This is an automated email from the ASF dual-hosted git repository. kmccusker pushed a commit to branch issue21 in repository https://gitbox.apache.org/repos/asf/incubator-milagro-MPC.git
commit f5993119805fd39d7b8666790dc55c8258b9dc1f Author: Kealan McCusker <[email protected]> AuthorDate: Fri Feb 28 13:23:43 2020 +0000 add static code analysis --- .travis.yml | 31 ++++++++++++++++++++++- Dockerfile | 14 ----------- README.md | 2 ++ include/amcl/commitments.h | 4 +-- include/amcl/mpc.h | 16 ++++++------ include/amcl/mta.h | 8 +++--- include/amcl/schnorr.h | 12 ++++----- python/amcl/commitments.py | 4 +-- python/amcl/mpc.py | 10 ++++---- python/amcl/schnorr.py | 6 ++--- sonar-project.properties | 24 ++++++++++++++++++ src/commitments.c | 14 ++++++----- src/factoring_zk.c | 4 +-- src/mpc.c | 63 +++++++++++++++++++++++----------------------- src/mta.c | 12 ++++----- src/schnorr.c | 14 +++++------ 16 files changed, 140 insertions(+), 98 deletions(-) diff --git a/.travis.yml b/.travis.yml index fd7c4f3..6bedfbf 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,14 +1,43 @@ language: c compiler: gcc -dist: bionic +dist: trusty + services: - docker +addons: + sonarcloud: + organization: "kealan-github" + token: + secure: "ORVvvXrl7OGjTb+8FIKHUKVwvI5N9QEul4xX8lyRk8b1tAq5ZiqgZkQBC2FlKYAw/filKVn/XWUsm86moPIWl/ek6gxvWY5dD4Al4C9onMKFlNthjMdYBs5cMr8O7xaGSKJZxPtwLwiVa7h6AwZIzOaTIgI22lwgY5M8uW2L781JwK/TqOhClfsRrOmCHKrd+7fOeErCA9B/4fleZcvUGvkX4Cpl95nJt8LbsN17bxB5c0bieWTIQppZSQU3PZwNEjnvxYtcEMLZShv/0kO8QVxWZn8X/KBAnA38Cj9qtexwFXK3zExQjv7j9Jpz89T8VdIrckF21VgIKFPxaFZ1Xibgd8XjzOf6Fr5t+juc+fYvCnARxrHdGCajI5GlHt0yYGUSOR4zlj2Ie2l0j/tOx0N1TKXvfaBDy8PIUK2eLAws2IWnZRKBPUUeWeXK7mIH7tpHvWiCsjyVZ6Ud7mX9/tu9YubPb [...] + install: - gem install coveralls-lcov jobs: include: + - stage: sonar + script: + - echo "Run static code analysis" + - git clone https://github.com/apache/incubator-milagro-crypto-c.git + - cd incubator-milagro-crypto-c + - mkdir build + - cd build + - cmake -D CMAKE_BUILD_TYPE=Release -D BUILD_SHARED_LIBS=ON -D AMCL_CHUNK=64 -D AMCL_CURVE="BLS381,SECP256K1" -D AMCL_RSA="" -D BUILD_PAILLIER=ON -D BUILD_PYTHON=OFF -D BUILD_BLS=ON -D BUILD_WCC=OFF -D BUILD_MPIN=OFF -D BUILD_X509=OFF -D CMAKE_INSTALL_PREFIX=/usr/local .. + - make + - sudo make install + - cd ../.. + - rm -rf python + - mkdir build + - cd build + - cmake -D BUILD_TESTS=OFF -D BUILD_EXAMPLES=OFF -D BUILD_BENCHMARK=OFF -D BUILD_PYTHON=OFF -D BUILD_DOXYGEN=OFF .. + - build-wrapper-linux-x86-64 --out-dir bw-output make + - mv bw-output .. + - cd .. + - rm -rf test + - rm -rf examples + - rm -rf benchmark + - sonar-scanner -X - stage: test script: - echo "Build docker image and run tests" diff --git a/Dockerfile b/Dockerfile index ae6c905..91b4f44 100755 --- a/Dockerfile +++ b/Dockerfile @@ -39,20 +39,6 @@ RUN apt-get update && \ RUN pip3 install cffi -# install golang -RUN cd /tmp && \ - wget https://dl.google.com/go/go1.13.linux-amd64.tar.gz && \ - tar -xzf go1.13.linux-amd64.tar.gz && \ - cp -r go /usr/local && \ - echo 'export PATH=$PATH:/usr/local/go/bin' >> /root/.bashrc - -# configure GO -RUN mkdir -p /root/go/bin && \ - mkdir -p /root/go/pkg && \ - mkdir -p /root/go/src && \ - echo 'export GOPATH=/root/go' >> /root/.bashrc && \ - echo 'export PATH=$GOPATH/bin:$PATH' >> /root/.bashrc - # install AMCL RUN git clone https://github.com/apache/incubator-milagro-crypto-c.git && \ cd incubator-milagro-crypto-c && \ diff --git a/README.md b/README.md index 7653a86..85a66f1 100644 --- a/README.md +++ b/README.md @@ -27,6 +27,8 @@ [](https://travis-ci.org/apache/incubator-milagro-MPC) [](https://coveralls.io/github/apache/incubator-milagro-MPC?branch=develop) +[](https://sonarcloud.io/dashboard?id=apache_incubator-milagro-MPC) + * **category**: Library * **copyright**: 2020 The Apache Software Foundation * **license**: ASL 2.0 ([Apache License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0)) diff --git a/include/amcl/commitments.h b/include/amcl/commitments.h index 25e7c75..d0dff24 100644 --- a/include/amcl/commitments.h +++ b/include/amcl/commitments.h @@ -46,7 +46,7 @@ extern "C" * @param R Decommitment value. If RNG is null then this value is read and must be 256 bit long * @param C Commitment value */ -extern void COMMITMENTS_NM_commit(csprng *RNG, octet *X, octet *R, octet *C); +extern void COMMITMENTS_NM_commit(csprng *RNG, const octet *X, octet *R, octet *C); /*! \brief Decommit the value X * @@ -55,7 +55,7 @@ extern void COMMITMENTS_NM_commit(csprng *RNG, octet *X, octet *R, octet *C); * @param C Commitment value * @return Returns 1 for a valid decommitment, 0 otherwise */ -extern int COMMITMENTS_NM_decommit(octet* X, octet* R, octet* C); +extern int COMMITMENTS_NM_decommit(const octet* X, const octet* R, octet* C); /* Bit Commitment Setup API */ diff --git a/include/amcl/mpc.h b/include/amcl/mpc.h index 9e5045e..75e9fbc 100644 --- a/include/amcl/mpc.h +++ b/include/amcl/mpc.h @@ -56,7 +56,7 @@ extern "C" { * @param R component of the signature * @param S component of the signature */ -int MPC_ECDSA_SIGN(int sha, octet *K, octet *SK, octet *M, octet *R, octet *S); +int MPC_ECDSA_SIGN(int sha, const octet *K, const octet *SK, octet *M, octet *R, octet *S); /** \brief ECDSA Verify signature * @@ -68,7 +68,7 @@ int MPC_ECDSA_SIGN(int sha, octet *K, octet *SK, octet *M, octet *R, octet *S); * @param S S component of signature * @return Returns 0 or else error code */ -int MPC_ECDSA_VERIFY(octet *HM,octet *PK, octet *R,octet *S); +int MPC_ECDSA_VERIFY(const octet *HM,octet *PK, octet *R,octet *S); /** \brief Calculate the inverse of the sum of kgamma values * @@ -82,7 +82,7 @@ int MPC_ECDSA_VERIFY(octet *HM,octet *PK, octet *R,octet *S); * @param KGAMMA2 Actor 2 additive share * @param INVKGAMMA Inverse of the sum of the additive shares */ -void MPC_INVKGAMMA(octet *KGAMMA1, octet *KGAMMA2, octet *INVKGAMMA); +void MPC_INVKGAMMA(const octet *KGAMMA1, const octet *KGAMMA2, octet *INVKGAMMA); /** \brief R component * @@ -101,7 +101,7 @@ void MPC_INVKGAMMA(octet *KGAMMA1, octet *KGAMMA2, octet *INVKGAMMA); * @param RP ECP associated to the R component of the signature. Optional * @return Returns 0 or else error code */ -int MPC_R(octet *INVKGAMMA, octet *GAMMAPT1, octet *GAMMAPT2, octet *R, octet *RP); +int MPC_R(const octet *INVKGAMMA, octet *GAMMAPT1, octet *GAMMAPT2, octet *R, octet *RP); /** \brief Hash the message value * @@ -131,7 +131,7 @@ void MPC_HASH(int sha, octet *M, octet *HM); * @param S S component output * @return Returns 0 or else error code */ -int MPC_S(octet *HM, octet *R, octet *K, octet *SIGMA, octet *S); +int MPC_S(const octet *HM, const octet *R, const octet *K, const octet *SIGMA, octet *S); /** \brief Sum of ECDSA s components * @@ -145,7 +145,7 @@ int MPC_S(octet *HM, octet *R, octet *K, octet *SIGMA, octet *S); * @param S2 Actor 2 ECDSA s component * @param S S component sum */ -void MPC_SUM_S(octet *S1, octet *S2, octet *S); +void MPC_SUM_S(const octet *S1, const octet *S2, octet *S); /** \brief Sum of ECDSA public key shares * @@ -184,7 +184,7 @@ int MPC_SUM_PK(octet *PK1, octet *PK2, octet *PK); * @param A Second component of the player commitment. An ECP in compressed form * @return Returns MPC_OK or an error code */ -extern int MPC_PHASE5_commit(csprng *RNG, octet *R, octet *S, octet *PHI, octet *RHO, octet *V, octet *A); +extern int MPC_PHASE5_commit(csprng *RNG, octet *R, const octet *S, octet *PHI, octet *RHO, octet *V, octet *A); /** \brief Generate Proof for the MPC Phase 5 * @@ -209,7 +209,7 @@ extern int MPC_PHASE5_commit(csprng *RNG, octet *R, octet *S, octet *PHI, octet * @param T Second component of the player proof. An ECP in compressed form * @return Returns MPC_OK or an error code */ -extern int MPC_PHASE5_prove(octet *PHI, octet *RHO, octet *V[2], octet *A[2], octet *PK, octet *HM, octet *RX, octet *U, octet *T); +extern int MPC_PHASE5_prove(const octet *PHI, const octet *RHO, octet *V[2], octet *A[2], octet *PK, const octet *HM, const octet *RX, octet *U, octet *T); /** \brief Verify Proof for the MPC Phase 5 * diff --git a/include/amcl/mta.h b/include/amcl/mta.h index 824989e..5df6504 100644 --- a/include/amcl/mta.h +++ b/include/amcl/mta.h @@ -105,7 +105,7 @@ void MPC_MTA_SERVER(csprng *RNG, PAILLIER_public_key *PUB, octet *B, octet *CA, * @param BETA Additive share of A2.B1 * @param SUM The sum of all values */ -void MPC_SUM_MTA(octet *A, octet *B, octet *ALPHA, octet *BETA, octet *SUM); +void MPC_SUM_MTA(const octet *A, const octet *B, const octet *ALPHA, const octet *BETA, octet *SUM); /* MTA Zero Knowledge Proofs API*/ @@ -191,7 +191,7 @@ extern void MTA_RP_commit(csprng *RNG, PAILLIER_private_key *key, COMMITMENTS_BC * @param c Commitment of the prover * @param E Destination challenge */ -extern void MTA_RP_challenge(PAILLIER_public_key *key, COMMITMENTS_BC_pub_modulus *mod, octet *CT, MTA_RP_commitment *c, octet *E); +extern void MTA_RP_challenge(PAILLIER_public_key *key, COMMITMENTS_BC_pub_modulus *mod, const octet *CT, MTA_RP_commitment *c, octet *E); /** \brief Proof generation * @@ -353,7 +353,7 @@ extern void MTA_ZK_commit(csprng *RNG, PAILLIER_public_key *key, COMMITMENTS_BC_ * @param c Commitment of the prover * @param E Destination challenge */ -extern void MTA_ZK_challenge(PAILLIER_public_key *key, COMMITMENTS_BC_pub_modulus *mod, octet *C1, octet *C2, MTA_ZK_commitment *c, octet *E); +extern void MTA_ZK_challenge(PAILLIER_public_key *key, COMMITMENTS_BC_pub_modulus *mod, const octet *C1, const octet *C2, MTA_ZK_commitment *c, octet *E); /** \brief Proof generation for Receiver ZKP * @@ -510,7 +510,7 @@ extern void MTA_ZKWC_commit(csprng *RNG, PAILLIER_public_key *key, COMMITMENTS_B * @param c Commitment of the prover * @param E Destination challenge */ -extern void MTA_ZKWC_challenge(PAILLIER_public_key *key, COMMITMENTS_BC_pub_modulus *mod, octet *C1, octet *C2, octet *X, MTA_ZKWC_commitment *c, octet *E); +extern void MTA_ZKWC_challenge(PAILLIER_public_key *key, COMMITMENTS_BC_pub_modulus *mod, const octet *C1, const octet *C2, const octet *X, MTA_ZKWC_commitment *c, octet *E); /** \brief Proof generation for Receiver ZKP with check * diff --git a/include/amcl/schnorr.h b/include/amcl/schnorr.h index 087d6ce..da2d5d9 100644 --- a/include/amcl/schnorr.h +++ b/include/amcl/schnorr.h @@ -70,7 +70,7 @@ extern void SCHNORR_commit(csprng *RNG, octet *R, octet *C); * @param C Public commitment value. Compressed form * @param E Challenge generated */ -extern void SCHNORR_challenge(octet *V, octet *C, octet *E); +extern void SCHNORR_challenge(const octet *V, const octet *C, octet *E); /*! \brief Generate the proof for the given commitment and challenge * @@ -79,7 +79,7 @@ extern void SCHNORR_challenge(octet *V, octet *C, octet *E); * @param X Secret exponent of the DLOG. V = x.G * @param P Proof of knowldege of the DLOG */ -extern void SCHNORR_prove(octet *R, octet *E, octet *X, octet *P); +extern void SCHNORR_prove(const octet *R, const octet *E, const octet *X, octet *P); /*! \brief Verify the proof of knowledge for the DLOG * @@ -89,7 +89,7 @@ extern void SCHNORR_prove(octet *R, octet *E, octet *X, octet *P); * @param P Proof received from the prover * @return SCHNORR_OK if the prove is valid or an error code */ -extern int SCHNORR_verify(octet *V, octet *C, octet *E, octet *P); +extern int SCHNORR_verify(octet *V, octet *C, const octet *E, const octet *P); /* Double Schnorr's proofs API */ @@ -118,7 +118,7 @@ extern int SCHNORR_D_commit(csprng *RNG, octet *R, octet *A, octet *B, octet *C) * @param C Public commitment value. Compressed form * @param E Challenge generated */ -extern void SCHNORR_D_challenge(octet *R, octet *V, octet *C, octet *E); +extern void SCHNORR_D_challenge(const octet *R, const octet *V, const octet *C, octet *E); /*! \brief Generate the proof for the given commitment and challenge * @@ -130,7 +130,7 @@ extern void SCHNORR_D_challenge(octet *R, octet *V, octet *C, octet *E); * @param T First component of the proof of knowldege of the DLOG * @param U Second component of the proof of knowldege of the DLOG */ -extern void SCHNORR_D_prove(octet *A, octet *B, octet *E, octet *S, octet *L, octet *T, octet *U); +extern void SCHNORR_D_prove(const octet *A, const octet *B, const octet *E, const octet *S, const octet *L, octet *T, octet *U); /*! \brief Verify the proof of knowledge for the DLOG * @@ -142,7 +142,7 @@ extern void SCHNORR_D_prove(octet *A, octet *B, octet *E, octet *S, octet *L, oc * @param U Second component of the proof received * @return SCHNORR_OK if the prove is valid or an error code */ -extern int SCHNORR_D_verify(octet *R, octet *V, octet *C, octet *E, octet *T, octet *U); +extern int SCHNORR_D_verify(octet *R, octet *V, octet *C, const octet *E, const octet *T, const octet *U); #ifdef __cplusplus } diff --git a/python/amcl/commitments.py b/python/amcl/commitments.py index d9b4dc8..4cf82f4 100644 --- a/python/amcl/commitments.py +++ b/python/amcl/commitments.py @@ -30,8 +30,8 @@ from . import core_utils _ffi = core_utils._ffi _ffi.cdef(""" -extern void COMMITMENTS_NM_commit(csprng *RNG, octet *X, octet *R, octet *C); -extern int COMMITMENTS_NM_decommit(octet* X, octet* R, octet* C); +extern void COMMITMENTS_NM_commit(csprng *RNG, const octet *X, octet *R, octet *C); +extern int COMMITMENTS_NM_decommit(const octet* X, const octet* R, octet* C); """) if (platform.system() == 'Windows'): diff --git a/python/amcl/mpc.py b/python/amcl/mpc.py index a77f1a8..45dcee2 100644 --- a/python/amcl/mpc.py +++ b/python/amcl/mpc.py @@ -57,16 +57,16 @@ extern void PAILLIER_PK_fromOctet(PAILLIER_public_key *PUB, octet *PK); extern int ECP_SECP256K1_KEY_PAIR_GENERATE(csprng *R,octet *s,octet *W); extern int ECP_SECP256K1_PUBLIC_KEY_VALIDATE(octet *W); -extern int MPC_ECDSA_VERIFY(octet *HM,octet *PK, octet *R,octet *S); +extern int MPC_ECDSA_VERIFY(const octet *HM,octet *PK, octet *R,octet *S); extern void MPC_MTA_CLIENT1(csprng *RNG, PAILLIER_public_key* PUB, octet* A, octet* CA, octet* R); extern void MPC_MTA_CLIENT2(PAILLIER_private_key *PRIV, octet* CB, octet *ALPHA); extern void MPC_MTA_SERVER(csprng *RNG, PAILLIER_public_key *PUB, octet *B, octet *CA, octet *Z, octet *R, octet *CB, octet *BETA); extern void MPC_SUM_MTA(octet *A, octet *B, octet *ALPHA, octet *BETA, octet *SUM); -extern void MPC_INVKGAMMA(octet *KGAMMA1, octet *KGAMMA2, octet *INVKGAMMA); -extern extern int MPC_R(octet *INVKGAMMA, octet *GAMMAPT1, octet *GAMMAPT2, octet *R, octet *RP); +extern void MPC_INVKGAMMA(const octet *KGAMMA1, const octet *KGAMMA2, octet *INVKGAMMA); +extern int MPC_R(const octet *INVKGAMMA, octet *GAMMAPT1, octet *GAMMAPT2, octet *R, octet *RP); extern void MPC_HASH(int sha, octet *M, octet *HM); -extern int MPC_S(octet *HM, octet *R, octet *K, octet *SIGMA, octet *S); -extern void MPC_SUM_S(octet *S1, octet *S2, octet *S); +extern int MPC_S(const octet *HM, const octet *R, const octet *K, const octet *SIGMA, octet *S); +extern void MPC_SUM_S(const octet *S1, const octet *S2, octet *S); extern int MPC_SUM_PK(octet *PK1, octet *PK2, octet *PK); extern void MPC_DUMP_PAILLIER_SK(PAILLIER_private_key *PRIV, octet *P, octet *Q); """) diff --git a/python/amcl/schnorr.py b/python/amcl/schnorr.py index 584af95..d6c462c 100644 --- a/python/amcl/schnorr.py +++ b/python/amcl/schnorr.py @@ -30,9 +30,9 @@ _ffi = core_utils._ffi _ffi.cdef(""" extern void SCHNORR_random_challenge(csprng *RNG, octet *E); extern void SCHNORR_commit(csprng *RNG, octet *R, octet *C); -extern void SCHNORR_challenge(octet *V, octet *C, octet *E); -extern void SCHNORR_prove(octet *R, octet *E, octet *X, octet *P); -extern int SCHNORR_verify(octet *V, octet *C, octet *E, octet *P); +extern void SCHNORR_challenge(const octet *V, const octet *C, octet *E); +extern void SCHNORR_prove(const octet *R, const octet *E, const octet *X, octet *P); +extern int SCHNORR_verify(octet *V, octet *C, const octet *E, const octet *P); """) if (platform.system() == 'Windows'): diff --git a/sonar-project.properties b/sonar-project.properties new file mode 100644 index 0000000..4f67575 --- /dev/null +++ b/sonar-project.properties @@ -0,0 +1,24 @@ +sonar.projectKey=apache_incubator-milagro-MPC +sonar.projectName=apache_incubator-milagro-MPC +sonar.projectVersion=0.1.0 + +# ===================================================== +# Meta-data for the project +# ===================================================== + +sonar.links.homepage=https://github.com/apache/incubator-milagro-MPC +sonar.links.ci=https://travis-ci.com/kealan/incubator-milagro-MPC +sonar.links.scm=https://github.com/apache/incubator-milagro-MPC +sonar.links.issue=https://github.com/apache/incubator-milagro-MPC/issues + + +# ===================================================== +# Properties that will be shared amongst all modules +# ===================================================== + +# SQ standard properties +sonar.sources=. + +# Properties specific to the C/C++ analyzer: +sonar.cfamily.build-wrapper-output=bw-output +sonar.cfamily.gcov.reportsPath=. diff --git a/src/commitments.c b/src/commitments.c index f9ba973..b191c98 100644 --- a/src/commitments.c +++ b/src/commitments.c @@ -22,7 +22,7 @@ under the License. /* NM Commitments Definitions */ // Compute the hash of X || R -void hash(octet *X, octet *R, octet *C) +static void hash(const octet *X, const octet *R, octet *C) { int i; hash256 sha256; @@ -47,7 +47,7 @@ void hash(octet *X, octet *R, octet *C) } // Compute a commitment for the value X -void COMMITMENTS_NM_commit(csprng *RNG, octet *X, octet *R, octet *C) +void COMMITMENTS_NM_commit(csprng *RNG, const octet *X, octet *R, octet *C) { if (RNG != NULL) { @@ -58,7 +58,7 @@ void COMMITMENTS_NM_commit(csprng *RNG, octet *X, octet *R, octet *C) } // Verify the commitment for the value X -int COMMITMENTS_NM_decommit(octet *X, octet *R, octet *C) +int COMMITMENTS_NM_decommit(const octet *X, const octet *R, octet *C) { char d[SHA256]; octet D = {0, sizeof(d), d}; @@ -86,12 +86,14 @@ int COMMITMENTS_NM_decommit(octet *X, octet *R, octet *C) /* * Check if a number is a safe prime */ -int is_safe_prime(BIG_1024_58 *p, BIG_1024_58 *P, csprng *RNG, int n) +static int is_safe_prime(BIG_1024_58 *p, BIG_1024_58 *P, csprng *RNG, int n) { #ifndef C99 - BIG_1024_58 Pm1[FFLEN_2048], f[FFLEN_2048]; + BIG_1024_58 Pm1[FFLEN_2048]; + BIG_1024_58 f[FFLEN_2048]; #else - BIG_1024_58 Pm1[n], f[n]; + BIG_1024_58 Pm1[n]; + BIG_1024_58 f[n]; #endif // Sieve small primes from P, p is already checked in Miller-Rabin diff --git a/src/factoring_zk.c b/src/factoring_zk.c index 339d349..07dd2e8 100644 --- a/src/factoring_zk.c +++ b/src/factoring_zk.c @@ -25,7 +25,7 @@ under the License. #define FACTORING_ZK_K 2 // Copy the internal state of an hash function -void hash_copy(hash256 *dst, hash256 *src) +static void hash_copy(hash256 *dst, const hash256 *src) { memcpy(dst->length, src->length, sizeof(dst->length)); memcpy(dst->h, src->h, sizeof(dst->h)); @@ -34,7 +34,7 @@ void hash_copy(hash256 *dst, hash256 *src) } // utility function to has an octet -void hash_oct(hash256 *sha, octet *O) +static void hash_oct(hash256 *sha, const octet *O) { int i; diff --git a/src/mpc.c b/src/mpc.c index 80babcc..42b26d2 100644 --- a/src/mpc.c +++ b/src/mpc.c @@ -24,7 +24,7 @@ under the License. #include <amcl/mpc.h> /* ECDSA Signature, R and S are the signature on M using private key SK */ -int MPC_ECDSA_SIGN(int sha, octet *K, octet *SK, octet *M, octet *R, octet *S) +int MPC_ECDSA_SIGN(int sha, const octet *K, const octet *SK, octet *M, octet *R, octet *S) { char h[128]; octet H = {0,sizeof(h),h}; @@ -81,7 +81,6 @@ int MPC_ECDSA_SIGN(int sha, octet *K, octet *SK, octet *M, octet *R, octet *S) // s = z + r.sk mod q BIG_256_56_add(s,z,s); - //BIG_256_56_mod(s,q); // s = k(z + r.sk) mod q BIG_256_56_modmul(s,k,s,q); @@ -101,9 +100,8 @@ int MPC_ECDSA_SIGN(int sha, octet *K, octet *SK, octet *M, octet *R, octet *S) /* IEEE1363 ECDSA Signature Verification. Signature R and S on M is verified using public key, PK */ -int MPC_ECDSA_VERIFY(octet *HM, octet *PK, octet *R,octet *S) +int MPC_ECDSA_VERIFY(const octet *HM, octet *PK, octet *R,octet *S) { - int res=0; BIG_256_56 q; BIG_256_56 z; BIG_256_56 c; @@ -128,37 +126,38 @@ int MPC_ECDSA_VERIFY(octet *HM, octet *PK, octet *R,octet *S) if (BIG_256_56_iszilch(c) || BIG_256_56_comp(c,q)>=0 || BIG_256_56_iszilch(d) || BIG_256_56_comp(d,q)>=0) { - res=ECDH_INVALID; + return ECDH_INVALID; } - if (res==0) + BIG_256_56_invmodp(d,d,q); + BIG_256_56_modmul(z,z,d,q); + BIG_256_56_modmul(h2,c,d,q); + + valid=ECP_SECP256K1_fromOctet(&WP,PK); + if (!valid) + { + return ECDH_ERROR; + } + + ECP_SECP256K1_mul2(&WP,&G,h2,z); + + if (ECP_SECP256K1_isinf(&WP)) { - BIG_256_56_invmodp(d,d,q); - BIG_256_56_modmul(z,z,d,q); - BIG_256_56_modmul(h2,c,d,q); - - valid=ECP_SECP256K1_fromOctet(&WP,PK); - - if (!valid) res=ECDH_ERROR; - else - { - ECP_SECP256K1_mul2(&WP,&G,h2,z); - - if (ECP_SECP256K1_isinf(&WP)) res=ECDH_INVALID; - else - { - ECP_SECP256K1_get(d,d,&WP); - BIG_256_56_mod(d,q); - if (BIG_256_56_comp(d,c)!=0) res=ECDH_INVALID; - } - } + return ECDH_INVALID; } - return res; + ECP_SECP256K1_get(d,d,&WP); + BIG_256_56_mod(d,q); + if (BIG_256_56_comp(d,c)!=0) + { + return ECDH_INVALID; + } + + return 0; } /* Calculate the inverse of kgamma */ -void MPC_INVKGAMMA(octet *KGAMMA1, octet *KGAMMA2, octet *INVKGAMMA) +void MPC_INVKGAMMA(const octet *KGAMMA1, const octet *KGAMMA2, octet *INVKGAMMA) { BIG_256_56 kgamma1; BIG_256_56 kgamma2; @@ -185,7 +184,7 @@ void MPC_INVKGAMMA(octet *KGAMMA1, octet *KGAMMA2, octet *INVKGAMMA) /* Calculate the r component of the signature */ -int MPC_R(octet *INVKGAMMA, octet *GAMMAPT1, octet *GAMMAPT2, octet *R, octet *RP) +int MPC_R(const octet *INVKGAMMA, octet *GAMMAPT1, octet *GAMMAPT2, octet *R, octet *RP) { BIG_256_56 invkgamma; BIG_256_56 q; @@ -243,7 +242,7 @@ void MPC_HASH(int sha, octet *M, octet *HM) } // Calculate the s component of the signature -int MPC_S(octet *HM, octet *R, octet *K, octet *SIGMA, octet *S) +int MPC_S(const octet *HM, const octet *R, const octet *K, const octet *SIGMA, octet *S) { BIG_256_56 q; BIG_256_56 k; @@ -285,7 +284,7 @@ int MPC_S(octet *HM, octet *R, octet *K, octet *SIGMA, octet *S) } /* Calculate sum of s components of signature */ -void MPC_SUM_S(octet *S1, octet *S2, octet *S) +void MPC_SUM_S(const octet *S1, const octet *S2, octet *S) { BIG_256_56 s1; BIG_256_56 s2; @@ -334,7 +333,7 @@ int MPC_SUM_PK(octet *PK1, octet *PK2, octet *PK) return MPC_OK; } -int MPC_PHASE5_commit(csprng *RNG, octet *R, octet *S, octet *PHI, octet *RHO, octet *V, octet *A) +int MPC_PHASE5_commit(csprng *RNG, octet *R, const octet *S, octet *PHI, octet *RHO, octet *V, octet *A) { BIG_256_56 ws; BIG_256_56 phi; @@ -386,7 +385,7 @@ int MPC_PHASE5_commit(csprng *RNG, octet *R, octet *S, octet *PHI, octet *RHO, o return MPC_OK; } -int MPC_PHASE5_prove(octet *PHI, octet *RHO, octet *V[2], octet *A[2], octet *PK, octet *HM, octet *RX, octet *U, octet *T) +int MPC_PHASE5_prove(const octet *PHI, const octet *RHO, octet *V[2], octet *A[2], octet *PK, const octet *HM, const octet *RX, octet *U, octet *T) { BIG_256_56 m; BIG_256_56 r; diff --git a/src/mta.c b/src/mta.c index 86f07fa..6e72303 100644 --- a/src/mta.c +++ b/src/mta.c @@ -28,7 +28,7 @@ static char* curve_order_hex = "fffffffffffffffffffffffffffffffebaaedce6af48a03b /* Octet manipulation utilities */ -void OCT_hash(hash256 *sha, octet *O) +static void OCT_hash(hash256 *sha, const octet *O) { int i; @@ -264,7 +264,7 @@ void MPC_MTA_SERVER(csprng *RNG, PAILLIER_public_key *PUB, octet *B, octet *CA, } /* sum = a1.b1 + alpha + beta */ -void MPC_SUM_MTA(octet *A, octet *B, octet *ALPHA, octet *BETA, octet *SUM) +void MPC_SUM_MTA(const octet *A, const octet *B, const octet *ALPHA, const octet *BETA, octet *SUM) { BIG_256_56 a; BIG_256_56 b; @@ -387,7 +387,7 @@ void MTA_RP_commit(csprng *RNG, PAILLIER_private_key *key, COMMITMENTS_BC_pub_mo FF_2048_zero(dws, HFLEN_2048); } -void MTA_RP_challenge(PAILLIER_public_key *key, COMMITMENTS_BC_pub_modulus *mod, octet *CT, MTA_RP_commitment *c, octet *E) +void MTA_RP_challenge(PAILLIER_public_key *key, COMMITMENTS_BC_pub_modulus *mod, const octet *CT, MTA_RP_commitment *c, octet *E) { hash256 sha; @@ -770,7 +770,7 @@ void MTA_ZK_commit(csprng *RNG, PAILLIER_public_key *key, COMMITMENTS_BC_pub_mod FF_4096_zero(gamma, HFLEN_4096); } -void MTA_ZK_challenge(PAILLIER_public_key *key, COMMITMENTS_BC_pub_modulus *mod, octet *C1, octet *C2, MTA_ZK_commitment *c, octet *E) +void MTA_ZK_challenge(PAILLIER_public_key *key, COMMITMENTS_BC_pub_modulus *mod, const octet *C1, const octet *C2, MTA_ZK_commitment *c, octet *E) { hash256 sha; char digest[SHA256]; @@ -1070,7 +1070,7 @@ void MTA_ZKWC_commit(csprng *RNG, PAILLIER_public_key *key, COMMITMENTS_BC_pub_m ECP_SECP256K1_mul(&(c->U), alpha); } -void MTA_ZKWC_challenge(PAILLIER_public_key *key, COMMITMENTS_BC_pub_modulus *mod, octet *C1, octet *C2, octet *X, MTA_ZKWC_commitment *c, octet *E) +void MTA_ZKWC_challenge(PAILLIER_public_key *key, COMMITMENTS_BC_pub_modulus *mod, const octet *C1, const octet *C2, const octet *X, MTA_ZKWC_commitment *c, octet *E) { hash256 sha; char digest[SHA256]; @@ -1208,4 +1208,4 @@ void MTA_ZKWC_proof_fromOctets(MTA_ZKWC_proof *p, octet *S, octet *S1, octet *S2 void MTA_ZKWC_commitment_rv_kill(MTA_ZKWC_commitment_rv *rv) { MTA_ZK_commitment_rv_kill(rv); -} \ No newline at end of file +} diff --git a/src/schnorr.c b/src/schnorr.c index 7c898d9..7d20095 100644 --- a/src/schnorr.c +++ b/src/schnorr.c @@ -19,7 +19,7 @@ under the License. #include "amcl/schnorr.h" -void hash_octet(hash256 *sha, octet *O) +static void hash_octet(hash256 *sha, const octet *O) { int i; @@ -75,7 +75,7 @@ void SCHNORR_commit(csprng *RNG, octet *R, octet *C) BIG_256_56_zero(r); } -void SCHNORR_challenge(octet *V, octet *C, octet *E) +void SCHNORR_challenge(const octet *V, const octet *C, octet *E) { hash256 sha; @@ -105,7 +105,7 @@ void SCHNORR_challenge(octet *V, octet *C, octet *E) E->len = SGS_SECP256K1; } -void SCHNORR_prove(octet *R, octet *E, octet *X, octet *P) +void SCHNORR_prove(const octet *R, const octet *E, const octet *X, octet *P) { BIG_256_56 r; BIG_256_56 e; @@ -135,7 +135,7 @@ void SCHNORR_prove(octet *R, octet *E, octet *X, octet *P) BIG_256_56_dzero(d); } -int SCHNORR_verify(octet *V, octet*C, octet *E, octet *P) +int SCHNORR_verify(octet *V, octet*C, const octet *E, const octet *P) { int rc; @@ -219,7 +219,7 @@ int SCHNORR_D_commit(csprng *RNG, octet *R, octet *A, octet *B, octet *C) return SCHNORR_OK; } -void SCHNORR_D_challenge(octet *R, octet *V, octet *C, octet *E) +void SCHNORR_D_challenge(const octet *R, const octet *V, const octet *C, octet *E) { hash256 sha; @@ -250,7 +250,7 @@ void SCHNORR_D_challenge(octet *R, octet *V, octet *C, octet *E) E->len = MODBYTES_256_56; } -void SCHNORR_D_prove(octet *A, octet *B, octet *E, octet *S, octet *L, octet *T, octet *U) +void SCHNORR_D_prove(const octet *A, const octet *B, const octet *E, const octet *S, const octet *L, octet *T, octet *U) { BIG_256_56 r; BIG_256_56 e; @@ -290,7 +290,7 @@ void SCHNORR_D_prove(octet *A, octet *B, octet *E, octet *S, octet *L, octet *T, BIG_256_56_dzero(d); } -int SCHNORR_D_verify(octet *R, octet *V, octet *C, octet *E, octet *T, octet *U) +int SCHNORR_D_verify(octet *R, octet *V, octet *C, const octet *E, const octet *T, const octet *U) { ECP_SECP256K1 G; ECP_SECP256K1 ECPR;
