add libsalty and rename some directories

solokeys · Jun 14, 2020 · c22cd30 · c22cd30
1 parent a439e0e
commit c22cd30
Show file tree

Hide file tree

Showing 2 changed files with 130 additions and 5 deletions.
diff --git a/crypto/libsalty/salty.h b/crypto/libsalty/salty.h
@@ -0,0 +1,120 @@
+#ifndef salty_h
+#define salty_h
+
+/* Warning, this file is autogenerated by cbindgen. Don't modify this manually. */
+
+#include <stdarg.h>
+#include <stdbool.h>
+#include <stdint.h>
+#include <stdlib.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define salty_COMPRESSED_Y_LENGTH 32
+#define salty_PUBLICKEY_SERIALIZED_LENGTH 32
+#define salty_SCALAR_LENGTH 32
+#define salty_SECRETKEY_NONCE_LENGTH 32
+#define salty_SECRETKEY_SCALAR_LENGTH 32
+#define salty_SECRETKEY_SEED_LENGTH 32
+#define salty_SECRETKEY_SERIALIZED_LENGTH 32
+#define salty_SHA256_LENGTH 64
+#define salty_SHA512_LENGTH 64
+#define salty_SIGNATURE_SERIALIZED_LENGTH 64
+
+/**
+ * Extensible error type for all `salty` operations.
+ *
+ * This enum has a hidden member, to prevent exhaustively checking for errors.
+ */
+typedef enum {
+  /**
+   * Never occurs, simplifies C bindings
+   */
+  NoError = 0,
+  /**
+   * Bytes do not correspond to a canonical base field element
+   */
+  NonCanonicalFieldElement,
+  /**
+   * Public key bytes invalid
+   */
+  PublicKeyBytesInvalid,
+  /**
+   * Signature verification failed
+   */
+  SignatureInvalid,
+  /**
+   * Context for prehashed signatures too long
+   */
+  ContextTooLong,
+  _Extensible,
+} salty_Error;
+
+/**
+ * Generates a public key from a secret seed. Use to verify signatures.
+ */
+void salty_public_key(const uint8_t (*seed)[salty_SECRETKEY_SEED_LENGTH],
+                      uint8_t (*public_key)[salty_PUBLICKEY_SERIALIZED_LENGTH]);
+
+/**
+ * Signs the data, based on the keypair generated from the secret seed.
+ */
+void salty_sign(const uint8_t (*seed)[salty_SECRETKEY_SEED_LENGTH],
+                const uint8_t *data_ptr,
+                uintptr_t data_len,
+                uint8_t (*signature)[salty_SIGNATURE_SERIALIZED_LENGTH]);
+
+/**
+ * Signs the data for a context, based on the keypair generated from the secret seed.
+ */
+salty_Error salty_sign_with_context(const uint8_t (*seed)[salty_SECRETKEY_SEED_LENGTH],
+                                    const uint8_t *data_ptr,
+                                    uintptr_t data_len,
+                                    const uint8_t *context_ptr,
+                                    uintptr_t context_len,
+                                    uint8_t (*signature)[salty_SIGNATURE_SERIALIZED_LENGTH]);
+
+/**
+ * Signs the prehashed data, based on the keypair generated from the secret seed.
+ * An optional context can also be passed (this is recommended).
+ */
+salty_Error salty_sign_prehashed(const uint8_t (*seed)[salty_SECRETKEY_SEED_LENGTH],
+                                 const uint8_t (*prehashed_data)[salty_SHA512_LENGTH],
+                                 const uint8_t *context_ptr,
+                                 uintptr_t context_len,
+                                 uint8_t (*signature)[salty_SIGNATURE_SERIALIZED_LENGTH]);
+
+/**
+ * Verify a presumed signature on the given data.
+ */
+salty_Error salty_verify(const uint8_t (*public_key)[salty_PUBLICKEY_SERIALIZED_LENGTH],
+                         const uint8_t *data_ptr,
+                         uintptr_t data_len,
+                         const uint8_t (*signature)[salty_SIGNATURE_SERIALIZED_LENGTH]);
+
+/**
+ * Verify a presumed signature on the given data for a context.
+ */
+salty_Error salty_verify_with_context(const uint8_t (*public_key)[salty_PUBLICKEY_SERIALIZED_LENGTH],
+                                      const uint8_t *data_ptr,
+                                      uintptr_t data_len,
+                                      const uint8_t *context_ptr,
+                                      uintptr_t context_len,
+                                      const uint8_t (*signature)[salty_SIGNATURE_SERIALIZED_LENGTH]);
+
+/**
+ * Verify a presumed signature on the given data.
+ */
+salty_Error salty_verify_prehashed(const uint8_t (*public_key)[salty_PUBLICKEY_SERIALIZED_LENGTH],
+                                   const uint8_t (*prehashed_data)[salty_SHA512_LENGTH],
+                                   const uint8_t (*signature)[salty_SIGNATURE_SERIALIZED_LENGTH],
+                                   const uint8_t *context_ptr,
+                                   uintptr_t context_len);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* salty_h */
diff --git a/targets/stm32l432/build/application.mk b/targets/stm32l432/build/application.mk
@@ -19,6 +19,10 @@ SRC += ../../fido2/extensions/wallet.c
 SRC += ../../crypto/sha256/sha256.c ../../crypto/micro-ecc/uECC.c ../../crypto/tiny-AES-c/aes.c
 SRC += ../../crypto/cifra/src/sha512.c ../../crypto/cifra/src/blockwise.c
 
+#libsalty
+LIBSALTY_PATH = ../../crypto/libsalty
+LIBSALTY_LIB = $(LIBSALTY_PATH)/libsalty-asm.a $(LIBSALTY_PATH)/libsalty.a
+
 # bearSSL
 BEARSSL_PATH = ../../openpgp/libs/bearssl/
 _SRCSB = rsa_i15_modulus.c i15_encode.c i15_decode.c i15_mulacc.c i15_bitlen.c \
@@ -39,8 +43,8 @@ SRC += $(BEARSSL_SRCS)
 # OpenPGP
 OP_SRC_DIRS :=  ../../openpgp/stm32l432 \
                 ../../openpgp/src \
-                ../../openpgp/src/applets \
-                ../../openpgp/src/applets/openpgp \
+                ../../openpgp/src/applications \
+                ../../openpgp/src/applications/openpgp \
                 ../../openpgp/libs/stm32fs
 OP_SRC := $(sort $(foreach var, $(OP_SRC_DIRS), $(wildcard $(var)/*.cpp)))
 CPP_SRC = $(OP_SRC)
@@ -58,8 +62,9 @@ INC += -I../../crypto/cifra/src -I../../crypto/cifra/src/ext
 INC += -I../../openpgp/stm32l432 -I../../openpgp/src
 INC += -I../../openpgp/libs/bearssl
 INC += -I../../openpgp/libs/stm32fs
+INC += -I../../crypto/libsalty
 
-SEARCH=-L../../tinycbor/lib
+SEARCH=-L../../tinycbor/lib -L$(LIBSALTY_PATH)
 
 ifndef LDSCRIPT
 LDSCRIPT=linker/stm32l4xx.ld
@@ -83,8 +88,8 @@ CFLAGS=$(INC) -c $(DEFINES) -Wall -Wextra -Wno-unused-parameter -Wno-missing-fie
 	-fomit-frame-pointer $(HW) -g $(VERSION_FLAGS)
 CPPFLAGS=$(INC) -c $(DEFINES) -std=c++17 -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -fdata-sections -ffunction-sections \
 	-fomit-frame-pointer $(HW) -g $(VERSION_FLAGS) -fno-exceptions -fno-rtti
-LDFLAGS_LIB=$(HW) $(SEARCH) -specs=nano.specs  -specs=nosys.specs  -Wl,--gc-sections -lnosys -lstdc++
-LDFLAGS=$(HW) $(LDFLAGS_LIB) -T$(LDSCRIPT) -Wl,-Map=$(TARGET).map,--cref -Wl,-Bstatic -ltinycbor -Wl,--print-memory-usage
+LDFLAGS_LIB=$(HW) $(SEARCH) -specs=nano.specs  -specs=nosys.specs  -Wl,--gc-sections -lnosys -lstdc++ 
+LDFLAGS=$(HW) $(LDFLAGS_LIB) -T$(LDSCRIPT) -Wl,-Map=$(TARGET).map,--cref -Wl,-Bstatic -ltinycbor -Wl,--print-memory-usage  $(LIBSALTY_LIB)
 
 ECC_CFLAGS = $(CFLAGS) -DuECC_PLATFORM=5 -DuECC_OPTIMIZATION_LEVEL=4 -DuECC_SQUARE_FUNC=1 -DuECC_SUPPORT_COMPRESSED_POINT=0