diff options
| author | Florian Dold <florian@dold.me> | 2021-10-07 14:36:34 +0200 |
|---|---|---|
| committer | Florian Dold <florian@dold.me> | 2021-10-07 14:50:53 +0200 |
| commit | ce961ab6f352bc26f244185e693dfc882151c3d0 (patch) | |
| tree | ae264537817b686ad677816cb5010113cd5fa74d | |
| parent | bfb15f6f8786c777b0c6e63a3bef9c671c8d34fa (diff) | |
| download | anastasis-ce961ab6f352bc26f244185e693dfc882151c3d0.tar.gz anastasis-ce961ab6f352bc26f244185e693dfc882151c3d0.tar.bz2 anastasis-ce961ab6f352bc26f244185e693dfc882151c3d0.zip | |
use libsodium cryptobox / chacha20poly1305
| -rw-r--r-- | .gitignore | 1 | ||||
| -rw-r--r-- | INSTALL | 6 | ||||
| -rw-r--r-- | README | 1 | ||||
| -rw-r--r-- | configure.ac | 21 | ||||
| -rw-r--r-- | doc/texinfo.tex | 418 | ||||
| -rw-r--r-- | src/include/anastasis_crypto_lib.h | 2 | ||||
| -rw-r--r-- | src/stasis/stasis-0001.sql | 2 | ||||
| -rw-r--r-- | src/util/Makefile.am | 5 | ||||
| -rw-r--r-- | src/util/anastasis_crypto.c | 218 |
9 files changed, 213 insertions, 461 deletions
@@ -127,3 +127,4 @@ src/lib/test_anastasis_api_home/ doc/anastasis.info src/cli/test_reducer.err .vscode +vgcore* @@ -1,8 +1,8 @@ Installation Instructions ************************* - Copyright (C) 1994-1996, 1999-2002, 2004-2016 Free Software -Foundation, Inc. + Copyright (C) 1994-1996, 1999-2002, 2004-2017, 2020-2021 Free +Software Foundation, Inc. Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright @@ -225,7 +225,7 @@ order to use an ANSI C compiler: and if that doesn't work, install pre-built binaries of GCC for HP-UX. - HP-UX 'make' updates targets which have the same time stamps as their + HP-UX 'make' updates targets which have the same timestamps as their prerequisites, which makes it generally unusable when shipped generated files such as 'configure' are involved. Use GNU 'make' instead. @@ -25,6 +25,7 @@ Dependencies libjansson : MIT License libgcrypt : LGPL +libsodium : ISC License postgresql : PostgreSQL License libgnunet* : GPLv3+, libtaler* : GPLv3+ diff --git a/configure.ac b/configure.ac index 5463600..70778fb 100644 --- a/configure.ac +++ b/configure.ac @@ -160,7 +160,15 @@ AX_LIB_POSTGRESQL([9.3]) AS_IF([test "x$found_postgresql" = "xyes"],[postgres=true]) AM_CONDITIONAL(HAVE_POSTGRESQL, test x$postgres = xtrue) +libsodium=0 +# test for libsodium >=1.018 (introduction of +# crypto_scalarmult_ed25519_base_noclamp API) +AC_CHECK_HEADER([sodium.h], + [AC_CHECK_LIB([sodium], [crypto_core_ed25519_scalar_mul], + [libsodium=1])]) +AS_IF([test x$libsodium = x0], + [AC_MSG_ERROR([Anastasis requires libsodium >= 1.0.18.])]) # Check for Taler's libtalerutil @@ -180,6 +188,12 @@ AS_CASE([$with_exchange], CPPFLAGS="$CPPFLAGS $POSTGRESQL_CPPFLAGS" LDFLAGS="$LDFLAGS -L/usr/local/lib" +# Require minimum libgcrypt version +need_libgcrypt_version=1.6.1 +AC_DEFINE_UNQUOTED([NEED_LIBGCRYPT_VERSION], ["$need_libgcrypt_version"], + [minimum version of libgcrypt required]) +AM_PATH_LIBGCRYPT([$need_libgcrypt_version]) + AC_CHECK_HEADERS([taler/taler_util.h], [AC_CHECK_LIB([talerutil], [TALER_b2s], @@ -243,13 +257,6 @@ PKG_CHECK_MODULES([JANSSON], [jansson >= 2.3], *** You need libjansson to build this program. ***]])]) - -# Require minimum libgcrypt version -need_libgcrypt_version=1.6.1 -AC_DEFINE_UNQUOTED([NEED_LIBGCRYPT_VERSION], ["$need_libgcrypt_version"], - [minimum version of libgcrypt required]) -AM_PATH_LIBGCRYPT([$need_libgcrypt_version]) - # logging extra_logging=0 AC_ARG_ENABLE([logging], diff --git a/doc/texinfo.tex b/doc/texinfo.tex index 3c7051d..e48383d 100644 --- a/doc/texinfo.tex +++ b/doc/texinfo.tex @@ -3,9 +3,9 @@ % Load plain if necessary, i.e., if running under initex. \expandafter\ifx\csname fmtname\endcsname\relax\input plain\fi % -\def\texinfoversion{2020-10-24.12} +\def\texinfoversion{2021-04-25.21} % -% Copyright 1985, 1986, 1988, 1990-2020 Free Software Foundation, Inc. +% Copyright 1985, 1986, 1988, 1990-2021 Free Software Foundation, Inc. % % This texinfo.tex file is free software: you can redistribute it and/or % modify it under the terms of the GNU General Public License as @@ -572,9 +572,8 @@ \fi } -% @end foo executes the definition of \Efoo. -% But first, it executes a specialized version of \checkenv -% + +% @end foo calls \checkenv and executes the definition of \Efoo. \parseargdef\end{% \if 1\csname iscond.#1\endcsname \else @@ -1003,6 +1002,14 @@ where each line of input produces a line of output.} \global\everypar = {}% } +% leave vertical mode without cancelling any first paragraph indent +\gdef\imageindent{% + \toks0=\everypar + \everypar={}% + \ptexnoindent + \global\everypar=\toks0 +} + % @refill is a no-op. \let\refill=\relax @@ -1863,19 +1870,23 @@ output) for that.)} \closein 1 \endgroup % - \def\xetexpdfext{pdf}% - \ifx\xeteximgext\xetexpdfext - \XeTeXpdffile "#1".\xeteximgext "" - \else - \def\xetexpdfext{PDF}% + % Putting an \hbox around the image can prevent an over-long line + % after the image. + \hbox\bgroup + \def\xetexpdfext{pdf}% \ifx\xeteximgext\xetexpdfext \XeTeXpdffile "#1".\xeteximgext "" \else - \XeTeXpicfile "#1".\xeteximgext "" + \def\xetexpdfext{PDF}% + \ifx\xeteximgext\xetexpdfext + \XeTeXpdffile "#1".\xeteximgext "" + \else + \XeTeXpicfile "#1".\xeteximgext "" + \fi \fi - \fi - \ifdim \wd0 >0pt width \xeteximagewidth \fi - \ifdim \wd2 >0pt height \xeteximageheight \fi \relax + \ifdim \wd0 >0pt width \xeteximagewidth \fi + \ifdim \wd2 >0pt height \xeteximageheight \fi \relax + \egroup } \fi @@ -2673,8 +2684,6 @@ end \definetextfontsizexi -\message{markup,} - % Check if we are currently using a typewriter font. Since all the % Computer Modern typewriter fonts have zero interword stretch (and % shrink), and it is reasonable to expect all typewriter fonts to have @@ -2682,68 +2691,14 @@ end % \def\ifmonospace{\ifdim\fontdimen3\font=0pt } -% Markup style infrastructure. \defmarkupstylesetup\INITMACRO will -% define and register \INITMACRO to be called on markup style changes. -% \INITMACRO can check \currentmarkupstyle for the innermost -% style. - -\let\currentmarkupstyle\empty - -\def\setupmarkupstyle#1{% - \def\currentmarkupstyle{#1}% - \markupstylesetup -} - -\let\markupstylesetup\empty - -\def\defmarkupstylesetup#1{% - \expandafter\def\expandafter\markupstylesetup - \expandafter{\markupstylesetup #1}% - \def#1% -} - -% Markup style setup for left and right quotes. -\defmarkupstylesetup\markupsetuplq{% - \expandafter\let\expandafter \temp - \csname markupsetuplq\currentmarkupstyle\endcsname - \ifx\temp\relax \markupsetuplqdefault \else \temp \fi -} - -\defmarkupstylesetup\markupsetuprq{% - \expandafter\let\expandafter \temp - \csname markupsetuprq\currentmarkupstyle\endcsname - \ifx\temp\relax \markupsetuprqdefault \else \temp \fi -} - { \catcode`\'=\active \catcode`\`=\active -\gdef\markupsetuplqdefault{\let`\lq} -\gdef\markupsetuprqdefault{\let'\rq} - -\gdef\markupsetcodequoteleft{\let`\codequoteleft} -\gdef\markupsetcodequoteright{\let'\codequoteright} +\gdef\setcodequotes{\let`\codequoteleft \let'\codequoteright} +\gdef\setregularquotes{\let`\lq \let'\rq} } -\let\markupsetuplqcode \markupsetcodequoteleft -\let\markupsetuprqcode \markupsetcodequoteright -% -\let\markupsetuplqexample \markupsetcodequoteleft -\let\markupsetuprqexample \markupsetcodequoteright -% -\let\markupsetuplqkbd \markupsetcodequoteleft -\let\markupsetuprqkbd \markupsetcodequoteright -% -\let\markupsetuplqsamp \markupsetcodequoteleft -\let\markupsetuprqsamp \markupsetcodequoteright -% -\let\markupsetuplqverb \markupsetcodequoteleft -\let\markupsetuprqverb \markupsetcodequoteright -% -\let\markupsetuplqverbatim \markupsetcodequoteleft -\let\markupsetuprqverbatim \markupsetcodequoteright - % Allow an option to not use regular directed right quote/apostrophe % (char 0x27), but instead the undirected quote from cmtt (char 0x0d). % The undirected quote is ugly, so don't make it the default, but it @@ -2906,7 +2861,7 @@ end } % @samp. -\def\samp#1{{\setupmarkupstyle{samp}\lq\tclose{#1}\rq\null}} +\def\samp#1{{\setcodequotes\lq\tclose{#1}\rq\null}} % @indicateurl is \samp, that is, with quotes. \let\indicateurl=\samp @@ -2949,8 +2904,7 @@ end \global\let'=\rq \global\let`=\lq % default definitions % \global\def\code{\begingroup - \setupmarkupstyle{code}% - % The following should really be moved into \setupmarkupstyle handlers. + \setcodequotes \catcode\dashChar=\active \catcode\underChar=\active \ifallowcodebreaks \let-\codedash @@ -3104,7 +3058,7 @@ end \urefcatcodes % \global\def\urefcode{\begingroup - \setupmarkupstyle{code}% + \setcodequotes \urefcatcodes \let&\urefcodeamp \let.\urefcodedot @@ -3225,8 +3179,8 @@ end \def\kbdsub#1#2#3\par{% \def\one{#1}\def\three{#3}\def\threex{??}% \ifx\one\xkey\ifx\threex\three \key{#2}% - \else{\tclose{\kbdfont\setupmarkupstyle{kbd}\look}}\fi - \else{\tclose{\kbdfont\setupmarkupstyle{kbd}\look}}\fi + \else{\tclose{\kbdfont\setcodequotes\look}}\fi + \else{\tclose{\kbdfont\setcodequotes\look}}\fi } % definition of @key that produces a lozenge. Doesn't adjust to text size. @@ -3243,7 +3197,7 @@ end % monospace, don't change it; that way, we respect @kbdinputstyle. But % if it isn't monospace, then use \tt. % -\def\key#1{{\setupmarkupstyle{key}% +\def\key#1{{\setregularquotes \nohyphenation \ifmonospace\else\tt\fi #1}\null} @@ -3373,16 +3327,20 @@ end {\obeylines \globaldefs=1 \envdef\displaymath{% -\tex +\tex% \def\thisenv{\displaymath}% +\begingroup\let\end\displaymathend% $$% } -\def\Edisplaymath{$$ +\def\displaymathend{$$\endgroup\end}% + +\def\Edisplaymath{% \def\thisenv{\tex}% \end tex }} + % @inlinefmt{FMTNAME,PROCESSED-TEXT} and @inlineraw{FMTNAME,RAW-TEXT}. % Ignore unless FMTNAME == tex; then it is like @iftex and @tex, % except specified as a normal braced arg, so no newlines to worry about. @@ -4343,82 +4301,8 @@ $$% \doitemize{#1.}\flushcr } -% @alphaenumerate and @capsenumerate are abbreviations for giving an arg -% to @enumerate. -% -\def\alphaenumerate{\enumerate{a}} -\def\capsenumerate{\enumerate{A}} -\def\Ealphaenumerate{\Eenumerate} -\def\Ecapsenumerate{\Eenumerate} - % @multitable macros -% Amy Hendrickson, 8/18/94, 3/6/96 -% -% @multitable ... @end multitable will make as many columns as desired. -% Contents of each column will wrap at width given in preamble. Width -% can be specified either with sample text given in a template line, -% or in percent of \hsize, the current width of text on page. - -% Table can continue over pages but will only break between lines. - -% To make preamble: -% -% Either define widths of columns in terms of percent of \hsize: -% @multitable @columnfractions .25 .3 .45 -% @item ... -% -% Numbers following @columnfractions are the percent of the total -% current hsize to be used for each column. You may use as many -% columns as desired. - - -% Or use a template: -% @multitable {Column 1 template} {Column 2 template} {Column 3 template} -% @item ... -% using the widest term desired in each column. - -% Each new table line starts with @item, each subsequent new column -% starts with @tab. Empty columns may be produced by supplying @tab's -% with nothing between them for as many times as empty columns are needed, -% ie, @tab@tab@tab will produce two empty columns. - -% @item, @tab do not need to be on their own lines, but it will not hurt -% if they are. - -% Sample multitable: - -% @multitable {Column 1 template} {Column 2 template} {Column 3 template} -% @item first col stuff @tab second col stuff @tab third col -% @item -% first col stuff -% @tab -% second col stuff -% @tab -% third col -% @item first col stuff @tab second col stuff -% @tab Many paragraphs of text may be used in any column. -% -% They will wrap at the width determined by the template. -% @item@tab@tab This will be in third column. -% @end multitable - -% Default dimensions may be reset by user. -% @multitableparskip is vertical space between paragraphs in table. -% @multitableparindent is paragraph indent in table. -% @multitablecolmargin is horizontal space to be left between columns. -% @multitablelinespace is space to leave between table items, baseline -% to baseline. -% 0pt means it depends on current normal line spacing. -% -\newskip\multitableparskip -\newskip\multitableparindent -\newdimen\multitablecolspace -\newskip\multitablelinespace -\multitableparskip=0pt -\multitableparindent=6pt -\multitablecolspace=12pt -\multitablelinespace=0pt % Macros used to set up halign preamble: % @@ -4466,8 +4350,6 @@ $$% \go } -% multitable-only commands. -% % @headitem starts a heading row, which we typeset in bold. Assignments % have to be global since we are inside the implicit group of an % alignment entry. \everycr below resets \everytab so we don't have to @@ -4484,14 +4366,8 @@ $$% % default for tables with no headings. \let\headitemcrhook=\relax % -% A \tab used to include \hskip1sp. But then the space in a template -% line is not enough. That is bad. So let's go back to just `&' until -% we again encounter the problem the 1sp was intended to solve. -% --karl, nathan@acm.org, 20apr99. \def\tab{\checkenv\multitable &\the\everytab}% -% @multitable ... @end multitable definitions: -% \newtoks\everytab % insert after every tab. % \envdef\multitable{% @@ -4506,9 +4382,8 @@ $$% % \tolerance=9500 \hbadness=9500 - \setmultitablespacing - \parskip=\multitableparskip - \parindent=\multitableparindent + \parskip=0pt + \parindent=6pt \overfullrule=0pt \global\colcount=0 % @@ -4538,47 +4413,24 @@ $$% % continue for many paragraphs if desired. \halign\bgroup &% \global\advance\colcount by 1 - \multistrut + \strut \vtop{% - % Use the current \colcount to find the correct column width: + \advance\hsize by -1\leftskip + % Find the correct column width \hsize=\expandafter\csname col\the\colcount\endcsname % - % In order to keep entries from bumping into each other - % we will add a \leftskip of \multitablecolspace to all columns after - % the first one. - % - % If a template has been used, we will add \multitablecolspace - % to the width of each template entry. - % - % If the user has set preamble in terms of percent of \hsize we will - % use that dimension as the width of the column, and the \leftskip - % will keep entries from bumping into each other. Table will start at - % left margin and final column will justify at right margin. - % - % Make sure we don't inherit \rightskip from the outer environment. \rightskip=0pt \ifnum\colcount=1 - % The first column will be indented with the surrounding text. - \advance\hsize by\leftskip + \advance\hsize by\leftskip % Add indent of surrounding text \else - \ifsetpercent \else - % If user has not set preamble in terms of percent of \hsize - % we will advance \hsize by \multitablecolspace. - \advance\hsize by \multitablecolspace - \fi - % In either case we will make \leftskip=\multitablecolspace: - \leftskip=\multitablecolspace + % In order to keep entries from bumping into each other. + \leftskip=12pt + \ifsetpercent \else + % If a template has been used + \advance\hsize by \leftskip + \fi \fi - % Ignoring space at the beginning and end avoids an occasional spurious - % blank line, when TeX decides to break the line at the space before the - % box from the multistrut, so the strut ends up on a line by itself. - % For example: - % @multitable @columnfractions .11 .89 - % @item @code{#} - % @tab Legal holiday which is valid in major parts of the whole country. - % Is automatically provided with highlighting sequences respectively - % marking characters. - \noindent\ignorespaces##\unskip\multistrut + \noindent\ignorespaces##\unskip\strut }\cr } \def\Emultitable{% @@ -4587,31 +4439,6 @@ $$% \global\setpercentfalse } -\def\setmultitablespacing{% - \def\multistrut{\strut}% just use the standard line spacing - % - % Compute \multitablelinespace (if not defined by user) for use in - % \multitableparskip calculation. We used define \multistrut based on - % this, but (ironically) that caused the spacing to be off. - % See bug-texinfo report from Werner Lemberg, 31 Oct 2004 12:52:20 +0100. -\ifdim\multitablelinespace=0pt -\setbox0=\vbox{X}\global\multitablelinespace=\the\baselineskip -\global\advance\multitablelinespace by-\ht0 -\fi -% Test to see if parskip is larger than space between lines of -% table. If not, do nothing. -% If so, set to same dimension as multitablelinespace. -\ifdim\multitableparskip>\multitablelinespace -\global\multitableparskip=\multitablelinespace -\global\advance\multitableparskip-7pt % to keep parskip somewhat smaller - % than skip between lines in the table. -\fi% -\ifdim\multitableparskip=0pt -\global\multitableparskip=\multitablelinespace -\global\advance\multitableparskip-7pt % to keep parskip somewhat smaller - % than skip between lines in the table. -\fi} - \message{conditionals,} @@ -5225,30 +5052,29 @@ $$% \let\lbracechar\{% \let\rbracechar\}% % + % Non-English letters. + \def\AA{AA}% + \def\AE{AE}% + \def\DH{DZZ}% + \def\L{L}% + \def\OE{OE}% + \def\O{O}% + \def\TH{TH}% + \def\aa{aa}% + \def\ae{ae}% + \def\dh{dzz}% + \def\exclamdown{!}% + \def\l{l}% + \def\oe{oe}% + \def\ordf{a}% + \def\ordm{o}% + \def\o{o}% + \def\questiondown{?}% + \def\ss{ss}% + \def\th{th}% % \let\do\indexnofontsdef % - % Non-English letters. - \do\AA{AA}% - \do\AE{AE}% - \do\DH{DZZ}% - \do\L{L}% - \do\OE{OE}% - \do\O{O}% - \do\TH{TH}% - \do\aa{aa}% - \do\ae{ae}% - \do\dh{dzz}% - \do\exclamdown{!}% - \do\l{l}% - \do\oe{oe}% - \do\ordf{a}% - \do\ordm{o}% - \do\o{o}% - \do\questiondown{?}% - \do\ss{ss}% - \do\th{th}% - % \do\LaTeX{LaTeX}% \do\TeX{TeX}% % @@ -7144,7 +6970,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% % But \@ or @@ will get a plain @ character. \envdef\tex{% - \setupmarkupstyle{tex}% + \setregularquotes \catcode `\\=0 \catcode `\{=1 \catcode `\}=2 \catcode `\$=3 \catcode `\&=4 \catcode `\#=6 \catcode `\^=7 \catcode `\_=8 \catcode `\~=\active \let~=\tie @@ -7370,7 +7196,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% % If you want all examples etc. small: @set dispenvsize small. % If you want even small examples the full size: @set dispenvsize nosmall. % This affects the following displayed environments: -% @example, @display, @format, @lisp +% @example, @display, @format, @lisp, @verbatim % \def\smallword{small} \def\nosmallword{nosmall} @@ -7416,9 +7242,9 @@ might help (with 'rm \jobname.?? \jobname.??s')% % \maketwodispenvdef{lisp}{example}{% \nonfillstart - \tt\setupmarkupstyle{example}% + \tt\setcodequotes \let\kbdfont = \kbdexamplefont % Allow @kbd to do something special. - \gobble % eat return + \parsearg\gobble } % @display/@smalldisplay: same as @lisp except keep current font. % @@ -7576,7 +7402,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% \def\setupverb{% \tt % easiest (and conventionally used) font for verbatim \def\par{\leavevmode\endgraf}% - \setupmarkupstyle{verb}% + \setcodequotes \tabeightspaces % Respect line breaks, % print special symbols as themselves, and @@ -7617,7 +7443,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% \tt % easiest (and conventionally used) font for verbatim \def\par{\egroup\leavevmode\box\verbbox\endgraf\starttabbox}% \tabexpand - \setupmarkupstyle{verbatim}% + \setcodequotes % Respect line breaks, % print special symbols as themselves, and % make each space count. @@ -8036,7 +7862,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% % leave the code in, but it's strange for @var to lead to typewriter. % Nowadays we recommend @code, since the difference between a ttsl hyphen % and a tt hyphen is pretty tiny. @code also disables ?` !`. - \def\var##1{{\setupmarkupstyle{var}\ttslanted{##1}}}% + \def\var##1{{\setregularquotes\ttslanted{##1}}}% #1% \sl\hyphenchar\font=45 } @@ -8145,11 +7971,18 @@ might help (with 'rm \jobname.?? \jobname.??s')% } \fi +\let\E=\expandafter + % Used at the time of macro expansion. % Argument is macro body with arguments substituted \def\scanmacro#1{% \newlinechar`\^^M - \def\xeatspaces{\eatspaces}% + % expand the expansion of \eatleadingcr twice to maybe remove a leading + % newline (and \else and \fi tokens), then call \eatspaces on the result. + \def\xeatspaces##1{% + \E\E\E\E\E\E\E\eatspaces\E\E\E\E\E\E\E{\eatleadingcr##1% + }}% + \def\xempty##1{}% % % Process the macro body under the current catcode regime. \scantokens{#1@comment}% @@ -8202,6 +8035,11 @@ might help (with 'rm \jobname.?? \jobname.??s')% \unbrace{\gdef\trim@@@ #1 } #2@{#1} } +{\catcode`\^^M=\other% +\gdef\eatleadingcr#1{\if\noexpand#1\noexpand^^M\else\E#1\fi}}% +% Warning: this won't work for a delimited argument +% or for an empty argument + % Trim a single trailing ^^M off a string. {\catcode`\^^M=\other \catcode`\Q=3% \gdef\eatcr #1{\eatcra #1Q^^MQ}% @@ -8368,6 +8206,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% \let\hash\relax % \hash is redefined to `#' later to get it into definitions \let\xeatspaces\relax + \let\xempty\relax \parsemargdefxxx#1,;,% \ifnum\paramno<10\relax\else \paramno0\relax @@ -8379,9 +8218,11 @@ might help (with 'rm \jobname.?? \jobname.??s')% \else \let\next=\parsemargdefxxx \advance\paramno by 1 \expandafter\edef\csname macarg.\eatspaces{#1}\endcsname - {\xeatspaces{\hash\the\paramno}}% + {\xeatspaces{\hash\the\paramno\noexpand\xempty{}}}% \edef\paramlist{\paramlist\hash\the\paramno,}% \fi\next} +% the \xempty{} is to give \eatleadingcr an argument in the case of an +% empty macro argument. % \parsemacbody, \parsermacbody % @@ -8970,7 +8811,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% \else \ifhavexrefs % We (should) know the real title if we have the xref values. - \def\printedrefname{\refx{#1-title}{}}% + \def\printedrefname{\refx{#1-title}}% \else % Otherwise just copy the Info node name. \def\printedrefname{\ignorespaces #1}% @@ -9064,7 +8905,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% % If the user specified the print name (third arg) to the ref, % print it instead of our usual "Figure 1.2". \ifdim\wd\printedrefnamebox = 0pt - \refx{#1-snt}{}% + \refx{#1-snt}% \else \printedrefname \fi @@ -9099,28 +8940,30 @@ might help (with 'rm \jobname.?? \jobname.??s')% \else % Reference within this manual. % - % Only output a following space if the -snt ref is nonempty; for - % @unnumbered and @anchor, it won't be. - \setbox2 = \hbox{\ignorespaces \refx{#1-snt}{}}% + % Only output a following space if the -snt ref is nonempty, as the ref + % will be empty for @unnumbered and @anchor. + \setbox2 = \hbox{\ignorespaces \refx{#1-snt}}% \ifdim \wd2 > 0pt \refx{#1-snt}\space\fi % % output the `[mynode]' via the macro below so it can be overridden. \xrefprintnodename\printedrefname % - % But we always want a comma and a space: - ,\space - % - % output the `page 3'. - \turnoffactive \putwordpage\tie\refx{#1-pg}{}% - % Add a , if xref followed by a space - \if\space\noexpand\tokenafterxref ,% - \else\ifx\ \tokenafterxref ,% @TAB - \else\ifx\*\tokenafterxref ,% @* - \else\ifx\ \tokenafterxref ,% @SPACE - \else\ifx\ - \tokenafterxref ,% @NL - \else\ifx\tie\tokenafterxref ,% @tie - \fi\fi\fi\fi\fi\fi + \expandafter\ifx\csname SETtxiomitxrefpg\endcsname\relax + % But we always want a comma and a space: + ,\space + % + % output the `page 3'. + \turnoffactive \putwordpage\tie\refx{#1-pg}% + % Add a , if xref followed by a space + \if\space\noexpand\tokenafterxref ,% + \else\ifx\ \tokenafterxref ,% @TAB + \else\ifx\*\tokenafterxref ,% @* + \else\ifx\ \tokenafterxref ,% @SPACE + \else\ifx\ + \tokenafterxref ,% @NL + \else\ifx\tie\tokenafterxref ,% @tie + \fi\fi\fi\fi\fi\fi + \fi \fi\fi \fi \endlink @@ -9187,9 +9030,8 @@ might help (with 'rm \jobname.?? \jobname.??s')% \fi\fi\fi } -% \refx{NAME}{SUFFIX} - reference a cross-reference string named NAME. SUFFIX -% is output afterwards if non-empty. -\def\refx#1#2{% +% \refx{NAME} - reference a cross-reference string named NAME. +\def\refx#1{% \requireauxfile {% \indexnofonts @@ -9216,7 +9058,6 @@ might help (with 'rm \jobname.?? \jobname.??s')% % It's defined, so just use it. \thisrefX \fi - #2% Output the suffix in any case. } % This is the macro invoked by entries in the aux file. Define a control @@ -9326,10 +9167,10 @@ might help (with 'rm \jobname.?? \jobname.??s')% \catcode`\[=\other \catcode`\]=\other \catcode`\"=\other - \catcode`\_=\other - \catcode`\|=\other - \catcode`\<=\other - \catcode`\>=\other + \catcode`\_=\active + \catcode`\|=\active + \catcode`\<=\active + \catcode`\>=\active \catcode`\$=\other \catcode`\#=\other \catcode`\&=\other @@ -9550,7 +9391,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% \def\imagexxx#1,#2,#3,#4,#5,#6\finish{\begingroup \catcode`\^^M = 5 % in case we're inside an example \normalturnoffactive % allow _ et al. in names - \def\xprocessmacroarg{\eatspaces}% in case we are being used via a macro + \makevalueexpandable % If the image is by itself, center it. \ifvmode \imagevmodetrue @@ -9576,7 +9417,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% % On the other hand, if we are in the case of @center @image, we don't % want to start a paragraph, which will create a hsize-width box and % eradicate the centering. - \ifx\centersub\centerV\else \noindent \fi + \ifx\centersub\centerV \else \imageindent \fi % % Output the image. \ifpdf @@ -11603,7 +11444,7 @@ directory should work if nowhere else does.} \let> = \activegtr \let~ = \activetilde \let^ = \activehat - \markupsetuplqdefault \markupsetuprqdefault + \setregularquotes \let\b = \strong \let\i = \smartitalic % in principle, all other definitions in \tex have to be undone too. @@ -11662,8 +11503,7 @@ directory should work if nowhere else does.} @let|=@normalverticalbar @let~=@normaltilde @let\=@ttbackslash - @markupsetuplqdefault - @markupsetuprqdefault + @setregularquotes @unsepspaces } } @@ -11756,8 +11596,7 @@ directory should work if nowhere else does.} @c Do this last of all since we use ` in the previous @catcode assignments. @catcode`@'=@active @catcode`@`=@active -@markupsetuplqdefault -@markupsetuprqdefault +@setregularquotes @c Local variables: @c eval: (add-hook 'before-save-hook 'time-stamp) @@ -11770,3 +11609,4 @@ directory should work if nowhere else does.} @c vim:sw=2: @enablebackslashhack + diff --git a/src/include/anastasis_crypto_lib.h b/src/include/anastasis_crypto_lib.h index 0075be7..9e038fc 100644 --- a/src/include/anastasis_crypto_lib.h +++ b/src/include/anastasis_crypto_lib.h @@ -137,7 +137,7 @@ struct ANASTASIS_CRYPTO_PolicyKeyP */ struct ANASTASIS_CRYPTO_NonceP { - uint32_t nonce[8]; + uint8_t nonce[crypto_secretbox_NONCEBYTES]; }; diff --git a/src/stasis/stasis-0001.sql b/src/stasis/stasis-0001.sql index e0ebfa6..de2762a 100644 --- a/src/stasis/stasis-0001.sql +++ b/src/stasis/stasis-0001.sql @@ -40,7 +40,7 @@ COMMENT ON COLUMN anastasis_truth_payment.expiration CREATE TABLE IF NOT EXISTS anastasis_truth (truth_uuid BYTEA PRIMARY KEY CHECK(LENGTH(truth_uuid)=32), - key_share_data BYTEA CHECK(LENGTH(key_share_data)=80) NOT NULL, + key_share_data BYTEA CHECK(LENGTH(key_share_data)=72) NOT NULL, method_name VARCHAR NOT NULL, encrypted_truth BYTEA NOT NULL, truth_mime VARCHAR NOT NULL, diff --git a/src/util/Makefile.am b/src/util/Makefile.am index 5f3b3d5..22c7a1c 100644 --- a/src/util/Makefile.am +++ b/src/util/Makefile.am @@ -38,6 +38,7 @@ libanastasisutil_la_SOURCES = \ libanastasisutil_la_LIBADD = \ -lgnunetutil \ $(LIBGCRYPT_LIBS) \ + -lsodium \ -ljansson \ -ltalerutil \ $(XLIB) @@ -54,15 +55,15 @@ TESTS = \ test_anastasis_crypto_SOURCES = \ test_anastasis_crypto.c test_anastasis_crypto_LDADD = \ + $(top_builddir)/src/util/libanastasisutil.la \ -lgnunetutil \ -ltalerutil \ - libanastasisutil.la \ $(XLIB) anastasis_crypto_tvg_SOURCES = \ anastasis-crypto-tvg.c anastasis_crypto_tvg_LDADD = \ - $(top_builddir)/src/util/libanastasisutil.la \ + libanastasisutil.la \ -ltalerjson \ -ltalerutil \ -lgnunetjson \ diff --git a/src/util/anastasis_crypto.c b/src/util/anastasis_crypto.c index 067ac92..1025e60 100644 --- a/src/util/anastasis_crypto.c +++ b/src/util/anastasis_crypto.c @@ -73,49 +73,38 @@ ANASTASIS_CRYPTO_secure_answer_hash ( /** - * Compute @a key and @a iv. + * Compute @a key. * * @param key_material key for calculation * @param key_m_len length of key * @param nonce nonce for calculation * @param salt salt value for calculation * @param[out] key where to write the en-/description key - * @param[out] iv where to write the IV */ static void -get_iv_key (const void *key_material, +derive_key (const void *key_material, size_t key_m_len, const struct ANASTASIS_CRYPTO_NonceP *nonce, const char *salt, - const struct ANASTASIS_CRYPTO_SymKeyP *key, - struct ANASTASIS_CRYPTO_IvP *iv) + struct ANASTASIS_CRYPTO_SymKeyP *key) { - char res[sizeof (struct ANASTASIS_CRYPTO_SymKeyP) - + sizeof (struct ANASTASIS_CRYPTO_IvP)]; if (GNUNET_YES != - GNUNET_CRYPTO_hkdf (res, - sizeof (res), - GCRY_MD_SHA512, - GCRY_MD_SHA256, - key_material, - key_m_len, - nonce, - sizeof (struct ANASTASIS_CRYPTO_NonceP), - salt, - strlen (salt), - NULL, - 0)) + GNUNET_CRYPTO_kdf (key, + sizeof (struct ANASTASIS_CRYPTO_SymKeyP), + nonce, + sizeof (struct ANASTASIS_CRYPTO_NonceP), + key_material, + key_m_len, + salt, + strlen (salt), + NULL, + 0)) { + // FIXME: Huh?! Why would we continue here? GNUNET_break (0); return; } - memcpy ((void *) key, - res, - sizeof (*key)); - memcpy (iv, - &res[sizeof (*key)], - sizeof (*iv)); } @@ -141,67 +130,25 @@ anastasis_encrypt (const struct ANASTASIS_CRYPTO_NonceP *nonce, void **res, size_t *res_size) { - struct ANASTASIS_CRYPTO_NonceP *nonceptr; - gcry_cipher_hd_t cipher; - struct ANASTASIS_CRYPTO_SymKeyP sym_key; - struct ANASTASIS_CRYPTO_IvP iv; - int rc; - struct ANASTASIS_CRYPTO_AesTagP *tag; - char *ciphertext; - - *res_size = data_size - + sizeof (struct ANASTASIS_CRYPTO_NonceP) - + sizeof (struct ANASTASIS_CRYPTO_AesTagP); - if (*res_size <= data_size) - { - GNUNET_break (0); - return; - } - *res = GNUNET_malloc (*res_size); - if (*res_size != data_size - + sizeof (struct ANASTASIS_CRYPTO_NonceP) - + sizeof (struct ANASTASIS_CRYPTO_AesTagP)) - { - GNUNET_break (0); - return; - } - nonceptr = (struct ANASTASIS_CRYPTO_NonceP *) *res; - tag = (struct ANASTASIS_CRYPTO_AesTagP *) &nonceptr[1]; - ciphertext = (char *) &tag[1]; - memcpy (nonceptr, - nonce, - sizeof (*nonce)); - get_iv_key (key, + size_t ciphertext_size; + struct ANASTASIS_CRYPTO_SymKeyP skey; + + derive_key (key, key_len, nonce, salt, - &sym_key, - &iv); - GNUNET_assert (0 == - gcry_cipher_open (&cipher, - GCRY_CIPHER_AES256, - GCRY_CIPHER_MODE_GCM, - 0)); - rc = gcry_cipher_setkey (cipher, - &sym_key, - sizeof (sym_key)); - GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); - rc = gcry_cipher_setiv (cipher, - &iv, - sizeof (iv)); - GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); - - GNUNET_assert (0 == - gcry_cipher_encrypt (cipher, - ciphertext, - data_size, - data, - data_size)); + &skey); + ciphertext_size = crypto_secretbox_NONCEBYTES + + crypto_secretbox_MACBYTES + data_size; + *res_size = ciphertext_size; + *res = GNUNET_malloc (ciphertext_size); + memcpy (*res, nonce, crypto_secretbox_NONCEBYTES); GNUNET_assert (0 == - gcry_cipher_gettag (cipher, - tag, - sizeof (struct ANASTASIS_CRYPTO_AesTagP))); - gcry_cipher_close (cipher); + crypto_secretbox_easy (*res + crypto_secretbox_NONCEBYTES, + data, + data_size, + (void *) nonce, + (void *) &skey)); } @@ -226,71 +173,30 @@ anastasis_decrypt (const void *key, size_t *res_size) { const struct ANASTASIS_CRYPTO_NonceP *nonce; - gcry_cipher_hd_t cipher; - const struct ANASTASIS_CRYPTO_SymKeyP sym_key; - struct ANASTASIS_CRYPTO_IvP iv; - int rc; - const struct ANASTASIS_CRYPTO_AesTagP *tag; - const char *ciphertext; - - *res_size = data_size - - sizeof (struct ANASTASIS_CRYPTO_NonceP) - - sizeof (struct ANASTASIS_CRYPTO_AesTagP); - if (*res_size >= data_size) - { - GNUNET_break (0); - *res = NULL; - return; - } - *res = GNUNET_malloc (*res_size); - if (*res_size != data_size - - sizeof (struct ANASTASIS_CRYPTO_NonceP) - - sizeof (struct ANASTASIS_CRYPTO_AesTagP)) - { - GNUNET_break (0); - GNUNET_free (*res); - return; - } + struct ANASTASIS_CRYPTO_SymKeyP skey; + size_t plaintext_size; - nonce = (const struct ANASTASIS_CRYPTO_NonceP *) data; - tag = (struct ANASTASIS_CRYPTO_AesTagP *) &nonce[1]; - ciphertext = (const char *) &tag[1]; - get_iv_key (key, + GNUNET_assert (data_size >= crypto_secretbox_NONCEBYTES + + crypto_secretbox_MACBYTES); + nonce = data; + derive_key (key, key_len, nonce, salt, - &sym_key, - &iv); - GNUNET_assert (0 == - gcry_cipher_open (&cipher, - GCRY_CIPHER_AES256, - GCRY_CIPHER_MODE_GCM, - 0)); - rc = gcry_cipher_setkey (cipher, - &sym_key, - sizeof (sym_key)); - GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); - - rc = gcry_cipher_setiv (cipher, - &iv, - sizeof (iv)); - GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); - - GNUNET_assert (0 == gcry_cipher_decrypt (cipher, - *res, - *res_size, - ciphertext, - *res_size)); - if (0 != - gcry_cipher_checktag (cipher, - tag, - sizeof (struct ANASTASIS_CRYPTO_AesTagP))) + &skey); + plaintext_size = data_size - (crypto_secretbox_NONCEBYTES + + crypto_secretbox_MACBYTES); + *res = GNUNET_malloc (plaintext_size); + *res_size = plaintext_size; + if (0 != crypto_secretbox_open_easy (*res, + data + crypto_secretbox_NONCEBYTES, + data_size - crypto_secretbox_NONCEBYTES, + (void *) nonce, + (void *) &skey)) { GNUNET_break (0); GNUNET_free (*res); - return; } - gcry_cipher_close (cipher); } @@ -322,16 +228,14 @@ ANASTASIS_CRYPTO_account_private_key_derive ( { /* priv_key = ver_secret */ if (GNUNET_YES != - GNUNET_CRYPTO_hkdf (&priv_key->priv, - sizeof (priv_key->priv), - GCRY_MD_SHA512, - GCRY_MD_SHA256, - id, - sizeof (struct ANASTASIS_CRYPTO_UserIdentifierP), - "ver", - strlen ("ver"), - NULL, - 0)) + GNUNET_CRYPTO_kdf (&priv_key->priv, + sizeof (priv_key->priv), + id, + sizeof (struct ANASTASIS_CRYPTO_UserIdentifierP), + "ver", + strlen ("ver"), + NULL, + 0)) { GNUNET_break (0); return; @@ -519,15 +423,13 @@ ANASTASIS_CRYPTO_policy_key_derive ( const struct ANASTASIS_CRYPTO_MasterSaltP *salt, struct ANASTASIS_CRYPTO_PolicyKeyP *policy_key) { - GNUNET_CRYPTO_hkdf (policy_key, - sizeof (*policy_key), - GCRY_MD_SHA512, - GCRY_MD_SHA256, - key_shares, - keyshare_length * sizeof (*key_shares), - salt, - sizeof (*salt), - NULL, 0); + GNUNET_CRYPTO_kdf (policy_key, + sizeof (*policy_key), + key_shares, + keyshare_length * sizeof (*key_shares), + salt, + sizeof (*salt), + NULL, 0); } |