diff --git a/CHANGELOG.md b/CHANGELOG.md index 3edd931..f8794ff 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,9 +9,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. - Go through all calls and make them return streamlined exceptions if applicable. Pretty large change, but OTOH, this ought to happen before a 1.0 release as well. - - hash - kx - - randombytes - secret - sign - enacl_nif @@ -79,6 +77,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. - Split Sign Public Key routines from the rest. Modernize the handling of contexts. - The multi-part generic hash routines now follow the structure of the crypto modules multi-part constructions in API and style. +- The AEAD constructions have been streamlined so they follow the rules of libsodium + closer than before. In particular, some dead code has been removed as a result. ### Fixed - Fix a resource leak in generichash/sign init/update/final. diff --git a/c_src/hash.c b/c_src/hash.c index 5820a24..84bcded 100644 --- a/c_src/hash.c +++ b/c_src/hash.c @@ -2,6 +2,7 @@ #include +#include "enacl.h" #include "hash.h" ERL_NIF_TERM enacl_crypto_shorthash_BYTES(ErlNifEnv *env, int argc, @@ -28,7 +29,7 @@ ERL_NIF_TERM enacl_crypto_shorthash(ErlNifEnv *env, int argc, } if (!enif_alloc_binary(crypto_shorthash_BYTES, &a)) { - return enacl_error_tuple(env, "alloc_failed"); + return enacl_internal_error(env); } crypto_shorthash(a.data, m.data, m.size, k.data); @@ -54,9 +55,8 @@ ERL_NIF_TERM enacl_crypto_hash(ErlNifEnv *env, int argc, bad_arg: return enif_make_badarg(env); - err: - ret = enacl_error_tuple(env, "alloc_failed"); + ret = enacl_internal_error(env); done: return ret; } diff --git a/eqc_test/enacl_eqc.erl b/eqc_test/enacl_eqc.erl index 4a9640a..7eb1486 100644 --- a/eqc_test/enacl_eqc.erl +++ b/eqc_test/enacl_eqc.erl @@ -783,6 +783,25 @@ prop_crypto_hash_neq() -> enacl:hash(X) /= enacl:hash(Y) ). +prop_crypto_shorthash_eq() -> + ?FORALL(X, g_iodata(), + case v_iodata(X) of + true -> equals(enacl:hash(X), enacl:hash(X)); + false -> + try + enacl:hash(X), + false + catch + error:badarg -> true + end + end + ). + +prop_crypto_shorthash_neq() -> + ?FORALL({X, Y}, diff_pair(), + enacl:hash(X) /= enacl:hash(Y) + ). + %% STRING COMPARISON %% ------------------------- %% * verify_16/2, @@ -842,7 +861,8 @@ prop_randombytes() -> ?FORALL(X, g_nat(), case is_nat(X) of true -> - is_binary(enacl:randombytes(X)); + R = enacl:randombytes(X), + is_binary(R) andalso (byte_size(R) == X); false -> try enacl:randombytes(X), @@ -853,6 +873,13 @@ prop_randombytes() -> end end). +prop_randombytes_uint32() -> + ?FORALL(_, return(x), + begin + V = enacl:randombytes_uint32(), + is_integer(V) + end). + %% SCRAMBLING prop_scramble_block() -> ?FORALL({Block, Key}, {binary(16), eqc_gen:largebinary(32)}, diff --git a/src/enacl.erl b/src/enacl.erl index d618fae..2c81178 100644 --- a/src/enacl.erl +++ b/src/enacl.erl @@ -953,6 +953,10 @@ shorthash_size() -> %% %% Given a `Msg' and a `Key' produce a MAC/Authenticator for that message. The key can be reused for several such Msg/Authenticator pairs. %% An eavesdropper will not learn anything extra about the message structure. +%% +%% The intended use is to generate a random key and use it as a hash table or bloom filter function. +%% This avoids an enemy their ability to predict where a collision would occur in the data structure, +%% since they don't know the key. %% @end -spec shorthash(Msg, Key) -> Authenticator when diff --git a/test/enacl_SUITE.erl b/test/enacl_SUITE.erl index dec7371..a5633bd 100644 --- a/test/enacl_SUITE.erl +++ b/test/enacl_SUITE.erl @@ -44,7 +44,8 @@ groups() -> aead_chacha20poly1305_ietf, pwhash, sign, - kx]}, + kx, + randombytes]}, [Neg, Pos].