jmg
/
ed448goldilocks
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

rename publicly-visible macros to DECAF_ namespace

master
Michael Hamburg 7 years ago
parent
ec4ece08f0
commit
e69e00269f
40 changed files with 896 additions and 893 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +9
    -9
      src/GENERATED/c/curve25519/decaf.c
  2. +1
    -1
      src/GENERATED/c/curve25519/elligator.c
  3. +4
    -4
      src/GENERATED/c/curve25519/scalar.c
  4. +9
    -9
      src/GENERATED/c/ed448goldilocks/decaf.c
  5. +1
    -1
      src/GENERATED/c/ed448goldilocks/elligator.c
  6. +4
    -4
      src/GENERATED/c/ed448goldilocks/scalar.c
  7. +11
    -14
      src/GENERATED/include/decaf/common.h
  8. +14
    -11
      src/GENERATED/include/decaf/ed255.h
  9. +26
    -26
      src/GENERATED/include/decaf/ed255.hxx
  10. +13
    -10
      src/GENERATED/include/decaf/ed448.h
  11. +26
    -26
      src/GENERATED/include/decaf/ed448.hxx
  12. +48
    -48
      src/GENERATED/include/decaf/point_255.h
  13. +89
    -89
      src/GENERATED/include/decaf/point_255.hxx
  14. +48
    -48
      src/GENERATED/include/decaf/point_448.h
  15. +89
    -89
      src/GENERATED/include/decaf/point_448.hxx
  16. +57
    -57
      src/GENERATED/include/decaf/secure_buffer.hxx
  17. +6
    -6
      src/GENERATED/include/decaf/sha512.h
  18. +10
    -10
      src/GENERATED/include/decaf/sha512.hxx
  19. +33
    -33
      src/GENERATED/include/decaf/shake.h
  20. +17
    -17
      src/GENERATED/include/decaf/shake.hxx
  21. +6
    -6
      src/GENERATED/include/decaf/spongerng.h
  22. +13
    -13
      src/GENERATED/include/decaf/spongerng.hxx
  23. +3
    -3
      src/include/field.h
  24. +14
    -14
      src/include/word.h
  25. +9
    -9
      src/per_curve/decaf.tmpl.c
  26. +14
    -11
      src/per_curve/eddsa.tmpl.h
  27. +26
    -26
      src/per_curve/eddsa.tmpl.hxx
  28. +1
    -1
      src/per_curve/elligator.tmpl.c
  29. +48
    -48
      src/per_curve/point.tmpl.h
  30. +89
    -89
      src/per_curve/point.tmpl.hxx
  31. +4
    -4
      src/per_curve/scalar.tmpl.c
  32. +11
    -14
      src/public_include/decaf/common.h
  33. +57
    -57
      src/public_include/decaf/secure_buffer.hxx
  34. +6
    -6
      src/public_include/decaf/sha512.h
  35. +10
    -10
      src/public_include/decaf/sha512.hxx
  36. +33
    -33
      src/public_include/decaf/shake.h
  37. +17
    -17
      src/public_include/decaf/shake.hxx
  38. +6
    -6
      src/public_include/decaf/spongerng.h
  39. +13
    -13
      src/public_include/decaf/spongerng.hxx
  40. +1
    -1
      src/sha512.c

+ 9
- 9
src/GENERATED/c/curve25519/decaf.c View File

@@ -364,7 +364,7 @@ void API_NS(point_add) (
gf_mul ( p->t, b, c ); gf_mul ( p->t, b, c );
} }


static NOINLINE void
static DECAF_NOINLINE void
point_double_internal ( point_double_internal (
point_t p, point_t p,
const point_t q, const point_t q,
@@ -403,7 +403,7 @@ void API_NS(point_negate) (
} }


/* Operations on [p]niels */ /* Operations on [p]niels */
static INLINE void
static DECAF_INLINE void
cond_neg_niels ( cond_neg_niels (
niels_t n, niels_t n,
mask_t neg mask_t neg
@@ -412,7 +412,7 @@ cond_neg_niels (
gf_cond_neg(n->c, neg); gf_cond_neg(n->c, neg);
} }


static NOINLINE void pt_to_pniels (
static DECAF_NOINLINE void pt_to_pniels (
pniels_t b, pniels_t b,
const point_t a const point_t a
) { ) {
@@ -422,7 +422,7 @@ static NOINLINE void pt_to_pniels (
gf_add ( b->z, a->z, a->z ); gf_add ( b->z, a->z, a->z );
} }


static NOINLINE void pniels_to_pt (
static DECAF_NOINLINE void pniels_to_pt (
point_t e, point_t e,
const pniels_t d const pniels_t d
) { ) {
@@ -435,7 +435,7 @@ static NOINLINE void pniels_to_pt (
gf_sqr ( e->z, d->z ); gf_sqr ( e->z, d->z );
} }


static NOINLINE void
static DECAF_NOINLINE void
niels_to_pt ( niels_to_pt (
point_t e, point_t e,
const niels_t n const niels_t n
@@ -446,7 +446,7 @@ niels_to_pt (
gf_copy ( e->z, ONE ); gf_copy ( e->z, ONE );
} }


static NOINLINE void
static DECAF_NOINLINE void
add_niels_to_pt ( add_niels_to_pt (
point_t d, point_t d,
const niels_t e, const niels_t e,
@@ -468,7 +468,7 @@ add_niels_to_pt (
if (!before_double) gf_mul ( d->t, b, c ); if (!before_double) gf_mul ( d->t, b, c );
} }


static NOINLINE void
static DECAF_NOINLINE void
sub_niels_from_pt ( sub_niels_from_pt (
point_t d, point_t d,
const niels_t e, const niels_t e,
@@ -514,7 +514,7 @@ sub_pniels_from_pt (
sub_niels_from_pt( p, pn->n, before_double ); sub_niels_from_pt( p, pn->n, before_double );
} }


static NOINLINE void
static DECAF_NOINLINE void
prepare_fixed_window( prepare_fixed_window(
pniels_t *multiples, pniels_t *multiples,
const point_t b, const point_t b,
@@ -973,7 +973,7 @@ void API_NS(precompute) (
decaf_bzero(doubles,sizeof(doubles)); decaf_bzero(doubles,sizeof(doubles));
} }


static INLINE void
static DECAF_INLINE void
constant_time_lookup_niels ( constant_time_lookup_niels (
niels_s *__restrict__ ni, niels_s *__restrict__ ni,
const niels_t *table, const niels_t *table,


+ 1
- 1
src/GENERATED/c/curve25519/elligator.c View File

@@ -109,7 +109,7 @@ void API_NS(point_from_hash_uniform) (
#define MAX(A,B) (((A)>(B)) ? (A) : (B)) #define MAX(A,B) (((A)>(B)) ? (A) : (B))
#define PKP_MASK ((1<<(MAX(8*SER_BYTES + 0 - 255,0)))-1) #define PKP_MASK ((1<<(MAX(8*SER_BYTES + 0 - 255,0)))-1)
#if PKP_MASK != 0 #if PKP_MASK != 0
static UNUSED mask_t plus_k_p (
static DECAF_INLINE mask_t plus_k_p (
uint8_t x[SER_BYTES], uint8_t x[SER_BYTES],
uint32_t factor_ uint32_t factor_
) { ) {


+ 4
- 4
src/GENERATED/c/curve25519/scalar.c View File

@@ -37,7 +37,7 @@ const scalar_t API_NS(scalar_one) = {{{1}}}, API_NS(scalar_zero) = {{{0}}};
/** {extra,accum} - sub +? p /** {extra,accum} - sub +? p
* Must have extra <= 1 * Must have extra <= 1
*/ */
static NOINLINE void sc_subx(
static DECAF_NOINLINE void sc_subx(
scalar_t out, scalar_t out,
const decaf_word_t accum[SCALAR_LIMBS], const decaf_word_t accum[SCALAR_LIMBS],
const scalar_t sub, const scalar_t sub,
@@ -61,7 +61,7 @@ static NOINLINE void sc_subx(
} }
} }


static NOINLINE void sc_montmul (
static DECAF_NOINLINE void sc_montmul (
scalar_t out, scalar_t out,
const scalar_t a, const scalar_t a,
const scalar_t b const scalar_t b
@@ -109,7 +109,7 @@ void API_NS(scalar_mul) (
} }


/* PERF: could implement this */ /* PERF: could implement this */
static INLINE void sc_montsqr (scalar_t out, const scalar_t a) {
static DECAF_INLINE void sc_montsqr (scalar_t out, const scalar_t a) {
sc_montmul(out,a,a); sc_montmul(out,a,a);
} }


@@ -222,7 +222,7 @@ API_NS(scalar_eq) (
return mask_to_bool(word_is_zero(diff)); return mask_to_bool(word_is_zero(diff));
} }


static INLINE void scalar_decode_short (
static DECAF_INLINE void scalar_decode_short (
scalar_t s, scalar_t s,
const unsigned char *ser, const unsigned char *ser,
unsigned int nbytes unsigned int nbytes


+ 9
- 9
src/GENERATED/c/ed448goldilocks/decaf.c View File

@@ -364,7 +364,7 @@ void API_NS(point_add) (
gf_mul ( p->t, b, c ); gf_mul ( p->t, b, c );
} }


static NOINLINE void
static DECAF_NOINLINE void
point_double_internal ( point_double_internal (
point_t p, point_t p,
const point_t q, const point_t q,
@@ -403,7 +403,7 @@ void API_NS(point_negate) (
} }


/* Operations on [p]niels */ /* Operations on [p]niels */
static INLINE void
static DECAF_INLINE void
cond_neg_niels ( cond_neg_niels (
niels_t n, niels_t n,
mask_t neg mask_t neg
@@ -412,7 +412,7 @@ cond_neg_niels (
gf_cond_neg(n->c, neg); gf_cond_neg(n->c, neg);
} }


static NOINLINE void pt_to_pniels (
static DECAF_NOINLINE void pt_to_pniels (
pniels_t b, pniels_t b,
const point_t a const point_t a
) { ) {
@@ -422,7 +422,7 @@ static NOINLINE void pt_to_pniels (
gf_add ( b->z, a->z, a->z ); gf_add ( b->z, a->z, a->z );
} }


static NOINLINE void pniels_to_pt (
static DECAF_NOINLINE void pniels_to_pt (
point_t e, point_t e,
const pniels_t d const pniels_t d
) { ) {
@@ -435,7 +435,7 @@ static NOINLINE void pniels_to_pt (
gf_sqr ( e->z, d->z ); gf_sqr ( e->z, d->z );
} }


static NOINLINE void
static DECAF_NOINLINE void
niels_to_pt ( niels_to_pt (
point_t e, point_t e,
const niels_t n const niels_t n
@@ -446,7 +446,7 @@ niels_to_pt (
gf_copy ( e->z, ONE ); gf_copy ( e->z, ONE );
} }


static NOINLINE void
static DECAF_NOINLINE void
add_niels_to_pt ( add_niels_to_pt (
point_t d, point_t d,
const niels_t e, const niels_t e,
@@ -468,7 +468,7 @@ add_niels_to_pt (
if (!before_double) gf_mul ( d->t, b, c ); if (!before_double) gf_mul ( d->t, b, c );
} }


static NOINLINE void
static DECAF_NOINLINE void
sub_niels_from_pt ( sub_niels_from_pt (
point_t d, point_t d,
const niels_t e, const niels_t e,
@@ -514,7 +514,7 @@ sub_pniels_from_pt (
sub_niels_from_pt( p, pn->n, before_double ); sub_niels_from_pt( p, pn->n, before_double );
} }


static NOINLINE void
static DECAF_NOINLINE void
prepare_fixed_window( prepare_fixed_window(
pniels_t *multiples, pniels_t *multiples,
const point_t b, const point_t b,
@@ -973,7 +973,7 @@ void API_NS(precompute) (
decaf_bzero(doubles,sizeof(doubles)); decaf_bzero(doubles,sizeof(doubles));
} }


static INLINE void
static DECAF_INLINE void
constant_time_lookup_niels ( constant_time_lookup_niels (
niels_s *__restrict__ ni, niels_s *__restrict__ ni,
const niels_t *table, const niels_t *table,


+ 1
- 1
src/GENERATED/c/ed448goldilocks/elligator.c View File

@@ -109,7 +109,7 @@ void API_NS(point_from_hash_uniform) (
#define MAX(A,B) (((A)>(B)) ? (A) : (B)) #define MAX(A,B) (((A)>(B)) ? (A) : (B))
#define PKP_MASK ((1<<(MAX(8*SER_BYTES + 0 - 448,0)))-1) #define PKP_MASK ((1<<(MAX(8*SER_BYTES + 0 - 448,0)))-1)
#if PKP_MASK != 0 #if PKP_MASK != 0
static UNUSED mask_t plus_k_p (
static DECAF_INLINE mask_t plus_k_p (
uint8_t x[SER_BYTES], uint8_t x[SER_BYTES],
uint32_t factor_ uint32_t factor_
) { ) {


+ 4
- 4
src/GENERATED/c/ed448goldilocks/scalar.c View File

@@ -37,7 +37,7 @@ const scalar_t API_NS(scalar_one) = {{{1}}}, API_NS(scalar_zero) = {{{0}}};
/** {extra,accum} - sub +? p /** {extra,accum} - sub +? p
* Must have extra <= 1 * Must have extra <= 1
*/ */
static NOINLINE void sc_subx(
static DECAF_NOINLINE void sc_subx(
scalar_t out, scalar_t out,
const decaf_word_t accum[SCALAR_LIMBS], const decaf_word_t accum[SCALAR_LIMBS],
const scalar_t sub, const scalar_t sub,
@@ -61,7 +61,7 @@ static NOINLINE void sc_subx(
} }
} }


static NOINLINE void sc_montmul (
static DECAF_NOINLINE void sc_montmul (
scalar_t out, scalar_t out,
const scalar_t a, const scalar_t a,
const scalar_t b const scalar_t b
@@ -109,7 +109,7 @@ void API_NS(scalar_mul) (
} }


/* PERF: could implement this */ /* PERF: could implement this */
static INLINE void sc_montsqr (scalar_t out, const scalar_t a) {
static DECAF_INLINE void sc_montsqr (scalar_t out, const scalar_t a) {
sc_montmul(out,a,a); sc_montmul(out,a,a);
} }


@@ -222,7 +222,7 @@ API_NS(scalar_eq) (
return mask_to_bool(word_is_zero(diff)); return mask_to_bool(word_is_zero(diff));
} }


static INLINE void scalar_decode_short (
static DECAF_INLINE void scalar_decode_short (
scalar_t s, scalar_t s,
const unsigned char *ser, const unsigned char *ser,
unsigned int nbytes unsigned int nbytes


+ 11
- 14
src/GENERATED/include/decaf/common.h View File

@@ -24,19 +24,18 @@ extern "C" {
#if defined(DOXYGEN) && !defined(__attribute__) #if defined(DOXYGEN) && !defined(__attribute__)
#define __attribute__((x)) #define __attribute__((x))
#endif #endif
#define API_VIS __attribute__((visibility("default")))
#define NOINLINE __attribute__((noinline))
#define WARN_UNUSED __attribute__((warn_unused_result))
#define NONNULL __attribute__((nonnull))
#define INLINE inline __attribute__((always_inline))
#define UNUSED __attribute__((unused))
#define DECAF_API_VIS __attribute__((visibility("default")))
#define DECAF_NOINLINE __attribute__((noinline))
#define DECAF_WARN_UNUSED __attribute__((warn_unused_result))
#define DECAF_NONNULL __attribute__((nonnull))
#define DECAF_INLINE inline __attribute__((always_inline,unused))
// Cribbed from libnotmuch // Cribbed from libnotmuch
#if defined (__clang_major__) && __clang_major__ >= 3 \ #if defined (__clang_major__) && __clang_major__ >= 3 \
|| defined (__GNUC__) && __GNUC__ >= 5 \ || defined (__GNUC__) && __GNUC__ >= 5 \
|| defined (__GNUC__) && __GNUC__ == 4 && __GNUC_MINOR__ >= 5 || defined (__GNUC__) && __GNUC__ == 4 && __GNUC_MINOR__ >= 5
#define DEPRECATED(msg) __attribute__ ((deprecated(msg)))
#define DECAF_DEPRECATED(msg) __attribute__ ((deprecated(msg)))
#else #else
#define DEPRECATED(msg) __attribute__ ((deprecated))
#define DECAF_DEPRECATED(msg) __attribute__ ((deprecated))
#endif #endif
/** @endcond */ /** @endcond */


@@ -85,15 +84,13 @@ typedef enum {




/** Return success if x is true */ /** Return success if x is true */
static UNUSED INLINE
decaf_error_t
static DECAF_INLINE decaf_error_t
decaf_succeed_if(decaf_bool_t x) { decaf_succeed_if(decaf_bool_t x) {
return (decaf_error_t)x; return (decaf_error_t)x;
} }


/** Return DECAF_TRUE iff x == DECAF_SUCCESS */ /** Return DECAF_TRUE iff x == DECAF_SUCCESS */
static UNUSED INLINE
decaf_bool_t
static DECAF_INLINE decaf_bool_t
decaf_successful(decaf_error_t e) { decaf_successful(decaf_error_t e) {
decaf_dword_t w = ((decaf_word_t)e) ^ ((decaf_word_t)DECAF_SUCCESS); decaf_dword_t w = ((decaf_word_t)e) ^ ((decaf_word_t)DECAF_SUCCESS);
return (w-1)>>DECAF_WORD_BITS; return (w-1)>>DECAF_WORD_BITS;
@@ -103,14 +100,14 @@ decaf_successful(decaf_error_t e) {
void decaf_bzero ( void decaf_bzero (
void *data, void *data,
size_t size size_t size
) NONNULL API_VIS;
) DECAF_NONNULL DECAF_API_VIS;


/** Compare two buffers, returning DECAF_TRUE if they are equal. */ /** Compare two buffers, returning DECAF_TRUE if they are equal. */
decaf_bool_t decaf_memeq ( decaf_bool_t decaf_memeq (
const void *data1, const void *data1,
const void *data2, const void *data2,
size_t size size_t size
) NONNULL WARN_UNUSED API_VIS;
) DECAF_NONNULL DECAF_WARN_UNUSED DECAF_API_VIS;
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */


+ 14
- 11
src/GENERATED/include/decaf/ed255.h View File

@@ -34,7 +34,7 @@ extern "C" {


/** Does EdDSA support non-contextual signatures? */ /** Does EdDSA support non-contextual signatures? */
#define DECAF_EDDSA_25519_SUPPORTS_CONTEXTLESS_SIGS 1 #define DECAF_EDDSA_25519_SUPPORTS_CONTEXTLESS_SIGS 1
extern const uint8_t * const DECAF_ED25519_NO_CONTEXT API_VIS;
extern const uint8_t * const DECAF_ED25519_NO_CONTEXT DECAF_API_VIS;


/** Prehash context renaming macros. */ /** Prehash context renaming macros. */
#define decaf_ed25519_prehash_ctx_s decaf_sha512_ctx_s #define decaf_ed25519_prehash_ctx_s decaf_sha512_ctx_s
@@ -52,7 +52,7 @@ extern const uint8_t * const DECAF_ED25519_NO_CONTEXT API_VIS;
void decaf_ed25519_derive_public_key ( void decaf_ed25519_derive_public_key (
uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES], uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES],
const uint8_t privkey[DECAF_EDDSA_25519_PRIVATE_BYTES] const uint8_t privkey[DECAF_EDDSA_25519_PRIVATE_BYTES]
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief EdDSA signing. * @brief EdDSA signing.
@@ -80,7 +80,7 @@ void decaf_ed25519_sign (
uint8_t prehashed, uint8_t prehashed,
const uint8_t *context, const uint8_t *context,
uint8_t context_len uint8_t context_len
) API_VIS __attribute__((nonnull(1,2,3))) NOINLINE;
) DECAF_API_VIS __attribute__((nonnull(1,2,3))) DECAF_NOINLINE;


/** /**
* @brief EdDSA signing with prehash. * @brief EdDSA signing with prehash.
@@ -104,7 +104,7 @@ void decaf_ed25519_sign_prehash (
const decaf_ed25519_prehash_ctx_t hash, const decaf_ed25519_prehash_ctx_t hash,
const uint8_t *context, const uint8_t *context,
uint8_t context_len uint8_t context_len
) API_VIS __attribute__((nonnull(1,2,3,4))) NOINLINE;
) DECAF_API_VIS __attribute__((nonnull(1,2,3,4))) DECAF_NOINLINE;
/** /**
* @brief Prehash initialization, with contexts if supported. * @brief Prehash initialization, with contexts if supported.
@@ -113,7 +113,7 @@ void decaf_ed25519_sign_prehash (
*/ */
void decaf_ed25519_prehash_init ( void decaf_ed25519_prehash_init (
decaf_ed25519_prehash_ctx_t hash decaf_ed25519_prehash_ctx_t hash
) API_VIS __attribute__((nonnull(1))) NOINLINE;
) DECAF_API_VIS __attribute__((nonnull(1))) DECAF_NOINLINE;


/** /**
* @brief EdDSA signature verification. * @brief EdDSA signature verification.
@@ -141,7 +141,7 @@ decaf_error_t decaf_ed25519_verify (
uint8_t prehashed, uint8_t prehashed,
const uint8_t *context, const uint8_t *context,
uint8_t context_len uint8_t context_len
) API_VIS __attribute__((nonnull(1,2))) NOINLINE;
) DECAF_API_VIS __attribute__((nonnull(1,2))) DECAF_NOINLINE;


/** /**
* @brief EdDSA signature verification. * @brief EdDSA signature verification.
@@ -165,7 +165,7 @@ decaf_error_t decaf_ed25519_verify_prehash (
const decaf_ed25519_prehash_ctx_t hash, const decaf_ed25519_prehash_ctx_t hash,
const uint8_t *context, const uint8_t *context,
uint8_t context_len uint8_t context_len
) API_VIS __attribute__((nonnull(1,2))) NOINLINE;
) DECAF_API_VIS __attribute__((nonnull(1,2))) DECAF_NOINLINE;


/** /**
* @brief EdDSA point encoding. Used internally, exposed externally. * @brief EdDSA point encoding. Used internally, exposed externally.
@@ -177,7 +177,7 @@ decaf_error_t decaf_ed25519_verify_prehash (
void decaf_255_point_mul_by_cofactor_and_encode_like_eddsa ( void decaf_255_point_mul_by_cofactor_and_encode_like_eddsa (
uint8_t enc[DECAF_EDDSA_25519_PUBLIC_BYTES], uint8_t enc[DECAF_EDDSA_25519_PUBLIC_BYTES],
const decaf_255_point_t p const decaf_255_point_t p
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief EdDSA point decoding. Remember that while points on the * @brief EdDSA point decoding. Remember that while points on the
@@ -190,20 +190,23 @@ void decaf_255_point_mul_by_cofactor_and_encode_like_eddsa (
decaf_error_t decaf_255_point_decode_like_eddsa_and_ignore_cofactor ( decaf_error_t decaf_255_point_decode_like_eddsa_and_ignore_cofactor (
decaf_255_point_t p, decaf_255_point_t p,
const uint8_t enc[DECAF_EDDSA_25519_PUBLIC_BYTES] const uint8_t enc[DECAF_EDDSA_25519_PUBLIC_BYTES]
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief EdDSA to ECDH public key conversion * @brief EdDSA to ECDH public key conversion
* Deserialize the point to get y on Edwards curve, * Deserialize the point to get y on Edwards curve,
* Convert it to u coordinate on Montgomery curve. * Convert it to u coordinate on Montgomery curve.
* *
* @warning This function does not check that the public key being converted
* is a valid EdDSA public key (FUTURE?)
*
* @param[out] x The ECDH public key as in RFC7748(point on Montgomery curve) * @param[out] x The ECDH public key as in RFC7748(point on Montgomery curve)
* @param[in] ed The EdDSA public key(point on Edwards curve) * @param[in] ed The EdDSA public key(point on Edwards curve)
*/ */
void decaf_ed25519_convert_public_key_to_x25519 ( void decaf_ed25519_convert_public_key_to_x25519 (
uint8_t x[DECAF_X25519_PUBLIC_BYTES], uint8_t x[DECAF_X25519_PUBLIC_BYTES],
const uint8_t ed[DECAF_EDDSA_25519_PUBLIC_BYTES] const uint8_t ed[DECAF_EDDSA_25519_PUBLIC_BYTES]
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief EdDSA to ECDH private key conversion * @brief EdDSA to ECDH private key conversion
@@ -216,7 +219,7 @@ void decaf_ed25519_convert_public_key_to_x25519 (
void decaf_ed25519_convert_private_key_to_x25519 ( void decaf_ed25519_convert_private_key_to_x25519 (
uint8_t x[DECAF_X25519_PRIVATE_BYTES], uint8_t x[DECAF_X25519_PRIVATE_BYTES],
const uint8_t ed[DECAF_EDDSA_25519_PRIVATE_BYTES] const uint8_t ed[DECAF_EDDSA_25519_PRIVATE_BYTES]
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */


+ 26
- 26
src/GENERATED/include/decaf/ed255.hxx View File

@@ -32,9 +32,9 @@


/** @cond internal */ /** @cond internal */
#if __cplusplus >= 201103L #if __cplusplus >= 201103L
#define NOEXCEPT noexcept
#define DECAF_NOEXCEPT noexcept
#else #else
#define NOEXCEPT throw()
#define DECAF_NOEXCEPT throw()
#endif #endif
/** @endcond */ /** @endcond */


@@ -91,7 +91,7 @@ public:
} }


/** Reset this hash */ /** Reset this hash */
void reset() NOEXCEPT { init(); }
void reset() DECAF_NOEXCEPT { init(); }
/** Output from this hash */ /** Output from this hash */
SecureBuffer final() throw(std::bad_alloc) { SecureBuffer final() throw(std::bad_alloc) {
@@ -202,38 +202,38 @@ public:
/** Create but don't initialize */ /** Create but don't initialize */
inline explicit PrivateKeyBase(const NOINIT&) NOEXCEPT : priv_((NOINIT())), pub_((NOINIT())) { }
inline explicit PrivateKeyBase(const NOINIT&) DECAF_NOEXCEPT : priv_((NOINIT())), pub_((NOINIT())) { }
/** Read a private key from a string */ /** Read a private key from a string */
inline explicit PrivateKeyBase(const FixedBlock<SER_BYTES> &b) NOEXCEPT { *this = b; }
inline explicit PrivateKeyBase(const FixedBlock<SER_BYTES> &b) DECAF_NOEXCEPT { *this = b; }
/** Copy constructor */ /** Copy constructor */
inline PrivateKeyBase(const PrivateKey &k) NOEXCEPT { *this = k; }
inline PrivateKeyBase(const PrivateKey &k) DECAF_NOEXCEPT { *this = k; }
/** Create at random */ /** Create at random */
inline explicit PrivateKeyBase(Rng &r) NOEXCEPT : priv_(r) {
inline explicit PrivateKeyBase(Rng &r) DECAF_NOEXCEPT : priv_(r) {
decaf_ed25519_derive_public_key(pub_.data(), priv_.data()); decaf_ed25519_derive_public_key(pub_.data(), priv_.data());
} }
/** Assignment from string */ /** Assignment from string */
inline PrivateKeyBase &operator=(const FixedBlock<SER_BYTES> &b) NOEXCEPT {
inline PrivateKeyBase &operator=(const FixedBlock<SER_BYTES> &b) DECAF_NOEXCEPT {
memcpy(priv_.data(),b.data(),b.size()); memcpy(priv_.data(),b.data(),b.size());
decaf_ed25519_derive_public_key(pub_.data(), priv_.data()); decaf_ed25519_derive_public_key(pub_.data(), priv_.data());
return *this; return *this;
} }
/** Copy assignment */ /** Copy assignment */
inline PrivateKeyBase &operator=(const PrivateKey &k) NOEXCEPT {
inline PrivateKeyBase &operator=(const PrivateKey &k) DECAF_NOEXCEPT {
memcpy(priv_.data(),k.priv_.data(), priv_.size()); memcpy(priv_.data(),k.priv_.data(), priv_.size());
memcpy(pub_.data(),k.pub_.data(), pub_.size()); memcpy(pub_.data(),k.pub_.data(), pub_.size());
return *this; return *this;
} }
/** Serialization size. */ /** Serialization size. */
inline size_t ser_size() const NOEXCEPT { return SER_BYTES; }
inline size_t ser_size() const DECAF_NOEXCEPT { return SER_BYTES; }
/** Serialize into a buffer. */ /** Serialize into a buffer. */
inline void serialize_into(unsigned char *x) const NOEXCEPT {
inline void serialize_into(unsigned char *x) const DECAF_NOEXCEPT {
memcpy(x,priv_.data(), priv_.size()); memcpy(x,priv_.data(), priv_.size());
} }
@@ -245,7 +245,7 @@ public:
} }
/** Return the corresponding public key */ /** Return the corresponding public key */
inline MyPublicKey pub() const NOEXCEPT {
inline MyPublicKey pub() const DECAF_NOEXCEPT {
MyPublicKey pub(*this); MyPublicKey pub(*this);
return pub; return pub;
} }
@@ -256,11 +256,11 @@ public:
template<class CRTP> class Verification<CRTP,PURE> { template<class CRTP> class Verification<CRTP,PURE> {
public: public:
/** Verify a signature, returning DECAF_FAILURE if verification fails */ /** Verify a signature, returning DECAF_FAILURE if verification fails */
inline decaf_error_t WARN_UNUSED verify_noexcept (
inline decaf_error_t DECAF_WARN_UNUSED verify_noexcept (
const FixedBlock<DECAF_EDDSA_25519_SIGNATURE_BYTES> &sig, const FixedBlock<DECAF_EDDSA_25519_SIGNATURE_BYTES> &sig,
const Block &message, const Block &message,
const Block &context = NO_CONTEXT() const Block &context = NO_CONTEXT()
) const /*NOEXCEPT*/ {
) const /*DECAF_NOEXCEPT*/ {
if (context.size() > 255) { if (context.size() > 255) {
return DECAF_FAILURE; return DECAF_FAILURE;
} }
@@ -302,10 +302,10 @@ public:
template<class CRTP> class Verification<CRTP,PREHASHED> { template<class CRTP> class Verification<CRTP,PREHASHED> {
public: public:
/* Verify a prehash context. */ /* Verify a prehash context. */
inline decaf_error_t WARN_UNUSED verify_prehashed_noexcept (
inline decaf_error_t DECAF_WARN_UNUSED verify_prehashed_noexcept (
const FixedBlock<DECAF_EDDSA_25519_SIGNATURE_BYTES> &sig, const FixedBlock<DECAF_EDDSA_25519_SIGNATURE_BYTES> &sig,
const Prehash &ph const Prehash &ph
) const /*NOEXCEPT*/ {
) const /*DECAF_NOEXCEPT*/ {
return decaf_ed25519_verify_prehash ( return decaf_ed25519_verify_prehash (
sig.data(), sig.data(),
((const CRTP*)this)->pub_.data(), ((const CRTP*)this)->pub_.data(),
@@ -376,38 +376,38 @@ public:
/** Create but don't initialize */ /** Create but don't initialize */
inline explicit PublicKeyBase(const NOINIT&) NOEXCEPT : pub_((NOINIT())) { }
inline explicit PublicKeyBase(const NOINIT&) DECAF_NOEXCEPT : pub_((NOINIT())) { }
/** Read a private key from a string */ /** Read a private key from a string */
inline explicit PublicKeyBase(const FixedBlock<SER_BYTES> &b) NOEXCEPT { *this = b; }
inline explicit PublicKeyBase(const FixedBlock<SER_BYTES> &b) DECAF_NOEXCEPT { *this = b; }
/** Copy constructor */ /** Copy constructor */
inline PublicKeyBase(const PublicKeyBase &k) NOEXCEPT { *this = k; }
inline PublicKeyBase(const PublicKeyBase &k) DECAF_NOEXCEPT { *this = k; }
/** Copy constructor */ /** Copy constructor */
inline explicit PublicKeyBase(const MyPrivateKey &k) NOEXCEPT { *this = k; }
inline explicit PublicKeyBase(const MyPrivateKey &k) DECAF_NOEXCEPT { *this = k; }


/** Assignment from string */ /** Assignment from string */
inline PublicKey &operator=(const FixedBlock<SER_BYTES> &b) NOEXCEPT {
inline PublicKey &operator=(const FixedBlock<SER_BYTES> &b) DECAF_NOEXCEPT {
memcpy(pub_.data(),b.data(),b.size()); memcpy(pub_.data(),b.data(),b.size());
return *this; return *this;
} }


/** Assignment from private key */ /** Assignment from private key */
inline PublicKey &operator=(const PublicKey &p) NOEXCEPT {
inline PublicKey &operator=(const PublicKey &p) DECAF_NOEXCEPT {
return *this = p.pub_; return *this = p.pub_;
} }


/** Assignment from private key */ /** Assignment from private key */
inline PublicKey &operator=(const MyPrivateKey &p) NOEXCEPT {
inline PublicKey &operator=(const MyPrivateKey &p) DECAF_NOEXCEPT {
return *this = p.pub_; return *this = p.pub_;
} }


/** Serialization size. */ /** Serialization size. */
inline size_t ser_size() const NOEXCEPT { return SER_BYTES; }
inline size_t ser_size() const DECAF_NOEXCEPT { return SER_BYTES; }
/** Serialize into a buffer. */ /** Serialize into a buffer. */
inline void serialize_into(unsigned char *x) const NOEXCEPT {
inline void serialize_into(unsigned char *x) const DECAF_NOEXCEPT {
memcpy(x,pub_.data(), pub_.size()); memcpy(x,pub_.data(), pub_.size());
} }
@@ -421,7 +421,7 @@ public:


}; /* template<> struct EdDSA<IsoEd25519> */ }; /* template<> struct EdDSA<IsoEd25519> */


#undef NOEXCEPT
#undef DECAF_NOEXCEPT
} /* namespace decaf */ } /* namespace decaf */


#endif /* __DECAF_ED255_HXX__ */ #endif /* __DECAF_ED255_HXX__ */

+ 13
- 10
src/GENERATED/include/decaf/ed448.h View File

@@ -51,7 +51,7 @@ extern "C" {
void decaf_ed448_derive_public_key ( void decaf_ed448_derive_public_key (
uint8_t pubkey[DECAF_EDDSA_448_PUBLIC_BYTES], uint8_t pubkey[DECAF_EDDSA_448_PUBLIC_BYTES],
const uint8_t privkey[DECAF_EDDSA_448_PRIVATE_BYTES] const uint8_t privkey[DECAF_EDDSA_448_PRIVATE_BYTES]
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief EdDSA signing. * @brief EdDSA signing.
@@ -79,7 +79,7 @@ void decaf_ed448_sign (
uint8_t prehashed, uint8_t prehashed,
const uint8_t *context, const uint8_t *context,
uint8_t context_len uint8_t context_len
) API_VIS __attribute__((nonnull(1,2,3))) NOINLINE;
) DECAF_API_VIS __attribute__((nonnull(1,2,3))) DECAF_NOINLINE;


/** /**
* @brief EdDSA signing with prehash. * @brief EdDSA signing with prehash.
@@ -103,7 +103,7 @@ void decaf_ed448_sign_prehash (
const decaf_ed448_prehash_ctx_t hash, const decaf_ed448_prehash_ctx_t hash,
const uint8_t *context, const uint8_t *context,
uint8_t context_len uint8_t context_len
) API_VIS __attribute__((nonnull(1,2,3,4))) NOINLINE;
) DECAF_API_VIS __attribute__((nonnull(1,2,3,4))) DECAF_NOINLINE;
/** /**
* @brief Prehash initialization, with contexts if supported. * @brief Prehash initialization, with contexts if supported.
@@ -112,7 +112,7 @@ void decaf_ed448_sign_prehash (
*/ */
void decaf_ed448_prehash_init ( void decaf_ed448_prehash_init (
decaf_ed448_prehash_ctx_t hash decaf_ed448_prehash_ctx_t hash
) API_VIS __attribute__((nonnull(1))) NOINLINE;
) DECAF_API_VIS __attribute__((nonnull(1))) DECAF_NOINLINE;


/** /**
* @brief EdDSA signature verification. * @brief EdDSA signature verification.
@@ -140,7 +140,7 @@ decaf_error_t decaf_ed448_verify (
uint8_t prehashed, uint8_t prehashed,
const uint8_t *context, const uint8_t *context,
uint8_t context_len uint8_t context_len
) API_VIS __attribute__((nonnull(1,2))) NOINLINE;
) DECAF_API_VIS __attribute__((nonnull(1,2))) DECAF_NOINLINE;


/** /**
* @brief EdDSA signature verification. * @brief EdDSA signature verification.
@@ -164,7 +164,7 @@ decaf_error_t decaf_ed448_verify_prehash (
const decaf_ed448_prehash_ctx_t hash, const decaf_ed448_prehash_ctx_t hash,
const uint8_t *context, const uint8_t *context,
uint8_t context_len uint8_t context_len
) API_VIS __attribute__((nonnull(1,2))) NOINLINE;
) DECAF_API_VIS __attribute__((nonnull(1,2))) DECAF_NOINLINE;


/** /**
* @brief EdDSA point encoding. Used internally, exposed externally. * @brief EdDSA point encoding. Used internally, exposed externally.
@@ -176,7 +176,7 @@ decaf_error_t decaf_ed448_verify_prehash (
void decaf_448_point_mul_by_cofactor_and_encode_like_eddsa ( void decaf_448_point_mul_by_cofactor_and_encode_like_eddsa (
uint8_t enc[DECAF_EDDSA_448_PUBLIC_BYTES], uint8_t enc[DECAF_EDDSA_448_PUBLIC_BYTES],
const decaf_448_point_t p const decaf_448_point_t p
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief EdDSA point decoding. Remember that while points on the * @brief EdDSA point decoding. Remember that while points on the
@@ -189,20 +189,23 @@ void decaf_448_point_mul_by_cofactor_and_encode_like_eddsa (
decaf_error_t decaf_448_point_decode_like_eddsa_and_ignore_cofactor ( decaf_error_t decaf_448_point_decode_like_eddsa_and_ignore_cofactor (
decaf_448_point_t p, decaf_448_point_t p,
const uint8_t enc[DECAF_EDDSA_448_PUBLIC_BYTES] const uint8_t enc[DECAF_EDDSA_448_PUBLIC_BYTES]
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief EdDSA to ECDH public key conversion * @brief EdDSA to ECDH public key conversion
* Deserialize the point to get y on Edwards curve, * Deserialize the point to get y on Edwards curve,
* Convert it to u coordinate on Montgomery curve. * Convert it to u coordinate on Montgomery curve.
* *
* @warning This function does not check that the public key being converted
* is a valid EdDSA public key (FUTURE?)
*
* @param[out] x The ECDH public key as in RFC7748(point on Montgomery curve) * @param[out] x The ECDH public key as in RFC7748(point on Montgomery curve)
* @param[in] ed The EdDSA public key(point on Edwards curve) * @param[in] ed The EdDSA public key(point on Edwards curve)
*/ */
void decaf_ed448_convert_public_key_to_x448 ( void decaf_ed448_convert_public_key_to_x448 (
uint8_t x[DECAF_X448_PUBLIC_BYTES], uint8_t x[DECAF_X448_PUBLIC_BYTES],
const uint8_t ed[DECAF_EDDSA_448_PUBLIC_BYTES] const uint8_t ed[DECAF_EDDSA_448_PUBLIC_BYTES]
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief EdDSA to ECDH private key conversion * @brief EdDSA to ECDH private key conversion
@@ -215,7 +218,7 @@ void decaf_ed448_convert_public_key_to_x448 (
void decaf_ed448_convert_private_key_to_x448 ( void decaf_ed448_convert_private_key_to_x448 (
uint8_t x[DECAF_X448_PRIVATE_BYTES], uint8_t x[DECAF_X448_PRIVATE_BYTES],
const uint8_t ed[DECAF_EDDSA_448_PRIVATE_BYTES] const uint8_t ed[DECAF_EDDSA_448_PRIVATE_BYTES]
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */


+ 26
- 26
src/GENERATED/include/decaf/ed448.hxx View File

@@ -32,9 +32,9 @@


/** @cond internal */ /** @cond internal */
#if __cplusplus >= 201103L #if __cplusplus >= 201103L
#define NOEXCEPT noexcept
#define DECAF_NOEXCEPT noexcept
#else #else
#define NOEXCEPT throw()
#define DECAF_NOEXCEPT throw()
#endif #endif
/** @endcond */ /** @endcond */


@@ -91,7 +91,7 @@ public:
} }


/** Reset this hash */ /** Reset this hash */
void reset() NOEXCEPT { init(); }
void reset() DECAF_NOEXCEPT { init(); }
/** Output from this hash */ /** Output from this hash */
SecureBuffer final() throw(std::bad_alloc) { SecureBuffer final() throw(std::bad_alloc) {
@@ -202,38 +202,38 @@ public:
/** Create but don't initialize */ /** Create but don't initialize */
inline explicit PrivateKeyBase(const NOINIT&) NOEXCEPT : priv_((NOINIT())), pub_((NOINIT())) { }
inline explicit PrivateKeyBase(const NOINIT&) DECAF_NOEXCEPT : priv_((NOINIT())), pub_((NOINIT())) { }
/** Read a private key from a string */ /** Read a private key from a string */
inline explicit PrivateKeyBase(const FixedBlock<SER_BYTES> &b) NOEXCEPT { *this = b; }
inline explicit PrivateKeyBase(const FixedBlock<SER_BYTES> &b) DECAF_NOEXCEPT { *this = b; }
/** Copy constructor */ /** Copy constructor */
inline PrivateKeyBase(const PrivateKey &k) NOEXCEPT { *this = k; }
inline PrivateKeyBase(const PrivateKey &k) DECAF_NOEXCEPT { *this = k; }
/** Create at random */ /** Create at random */
inline explicit PrivateKeyBase(Rng &r) NOEXCEPT : priv_(r) {
inline explicit PrivateKeyBase(Rng &r) DECAF_NOEXCEPT : priv_(r) {
decaf_ed448_derive_public_key(pub_.data(), priv_.data()); decaf_ed448_derive_public_key(pub_.data(), priv_.data());
} }
/** Assignment from string */ /** Assignment from string */
inline PrivateKeyBase &operator=(const FixedBlock<SER_BYTES> &b) NOEXCEPT {
inline PrivateKeyBase &operator=(const FixedBlock<SER_BYTES> &b) DECAF_NOEXCEPT {
memcpy(priv_.data(),b.data(),b.size()); memcpy(priv_.data(),b.data(),b.size());
decaf_ed448_derive_public_key(pub_.data(), priv_.data()); decaf_ed448_derive_public_key(pub_.data(), priv_.data());
return *this; return *this;
} }
/** Copy assignment */ /** Copy assignment */
inline PrivateKeyBase &operator=(const PrivateKey &k) NOEXCEPT {
inline PrivateKeyBase &operator=(const PrivateKey &k) DECAF_NOEXCEPT {
memcpy(priv_.data(),k.priv_.data(), priv_.size()); memcpy(priv_.data(),k.priv_.data(), priv_.size());
memcpy(pub_.data(),k.pub_.data(), pub_.size()); memcpy(pub_.data(),k.pub_.data(), pub_.size());
return *this; return *this;
} }
/** Serialization size. */ /** Serialization size. */
inline size_t ser_size() const NOEXCEPT { return SER_BYTES; }
inline size_t ser_size() const DECAF_NOEXCEPT { return SER_BYTES; }
/** Serialize into a buffer. */ /** Serialize into a buffer. */
inline void serialize_into(unsigned char *x) const NOEXCEPT {
inline void serialize_into(unsigned char *x) const DECAF_NOEXCEPT {
memcpy(x,priv_.data(), priv_.size()); memcpy(x,priv_.data(), priv_.size());
} }
@@ -245,7 +245,7 @@ public:
} }
/** Return the corresponding public key */ /** Return the corresponding public key */
inline MyPublicKey pub() const NOEXCEPT {
inline MyPublicKey pub() const DECAF_NOEXCEPT {
MyPublicKey pub(*this); MyPublicKey pub(*this);
return pub; return pub;
} }
@@ -256,11 +256,11 @@ public:
template<class CRTP> class Verification<CRTP,PURE> { template<class CRTP> class Verification<CRTP,PURE> {
public: public:
/** Verify a signature, returning DECAF_FAILURE if verification fails */ /** Verify a signature, returning DECAF_FAILURE if verification fails */
inline decaf_error_t WARN_UNUSED verify_noexcept (
inline decaf_error_t DECAF_WARN_UNUSED verify_noexcept (
const FixedBlock<DECAF_EDDSA_448_SIGNATURE_BYTES> &sig, const FixedBlock<DECAF_EDDSA_448_SIGNATURE_BYTES> &sig,
const Block &message, const Block &message,
const Block &context = NO_CONTEXT() const Block &context = NO_CONTEXT()
) const /*NOEXCEPT*/ {
) const /*DECAF_NOEXCEPT*/ {
if (context.size() > 255) { if (context.size() > 255) {
return DECAF_FAILURE; return DECAF_FAILURE;
} }
@@ -302,10 +302,10 @@ public:
template<class CRTP> class Verification<CRTP,PREHASHED> { template<class CRTP> class Verification<CRTP,PREHASHED> {
public: public:
/* Verify a prehash context. */ /* Verify a prehash context. */
inline decaf_error_t WARN_UNUSED verify_prehashed_noexcept (
inline decaf_error_t DECAF_WARN_UNUSED verify_prehashed_noexcept (
const FixedBlock<DECAF_EDDSA_448_SIGNATURE_BYTES> &sig, const FixedBlock<DECAF_EDDSA_448_SIGNATURE_BYTES> &sig,
const Prehash &ph const Prehash &ph
) const /*NOEXCEPT*/ {
) const /*DECAF_NOEXCEPT*/ {
return decaf_ed448_verify_prehash ( return decaf_ed448_verify_prehash (
sig.data(), sig.data(),
((const CRTP*)this)->pub_.data(), ((const CRTP*)this)->pub_.data(),
@@ -376,38 +376,38 @@ public:
/** Create but don't initialize */ /** Create but don't initialize */
inline explicit PublicKeyBase(const NOINIT&) NOEXCEPT : pub_((NOINIT())) { }
inline explicit PublicKeyBase(const NOINIT&) DECAF_NOEXCEPT : pub_((NOINIT())) { }
/** Read a private key from a string */ /** Read a private key from a string */
inline explicit PublicKeyBase(const FixedBlock<SER_BYTES> &b) NOEXCEPT { *this = b; }
inline explicit PublicKeyBase(const FixedBlock<SER_BYTES> &b) DECAF_NOEXCEPT { *this = b; }
/** Copy constructor */ /** Copy constructor */
inline PublicKeyBase(const PublicKeyBase &k) NOEXCEPT { *this = k; }
inline PublicKeyBase(const PublicKeyBase &k) DECAF_NOEXCEPT { *this = k; }
/** Copy constructor */ /** Copy constructor */
inline explicit PublicKeyBase(const MyPrivateKey &k) NOEXCEPT { *this = k; }
inline explicit PublicKeyBase(const MyPrivateKey &k) DECAF_NOEXCEPT { *this = k; }


/** Assignment from string */ /** Assignment from string */
inline PublicKey &operator=(const FixedBlock<SER_BYTES> &b) NOEXCEPT {
inline PublicKey &operator=(const FixedBlock<SER_BYTES> &b) DECAF_NOEXCEPT {
memcpy(pub_.data(),b.data(),b.size()); memcpy(pub_.data(),b.data(),b.size());
return *this; return *this;
} }


/** Assignment from private key */ /** Assignment from private key */
inline PublicKey &operator=(const PublicKey &p) NOEXCEPT {
inline PublicKey &operator=(const PublicKey &p) DECAF_NOEXCEPT {
return *this = p.pub_; return *this = p.pub_;
} }


/** Assignment from private key */ /** Assignment from private key */
inline PublicKey &operator=(const MyPrivateKey &p) NOEXCEPT {
inline PublicKey &operator=(const MyPrivateKey &p) DECAF_NOEXCEPT {
return *this = p.pub_; return *this = p.pub_;
} }


/** Serialization size. */ /** Serialization size. */
inline size_t ser_size() const NOEXCEPT { return SER_BYTES; }
inline size_t ser_size() const DECAF_NOEXCEPT { return SER_BYTES; }
/** Serialize into a buffer. */ /** Serialize into a buffer. */
inline void serialize_into(unsigned char *x) const NOEXCEPT {
inline void serialize_into(unsigned char *x) const DECAF_NOEXCEPT {
memcpy(x,pub_.data(), pub_.size()); memcpy(x,pub_.data(), pub_.size());
} }
@@ -421,7 +421,7 @@ public:


}; /* template<> struct EdDSA<Ed448Goldilocks> */ }; /* template<> struct EdDSA<Ed448Goldilocks> */


#undef NOEXCEPT
#undef DECAF_NOEXCEPT
} /* namespace decaf */ } /* namespace decaf */


#endif /* __DECAF_ED448_HXX__ */ #endif /* __DECAF_ED448_HXX__ */

+ 48
- 48
src/GENERATED/include/decaf/point_255.h View File

@@ -72,7 +72,7 @@ struct decaf_255_precomputed_s;
typedef struct decaf_255_precomputed_s decaf_255_precomputed_s; typedef struct decaf_255_precomputed_s decaf_255_precomputed_s;


/** Size and alignment of precomputed point tables. */ /** Size and alignment of precomputed point tables. */
extern const size_t decaf_255_sizeof_precomputed_s API_VIS, decaf_255_alignof_precomputed_s API_VIS;
extern const size_t decaf_255_sizeof_precomputed_s DECAF_API_VIS, decaf_255_alignof_precomputed_s DECAF_API_VIS;


/** Scalar is stored packed, because we don't need the speed. */ /** Scalar is stored packed, because we don't need the speed. */
typedef struct decaf_255_scalar_s { typedef struct decaf_255_scalar_s {
@@ -82,19 +82,19 @@ typedef struct decaf_255_scalar_s {
} decaf_255_scalar_t[1]; } decaf_255_scalar_t[1];


/** A scalar equal to 1. */ /** A scalar equal to 1. */
extern const decaf_255_scalar_t decaf_255_scalar_one API_VIS;
extern const decaf_255_scalar_t decaf_255_scalar_one DECAF_API_VIS;


/** A scalar equal to 0. */ /** A scalar equal to 0. */
extern const decaf_255_scalar_t decaf_255_scalar_zero API_VIS;
extern const decaf_255_scalar_t decaf_255_scalar_zero DECAF_API_VIS;


/** The identity point on the curve. */ /** The identity point on the curve. */
extern const decaf_255_point_t decaf_255_point_identity API_VIS;
extern const decaf_255_point_t decaf_255_point_identity DECAF_API_VIS;


/** An arbitrarily chosen base point on the curve. */ /** An arbitrarily chosen base point on the curve. */
extern const decaf_255_point_t decaf_255_point_base API_VIS;
extern const decaf_255_point_t decaf_255_point_base DECAF_API_VIS;


/** Precomputed table for the base point on the curve. */ /** Precomputed table for the base point on the curve. */
extern const struct decaf_255_precomputed_s *decaf_255_precomputed_base API_VIS;
extern const struct decaf_255_precomputed_s *decaf_255_precomputed_base DECAF_API_VIS;


/** /**
* @brief Read a scalar from wire format or from bytes. * @brief Read a scalar from wire format or from bytes.
@@ -109,7 +109,7 @@ extern const struct decaf_255_precomputed_s *decaf_255_precomputed_base API_VIS;
decaf_error_t decaf_255_scalar_decode ( decaf_error_t decaf_255_scalar_decode (
decaf_255_scalar_t out, decaf_255_scalar_t out,
const unsigned char ser[DECAF_255_SCALAR_BYTES] const unsigned char ser[DECAF_255_SCALAR_BYTES]
) API_VIS WARN_UNUSED NONNULL NOINLINE;
) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Read a scalar from wire format or from bytes. Reduces mod * @brief Read a scalar from wire format or from bytes. Reduces mod
@@ -123,7 +123,7 @@ void decaf_255_scalar_decode_long (
decaf_255_scalar_t out, decaf_255_scalar_t out,
const unsigned char *ser, const unsigned char *ser,
size_t ser_len size_t ser_len
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;
/** /**
* @brief Serialize a scalar to wire format. * @brief Serialize a scalar to wire format.
@@ -134,7 +134,7 @@ void decaf_255_scalar_decode_long (
void decaf_255_scalar_encode ( void decaf_255_scalar_encode (
unsigned char ser[DECAF_255_SCALAR_BYTES], unsigned char ser[DECAF_255_SCALAR_BYTES],
const decaf_255_scalar_t s const decaf_255_scalar_t s
) API_VIS NONNULL NOINLINE NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE DECAF_NOINLINE;
/** /**
* @brief Add two scalars. The scalars may use the same memory. * @brief Add two scalars. The scalars may use the same memory.
@@ -146,7 +146,7 @@ void decaf_255_scalar_add (
decaf_255_scalar_t out, decaf_255_scalar_t out,
const decaf_255_scalar_t a, const decaf_255_scalar_t a,
const decaf_255_scalar_t b const decaf_255_scalar_t b
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Compare two scalars. * @brief Compare two scalars.
@@ -158,7 +158,7 @@ void decaf_255_scalar_add (
decaf_bool_t decaf_255_scalar_eq ( decaf_bool_t decaf_255_scalar_eq (
const decaf_255_scalar_t a, const decaf_255_scalar_t a,
const decaf_255_scalar_t b const decaf_255_scalar_t b
) API_VIS WARN_UNUSED NONNULL NOINLINE;
) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Subtract two scalars. The scalars may use the same memory. * @brief Subtract two scalars. The scalars may use the same memory.
@@ -170,7 +170,7 @@ void decaf_255_scalar_sub (
decaf_255_scalar_t out, decaf_255_scalar_t out,
const decaf_255_scalar_t a, const decaf_255_scalar_t a,
const decaf_255_scalar_t b const decaf_255_scalar_t b
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Multiply two scalars. The scalars may use the same memory. * @brief Multiply two scalars. The scalars may use the same memory.
@@ -182,7 +182,7 @@ void decaf_255_scalar_mul (
decaf_255_scalar_t out, decaf_255_scalar_t out,
const decaf_255_scalar_t a, const decaf_255_scalar_t a,
const decaf_255_scalar_t b const decaf_255_scalar_t b
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;
/** /**
* @brief Halve a scalar. The scalars may use the same memory. * @brief Halve a scalar. The scalars may use the same memory.
@@ -192,7 +192,7 @@ void decaf_255_scalar_mul (
void decaf_255_scalar_halve ( void decaf_255_scalar_halve (
decaf_255_scalar_t out, decaf_255_scalar_t out,
const decaf_255_scalar_t a const decaf_255_scalar_t a
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Invert a scalar. When passed zero, return 0. The input and output may alias. * @brief Invert a scalar. When passed zero, return 0. The input and output may alias.
@@ -203,7 +203,7 @@ void decaf_255_scalar_halve (
decaf_error_t decaf_255_scalar_invert ( decaf_error_t decaf_255_scalar_invert (
decaf_255_scalar_t out, decaf_255_scalar_t out,
const decaf_255_scalar_t a const decaf_255_scalar_t a
) API_VIS WARN_UNUSED NONNULL NOINLINE;
) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Copy a scalar. The scalars may use the same memory, in which * @brief Copy a scalar. The scalars may use the same memory, in which
@@ -211,7 +211,7 @@ decaf_error_t decaf_255_scalar_invert (
* @param [in] a A scalar. * @param [in] a A scalar.
* @param [out] out Will become a copy of a. * @param [out] out Will become a copy of a.
*/ */
static inline void NONNULL decaf_255_scalar_copy (
static inline void DECAF_NONNULL decaf_255_scalar_copy (
decaf_255_scalar_t out, decaf_255_scalar_t out,
const decaf_255_scalar_t a const decaf_255_scalar_t a
) { ) {
@@ -226,7 +226,7 @@ static inline void NONNULL decaf_255_scalar_copy (
void decaf_255_scalar_set_unsigned ( void decaf_255_scalar_set_unsigned (
decaf_255_scalar_t out, decaf_255_scalar_t out,
uint64_t a uint64_t a
) API_VIS NONNULL;
) DECAF_API_VIS DECAF_NONNULL;


/** /**
* @brief Encode a point as a sequence of bytes. * @brief Encode a point as a sequence of bytes.
@@ -237,7 +237,7 @@ void decaf_255_scalar_set_unsigned (
void decaf_255_point_encode ( void decaf_255_point_encode (
uint8_t ser[DECAF_255_SER_BYTES], uint8_t ser[DECAF_255_SER_BYTES],
const decaf_255_point_t pt const decaf_255_point_t pt
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Decode a point from a sequence of bytes. * @brief Decode a point from a sequence of bytes.
@@ -257,7 +257,7 @@ decaf_error_t decaf_255_point_decode (
decaf_255_point_t pt, decaf_255_point_t pt,
const uint8_t ser[DECAF_255_SER_BYTES], const uint8_t ser[DECAF_255_SER_BYTES],
decaf_bool_t allow_identity decaf_bool_t allow_identity
) API_VIS WARN_UNUSED NONNULL NOINLINE;
) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Copy a point. The input and output may alias, * @brief Copy a point. The input and output may alias,
@@ -266,7 +266,7 @@ decaf_error_t decaf_255_point_decode (
* @param [out] a A copy of the point. * @param [out] a A copy of the point.
* @param [in] b Any point. * @param [in] b Any point.
*/ */
static inline void NONNULL decaf_255_point_copy (
static inline void DECAF_NONNULL decaf_255_point_copy (
decaf_255_point_t a, decaf_255_point_t a,
const decaf_255_point_t b const decaf_255_point_t b
) { ) {
@@ -285,7 +285,7 @@ static inline void NONNULL decaf_255_point_copy (
decaf_bool_t decaf_255_point_eq ( decaf_bool_t decaf_255_point_eq (
const decaf_255_point_t a, const decaf_255_point_t a,
const decaf_255_point_t b const decaf_255_point_t b
) API_VIS WARN_UNUSED NONNULL NOINLINE;
) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Add two points to produce a third point. The * @brief Add two points to produce a third point. The
@@ -300,7 +300,7 @@ void decaf_255_point_add (
decaf_255_point_t sum, decaf_255_point_t sum,
const decaf_255_point_t a, const decaf_255_point_t a,
const decaf_255_point_t b const decaf_255_point_t b
) API_VIS NONNULL;
) DECAF_API_VIS DECAF_NONNULL;


/** /**
* @brief Double a point. Equivalent to * @brief Double a point. Equivalent to
@@ -312,7 +312,7 @@ void decaf_255_point_add (
void decaf_255_point_double ( void decaf_255_point_double (
decaf_255_point_t two_a, decaf_255_point_t two_a,
const decaf_255_point_t a const decaf_255_point_t a
) API_VIS NONNULL;
) DECAF_API_VIS DECAF_NONNULL;


/** /**
* @brief Subtract two points to produce a third point. The * @brief Subtract two points to produce a third point. The
@@ -327,7 +327,7 @@ void decaf_255_point_sub (
decaf_255_point_t diff, decaf_255_point_t diff,
const decaf_255_point_t a, const decaf_255_point_t a,
const decaf_255_point_t b const decaf_255_point_t b
) API_VIS NONNULL;
) DECAF_API_VIS DECAF_NONNULL;
/** /**
* @brief Negate a point to produce another point. The input * @brief Negate a point to produce another point. The input
@@ -339,7 +339,7 @@ void decaf_255_point_sub (
void decaf_255_point_negate ( void decaf_255_point_negate (
decaf_255_point_t nega, decaf_255_point_t nega,
const decaf_255_point_t a const decaf_255_point_t a
) API_VIS NONNULL;
) DECAF_API_VIS DECAF_NONNULL;


/** /**
* @brief Multiply a base point by a scalar: scaled = scalar*base. * @brief Multiply a base point by a scalar: scaled = scalar*base.
@@ -352,7 +352,7 @@ void decaf_255_point_scalarmul (
decaf_255_point_t scaled, decaf_255_point_t scaled,
const decaf_255_point_t base, const decaf_255_point_t base,
const decaf_255_scalar_t scalar const decaf_255_scalar_t scalar
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Multiply a base point by a scalar: scaled = scalar*base. * @brief Multiply a base point by a scalar: scaled = scalar*base.
@@ -377,7 +377,7 @@ decaf_error_t decaf_255_direct_scalarmul (
const decaf_255_scalar_t scalar, const decaf_255_scalar_t scalar,
decaf_bool_t allow_identity, decaf_bool_t allow_identity,
decaf_bool_t short_circuit decaf_bool_t short_circuit
) API_VIS NONNULL WARN_UNUSED NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_WARN_UNUSED DECAF_NOINLINE;


/** /**
* @brief RFC 7748 Diffie-Hellman scalarmul. This function uses a different * @brief RFC 7748 Diffie-Hellman scalarmul. This function uses a different
@@ -395,10 +395,10 @@ decaf_error_t decaf_x25519 (
uint8_t out[DECAF_X25519_PUBLIC_BYTES], uint8_t out[DECAF_X25519_PUBLIC_BYTES],
const uint8_t base[DECAF_X25519_PUBLIC_BYTES], const uint8_t base[DECAF_X25519_PUBLIC_BYTES],
const uint8_t scalar[DECAF_X25519_PRIVATE_BYTES] const uint8_t scalar[DECAF_X25519_PRIVATE_BYTES]
) API_VIS NONNULL WARN_UNUSED NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_WARN_UNUSED DECAF_NOINLINE;


/** The base point for X25519 Diffie-Hellman */ /** The base point for X25519 Diffie-Hellman */
extern const uint8_t decaf_x25519_base_point[DECAF_X25519_PUBLIC_BYTES] API_VIS;
extern const uint8_t decaf_x25519_base_point[DECAF_X25519_PUBLIC_BYTES] DECAF_API_VIS;


/** /**
* @brief RFC 7748 Diffie-Hellman base point scalarmul. This function uses * @brief RFC 7748 Diffie-Hellman base point scalarmul. This function uses
@@ -413,7 +413,7 @@ extern const uint8_t decaf_x25519_base_point[DECAF_X25519_PUBLIC_BYTES] API_VIS;
void decaf_x25519_generate_key ( void decaf_x25519_generate_key (
uint8_t out[DECAF_X25519_PUBLIC_BYTES], uint8_t out[DECAF_X25519_PUBLIC_BYTES],
const uint8_t scalar[DECAF_X25519_PRIVATE_BYTES] const uint8_t scalar[DECAF_X25519_PRIVATE_BYTES]
) API_VIS NONNULL NOINLINE DEPRECATED("Renamed to decaf_x25519_derive_public_key");
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE DECAF_DEPRECATED("Renamed to decaf_x25519_derive_public_key");
/** /**
* @brief RFC 7748 Diffie-Hellman base point scalarmul. This function uses * @brief RFC 7748 Diffie-Hellman base point scalarmul. This function uses
@@ -428,7 +428,7 @@ void decaf_x25519_generate_key (
void decaf_x25519_derive_public_key ( void decaf_x25519_derive_public_key (
uint8_t out[DECAF_X25519_PUBLIC_BYTES], uint8_t out[DECAF_X25519_PUBLIC_BYTES],
const uint8_t scalar[DECAF_X25519_PRIVATE_BYTES] const uint8_t scalar[DECAF_X25519_PRIVATE_BYTES]
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/* FUTURE: uint8_t decaf_255_encode_like_curve25519) */ /* FUTURE: uint8_t decaf_255_encode_like_curve25519) */


@@ -444,7 +444,7 @@ void decaf_x25519_derive_public_key (
void decaf_255_precompute ( void decaf_255_precompute (
decaf_255_precomputed_s *a, decaf_255_precomputed_s *a,
const decaf_255_point_t b const decaf_255_point_t b
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Multiply a precomputed base point by a scalar: * @brief Multiply a precomputed base point by a scalar:
@@ -461,7 +461,7 @@ void decaf_255_precomputed_scalarmul (
decaf_255_point_t scaled, decaf_255_point_t scaled,
const decaf_255_precomputed_s *base, const decaf_255_precomputed_s *base,
const decaf_255_scalar_t scalar const decaf_255_scalar_t scalar
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Multiply two base points by two scalars: * @brief Multiply two base points by two scalars:
@@ -482,7 +482,7 @@ void decaf_255_point_double_scalarmul (
const decaf_255_scalar_t scalar1, const decaf_255_scalar_t scalar1,
const decaf_255_point_t base2, const decaf_255_point_t base2,
const decaf_255_scalar_t scalar2 const decaf_255_scalar_t scalar2
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;
/** /**
* Multiply one base point by two scalars: * Multiply one base point by two scalars:
@@ -505,7 +505,7 @@ void decaf_255_point_dual_scalarmul (
const decaf_255_point_t base1, const decaf_255_point_t base1,
const decaf_255_scalar_t scalar1, const decaf_255_scalar_t scalar1,
const decaf_255_scalar_t scalar2 const decaf_255_scalar_t scalar2
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Multiply two base points by two scalars: * @brief Multiply two base points by two scalars:
@@ -527,7 +527,7 @@ void decaf_255_base_double_scalarmul_non_secret (
const decaf_255_scalar_t scalar1, const decaf_255_scalar_t scalar1,
const decaf_255_point_t base2, const decaf_255_point_t base2,
const decaf_255_scalar_t scalar2 const decaf_255_scalar_t scalar2
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Constant-time decision between two points. If pick_b * @brief Constant-time decision between two points. If pick_b
@@ -543,7 +543,7 @@ void decaf_255_point_cond_sel (
const decaf_255_point_t a, const decaf_255_point_t a,
const decaf_255_point_t b, const decaf_255_point_t b,
decaf_word_t pick_b decaf_word_t pick_b
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Constant-time decision between two scalars. If pick_b * @brief Constant-time decision between two scalars. If pick_b
@@ -559,7 +559,7 @@ void decaf_255_scalar_cond_sel (
const decaf_255_scalar_t a, const decaf_255_scalar_t a,
const decaf_255_scalar_t b, const decaf_255_scalar_t b,
decaf_word_t pick_b decaf_word_t pick_b
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Test that a point is valid, for debugging purposes. * @brief Test that a point is valid, for debugging purposes.
@@ -570,7 +570,7 @@ void decaf_255_scalar_cond_sel (
*/ */
decaf_bool_t decaf_255_point_valid ( decaf_bool_t decaf_255_point_valid (
const decaf_255_point_t to_test const decaf_255_point_t to_test
) API_VIS WARN_UNUSED NONNULL NOINLINE;
) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Torque a point, for debugging purposes. The output * @brief Torque a point, for debugging purposes. The output
@@ -582,7 +582,7 @@ decaf_bool_t decaf_255_point_valid (
void decaf_255_point_debugging_torque ( void decaf_255_point_debugging_torque (
decaf_255_point_t q, decaf_255_point_t q,
const decaf_255_point_t p const decaf_255_point_t p
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Projectively scale a point, for debugging purposes. * @brief Projectively scale a point, for debugging purposes.
@@ -597,7 +597,7 @@ void decaf_255_point_debugging_pscale (
decaf_255_point_t q, decaf_255_point_t q,
const decaf_255_point_t p, const decaf_255_point_t p,
const unsigned char factor[DECAF_255_SER_BYTES] const unsigned char factor[DECAF_255_SER_BYTES]
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Almost-Elligator-like hash to curve. * @brief Almost-Elligator-like hash to curve.
@@ -631,7 +631,7 @@ void
decaf_255_point_from_hash_nonuniform ( decaf_255_point_from_hash_nonuniform (
decaf_255_point_t pt, decaf_255_point_t pt,
const unsigned char hashed_data[DECAF_255_HASH_BYTES] const unsigned char hashed_data[DECAF_255_HASH_BYTES]
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Indifferentiable hash function encoding to curve. * @brief Indifferentiable hash function encoding to curve.
@@ -644,7 +644,7 @@ decaf_255_point_from_hash_nonuniform (
void decaf_255_point_from_hash_uniform ( void decaf_255_point_from_hash_uniform (
decaf_255_point_t pt, decaf_255_point_t pt,
const unsigned char hashed_data[2*DECAF_255_HASH_BYTES] const unsigned char hashed_data[2*DECAF_255_HASH_BYTES]
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Inverse of elligator-like hash to curve. * @brief Inverse of elligator-like hash to curve.
@@ -669,7 +669,7 @@ decaf_255_invert_elligator_nonuniform (
unsigned char recovered_hash[DECAF_255_HASH_BYTES], unsigned char recovered_hash[DECAF_255_HASH_BYTES],
const decaf_255_point_t pt, const decaf_255_point_t pt,
uint32_t which uint32_t which
) API_VIS NONNULL NOINLINE WARN_UNUSED;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE DECAF_WARN_UNUSED;


/** /**
* @brief Inverse of elligator-like hash to curve. * @brief Inverse of elligator-like hash to curve.
@@ -694,28 +694,28 @@ decaf_255_invert_elligator_uniform (
unsigned char recovered_hash[2*DECAF_255_HASH_BYTES], unsigned char recovered_hash[2*DECAF_255_HASH_BYTES],
const decaf_255_point_t pt, const decaf_255_point_t pt,
uint32_t which uint32_t which
) API_VIS NONNULL NOINLINE WARN_UNUSED;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE DECAF_WARN_UNUSED;


/** /**
* @brief Overwrite scalar with zeros. * @brief Overwrite scalar with zeros.
*/ */
void decaf_255_scalar_destroy ( void decaf_255_scalar_destroy (
decaf_255_scalar_t scalar decaf_255_scalar_t scalar
) NONNULL API_VIS;
) DECAF_NONNULL DECAF_API_VIS;


/** /**
* @brief Overwrite point with zeros. * @brief Overwrite point with zeros.
*/ */
void decaf_255_point_destroy ( void decaf_255_point_destroy (
decaf_255_point_t point decaf_255_point_t point
) NONNULL API_VIS;
) DECAF_NONNULL DECAF_API_VIS;


/** /**
* @brief Overwrite precomputed table with zeros. * @brief Overwrite precomputed table with zeros.
*/ */
void decaf_255_precomputed_destroy ( void decaf_255_precomputed_destroy (
decaf_255_precomputed_s *pre decaf_255_precomputed_s *pre
) NONNULL API_VIS;
) DECAF_NONNULL DECAF_API_VIS;


#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */


+ 89
- 89
src/GENERATED/include/decaf/point_255.hxx View File

@@ -42,9 +42,9 @@


/** @cond internal */ /** @cond internal */
#if __cplusplus >= 201103L #if __cplusplus >= 201103L
#define NOEXCEPT noexcept
#define DECAF_NOEXCEPT noexcept
#else #else
#define NOEXCEPT throw()
#define DECAF_NOEXCEPT throw()
#endif #endif
/** @endcond */ /** @endcond */


@@ -86,53 +86,53 @@ public:


/** @cond internal */ /** @cond internal */
/** Don't initialize. */ /** Don't initialize. */
inline Scalar(const NOINIT &) NOEXCEPT {}
inline Scalar(const NOINIT &) DECAF_NOEXCEPT {}
/** @endcond */ /** @endcond */


/** Set to an unsigned word */ /** Set to an unsigned word */
inline Scalar(uint64_t w) NOEXCEPT { *this = w; }
inline Scalar(uint64_t w) DECAF_NOEXCEPT { *this = w; }


/** Set to a signed word */ /** Set to a signed word */
inline Scalar(int64_t w) NOEXCEPT { *this = w; }
inline Scalar(int64_t w) DECAF_NOEXCEPT { *this = w; }


/** Set to an unsigned word */ /** Set to an unsigned word */
inline Scalar(unsigned int w) NOEXCEPT { *this = w; }
inline Scalar(unsigned int w) DECAF_NOEXCEPT { *this = w; }


/** Set to a signed word */ /** Set to a signed word */
inline Scalar(int w) NOEXCEPT { *this = w; }
inline Scalar(int w) DECAF_NOEXCEPT { *this = w; }


/** Construct from RNG */ /** Construct from RNG */
inline explicit Scalar(Rng &rng) NOEXCEPT {
inline explicit Scalar(Rng &rng) DECAF_NOEXCEPT {
FixedArrayBuffer<SER_BYTES + 16> sb(rng); FixedArrayBuffer<SER_BYTES + 16> sb(rng);
*this = sb; *this = sb;
} }


/** Construct from decaf_scalar_t object. */ /** Construct from decaf_scalar_t object. */
inline Scalar(const Wrapped &t = decaf_255_scalar_zero) NOEXCEPT { decaf_255_scalar_copy(s,t); }
inline Scalar(const Wrapped &t = decaf_255_scalar_zero) DECAF_NOEXCEPT { decaf_255_scalar_copy(s,t); }


/** Copy constructor. */ /** Copy constructor. */
inline Scalar(const Scalar &x) NOEXCEPT { *this = x; }
inline Scalar(const Scalar &x) DECAF_NOEXCEPT { *this = x; }


/** Construct from arbitrary-length little-endian byte sequence. */ /** Construct from arbitrary-length little-endian byte sequence. */
inline Scalar(const Block &buffer) NOEXCEPT { *this = buffer; }
inline Scalar(const Block &buffer) DECAF_NOEXCEPT { *this = buffer; }


/** Serializable instance */ /** Serializable instance */
inline size_t ser_size() const NOEXCEPT { return SER_BYTES; }
inline size_t ser_size() const DECAF_NOEXCEPT { return SER_BYTES; }


/** Serializable instance */ /** Serializable instance */
inline void serialize_into(unsigned char *buffer) const NOEXCEPT {
inline void serialize_into(unsigned char *buffer) const DECAF_NOEXCEPT {
decaf_255_scalar_encode(buffer, s); decaf_255_scalar_encode(buffer, s);
} }


/** Assignment. */ /** Assignment. */
inline Scalar& operator=(const Scalar &x) NOEXCEPT { decaf_255_scalar_copy(s,x.s); return *this; }
inline Scalar& operator=(const Scalar &x) DECAF_NOEXCEPT { decaf_255_scalar_copy(s,x.s); return *this; }


/** Assign from unsigned 64-bit integer. */ /** Assign from unsigned 64-bit integer. */
inline Scalar& operator=(uint64_t w) NOEXCEPT { decaf_255_scalar_set_unsigned(s,w); return *this; }
inline Scalar& operator=(uint64_t w) DECAF_NOEXCEPT { decaf_255_scalar_set_unsigned(s,w); return *this; }




/** Assign from signed int. */ /** Assign from signed int. */
inline Scalar& operator=(int64_t w) NOEXCEPT {
inline Scalar& operator=(int64_t w) DECAF_NOEXCEPT {
Scalar t(-(uint64_t)INT_MIN); Scalar t(-(uint64_t)INT_MIN);
decaf_255_scalar_set_unsigned(s,(uint64_t)w - (uint64_t)INT_MIN); decaf_255_scalar_set_unsigned(s,(uint64_t)w - (uint64_t)INT_MIN);
*this -= t; *this -= t;
@@ -140,16 +140,16 @@ public:
} }


/** Assign from unsigned int. */ /** Assign from unsigned int. */
inline Scalar& operator=(unsigned int w) NOEXCEPT { return *this = (uint64_t)w; }
inline Scalar& operator=(unsigned int w) DECAF_NOEXCEPT { return *this = (uint64_t)w; }


/** Assign from signed int. */ /** Assign from signed int. */
inline Scalar& operator=(int w) NOEXCEPT { return *this = (int64_t)w; }
inline Scalar& operator=(int w) DECAF_NOEXCEPT { return *this = (int64_t)w; }


/** Destructor securely zeorizes the scalar. */ /** Destructor securely zeorizes the scalar. */
inline ~Scalar() NOEXCEPT { decaf_255_scalar_destroy(s); }
inline ~Scalar() DECAF_NOEXCEPT { decaf_255_scalar_destroy(s); }


/** Assign from arbitrary-length little-endian byte sequence in a Block. */ /** Assign from arbitrary-length little-endian byte sequence in a Block. */
inline Scalar &operator=(const Block &bl) NOEXCEPT {
inline Scalar &operator=(const Block &bl) DECAF_NOEXCEPT {
decaf_255_scalar_decode_long(s,bl.data(),bl.size()); return *this; decaf_255_scalar_decode_long(s,bl.data(),bl.size()); return *this;
} }


@@ -157,32 +157,32 @@ public:
* Decode from correct-length little-endian byte sequence. * Decode from correct-length little-endian byte sequence.
* @return DECAF_FAILURE if the scalar is greater than or equal to the group order q. * @return DECAF_FAILURE if the scalar is greater than or equal to the group order q.
*/ */
static inline decaf_error_t WARN_UNUSED decode (
static inline decaf_error_t DECAF_WARN_UNUSED decode (
Scalar &sc, const FixedBlock<SER_BYTES> buffer Scalar &sc, const FixedBlock<SER_BYTES> buffer
) NOEXCEPT {
) DECAF_NOEXCEPT {
return decaf_255_scalar_decode(sc.s,buffer.data()); return decaf_255_scalar_decode(sc.s,buffer.data());
} }


/** Add. */ /** Add. */
inline Scalar operator+ (const Scalar &q) const NOEXCEPT { Scalar r((NOINIT())); decaf_255_scalar_add(r.s,s,q.s); return r; }
inline Scalar operator+ (const Scalar &q) const DECAF_NOEXCEPT { Scalar r((NOINIT())); decaf_255_scalar_add(r.s,s,q.s); return r; }


/** Add to this. */ /** Add to this. */
inline Scalar &operator+=(const Scalar &q) NOEXCEPT { decaf_255_scalar_add(s,s,q.s); return *this; }
inline Scalar &operator+=(const Scalar &q) DECAF_NOEXCEPT { decaf_255_scalar_add(s,s,q.s); return *this; }


/** Subtract. */ /** Subtract. */
inline Scalar operator- (const Scalar &q) const NOEXCEPT { Scalar r((NOINIT())); decaf_255_scalar_sub(r.s,s,q.s); return r; }
inline Scalar operator- (const Scalar &q) const DECAF_NOEXCEPT { Scalar r((NOINIT())); decaf_255_scalar_sub(r.s,s,q.s); return r; }


/** Subtract from this. */ /** Subtract from this. */
inline Scalar &operator-=(const Scalar &q) NOEXCEPT { decaf_255_scalar_sub(s,s,q.s); return *this; }
inline Scalar &operator-=(const Scalar &q) DECAF_NOEXCEPT { decaf_255_scalar_sub(s,s,q.s); return *this; }


/** Multiply */ /** Multiply */
inline Scalar operator* (const Scalar &q) const NOEXCEPT { Scalar r((NOINIT())); decaf_255_scalar_mul(r.s,s,q.s); return r; }
inline Scalar operator* (const Scalar &q) const DECAF_NOEXCEPT { Scalar r((NOINIT())); decaf_255_scalar_mul(r.s,s,q.s); return r; }


/** Multiply into this. */ /** Multiply into this. */
inline Scalar &operator*=(const Scalar &q) NOEXCEPT { decaf_255_scalar_mul(s,s,q.s); return *this; }
inline Scalar &operator*=(const Scalar &q) DECAF_NOEXCEPT { decaf_255_scalar_mul(s,s,q.s); return *this; }


/** Negate */ /** Negate */
inline Scalar operator- () const NOEXCEPT { Scalar r((NOINIT())); decaf_255_scalar_sub(r.s,decaf_255_scalar_zero,s); return r; }
inline Scalar operator- () const DECAF_NOEXCEPT { Scalar r((NOINIT())); decaf_255_scalar_sub(r.s,decaf_255_scalar_zero,s); return r; }


/** Invert with Fermat's Little Theorem (slow!). If *this == 0, /** Invert with Fermat's Little Theorem (slow!). If *this == 0,
* throw CryptoException. */ * throw CryptoException. */
@@ -196,8 +196,8 @@ public:


/** Invert with Fermat's Little Theorem (slow!). If *this == 0, set r=0 /** Invert with Fermat's Little Theorem (slow!). If *this == 0, set r=0
* and return DECAF_FAILURE. */ * and return DECAF_FAILURE. */
inline decaf_error_t WARN_UNUSED
inverse_noexcept(Scalar &r) const NOEXCEPT {
inline decaf_error_t DECAF_WARN_UNUSED
inverse_noexcept(Scalar &r) const DECAF_NOEXCEPT {
return decaf_255_scalar_invert(r.s,s); return decaf_255_scalar_invert(r.s,s);
} }


@@ -211,16 +211,16 @@ public:
inline Scalar half() const { Scalar out; decaf_255_scalar_halve(out.s,s); return out; } inline Scalar half() const { Scalar out; decaf_255_scalar_halve(out.s,s); return out; }


/** Compare in constant time */ /** Compare in constant time */
inline bool operator!=(const Scalar &q) const NOEXCEPT { return !(*this == q); }
inline bool operator!=(const Scalar &q) const DECAF_NOEXCEPT { return !(*this == q); }


/** Compare in constant time */ /** Compare in constant time */
inline bool operator==(const Scalar &q) const NOEXCEPT { return !!decaf_255_scalar_eq(s,q.s); }
inline bool operator==(const Scalar &q) const DECAF_NOEXCEPT { return !!decaf_255_scalar_eq(s,q.s); }


/** Scalarmul with scalar on left. */ /** Scalarmul with scalar on left. */
inline Point operator* (const Point &q) const NOEXCEPT { return q * (*this); }
inline Point operator* (const Point &q) const DECAF_NOEXCEPT { return q * (*this); }


/** Scalarmul-precomputed with scalar on left. */ /** Scalarmul-precomputed with scalar on left. */
inline Point operator* (const Precomputed &q) const NOEXCEPT { return q * (*this); }
inline Point operator* (const Precomputed &q) const DECAF_NOEXCEPT { return q * (*this); }


/** Direct scalar multiplication. */ /** Direct scalar multiplication. */
inline SecureBuffer direct_scalarmul( inline SecureBuffer direct_scalarmul(
@@ -266,23 +266,23 @@ public:


/** @cond internal */ /** @cond internal */
/** Don't initialize. */ /** Don't initialize. */
inline Point(const NOINIT &) NOEXCEPT {}
inline Point(const NOINIT &) DECAF_NOEXCEPT {}
/** @endcond */ /** @endcond */


/** Constructor sets to identity by default. */ /** Constructor sets to identity by default. */
inline Point(const Wrapped &q = decaf_255_point_identity) NOEXCEPT { decaf_255_point_copy(p,q); }
inline Point(const Wrapped &q = decaf_255_point_identity) DECAF_NOEXCEPT { decaf_255_point_copy(p,q); }


/** Copy constructor. */ /** Copy constructor. */
inline Point(const Point &q) NOEXCEPT { *this = q; }
inline Point(const Point &q) DECAF_NOEXCEPT { *this = q; }


/** Assignment. */ /** Assignment. */
inline Point& operator=(const Point &q) NOEXCEPT { decaf_255_point_copy(p,q.p); return *this; }
inline Point& operator=(const Point &q) DECAF_NOEXCEPT { decaf_255_point_copy(p,q.p); return *this; }


/** Destructor securely zeorizes the point. */ /** Destructor securely zeorizes the point. */
inline ~Point() NOEXCEPT { decaf_255_point_destroy(p); }
inline ~Point() DECAF_NOEXCEPT { decaf_255_point_destroy(p); }


/** Construct from RNG */ /** Construct from RNG */
inline explicit Point(Rng &rng, bool uniform = true) NOEXCEPT {
inline explicit Point(Rng &rng, bool uniform = true) DECAF_NOEXCEPT {
if (uniform) { if (uniform) {
FixedArrayBuffer<2*HASH_BYTES> b(rng); FixedArrayBuffer<2*HASH_BYTES> b(rng);
set_to_hash(b); set_to_hash(b);
@@ -314,9 +314,9 @@ public:
* @return DECAF_FAILURE the string was the wrong length, or wasn't the encoding of a point, * @return DECAF_FAILURE the string was the wrong length, or wasn't the encoding of a point,
* or was the identity and allow_identity was DECAF_FALSE. Contents of the buffer are undefined. * or was the identity and allow_identity was DECAF_FALSE. Contents of the buffer are undefined.
*/ */
inline decaf_error_t WARN_UNUSED decode (
inline decaf_error_t DECAF_WARN_UNUSED decode (
const FixedBlock<SER_BYTES> &buffer, decaf_bool_t allow_identity=DECAF_TRUE const FixedBlock<SER_BYTES> &buffer, decaf_bool_t allow_identity=DECAF_TRUE
) NOEXCEPT {
) DECAF_NOEXCEPT {
return decaf_255_point_decode(p,buffer.data(),allow_identity); return decaf_255_point_decode(p,buffer.data(),allow_identity);
} }


@@ -328,9 +328,9 @@ public:
* @return DECAF_FAILURE the string was the wrong length, or wasn't the encoding of a point. * @return DECAF_FAILURE the string was the wrong length, or wasn't the encoding of a point.
* Contents of the point are undefined. * Contents of the point are undefined.
*/ */
inline decaf_error_t WARN_UNUSED decode_like_eddsa_and_ignore_cofactor_noexcept (
inline decaf_error_t DECAF_WARN_UNUSED decode_like_eddsa_and_ignore_cofactor_noexcept (
const FixedBlock<DECAF_EDDSA_25519_PUBLIC_BYTES> &buffer const FixedBlock<DECAF_EDDSA_25519_PUBLIC_BYTES> &buffer
) NOEXCEPT {
) DECAF_NOEXCEPT {
return decaf_255_point_decode_like_eddsa_and_ignore_cofactor(p,buffer.data()); return decaf_255_point_decode_like_eddsa_and_ignore_cofactor(p,buffer.data());
} }


@@ -353,7 +353,7 @@ public:
* If the buffer is shorter than 2*HASH_BYTES, well, it won't be as uniform, * If the buffer is shorter than 2*HASH_BYTES, well, it won't be as uniform,
* but the buffer will be zero-padded on the right. * but the buffer will be zero-padded on the right.
*/ */
static inline Point from_hash ( const Block &s ) NOEXCEPT {
static inline Point from_hash ( const Block &s ) DECAF_NOEXCEPT {
Point p((NOINIT())); p.set_to_hash(s); return p; Point p((NOINIT())); p.set_to_hash(s); return p;
} }


@@ -363,7 +363,7 @@ public:
* If the buffer is shorter than 2*HASH_BYTES, well, it won't be as uniform, * If the buffer is shorter than 2*HASH_BYTES, well, it won't be as uniform,
* but the buffer will be zero-padded on the right. * but the buffer will be zero-padded on the right.
*/ */
inline void set_to_hash( const Block &s ) NOEXCEPT {
inline void set_to_hash( const Block &s ) DECAF_NOEXCEPT {
if (s.size() < HASH_BYTES) { if (s.size() < HASH_BYTES) {
SecureBuffer b(HASH_BYTES); SecureBuffer b(HASH_BYTES);
memcpy(b.data(), s.data(), s.size()); memcpy(b.data(), s.data(), s.size());
@@ -389,45 +389,45 @@ public:
} }


/** Serializable instance */ /** Serializable instance */
inline size_t ser_size() const NOEXCEPT { return SER_BYTES; }
inline size_t ser_size() const DECAF_NOEXCEPT { return SER_BYTES; }


/** Serializable instance */ /** Serializable instance */
inline void serialize_into(unsigned char *buffer) const NOEXCEPT {
inline void serialize_into(unsigned char *buffer) const DECAF_NOEXCEPT {
decaf_255_point_encode(buffer, p); decaf_255_point_encode(buffer, p);
} }


/** Point add. */ /** Point add. */
inline Point operator+ (const Point &q) const NOEXCEPT { Point r((NOINIT())); decaf_255_point_add(r.p,p,q.p); return r; }
inline Point operator+ (const Point &q) const DECAF_NOEXCEPT { Point r((NOINIT())); decaf_255_point_add(r.p,p,q.p); return r; }


/** Point add. */ /** Point add. */
inline Point &operator+=(const Point &q) NOEXCEPT { decaf_255_point_add(p,p,q.p); return *this; }
inline Point &operator+=(const Point &q) DECAF_NOEXCEPT { decaf_255_point_add(p,p,q.p); return *this; }


/** Point subtract. */ /** Point subtract. */
inline Point operator- (const Point &q) const NOEXCEPT { Point r((NOINIT())); decaf_255_point_sub(r.p,p,q.p); return r; }
inline Point operator- (const Point &q) const DECAF_NOEXCEPT { Point r((NOINIT())); decaf_255_point_sub(r.p,p,q.p); return r; }


/** Point subtract. */ /** Point subtract. */
inline Point &operator-=(const Point &q) NOEXCEPT { decaf_255_point_sub(p,p,q.p); return *this; }
inline Point &operator-=(const Point &q) DECAF_NOEXCEPT { decaf_255_point_sub(p,p,q.p); return *this; }


/** Point negate. */ /** Point negate. */
inline Point operator- () const NOEXCEPT { Point r((NOINIT())); decaf_255_point_negate(r.p,p); return r; }
inline Point operator- () const DECAF_NOEXCEPT { Point r((NOINIT())); decaf_255_point_negate(r.p,p); return r; }


/** Double the point out of place. */ /** Double the point out of place. */
inline Point times_two () const NOEXCEPT { Point r((NOINIT())); decaf_255_point_double(r.p,p); return r; }
inline Point times_two () const DECAF_NOEXCEPT { Point r((NOINIT())); decaf_255_point_double(r.p,p); return r; }


/** Double the point in place. */ /** Double the point in place. */
inline Point &double_in_place() NOEXCEPT { decaf_255_point_double(p,p); return *this; }
inline Point &double_in_place() DECAF_NOEXCEPT { decaf_255_point_double(p,p); return *this; }


/** Constant-time compare. */ /** Constant-time compare. */
inline bool operator!=(const Point &q) const NOEXCEPT { return ! decaf_255_point_eq(p,q.p); }
inline bool operator!=(const Point &q) const DECAF_NOEXCEPT { return ! decaf_255_point_eq(p,q.p); }


/** Constant-time compare. */ /** Constant-time compare. */
inline bool operator==(const Point &q) const NOEXCEPT { return !!decaf_255_point_eq(p,q.p); }
inline bool operator==(const Point &q) const DECAF_NOEXCEPT { return !!decaf_255_point_eq(p,q.p); }


/** Scalar multiply. */ /** Scalar multiply. */
inline Point operator* (const Scalar &s) const NOEXCEPT { Point r((NOINIT())); decaf_255_point_scalarmul(r.p,p,s.s); return r; }
inline Point operator* (const Scalar &s) const DECAF_NOEXCEPT { Point r((NOINIT())); decaf_255_point_scalarmul(r.p,p,s.s); return r; }


/** Scalar multiply in place. */ /** Scalar multiply in place. */
inline Point &operator*=(const Scalar &s) NOEXCEPT { decaf_255_point_scalarmul(p,p,s.s); return *this; }
inline Point &operator*=(const Scalar &s) DECAF_NOEXCEPT { decaf_255_point_scalarmul(p,p,s.s); return *this; }


/** Multiply by s.inverse(). If s=0, maps to the identity. */ /** Multiply by s.inverse(). If s=0, maps to the identity. */
inline Point operator/ (const Scalar &s) const throw(CryptoException) { return (*this) * s.inverse(); } inline Point operator/ (const Scalar &s) const throw(CryptoException) { return (*this) * s.inverse(); }
@@ -436,19 +436,19 @@ public:
inline Point &operator/=(const Scalar &s) throw(CryptoException) { return (*this) *= s.inverse(); } inline Point &operator/=(const Scalar &s) throw(CryptoException) { return (*this) *= s.inverse(); }


/** Validate / sanity check */ /** Validate / sanity check */
inline bool validate() const NOEXCEPT { return decaf_255_point_valid(p); }
inline bool validate() const DECAF_NOEXCEPT { return decaf_255_point_valid(p); }


/** Double-scalar multiply, equivalent to q*qs + r*rs but faster. */ /** Double-scalar multiply, equivalent to q*qs + r*rs but faster. */
static inline Point double_scalarmul ( static inline Point double_scalarmul (
const Point &q, const Scalar &qs, const Point &r, const Scalar &rs const Point &q, const Scalar &qs, const Point &r, const Scalar &rs
) NOEXCEPT {
) DECAF_NOEXCEPT {
Point p((NOINIT())); decaf_255_point_double_scalarmul(p.p,q.p,qs.s,r.p,rs.s); return p; Point p((NOINIT())); decaf_255_point_double_scalarmul(p.p,q.p,qs.s,r.p,rs.s); return p;
} }


/** Dual-scalar multiply, equivalent to this*r1, this*r2 but faster. */ /** Dual-scalar multiply, equivalent to this*r1, this*r2 but faster. */
inline void dual_scalarmul ( inline void dual_scalarmul (
Point &q1, Point &q2, const Scalar &r1, const Scalar &r2 Point &q1, Point &q2, const Scalar &r1, const Scalar &r2
) const NOEXCEPT {
) const DECAF_NOEXCEPT {
decaf_255_point_dual_scalarmul(q1.p,q2.p,p,r1.s,r2.s); decaf_255_point_dual_scalarmul(q1.p,q2.p,p,r1.s,r2.s);
} }


@@ -458,7 +458,7 @@ public:
*/ */
static inline Point double_scalarmul ( static inline Point double_scalarmul (
const Scalar &qs, const Point &q, const Scalar &rs, const Point &r const Scalar &qs, const Point &q, const Scalar &rs, const Point &r
) NOEXCEPT {
) DECAF_NOEXCEPT {
return double_scalarmul(q,qs,r,rs); return double_scalarmul(q,qs,r,rs);
} }


@@ -467,26 +467,26 @@ public:
* @warning This function takes variable time, and may leak the scalars (or points, but currently * @warning This function takes variable time, and may leak the scalars (or points, but currently
* it doesn't). * it doesn't).
*/ */
inline Point non_secret_combo_with_base(const Scalar &s, const Scalar &s_base) NOEXCEPT {
inline Point non_secret_combo_with_base(const Scalar &s, const Scalar &s_base) DECAF_NOEXCEPT {
Point r((NOINIT())); decaf_255_base_double_scalarmul_non_secret(r.p,s_base.s,p,s.s); return r; Point r((NOINIT())); decaf_255_base_double_scalarmul_non_secret(r.p,s_base.s,p,s.s); return r;
} }


/** Return a point equal to *this, whose internal data is rotated by a torsion element. */ /** Return a point equal to *this, whose internal data is rotated by a torsion element. */
inline Point debugging_torque() const NOEXCEPT {
inline Point debugging_torque() const DECAF_NOEXCEPT {
Point q; Point q;
decaf_255_point_debugging_torque(q.p,p); decaf_255_point_debugging_torque(q.p,p);
return q; return q;
} }


/** Return a point equal to *this, whose internal data has a modified representation. */ /** Return a point equal to *this, whose internal data has a modified representation. */
inline Point debugging_pscale(const FixedBlock<SER_BYTES> factor) const NOEXCEPT {
inline Point debugging_pscale(const FixedBlock<SER_BYTES> factor) const DECAF_NOEXCEPT {
Point q; Point q;
decaf_255_point_debugging_pscale(q.p,p,factor.data()); decaf_255_point_debugging_pscale(q.p,p,factor.data());
return q; return q;
} }


/** Return a point equal to *this, whose internal data has a randomized representation. */ /** Return a point equal to *this, whose internal data has a randomized representation. */
inline Point debugging_pscale(Rng &r) const NOEXCEPT {
inline Point debugging_pscale(Rng &r) const DECAF_NOEXCEPT {
FixedArrayBuffer<SER_BYTES> sb(r); FixedArrayBuffer<SER_BYTES> sb(r);
return debugging_pscale(sb); return debugging_pscale(sb);
} }
@@ -497,7 +497,7 @@ public:
*/ */
inline decaf_error_t invert_elligator ( inline decaf_error_t invert_elligator (
Buffer buf, uint32_t hint Buffer buf, uint32_t hint
) const NOEXCEPT {
) const DECAF_NOEXCEPT {
unsigned char buf2[2*HASH_BYTES]; unsigned char buf2[2*HASH_BYTES];
memset(buf2,0,sizeof(buf2)); memset(buf2,0,sizeof(buf2));
memcpy(buf2,buf.data(),(buf.size() > 2*HASH_BYTES) ? 2*HASH_BYTES : buf.size()); memcpy(buf2,buf.data(),(buf.size() > 2*HASH_BYTES) ? 2*HASH_BYTES : buf.size());
@@ -532,10 +532,10 @@ public:
} }


/** Return the base point */ /** Return the base point */
static inline const Point base() NOEXCEPT { return Point(decaf_255_point_base); }
static inline const Point base() DECAF_NOEXCEPT { return Point(decaf_255_point_base); }


/** Return the identity point */ /** Return the identity point */
static inline const Point identity() NOEXCEPT { return Point(decaf_255_point_identity); }
static inline const Point identity() DECAF_NOEXCEPT { return Point(decaf_255_point_identity); }
}; };


/** /**
@@ -556,7 +556,7 @@ class Precomputed
public: public:


/** Destructor securely zeorizes the memory. */ /** Destructor securely zeorizes the memory. */
inline ~Precomputed() NOEXCEPT { clear(); }
inline ~Precomputed() DECAF_NOEXCEPT { clear(); }


/** /**
* Initialize from underlying type, declared as a reference to prevent * Initialize from underlying type, declared as a reference to prevent
@@ -571,23 +571,23 @@ public:
*/ */
inline Precomputed ( inline Precomputed (
const Precomputed_U &yours = *default_value() const Precomputed_U &yours = *default_value()
) NOEXCEPT : OwnedOrUnowned<Precomputed,Precomputed_U>(yours) {}
) DECAF_NOEXCEPT : OwnedOrUnowned<Precomputed,Precomputed_U>(yours) {}




#if __cplusplus >= 201103L #if __cplusplus >= 201103L
/** Move-assign operator */ /** Move-assign operator */
inline Precomputed &operator=(Precomputed &&it) NOEXCEPT {
inline Precomputed &operator=(Precomputed &&it) DECAF_NOEXCEPT {
OwnedOrUnowned<Precomputed,Precomputed_U>::operator= (it); OwnedOrUnowned<Precomputed,Precomputed_U>::operator= (it);
return *this; return *this;
} }


/** Move constructor */ /** Move constructor */
inline Precomputed(Precomputed &&it) NOEXCEPT : OwnedOrUnowned<Precomputed,Precomputed_U>() {
inline Precomputed(Precomputed &&it) DECAF_NOEXCEPT : OwnedOrUnowned<Precomputed,Precomputed_U>() {
*this = it; *this = it;
} }


/** Undelete copy operator */ /** Undelete copy operator */
inline Precomputed &operator=(const Precomputed &it) NOEXCEPT {
inline Precomputed &operator=(const Precomputed &it) DECAF_NOEXCEPT {
OwnedOrUnowned<Precomputed,Precomputed_U>::operator= (it); OwnedOrUnowned<Precomputed,Precomputed_U>::operator= (it);
return *this; return *this;
} }
@@ -615,20 +615,20 @@ public:
: OwnedOrUnowned<Precomputed,Precomputed_U>() { *this = it; } : OwnedOrUnowned<Precomputed,Precomputed_U>() { *this = it; }


/** Fixed base scalarmul. */ /** Fixed base scalarmul. */
inline Point operator* (const Scalar &s) const NOEXCEPT { Point r; decaf_255_precomputed_scalarmul(r.p,get(),s.s); return r; }
inline Point operator* (const Scalar &s) const DECAF_NOEXCEPT { Point r; decaf_255_precomputed_scalarmul(r.p,get(),s.s); return r; }


/** Multiply by s.inverse(). If s=0, maps to the identity. */ /** Multiply by s.inverse(). If s=0, maps to the identity. */
inline Point operator/ (const Scalar &s) const throw(CryptoException) { return (*this) * s.inverse(); } inline Point operator/ (const Scalar &s) const throw(CryptoException) { return (*this) * s.inverse(); }


/** Return the table for the base point. */ /** Return the table for the base point. */
static inline const Precomputed base() NOEXCEPT { return Precomputed(); }
static inline const Precomputed base() DECAF_NOEXCEPT { return Precomputed(); }


public: public:
/** @cond internal */ /** @cond internal */
friend class OwnedOrUnowned<Precomputed,Precomputed_U>; friend class OwnedOrUnowned<Precomputed,Precomputed_U>;
static inline size_t size() NOEXCEPT { return decaf_255_sizeof_precomputed_s; }
static inline size_t alignment() NOEXCEPT { return decaf_255_alignof_precomputed_s; }
static inline const Precomputed_U * default_value() NOEXCEPT { return decaf_255_precomputed_base; }
static inline size_t size() DECAF_NOEXCEPT { return decaf_255_sizeof_precomputed_s; }
static inline size_t alignment() DECAF_NOEXCEPT { return decaf_255_alignof_precomputed_s; }
static inline const Precomputed_U * default_value() DECAF_NOEXCEPT { return decaf_255_precomputed_base; }
/** @endcond */ /** @endcond */
}; };


@@ -641,7 +641,7 @@ public:
static const size_t PRIVATE_BYTES = DECAF_X25519_PRIVATE_BYTES; static const size_t PRIVATE_BYTES = DECAF_X25519_PRIVATE_BYTES;


/** Base point for a scalar multiplication. */ /** Base point for a scalar multiplication. */
static const FixedBlock<PUBLIC_BYTES> base_point() NOEXCEPT {
static const FixedBlock<PUBLIC_BYTES> base_point() DECAF_NOEXCEPT {
return FixedBlock<PUBLIC_BYTES>(decaf_x25519_base_point); return FixedBlock<PUBLIC_BYTES>(decaf_x25519_base_point);
} }


@@ -658,12 +658,12 @@ public:
} }


/** Calculate and write into out a shared secret with public key, noexcept version. */ /** Calculate and write into out a shared secret with public key, noexcept version. */
static inline decaf_error_t WARN_UNUSED
static inline decaf_error_t DECAF_WARN_UNUSED
shared_secret_noexcept ( shared_secret_noexcept (
FixedBuffer<PUBLIC_BYTES> &out, FixedBuffer<PUBLIC_BYTES> &out,
const FixedBlock<PUBLIC_BYTES> &pk, const FixedBlock<PUBLIC_BYTES> &pk,
const FixedBlock<PRIVATE_BYTES> &scalar const FixedBlock<PRIVATE_BYTES> &scalar
) NOEXCEPT {
) DECAF_NOEXCEPT {
return decaf_x25519(out.data(), pk.data(), scalar.data()); return decaf_x25519(out.data(), pk.data(), scalar.data());
} }


@@ -671,7 +671,7 @@ public:
* but possibly faster. * but possibly faster.
* @deprecated Renamed to derive_public_key. * @deprecated Renamed to derive_public_key.
*/ */
static inline SecureBuffer DEPRECATED("Renamed to derive_public_key")
static inline SecureBuffer DECAF_DEPRECATED("Renamed to derive_public_key")
generate_key( generate_key(
const FixedBlock<PRIVATE_BYTES> &scalar const FixedBlock<PRIVATE_BYTES> &scalar
) throw(std::bad_alloc) { ) throw(std::bad_alloc) {
@@ -698,7 +698,7 @@ public:
derive_public_key_noexcept ( derive_public_key_noexcept (
FixedBuffer<PUBLIC_BYTES> &out, FixedBuffer<PUBLIC_BYTES> &out,
const FixedBlock<PRIVATE_BYTES> &scalar const FixedBlock<PRIVATE_BYTES> &scalar
) NOEXCEPT {
) DECAF_NOEXCEPT {
decaf_x25519_derive_public_key(out.data(), scalar.data()); decaf_x25519_derive_public_key(out.data(), scalar.data());
} }


@@ -706,11 +706,11 @@ public:
* equivalent to shared_secret(base_point(),scalar) but possibly faster. * equivalent to shared_secret(base_point(),scalar) but possibly faster.
* @deprecated Renamed to derive_public_key_noexcept. * @deprecated Renamed to derive_public_key_noexcept.
*/ */
static inline void DEPRECATED("Renamed to derive_public_key_noexcept")
static inline void DECAF_DEPRECATED("Renamed to derive_public_key_noexcept")
generate_key_noexcept ( generate_key_noexcept (
FixedBuffer<PUBLIC_BYTES> &out, FixedBuffer<PUBLIC_BYTES> &out,
const FixedBlock<PRIVATE_BYTES> &scalar const FixedBlock<PRIVATE_BYTES> &scalar
) NOEXCEPT {
) DECAF_NOEXCEPT {
decaf_x25519_derive_public_key(out.data(), scalar.data()); decaf_x25519_derive_public_key(out.data(), scalar.data());
} }
}; };
@@ -733,7 +733,7 @@ inline SecureBuffer IsoEd25519::Scalar::direct_scalarmul (
} }
/** @endcond */ /** @endcond */


#undef NOEXCEPT
#undef DECAF_NOEXCEPT
} /* namespace decaf */ } /* namespace decaf */


#endif /* __DECAF_POINT_255_HXX__ */ #endif /* __DECAF_POINT_255_HXX__ */

+ 48
- 48
src/GENERATED/include/decaf/point_448.h View File

@@ -72,7 +72,7 @@ struct decaf_448_precomputed_s;
typedef struct decaf_448_precomputed_s decaf_448_precomputed_s; typedef struct decaf_448_precomputed_s decaf_448_precomputed_s;


/** Size and alignment of precomputed point tables. */ /** Size and alignment of precomputed point tables. */
extern const size_t decaf_448_sizeof_precomputed_s API_VIS, decaf_448_alignof_precomputed_s API_VIS;
extern const size_t decaf_448_sizeof_precomputed_s DECAF_API_VIS, decaf_448_alignof_precomputed_s DECAF_API_VIS;


/** Scalar is stored packed, because we don't need the speed. */ /** Scalar is stored packed, because we don't need the speed. */
typedef struct decaf_448_scalar_s { typedef struct decaf_448_scalar_s {
@@ -82,19 +82,19 @@ typedef struct decaf_448_scalar_s {
} decaf_448_scalar_t[1]; } decaf_448_scalar_t[1];


/** A scalar equal to 1. */ /** A scalar equal to 1. */
extern const decaf_448_scalar_t decaf_448_scalar_one API_VIS;
extern const decaf_448_scalar_t decaf_448_scalar_one DECAF_API_VIS;


/** A scalar equal to 0. */ /** A scalar equal to 0. */
extern const decaf_448_scalar_t decaf_448_scalar_zero API_VIS;
extern const decaf_448_scalar_t decaf_448_scalar_zero DECAF_API_VIS;


/** The identity point on the curve. */ /** The identity point on the curve. */
extern const decaf_448_point_t decaf_448_point_identity API_VIS;
extern const decaf_448_point_t decaf_448_point_identity DECAF_API_VIS;


/** An arbitrarily chosen base point on the curve. */ /** An arbitrarily chosen base point on the curve. */
extern const decaf_448_point_t decaf_448_point_base API_VIS;
extern const decaf_448_point_t decaf_448_point_base DECAF_API_VIS;


/** Precomputed table for the base point on the curve. */ /** Precomputed table for the base point on the curve. */
extern const struct decaf_448_precomputed_s *decaf_448_precomputed_base API_VIS;
extern const struct decaf_448_precomputed_s *decaf_448_precomputed_base DECAF_API_VIS;


/** /**
* @brief Read a scalar from wire format or from bytes. * @brief Read a scalar from wire format or from bytes.
@@ -109,7 +109,7 @@ extern const struct decaf_448_precomputed_s *decaf_448_precomputed_base API_VIS;
decaf_error_t decaf_448_scalar_decode ( decaf_error_t decaf_448_scalar_decode (
decaf_448_scalar_t out, decaf_448_scalar_t out,
const unsigned char ser[DECAF_448_SCALAR_BYTES] const unsigned char ser[DECAF_448_SCALAR_BYTES]
) API_VIS WARN_UNUSED NONNULL NOINLINE;
) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Read a scalar from wire format or from bytes. Reduces mod * @brief Read a scalar from wire format or from bytes. Reduces mod
@@ -123,7 +123,7 @@ void decaf_448_scalar_decode_long (
decaf_448_scalar_t out, decaf_448_scalar_t out,
const unsigned char *ser, const unsigned char *ser,
size_t ser_len size_t ser_len
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;
/** /**
* @brief Serialize a scalar to wire format. * @brief Serialize a scalar to wire format.
@@ -134,7 +134,7 @@ void decaf_448_scalar_decode_long (
void decaf_448_scalar_encode ( void decaf_448_scalar_encode (
unsigned char ser[DECAF_448_SCALAR_BYTES], unsigned char ser[DECAF_448_SCALAR_BYTES],
const decaf_448_scalar_t s const decaf_448_scalar_t s
) API_VIS NONNULL NOINLINE NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE DECAF_NOINLINE;
/** /**
* @brief Add two scalars. The scalars may use the same memory. * @brief Add two scalars. The scalars may use the same memory.
@@ -146,7 +146,7 @@ void decaf_448_scalar_add (
decaf_448_scalar_t out, decaf_448_scalar_t out,
const decaf_448_scalar_t a, const decaf_448_scalar_t a,
const decaf_448_scalar_t b const decaf_448_scalar_t b
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Compare two scalars. * @brief Compare two scalars.
@@ -158,7 +158,7 @@ void decaf_448_scalar_add (
decaf_bool_t decaf_448_scalar_eq ( decaf_bool_t decaf_448_scalar_eq (
const decaf_448_scalar_t a, const decaf_448_scalar_t a,
const decaf_448_scalar_t b const decaf_448_scalar_t b
) API_VIS WARN_UNUSED NONNULL NOINLINE;
) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Subtract two scalars. The scalars may use the same memory. * @brief Subtract two scalars. The scalars may use the same memory.
@@ -170,7 +170,7 @@ void decaf_448_scalar_sub (
decaf_448_scalar_t out, decaf_448_scalar_t out,
const decaf_448_scalar_t a, const decaf_448_scalar_t a,
const decaf_448_scalar_t b const decaf_448_scalar_t b
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Multiply two scalars. The scalars may use the same memory. * @brief Multiply two scalars. The scalars may use the same memory.
@@ -182,7 +182,7 @@ void decaf_448_scalar_mul (
decaf_448_scalar_t out, decaf_448_scalar_t out,
const decaf_448_scalar_t a, const decaf_448_scalar_t a,
const decaf_448_scalar_t b const decaf_448_scalar_t b
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;
/** /**
* @brief Halve a scalar. The scalars may use the same memory. * @brief Halve a scalar. The scalars may use the same memory.
@@ -192,7 +192,7 @@ void decaf_448_scalar_mul (
void decaf_448_scalar_halve ( void decaf_448_scalar_halve (
decaf_448_scalar_t out, decaf_448_scalar_t out,
const decaf_448_scalar_t a const decaf_448_scalar_t a
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Invert a scalar. When passed zero, return 0. The input and output may alias. * @brief Invert a scalar. When passed zero, return 0. The input and output may alias.
@@ -203,7 +203,7 @@ void decaf_448_scalar_halve (
decaf_error_t decaf_448_scalar_invert ( decaf_error_t decaf_448_scalar_invert (
decaf_448_scalar_t out, decaf_448_scalar_t out,
const decaf_448_scalar_t a const decaf_448_scalar_t a
) API_VIS WARN_UNUSED NONNULL NOINLINE;
) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Copy a scalar. The scalars may use the same memory, in which * @brief Copy a scalar. The scalars may use the same memory, in which
@@ -211,7 +211,7 @@ decaf_error_t decaf_448_scalar_invert (
* @param [in] a A scalar. * @param [in] a A scalar.
* @param [out] out Will become a copy of a. * @param [out] out Will become a copy of a.
*/ */
static inline void NONNULL decaf_448_scalar_copy (
static inline void DECAF_NONNULL decaf_448_scalar_copy (
decaf_448_scalar_t out, decaf_448_scalar_t out,
const decaf_448_scalar_t a const decaf_448_scalar_t a
) { ) {
@@ -226,7 +226,7 @@ static inline void NONNULL decaf_448_scalar_copy (
void decaf_448_scalar_set_unsigned ( void decaf_448_scalar_set_unsigned (
decaf_448_scalar_t out, decaf_448_scalar_t out,
uint64_t a uint64_t a
) API_VIS NONNULL;
) DECAF_API_VIS DECAF_NONNULL;


/** /**
* @brief Encode a point as a sequence of bytes. * @brief Encode a point as a sequence of bytes.
@@ -237,7 +237,7 @@ void decaf_448_scalar_set_unsigned (
void decaf_448_point_encode ( void decaf_448_point_encode (
uint8_t ser[DECAF_448_SER_BYTES], uint8_t ser[DECAF_448_SER_BYTES],
const decaf_448_point_t pt const decaf_448_point_t pt
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Decode a point from a sequence of bytes. * @brief Decode a point from a sequence of bytes.
@@ -257,7 +257,7 @@ decaf_error_t decaf_448_point_decode (
decaf_448_point_t pt, decaf_448_point_t pt,
const uint8_t ser[DECAF_448_SER_BYTES], const uint8_t ser[DECAF_448_SER_BYTES],
decaf_bool_t allow_identity decaf_bool_t allow_identity
) API_VIS WARN_UNUSED NONNULL NOINLINE;
) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Copy a point. The input and output may alias, * @brief Copy a point. The input and output may alias,
@@ -266,7 +266,7 @@ decaf_error_t decaf_448_point_decode (
* @param [out] a A copy of the point. * @param [out] a A copy of the point.
* @param [in] b Any point. * @param [in] b Any point.
*/ */
static inline void NONNULL decaf_448_point_copy (
static inline void DECAF_NONNULL decaf_448_point_copy (
decaf_448_point_t a, decaf_448_point_t a,
const decaf_448_point_t b const decaf_448_point_t b
) { ) {
@@ -285,7 +285,7 @@ static inline void NONNULL decaf_448_point_copy (
decaf_bool_t decaf_448_point_eq ( decaf_bool_t decaf_448_point_eq (
const decaf_448_point_t a, const decaf_448_point_t a,
const decaf_448_point_t b const decaf_448_point_t b
) API_VIS WARN_UNUSED NONNULL NOINLINE;
) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Add two points to produce a third point. The * @brief Add two points to produce a third point. The
@@ -300,7 +300,7 @@ void decaf_448_point_add (
decaf_448_point_t sum, decaf_448_point_t sum,
const decaf_448_point_t a, const decaf_448_point_t a,
const decaf_448_point_t b const decaf_448_point_t b
) API_VIS NONNULL;
) DECAF_API_VIS DECAF_NONNULL;


/** /**
* @brief Double a point. Equivalent to * @brief Double a point. Equivalent to
@@ -312,7 +312,7 @@ void decaf_448_point_add (
void decaf_448_point_double ( void decaf_448_point_double (
decaf_448_point_t two_a, decaf_448_point_t two_a,
const decaf_448_point_t a const decaf_448_point_t a
) API_VIS NONNULL;
) DECAF_API_VIS DECAF_NONNULL;


/** /**
* @brief Subtract two points to produce a third point. The * @brief Subtract two points to produce a third point. The
@@ -327,7 +327,7 @@ void decaf_448_point_sub (
decaf_448_point_t diff, decaf_448_point_t diff,
const decaf_448_point_t a, const decaf_448_point_t a,
const decaf_448_point_t b const decaf_448_point_t b
) API_VIS NONNULL;
) DECAF_API_VIS DECAF_NONNULL;
/** /**
* @brief Negate a point to produce another point. The input * @brief Negate a point to produce another point. The input
@@ -339,7 +339,7 @@ void decaf_448_point_sub (
void decaf_448_point_negate ( void decaf_448_point_negate (
decaf_448_point_t nega, decaf_448_point_t nega,
const decaf_448_point_t a const decaf_448_point_t a
) API_VIS NONNULL;
) DECAF_API_VIS DECAF_NONNULL;


/** /**
* @brief Multiply a base point by a scalar: scaled = scalar*base. * @brief Multiply a base point by a scalar: scaled = scalar*base.
@@ -352,7 +352,7 @@ void decaf_448_point_scalarmul (
decaf_448_point_t scaled, decaf_448_point_t scaled,
const decaf_448_point_t base, const decaf_448_point_t base,
const decaf_448_scalar_t scalar const decaf_448_scalar_t scalar
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Multiply a base point by a scalar: scaled = scalar*base. * @brief Multiply a base point by a scalar: scaled = scalar*base.
@@ -377,7 +377,7 @@ decaf_error_t decaf_448_direct_scalarmul (
const decaf_448_scalar_t scalar, const decaf_448_scalar_t scalar,
decaf_bool_t allow_identity, decaf_bool_t allow_identity,
decaf_bool_t short_circuit decaf_bool_t short_circuit
) API_VIS NONNULL WARN_UNUSED NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_WARN_UNUSED DECAF_NOINLINE;


/** /**
* @brief RFC 7748 Diffie-Hellman scalarmul. This function uses a different * @brief RFC 7748 Diffie-Hellman scalarmul. This function uses a different
@@ -395,10 +395,10 @@ decaf_error_t decaf_x448 (
uint8_t out[DECAF_X448_PUBLIC_BYTES], uint8_t out[DECAF_X448_PUBLIC_BYTES],
const uint8_t base[DECAF_X448_PUBLIC_BYTES], const uint8_t base[DECAF_X448_PUBLIC_BYTES],
const uint8_t scalar[DECAF_X448_PRIVATE_BYTES] const uint8_t scalar[DECAF_X448_PRIVATE_BYTES]
) API_VIS NONNULL WARN_UNUSED NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_WARN_UNUSED DECAF_NOINLINE;


/** The base point for X448 Diffie-Hellman */ /** The base point for X448 Diffie-Hellman */
extern const uint8_t decaf_x448_base_point[DECAF_X448_PUBLIC_BYTES] API_VIS;
extern const uint8_t decaf_x448_base_point[DECAF_X448_PUBLIC_BYTES] DECAF_API_VIS;


/** /**
* @brief RFC 7748 Diffie-Hellman base point scalarmul. This function uses * @brief RFC 7748 Diffie-Hellman base point scalarmul. This function uses
@@ -413,7 +413,7 @@ extern const uint8_t decaf_x448_base_point[DECAF_X448_PUBLIC_BYTES] API_VIS;
void decaf_x448_generate_key ( void decaf_x448_generate_key (
uint8_t out[DECAF_X448_PUBLIC_BYTES], uint8_t out[DECAF_X448_PUBLIC_BYTES],
const uint8_t scalar[DECAF_X448_PRIVATE_BYTES] const uint8_t scalar[DECAF_X448_PRIVATE_BYTES]
) API_VIS NONNULL NOINLINE DEPRECATED("Renamed to decaf_x448_derive_public_key");
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE DECAF_DEPRECATED("Renamed to decaf_x448_derive_public_key");
/** /**
* @brief RFC 7748 Diffie-Hellman base point scalarmul. This function uses * @brief RFC 7748 Diffie-Hellman base point scalarmul. This function uses
@@ -428,7 +428,7 @@ void decaf_x448_generate_key (
void decaf_x448_derive_public_key ( void decaf_x448_derive_public_key (
uint8_t out[DECAF_X448_PUBLIC_BYTES], uint8_t out[DECAF_X448_PUBLIC_BYTES],
const uint8_t scalar[DECAF_X448_PRIVATE_BYTES] const uint8_t scalar[DECAF_X448_PRIVATE_BYTES]
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/* FUTURE: uint8_t decaf_448_encode_like_curve448) */ /* FUTURE: uint8_t decaf_448_encode_like_curve448) */


@@ -444,7 +444,7 @@ void decaf_x448_derive_public_key (
void decaf_448_precompute ( void decaf_448_precompute (
decaf_448_precomputed_s *a, decaf_448_precomputed_s *a,
const decaf_448_point_t b const decaf_448_point_t b
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Multiply a precomputed base point by a scalar: * @brief Multiply a precomputed base point by a scalar:
@@ -461,7 +461,7 @@ void decaf_448_precomputed_scalarmul (
decaf_448_point_t scaled, decaf_448_point_t scaled,
const decaf_448_precomputed_s *base, const decaf_448_precomputed_s *base,
const decaf_448_scalar_t scalar const decaf_448_scalar_t scalar
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Multiply two base points by two scalars: * @brief Multiply two base points by two scalars:
@@ -482,7 +482,7 @@ void decaf_448_point_double_scalarmul (
const decaf_448_scalar_t scalar1, const decaf_448_scalar_t scalar1,
const decaf_448_point_t base2, const decaf_448_point_t base2,
const decaf_448_scalar_t scalar2 const decaf_448_scalar_t scalar2
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;
/** /**
* Multiply one base point by two scalars: * Multiply one base point by two scalars:
@@ -505,7 +505,7 @@ void decaf_448_point_dual_scalarmul (
const decaf_448_point_t base1, const decaf_448_point_t base1,
const decaf_448_scalar_t scalar1, const decaf_448_scalar_t scalar1,
const decaf_448_scalar_t scalar2 const decaf_448_scalar_t scalar2
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Multiply two base points by two scalars: * @brief Multiply two base points by two scalars:
@@ -527,7 +527,7 @@ void decaf_448_base_double_scalarmul_non_secret (
const decaf_448_scalar_t scalar1, const decaf_448_scalar_t scalar1,
const decaf_448_point_t base2, const decaf_448_point_t base2,
const decaf_448_scalar_t scalar2 const decaf_448_scalar_t scalar2
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Constant-time decision between two points. If pick_b * @brief Constant-time decision between two points. If pick_b
@@ -543,7 +543,7 @@ void decaf_448_point_cond_sel (
const decaf_448_point_t a, const decaf_448_point_t a,
const decaf_448_point_t b, const decaf_448_point_t b,
decaf_word_t pick_b decaf_word_t pick_b
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Constant-time decision between two scalars. If pick_b * @brief Constant-time decision between two scalars. If pick_b
@@ -559,7 +559,7 @@ void decaf_448_scalar_cond_sel (
const decaf_448_scalar_t a, const decaf_448_scalar_t a,
const decaf_448_scalar_t b, const decaf_448_scalar_t b,
decaf_word_t pick_b decaf_word_t pick_b
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Test that a point is valid, for debugging purposes. * @brief Test that a point is valid, for debugging purposes.
@@ -570,7 +570,7 @@ void decaf_448_scalar_cond_sel (
*/ */
decaf_bool_t decaf_448_point_valid ( decaf_bool_t decaf_448_point_valid (
const decaf_448_point_t to_test const decaf_448_point_t to_test
) API_VIS WARN_UNUSED NONNULL NOINLINE;
) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Torque a point, for debugging purposes. The output * @brief Torque a point, for debugging purposes. The output
@@ -582,7 +582,7 @@ decaf_bool_t decaf_448_point_valid (
void decaf_448_point_debugging_torque ( void decaf_448_point_debugging_torque (
decaf_448_point_t q, decaf_448_point_t q,
const decaf_448_point_t p const decaf_448_point_t p
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Projectively scale a point, for debugging purposes. * @brief Projectively scale a point, for debugging purposes.
@@ -597,7 +597,7 @@ void decaf_448_point_debugging_pscale (
decaf_448_point_t q, decaf_448_point_t q,
const decaf_448_point_t p, const decaf_448_point_t p,
const unsigned char factor[DECAF_448_SER_BYTES] const unsigned char factor[DECAF_448_SER_BYTES]
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Almost-Elligator-like hash to curve. * @brief Almost-Elligator-like hash to curve.
@@ -631,7 +631,7 @@ void
decaf_448_point_from_hash_nonuniform ( decaf_448_point_from_hash_nonuniform (
decaf_448_point_t pt, decaf_448_point_t pt,
const unsigned char hashed_data[DECAF_448_HASH_BYTES] const unsigned char hashed_data[DECAF_448_HASH_BYTES]
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Indifferentiable hash function encoding to curve. * @brief Indifferentiable hash function encoding to curve.
@@ -644,7 +644,7 @@ decaf_448_point_from_hash_nonuniform (
void decaf_448_point_from_hash_uniform ( void decaf_448_point_from_hash_uniform (
decaf_448_point_t pt, decaf_448_point_t pt,
const unsigned char hashed_data[2*DECAF_448_HASH_BYTES] const unsigned char hashed_data[2*DECAF_448_HASH_BYTES]
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Inverse of elligator-like hash to curve. * @brief Inverse of elligator-like hash to curve.
@@ -669,7 +669,7 @@ decaf_448_invert_elligator_nonuniform (
unsigned char recovered_hash[DECAF_448_HASH_BYTES], unsigned char recovered_hash[DECAF_448_HASH_BYTES],
const decaf_448_point_t pt, const decaf_448_point_t pt,
uint32_t which uint32_t which
) API_VIS NONNULL NOINLINE WARN_UNUSED;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE DECAF_WARN_UNUSED;


/** /**
* @brief Inverse of elligator-like hash to curve. * @brief Inverse of elligator-like hash to curve.
@@ -694,28 +694,28 @@ decaf_448_invert_elligator_uniform (
unsigned char recovered_hash[2*DECAF_448_HASH_BYTES], unsigned char recovered_hash[2*DECAF_448_HASH_BYTES],
const decaf_448_point_t pt, const decaf_448_point_t pt,
uint32_t which uint32_t which
) API_VIS NONNULL NOINLINE WARN_UNUSED;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE DECAF_WARN_UNUSED;


/** /**
* @brief Overwrite scalar with zeros. * @brief Overwrite scalar with zeros.
*/ */
void decaf_448_scalar_destroy ( void decaf_448_scalar_destroy (
decaf_448_scalar_t scalar decaf_448_scalar_t scalar
) NONNULL API_VIS;
) DECAF_NONNULL DECAF_API_VIS;


/** /**
* @brief Overwrite point with zeros. * @brief Overwrite point with zeros.
*/ */
void decaf_448_point_destroy ( void decaf_448_point_destroy (
decaf_448_point_t point decaf_448_point_t point
) NONNULL API_VIS;
) DECAF_NONNULL DECAF_API_VIS;


/** /**
* @brief Overwrite precomputed table with zeros. * @brief Overwrite precomputed table with zeros.
*/ */
void decaf_448_precomputed_destroy ( void decaf_448_precomputed_destroy (
decaf_448_precomputed_s *pre decaf_448_precomputed_s *pre
) NONNULL API_VIS;
) DECAF_NONNULL DECAF_API_VIS;


#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */


+ 89
- 89
src/GENERATED/include/decaf/point_448.hxx View File

@@ -42,9 +42,9 @@


/** @cond internal */ /** @cond internal */
#if __cplusplus >= 201103L #if __cplusplus >= 201103L
#define NOEXCEPT noexcept
#define DECAF_NOEXCEPT noexcept
#else #else
#define NOEXCEPT throw()
#define DECAF_NOEXCEPT throw()
#endif #endif
/** @endcond */ /** @endcond */


@@ -86,53 +86,53 @@ public:


/** @cond internal */ /** @cond internal */
/** Don't initialize. */ /** Don't initialize. */
inline Scalar(const NOINIT &) NOEXCEPT {}
inline Scalar(const NOINIT &) DECAF_NOEXCEPT {}
/** @endcond */ /** @endcond */


/** Set to an unsigned word */ /** Set to an unsigned word */
inline Scalar(uint64_t w) NOEXCEPT { *this = w; }
inline Scalar(uint64_t w) DECAF_NOEXCEPT { *this = w; }


/** Set to a signed word */ /** Set to a signed word */
inline Scalar(int64_t w) NOEXCEPT { *this = w; }
inline Scalar(int64_t w) DECAF_NOEXCEPT { *this = w; }


/** Set to an unsigned word */ /** Set to an unsigned word */
inline Scalar(unsigned int w) NOEXCEPT { *this = w; }
inline Scalar(unsigned int w) DECAF_NOEXCEPT { *this = w; }


/** Set to a signed word */ /** Set to a signed word */
inline Scalar(int w) NOEXCEPT { *this = w; }
inline Scalar(int w) DECAF_NOEXCEPT { *this = w; }


/** Construct from RNG */ /** Construct from RNG */
inline explicit Scalar(Rng &rng) NOEXCEPT {
inline explicit Scalar(Rng &rng) DECAF_NOEXCEPT {
FixedArrayBuffer<SER_BYTES + 16> sb(rng); FixedArrayBuffer<SER_BYTES + 16> sb(rng);
*this = sb; *this = sb;
} }


/** Construct from decaf_scalar_t object. */ /** Construct from decaf_scalar_t object. */
inline Scalar(const Wrapped &t = decaf_448_scalar_zero) NOEXCEPT { decaf_448_scalar_copy(s,t); }
inline Scalar(const Wrapped &t = decaf_448_scalar_zero) DECAF_NOEXCEPT { decaf_448_scalar_copy(s,t); }


/** Copy constructor. */ /** Copy constructor. */
inline Scalar(const Scalar &x) NOEXCEPT { *this = x; }
inline Scalar(const Scalar &x) DECAF_NOEXCEPT { *this = x; }


/** Construct from arbitrary-length little-endian byte sequence. */ /** Construct from arbitrary-length little-endian byte sequence. */
inline Scalar(const Block &buffer) NOEXCEPT { *this = buffer; }
inline Scalar(const Block &buffer) DECAF_NOEXCEPT { *this = buffer; }


/** Serializable instance */ /** Serializable instance */
inline size_t ser_size() const NOEXCEPT { return SER_BYTES; }
inline size_t ser_size() const DECAF_NOEXCEPT { return SER_BYTES; }


/** Serializable instance */ /** Serializable instance */
inline void serialize_into(unsigned char *buffer) const NOEXCEPT {
inline void serialize_into(unsigned char *buffer) const DECAF_NOEXCEPT {
decaf_448_scalar_encode(buffer, s); decaf_448_scalar_encode(buffer, s);
} }


/** Assignment. */ /** Assignment. */
inline Scalar& operator=(const Scalar &x) NOEXCEPT { decaf_448_scalar_copy(s,x.s); return *this; }
inline Scalar& operator=(const Scalar &x) DECAF_NOEXCEPT { decaf_448_scalar_copy(s,x.s); return *this; }


/** Assign from unsigned 64-bit integer. */ /** Assign from unsigned 64-bit integer. */
inline Scalar& operator=(uint64_t w) NOEXCEPT { decaf_448_scalar_set_unsigned(s,w); return *this; }
inline Scalar& operator=(uint64_t w) DECAF_NOEXCEPT { decaf_448_scalar_set_unsigned(s,w); return *this; }




/** Assign from signed int. */ /** Assign from signed int. */
inline Scalar& operator=(int64_t w) NOEXCEPT {
inline Scalar& operator=(int64_t w) DECAF_NOEXCEPT {
Scalar t(-(uint64_t)INT_MIN); Scalar t(-(uint64_t)INT_MIN);
decaf_448_scalar_set_unsigned(s,(uint64_t)w - (uint64_t)INT_MIN); decaf_448_scalar_set_unsigned(s,(uint64_t)w - (uint64_t)INT_MIN);
*this -= t; *this -= t;
@@ -140,16 +140,16 @@ public:
} }


/** Assign from unsigned int. */ /** Assign from unsigned int. */
inline Scalar& operator=(unsigned int w) NOEXCEPT { return *this = (uint64_t)w; }
inline Scalar& operator=(unsigned int w) DECAF_NOEXCEPT { return *this = (uint64_t)w; }


/** Assign from signed int. */ /** Assign from signed int. */
inline Scalar& operator=(int w) NOEXCEPT { return *this = (int64_t)w; }
inline Scalar& operator=(int w) DECAF_NOEXCEPT { return *this = (int64_t)w; }


/** Destructor securely zeorizes the scalar. */ /** Destructor securely zeorizes the scalar. */
inline ~Scalar() NOEXCEPT { decaf_448_scalar_destroy(s); }
inline ~Scalar() DECAF_NOEXCEPT { decaf_448_scalar_destroy(s); }


/** Assign from arbitrary-length little-endian byte sequence in a Block. */ /** Assign from arbitrary-length little-endian byte sequence in a Block. */
inline Scalar &operator=(const Block &bl) NOEXCEPT {
inline Scalar &operator=(const Block &bl) DECAF_NOEXCEPT {
decaf_448_scalar_decode_long(s,bl.data(),bl.size()); return *this; decaf_448_scalar_decode_long(s,bl.data(),bl.size()); return *this;
} }


@@ -157,32 +157,32 @@ public:
* Decode from correct-length little-endian byte sequence. * Decode from correct-length little-endian byte sequence.
* @return DECAF_FAILURE if the scalar is greater than or equal to the group order q. * @return DECAF_FAILURE if the scalar is greater than or equal to the group order q.
*/ */
static inline decaf_error_t WARN_UNUSED decode (
static inline decaf_error_t DECAF_WARN_UNUSED decode (
Scalar &sc, const FixedBlock<SER_BYTES> buffer Scalar &sc, const FixedBlock<SER_BYTES> buffer
) NOEXCEPT {
) DECAF_NOEXCEPT {
return decaf_448_scalar_decode(sc.s,buffer.data()); return decaf_448_scalar_decode(sc.s,buffer.data());
} }


/** Add. */ /** Add. */
inline Scalar operator+ (const Scalar &q) const NOEXCEPT { Scalar r((NOINIT())); decaf_448_scalar_add(r.s,s,q.s); return r; }
inline Scalar operator+ (const Scalar &q) const DECAF_NOEXCEPT { Scalar r((NOINIT())); decaf_448_scalar_add(r.s,s,q.s); return r; }


/** Add to this. */ /** Add to this. */
inline Scalar &operator+=(const Scalar &q) NOEXCEPT { decaf_448_scalar_add(s,s,q.s); return *this; }
inline Scalar &operator+=(const Scalar &q) DECAF_NOEXCEPT { decaf_448_scalar_add(s,s,q.s); return *this; }


/** Subtract. */ /** Subtract. */
inline Scalar operator- (const Scalar &q) const NOEXCEPT { Scalar r((NOINIT())); decaf_448_scalar_sub(r.s,s,q.s); return r; }
inline Scalar operator- (const Scalar &q) const DECAF_NOEXCEPT { Scalar r((NOINIT())); decaf_448_scalar_sub(r.s,s,q.s); return r; }


/** Subtract from this. */ /** Subtract from this. */
inline Scalar &operator-=(const Scalar &q) NOEXCEPT { decaf_448_scalar_sub(s,s,q.s); return *this; }
inline Scalar &operator-=(const Scalar &q) DECAF_NOEXCEPT { decaf_448_scalar_sub(s,s,q.s); return *this; }


/** Multiply */ /** Multiply */
inline Scalar operator* (const Scalar &q) const NOEXCEPT { Scalar r((NOINIT())); decaf_448_scalar_mul(r.s,s,q.s); return r; }
inline Scalar operator* (const Scalar &q) const DECAF_NOEXCEPT { Scalar r((NOINIT())); decaf_448_scalar_mul(r.s,s,q.s); return r; }


/** Multiply into this. */ /** Multiply into this. */
inline Scalar &operator*=(const Scalar &q) NOEXCEPT { decaf_448_scalar_mul(s,s,q.s); return *this; }
inline Scalar &operator*=(const Scalar &q) DECAF_NOEXCEPT { decaf_448_scalar_mul(s,s,q.s); return *this; }


/** Negate */ /** Negate */
inline Scalar operator- () const NOEXCEPT { Scalar r((NOINIT())); decaf_448_scalar_sub(r.s,decaf_448_scalar_zero,s); return r; }
inline Scalar operator- () const DECAF_NOEXCEPT { Scalar r((NOINIT())); decaf_448_scalar_sub(r.s,decaf_448_scalar_zero,s); return r; }


/** Invert with Fermat's Little Theorem (slow!). If *this == 0, /** Invert with Fermat's Little Theorem (slow!). If *this == 0,
* throw CryptoException. */ * throw CryptoException. */
@@ -196,8 +196,8 @@ public:


/** Invert with Fermat's Little Theorem (slow!). If *this == 0, set r=0 /** Invert with Fermat's Little Theorem (slow!). If *this == 0, set r=0
* and return DECAF_FAILURE. */ * and return DECAF_FAILURE. */
inline decaf_error_t WARN_UNUSED
inverse_noexcept(Scalar &r) const NOEXCEPT {
inline decaf_error_t DECAF_WARN_UNUSED
inverse_noexcept(Scalar &r) const DECAF_NOEXCEPT {
return decaf_448_scalar_invert(r.s,s); return decaf_448_scalar_invert(r.s,s);
} }


@@ -211,16 +211,16 @@ public:
inline Scalar half() const { Scalar out; decaf_448_scalar_halve(out.s,s); return out; } inline Scalar half() const { Scalar out; decaf_448_scalar_halve(out.s,s); return out; }


/** Compare in constant time */ /** Compare in constant time */
inline bool operator!=(const Scalar &q) const NOEXCEPT { return !(*this == q); }
inline bool operator!=(const Scalar &q) const DECAF_NOEXCEPT { return !(*this == q); }


/** Compare in constant time */ /** Compare in constant time */
inline bool operator==(const Scalar &q) const NOEXCEPT { return !!decaf_448_scalar_eq(s,q.s); }
inline bool operator==(const Scalar &q) const DECAF_NOEXCEPT { return !!decaf_448_scalar_eq(s,q.s); }


/** Scalarmul with scalar on left. */ /** Scalarmul with scalar on left. */
inline Point operator* (const Point &q) const NOEXCEPT { return q * (*this); }
inline Point operator* (const Point &q) const DECAF_NOEXCEPT { return q * (*this); }


/** Scalarmul-precomputed with scalar on left. */ /** Scalarmul-precomputed with scalar on left. */
inline Point operator* (const Precomputed &q) const NOEXCEPT { return q * (*this); }
inline Point operator* (const Precomputed &q) const DECAF_NOEXCEPT { return q * (*this); }


/** Direct scalar multiplication. */ /** Direct scalar multiplication. */
inline SecureBuffer direct_scalarmul( inline SecureBuffer direct_scalarmul(
@@ -266,23 +266,23 @@ public:


/** @cond internal */ /** @cond internal */
/** Don't initialize. */ /** Don't initialize. */
inline Point(const NOINIT &) NOEXCEPT {}
inline Point(const NOINIT &) DECAF_NOEXCEPT {}
/** @endcond */ /** @endcond */


/** Constructor sets to identity by default. */ /** Constructor sets to identity by default. */
inline Point(const Wrapped &q = decaf_448_point_identity) NOEXCEPT { decaf_448_point_copy(p,q); }
inline Point(const Wrapped &q = decaf_448_point_identity) DECAF_NOEXCEPT { decaf_448_point_copy(p,q); }


/** Copy constructor. */ /** Copy constructor. */
inline Point(const Point &q) NOEXCEPT { *this = q; }
inline Point(const Point &q) DECAF_NOEXCEPT { *this = q; }


/** Assignment. */ /** Assignment. */
inline Point& operator=(const Point &q) NOEXCEPT { decaf_448_point_copy(p,q.p); return *this; }
inline Point& operator=(const Point &q) DECAF_NOEXCEPT { decaf_448_point_copy(p,q.p); return *this; }


/** Destructor securely zeorizes the point. */ /** Destructor securely zeorizes the point. */
inline ~Point() NOEXCEPT { decaf_448_point_destroy(p); }
inline ~Point() DECAF_NOEXCEPT { decaf_448_point_destroy(p); }


/** Construct from RNG */ /** Construct from RNG */
inline explicit Point(Rng &rng, bool uniform = true) NOEXCEPT {
inline explicit Point(Rng &rng, bool uniform = true) DECAF_NOEXCEPT {
if (uniform) { if (uniform) {
FixedArrayBuffer<2*HASH_BYTES> b(rng); FixedArrayBuffer<2*HASH_BYTES> b(rng);
set_to_hash(b); set_to_hash(b);
@@ -314,9 +314,9 @@ public:
* @return DECAF_FAILURE the string was the wrong length, or wasn't the encoding of a point, * @return DECAF_FAILURE the string was the wrong length, or wasn't the encoding of a point,
* or was the identity and allow_identity was DECAF_FALSE. Contents of the buffer are undefined. * or was the identity and allow_identity was DECAF_FALSE. Contents of the buffer are undefined.
*/ */
inline decaf_error_t WARN_UNUSED decode (
inline decaf_error_t DECAF_WARN_UNUSED decode (
const FixedBlock<SER_BYTES> &buffer, decaf_bool_t allow_identity=DECAF_TRUE const FixedBlock<SER_BYTES> &buffer, decaf_bool_t allow_identity=DECAF_TRUE
) NOEXCEPT {
) DECAF_NOEXCEPT {
return decaf_448_point_decode(p,buffer.data(),allow_identity); return decaf_448_point_decode(p,buffer.data(),allow_identity);
} }


@@ -328,9 +328,9 @@ public:
* @return DECAF_FAILURE the string was the wrong length, or wasn't the encoding of a point. * @return DECAF_FAILURE the string was the wrong length, or wasn't the encoding of a point.
* Contents of the point are undefined. * Contents of the point are undefined.
*/ */
inline decaf_error_t WARN_UNUSED decode_like_eddsa_and_ignore_cofactor_noexcept (
inline decaf_error_t DECAF_WARN_UNUSED decode_like_eddsa_and_ignore_cofactor_noexcept (
const FixedBlock<DECAF_EDDSA_448_PUBLIC_BYTES> &buffer const FixedBlock<DECAF_EDDSA_448_PUBLIC_BYTES> &buffer
) NOEXCEPT {
) DECAF_NOEXCEPT {
return decaf_448_point_decode_like_eddsa_and_ignore_cofactor(p,buffer.data()); return decaf_448_point_decode_like_eddsa_and_ignore_cofactor(p,buffer.data());
} }


@@ -353,7 +353,7 @@ public:
* If the buffer is shorter than 2*HASH_BYTES, well, it won't be as uniform, * If the buffer is shorter than 2*HASH_BYTES, well, it won't be as uniform,
* but the buffer will be zero-padded on the right. * but the buffer will be zero-padded on the right.
*/ */
static inline Point from_hash ( const Block &s ) NOEXCEPT {
static inline Point from_hash ( const Block &s ) DECAF_NOEXCEPT {
Point p((NOINIT())); p.set_to_hash(s); return p; Point p((NOINIT())); p.set_to_hash(s); return p;
} }


@@ -363,7 +363,7 @@ public:
* If the buffer is shorter than 2*HASH_BYTES, well, it won't be as uniform, * If the buffer is shorter than 2*HASH_BYTES, well, it won't be as uniform,
* but the buffer will be zero-padded on the right. * but the buffer will be zero-padded on the right.
*/ */
inline void set_to_hash( const Block &s ) NOEXCEPT {
inline void set_to_hash( const Block &s ) DECAF_NOEXCEPT {
if (s.size() < HASH_BYTES) { if (s.size() < HASH_BYTES) {
SecureBuffer b(HASH_BYTES); SecureBuffer b(HASH_BYTES);
memcpy(b.data(), s.data(), s.size()); memcpy(b.data(), s.data(), s.size());
@@ -389,45 +389,45 @@ public:
} }


/** Serializable instance */ /** Serializable instance */
inline size_t ser_size() const NOEXCEPT { return SER_BYTES; }
inline size_t ser_size() const DECAF_NOEXCEPT { return SER_BYTES; }


/** Serializable instance */ /** Serializable instance */
inline void serialize_into(unsigned char *buffer) const NOEXCEPT {
inline void serialize_into(unsigned char *buffer) const DECAF_NOEXCEPT {
decaf_448_point_encode(buffer, p); decaf_448_point_encode(buffer, p);
} }


/** Point add. */ /** Point add. */
inline Point operator+ (const Point &q) const NOEXCEPT { Point r((NOINIT())); decaf_448_point_add(r.p,p,q.p); return r; }
inline Point operator+ (const Point &q) const DECAF_NOEXCEPT { Point r((NOINIT())); decaf_448_point_add(r.p,p,q.p); return r; }


/** Point add. */ /** Point add. */
inline Point &operator+=(const Point &q) NOEXCEPT { decaf_448_point_add(p,p,q.p); return *this; }
inline Point &operator+=(const Point &q) DECAF_NOEXCEPT { decaf_448_point_add(p,p,q.p); return *this; }


/** Point subtract. */ /** Point subtract. */
inline Point operator- (const Point &q) const NOEXCEPT { Point r((NOINIT())); decaf_448_point_sub(r.p,p,q.p); return r; }
inline Point operator- (const Point &q) const DECAF_NOEXCEPT { Point r((NOINIT())); decaf_448_point_sub(r.p,p,q.p); return r; }


/** Point subtract. */ /** Point subtract. */
inline Point &operator-=(const Point &q) NOEXCEPT { decaf_448_point_sub(p,p,q.p); return *this; }
inline Point &operator-=(const Point &q) DECAF_NOEXCEPT { decaf_448_point_sub(p,p,q.p); return *this; }


/** Point negate. */ /** Point negate. */
inline Point operator- () const NOEXCEPT { Point r((NOINIT())); decaf_448_point_negate(r.p,p); return r; }
inline Point operator- () const DECAF_NOEXCEPT { Point r((NOINIT())); decaf_448_point_negate(r.p,p); return r; }


/** Double the point out of place. */ /** Double the point out of place. */
inline Point times_two () const NOEXCEPT { Point r((NOINIT())); decaf_448_point_double(r.p,p); return r; }
inline Point times_two () const DECAF_NOEXCEPT { Point r((NOINIT())); decaf_448_point_double(r.p,p); return r; }


/** Double the point in place. */ /** Double the point in place. */
inline Point &double_in_place() NOEXCEPT { decaf_448_point_double(p,p); return *this; }
inline Point &double_in_place() DECAF_NOEXCEPT { decaf_448_point_double(p,p); return *this; }


/** Constant-time compare. */ /** Constant-time compare. */
inline bool operator!=(const Point &q) const NOEXCEPT { return ! decaf_448_point_eq(p,q.p); }
inline bool operator!=(const Point &q) const DECAF_NOEXCEPT { return ! decaf_448_point_eq(p,q.p); }


/** Constant-time compare. */ /** Constant-time compare. */
inline bool operator==(const Point &q) const NOEXCEPT { return !!decaf_448_point_eq(p,q.p); }
inline bool operator==(const Point &q) const DECAF_NOEXCEPT { return !!decaf_448_point_eq(p,q.p); }


/** Scalar multiply. */ /** Scalar multiply. */
inline Point operator* (const Scalar &s) const NOEXCEPT { Point r((NOINIT())); decaf_448_point_scalarmul(r.p,p,s.s); return r; }
inline Point operator* (const Scalar &s) const DECAF_NOEXCEPT { Point r((NOINIT())); decaf_448_point_scalarmul(r.p,p,s.s); return r; }


/** Scalar multiply in place. */ /** Scalar multiply in place. */
inline Point &operator*=(const Scalar &s) NOEXCEPT { decaf_448_point_scalarmul(p,p,s.s); return *this; }
inline Point &operator*=(const Scalar &s) DECAF_NOEXCEPT { decaf_448_point_scalarmul(p,p,s.s); return *this; }


/** Multiply by s.inverse(). If s=0, maps to the identity. */ /** Multiply by s.inverse(). If s=0, maps to the identity. */
inline Point operator/ (const Scalar &s) const throw(CryptoException) { return (*this) * s.inverse(); } inline Point operator/ (const Scalar &s) const throw(CryptoException) { return (*this) * s.inverse(); }
@@ -436,19 +436,19 @@ public:
inline Point &operator/=(const Scalar &s) throw(CryptoException) { return (*this) *= s.inverse(); } inline Point &operator/=(const Scalar &s) throw(CryptoException) { return (*this) *= s.inverse(); }


/** Validate / sanity check */ /** Validate / sanity check */
inline bool validate() const NOEXCEPT { return decaf_448_point_valid(p); }
inline bool validate() const DECAF_NOEXCEPT { return decaf_448_point_valid(p); }


/** Double-scalar multiply, equivalent to q*qs + r*rs but faster. */ /** Double-scalar multiply, equivalent to q*qs + r*rs but faster. */
static inline Point double_scalarmul ( static inline Point double_scalarmul (
const Point &q, const Scalar &qs, const Point &r, const Scalar &rs const Point &q, const Scalar &qs, const Point &r, const Scalar &rs
) NOEXCEPT {
) DECAF_NOEXCEPT {
Point p((NOINIT())); decaf_448_point_double_scalarmul(p.p,q.p,qs.s,r.p,rs.s); return p; Point p((NOINIT())); decaf_448_point_double_scalarmul(p.p,q.p,qs.s,r.p,rs.s); return p;
} }


/** Dual-scalar multiply, equivalent to this*r1, this*r2 but faster. */ /** Dual-scalar multiply, equivalent to this*r1, this*r2 but faster. */
inline void dual_scalarmul ( inline void dual_scalarmul (
Point &q1, Point &q2, const Scalar &r1, const Scalar &r2 Point &q1, Point &q2, const Scalar &r1, const Scalar &r2
) const NOEXCEPT {
) const DECAF_NOEXCEPT {
decaf_448_point_dual_scalarmul(q1.p,q2.p,p,r1.s,r2.s); decaf_448_point_dual_scalarmul(q1.p,q2.p,p,r1.s,r2.s);
} }


@@ -458,7 +458,7 @@ public:
*/ */
static inline Point double_scalarmul ( static inline Point double_scalarmul (
const Scalar &qs, const Point &q, const Scalar &rs, const Point &r const Scalar &qs, const Point &q, const Scalar &rs, const Point &r
) NOEXCEPT {
) DECAF_NOEXCEPT {
return double_scalarmul(q,qs,r,rs); return double_scalarmul(q,qs,r,rs);
} }


@@ -467,26 +467,26 @@ public:
* @warning This function takes variable time, and may leak the scalars (or points, but currently * @warning This function takes variable time, and may leak the scalars (or points, but currently
* it doesn't). * it doesn't).
*/ */
inline Point non_secret_combo_with_base(const Scalar &s, const Scalar &s_base) NOEXCEPT {
inline Point non_secret_combo_with_base(const Scalar &s, const Scalar &s_base) DECAF_NOEXCEPT {
Point r((NOINIT())); decaf_448_base_double_scalarmul_non_secret(r.p,s_base.s,p,s.s); return r; Point r((NOINIT())); decaf_448_base_double_scalarmul_non_secret(r.p,s_base.s,p,s.s); return r;
} }


/** Return a point equal to *this, whose internal data is rotated by a torsion element. */ /** Return a point equal to *this, whose internal data is rotated by a torsion element. */
inline Point debugging_torque() const NOEXCEPT {
inline Point debugging_torque() const DECAF_NOEXCEPT {
Point q; Point q;
decaf_448_point_debugging_torque(q.p,p); decaf_448_point_debugging_torque(q.p,p);
return q; return q;
} }


/** Return a point equal to *this, whose internal data has a modified representation. */ /** Return a point equal to *this, whose internal data has a modified representation. */
inline Point debugging_pscale(const FixedBlock<SER_BYTES> factor) const NOEXCEPT {
inline Point debugging_pscale(const FixedBlock<SER_BYTES> factor) const DECAF_NOEXCEPT {
Point q; Point q;
decaf_448_point_debugging_pscale(q.p,p,factor.data()); decaf_448_point_debugging_pscale(q.p,p,factor.data());
return q; return q;
} }


/** Return a point equal to *this, whose internal data has a randomized representation. */ /** Return a point equal to *this, whose internal data has a randomized representation. */
inline Point debugging_pscale(Rng &r) const NOEXCEPT {
inline Point debugging_pscale(Rng &r) const DECAF_NOEXCEPT {
FixedArrayBuffer<SER_BYTES> sb(r); FixedArrayBuffer<SER_BYTES> sb(r);
return debugging_pscale(sb); return debugging_pscale(sb);
} }
@@ -497,7 +497,7 @@ public:
*/ */
inline decaf_error_t invert_elligator ( inline decaf_error_t invert_elligator (
Buffer buf, uint32_t hint Buffer buf, uint32_t hint
) const NOEXCEPT {
) const DECAF_NOEXCEPT {
unsigned char buf2[2*HASH_BYTES]; unsigned char buf2[2*HASH_BYTES];
memset(buf2,0,sizeof(buf2)); memset(buf2,0,sizeof(buf2));
memcpy(buf2,buf.data(),(buf.size() > 2*HASH_BYTES) ? 2*HASH_BYTES : buf.size()); memcpy(buf2,buf.data(),(buf.size() > 2*HASH_BYTES) ? 2*HASH_BYTES : buf.size());
@@ -532,10 +532,10 @@ public:
} }


/** Return the base point */ /** Return the base point */
static inline const Point base() NOEXCEPT { return Point(decaf_448_point_base); }
static inline const Point base() DECAF_NOEXCEPT { return Point(decaf_448_point_base); }


/** Return the identity point */ /** Return the identity point */
static inline const Point identity() NOEXCEPT { return Point(decaf_448_point_identity); }
static inline const Point identity() DECAF_NOEXCEPT { return Point(decaf_448_point_identity); }
}; };


/** /**
@@ -556,7 +556,7 @@ class Precomputed
public: public:


/** Destructor securely zeorizes the memory. */ /** Destructor securely zeorizes the memory. */
inline ~Precomputed() NOEXCEPT { clear(); }
inline ~Precomputed() DECAF_NOEXCEPT { clear(); }


/** /**
* Initialize from underlying type, declared as a reference to prevent * Initialize from underlying type, declared as a reference to prevent
@@ -571,23 +571,23 @@ public:
*/ */
inline Precomputed ( inline Precomputed (
const Precomputed_U &yours = *default_value() const Precomputed_U &yours = *default_value()
) NOEXCEPT : OwnedOrUnowned<Precomputed,Precomputed_U>(yours) {}
) DECAF_NOEXCEPT : OwnedOrUnowned<Precomputed,Precomputed_U>(yours) {}




#if __cplusplus >= 201103L #if __cplusplus >= 201103L
/** Move-assign operator */ /** Move-assign operator */
inline Precomputed &operator=(Precomputed &&it) NOEXCEPT {
inline Precomputed &operator=(Precomputed &&it) DECAF_NOEXCEPT {
OwnedOrUnowned<Precomputed,Precomputed_U>::operator= (it); OwnedOrUnowned<Precomputed,Precomputed_U>::operator= (it);
return *this; return *this;
} }


/** Move constructor */ /** Move constructor */
inline Precomputed(Precomputed &&it) NOEXCEPT : OwnedOrUnowned<Precomputed,Precomputed_U>() {
inline Precomputed(Precomputed &&it) DECAF_NOEXCEPT : OwnedOrUnowned<Precomputed,Precomputed_U>() {
*this = it; *this = it;
} }


/** Undelete copy operator */ /** Undelete copy operator */
inline Precomputed &operator=(const Precomputed &it) NOEXCEPT {
inline Precomputed &operator=(const Precomputed &it) DECAF_NOEXCEPT {
OwnedOrUnowned<Precomputed,Precomputed_U>::operator= (it); OwnedOrUnowned<Precomputed,Precomputed_U>::operator= (it);
return *this; return *this;
} }
@@ -615,20 +615,20 @@ public:
: OwnedOrUnowned<Precomputed,Precomputed_U>() { *this = it; } : OwnedOrUnowned<Precomputed,Precomputed_U>() { *this = it; }


/** Fixed base scalarmul. */ /** Fixed base scalarmul. */
inline Point operator* (const Scalar &s) const NOEXCEPT { Point r; decaf_448_precomputed_scalarmul(r.p,get(),s.s); return r; }
inline Point operator* (const Scalar &s) const DECAF_NOEXCEPT { Point r; decaf_448_precomputed_scalarmul(r.p,get(),s.s); return r; }


/** Multiply by s.inverse(). If s=0, maps to the identity. */ /** Multiply by s.inverse(). If s=0, maps to the identity. */
inline Point operator/ (const Scalar &s) const throw(CryptoException) { return (*this) * s.inverse(); } inline Point operator/ (const Scalar &s) const throw(CryptoException) { return (*this) * s.inverse(); }


/** Return the table for the base point. */ /** Return the table for the base point. */
static inline const Precomputed base() NOEXCEPT { return Precomputed(); }
static inline const Precomputed base() DECAF_NOEXCEPT { return Precomputed(); }


public: public:
/** @cond internal */ /** @cond internal */
friend class OwnedOrUnowned<Precomputed,Precomputed_U>; friend class OwnedOrUnowned<Precomputed,Precomputed_U>;
static inline size_t size() NOEXCEPT { return decaf_448_sizeof_precomputed_s; }
static inline size_t alignment() NOEXCEPT { return decaf_448_alignof_precomputed_s; }
static inline const Precomputed_U * default_value() NOEXCEPT { return decaf_448_precomputed_base; }
static inline size_t size() DECAF_NOEXCEPT { return decaf_448_sizeof_precomputed_s; }
static inline size_t alignment() DECAF_NOEXCEPT { return decaf_448_alignof_precomputed_s; }
static inline const Precomputed_U * default_value() DECAF_NOEXCEPT { return decaf_448_precomputed_base; }
/** @endcond */ /** @endcond */
}; };


@@ -641,7 +641,7 @@ public:
static const size_t PRIVATE_BYTES = DECAF_X448_PRIVATE_BYTES; static const size_t PRIVATE_BYTES = DECAF_X448_PRIVATE_BYTES;


/** Base point for a scalar multiplication. */ /** Base point for a scalar multiplication. */
static const FixedBlock<PUBLIC_BYTES> base_point() NOEXCEPT {
static const FixedBlock<PUBLIC_BYTES> base_point() DECAF_NOEXCEPT {
return FixedBlock<PUBLIC_BYTES>(decaf_x448_base_point); return FixedBlock<PUBLIC_BYTES>(decaf_x448_base_point);
} }


@@ -658,12 +658,12 @@ public:
} }


/** Calculate and write into out a shared secret with public key, noexcept version. */ /** Calculate and write into out a shared secret with public key, noexcept version. */
static inline decaf_error_t WARN_UNUSED
static inline decaf_error_t DECAF_WARN_UNUSED
shared_secret_noexcept ( shared_secret_noexcept (
FixedBuffer<PUBLIC_BYTES> &out, FixedBuffer<PUBLIC_BYTES> &out,
const FixedBlock<PUBLIC_BYTES> &pk, const FixedBlock<PUBLIC_BYTES> &pk,
const FixedBlock<PRIVATE_BYTES> &scalar const FixedBlock<PRIVATE_BYTES> &scalar
) NOEXCEPT {
) DECAF_NOEXCEPT {
return decaf_x448(out.data(), pk.data(), scalar.data()); return decaf_x448(out.data(), pk.data(), scalar.data());
} }


@@ -671,7 +671,7 @@ public:
* but possibly faster. * but possibly faster.
* @deprecated Renamed to derive_public_key. * @deprecated Renamed to derive_public_key.
*/ */
static inline SecureBuffer DEPRECATED("Renamed to derive_public_key")
static inline SecureBuffer DECAF_DEPRECATED("Renamed to derive_public_key")
generate_key( generate_key(
const FixedBlock<PRIVATE_BYTES> &scalar const FixedBlock<PRIVATE_BYTES> &scalar
) throw(std::bad_alloc) { ) throw(std::bad_alloc) {
@@ -698,7 +698,7 @@ public:
derive_public_key_noexcept ( derive_public_key_noexcept (
FixedBuffer<PUBLIC_BYTES> &out, FixedBuffer<PUBLIC_BYTES> &out,
const FixedBlock<PRIVATE_BYTES> &scalar const FixedBlock<PRIVATE_BYTES> &scalar
) NOEXCEPT {
) DECAF_NOEXCEPT {
decaf_x448_derive_public_key(out.data(), scalar.data()); decaf_x448_derive_public_key(out.data(), scalar.data());
} }


@@ -706,11 +706,11 @@ public:
* equivalent to shared_secret(base_point(),scalar) but possibly faster. * equivalent to shared_secret(base_point(),scalar) but possibly faster.
* @deprecated Renamed to derive_public_key_noexcept. * @deprecated Renamed to derive_public_key_noexcept.
*/ */
static inline void DEPRECATED("Renamed to derive_public_key_noexcept")
static inline void DECAF_DEPRECATED("Renamed to derive_public_key_noexcept")
generate_key_noexcept ( generate_key_noexcept (
FixedBuffer<PUBLIC_BYTES> &out, FixedBuffer<PUBLIC_BYTES> &out,
const FixedBlock<PRIVATE_BYTES> &scalar const FixedBlock<PRIVATE_BYTES> &scalar
) NOEXCEPT {
) DECAF_NOEXCEPT {
decaf_x448_derive_public_key(out.data(), scalar.data()); decaf_x448_derive_public_key(out.data(), scalar.data());
} }
}; };
@@ -733,7 +733,7 @@ inline SecureBuffer Ed448Goldilocks::Scalar::direct_scalarmul (
} }
/** @endcond */ /** @endcond */


#undef NOEXCEPT
#undef DECAF_NOEXCEPT
} /* namespace decaf */ } /* namespace decaf */


#endif /* __DECAF_POINT_448_HXX__ */ #endif /* __DECAF_POINT_448_HXX__ */

+ 57
- 57
src/GENERATED/include/decaf/secure_buffer.hxx View File

@@ -21,11 +21,11 @@


/** @cond internal */ /** @cond internal */
#if __cplusplus >= 201103L #if __cplusplus >= 201103L
#define NOEXCEPT noexcept
#define DELETE = delete
#define DECAF_NOEXCEPT noexcept
#define DECAF_DELETE = delete
#else #else
#define NOEXCEPT throw()
#define DELETE
#define DECAF_NOEXCEPT throw()
#define DECAF_DELETE
#endif #endif
/** @endcond */ /** @endcond */


@@ -50,24 +50,24 @@ public:
typedef std::ptrdiff_t difference_type; typedef std::ptrdiff_t difference_type;
template<typename U> struct rebind { typedef SanitizingAllocator<U> other; }; template<typename U> struct rebind { typedef SanitizingAllocator<U> other; };
inline SanitizingAllocator() NOEXCEPT {}
inline ~SanitizingAllocator() NOEXCEPT {}
inline SanitizingAllocator(const SanitizingAllocator &) NOEXCEPT {}
template<typename U, size_t a> inline SanitizingAllocator(const SanitizingAllocator<U, a> &) NOEXCEPT {}
inline SanitizingAllocator() DECAF_NOEXCEPT {}
inline ~SanitizingAllocator() DECAF_NOEXCEPT {}
inline SanitizingAllocator(const SanitizingAllocator &) DECAF_NOEXCEPT {}
template<typename U, size_t a> inline SanitizingAllocator(const SanitizingAllocator<U, a> &) DECAF_NOEXCEPT {}
inline T* address(T& r) const NOEXCEPT { return &r; }
inline const T* address(const T& r) const NOEXCEPT { return &r; }
inline T* address(T& r) const DECAF_NOEXCEPT { return &r; }
inline const T* address(const T& r) const DECAF_NOEXCEPT { return &r; }
inline T* allocate ( inline T* allocate (
size_type cnt, size_type cnt,
typename std::allocator<void>::const_pointer = 0 typename std::allocator<void>::const_pointer = 0
) throw(std::bad_alloc); ) throw(std::bad_alloc);
inline void deallocate(T* p, size_t size) NOEXCEPT;
inline size_t max_size() const NOEXCEPT { return std::numeric_limits<size_t>::max() / sizeof(T); }
inline void deallocate(T* p, size_t size) DECAF_NOEXCEPT;
inline size_t max_size() const DECAF_NOEXCEPT { return std::numeric_limits<size_t>::max() / sizeof(T); }
inline void construct(T* p, const T& t) { new(p) T(t); } inline void construct(T* p, const T& t) { new(p) T(t); }
inline void destroy(T* p) { p->~T(); } inline void destroy(T* p) { p->~T(); }
inline bool operator==(SanitizingAllocator const&) const NOEXCEPT { return true; }
inline bool operator!=(SanitizingAllocator const&) const NOEXCEPT { return false; }
inline bool operator==(SanitizingAllocator const&) const DECAF_NOEXCEPT { return true; }
inline bool operator!=(SanitizingAllocator const&) const DECAF_NOEXCEPT { return false; }
/** @endcond */ /** @endcond */
}; };


@@ -85,10 +85,10 @@ inline bool memeq(const std::vector<T,U> &a, const std::vector<V,W> &b) {
template<class Base> class Serializable { template<class Base> class Serializable {
public: public:
/** @brief Return the number of bytes needed to serialize this object */ /** @brief Return the number of bytes needed to serialize this object */
inline size_t ser_size() const NOEXCEPT { return static_cast<const Base*>(this)->ser_size(); }
inline size_t ser_size() const DECAF_NOEXCEPT { return static_cast<const Base*>(this)->ser_size(); }
/** @brief Serialize this object into a buffer */ /** @brief Serialize this object into a buffer */
inline void serialize_into(unsigned char *buf) const NOEXCEPT {
inline void serialize_into(unsigned char *buf) const DECAF_NOEXCEPT {
static_cast<const Base*>(this)->serialize_into(buf); static_cast<const Base*>(this)->serialize_into(buf);
} }
@@ -115,14 +115,14 @@ class Buffer;
class CryptoException : public std::exception { class CryptoException : public std::exception {
public: public:
/** @return "CryptoException" */ /** @return "CryptoException" */
virtual const char * what() const NOEXCEPT { return "CryptoException"; }
virtual const char * what() const DECAF_NOEXCEPT { return "CryptoException"; }
}; };


/** @brief An exception for when crypto (ie point decode) has failed. */ /** @brief An exception for when crypto (ie point decode) has failed. */
class LengthException : public std::exception { class LengthException : public std::exception {
public: public:
/** @return "CryptoException" */ /** @return "CryptoException" */
virtual const char * what() const NOEXCEPT { return "LengthException"; }
virtual const char * what() const DECAF_NOEXCEPT { return "LengthException"; }
}; };


/** @brief Passed to constructors to avoid (conservative) initialization */ /** @brief Passed to constructors to avoid (conservative) initialization */
@@ -137,14 +137,14 @@ protected:
Rng() {} Rng() {}
/** Not copyable */ /** Not copyable */
Rng(const Rng &) DELETE;
Rng(const Rng &) DECAF_DELETE;
/** Not copyable */ /** Not copyable */
Rng &operator=(const Rng &) DELETE;
Rng &operator=(const Rng &) DECAF_DELETE;
public: public:
/** @brief Read into a Buffer */ /** @brief Read into a Buffer */
virtual void read(Buffer buffer) NOEXCEPT = 0;
virtual void read(Buffer buffer) DECAF_NOEXCEPT = 0;


/** @brief Read into a SecureBuffer. */ /** @brief Read into a SecureBuffer. */
inline SecureBuffer read(size_t length) throw(std::bad_alloc); inline SecureBuffer read(size_t length) throw(std::bad_alloc);
@@ -165,11 +165,11 @@ public:
inline Block() : data_(NULL), size_(0), zero_on_destroy_(false) {} inline Block() : data_(NULL), size_(0), zero_on_destroy_(false) {}
/** Init from C string */ /** Init from C string */
inline Block(const char *data) NOEXCEPT : data_((unsigned char *)data),
inline Block(const char *data) DECAF_NOEXCEPT : data_((unsigned char *)data),
size_(strlen(data)), zero_on_destroy_(false) {} size_(strlen(data)), zero_on_destroy_(false) {}


/** Unowned init */ /** Unowned init */
inline Block(const unsigned char *data, size_t size, bool zero_on_destroy=false) NOEXCEPT : data_((unsigned char *)data),
inline Block(const unsigned char *data, size_t size, bool zero_on_destroy=false) DECAF_NOEXCEPT : data_((unsigned char *)data),
size_(size), zero_on_destroy_(zero_on_destroy) {} size_(size), zero_on_destroy_(zero_on_destroy) {}
/** Block from std::string */ /** Block from std::string */
@@ -186,7 +186,7 @@ public:
: data_(((unsigned char *)&(s)[0])), size_(s.size()), zero_on_destroy_(false) {} : data_(((unsigned char *)&(s)[0])), size_(s.size()), zero_on_destroy_(false) {}


/** Get const data */ /** Get const data */
inline const unsigned char *data() const NOEXCEPT { return data_; }
inline const unsigned char *data() const DECAF_NOEXCEPT { return data_; }
/** Subscript */ /** Subscript */
inline const unsigned char &operator[](size_t off) const throw(std::out_of_range) { inline const unsigned char &operator[](size_t off) const throw(std::out_of_range) {
@@ -195,7 +195,7 @@ public:
} }


/** Get the size */ /** Get the size */
inline size_t size() const NOEXCEPT { return size_; }
inline size_t size() const DECAF_NOEXCEPT { return size_; }


/** Convert to C++ string */ /** Convert to C++ string */
inline std::string get_string() const { inline std::string get_string() const {
@@ -209,7 +209,7 @@ public:
} }
/** Content-wise comparison; constant-time if they are the same length. */ /** Content-wise comparison; constant-time if they are the same length. */
inline decaf_bool_t contents_equal(const Block &b) const NOEXCEPT {
inline decaf_bool_t contents_equal(const Block &b) const DECAF_NOEXCEPT {
if (b.size() != size()) return false; if (b.size() != size()) return false;
return decaf_memeq(b.data(),data(),size()); return decaf_memeq(b.data(),data(),size());
} }
@@ -220,7 +220,7 @@ public:
} }


/** Securely set the buffer to 0. */ /** Securely set the buffer to 0. */
inline void zeroize() NOEXCEPT { really_bzero(data_,size()); }
inline void zeroize() DECAF_NOEXCEPT { really_bzero(data_,size()); }
/** Debugging print in hex */ /** Debugging print in hex */
inline void debug_print_hex(const char *name = NULL) { inline void debug_print_hex(const char *name = NULL) {
@@ -231,11 +231,11 @@ public:
private: private:
/** @cond internal */ /** @cond internal */
inline decaf_bool_t operator>=(const Block &b) const NOEXCEPT DELETE;
inline decaf_bool_t operator<=(const Block &b) const NOEXCEPT DELETE;
inline decaf_bool_t operator> (const Block &b) const NOEXCEPT DELETE;
inline decaf_bool_t operator< (const Block &b) const NOEXCEPT DELETE;
inline void operator= (const Block &b) const NOEXCEPT DELETE;
inline decaf_bool_t operator>=(const Block &b) const DECAF_NOEXCEPT DECAF_DELETE;
inline decaf_bool_t operator<=(const Block &b) const DECAF_NOEXCEPT DECAF_DELETE;
inline decaf_bool_t operator> (const Block &b) const DECAF_NOEXCEPT DECAF_DELETE;
inline decaf_bool_t operator< (const Block &b) const DECAF_NOEXCEPT DECAF_DELETE;
inline void operator= (const Block &b) const DECAF_NOEXCEPT DECAF_DELETE;
/** @endcond */ /** @endcond */
}; };


@@ -253,26 +253,26 @@ public:
} }
/** Explicitly pass a C buffer. */ /** Explicitly pass a C buffer. */
inline explicit FixedBlock(const uint8_t data[Size]) NOEXCEPT : Block(data,Size) {}
inline explicit FixedBlock(const uint8_t data[Size]) DECAF_NOEXCEPT : Block(data,Size) {}
}; };


/** A reference to a writable block of data */ /** A reference to a writable block of data */
class Buffer : public Block { class Buffer : public Block {
public: public:
/** Null init */ /** Null init */
inline Buffer() NOEXCEPT : Block() {}
inline Buffer() DECAF_NOEXCEPT : Block() {}


/** Unowned init */ /** Unowned init */
inline Buffer(unsigned char *data, size_t size, bool zero_on_destroy=false) NOEXCEPT : Block(data,size,zero_on_destroy) {}
inline Buffer(unsigned char *data, size_t size, bool zero_on_destroy=false) DECAF_NOEXCEPT : Block(data,size,zero_on_destroy) {}
/** Block from std::vector */ /** Block from std::vector */
template<class alloc> inline Buffer(std::vector<unsigned char,alloc> &s) : Block(s) {} template<class alloc> inline Buffer(std::vector<unsigned char,alloc> &s) : Block(s) {}


/** Get const data */ /** Get const data */
inline const unsigned char *data() const NOEXCEPT { return data_; }
inline const unsigned char *data() const DECAF_NOEXCEPT { return data_; }


/** Cast to unsigned char */ /** Cast to unsigned char */
inline unsigned char* data() NOEXCEPT { return data_; }
inline unsigned char* data() DECAF_NOEXCEPT { return data_; }


/** Slice the buffer*/ /** Slice the buffer*/
inline Buffer slice(size_t off, size_t length) throw(LengthException); inline Buffer slice(size_t off, size_t length) throw(LengthException);
@@ -291,7 +291,7 @@ public:
private: private:
/** @cond internal */ /** @cond internal */
inline void operator= (const Block &b) const NOEXCEPT DELETE;
inline void operator= (const Block &b) const DECAF_NOEXCEPT DECAF_DELETE;
/** @endcond */ /** @endcond */
}; };


@@ -310,20 +310,20 @@ public:
} }
/** Explicitly pass a C buffer. */ /** Explicitly pass a C buffer. */
inline explicit FixedBuffer(uint8_t dat[Size],bool zero_on_destroy = false) NOEXCEPT : Buffer(dat,Size,zero_on_destroy) {}
inline explicit FixedBuffer(uint8_t dat[Size],bool zero_on_destroy = false) DECAF_NOEXCEPT : Buffer(dat,Size,zero_on_destroy) {}
/** Cast to a FixedBlock. */ /** Cast to a FixedBlock. */
inline operator FixedBlock<Size>() const NOEXCEPT {
inline operator FixedBlock<Size>() const DECAF_NOEXCEPT {
return FixedBlock<Size>(data()); return FixedBlock<Size>(data());
} }
private: private:
/** @cond internal */ /** @cond internal */
inline void operator= (const Block &b) const NOEXCEPT DELETE;
inline void operator= (const Block &b) const DECAF_NOEXCEPT DECAF_DELETE;
/** @endcond */ /** @endcond */
}; };


/** A fixed-size stack-allocated buffer (for NOEXCEPT semantics) */
/** A fixed-size stack-allocated buffer (for DECAF_NOEXCEPT semantics) */
template<size_t Size> class FixedArrayBuffer : public FixedBuffer<Size> { template<size_t Size> class FixedArrayBuffer : public FixedBuffer<Size> {
private: private:
uint8_t storage[Size]; uint8_t storage[Size];
@@ -331,26 +331,26 @@ public:
using Buffer::zeroize; using Buffer::zeroize;
/** New buffer initialized to zero. */ /** New buffer initialized to zero. */
inline explicit FixedArrayBuffer() NOEXCEPT : FixedBuffer<Size>(storage,true) { memset(storage,0,Size); }
inline explicit FixedArrayBuffer() DECAF_NOEXCEPT : FixedBuffer<Size>(storage,true) { memset(storage,0,Size); }


/** New uninitialized buffer. */ /** New uninitialized buffer. */
inline explicit FixedArrayBuffer(const NOINIT &) NOEXCEPT : FixedBuffer<Size>(storage,true) { }
inline explicit FixedArrayBuffer(const NOINIT &) DECAF_NOEXCEPT : FixedBuffer<Size>(storage,true) { }
/** New random buffer */ /** New random buffer */
inline explicit FixedArrayBuffer(Rng &r) NOEXCEPT : FixedBuffer<Size>(storage,true) { r.read(*this); }
inline explicit FixedArrayBuffer(Rng &r) DECAF_NOEXCEPT : FixedBuffer<Size>(storage,true) { r.read(*this); }
/** Copy constructor */ /** Copy constructor */
inline explicit FixedArrayBuffer(const FixedBlock<Size> &b) NOEXCEPT : FixedBuffer<Size>(storage,true) {
inline explicit FixedArrayBuffer(const FixedBlock<Size> &b) DECAF_NOEXCEPT : FixedBuffer<Size>(storage,true) {
memcpy(storage,b.data(),Size); memcpy(storage,b.data(),Size);
} }
/** Copy operator */ /** Copy operator */
inline FixedArrayBuffer& operator=(const FixedBlock<Size> &b) NOEXCEPT {
inline FixedArrayBuffer& operator=(const FixedBlock<Size> &b) DECAF_NOEXCEPT {
memcpy(storage,b.data(),Size); return *this; memcpy(storage,b.data(),Size); return *this;
} }
/** Copy operator */ /** Copy operator */
inline FixedArrayBuffer& operator=(const FixedArrayBuffer<Size> &b) NOEXCEPT {
inline FixedArrayBuffer& operator=(const FixedArrayBuffer<Size> &b) DECAF_NOEXCEPT {
memcpy(storage,b.data(),Size); return *this; memcpy(storage,b.data(),Size); return *this;
} }
@@ -366,12 +366,12 @@ public:
} }
/** Copy constructor */ /** Copy constructor */
inline explicit FixedArrayBuffer(const FixedArrayBuffer<Size> &b) NOEXCEPT : FixedBuffer<Size>(storage,true) {
inline explicit FixedArrayBuffer(const FixedArrayBuffer<Size> &b) DECAF_NOEXCEPT : FixedBuffer<Size>(storage,true) {
memcpy(storage,b.data(),Size); memcpy(storage,b.data(),Size);
} }
/** Destroy the buffer */ /** Destroy the buffer */
~FixedArrayBuffer() NOEXCEPT { zeroize(); }
~FixedArrayBuffer() DECAF_NOEXCEPT { zeroize(); }
}; };


/** @cond internal */ /** @cond internal */
@@ -398,7 +398,7 @@ protected:
} ours; } ours;
bool is_mine; bool is_mine;


inline void clear() NOEXCEPT {
inline void clear() DECAF_NOEXCEPT {
if (is_mine) { if (is_mine) {
really_bzero(ours.mine, T::size()); really_bzero(ours.mine, T::size());
free(ours.mine); free(ours.mine);
@@ -415,11 +415,11 @@ protected:
} }
is_mine = true; is_mine = true;
} }
inline const Wrapped *get() const NOEXCEPT { return is_mine ? ours.mine : ours.yours; }
inline const Wrapped *get() const DECAF_NOEXCEPT { return is_mine ? ours.mine : ours.yours; }


inline OwnedOrUnowned( inline OwnedOrUnowned(
const Wrapped &yours = *T::default_value() const Wrapped &yours = *T::default_value()
) NOEXCEPT {
) DECAF_NOEXCEPT {
ours.yours = &yours; ours.yours = &yours;
is_mine = false; is_mine = false;
} }
@@ -441,7 +441,7 @@ protected:
} }


#if __cplusplus >= 201103L #if __cplusplus >= 201103L
inline T &operator=(OwnedOrUnowned &&it) NOEXCEPT {
inline T &operator=(OwnedOrUnowned &&it) DECAF_NOEXCEPT {
if (this == &it) return *(T*)this; if (this == &it) return *(T*)this;
clear(); clear();
ours = it.ours; ours = it.ours;
@@ -475,7 +475,7 @@ T* SanitizingAllocator<T,alignment>::allocate (
} }


template<typename T, size_t alignment> template<typename T, size_t alignment>
void SanitizingAllocator<T,alignment>::deallocate(T* p, size_t size) NOEXCEPT {
void SanitizingAllocator<T,alignment>::deallocate(T* p, size_t size) DECAF_NOEXCEPT {
if (p==NULL) return; if (p==NULL) return;
really_bzero(reinterpret_cast<void*>(p), size); really_bzero(reinterpret_cast<void*>(p), size);
free(reinterpret_cast<void*>(p)); free(reinterpret_cast<void*>(p));
@@ -486,7 +486,7 @@ void SanitizingAllocator<T,alignment>::deallocate(T* p, size_t size) NOEXCEPT {
} /* namespace decaf */ } /* namespace decaf */




#undef NOEXCEPT
#undef DELETE
#undef DECAF_NOEXCEPT
#undef DECAF_DELETE


#endif /* __DECAF_SECURE_BUFFER_HXX__ */ #endif /* __DECAF_SECURE_BUFFER_HXX__ */

+ 6
- 6
src/GENERATED/include/decaf/sha512.h View File

@@ -5,8 +5,8 @@
* @brief SHA2-512 * @brief SHA2-512
*/ */


#ifndef __SHA512_H__
#define __SHA512_H__
#ifndef __DECAF_SHA512_H__
#define __DECAF_SHA512_H__


#include <stdint.h> #include <stdint.h>
#include <sys/types.h> #include <sys/types.h>
@@ -25,9 +25,9 @@ typedef struct decaf_sha512_ctx_s {
uint64_t bytes_processed; uint64_t bytes_processed;
} decaf_sha512_ctx_s, decaf_sha512_ctx_t[1]; } decaf_sha512_ctx_s, decaf_sha512_ctx_t[1];


void decaf_sha512_init(decaf_sha512_ctx_t ctx) NONNULL API_VIS;
void decaf_sha512_update(decaf_sha512_ctx_t ctx, const uint8_t *message, size_t length) NONNULL API_VIS;
void decaf_sha512_final(decaf_sha512_ctx_t ctx, uint8_t *out, size_t length) NONNULL API_VIS;
void decaf_sha512_init(decaf_sha512_ctx_t ctx) DECAF_NONNULL DECAF_API_VIS;
void decaf_sha512_update(decaf_sha512_ctx_t ctx, const uint8_t *message, size_t length) DECAF_NONNULL DECAF_API_VIS;
void decaf_sha512_final(decaf_sha512_ctx_t ctx, uint8_t *out, size_t length) DECAF_NONNULL DECAF_API_VIS;


static inline void decaf_sha512_destroy(decaf_sha512_ctx_t ctx) { static inline void decaf_sha512_destroy(decaf_sha512_ctx_t ctx) {
decaf_bzero(ctx,sizeof(*ctx)); decaf_bzero(ctx,sizeof(*ctx));
@@ -50,4 +50,4 @@ static inline void decaf_sha512_hash(
} /* extern "C" */ } /* extern "C" */
#endif #endif
#endif /* __SHA512_H__ */
#endif /* __DECAF_SHA512_H__ */

+ 10
- 10
src/GENERATED/include/decaf/sha512.hxx View File

@@ -17,9 +17,9 @@


/** @cond internal */ /** @cond internal */
#if __cplusplus >= 201103L #if __cplusplus >= 201103L
#define NOEXCEPT noexcept
#define DECAF_NOEXCEPT noexcept
#else #else
#define NOEXCEPT throw()
#define DECAF_NOEXCEPT throw()
#endif #endif
/** @endcond */ /** @endcond */


@@ -44,13 +44,13 @@ public:
static const size_t DEFAULT_OUTPUT_BYTES = OUTPUT_BYTES; static const size_t DEFAULT_OUTPUT_BYTES = OUTPUT_BYTES;
/** Constructor */ /** Constructor */
inline SHA512() NOEXCEPT { decaf_sha512_init(wrapped); }
inline SHA512() DECAF_NOEXCEPT { decaf_sha512_init(wrapped); }
/** Add more data to running hash */ /** Add more data to running hash */
inline void update(const uint8_t *__restrict__ in, size_t len) NOEXCEPT { decaf_sha512_update(wrapped,in,len); }
inline void update(const uint8_t *__restrict__ in, size_t len) DECAF_NOEXCEPT { decaf_sha512_update(wrapped,in,len); }


/** Add more data to running hash, C++ version. */ /** Add more data to running hash, C++ version. */
inline void update(const Block &s) NOEXCEPT { update(s.data(),s.size()); }
inline void update(const Block &s) DECAF_NOEXCEPT { update(s.data(),s.size()); }


/** Add more data, stream version. */ /** Add more data, stream version. */
inline SHA512 &operator<<(const Block &s) { update(s); return *this; } inline SHA512 &operator<<(const Block &s) { update(s); return *this; }
@@ -65,7 +65,7 @@ public:
} }
/** Resets the SHA context */ /** Resets the SHA context */
inline void reset() NOEXCEPT { decaf_sha512_init(wrapped); }
inline void reset() DECAF_NOEXCEPT { decaf_sha512_init(wrapped); }


/** @brief Output bytes from the sponge. */ /** @brief Output bytes from the sponge. */
inline SecureBuffer final(size_t len = OUTPUT_BYTES) throw(LengthException) { inline SecureBuffer final(size_t len = OUTPUT_BYTES) throw(LengthException) {
@@ -76,10 +76,10 @@ public:
} }


/** @brief Return the sponge's default output size. */ /** @brief Return the sponge's default output size. */
inline size_t default_output_size() const NOEXCEPT { return OUTPUT_BYTES; }
inline size_t default_output_size() const DECAF_NOEXCEPT { return OUTPUT_BYTES; }


/** @brief Return the sponge's maximum output size. */ /** @brief Return the sponge's maximum output size. */
inline size_t max_output_size() const NOEXCEPT { return MAX_OUTPUT_BYTES; }
inline size_t max_output_size() const DECAF_NOEXCEPT { return MAX_OUTPUT_BYTES; }


/** @brief Hash a message in one pass */ /** @brief Hash a message in one pass */
static inline SecureBuffer hash ( static inline SecureBuffer hash (
@@ -93,11 +93,11 @@ public:
} }


/** Destructor zeroizes state */ /** Destructor zeroizes state */
inline ~SHA512() NOEXCEPT { decaf_sha512_destroy(wrapped); }
inline ~SHA512() DECAF_NOEXCEPT { decaf_sha512_destroy(wrapped); }
}; };
} /* namespace decaf */ } /* namespace decaf */


#undef NOEXCEPT
#undef DECAF_NOEXCEPT


#endif /* __DECAF_SHA512_HXX__ */ #endif /* __DECAF_SHA512_HXX__ */

+ 33
- 33
src/GENERATED/include/decaf/shake.h View File

@@ -46,7 +46,7 @@ extern "C" {
void decaf_sponge_init ( void decaf_sponge_init (
decaf_keccak_sponge_t sponge, decaf_keccak_sponge_t sponge,
const struct decaf_kparams_s *params const struct decaf_kparams_s *params
) API_VIS;
) DECAF_API_VIS;


/** /**
* @brief Absorb data into a DECAF_SHA3 or DECAF_SHAKE hash context. * @brief Absorb data into a DECAF_SHA3 or DECAF_SHAKE hash context.
@@ -58,7 +58,7 @@ void decaf_sha3_update (
struct decaf_keccak_sponge_s * __restrict__ sponge, struct decaf_keccak_sponge_s * __restrict__ sponge,
const uint8_t *in, const uint8_t *in,
size_t len size_t len
) API_VIS;
) DECAF_API_VIS;


/** /**
* @brief Squeeze output data from a DECAF_SHA3 or DECAF_SHAKE hash context. * @brief Squeeze output data from a DECAF_SHA3 or DECAF_SHAKE hash context.
@@ -75,7 +75,7 @@ decaf_error_t decaf_sha3_output (
decaf_keccak_sponge_t sponge, decaf_keccak_sponge_t sponge,
uint8_t * __restrict__ out, uint8_t * __restrict__ out,
size_t len size_t len
) API_VIS;
) DECAF_API_VIS;


/** /**
* @brief Squeeze output data from a DECAF_SHA3 or DECAF_SHAKE hash context. * @brief Squeeze output data from a DECAF_SHA3 or DECAF_SHAKE hash context.
@@ -89,7 +89,7 @@ decaf_error_t decaf_sha3_final (
decaf_keccak_sponge_t sponge, decaf_keccak_sponge_t sponge,
uint8_t * __restrict__ out, uint8_t * __restrict__ out,
size_t len size_t len
) API_VIS;
) DECAF_API_VIS;


/** /**
* @brief Reset the sponge to the empty string. * @brief Reset the sponge to the empty string.
@@ -98,7 +98,7 @@ decaf_error_t decaf_sha3_final (
*/ */
void decaf_sha3_reset ( void decaf_sha3_reset (
decaf_keccak_sponge_t sponge decaf_keccak_sponge_t sponge
) API_VIS;
) DECAF_API_VIS;


/** /**
* @brief Return the default output length of the sponge construction, * @brief Return the default output length of the sponge construction,
@@ -108,7 +108,7 @@ void decaf_sha3_reset (
*/ */
size_t decaf_sponge_default_output_bytes ( size_t decaf_sponge_default_output_bytes (
const decaf_keccak_sponge_t sponge /**< [inout] The context. */ const decaf_keccak_sponge_t sponge /**< [inout] The context. */
) API_VIS;
) DECAF_API_VIS;


/** /**
* @brief Return the default output length of the sponge construction, * @brief Return the default output length of the sponge construction,
@@ -118,7 +118,7 @@ size_t decaf_sponge_default_output_bytes (
*/ */
size_t decaf_sponge_max_output_bytes ( size_t decaf_sponge_max_output_bytes (
const decaf_keccak_sponge_t sponge /**< [inout] The context. */ const decaf_keccak_sponge_t sponge /**< [inout] The context. */
) API_VIS;
) DECAF_API_VIS;


/** /**
* @brief Destroy a DECAF_SHA3 or DECAF_SHAKE sponge context by overwriting it with 0. * @brief Destroy a DECAF_SHA3 or DECAF_SHAKE sponge context by overwriting it with 0.
@@ -126,7 +126,7 @@ size_t decaf_sponge_max_output_bytes (
*/ */
void decaf_sponge_destroy ( void decaf_sponge_destroy (
decaf_keccak_sponge_t sponge decaf_keccak_sponge_t sponge
) API_VIS;
) DECAF_API_VIS;


/** /**
* @brief Hash (in) to (out) * @brief Hash (in) to (out)
@@ -142,66 +142,66 @@ void decaf_sponge_hash (
uint8_t *out, uint8_t *out,
size_t outlen, size_t outlen,
const struct decaf_kparams_s *params const struct decaf_kparams_s *params
) API_VIS;
) DECAF_API_VIS;


/* FUTURE: expand/doxygenate individual DECAF_SHAKE/DECAF_SHA3 instances? */ /* FUTURE: expand/doxygenate individual DECAF_SHAKE/DECAF_SHA3 instances? */


/** @cond internal */ /** @cond internal */
#define DEC_SHAKE(n) \
extern const struct decaf_kparams_s DECAF_SHAKE##n##_params_s API_VIS; \
#define DECAF_DEC_SHAKE(n) \
extern const struct decaf_kparams_s DECAF_SHAKE##n##_params_s DECAF_API_VIS; \
typedef struct decaf_shake##n##_ctx_s { decaf_keccak_sponge_t s; } decaf_shake##n##_ctx_t[1]; \ typedef struct decaf_shake##n##_ctx_s { decaf_keccak_sponge_t s; } decaf_shake##n##_ctx_t[1]; \
static inline void NONNULL decaf_shake##n##_init(decaf_shake##n##_ctx_t sponge) { \
static inline void DECAF_NONNULL decaf_shake##n##_init(decaf_shake##n##_ctx_t sponge) { \
decaf_sponge_init(sponge->s, &DECAF_SHAKE##n##_params_s); \ decaf_sponge_init(sponge->s, &DECAF_SHAKE##n##_params_s); \
} \ } \
static inline void NONNULL decaf_shake##n##_gen_init(decaf_keccak_sponge_t sponge) { \
static inline void DECAF_NONNULL decaf_shake##n##_gen_init(decaf_keccak_sponge_t sponge) { \
decaf_sponge_init(sponge, &DECAF_SHAKE##n##_params_s); \ decaf_sponge_init(sponge, &DECAF_SHAKE##n##_params_s); \
} \ } \
static inline void NONNULL decaf_shake##n##_update(decaf_shake##n##_ctx_t sponge, const uint8_t *in, size_t inlen ) { \
static inline void DECAF_NONNULL decaf_shake##n##_update(decaf_shake##n##_ctx_t sponge, const uint8_t *in, size_t inlen ) { \
decaf_sha3_update(sponge->s, in, inlen); \ decaf_sha3_update(sponge->s, in, inlen); \
} \ } \
static inline void NONNULL decaf_shake##n##_final(decaf_shake##n##_ctx_t sponge, uint8_t *out, size_t outlen ) { \
static inline void DECAF_NONNULL decaf_shake##n##_final(decaf_shake##n##_ctx_t sponge, uint8_t *out, size_t outlen ) { \
decaf_sha3_output(sponge->s, out, outlen); \ decaf_sha3_output(sponge->s, out, outlen); \
decaf_sponge_init(sponge->s, &DECAF_SHAKE##n##_params_s); \ decaf_sponge_init(sponge->s, &DECAF_SHAKE##n##_params_s); \
} \ } \
static inline void NONNULL decaf_shake##n##_hash(uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen) { \
static inline void DECAF_NONNULL decaf_shake##n##_hash(uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen) { \
decaf_sponge_hash(in,inlen,out,outlen,&DECAF_SHAKE##n##_params_s); \ decaf_sponge_hash(in,inlen,out,outlen,&DECAF_SHAKE##n##_params_s); \
} \ } \
static inline void NONNULL decaf_shake##n##_destroy( decaf_shake##n##_ctx_t sponge ) { \
static inline void DECAF_NONNULL decaf_shake##n##_destroy( decaf_shake##n##_ctx_t sponge ) { \
decaf_sponge_destroy(sponge->s); \ decaf_sponge_destroy(sponge->s); \
} }


#define DEC_SHA3(n) \
extern const struct decaf_kparams_s DECAF_SHA3_##n##_params_s API_VIS; \
#define DECAF_DEC_SHA3(n) \
extern const struct decaf_kparams_s DECAF_SHA3_##n##_params_s DECAF_API_VIS; \
typedef struct decaf_sha3_##n##_ctx_s { decaf_keccak_sponge_t s; } decaf_sha3_##n##_ctx_t[1]; \ typedef struct decaf_sha3_##n##_ctx_s { decaf_keccak_sponge_t s; } decaf_sha3_##n##_ctx_t[1]; \
static inline void NONNULL decaf_sha3_##n##_init(decaf_sha3_##n##_ctx_t sponge) { \
static inline void DECAF_NONNULL decaf_sha3_##n##_init(decaf_sha3_##n##_ctx_t sponge) { \
decaf_sponge_init(sponge->s, &DECAF_SHA3_##n##_params_s); \ decaf_sponge_init(sponge->s, &DECAF_SHA3_##n##_params_s); \
} \ } \
static inline void NONNULL decaf_sha3_##n##_gen_init(decaf_keccak_sponge_t sponge) { \
static inline void DECAF_NONNULL decaf_sha3_##n##_gen_init(decaf_keccak_sponge_t sponge) { \
decaf_sponge_init(sponge, &DECAF_SHA3_##n##_params_s); \ decaf_sponge_init(sponge, &DECAF_SHA3_##n##_params_s); \
} \ } \
static inline void NONNULL decaf_sha3_##n##_update(decaf_sha3_##n##_ctx_t sponge, const uint8_t *in, size_t inlen ) { \
static inline void DECAF_NONNULL decaf_sha3_##n##_update(decaf_sha3_##n##_ctx_t sponge, const uint8_t *in, size_t inlen ) { \
decaf_sha3_update(sponge->s, in, inlen); \ decaf_sha3_update(sponge->s, in, inlen); \
} \ } \
static inline void NONNULL decaf_sha3_##n##_final(decaf_sha3_##n##_ctx_t sponge, uint8_t *out, size_t outlen ) { \
static inline void DECAF_NONNULL decaf_sha3_##n##_final(decaf_sha3_##n##_ctx_t sponge, uint8_t *out, size_t outlen ) { \
decaf_sha3_output(sponge->s, out, outlen); \ decaf_sha3_output(sponge->s, out, outlen); \
decaf_sponge_init(sponge->s, &DECAF_SHA3_##n##_params_s); \ decaf_sponge_init(sponge->s, &DECAF_SHA3_##n##_params_s); \
} \ } \
static inline void NONNULL decaf_sha3_##n##_hash(uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen) { \
static inline void DECAF_NONNULL decaf_sha3_##n##_hash(uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen) { \
decaf_sponge_hash(in,inlen,out,outlen,&DECAF_SHA3_##n##_params_s); \ decaf_sponge_hash(in,inlen,out,outlen,&DECAF_SHA3_##n##_params_s); \
} \ } \
static inline void NONNULL decaf_sha3_##n##_destroy(decaf_sha3_##n##_ctx_t sponge) { \
static inline void DECAF_NONNULL decaf_sha3_##n##_destroy(decaf_sha3_##n##_ctx_t sponge) { \
decaf_sponge_destroy(sponge->s); \ decaf_sponge_destroy(sponge->s); \
} }
/** @endcond */ /** @endcond */


DEC_SHAKE(128)
DEC_SHAKE(256)
DEC_SHA3(224)
DEC_SHA3(256)
DEC_SHA3(384)
DEC_SHA3(512)
#undef DEC_SHAKE
#undef DEC_SHA3
DECAF_DEC_SHAKE(128)
DECAF_DEC_SHAKE(256)
DECAF_DEC_SHA3(224)
DECAF_DEC_SHA3(256)
DECAF_DEC_SHA3(384)
DECAF_DEC_SHA3(512)
#undef DECAF_DEC_SHAKE
#undef DECAF_DEC_SHA3


#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */


+ 17
- 17
src/GENERATED/include/decaf/shake.hxx View File

@@ -17,11 +17,11 @@


/** @cond internal */ /** @cond internal */
#if __cplusplus >= 201103L #if __cplusplus >= 201103L
#define NOEXCEPT noexcept
#define DELETE = delete
#define DECAF_NOEXCEPT noexcept
#define DECAF_DELETE = delete
#else #else
#define NOEXCEPT throw()
#define DELETE
#define DECAF_NOEXCEPT throw()
#define DECAF_DELETE
#endif #endif
/** @endcond */ /** @endcond */


@@ -38,21 +38,21 @@ protected:
decaf_keccak_sponge_t wrapped; decaf_keccak_sponge_t wrapped;
/** Initialize from parameters */ /** Initialize from parameters */
inline KeccakHash(const decaf_kparams_s *params) NOEXCEPT { decaf_sponge_init(wrapped, params); }
inline KeccakHash(const decaf_kparams_s *params) DECAF_NOEXCEPT { decaf_sponge_init(wrapped, params); }
/** @endcond */ /** @endcond */
public: public:
/** Add more data to running hash */ /** Add more data to running hash */
inline void update(const uint8_t *__restrict__ in, size_t len) NOEXCEPT { decaf_sha3_update(wrapped,in,len); }
inline void update(const uint8_t *__restrict__ in, size_t len) DECAF_NOEXCEPT { decaf_sha3_update(wrapped,in,len); }


/** Add more data to running hash, C++ version. */ /** Add more data to running hash, C++ version. */
inline void update(const Block &s) NOEXCEPT { decaf_sha3_update(wrapped,s.data(),s.size()); }
inline void update(const Block &s) DECAF_NOEXCEPT { decaf_sha3_update(wrapped,s.data(),s.size()); }
/** Add more data, stream version. */ /** Add more data, stream version. */
inline KeccakHash &operator<<(const Block &s) NOEXCEPT { update(s); return *this; }
inline KeccakHash &operator<<(const Block &s) DECAF_NOEXCEPT { update(s); return *this; }
/** Same as <<. */ /** Same as <<. */
inline KeccakHash &operator+=(const Block &s) NOEXCEPT { return *this << s; }
inline KeccakHash &operator+=(const Block &s) DECAF_NOEXCEPT { return *this << s; }
/** @brief Output bytes from the sponge. */ /** @brief Output bytes from the sponge. */
inline SecureBuffer output(size_t len) throw(std::bad_alloc, LengthException) { inline SecureBuffer output(size_t len) throw(std::bad_alloc, LengthException) {
@@ -93,12 +93,12 @@ public:
} }
/** @brief Return the sponge's default output size. */ /** @brief Return the sponge's default output size. */
inline size_t default_output_size() const NOEXCEPT {
inline size_t default_output_size() const DECAF_NOEXCEPT {
return decaf_sponge_default_output_bytes(wrapped); return decaf_sponge_default_output_bytes(wrapped);
} }
/** @brief Return the sponge's maximum output size. */ /** @brief Return the sponge's maximum output size. */
inline size_t max_output_size() const NOEXCEPT {
inline size_t max_output_size() const DECAF_NOEXCEPT {
return decaf_sponge_max_output_bytes(wrapped); return decaf_sponge_max_output_bytes(wrapped);
} }
@@ -113,10 +113,10 @@ public:
} }


/** Reset the hash to the empty string */ /** Reset the hash to the empty string */
inline void reset() NOEXCEPT { decaf_sha3_reset(wrapped); }
inline void reset() DECAF_NOEXCEPT { decaf_sha3_reset(wrapped); }
/** Destructor zeroizes state */ /** Destructor zeroizes state */
inline ~KeccakHash() NOEXCEPT { decaf_sponge_destroy(wrapped); }
inline ~KeccakHash() DECAF_NOEXCEPT { decaf_sponge_destroy(wrapped); }
}; };


/** Fixed-output-length SHA3 */ /** Fixed-output-length SHA3 */
@@ -133,7 +133,7 @@ public:
static const size_t DEFAULT_OUTPUT_BYTES = bits/8; static const size_t DEFAULT_OUTPUT_BYTES = bits/8;
/** Initializer */ /** Initializer */
inline SHA3() NOEXCEPT : KeccakHash(get_params()) {}
inline SHA3() DECAF_NOEXCEPT : KeccakHash(get_params()) {}


/** Hash bytes with this SHA3 instance. /** Hash bytes with this SHA3 instance.
* @throw LengthException if nbytes > MAX_OUTPUT_BYTES * @throw LengthException if nbytes > MAX_OUTPUT_BYTES
@@ -165,7 +165,7 @@ public:
static const size_t DEFAULT_OUTPUT_BYTES = bits/4; static const size_t DEFAULT_OUTPUT_BYTES = bits/4;
/** Initializer */ /** Initializer */
inline SHAKE() NOEXCEPT : KeccakHash(get_params()) {}
inline SHAKE() DECAF_NOEXCEPT : KeccakHash(get_params()) {}
/** Hash bytes with this SHAKE instance */ /** Hash bytes with this SHAKE instance */
static inline SecureBuffer hash(const Block &b, size_t outlen) throw(std::bad_alloc) { static inline SecureBuffer hash(const Block &b, size_t outlen) throw(std::bad_alloc) {
@@ -184,7 +184,7 @@ template<> inline const struct decaf_kparams_s *SHA3<512>::get_params() { return
} /* namespace decaf */ } /* namespace decaf */


#undef NOEXCEPT
#undef DELETE
#undef DECAF_NOEXCEPT
#undef DECAF_DELETE


#endif /* __DECAF_SHAKE_HXX__ */ #endif /* __DECAF_SHAKE_HXX__ */

+ 6
- 6
src/GENERATED/include/decaf/spongerng.h View File

@@ -32,7 +32,7 @@ void decaf_spongerng_init_from_buffer (
const uint8_t *__restrict__ in, /**< [in] The initialization data. */ const uint8_t *__restrict__ in, /**< [in] The initialization data. */
size_t len, /**< [in] The length of the initialization data. */ size_t len, /**< [in] The length of the initialization data. */
int deterministic /**< [in] If zero, allow RNG to stir in nondeterministic data from RDRAND or RDTSC.*/ int deterministic /**< [in] If zero, allow RNG to stir in nondeterministic data from RDRAND or RDTSC.*/
) NONNULL API_VIS;
) DECAF_NONNULL DECAF_API_VIS;
/** /**
* @brief Initialize a sponge-based CSPRNG from a file. * @brief Initialize a sponge-based CSPRNG from a file.
@@ -45,7 +45,7 @@ decaf_error_t decaf_spongerng_init_from_file (
const char *file, /**< [in] A name of a file containing initial data. */ const char *file, /**< [in] A name of a file containing initial data. */
size_t len, /**< [in] The length of the initial data. Must be positive. */ size_t len, /**< [in] The length of the initial data. Must be positive. */
int deterministic /**< [in] If zero, allow RNG to stir in nondeterministic data from RDRAND or RDTSC. */ int deterministic /**< [in] If zero, allow RNG to stir in nondeterministic data from RDRAND or RDTSC. */
) NONNULL API_VIS WARN_UNUSED;
) DECAF_NONNULL DECAF_API_VIS DECAF_WARN_UNUSED;


/** /**
* @brief Initialize a nondeterministic sponge-based CSPRNG from /dev/urandom. * @brief Initialize a nondeterministic sponge-based CSPRNG from /dev/urandom.
@@ -55,24 +55,24 @@ decaf_error_t decaf_spongerng_init_from_file (
*/ */
decaf_error_t decaf_spongerng_init_from_dev_urandom ( decaf_error_t decaf_spongerng_init_from_dev_urandom (
decaf_keccak_prng_t prng /**< [out] sponge The sponge object. */ decaf_keccak_prng_t prng /**< [out] sponge The sponge object. */
) API_VIS WARN_UNUSED;
) DECAF_API_VIS DECAF_WARN_UNUSED;


/** Output bytes from a sponge-based CSPRNG. */ /** Output bytes from a sponge-based CSPRNG. */
void decaf_spongerng_next ( void decaf_spongerng_next (
decaf_keccak_prng_t prng, /**< [inout] The PRNG object. */ decaf_keccak_prng_t prng, /**< [inout] The PRNG object. */
uint8_t * __restrict__ out, /**< [out] Output buffer. */ uint8_t * __restrict__ out, /**< [out] Output buffer. */
size_t len /**< [in] Number of bytes to output. */ size_t len /**< [in] Number of bytes to output. */
) API_VIS;
) DECAF_API_VIS;


/** Stir entropy data into a sponge-based CSPRNG from a buffer. */ /** Stir entropy data into a sponge-based CSPRNG from a buffer. */
void decaf_spongerng_stir ( void decaf_spongerng_stir (
decaf_keccak_prng_t prng, /**< [out] The PRNG object. */ decaf_keccak_prng_t prng, /**< [out] The PRNG object. */
const uint8_t * __restrict__ in, /**< [in] The entropy data. */ const uint8_t * __restrict__ in, /**< [in] The entropy data. */
size_t len /**< [in] The length of the initial data. */ size_t len /**< [in] The length of the initial data. */
) NONNULL API_VIS;
) DECAF_NONNULL DECAF_API_VIS;
/** Securely destroy a sponge RNG object by overwriting it. */ /** Securely destroy a sponge RNG object by overwriting it. */
static INLINE UNUSED void
static DECAF_INLINE void
decaf_spongerng_destroy ( decaf_spongerng_destroy (
decaf_keccak_prng_t doomed /**< [in] The object to destroy. */ decaf_keccak_prng_t doomed /**< [in] The object to destroy. */
); );


+ 13
- 13
src/GENERATED/include/decaf/spongerng.hxx View File

@@ -24,11 +24,11 @@


/** @cond internal */ /** @cond internal */
#if __cplusplus >= 201103L #if __cplusplus >= 201103L
#define NOEXCEPT noexcept
#define DELETE = delete
#define DECAF_NOEXCEPT noexcept
#define DECAF_DELETE = delete
#else #else
#define NOEXCEPT throw()
#define DELETE
#define DECAF_NOEXCEPT throw()
#define DECAF_DELETE
#endif #endif
/** @endcond */ /** @endcond */


@@ -55,8 +55,8 @@ public:
/** @endcond */ /** @endcond */
public: public:
const int err_code; /**< errno that caused the reseed to fail. */ const int err_code; /**< errno that caused the reseed to fail. */
const char *what() const NOEXCEPT { return what_; } /**< Description of exception. */
RngException(int err_code, const char *what_) NOEXCEPT : what_(what_), err_code(err_code) {} /**< Construct */
const char *what() const DECAF_NOEXCEPT { return what_; } /**< Description of exception. */
RngException(int err_code, const char *what_) DECAF_NOEXCEPT : what_(what_), err_code(err_code) {} /**< Construct */
}; };
/** Initialize, deterministically by default, from block */ /** Initialize, deterministically by default, from block */
@@ -74,31 +74,31 @@ public:
} }
/** Stir in new data */ /** Stir in new data */
inline void stir( const Block &data ) NOEXCEPT {
inline void stir( const Block &data ) DECAF_NOEXCEPT {
decaf_spongerng_stir(sp,data.data(),data.size()); decaf_spongerng_stir(sp,data.data(),data.size());
} }
/** Securely destroy by overwriting state. */ /** Securely destroy by overwriting state. */
inline ~SpongeRng() NOEXCEPT { decaf_spongerng_destroy(sp); }
inline ~SpongeRng() DECAF_NOEXCEPT { decaf_spongerng_destroy(sp); }
using Rng::read; using Rng::read;
/** Read data to a buffer. */ /** Read data to a buffer. */
virtual inline void read(Buffer buffer) NOEXCEPT
virtual inline void read(Buffer buffer) DECAF_NOEXCEPT
#if __cplusplus >= 201103L #if __cplusplus >= 201103L
final final
#endif #endif
{ decaf_spongerng_next(sp,buffer.data(),buffer.size()); } { decaf_spongerng_next(sp,buffer.data(),buffer.size()); }
private: private:
SpongeRng(const SpongeRng &) DELETE;
SpongeRng &operator=(const SpongeRng &) DELETE;
SpongeRng(const SpongeRng &) DECAF_DELETE;
SpongeRng &operator=(const SpongeRng &) DECAF_DELETE;
}; };
/**@endcond*/ /**@endcond*/
} /* namespace decaf */ } /* namespace decaf */


#undef NOEXCEPT
#undef DELETE
#undef DECAF_NOEXCEPT
#undef DECAF_DELETE


#endif /* __DECAF_SPONGERNG_HXX__ */ #endif /* __DECAF_SPONGERNG_HXX__ */

+ 3
- 3
src/include/field.h View File

@@ -15,7 +15,7 @@
#include <string.h> #include <string.h>
/** Square x, n times. */ /** Square x, n times. */
static INLINE UNUSED void gf_sqrn (
static DECAF_INLINE void gf_sqrn (
gf_s *__restrict__ y, gf_s *__restrict__ y,
const gf x, const gf x,
int n int n
@@ -80,7 +80,7 @@ gf_cond_swap(gf x, gf_s *__restrict__ y, mask_t swap) {
constant_time_cond_swap(x,y,sizeof(gf_s),swap); constant_time_cond_swap(x,y,sizeof(gf_s),swap);
} }


static INLINE void gf_mul_qnr(gf_s *__restrict__ out, const gf x) {
static DECAF_INLINE void gf_mul_qnr(gf_s *__restrict__ out, const gf x) {
#if P_MOD_8 == 5 #if P_MOD_8 == 5
/* r = QNR * r0^2 */ /* r = QNR * r0^2 */
gf_mul(out,x,SQRT_MINUS_ONE); gf_mul(out,x,SQRT_MINUS_ONE);
@@ -91,7 +91,7 @@ static INLINE void gf_mul_qnr(gf_s *__restrict__ out, const gf x) {
#endif #endif
} }


static INLINE void gf_div_qnr(gf_s *__restrict__ out, const gf x) {
static DECAF_INLINE void gf_div_qnr(gf_s *__restrict__ out, const gf x) {
#if P_MOD_8 == 5 #if P_MOD_8 == 5
/* r = QNR * r0^2 */ /* r = QNR * r0^2 */
gf_mul(out,x,SQRT_MINUS_ONE); gf_mul(out,x,SQRT_MINUS_ONE);


+ 14
- 14
src/include/word.h View File

@@ -98,7 +98,7 @@ extern int posix_memalign(void **, size_t, size_t);
typedef uint64x4_t uint64xn_t; typedef uint64x4_t uint64xn_t;
typedef uint32x8_t uint32xn_t; typedef uint32x8_t uint32xn_t;


static INLINE big_register_t
static DECAF_INLINE big_register_t
br_set_to_mask(mask_t x) { br_set_to_mask(mask_t x) {
uint32_t y = (uint32_t)x; uint32_t y = (uint32_t)x;
big_register_t ret = {y,y,y,y,y,y,y,y}; big_register_t ret = {y,y,y,y,y,y,y,y};
@@ -110,7 +110,7 @@ extern int posix_memalign(void **, size_t, size_t);
typedef uint64x2_t uint64xn_t; typedef uint64x2_t uint64xn_t;
typedef uint32x4_t uint32xn_t; typedef uint32x4_t uint32xn_t;


static INLINE big_register_t
static DECAF_INLINE big_register_t
br_set_to_mask(mask_t x) { br_set_to_mask(mask_t x) {
uint32_t y = x; uint32_t y = x;
big_register_t ret = {y,y,y,y}; big_register_t ret = {y,y,y,y};
@@ -122,7 +122,7 @@ extern int posix_memalign(void **, size_t, size_t);
typedef uint64x2_t uint64xn_t; typedef uint64x2_t uint64xn_t;
typedef uint32x4_t uint32xn_t; typedef uint32x4_t uint32xn_t;
static INLINE big_register_t
static DECAF_INLINE big_register_t
br_set_to_mask(mask_t x) { br_set_to_mask(mask_t x) {
return vdupq_n_u32(x); return vdupq_n_u32(x);
} }
@@ -131,7 +131,7 @@ extern int posix_memalign(void **, size_t, size_t);
typedef uint64_t big_register_t, uint64xn_t; typedef uint64_t big_register_t, uint64xn_t;


typedef uint32_t uint32xn_t; typedef uint32_t uint32xn_t;
static INLINE big_register_t
static DECAF_INLINE big_register_t
br_set_to_mask(mask_t x) { br_set_to_mask(mask_t x) {
return (big_register_t)x; return (big_register_t)x;
} }
@@ -141,7 +141,7 @@ extern int posix_memalign(void **, size_t, size_t);
typedef uint32_t uint32xn_t; typedef uint32_t uint32xn_t;
typedef uint32_t big_register_t; typedef uint32_t big_register_t;


static INLINE big_register_t
static DECAF_INLINE big_register_t
br_set_to_mask(mask_t x) { br_set_to_mask(mask_t x) {
return (big_register_t)x; return (big_register_t)x;
} }
@@ -156,18 +156,18 @@ typedef struct {
} __attribute__((packed)) unaligned_uint32xn_t; } __attribute__((packed)) unaligned_uint32xn_t;


#if __AVX2__ #if __AVX2__
static INLINE big_register_t
static DECAF_INLINE big_register_t
br_is_zero(big_register_t x) { br_is_zero(big_register_t x) {
return (big_register_t)(x == br_set_to_mask(0)); return (big_register_t)(x == br_set_to_mask(0));
} }
#elif __SSE2__ #elif __SSE2__
static INLINE big_register_t
static DECAF_INLINE big_register_t
br_is_zero(big_register_t x) { br_is_zero(big_register_t x) {
return (big_register_t)_mm_cmpeq_epi32((__m128i)x, _mm_setzero_si128()); return (big_register_t)_mm_cmpeq_epi32((__m128i)x, _mm_setzero_si128());
//return (big_register_t)(x == br_set_to_mask(0)); //return (big_register_t)(x == br_set_to_mask(0));
} }
#elif __ARM_NEON__ #elif __ARM_NEON__
static INLINE big_register_t
static DECAF_INLINE big_register_t
br_is_zero(big_register_t x) { br_is_zero(big_register_t x) {
return vceqq_u32(x,x^x); return vceqq_u32(x,x^x);
} }
@@ -193,13 +193,13 @@ typedef struct {
#ifdef NEED_MEMSET_S_EXTERN #ifdef NEED_MEMSET_S_EXTERN
extern int memset_s(void *, size_t, int, size_t); extern int memset_s(void *, size_t, int, size_t);
#endif #endif
static INLINE void
static DECAF_INLINE void
really_memset(void *p, char c, size_t s) { really_memset(void *p, char c, size_t s) {
memset_s(p, s, c, s); memset_s(p, s, c, s);
} }
#else #else
/* PERF: use words? */ /* PERF: use words? */
static INLINE UNUSED void
static DECAF_INLINE void
really_memset(void *p, char c, size_t s) { really_memset(void *p, char c, size_t s) {
volatile char *pv = (volatile char *)p; volatile char *pv = (volatile char *)p;
size_t i; size_t i;
@@ -218,7 +218,7 @@ typedef struct {
* @return A suitable pointer, which can be free'd with free(), * @return A suitable pointer, which can be free'd with free(),
* or NULL if no memory can be allocated. * or NULL if no memory can be allocated.
*/ */
static INLINE UNUSED void *
static DECAF_INLINE void *
malloc_vector(size_t size) { malloc_vector(size_t size) {
void *out = NULL; void *out = NULL;
@@ -255,11 +255,11 @@ malloc_vector(size_t size) {
* On the third hand, we have success vs boolean types, but that's handled in * On the third hand, we have success vs boolean types, but that's handled in
* common.h: it converts between decaf_bool_t and decaf_error_t. * common.h: it converts between decaf_bool_t and decaf_error_t.
*/ */
static INLINE decaf_bool_t mask_to_bool (mask_t m) {
static DECAF_INLINE decaf_bool_t mask_to_bool (mask_t m) {
return (decaf_sword_t)(sword_t)m; return (decaf_sword_t)(sword_t)m;
} }


static INLINE mask_t bool_to_mask (decaf_bool_t m) {
static DECAF_INLINE mask_t bool_to_mask (decaf_bool_t m) {
/* On most arches this will be optimized to a simple cast. */ /* On most arches this will be optimized to a simple cast. */
mask_t ret = 0; mask_t ret = 0;
unsigned int limit = sizeof(decaf_bool_t)/sizeof(mask_t); unsigned int limit = sizeof(decaf_bool_t)/sizeof(mask_t);
@@ -270,7 +270,7 @@ static INLINE mask_t bool_to_mask (decaf_bool_t m) {
return ret; return ret;
} }


static INLINE void ignore_result ( decaf_bool_t boo ) {
static DECAF_INLINE void ignore_result ( decaf_bool_t boo ) {
(void)boo; (void)boo;
} }




+ 9
- 9
src/per_curve/decaf.tmpl.c View File

@@ -353,7 +353,7 @@ void API_NS(point_add) (
gf_mul ( p->t, b, c ); gf_mul ( p->t, b, c );
} }


static NOINLINE void
static DECAF_NOINLINE void
point_double_internal ( point_double_internal (
point_t p, point_t p,
const point_t q, const point_t q,
@@ -392,7 +392,7 @@ void API_NS(point_negate) (
} }


/* Operations on [p]niels */ /* Operations on [p]niels */
static INLINE void
static DECAF_INLINE void
cond_neg_niels ( cond_neg_niels (
niels_t n, niels_t n,
mask_t neg mask_t neg
@@ -401,7 +401,7 @@ cond_neg_niels (
gf_cond_neg(n->c, neg); gf_cond_neg(n->c, neg);
} }


static NOINLINE void pt_to_pniels (
static DECAF_NOINLINE void pt_to_pniels (
pniels_t b, pniels_t b,
const point_t a const point_t a
) { ) {
@@ -411,7 +411,7 @@ static NOINLINE void pt_to_pniels (
gf_add ( b->z, a->z, a->z ); gf_add ( b->z, a->z, a->z );
} }


static NOINLINE void pniels_to_pt (
static DECAF_NOINLINE void pniels_to_pt (
point_t e, point_t e,
const pniels_t d const pniels_t d
) { ) {
@@ -424,7 +424,7 @@ static NOINLINE void pniels_to_pt (
gf_sqr ( e->z, d->z ); gf_sqr ( e->z, d->z );
} }


static NOINLINE void
static DECAF_NOINLINE void
niels_to_pt ( niels_to_pt (
point_t e, point_t e,
const niels_t n const niels_t n
@@ -435,7 +435,7 @@ niels_to_pt (
gf_copy ( e->z, ONE ); gf_copy ( e->z, ONE );
} }


static NOINLINE void
static DECAF_NOINLINE void
add_niels_to_pt ( add_niels_to_pt (
point_t d, point_t d,
const niels_t e, const niels_t e,
@@ -457,7 +457,7 @@ add_niels_to_pt (
if (!before_double) gf_mul ( d->t, b, c ); if (!before_double) gf_mul ( d->t, b, c );
} }


static NOINLINE void
static DECAF_NOINLINE void
sub_niels_from_pt ( sub_niels_from_pt (
point_t d, point_t d,
const niels_t e, const niels_t e,
@@ -503,7 +503,7 @@ sub_pniels_from_pt (
sub_niels_from_pt( p, pn->n, before_double ); sub_niels_from_pt( p, pn->n, before_double );
} }


static NOINLINE void
static DECAF_NOINLINE void
prepare_fixed_window( prepare_fixed_window(
pniels_t *multiples, pniels_t *multiples,
const point_t b, const point_t b,
@@ -962,7 +962,7 @@ void API_NS(precompute) (
decaf_bzero(doubles,sizeof(doubles)); decaf_bzero(doubles,sizeof(doubles));
} }


static INLINE void
static DECAF_INLINE void
constant_time_lookup_niels ( constant_time_lookup_niels (
niels_s *__restrict__ ni, niels_s *__restrict__ ni,
const niels_t *table, const niels_t *table,


+ 14
- 11
src/per_curve/eddsa.tmpl.h View File

@@ -19,7 +19,7 @@ extern "C" {


/** Does EdDSA support non-contextual signatures? */ /** Does EdDSA support non-contextual signatures? */
#define DECAF_EDDSA_$(gf_shortname)_SUPPORTS_CONTEXTLESS_SIGS $(eddsa_no_context) #define DECAF_EDDSA_$(gf_shortname)_SUPPORTS_CONTEXTLESS_SIGS $(eddsa_no_context)
$("extern const uint8_t * const DECAF_ED" + gf_shortname + "_NO_CONTEXT API_VIS;\n" if eddsa_no_context else "")
$("extern const uint8_t * const DECAF_ED" + gf_shortname + "_NO_CONTEXT DECAF_API_VIS;\n" if eddsa_no_context else "")
/** Prehash context renaming macros. */ /** Prehash context renaming macros. */
#define decaf_ed$(gf_shortname)_prehash_ctx_s decaf_$(eddsa_hash)_ctx_s #define decaf_ed$(gf_shortname)_prehash_ctx_s decaf_$(eddsa_hash)_ctx_s
#define decaf_ed$(gf_shortname)_prehash_ctx_t decaf_$(eddsa_hash)_ctx_t #define decaf_ed$(gf_shortname)_prehash_ctx_t decaf_$(eddsa_hash)_ctx_t
@@ -36,7 +36,7 @@ $("extern const uint8_t * const DECAF_ED" + gf_shortname + "_NO_CONTEXT API_VIS;
void decaf_ed$(gf_shortname)_derive_public_key ( void decaf_ed$(gf_shortname)_derive_public_key (
uint8_t pubkey[DECAF_EDDSA_$(gf_shortname)_PUBLIC_BYTES], uint8_t pubkey[DECAF_EDDSA_$(gf_shortname)_PUBLIC_BYTES],
const uint8_t privkey[DECAF_EDDSA_$(gf_shortname)_PRIVATE_BYTES] const uint8_t privkey[DECAF_EDDSA_$(gf_shortname)_PRIVATE_BYTES]
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief EdDSA signing. * @brief EdDSA signing.
@@ -64,7 +64,7 @@ void decaf_ed$(gf_shortname)_sign (
uint8_t prehashed, uint8_t prehashed,
const uint8_t *context, const uint8_t *context,
uint8_t context_len uint8_t context_len
) API_VIS __attribute__((nonnull(1,2,3))) NOINLINE;
) DECAF_API_VIS __attribute__((nonnull(1,2,3))) DECAF_NOINLINE;


/** /**
* @brief EdDSA signing with prehash. * @brief EdDSA signing with prehash.
@@ -88,7 +88,7 @@ void decaf_ed$(gf_shortname)_sign_prehash (
const decaf_ed$(gf_shortname)_prehash_ctx_t hash, const decaf_ed$(gf_shortname)_prehash_ctx_t hash,
const uint8_t *context, const uint8_t *context,
uint8_t context_len uint8_t context_len
) API_VIS __attribute__((nonnull(1,2,3,4))) NOINLINE;
) DECAF_API_VIS __attribute__((nonnull(1,2,3,4))) DECAF_NOINLINE;
/** /**
* @brief Prehash initialization, with contexts if supported. * @brief Prehash initialization, with contexts if supported.
@@ -97,7 +97,7 @@ void decaf_ed$(gf_shortname)_sign_prehash (
*/ */
void decaf_ed$(gf_shortname)_prehash_init ( void decaf_ed$(gf_shortname)_prehash_init (
decaf_ed$(gf_shortname)_prehash_ctx_t hash decaf_ed$(gf_shortname)_prehash_ctx_t hash
) API_VIS __attribute__((nonnull(1))) NOINLINE;
) DECAF_API_VIS __attribute__((nonnull(1))) DECAF_NOINLINE;


/** /**
* @brief EdDSA signature verification. * @brief EdDSA signature verification.
@@ -125,7 +125,7 @@ decaf_error_t decaf_ed$(gf_shortname)_verify (
uint8_t prehashed, uint8_t prehashed,
const uint8_t *context, const uint8_t *context,
uint8_t context_len uint8_t context_len
) API_VIS __attribute__((nonnull(1,2))) NOINLINE;
) DECAF_API_VIS __attribute__((nonnull(1,2))) DECAF_NOINLINE;


/** /**
* @brief EdDSA signature verification. * @brief EdDSA signature verification.
@@ -149,7 +149,7 @@ decaf_error_t decaf_ed$(gf_shortname)_verify_prehash (
const decaf_ed$(gf_shortname)_prehash_ctx_t hash, const decaf_ed$(gf_shortname)_prehash_ctx_t hash,
const uint8_t *context, const uint8_t *context,
uint8_t context_len uint8_t context_len
) API_VIS __attribute__((nonnull(1,2))) NOINLINE;
) DECAF_API_VIS __attribute__((nonnull(1,2))) DECAF_NOINLINE;


/** /**
* @brief EdDSA point encoding. Used internally, exposed externally. * @brief EdDSA point encoding. Used internally, exposed externally.
@@ -161,7 +161,7 @@ decaf_error_t decaf_ed$(gf_shortname)_verify_prehash (
void $(c_ns)_point_mul_by_cofactor_and_encode_like_eddsa ( void $(c_ns)_point_mul_by_cofactor_and_encode_like_eddsa (
uint8_t enc[DECAF_EDDSA_$(gf_shortname)_PUBLIC_BYTES], uint8_t enc[DECAF_EDDSA_$(gf_shortname)_PUBLIC_BYTES],
const $(c_ns)_point_t p const $(c_ns)_point_t p
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief EdDSA point decoding. Remember that while points on the * @brief EdDSA point decoding. Remember that while points on the
@@ -174,20 +174,23 @@ void $(c_ns)_point_mul_by_cofactor_and_encode_like_eddsa (
decaf_error_t $(c_ns)_point_decode_like_eddsa_and_ignore_cofactor ( decaf_error_t $(c_ns)_point_decode_like_eddsa_and_ignore_cofactor (
$(c_ns)_point_t p, $(c_ns)_point_t p,
const uint8_t enc[DECAF_EDDSA_$(gf_shortname)_PUBLIC_BYTES] const uint8_t enc[DECAF_EDDSA_$(gf_shortname)_PUBLIC_BYTES]
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief EdDSA to ECDH public key conversion * @brief EdDSA to ECDH public key conversion
* Deserialize the point to get y on Edwards curve, * Deserialize the point to get y on Edwards curve,
* Convert it to u coordinate on Montgomery curve. * Convert it to u coordinate on Montgomery curve.
* *
* @warning This function does not check that the public key being converted
* is a valid EdDSA public key (FUTURE?)
*
* @param[out] x The ECDH public key as in RFC7748(point on Montgomery curve) * @param[out] x The ECDH public key as in RFC7748(point on Montgomery curve)
* @param[in] ed The EdDSA public key(point on Edwards curve) * @param[in] ed The EdDSA public key(point on Edwards curve)
*/ */
void decaf_ed$(gf_shortname)_convert_public_key_to_x$(gf_shortname) ( void decaf_ed$(gf_shortname)_convert_public_key_to_x$(gf_shortname) (
uint8_t x[DECAF_X$(gf_shortname)_PUBLIC_BYTES], uint8_t x[DECAF_X$(gf_shortname)_PUBLIC_BYTES],
const uint8_t ed[DECAF_EDDSA_$(gf_shortname)_PUBLIC_BYTES] const uint8_t ed[DECAF_EDDSA_$(gf_shortname)_PUBLIC_BYTES]
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief EdDSA to ECDH private key conversion * @brief EdDSA to ECDH private key conversion
@@ -200,7 +203,7 @@ void decaf_ed$(gf_shortname)_convert_public_key_to_x$(gf_shortname) (
void decaf_ed$(gf_shortname)_convert_private_key_to_x$(gf_shortname) ( void decaf_ed$(gf_shortname)_convert_private_key_to_x$(gf_shortname) (
uint8_t x[DECAF_X$(gf_shortname)_PRIVATE_BYTES], uint8_t x[DECAF_X$(gf_shortname)_PRIVATE_BYTES],
const uint8_t ed[DECAF_EDDSA_$(gf_shortname)_PRIVATE_BYTES] const uint8_t ed[DECAF_EDDSA_$(gf_shortname)_PRIVATE_BYTES]
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */


+ 26
- 26
src/per_curve/eddsa.tmpl.hxx View File

@@ -16,9 +16,9 @@


/** @cond internal */ /** @cond internal */
#if __cplusplus >= 201103L #if __cplusplus >= 201103L
#define NOEXCEPT noexcept
#define DECAF_NOEXCEPT noexcept
#else #else
#define NOEXCEPT throw()
#define DECAF_NOEXCEPT throw()
#endif #endif
/** @endcond */ /** @endcond */


@@ -75,7 +75,7 @@ public:
} }


/** Reset this hash */ /** Reset this hash */
void reset() NOEXCEPT { init(); }
void reset() DECAF_NOEXCEPT { init(); }
/** Output from this hash */ /** Output from this hash */
SecureBuffer final() throw(std::bad_alloc) { SecureBuffer final() throw(std::bad_alloc) {
@@ -186,38 +186,38 @@ public:
/** Create but don't initialize */ /** Create but don't initialize */
inline explicit PrivateKeyBase(const NOINIT&) NOEXCEPT : priv_((NOINIT())), pub_((NOINIT())) { }
inline explicit PrivateKeyBase(const NOINIT&) DECAF_NOEXCEPT : priv_((NOINIT())), pub_((NOINIT())) { }
/** Read a private key from a string */ /** Read a private key from a string */
inline explicit PrivateKeyBase(const FixedBlock<SER_BYTES> &b) NOEXCEPT { *this = b; }
inline explicit PrivateKeyBase(const FixedBlock<SER_BYTES> &b) DECAF_NOEXCEPT { *this = b; }
/** Copy constructor */ /** Copy constructor */
inline PrivateKeyBase(const PrivateKey &k) NOEXCEPT { *this = k; }
inline PrivateKeyBase(const PrivateKey &k) DECAF_NOEXCEPT { *this = k; }
/** Create at random */ /** Create at random */
inline explicit PrivateKeyBase(Rng &r) NOEXCEPT : priv_(r) {
inline explicit PrivateKeyBase(Rng &r) DECAF_NOEXCEPT : priv_(r) {
decaf_ed$(gf_shortname)_derive_public_key(pub_.data(), priv_.data()); decaf_ed$(gf_shortname)_derive_public_key(pub_.data(), priv_.data());
} }
/** Assignment from string */ /** Assignment from string */
inline PrivateKeyBase &operator=(const FixedBlock<SER_BYTES> &b) NOEXCEPT {
inline PrivateKeyBase &operator=(const FixedBlock<SER_BYTES> &b) DECAF_NOEXCEPT {
memcpy(priv_.data(),b.data(),b.size()); memcpy(priv_.data(),b.data(),b.size());
decaf_ed$(gf_shortname)_derive_public_key(pub_.data(), priv_.data()); decaf_ed$(gf_shortname)_derive_public_key(pub_.data(), priv_.data());
return *this; return *this;
} }
/** Copy assignment */ /** Copy assignment */
inline PrivateKeyBase &operator=(const PrivateKey &k) NOEXCEPT {
inline PrivateKeyBase &operator=(const PrivateKey &k) DECAF_NOEXCEPT {
memcpy(priv_.data(),k.priv_.data(), priv_.size()); memcpy(priv_.data(),k.priv_.data(), priv_.size());
memcpy(pub_.data(),k.pub_.data(), pub_.size()); memcpy(pub_.data(),k.pub_.data(), pub_.size());
return *this; return *this;
} }
/** Serialization size. */ /** Serialization size. */
inline size_t ser_size() const NOEXCEPT { return SER_BYTES; }
inline size_t ser_size() const DECAF_NOEXCEPT { return SER_BYTES; }
/** Serialize into a buffer. */ /** Serialize into a buffer. */
inline void serialize_into(unsigned char *x) const NOEXCEPT {
inline void serialize_into(unsigned char *x) const DECAF_NOEXCEPT {
memcpy(x,priv_.data(), priv_.size()); memcpy(x,priv_.data(), priv_.size());
} }
@@ -229,7 +229,7 @@ public:
} }
/** Return the corresponding public key */ /** Return the corresponding public key */
inline MyPublicKey pub() const NOEXCEPT {
inline MyPublicKey pub() const DECAF_NOEXCEPT {
MyPublicKey pub(*this); MyPublicKey pub(*this);
return pub; return pub;
} }
@@ -240,11 +240,11 @@ public:
template<class CRTP> class Verification<CRTP,PURE> { template<class CRTP> class Verification<CRTP,PURE> {
public: public:
/** Verify a signature, returning DECAF_FAILURE if verification fails */ /** Verify a signature, returning DECAF_FAILURE if verification fails */
inline decaf_error_t WARN_UNUSED verify_noexcept (
inline decaf_error_t DECAF_WARN_UNUSED verify_noexcept (
const FixedBlock<DECAF_EDDSA_$(gf_shortname)_SIGNATURE_BYTES> &sig, const FixedBlock<DECAF_EDDSA_$(gf_shortname)_SIGNATURE_BYTES> &sig,
const Block &message, const Block &message,
const Block &context = NO_CONTEXT() const Block &context = NO_CONTEXT()
) const /*NOEXCEPT*/ {
) const /*DECAF_NOEXCEPT*/ {
if (context.size() > 255) { if (context.size() > 255) {
return DECAF_FAILURE; return DECAF_FAILURE;
} }
@@ -286,10 +286,10 @@ public:
template<class CRTP> class Verification<CRTP,PREHASHED> { template<class CRTP> class Verification<CRTP,PREHASHED> {
public: public:
/* Verify a prehash context. */ /* Verify a prehash context. */
inline decaf_error_t WARN_UNUSED verify_prehashed_noexcept (
inline decaf_error_t DECAF_WARN_UNUSED verify_prehashed_noexcept (
const FixedBlock<DECAF_EDDSA_$(gf_shortname)_SIGNATURE_BYTES> &sig, const FixedBlock<DECAF_EDDSA_$(gf_shortname)_SIGNATURE_BYTES> &sig,
const Prehash &ph const Prehash &ph
) const /*NOEXCEPT*/ {
) const /*DECAF_NOEXCEPT*/ {
return decaf_ed$(gf_shortname)_verify_prehash ( return decaf_ed$(gf_shortname)_verify_prehash (
sig.data(), sig.data(),
((const CRTP*)this)->pub_.data(), ((const CRTP*)this)->pub_.data(),
@@ -360,38 +360,38 @@ public:
/** Create but don't initialize */ /** Create but don't initialize */
inline explicit PublicKeyBase(const NOINIT&) NOEXCEPT : pub_((NOINIT())) { }
inline explicit PublicKeyBase(const NOINIT&) DECAF_NOEXCEPT : pub_((NOINIT())) { }
/** Read a private key from a string */ /** Read a private key from a string */
inline explicit PublicKeyBase(const FixedBlock<SER_BYTES> &b) NOEXCEPT { *this = b; }
inline explicit PublicKeyBase(const FixedBlock<SER_BYTES> &b) DECAF_NOEXCEPT { *this = b; }
/** Copy constructor */ /** Copy constructor */
inline PublicKeyBase(const PublicKeyBase &k) NOEXCEPT { *this = k; }
inline PublicKeyBase(const PublicKeyBase &k) DECAF_NOEXCEPT { *this = k; }
/** Copy constructor */ /** Copy constructor */
inline explicit PublicKeyBase(const MyPrivateKey &k) NOEXCEPT { *this = k; }
inline explicit PublicKeyBase(const MyPrivateKey &k) DECAF_NOEXCEPT { *this = k; }


/** Assignment from string */ /** Assignment from string */
inline PublicKey &operator=(const FixedBlock<SER_BYTES> &b) NOEXCEPT {
inline PublicKey &operator=(const FixedBlock<SER_BYTES> &b) DECAF_NOEXCEPT {
memcpy(pub_.data(),b.data(),b.size()); memcpy(pub_.data(),b.data(),b.size());
return *this; return *this;
} }


/** Assignment from private key */ /** Assignment from private key */
inline PublicKey &operator=(const PublicKey &p) NOEXCEPT {
inline PublicKey &operator=(const PublicKey &p) DECAF_NOEXCEPT {
return *this = p.pub_; return *this = p.pub_;
} }


/** Assignment from private key */ /** Assignment from private key */
inline PublicKey &operator=(const MyPrivateKey &p) NOEXCEPT {
inline PublicKey &operator=(const MyPrivateKey &p) DECAF_NOEXCEPT {
return *this = p.pub_; return *this = p.pub_;
} }


/** Serialization size. */ /** Serialization size. */
inline size_t ser_size() const NOEXCEPT { return SER_BYTES; }
inline size_t ser_size() const DECAF_NOEXCEPT { return SER_BYTES; }
/** Serialize into a buffer. */ /** Serialize into a buffer. */
inline void serialize_into(unsigned char *x) const NOEXCEPT {
inline void serialize_into(unsigned char *x) const DECAF_NOEXCEPT {
memcpy(x,pub_.data(), pub_.size()); memcpy(x,pub_.data(), pub_.size());
} }
@@ -405,5 +405,5 @@ public:


}; /* template<> struct EdDSA<$(cxx_ns)> */ }; /* template<> struct EdDSA<$(cxx_ns)> */


#undef NOEXCEPT
#undef DECAF_NOEXCEPT
} /* namespace decaf */ } /* namespace decaf */

+ 1
- 1
src/per_curve/elligator.tmpl.c View File

@@ -98,7 +98,7 @@ void API_NS(point_from_hash_uniform) (
#define MAX(A,B) (((A)>(B)) ? (A) : (B)) #define MAX(A,B) (((A)>(B)) ? (A) : (B))
#define PKP_MASK ((1<<(MAX(8*SER_BYTES + $(elligator_onto) - $(gf_bits),0)))-1) #define PKP_MASK ((1<<(MAX(8*SER_BYTES + $(elligator_onto) - $(gf_bits),0)))-1)
#if PKP_MASK != 0 #if PKP_MASK != 0
static UNUSED mask_t plus_k_p (
static DECAF_INLINE mask_t plus_k_p (
uint8_t x[SER_BYTES], uint8_t x[SER_BYTES],
uint32_t factor_ uint32_t factor_
) { ) {


+ 48
- 48
src/per_curve/point.tmpl.h View File

@@ -57,7 +57,7 @@ struct $(c_ns)_precomputed_s;
typedef struct $(c_ns)_precomputed_s $(c_ns)_precomputed_s; typedef struct $(c_ns)_precomputed_s $(c_ns)_precomputed_s;


/** Size and alignment of precomputed point tables. */ /** Size and alignment of precomputed point tables. */
extern const size_t $(c_ns)_sizeof_precomputed_s API_VIS, $(c_ns)_alignof_precomputed_s API_VIS;
extern const size_t $(c_ns)_sizeof_precomputed_s DECAF_API_VIS, $(c_ns)_alignof_precomputed_s DECAF_API_VIS;


/** Scalar is stored packed, because we don't need the speed. */ /** Scalar is stored packed, because we don't need the speed. */
typedef struct $(c_ns)_scalar_s { typedef struct $(c_ns)_scalar_s {
@@ -67,19 +67,19 @@ typedef struct $(c_ns)_scalar_s {
} $(c_ns)_scalar_t[1]; } $(c_ns)_scalar_t[1];


/** A scalar equal to 1. */ /** A scalar equal to 1. */
extern const $(c_ns)_scalar_t $(c_ns)_scalar_one API_VIS;
extern const $(c_ns)_scalar_t $(c_ns)_scalar_one DECAF_API_VIS;


/** A scalar equal to 0. */ /** A scalar equal to 0. */
extern const $(c_ns)_scalar_t $(c_ns)_scalar_zero API_VIS;
extern const $(c_ns)_scalar_t $(c_ns)_scalar_zero DECAF_API_VIS;


/** The identity point on the curve. */ /** The identity point on the curve. */
extern const $(c_ns)_point_t $(c_ns)_point_identity API_VIS;
extern const $(c_ns)_point_t $(c_ns)_point_identity DECAF_API_VIS;


/** An arbitrarily chosen base point on the curve. */ /** An arbitrarily chosen base point on the curve. */
extern const $(c_ns)_point_t $(c_ns)_point_base API_VIS;
extern const $(c_ns)_point_t $(c_ns)_point_base DECAF_API_VIS;


/** Precomputed table for the base point on the curve. */ /** Precomputed table for the base point on the curve. */
extern const struct $(c_ns)_precomputed_s *$(c_ns)_precomputed_base API_VIS;
extern const struct $(c_ns)_precomputed_s *$(c_ns)_precomputed_base DECAF_API_VIS;


/** /**
* @brief Read a scalar from wire format or from bytes. * @brief Read a scalar from wire format or from bytes.
@@ -94,7 +94,7 @@ extern const struct $(c_ns)_precomputed_s *$(c_ns)_precomputed_base API_VIS;
decaf_error_t $(c_ns)_scalar_decode ( decaf_error_t $(c_ns)_scalar_decode (
$(c_ns)_scalar_t out, $(c_ns)_scalar_t out,
const unsigned char ser[$(C_NS)_SCALAR_BYTES] const unsigned char ser[$(C_NS)_SCALAR_BYTES]
) API_VIS WARN_UNUSED NONNULL NOINLINE;
) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Read a scalar from wire format or from bytes. Reduces mod * @brief Read a scalar from wire format or from bytes. Reduces mod
@@ -108,7 +108,7 @@ void $(c_ns)_scalar_decode_long (
$(c_ns)_scalar_t out, $(c_ns)_scalar_t out,
const unsigned char *ser, const unsigned char *ser,
size_t ser_len size_t ser_len
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;
/** /**
* @brief Serialize a scalar to wire format. * @brief Serialize a scalar to wire format.
@@ -119,7 +119,7 @@ void $(c_ns)_scalar_decode_long (
void $(c_ns)_scalar_encode ( void $(c_ns)_scalar_encode (
unsigned char ser[$(C_NS)_SCALAR_BYTES], unsigned char ser[$(C_NS)_SCALAR_BYTES],
const $(c_ns)_scalar_t s const $(c_ns)_scalar_t s
) API_VIS NONNULL NOINLINE NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE DECAF_NOINLINE;
/** /**
* @brief Add two scalars. The scalars may use the same memory. * @brief Add two scalars. The scalars may use the same memory.
@@ -131,7 +131,7 @@ void $(c_ns)_scalar_add (
$(c_ns)_scalar_t out, $(c_ns)_scalar_t out,
const $(c_ns)_scalar_t a, const $(c_ns)_scalar_t a,
const $(c_ns)_scalar_t b const $(c_ns)_scalar_t b
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Compare two scalars. * @brief Compare two scalars.
@@ -143,7 +143,7 @@ void $(c_ns)_scalar_add (
decaf_bool_t $(c_ns)_scalar_eq ( decaf_bool_t $(c_ns)_scalar_eq (
const $(c_ns)_scalar_t a, const $(c_ns)_scalar_t a,
const $(c_ns)_scalar_t b const $(c_ns)_scalar_t b
) API_VIS WARN_UNUSED NONNULL NOINLINE;
) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Subtract two scalars. The scalars may use the same memory. * @brief Subtract two scalars. The scalars may use the same memory.
@@ -155,7 +155,7 @@ void $(c_ns)_scalar_sub (
$(c_ns)_scalar_t out, $(c_ns)_scalar_t out,
const $(c_ns)_scalar_t a, const $(c_ns)_scalar_t a,
const $(c_ns)_scalar_t b const $(c_ns)_scalar_t b
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Multiply two scalars. The scalars may use the same memory. * @brief Multiply two scalars. The scalars may use the same memory.
@@ -167,7 +167,7 @@ void $(c_ns)_scalar_mul (
$(c_ns)_scalar_t out, $(c_ns)_scalar_t out,
const $(c_ns)_scalar_t a, const $(c_ns)_scalar_t a,
const $(c_ns)_scalar_t b const $(c_ns)_scalar_t b
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;
/** /**
* @brief Halve a scalar. The scalars may use the same memory. * @brief Halve a scalar. The scalars may use the same memory.
@@ -177,7 +177,7 @@ void $(c_ns)_scalar_mul (
void $(c_ns)_scalar_halve ( void $(c_ns)_scalar_halve (
$(c_ns)_scalar_t out, $(c_ns)_scalar_t out,
const $(c_ns)_scalar_t a const $(c_ns)_scalar_t a
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Invert a scalar. When passed zero, return 0. The input and output may alias. * @brief Invert a scalar. When passed zero, return 0. The input and output may alias.
@@ -188,7 +188,7 @@ void $(c_ns)_scalar_halve (
decaf_error_t $(c_ns)_scalar_invert ( decaf_error_t $(c_ns)_scalar_invert (
$(c_ns)_scalar_t out, $(c_ns)_scalar_t out,
const $(c_ns)_scalar_t a const $(c_ns)_scalar_t a
) API_VIS WARN_UNUSED NONNULL NOINLINE;
) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Copy a scalar. The scalars may use the same memory, in which * @brief Copy a scalar. The scalars may use the same memory, in which
@@ -196,7 +196,7 @@ decaf_error_t $(c_ns)_scalar_invert (
* @param [in] a A scalar. * @param [in] a A scalar.
* @param [out] out Will become a copy of a. * @param [out] out Will become a copy of a.
*/ */
static inline void NONNULL $(c_ns)_scalar_copy (
static inline void DECAF_NONNULL $(c_ns)_scalar_copy (
$(c_ns)_scalar_t out, $(c_ns)_scalar_t out,
const $(c_ns)_scalar_t a const $(c_ns)_scalar_t a
) { ) {
@@ -211,7 +211,7 @@ static inline void NONNULL $(c_ns)_scalar_copy (
void $(c_ns)_scalar_set_unsigned ( void $(c_ns)_scalar_set_unsigned (
$(c_ns)_scalar_t out, $(c_ns)_scalar_t out,
uint64_t a uint64_t a
) API_VIS NONNULL;
) DECAF_API_VIS DECAF_NONNULL;


/** /**
* @brief Encode a point as a sequence of bytes. * @brief Encode a point as a sequence of bytes.
@@ -222,7 +222,7 @@ void $(c_ns)_scalar_set_unsigned (
void $(c_ns)_point_encode ( void $(c_ns)_point_encode (
uint8_t ser[$(C_NS)_SER_BYTES], uint8_t ser[$(C_NS)_SER_BYTES],
const $(c_ns)_point_t pt const $(c_ns)_point_t pt
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Decode a point from a sequence of bytes. * @brief Decode a point from a sequence of bytes.
@@ -242,7 +242,7 @@ decaf_error_t $(c_ns)_point_decode (
$(c_ns)_point_t pt, $(c_ns)_point_t pt,
const uint8_t ser[$(C_NS)_SER_BYTES], const uint8_t ser[$(C_NS)_SER_BYTES],
decaf_bool_t allow_identity decaf_bool_t allow_identity
) API_VIS WARN_UNUSED NONNULL NOINLINE;
) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Copy a point. The input and output may alias, * @brief Copy a point. The input and output may alias,
@@ -251,7 +251,7 @@ decaf_error_t $(c_ns)_point_decode (
* @param [out] a A copy of the point. * @param [out] a A copy of the point.
* @param [in] b Any point. * @param [in] b Any point.
*/ */
static inline void NONNULL $(c_ns)_point_copy (
static inline void DECAF_NONNULL $(c_ns)_point_copy (
$(c_ns)_point_t a, $(c_ns)_point_t a,
const $(c_ns)_point_t b const $(c_ns)_point_t b
) { ) {
@@ -270,7 +270,7 @@ static inline void NONNULL $(c_ns)_point_copy (
decaf_bool_t $(c_ns)_point_eq ( decaf_bool_t $(c_ns)_point_eq (
const $(c_ns)_point_t a, const $(c_ns)_point_t a,
const $(c_ns)_point_t b const $(c_ns)_point_t b
) API_VIS WARN_UNUSED NONNULL NOINLINE;
) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Add two points to produce a third point. The * @brief Add two points to produce a third point. The
@@ -285,7 +285,7 @@ void $(c_ns)_point_add (
$(c_ns)_point_t sum, $(c_ns)_point_t sum,
const $(c_ns)_point_t a, const $(c_ns)_point_t a,
const $(c_ns)_point_t b const $(c_ns)_point_t b
) API_VIS NONNULL;
) DECAF_API_VIS DECAF_NONNULL;


/** /**
* @brief Double a point. Equivalent to * @brief Double a point. Equivalent to
@@ -297,7 +297,7 @@ void $(c_ns)_point_add (
void $(c_ns)_point_double ( void $(c_ns)_point_double (
$(c_ns)_point_t two_a, $(c_ns)_point_t two_a,
const $(c_ns)_point_t a const $(c_ns)_point_t a
) API_VIS NONNULL;
) DECAF_API_VIS DECAF_NONNULL;


/** /**
* @brief Subtract two points to produce a third point. The * @brief Subtract two points to produce a third point. The
@@ -312,7 +312,7 @@ void $(c_ns)_point_sub (
$(c_ns)_point_t diff, $(c_ns)_point_t diff,
const $(c_ns)_point_t a, const $(c_ns)_point_t a,
const $(c_ns)_point_t b const $(c_ns)_point_t b
) API_VIS NONNULL;
) DECAF_API_VIS DECAF_NONNULL;
/** /**
* @brief Negate a point to produce another point. The input * @brief Negate a point to produce another point. The input
@@ -324,7 +324,7 @@ void $(c_ns)_point_sub (
void $(c_ns)_point_negate ( void $(c_ns)_point_negate (
$(c_ns)_point_t nega, $(c_ns)_point_t nega,
const $(c_ns)_point_t a const $(c_ns)_point_t a
) API_VIS NONNULL;
) DECAF_API_VIS DECAF_NONNULL;


/** /**
* @brief Multiply a base point by a scalar: scaled = scalar*base. * @brief Multiply a base point by a scalar: scaled = scalar*base.
@@ -337,7 +337,7 @@ void $(c_ns)_point_scalarmul (
$(c_ns)_point_t scaled, $(c_ns)_point_t scaled,
const $(c_ns)_point_t base, const $(c_ns)_point_t base,
const $(c_ns)_scalar_t scalar const $(c_ns)_scalar_t scalar
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Multiply a base point by a scalar: scaled = scalar*base. * @brief Multiply a base point by a scalar: scaled = scalar*base.
@@ -362,7 +362,7 @@ decaf_error_t $(c_ns)_direct_scalarmul (
const $(c_ns)_scalar_t scalar, const $(c_ns)_scalar_t scalar,
decaf_bool_t allow_identity, decaf_bool_t allow_identity,
decaf_bool_t short_circuit decaf_bool_t short_circuit
) API_VIS NONNULL WARN_UNUSED NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_WARN_UNUSED DECAF_NOINLINE;


/** /**
* @brief RFC 7748 Diffie-Hellman scalarmul. This function uses a different * @brief RFC 7748 Diffie-Hellman scalarmul. This function uses a different
@@ -380,10 +380,10 @@ decaf_error_t decaf_x$(gf_shortname) (
uint8_t out[DECAF_X$(gf_shortname)_PUBLIC_BYTES], uint8_t out[DECAF_X$(gf_shortname)_PUBLIC_BYTES],
const uint8_t base[DECAF_X$(gf_shortname)_PUBLIC_BYTES], const uint8_t base[DECAF_X$(gf_shortname)_PUBLIC_BYTES],
const uint8_t scalar[DECAF_X$(gf_shortname)_PRIVATE_BYTES] const uint8_t scalar[DECAF_X$(gf_shortname)_PRIVATE_BYTES]
) API_VIS NONNULL WARN_UNUSED NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_WARN_UNUSED DECAF_NOINLINE;


/** The base point for X$(gf_shortname) Diffie-Hellman */ /** The base point for X$(gf_shortname) Diffie-Hellman */
extern const uint8_t decaf_x$(gf_shortname)_base_point[DECAF_X$(gf_shortname)_PUBLIC_BYTES] API_VIS;
extern const uint8_t decaf_x$(gf_shortname)_base_point[DECAF_X$(gf_shortname)_PUBLIC_BYTES] DECAF_API_VIS;


/** /**
* @brief RFC 7748 Diffie-Hellman base point scalarmul. This function uses * @brief RFC 7748 Diffie-Hellman base point scalarmul. This function uses
@@ -398,7 +398,7 @@ extern const uint8_t decaf_x$(gf_shortname)_base_point[DECAF_X$(gf_shortname)_PU
void decaf_x$(gf_shortname)_generate_key ( void decaf_x$(gf_shortname)_generate_key (
uint8_t out[DECAF_X$(gf_shortname)_PUBLIC_BYTES], uint8_t out[DECAF_X$(gf_shortname)_PUBLIC_BYTES],
const uint8_t scalar[DECAF_X$(gf_shortname)_PRIVATE_BYTES] const uint8_t scalar[DECAF_X$(gf_shortname)_PRIVATE_BYTES]
) API_VIS NONNULL NOINLINE DEPRECATED("Renamed to decaf_x$(gf_shortname)_derive_public_key");
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE DECAF_DEPRECATED("Renamed to decaf_x$(gf_shortname)_derive_public_key");
/** /**
* @brief RFC 7748 Diffie-Hellman base point scalarmul. This function uses * @brief RFC 7748 Diffie-Hellman base point scalarmul. This function uses
@@ -413,7 +413,7 @@ void decaf_x$(gf_shortname)_generate_key (
void decaf_x$(gf_shortname)_derive_public_key ( void decaf_x$(gf_shortname)_derive_public_key (
uint8_t out[DECAF_X$(gf_shortname)_PUBLIC_BYTES], uint8_t out[DECAF_X$(gf_shortname)_PUBLIC_BYTES],
const uint8_t scalar[DECAF_X$(gf_shortname)_PRIVATE_BYTES] const uint8_t scalar[DECAF_X$(gf_shortname)_PRIVATE_BYTES]
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/* FUTURE: uint8_t $(c_ns)_encode_like_curve$(gf_shortname)) */ /* FUTURE: uint8_t $(c_ns)_encode_like_curve$(gf_shortname)) */


@@ -429,7 +429,7 @@ void decaf_x$(gf_shortname)_derive_public_key (
void $(c_ns)_precompute ( void $(c_ns)_precompute (
$(c_ns)_precomputed_s *a, $(c_ns)_precomputed_s *a,
const $(c_ns)_point_t b const $(c_ns)_point_t b
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Multiply a precomputed base point by a scalar: * @brief Multiply a precomputed base point by a scalar:
@@ -446,7 +446,7 @@ void $(c_ns)_precomputed_scalarmul (
$(c_ns)_point_t scaled, $(c_ns)_point_t scaled,
const $(c_ns)_precomputed_s *base, const $(c_ns)_precomputed_s *base,
const $(c_ns)_scalar_t scalar const $(c_ns)_scalar_t scalar
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Multiply two base points by two scalars: * @brief Multiply two base points by two scalars:
@@ -467,7 +467,7 @@ void $(c_ns)_point_double_scalarmul (
const $(c_ns)_scalar_t scalar1, const $(c_ns)_scalar_t scalar1,
const $(c_ns)_point_t base2, const $(c_ns)_point_t base2,
const $(c_ns)_scalar_t scalar2 const $(c_ns)_scalar_t scalar2
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;
/** /**
* Multiply one base point by two scalars: * Multiply one base point by two scalars:
@@ -490,7 +490,7 @@ void $(c_ns)_point_dual_scalarmul (
const $(c_ns)_point_t base1, const $(c_ns)_point_t base1,
const $(c_ns)_scalar_t scalar1, const $(c_ns)_scalar_t scalar1,
const $(c_ns)_scalar_t scalar2 const $(c_ns)_scalar_t scalar2
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Multiply two base points by two scalars: * @brief Multiply two base points by two scalars:
@@ -512,7 +512,7 @@ void $(c_ns)_base_double_scalarmul_non_secret (
const $(c_ns)_scalar_t scalar1, const $(c_ns)_scalar_t scalar1,
const $(c_ns)_point_t base2, const $(c_ns)_point_t base2,
const $(c_ns)_scalar_t scalar2 const $(c_ns)_scalar_t scalar2
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Constant-time decision between two points. If pick_b * @brief Constant-time decision between two points. If pick_b
@@ -528,7 +528,7 @@ void $(c_ns)_point_cond_sel (
const $(c_ns)_point_t a, const $(c_ns)_point_t a,
const $(c_ns)_point_t b, const $(c_ns)_point_t b,
decaf_word_t pick_b decaf_word_t pick_b
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Constant-time decision between two scalars. If pick_b * @brief Constant-time decision between two scalars. If pick_b
@@ -544,7 +544,7 @@ void $(c_ns)_scalar_cond_sel (
const $(c_ns)_scalar_t a, const $(c_ns)_scalar_t a,
const $(c_ns)_scalar_t b, const $(c_ns)_scalar_t b,
decaf_word_t pick_b decaf_word_t pick_b
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Test that a point is valid, for debugging purposes. * @brief Test that a point is valid, for debugging purposes.
@@ -555,7 +555,7 @@ void $(c_ns)_scalar_cond_sel (
*/ */
decaf_bool_t $(c_ns)_point_valid ( decaf_bool_t $(c_ns)_point_valid (
const $(c_ns)_point_t to_test const $(c_ns)_point_t to_test
) API_VIS WARN_UNUSED NONNULL NOINLINE;
) DECAF_API_VIS DECAF_WARN_UNUSED DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Torque a point, for debugging purposes. The output * @brief Torque a point, for debugging purposes. The output
@@ -567,7 +567,7 @@ decaf_bool_t $(c_ns)_point_valid (
void $(c_ns)_point_debugging_torque ( void $(c_ns)_point_debugging_torque (
$(c_ns)_point_t q, $(c_ns)_point_t q,
const $(c_ns)_point_t p const $(c_ns)_point_t p
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Projectively scale a point, for debugging purposes. * @brief Projectively scale a point, for debugging purposes.
@@ -582,7 +582,7 @@ void $(c_ns)_point_debugging_pscale (
$(c_ns)_point_t q, $(c_ns)_point_t q,
const $(c_ns)_point_t p, const $(c_ns)_point_t p,
const unsigned char factor[$(C_NS)_SER_BYTES] const unsigned char factor[$(C_NS)_SER_BYTES]
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Almost-Elligator-like hash to curve. * @brief Almost-Elligator-like hash to curve.
@@ -616,7 +616,7 @@ void
$(c_ns)_point_from_hash_nonuniform ( $(c_ns)_point_from_hash_nonuniform (
$(c_ns)_point_t pt, $(c_ns)_point_t pt,
const unsigned char hashed_data[$(C_NS)_HASH_BYTES] const unsigned char hashed_data[$(C_NS)_HASH_BYTES]
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Indifferentiable hash function encoding to curve. * @brief Indifferentiable hash function encoding to curve.
@@ -629,7 +629,7 @@ $(c_ns)_point_from_hash_nonuniform (
void $(c_ns)_point_from_hash_uniform ( void $(c_ns)_point_from_hash_uniform (
$(c_ns)_point_t pt, $(c_ns)_point_t pt,
const unsigned char hashed_data[2*$(C_NS)_HASH_BYTES] const unsigned char hashed_data[2*$(C_NS)_HASH_BYTES]
) API_VIS NONNULL NOINLINE;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;


/** /**
* @brief Inverse of elligator-like hash to curve. * @brief Inverse of elligator-like hash to curve.
@@ -654,7 +654,7 @@ $(c_ns)_invert_elligator_nonuniform (
unsigned char recovered_hash[$(C_NS)_HASH_BYTES], unsigned char recovered_hash[$(C_NS)_HASH_BYTES],
const $(c_ns)_point_t pt, const $(c_ns)_point_t pt,
uint32_t which uint32_t which
) API_VIS NONNULL NOINLINE WARN_UNUSED;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE DECAF_WARN_UNUSED;


/** /**
* @brief Inverse of elligator-like hash to curve. * @brief Inverse of elligator-like hash to curve.
@@ -679,28 +679,28 @@ $(c_ns)_invert_elligator_uniform (
unsigned char recovered_hash[2*$(C_NS)_HASH_BYTES], unsigned char recovered_hash[2*$(C_NS)_HASH_BYTES],
const $(c_ns)_point_t pt, const $(c_ns)_point_t pt,
uint32_t which uint32_t which
) API_VIS NONNULL NOINLINE WARN_UNUSED;
) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE DECAF_WARN_UNUSED;


/** /**
* @brief Overwrite scalar with zeros. * @brief Overwrite scalar with zeros.
*/ */
void $(c_ns)_scalar_destroy ( void $(c_ns)_scalar_destroy (
$(c_ns)_scalar_t scalar $(c_ns)_scalar_t scalar
) NONNULL API_VIS;
) DECAF_NONNULL DECAF_API_VIS;


/** /**
* @brief Overwrite point with zeros. * @brief Overwrite point with zeros.
*/ */
void $(c_ns)_point_destroy ( void $(c_ns)_point_destroy (
$(c_ns)_point_t point $(c_ns)_point_t point
) NONNULL API_VIS;
) DECAF_NONNULL DECAF_API_VIS;


/** /**
* @brief Overwrite precomputed table with zeros. * @brief Overwrite precomputed table with zeros.
*/ */
void $(c_ns)_precomputed_destroy ( void $(c_ns)_precomputed_destroy (
$(c_ns)_precomputed_s *pre $(c_ns)_precomputed_s *pre
) NONNULL API_VIS;
) DECAF_NONNULL DECAF_API_VIS;


#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */


+ 89
- 89
src/per_curve/point.tmpl.hxx View File

@@ -29,9 +29,9 @@


/** @cond internal */ /** @cond internal */
#if __cplusplus >= 201103L #if __cplusplus >= 201103L
#define NOEXCEPT noexcept
#define DECAF_NOEXCEPT noexcept
#else #else
#define NOEXCEPT throw()
#define DECAF_NOEXCEPT throw()
#endif #endif
/** @endcond */ /** @endcond */


@@ -73,53 +73,53 @@ public:


/** @cond internal */ /** @cond internal */
/** Don't initialize. */ /** Don't initialize. */
inline Scalar(const NOINIT &) NOEXCEPT {}
inline Scalar(const NOINIT &) DECAF_NOEXCEPT {}
/** @endcond */ /** @endcond */


/** Set to an unsigned word */ /** Set to an unsigned word */
inline Scalar(uint64_t w) NOEXCEPT { *this = w; }
inline Scalar(uint64_t w) DECAF_NOEXCEPT { *this = w; }


/** Set to a signed word */ /** Set to a signed word */
inline Scalar(int64_t w) NOEXCEPT { *this = w; }
inline Scalar(int64_t w) DECAF_NOEXCEPT { *this = w; }


/** Set to an unsigned word */ /** Set to an unsigned word */
inline Scalar(unsigned int w) NOEXCEPT { *this = w; }
inline Scalar(unsigned int w) DECAF_NOEXCEPT { *this = w; }


/** Set to a signed word */ /** Set to a signed word */
inline Scalar(int w) NOEXCEPT { *this = w; }
inline Scalar(int w) DECAF_NOEXCEPT { *this = w; }


/** Construct from RNG */ /** Construct from RNG */
inline explicit Scalar(Rng &rng) NOEXCEPT {
inline explicit Scalar(Rng &rng) DECAF_NOEXCEPT {
FixedArrayBuffer<SER_BYTES + 16> sb(rng); FixedArrayBuffer<SER_BYTES + 16> sb(rng);
*this = sb; *this = sb;
} }


/** Construct from decaf_scalar_t object. */ /** Construct from decaf_scalar_t object. */
inline Scalar(const Wrapped &t = $(c_ns)_scalar_zero) NOEXCEPT { $(c_ns)_scalar_copy(s,t); }
inline Scalar(const Wrapped &t = $(c_ns)_scalar_zero) DECAF_NOEXCEPT { $(c_ns)_scalar_copy(s,t); }


/** Copy constructor. */ /** Copy constructor. */
inline Scalar(const Scalar &x) NOEXCEPT { *this = x; }
inline Scalar(const Scalar &x) DECAF_NOEXCEPT { *this = x; }


/** Construct from arbitrary-length little-endian byte sequence. */ /** Construct from arbitrary-length little-endian byte sequence. */
inline Scalar(const Block &buffer) NOEXCEPT { *this = buffer; }
inline Scalar(const Block &buffer) DECAF_NOEXCEPT { *this = buffer; }


/** Serializable instance */ /** Serializable instance */
inline size_t ser_size() const NOEXCEPT { return SER_BYTES; }
inline size_t ser_size() const DECAF_NOEXCEPT { return SER_BYTES; }


/** Serializable instance */ /** Serializable instance */
inline void serialize_into(unsigned char *buffer) const NOEXCEPT {
inline void serialize_into(unsigned char *buffer) const DECAF_NOEXCEPT {
$(c_ns)_scalar_encode(buffer, s); $(c_ns)_scalar_encode(buffer, s);
} }


/** Assignment. */ /** Assignment. */
inline Scalar& operator=(const Scalar &x) NOEXCEPT { $(c_ns)_scalar_copy(s,x.s); return *this; }
inline Scalar& operator=(const Scalar &x) DECAF_NOEXCEPT { $(c_ns)_scalar_copy(s,x.s); return *this; }


/** Assign from unsigned 64-bit integer. */ /** Assign from unsigned 64-bit integer. */
inline Scalar& operator=(uint64_t w) NOEXCEPT { $(c_ns)_scalar_set_unsigned(s,w); return *this; }
inline Scalar& operator=(uint64_t w) DECAF_NOEXCEPT { $(c_ns)_scalar_set_unsigned(s,w); return *this; }




/** Assign from signed int. */ /** Assign from signed int. */
inline Scalar& operator=(int64_t w) NOEXCEPT {
inline Scalar& operator=(int64_t w) DECAF_NOEXCEPT {
Scalar t(-(uint64_t)INT_MIN); Scalar t(-(uint64_t)INT_MIN);
$(c_ns)_scalar_set_unsigned(s,(uint64_t)w - (uint64_t)INT_MIN); $(c_ns)_scalar_set_unsigned(s,(uint64_t)w - (uint64_t)INT_MIN);
*this -= t; *this -= t;
@@ -127,16 +127,16 @@ public:
} }


/** Assign from unsigned int. */ /** Assign from unsigned int. */
inline Scalar& operator=(unsigned int w) NOEXCEPT { return *this = (uint64_t)w; }
inline Scalar& operator=(unsigned int w) DECAF_NOEXCEPT { return *this = (uint64_t)w; }


/** Assign from signed int. */ /** Assign from signed int. */
inline Scalar& operator=(int w) NOEXCEPT { return *this = (int64_t)w; }
inline Scalar& operator=(int w) DECAF_NOEXCEPT { return *this = (int64_t)w; }


/** Destructor securely zeorizes the scalar. */ /** Destructor securely zeorizes the scalar. */
inline ~Scalar() NOEXCEPT { $(c_ns)_scalar_destroy(s); }
inline ~Scalar() DECAF_NOEXCEPT { $(c_ns)_scalar_destroy(s); }


/** Assign from arbitrary-length little-endian byte sequence in a Block. */ /** Assign from arbitrary-length little-endian byte sequence in a Block. */
inline Scalar &operator=(const Block &bl) NOEXCEPT {
inline Scalar &operator=(const Block &bl) DECAF_NOEXCEPT {
$(c_ns)_scalar_decode_long(s,bl.data(),bl.size()); return *this; $(c_ns)_scalar_decode_long(s,bl.data(),bl.size()); return *this;
} }


@@ -144,32 +144,32 @@ public:
* Decode from correct-length little-endian byte sequence. * Decode from correct-length little-endian byte sequence.
* @return DECAF_FAILURE if the scalar is greater than or equal to the group order q. * @return DECAF_FAILURE if the scalar is greater than or equal to the group order q.
*/ */
static inline decaf_error_t WARN_UNUSED decode (
static inline decaf_error_t DECAF_WARN_UNUSED decode (
Scalar &sc, const FixedBlock<SER_BYTES> buffer Scalar &sc, const FixedBlock<SER_BYTES> buffer
) NOEXCEPT {
) DECAF_NOEXCEPT {
return $(c_ns)_scalar_decode(sc.s,buffer.data()); return $(c_ns)_scalar_decode(sc.s,buffer.data());
} }


/** Add. */ /** Add. */
inline Scalar operator+ (const Scalar &q) const NOEXCEPT { Scalar r((NOINIT())); $(c_ns)_scalar_add(r.s,s,q.s); return r; }
inline Scalar operator+ (const Scalar &q) const DECAF_NOEXCEPT { Scalar r((NOINIT())); $(c_ns)_scalar_add(r.s,s,q.s); return r; }


/** Add to this. */ /** Add to this. */
inline Scalar &operator+=(const Scalar &q) NOEXCEPT { $(c_ns)_scalar_add(s,s,q.s); return *this; }
inline Scalar &operator+=(const Scalar &q) DECAF_NOEXCEPT { $(c_ns)_scalar_add(s,s,q.s); return *this; }


/** Subtract. */ /** Subtract. */
inline Scalar operator- (const Scalar &q) const NOEXCEPT { Scalar r((NOINIT())); $(c_ns)_scalar_sub(r.s,s,q.s); return r; }
inline Scalar operator- (const Scalar &q) const DECAF_NOEXCEPT { Scalar r((NOINIT())); $(c_ns)_scalar_sub(r.s,s,q.s); return r; }


/** Subtract from this. */ /** Subtract from this. */
inline Scalar &operator-=(const Scalar &q) NOEXCEPT { $(c_ns)_scalar_sub(s,s,q.s); return *this; }
inline Scalar &operator-=(const Scalar &q) DECAF_NOEXCEPT { $(c_ns)_scalar_sub(s,s,q.s); return *this; }


/** Multiply */ /** Multiply */
inline Scalar operator* (const Scalar &q) const NOEXCEPT { Scalar r((NOINIT())); $(c_ns)_scalar_mul(r.s,s,q.s); return r; }
inline Scalar operator* (const Scalar &q) const DECAF_NOEXCEPT { Scalar r((NOINIT())); $(c_ns)_scalar_mul(r.s,s,q.s); return r; }


/** Multiply into this. */ /** Multiply into this. */
inline Scalar &operator*=(const Scalar &q) NOEXCEPT { $(c_ns)_scalar_mul(s,s,q.s); return *this; }
inline Scalar &operator*=(const Scalar &q) DECAF_NOEXCEPT { $(c_ns)_scalar_mul(s,s,q.s); return *this; }


/** Negate */ /** Negate */
inline Scalar operator- () const NOEXCEPT { Scalar r((NOINIT())); $(c_ns)_scalar_sub(r.s,$(c_ns)_scalar_zero,s); return r; }
inline Scalar operator- () const DECAF_NOEXCEPT { Scalar r((NOINIT())); $(c_ns)_scalar_sub(r.s,$(c_ns)_scalar_zero,s); return r; }


/** Invert with Fermat's Little Theorem (slow!). If *this == 0, /** Invert with Fermat's Little Theorem (slow!). If *this == 0,
* throw CryptoException. */ * throw CryptoException. */
@@ -183,8 +183,8 @@ public:


/** Invert with Fermat's Little Theorem (slow!). If *this == 0, set r=0 /** Invert with Fermat's Little Theorem (slow!). If *this == 0, set r=0
* and return DECAF_FAILURE. */ * and return DECAF_FAILURE. */
inline decaf_error_t WARN_UNUSED
inverse_noexcept(Scalar &r) const NOEXCEPT {
inline decaf_error_t DECAF_WARN_UNUSED
inverse_noexcept(Scalar &r) const DECAF_NOEXCEPT {
return $(c_ns)_scalar_invert(r.s,s); return $(c_ns)_scalar_invert(r.s,s);
} }


@@ -198,16 +198,16 @@ public:
inline Scalar half() const { Scalar out; $(c_ns)_scalar_halve(out.s,s); return out; } inline Scalar half() const { Scalar out; $(c_ns)_scalar_halve(out.s,s); return out; }


/** Compare in constant time */ /** Compare in constant time */
inline bool operator!=(const Scalar &q) const NOEXCEPT { return !(*this == q); }
inline bool operator!=(const Scalar &q) const DECAF_NOEXCEPT { return !(*this == q); }


/** Compare in constant time */ /** Compare in constant time */
inline bool operator==(const Scalar &q) const NOEXCEPT { return !!$(c_ns)_scalar_eq(s,q.s); }
inline bool operator==(const Scalar &q) const DECAF_NOEXCEPT { return !!$(c_ns)_scalar_eq(s,q.s); }


/** Scalarmul with scalar on left. */ /** Scalarmul with scalar on left. */
inline Point operator* (const Point &q) const NOEXCEPT { return q * (*this); }
inline Point operator* (const Point &q) const DECAF_NOEXCEPT { return q * (*this); }


/** Scalarmul-precomputed with scalar on left. */ /** Scalarmul-precomputed with scalar on left. */
inline Point operator* (const Precomputed &q) const NOEXCEPT { return q * (*this); }
inline Point operator* (const Precomputed &q) const DECAF_NOEXCEPT { return q * (*this); }


/** Direct scalar multiplication. */ /** Direct scalar multiplication. */
inline SecureBuffer direct_scalarmul( inline SecureBuffer direct_scalarmul(
@@ -253,23 +253,23 @@ public:


/** @cond internal */ /** @cond internal */
/** Don't initialize. */ /** Don't initialize. */
inline Point(const NOINIT &) NOEXCEPT {}
inline Point(const NOINIT &) DECAF_NOEXCEPT {}
/** @endcond */ /** @endcond */


/** Constructor sets to identity by default. */ /** Constructor sets to identity by default. */
inline Point(const Wrapped &q = $(c_ns)_point_identity) NOEXCEPT { $(c_ns)_point_copy(p,q); }
inline Point(const Wrapped &q = $(c_ns)_point_identity) DECAF_NOEXCEPT { $(c_ns)_point_copy(p,q); }


/** Copy constructor. */ /** Copy constructor. */
inline Point(const Point &q) NOEXCEPT { *this = q; }
inline Point(const Point &q) DECAF_NOEXCEPT { *this = q; }


/** Assignment. */ /** Assignment. */
inline Point& operator=(const Point &q) NOEXCEPT { $(c_ns)_point_copy(p,q.p); return *this; }
inline Point& operator=(const Point &q) DECAF_NOEXCEPT { $(c_ns)_point_copy(p,q.p); return *this; }


/** Destructor securely zeorizes the point. */ /** Destructor securely zeorizes the point. */
inline ~Point() NOEXCEPT { $(c_ns)_point_destroy(p); }
inline ~Point() DECAF_NOEXCEPT { $(c_ns)_point_destroy(p); }


/** Construct from RNG */ /** Construct from RNG */
inline explicit Point(Rng &rng, bool uniform = true) NOEXCEPT {
inline explicit Point(Rng &rng, bool uniform = true) DECAF_NOEXCEPT {
if (uniform) { if (uniform) {
FixedArrayBuffer<2*HASH_BYTES> b(rng); FixedArrayBuffer<2*HASH_BYTES> b(rng);
set_to_hash(b); set_to_hash(b);
@@ -301,9 +301,9 @@ public:
* @return DECAF_FAILURE the string was the wrong length, or wasn't the encoding of a point, * @return DECAF_FAILURE the string was the wrong length, or wasn't the encoding of a point,
* or was the identity and allow_identity was DECAF_FALSE. Contents of the buffer are undefined. * or was the identity and allow_identity was DECAF_FALSE. Contents of the buffer are undefined.
*/ */
inline decaf_error_t WARN_UNUSED decode (
inline decaf_error_t DECAF_WARN_UNUSED decode (
const FixedBlock<SER_BYTES> &buffer, decaf_bool_t allow_identity=DECAF_TRUE const FixedBlock<SER_BYTES> &buffer, decaf_bool_t allow_identity=DECAF_TRUE
) NOEXCEPT {
) DECAF_NOEXCEPT {
return $(c_ns)_point_decode(p,buffer.data(),allow_identity); return $(c_ns)_point_decode(p,buffer.data(),allow_identity);
} }


@@ -315,9 +315,9 @@ public:
* @return DECAF_FAILURE the string was the wrong length, or wasn't the encoding of a point. * @return DECAF_FAILURE the string was the wrong length, or wasn't the encoding of a point.
* Contents of the point are undefined. * Contents of the point are undefined.
*/ */
inline decaf_error_t WARN_UNUSED decode_like_eddsa_and_ignore_cofactor_noexcept (
inline decaf_error_t DECAF_WARN_UNUSED decode_like_eddsa_and_ignore_cofactor_noexcept (
const FixedBlock<DECAF_EDDSA_$(gf_shortname)_PUBLIC_BYTES> &buffer const FixedBlock<DECAF_EDDSA_$(gf_shortname)_PUBLIC_BYTES> &buffer
) NOEXCEPT {
) DECAF_NOEXCEPT {
return $(c_ns)_point_decode_like_eddsa_and_ignore_cofactor(p,buffer.data()); return $(c_ns)_point_decode_like_eddsa_and_ignore_cofactor(p,buffer.data());
} }


@@ -340,7 +340,7 @@ public:
* If the buffer is shorter than 2*HASH_BYTES, well, it won't be as uniform, * If the buffer is shorter than 2*HASH_BYTES, well, it won't be as uniform,
* but the buffer will be zero-padded on the right. * but the buffer will be zero-padded on the right.
*/ */
static inline Point from_hash ( const Block &s ) NOEXCEPT {
static inline Point from_hash ( const Block &s ) DECAF_NOEXCEPT {
Point p((NOINIT())); p.set_to_hash(s); return p; Point p((NOINIT())); p.set_to_hash(s); return p;
} }


@@ -350,7 +350,7 @@ public:
* If the buffer is shorter than 2*HASH_BYTES, well, it won't be as uniform, * If the buffer is shorter than 2*HASH_BYTES, well, it won't be as uniform,
* but the buffer will be zero-padded on the right. * but the buffer will be zero-padded on the right.
*/ */
inline void set_to_hash( const Block &s ) NOEXCEPT {
inline void set_to_hash( const Block &s ) DECAF_NOEXCEPT {
if (s.size() < HASH_BYTES) { if (s.size() < HASH_BYTES) {
SecureBuffer b(HASH_BYTES); SecureBuffer b(HASH_BYTES);
memcpy(b.data(), s.data(), s.size()); memcpy(b.data(), s.data(), s.size());
@@ -376,45 +376,45 @@ public:
} }


/** Serializable instance */ /** Serializable instance */
inline size_t ser_size() const NOEXCEPT { return SER_BYTES; }
inline size_t ser_size() const DECAF_NOEXCEPT { return SER_BYTES; }


/** Serializable instance */ /** Serializable instance */
inline void serialize_into(unsigned char *buffer) const NOEXCEPT {
inline void serialize_into(unsigned char *buffer) const DECAF_NOEXCEPT {
$(c_ns)_point_encode(buffer, p); $(c_ns)_point_encode(buffer, p);
} }


/** Point add. */ /** Point add. */
inline Point operator+ (const Point &q) const NOEXCEPT { Point r((NOINIT())); $(c_ns)_point_add(r.p,p,q.p); return r; }
inline Point operator+ (const Point &q) const DECAF_NOEXCEPT { Point r((NOINIT())); $(c_ns)_point_add(r.p,p,q.p); return r; }


/** Point add. */ /** Point add. */
inline Point &operator+=(const Point &q) NOEXCEPT { $(c_ns)_point_add(p,p,q.p); return *this; }
inline Point &operator+=(const Point &q) DECAF_NOEXCEPT { $(c_ns)_point_add(p,p,q.p); return *this; }


/** Point subtract. */ /** Point subtract. */
inline Point operator- (const Point &q) const NOEXCEPT { Point r((NOINIT())); $(c_ns)_point_sub(r.p,p,q.p); return r; }
inline Point operator- (const Point &q) const DECAF_NOEXCEPT { Point r((NOINIT())); $(c_ns)_point_sub(r.p,p,q.p); return r; }


/** Point subtract. */ /** Point subtract. */
inline Point &operator-=(const Point &q) NOEXCEPT { $(c_ns)_point_sub(p,p,q.p); return *this; }
inline Point &operator-=(const Point &q) DECAF_NOEXCEPT { $(c_ns)_point_sub(p,p,q.p); return *this; }


/** Point negate. */ /** Point negate. */
inline Point operator- () const NOEXCEPT { Point r((NOINIT())); $(c_ns)_point_negate(r.p,p); return r; }
inline Point operator- () const DECAF_NOEXCEPT { Point r((NOINIT())); $(c_ns)_point_negate(r.p,p); return r; }


/** Double the point out of place. */ /** Double the point out of place. */
inline Point times_two () const NOEXCEPT { Point r((NOINIT())); $(c_ns)_point_double(r.p,p); return r; }
inline Point times_two () const DECAF_NOEXCEPT { Point r((NOINIT())); $(c_ns)_point_double(r.p,p); return r; }


/** Double the point in place. */ /** Double the point in place. */
inline Point &double_in_place() NOEXCEPT { $(c_ns)_point_double(p,p); return *this; }
inline Point &double_in_place() DECAF_NOEXCEPT { $(c_ns)_point_double(p,p); return *this; }


/** Constant-time compare. */ /** Constant-time compare. */
inline bool operator!=(const Point &q) const NOEXCEPT { return ! $(c_ns)_point_eq(p,q.p); }
inline bool operator!=(const Point &q) const DECAF_NOEXCEPT { return ! $(c_ns)_point_eq(p,q.p); }


/** Constant-time compare. */ /** Constant-time compare. */
inline bool operator==(const Point &q) const NOEXCEPT { return !!$(c_ns)_point_eq(p,q.p); }
inline bool operator==(const Point &q) const DECAF_NOEXCEPT { return !!$(c_ns)_point_eq(p,q.p); }


/** Scalar multiply. */ /** Scalar multiply. */
inline Point operator* (const Scalar &s) const NOEXCEPT { Point r((NOINIT())); $(c_ns)_point_scalarmul(r.p,p,s.s); return r; }
inline Point operator* (const Scalar &s) const DECAF_NOEXCEPT { Point r((NOINIT())); $(c_ns)_point_scalarmul(r.p,p,s.s); return r; }


/** Scalar multiply in place. */ /** Scalar multiply in place. */
inline Point &operator*=(const Scalar &s) NOEXCEPT { $(c_ns)_point_scalarmul(p,p,s.s); return *this; }
inline Point &operator*=(const Scalar &s) DECAF_NOEXCEPT { $(c_ns)_point_scalarmul(p,p,s.s); return *this; }


/** Multiply by s.inverse(). If s=0, maps to the identity. */ /** Multiply by s.inverse(). If s=0, maps to the identity. */
inline Point operator/ (const Scalar &s) const throw(CryptoException) { return (*this) * s.inverse(); } inline Point operator/ (const Scalar &s) const throw(CryptoException) { return (*this) * s.inverse(); }
@@ -423,19 +423,19 @@ public:
inline Point &operator/=(const Scalar &s) throw(CryptoException) { return (*this) *= s.inverse(); } inline Point &operator/=(const Scalar &s) throw(CryptoException) { return (*this) *= s.inverse(); }


/** Validate / sanity check */ /** Validate / sanity check */
inline bool validate() const NOEXCEPT { return $(c_ns)_point_valid(p); }
inline bool validate() const DECAF_NOEXCEPT { return $(c_ns)_point_valid(p); }


/** Double-scalar multiply, equivalent to q*qs + r*rs but faster. */ /** Double-scalar multiply, equivalent to q*qs + r*rs but faster. */
static inline Point double_scalarmul ( static inline Point double_scalarmul (
const Point &q, const Scalar &qs, const Point &r, const Scalar &rs const Point &q, const Scalar &qs, const Point &r, const Scalar &rs
) NOEXCEPT {
) DECAF_NOEXCEPT {
Point p((NOINIT())); $(c_ns)_point_double_scalarmul(p.p,q.p,qs.s,r.p,rs.s); return p; Point p((NOINIT())); $(c_ns)_point_double_scalarmul(p.p,q.p,qs.s,r.p,rs.s); return p;
} }


/** Dual-scalar multiply, equivalent to this*r1, this*r2 but faster. */ /** Dual-scalar multiply, equivalent to this*r1, this*r2 but faster. */
inline void dual_scalarmul ( inline void dual_scalarmul (
Point &q1, Point &q2, const Scalar &r1, const Scalar &r2 Point &q1, Point &q2, const Scalar &r1, const Scalar &r2
) const NOEXCEPT {
) const DECAF_NOEXCEPT {
$(c_ns)_point_dual_scalarmul(q1.p,q2.p,p,r1.s,r2.s); $(c_ns)_point_dual_scalarmul(q1.p,q2.p,p,r1.s,r2.s);
} }


@@ -445,7 +445,7 @@ public:
*/ */
static inline Point double_scalarmul ( static inline Point double_scalarmul (
const Scalar &qs, const Point &q, const Scalar &rs, const Point &r const Scalar &qs, const Point &q, const Scalar &rs, const Point &r
) NOEXCEPT {
) DECAF_NOEXCEPT {
return double_scalarmul(q,qs,r,rs); return double_scalarmul(q,qs,r,rs);
} }


@@ -454,26 +454,26 @@ public:
* @warning This function takes variable time, and may leak the scalars (or points, but currently * @warning This function takes variable time, and may leak the scalars (or points, but currently
* it doesn't). * it doesn't).
*/ */
inline Point non_secret_combo_with_base(const Scalar &s, const Scalar &s_base) NOEXCEPT {
inline Point non_secret_combo_with_base(const Scalar &s, const Scalar &s_base) DECAF_NOEXCEPT {
Point r((NOINIT())); $(c_ns)_base_double_scalarmul_non_secret(r.p,s_base.s,p,s.s); return r; Point r((NOINIT())); $(c_ns)_base_double_scalarmul_non_secret(r.p,s_base.s,p,s.s); return r;
} }


/** Return a point equal to *this, whose internal data is rotated by a torsion element. */ /** Return a point equal to *this, whose internal data is rotated by a torsion element. */
inline Point debugging_torque() const NOEXCEPT {
inline Point debugging_torque() const DECAF_NOEXCEPT {
Point q; Point q;
$(c_ns)_point_debugging_torque(q.p,p); $(c_ns)_point_debugging_torque(q.p,p);
return q; return q;
} }


/** Return a point equal to *this, whose internal data has a modified representation. */ /** Return a point equal to *this, whose internal data has a modified representation. */
inline Point debugging_pscale(const FixedBlock<SER_BYTES> factor) const NOEXCEPT {
inline Point debugging_pscale(const FixedBlock<SER_BYTES> factor) const DECAF_NOEXCEPT {
Point q; Point q;
$(c_ns)_point_debugging_pscale(q.p,p,factor.data()); $(c_ns)_point_debugging_pscale(q.p,p,factor.data());
return q; return q;
} }


/** Return a point equal to *this, whose internal data has a randomized representation. */ /** Return a point equal to *this, whose internal data has a randomized representation. */
inline Point debugging_pscale(Rng &r) const NOEXCEPT {
inline Point debugging_pscale(Rng &r) const DECAF_NOEXCEPT {
FixedArrayBuffer<SER_BYTES> sb(r); FixedArrayBuffer<SER_BYTES> sb(r);
return debugging_pscale(sb); return debugging_pscale(sb);
} }
@@ -484,7 +484,7 @@ public:
*/ */
inline decaf_error_t invert_elligator ( inline decaf_error_t invert_elligator (
Buffer buf, uint32_t hint Buffer buf, uint32_t hint
) const NOEXCEPT {
) const DECAF_NOEXCEPT {
unsigned char buf2[2*HASH_BYTES]; unsigned char buf2[2*HASH_BYTES];
memset(buf2,0,sizeof(buf2)); memset(buf2,0,sizeof(buf2));
memcpy(buf2,buf.data(),(buf.size() > 2*HASH_BYTES) ? 2*HASH_BYTES : buf.size()); memcpy(buf2,buf.data(),(buf.size() > 2*HASH_BYTES) ? 2*HASH_BYTES : buf.size());
@@ -519,10 +519,10 @@ public:
} }


/** Return the base point */ /** Return the base point */
static inline const Point base() NOEXCEPT { return Point($(c_ns)_point_base); }
static inline const Point base() DECAF_NOEXCEPT { return Point($(c_ns)_point_base); }


/** Return the identity point */ /** Return the identity point */
static inline const Point identity() NOEXCEPT { return Point($(c_ns)_point_identity); }
static inline const Point identity() DECAF_NOEXCEPT { return Point($(c_ns)_point_identity); }
}; };


/** /**
@@ -543,7 +543,7 @@ class Precomputed
public: public:


/** Destructor securely zeorizes the memory. */ /** Destructor securely zeorizes the memory. */
inline ~Precomputed() NOEXCEPT { clear(); }
inline ~Precomputed() DECAF_NOEXCEPT { clear(); }


/** /**
* Initialize from underlying type, declared as a reference to prevent * Initialize from underlying type, declared as a reference to prevent
@@ -558,23 +558,23 @@ public:
*/ */
inline Precomputed ( inline Precomputed (
const Precomputed_U &yours = *default_value() const Precomputed_U &yours = *default_value()
) NOEXCEPT : OwnedOrUnowned<Precomputed,Precomputed_U>(yours) {}
) DECAF_NOEXCEPT : OwnedOrUnowned<Precomputed,Precomputed_U>(yours) {}




#if __cplusplus >= 201103L #if __cplusplus >= 201103L
/** Move-assign operator */ /** Move-assign operator */
inline Precomputed &operator=(Precomputed &&it) NOEXCEPT {
inline Precomputed &operator=(Precomputed &&it) DECAF_NOEXCEPT {
OwnedOrUnowned<Precomputed,Precomputed_U>::operator= (it); OwnedOrUnowned<Precomputed,Precomputed_U>::operator= (it);
return *this; return *this;
} }


/** Move constructor */ /** Move constructor */
inline Precomputed(Precomputed &&it) NOEXCEPT : OwnedOrUnowned<Precomputed,Precomputed_U>() {
inline Precomputed(Precomputed &&it) DECAF_NOEXCEPT : OwnedOrUnowned<Precomputed,Precomputed_U>() {
*this = it; *this = it;
} }


/** Undelete copy operator */ /** Undelete copy operator */
inline Precomputed &operator=(const Precomputed &it) NOEXCEPT {
inline Precomputed &operator=(const Precomputed &it) DECAF_NOEXCEPT {
OwnedOrUnowned<Precomputed,Precomputed_U>::operator= (it); OwnedOrUnowned<Precomputed,Precomputed_U>::operator= (it);
return *this; return *this;
} }
@@ -602,20 +602,20 @@ public:
: OwnedOrUnowned<Precomputed,Precomputed_U>() { *this = it; } : OwnedOrUnowned<Precomputed,Precomputed_U>() { *this = it; }


/** Fixed base scalarmul. */ /** Fixed base scalarmul. */
inline Point operator* (const Scalar &s) const NOEXCEPT { Point r; $(c_ns)_precomputed_scalarmul(r.p,get(),s.s); return r; }
inline Point operator* (const Scalar &s) const DECAF_NOEXCEPT { Point r; $(c_ns)_precomputed_scalarmul(r.p,get(),s.s); return r; }


/** Multiply by s.inverse(). If s=0, maps to the identity. */ /** Multiply by s.inverse(). If s=0, maps to the identity. */
inline Point operator/ (const Scalar &s) const throw(CryptoException) { return (*this) * s.inverse(); } inline Point operator/ (const Scalar &s) const throw(CryptoException) { return (*this) * s.inverse(); }


/** Return the table for the base point. */ /** Return the table for the base point. */
static inline const Precomputed base() NOEXCEPT { return Precomputed(); }
static inline const Precomputed base() DECAF_NOEXCEPT { return Precomputed(); }


public: public:
/** @cond internal */ /** @cond internal */
friend class OwnedOrUnowned<Precomputed,Precomputed_U>; friend class OwnedOrUnowned<Precomputed,Precomputed_U>;
static inline size_t size() NOEXCEPT { return $(c_ns)_sizeof_precomputed_s; }
static inline size_t alignment() NOEXCEPT { return $(c_ns)_alignof_precomputed_s; }
static inline const Precomputed_U * default_value() NOEXCEPT { return $(c_ns)_precomputed_base; }
static inline size_t size() DECAF_NOEXCEPT { return $(c_ns)_sizeof_precomputed_s; }
static inline size_t alignment() DECAF_NOEXCEPT { return $(c_ns)_alignof_precomputed_s; }
static inline const Precomputed_U * default_value() DECAF_NOEXCEPT { return $(c_ns)_precomputed_base; }
/** @endcond */ /** @endcond */
}; };


@@ -628,7 +628,7 @@ public:
static const size_t PRIVATE_BYTES = DECAF_X$(gf_shortname)_PRIVATE_BYTES; static const size_t PRIVATE_BYTES = DECAF_X$(gf_shortname)_PRIVATE_BYTES;


/** Base point for a scalar multiplication. */ /** Base point for a scalar multiplication. */
static const FixedBlock<PUBLIC_BYTES> base_point() NOEXCEPT {
static const FixedBlock<PUBLIC_BYTES> base_point() DECAF_NOEXCEPT {
return FixedBlock<PUBLIC_BYTES>(decaf_x$(gf_shortname)_base_point); return FixedBlock<PUBLIC_BYTES>(decaf_x$(gf_shortname)_base_point);
} }


@@ -645,12 +645,12 @@ public:
} }


/** Calculate and write into out a shared secret with public key, noexcept version. */ /** Calculate and write into out a shared secret with public key, noexcept version. */
static inline decaf_error_t WARN_UNUSED
static inline decaf_error_t DECAF_WARN_UNUSED
shared_secret_noexcept ( shared_secret_noexcept (
FixedBuffer<PUBLIC_BYTES> &out, FixedBuffer<PUBLIC_BYTES> &out,
const FixedBlock<PUBLIC_BYTES> &pk, const FixedBlock<PUBLIC_BYTES> &pk,
const FixedBlock<PRIVATE_BYTES> &scalar const FixedBlock<PRIVATE_BYTES> &scalar
) NOEXCEPT {
) DECAF_NOEXCEPT {
return decaf_x$(gf_shortname)(out.data(), pk.data(), scalar.data()); return decaf_x$(gf_shortname)(out.data(), pk.data(), scalar.data());
} }


@@ -658,7 +658,7 @@ public:
* but possibly faster. * but possibly faster.
* @deprecated Renamed to derive_public_key. * @deprecated Renamed to derive_public_key.
*/ */
static inline SecureBuffer DEPRECATED("Renamed to derive_public_key")
static inline SecureBuffer DECAF_DEPRECATED("Renamed to derive_public_key")
generate_key( generate_key(
const FixedBlock<PRIVATE_BYTES> &scalar const FixedBlock<PRIVATE_BYTES> &scalar
) throw(std::bad_alloc) { ) throw(std::bad_alloc) {
@@ -685,7 +685,7 @@ public:
derive_public_key_noexcept ( derive_public_key_noexcept (
FixedBuffer<PUBLIC_BYTES> &out, FixedBuffer<PUBLIC_BYTES> &out,
const FixedBlock<PRIVATE_BYTES> &scalar const FixedBlock<PRIVATE_BYTES> &scalar
) NOEXCEPT {
) DECAF_NOEXCEPT {
decaf_x$(gf_shortname)_derive_public_key(out.data(), scalar.data()); decaf_x$(gf_shortname)_derive_public_key(out.data(), scalar.data());
} }


@@ -693,11 +693,11 @@ public:
* equivalent to shared_secret(base_point(),scalar) but possibly faster. * equivalent to shared_secret(base_point(),scalar) but possibly faster.
* @deprecated Renamed to derive_public_key_noexcept. * @deprecated Renamed to derive_public_key_noexcept.
*/ */
static inline void DEPRECATED("Renamed to derive_public_key_noexcept")
static inline void DECAF_DEPRECATED("Renamed to derive_public_key_noexcept")
generate_key_noexcept ( generate_key_noexcept (
FixedBuffer<PUBLIC_BYTES> &out, FixedBuffer<PUBLIC_BYTES> &out,
const FixedBlock<PRIVATE_BYTES> &scalar const FixedBlock<PRIVATE_BYTES> &scalar
) NOEXCEPT {
) DECAF_NOEXCEPT {
decaf_x$(gf_shortname)_derive_public_key(out.data(), scalar.data()); decaf_x$(gf_shortname)_derive_public_key(out.data(), scalar.data());
} }
}; };
@@ -720,5 +720,5 @@ inline SecureBuffer $(cxx_ns)::Scalar::direct_scalarmul (
} }
/** @endcond */ /** @endcond */


#undef NOEXCEPT
#undef DECAF_NOEXCEPT
} /* namespace decaf */ } /* namespace decaf */

+ 4
- 4
src/per_curve/scalar.tmpl.c View File

@@ -26,7 +26,7 @@ const scalar_t API_NS(scalar_one) = {{{1}}}, API_NS(scalar_zero) = {{{0}}};
/** {extra,accum} - sub +? p /** {extra,accum} - sub +? p
* Must have extra <= 1 * Must have extra <= 1
*/ */
static NOINLINE void sc_subx(
static DECAF_NOINLINE void sc_subx(
scalar_t out, scalar_t out,
const decaf_word_t accum[SCALAR_LIMBS], const decaf_word_t accum[SCALAR_LIMBS],
const scalar_t sub, const scalar_t sub,
@@ -50,7 +50,7 @@ static NOINLINE void sc_subx(
} }
} }


static NOINLINE void sc_montmul (
static DECAF_NOINLINE void sc_montmul (
scalar_t out, scalar_t out,
const scalar_t a, const scalar_t a,
const scalar_t b const scalar_t b
@@ -98,7 +98,7 @@ void API_NS(scalar_mul) (
} }


/* PERF: could implement this */ /* PERF: could implement this */
static INLINE void sc_montsqr (scalar_t out, const scalar_t a) {
static DECAF_INLINE void sc_montsqr (scalar_t out, const scalar_t a) {
sc_montmul(out,a,a); sc_montmul(out,a,a);
} }


@@ -211,7 +211,7 @@ API_NS(scalar_eq) (
return mask_to_bool(word_is_zero(diff)); return mask_to_bool(word_is_zero(diff));
} }


static INLINE void scalar_decode_short (
static DECAF_INLINE void scalar_decode_short (
scalar_t s, scalar_t s,
const unsigned char *ser, const unsigned char *ser,
unsigned int nbytes unsigned int nbytes


+ 11
- 14
src/public_include/decaf/common.h View File

@@ -24,19 +24,18 @@ extern "C" {
#if defined(DOXYGEN) && !defined(__attribute__) #if defined(DOXYGEN) && !defined(__attribute__)
#define __attribute__((x)) #define __attribute__((x))
#endif #endif
#define API_VIS __attribute__((visibility("default")))
#define NOINLINE __attribute__((noinline))
#define WARN_UNUSED __attribute__((warn_unused_result))
#define NONNULL __attribute__((nonnull))
#define INLINE inline __attribute__((always_inline))
#define UNUSED __attribute__((unused))
#define DECAF_API_VIS __attribute__((visibility("default")))
#define DECAF_NOINLINE __attribute__((noinline))
#define DECAF_WARN_UNUSED __attribute__((warn_unused_result))
#define DECAF_NONNULL __attribute__((nonnull))
#define DECAF_INLINE inline __attribute__((always_inline,unused))
// Cribbed from libnotmuch // Cribbed from libnotmuch
#if defined (__clang_major__) && __clang_major__ >= 3 \ #if defined (__clang_major__) && __clang_major__ >= 3 \
|| defined (__GNUC__) && __GNUC__ >= 5 \ || defined (__GNUC__) && __GNUC__ >= 5 \
|| defined (__GNUC__) && __GNUC__ == 4 && __GNUC_MINOR__ >= 5 || defined (__GNUC__) && __GNUC__ == 4 && __GNUC_MINOR__ >= 5
#define DEPRECATED(msg) __attribute__ ((deprecated(msg)))
#define DECAF_DEPRECATED(msg) __attribute__ ((deprecated(msg)))
#else #else
#define DEPRECATED(msg) __attribute__ ((deprecated))
#define DECAF_DEPRECATED(msg) __attribute__ ((deprecated))
#endif #endif
/** @endcond */ /** @endcond */


@@ -85,15 +84,13 @@ typedef enum {




/** Return success if x is true */ /** Return success if x is true */
static UNUSED INLINE
decaf_error_t
static DECAF_INLINE decaf_error_t
decaf_succeed_if(decaf_bool_t x) { decaf_succeed_if(decaf_bool_t x) {
return (decaf_error_t)x; return (decaf_error_t)x;
} }


/** Return DECAF_TRUE iff x == DECAF_SUCCESS */ /** Return DECAF_TRUE iff x == DECAF_SUCCESS */
static UNUSED INLINE
decaf_bool_t
static DECAF_INLINE decaf_bool_t
decaf_successful(decaf_error_t e) { decaf_successful(decaf_error_t e) {
decaf_dword_t w = ((decaf_word_t)e) ^ ((decaf_word_t)DECAF_SUCCESS); decaf_dword_t w = ((decaf_word_t)e) ^ ((decaf_word_t)DECAF_SUCCESS);
return (w-1)>>DECAF_WORD_BITS; return (w-1)>>DECAF_WORD_BITS;
@@ -103,14 +100,14 @@ decaf_successful(decaf_error_t e) {
void decaf_bzero ( void decaf_bzero (
void *data, void *data,
size_t size size_t size
) NONNULL API_VIS;
) DECAF_NONNULL DECAF_API_VIS;


/** Compare two buffers, returning DECAF_TRUE if they are equal. */ /** Compare two buffers, returning DECAF_TRUE if they are equal. */
decaf_bool_t decaf_memeq ( decaf_bool_t decaf_memeq (
const void *data1, const void *data1,
const void *data2, const void *data2,
size_t size size_t size
) NONNULL WARN_UNUSED API_VIS;
) DECAF_NONNULL DECAF_WARN_UNUSED DECAF_API_VIS;
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */


+ 57
- 57
src/public_include/decaf/secure_buffer.hxx View File

@@ -21,11 +21,11 @@


/** @cond internal */ /** @cond internal */
#if __cplusplus >= 201103L #if __cplusplus >= 201103L
#define NOEXCEPT noexcept
#define DELETE = delete
#define DECAF_NOEXCEPT noexcept
#define DECAF_DELETE = delete
#else #else
#define NOEXCEPT throw()
#define DELETE
#define DECAF_NOEXCEPT throw()
#define DECAF_DELETE
#endif #endif
/** @endcond */ /** @endcond */


@@ -50,24 +50,24 @@ public:
typedef std::ptrdiff_t difference_type; typedef std::ptrdiff_t difference_type;
template<typename U> struct rebind { typedef SanitizingAllocator<U> other; }; template<typename U> struct rebind { typedef SanitizingAllocator<U> other; };
inline SanitizingAllocator() NOEXCEPT {}
inline ~SanitizingAllocator() NOEXCEPT {}
inline SanitizingAllocator(const SanitizingAllocator &) NOEXCEPT {}
template<typename U, size_t a> inline SanitizingAllocator(const SanitizingAllocator<U, a> &) NOEXCEPT {}
inline SanitizingAllocator() DECAF_NOEXCEPT {}
inline ~SanitizingAllocator() DECAF_NOEXCEPT {}
inline SanitizingAllocator(const SanitizingAllocator &) DECAF_NOEXCEPT {}
template<typename U, size_t a> inline SanitizingAllocator(const SanitizingAllocator<U, a> &) DECAF_NOEXCEPT {}
inline T* address(T& r) const NOEXCEPT { return &r; }
inline const T* address(const T& r) const NOEXCEPT { return &r; }
inline T* address(T& r) const DECAF_NOEXCEPT { return &r; }
inline const T* address(const T& r) const DECAF_NOEXCEPT { return &r; }
inline T* allocate ( inline T* allocate (
size_type cnt, size_type cnt,
typename std::allocator<void>::const_pointer = 0 typename std::allocator<void>::const_pointer = 0
) throw(std::bad_alloc); ) throw(std::bad_alloc);
inline void deallocate(T* p, size_t size) NOEXCEPT;
inline size_t max_size() const NOEXCEPT { return std::numeric_limits<size_t>::max() / sizeof(T); }
inline void deallocate(T* p, size_t size) DECAF_NOEXCEPT;
inline size_t max_size() const DECAF_NOEXCEPT { return std::numeric_limits<size_t>::max() / sizeof(T); }
inline void construct(T* p, const T& t) { new(p) T(t); } inline void construct(T* p, const T& t) { new(p) T(t); }
inline void destroy(T* p) { p->~T(); } inline void destroy(T* p) { p->~T(); }
inline bool operator==(SanitizingAllocator const&) const NOEXCEPT { return true; }
inline bool operator!=(SanitizingAllocator const&) const NOEXCEPT { return false; }
inline bool operator==(SanitizingAllocator const&) const DECAF_NOEXCEPT { return true; }
inline bool operator!=(SanitizingAllocator const&) const DECAF_NOEXCEPT { return false; }
/** @endcond */ /** @endcond */
}; };


@@ -85,10 +85,10 @@ inline bool memeq(const std::vector<T,U> &a, const std::vector<V,W> &b) {
template<class Base> class Serializable { template<class Base> class Serializable {
public: public:
/** @brief Return the number of bytes needed to serialize this object */ /** @brief Return the number of bytes needed to serialize this object */
inline size_t ser_size() const NOEXCEPT { return static_cast<const Base*>(this)->ser_size(); }
inline size_t ser_size() const DECAF_NOEXCEPT { return static_cast<const Base*>(this)->ser_size(); }
/** @brief Serialize this object into a buffer */ /** @brief Serialize this object into a buffer */
inline void serialize_into(unsigned char *buf) const NOEXCEPT {
inline void serialize_into(unsigned char *buf) const DECAF_NOEXCEPT {
static_cast<const Base*>(this)->serialize_into(buf); static_cast<const Base*>(this)->serialize_into(buf);
} }
@@ -115,14 +115,14 @@ class Buffer;
class CryptoException : public std::exception { class CryptoException : public std::exception {
public: public:
/** @return "CryptoException" */ /** @return "CryptoException" */
virtual const char * what() const NOEXCEPT { return "CryptoException"; }
virtual const char * what() const DECAF_NOEXCEPT { return "CryptoException"; }
}; };


/** @brief An exception for when crypto (ie point decode) has failed. */ /** @brief An exception for when crypto (ie point decode) has failed. */
class LengthException : public std::exception { class LengthException : public std::exception {
public: public:
/** @return "CryptoException" */ /** @return "CryptoException" */
virtual const char * what() const NOEXCEPT { return "LengthException"; }
virtual const char * what() const DECAF_NOEXCEPT { return "LengthException"; }
}; };


/** @brief Passed to constructors to avoid (conservative) initialization */ /** @brief Passed to constructors to avoid (conservative) initialization */
@@ -137,14 +137,14 @@ protected:
Rng() {} Rng() {}
/** Not copyable */ /** Not copyable */
Rng(const Rng &) DELETE;
Rng(const Rng &) DECAF_DELETE;
/** Not copyable */ /** Not copyable */
Rng &operator=(const Rng &) DELETE;
Rng &operator=(const Rng &) DECAF_DELETE;
public: public:
/** @brief Read into a Buffer */ /** @brief Read into a Buffer */
virtual void read(Buffer buffer) NOEXCEPT = 0;
virtual void read(Buffer buffer) DECAF_NOEXCEPT = 0;


/** @brief Read into a SecureBuffer. */ /** @brief Read into a SecureBuffer. */
inline SecureBuffer read(size_t length) throw(std::bad_alloc); inline SecureBuffer read(size_t length) throw(std::bad_alloc);
@@ -165,11 +165,11 @@ public:
inline Block() : data_(NULL), size_(0), zero_on_destroy_(false) {} inline Block() : data_(NULL), size_(0), zero_on_destroy_(false) {}
/** Init from C string */ /** Init from C string */
inline Block(const char *data) NOEXCEPT : data_((unsigned char *)data),
inline Block(const char *data) DECAF_NOEXCEPT : data_((unsigned char *)data),
size_(strlen(data)), zero_on_destroy_(false) {} size_(strlen(data)), zero_on_destroy_(false) {}


/** Unowned init */ /** Unowned init */
inline Block(const unsigned char *data, size_t size, bool zero_on_destroy=false) NOEXCEPT : data_((unsigned char *)data),
inline Block(const unsigned char *data, size_t size, bool zero_on_destroy=false) DECAF_NOEXCEPT : data_((unsigned char *)data),
size_(size), zero_on_destroy_(zero_on_destroy) {} size_(size), zero_on_destroy_(zero_on_destroy) {}
/** Block from std::string */ /** Block from std::string */
@@ -186,7 +186,7 @@ public:
: data_(((unsigned char *)&(s)[0])), size_(s.size()), zero_on_destroy_(false) {} : data_(((unsigned char *)&(s)[0])), size_(s.size()), zero_on_destroy_(false) {}


/** Get const data */ /** Get const data */
inline const unsigned char *data() const NOEXCEPT { return data_; }
inline const unsigned char *data() const DECAF_NOEXCEPT { return data_; }
/** Subscript */ /** Subscript */
inline const unsigned char &operator[](size_t off) const throw(std::out_of_range) { inline const unsigned char &operator[](size_t off) const throw(std::out_of_range) {
@@ -195,7 +195,7 @@ public:
} }


/** Get the size */ /** Get the size */
inline size_t size() const NOEXCEPT { return size_; }
inline size_t size() const DECAF_NOEXCEPT { return size_; }


/** Convert to C++ string */ /** Convert to C++ string */
inline std::string get_string() const { inline std::string get_string() const {
@@ -209,7 +209,7 @@ public:
} }
/** Content-wise comparison; constant-time if they are the same length. */ /** Content-wise comparison; constant-time if they are the same length. */
inline decaf_bool_t contents_equal(const Block &b) const NOEXCEPT {
inline decaf_bool_t contents_equal(const Block &b) const DECAF_NOEXCEPT {
if (b.size() != size()) return false; if (b.size() != size()) return false;
return decaf_memeq(b.data(),data(),size()); return decaf_memeq(b.data(),data(),size());
} }
@@ -220,7 +220,7 @@ public:
} }


/** Securely set the buffer to 0. */ /** Securely set the buffer to 0. */
inline void zeroize() NOEXCEPT { really_bzero(data_,size()); }
inline void zeroize() DECAF_NOEXCEPT { really_bzero(data_,size()); }
/** Debugging print in hex */ /** Debugging print in hex */
inline void debug_print_hex(const char *name = NULL) { inline void debug_print_hex(const char *name = NULL) {
@@ -231,11 +231,11 @@ public:
private: private:
/** @cond internal */ /** @cond internal */
inline decaf_bool_t operator>=(const Block &b) const NOEXCEPT DELETE;
inline decaf_bool_t operator<=(const Block &b) const NOEXCEPT DELETE;
inline decaf_bool_t operator> (const Block &b) const NOEXCEPT DELETE;
inline decaf_bool_t operator< (const Block &b) const NOEXCEPT DELETE;
inline void operator= (const Block &b) const NOEXCEPT DELETE;
inline decaf_bool_t operator>=(const Block &b) const DECAF_NOEXCEPT DECAF_DELETE;
inline decaf_bool_t operator<=(const Block &b) const DECAF_NOEXCEPT DECAF_DELETE;
inline decaf_bool_t operator> (const Block &b) const DECAF_NOEXCEPT DECAF_DELETE;
inline decaf_bool_t operator< (const Block &b) const DECAF_NOEXCEPT DECAF_DELETE;
inline void operator= (const Block &b) const DECAF_NOEXCEPT DECAF_DELETE;
/** @endcond */ /** @endcond */
}; };


@@ -253,26 +253,26 @@ public:
} }
/** Explicitly pass a C buffer. */ /** Explicitly pass a C buffer. */
inline explicit FixedBlock(const uint8_t data[Size]) NOEXCEPT : Block(data,Size) {}
inline explicit FixedBlock(const uint8_t data[Size]) DECAF_NOEXCEPT : Block(data,Size) {}
}; };


/** A reference to a writable block of data */ /** A reference to a writable block of data */
class Buffer : public Block { class Buffer : public Block {
public: public:
/** Null init */ /** Null init */
inline Buffer() NOEXCEPT : Block() {}
inline Buffer() DECAF_NOEXCEPT : Block() {}


/** Unowned init */ /** Unowned init */
inline Buffer(unsigned char *data, size_t size, bool zero_on_destroy=false) NOEXCEPT : Block(data,size,zero_on_destroy) {}
inline Buffer(unsigned char *data, size_t size, bool zero_on_destroy=false) DECAF_NOEXCEPT : Block(data,size,zero_on_destroy) {}
/** Block from std::vector */ /** Block from std::vector */
template<class alloc> inline Buffer(std::vector<unsigned char,alloc> &s) : Block(s) {} template<class alloc> inline Buffer(std::vector<unsigned char,alloc> &s) : Block(s) {}


/** Get const data */ /** Get const data */
inline const unsigned char *data() const NOEXCEPT { return data_; }
inline const unsigned char *data() const DECAF_NOEXCEPT { return data_; }


/** Cast to unsigned char */ /** Cast to unsigned char */
inline unsigned char* data() NOEXCEPT { return data_; }
inline unsigned char* data() DECAF_NOEXCEPT { return data_; }


/** Slice the buffer*/ /** Slice the buffer*/
inline Buffer slice(size_t off, size_t length) throw(LengthException); inline Buffer slice(size_t off, size_t length) throw(LengthException);
@@ -291,7 +291,7 @@ public:
private: private:
/** @cond internal */ /** @cond internal */
inline void operator= (const Block &b) const NOEXCEPT DELETE;
inline void operator= (const Block &b) const DECAF_NOEXCEPT DECAF_DELETE;
/** @endcond */ /** @endcond */
}; };


@@ -310,20 +310,20 @@ public:
} }
/** Explicitly pass a C buffer. */ /** Explicitly pass a C buffer. */
inline explicit FixedBuffer(uint8_t dat[Size],bool zero_on_destroy = false) NOEXCEPT : Buffer(dat,Size,zero_on_destroy) {}
inline explicit FixedBuffer(uint8_t dat[Size],bool zero_on_destroy = false) DECAF_NOEXCEPT : Buffer(dat,Size,zero_on_destroy) {}
/** Cast to a FixedBlock. */ /** Cast to a FixedBlock. */
inline operator FixedBlock<Size>() const NOEXCEPT {
inline operator FixedBlock<Size>() const DECAF_NOEXCEPT {
return FixedBlock<Size>(data()); return FixedBlock<Size>(data());
} }
private: private:
/** @cond internal */ /** @cond internal */
inline void operator= (const Block &b) const NOEXCEPT DELETE;
inline void operator= (const Block &b) const DECAF_NOEXCEPT DECAF_DELETE;
/** @endcond */ /** @endcond */
}; };


/** A fixed-size stack-allocated buffer (for NOEXCEPT semantics) */
/** A fixed-size stack-allocated buffer (for DECAF_NOEXCEPT semantics) */
template<size_t Size> class FixedArrayBuffer : public FixedBuffer<Size> { template<size_t Size> class FixedArrayBuffer : public FixedBuffer<Size> {
private: private:
uint8_t storage[Size]; uint8_t storage[Size];
@@ -331,26 +331,26 @@ public:
using Buffer::zeroize; using Buffer::zeroize;
/** New buffer initialized to zero. */ /** New buffer initialized to zero. */
inline explicit FixedArrayBuffer() NOEXCEPT : FixedBuffer<Size>(storage,true) { memset(storage,0,Size); }
inline explicit FixedArrayBuffer() DECAF_NOEXCEPT : FixedBuffer<Size>(storage,true) { memset(storage,0,Size); }


/** New uninitialized buffer. */ /** New uninitialized buffer. */
inline explicit FixedArrayBuffer(const NOINIT &) NOEXCEPT : FixedBuffer<Size>(storage,true) { }
inline explicit FixedArrayBuffer(const NOINIT &) DECAF_NOEXCEPT : FixedBuffer<Size>(storage,true) { }
/** New random buffer */ /** New random buffer */
inline explicit FixedArrayBuffer(Rng &r) NOEXCEPT : FixedBuffer<Size>(storage,true) { r.read(*this); }
inline explicit FixedArrayBuffer(Rng &r) DECAF_NOEXCEPT : FixedBuffer<Size>(storage,true) { r.read(*this); }
/** Copy constructor */ /** Copy constructor */
inline explicit FixedArrayBuffer(const FixedBlock<Size> &b) NOEXCEPT : FixedBuffer<Size>(storage,true) {
inline explicit FixedArrayBuffer(const FixedBlock<Size> &b) DECAF_NOEXCEPT : FixedBuffer<Size>(storage,true) {
memcpy(storage,b.data(),Size); memcpy(storage,b.data(),Size);
} }
/** Copy operator */ /** Copy operator */
inline FixedArrayBuffer& operator=(const FixedBlock<Size> &b) NOEXCEPT {
inline FixedArrayBuffer& operator=(const FixedBlock<Size> &b) DECAF_NOEXCEPT {
memcpy(storage,b.data(),Size); return *this; memcpy(storage,b.data(),Size); return *this;
} }
/** Copy operator */ /** Copy operator */
inline FixedArrayBuffer& operator=(const FixedArrayBuffer<Size> &b) NOEXCEPT {
inline FixedArrayBuffer& operator=(const FixedArrayBuffer<Size> &b) DECAF_NOEXCEPT {
memcpy(storage,b.data(),Size); return *this; memcpy(storage,b.data(),Size); return *this;
} }
@@ -366,12 +366,12 @@ public:
} }
/** Copy constructor */ /** Copy constructor */
inline explicit FixedArrayBuffer(const FixedArrayBuffer<Size> &b) NOEXCEPT : FixedBuffer<Size>(storage,true) {
inline explicit FixedArrayBuffer(const FixedArrayBuffer<Size> &b) DECAF_NOEXCEPT : FixedBuffer<Size>(storage,true) {
memcpy(storage,b.data(),Size); memcpy(storage,b.data(),Size);
} }
/** Destroy the buffer */ /** Destroy the buffer */
~FixedArrayBuffer() NOEXCEPT { zeroize(); }
~FixedArrayBuffer() DECAF_NOEXCEPT { zeroize(); }
}; };


/** @cond internal */ /** @cond internal */
@@ -398,7 +398,7 @@ protected:
} ours; } ours;
bool is_mine; bool is_mine;


inline void clear() NOEXCEPT {
inline void clear() DECAF_NOEXCEPT {
if (is_mine) { if (is_mine) {
really_bzero(ours.mine, T::size()); really_bzero(ours.mine, T::size());
free(ours.mine); free(ours.mine);
@@ -415,11 +415,11 @@ protected:
} }
is_mine = true; is_mine = true;
} }
inline const Wrapped *get() const NOEXCEPT { return is_mine ? ours.mine : ours.yours; }
inline const Wrapped *get() const DECAF_NOEXCEPT { return is_mine ? ours.mine : ours.yours; }


inline OwnedOrUnowned( inline OwnedOrUnowned(
const Wrapped &yours = *T::default_value() const Wrapped &yours = *T::default_value()
) NOEXCEPT {
) DECAF_NOEXCEPT {
ours.yours = &yours; ours.yours = &yours;
is_mine = false; is_mine = false;
} }
@@ -441,7 +441,7 @@ protected:
} }


#if __cplusplus >= 201103L #if __cplusplus >= 201103L
inline T &operator=(OwnedOrUnowned &&it) NOEXCEPT {
inline T &operator=(OwnedOrUnowned &&it) DECAF_NOEXCEPT {
if (this == &it) return *(T*)this; if (this == &it) return *(T*)this;
clear(); clear();
ours = it.ours; ours = it.ours;
@@ -475,7 +475,7 @@ T* SanitizingAllocator<T,alignment>::allocate (
} }


template<typename T, size_t alignment> template<typename T, size_t alignment>
void SanitizingAllocator<T,alignment>::deallocate(T* p, size_t size) NOEXCEPT {
void SanitizingAllocator<T,alignment>::deallocate(T* p, size_t size) DECAF_NOEXCEPT {
if (p==NULL) return; if (p==NULL) return;
really_bzero(reinterpret_cast<void*>(p), size); really_bzero(reinterpret_cast<void*>(p), size);
free(reinterpret_cast<void*>(p)); free(reinterpret_cast<void*>(p));
@@ -486,7 +486,7 @@ void SanitizingAllocator<T,alignment>::deallocate(T* p, size_t size) NOEXCEPT {
} /* namespace decaf */ } /* namespace decaf */




#undef NOEXCEPT
#undef DELETE
#undef DECAF_NOEXCEPT
#undef DECAF_DELETE


#endif /* __DECAF_SECURE_BUFFER_HXX__ */ #endif /* __DECAF_SECURE_BUFFER_HXX__ */

+ 6
- 6
src/public_include/decaf/sha512.h View File

@@ -5,8 +5,8 @@
* @brief SHA2-512 * @brief SHA2-512
*/ */


#ifndef __SHA512_H__
#define __SHA512_H__
#ifndef __DECAF_SHA512_H__
#define __DECAF_SHA512_H__


#include <stdint.h> #include <stdint.h>
#include <sys/types.h> #include <sys/types.h>
@@ -25,9 +25,9 @@ typedef struct decaf_sha512_ctx_s {
uint64_t bytes_processed; uint64_t bytes_processed;
} decaf_sha512_ctx_s, decaf_sha512_ctx_t[1]; } decaf_sha512_ctx_s, decaf_sha512_ctx_t[1];


void decaf_sha512_init(decaf_sha512_ctx_t ctx) NONNULL API_VIS;
void decaf_sha512_update(decaf_sha512_ctx_t ctx, const uint8_t *message, size_t length) NONNULL API_VIS;
void decaf_sha512_final(decaf_sha512_ctx_t ctx, uint8_t *out, size_t length) NONNULL API_VIS;
void decaf_sha512_init(decaf_sha512_ctx_t ctx) DECAF_NONNULL DECAF_API_VIS;
void decaf_sha512_update(decaf_sha512_ctx_t ctx, const uint8_t *message, size_t length) DECAF_NONNULL DECAF_API_VIS;
void decaf_sha512_final(decaf_sha512_ctx_t ctx, uint8_t *out, size_t length) DECAF_NONNULL DECAF_API_VIS;


static inline void decaf_sha512_destroy(decaf_sha512_ctx_t ctx) { static inline void decaf_sha512_destroy(decaf_sha512_ctx_t ctx) {
decaf_bzero(ctx,sizeof(*ctx)); decaf_bzero(ctx,sizeof(*ctx));
@@ -50,4 +50,4 @@ static inline void decaf_sha512_hash(
} /* extern "C" */ } /* extern "C" */
#endif #endif
#endif /* __SHA512_H__ */
#endif /* __DECAF_SHA512_H__ */

+ 10
- 10
src/public_include/decaf/sha512.hxx View File

@@ -17,9 +17,9 @@


/** @cond internal */ /** @cond internal */
#if __cplusplus >= 201103L #if __cplusplus >= 201103L
#define NOEXCEPT noexcept
#define DECAF_NOEXCEPT noexcept
#else #else
#define NOEXCEPT throw()
#define DECAF_NOEXCEPT throw()
#endif #endif
/** @endcond */ /** @endcond */


@@ -44,13 +44,13 @@ public:
static const size_t DEFAULT_OUTPUT_BYTES = OUTPUT_BYTES; static const size_t DEFAULT_OUTPUT_BYTES = OUTPUT_BYTES;
/** Constructor */ /** Constructor */
inline SHA512() NOEXCEPT { decaf_sha512_init(wrapped); }
inline SHA512() DECAF_NOEXCEPT { decaf_sha512_init(wrapped); }
/** Add more data to running hash */ /** Add more data to running hash */
inline void update(const uint8_t *__restrict__ in, size_t len) NOEXCEPT { decaf_sha512_update(wrapped,in,len); }
inline void update(const uint8_t *__restrict__ in, size_t len) DECAF_NOEXCEPT { decaf_sha512_update(wrapped,in,len); }


/** Add more data to running hash, C++ version. */ /** Add more data to running hash, C++ version. */
inline void update(const Block &s) NOEXCEPT { update(s.data(),s.size()); }
inline void update(const Block &s) DECAF_NOEXCEPT { update(s.data(),s.size()); }


/** Add more data, stream version. */ /** Add more data, stream version. */
inline SHA512 &operator<<(const Block &s) { update(s); return *this; } inline SHA512 &operator<<(const Block &s) { update(s); return *this; }
@@ -65,7 +65,7 @@ public:
} }
/** Resets the SHA context */ /** Resets the SHA context */
inline void reset() NOEXCEPT { decaf_sha512_init(wrapped); }
inline void reset() DECAF_NOEXCEPT { decaf_sha512_init(wrapped); }


/** @brief Output bytes from the sponge. */ /** @brief Output bytes from the sponge. */
inline SecureBuffer final(size_t len = OUTPUT_BYTES) throw(LengthException) { inline SecureBuffer final(size_t len = OUTPUT_BYTES) throw(LengthException) {
@@ -76,10 +76,10 @@ public:
} }


/** @brief Return the sponge's default output size. */ /** @brief Return the sponge's default output size. */
inline size_t default_output_size() const NOEXCEPT { return OUTPUT_BYTES; }
inline size_t default_output_size() const DECAF_NOEXCEPT { return OUTPUT_BYTES; }


/** @brief Return the sponge's maximum output size. */ /** @brief Return the sponge's maximum output size. */
inline size_t max_output_size() const NOEXCEPT { return MAX_OUTPUT_BYTES; }
inline size_t max_output_size() const DECAF_NOEXCEPT { return MAX_OUTPUT_BYTES; }


/** @brief Hash a message in one pass */ /** @brief Hash a message in one pass */
static inline SecureBuffer hash ( static inline SecureBuffer hash (
@@ -93,11 +93,11 @@ public:
} }


/** Destructor zeroizes state */ /** Destructor zeroizes state */
inline ~SHA512() NOEXCEPT { decaf_sha512_destroy(wrapped); }
inline ~SHA512() DECAF_NOEXCEPT { decaf_sha512_destroy(wrapped); }
}; };
} /* namespace decaf */ } /* namespace decaf */


#undef NOEXCEPT
#undef DECAF_NOEXCEPT


#endif /* __DECAF_SHA512_HXX__ */ #endif /* __DECAF_SHA512_HXX__ */

+ 33
- 33
src/public_include/decaf/shake.h View File

@@ -46,7 +46,7 @@ extern "C" {
void decaf_sponge_init ( void decaf_sponge_init (
decaf_keccak_sponge_t sponge, decaf_keccak_sponge_t sponge,
const struct decaf_kparams_s *params const struct decaf_kparams_s *params
) API_VIS;
) DECAF_API_VIS;


/** /**
* @brief Absorb data into a DECAF_SHA3 or DECAF_SHAKE hash context. * @brief Absorb data into a DECAF_SHA3 or DECAF_SHAKE hash context.
@@ -58,7 +58,7 @@ void decaf_sha3_update (
struct decaf_keccak_sponge_s * __restrict__ sponge, struct decaf_keccak_sponge_s * __restrict__ sponge,
const uint8_t *in, const uint8_t *in,
size_t len size_t len
) API_VIS;
) DECAF_API_VIS;


/** /**
* @brief Squeeze output data from a DECAF_SHA3 or DECAF_SHAKE hash context. * @brief Squeeze output data from a DECAF_SHA3 or DECAF_SHAKE hash context.
@@ -75,7 +75,7 @@ decaf_error_t decaf_sha3_output (
decaf_keccak_sponge_t sponge, decaf_keccak_sponge_t sponge,
uint8_t * __restrict__ out, uint8_t * __restrict__ out,
size_t len size_t len
) API_VIS;
) DECAF_API_VIS;


/** /**
* @brief Squeeze output data from a DECAF_SHA3 or DECAF_SHAKE hash context. * @brief Squeeze output data from a DECAF_SHA3 or DECAF_SHAKE hash context.
@@ -89,7 +89,7 @@ decaf_error_t decaf_sha3_final (
decaf_keccak_sponge_t sponge, decaf_keccak_sponge_t sponge,
uint8_t * __restrict__ out, uint8_t * __restrict__ out,
size_t len size_t len
) API_VIS;
) DECAF_API_VIS;


/** /**
* @brief Reset the sponge to the empty string. * @brief Reset the sponge to the empty string.
@@ -98,7 +98,7 @@ decaf_error_t decaf_sha3_final (
*/ */
void decaf_sha3_reset ( void decaf_sha3_reset (
decaf_keccak_sponge_t sponge decaf_keccak_sponge_t sponge
) API_VIS;
) DECAF_API_VIS;


/** /**
* @brief Return the default output length of the sponge construction, * @brief Return the default output length of the sponge construction,
@@ -108,7 +108,7 @@ void decaf_sha3_reset (
*/ */
size_t decaf_sponge_default_output_bytes ( size_t decaf_sponge_default_output_bytes (
const decaf_keccak_sponge_t sponge /**< [inout] The context. */ const decaf_keccak_sponge_t sponge /**< [inout] The context. */
) API_VIS;
) DECAF_API_VIS;


/** /**
* @brief Return the default output length of the sponge construction, * @brief Return the default output length of the sponge construction,
@@ -118,7 +118,7 @@ size_t decaf_sponge_default_output_bytes (
*/ */
size_t decaf_sponge_max_output_bytes ( size_t decaf_sponge_max_output_bytes (
const decaf_keccak_sponge_t sponge /**< [inout] The context. */ const decaf_keccak_sponge_t sponge /**< [inout] The context. */
) API_VIS;
) DECAF_API_VIS;


/** /**
* @brief Destroy a DECAF_SHA3 or DECAF_SHAKE sponge context by overwriting it with 0. * @brief Destroy a DECAF_SHA3 or DECAF_SHAKE sponge context by overwriting it with 0.
@@ -126,7 +126,7 @@ size_t decaf_sponge_max_output_bytes (
*/ */
void decaf_sponge_destroy ( void decaf_sponge_destroy (
decaf_keccak_sponge_t sponge decaf_keccak_sponge_t sponge
) API_VIS;
) DECAF_API_VIS;


/** /**
* @brief Hash (in) to (out) * @brief Hash (in) to (out)
@@ -142,66 +142,66 @@ void decaf_sponge_hash (
uint8_t *out, uint8_t *out,
size_t outlen, size_t outlen,
const struct decaf_kparams_s *params const struct decaf_kparams_s *params
) API_VIS;
) DECAF_API_VIS;


/* FUTURE: expand/doxygenate individual DECAF_SHAKE/DECAF_SHA3 instances? */ /* FUTURE: expand/doxygenate individual DECAF_SHAKE/DECAF_SHA3 instances? */


/** @cond internal */ /** @cond internal */
#define DEC_SHAKE(n) \
extern const struct decaf_kparams_s DECAF_SHAKE##n##_params_s API_VIS; \
#define DECAF_DEC_SHAKE(n) \
extern const struct decaf_kparams_s DECAF_SHAKE##n##_params_s DECAF_API_VIS; \
typedef struct decaf_shake##n##_ctx_s { decaf_keccak_sponge_t s; } decaf_shake##n##_ctx_t[1]; \ typedef struct decaf_shake##n##_ctx_s { decaf_keccak_sponge_t s; } decaf_shake##n##_ctx_t[1]; \
static inline void NONNULL decaf_shake##n##_init(decaf_shake##n##_ctx_t sponge) { \
static inline void DECAF_NONNULL decaf_shake##n##_init(decaf_shake##n##_ctx_t sponge) { \
decaf_sponge_init(sponge->s, &DECAF_SHAKE##n##_params_s); \ decaf_sponge_init(sponge->s, &DECAF_SHAKE##n##_params_s); \
} \ } \
static inline void NONNULL decaf_shake##n##_gen_init(decaf_keccak_sponge_t sponge) { \
static inline void DECAF_NONNULL decaf_shake##n##_gen_init(decaf_keccak_sponge_t sponge) { \
decaf_sponge_init(sponge, &DECAF_SHAKE##n##_params_s); \ decaf_sponge_init(sponge, &DECAF_SHAKE##n##_params_s); \
} \ } \
static inline void NONNULL decaf_shake##n##_update(decaf_shake##n##_ctx_t sponge, const uint8_t *in, size_t inlen ) { \
static inline void DECAF_NONNULL decaf_shake##n##_update(decaf_shake##n##_ctx_t sponge, const uint8_t *in, size_t inlen ) { \
decaf_sha3_update(sponge->s, in, inlen); \ decaf_sha3_update(sponge->s, in, inlen); \
} \ } \
static inline void NONNULL decaf_shake##n##_final(decaf_shake##n##_ctx_t sponge, uint8_t *out, size_t outlen ) { \
static inline void DECAF_NONNULL decaf_shake##n##_final(decaf_shake##n##_ctx_t sponge, uint8_t *out, size_t outlen ) { \
decaf_sha3_output(sponge->s, out, outlen); \ decaf_sha3_output(sponge->s, out, outlen); \
decaf_sponge_init(sponge->s, &DECAF_SHAKE##n##_params_s); \ decaf_sponge_init(sponge->s, &DECAF_SHAKE##n##_params_s); \
} \ } \
static inline void NONNULL decaf_shake##n##_hash(uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen) { \
static inline void DECAF_NONNULL decaf_shake##n##_hash(uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen) { \
decaf_sponge_hash(in,inlen,out,outlen,&DECAF_SHAKE##n##_params_s); \ decaf_sponge_hash(in,inlen,out,outlen,&DECAF_SHAKE##n##_params_s); \
} \ } \
static inline void NONNULL decaf_shake##n##_destroy( decaf_shake##n##_ctx_t sponge ) { \
static inline void DECAF_NONNULL decaf_shake##n##_destroy( decaf_shake##n##_ctx_t sponge ) { \
decaf_sponge_destroy(sponge->s); \ decaf_sponge_destroy(sponge->s); \
} }


#define DEC_SHA3(n) \
extern const struct decaf_kparams_s DECAF_SHA3_##n##_params_s API_VIS; \
#define DECAF_DEC_SHA3(n) \
extern const struct decaf_kparams_s DECAF_SHA3_##n##_params_s DECAF_API_VIS; \
typedef struct decaf_sha3_##n##_ctx_s { decaf_keccak_sponge_t s; } decaf_sha3_##n##_ctx_t[1]; \ typedef struct decaf_sha3_##n##_ctx_s { decaf_keccak_sponge_t s; } decaf_sha3_##n##_ctx_t[1]; \
static inline void NONNULL decaf_sha3_##n##_init(decaf_sha3_##n##_ctx_t sponge) { \
static inline void DECAF_NONNULL decaf_sha3_##n##_init(decaf_sha3_##n##_ctx_t sponge) { \
decaf_sponge_init(sponge->s, &DECAF_SHA3_##n##_params_s); \ decaf_sponge_init(sponge->s, &DECAF_SHA3_##n##_params_s); \
} \ } \
static inline void NONNULL decaf_sha3_##n##_gen_init(decaf_keccak_sponge_t sponge) { \
static inline void DECAF_NONNULL decaf_sha3_##n##_gen_init(decaf_keccak_sponge_t sponge) { \
decaf_sponge_init(sponge, &DECAF_SHA3_##n##_params_s); \ decaf_sponge_init(sponge, &DECAF_SHA3_##n##_params_s); \
} \ } \
static inline void NONNULL decaf_sha3_##n##_update(decaf_sha3_##n##_ctx_t sponge, const uint8_t *in, size_t inlen ) { \
static inline void DECAF_NONNULL decaf_sha3_##n##_update(decaf_sha3_##n##_ctx_t sponge, const uint8_t *in, size_t inlen ) { \
decaf_sha3_update(sponge->s, in, inlen); \ decaf_sha3_update(sponge->s, in, inlen); \
} \ } \
static inline void NONNULL decaf_sha3_##n##_final(decaf_sha3_##n##_ctx_t sponge, uint8_t *out, size_t outlen ) { \
static inline void DECAF_NONNULL decaf_sha3_##n##_final(decaf_sha3_##n##_ctx_t sponge, uint8_t *out, size_t outlen ) { \
decaf_sha3_output(sponge->s, out, outlen); \ decaf_sha3_output(sponge->s, out, outlen); \
decaf_sponge_init(sponge->s, &DECAF_SHA3_##n##_params_s); \ decaf_sponge_init(sponge->s, &DECAF_SHA3_##n##_params_s); \
} \ } \
static inline void NONNULL decaf_sha3_##n##_hash(uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen) { \
static inline void DECAF_NONNULL decaf_sha3_##n##_hash(uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen) { \
decaf_sponge_hash(in,inlen,out,outlen,&DECAF_SHA3_##n##_params_s); \ decaf_sponge_hash(in,inlen,out,outlen,&DECAF_SHA3_##n##_params_s); \
} \ } \
static inline void NONNULL decaf_sha3_##n##_destroy(decaf_sha3_##n##_ctx_t sponge) { \
static inline void DECAF_NONNULL decaf_sha3_##n##_destroy(decaf_sha3_##n##_ctx_t sponge) { \
decaf_sponge_destroy(sponge->s); \ decaf_sponge_destroy(sponge->s); \
} }
/** @endcond */ /** @endcond */


DEC_SHAKE(128)
DEC_SHAKE(256)
DEC_SHA3(224)
DEC_SHA3(256)
DEC_SHA3(384)
DEC_SHA3(512)
#undef DEC_SHAKE
#undef DEC_SHA3
DECAF_DEC_SHAKE(128)
DECAF_DEC_SHAKE(256)
DECAF_DEC_SHA3(224)
DECAF_DEC_SHA3(256)
DECAF_DEC_SHA3(384)
DECAF_DEC_SHA3(512)
#undef DECAF_DEC_SHAKE
#undef DECAF_DEC_SHA3


#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */


+ 17
- 17
src/public_include/decaf/shake.hxx View File

@@ -17,11 +17,11 @@


/** @cond internal */ /** @cond internal */
#if __cplusplus >= 201103L #if __cplusplus >= 201103L
#define NOEXCEPT noexcept
#define DELETE = delete
#define DECAF_NOEXCEPT noexcept
#define DECAF_DELETE = delete
#else #else
#define NOEXCEPT throw()
#define DELETE
#define DECAF_NOEXCEPT throw()
#define DECAF_DELETE
#endif #endif
/** @endcond */ /** @endcond */


@@ -38,21 +38,21 @@ protected:
decaf_keccak_sponge_t wrapped; decaf_keccak_sponge_t wrapped;
/** Initialize from parameters */ /** Initialize from parameters */
inline KeccakHash(const decaf_kparams_s *params) NOEXCEPT { decaf_sponge_init(wrapped, params); }
inline KeccakHash(const decaf_kparams_s *params) DECAF_NOEXCEPT { decaf_sponge_init(wrapped, params); }
/** @endcond */ /** @endcond */
public: public:
/** Add more data to running hash */ /** Add more data to running hash */
inline void update(const uint8_t *__restrict__ in, size_t len) NOEXCEPT { decaf_sha3_update(wrapped,in,len); }
inline void update(const uint8_t *__restrict__ in, size_t len) DECAF_NOEXCEPT { decaf_sha3_update(wrapped,in,len); }


/** Add more data to running hash, C++ version. */ /** Add more data to running hash, C++ version. */
inline void update(const Block &s) NOEXCEPT { decaf_sha3_update(wrapped,s.data(),s.size()); }
inline void update(const Block &s) DECAF_NOEXCEPT { decaf_sha3_update(wrapped,s.data(),s.size()); }
/** Add more data, stream version. */ /** Add more data, stream version. */
inline KeccakHash &operator<<(const Block &s) NOEXCEPT { update(s); return *this; }
inline KeccakHash &operator<<(const Block &s) DECAF_NOEXCEPT { update(s); return *this; }
/** Same as <<. */ /** Same as <<. */
inline KeccakHash &operator+=(const Block &s) NOEXCEPT { return *this << s; }
inline KeccakHash &operator+=(const Block &s) DECAF_NOEXCEPT { return *this << s; }
/** @brief Output bytes from the sponge. */ /** @brief Output bytes from the sponge. */
inline SecureBuffer output(size_t len) throw(std::bad_alloc, LengthException) { inline SecureBuffer output(size_t len) throw(std::bad_alloc, LengthException) {
@@ -93,12 +93,12 @@ public:
} }
/** @brief Return the sponge's default output size. */ /** @brief Return the sponge's default output size. */
inline size_t default_output_size() const NOEXCEPT {
inline size_t default_output_size() const DECAF_NOEXCEPT {
return decaf_sponge_default_output_bytes(wrapped); return decaf_sponge_default_output_bytes(wrapped);
} }
/** @brief Return the sponge's maximum output size. */ /** @brief Return the sponge's maximum output size. */
inline size_t max_output_size() const NOEXCEPT {
inline size_t max_output_size() const DECAF_NOEXCEPT {
return decaf_sponge_max_output_bytes(wrapped); return decaf_sponge_max_output_bytes(wrapped);
} }
@@ -113,10 +113,10 @@ public:
} }


/** Reset the hash to the empty string */ /** Reset the hash to the empty string */
inline void reset() NOEXCEPT { decaf_sha3_reset(wrapped); }
inline void reset() DECAF_NOEXCEPT { decaf_sha3_reset(wrapped); }
/** Destructor zeroizes state */ /** Destructor zeroizes state */
inline ~KeccakHash() NOEXCEPT { decaf_sponge_destroy(wrapped); }
inline ~KeccakHash() DECAF_NOEXCEPT { decaf_sponge_destroy(wrapped); }
}; };


/** Fixed-output-length SHA3 */ /** Fixed-output-length SHA3 */
@@ -133,7 +133,7 @@ public:
static const size_t DEFAULT_OUTPUT_BYTES = bits/8; static const size_t DEFAULT_OUTPUT_BYTES = bits/8;
/** Initializer */ /** Initializer */
inline SHA3() NOEXCEPT : KeccakHash(get_params()) {}
inline SHA3() DECAF_NOEXCEPT : KeccakHash(get_params()) {}


/** Hash bytes with this SHA3 instance. /** Hash bytes with this SHA3 instance.
* @throw LengthException if nbytes > MAX_OUTPUT_BYTES * @throw LengthException if nbytes > MAX_OUTPUT_BYTES
@@ -165,7 +165,7 @@ public:
static const size_t DEFAULT_OUTPUT_BYTES = bits/4; static const size_t DEFAULT_OUTPUT_BYTES = bits/4;
/** Initializer */ /** Initializer */
inline SHAKE() NOEXCEPT : KeccakHash(get_params()) {}
inline SHAKE() DECAF_NOEXCEPT : KeccakHash(get_params()) {}
/** Hash bytes with this SHAKE instance */ /** Hash bytes with this SHAKE instance */
static inline SecureBuffer hash(const Block &b, size_t outlen) throw(std::bad_alloc) { static inline SecureBuffer hash(const Block &b, size_t outlen) throw(std::bad_alloc) {
@@ -184,7 +184,7 @@ template<> inline const struct decaf_kparams_s *SHA3<512>::get_params() { return
} /* namespace decaf */ } /* namespace decaf */


#undef NOEXCEPT
#undef DELETE
#undef DECAF_NOEXCEPT
#undef DECAF_DELETE


#endif /* __DECAF_SHAKE_HXX__ */ #endif /* __DECAF_SHAKE_HXX__ */

+ 6
- 6
src/public_include/decaf/spongerng.h View File

@@ -32,7 +32,7 @@ void decaf_spongerng_init_from_buffer (
const uint8_t *__restrict__ in, /**< [in] The initialization data. */ const uint8_t *__restrict__ in, /**< [in] The initialization data. */
size_t len, /**< [in] The length of the initialization data. */ size_t len, /**< [in] The length of the initialization data. */
int deterministic /**< [in] If zero, allow RNG to stir in nondeterministic data from RDRAND or RDTSC.*/ int deterministic /**< [in] If zero, allow RNG to stir in nondeterministic data from RDRAND or RDTSC.*/
) NONNULL API_VIS;
) DECAF_NONNULL DECAF_API_VIS;
/** /**
* @brief Initialize a sponge-based CSPRNG from a file. * @brief Initialize a sponge-based CSPRNG from a file.
@@ -45,7 +45,7 @@ decaf_error_t decaf_spongerng_init_from_file (
const char *file, /**< [in] A name of a file containing initial data. */ const char *file, /**< [in] A name of a file containing initial data. */
size_t len, /**< [in] The length of the initial data. Must be positive. */ size_t len, /**< [in] The length of the initial data. Must be positive. */
int deterministic /**< [in] If zero, allow RNG to stir in nondeterministic data from RDRAND or RDTSC. */ int deterministic /**< [in] If zero, allow RNG to stir in nondeterministic data from RDRAND or RDTSC. */
) NONNULL API_VIS WARN_UNUSED;
) DECAF_NONNULL DECAF_API_VIS DECAF_WARN_UNUSED;


/** /**
* @brief Initialize a nondeterministic sponge-based CSPRNG from /dev/urandom. * @brief Initialize a nondeterministic sponge-based CSPRNG from /dev/urandom.
@@ -55,24 +55,24 @@ decaf_error_t decaf_spongerng_init_from_file (
*/ */
decaf_error_t decaf_spongerng_init_from_dev_urandom ( decaf_error_t decaf_spongerng_init_from_dev_urandom (
decaf_keccak_prng_t prng /**< [out] sponge The sponge object. */ decaf_keccak_prng_t prng /**< [out] sponge The sponge object. */
) API_VIS WARN_UNUSED;
) DECAF_API_VIS DECAF_WARN_UNUSED;


/** Output bytes from a sponge-based CSPRNG. */ /** Output bytes from a sponge-based CSPRNG. */
void decaf_spongerng_next ( void decaf_spongerng_next (
decaf_keccak_prng_t prng, /**< [inout] The PRNG object. */ decaf_keccak_prng_t prng, /**< [inout] The PRNG object. */
uint8_t * __restrict__ out, /**< [out] Output buffer. */ uint8_t * __restrict__ out, /**< [out] Output buffer. */
size_t len /**< [in] Number of bytes to output. */ size_t len /**< [in] Number of bytes to output. */
) API_VIS;
) DECAF_API_VIS;


/** Stir entropy data into a sponge-based CSPRNG from a buffer. */ /** Stir entropy data into a sponge-based CSPRNG from a buffer. */
void decaf_spongerng_stir ( void decaf_spongerng_stir (
decaf_keccak_prng_t prng, /**< [out] The PRNG object. */ decaf_keccak_prng_t prng, /**< [out] The PRNG object. */
const uint8_t * __restrict__ in, /**< [in] The entropy data. */ const uint8_t * __restrict__ in, /**< [in] The entropy data. */
size_t len /**< [in] The length of the initial data. */ size_t len /**< [in] The length of the initial data. */
) NONNULL API_VIS;
) DECAF_NONNULL DECAF_API_VIS;
/** Securely destroy a sponge RNG object by overwriting it. */ /** Securely destroy a sponge RNG object by overwriting it. */
static INLINE UNUSED void
static DECAF_INLINE void
decaf_spongerng_destroy ( decaf_spongerng_destroy (
decaf_keccak_prng_t doomed /**< [in] The object to destroy. */ decaf_keccak_prng_t doomed /**< [in] The object to destroy. */
); );


+ 13
- 13
src/public_include/decaf/spongerng.hxx View File

@@ -24,11 +24,11 @@


/** @cond internal */ /** @cond internal */
#if __cplusplus >= 201103L #if __cplusplus >= 201103L
#define NOEXCEPT noexcept
#define DELETE = delete
#define DECAF_NOEXCEPT noexcept
#define DECAF_DELETE = delete
#else #else
#define NOEXCEPT throw()
#define DELETE
#define DECAF_NOEXCEPT throw()
#define DECAF_DELETE
#endif #endif
/** @endcond */ /** @endcond */


@@ -55,8 +55,8 @@ public:
/** @endcond */ /** @endcond */
public: public:
const int err_code; /**< errno that caused the reseed to fail. */ const int err_code; /**< errno that caused the reseed to fail. */
const char *what() const NOEXCEPT { return what_; } /**< Description of exception. */
RngException(int err_code, const char *what_) NOEXCEPT : what_(what_), err_code(err_code) {} /**< Construct */
const char *what() const DECAF_NOEXCEPT { return what_; } /**< Description of exception. */
RngException(int err_code, const char *what_) DECAF_NOEXCEPT : what_(what_), err_code(err_code) {} /**< Construct */
}; };
/** Initialize, deterministically by default, from block */ /** Initialize, deterministically by default, from block */
@@ -74,31 +74,31 @@ public:
} }
/** Stir in new data */ /** Stir in new data */
inline void stir( const Block &data ) NOEXCEPT {
inline void stir( const Block &data ) DECAF_NOEXCEPT {
decaf_spongerng_stir(sp,data.data(),data.size()); decaf_spongerng_stir(sp,data.data(),data.size());
} }
/** Securely destroy by overwriting state. */ /** Securely destroy by overwriting state. */
inline ~SpongeRng() NOEXCEPT { decaf_spongerng_destroy(sp); }
inline ~SpongeRng() DECAF_NOEXCEPT { decaf_spongerng_destroy(sp); }
using Rng::read; using Rng::read;
/** Read data to a buffer. */ /** Read data to a buffer. */
virtual inline void read(Buffer buffer) NOEXCEPT
virtual inline void read(Buffer buffer) DECAF_NOEXCEPT
#if __cplusplus >= 201103L #if __cplusplus >= 201103L
final final
#endif #endif
{ decaf_spongerng_next(sp,buffer.data(),buffer.size()); } { decaf_spongerng_next(sp,buffer.data(),buffer.size()); }
private: private:
SpongeRng(const SpongeRng &) DELETE;
SpongeRng &operator=(const SpongeRng &) DELETE;
SpongeRng(const SpongeRng &) DECAF_DELETE;
SpongeRng &operator=(const SpongeRng &) DECAF_DELETE;
}; };
/**@endcond*/ /**@endcond*/
} /* namespace decaf */ } /* namespace decaf */


#undef NOEXCEPT
#undef DELETE
#undef DECAF_NOEXCEPT
#undef DECAF_DELETE


#endif /* __DECAF_SPONGERNG_HXX__ */ #endif /* __DECAF_SPONGERNG_HXX__ */

+ 1
- 1
src/sha512.c View File

@@ -64,7 +64,7 @@ static uint64_t load_bigendian(const uint8_t *x)
b = a; \ b = a; \
a = T1 + T2; a = T1 + T2;


static NOINLINE void hashblock(decaf_sha512_ctx_t ctx) {
static DECAF_NOINLINE void hashblock(decaf_sha512_ctx_t ctx) {
const uint8_t *in = ctx->block; const uint8_t *in = ctx->block;
uint64_t a = ctx->state[0]; uint64_t a = ctx->state[0];
uint64_t b = ctx->state[1]; uint64_t b = ctx->state[1];


Write Preview
Loading…
Cancel
Save