Commit 6bc7a3db authored by Mike Hamburg's avatar Mike Hamburg

rework build hierarchy to prepare for generated headers

parent 36380f3e
......@@ -58,7 +58,7 @@ PROJECT_LOGO =
# entered, it will be relative to the location where doxygen was started. If
# left blank the current directory will be used.
OUTPUT_DIRECTORY = doc
OUTPUT_DIRECTORY = build/doc
# If the CREATE_SUBDIRS tag is set to YES, then doxygen will create 4096 sub-
# directories (in 2 levels) under the output directory of each output format and
......
This diff is collapsed.
......@@ -9,7 +9,7 @@
*/
#define __STDC_WANT_LIB_EXT1__ 1 /* for memset_s */
#include "decaf.h"
#include <decaf.h>
#include <string.h>
#include <assert.h>
......
......@@ -8,7 +8,7 @@
* @brief Example Decaf cyrpto routines.
*/
#include "decaf_crypto.h"
#include <decaf/crypto.h>
#include <string.h>
static const unsigned int DECAF_255_SCALAR_OVERKILL_BYTES = DECAF_255_SCALAR_BYTES + 8;
......
......@@ -10,7 +10,7 @@
#define _XOPEN_SOURCE 600 /* for posix_memalign */
#define __STDC_WANT_LIB_EXT1__ 1 /* for memset_s */
#include "decaf.h"
#include <decaf.h>
#include <string.h>
#include "field.h"
#include "decaf_config.h"
......
......@@ -25,8 +25,8 @@
#include <stdint.h>
#include <sys/types.h>
#include "decaf_255.h"
#include "decaf_448.h"
#include <decaf/decaf_255.h>
#include <decaf/decaf_448.h>
#endif /* __DECAF_H__ */
......@@ -2,7 +2,7 @@
#ifndef __DECAF_HXX__
#define __DECAF_HXX__ 1
#include "decaf_255.hxx" // MAGIC
#include <decaf/decaf_255.hxx> // MAGIC
#endif /* __DECAF_H__ */
/**
* @file decaf_common.h
* @file decaf/common.h
* @author Mike Hamburg
*
* @copyright
......
/**
* @file decaf_crypto.h
* @file decaf/crypto.h
* @copyright
* Copyright (c) 2015 Cryptography Research, Inc. \n
* Released under the MIT License. See LICENSE.txt for license information.
......@@ -14,8 +14,8 @@
#ifndef __DECAF_CRYPTO_H__
#define __DECAF_CRYPTO_H__ 1
#include "decaf.h"
#include "shake.h"
#include <decaf.h>
#include <decaf/shake.h>
/** Number of bytes for a symmetric key (expanded to full key) */
#define DECAF_255_SYMMETRIC_KEY_BYTES 32
......
/**
* @file decaf_255.h
* @file decaf/decaf_255.h
* @author Mike Hamburg
*
* @copyright
......@@ -11,7 +11,7 @@
#ifndef __DECAF_255_H__
#define __DECAF_255_H__ 1
#include "decaf_common.h"
#include <decaf/common.h>
#ifdef __cplusplus
extern "C" {
......@@ -467,7 +467,7 @@ void decaf_255_point_debugging_pscale (
* A factor of 2 due to the isogeny.
* A factor of 2 because we quotient out the 2-torsion.
*
* This makes it about 8:1 overall.
* This makes it about 8:1 overall, or 16:1 overall on curves with cofactor 8.
*
* Negating the input (mod q) results in the same point. Inverting the input
* (mod q) results in the negative point. This is the same as Elligator.
......@@ -486,19 +486,36 @@ decaf_255_point_from_hash_nonuniform (
const unsigned char hashed_data[DECAF_255_SER_BYTES]
) API_VIS NONNULL2 NOINLINE;
/**
* @brief Indifferentiable hash function encoding to curve.
*
* Equivalent to calling decaf_255_point_from_hash_nonuniform twice and adding.
*
* @param [in] hashed_data Output of some hash function.
* @param [out] pt The data hashed to the curve.
*/
void decaf_255_point_from_hash_uniform (
decaf_255_point_t pt,
const unsigned char hashed_data[2*DECAF_255_SER_BYTES]
) API_VIS NONNULL2 NOINLINE;
/**
* @brief Inverse of elligator-like hash to curve.
*
* This function writes to the buffer, to make it so that
* decaf_255_point_from_hash_nonuniform(buffer) = pt if possible.
* decaf_255_point_from_hash_nonuniform(buffer) = pt if
* possible. Since there may be multiple preimages, the
* "which" parameter chooses between them. To ensure uniform
* inverse sampling, this function succeeds or fails
* independently for different "which" values.
*
* @param [out] recovered_hash Encoded data.
* @param [in] pt The point to encode.
* @param [in] which A "hint" that indicates which inverse to return.
* @param [in] which A value determining which inverse point
* to return.
*
* @retval DECAF_SUCCESS The inverse succeeded.
* @retval DECAF_FAILURE The pt isn't the image of
* decaf_255_point_from_hash_nonuniform with the given hint.
* @retval DECAF_FAILURE The inverse failed.
*/
decaf_bool_t
decaf_255_invert_elligator_nonuniform (
......@@ -508,19 +525,22 @@ decaf_255_invert_elligator_nonuniform (
) API_VIS NONNULL2 NOINLINE WARN_UNUSED;
/**
* @brief Inverse of elligator-like hash to curve, uniform.
* @brief Inverse of elligator-like hash to curve.
*
* This function modifies the first DECAF_255_SER_BYTES of the
* buffer, to make it so that
* decaf_255_point_from_hash_uniform(buffer) = pt if possible.
* This function writes to the buffer, to make it so that
* decaf_255_point_from_hash_uniform(buffer) = pt if
* possible. Since there may be multiple preimages, the
* "which" parameter chooses between them. To ensure uniform
* inverse sampling, this function succeeds or fails
* independently for different "which" values.
*
* @param [out] recovered_hash Encoded data.
* @param [in] pt The point to encode.
* @param [in] which A "hint" that indicates which inverse to return.
* @param [in] which A value determining which inverse point
* to return.
*
* @retval DECAF_SUCCESS The inverse succeeded.
* @retval DECAF_FAILURE The pt isn't the image of
* decaf_255_point_from_hash_uniform with the given hint.
* @retval DECAF_FAILURE The inverse failed.
*/
decaf_bool_t
decaf_255_invert_elligator_uniform (
......@@ -529,19 +549,6 @@ decaf_255_invert_elligator_uniform (
uint16_t which
) API_VIS NONNULL2 NOINLINE WARN_UNUSED;
/**
* @brief Indifferentiable hash function encoding to curve.
*
* Equivalent to calling decaf_255_point_from_hash_nonuniform twice and adding.
*
* @param [in] hashed_data Output of some hash function.
* @param [out] pt The data hashed to the curve.
*/
void decaf_255_point_from_hash_uniform (
decaf_255_point_t pt,
const unsigned char hashed_data[2*DECAF_255_SER_BYTES]
) API_VIS NONNULL2 NOINLINE;
/**
* @brief Overwrite scalar with zeros.
*/
......
/**
* @file decaf_255.hxx
* @file decaf/decaf_255.hxx
* @author Mike Hamburg
*
* @copyright
......@@ -27,8 +27,8 @@
#include <stdlib.h>
#include <string.h> /* for memcpy */
#include "decaf.h"
#include "secure_buffer.hxx"
#include <decaf.h>
#include <decaf/secure_buffer.hxx>
#include <string>
#include <sys/types.h>
#include <limits.h>
......
/**
* @file decaf_448.h
* @file decaf/decaf_448.h
* @author Mike Hamburg
*
* @copyright
......@@ -11,7 +11,7 @@
#ifndef __DECAF_448_H__
#define __DECAF_448_H__ 1
#include "decaf_common.h"
#include <decaf/common.h>
#ifdef __cplusplus
extern "C" {
......@@ -22,9 +22,9 @@ extern "C" {
#define DECAF_448_SCALAR_LIMBS (448/DECAF_WORD_BITS)
/** Galois field element internal structure */
typedef struct gf_s {
typedef struct gf_448_s {
decaf_word_t limb[DECAF_448_LIMBS];
} __attribute__((aligned(32))) gf_s, gf[1];
} __attribute__((aligned(32))) gf_448_s, gf_448_t[1];
/** @endcond */
/** Number of bytes in a serialized point. */
......@@ -34,7 +34,7 @@ typedef struct gf_s {
#define DECAF_448_SCALAR_BYTES 56
/** Twisted Edwards (-1,d-1) extended homogeneous coordinates */
typedef struct decaf_448_point_s { /**@cond internal*/gf x,y,z,t;/**@endcond*/ } decaf_448_point_t[1];
typedef struct decaf_448_point_s { /**@cond internal*/gf_448_t x,y,z,t;/**@endcond*/ } decaf_448_point_t[1];
/** Precomputed table based on a point. Can be trivial implementation. */
struct decaf_448_precomputed_s;
......@@ -451,7 +451,7 @@ void decaf_448_point_debugging_torque (
* A factor of 2 due to the isogeny.
* A factor of 2 because we quotient out the 2-torsion.
*
* This makes it about 8:1 overall.
* This makes it about 8:1 overall, or 16:1 overall on curves with cofactor 8.
*
* Negating the input (mod q) results in the same point. Inverting the input
* (mod q) results in the negative point. This is the same as Elligator.
......@@ -463,77 +463,76 @@ void decaf_448_point_debugging_torque (
*
* @param [in] hashed_data Output of some hash function.
* @param [out] pt The data hashed to the curve.
* @return A "hint" value which can be used to help invert the encoding.
*/
unsigned char
void
decaf_448_point_from_hash_nonuniform (
decaf_448_point_t pt,
const unsigned char hashed_data[DECAF_448_SER_BYTES]
) API_VIS NONNULL2 NOINLINE;
/**
* @brief Indifferentiable hash function encoding to curve.
*
* Equivalent to calling decaf_448_point_from_hash_nonuniform twice and adding.
*
* @param [in] hashed_data Output of some hash function.
* @param [out] pt The data hashed to the curve.
*/
void decaf_448_point_from_hash_uniform (
decaf_448_point_t pt,
const unsigned char hashed_data[2*DECAF_448_SER_BYTES]
) API_VIS NONNULL2 NOINLINE;
/**
* @brief Inverse of elligator-like hash to curve.
*
* This function writes to the buffer, to make it so that
* decaf_448_point_from_hash_nonuniform(buffer) = pt,hint
* if possible.
* decaf_448_point_from_hash_nonuniform(buffer) = pt if
* possible. Since there may be multiple preimages, the
* "which" parameter chooses between them. To ensure uniform
* inverse sampling, this function succeeds or fails
* independently for different "which" values.
*
* @param [out] recovered_hash Encoded data.
* @param [in] pt The point to encode.
* @param [in] hint The hint value returned from
* decaf_448_point_from_hash_nonuniform.
* @param [in] which A value determining which inverse point
* to return.
*
* @retval DECAF_SUCCESS The inverse succeeded.
* @retval DECAF_FAILURE The pt isn't the image of
* decaf_448_point_from_hash_nonuniform with the given hint.
* @retval DECAF_FAILURE The inverse failed.
*/
decaf_bool_t
decaf_448_invert_elligator_nonuniform (
unsigned char recovered_hash[DECAF_448_SER_BYTES],
const decaf_448_point_t pt,
unsigned char hint
uint16_t which
) API_VIS NONNULL2 NOINLINE WARN_UNUSED;
/**
* @brief Inverse of elligator-like hash to curve, uniform.
* @brief Inverse of elligator-like hash to curve.
*
* This function modifies the first DECAF_448_SER_BYTES of the
* buffer, to make it so that
* decaf_448_point_from_hash_uniform(buffer) = pt,hint
* if possible.
* This function writes to the buffer, to make it so that
* decaf_448_point_from_hash_uniform(buffer) = pt if
* possible. Since there may be multiple preimages, the
* "which" parameter chooses between them. To ensure uniform
* inverse sampling, this function succeeds or fails
* independently for different "which" values.
*
* @param [out] recovered_hash Encoded data.
* @param [in] pt The point to encode.
* @param [in] hint The hint value returned from
* decaf_448_point_from_hash_nonuniform.
* @param [in] which A value determining which inverse point
* to return.
*
* @retval DECAF_SUCCESS The inverse succeeded.
* @retval DECAF_FAILURE The pt isn't the image of
* decaf_448_point_from_hash_uniform with the given hint.
*
* @warning The hinting system is subject to change, especially in corner cases.
* @retval DECAF_FAILURE The inverse failed.
*/
decaf_bool_t
decaf_448_invert_elligator_uniform (
unsigned char recovered_hash[2*DECAF_448_SER_BYTES],
const decaf_448_point_t pt,
unsigned char hint
uint16_t which
) API_VIS NONNULL2 NOINLINE WARN_UNUSED;
/**
* @brief Indifferentiable hash function encoding to curve.
*
* Equivalent to calling decaf_448_point_from_hash_nonuniform twice and adding.
*
* @param [in] hashed_data Output of some hash function.
* @param [out] pt The data hashed to the curve.
* @return A "hint" value which can be used to help invert the encoding.
*/
unsigned char decaf_448_point_from_hash_uniform (
decaf_448_point_t pt,
const unsigned char hashed_data[2*DECAF_448_SER_BYTES]
) API_VIS NONNULL2 NOINLINE;
/**
* @brief Overwrite scalar with zeros.
*/
......
/**
* @file decaf_448.hxx
* @file decaf/decaf_448.hxx
* @author Mike Hamburg
*
* @copyright
......@@ -27,7 +27,7 @@
#include <stdlib.h>
#include <string.h> /* for memcpy */
#include "decaf.h"
#include <decaf.h>
#include <string>
#include <sys/types.h>
#include <limits.h>
......
/**
* @file secure_buffer.hxx
* @file decaf/secure_buffer.hxx
* @author Mike Hamburg
*
* @copyright
......
/**
* @file shake.h
* @file decaf/shake.h
* @copyright
* Based on CC0 code by David Leon Gil, 2015 \n
* Copyright (c) 2015 Cryptography Research, Inc. \n
......@@ -15,7 +15,7 @@
#include <stdint.h>
#include <sys/types.h>
#include "decaf_common.h"
#include <decaf/common.h>
/** @cond internal */
#define API_VIS __attribute__((visibility("default")))
......
/**
* @file shake.hxx
* @file decaf/shake.hxx
* @copyright
* Based on CC0 code by David Leon Gil, 2015 \n
* Copyright (c) 2015 Cryptography Research, Inc. \n
......@@ -12,7 +12,7 @@
#ifndef __SHAKE_HXX__
#define __SHAKE_HXX__
#include "shake.h"
#include <decaf/shake.h>
#include <string>
#include <sys/types.h>
......
......@@ -67,7 +67,7 @@ typedef struct keccak_sponge_s {
} keccak_sponge_t[1];
#define INTERNAL_SPONGE_STRUCT 1
#include "shake.h"
#include <decaf/shake.h>
#define FLAG_ABSORBING 'A'
#define FLAG_SQUEEZING 'Z'
......
......@@ -8,7 +8,7 @@
* @brief Decaf utility functions.
*/
#include "decaf_common.h"
#include <decaf/common.h>
void decaf_bzero (
void *s,
......
......@@ -9,10 +9,9 @@
* @brief C++ benchmarks, because that's easier.
*/
#include "decaf.hxx"
#include "shake.hxx"
#include "shake.h"
#include "decaf_crypto.h"
#include <decaf.hxx>
#include <decaf/shake.hxx>
#include <decaf/crypto.h>
#include <stdio.h>
#include <sys/time.h>
#include <assert.h>
......
......@@ -11,7 +11,7 @@
#include <stdio.h>
#include <unistd.h>
#include <string.h>
#include "shake.h"
#include <decaf/shake.h>
int main(int argc, char **argv) {
(void)argc; (void)argv;
......
......@@ -9,9 +9,9 @@
* @brief C++ tests, because that's easier.
*/
#include "decaf.hxx"
#include "shake.hxx"
#include "decaf_crypto.h"
#include <decaf.hxx>
#include <decaf/shake.hxx>
#include <decaf/crypto.h>
#include <stdio.h>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment