aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLibravatar vnugent <public@vaughnnugent.com>2024-04-03 18:10:08 -0400
committerLibravatar vnugent <public@vaughnnugent.com>2024-04-03 18:10:08 -0400
commitb11bc0bac955fd5c6db65f0da48456bf5e748805 (patch)
tree5af4a40a27bbf210e7c813010a54a6befcee0788
parent9915bd41799a72413e6b400e150aa9f5fa797e25 (diff)
fix: Fix c89 compatabilty comments and struct assignment
-rw-r--r--CMakeLists.txt19
-rw-r--r--src/noscrypt.c171
-rw-r--r--src/noscrypt.h22
-rw-r--r--tests/hex.h12
-rw-r--r--tests/test.c140
5 files changed, 192 insertions, 172 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt
index f9a1642..e6034a1 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -27,6 +27,8 @@ set(CMAKE_C_STANDARD 90)
set(CMAKE_C_STANDARD_REQUIRED ON)
set(CMAKE_POSITION_INDEPENDENT_CODE ON)
+target_compile_features(${CMAKE_PROJECT_NAME} PUBLIC c_std_90)
+
#if debug
add_compile_definitions($<$<CONFIG:Debug>:DEBUG>)
@@ -84,6 +86,7 @@ unset(SECP256K1_LIB CACHE)
find_library(SECP256K1_LIB
NAMES secp256k1 libsecp256k1 lib_secp256k1
+ PATHS ${LOCAL_SECP256K1_DIR}/src
)
if(NOT SECP256K1_LIB)
@@ -93,13 +96,18 @@ endif()
message(STATUS "secp256k1 library found at ${SECP256K1_LIB}")
target_link_libraries(${CMAKE_PROJECT_NAME} ${SECP256K1_LIB})
-
#link mbedtls and mbedcrypto shared libraries
unset(MBEDCRYPTO_LIB CACHE)
unset(MBEDTLS_LIB CACHE)
-find_library(MBEDTLS_LIB NAMES mbedtls libmbedtls)
-find_library(MBEDCRYPTO_LIB NAMES mbedcrypto libmbedcrypto)
+find_library(MBEDTLS_LIB
+ NAMES mbedtls libmbedtls
+ PATHS ${LOCAL_MBEDTLS_DIR}/library
+)
+find_library(MBEDCRYPTO_LIB
+ NAMES mbedcrypto libmbedcrypto
+ PATHS ${LOCAL_MBEDTLS_DIR}/library
+)
if(NOT MBEDCRYPTO_LIB)
message(FATAL_ERROR "mbedcrypto library not found on local system")
@@ -113,17 +121,18 @@ message(STATUS "mbedcrypto library found at ${MBEDCRYPTO_LIB}")
target_link_libraries(${CMAKE_PROJECT_NAME} ${MBEDCRYPTO_LIB} ${MBEDTLS_LIB})
-
#TESTS
if(BUILD_TESTS)
#add test executable and link to library
add_executable(nctest tests/test.c)
target_link_libraries(nctest ${CMAKE_PROJECT_NAME})
- #link mbedtls crypto sahred library
+ #link mbedtls crypto shared library directly
target_link_libraries(nctest ${MBEDCRYPTO_LIB} ${MBEDTLS_LIB})
target_include_directories(nctest PRIVATE "src")
+ #enable c11 for testing
+ target_compile_features(nctest PRIVATE c_std_11)
endif()
diff --git a/src/noscrypt.c b/src/noscrypt.c
index d63fe53..8aeeefe 100644
--- a/src/noscrypt.c
+++ b/src/noscrypt.c
@@ -23,7 +23,7 @@
#include <secp256k1_ecdh.h>
#include <secp256k1_schnorrsig.h>
-//Setup mbedtls
+/* Setup mbedtls */
#include <mbedtls/platform_util.h>
#include <mbedtls/md.h>
#include <mbedtls/hkdf.h>
@@ -35,22 +35,22 @@
/* Non win platforms may need an inline override */
#if !defined(_NC_IS_WINDOWS) && !defined(inline)
#define inline __inline__
-#endif // !IS_WINDOWS
+#endif /* !IS_WINDOWS */
-//NULL
+/* NULL */
#ifndef NULL
#define NULL ((void*)0)
-#endif // !NULL
+#endif /* !NULL */
-#define CHACHA_NONCE_SIZE 12 //Size of 12 is set by the cipher spec
-#define CHACHA_KEY_SIZE 32 //Size of 32 is set by the cipher spec
+#define CHACHA_NONCE_SIZE 12 /* Size of 12 is set by the cipher spec */
+#define CHACHA_KEY_SIZE 32 /* Size of 32 is set by the cipher spec */
/*
* Local macro for secure zero buffer fill
*/
#define ZERO_FILL(x, size) mbedtls_platform_zeroize(x, size)
-//Include string for memmove
+/* Include string for memmove */
#include <string.h>
#define MEMMOV(dst, src, size) memmove(dst, src, size)
@@ -63,11 +63,11 @@
#define CHECK_NULL_ARG(x, argPos) if(x == NULL) return NCResultWithArgPosition(E_NULL_PTR, argPos);
#define CHECK_ARG_RANGE(x, min, max, argPos) if(x < min || x > max) return NCResultWithArgPosition(E_ARGUMENT_OUT_OF_RANGE, argPos);
#else
- //empty macros
+ /* empty macros */
#define CHECK_INVALID_ARG(x)
#define CHECK_NULL_ARG(x, argPos)
#define CHECK_ARG_RANGE(x, min, max, argPos)
-#endif // !NC_DISABLE_INPUT_VALIDATION
+#endif /* !NC_DISABLE_INPUT_VALIDATION */
#ifdef DEBUG
@@ -88,7 +88,7 @@
*/
#if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112L
#define STATIC_ASSERT(x, m) static_assert(x, m)
- #else
+ #elif !defined(STATIC_ASSERT)
#define STATIC_ASSERT(x, m)
#pragma message("Static assertions are not supported by this language version")
#endif
@@ -137,7 +137,7 @@ static inline int _convertToXonly(const NCContext* ctx, const NCPublicKey* compr
DEBUG_ASSERT2(compressedPubKey != NULL, "Expected a valid public 32byte key structure")
DEBUG_ASSERT2(xonly != NULL, "Expected valid X-only secp256k1 public key structure ")
- //Parse the public key into the x-only structure
+ /* Parse the public key into the x-only structure */
return secp256k1_xonly_pubkey_parse(ctx->secpCtx, xonly, compressedPubKey->key);
}
@@ -150,15 +150,15 @@ static int _convertToPubKey(const NCContext* ctx, const NCPublicKey* compressedP
DEBUG_ASSERT2(compressedPubKey != NULL, "Expected a valid public 32byte key structure")
DEBUG_ASSERT2(pubKey != NULL, "Expected valid secp256k1 public key structure")
- //Set the first byte to 0x02 to indicate a compressed public key
+ /* Set the first byte to 0x02 to indicate a compressed public key */
compressed[0] = BIP340_PUBKEY_HEADER_BYTE;
- //Copy the compressed public key data into a new buffer (offset by 1 to store the header byte)
+ /* Copy the compressed public key data into a new buffer (offset by 1 to store the header byte) */
MEMMOV((compressed + 1), compressedPubKey, sizeof(NCPublicKey));
result = secp256k1_ec_pubkey_parse(ctx->secpCtx, pubKey, compressed, sizeof(compressed));
- //zero everything
+ /* zero everything */
ZERO_FILL(compressed, sizeof(compressed));
return result;
@@ -191,16 +191,16 @@ static int _edhHashFuncInternal(
void* data
)
{
- ((void)y32); //unused for nostr
+ ((void)y32); /* unused for nostr */
((void)data);
DEBUG_ASSERT2(output != NULL, "Expected valid output buffer")
DEBUG_ASSERT2(x32 != NULL, "Expected a valid public 32byte x-coodinate buffer")
- //Copy the x coordinate of the shared point into the output buffer
+ /* Copy the x coordinate of the shared point into the output buffer */
MEMMOV(output, x32, 32);
- return 32; //Return the number of bytes written to the output buffer
+ return 32; /* Return the number of bytes written to the output buffer */
}
static NCResult _computeSharedSecret(
@@ -218,7 +218,7 @@ static NCResult _computeSharedSecret(
DEBUG_ASSERT(otherPk != NULL)
DEBUG_ASSERT(sharedPoint != NULL)
- //Recover pubkey from compressed public key data
+ /* Recover pubkey from compressed public key data */
if (_convertToPubKey(ctx, otherPk, &pubKey) != 1)
{
return E_INVALID_ARG;
@@ -240,17 +240,17 @@ static NCResult _computeSharedSecret(
NULL
);
- //Clean up sensitive data
+ /* Clean up sensitive data */
ZERO_FILL(&pubKey, sizeof(pubKey));
- //Result should be 1 on success
+ /* Result should be 1 on success */
return result > 0 ? NC_SUCCESS : E_OPERATION_FAILED;
}
static inline const mbedtls_md_info_t* _getSha256MdInfo(void)
{
const mbedtls_md_info_t* info;
- //Get sha256 md info for hdkf operations
+ /* Get sha256 md info for hdkf operations */
info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);
DEBUG_ASSERT2(info != NULL, "Expected SHA256 md info struct to be valid")
return info;
@@ -265,23 +265,23 @@ static inline NCResult _computeConversationKey(
)
{
int opResult;
- //Validate internal args
+ /* Validate internal args */
DEBUG_ASSERT2(ctx != NULL, "Expected valid context")
DEBUG_ASSERT2(sharedSecret != NULL, "Expected a valid shared-point")
DEBUG_ASSERT2(mdInfo != NULL, "Expected valid md context")
DEBUG_ASSERT2(ck != NULL, "Expected a valid conversation key")
- //Derive the encryption key
+ /* Derive the encryption key */
opResult = mbedtls_hkdf_extract(
mdInfo,
Nip44ConstantSalt,
sizeof(Nip44ConstantSalt),
- (uint8_t*)sharedSecret, //Shared secret is the input key
+ (uint8_t*)sharedSecret, /* Shared secret is the input key */
NC_SHARED_SEC_SIZE,
- (uint8_t*)ck //Output produces a conversation key
+ (uint8_t*)ck /* Output produces a conversation key */
);
- //Return success if the hkdf operation was successful
+ /* Return success if the hkdf operation was successful */
return opResult == 0 ? NC_SUCCESS : E_OPERATION_FAILED;
}
@@ -302,10 +302,10 @@ static int _chachaEncipher(const struct nc_expand_keys* keys, NCCryptoData* args
return mbedtls_chacha20_crypt(
keys->chacha_key,
keys->chacha_nonce,
- 0, //Counter (always starts at 0)
- args->dataSize, //Data size (input and output are assumed to be the same size)
- args->inputData, //Input data
- args->outputData //Output data
+ 0, /* Counter (always starts at 0) */
+ args->dataSize, /* Data size (input and output are assumed to be the same size) */
+ args->inputData, /* Input data */
+ args->outputData /* Output data */
);
}
@@ -323,14 +323,14 @@ static inline NCResult _getMessageKey(
DEBUG_ASSERT2(converstationKey != NULL, "Expected valid conversation key")
DEBUG_ASSERT2(messageKey != NULL, "Expected valid message key buffer")
- //Another HKDF to derive the message key with nonce
+ /* Another HKDF to derive the message key with nonce */
result = mbedtls_hkdf_expand(
mdInfo,
- (uint8_t*)converstationKey, //Conversation key is the input key
+ (uint8_t*)converstationKey, /* Conversation key is the input key */
NC_CONV_KEY_SIZE,
nonce,
nonceSize,
- (uint8_t*)messageKey, //Output produces a message key (write it directly to struct memory)
+ (uint8_t*)messageKey, /* Output produces a message key (write it directly to struct memory) */
NC_MESSAGE_KEY_SIZE
);
@@ -355,23 +355,23 @@ static inline NCResult _encryptEx(
DEBUG_ASSERT2(mdINfo != NULL, "Expected valid md info struct")
DEBUG_ASSERT2(hmacKey != NULL, "Expected valid hmac key buffer")
- //Failure, bail out
+ /* Failure, bail out */
if ((result = _getMessageKey(mdINfo, ck, args->nonce32, NC_ENCRYPTION_NONCE_SIZE, &messageKey)) != NC_SUCCESS)
{
goto Cleanup;
}
- //Expand the keys from the hkdf so we can use them in the cipher
+ /* Expand the keys from the hkdf so we can use them in the cipher */
expandedKeys = _expandKeysFromHkdf(&messageKey);
- //Copy the hmac key into the args
+ /* Copy the hmac key into the args */
MEMMOV(hmacKey, expandedKeys->hmac_key, NC_HMAC_KEY_SIZE);
- //CHACHA20 (the result will be 0 on success)
+ /* CHACHA20 (the result will be 0 on success) */
result = (NCResult)_chachaEncipher(expandedKeys, args);
Cleanup:
- //Clean up sensitive data
+ /* Clean up sensitive data */
ZERO_FILL(&messageKey, sizeof(messageKey));
return result;
@@ -393,20 +393,20 @@ static inline NCResult _decryptEx(
DEBUG_ASSERT2(args != NULL, "Expected valid encryption args")
DEBUG_ASSERT2(mdInfo != NULL, "Expected valid md info struct")
- //Failure to get message keys, bail out
+ /* Failure to get message keys, bail out */
if ((result = _getMessageKey(mdInfo, ck, args->nonce32, NC_ENCRYPTION_NONCE_SIZE, &messageKey)) != NC_SUCCESS)
{
goto Cleanup;
}
- //Expand the keys from the hkdf so we can use them in the cipher
+ /* Expand the keys from the hkdf so we can use them in the cipher */
cipherKeys = _expandKeysFromHkdf(&messageKey);
- //CHACHA20 (the result will be 0 on success)
+ /* CHACHA20 (the result will be 0 on success) */
result = (NCResult) _chachaEncipher(cipherKeys, args);
Cleanup:
- //Clean up sensitive data
+ /* Clean up sensitive data */
ZERO_FILL(&messageKey, sizeof(messageKey));
return result;
@@ -421,6 +421,7 @@ static inline int _computeHmac(
DEBUG_ASSERT2(key != NULL, "Expected valid hmac key")
DEBUG_ASSERT2(args != NULL, "Expected valid mac verification args")
DEBUG_ASSERT2(hmacOut != NULL, "Expected valid hmac output buffer")
+ DEBUG_ASSERT(args->payload != NULL)
return mbedtls_md_hmac(
_getSha256MdInfo(),
@@ -509,7 +510,7 @@ NC_EXPORT NCResult NC_CC NCInitContext(
ctx->secpCtx = secp256k1_context_create(SECP256K1_CONTEXT_NONE);
- //Randomize once on init
+ /* Randomize once on init */
return secp256k1_context_randomize(ctx->secpCtx, entropy) ? NC_SUCCESS : E_INVALID_ARG;
}
@@ -522,7 +523,7 @@ NC_EXPORT NCResult NC_CC NCReInitContext(
CHECK_INVALID_ARG(ctx->secpCtx, 0)
CHECK_NULL_ARG(entropy, 1)
- //Only randomize again
+ /* Only randomize again */
return secp256k1_context_randomize(ctx->secpCtx, entropy) ? NC_SUCCESS : E_INVALID_ARG;
}
@@ -531,16 +532,16 @@ NC_EXPORT NCResult NC_CC NCDestroyContext(NCContext* ctx)
CHECK_NULL_ARG(ctx, 0);
CHECK_INVALID_ARG(ctx->secpCtx, 0);
- //Destroy secp256k1 context
+ /* Destroy secp256k1 context */
secp256k1_context_destroy(ctx->secpCtx);
- //Wipe the context
+ /* Wipe the context */
ZERO_FILL(ctx, sizeof(NCContext));
return NC_SUCCESS;
}
-//KEY Functions
+/* KEY Functions */
NC_EXPORT NCResult NC_CC NCGetPublicKey(
const NCContext* ctx,
const NCSecretKey* sk,
@@ -561,15 +562,15 @@ NC_EXPORT NCResult NC_CC NCGetPublicKey(
return E_INVALID_ARG;
}
- //Generate the x-only public key, docs say this should always return 1
+ /* Generate the x-only public key, docs say this should always return 1 */
result = secp256k1_keypair_xonly_pub(ctx->secpCtx, &xonly, NULL, &keyPair);
DEBUG_ASSERT2(result == 1, "Expected x-only kepair to ALWAYS return 1")
- //Convert to compressed pubkey
+ /* Convert to compressed pubkey */
result = _convertFromXonly(ctx, &xonly, pk);
DEBUG_ASSERT2(result == 1, "Expected x-only pubkey serialize to return 1")
- //Clean out keypair
+ /* Clean out keypair */
ZERO_FILL(&keyPair, sizeof(keyPair));
ZERO_FILL(&xonly, sizeof(xonly));
@@ -585,11 +586,11 @@ NC_EXPORT NCResult NC_CC NCValidateSecretKey(
CHECK_NULL_ARG(sk, 1)
CHECK_INVALID_ARG(ctx->secpCtx, 0)
- //Validate the secret key
+ /* Validate the secret key */
return secp256k1_ec_seckey_verify(ctx->secpCtx, sk->key);
}
-//Ecdsa Functions
+/* Ecdsa Functions */
NC_EXPORT NCResult NC_CC NCSignDigest(
const NCContext* ctx,
@@ -603,7 +604,7 @@ NC_EXPORT NCResult NC_CC NCSignDigest(
secp256k1_keypair keyPair;
secp256k1_xonly_pubkey xonly;
- //Validate arguments
+ /* Validate arguments */
CHECK_NULL_ARG(ctx, 0)
CHECK_INVALID_ARG(ctx->secpCtx, 0)
CHECK_NULL_ARG(sk, 1)
@@ -611,24 +612,24 @@ NC_EXPORT NCResult NC_CC NCSignDigest(
CHECK_NULL_ARG(digest32, 3)
CHECK_NULL_ARG(sig64, 4)
- //Generate the keypair
+ /* Generate the keypair */
if (secp256k1_keypair_create(ctx->secpCtx, &keyPair, sk->key) != 1)
{
return E_INVALID_ARG;
}
- //Sign the digest
+ /* Sign the digest */
result = secp256k1_schnorrsig_sign32(ctx->secpCtx, sig64, digest32, &keyPair, random32);
DEBUG_ASSERT2(result == 1, "Expected schnorr signature to return 1");
- //x-only public key from keypair so the signature can be verified
+ /* x-only public key from keypair so the signature can be verified */
result = secp256k1_keypair_xonly_pub(ctx->secpCtx, &xonly, NULL, &keyPair);
DEBUG_ASSERT2(result == 1, "Expected x-only public key to ALWAYS return 1");
- //Verify the signature is valid
+ /* Verify the signature is valid */
result = secp256k1_schnorrsig_verify(ctx->secpCtx, sig64, digest32, 32, &xonly);
- //cleanup any sensitive data
+ /* cleanup any sensitive data */
ZERO_FILL(&keyPair, sizeof(keyPair));
ZERO_FILL(&xonly, sizeof(xonly));
@@ -646,7 +647,7 @@ NC_EXPORT NCResult NC_CC NCSignData(
{
uint8_t digest[32];
- //Double check is required because arg position differs
+ /* Double check is required because arg position differs */
CHECK_NULL_ARG(ctx, 0)
CHECK_NULL_ARG(sk, 1)
CHECK_NULL_ARG(random32, 2)
@@ -654,13 +655,13 @@ NC_EXPORT NCResult NC_CC NCSignData(
CHECK_ARG_RANGE(dataSize, 1, UINT32_MAX, 4)
CHECK_NULL_ARG(sig64, 5)
- //Compute sha256 of the data before signing
+ /* Compute sha256 of the data before signing */
if(mbedtls_sha256(data, dataSize, digest, 0) != 0)
{
return E_INVALID_ARG;
}
- //Sign the freshly computed digest
+ /* Sign the freshly computed digest */
return NCSignDigest(ctx, sk, random32, digest, sig64);
}
@@ -680,16 +681,16 @@ NC_EXPORT NCResult NC_CC NCVerifyDigest(
CHECK_NULL_ARG(digest32, 2)
CHECK_NULL_ARG(sig64, 3)
- //recover the x-only key from a compressed public key
+ /* recover the x-only key from a compressed public key */
if(_convertToXonly(ctx, pk, &xonly) != 1)
{
return E_INVALID_ARG;
}
- //Verify the signature
+ /* Verify the signature */
result = secp256k1_schnorrsig_verify(ctx->secpCtx, sig64, digest32, 32, &xonly);
- //cleanup any sensitive data
+ /* cleanup any sensitive data */
ZERO_FILL(&xonly, sizeof(xonly));
return result == 1 ? NC_SUCCESS : E_INVALID_ARG;
@@ -711,17 +712,18 @@ NC_EXPORT NCResult NC_CC NCVerifyData(
CHECK_ARG_RANGE(dataSize, 1, UINT32_MAX, 3)
CHECK_NULL_ARG(sig64, 4)
- //Compute sha256 of the data before verifying
+ /* Compute sha256 of the data before verifying */
if (mbedtls_sha256(data, dataSize, digest, 0) != 0)
{
return E_INVALID_ARG;
}
- //Verify the freshly computed digest
+ /* Verify the freshly computed digest */
return NCVerifyDigest(ctx, pk, digest, sig64);
}
-//ECDH Functions
+/* ECDH Functions */
+
NC_EXPORT NCResult NC_CC NCGetSharedSecret(
const NCContext* ctx,
const NCSecretKey* sk,
@@ -754,7 +756,7 @@ NC_EXPORT NCResult NC_CC NCGetConversationKeyEx(
CHECK_NULL_ARG(sharedPoint, 1)
CHECK_NULL_ARG(conversationKey, 2)
- //Cast the shared point to the shared secret type
+ /* Cast the shared point to the shared secret type */
return _computeConversationKey(
ctx,
_getSha256MdInfo(),
@@ -779,7 +781,7 @@ NC_EXPORT NCResult NC_CC NCGetConversationKey(
CHECK_NULL_ARG(pk, 2)
CHECK_NULL_ARG(conversationKey, 3)
- //Compute the shared point
+ /* Compute the shared point */
if ((result = _computeSharedSecret(ctx, sk, pk, &sharedSecret)) != NC_SUCCESS)
{
goto Cleanup;
@@ -793,7 +795,7 @@ NC_EXPORT NCResult NC_CC NCGetConversationKey(
);
Cleanup:
- //Clean up sensitive data
+ /* Clean up sensitive data */
ZERO_FILL(&sharedSecret, sizeof(sharedSecret));
return result;
@@ -812,7 +814,7 @@ NC_EXPORT NCResult NC_CC NCEncryptEx(
CHECK_NULL_ARG(hmacKeyOut, 2)
CHECK_NULL_ARG(args, 3)
- //Validte ciphertext/plaintext
+ /* Validte ciphertext/plaintext */
CHECK_INVALID_ARG(args->inputData, 3)
CHECK_INVALID_ARG(args->outputData, 3)
CHECK_INVALID_ARG(args->nonce32, 3)
@@ -847,7 +849,7 @@ NC_EXPORT NCResult NC_CC NCEncrypt(
CHECK_NULL_ARG(hmacKeyOut, 3)
CHECK_NULL_ARG(args, 4)
- //Validate input/output data
+ /* Validate input/output data */
CHECK_INVALID_ARG(args->inputData, 4)
CHECK_INVALID_ARG(args->outputData, 4)
CHECK_INVALID_ARG(args->nonce32, 4)
@@ -855,13 +857,13 @@ NC_EXPORT NCResult NC_CC NCEncrypt(
mdInfo = _getSha256MdInfo();
- //Compute the shared point
+ /* Compute the shared point */
if ((result = _computeSharedSecret(ctx, sk, pk, &sharedSecret)) != NC_SUCCESS)
{
goto Cleanup;
}
- //Compute the conversation key from secret and pubkic keys
+ /* Compute the conversation key from secret and pubkic keys */
if ((result = _computeConversationKey(ctx, mdInfo, &sharedSecret, &conversationKey)) != NC_SUCCESS)
{
goto Cleanup;
@@ -870,7 +872,7 @@ NC_EXPORT NCResult NC_CC NCEncrypt(
result = _encryptEx(ctx, mdInfo, &conversationKey, hmacKeyOut, args);
Cleanup:
- //Clean up sensitive data
+ /* Clean up sensitive data */
ZERO_FILL(&sharedSecret, sizeof(sharedSecret));
ZERO_FILL(&conversationKey, sizeof(conversationKey));
@@ -888,7 +890,7 @@ NC_EXPORT NCResult NC_CC NCDecryptEx(
CHECK_NULL_ARG(conversationKey, 1)
CHECK_NULL_ARG(args, 2)
- //Validte ciphertext/plaintext
+ /* Validte ciphertext/plaintext */
CHECK_INVALID_ARG(args->inputData, 2)
CHECK_INVALID_ARG(args->outputData, 2)
CHECK_INVALID_ARG(args->nonce32, 2)
@@ -920,7 +922,7 @@ NC_EXPORT NCResult NC_CC NCDecrypt(
CHECK_NULL_ARG(pk, 2)
CHECK_NULL_ARG(args, 3)
- //Validte ciphertext/plaintext
+ /* Validte ciphertext/plaintext */
CHECK_INVALID_ARG(args->inputData, 3)
CHECK_INVALID_ARG(args->outputData, 3)
CHECK_INVALID_ARG(args->nonce32, 3)
@@ -941,7 +943,7 @@ NC_EXPORT NCResult NC_CC NCDecrypt(
result = _decryptEx(ctx, mdInfo, &conversationKey, args);
Cleanup:
- //Clean up sensitive data
+ /* Clean up sensitive data */
ZERO_FILL(&sharedSecret, sizeof(sharedSecret));
ZERO_FILL(&conversationKey, sizeof(conversationKey));
@@ -956,22 +958,23 @@ NC_EXPORT NCResult NCComputeMac(
uint8_t hmacOut[NC_ENCRYPTION_MAC_SIZE]
)
{
+ NCMacVerifyArgs args;
+
CHECK_NULL_ARG(ctx, 0)
CHECK_INVALID_ARG(ctx->secpCtx, 0)
CHECK_NULL_ARG(hmacKey, 1)
CHECK_NULL_ARG(payload, 2)
CHECK_ARG_RANGE(payloadSize, 1, UINT32_MAX, 3)
CHECK_NULL_ARG(hmacOut, 4)
+
+ /*Fill args with 0 before use because we are only using some of the properties*/
+ ZERO_FILL(&args, sizeof(args));
+ args.payload = payload;
+ args.payloadSize = payloadSize;
/*
* Compute the hmac of the data using the supplied hmac key
*/
-
- NCMacVerifyArgs args = {
- .payload = payload,
- .payloadSize = payloadSize
- };
-
return _computeHmac(hmacKey, &args, hmacOut) == 0 ? NC_SUCCESS : E_OPERATION_FAILED;
}
diff --git a/src/noscrypt.h b/src/noscrypt.h
index 0f9344a..6a40171 100644
--- a/src/noscrypt.h
+++ b/src/noscrypt.h
@@ -36,31 +36,31 @@
#define _NC_IS_WINDOWS
#endif
-//Set api export calling convention (allow used to override)
+/* Set api export calling convention (allow used to override) */
#ifndef NC_CC
#ifdef _NC_IS_WINDOWS
- //STD for importing to other languages such as .NET
+ /* STD for importing to other languages such as .NET */
#define NC_CC __stdcall
#else
#define NC_CC
#endif
-#endif // !NC_CC
+#endif /* !NC_CC */
-#ifndef NC_EXPORT //Allow users to disable the export/impoty macro if using source code directly
+#ifndef NC_EXPORT /* Allow users to disable the export/impoty macro if using source code directly */
#ifdef NOSCRYPT_EXPORTING
#ifdef _NC_IS_WINDOWS
#define NC_EXPORT __declspec(dllexport)
#else
#define NC_EXPORT __attribute__((visibility("default")))
- #endif // _NC_IS_WINDOWS
+ #endif /* _NC_IS_WINDOWS */
#else
#ifdef _NC_IS_WINDOWS
#define NC_EXPORT __declspec(dllimport)
#else
#define NC_EXPORT
- #endif // _NC_IS_WINDOWS
- #endif // !NOSCRYPT_EXPORTING
-#endif // !NC_EXPORT
+ #endif /* _NC_IS_WINDOWS */
+ #endif /* !NOSCRYPT_EXPORTING */
+#endif /* !NC_EXPORT */
/*
* CONSTANTS
@@ -225,10 +225,10 @@ that caused the error.
*/
NC_EXPORT void NC_CC NCParseErrorCode(NCResult result, int* code, uint8_t* argPosition)
{
- //convert result to a positive value
+ /* convert result to a positive value*/
NCResult asPositive = -result;
- //Get the error code from the lower 8 bits and the argument position from the upper 8 bits
+ /* Get the error code from the lower 8 bits and the argument position from the upper 8 bits*/
*code = -(asPositive & NC_ERROR_CODE_MASK);
*argPosition = (asPositive >> NC_ARG_POSITION_OFFSET) & 0xFF;
}
@@ -560,4 +560,4 @@ NC_EXPORT NCResult NCComputeMac(
uint8_t hmacOut[NC_ENCRYPTION_MAC_SIZE]
);
-#endif // !NOSCRYPT_H
+#endif /* !NOSCRYPT_H */
diff --git a/tests/hex.h b/tests/hex.h
index 793e9f9..7c8080a 100644
--- a/tests/hex.h
+++ b/tests/hex.h
@@ -56,9 +56,11 @@ static size_t _hdeferListIndex = 0;
static HexBytes* __allocHexBytes(size_t length)
{
+ HexBytes* hexBytes;
+
length /= 2;
- HexBytes* hexBytes = (HexBytes*)malloc(length + sizeof(HexBytes));
+ hexBytes = (HexBytes*)malloc(length + sizeof(HexBytes));
if(!hexBytes)
{
return NULL;
@@ -89,7 +91,11 @@ static HexBytes* _fromHexString(const char* hexLiteral, size_t strLen)
for (i = 0; i < strLen; i += 2)
{
/* slice string into smaller 2 char strings then parse */
- char byteString[3] = { hexLiteral[i], hexLiteral[i + 1], '\0'};
+ char byteString[3] = { '\0' };
+
+ byteString[0] = hexLiteral[i];
+ byteString[1] = hexLiteral[i + 1];
+
hexBytes->data[i / 2] = (uint8_t)strtol(byteString, NULL, 16);
}
@@ -143,6 +149,6 @@ static void PrintHexBytes(HexBytes* hexBytes)
}
-#endif // !HEX_HELPERS_H
+#endif /* !HEX_HELPERS_H */
diff --git a/tests/test.c b/tests/test.c
index e3188dc..8d3e115 100644
--- a/tests/test.c
+++ b/tests/test.c
@@ -67,7 +67,7 @@
#include "hex.h"
-//Pre-computed constants for argument errors
+/*Pre-computed constants for argument errors */
#define ARG_ERROR_POS_0 E_NULL_PTR
#define ARG_ERROR_POS_1 NCResultWithArgPosition(E_NULL_PTR, 0x01)
#define ARG_ERROR_POS_2 NCResultWithArgPosition(E_NULL_PTR, 0x02)
@@ -104,16 +104,17 @@ static int TestPublicApiArgumentValidation(void);
#endif
static const uint8_t zero32[32] = { 0 };
-static const uint8_t zero64[64] = { 0 };
int main(void)
{
int result;
+
result = RunTests();
+ (void)PrintHexBytes; /*avoid unused. I use occasionally for debugging*/
FreeHexBytes();
- return 0;
+ return result;
}
static int RunTests(void)
@@ -127,7 +128,11 @@ static int RunTests(void)
FillRandomData(ctxRandom, 32);
- //Context struct size should aways match the size of the struct returned by NCGetContextStructSize
+ /*
+ * Context struct size should aways match the size of the
+ * struct returned by NCGetContextStructSize
+ */
+
TEST(NCGetContextStructSize(), sizeof(NCContext))
TEST(NCInitContext(&ctx, ctxRandom), NC_SUCCESS)
@@ -181,16 +186,16 @@ static int InitKepair(NCContext* context, NCSecretKey* secKey, NCPublicKey* pubK
{
PRINTL("TEST: Keypair")
- //Get random private key
+ /* Get random private key */
FillRandomData(secKey, sizeof(NCSecretKey));
- //Ensure not empty
+ /* Ensure not empty */
ENSURE(memcmp(zero32, secKey, 32) != 0);
- //Ensure the key is valid, result should be 1 on success
+ /* Ensure the key is valid, result should be 1 on success */
TEST(NCValidateSecretKey(context, secKey), 1);
- //Generate a public key from the secret key
+ /* Generate a public key from the secret key */
TEST(NCGetPublicKey(context, secKey, pubKey), NC_SUCCESS);
PRINTL("\nPASSED: Keypair tests completed")
@@ -206,55 +211,55 @@ static int TestEcdsa(NCContext* context, NCSecretKey* secKey, NCPublicKey* pubKe
PRINTL("TEST: Ecdsa")
- //Init a new secret key with random data
+ /*Init a new secret key with random data */
FillRandomData(invalidSig, sizeof(invalidSig));
FillRandomData(sigEntropy, sizeof(sigEntropy));
- //compute sha256 of the test string
+ /* compute sha256 of the test string */
_sha256((uint8_t*)message, strlen(message), digestToSign);
- //Sign and verify sig64
+ /* Sign and verify sig64 */
{
uint8_t sig[64];
TEST(NCSignDigest(context, secKey, sigEntropy, digestToSign, sig), NC_SUCCESS);
TEST(NCVerifyDigest(context, pubKey, digestToSign, sig), NC_SUCCESS);
}
- //Sign and verify raw data
+ /* Sign and verify raw data */
{
uint8_t sig[64];
TEST(NCSignData(context, secKey, sigEntropy, (uint8_t*)message, strlen(message), sig), NC_SUCCESS);
TEST(NCVerifyData(context, pubKey, (uint8_t*)message, strlen(message), sig), NC_SUCCESS);
}
- //ensure the signature is the same for signing data and sig64
+ /* ensure the signature is the same for signing data and sig64 */
{
uint8_t sig1[64];
uint8_t sig2[64];
- //Ensure operations succeed but dont print them as test cases
+ /* Ensure operations succeed but dont print them as test cases */
ENSURE(NCSignData(context, secKey, sigEntropy, (uint8_t*)message, strlen(message), sig1) == NC_SUCCESS);
ENSURE(NCSignDigest(context, secKey, sigEntropy, digestToSign, sig2) == NC_SUCCESS);
- //Perform test
+ /* Perform test */
TEST(memcmp(sig1, sig2, 64), 0);
}
- //Try signing data then veriyfing the sig64
+ /* Try signing data then veriyfing the sig64 */
{
uint8_t sig[64];
ENSURE(NCSignData(context, secKey, sigEntropy, (uint8_t*)message, strlen(message), sig) == NC_SUCCESS);
TEST(NCVerifyDigest(context, pubKey, digestToSign, sig), NC_SUCCESS);
- //Now invert test, zero signature to ensure its overwritten
+ /* Now invert test, zero signature to ensure its overwritten */
ZERO_FILL(sig, sizeof(sig));
ENSURE(NCSignDigest(context, secKey, sigEntropy, digestToSign, sig) == NC_SUCCESS);
TEST(NCVerifyData(context, pubKey, (uint8_t*)message, strlen(message), sig), NC_SUCCESS);
}
- //test verification of invalid signature
+ /* test verification of invalid signature */
{
TEST(NCVerifyDigest(context, pubKey, digestToSign, invalidSig), E_INVALID_ARG);
}
@@ -275,51 +280,49 @@ static int TestPublicApiArgumentValidation(void)
uint8_t hmacKeyOut[NC_HMAC_KEY_SIZE];
uint8_t nonce[NC_ENCRYPTION_NONCE_SIZE];
- NCCryptoData cryptoData = {
- .dataSize = sizeof(zero32),
- .inputData = zero32,
- .outputData = sig64, //just an arbitrary writeable buffer
- .nonce32 = nonce
- };
+ NCCryptoData cryptoData;
+ cryptoData.dataSize = sizeof(zero32);
+ cryptoData.inputData = zero32;
+ cryptoData.outputData = sig64; /*just an arbitrary writeable buffer*/
PRINTL("TEST: Public API argument validation tests")
FillRandomData(ctxRandom, 32);
FillRandomData(nonce, sizeof(nonce));
- //Test null context
+ /*Test null context*/
TEST(NCInitContext(NULL, ctxRandom), ARG_ERROR_POS_0)
TEST(NCInitContext(&ctx, NULL), ARG_ERROR_POS_1)
- //Test null context
+ /*Test null context*/
TEST(NCDestroyContext(NULL), ARG_ERROR_POS_0)
- //reinit
+ /*reinit*/
TEST(NCReInitContext(NULL, ctxRandom), ARG_ERROR_POS_0)
TEST(NCReInitContext(&ctx, NULL), ARG_ERROR_POS_1)
- //Test null secret key
+ /*Test null secret key*/
TEST(NCGetPublicKey(&ctx, NULL, &pubKey), ARG_ERROR_POS_1)
TEST(NCGetPublicKey(&ctx, &secKey, NULL), ARG_ERROR_POS_2)
- //Test null secret key
+ /*Test null secret key*/
TEST(NCValidateSecretKey(NULL, &secKey), ARG_ERROR_POS_0)
TEST(NCValidateSecretKey(&ctx, NULL), ARG_ERROR_POS_1)
- //Verify sig64 args test
+ /*Verify sig64 args test*/
TEST(NCVerifyDigest(NULL, &pubKey, zero32, sig64), ARG_ERROR_POS_0)
TEST(NCVerifyDigest(&ctx, NULL, zero32, sig64), ARG_ERROR_POS_1)
TEST(NCVerifyDigest(&ctx, &pubKey, NULL, sig64), ARG_ERROR_POS_2)
TEST(NCVerifyDigest(&ctx, &pubKey, zero32, NULL), ARG_ERROR_POS_3)
- //Test verify data args
+ /*Test verify data args*/
TEST(NCVerifyData(NULL, &pubKey, zero32, 32, sig64), ARG_ERROR_POS_0)
TEST(NCVerifyData(&ctx, NULL, zero32, 32, sig64), ARG_ERROR_POS_1)
TEST(NCVerifyData(&ctx, &pubKey, NULL, 32, sig64), ARG_ERROR_POS_2)
TEST(NCVerifyData(&ctx, &pubKey, zero32, 0, sig64), ARG_RAMGE_ERROR_POS_3)
TEST(NCVerifyData(&ctx, &pubKey, zero32, 32, NULL), ARG_ERROR_POS_4)
- //Test null sign data args
+ /*Test null sign data args*/
TEST(NCSignData(NULL, &secKey, zero32, zero32, 32, sig64), ARG_ERROR_POS_0)
TEST(NCSignData(&ctx, NULL, zero32, zero32, 32, sig64), ARG_ERROR_POS_1)
TEST(NCSignData(&ctx, &secKey, NULL, zero32, 32, sig64), ARG_ERROR_POS_2)
@@ -327,35 +330,35 @@ static int TestPublicApiArgumentValidation(void)
TEST(NCSignData(&ctx, &secKey, zero32, zero32, 0, sig64), ARG_RAMGE_ERROR_POS_4)
TEST(NCSignData(&ctx, &secKey, zero32, zero32, 32, NULL), ARG_ERROR_POS_5)
- //Test null sign digest args
+ /*Test null sign digest args*/
TEST(NCSignDigest(NULL, &secKey, zero32, zero32, sig64), ARG_ERROR_POS_0)
TEST(NCSignDigest(&ctx, NULL, zero32, zero32, sig64), ARG_ERROR_POS_1)
TEST(NCSignDigest(&ctx, &secKey, NULL, zero32, sig64), ARG_ERROR_POS_2)
TEST(NCSignDigest(&ctx, &secKey, zero32, NULL, sig64), ARG_ERROR_POS_3)
TEST(NCSignDigest(&ctx, &secKey, zero32, zero32, NULL), ARG_ERROR_POS_4)
- //Test null encrypt args
+ /*Test null encrypt args*/
TEST(NCEncrypt(NULL, &secKey, &pubKey, hmacKeyOut, &cryptoData), ARG_ERROR_POS_0)
TEST(NCEncrypt(&ctx, NULL, &pubKey, hmacKeyOut, &cryptoData), ARG_ERROR_POS_1)
TEST(NCEncrypt(&ctx, &secKey, NULL, hmacKeyOut, &cryptoData), ARG_ERROR_POS_2)
TEST(NCEncrypt(&ctx, &secKey, &pubKey, NULL, &cryptoData), ARG_ERROR_POS_3)
TEST(NCEncrypt(&ctx, &secKey, &pubKey, hmacKeyOut, NULL), ARG_ERROR_POS_4)
- //Test invalid data size
+ /*Test invalid data size*/
cryptoData.dataSize = 0;
TEST(NCEncrypt(&ctx, &secKey, &pubKey, hmacKeyOut, &cryptoData), ARG_RAMGE_ERROR_POS_4)
- //Test null input data
+ /*Test null input data */
cryptoData.dataSize = 32;
cryptoData.inputData = NULL;
TEST(NCEncrypt(&ctx, &secKey, &pubKey, hmacKeyOut, &cryptoData), ARG_INVALID_ERROR_POS_4)
- //Test null output data
+ /*Test null output data */
cryptoData.inputData = zero32;
cryptoData.outputData = NULL;
TEST(NCEncrypt(&ctx, &secKey, &pubKey, hmacKeyOut, &cryptoData), ARG_INVALID_ERROR_POS_4)
- //Decrypt
+ /* Decrypt */
cryptoData.dataSize = 32;
cryptoData.inputData = zero32;
cryptoData.outputData = sig64;
@@ -365,16 +368,16 @@ static int TestPublicApiArgumentValidation(void)
TEST(NCDecrypt(&ctx, &secKey, NULL, &cryptoData), ARG_ERROR_POS_2)
TEST(NCDecrypt(&ctx, &secKey, &pubKey, NULL), ARG_ERROR_POS_3)
- //Test invalid data size
+ /* Test invalid data size */
cryptoData.dataSize = 0;
TEST(NCDecrypt(&ctx, &secKey, &pubKey, &cryptoData), ARG_RAMGE_ERROR_POS_3)
- //Test null input data
+ /* Test null input data */
cryptoData.dataSize = 32;
cryptoData.inputData = NULL;
TEST(NCDecrypt(&ctx, &secKey, &pubKey, &cryptoData), ARG_INVALID_ERROR_POS_3)
- //Test null output data
+ /*Test null output data */
cryptoData.inputData = zero32;
cryptoData.outputData = NULL;
TEST(NCDecrypt(&ctx, &secKey, &pubKey, &cryptoData), ARG_INVALID_ERROR_POS_3)
@@ -389,12 +392,11 @@ static int TestPublicApiArgumentValidation(void)
}
{
- NCMacVerifyArgs macArgs = {
- .payload = zero32,
- .payloadSize = 32,
- .mac32 = zero32,
- .nonce32 = zero32
- };
+ NCMacVerifyArgs macArgs;
+ macArgs.payload = zero32;
+ macArgs.payloadSize = 32;
+ macArgs.mac32 = zero32;
+ macArgs.nonce32 = zero32;
TEST(NCVerifyMac(NULL, &secKey, &pubKey, &macArgs), ARG_ERROR_POS_0)
TEST(NCVerifyMac(&ctx, NULL, &pubKey, &macArgs), ARG_ERROR_POS_1)
@@ -417,18 +419,19 @@ static int TestPublicApiArgumentValidation(void)
#endif
static int TestKnownKeys(NCContext* context)
-{
- PRINTL("TEST: Known keys")
-
+{
NCPublicKey pubKey;
+ HexBytes* secKey1, * pubKey1, * secKey2, * pubKey2;
- HexBytes* secKey1 = FromHexString("98c642360e7163a66cee5d9a842b252345b6f3f3e21bd3b7635d5e6c20c7ea36", sizeof(secKey));
- HexBytes* pubKey1 = FromHexString("0db15182c4ad3418b4fbab75304be7ade9cfa430a21c1c5320c9298f54ea5406", sizeof(pubKey));
+ PRINTL("TEST: Known keys")
+
+ secKey1 = FromHexString("98c642360e7163a66cee5d9a842b252345b6f3f3e21bd3b7635d5e6c20c7ea36", sizeof(NCSecretKey));
+ pubKey1 = FromHexString("0db15182c4ad3418b4fbab75304be7ade9cfa430a21c1c5320c9298f54ea5406", sizeof(NCPublicKey));
- HexBytes* secKey2 = FromHexString("3032cb8da355f9e72c9a94bbabae80ca99d3a38de1aed094b432a9fe3432e1f2", sizeof(secKey));
- HexBytes* pubKey2 = FromHexString("421181660af5d39eb95e48a0a66c41ae393ba94ffeca94703ef81afbed724e5a", sizeof(pubKey));
+ secKey2 = FromHexString("3032cb8da355f9e72c9a94bbabae80ca99d3a38de1aed094b432a9fe3432e1f2", sizeof(NCSecretKey));
+ pubKey2 = FromHexString("421181660af5d39eb95e48a0a66c41ae393ba94ffeca94703ef81afbed724e5a", sizeof(NCPublicKey));
- //Test known keys
+ /*Test known keys*/
TEST(NCValidateSecretKey(context, NCToSecKey(secKey1->data)), 1);
/* Recover a public key from secret key 1 */
@@ -463,21 +466,20 @@ static int TestCorrectEncryption(NCContext* context)
uint8_t plainText[TEST_ENC_DATA_SIZE];
uint8_t cipherText[TEST_ENC_DATA_SIZE];
uint8_t decryptedText[TEST_ENC_DATA_SIZE];
+
+ NCCryptoData cryptoData;
+ NCMacVerifyArgs macVerifyArgs;
/* setup the crypto data structure */
- NCCryptoData cryptoData = {
- .dataSize = TEST_ENC_DATA_SIZE,
- .inputData = plainText,
- .outputData = cipherText,
- .nonce32 = nonce
- };
-
- NCMacVerifyArgs macVerifyArgs = {
- .nonce32 = nonce,
- .mac32 = mac,
- .payload = cipherText,
- .payloadSize = TEST_ENC_DATA_SIZE
- };
+ cryptoData.dataSize = TEST_ENC_DATA_SIZE;
+ cryptoData.inputData = plainText;
+ cryptoData.outputData = cipherText;
+ cryptoData.nonce32 = nonce;
+
+ macVerifyArgs.nonce32 = nonce;
+ macVerifyArgs.mac32 = mac;
+ macVerifyArgs.payload = cipherText;
+ macVerifyArgs.payloadSize = TEST_ENC_DATA_SIZE;
PRINTL("TEST: Correct encryption")
@@ -497,7 +499,7 @@ static int TestCorrectEncryption(NCContext* context)
/* Try to encrypt the data from sec1 to pub2 */
TEST(NCEncrypt(context, &secKey1, &pubKey2, hmacKeyOut, &cryptoData), NC_SUCCESS);
- //swap cipher and plain text for decryption
+ /*swap cipher and plain text for decryption */
cryptoData.inputData = cipherText;
cryptoData.outputData = decryptedText;