Skip to content

Commit

Permalink
Merge e248f89 into 49fc810
Browse files Browse the repository at this point in the history
  • Loading branch information
@rbost
rbost committed Dec 25, 2018
2 parents 49fc810 + e248f89 commit 03a2a3f
Show file tree
Hide file tree
Showing 10 changed files with 1,223 additions and 143 deletions.
3 changes: 2 additions & 1 deletion .travis.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,7 @@ matrix:
packages:
- *basic_deps
after_success:
- cd $TRAVIS_BUILD_DIR
- ./coverage/gen_coverage.sh # get the code coverage
- ./coverage/upload_report.sh # upload the report to coveralls

Expand Down Expand Up @@ -124,5 +125,5 @@ matrix:
branch_pattern: coverity_scan

script:
- if [ "${COVERITY_SCAN_BRANCH}" != 1 ]; then VERBOSE=1 cmake --build .; fi
- if [ "${COVERITY_SCAN_BRANCH}" != 1 ] && [ "${TRAVIS_BRANCH}" != "coverity_scan" ]; then VERBOSE=1 cmake --build .; fi
- if [ "${RUN_CHECKS}" == "true" ]; then ./tests/check; fi
12 changes: 6 additions & 6 deletions src/CMakeLists.txt
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
cmake_minimum_required (VERSION 3.1)

project (libsse_crypto VERSION 0.2
project (libsse_crypto VERSION 0.2
DESCRIPTION "OpenSSE's cryptographic library")

option(RSA_IMPL_OPENSSL "Use OpenSSL's implementation of RSA" OFF)
Expand All @@ -27,17 +27,17 @@ endif()
option(ENABLE_MEMORY_LOCK "Enable the memory locking mechanisms." ON)


add_library(sse_crypto SHARED
add_library(sse_crypto SHARED
cipher.cpp key.cpp prg.cpp tdp.cpp prp.cpp hmac.cpp prf.cpp
puncturable_enc.cpp random.cpp utils.cpp set_hash.cpp
puncturable_enc.cpp random.cpp utils.cpp set_hash.cpp rcprf.cpp
hash.cpp hash/blake2b.cpp hash/sha512.cpp
ppke/GMPpke.cpp ppke/util.cpp ppke/relic_wrapper/relic_api.cpp
tdp_impl/tdp_impl_mbedtls.cpp tdp_impl/tdp_impl_openssl.cpp
aez/aez.c
mbedtls/asn1write.c mbedtls/bignum.c
mbedtls/asn1write.c mbedtls/bignum.c
mbedtls/pk.c mbedtls/pkparse.c mbedtls/rsa_io.c
mbedtls/asn1parse.c mbedtls/base64.c mbedtls/pem.c
mbedtls/pk_wrap.c mbedtls/rsa.c
mbedtls/asn1parse.c mbedtls/base64.c mbedtls/pem.c
mbedtls/pk_wrap.c mbedtls/rsa.c
)

# Generate PIC for the library
Expand Down
12 changes: 6 additions & 6 deletions src/doc/Doxyfile.in
View file
Original file line number Diff line number Diff line change
Expand Up @@ -790,7 +790,7 @@ WARN_LOGFILE =
# spaces. See also FILE_PATTERNS and EXTENSION_MAPPING
# Note: If this tag is empty the current directory is searched.

INPUT = @CMAKE_CURRENT_SOURCE_DIR@/../src @CMAKE_CURRENT_SOURCE_DIR@/../README.md
INPUT = @CMAKE_CURRENT_SOURCE_DIR@/../src/include/sse/crypto @CMAKE_CURRENT_SOURCE_DIR@/../README.md

# This tag can be used to specify the character encoding of the source files
# that doxygen parses. Internally doxygen uses the UTF-8 encoding. Doxygen uses
Expand Down Expand Up @@ -1273,21 +1273,21 @@ DOCSET_FEEDNAME = "Doxygen generated docs"
# The default value is: org.doxygen.Project.
# This tag requires that the tag GENERATE_DOCSET is set to YES.

DOCSET_BUNDLE_ID = org.doxygen.Project
DOCSET_BUNDLE_ID = org.opensse.crypto-tk

# The DOCSET_PUBLISHER_ID tag specifies a string that should uniquely identify
# the documentation publisher. This should be a reverse domain-name style
# string, e.g. com.mycompany.MyDocSet.documentation.
# The default value is: org.doxygen.Publisher.
# This tag requires that the tag GENERATE_DOCSET is set to YES.

DOCSET_PUBLISHER_ID = org.doxygen.Publisher
DOCSET_PUBLISHER_ID = org.openSSE

# The DOCSET_PUBLISHER_NAME tag identifies the documentation publisher.
# The default value is: Publisher.
# This tag requires that the tag GENERATE_DOCSET is set to YES.

DOCSET_PUBLISHER_NAME = Publisher
DOCSET_PUBLISHER_NAME = OpenSSE

# If the GENERATE_HTMLHELP tag is set to YES then doxygen generates three
# additional HTML index files: index.hhp, index.hhc, and index.hhk. The
Expand Down Expand Up @@ -2355,7 +2355,7 @@ DIRECTORY_GRAPH = YES
# The default value is: png.
# This tag requires that the tag HAVE_DOT is set to YES.

DOT_IMAGE_FORMAT = png
DOT_IMAGE_FORMAT = svg

# If DOT_IMAGE_FORMAT is set to svg, then this option can be set to YES to
# enable generation of interactive SVG images that allow zooming and panning.
Expand All @@ -2367,7 +2367,7 @@ DOT_IMAGE_FORMAT = png
# The default value is: NO.
# This tag requires that the tag HAVE_DOT is set to YES.

INTERACTIVE_SVG = NO
INTERACTIVE_SVG = YES

# The DOT_PATH tag can be used to specify the path where the dot tool can be
# found. If left blank, it is assumed the dot tool can be found in the path.
Expand Down
25 changes: 15 additions & 10 deletions src/include/sse/crypto/key.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,9 +115,10 @@ class Key
random_bytes(N, content_);
int err = sodium_mprotect_noaccess(content_);
if (err == -1 && errno != ENOSYS) {
throw std::runtime_error(/* LCOV_EXCL_LINE */
"Error when locking memory: "
/* LCOV_EXCL_START */
throw std::runtime_error("Error when locking memory: "
+ std::string(strerror(errno)));
/* LCOV_EXCL_STOP */
}
is_locked_ = true;
#endif
Expand Down Expand Up @@ -153,9 +154,10 @@ class Key
#ifdef ENABLE_MEMORY_LOCK
int err = sodium_mprotect_noaccess(content_);
if (err == -1 && errno != ENOSYS) {
throw std::runtime_error(/* LCOV_EXCL_LINE */
"Error when locking memory: "
/* LCOV_EXCL_START */
throw std::runtime_error("Error when locking memory: "
+ std::string(strerror(errno)));
/* LCOV_EXCL_STOP */
}
is_locked_ = true;
#endif
Expand Down Expand Up @@ -260,9 +262,10 @@ class Key
#ifdef ENABLE_MEMORY_LOCK
int err = sodium_mprotect_noaccess(content_);
if (err == -1 && errno != ENOSYS) {
throw std::runtime_error(/* LCOV_EXCL_LINE */
"Error when locking memory: "
/* LCOV_EXCL_START */
throw std::runtime_error("Error when locking memory: "
+ std::string(strerror(errno)));
/* LCOV_EXCL_STOP */
}
is_locked_ = true;
#endif
Expand All @@ -281,9 +284,10 @@ class Key
if (content_ != nullptr && !is_locked_) {
int err = sodium_mprotect_noaccess(content_);
if (err == -1 && errno != ENOSYS) {
throw std::runtime_error(/* LCOV_EXCL_LINE */
"Error when locking memory: "
/* LCOV_EXCL_START */
throw std::runtime_error("Error when locking memory: "
+ std::string(strerror(errno)));
/* LCOV_EXCL_STOP */
}
is_locked_ = true;
}
Expand All @@ -303,9 +307,10 @@ class Key
if (content_ != nullptr && is_locked_) {
int err = sodium_mprotect_readonly(content_);
if (err == -1 && errno != ENOSYS) {
throw std::runtime_error(/* LCOV_EXCL_LINE */
"Error when locking memory: "
/* LCOV_EXCL_START */
throw std::runtime_error("Error when locking memory: "
+ std::string(strerror(errno)));
/* LCOV_EXCL_STOP */
}
is_locked_ = false;
}
Expand Down
62 changes: 37 additions & 25 deletions src/include/sse/crypto/prg.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@
#include <cstdint>

#include <array>
#include <memory>
#include <string>
#include <vector>

Expand Down Expand Up @@ -57,17 +58,17 @@ class Prg
/// @param k The key used to initialize the PRG.
/// Upon return, k is empty
///
explicit Prg(Key<kKeySize>&& k);

// we should not be able to duplicate Prg objects
Prg(const Prg& c) = delete;
Prg(Prg& c) = delete;
Prg(const Prg&& c) = delete;
Prg(Prg&& c) = delete;
explicit Prg(Key<kKeySize>&& k) : key_(std::move(k)){};

///
/// @brief Move constructor
///
/// @param c The moved PRG
///
Prg(Prg&& c) noexcept = default;

/// @ brief Destructor.
~Prg();
// we should not be able to duplicate Prg objects
Prg(const Prg& c) = delete;

// Avoid any assignement of Prg objects
Prg& operator=(const Prg& h) = delete;
Expand Down Expand Up @@ -249,7 +250,7 @@ class Prg
/// @return A new pseudo-randomly generated key.
///
template<size_t K>
Key<K> derive_key(const uint16_t key_offset);
Key<K> derive_key(const uint16_t key_offset) const;

///
/// @brief Derive multiple keys
Expand Down Expand Up @@ -334,19 +335,22 @@ class Prg


private:
class PrgImpl; // not defined in the header
PrgImpl* prg_imp_; // opaque pointer
class PrgImpl; // not defined in the header
// std::unique_ptr<PrgImpl> prg_imp_; // opaque pointer
Key<kKeySize> key_;
};

template<size_t K>
Key<K> Prg::derive_key(const uint16_t key_offset)
Key<K> Prg::derive_key(const uint16_t key_offset) const
{
static_assert(K < SIZE_MAX, "K is too large: K < SIZE_MAX");

if (key_offset > static_cast<size_t>(0U)
&& K >= static_cast<size_t>(SIZE_MAX) / key_offset) {
throw std::invalid_argument("Key offset too large." /* LCOV_EXCL_LINE */
/* LCOV_EXCL_START */
throw std::invalid_argument("Key offset too large."
" key_offset*K >= SIZE_MAX.");
/* LCOV_EXCL_STOP */
}

auto fill_callback = [this, key_offset](uint8_t* key_content) {
Expand All @@ -363,8 +367,10 @@ Key<K> Prg::derive_key(Key<kKeySize>&& k, const uint16_t key_offset)

if (key_offset > static_cast<size_t>(0U)
&& K >= static_cast<size_t>(SIZE_MAX) / key_offset) {
throw std::invalid_argument("Key offset too large." /* LCOV_EXCL_LINE */
/* LCOV_EXCL_START */
throw std::invalid_argument("Key offset too large."
" key_offset*K >= SIZE_MAX.");
/* LCOV_EXCL_STOP */
}

auto fill_callback = [&k, key_offset](uint8_t* key_content) {
Expand All @@ -380,14 +386,17 @@ std::vector<Key<K>> Prg::derive_keys(const uint16_t n_keys,
{
if (n_keys > static_cast<size_t>(0U)
&& K >= static_cast<size_t>(SIZE_MAX) / n_keys) {
throw std::invalid_argument(/* LCOV_EXCL_LINE */
"Too many keys to derive. "
/* LCOV_EXCL_START */
throw std::invalid_argument("Too many keys to derive. "
"n_keys*K >= SIZE_MAX.");
/* LCOV_EXCL_STOP */
}
if (key_offset > static_cast<size_t>(0U)
&& K >= static_cast<size_t>(SIZE_MAX) / key_offset) {
throw std::invalid_argument("Key offset too large." /* LCOV_EXCL_LINE */
/* LCOV_EXCL_START */
throw std::invalid_argument("Key offset too large."
" key_offset*K >= SIZE_MAX.");
/* LCOV_EXCL_STOP */
}

if (n_keys == 0) {
Expand Down Expand Up @@ -424,14 +433,17 @@ std::vector<Key<K>> Prg::derive_keys(Key<kKeySize>&& k,
}
if (n_keys > static_cast<size_t>(0U)
&& K >= static_cast<size_t>(SIZE_MAX) / n_keys) {
throw std::invalid_argument(/* LCOV_EXCL_LINE */
"Too many keys to derive. "
/* LCOV_EXCL_START */
throw std::invalid_argument("Too many keys to derive. "
"n_keys*K >= SIZE_MAX.");
/* LCOV_EXCL_STOP */
}
if (key_offset > static_cast<size_t>(0U)
&& K >= static_cast<size_t>(SIZE_MAX) / key_offset) {
throw std::invalid_argument("Key offset too large." /* LCOV_EXCL_LINE */
/* LCOV_EXCL_START */
throw std::invalid_argument("Key offset too large."
" key_offset*K >= SIZE_MAX.");
/* LCOV_EXCL_STOP */
}


Expand Down Expand Up @@ -462,7 +474,7 @@ std::vector<Key<K>> Prg::derive_keys(Key<kKeySize>&& k,
extern template std::vector<Key<(N)>> Prg::derive_keys( \
const uint16_t n_keys, \
const uint16_t key_offset); \
extern template Key<N> Prg::derive_key(const uint16_t key_offset); \
extern template Key<N> Prg::derive_key(const uint16_t key_offset) const; \
extern template Key<N> Prg::derive_key(Key<kKeySize>&& k, \
const uint16_t key_offset); \
extern template std::vector<Key<(N)>> Prg::derive_keys( \
Expand All @@ -478,9 +490,9 @@ std::vector<Key<K>> Prg::derive_keys(Key<kKeySize>&& k,
template std::vector<Key<(N)>> Prg::derive_keys( \
const uint16_t n_keys, \
const uint16_t key_offset); \
template Key<N> Prg::derive_key(const uint16_t key_offset); \
template Key<N> Prg::derive_key(Key<kKeySize>&& k, \
const uint16_t key_offset); \
template Key<N> Prg::derive_key(const uint16_t key_offset) const; \
template Key<N> Prg::derive_key(Key<kKeySize>&& k, \
const uint16_t key_offset); \
template std::vector<Key<(N)>> Prg::derive_keys(Key<kKeySize>&& k, \
const uint16_t n_keys, \
const uint16_t key_offset \
Expand Down

0 comments on commit 03a2a3f

Please sign in to comment.