Commit 638f5560 authored by Michael Hamburg's avatar Michael Hamburg

make ED*_NO_CONTEXT actually a pointer

parent 7ec87d86
......@@ -32,6 +32,11 @@
#define EDDSA_USE_SIGMA_ISOGENY 1
#define COFACTOR 8
#if NO_CONTEXT
const uint8_t NO_CONTEXT_POINTS_HERE = 0;
const uint8_t * const ED25519_NO_CONTEXT = &NO_CONTEXT_POINTS_HERE;
#endif
/* EDDSA_BASE_POINT_RATIO = 1 or 2
* Because EdDSA25519 is not on E_d but on the isogenous E_sigma_d,
* its base point is twice ours.
......
......@@ -32,6 +32,11 @@
#define EDDSA_USE_SIGMA_ISOGENY 0
#define COFACTOR 4
#if NO_CONTEXT
const uint8_t NO_CONTEXT_POINTS_HERE = 0;
const uint8_t * const ED448_NO_CONTEXT = &NO_CONTEXT_POINTS_HERE;
#endif
/* EDDSA_BASE_POINT_RATIO = 1 or 2
* Because EdDSA25519 is not on E_d but on the isogenous E_sigma_d,
* its base point is twice ours.
......
......@@ -34,7 +34,7 @@ extern "C" {
/** Does EdDSA support non-contextual signatures? */
#define DECAF_EDDSA_25519_NO_CONTEXT 1
const uint8_t * const ED25519_NO_CONTEXT = (const uint8_t * const)(25519);
extern const uint8_t * const ED25519_NO_CONTEXT API_VIS;
/** Prehash context renaming macros. */
#define decaf_ed25519_prehash_ctx_s decaf_sha512_ctx_s
......
......@@ -55,6 +55,13 @@ typedef class PrivateKeyBase PrivateKey, PrivateKeyPure, PrivateKeyPh;
typedef class PublicKeyBase PublicKey, PublicKeyPure, PublicKeyPh;
/** @endcond */
#if DECAF_EDDSA_25519_NO_CONTEXT
static inline const Block NO_CONTEXT() { return Block(ED25519_NO_CONTEXT,0); }
#else
static inline const Block NO_CONTEXT() { return Block(NULL,0); }
#endif
/** Prehash context for EdDSA. */
class Prehash : public SHA512 {
private:
......@@ -78,7 +85,7 @@ public:
static const size_t OUTPUT_BYTES = Super::DEFAULT_OUTPUT_BYTES;
/** Create the prehash */
Prehash(Block context = Block(NULL,0)) throw(LengthException) {
Prehash(const Block &context = NO_CONTEXT()) throw(LengthException) {
context_ = context;
init();
}
......@@ -122,7 +129,7 @@ public:
/* Sign a message using the prehasher */
inline SecureBuffer sign_with_prehash (
const Block &message,
const Block &context = Block(NULL,0)
const Block &context = NO_CONTEXT()
) const /*throw(LengthException,CryptoException)*/ {
Prehash ph(context);
ph += message;
......@@ -141,7 +148,7 @@ public:
*/
inline SecureBuffer sign (
const Block &message,
const Block &context = Block(NULL,0)
const Block &context = NO_CONTEXT()
) const /* TODO: this exn spec tickles a Clang bug?
* throw(LengthException, std::bad_alloc)
*/ {
......@@ -245,7 +252,7 @@ public:
inline decaf_error_t WARN_UNUSED verify_noexcept (
const FixedBlock<DECAF_EDDSA_25519_SIGNATURE_BYTES> &sig,
const Block &message,
const Block &context = Block(NULL,0)
const Block &context = NO_CONTEXT()
) const /*NOEXCEPT*/ {
if (context.size() > 255) {
return DECAF_FAILURE;
......@@ -272,7 +279,7 @@ public:
inline void verify (
const FixedBlock<DECAF_EDDSA_25519_SIGNATURE_BYTES> &sig,
const Block &message,
const Block &context = Block(NULL,0)
const Block &context = NO_CONTEXT()
) const /*throw(LengthException,CryptoException)*/ {
if (context.size() > 255) {
throw LengthException();
......@@ -321,7 +328,7 @@ public:
inline void verify_with_prehash (
const FixedBlock<DECAF_EDDSA_25519_SIGNATURE_BYTES> &sig,
const Block &message,
const Block &context = Block(NULL,0)
const Block &context = NO_CONTEXT()
) const /*throw(LengthException,CryptoException)*/ {
Prehash ph(context);
ph += message;
......
......@@ -55,6 +55,13 @@ typedef class PrivateKeyBase PrivateKey, PrivateKeyPure, PrivateKeyPh;
typedef class PublicKeyBase PublicKey, PublicKeyPure, PublicKeyPh;
/** @endcond */
#if DECAF_EDDSA_448_NO_CONTEXT
static inline const Block NO_CONTEXT() { return Block(ED448_NO_CONTEXT,0); }
#else
static inline const Block NO_CONTEXT() { return Block(NULL,0); }
#endif
/** Prehash context for EdDSA. */
class Prehash : public SHAKE<256> {
private:
......@@ -78,7 +85,7 @@ public:
static const size_t OUTPUT_BYTES = Super::DEFAULT_OUTPUT_BYTES;
/** Create the prehash */
Prehash(Block context = Block(NULL,0)) throw(LengthException) {
Prehash(const Block &context = NO_CONTEXT()) throw(LengthException) {
context_ = context;
init();
}
......@@ -122,7 +129,7 @@ public:
/* Sign a message using the prehasher */
inline SecureBuffer sign_with_prehash (
const Block &message,
const Block &context = Block(NULL,0)
const Block &context = NO_CONTEXT()
) const /*throw(LengthException,CryptoException)*/ {
Prehash ph(context);
ph += message;
......@@ -141,7 +148,7 @@ public:
*/
inline SecureBuffer sign (
const Block &message,
const Block &context = Block(NULL,0)
const Block &context = NO_CONTEXT()
) const /* TODO: this exn spec tickles a Clang bug?
* throw(LengthException, std::bad_alloc)
*/ {
......@@ -245,7 +252,7 @@ public:
inline decaf_error_t WARN_UNUSED verify_noexcept (
const FixedBlock<DECAF_EDDSA_448_SIGNATURE_BYTES> &sig,
const Block &message,
const Block &context = Block(NULL,0)
const Block &context = NO_CONTEXT()
) const /*NOEXCEPT*/ {
if (context.size() > 255) {
return DECAF_FAILURE;
......@@ -272,7 +279,7 @@ public:
inline void verify (
const FixedBlock<DECAF_EDDSA_448_SIGNATURE_BYTES> &sig,
const Block &message,
const Block &context = Block(NULL,0)
const Block &context = NO_CONTEXT()
) const /*throw(LengthException,CryptoException)*/ {
if (context.size() > 255) {
throw LengthException();
......@@ -321,7 +328,7 @@ public:
inline void verify_with_prehash (
const FixedBlock<DECAF_EDDSA_448_SIGNATURE_BYTES> &sig,
const Block &message,
const Block &context = Block(NULL,0)
const Block &context = NO_CONTEXT()
) const /*throw(LengthException,CryptoException)*/ {
Prehash ph(context);
ph += message;
......
......@@ -23,6 +23,11 @@
#define EDDSA_USE_SIGMA_ISOGENY $(eddsa_sigma_iso)
#define COFACTOR $(cofactor)
#if NO_CONTEXT
const uint8_t NO_CONTEXT_POINTS_HERE = 0;
$("const uint8_t * const ED" + gf_shortname + "_NO_CONTEXT") = &NO_CONTEXT_POINTS_HERE;
#endif
/* EDDSA_BASE_POINT_RATIO = 1 or 2
* Because EdDSA25519 is not on E_d but on the isogenous E_sigma_d,
* its base point is twice ours.
......
......@@ -19,7 +19,7 @@ extern "C" {
/** Does EdDSA support non-contextual signatures? */
#define DECAF_EDDSA_$(gf_shortname)_NO_CONTEXT $(eddsa_no_context)
$("const uint8_t * const ED" + gf_shortname + "_NO_CONTEXT = (const uint8_t * const)(" + gf_shortname + ");\n" if eddsa_no_context else "")
$("extern const uint8_t * const ED" + gf_shortname + "_NO_CONTEXT API_VIS;\n" if eddsa_no_context else "")
/** Prehash context renaming macros. */
#define decaf_ed$(gf_shortname)_prehash_ctx_s decaf_$(eddsa_hash)_ctx_s
#define decaf_ed$(gf_shortname)_prehash_ctx_t decaf_$(eddsa_hash)_ctx_t
......
......@@ -39,6 +39,13 @@ typedef class PrivateKeyBase PrivateKey, PrivateKeyPure, PrivateKeyPh;
typedef class PublicKeyBase PublicKey, PublicKeyPure, PublicKeyPh;
/** @endcond */
#if DECAF_EDDSA_$(gf_shortname)_NO_CONTEXT
static inline const Block NO_CONTEXT() { return Block(ED$(gf_shortname)_NO_CONTEXT,0); }
#else
static inline const Block NO_CONTEXT() { return Block(NULL,0); }
#endif
/** Prehash context for EdDSA. */
class Prehash : public $(re.sub(r"SHAKE(\d+)",r"SHAKE<\1>", eddsa_hash.upper())) {
private:
......@@ -62,7 +69,7 @@ public:
static const size_t OUTPUT_BYTES = Super::DEFAULT_OUTPUT_BYTES;
/** Create the prehash */
Prehash(Block context = Block(NULL,0)) throw(LengthException) {
Prehash(const Block &context = NO_CONTEXT()) throw(LengthException) {
context_ = context;
init();
}
......@@ -106,7 +113,7 @@ public:
/* Sign a message using the prehasher */
inline SecureBuffer sign_with_prehash (
const Block &message,
const Block &context = Block(NULL,0)
const Block &context = NO_CONTEXT()
) const /*throw(LengthException,CryptoException)*/ {
Prehash ph(context);
ph += message;
......@@ -125,7 +132,7 @@ public:
*/
inline SecureBuffer sign (
const Block &message,
const Block &context = Block(NULL,0)
const Block &context = NO_CONTEXT()
) const /* TODO: this exn spec tickles a Clang bug?
* throw(LengthException, std::bad_alloc)
*/ {
......@@ -229,7 +236,7 @@ public:
inline decaf_error_t WARN_UNUSED verify_noexcept (
const FixedBlock<DECAF_EDDSA_$(gf_shortname)_SIGNATURE_BYTES> &sig,
const Block &message,
const Block &context = Block(NULL,0)
const Block &context = NO_CONTEXT()
) const /*NOEXCEPT*/ {
if (context.size() > 255) {
return DECAF_FAILURE;
......@@ -256,7 +263,7 @@ public:
inline void verify (
const FixedBlock<DECAF_EDDSA_$(gf_shortname)_SIGNATURE_BYTES> &sig,
const Block &message,
const Block &context = Block(NULL,0)
const Block &context = NO_CONTEXT()
) const /*throw(LengthException,CryptoException)*/ {
if (context.size() > 255) {
throw LengthException();
......@@ -305,7 +312,7 @@ public:
inline void verify_with_prehash (
const FixedBlock<DECAF_EDDSA_$(gf_shortname)_SIGNATURE_BYTES> &sig,
const Block &message,
const Block &context = Block(NULL,0)
const Block &context = NO_CONTEXT()
) const /*throw(LengthException,CryptoException)*/ {
Prehash ph(context);
ph += message;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment