diff --git a/.gitignore b/.gitignore index 4b192af..9b005a2 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,5 @@ .rebar +.rebar3 ebin *.beam *.o diff --git a/Makefile b/Makefile index 89c5d14..5fe49a8 100644 --- a/Makefile +++ b/Makefile @@ -1,13 +1,9 @@ -REBAR=rebar +REBAR=rebar3 .PHONY: compile -compile: deps +compile: $(REBAR) compile -.PHONY: deps -deps: - $(REBAR) get-deps - .PHONY: clean clean: $(REBAR) clean diff --git a/c_src/Makefile b/c_src/Makefile new file mode 100644 index 0000000..4e252ab --- /dev/null +++ b/c_src/Makefile @@ -0,0 +1,69 @@ +# Based on c_src.mk from erlang.mk by Loïc Hoguin + +PROJECT ?= enacl_nif + +ERTS_INCLUDE_DIR ?= $(shell erl -noshell -s init stop -eval "io:format(\"~s/erts-~s/include/\", [code:root_dir(), erlang:system_info(version)]).") +ERL_INTERFACE_INCLUDE_DIR ?= $(shell erl -noshell -s init stop -eval "io:format(\"~s\", [code:lib_dir(erl_interface, include)]).") +ERL_INTERFACE_LIB_DIR ?= $(shell erl -noshell -s init stop -eval "io:format(\"~s\", [code:lib_dir(erl_interface, lib)]).") + +C_SRC_DIR = $(CURDIR) +C_SRC_OUTPUT ?= $(CURDIR)/../priv/$(PROJECT).so + +# System type and C compiler/flags. + +UNAME_SYS := $(shell uname -s) +ifeq ($(UNAME_SYS), Darwin) + CC ?= cc + CFLAGS ?= -O3 -std=c99 -arch x86_64 -finline-functions -Wall -Wmissing-prototypes + CXXFLAGS ?= -O3 -arch x86_64 -finline-functions -Wall + LDFLAGS ?= -arch x86_64 -flat_namespace -undefined suppress +else ifeq ($(UNAME_SYS), FreeBSD) + CC ?= cc + CFLAGS ?= -O3 -std=c99 -finline-functions -Wall -Wmissing-prototypes + CXXFLAGS ?= -O3 -finline-functions -Wall +else ifeq ($(UNAME_SYS), Linux) + CC ?= gcc + CFLAGS ?= -O3 -std=c99 -finline-functions -Wall -Wmissing-prototypes + CXXFLAGS ?= -O3 -finline-functions -Wall +endif + +CFLAGS += -fPIC -I $(ERTS_INCLUDE_DIR) -I $(ERL_INTERFACE_INCLUDE_DIR) +CXXFLAGS += -fPIC -I $(ERTS_INCLUDE_DIR) -I $(ERL_INTERFACE_INCLUDE_DIR) + +LDLIBS += -L $(ERL_INTERFACE_LIB_DIR) -lerl_interface -lei -lsodium +LDFLAGS += -shared + +# Verbosity. + +c_verbose_0 = @echo " C " $(?F); +c_verbose = $(c_verbose_$(V)) + +cpp_verbose_0 = @echo " CPP " $(?F); +cpp_verbose = $(cpp_verbose_$(V)) + +link_verbose_0 = @echo " LD " $(@F); +link_verbose = $(link_verbose_$(V)) + +SOURCES := $(shell find $(C_SRC_DIR) -type f \( -name "*.c" -o -name "*.C" -o -name "*.cc" -o -name "*.cpp" \)) +OBJECTS = $(addsuffix .o, $(basename $(SOURCES))) + +COMPILE_C = $(c_verbose) $(CC) $(CFLAGS) $(CPPFLAGS) -c +COMPILE_CPP = $(cpp_verbose) $(CXX) $(CXXFLAGS) $(CPPFLAGS) -c + +$(C_SRC_OUTPUT): $(OBJECTS) + $(link_verbose) $(CC) $(OBJECTS) $(LDFLAGS) $(LDLIBS) -o $(C_SRC_OUTPUT) + +%.o: %.c + $(COMPILE_C) $(OUTPUT_OPTION) $< + +%.o: %.cc + $(COMPILE_CPP) $(OUTPUT_OPTION) $< + +%.o: %.C + $(COMPILE_CPP) $(OUTPUT_OPTION) $< + +%.o: %.cpp + $(COMPILE_CPP) $(OUTPUT_OPTION) $< + +clean: + @rm $(C_SRC_OUTPUT) $(OBJECTS) diff --git a/c_src/enacl_nif.c b/c_src/enacl_nif.c index 7326b24..6273eda 100644 --- a/c_src/enacl_nif.c +++ b/c_src/enacl_nif.c @@ -79,6 +79,44 @@ ERL_NIF_TERM enif_crypto_verify_32(ErlNifEnv *env, int argc, ERL_NIF_TERM const } } +/* Curve 25519 */ +static +ERL_NIF_TERM enif_crypto_curve25519_scalarmult(ErlNifEnv *env, int argc, ERL_NIF_TERM const argv[]) { + ERL_NIF_TERM result; + ErlNifBinary secret, basepoint, output; + uint8_t bp[crypto_scalarmult_curve25519_BYTES]; + + if ((argc != 2) || (!enif_inspect_binary(env, argv[0], &secret)) + || (!enif_inspect_binary(env, argv[1], &basepoint)) + || (secret.size != crypto_scalarmult_curve25519_BYTES) + || (basepoint.size != crypto_scalarmult_curve25519_BYTES)) { + return enif_make_badarg(env); + } + + memcpy(bp, basepoint.data, crypto_scalarmult_curve25519_BYTES); + + /* Clear the high-bit. Better safe than sorry. */ + bp[31] &= 0x7f; + + do + { + if (!enif_alloc_binary(crypto_scalarmult_curve25519_BYTES, &output)) { + result = nacl_error_tuple(env, "alloc_failed"); + continue; + } + + if (crypto_scalarmult_curve25519(output.data, secret.data, bp) < 0) { + result = nacl_error_tuple(env, "scalarmult_curve25519_failed"); + continue; + } + + result = enif_make_binary(env, &output); + } while (0); + + sodium_memzero(bp, crypto_scalarmult_curve25519_BYTES); + + return result; +} /* Public-key cryptography */ static @@ -806,7 +844,9 @@ static ErlNifFunc nif_funcs[] = { {"crypto_hash", 1, enif_crypto_hash, ERL_NIF_DIRTY_JOB_CPU_BOUND}, {"crypto_verify_16", 2, enif_crypto_verify_16}, {"crypto_verify_32", 2, enif_crypto_verify_32}, - + + {"crypto_curve25519_scalarmult", 2, enif_crypto_curve25519_scalarmult}, + {"randombytes_b", 1, enif_randombytes}, {"randombytes", 1, enif_randombytes, ERL_NIF_DIRTY_JOB_CPU_BOUND}, diff --git a/rebar.config b/rebar.config index c849e10..3192ded 100644 --- a/rebar.config +++ b/rebar.config @@ -1,8 +1,6 @@ {erl_opts, [debug_info]}. -{port_env, [ - {"CFLAGS", "$CFLAGS $LIBSODIUM_CFLAGS"}, - {"LDFLAGS", "$LDFLAGS $LIBSODIUM_LDFLAGS -lsodium"} +{pre_hooks, [ + {compile, "make -C c_src"}, + {clean, "make -C c_src clean"} ]}. - -{port_specs, [{"priv/enacl_nif.so", ["c_src/*.c"]}]}. diff --git a/rebar.lock b/rebar.lock new file mode 100644 index 0000000..57afcca --- /dev/null +++ b/rebar.lock @@ -0,0 +1 @@ +[]. diff --git a/src/enacl.erl b/src/enacl.erl index 35177c7..f73eace 100644 --- a/src/enacl.erl +++ b/src/enacl.erl @@ -60,6 +60,11 @@ onetime_auth_verify/3 ]). +%% Curve 25519. +-export([ + curve25519_scalarmult/2 +]). + %% Low-level functions -export([ hash/1, @@ -591,6 +596,14 @@ onetime_auth_size() -> enacl_nif:crypto_onetimeauth_BYTES(). -spec onetime_auth_key_size() -> pos_integer(). onetime_auth_key_size() -> enacl_nif:crypto_onetimeauth_KEYBYTES(). +%% Curve 25519 Crypto +%% ------------------ +%% @doc curve25519_scalarmult/2 does a scalar multiplication between the Secret and the BasePoint. +%% @end. +-spec curve25519_scalarmult(Secret :: binary(), BasePoint :: binary()) -> binary(). +curve25519_scalarmult(Secret, BasePoint) -> + enacl_nif:crypto_curve25519_scalarmult(Secret, BasePoint). + %% Obtaining random bytes %% @doc randombytes/1 produces a stream of random bytes of the given size diff --git a/src/enacl_ext.erl b/src/enacl_ext.erl index c18abe1..cc3a594 100644 --- a/src/enacl_ext.erl +++ b/src/enacl_ext.erl @@ -9,6 +9,13 @@ scramble_block_16/2 ]). +%% Curve25519 +-export([ + curve25519_keypair/0, + curve25519_public_key/1, + curve25519_shared/2 +]). + %% @doc scramble_block_16/2 scrambles (encrypt) a block under a given key %% The rules are that the block is 16 bytes and the key is 32 bytes. The block %% is scrambled by means of the (secret) key. This makes it impossible for an @@ -23,3 +30,29 @@ -spec scramble_block_16(binary(), binary()) -> binary(). scramble_block_16(Block, Key) -> enacl_nif:scramble_block_16(Block, Key). + +%% Curve 25519 Crypto +%% ------------------ +%% @doc curve25519_keypair/0 creates a new Public/Secret keypair. +%% +%% Generates and returns a new key pair for the Curve 25519 encryption scheme. The return value is a +%% map in order to avoid using the public key as a secret key and vice versa. +%% @end. +-spec curve25519_keypair() -> #{ atom() => binary() }. +curve25519_keypair() -> + <> = enacl:randombytes(32), + SK = <<(B0 band 248), B1/binary, (64 bor (B2 band 127))>>, + PK = curve25519_public_key(SK), + #{ public => PK, secret => SK }. + +%% @doc curve25519_public_key/1 creates a public key from a given SecretKey. +%% @end +-spec curve25519_public_key(SecretKey :: binary()) -> binary(). +curve25519_public_key(SecretKey) -> + enacl:curve25519_scalarmult(SecretKey, <<9, 0:248>>). + +%% @doc curve25519_shared/2 creates a new shared secret from a given SecretKey and PublicKey. +%% @end. +-spec curve25519_shared(SecretKey :: binary(), PublicKey :: binary()) -> binary(). +curve25519_shared(SecretKey, PublicKey) -> + enacl:curve25519_scalarmult(SecretKey, PublicKey). diff --git a/src/enacl_nif.erl b/src/enacl_nif.erl index 06f8a0a..e8c4e2e 100644 --- a/src/enacl_nif.erl +++ b/src/enacl_nif.erl @@ -71,6 +71,11 @@ crypto_onetimeauth_verify_b/3 ]). +%% Curve25519 +-export([ + crypto_curve25519_scalarmult/2 +]). + %% Miscellaneous helper functions -export([ crypto_hash/1, @@ -161,6 +166,8 @@ crypto_onetimeauth_b(_Msg, _Key) -> erlang:nif_error(nif_not_loaded). crypto_onetimeauth_verify(_Authenticator, _Msg, _Key) -> erlang:nif_error(nif_not_loaded). crypto_onetimeauth_verify_b(_Authenticator, _Msg, _Key) -> erlang:nif_error(nif_not_loaded). +crypto_curve25519_scalarmult(_Secret, _BasePoint) -> erlang:nif_error(nif_not_loaded). + crypto_hash(Input) when is_binary(Input) -> erlang:nif_error(nif_not_loaded). crypto_hash_b(Input) when is_binary(Input) -> erlang:nif_error(nif_not_loaded). crypto_verify_16(_X, _Y) -> erlang:nif_error(nif_not_loaded).