Reindent everything.
Indentation follows the standard emacs mode for Erlang code.
This commit is contained in:
Jesper Louis Andersen
parent
ec60a63874
commit
fffe07e965
@ -86,7 +86,7 @@
|
|||||||
crypto_sign_ed25519_secret_to_curve25519/1,
|
crypto_sign_ed25519_secret_to_curve25519/1,
|
||||||
crypto_sign_ed25519_public_size/0,
|
crypto_sign_ed25519_public_size/0,
|
||||||
crypto_sign_ed25519_secret_size/0
|
crypto_sign_ed25519_secret_size/0
|
||||||
]).
|
]).
|
||||||
|
|
||||||
%% Low-level functions
|
%% Low-level functions
|
||||||
-export([
|
-export([
|
||||||
@ -161,7 +161,8 @@ verify() ->
|
|||||||
true = equals(binary:copy(<<0>>, enacl_nif:crypto_secretbox_BOXZEROBYTES()),
|
true = equals(binary:copy(<<0>>, enacl_nif:crypto_secretbox_BOXZEROBYTES()),
|
||||||
?S_BOXZEROBYTES),
|
?S_BOXZEROBYTES),
|
||||||
|
|
||||||
Verifiers = [
|
Verifiers =
|
||||||
|
[
|
||||||
{crypto_stream_chacha20_KEYBYTES, ?CRYPTO_STREAM_CHACHA20_KEYBYTES},
|
{crypto_stream_chacha20_KEYBYTES, ?CRYPTO_STREAM_CHACHA20_KEYBYTES},
|
||||||
{crypto_stream_chacha20_NONCEBYTES, ?CRYPTO_STREAM_CHACHA20_NONCEBYTES},
|
{crypto_stream_chacha20_NONCEBYTES, ?CRYPTO_STREAM_CHACHA20_NONCEBYTES},
|
||||||
{crypto_stream_KEYBYTES, ?CRYPTO_STREAM_KEYBYTES},
|
{crypto_stream_KEYBYTES, ?CRYPTO_STREAM_KEYBYTES},
|
||||||
@ -197,9 +198,9 @@ equals(X,Y) -> {X, '/=', Y}.
|
|||||||
%% <p>The currently selected primitive (Nov. 2014) is SHA-512</p>
|
%% <p>The currently selected primitive (Nov. 2014) is SHA-512</p>
|
||||||
%% @end
|
%% @end
|
||||||
-spec hash(Data) -> Checksum
|
-spec hash(Data) -> Checksum
|
||||||
when Data :: iodata(),
|
when
|
||||||
|
Data :: iodata(),
|
||||||
Checksum :: binary().
|
Checksum :: binary().
|
||||||
|
|
||||||
hash(Bin) ->
|
hash(Bin) ->
|
||||||
case iolist_size(Bin) of
|
case iolist_size(Bin) of
|
||||||
K when K =< ?HASH_SIZE ->
|
K when K =< ?HASH_SIZE ->
|
||||||
@ -220,16 +221,20 @@ hash(Bin) ->
|
|||||||
%% <p>Verification returns a boolean. `true' if the strings match, `false' otherwise.</p>
|
%% <p>Verification returns a boolean. `true' if the strings match, `false' otherwise.</p>
|
||||||
%% @end
|
%% @end
|
||||||
-spec verify_16(binary(), binary()) -> boolean().
|
-spec verify_16(binary(), binary()) -> boolean().
|
||||||
verify_16(X, Y) when is_binary(X), is_binary(Y) -> enacl_nif:crypto_verify_16(X, Y);
|
verify_16(X, Y) when is_binary(X), is_binary(Y) ->
|
||||||
verify_16(_, _) -> error(badarg).
|
enacl_nif:crypto_verify_16(X, Y);
|
||||||
|
verify_16(_, _) ->
|
||||||
|
error(badarg).
|
||||||
|
|
||||||
%% @doc verify_32/2 implements constant time 32-byte iolist() verification
|
%% @doc verify_32/2 implements constant time 32-byte iolist() verification
|
||||||
%%
|
%%
|
||||||
%% This function works as {@link verify_16/2} but does so on 32 byte strings. Same caveats apply.
|
%% This function works as {@link verify_16/2} but does so on 32 byte strings. Same caveats apply.
|
||||||
%% @end
|
%% @end
|
||||||
-spec verify_32(binary(), binary()) -> boolean().
|
-spec verify_32(binary(), binary()) -> boolean().
|
||||||
verify_32(X, Y) when is_binary(X), is_binary(Y) -> enacl_nif:crypto_verify_32(X, Y);
|
verify_32(X, Y) when is_binary(X), is_binary(Y) ->
|
||||||
verify_32(_, _) -> error(badarg).
|
enacl_nif:crypto_verify_32(X, Y);
|
||||||
|
verify_32(_, _) ->
|
||||||
|
error(badarg).
|
||||||
|
|
||||||
%% @doc unsafe_memzero/1 ipmlements guaranteed zero'ing of binary data.
|
%% @doc unsafe_memzero/1 ipmlements guaranteed zero'ing of binary data.
|
||||||
%%
|
%%
|
||||||
@ -239,8 +244,10 @@ verify_32(_, _) -> error(badarg).
|
|||||||
%% a running process without copies. This allows removing, eg, symmetric session keys. </p>
|
%% a running process without copies. This allows removing, eg, symmetric session keys. </p>
|
||||||
%% @end
|
%% @end
|
||||||
-spec unsafe_memzero(binary()) -> atom().
|
-spec unsafe_memzero(binary()) -> atom().
|
||||||
unsafe_memzero(X) when is_binary(X) -> enacl_nif:sodium_memzero(X);
|
unsafe_memzero(X) when is_binary(X) ->
|
||||||
unsafe_memzero(_) -> error(badarg).
|
enacl_nif:sodium_memzero(X);
|
||||||
|
unsafe_memzero(_) ->
|
||||||
|
error(badarg).
|
||||||
|
|
||||||
%% Public Key Crypto
|
%% Public Key Crypto
|
||||||
%% ---------------------
|
%% ---------------------
|
||||||
@ -261,7 +268,8 @@ box_keypair() ->
|
|||||||
%% authenticate yourself. Requires a `Nonce' in addition. Returns the ciphered message.
|
%% authenticate yourself. Requires a `Nonce' in addition. Returns the ciphered message.
|
||||||
%% @end
|
%% @end
|
||||||
-spec box(Msg, Nonce, PK, SK) -> CipherText
|
-spec box(Msg, Nonce, PK, SK) -> CipherText
|
||||||
when Msg :: iodata(),
|
when
|
||||||
|
Msg :: iodata(),
|
||||||
Nonce :: binary(),
|
Nonce :: binary(),
|
||||||
PK :: binary(),
|
PK :: binary(),
|
||||||
SK :: binary(),
|
SK :: binary(),
|
||||||
@ -276,7 +284,8 @@ box(Msg, Nonce, PK, SK) ->
|
|||||||
%% message.
|
%% message.
|
||||||
%% @end
|
%% @end
|
||||||
-spec box_open(CipherText, Nonce, PK, SK) -> {ok, Msg} | {error, failed_verification}
|
-spec box_open(CipherText, Nonce, PK, SK) -> {ok, Msg} | {error, failed_verification}
|
||||||
when CipherText :: iodata(),
|
when
|
||||||
|
CipherText :: iodata(),
|
||||||
Nonce :: binary(),
|
Nonce :: binary(),
|
||||||
PK :: binary(),
|
PK :: binary(),
|
||||||
SK :: binary(),
|
SK :: binary(),
|
||||||
@ -335,15 +344,21 @@ box_open_afternm(CipherText, Nonce, Key) ->
|
|||||||
case iolist_size(CipherText) of
|
case iolist_size(CipherText) of
|
||||||
K when K =< ?BOX_AFTERNM_SIZE ->
|
K when K =< ?BOX_AFTERNM_SIZE ->
|
||||||
R =
|
R =
|
||||||
case enacl_nif:crypto_box_open_afternm_b([?P_BOXZEROBYTES, CipherText], Nonce, Key) of
|
case enacl_nif:crypto_box_open_afternm_b(
|
||||||
{error, Err} -> {error, Err};
|
[?P_BOXZEROBYTES, CipherText], Nonce, Key) of
|
||||||
Bin when is_binary(Bin) -> {ok, Bin}
|
{error, Err} ->
|
||||||
|
{error, Err};
|
||||||
|
Bin when is_binary(Bin) ->
|
||||||
|
{ok, Bin}
|
||||||
end,
|
end,
|
||||||
bump(R, ?BOX_AFTERNM_REDUCTIONS, ?BOX_AFTERNM_SIZE, K);
|
bump(R, ?BOX_AFTERNM_REDUCTIONS, ?BOX_AFTERNM_SIZE, K);
|
||||||
_ ->
|
_ ->
|
||||||
case enacl_nif:crypto_box_open_afternm([?P_BOXZEROBYTES, CipherText], Nonce, Key) of
|
case enacl_nif:crypto_box_open_afternm(
|
||||||
{error, Err} -> {error, Err};
|
[?P_BOXZEROBYTES, CipherText], Nonce, Key) of
|
||||||
Bin when is_binary(Bin) -> {ok, Bin}
|
{error, Err} ->
|
||||||
|
{error, Err};
|
||||||
|
Bin when is_binary(Bin) ->
|
||||||
|
{ok, Bin}
|
||||||
end
|
end
|
||||||
end.
|
end.
|
||||||
|
|
||||||
@ -452,7 +467,8 @@ box_secret_key_bytes() ->
|
|||||||
%% enciphered message `SealedCipherText' which includes ephemeral public key at head.
|
%% enciphered message `SealedCipherText' which includes ephemeral public key at head.
|
||||||
%% @end
|
%% @end
|
||||||
-spec box_seal(Msg, PK) -> SealedCipherText
|
-spec box_seal(Msg, PK) -> SealedCipherText
|
||||||
when Msg :: iodata(),
|
when
|
||||||
|
Msg :: iodata(),
|
||||||
PK :: binary(),
|
PK :: binary(),
|
||||||
SealedCipherText :: binary().
|
SealedCipherText :: binary().
|
||||||
box_seal(Msg, PK) ->
|
box_seal(Msg, PK) ->
|
||||||
@ -465,7 +481,8 @@ box_seal(Msg, PK) ->
|
|||||||
%% plaintext message.
|
%% plaintext message.
|
||||||
%% @end
|
%% @end
|
||||||
-spec box_seal_open(SealedCipherText, PK, SK) -> {ok, Msg} | {error, failed_verification}
|
-spec box_seal_open(SealedCipherText, PK, SK) -> {ok, Msg} | {error, failed_verification}
|
||||||
when SealedCipherText :: iodata(),
|
when
|
||||||
|
SealedCipherText :: iodata(),
|
||||||
PK :: binary(),
|
PK :: binary(),
|
||||||
SK :: binary(),
|
SK :: binary(),
|
||||||
Msg :: binary().
|
Msg :: binary().
|
||||||
@ -486,7 +503,6 @@ box_seal_open(SealedCipherText, PK, SK) ->
|
|||||||
Nonce :: binary(),
|
Nonce :: binary(),
|
||||||
Key :: binary(),
|
Key :: binary(),
|
||||||
Box :: binary().
|
Box :: binary().
|
||||||
|
|
||||||
secretbox(Msg, Nonce, Key) ->
|
secretbox(Msg, Nonce, Key) ->
|
||||||
case iolist_size(Msg) of
|
case iolist_size(Msg) of
|
||||||
K when K =< ?SECRETBOX_SIZE ->
|
K when K =< ?SECRETBOX_SIZE ->
|
||||||
@ -541,12 +557,14 @@ secretbox_key_size() ->
|
|||||||
%% @doc stream_chacha20_nonce_size/0 returns the byte size of the nonce for streams
|
%% @doc stream_chacha20_nonce_size/0 returns the byte size of the nonce for streams
|
||||||
%% @end
|
%% @end
|
||||||
-spec stream_chacha20_nonce_size() -> ?CRYPTO_STREAM_CHACHA20_NONCEBYTES.
|
-spec stream_chacha20_nonce_size() -> ?CRYPTO_STREAM_CHACHA20_NONCEBYTES.
|
||||||
stream_chacha20_nonce_size() -> ?CRYPTO_STREAM_CHACHA20_NONCEBYTES.
|
stream_chacha20_nonce_size() ->
|
||||||
|
?CRYPTO_STREAM_CHACHA20_NONCEBYTES.
|
||||||
|
|
||||||
%% @doc stream_key_size/0 returns the byte size of the key for streams
|
%% @doc stream_key_size/0 returns the byte size of the key for streams
|
||||||
%% @end
|
%% @end
|
||||||
-spec stream_chacha20_key_size() -> ?CRYPTO_STREAM_CHACHA20_KEYBYTES.
|
-spec stream_chacha20_key_size() -> ?CRYPTO_STREAM_CHACHA20_KEYBYTES.
|
||||||
stream_chacha20_key_size() -> ?CRYPTO_STREAM_CHACHA20_KEYBYTES.
|
stream_chacha20_key_size() ->
|
||||||
|
?CRYPTO_STREAM_CHACHA20_KEYBYTES.
|
||||||
|
|
||||||
%% @doc stream_chacha20/3 produces a cryptographic stream suitable for secret-key encryption
|
%% @doc stream_chacha20/3 produces a cryptographic stream suitable for secret-key encryption
|
||||||
%%
|
%%
|
||||||
@ -596,12 +614,14 @@ stream_chacha20_xor(Msg, Nonce, Key) ->
|
|||||||
%% @doc stream_nonce_size/0 returns the byte size of the nonce for streams
|
%% @doc stream_nonce_size/0 returns the byte size of the nonce for streams
|
||||||
%% @end
|
%% @end
|
||||||
-spec stream_nonce_size() -> ?CRYPTO_STREAM_NONCEBYTES.
|
-spec stream_nonce_size() -> ?CRYPTO_STREAM_NONCEBYTES.
|
||||||
stream_nonce_size() -> ?CRYPTO_STREAM_NONCEBYTES.
|
stream_nonce_size() ->
|
||||||
|
?CRYPTO_STREAM_NONCEBYTES.
|
||||||
|
|
||||||
%% @doc stream_key_size/0 returns the byte size of the key for streams
|
%% @doc stream_key_size/0 returns the byte size of the key for streams
|
||||||
%% @end
|
%% @end
|
||||||
-spec stream_key_size() -> ?CRYPTO_STREAM_KEYBYTES.
|
-spec stream_key_size() -> ?CRYPTO_STREAM_KEYBYTES.
|
||||||
stream_key_size() -> ?CRYPTO_STREAM_KEYBYTES.
|
stream_key_size() ->
|
||||||
|
?CRYPTO_STREAM_KEYBYTES.
|
||||||
|
|
||||||
%% @doc stream/3 produces a cryptographic stream suitable for secret-key encryption
|
%% @doc stream/3 produces a cryptographic stream suitable for secret-key encryption
|
||||||
%%
|
%%
|
||||||
@ -651,12 +671,14 @@ stream_xor(Msg, Nonce, Key) ->
|
|||||||
%% @doc auth_key_size/0 returns the byte-size of the authentication key
|
%% @doc auth_key_size/0 returns the byte-size of the authentication key
|
||||||
%% @end
|
%% @end
|
||||||
-spec auth_key_size() -> pos_integer().
|
-spec auth_key_size() -> pos_integer().
|
||||||
auth_key_size() -> enacl_nif:crypto_auth_KEYBYTES().
|
auth_key_size() ->
|
||||||
|
enacl_nif:crypto_auth_KEYBYTES().
|
||||||
|
|
||||||
%% @doc auth_size/0 returns the byte-size of the authenticator
|
%% @doc auth_size/0 returns the byte-size of the authenticator
|
||||||
%% @end
|
%% @end
|
||||||
-spec auth_size() -> pos_integer().
|
-spec auth_size() -> pos_integer().
|
||||||
auth_size() -> enacl_nif:crypto_auth_BYTES().
|
auth_size() ->
|
||||||
|
enacl_nif:crypto_auth_BYTES().
|
||||||
|
|
||||||
%% @doc auth/2 produces an authenticator (MAC) for a message
|
%% @doc auth/2 produces an authenticator (MAC) for a message
|
||||||
%%
|
%%
|
||||||
@ -700,12 +722,14 @@ auth_verify(A, M, K) ->
|
|||||||
%% @doc shorthash_key_size/0 returns the byte-size of the authentication key
|
%% @doc shorthash_key_size/0 returns the byte-size of the authentication key
|
||||||
%% @end
|
%% @end
|
||||||
-spec shorthash_key_size() -> pos_integer().
|
-spec shorthash_key_size() -> pos_integer().
|
||||||
shorthash_key_size() -> enacl_nif:crypto_shorthash_KEYBYTES().
|
shorthash_key_size() ->
|
||||||
|
enacl_nif:crypto_shorthash_KEYBYTES().
|
||||||
|
|
||||||
%% @doc shorthash_size/0 returns the byte-size of the authenticator
|
%% @doc shorthash_size/0 returns the byte-size of the authenticator
|
||||||
%% @end
|
%% @end
|
||||||
-spec shorthash_size() -> pos_integer().
|
-spec shorthash_size() -> pos_integer().
|
||||||
shorthash_size() -> enacl_nif:crypto_shorthash_BYTES().
|
shorthash_size() ->
|
||||||
|
enacl_nif:crypto_shorthash_BYTES().
|
||||||
|
|
||||||
%% @doc shorthash/2 produces a short authenticator (MAC) for a message suitable for hashtables and refs
|
%% @doc shorthash/2 produces a short authenticator (MAC) for a message suitable for hashtables and refs
|
||||||
%%
|
%%
|
||||||
@ -766,12 +790,14 @@ onetime_auth_verify(A, M, K) ->
|
|||||||
%% @doc onetime_auth_size/0 returns the number of bytes of the one-time authenticator
|
%% @doc onetime_auth_size/0 returns the number of bytes of the one-time authenticator
|
||||||
%% @end
|
%% @end
|
||||||
-spec onetime_auth_size() -> pos_integer().
|
-spec onetime_auth_size() -> pos_integer().
|
||||||
onetime_auth_size() -> enacl_nif:crypto_onetimeauth_BYTES().
|
onetime_auth_size() ->
|
||||||
|
enacl_nif:crypto_onetimeauth_BYTES().
|
||||||
|
|
||||||
%% @doc onetime_auth_key_size/0 returns the byte-size of the onetime authentication key
|
%% @doc onetime_auth_key_size/0 returns the byte-size of the onetime authentication key
|
||||||
%% @end
|
%% @end
|
||||||
-spec onetime_auth_key_size() -> pos_integer().
|
-spec onetime_auth_key_size() -> pos_integer().
|
||||||
onetime_auth_key_size() -> enacl_nif:crypto_onetimeauth_KEYBYTES().
|
onetime_auth_key_size() ->
|
||||||
|
enacl_nif:crypto_onetimeauth_KEYBYTES().
|
||||||
|
|
||||||
%% Curve 25519 Crypto
|
%% Curve 25519 Crypto
|
||||||
%% ------------------
|
%% ------------------
|
||||||
|
|||||||
@ -7,14 +7,14 @@
|
|||||||
|
|
||||||
-export([
|
-export([
|
||||||
scramble_block_16/2
|
scramble_block_16/2
|
||||||
]).
|
]).
|
||||||
|
|
||||||
%% Curve25519
|
%% Curve25519
|
||||||
-export([
|
-export([
|
||||||
curve25519_keypair/0,
|
curve25519_keypair/0,
|
||||||
curve25519_public_key/1,
|
curve25519_public_key/1,
|
||||||
curve25519_shared/2
|
curve25519_shared/2
|
||||||
]).
|
]).
|
||||||
|
|
||||||
%% @doc scramble_block_16/2 scrambles (encrypt) a block under a given key
|
%% @doc scramble_block_16/2 scrambles (encrypt) a block under a given key
|
||||||
%% The rules are that the block is 16 bytes and the key is 32 bytes. The block
|
%% The rules are that the block is 16 bytes and the key is 32 bytes. The block
|
||||||
|
|||||||
@ -37,7 +37,6 @@
|
|||||||
crypto_box_seal/2,
|
crypto_box_seal/2,
|
||||||
crypto_box_seal_open/3,
|
crypto_box_seal_open/3,
|
||||||
crypto_box_SEALBYTES/0
|
crypto_box_SEALBYTES/0
|
||||||
|
|
||||||
]).
|
]).
|
||||||
|
|
||||||
%% Secret key crypto
|
%% Secret key crypto
|
||||||
@ -88,12 +87,12 @@
|
|||||||
crypto_onetimeauth_b/2,
|
crypto_onetimeauth_b/2,
|
||||||
crypto_onetimeauth_verify/3,
|
crypto_onetimeauth_verify/3,
|
||||||
crypto_onetimeauth_verify_b/3
|
crypto_onetimeauth_verify_b/3
|
||||||
]).
|
]).
|
||||||
|
|
||||||
%% Curve25519
|
%% Curve25519
|
||||||
-export([
|
-export([
|
||||||
crypto_curve25519_scalarmult/2
|
crypto_curve25519_scalarmult/2
|
||||||
]).
|
]).
|
||||||
|
|
||||||
%% Ed 25519
|
%% Ed 25519
|
||||||
-export([
|
-export([
|
||||||
@ -102,7 +101,7 @@
|
|||||||
crypto_sign_ed25519_secret_to_curve25519/1,
|
crypto_sign_ed25519_secret_to_curve25519/1,
|
||||||
crypto_sign_ed25519_PUBLICKEYBYTES/0,
|
crypto_sign_ed25519_PUBLICKEYBYTES/0,
|
||||||
crypto_sign_ed25519_SECRETKEYBYTES/0
|
crypto_sign_ed25519_SECRETKEYBYTES/0
|
||||||
]).
|
]).
|
||||||
|
|
||||||
%% Key exchange
|
%% Key exchange
|
||||||
-export([
|
-export([
|
||||||
@ -112,7 +111,7 @@
|
|||||||
crypto_kx_SESSIONKEYBYTES/0,
|
crypto_kx_SESSIONKEYBYTES/0,
|
||||||
crypto_kx_PUBLICKEYBYTES/0,
|
crypto_kx_PUBLICKEYBYTES/0,
|
||||||
crypto_kx_SECRETKEYBYTES/0
|
crypto_kx_SECRETKEYBYTES/0
|
||||||
]).
|
]).
|
||||||
|
|
||||||
%% Miscellaneous helper functions
|
%% Miscellaneous helper functions
|
||||||
-export([
|
-export([
|
||||||
@ -121,28 +120,30 @@
|
|||||||
crypto_verify_16/2,
|
crypto_verify_16/2,
|
||||||
crypto_verify_32/2,
|
crypto_verify_32/2,
|
||||||
sodium_memzero/1
|
sodium_memzero/1
|
||||||
]).
|
]).
|
||||||
|
|
||||||
%% Access to the RNG
|
%% Access to the RNG
|
||||||
-export([
|
-export([
|
||||||
randombytes/1
|
randombytes/1
|
||||||
]).
|
]).
|
||||||
|
|
||||||
%% Undocumented features :>
|
%% Undocumented features :>
|
||||||
-export([
|
-export([
|
||||||
scramble_block_16/2
|
scramble_block_16/2
|
||||||
]).
|
]).
|
||||||
|
|
||||||
-on_load(init/0).
|
-on_load(init/0).
|
||||||
|
|
||||||
init() ->
|
init() ->
|
||||||
SoName = filename:join(
|
Dir = case code:priv_dir(enacl) of
|
||||||
case code:priv_dir(enacl) of
|
|
||||||
{error, bad_name} ->
|
{error, bad_name} ->
|
||||||
filename:join(filename:dirname(filename:dirname(code:which(?MODULE))), "priv");
|
filename:join(
|
||||||
Dir ->
|
filename:dirname(
|
||||||
Dir
|
filename:dirname(
|
||||||
end, atom_to_list(?MODULE)),
|
code:which(?MODULE))), "priv");
|
||||||
|
D -> D
|
||||||
|
end,
|
||||||
|
SoName = filename:join(Dir, atom_to_list(?MODULE)),
|
||||||
erlang:load_nif(SoName, 0).
|
erlang:load_nif(SoName, 0).
|
||||||
|
|
||||||
crypto_box_NONCEBYTES() -> erlang:nif_error(nif_not_loaded).
|
crypto_box_NONCEBYTES() -> erlang:nif_error(nif_not_loaded).
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user