline T* allocate ( size_type cnt, typename std::allocator::const_pointer = 0 ) throw(std::bad_alloc); - inline void deallocate(T* p, size_t size) NOEXCEPT; - inline size_t max_size() const NOEXCEPT { return std::numeric_limits::max() / sizeof(T); } + inline void deallocate(T* p, size_t size) DECAF_NOEXCEPT; + inline size_t max_size() const DECAF_NOEXCEPT { return std::numeric_limits::max() / sizeof(T); } inline void construct(T* p, const T& t) { new(p) T(t); } inline void destroy(T* p) { p->~T(); } - inline bool operator==(SanitizingAllocator const&) const NOEXCEPT { return true; } - inline bool operator!=(SanitizingAllocator const&) const NOEXCEPT { return false; } + inline bool operator==(SanitizingAllocator const&) const DECAF_NOEXCEPT { return true; } + inline bool operator!=(SanitizingAllocator const&) const DECAF_NOEXCEPT { return false; } /** @endcond */ }; @@ -85,10 +85,10 @@ inline bool memeq(const std::vector &a, const std::vector &b) { template class Serializable { public: /** @brief Return the number of bytes needed to serialize this object */ - inline size_t ser_size() const NOEXCEPT { return static_cast(this)->ser_size(); } + inline size_t ser_size() const DECAF_NOEXCEPT { return static_cast(this)->ser_size(); } /** @brief Serialize this object into a buffer */ - inline void serialize_into(unsigned char *buf) const NOEXCEPT { + inline void serialize_into(unsigned char *buf) const DECAF_NOEXCEPT { static_cast(this)->serialize_into(buf); } @@ -115,14 +115,14 @@ class Buffer; class CryptoException : public std::exception { public: /** @return "CryptoException" */ - virtual const char * what() const NOEXCEPT { return "CryptoException"; } + virtual const char * what() const DECAF_NOEXCEPT { return "CryptoException"; } }; /** @brief An exception for when crypto (ie point decode) has failed. */ class LengthException : public std::exception { public: /** @return "CryptoException" */ - virtual const char * what() const NOEXCEPT { return "LengthException"; } + virtual const char * what() const DECAF_NOEXCEPT { return "LengthException"; } }; /** @brief Passed to constructors to avoid (conservative) initialization */ @@ -137,14 +137,14 @@ protected: Rng() {} /** Not copyable */ - Rng(const Rng &) DELETE; + Rng(const Rng &) DECAF_DELETE; /** Not copyable */ - Rng &operator=(const Rng &) DELETE; + Rng &operator=(const Rng &) DECAF_DELETE; public: /** @brief Read into a Buffer */ - virtual void read(Buffer buffer) NOEXCEPT = 0; + virtual void read(Buffer buffer) DECAF_NOEXCEPT = 0; /** @brief Read into a SecureBuffer. */ inline SecureBuffer read(size_t length) throw(std::bad_alloc); @@ -165,11 +165,11 @@ public: inline Block() : data_(NULL), size_(0), zero_on_destroy_(false) {} /** Init from C string */ - inline Block(const char *data) NOEXCEPT : data_((unsigned char *)data), + inline Block(const char *data) DECAF_NOEXCEPT : data_((unsigned char *)data), size_(strlen(data)), zero_on_destroy_(false) {} /** Unowned init */ - inline Block(const unsigned char *data, size_t size, bool zero_on_destroy=false) NOEXCEPT : data_((unsigned char *)data), + inline Block(const unsigned char *data, size_t size, bool zero_on_destroy=false) DECAF_NOEXCEPT : data_((unsigned char *)data), size_(size), zero_on_destroy_(zero_on_destroy) {} /** Block from std::string */ @@ -186,7 +186,7 @@ public: : data_(((unsigned char *)&(s)[0])), size_(s.size()), zero_on_destroy_(false) {} /** Get const data */ - inline const unsigned char *data() const NOEXCEPT { return data_; } + inline const unsigned char *data() const DECAF_NOEXCEPT { return data_; } /** Subscript */ inline const unsigned char &operator[](size_t off) const throw(std::out_of_range) { @@ -195,7 +195,7 @@ public: } /** Get the size */ - inline size_t size() const NOEXCEPT { return size_; } + inline size_t size() const DECAF_NOEXCEPT { return size_; } /** Convert to C++ string */ inline std::string get_string() const { @@ -209,7 +209,7 @@ public: } /** Content-wise comparison; constant-time if they are the same length. */ - inline decaf_bool_t contents_equal(const Block &b) const NOEXCEPT { + inline decaf_bool_t contents_equal(const Block &b) const DECAF_NOEXCEPT { if (b.size() != size()) return false; return decaf_memeq(b.data(),data(),size()); } @@ -220,7 +220,7 @@ public: } /** Securely set the buffer to 0. */ - inline void zeroize() NOEXCEPT { really_bzero(data_,size()); } + inline void zeroize() DECAF_NOEXCEPT { really_bzero(data_,size()); } /** Debugging print in hex */ inline void debug_print_hex(const char *name = NULL) { @@ -231,11 +231,11 @@ public: private: /** @cond internal */ - inline decaf_bool_t operator>=(const Block &b) const NOEXCEPT DELETE; - inline decaf_bool_t operator<=(const Block &b) const NOEXCEPT DELETE; - inline decaf_bool_t operator> (const Block &b) const NOEXCEPT DELETE; - inline decaf_bool_t operator< (const Block &b) const NOEXCEPT DELETE; - inline void operator= (const Block &b) const NOEXCEPT DELETE; + inline decaf_bool_t operator>=(const Block &b) const DECAF_NOEXCEPT DECAF_DELETE; + inline decaf_bool_t operator<=(const Block &b) const DECAF_NOEXCEPT DECAF_DELETE; + inline decaf_bool_t operator> (const Block &b) const DECAF_NOEXCEPT DECAF_DELETE; + inline decaf_bool_t operator< (const Block &b) const DECAF_NOEXCEPT DECAF_DELETE; + inline void operator= (const Block &b) const DECAF_NOEXCEPT DECAF_DELETE; /** @endcond */ }; @@ -253,26 +253,26 @@ public: } /** Explicitly pass a C buffer. */ - inline explicit FixedBlock(const uint8_t data[Size]) NOEXCEPT : Block(data,Size) {} + inline explicit FixedBlock(const uint8_t data[Size]) DECAF_NOEXCEPT : Block(data,Size) {} }; /** A reference to a writable block of data */ class Buffer : public Block { public: /** Null init */ - inline Buffer() NOEXCEPT : Block() {} + inline Buffer() DECAF_NOEXCEPT : Block() {} /** Unowned init */ - inline Buffer(unsigned char *data, size_t size, bool zero_on_destroy=false) NOEXCEPT : Block(data,size,zero_on_destroy) {} + inline Buffer(unsigned char *data, size_t size, bool zero_on_destroy=false) DECAF_NOEXCEPT : Block(data,size,zero_on_destroy) {} /** Block from std::vector */ template inline Buffer(std::vector &s) : Block(s) {} /** Get const data */ - inline const unsigned char *data() const NOEXCEPT { return data_; } + inline const unsigned char *data() const DECAF_NOEXCEPT { return data_; } /** Cast to unsigned char */ - inline unsigned char* data() NOEXCEPT { return data_; } + inline unsigned char* data() DECAF_NOEXCEPT { return data_; } /** Slice the buffer*/ inline Buffer slice(size_t off, size_t length) throw(LengthException); @@ -291,7 +291,7 @@ public: private: /** @cond internal */ - inline void operator= (const Block &b) const NOEXCEPT DELETE; + inline void operator= (const Block &b) const DECAF_NOEXCEPT DECAF_DELETE; /** @endcond */ }; @@ -310,20 +310,20 @@ public: } /** Explicitly pass a C buffer. */ - inline explicit FixedBuffer(uint8_t dat[Size],bool zero_on_destroy = false) NOEXCEPT : Buffer(dat,Size,zero_on_destroy) {} + inline explicit FixedBuffer(uint8_t dat[Size],bool zero_on_destroy = false) DECAF_NOEXCEPT : Buffer(dat,Size,zero_on_destroy) {} /** Cast to a FixedBlock. */ - inline operator FixedBlock() const NOEXCEPT { + inline operator FixedBlock() const DECAF_NOEXCEPT { return FixedBlock(data()); } private: /** @cond internal */ - inline void operator= (const Block &b) const NOEXCEPT DELETE; + inline void operator= (const Block &b) const DECAF_NOEXCEPT DECAF_DELETE; /** @endcond */ }; -/** A fixed-size stack-allocated buffer (for NOEXCEPT semantics) */ +/** A fixed-size stack-allocated buffer (for DECAF_NOEXCEPT semantics) */ template class FixedArrayBuffer : public FixedBuffer { private: uint8_t storage[Size]; @@ -331,26 +331,26 @@ public: using Buffer::zeroize; /** New buffer initialized to zero. */ - inline explicit FixedArrayBuffer() NOEXCEPT : FixedBuffer(storage,true) { memset(storage,0,Size); } + inline explicit FixedArrayBuffer() DECAF_NOEXCEPT : FixedBuffer(storage,true) { memset(storage,0,Size); } /** New uninitialized buffer. */ - inline explicit FixedArrayBuffer(const NOINIT &) NOEXCEPT : FixedBuffer(storage,true) { } + inline explicit FixedArrayBuffer(const NOINIT &) DECAF_NOEXCEPT : FixedBuffer(storage,true) { } /** New random buffer */ - inline explicit FixedArrayBuffer(Rng &r) NOEXCEPT : FixedBuffer(storage,true) { r.read(*this); } + inline explicit FixedArrayBuffer(Rng &r) DECAF_NOEXCEPT : FixedBuffer(storage,true) { r.read(*this); } /** Copy constructor */ - inline explicit FixedArrayBuffer(const FixedBlock &b) NOEXCEPT : FixedBuffer(storage,true) { + inline explicit FixedArrayBuffer(const FixedBlock &b) DECAF_NOEXCEPT : FixedBuffer(storage,true) { memcpy(storage,b.data(),Size); } /** Copy operator */ - inline FixedArrayBuffer& operator=(const FixedBlock &b) NOEXCEPT { + inline FixedArrayBuffer& operator=(const FixedBlock &b) DECAF_NOEXCEPT { memcpy(storage,b.data(),Size); return *this; } /** Copy operator */ - inline FixedArrayBuffer& operator=(const FixedArrayBuffer &b) NOEXCEPT { + inline FixedArrayBuffer& operator=(const FixedArrayBuffer &b) DECAF_NOEXCEPT { memcpy(storage,b.data(),Size); return *this; } @@ -366,12 +366,12 @@ public: } /** Copy constructor */ - inline explicit FixedArrayBuffer(const FixedArrayBuffer &b) NOEXCEPT : FixedBuffer(storage,true) { + inline explicit FixedArrayBuffer(const FixedArrayBuffer &b) DECAF_NOEXCEPT : FixedBuffer(storage,true) { memcpy(storage,b.data(),Size); } /** Destroy the buffer */ - ~FixedArrayBuffer() NOEXCEPT { zeroize(); } + ~FixedArrayBuffer() DECAF_NOEXCEPT { zeroize(); } }; /** @cond internal */ @@ -398,7 +398,7 @@ protected: } ours; bool is_mine; - inline void clear() NOEXCEPT { + inline void clear() DECAF_NOEXCEPT { if (is_mine) { really_bzero(ours.mine, T::size()); free(ours.mine); @@ -415,11 +415,11 @@ protected: } is_mine = true; } - inline const Wrapped *get() const NOEXCEPT { return is_mine ? ours.mine : ours.yours; } + inline const Wrapped *get() const DECAF_NOEXCEPT { return is_mine ? ours.mine : ours.yours; } inline OwnedOrUnowned( const Wrapped &yours = *T::default_value() - ) NOEXCEPT { + ) DECAF_NOEXCEPT { ours.yours = &yours; is_mine = false; } @@ -441,7 +441,7 @@ protected: } #if __cplusplus >= 201103L - inline T &operator=(OwnedOrUnowned &&it) NOEXCEPT { + inline T &operator=(OwnedOrUnowned &&it) DECAF_NOEXCEPT { if (this == &it) return *(T*)this; clear(); ours = it.ours; @@ -475,7 +475,7 @@ T* SanitizingAllocator::allocate ( } template -void SanitizingAllocator::deallocate(T* p, size_t size) NOEXCEPT { +void SanitizingAllocator::deallocate(T* p, size_t size) DECAF_NOEXCEPT { if (p==NULL) return; really_bzero(reinterpret_cast(p), size); free(reinterpret_cast(p)); @@ -486,7 +486,7 @@ void SanitizingAllocator::deallocate(T* p, size_t size) NOEXCEPT { } /* namespace decaf */ -#undef NOEXCEPT -#undef DELETE +#undef DECAF_NOEXCEPT +#undef DECAF_DELETE #endif /* __DECAF_SECURE_BUFFER_HXX__ */ diff --git a/src/public_include/decaf/sha512.h b/src/public_include/decaf/sha512.h index d0fd8ce..3c8ec70 100644 --- a/src/public_include/decaf/sha512.h +++ b/src/public_include/decaf/sha512.h @@ -5,8 +5,8 @@ * @brief SHA2-512 */ -#ifndef __SHA512_H__ -#define __SHA512_H__ +#ifndef __DECAF_SHA512_H__ +#define __DECAF_SHA512_H__ #include #include @@ -25,9 +25,9 @@ typedef struct decaf_sha512_ctx_s { uint64_t bytes_processed; } decaf_sha512_ctx_s, decaf_sha512_ctx_t[1]; -void decaf_sha512_init(decaf_sha512_ctx_t ctx) NONNULL API_VIS; -void decaf_sha512_update(decaf_sha512_ctx_t ctx, const uint8_t *message, size_t length) NONNULL API_VIS; -void decaf_sha512_final(decaf_sha512_ctx_t ctx, uint8_t *out, size_t length) NONNULL API_VIS; +void decaf_sha512_init(decaf_sha512_ctx_t ctx) DECAF_NONNULL DECAF_API_VIS; +void decaf_sha512_update(decaf_sha512_ctx_t ctx, const uint8_t *message, size_t length) DECAF_NONNULL DECAF_API_VIS; +void decaf_sha512_final(decaf_sha512_ctx_t ctx, uint8_t *out, size_t length) DECAF_NONNULL DECAF_API_VIS; static inline void decaf_sha512_destroy(decaf_sha512_ctx_t ctx) { decaf_bzero(ctx,sizeof(*ctx)); @@ -50,4 +50,4 @@ static inline void decaf_sha512_hash( } /* extern "C" */ #endif -#endif /* __SHA512_H__ */ +#endif /* __DECAF_SHA512_H__ */ diff --git a/src/public_include/decaf/sha512.hxx b/src/public_include/decaf/sha512.hxx index 031e6bc..c7f160b 100644 --- a/src/public_include/decaf/sha512.hxx +++ b/src/public_include/decaf/sha512.hxx @@ -17,9 +17,9 @@ /** @cond internal */ #if __cplusplus >= 201103L - #define NOEXCEPT noexcept + #define DECAF_NOEXCEPT noexcept #else - #define NOEXCEPT throw() + #define DECAF_NOEXCEPT throw() #endif /** @endcond */ @@ -44,13 +44,13 @@ public: static const size_t DEFAULT_OUTPUT_BYTES = OUTPUT_BYTES; /** Constructor */ - inline SHA512() NOEXCEPT { decaf_sha512_init(wrapped); } + inline SHA512() DECAF_NOEXCEPT { decaf_sha512_init(wrapped); } /** Add more data to running hash */ - inline void update(const uint8_t *__restrict__ in, size_t len) NOEXCEPT { decaf_sha512_update(wrapped,in,len); } + inline void update(const uint8_t *__restrict__ in, size_t len) DECAF_NOEXCEPT { decaf_sha512_update(wrapped,in,len); } /** Add more data to running hash, C++ version. */ - inline void update(const Block &s) NOEXCEPT { update(s.data(),s.size()); } + inline void update(const Block &s) DECAF_NOEXCEPT { update(s.data(),s.size()); } /** Add more data, stream version. */ inline SHA512 &operator<<(const Block &s) { update(s); return *this; } @@ -65,7 +65,7 @@ public: } /** Resets the SHA context */ - inline void reset() NOEXCEPT { decaf_sha512_init(wrapped); } + inline void reset() DECAF_NOEXCEPT { decaf_sha512_init(wrapped); } /** @brief Output bytes from the sponge. */ inline SecureBuffer final(size_t len = OUTPUT_BYTES) throw(LengthException) { @@ -76,10 +76,10 @@ public: } /** @brief Return the sponge's default output size. */ - inline size_t default_output_size() const NOEXCEPT { return OUTPUT_BYTES; } + inline size_t default_output_size() const DECAF_NOEXCEPT { return OUTPUT_BYTES; } /** @brief Return the sponge's maximum output size. */ - inline size_t max_output_size() const NOEXCEPT { return MAX_OUTPUT_BYTES; } + inline size_t max_output_size() const DECAF_NOEXCEPT { return MAX_OUTPUT_BYTES; } /** @brief Hash a message in one pass */ static inline SecureBuffer hash ( @@ -93,11 +93,11 @@ public: } /** Destructor zeroizes state */ - inline ~SHA512() NOEXCEPT { decaf_sha512_destroy(wrapped); } + inline ~SHA512() DECAF_NOEXCEPT { decaf_sha512_destroy(wrapped); } }; } /* namespace decaf */ -#undef NOEXCEPT +#undef DECAF_NOEXCEPT #endif /* __DECAF_SHA512_HXX__ */ diff --git a/src/public_include/decaf/shake.h b/src/public_include/decaf/shake.h index e949071..7f92dda 100644 --- a/src/public_include/decaf/shake.h +++ b/src/public_include/decaf/shake.h @@ -46,7 +46,7 @@ extern "C" { void decaf_sponge_init ( decaf_keccak_sponge_t sponge, const struct decaf_kparams_s *params -) API_VIS; +) DECAF_API_VIS; /** * @brief Absorb data into a DECAF_SHA3 or DECAF_SHAKE hash context. @@ -58,7 +58,7 @@ void decaf_sha3_update ( struct decaf_keccak_sponge_s * __restrict__ sponge, const uint8_t *in, size_t len -) API_VIS; +) DECAF_API_VIS; /** * @brief Squeeze output data from a DECAF_SHA3 or DECAF_SHAKE hash context. @@ -75,7 +75,7 @@ decaf_error_t decaf_sha3_output ( decaf_keccak_sponge_t sponge, uint8_t * __restrict__ out, size_t len -) API_VIS; +) DECAF_API_VIS; /** * @brief Squeeze output data from a DECAF_SHA3 or DECAF_SHAKE hash context. @@ -89,7 +89,7 @@ decaf_error_t decaf_sha3_final ( decaf_keccak_sponge_t sponge, uint8_t * __restrict__ out, size_t len -) API_VIS; +) DECAF_API_VIS; /** * @brief Reset the sponge to the empty string. @@ -98,7 +98,7 @@ decaf_error_t decaf_sha3_final ( */ void decaf_sha3_reset ( decaf_keccak_sponge_t sponge -) API_VIS; +) DECAF_API_VIS; /** * @brief Return the default output length of the sponge construction, @@ -108,7 +108,7 @@ void decaf_sha3_reset ( */ size_t decaf_sponge_default_output_bytes ( const decaf_keccak_sponge_t sponge /**< [inout] The context. */ -) API_VIS; +) DECAF_API_VIS; /** * @brief Return the default output length of the sponge construction, @@ -118,7 +118,7 @@ size_t decaf_sponge_default_output_bytes ( */ size_t decaf_sponge_max_output_bytes ( const decaf_keccak_sponge_t sponge /**< [inout] The context. */ -) API_VIS; +) DECAF_API_VIS; /** * @brief Destroy a DECAF_SHA3 or DECAF_SHAKE sponge context by overwriting it with 0. @@ -126,7 +126,7 @@ size_t decaf_sponge_max_output_bytes ( */ void decaf_sponge_destroy ( decaf_keccak_sponge_t sponge -) API_VIS; +) DECAF_API_VIS; /** * @brief Hash (in) to (out) @@ -142,66 +142,66 @@ void decaf_sponge_hash ( uint8_t *out, size_t outlen, const struct decaf_kparams_s *params -) API_VIS; +) DECAF_API_VIS; /* FUTURE: expand/doxygenate individual DECAF_SHAKE/DECAF_SHA3 instances? */ /** @cond internal */ -#define DEC_SHAKE(n) \ - extern const struct decaf_kparams_s DECAF_SHAKE##n##_params_s API_VIS; \ +#define DECAF_DEC_SHAKE(n) \ + extern const struct decaf_kparams_s DECAF_SHAKE##n##_params_s DECAF_API_VIS; \ typedef struct decaf_shake##n##_ctx_s { decaf_keccak_sponge_t s; } decaf_shake##n##_ctx_t[1]; \ - static inline void NONNULL decaf_shake##n##_init(decaf_shake##n##_ctx_t sponge) { \ + static inline void DECAF_NONNULL decaf_shake##n##_init(decaf_shake##n##_ctx_t sponge) { \ decaf_sponge_init(sponge->s, &DECAF_SHAKE##n##_params_s); \ } \ - static inline void NONNULL decaf_shake##n##_gen_init(decaf_keccak_sponge_t sponge) { \ + static inline void DECAF_NONNULL decaf_shake##n##_gen_init(decaf_keccak_sponge_t sponge) { \ decaf_sponge_init(sponge, &DECAF_SHAKE##n##_params_s); \ } \ - static inline void NONNULL decaf_shake##n##_update(decaf_shake##n##_ctx_t sponge, const uint8_t *in, size_t inlen ) { \ + static inline void DECAF_NONNULL decaf_shake##n##_update(decaf_shake##n##_ctx_t sponge, const uint8_t *in, size_t inlen ) { \ decaf_sha3_update(sponge->s, in, inlen); \ } \ - static inline void NONNULL decaf_shake##n##_final(decaf_shake##n##_ctx_t sponge, uint8_t *out, size_t outlen ) { \ + static inline void DECAF_NONNULL decaf_shake##n##_final(decaf_shake##n##_ctx_t sponge, uint8_t *out, size_t outlen ) { \ decaf_sha3_output(sponge->s, out, outlen); \ decaf_sponge_init(sponge->s, &DECAF_SHAKE##n##_params_s); \ } \ - static inline void NONNULL decaf_shake##n##_hash(uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen) { \ + static inline void DECAF_NONNULL decaf_shake##n##_hash(uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen) { \ decaf_sponge_hash(in,inlen,out,outlen,&DECAF_SHAKE##n##_params_s); \ } \ - static inline void NONNULL decaf_shake##n##_destroy( decaf_shake##n##_ctx_t sponge ) { \ + static inline void DECAF_NONNULL decaf_shake##n##_destroy( decaf_shake##n##_ctx_t sponge ) { \ decaf_sponge_destroy(sponge->s); \ } -#define DEC_SHA3(n) \ - extern const struct decaf_kparams_s DECAF_SHA3_##n##_params_s API_VIS; \ +#define DECAF_DEC_SHA3(n) \ + extern const struct decaf_kparams_s DECAF_SHA3_##n##_params_s DECAF_API_VIS; \ typedef struct decaf_sha3_##n##_ctx_s { decaf_keccak_sponge_t s; } decaf_sha3_##n##_ctx_t[1]; \ - static inline void NONNULL decaf_sha3_##n##_init(decaf_sha3_##n##_ctx_t sponge) { \ + static inline void DECAF_NONNULL decaf_sha3_##n##_init(decaf_sha3_##n##_ctx_t sponge) { \ decaf_sponge_init(sponge->s, &DECAF_SHA3_##n##_params_s); \ } \ - static inline void NONNULL decaf_sha3_##n##_gen_init(decaf_keccak_sponge_t sponge) { \ + static inline void DECAF_NONNULL decaf_sha3_##n##_gen_init(decaf_keccak_sponge_t sponge) { \ decaf_sponge_init(sponge, &DECAF_SHA3_##n##_params_s); \ } \ - static inline void NONNULL decaf_sha3_##n##_update(decaf_sha3_##n##_ctx_t sponge, const uint8_t *in, size_t inlen ) { \ + static inline void DECAF_NONNULL decaf_sha3_##n##_update(decaf_sha3_##n##_ctx_t sponge, const uint8_t *in, size_t inlen ) { \ decaf_sha3_update(sponge->s, in, inlen); \ } \ - static inline void NONNULL decaf_sha3_##n##_final(decaf_sha3_##n##_ctx_t sponge, uint8_t *out, size_t outlen ) { \ + static inline void DECAF_NONNULL decaf_sha3_##n##_final(decaf_sha3_##n##_ctx_t sponge, uint8_t *out, size_t outlen ) { \ decaf_sha3_output(sponge->s, out, outlen); \ decaf_sponge_init(sponge->s, &DECAF_SHA3_##n##_params_s); \ } \ - static inline void NONNULL decaf_sha3_##n##_hash(uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen) { \ + static inline void DECAF_NONNULL decaf_sha3_##n##_hash(uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen) { \ decaf_sponge_hash(in,inlen,out,outlen,&DECAF_SHA3_##n##_params_s); \ } \ - static inline void NONNULL decaf_sha3_##n##_destroy(decaf_sha3_##n##_ctx_t sponge) { \ + static inline void DECAF_NONNULL decaf_sha3_##n##_destroy(decaf_sha3_##n##_ctx_t sponge) { \ decaf_sponge_destroy(sponge->s); \ } /** @endcond */ -DEC_SHAKE(128) -DEC_SHAKE(256) -DEC_SHA3(224) -DEC_SHA3(256) -DEC_SHA3(384) -DEC_SHA3(512) -#undef DEC_SHAKE -#undef DEC_SHA3 +DECAF_DEC_SHAKE(128) +DECAF_DEC_SHAKE(256) +DECAF_DEC_SHA3(224) +DECAF_DEC_SHA3(256) +DECAF_DEC_SHA3(384) +DECAF_DEC_SHA3(512) +#undef DECAF_DEC_SHAKE +#undef DECAF_DEC_SHA3 #ifdef __cplusplus } /* extern "C" */ diff --git a/src/public_include/decaf/shake.hxx b/src/public_include/decaf/shake.hxx index 1ea9c4a..aae66e8 100644 --- a/src/public_include/decaf/shake.hxx +++ b/src/public_include/decaf/shake.hxx @@ -17,11 +17,11 @@ /** @cond internal */ #if __cplusplus >= 201103L -#define NOEXCEPT noexcept -#define DELETE = delete +#define DECAF_NOEXCEPT noexcept +#define DECAF_DELETE = delete #else -#define NOEXCEPT throw() -#define DELETE +#define DECAF_NOEXCEPT throw() +#define DECAF_DELETE #endif /** @endcond */ @@ -38,21 +38,21 @@ protected: decaf_keccak_sponge_t wrapped; /** Initialize from parameters */ - inline KeccakHash(const decaf_kparams_s *params) NOEXCEPT { decaf_sponge_init(wrapped, params); } + inline KeccakHash(const decaf_kparams_s *params) DECAF_NOEXCEPT { decaf_sponge_init(wrapped, params); } /** @endcond */ public: /** Add more data to running hash */ - inline void update(const uint8_t *__restrict__ in, size_t len) NOEXCEPT { decaf_sha3_update(wrapped,in,len); } + inline void update(const uint8_t *__restrict__ in, size_t len) DECAF_NOEXCEPT { decaf_sha3_update(wrapped,in,len); } /** Add more data to running hash, C++ version. */ - inline void update(const Block &s) NOEXCEPT { decaf_sha3_update(wrapped,s.data(),s.size()); } + inline void update(const Block &s) DECAF_NOEXCEPT { decaf_sha3_update(wrapped,s.data(),s.size()); } /** Add more data, stream version. */ - inline KeccakHash &operator<<(const Block &s) NOEXCEPT { update(s); return *this; } + inline KeccakHash &operator<<(const Block &s) DECAF_NOEXCEPT { update(s); return *this; } /** Same as <<. */ - inline KeccakHash &operator+=(const Block &s) NOEXCEPT { return *this << s; } + inline KeccakHash &operator+=(const Block &s) DECAF_NOEXCEPT { return *this << s; } /** @brief Output bytes from the sponge. */ inline SecureBuffer output(size_t len) throw(std::bad_alloc, LengthException) { @@ -93,12 +93,12 @@ public: } /** @brief Return the sponge's default output size. */ - inline size_t default_output_size() const NOEXCEPT { + inline size_t default_output_size() const DECAF_NOEXCEPT { return decaf_sponge_default_output_bytes(wrapped); } /** @brief Return the sponge's maximum output size. */ - inline size_t max_output_size() const NOEXCEPT { + inline size_t max_output_size() const DECAF_NOEXCEPT { return decaf_sponge_max_output_bytes(wrapped); } @@ -113,10 +113,10 @@ public: } /** Reset the hash to the empty string */ - inline void reset() NOEXCEPT { decaf_sha3_reset(wrapped); } + inline void reset() DECAF_NOEXCEPT { decaf_sha3_reset(wrapped); } /** Destructor zeroizes state */ - inline ~KeccakHash() NOEXCEPT { decaf_sponge_destroy(wrapped); } + inline ~KeccakHash() DECAF_NOEXCEPT { decaf_sponge_destroy(wrapped); } }; /** Fixed-output-length SHA3 */ @@ -133,7 +133,7 @@ public: static const size_t DEFAULT_OUTPUT_BYTES = bits/8; /** Initializer */ - inline SHA3() NOEXCEPT : KeccakHash(get_params()) {} + inline SHA3() DECAF_NOEXCEPT : KeccakHash(get_params()) {} /** Hash bytes with this SHA3 instance. * @throw LengthException if nbytes > MAX_OUTPUT_BYTES @@ -165,7 +165,7 @@ public: static const size_t DEFAULT_OUTPUT_BYTES = bits/4; /** Initializer */ - inline SHAKE() NOEXCEPT : KeccakHash(get_params()) {} + inline SHAKE() DECAF_NOEXCEPT : KeccakHash(get_params()) {} /** Hash bytes with this SHAKE instance */ static inline SecureBuffer hash(const Block &b, size_t outlen) throw(std::bad_alloc) { @@ -184,7 +184,7 @@ template<> inline const struct decaf_kparams_s *SHA3<512>::get_params() { return } /* namespace decaf */ -#undef NOEXCEPT -#undef DELETE +#undef DECAF_NOEXCEPT +#undef DECAF_DELETE #endif /* __DECAF_SHAKE_HXX__ */ diff --git a/src/public_include/decaf/spongerng.h b/src/public_include/decaf/spongerng.h index 2e0e816..f03b7eb 100644 --- a/src/public_include/decaf/spongerng.h +++ b/src/public_include/decaf/spongerng.h @@ -32,7 +32,7 @@ void decaf_spongerng_init_from_buffer ( const uint8_t *__restrict__ in, /**< [in] The initialization data. */ size_t len, /**< [in] The length of the initialization data. */ int deterministic /**< [in] If zero, allow RNG to stir in nondeterministic data from RDRAND or RDTSC.*/ -) NONNULL API_VIS; +) DECAF_NONNULL DECAF_API_VIS; /** * @brief Initialize a sponge-based CSPRNG from a file. @@ -45,7 +45,7 @@ decaf_error_t decaf_spongerng_init_from_file ( const char *file, /**< [in] A name of a file containing initial data. */ size_t len, /**< [in] The length of the initial data. Must be positive. */ int deterministic /**< [in] If zero, allow RNG to stir in nondeterministic data from RDRAND or RDTSC. */ -) NONNULL API_VIS WARN_UNUSED; +) DECAF_NONNULL DECAF_API_VIS DECAF_WARN_UNUSED; /** * @brief Initialize a nondeterministic sponge-based CSPRNG from /dev/urandom. @@ -55,24 +55,24 @@ decaf_error_t decaf_spongerng_init_from_file ( */ decaf_error_t decaf_spongerng_init_from_dev_urandom ( decaf_keccak_prng_t prng /**< [out] sponge The sponge object. */ -) API_VIS WARN_UNUSED; +) DECAF_API_VIS DECAF_WARN_UNUSED; /** Output bytes from a sponge-based CSPRNG. */ void decaf_spongerng_next ( decaf_keccak_prng_t prng, /**< [inout] The PRNG object. */ uint8_t * __restrict__ out, /**< [out] Output buffer. */ size_t len /**< [in] Number of bytes to output. */ -) API_VIS; +) DECAF_API_VIS; /** Stir entropy data into a sponge-based CSPRNG from a buffer. */ void decaf_spongerng_stir ( decaf_keccak_prng_t prng, /**< [out] The PRNG object. */ const uint8_t * __restrict__ in, /**< [in] The entropy data. */ size_t len /**< [in] The length of the initial data. */ -) NONNULL API_VIS; +) DECAF_NONNULL DECAF_API_VIS; /** Securely destroy a sponge RNG object by overwriting it. */ -static INLINE UNUSED void +static DECAF_INLINE void decaf_spongerng_destroy ( decaf_keccak_prng_t doomed /**< [in] The object to destroy. */ ); diff --git a/src/public_include/decaf/spongerng.hxx b/src/public_include/decaf/spongerng.hxx index 0513687..f3dbd3a 100644 --- a/src/public_include/decaf/spongerng.hxx +++ b/src/public_include/decaf/spongerng.hxx @@ -24,11 +24,11 @@ /** @cond internal */ #if __cplusplus >= 201103L -#define NOEXCEPT noexcept -#define DELETE = delete +#define DECAF_NOEXCEPT noexcept +#define DECAF_DELETE = delete #else -#define NOEXCEPT throw() -#define DELETE +#define DECAF_NOEXCEPT throw() +#define DECAF_DELETE #endif /** @endcond */ @@ -55,8 +55,8 @@ public: /** @endcond */ public: const int err_code; /**< errno that caused the reseed to fail. */ - const char *what() const NOEXCEPT { return what_; } /**< Description of exception. */ - RngException(int err_code, const char *what_) NOEXCEPT : what_(what_), err_code(err_code) {} /**< Construct */ + const char *what() const DECAF_NOEXCEPT { return what_; } /**< Description of exception. */ + RngException(int err_code, const char *what_) DECAF_NOEXCEPT : what_(what_), err_code(err_code) {} /**< Construct */ }; /** Initialize, deterministically by default, from block */ @@ -74,31 +74,31 @@ public: } /** Stir in new data */ - inline void stir( const Block &data ) NOEXCEPT { + inline void stir( const Block &data ) DECAF_NOEXCEPT { decaf_spongerng_stir(sp,data.data(),data.size()); } /** Securely destroy by overwriting state. */ - inline ~SpongeRng() NOEXCEPT { decaf_spongerng_destroy(sp); } + inline ~SpongeRng() DECAF_NOEXCEPT { decaf_spongerng_destroy(sp); } using Rng::read; /** Read data to a buffer. */ - virtual inline void read(Buffer buffer) NOEXCEPT + virtual inline void read(Buffer buffer) DECAF_NOEXCEPT #if __cplusplus >= 201103L final #endif { decaf_spongerng_next(sp,buffer.data(),buffer.size()); } private: - SpongeRng(const SpongeRng &) DELETE; - SpongeRng &operator=(const SpongeRng &) DELETE; + SpongeRng(const SpongeRng &) DECAF_DELETE; + SpongeRng &operator=(const SpongeRng &) DECAF_DELETE; }; /**@endcond*/ } /* namespace decaf */ -#undef NOEXCEPT -#undef DELETE +#undef DECAF_NOEXCEPT +#undef DECAF_DELETE #endif /* __DECAF_SPONGERNG_HXX__ */ diff --git a/src/sha512.c b/src/sha512.c index 835d087..1cdd5ce 100644 --- a/src/sha512.c +++ b/src/sha512.c @@ -64,7 +64,7 @@ static uint64_t load_bigendian(const uint8_t *x) b = a; \ a = T1 + T2; -static NOINLINE void hashblock(decaf_sha512_ctx_t ctx) { +static DECAF_NOINLINE void hashblock(decaf_sha512_ctx_t ctx) { const uint8_t *in = ctx->block; uint64_t a = ctx->state[0]; uint64_t b = ctx->state[1];