Reindent everything.
Indentation follows the standard emacs mode for Erlang code.
This commit is contained in:
Jesper Louis Andersen
parent
ec60a63874
commit
fffe07e965
@ -161,7 +161,8 @@ verify() ->
|
||||
true = equals(binary:copy(<<0>>, enacl_nif:crypto_secretbox_BOXZEROBYTES()),
|
||||
?S_BOXZEROBYTES),
|
||||
|
||||
Verifiers = [
|
||||
Verifiers =
|
||||
[
|
||||
{crypto_stream_chacha20_KEYBYTES, ?CRYPTO_STREAM_CHACHA20_KEYBYTES},
|
||||
{crypto_stream_chacha20_NONCEBYTES, ?CRYPTO_STREAM_CHACHA20_NONCEBYTES},
|
||||
{crypto_stream_KEYBYTES, ?CRYPTO_STREAM_KEYBYTES},
|
||||
@ -197,9 +198,9 @@ equals(X,Y) -> {X, '/=', Y}.
|
||||
%% <p>The currently selected primitive (Nov. 2014) is SHA-512</p>
|
||||
%% @end
|
||||
-spec hash(Data) -> Checksum
|
||||
when Data :: iodata(),
|
||||
when
|
||||
Data :: iodata(),
|
||||
Checksum :: binary().
|
||||
|
||||
hash(Bin) ->
|
||||
case iolist_size(Bin) of
|
||||
K when K =< ?HASH_SIZE ->
|
||||
@ -220,16 +221,20 @@ hash(Bin) ->
|
||||
%% <p>Verification returns a boolean. `true' if the strings match, `false' otherwise.</p>
|
||||
%% @end
|
||||
-spec verify_16(binary(), binary()) -> boolean().
|
||||
verify_16(X, Y) when is_binary(X), is_binary(Y) -> enacl_nif:crypto_verify_16(X, Y);
|
||||
verify_16(_, _) -> error(badarg).
|
||||
verify_16(X, Y) when is_binary(X), is_binary(Y) ->
|
||||
enacl_nif:crypto_verify_16(X, Y);
|
||||
verify_16(_, _) ->
|
||||
error(badarg).
|
||||
|
||||
%% @doc verify_32/2 implements constant time 32-byte iolist() verification
|
||||
%%
|
||||
%% This function works as {@link verify_16/2} but does so on 32 byte strings. Same caveats apply.
|
||||
%% @end
|
||||
-spec verify_32(binary(), binary()) -> boolean().
|
||||
verify_32(X, Y) when is_binary(X), is_binary(Y) -> enacl_nif:crypto_verify_32(X, Y);
|
||||
verify_32(_, _) -> error(badarg).
|
||||
verify_32(X, Y) when is_binary(X), is_binary(Y) ->
|
||||
enacl_nif:crypto_verify_32(X, Y);
|
||||
verify_32(_, _) ->
|
||||
error(badarg).
|
||||
|
||||
%% @doc unsafe_memzero/1 ipmlements guaranteed zero'ing of binary data.
|
||||
%%
|
||||
@ -239,8 +244,10 @@ verify_32(_, _) -> error(badarg).
|
||||
%% a running process without copies. This allows removing, eg, symmetric session keys. </p>
|
||||
%% @end
|
||||
-spec unsafe_memzero(binary()) -> atom().
|
||||
unsafe_memzero(X) when is_binary(X) -> enacl_nif:sodium_memzero(X);
|
||||
unsafe_memzero(_) -> error(badarg).
|
||||
unsafe_memzero(X) when is_binary(X) ->
|
||||
enacl_nif:sodium_memzero(X);
|
||||
unsafe_memzero(_) ->
|
||||
error(badarg).
|
||||
|
||||
%% Public Key Crypto
|
||||
%% ---------------------
|
||||
@ -261,7 +268,8 @@ box_keypair() ->
|
||||
%% authenticate yourself. Requires a `Nonce' in addition. Returns the ciphered message.
|
||||
%% @end
|
||||
-spec box(Msg, Nonce, PK, SK) -> CipherText
|
||||
when Msg :: iodata(),
|
||||
when
|
||||
Msg :: iodata(),
|
||||
Nonce :: binary(),
|
||||
PK :: binary(),
|
||||
SK :: binary(),
|
||||
@ -276,7 +284,8 @@ box(Msg, Nonce, PK, SK) ->
|
||||
%% message.
|
||||
%% @end
|
||||
-spec box_open(CipherText, Nonce, PK, SK) -> {ok, Msg} | {error, failed_verification}
|
||||
when CipherText :: iodata(),
|
||||
when
|
||||
CipherText :: iodata(),
|
||||
Nonce :: binary(),
|
||||
PK :: binary(),
|
||||
SK :: binary(),
|
||||
@ -335,15 +344,21 @@ box_open_afternm(CipherText, Nonce, Key) ->
|
||||
case iolist_size(CipherText) of
|
||||
K when K =< ?BOX_AFTERNM_SIZE ->
|
||||
R =
|
||||
case enacl_nif:crypto_box_open_afternm_b([?P_BOXZEROBYTES, CipherText], Nonce, Key) of
|
||||
{error, Err} -> {error, Err};
|
||||
Bin when is_binary(Bin) -> {ok, Bin}
|
||||
case enacl_nif:crypto_box_open_afternm_b(
|
||||
[?P_BOXZEROBYTES, CipherText], Nonce, Key) of
|
||||
{error, Err} ->
|
||||
{error, Err};
|
||||
Bin when is_binary(Bin) ->
|
||||
{ok, Bin}
|
||||
end,
|
||||
bump(R, ?BOX_AFTERNM_REDUCTIONS, ?BOX_AFTERNM_SIZE, K);
|
||||
_ ->
|
||||
case enacl_nif:crypto_box_open_afternm([?P_BOXZEROBYTES, CipherText], Nonce, Key) of
|
||||
{error, Err} -> {error, Err};
|
||||
Bin when is_binary(Bin) -> {ok, Bin}
|
||||
case enacl_nif:crypto_box_open_afternm(
|
||||
[?P_BOXZEROBYTES, CipherText], Nonce, Key) of
|
||||
{error, Err} ->
|
||||
{error, Err};
|
||||
Bin when is_binary(Bin) ->
|
||||
{ok, Bin}
|
||||
end
|
||||
end.
|
||||
|
||||
@ -452,7 +467,8 @@ box_secret_key_bytes() ->
|
||||
%% enciphered message `SealedCipherText' which includes ephemeral public key at head.
|
||||
%% @end
|
||||
-spec box_seal(Msg, PK) -> SealedCipherText
|
||||
when Msg :: iodata(),
|
||||
when
|
||||
Msg :: iodata(),
|
||||
PK :: binary(),
|
||||
SealedCipherText :: binary().
|
||||
box_seal(Msg, PK) ->
|
||||
@ -465,7 +481,8 @@ box_seal(Msg, PK) ->
|
||||
%% plaintext message.
|
||||
%% @end
|
||||
-spec box_seal_open(SealedCipherText, PK, SK) -> {ok, Msg} | {error, failed_verification}
|
||||
when SealedCipherText :: iodata(),
|
||||
when
|
||||
SealedCipherText :: iodata(),
|
||||
PK :: binary(),
|
||||
SK :: binary(),
|
||||
Msg :: binary().
|
||||
@ -486,7 +503,6 @@ box_seal_open(SealedCipherText, PK, SK) ->
|
||||
Nonce :: binary(),
|
||||
Key :: binary(),
|
||||
Box :: binary().
|
||||
|
||||
secretbox(Msg, Nonce, Key) ->
|
||||
case iolist_size(Msg) of
|
||||
K when K =< ?SECRETBOX_SIZE ->
|
||||
@ -541,12 +557,14 @@ secretbox_key_size() ->
|
||||
%% @doc stream_chacha20_nonce_size/0 returns the byte size of the nonce for streams
|
||||
%% @end
|
||||
-spec stream_chacha20_nonce_size() -> ?CRYPTO_STREAM_CHACHA20_NONCEBYTES.
|
||||
stream_chacha20_nonce_size() -> ?CRYPTO_STREAM_CHACHA20_NONCEBYTES.
|
||||
stream_chacha20_nonce_size() ->
|
||||
?CRYPTO_STREAM_CHACHA20_NONCEBYTES.
|
||||
|
||||
%% @doc stream_key_size/0 returns the byte size of the key for streams
|
||||
%% @end
|
||||
-spec stream_chacha20_key_size() -> ?CRYPTO_STREAM_CHACHA20_KEYBYTES.
|
||||
stream_chacha20_key_size() -> ?CRYPTO_STREAM_CHACHA20_KEYBYTES.
|
||||
stream_chacha20_key_size() ->
|
||||
?CRYPTO_STREAM_CHACHA20_KEYBYTES.
|
||||
|
||||
%% @doc stream_chacha20/3 produces a cryptographic stream suitable for secret-key encryption
|
||||
%%
|
||||
@ -596,12 +614,14 @@ stream_chacha20_xor(Msg, Nonce, Key) ->
|
||||
%% @doc stream_nonce_size/0 returns the byte size of the nonce for streams
|
||||
%% @end
|
||||
-spec stream_nonce_size() -> ?CRYPTO_STREAM_NONCEBYTES.
|
||||
stream_nonce_size() -> ?CRYPTO_STREAM_NONCEBYTES.
|
||||
stream_nonce_size() ->
|
||||
?CRYPTO_STREAM_NONCEBYTES.
|
||||
|
||||
%% @doc stream_key_size/0 returns the byte size of the key for streams
|
||||
%% @end
|
||||
-spec stream_key_size() -> ?CRYPTO_STREAM_KEYBYTES.
|
||||
stream_key_size() -> ?CRYPTO_STREAM_KEYBYTES.
|
||||
stream_key_size() ->
|
||||
?CRYPTO_STREAM_KEYBYTES.
|
||||
|
||||
%% @doc stream/3 produces a cryptographic stream suitable for secret-key encryption
|
||||
%%
|
||||
@ -651,12 +671,14 @@ stream_xor(Msg, Nonce, Key) ->
|
||||
%% @doc auth_key_size/0 returns the byte-size of the authentication key
|
||||
%% @end
|
||||
-spec auth_key_size() -> pos_integer().
|
||||
auth_key_size() -> enacl_nif:crypto_auth_KEYBYTES().
|
||||
auth_key_size() ->
|
||||
enacl_nif:crypto_auth_KEYBYTES().
|
||||
|
||||
%% @doc auth_size/0 returns the byte-size of the authenticator
|
||||
%% @end
|
||||
-spec auth_size() -> pos_integer().
|
||||
auth_size() -> enacl_nif:crypto_auth_BYTES().
|
||||
auth_size() ->
|
||||
enacl_nif:crypto_auth_BYTES().
|
||||
|
||||
%% @doc auth/2 produces an authenticator (MAC) for a message
|
||||
%%
|
||||
@ -700,12 +722,14 @@ auth_verify(A, M, K) ->
|
||||
%% @doc shorthash_key_size/0 returns the byte-size of the authentication key
|
||||
%% @end
|
||||
-spec shorthash_key_size() -> pos_integer().
|
||||
shorthash_key_size() -> enacl_nif:crypto_shorthash_KEYBYTES().
|
||||
shorthash_key_size() ->
|
||||
enacl_nif:crypto_shorthash_KEYBYTES().
|
||||
|
||||
%% @doc shorthash_size/0 returns the byte-size of the authenticator
|
||||
%% @end
|
||||
-spec shorthash_size() -> pos_integer().
|
||||
shorthash_size() -> enacl_nif:crypto_shorthash_BYTES().
|
||||
shorthash_size() ->
|
||||
enacl_nif:crypto_shorthash_BYTES().
|
||||
|
||||
%% @doc shorthash/2 produces a short authenticator (MAC) for a message suitable for hashtables and refs
|
||||
%%
|
||||
@ -766,12 +790,14 @@ onetime_auth_verify(A, M, K) ->
|
||||
%% @doc onetime_auth_size/0 returns the number of bytes of the one-time authenticator
|
||||
%% @end
|
||||
-spec onetime_auth_size() -> pos_integer().
|
||||
onetime_auth_size() -> enacl_nif:crypto_onetimeauth_BYTES().
|
||||
onetime_auth_size() ->
|
||||
enacl_nif:crypto_onetimeauth_BYTES().
|
||||
|
||||
%% @doc onetime_auth_key_size/0 returns the byte-size of the onetime authentication key
|
||||
%% @end
|
||||
-spec onetime_auth_key_size() -> pos_integer().
|
||||
onetime_auth_key_size() -> enacl_nif:crypto_onetimeauth_KEYBYTES().
|
||||
onetime_auth_key_size() ->
|
||||
enacl_nif:crypto_onetimeauth_KEYBYTES().
|
||||
|
||||
%% Curve 25519 Crypto
|
||||
%% ------------------
|
||||
|
||||
@ -37,7 +37,6 @@
|
||||
crypto_box_seal/2,
|
||||
crypto_box_seal_open/3,
|
||||
crypto_box_SEALBYTES/0
|
||||
|
||||
]).
|
||||
|
||||
%% Secret key crypto
|
||||
@ -136,13 +135,15 @@
|
||||
-on_load(init/0).
|
||||
|
||||
init() ->
|
||||
SoName = filename:join(
|
||||
case code:priv_dir(enacl) of
|
||||
Dir = case code:priv_dir(enacl) of
|
||||
{error, bad_name} ->
|
||||
filename:join(filename:dirname(filename:dirname(code:which(?MODULE))), "priv");
|
||||
Dir ->
|
||||
Dir
|
||||
end, atom_to_list(?MODULE)),
|
||||
filename:join(
|
||||
filename:dirname(
|
||||
filename:dirname(
|
||||
code:which(?MODULE))), "priv");
|
||||
D -> D
|
||||
end,
|
||||
SoName = filename:join(Dir, atom_to_list(?MODULE)),
|
||||
erlang:load_nif(SoName, 0).
|
||||
|
||||
crypto_box_NONCEBYTES() -> erlang:nif_error(nif_not_loaded).
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user