From 6de936899c436a7848cb4b90215d787414ec6caa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alexander=20F=C3=A6r=C3=B8y?= Date: Sat, 21 Feb 2015 20:54:00 +0100 Subject: [PATCH 1/5] Use rebar3 for compilation. --- .gitignore | 1 + Makefile | 8 ++---- c_src/Makefile | 69 ++++++++++++++++++++++++++++++++++++++++++++++++++ rebar.config | 8 +++--- rebar.lock | 1 + 5 files changed, 76 insertions(+), 11 deletions(-) create mode 100644 c_src/Makefile create mode 100644 rebar.lock diff --git a/.gitignore b/.gitignore index 4b192af..9b005a2 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,5 @@ .rebar +.rebar3 ebin *.beam *.o diff --git a/Makefile b/Makefile index 89c5d14..5fe49a8 100644 --- a/Makefile +++ b/Makefile @@ -1,13 +1,9 @@ -REBAR=rebar +REBAR=rebar3 .PHONY: compile -compile: deps +compile: $(REBAR) compile -.PHONY: deps -deps: - $(REBAR) get-deps - .PHONY: clean clean: $(REBAR) clean diff --git a/c_src/Makefile b/c_src/Makefile new file mode 100644 index 0000000..4e252ab --- /dev/null +++ b/c_src/Makefile @@ -0,0 +1,69 @@ +# Based on c_src.mk from erlang.mk by Loïc Hoguin + +PROJECT ?= enacl_nif + +ERTS_INCLUDE_DIR ?= $(shell erl -noshell -s init stop -eval "io:format(\"~s/erts-~s/include/\", [code:root_dir(), erlang:system_info(version)]).") +ERL_INTERFACE_INCLUDE_DIR ?= $(shell erl -noshell -s init stop -eval "io:format(\"~s\", [code:lib_dir(erl_interface, include)]).") +ERL_INTERFACE_LIB_DIR ?= $(shell erl -noshell -s init stop -eval "io:format(\"~s\", [code:lib_dir(erl_interface, lib)]).") + +C_SRC_DIR = $(CURDIR) +C_SRC_OUTPUT ?= $(CURDIR)/../priv/$(PROJECT).so + +# System type and C compiler/flags. + +UNAME_SYS := $(shell uname -s) +ifeq ($(UNAME_SYS), Darwin) + CC ?= cc + CFLAGS ?= -O3 -std=c99 -arch x86_64 -finline-functions -Wall -Wmissing-prototypes + CXXFLAGS ?= -O3 -arch x86_64 -finline-functions -Wall + LDFLAGS ?= -arch x86_64 -flat_namespace -undefined suppress +else ifeq ($(UNAME_SYS), FreeBSD) + CC ?= cc + CFLAGS ?= -O3 -std=c99 -finline-functions -Wall -Wmissing-prototypes + CXXFLAGS ?= -O3 -finline-functions -Wall +else ifeq ($(UNAME_SYS), Linux) + CC ?= gcc + CFLAGS ?= -O3 -std=c99 -finline-functions -Wall -Wmissing-prototypes + CXXFLAGS ?= -O3 -finline-functions -Wall +endif + +CFLAGS += -fPIC -I $(ERTS_INCLUDE_DIR) -I $(ERL_INTERFACE_INCLUDE_DIR) +CXXFLAGS += -fPIC -I $(ERTS_INCLUDE_DIR) -I $(ERL_INTERFACE_INCLUDE_DIR) + +LDLIBS += -L $(ERL_INTERFACE_LIB_DIR) -lerl_interface -lei -lsodium +LDFLAGS += -shared + +# Verbosity. + +c_verbose_0 = @echo " C " $(?F); +c_verbose = $(c_verbose_$(V)) + +cpp_verbose_0 = @echo " CPP " $(?F); +cpp_verbose = $(cpp_verbose_$(V)) + +link_verbose_0 = @echo " LD " $(@F); +link_verbose = $(link_verbose_$(V)) + +SOURCES := $(shell find $(C_SRC_DIR) -type f \( -name "*.c" -o -name "*.C" -o -name "*.cc" -o -name "*.cpp" \)) +OBJECTS = $(addsuffix .o, $(basename $(SOURCES))) + +COMPILE_C = $(c_verbose) $(CC) $(CFLAGS) $(CPPFLAGS) -c +COMPILE_CPP = $(cpp_verbose) $(CXX) $(CXXFLAGS) $(CPPFLAGS) -c + +$(C_SRC_OUTPUT): $(OBJECTS) + $(link_verbose) $(CC) $(OBJECTS) $(LDFLAGS) $(LDLIBS) -o $(C_SRC_OUTPUT) + +%.o: %.c + $(COMPILE_C) $(OUTPUT_OPTION) $< + +%.o: %.cc + $(COMPILE_CPP) $(OUTPUT_OPTION) $< + +%.o: %.C + $(COMPILE_CPP) $(OUTPUT_OPTION) $< + +%.o: %.cpp + $(COMPILE_CPP) $(OUTPUT_OPTION) $< + +clean: + @rm $(C_SRC_OUTPUT) $(OBJECTS) diff --git a/rebar.config b/rebar.config index c849e10..3192ded 100644 --- a/rebar.config +++ b/rebar.config @@ -1,8 +1,6 @@ {erl_opts, [debug_info]}. -{port_env, [ - {"CFLAGS", "$CFLAGS $LIBSODIUM_CFLAGS"}, - {"LDFLAGS", "$LDFLAGS $LIBSODIUM_LDFLAGS -lsodium"} +{pre_hooks, [ + {compile, "make -C c_src"}, + {clean, "make -C c_src clean"} ]}. - -{port_specs, [{"priv/enacl_nif.so", ["c_src/*.c"]}]}. diff --git a/rebar.lock b/rebar.lock new file mode 100644 index 0000000..57afcca --- /dev/null +++ b/rebar.lock @@ -0,0 +1 @@ +[]. From 4e66fc3b9423f3d568a2cdcef9aecaea33844ea0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alexander=20F=C3=A6r=C3=B8y?= Date: Sat, 21 Feb 2015 22:47:34 +0100 Subject: [PATCH 2/5] Add curve25519_keypair/0 and curve25519_shared/2. --- c_src/enacl_nif.c | 32 +++++++++++++++++++++++++++++++- src/enacl.erl | 26 ++++++++++++++++++++++++++ src/enacl_nif.erl | 7 +++++++ 3 files changed, 64 insertions(+), 1 deletion(-) diff --git a/c_src/enacl_nif.c b/c_src/enacl_nif.c index 7326b24..76f344e 100644 --- a/c_src/enacl_nif.c +++ b/c_src/enacl_nif.c @@ -79,6 +79,34 @@ ERL_NIF_TERM enif_crypto_verify_32(ErlNifEnv *env, int argc, ERL_NIF_TERM const } } +/* Curve 25519 */ +static +ERL_NIF_TERM enif_crypto_curve25519_scalarmult(ErlNifEnv *env, int argc, ERL_NIF_TERM const argv[]) { + ErlNifBinary secret, basepoint, output; + uint8_t bp[crypto_scalarmult_curve25519_BYTES]; + + if ((argc != 2) || (!enif_inspect_binary(env, argv[0], &secret)) + || (!enif_inspect_binary(env, argv[1], &basepoint)) + || (secret.size != crypto_scalarmult_curve25519_BYTES) + || (basepoint.size != crypto_scalarmult_curve25519_BYTES)) { + return enif_make_badarg(env); + } + + memcpy(bp, basepoint.data, crypto_scalarmult_curve25519_BYTES); + + /* Clear the high-bit. Better safe than sorry. */ + bp[31] &= 0x7f; + + if (!enif_alloc_binary(crypto_scalarmult_curve25519_BYTES, &output)) { + return nacl_error_tuple(env, "alloc_failed"); + } + + if (crypto_scalarmult_curve25519(output.data, secret.data, bp) < 0) { + return nacl_error_tuple(env, "scalarmult_curve25519_failed"); + } + + return enif_make_binary(env, &output); +} /* Public-key cryptography */ static @@ -806,7 +834,9 @@ static ErlNifFunc nif_funcs[] = { {"crypto_hash", 1, enif_crypto_hash, ERL_NIF_DIRTY_JOB_CPU_BOUND}, {"crypto_verify_16", 2, enif_crypto_verify_16}, {"crypto_verify_32", 2, enif_crypto_verify_32}, - + + {"crypto_curve25519_scalarmult", 2, enif_crypto_curve25519_scalarmult}, + {"randombytes_b", 1, enif_randombytes}, {"randombytes", 1, enif_randombytes, ERL_NIF_DIRTY_JOB_CPU_BOUND}, diff --git a/src/enacl.erl b/src/enacl.erl index 35177c7..8fe12c3 100644 --- a/src/enacl.erl +++ b/src/enacl.erl @@ -67,6 +67,12 @@ verify_32/2 ]). +%% Curve25519 +-export([ + curve25519_keypair/0, + curve25519_shared/2 +]). + %% Libsodium specific functions (which are also part of the "undocumented" interface to NaCl -export([ randombytes/1 @@ -168,6 +174,26 @@ verify_16(_, _) -> error(badarg). verify_32(X, Y) when is_binary(X), is_binary(Y) -> enacl_nif:crypto_verify_32(X, Y); verify_32(_, _) -> error(badarg). +%% Curve 25519 Crypto +%% ------------------ +%% @doc curve25519_keypair/0 creates a new Public/Secret keypair. +%% +%% Generates and returns a new key pair for the Curve 25519 encryption scheme. The return value is a +%% map in order to avoid using the public key as a secret key and vice versa. +%% @end. +-spec curve25519_keypair() -> #{ atom() => binary() }. +curve25519_keypair() -> + <> = randombytes(32), + SK = <<(B0 band 248), B1/binary, (64 bor (B2 band 127))>>, + PK = enacl_nif:crypto_curve25519_scalarmult(SK, <<9, 0:248>>), + #{ public => PK, secret => SK }. + +%% @doc curve25519_shared/2 creates a new shared secret from a given SecretKey and PublicKey. +%% @end. +-spec curve25519_shared(SecretKey :: binary(), PublicKey :: binary()) -> binary(). +curve25519_shared(SecretKey, PublicKey) -> + enacl_nif:crypto_curve25519_scalarmult(SecretKey, PublicKey). + %% Public Key Crypto %% --------------------- %% @doc box_keypair/0 creates a new Public/Secret keypair. diff --git a/src/enacl_nif.erl b/src/enacl_nif.erl index 06f8a0a..e8c4e2e 100644 --- a/src/enacl_nif.erl +++ b/src/enacl_nif.erl @@ -71,6 +71,11 @@ crypto_onetimeauth_verify_b/3 ]). +%% Curve25519 +-export([ + crypto_curve25519_scalarmult/2 +]). + %% Miscellaneous helper functions -export([ crypto_hash/1, @@ -161,6 +166,8 @@ crypto_onetimeauth_b(_Msg, _Key) -> erlang:nif_error(nif_not_loaded). crypto_onetimeauth_verify(_Authenticator, _Msg, _Key) -> erlang:nif_error(nif_not_loaded). crypto_onetimeauth_verify_b(_Authenticator, _Msg, _Key) -> erlang:nif_error(nif_not_loaded). +crypto_curve25519_scalarmult(_Secret, _BasePoint) -> erlang:nif_error(nif_not_loaded). + crypto_hash(Input) when is_binary(Input) -> erlang:nif_error(nif_not_loaded). crypto_hash_b(Input) when is_binary(Input) -> erlang:nif_error(nif_not_loaded). crypto_verify_16(_X, _Y) -> erlang:nif_error(nif_not_loaded). From ef36bb85c10f3c39cb935dce066061e682e77ec5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alexander=20F=C3=A6r=C3=B8y?= Date: Sat, 21 Feb 2015 23:08:07 +0100 Subject: [PATCH 3/5] Add curve25519_public_key/1. --- src/enacl.erl | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/enacl.erl b/src/enacl.erl index 8fe12c3..4e3e1f8 100644 --- a/src/enacl.erl +++ b/src/enacl.erl @@ -70,6 +70,7 @@ %% Curve25519 -export([ curve25519_keypair/0, + curve25519_public_key/1, curve25519_shared/2 ]). @@ -185,9 +186,15 @@ verify_32(_, _) -> error(badarg). curve25519_keypair() -> <> = randombytes(32), SK = <<(B0 band 248), B1/binary, (64 bor (B2 band 127))>>, - PK = enacl_nif:crypto_curve25519_scalarmult(SK, <<9, 0:248>>), + PK = curve25519_public_key(SK), #{ public => PK, secret => SK }. +%% @doc curve25519_public_key/1 creates a public key from a given SecretKey. +%% @end +-spec curve25519_public_key(SecretKey :: binary()) -> binary(). +curve25519_public_key(SecretKey) -> + enacl_nif:crypto_curve25519_scalarmult(SecretKey, <<9, 0:248>>). + %% @doc curve25519_shared/2 creates a new shared secret from a given SecretKey and PublicKey. %% @end. -spec curve25519_shared(SecretKey :: binary(), PublicKey :: binary()) -> binary(). From d61d3634267542a025c653c733f0621986d50da3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alexander=20F=C3=A6r=C3=B8y?= Date: Sun, 22 Feb 2015 13:26:11 +0100 Subject: [PATCH 4/5] Zero out temporary secret key memory. --- c_src/enacl_nif.c | 24 +++++++++++++++++------- 1 file changed, 17 insertions(+), 7 deletions(-) diff --git a/c_src/enacl_nif.c b/c_src/enacl_nif.c index 76f344e..6273eda 100644 --- a/c_src/enacl_nif.c +++ b/c_src/enacl_nif.c @@ -82,6 +82,7 @@ ERL_NIF_TERM enif_crypto_verify_32(ErlNifEnv *env, int argc, ERL_NIF_TERM const /* Curve 25519 */ static ERL_NIF_TERM enif_crypto_curve25519_scalarmult(ErlNifEnv *env, int argc, ERL_NIF_TERM const argv[]) { + ERL_NIF_TERM result; ErlNifBinary secret, basepoint, output; uint8_t bp[crypto_scalarmult_curve25519_BYTES]; @@ -97,15 +98,24 @@ ERL_NIF_TERM enif_crypto_curve25519_scalarmult(ErlNifEnv *env, int argc, ERL_NIF /* Clear the high-bit. Better safe than sorry. */ bp[31] &= 0x7f; - if (!enif_alloc_binary(crypto_scalarmult_curve25519_BYTES, &output)) { - return nacl_error_tuple(env, "alloc_failed"); - } + do + { + if (!enif_alloc_binary(crypto_scalarmult_curve25519_BYTES, &output)) { + result = nacl_error_tuple(env, "alloc_failed"); + continue; + } - if (crypto_scalarmult_curve25519(output.data, secret.data, bp) < 0) { - return nacl_error_tuple(env, "scalarmult_curve25519_failed"); - } + if (crypto_scalarmult_curve25519(output.data, secret.data, bp) < 0) { + result = nacl_error_tuple(env, "scalarmult_curve25519_failed"); + continue; + } - return enif_make_binary(env, &output); + result = enif_make_binary(env, &output); + } while (0); + + sodium_memzero(bp, crypto_scalarmult_curve25519_BYTES); + + return result; } /* Public-key cryptography */ From e408278d5008f7f42ecf6f2f21abe1b6d07a7623 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alexander=20F=C3=A6r=C3=B8y?= Date: Sun, 22 Feb 2015 14:29:44 +0100 Subject: [PATCH 5/5] Move the high-level API to enacl_ext --- src/enacl.erl | 46 +++++++++++++--------------------------------- src/enacl_ext.erl | 33 +++++++++++++++++++++++++++++++++ 2 files changed, 46 insertions(+), 33 deletions(-) diff --git a/src/enacl.erl b/src/enacl.erl index 4e3e1f8..f73eace 100644 --- a/src/enacl.erl +++ b/src/enacl.erl @@ -60,6 +60,11 @@ onetime_auth_verify/3 ]). +%% Curve 25519. +-export([ + curve25519_scalarmult/2 +]). + %% Low-level functions -export([ hash/1, @@ -67,13 +72,6 @@ verify_32/2 ]). -%% Curve25519 --export([ - curve25519_keypair/0, - curve25519_public_key/1, - curve25519_shared/2 -]). - %% Libsodium specific functions (which are also part of the "undocumented" interface to NaCl -export([ randombytes/1 @@ -175,32 +173,6 @@ verify_16(_, _) -> error(badarg). verify_32(X, Y) when is_binary(X), is_binary(Y) -> enacl_nif:crypto_verify_32(X, Y); verify_32(_, _) -> error(badarg). -%% Curve 25519 Crypto -%% ------------------ -%% @doc curve25519_keypair/0 creates a new Public/Secret keypair. -%% -%% Generates and returns a new key pair for the Curve 25519 encryption scheme. The return value is a -%% map in order to avoid using the public key as a secret key and vice versa. -%% @end. --spec curve25519_keypair() -> #{ atom() => binary() }. -curve25519_keypair() -> - <> = randombytes(32), - SK = <<(B0 band 248), B1/binary, (64 bor (B2 band 127))>>, - PK = curve25519_public_key(SK), - #{ public => PK, secret => SK }. - -%% @doc curve25519_public_key/1 creates a public key from a given SecretKey. -%% @end --spec curve25519_public_key(SecretKey :: binary()) -> binary(). -curve25519_public_key(SecretKey) -> - enacl_nif:crypto_curve25519_scalarmult(SecretKey, <<9, 0:248>>). - -%% @doc curve25519_shared/2 creates a new shared secret from a given SecretKey and PublicKey. -%% @end. --spec curve25519_shared(SecretKey :: binary(), PublicKey :: binary()) -> binary(). -curve25519_shared(SecretKey, PublicKey) -> - enacl_nif:crypto_curve25519_scalarmult(SecretKey, PublicKey). - %% Public Key Crypto %% --------------------- %% @doc box_keypair/0 creates a new Public/Secret keypair. @@ -624,6 +596,14 @@ onetime_auth_size() -> enacl_nif:crypto_onetimeauth_BYTES(). -spec onetime_auth_key_size() -> pos_integer(). onetime_auth_key_size() -> enacl_nif:crypto_onetimeauth_KEYBYTES(). +%% Curve 25519 Crypto +%% ------------------ +%% @doc curve25519_scalarmult/2 does a scalar multiplication between the Secret and the BasePoint. +%% @end. +-spec curve25519_scalarmult(Secret :: binary(), BasePoint :: binary()) -> binary(). +curve25519_scalarmult(Secret, BasePoint) -> + enacl_nif:crypto_curve25519_scalarmult(Secret, BasePoint). + %% Obtaining random bytes %% @doc randombytes/1 produces a stream of random bytes of the given size diff --git a/src/enacl_ext.erl b/src/enacl_ext.erl index c18abe1..cc3a594 100644 --- a/src/enacl_ext.erl +++ b/src/enacl_ext.erl @@ -9,6 +9,13 @@ scramble_block_16/2 ]). +%% Curve25519 +-export([ + curve25519_keypair/0, + curve25519_public_key/1, + curve25519_shared/2 +]). + %% @doc scramble_block_16/2 scrambles (encrypt) a block under a given key %% The rules are that the block is 16 bytes and the key is 32 bytes. The block %% is scrambled by means of the (secret) key. This makes it impossible for an @@ -23,3 +30,29 @@ -spec scramble_block_16(binary(), binary()) -> binary(). scramble_block_16(Block, Key) -> enacl_nif:scramble_block_16(Block, Key). + +%% Curve 25519 Crypto +%% ------------------ +%% @doc curve25519_keypair/0 creates a new Public/Secret keypair. +%% +%% Generates and returns a new key pair for the Curve 25519 encryption scheme. The return value is a +%% map in order to avoid using the public key as a secret key and vice versa. +%% @end. +-spec curve25519_keypair() -> #{ atom() => binary() }. +curve25519_keypair() -> + <> = enacl:randombytes(32), + SK = <<(B0 band 248), B1/binary, (64 bor (B2 band 127))>>, + PK = curve25519_public_key(SK), + #{ public => PK, secret => SK }. + +%% @doc curve25519_public_key/1 creates a public key from a given SecretKey. +%% @end +-spec curve25519_public_key(SecretKey :: binary()) -> binary(). +curve25519_public_key(SecretKey) -> + enacl:curve25519_scalarmult(SecretKey, <<9, 0:248>>). + +%% @doc curve25519_shared/2 creates a new shared secret from a given SecretKey and PublicKey. +%% @end. +-spec curve25519_shared(SecretKey :: binary(), PublicKey :: binary()) -> binary(). +curve25519_shared(SecretKey, PublicKey) -> + enacl:curve25519_scalarmult(SecretKey, PublicKey).