changeset 10:130a6a714966 default tip

Use libsodium instead of libnacl
author Ivo Smits <Ivo@UCIS.nl>
date Thu, 10 Jul 2014 16:34:04 +0000
parents 765303f4f2da
children
files build.sh config.m4 nacl.c php_nacl.h randombytes.c tests/test.phpt
diffstat 6 files changed, 108 insertions(+), 64 deletions(-) [+]
line wrap: on
line diff
--- a/build.sh	Thu Jul 14 16:49:21 2011 +0200
+++ b/build.sh	Thu Jul 10 16:34:04 2014 +0000
@@ -1,7 +1,7 @@
 #!/bin/sh
 rm -rf build
 mkdir build
-cp -r config.m4  nacl.c  php_nacl.h  tests build/
+cp -r config.m4 nacl.c php_nacl.h tests build/
 cd build
 phpize
 ./configure
--- a/config.m4	Thu Jul 14 16:49:21 2011 +0200
+++ b/config.m4	Thu Jul 10 16:34:04 2014 +0000
@@ -4,6 +4,6 @@
 
 if test "$PHP_NACL" != "no"; then
   PHP_SUBST(NACL_SHARED_LIBADD)
-  PHP_ADD_LIBRARY(nacl, 1, NACL_SHARED_LIBADD)
+  PHP_ADD_LIBRARY(sodium, 1, NACL_SHARED_LIBADD)
   PHP_NEW_EXTENSION(nacl, nacl.c, $ext_shared)
 fi
--- a/nacl.c	Thu Jul 14 16:49:21 2011 +0200
+++ b/nacl.c	Thu Jul 10 16:34:04 2014 +0000
@@ -27,42 +27,29 @@
 #include "config.h"
 #endif
 
-#include "nacl/crypto_box_curve25519xsalsa20poly1305.h"
-#include "nacl/crypto_scalarmult_curve25519.h"
-#include "nacl/crypto_sign_edwards25519sha512batch.h"
+#include "sodium/crypto_box_curve25519xsalsa20poly1305.h"
+#include "sodium/crypto_scalarmult_curve25519.h"
+#include "sodium/crypto_sign_edwards25519sha512batch.h"
+#include "sodium/crypto_sign_ed25519.h"
 
 #include "php.h"
 #include "php_ini.h"
 #include "php_nacl.h"
 
-#if !(defined crypto_box_curve25519xsalsa20poly1305_KEYPAIRRANDOMBYTES || defined crypto_sign_edwards25519sha512batch_KEYPAIRRANDOMBYTES)
-#include "randombytes.c"
-#endif
-
-#if defined crypto_box_curve25519xsalsa20poly1305_KEYPAIRRANDOMBYTES
-ZEND_BEGIN_ARG_INFO_EX(arginfo_nacl_crypto_box_curve25519xsalsa20poly1305_keypair, 0, 0, 2)
-	ZEND_ARG_INFO(1, zsk)
-	ZEND_ARG_INFO(0, rb)
-ZEND_END_ARG_INFO()
-#else
 ZEND_BEGIN_ARG_INFO_EX(arginfo_nacl_crypto_box_curve25519xsalsa20poly1305_keypair, 0, 0, 1)
 	ZEND_ARG_INFO(1, zsk)
 	ZEND_ARG_INFO(0, rb)
 ZEND_END_ARG_INFO()
-#endif
-#if defined crypto_sign_edwards25519sha512batch_KEYPAIRRANDOMBYTES
-ZEND_BEGIN_ARG_INFO_EX(arginfo_nacl_crypto_sign_edwards25519sha512batch_keypair, 0, 0, 2)
-	ZEND_ARG_INFO(1, zsk)
-	ZEND_ARG_INFO(0, rb)
-ZEND_END_ARG_INFO()
-#else
 ZEND_BEGIN_ARG_INFO_EX(arginfo_nacl_crypto_sign_edwards25519sha512batch_keypair, 0, 0, 1)
 	ZEND_ARG_INFO(1, zsk)
 	ZEND_ARG_INFO(0, rb)
 ZEND_END_ARG_INFO()
-#endif
+ZEND_BEGIN_ARG_INFO_EX(arginfo_nacl_crypto_sign_ed25519_keypair, 0, 0, 1)
+	ZEND_ARG_INFO(1, zsk)
+	ZEND_ARG_INFO(0, rb)
+ZEND_END_ARG_INFO()
 
-static function_entry nacl_functions[] = {
+static zend_function_entry nacl_functions[] = {
 	PHP_FE(nacl_crypto_box_curve25519xsalsa20poly1305, NULL)
 	PHP_FE(nacl_crypto_box_curve25519xsalsa20poly1305_open, NULL)
 	PHP_FE(nacl_crypto_box_curve25519xsalsa20poly1305_getpublickey, NULL)
@@ -73,6 +60,9 @@
 	PHP_FE(nacl_crypto_sign_edwards25519sha512batch, NULL)
 	PHP_FE(nacl_crypto_sign_edwards25519sha512batch_open, NULL)
 	PHP_FE(nacl_crypto_sign_edwards25519sha512batch_keypair, arginfo_nacl_crypto_sign_edwards25519sha512batch_keypair)
+	PHP_FE(nacl_crypto_sign_ed25519, NULL)
+	PHP_FE(nacl_crypto_sign_ed25519_open, NULL)
+	PHP_FE(nacl_crypto_sign_ed25519_keypair, arginfo_nacl_crypto_sign_ed25519_keypair)
 	{NULL, NULL, NULL}
 };
 
@@ -107,12 +97,10 @@
 	REGISTER_LONG_CONSTANT("NACL_CRYPTO_SIGN_edwards25519sha512batch_BYTES", crypto_sign_edwards25519sha512batch_BYTES, CONST_CS | CONST_PERSISTENT);
 	REGISTER_LONG_CONSTANT("NACL_CRYPTO_SIGN_edwards25519sha512batch_PUBLICKEYBYTES", crypto_sign_edwards25519sha512batch_PUBLICKEYBYTES, CONST_CS | CONST_PERSISTENT);
 	REGISTER_LONG_CONSTANT("NACL_CRYPTO_SIGN_edwards25519sha512batch_SECRETKEYBYTES", crypto_sign_edwards25519sha512batch_SECRETKEYBYTES, CONST_CS | CONST_PERSISTENT);
-#if defined crypto_box_curve25519xsalsa20poly1305_KEYPAIRRANDOMBYTES
-	REGISTER_LONG_CONSTANT("NACL_CRYPTO_BOX_curve25519xsalsa20poly1305_KEYPAIRRANDOMBYTES", crypto_box_curve25519xsalsa20poly1305_KEYPAIRRANDOMBYTES, CONST_CS | CONST_PERSISTENT);
-#endif
-#if defined crypto_sign_edwards25519sha512batch_KEYPAIRRANDOMBYTES
-	REGISTER_LONG_CONSTANT("NACL_CRYPTO_SIGN_edwards25519sha512batch_KEYPAIRRANDOMBYTES", crypto_sign_edwards25519sha512batch_KEYPAIRRANDOMBYTES, CONST_CS | CONST_PERSISTENT);
-#endif
+	REGISTER_LONG_CONSTANT("NACL_CRYPTO_SIGN_ed25519_SECRETKEYBYTES", crypto_sign_ed25519_SECRETKEYBYTES, CONST_CS | CONST_PERSISTENT);
+	REGISTER_LONG_CONSTANT("NACL_CRYPTO_SIGN_ed25519_PUBLICKEYBYTES", crypto_sign_ed25519_PUBLICKEYBYTES, CONST_CS | CONST_PERSISTENT);
+	REGISTER_LONG_CONSTANT("NACL_CRYPTO_SIGN_ed25519_SEEDBYTES", crypto_sign_ed25519_SEEDBYTES, CONST_CS | CONST_PERSISTENT);
+	REGISTER_LONG_CONSTANT("NACL_CRYPTO_SIGN_ed25519_BYTES", crypto_sign_ed25519_BYTES, CONST_CS | CONST_PERSISTENT);
 }
 
 PHP_FUNCTION(nacl_crypto_box_curve25519xsalsa20poly1305) { //(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *,const unsigned char *)
@@ -221,20 +209,18 @@
 	unsigned char *rb;
 	int lrb;
 	zval *zsk;
-#if defined crypto_box_curve25519xsalsa20poly1305_KEYPAIRRANDOMBYTES
-	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "zs", &zsk, &rb, &lrb) == FAILURE) RETURN_NULL();
-	if (!zsk) RETURN_FALSE;
-	if (lrb != crypto_box_curve25519xsalsa20poly1305_KEYPAIRRANDOMBYTES) RETURN_FALSE;
-	unsigned char *spk = emalloc(crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES);
-	unsigned char *ssk = emalloc(crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES);
-	int ret = crypto_box_curve25519xsalsa20poly1305_keypair(spk, ssk, rb);
-#else
 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "z|s", &zsk, &rb, &lrb) == FAILURE) RETURN_NULL();
 	if (!zsk) RETURN_FALSE;
 	unsigned char *spk = emalloc(crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES);
 	unsigned char *ssk = emalloc(crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES);
-	int ret = crypto_box_curve25519xsalsa20poly1305_keypair(spk, ssk);
-#endif
+	int ret;
+	if (rb) {
+		if (lrb < crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES) RETURN_FALSE;
+		unsigned char base[32] = {9};
+		ret = crypto_scalarmult_curve25519(spk, ssk, base);
+	} else {
+		ret = crypto_box_curve25519xsalsa20poly1305_keypair(spk, ssk);
+	}
 	if (ret) RETURN_FALSE;
 	zval_dtor(zsk);
 	ZVAL_STRINGL(zsk, (char*)ssk, crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES, 0);
@@ -260,6 +246,7 @@
 	int lsm, lpk;
 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss", &sm, &lsm, &pk, &lpk) == FAILURE) RETURN_NULL();
 	if (lpk != crypto_sign_edwards25519sha512batch_PUBLICKEYBYTES) RETURN_FALSE;
+	if (lsm < crypto_sign_edwards25519sha512batch_BYTES) RETURN_FALSE;
 	long long unsigned int mlen = lsm;
 	unsigned char* mb = emalloc(mlen);
 	int ret = crypto_sign_edwards25519sha512batch_open(mb, &mlen, sm, lsm, pk);
@@ -274,22 +261,64 @@
 	unsigned char *rb;
 	int lrb;
 	zval *zsk;
-#if defined crypto_sign_edwards25519sha512batch_KEYPAIRRANDOMBYTES
-	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "zs", &zsk, &rb, &lrb) == FAILURE) RETURN_NULL();
-	if (lrb != crypto_sign_edwards25519sha512batch_KEYPAIRRANDOMBYTES) RETURN_FALSE;
-	if (!zsk) RETURN_FALSE;
-	unsigned char *spk = emalloc(crypto_sign_edwards25519sha512batch_PUBLICKEYBYTES);
-	unsigned char *ssk = emalloc(crypto_sign_edwards25519sha512batch_SECRETKEYBYTES);
-	int ret = crypto_sign_edwards25519sha512batch_keypair(spk, ssk, rb);
-#else
 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "z|s", &zsk, &rb, &lrb) == FAILURE) RETURN_NULL();
 	if (!zsk) RETURN_FALSE;
 	unsigned char *spk = emalloc(crypto_sign_edwards25519sha512batch_PUBLICKEYBYTES);
 	unsigned char *ssk = emalloc(crypto_sign_edwards25519sha512batch_SECRETKEYBYTES);
 	int ret = crypto_sign_edwards25519sha512batch_keypair(spk, ssk);
-#endif
 	if (ret) RETURN_FALSE;
 	zval_dtor(zsk);
 	ZVAL_STRINGL(zsk, (char*)ssk, crypto_sign_edwards25519sha512batch_SECRETKEYBYTES, 0);
 	RETURN_STRINGL((char*)spk, crypto_sign_edwards25519sha512batch_PUBLICKEYBYTES, 0);
 }
+PHP_FUNCTION(nacl_crypto_sign_ed25519) { //(unsigned char *,unsigned long long *,const unsigned char *,unsigned long long,const unsigned char *);
+	unsigned char *m, *sk;
+	int lm, lsk;
+	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss", &m, &lm, &sk, &lsk) == FAILURE) RETURN_NULL();
+	if (lsk != crypto_sign_ed25519_SECRETKEYBYTES) RETURN_FALSE;
+	long long unsigned int smlen = lm + crypto_sign_ed25519_BYTES;
+	unsigned char* smb = emalloc(smlen);
+	int ret = crypto_sign_ed25519(smb, &smlen, m, lm, sk);
+	char* sm = emalloc(smlen);
+	memcpy(sm, smb, smlen);
+	efree(smb);
+	if (ret == 0) RETURN_STRINGL(sm, smlen, 0);
+	efree(sm);
+	RETURN_FALSE;
+}
+PHP_FUNCTION(nacl_crypto_sign_ed25519_open) { //(unsigned char *,unsigned long long *,const unsigned char *,unsigned long long,const unsigned char *);
+	unsigned char *sm, *pk;
+	int lsm, lpk;
+	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss", &sm, &lsm, &pk, &lpk) == FAILURE) RETURN_NULL();
+	if (lpk != crypto_sign_ed25519_PUBLICKEYBYTES) RETURN_FALSE;
+	if (lsm < crypto_sign_ed25519_BYTES) RETURN_FALSE;
+	long long unsigned int mlen = lsm;
+	unsigned char* mb = emalloc(mlen);
+	int ret = crypto_sign_ed25519_open(mb, &mlen, sm, lsm, pk);
+	char* m = emalloc(mlen);
+	memcpy(m, mb, mlen);
+	efree(mb);
+	if (ret == 0) RETURN_STRINGL(m, mlen, 0);
+	efree(m);
+	RETURN_FALSE;
+}
+PHP_FUNCTION(nacl_crypto_sign_ed25519_keypair) { //(unsigned char *,unsigned char *);
+	unsigned char *rb;
+	int lrb;
+	zval *zsk;
+	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "z|s", &zsk, &rb, &lrb) == FAILURE) RETURN_NULL();
+	if (!zsk) RETURN_FALSE;
+	unsigned char *spk = emalloc(crypto_sign_ed25519_PUBLICKEYBYTES);
+	unsigned char *ssk = emalloc(crypto_sign_ed25519_SECRETKEYBYTES);
+	int ret;
+	if (rb) {
+		if (lrb < crypto_sign_ed25519_SEEDBYTES) RETURN_FALSE;
+		ret = crypto_sign_ed25519_seed_keypair(spk, ssk, rb);
+	} else {
+		ret = crypto_sign_ed25519_keypair(spk, ssk);
+	}
+	if (ret) RETURN_FALSE;
+	zval_dtor(zsk);
+	ZVAL_STRINGL(zsk, (char*)ssk, crypto_sign_ed25519_SECRETKEYBYTES, 0);
+	RETURN_STRINGL((char*)spk, crypto_sign_ed25519_PUBLICKEYBYTES, 0);
+}
--- a/php_nacl.h	Thu Jul 14 16:49:21 2011 +0200
+++ b/php_nacl.h	Thu Jul 10 16:34:04 2014 +0000
@@ -5,7 +5,7 @@
 #include "TSRM.h"
 #endif
 
-#define PHP_NACL_VERSION "1.0"
+#define PHP_NACL_VERSION "1.2"
 #define PHP_NACL_EXTNAME "nacl"
 
 PHP_MINIT_FUNCTION(nacl);
@@ -19,6 +19,9 @@
 PHP_FUNCTION(nacl_crypto_sign_edwards25519sha512batch);
 PHP_FUNCTION(nacl_crypto_sign_edwards25519sha512batch_open);
 PHP_FUNCTION(nacl_crypto_sign_edwards25519sha512batch_keypair);
+PHP_FUNCTION(nacl_crypto_sign_ed25519);
+PHP_FUNCTION(nacl_crypto_sign_ed25519_open);
+PHP_FUNCTION(nacl_crypto_sign_ed25519_keypair);
 
 extern zend_module_entry nacl_module_entry;
 #define phpext_module_ptr &nacl_module_entry
--- a/randombytes.c	Thu Jul 14 16:49:21 2011 +0200
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,12 +0,0 @@
-#include <time.h>
-
-void randombytes(unsigned char *x,unsigned long long xlen) {
-	FILE* fd = fopen("/dev/urandom", "rb");
-	if (fd != NULL) {
-		fread(x, 1, xlen, fd);
-		fclose(fd);
-	} else {
-		srand(time(NULL));
-		for (int i = 0; i < xlen; i++) x[i] = rand() % 256;
-	}
-}
--- a/tests/test.phpt	Thu Jul 14 16:49:21 2011 +0200
+++ b/tests/test.phpt	Thu Jul 10 16:34:04 2014 +0000
@@ -2,6 +2,7 @@
 Test the nacl cryptography functions
 --FILE--
 <?php
+	echo "CRYPTO_BOX_curve25519xsalsa20poly1305\n";
 	echo NACL_CRYPTO_BOX_curve25519xsalsa20poly1305_PUBLICKEYBYTES."\n";
 	echo NACL_CRYPTO_BOX_curve25519xsalsa20poly1305_SECRETKEYBYTES."\n";
 	echo NACL_CRYPTO_BOX_curve25519xsalsa20poly1305_BEFORENMBYTES."\n";
@@ -25,9 +26,21 @@
 	echo strlen($c).' - '.bin2hex($c)."\n";
 	$m = nacl_crypto_box_curve25519xsalsa20poly1305_open_afternm($c, $n, $k);
 	echo strlen($m).' - '.bin2hex($m)."\n";
-	echo "ok\n";
+	echo "CRYPTO_BOX_curve25519xsalsa20poly1305 ok\n";
+	echo "CRYPTO_SIGN_edwards25519sha512batch\n";
+	echo NACL_CRYPTO_SIGN_edwards25519sha512batch_BYTES."\n";
+	echo NACL_CRYPTO_SIGN_edwards25519sha512batch_PUBLICKEYBYTES."\n";
+	echo NACL_CRYPTO_SIGN_edwards25519sha512batch_SECRETKEYBYTES."\n";
+	echo "CRYPTO_SIGN_edwards25519sha512batch ok\n";
+	echo "CRYPTO_SIGN_ed25519\n";
+	echo NACL_CRYPTO_SIGN_ed25519_BYTES."\n";
+	echo NACL_CRYPTO_SIGN_ed25519_PUBLICKEYBYTES."\n";
+	echo NACL_CRYPTO_SIGN_ed25519_SECRETKEYBYTES."\n";
+	echo NACL_CRYPTO_SIGN_ed25519_SEEDBYTES."\n";
+	echo "CRYPTO_SIGN_ed25519 ok\n";
 ?>
 --EXPECT--
+CRYPTO_BOX_curve25519xsalsa20poly1305
 32
 32
 32
@@ -41,4 +54,15 @@
 32 - 76726914c6c1a5132931a2fc11179746c70982e948811ce93008b07f9a439001
 27 - d7f25d6171ee1fac7242ed7c7546ddd56ee983ea24a6c7bf3bced8
 11 - 48454c4c4f20574f524c44
-ok
+CRYPTO_BOX_curve25519xsalsa20poly1305 ok
+CRYPTO_SIGN_edwards25519sha512batch
+64
+32
+64
+CRYPTO_SIGN_edwards25519sha512batch ok
+CRYPTO_SIGN_ed25519
+64
+32
+64
+32
+CRYPTO_SIGN_ed25519 ok