From fffe07e965b7d83dc1b29a3f712bac449fcbcfcc Mon Sep 17 00:00:00 2001 From: Jesper Louis Andersen Date: Sun, 19 Mar 2017 19:28:39 +0100 Subject: [PATCH] Reindent everything. Indentation follows the standard emacs mode for Erlang code. --- src/enacl.erl | 590 ++++++++++++++++++++++++---------------------- src/enacl_ext.erl | 12 +- src/enacl_nif.erl | 187 +++++++-------- 3 files changed, 408 insertions(+), 381 deletions(-) diff --git a/src/enacl.erl b/src/enacl.erl index 790edf4..04a3572 100644 --- a/src/enacl.erl +++ b/src/enacl.erl @@ -18,82 +18,82 @@ %% Public key crypto -export([ - box_keypair/0, - box/4, - box_open/4, - box_beforenm/2, - box_afternm/3, - box_open_afternm/3, + box_keypair/0, + box/4, + box_open/4, + box_beforenm/2, + box_afternm/3, + box_open_afternm/3, - box_nonce_size/0, - box_public_key_bytes/0, - box_secret_key_bytes/0, - box_beforenm_bytes/0, + box_nonce_size/0, + box_public_key_bytes/0, + box_secret_key_bytes/0, + box_beforenm_bytes/0, - sign_keypair_public_size/0, - sign_keypair_secret_size/0, - sign_keypair/0, - sign/2, - sign_open/2, - sign_detached/2, - sign_verify_detached/3, + sign_keypair_public_size/0, + sign_keypair_secret_size/0, + sign_keypair/0, + sign/2, + sign_open/2, + sign_detached/2, + sign_verify_detached/3, - box_seal/2, - box_seal_open/3 + box_seal/2, + box_seal_open/3 ]). %% Secret key crypto -export([ - secretbox_key_size/0, - secretbox_nonce_size/0, - secretbox/3, - secretbox_open/3, + secretbox_key_size/0, + secretbox_nonce_size/0, + secretbox/3, + secretbox_open/3, - stream_chacha20_key_size/0, - stream_chacha20_nonce_size/0, - stream_chacha20/3, - stream_chacha20_xor/3, + stream_chacha20_key_size/0, + stream_chacha20_nonce_size/0, + stream_chacha20/3, + stream_chacha20_xor/3, - stream_key_size/0, - stream_nonce_size/0, - stream/3, - stream_xor/3, + stream_key_size/0, + stream_nonce_size/0, + stream/3, + stream_xor/3, - auth_key_size/0, - auth_size/0, - auth/2, - auth_verify/3, + auth_key_size/0, + auth_size/0, + auth/2, + auth_verify/3, - shorthash_key_size/0, - shorthash_size/0, - shorthash/2, + shorthash_key_size/0, + shorthash_size/0, + shorthash/2, - onetime_auth_key_size/0, - onetime_auth_size/0, - onetime_auth/2, - onetime_auth_verify/3 + onetime_auth_key_size/0, + onetime_auth_size/0, + onetime_auth/2, + onetime_auth_verify/3 ]). %% Curve 25519. -export([ - curve25519_scalarmult/1, curve25519_scalarmult/2 + curve25519_scalarmult/1, curve25519_scalarmult/2 ]). %% Ed 25519. -export([ - crypto_sign_ed25519_keypair/0, - crypto_sign_ed25519_public_to_curve25519/1, - crypto_sign_ed25519_secret_to_curve25519/1, - crypto_sign_ed25519_public_size/0, - crypto_sign_ed25519_secret_size/0 -]). + crypto_sign_ed25519_keypair/0, + crypto_sign_ed25519_public_to_curve25519/1, + crypto_sign_ed25519_secret_to_curve25519/1, + crypto_sign_ed25519_public_size/0, + crypto_sign_ed25519_secret_size/0 + ]). %% Low-level functions -export([ - hash/1, - verify_16/2, - verify_32/2, - unsafe_memzero/1 + hash/1, + verify_16/2, + verify_32/2, + unsafe_memzero/1 ]). %% Key exchange functions @@ -108,11 +108,11 @@ %% Libsodium specific functions (which are also part of the "undocumented" interface to NaCl -export([ - randombytes/1 + randombytes/1 ]). -export([ - verify/0 + verify/0 ]). %% Definitions of system budgets @@ -159,20 +159,21 @@ verify() -> true = equals(binary:copy(<<0>>, enacl_nif:crypto_box_BOXZEROBYTES()), ?P_BOXZEROBYTES), true = equals(binary:copy(<<0>>, enacl_nif:crypto_secretbox_ZEROBYTES()), ?S_ZEROBYTES), true = equals(binary:copy(<<0>>, enacl_nif:crypto_secretbox_BOXZEROBYTES()), - ?S_BOXZEROBYTES), + ?S_BOXZEROBYTES), - Verifiers = [ - {crypto_stream_chacha20_KEYBYTES, ?CRYPTO_STREAM_CHACHA20_KEYBYTES}, - {crypto_stream_chacha20_NONCEBYTES, ?CRYPTO_STREAM_CHACHA20_NONCEBYTES}, - {crypto_stream_KEYBYTES, ?CRYPTO_STREAM_KEYBYTES}, - {crypto_stream_NONCEBYTES, ?CRYPTO_STREAM_NONCEBYTES}, - {crypto_box_ZEROBYTES, ?CRYPTO_BOX_ZEROBYTES}, - {crypto_box_BOXZEROBYTES, ?CRYPTO_BOX_BOXZEROBYTES}, - {crypto_secretbox_ZEROBYTES, ?CRYPTO_SECRETBOX_ZEROBYTES}, - {crypto_secretbox_BOXZEROBYTES, ?CRYPTO_SECRETBOX_BOXZEROBYTES}, - {crypto_kx_SESSIONKEYBYTES, ?CRYPTO_KX_SESSIONKEYBYTES}, - {crypto_kx_PUBLICKEYBYTES, ?CRYPTO_KX_PUBLICKEYBYTES}, - {crypto_kx_SECRETKEYBYTES, ?CRYPTO_KX_SECRETKEYBYTES} + Verifiers = + [ + {crypto_stream_chacha20_KEYBYTES, ?CRYPTO_STREAM_CHACHA20_KEYBYTES}, + {crypto_stream_chacha20_NONCEBYTES, ?CRYPTO_STREAM_CHACHA20_NONCEBYTES}, + {crypto_stream_KEYBYTES, ?CRYPTO_STREAM_KEYBYTES}, + {crypto_stream_NONCEBYTES, ?CRYPTO_STREAM_NONCEBYTES}, + {crypto_box_ZEROBYTES, ?CRYPTO_BOX_ZEROBYTES}, + {crypto_box_BOXZEROBYTES, ?CRYPTO_BOX_BOXZEROBYTES}, + {crypto_secretbox_ZEROBYTES, ?CRYPTO_SECRETBOX_ZEROBYTES}, + {crypto_secretbox_BOXZEROBYTES, ?CRYPTO_SECRETBOX_BOXZEROBYTES}, + {crypto_kx_SESSIONKEYBYTES, ?CRYPTO_KX_SESSIONKEYBYTES}, + {crypto_kx_PUBLICKEYBYTES, ?CRYPTO_KX_PUBLICKEYBYTES}, + {crypto_kx_SECRETKEYBYTES, ?CRYPTO_KX_SECRETKEYBYTES} ], run_verifiers(Verifiers). @@ -197,9 +198,9 @@ equals(X,Y) -> {X, '/=', Y}. %%

The currently selected primitive (Nov. 2014) is SHA-512

%% @end -spec hash(Data) -> Checksum - when Data :: iodata(), - Checksum :: binary(). - + when + Data :: iodata(), + Checksum :: binary(). hash(Bin) -> case iolist_size(Bin) of K when K =< ?HASH_SIZE -> @@ -220,16 +221,20 @@ hash(Bin) -> %%

Verification returns a boolean. `true' if the strings match, `false' otherwise.

%% @end -spec verify_16(binary(), binary()) -> boolean(). -verify_16(X, Y) when is_binary(X), is_binary(Y) -> enacl_nif:crypto_verify_16(X, Y); -verify_16(_, _) -> error(badarg). +verify_16(X, Y) when is_binary(X), is_binary(Y) -> + enacl_nif:crypto_verify_16(X, Y); +verify_16(_, _) -> + error(badarg). %% @doc verify_32/2 implements constant time 32-byte iolist() verification %% %% This function works as {@link verify_16/2} but does so on 32 byte strings. Same caveats apply. %% @end -spec verify_32(binary(), binary()) -> boolean(). -verify_32(X, Y) when is_binary(X), is_binary(Y) -> enacl_nif:crypto_verify_32(X, Y); -verify_32(_, _) -> error(badarg). +verify_32(X, Y) when is_binary(X), is_binary(Y) -> + enacl_nif:crypto_verify_32(X, Y); +verify_32(_, _) -> + error(badarg). %% @doc unsafe_memzero/1 ipmlements guaranteed zero'ing of binary data. %% @@ -239,8 +244,10 @@ verify_32(_, _) -> error(badarg). %% a running process without copies. This allows removing, eg, symmetric session keys.

%% @end -spec unsafe_memzero(binary()) -> atom(). -unsafe_memzero(X) when is_binary(X) -> enacl_nif:sodium_memzero(X); -unsafe_memzero(_) -> error(badarg). +unsafe_memzero(X) when is_binary(X) -> + enacl_nif:sodium_memzero(X); +unsafe_memzero(_) -> + error(badarg). %% Public Key Crypto %% --------------------- @@ -251,8 +258,8 @@ unsafe_memzero(_) -> error(badarg). %% @end. -spec box_keypair() -> #{ atom() => binary() }. box_keypair() -> - {PK, SK} = enacl_nif:crypto_box_keypair(), - #{ public => PK, secret => SK}. + {PK, SK} = enacl_nif:crypto_box_keypair(), + #{ public => PK, secret => SK}. %% @doc box/4 encrypts+authenticates a message to another party. @@ -261,11 +268,12 @@ box_keypair() -> %% authenticate yourself. Requires a `Nonce' in addition. Returns the ciphered message. %% @end -spec box(Msg, Nonce, PK, SK) -> CipherText - when Msg :: iodata(), - Nonce :: binary(), - PK :: binary(), - SK :: binary(), - CipherText :: binary(). + when + Msg :: iodata(), + Nonce :: binary(), + PK :: binary(), + SK :: binary(), + CipherText :: binary(). box(Msg, Nonce, PK, SK) -> enacl_nif:crypto_box([?P_ZEROBYTES, Msg], Nonce, PK, SK). @@ -276,11 +284,12 @@ box(Msg, Nonce, PK, SK) -> %% message. %% @end -spec box_open(CipherText, Nonce, PK, SK) -> {ok, Msg} | {error, failed_verification} - when CipherText :: iodata(), - Nonce :: binary(), - PK :: binary(), - SK :: binary(), - Msg :: binary(). + when + CipherText :: iodata(), + Nonce :: binary(), + PK :: binary(), + SK :: binary(), + Msg :: binary(). box_open(CipherText, Nonce, PK, SK) -> case enacl_nif:crypto_box_open([?P_BOXZEROBYTES, CipherText], Nonce, PK, SK) of {error, Err} -> {error, Err}; @@ -305,16 +314,16 @@ box_beforenm(PK, SK) -> %% and thus is a much faster operation. %% @end -spec box_afternm(Msg, Nonce, K) -> CipherText - when - Msg :: iodata(), - Nonce :: binary(), - K :: binary(), - CipherText :: binary(). + when + Msg :: iodata(), + Nonce :: binary(), + K :: binary(), + CipherText :: binary(). box_afternm(Msg, Nonce, Key) -> case iolist_size(Msg) of K when K =< ?BOX_AFTERNM_SIZE -> bump(enacl_nif:crypto_box_afternm_b([?P_ZEROBYTES, Msg], Nonce, Key), - ?BOX_AFTERNM_REDUCTIONS, ?BOX_AFTERNM_SIZE, K); + ?BOX_AFTERNM_REDUCTIONS, ?BOX_AFTERNM_SIZE, K); _ -> enacl_nif:crypto_box_afternm([?P_ZEROBYTES, Msg], Nonce, Key) end. @@ -326,24 +335,30 @@ box_afternm(Msg, Nonce, Key) -> %% computations in the elliptic curve Curve25519. %% @end -spec box_open_afternm(CT, Nonce, K) -> {ok, Msg} | {error, failed_verification} - when - CT :: binary(), - Nonce :: binary(), - K :: binary(), - Msg :: binary(). + when + CT :: binary(), + Nonce :: binary(), + K :: binary(), + Msg :: binary(). box_open_afternm(CipherText, Nonce, Key) -> case iolist_size(CipherText) of K when K =< ?BOX_AFTERNM_SIZE -> - R = - case enacl_nif:crypto_box_open_afternm_b([?P_BOXZEROBYTES, CipherText], Nonce, Key) of - {error, Err} -> {error, Err}; - Bin when is_binary(Bin) -> {ok, Bin} - end, - bump(R, ?BOX_AFTERNM_REDUCTIONS, ?BOX_AFTERNM_SIZE, K); + R = + case enacl_nif:crypto_box_open_afternm_b( + [?P_BOXZEROBYTES, CipherText], Nonce, Key) of + {error, Err} -> + {error, Err}; + Bin when is_binary(Bin) -> + {ok, Bin} + end, + bump(R, ?BOX_AFTERNM_REDUCTIONS, ?BOX_AFTERNM_SIZE, K); _ -> - case enacl_nif:crypto_box_open_afternm([?P_BOXZEROBYTES, CipherText], Nonce, Key) of - {error, Err} -> {error, Err}; - Bin when is_binary(Bin) -> {ok, Bin} + case enacl_nif:crypto_box_open_afternm( + [?P_BOXZEROBYTES, CipherText], Nonce, Key) of + {error, Err} -> + {error, Err}; + Bin when is_binary(Bin) -> + {ok, Bin} end end. @@ -353,16 +368,16 @@ box_open_afternm(CipherText, Nonce, Key) -> %% @end. -spec box_nonce_size() -> pos_integer(). box_nonce_size() -> - enacl_nif:crypto_box_NONCEBYTES(). + enacl_nif:crypto_box_NONCEBYTES(). %% @private -spec box_public_key_bytes() -> pos_integer(). box_public_key_bytes() -> - enacl_nif:crypto_box_PUBLICKEYBYTES(). + enacl_nif:crypto_box_PUBLICKEYBYTES(). %% @private box_beforenm_bytes() -> - enacl_nif:crypto_box_BEFORENMBYTES(). + enacl_nif:crypto_box_BEFORENMBYTES(). %% Signatures @@ -388,10 +403,10 @@ sign_keypair() -> %% Given a message `M' and a secret key `SK' the function will sign the message and return a signed message `SM'. %% @end -spec sign(M, SK) -> SM - when - M :: iodata(), - SK :: binary(), - SM :: binary(). + when + M :: iodata(), + SK :: binary(), + SM :: binary(). sign(M, SK) -> enacl_nif:crypto_sign(M, SK). @@ -402,14 +417,14 @@ sign(M, SK) -> %% on the correctness of the signature. %% @end -spec sign_open(SM, PK) -> {ok, M} | {error, failed_verification} - when - SM :: iodata(), - PK :: binary(), - M :: binary(). + when + SM :: iodata(), + PK :: binary(), + M :: binary(). sign_open(SM, PK) -> - case enacl_nif:crypto_sign_open(SM, PK) of - M when is_binary(M) -> {ok, M}; - {error, Err} -> {error, Err} + case enacl_nif:crypto_sign_open(SM, PK) of + M when is_binary(M) -> {ok, M}; + {error, Err} -> {error, Err} end. %% @doc sign_detached/2 computes a digital signature given a message and a secret key. @@ -417,10 +432,10 @@ sign_open(SM, PK) -> %% Given a message `M' and a secret key `SK' the function will compute the digital signature `DS'. %% @end -spec sign_detached(M, SK) -> DS - when - M :: iodata(), - SK :: binary(), - DS :: binary(). + when + M :: iodata(), + SK :: binary(), + DS :: binary(). sign_detached(M, SK) -> enacl_nif:crypto_sign_detached(M, SK). @@ -430,10 +445,10 @@ sign_detached(M, SK) -> %% Given a signature `SIG', a message `M', and a public key `PK', the function computes %% true iff the `SIG' is valid for `M' and `PK'. -spec sign_verify_detached(SIG, M, PK) -> {ok, M} | {error, failed_verification} - when - SIG :: binary(), - M :: iodata(), - PK :: binary(). + when + SIG :: binary(), + M :: iodata(), + PK :: binary(). sign_verify_detached(SIG, M, PK) -> case enacl_nif:crypto_sign_verify_detached(SIG, M, PK) of true -> {ok, M}; @@ -443,7 +458,7 @@ sign_verify_detached(SIG, M, PK) -> %% @private -spec box_secret_key_bytes() -> pos_integer(). box_secret_key_bytes() -> - enacl_nif:crypto_box_SECRETKEYBYTES(). + enacl_nif:crypto_box_SECRETKEYBYTES(). %% @doc seal_box/2 encrypts an anonymous message to another party. %% @@ -452,9 +467,10 @@ box_secret_key_bytes() -> %% enciphered message `SealedCipherText' which includes ephemeral public key at head. %% @end -spec box_seal(Msg, PK) -> SealedCipherText - when Msg :: iodata(), - PK :: binary(), - SealedCipherText :: binary(). + when + Msg :: iodata(), + PK :: binary(), + SealedCipherText :: binary(). box_seal(Msg, PK) -> enacl_nif:crypto_box_seal(Msg, PK). @@ -465,7 +481,8 @@ box_seal(Msg, PK) -> %% plaintext message. %% @end -spec box_seal_open(SealedCipherText, PK, SK) -> {ok, Msg} | {error, failed_verification} - when SealedCipherText :: iodata(), + when + SealedCipherText :: iodata(), PK :: binary(), SK :: binary(), Msg :: binary(). @@ -481,21 +498,20 @@ box_seal_open(SealedCipherText, PK, SK) -> %% nonce into consideration. The function returns the Box obtained from the encryption. %% @end -spec secretbox(Msg, Nonce, Key) -> Box - when - Msg :: iodata(), - Nonce :: binary(), - Key :: binary(), - Box :: binary(). - + when + Msg :: iodata(), + Nonce :: binary(), + Key :: binary(), + Box :: binary(). secretbox(Msg, Nonce, Key) -> case iolist_size(Msg) of K when K =< ?SECRETBOX_SIZE -> - bump(enacl_nif:crypto_secretbox_b([?S_ZEROBYTES, Msg], Nonce, Key), - ?SECRETBOX_REDUCTIONS, - ?SECRETBOX_SIZE, - K); + bump(enacl_nif:crypto_secretbox_b([?S_ZEROBYTES, Msg], Nonce, Key), + ?SECRETBOX_REDUCTIONS, + ?SECRETBOX_SIZE, + K); _ -> - enacl_nif:crypto_secretbox([?S_ZEROBYTES, Msg], Nonce, Key) + enacl_nif:crypto_secretbox([?S_ZEROBYTES, Msg], Nonce, Key) end. %% @doc secretbox_open/3 opens a sealed box. %% @@ -503,26 +519,26 @@ secretbox(Msg, Nonce, Key) -> %% to obtain the `Msg` within. Returns either `{ok, Msg}' or `{error, failed_verification}'. %% @end -spec secretbox_open(CipherText, Nonce, Key) -> {ok, Msg} | {error, failed_verification} - when - CipherText :: iodata(), - Nonce :: binary(), - Key :: binary(), - Msg :: binary(). + when + CipherText :: iodata(), + Nonce :: binary(), + Key :: binary(), + Msg :: binary(). secretbox_open(CipherText, Nonce, Key) -> case iolist_size(CipherText) of K when K =< ?SECRETBOX_SIZE -> - R = case enacl_nif:crypto_secretbox_open_b([?S_BOXZEROBYTES, CipherText], - Nonce, Key) of - {error, Err} -> {error, Err}; - Bin when is_binary(Bin) -> {ok, Bin} - end, - bump(R, ?SECRETBOX_OPEN_REDUCTIONS, ?SECRETBOX_SIZE, K); + R = case enacl_nif:crypto_secretbox_open_b([?S_BOXZEROBYTES, CipherText], + Nonce, Key) of + {error, Err} -> {error, Err}; + Bin when is_binary(Bin) -> {ok, Bin} + end, + bump(R, ?SECRETBOX_OPEN_REDUCTIONS, ?SECRETBOX_SIZE, K); _ -> - case enacl_nif:crypto_secretbox_open([?S_BOXZEROBYTES, CipherText], Nonce, Key) of - {error, Err} -> {error, Err}; - Bin when is_binary(Bin) -> {ok, Bin} - end - end. + case enacl_nif:crypto_secretbox_open([?S_BOXZEROBYTES, CipherText], Nonce, Key) of + {error, Err} -> {error, Err}; + Bin when is_binary(Bin) -> {ok, Bin} + end + end. %% @doc secretbox_nonce_size/0 returns the size of the secretbox nonce %% @@ -541,12 +557,14 @@ secretbox_key_size() -> %% @doc stream_chacha20_nonce_size/0 returns the byte size of the nonce for streams %% @end -spec stream_chacha20_nonce_size() -> ?CRYPTO_STREAM_CHACHA20_NONCEBYTES. -stream_chacha20_nonce_size() -> ?CRYPTO_STREAM_CHACHA20_NONCEBYTES. +stream_chacha20_nonce_size() -> + ?CRYPTO_STREAM_CHACHA20_NONCEBYTES. %% @doc stream_key_size/0 returns the byte size of the key for streams %% @end -spec stream_chacha20_key_size() -> ?CRYPTO_STREAM_CHACHA20_KEYBYTES. -stream_chacha20_key_size() -> ?CRYPTO_STREAM_CHACHA20_KEYBYTES. +stream_chacha20_key_size() -> + ?CRYPTO_STREAM_CHACHA20_KEYBYTES. %% @doc stream_chacha20/3 produces a cryptographic stream suitable for secret-key encryption %% @@ -557,11 +575,11 @@ stream_chacha20_key_size() -> ?CRYPTO_STREAM_CHACHA20_KEYBYTES. %% the messages will have predictability which in turn makes the encryption scheme fail.

%% @end -spec stream_chacha20(Len, Nonce, Key) -> CryptoStream - when - Len :: non_neg_integer(), - Nonce :: binary(), - Key :: binary(), - CryptoStream :: binary(). + when + Len :: non_neg_integer(), + Nonce :: binary(), + Key :: binary(), + CryptoStream :: binary(). stream_chacha20(Len, Nonce, Key) when is_integer(Len), Len >= 0, Len =< ?STREAM_SIZE -> bump(enacl_nif:crypto_stream_chacha20_b(Len, Nonce, Key), ?STREAM_REDUCTIONS, @@ -577,31 +595,33 @@ stream_chacha20(_, _, _) -> error(badarg). %% caveat applies: the nonce must be new for each sent message or the system fails to work. %% @end -spec stream_chacha20_xor(Msg, Nonce, Key) -> CipherText - when - Msg :: iodata(), - Nonce :: binary(), - Key :: binary(), - CipherText :: binary(). + when + Msg :: iodata(), + Nonce :: binary(), + Key :: binary(), + CipherText :: binary(). stream_chacha20_xor(Msg, Nonce, Key) -> case iolist_size(Msg) of - K when K =< ?STREAM_SIZE -> - bump(enacl_nif:crypto_stream_chacha20_xor_b(Msg, Nonce, Key), - ?STREAM_REDUCTIONS, - ?STREAM_SIZE, - K); - _ -> - enacl_nif:crypto_stream_chacha20_xor(Msg, Nonce, Key) + K when K =< ?STREAM_SIZE -> + bump(enacl_nif:crypto_stream_chacha20_xor_b(Msg, Nonce, Key), + ?STREAM_REDUCTIONS, + ?STREAM_SIZE, + K); + _ -> + enacl_nif:crypto_stream_chacha20_xor(Msg, Nonce, Key) end. %% @doc stream_nonce_size/0 returns the byte size of the nonce for streams %% @end -spec stream_nonce_size() -> ?CRYPTO_STREAM_NONCEBYTES. -stream_nonce_size() -> ?CRYPTO_STREAM_NONCEBYTES. +stream_nonce_size() -> + ?CRYPTO_STREAM_NONCEBYTES. %% @doc stream_key_size/0 returns the byte size of the key for streams %% @end -spec stream_key_size() -> ?CRYPTO_STREAM_KEYBYTES. -stream_key_size() -> ?CRYPTO_STREAM_KEYBYTES. +stream_key_size() -> + ?CRYPTO_STREAM_KEYBYTES. %% @doc stream/3 produces a cryptographic stream suitable for secret-key encryption %% @@ -612,11 +632,11 @@ stream_key_size() -> ?CRYPTO_STREAM_KEYBYTES. %% the messages will have predictability which in turn makes the encryption scheme fail.

%% @end -spec stream(Len, Nonce, Key) -> CryptoStream - when - Len :: non_neg_integer(), - Nonce :: binary(), - Key :: binary(), - CryptoStream :: binary(). + when + Len :: non_neg_integer(), + Nonce :: binary(), + Key :: binary(), + CryptoStream :: binary(). stream(Len, Nonce, Key) when is_integer(Len), Len >= 0, Len =< ?STREAM_SIZE -> bump(enacl_nif:crypto_stream_b(Len, Nonce, Key), ?STREAM_REDUCTIONS, @@ -632,31 +652,33 @@ stream(_, _, _) -> error(badarg). %% caveat applies: the nonce must be new for each sent message or the system fails to work. %% @end -spec stream_xor(Msg, Nonce, Key) -> CipherText - when - Msg :: iodata(), - Nonce :: binary(), - Key :: binary(), - CipherText :: binary(). + when + Msg :: iodata(), + Nonce :: binary(), + Key :: binary(), + CipherText :: binary(). stream_xor(Msg, Nonce, Key) -> case iolist_size(Msg) of - K when K =< ?STREAM_SIZE -> - bump(enacl_nif:crypto_stream_xor_b(Msg, Nonce, Key), - ?STREAM_REDUCTIONS, - ?STREAM_SIZE, - K); - _ -> - enacl_nif:crypto_stream_xor(Msg, Nonce, Key) + K when K =< ?STREAM_SIZE -> + bump(enacl_nif:crypto_stream_xor_b(Msg, Nonce, Key), + ?STREAM_REDUCTIONS, + ?STREAM_SIZE, + K); + _ -> + enacl_nif:crypto_stream_xor(Msg, Nonce, Key) end. %% @doc auth_key_size/0 returns the byte-size of the authentication key %% @end -spec auth_key_size() -> pos_integer(). -auth_key_size() -> enacl_nif:crypto_auth_KEYBYTES(). +auth_key_size() -> + enacl_nif:crypto_auth_KEYBYTES(). %% @doc auth_size/0 returns the byte-size of the authenticator %% @end -spec auth_size() -> pos_integer(). -auth_size() -> enacl_nif:crypto_auth_BYTES(). +auth_size() -> + enacl_nif:crypto_auth_BYTES(). %% @doc auth/2 produces an authenticator (MAC) for a message %% @@ -664,16 +686,16 @@ auth_size() -> enacl_nif:crypto_auth_BYTES(). %% An eavesdropper will not learn anything extra about the message structure. %% @end -spec auth(Msg, Key) -> Authenticator - when - Msg :: iodata(), - Key :: binary(), - Authenticator :: binary(). + when + Msg :: iodata(), + Key :: binary(), + Authenticator :: binary(). auth(Msg, Key) -> - case iolist_size(Msg) of - K when K =< ?AUTH_SIZE -> - bump(enacl_nif:crypto_auth_b(Msg, Key), ?AUTH_REDUCTIONS, ?AUTH_SIZE, K); - _ -> - enacl_nif:crypto_auth(Msg, Key) + case iolist_size(Msg) of + K when K =< ?AUTH_SIZE -> + bump(enacl_nif:crypto_auth_b(Msg, Key), ?AUTH_REDUCTIONS, ?AUTH_SIZE, K); + _ -> + enacl_nif:crypto_auth(Msg, Key) end. %% @doc auth_verify/3 verifies an authenticator for a message @@ -682,30 +704,32 @@ auth(Msg, Key) -> %% the value `true' if the verfication passes. Upon failure, the function returns `false'. %% @end -spec auth_verify(Authenticator, Msg, Key) -> boolean() - when - Authenticator :: binary(), - Msg :: iodata(), - Key :: binary(). + when + Authenticator :: binary(), + Msg :: iodata(), + Key :: binary(). auth_verify(A, M, K) -> case iolist_size(M) of - K when K =< ?AUTH_SIZE -> - bump(enacl_nif:crypto_auth_verify_b(A, M, K), - ?AUTH_REDUCTIONS, - ?AUTH_SIZE, - K); - _ -> - enacl_nif:crypto_auth_verify(A, M, K) + K when K =< ?AUTH_SIZE -> + bump(enacl_nif:crypto_auth_verify_b(A, M, K), + ?AUTH_REDUCTIONS, + ?AUTH_SIZE, + K); + _ -> + enacl_nif:crypto_auth_verify(A, M, K) end. %% @doc shorthash_key_size/0 returns the byte-size of the authentication key %% @end -spec shorthash_key_size() -> pos_integer(). -shorthash_key_size() -> enacl_nif:crypto_shorthash_KEYBYTES(). +shorthash_key_size() -> + enacl_nif:crypto_shorthash_KEYBYTES(). %% @doc shorthash_size/0 returns the byte-size of the authenticator %% @end -spec shorthash_size() -> pos_integer(). -shorthash_size() -> enacl_nif:crypto_shorthash_BYTES(). +shorthash_size() -> + enacl_nif:crypto_shorthash_BYTES(). %% @doc shorthash/2 produces a short authenticator (MAC) for a message suitable for hashtables and refs %% @@ -713,12 +737,12 @@ shorthash_size() -> enacl_nif:crypto_shorthash_BYTES(). %% An eavesdropper will not learn anything extra about the message structure. %% @end -spec shorthash(Msg, Key) -> Authenticator - when - Msg :: iodata(), - Key :: binary(), - Authenticator :: binary(). + when + Msg :: iodata(), + Key :: binary(), + Authenticator :: binary(). shorthash(Msg, Key) -> - enacl_nif:crypto_shorthash(Msg, Key). + enacl_nif:crypto_shorthash(Msg, Key). %% @doc onetime_auth/2 produces a ONE-TIME authenticator for a message %% @@ -726,19 +750,19 @@ shorthash(Msg, Key) -> %% `{Msg, Key}' is unique and only to be used once. The advantage is noticably faster execution. %% @end -spec onetime_auth(Msg, Key) -> Authenticator - when - Msg :: iodata(), - Key :: binary(), - Authenticator :: binary(). + when + Msg :: iodata(), + Key :: binary(), + Authenticator :: binary(). onetime_auth(Msg, Key) -> case iolist_size(Msg) of - K when K =< ?ONETIME_AUTH_SIZE -> - bump(enacl_nif:crypto_onetimeauth_b(Msg, Key), - ?ONETIME_AUTH_REDUCTIONS, - ?ONETIME_AUTH_SIZE, - K); - _ -> - enacl_nif:crypto_onetimeauth(Msg, Key) + K when K =< ?ONETIME_AUTH_SIZE -> + bump(enacl_nif:crypto_onetimeauth_b(Msg, Key), + ?ONETIME_AUTH_REDUCTIONS, + ?ONETIME_AUTH_SIZE, + K); + _ -> + enacl_nif:crypto_onetimeauth(Msg, Key) end. %% @doc onetime_auth_verify/3 verifies an ONE-TIME authenticator for a message @@ -748,30 +772,32 @@ onetime_auth(Msg, Key) -> %% applies: you are not allowed to ever use the same key again for another message. %% @end -spec onetime_auth_verify(Authenticator, Msg, Key) -> boolean() - when - Authenticator :: binary(), - Msg :: iodata(), - Key :: binary(). + when + Authenticator :: binary(), + Msg :: iodata(), + Key :: binary(). onetime_auth_verify(A, M, K) -> case iolist_size(M) of - K when K =< ?ONETIME_AUTH_SIZE -> - bump(enacl_nif:crypto_onetimeauth_verify_b(A, M, K), - ?ONETIME_AUTH_REDUCTIONS, - ?ONETIME_AUTH_SIZE, - K); - _ -> - enacl_nif:crypto_onetimeauth_verify(A, M, K) + K when K =< ?ONETIME_AUTH_SIZE -> + bump(enacl_nif:crypto_onetimeauth_verify_b(A, M, K), + ?ONETIME_AUTH_REDUCTIONS, + ?ONETIME_AUTH_SIZE, + K); + _ -> + enacl_nif:crypto_onetimeauth_verify(A, M, K) end. %% @doc onetime_auth_size/0 returns the number of bytes of the one-time authenticator %% @end -spec onetime_auth_size() -> pos_integer(). -onetime_auth_size() -> enacl_nif:crypto_onetimeauth_BYTES(). +onetime_auth_size() -> + enacl_nif:crypto_onetimeauth_BYTES(). %% @doc onetime_auth_key_size/0 returns the byte-size of the onetime authentication key %% @end -spec onetime_auth_key_size() -> pos_integer(). -onetime_auth_key_size() -> enacl_nif:crypto_onetimeauth_KEYBYTES(). +onetime_auth_key_size() -> + enacl_nif:crypto_onetimeauth_KEYBYTES(). %% Curve 25519 Crypto %% ------------------ @@ -779,7 +805,7 @@ onetime_auth_key_size() -> enacl_nif:crypto_onetimeauth_KEYBYTES(). %% @end. -spec curve25519_scalarmult(Secret :: binary(), BasePoint :: binary()) -> binary(). curve25519_scalarmult(Secret, BasePoint) -> - enacl_nif:crypto_curve25519_scalarmult(Secret, BasePoint). + enacl_nif:crypto_curve25519_scalarmult(Secret, BasePoint). %% @doc curve25519_scalarmult/1 avoids messing up arguments. %% Takes as input a map `#{ secret := Secret, base_point := BasePoint }' in order to avoid @@ -797,34 +823,34 @@ curve25519_scalarmult(#{ secret := Secret, base_point := BasePoint }) -> %% @end -spec crypto_sign_ed25519_keypair() -> #{ atom() => binary() }. crypto_sign_ed25519_keypair() -> - {PK, SK} = enacl_nif:crypto_sign_ed25519_keypair(), - #{ public => PK, secret => SK }. + {PK, SK} = enacl_nif:crypto_sign_ed25519_keypair(), + #{ public => PK, secret => SK }. %% @doc crypto_sign_ed25519_public_to_curve25519/1 converts a given Ed 25519 public %% key to a Curve 25519 public key. %% @end -spec crypto_sign_ed25519_public_to_curve25519(PublicKey :: binary()) -> binary(). crypto_sign_ed25519_public_to_curve25519(PublicKey) -> - R = enacl_nif:crypto_sign_ed25519_public_to_curve25519(PublicKey), - erlang:bump_reductions(?ED25519_PUBLIC_TO_CURVE_REDS), - R. + R = enacl_nif:crypto_sign_ed25519_public_to_curve25519(PublicKey), + erlang:bump_reductions(?ED25519_PUBLIC_TO_CURVE_REDS), + R. %% @doc crypto_sign_ed25519_secret_to_curve25519/1 converts a given Ed 25519 secret %% key to a Curve 25519 secret key. %% @end -spec crypto_sign_ed25519_secret_to_curve25519(SecretKey :: binary()) -> binary(). crypto_sign_ed25519_secret_to_curve25519(SecretKey) -> - R = enacl_nif:crypto_sign_ed25519_secret_to_curve25519(SecretKey), - erlang:bump_reductions(?ED25519_SECRET_TO_CURVE_REDS), - R. + R = enacl_nif:crypto_sign_ed25519_secret_to_curve25519(SecretKey), + erlang:bump_reductions(?ED25519_SECRET_TO_CURVE_REDS), + R. -spec crypto_sign_ed25519_public_size() -> pos_integer(). crypto_sign_ed25519_public_size() -> - enacl_nif:crypto_sign_ed25519_PUBLICKEYBYTES(). + enacl_nif:crypto_sign_ed25519_PUBLICKEYBYTES(). -spec crypto_sign_ed25519_secret_size() -> pos_integer(). crypto_sign_ed25519_secret_size() -> - enacl_nif:crypto_sign_ed25519_SECRETKEYBYTES(). + enacl_nif:crypto_sign_ed25519_SECRETKEYBYTES(). %% Key exchange functions %% ---------------------- @@ -835,8 +861,8 @@ crypto_sign_ed25519_secret_size() -> %% @end -spec kx_keypair() -> #{ atom() => binary() }. kx_keypair() -> - {PK, SK} = enacl_nif:crypto_kx_keypair(), - #{ public => PK, secret => SK}. + {PK, SK} = enacl_nif:crypto_kx_keypair(), + #{ public => PK, secret => SK}. %% @doc kx_client_session_keys/3 computes and returns shared keys for client session. %% @@ -846,13 +872,13 @@ kx_keypair() -> %% `client_tx' will by used by the client to send data to the server.

%% @end -spec kx_client_session_keys(ClientPk, ClientSk, ServerPk) -> #{ atom() => binary() } - when - ClientPk :: binary(), - ClientSk :: binary(), - ServerPk :: binary(). + when + ClientPk :: binary(), + ClientSk :: binary(), + ServerPk :: binary(). kx_client_session_keys(ClientPk, ClientSk, ServerPk) -> - {Rx, Tx} = enacl_nif:crypto_kx_client_session_keys(ClientPk, ClientSk, ServerPk), - #{ client_rx => Rx, client_tx => Tx}. + {Rx, Tx} = enacl_nif:crypto_kx_client_session_keys(ClientPk, ClientSk, ServerPk), + #{ client_rx => Rx, client_tx => Tx}. %% @doc kx_server_session_keys/3 computes and returns shared keys for server session. %%

Compute two shared keys using the client's public key `ClientPk' and the server's secret key `ServerSk'.

@@ -861,31 +887,31 @@ kx_client_session_keys(ClientPk, ClientSk, ServerPk) -> %% `server_tx' will be used by the server to send data to the client.

%% @end -spec kx_server_session_keys(ServerPk, ServerSk, ClientPk) -> #{ atom() => binary() } - when - ServerPk :: binary(), - ServerSk :: binary(), - ClientPk :: binary(). + when + ServerPk :: binary(), + ServerSk :: binary(), + ClientPk :: binary(). kx_server_session_keys(ServerPk, ServerSk, ClientPk) -> - {Rx, Tx} = enacl_nif:crypto_kx_server_session_keys(ServerPk, ServerSk, ClientPk), - #{ server_rx => Rx, server_tx => Tx}. + {Rx, Tx} = enacl_nif:crypto_kx_server_session_keys(ServerPk, ServerSk, ClientPk), + #{ server_rx => Rx, server_tx => Tx}. %% @doc kx_session_key_size/0 returns the number of bytes of the generated during key exchange session key. %% @end -spec kx_session_key_size() -> pos_integer(). kx_session_key_size() -> - enacl_nif:crypto_kx_SESSIONKEYBYTES(). + enacl_nif:crypto_kx_SESSIONKEYBYTES(). %% @doc kx_public_key_size/0 returns the number of bytes of the public key used in key exchange. %% @end -spec kx_public_key_size() -> pos_integer(). kx_public_key_size() -> - enacl_nif:crypto_kx_PUBLICKEYBYTES(). + enacl_nif:crypto_kx_PUBLICKEYBYTES(). %% @doc kx_secret_key_size/0 returns the number of bytes of the secret key used in key exchange. %% @end -spec kx_secret_key_size() -> pos_integer(). kx_secret_key_size() -> - enacl_nif:crypto_kx_SECRETKEYBYTES(). + enacl_nif:crypto_kx_SECRETKEYBYTES(). %% Obtaining random bytes diff --git a/src/enacl_ext.erl b/src/enacl_ext.erl index 4f49397..6b3fad0 100644 --- a/src/enacl_ext.erl +++ b/src/enacl_ext.erl @@ -6,15 +6,15 @@ -module(enacl_ext). -export([ - scramble_block_16/2 -]). + scramble_block_16/2 + ]). %% Curve25519 -export([ - curve25519_keypair/0, - curve25519_public_key/1, - curve25519_shared/2 -]). + curve25519_keypair/0, + curve25519_public_key/1, + curve25519_shared/2 + ]). %% @doc scramble_block_16/2 scrambles (encrypt) a block under a given key %% The rules are that the block is 16 bytes and the key is 32 bytes. The block diff --git a/src/enacl_nif.erl b/src/enacl_nif.erl index 9e49862..71e7cfa 100644 --- a/src/enacl_nif.erl +++ b/src/enacl_nif.erl @@ -5,144 +5,145 @@ %% Public key auth -export([ - crypto_box_BOXZEROBYTES/0, - crypto_box_NONCEBYTES/0, - crypto_box_PUBLICKEYBYTES/0, - crypto_box_SECRETKEYBYTES/0, - crypto_box_ZEROBYTES/0, - crypto_box_BEFORENMBYTES/0, + crypto_box_BOXZEROBYTES/0, + crypto_box_NONCEBYTES/0, + crypto_box_PUBLICKEYBYTES/0, + crypto_box_SECRETKEYBYTES/0, + crypto_box_ZEROBYTES/0, + crypto_box_BEFORENMBYTES/0, - crypto_box_keypair/0, + crypto_box_keypair/0, - crypto_box/4, - crypto_box_open/4, + crypto_box/4, + crypto_box_open/4, - crypto_box_beforenm/2, - crypto_box_afternm/3, - crypto_box_afternm_b/3, - crypto_box_open_afternm/3, - crypto_box_open_afternm_b/3, + crypto_box_beforenm/2, + crypto_box_afternm/3, + crypto_box_afternm_b/3, + crypto_box_open_afternm/3, + crypto_box_open_afternm_b/3, - crypto_sign_PUBLICKEYBYTES/0, - crypto_sign_SECRETKEYBYTES/0, + crypto_sign_PUBLICKEYBYTES/0, + crypto_sign_SECRETKEYBYTES/0, - crypto_sign_keypair/0, + crypto_sign_keypair/0, - crypto_sign/2, - crypto_sign_open/2, + crypto_sign/2, + crypto_sign_open/2, - crypto_sign_detached/2, - crypto_sign_verify_detached/3, - - crypto_box_seal/2, - crypto_box_seal_open/3, - crypto_box_SEALBYTES/0 + crypto_sign_detached/2, + crypto_sign_verify_detached/3, + crypto_box_seal/2, + crypto_box_seal_open/3, + crypto_box_SEALBYTES/0 ]). %% Secret key crypto -export([ - crypto_secretbox_BOXZEROBYTES/0, - crypto_secretbox_KEYBYTES/0, - crypto_secretbox_NONCEBYTES/0, - crypto_secretbox_ZEROBYTES/0, + crypto_secretbox_BOXZEROBYTES/0, + crypto_secretbox_KEYBYTES/0, + crypto_secretbox_NONCEBYTES/0, + crypto_secretbox_ZEROBYTES/0, - crypto_secretbox/3, - crypto_secretbox_b/3, - crypto_secretbox_open/3, - crypto_secretbox_open_b/3, + crypto_secretbox/3, + crypto_secretbox_b/3, + crypto_secretbox_open/3, + crypto_secretbox_open_b/3, - crypto_stream_chacha20_KEYBYTES/0, - crypto_stream_chacha20_NONCEBYTES/0, + crypto_stream_chacha20_KEYBYTES/0, + crypto_stream_chacha20_NONCEBYTES/0, - crypto_stream_chacha20/3, - crypto_stream_chacha20_b/3, - crypto_stream_chacha20_xor/3, - crypto_stream_chacha20_xor_b/3, + crypto_stream_chacha20/3, + crypto_stream_chacha20_b/3, + crypto_stream_chacha20_xor/3, + crypto_stream_chacha20_xor_b/3, - crypto_stream_KEYBYTES/0, - crypto_stream_NONCEBYTES/0, + crypto_stream_KEYBYTES/0, + crypto_stream_NONCEBYTES/0, - crypto_stream/3, - crypto_stream_b/3, - crypto_stream_xor/3, - crypto_stream_xor_b/3, + crypto_stream/3, + crypto_stream_b/3, + crypto_stream_xor/3, + crypto_stream_xor_b/3, - crypto_auth_BYTES/0, - crypto_auth_KEYBYTES/0, + crypto_auth_BYTES/0, + crypto_auth_KEYBYTES/0, - crypto_auth/2, - crypto_auth_b/2, - crypto_auth_verify/3, - crypto_auth_verify_b/3, + crypto_auth/2, + crypto_auth_b/2, + crypto_auth_verify/3, + crypto_auth_verify_b/3, - crypto_shorthash_BYTES/0, - crypto_shorthash_KEYBYTES/0, + crypto_shorthash_BYTES/0, + crypto_shorthash_KEYBYTES/0, - crypto_shorthash/2, + crypto_shorthash/2, - crypto_onetimeauth_BYTES/0, - crypto_onetimeauth_KEYBYTES/0, + crypto_onetimeauth_BYTES/0, + crypto_onetimeauth_KEYBYTES/0, - crypto_onetimeauth/2, - crypto_onetimeauth_b/2, - crypto_onetimeauth_verify/3, - crypto_onetimeauth_verify_b/3 -]). + crypto_onetimeauth/2, + crypto_onetimeauth_b/2, + crypto_onetimeauth_verify/3, + crypto_onetimeauth_verify_b/3 + ]). %% Curve25519 -export([ - crypto_curve25519_scalarmult/2 -]). + crypto_curve25519_scalarmult/2 + ]). %% Ed 25519 -export([ - crypto_sign_ed25519_keypair/0, - crypto_sign_ed25519_public_to_curve25519/1, - crypto_sign_ed25519_secret_to_curve25519/1, - crypto_sign_ed25519_PUBLICKEYBYTES/0, - crypto_sign_ed25519_SECRETKEYBYTES/0 -]). + crypto_sign_ed25519_keypair/0, + crypto_sign_ed25519_public_to_curve25519/1, + crypto_sign_ed25519_secret_to_curve25519/1, + crypto_sign_ed25519_PUBLICKEYBYTES/0, + crypto_sign_ed25519_SECRETKEYBYTES/0 + ]). %% Key exchange -export([ - crypto_kx_keypair/0, - crypto_kx_server_session_keys/3, - crypto_kx_client_session_keys/3, - crypto_kx_SESSIONKEYBYTES/0, - crypto_kx_PUBLICKEYBYTES/0, - crypto_kx_SECRETKEYBYTES/0 -]). + crypto_kx_keypair/0, + crypto_kx_server_session_keys/3, + crypto_kx_client_session_keys/3, + crypto_kx_SESSIONKEYBYTES/0, + crypto_kx_PUBLICKEYBYTES/0, + crypto_kx_SECRETKEYBYTES/0 + ]). %% Miscellaneous helper functions -export([ - crypto_hash/1, - crypto_hash_b/1, - crypto_verify_16/2, - crypto_verify_32/2, - sodium_memzero/1 -]). + crypto_hash/1, + crypto_hash_b/1, + crypto_verify_16/2, + crypto_verify_32/2, + sodium_memzero/1 + ]). %% Access to the RNG -export([ - randombytes/1 -]). + randombytes/1 + ]). %% Undocumented features :> -export([ - scramble_block_16/2 -]). + scramble_block_16/2 + ]). -on_load(init/0). init() -> - SoName = filename:join( - case code:priv_dir(enacl) of - {error, bad_name} -> - filename:join(filename:dirname(filename:dirname(code:which(?MODULE))), "priv"); - Dir -> - Dir - end, atom_to_list(?MODULE)), + Dir = case code:priv_dir(enacl) of + {error, bad_name} -> + filename:join( + filename:dirname( + filename:dirname( + code:which(?MODULE))), "priv"); + D -> D + end, + SoName = filename:join(Dir, atom_to_list(?MODULE)), erlang:load_nif(SoName, 0). crypto_box_NONCEBYTES() -> erlang:nif_error(nif_not_loaded).