Mercurial > hg > php_nacl
changeset 10:130a6a714966 default tip
Use libsodium instead of libnacl
author | Ivo Smits <Ivo@UCIS.nl> |
---|---|
date | Thu, 10 Jul 2014 16:34:04 +0000 |
parents | 765303f4f2da |
children | |
files | build.sh config.m4 nacl.c php_nacl.h randombytes.c tests/test.phpt |
diffstat | 6 files changed, 108 insertions(+), 64 deletions(-) [+] |
line wrap: on
line diff
--- a/build.sh Thu Jul 14 16:49:21 2011 +0200 +++ b/build.sh Thu Jul 10 16:34:04 2014 +0000 @@ -1,7 +1,7 @@ #!/bin/sh rm -rf build mkdir build -cp -r config.m4 nacl.c php_nacl.h tests build/ +cp -r config.m4 nacl.c php_nacl.h tests build/ cd build phpize ./configure
--- a/config.m4 Thu Jul 14 16:49:21 2011 +0200 +++ b/config.m4 Thu Jul 10 16:34:04 2014 +0000 @@ -4,6 +4,6 @@ if test "$PHP_NACL" != "no"; then PHP_SUBST(NACL_SHARED_LIBADD) - PHP_ADD_LIBRARY(nacl, 1, NACL_SHARED_LIBADD) + PHP_ADD_LIBRARY(sodium, 1, NACL_SHARED_LIBADD) PHP_NEW_EXTENSION(nacl, nacl.c, $ext_shared) fi
--- a/nacl.c Thu Jul 14 16:49:21 2011 +0200 +++ b/nacl.c Thu Jul 10 16:34:04 2014 +0000 @@ -27,42 +27,29 @@ #include "config.h" #endif -#include "nacl/crypto_box_curve25519xsalsa20poly1305.h" -#include "nacl/crypto_scalarmult_curve25519.h" -#include "nacl/crypto_sign_edwards25519sha512batch.h" +#include "sodium/crypto_box_curve25519xsalsa20poly1305.h" +#include "sodium/crypto_scalarmult_curve25519.h" +#include "sodium/crypto_sign_edwards25519sha512batch.h" +#include "sodium/crypto_sign_ed25519.h" #include "php.h" #include "php_ini.h" #include "php_nacl.h" -#if !(defined crypto_box_curve25519xsalsa20poly1305_KEYPAIRRANDOMBYTES || defined crypto_sign_edwards25519sha512batch_KEYPAIRRANDOMBYTES) -#include "randombytes.c" -#endif - -#if defined crypto_box_curve25519xsalsa20poly1305_KEYPAIRRANDOMBYTES -ZEND_BEGIN_ARG_INFO_EX(arginfo_nacl_crypto_box_curve25519xsalsa20poly1305_keypair, 0, 0, 2) - ZEND_ARG_INFO(1, zsk) - ZEND_ARG_INFO(0, rb) -ZEND_END_ARG_INFO() -#else ZEND_BEGIN_ARG_INFO_EX(arginfo_nacl_crypto_box_curve25519xsalsa20poly1305_keypair, 0, 0, 1) ZEND_ARG_INFO(1, zsk) ZEND_ARG_INFO(0, rb) ZEND_END_ARG_INFO() -#endif -#if defined crypto_sign_edwards25519sha512batch_KEYPAIRRANDOMBYTES -ZEND_BEGIN_ARG_INFO_EX(arginfo_nacl_crypto_sign_edwards25519sha512batch_keypair, 0, 0, 2) - ZEND_ARG_INFO(1, zsk) - ZEND_ARG_INFO(0, rb) -ZEND_END_ARG_INFO() -#else ZEND_BEGIN_ARG_INFO_EX(arginfo_nacl_crypto_sign_edwards25519sha512batch_keypair, 0, 0, 1) ZEND_ARG_INFO(1, zsk) ZEND_ARG_INFO(0, rb) ZEND_END_ARG_INFO() -#endif +ZEND_BEGIN_ARG_INFO_EX(arginfo_nacl_crypto_sign_ed25519_keypair, 0, 0, 1) + ZEND_ARG_INFO(1, zsk) + ZEND_ARG_INFO(0, rb) +ZEND_END_ARG_INFO() -static function_entry nacl_functions[] = { +static zend_function_entry nacl_functions[] = { PHP_FE(nacl_crypto_box_curve25519xsalsa20poly1305, NULL) PHP_FE(nacl_crypto_box_curve25519xsalsa20poly1305_open, NULL) PHP_FE(nacl_crypto_box_curve25519xsalsa20poly1305_getpublickey, NULL) @@ -73,6 +60,9 @@ PHP_FE(nacl_crypto_sign_edwards25519sha512batch, NULL) PHP_FE(nacl_crypto_sign_edwards25519sha512batch_open, NULL) PHP_FE(nacl_crypto_sign_edwards25519sha512batch_keypair, arginfo_nacl_crypto_sign_edwards25519sha512batch_keypair) + PHP_FE(nacl_crypto_sign_ed25519, NULL) + PHP_FE(nacl_crypto_sign_ed25519_open, NULL) + PHP_FE(nacl_crypto_sign_ed25519_keypair, arginfo_nacl_crypto_sign_ed25519_keypair) {NULL, NULL, NULL} }; @@ -107,12 +97,10 @@ REGISTER_LONG_CONSTANT("NACL_CRYPTO_SIGN_edwards25519sha512batch_BYTES", crypto_sign_edwards25519sha512batch_BYTES, CONST_CS | CONST_PERSISTENT); REGISTER_LONG_CONSTANT("NACL_CRYPTO_SIGN_edwards25519sha512batch_PUBLICKEYBYTES", crypto_sign_edwards25519sha512batch_PUBLICKEYBYTES, CONST_CS | CONST_PERSISTENT); REGISTER_LONG_CONSTANT("NACL_CRYPTO_SIGN_edwards25519sha512batch_SECRETKEYBYTES", crypto_sign_edwards25519sha512batch_SECRETKEYBYTES, CONST_CS | CONST_PERSISTENT); -#if defined crypto_box_curve25519xsalsa20poly1305_KEYPAIRRANDOMBYTES - REGISTER_LONG_CONSTANT("NACL_CRYPTO_BOX_curve25519xsalsa20poly1305_KEYPAIRRANDOMBYTES", crypto_box_curve25519xsalsa20poly1305_KEYPAIRRANDOMBYTES, CONST_CS | CONST_PERSISTENT); -#endif -#if defined crypto_sign_edwards25519sha512batch_KEYPAIRRANDOMBYTES - REGISTER_LONG_CONSTANT("NACL_CRYPTO_SIGN_edwards25519sha512batch_KEYPAIRRANDOMBYTES", crypto_sign_edwards25519sha512batch_KEYPAIRRANDOMBYTES, CONST_CS | CONST_PERSISTENT); -#endif + REGISTER_LONG_CONSTANT("NACL_CRYPTO_SIGN_ed25519_SECRETKEYBYTES", crypto_sign_ed25519_SECRETKEYBYTES, CONST_CS | CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("NACL_CRYPTO_SIGN_ed25519_PUBLICKEYBYTES", crypto_sign_ed25519_PUBLICKEYBYTES, CONST_CS | CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("NACL_CRYPTO_SIGN_ed25519_SEEDBYTES", crypto_sign_ed25519_SEEDBYTES, CONST_CS | CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("NACL_CRYPTO_SIGN_ed25519_BYTES", crypto_sign_ed25519_BYTES, CONST_CS | CONST_PERSISTENT); } PHP_FUNCTION(nacl_crypto_box_curve25519xsalsa20poly1305) { //(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *,const unsigned char *) @@ -221,20 +209,18 @@ unsigned char *rb; int lrb; zval *zsk; -#if defined crypto_box_curve25519xsalsa20poly1305_KEYPAIRRANDOMBYTES - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "zs", &zsk, &rb, &lrb) == FAILURE) RETURN_NULL(); - if (!zsk) RETURN_FALSE; - if (lrb != crypto_box_curve25519xsalsa20poly1305_KEYPAIRRANDOMBYTES) RETURN_FALSE; - unsigned char *spk = emalloc(crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES); - unsigned char *ssk = emalloc(crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES); - int ret = crypto_box_curve25519xsalsa20poly1305_keypair(spk, ssk, rb); -#else if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "z|s", &zsk, &rb, &lrb) == FAILURE) RETURN_NULL(); if (!zsk) RETURN_FALSE; unsigned char *spk = emalloc(crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES); unsigned char *ssk = emalloc(crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES); - int ret = crypto_box_curve25519xsalsa20poly1305_keypair(spk, ssk); -#endif + int ret; + if (rb) { + if (lrb < crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES) RETURN_FALSE; + unsigned char base[32] = {9}; + ret = crypto_scalarmult_curve25519(spk, ssk, base); + } else { + ret = crypto_box_curve25519xsalsa20poly1305_keypair(spk, ssk); + } if (ret) RETURN_FALSE; zval_dtor(zsk); ZVAL_STRINGL(zsk, (char*)ssk, crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES, 0); @@ -260,6 +246,7 @@ int lsm, lpk; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss", &sm, &lsm, &pk, &lpk) == FAILURE) RETURN_NULL(); if (lpk != crypto_sign_edwards25519sha512batch_PUBLICKEYBYTES) RETURN_FALSE; + if (lsm < crypto_sign_edwards25519sha512batch_BYTES) RETURN_FALSE; long long unsigned int mlen = lsm; unsigned char* mb = emalloc(mlen); int ret = crypto_sign_edwards25519sha512batch_open(mb, &mlen, sm, lsm, pk); @@ -274,22 +261,64 @@ unsigned char *rb; int lrb; zval *zsk; -#if defined crypto_sign_edwards25519sha512batch_KEYPAIRRANDOMBYTES - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "zs", &zsk, &rb, &lrb) == FAILURE) RETURN_NULL(); - if (lrb != crypto_sign_edwards25519sha512batch_KEYPAIRRANDOMBYTES) RETURN_FALSE; - if (!zsk) RETURN_FALSE; - unsigned char *spk = emalloc(crypto_sign_edwards25519sha512batch_PUBLICKEYBYTES); - unsigned char *ssk = emalloc(crypto_sign_edwards25519sha512batch_SECRETKEYBYTES); - int ret = crypto_sign_edwards25519sha512batch_keypair(spk, ssk, rb); -#else if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "z|s", &zsk, &rb, &lrb) == FAILURE) RETURN_NULL(); if (!zsk) RETURN_FALSE; unsigned char *spk = emalloc(crypto_sign_edwards25519sha512batch_PUBLICKEYBYTES); unsigned char *ssk = emalloc(crypto_sign_edwards25519sha512batch_SECRETKEYBYTES); int ret = crypto_sign_edwards25519sha512batch_keypair(spk, ssk); -#endif if (ret) RETURN_FALSE; zval_dtor(zsk); ZVAL_STRINGL(zsk, (char*)ssk, crypto_sign_edwards25519sha512batch_SECRETKEYBYTES, 0); RETURN_STRINGL((char*)spk, crypto_sign_edwards25519sha512batch_PUBLICKEYBYTES, 0); } +PHP_FUNCTION(nacl_crypto_sign_ed25519) { //(unsigned char *,unsigned long long *,const unsigned char *,unsigned long long,const unsigned char *); + unsigned char *m, *sk; + int lm, lsk; + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss", &m, &lm, &sk, &lsk) == FAILURE) RETURN_NULL(); + if (lsk != crypto_sign_ed25519_SECRETKEYBYTES) RETURN_FALSE; + long long unsigned int smlen = lm + crypto_sign_ed25519_BYTES; + unsigned char* smb = emalloc(smlen); + int ret = crypto_sign_ed25519(smb, &smlen, m, lm, sk); + char* sm = emalloc(smlen); + memcpy(sm, smb, smlen); + efree(smb); + if (ret == 0) RETURN_STRINGL(sm, smlen, 0); + efree(sm); + RETURN_FALSE; +} +PHP_FUNCTION(nacl_crypto_sign_ed25519_open) { //(unsigned char *,unsigned long long *,const unsigned char *,unsigned long long,const unsigned char *); + unsigned char *sm, *pk; + int lsm, lpk; + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss", &sm, &lsm, &pk, &lpk) == FAILURE) RETURN_NULL(); + if (lpk != crypto_sign_ed25519_PUBLICKEYBYTES) RETURN_FALSE; + if (lsm < crypto_sign_ed25519_BYTES) RETURN_FALSE; + long long unsigned int mlen = lsm; + unsigned char* mb = emalloc(mlen); + int ret = crypto_sign_ed25519_open(mb, &mlen, sm, lsm, pk); + char* m = emalloc(mlen); + memcpy(m, mb, mlen); + efree(mb); + if (ret == 0) RETURN_STRINGL(m, mlen, 0); + efree(m); + RETURN_FALSE; +} +PHP_FUNCTION(nacl_crypto_sign_ed25519_keypair) { //(unsigned char *,unsigned char *); + unsigned char *rb; + int lrb; + zval *zsk; + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "z|s", &zsk, &rb, &lrb) == FAILURE) RETURN_NULL(); + if (!zsk) RETURN_FALSE; + unsigned char *spk = emalloc(crypto_sign_ed25519_PUBLICKEYBYTES); + unsigned char *ssk = emalloc(crypto_sign_ed25519_SECRETKEYBYTES); + int ret; + if (rb) { + if (lrb < crypto_sign_ed25519_SEEDBYTES) RETURN_FALSE; + ret = crypto_sign_ed25519_seed_keypair(spk, ssk, rb); + } else { + ret = crypto_sign_ed25519_keypair(spk, ssk); + } + if (ret) RETURN_FALSE; + zval_dtor(zsk); + ZVAL_STRINGL(zsk, (char*)ssk, crypto_sign_ed25519_SECRETKEYBYTES, 0); + RETURN_STRINGL((char*)spk, crypto_sign_ed25519_PUBLICKEYBYTES, 0); +}
--- a/php_nacl.h Thu Jul 14 16:49:21 2011 +0200 +++ b/php_nacl.h Thu Jul 10 16:34:04 2014 +0000 @@ -5,7 +5,7 @@ #include "TSRM.h" #endif -#define PHP_NACL_VERSION "1.0" +#define PHP_NACL_VERSION "1.2" #define PHP_NACL_EXTNAME "nacl" PHP_MINIT_FUNCTION(nacl); @@ -19,6 +19,9 @@ PHP_FUNCTION(nacl_crypto_sign_edwards25519sha512batch); PHP_FUNCTION(nacl_crypto_sign_edwards25519sha512batch_open); PHP_FUNCTION(nacl_crypto_sign_edwards25519sha512batch_keypair); +PHP_FUNCTION(nacl_crypto_sign_ed25519); +PHP_FUNCTION(nacl_crypto_sign_ed25519_open); +PHP_FUNCTION(nacl_crypto_sign_ed25519_keypair); extern zend_module_entry nacl_module_entry; #define phpext_module_ptr &nacl_module_entry
--- a/randombytes.c Thu Jul 14 16:49:21 2011 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,12 +0,0 @@ -#include <time.h> - -void randombytes(unsigned char *x,unsigned long long xlen) { - FILE* fd = fopen("/dev/urandom", "rb"); - if (fd != NULL) { - fread(x, 1, xlen, fd); - fclose(fd); - } else { - srand(time(NULL)); - for (int i = 0; i < xlen; i++) x[i] = rand() % 256; - } -}
--- a/tests/test.phpt Thu Jul 14 16:49:21 2011 +0200 +++ b/tests/test.phpt Thu Jul 10 16:34:04 2014 +0000 @@ -2,6 +2,7 @@ Test the nacl cryptography functions --FILE-- <?php + echo "CRYPTO_BOX_curve25519xsalsa20poly1305\n"; echo NACL_CRYPTO_BOX_curve25519xsalsa20poly1305_PUBLICKEYBYTES."\n"; echo NACL_CRYPTO_BOX_curve25519xsalsa20poly1305_SECRETKEYBYTES."\n"; echo NACL_CRYPTO_BOX_curve25519xsalsa20poly1305_BEFORENMBYTES."\n"; @@ -25,9 +26,21 @@ echo strlen($c).' - '.bin2hex($c)."\n"; $m = nacl_crypto_box_curve25519xsalsa20poly1305_open_afternm($c, $n, $k); echo strlen($m).' - '.bin2hex($m)."\n"; - echo "ok\n"; + echo "CRYPTO_BOX_curve25519xsalsa20poly1305 ok\n"; + echo "CRYPTO_SIGN_edwards25519sha512batch\n"; + echo NACL_CRYPTO_SIGN_edwards25519sha512batch_BYTES."\n"; + echo NACL_CRYPTO_SIGN_edwards25519sha512batch_PUBLICKEYBYTES."\n"; + echo NACL_CRYPTO_SIGN_edwards25519sha512batch_SECRETKEYBYTES."\n"; + echo "CRYPTO_SIGN_edwards25519sha512batch ok\n"; + echo "CRYPTO_SIGN_ed25519\n"; + echo NACL_CRYPTO_SIGN_ed25519_BYTES."\n"; + echo NACL_CRYPTO_SIGN_ed25519_PUBLICKEYBYTES."\n"; + echo NACL_CRYPTO_SIGN_ed25519_SECRETKEYBYTES."\n"; + echo NACL_CRYPTO_SIGN_ed25519_SEEDBYTES."\n"; + echo "CRYPTO_SIGN_ed25519 ok\n"; ?> --EXPECT-- +CRYPTO_BOX_curve25519xsalsa20poly1305 32 32 32 @@ -41,4 +54,15 @@ 32 - 76726914c6c1a5132931a2fc11179746c70982e948811ce93008b07f9a439001 27 - d7f25d6171ee1fac7242ed7c7546ddd56ee983ea24a6c7bf3bced8 11 - 48454c4c4f20574f524c44 -ok +CRYPTO_BOX_curve25519xsalsa20poly1305 ok +CRYPTO_SIGN_edwards25519sha512batch +64 +32 +64 +CRYPTO_SIGN_edwards25519sha512batch ok +CRYPTO_SIGN_ed25519 +64 +32 +64 +32 +CRYPTO_SIGN_ed25519 ok