Merge 5b2246d into 03050bc

marcoonroad · Sep 15, 2019 · dfa5833 · dfa5833
2 parents 03050bc + 5b2246d
commit dfa5833
Show file tree

Hide file tree

Showing 79 changed files with 1,247 additions and 663 deletions.
diff --git a/LICENSE b/LICENSE
@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2018 Marco Aurélio da Silva
+Copyright (c) 2019 Marco Aurélio da Silva
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

diff --git a/Makefile b/Makefile
@@ -1,7 +1,12 @@
 # Frontend to dune.
 
+OCAML_VERSION := $(shell opam var switch)
+
 .PHONY: default vendor build doc install uninstall test coverage report clean
 
+addon:
+	opam install merlin ocp-indent ocamlformat utop --yes
+
 vendor:
 	opam install . --deps-only --yes
 
@@ -23,20 +28,24 @@ doc: build
 	mkdir -p docs/apiref
 	dune build @doc
 	make doc-index
-	mv _build/default/_doc/_html/* docs/apiref/
+	mv _build/$(OCAML_VERSION)/_doc/_html/* docs/apiref/ || \
+		mv _build/default/_doc/_html/* docs/apiref/
 
 ### Alcotest environment variables:
 #
 #  -  ALCOTEST_VERBOSE=1
 #  -  ALCOTEST_QUICK_TESTS=1
 #  -  ALCOTEST_SHOW_ERRORS=1
 #
-test: build
+spec-test: build
 	dune build @test/spec/runtest -f --no-buffer -j 1
 
+test:
+	HIEROGLYPHS_KEY_DIFFICULTY=3 make spec-test
+
 bench: clean build
 	opam install core_bench --yes
-	opam depext conf-secp256k1 secp256k1 --install
+	opam depext conf-secp256k1 secp256k1 --install --yes
 	dune build @test/bench/runtest -f --no-buffer -j 1 --auto-promote \
 		--diff-command="git diff --unified=10 --break-rewrites --no-index --exit-code --histogram --word-diff=none --color --no-prefix" || echo \
 		"\n\n=== Differences detected! ===\n\n"
@@ -51,7 +60,9 @@ coverage: clean
 	rm -rf docs/coverage
 	rm -vf `find . -name 'bisect*.out'`
 	mkdir -p docs/coverage
-	BISECT_ENABLE=YES make test
+	BISECT_ENABLE=YES \
+	HIEROGLYPHS_KEY_DIFFICULTY=3 \
+	make spec-test
 	bisect-ppx-report -html coverage/ -I _build/default `find . -name 'bisect*.out'`
 	make doc-index
 	mv coverage/* docs/coverage/

diff --git a/README.md b/README.md
@@ -25,7 +25,7 @@ For further information, see:
 This library uses the Blake2B hash algorithm, but further / additional hashes are
 planned as well. Currently, the following things are implemented now:
 
-- [x] Importing/exporting encrypted private key (by now using AES ECB).
+- [x] Importing/exporting encrypted private key (by now using AES CBC).
 - [x] Public Key serialization+validation (to share and receive such key for verification).
 - [x] Built-in one-time invariant protected by a blacklist of used private keys.
 - [x] Tests covering the things here and there.

diff --git a/docs/apiref/hieroglyphs/Hieroglyphs/index.html b/docs/apiref/hieroglyphs/Hieroglyphs/index.html
@@ -1,2 +1,2 @@
 <!DOCTYPE html>
-<html xmlns="http://www.w3.org/1999/xhtml"><head><title>Hieroglyphs (hieroglyphs.Hieroglyphs)</title><link rel="stylesheet" href="../../odoc.css"/><meta charset="utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1.0"/><script src="../../highlight.pack.js"></script><script>hljs.initHighlightingOnLoad();</script></head><body><div class="content"><header><nav><a href="../index.html">Up</a> – <a href="../index.html">hieroglyphs</a> &#x00BB; Hieroglyphs</nav><h1>Module <code>Hieroglyphs</code></h1><p>Quantum-resistant, purely Hash-based, Stateful, One-Time Digital Signatures for OCaml.</p><dl><dt>author</dt><dd>Marco Aurélio da Silva</dd></dl><dl><dt>version</dt><dd>0.0.1</dd></dl></header><aside><p>Hieroglyphs is a hash-based signature scheme, which, in so far, is resistant to Quantum machine attacks (unlike RSA and Elliptic Curves, which can be broken). This &quot;Quantum attack&quot; is a mean to obtain the private key given the public key, that is, this break the said hard/infeasible public key inversion theorem, as proved on classical machines.</p><p>Alongside with the Hash-based Signatures, there are as well other proposed Digital Signature schemes which are resistant to Quantum attacks. Such cryptography is often known as <i>Post-quantum Cryptography</i>. One of the most famous candidates for the &quot;Quantum Apocalypse&quot; is the Ring Learning With Errors Signature, an instance of the Lattice-based Cryptography (said to be resistant to Quantum key inversion attacks).</p></aside><dl><dt class="spec type" id="type-priv"><a href="#type-priv" class="anchor"></a><code><span class="keyword">type </span>priv</code></dt><dd><p>The opaque/abstract type for our private keys.</p></dd></dl><dl><dt class="spec type" id="type-pub"><a href="#type-pub" class="anchor"></a><code><span class="keyword">type </span>pub</code></dt><dd><p>The opaque/abstract type for our public keys.</p></dd></dl><dl><dt class="spec value" id="val-generate"><a href="#val-generate" class="anchor"></a><code><span class="keyword">val </span>generate : unit <span>&#45;&gt;</span> <a href="index.html#type-priv">priv</a></code></dt><dd><p>Generates an unique private key.</p></dd></dl><dl><dt class="spec value" id="val-derive"><a href="#val-derive" class="anchor"></a><code><span class="keyword">val </span>derive : <a href="index.html#type-priv">priv</a> <span>&#45;&gt;</span> <a href="index.html#type-pub">pub</a></code></dt><dd><p>Derives an unique public key from private key.</p></dd></dl><dl><dt class="spec value" id="val-pair"><a href="#val-pair" class="anchor"></a><code><span class="keyword">val </span>pair : unit <span>&#45;&gt;</span> <a href="index.html#type-priv">priv</a><span class="keyword"> * </span><a href="index.html#type-pub">pub</a></code></dt><dd><p>Helper function which generates a signature key pair.</p></dd></dl><dl><dt class="spec value" id="val-export"><a href="#val-export" class="anchor"></a><code><span class="keyword">val </span>export : priv:<a href="index.html#type-priv">priv</a> <span>&#45;&gt;</span> pass:string <span>&#45;&gt;</span> string</code></dt><dd><p><code>export ~priv ~pass</code> dumps an encrypted version of the private key.</p></dd></dl><dl><dt class="spec value" id="val-import"><a href="#val-import" class="anchor"></a><code><span class="keyword">val </span>import : cipher:string <span>&#45;&gt;</span> pass:string <span>&#45;&gt;</span> <a href="index.html#type-priv">priv</a> option</code></dt><dd><p><code>import ~cipher ~pass</code> tries to load a previously exported private key, only if the cipher text and the password yield a valid, internally parseable private key.</p></dd></dl><dl><dt class="spec value" id="val-load"><a href="#val-load" class="anchor"></a><code><span class="keyword">val </span>load : string <span>&#45;&gt;</span> <a href="index.html#type-pub">pub</a> option</code></dt><dd><p><code>load text</code> parses a valid public key, otherwise, returns None.</p></dd></dl><dl><dt class="spec value" id="val-show"><a href="#val-show" class="anchor"></a><code><span class="keyword">val </span>show : <a href="index.html#type-pub">pub</a> <span>&#45;&gt;</span> string</code></dt><dd><p><code>show pubkey</code> dumps/serialize a public key under string format.</p></dd></dl><dl><dt class="spec value" id="val-address"><a href="#val-address" class="anchor"></a><code><span class="keyword">val </span>address : <a href="index.html#type-pub">pub</a> <span>&#45;&gt;</span> string</code></dt><dd><p><code>address pubkey</code> generates an unique, deterministic ID for given public key. It's useful, for instance, to externally track the used/consumed private keys with a maintained state under a blacklist, cause there's an unique mapping from <i>priv</i> to <i>pub</i>, and therefore, from <i>priv</i> to <i>id : string</i> (the composition of <code>derive</code> with <code>address</code>.</p></dd></dl><dl><dt class="spec value" id="val-sign"><a href="#val-sign" class="anchor"></a><code><span class="keyword">val </span>sign : priv:<a href="index.html#type-priv">priv</a> <span>&#45;&gt;</span> msg:string <span>&#45;&gt;</span> string option</code></dt><dd><p><code>sign ~priv ~msg</code> creates a deterministic string signature given the same private key and same message. Fails if the private key was already used previously to sign a message, even if the message was the same (TODO: it's safe to sign many times the same message, 'cause it still makes inversion/prediction attacks impossible).</p></dd></dl><dl><dt class="spec value" id="val-verify"><a href="#val-verify" class="anchor"></a><code><span class="keyword">val </span>verify : pub:<a href="index.html#type-pub">pub</a> <span>&#45;&gt;</span> msg:string <span>&#45;&gt;</span> signature:string <span>&#45;&gt;</span> bool</code></dt><dd><p><code>verify ~pub ~msg ~signature</code> succeeds if the signature is valid for given message and was generated by the private key which generated the given public key.</p></dd></dl></div></body></html>
+<html xmlns="http://www.w3.org/1999/xhtml"><head><title>Hieroglyphs (hieroglyphs.Hieroglyphs)</title><link rel="stylesheet" href="../../odoc.css"/><meta charset="utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1.0"/><script src="../../highlight.pack.js"></script><script>hljs.initHighlightingOnLoad();</script></head><body><div class="content"><header><nav><a href="../index.html">Up</a> – <a href="../index.html">hieroglyphs</a> &#x00BB; Hieroglyphs</nav><h1>Module <code>Hieroglyphs</code></h1><p>Quantum-resistant, purely Hash-based, Stateful, One-Time Digital Signatures for OCaml.</p><dl><dt>author</dt><dd>Marco Aurélio da Silva</dd></dl><dl><dt>version</dt><dd>0.0.1</dd></dl></header><aside><p>Hieroglyphs is a hash-based signature scheme, which, in so far, is resistant to Quantum machine attacks (unlike RSA and Elliptic Curves, which can be broken). This &quot;Quantum attack&quot; is a mean to obtain the private key with just the public key, that is, this break the said hard/infeasible public key inversion theorem, as proved on classical machines.</p><p>Alongside with the Hash-based Signatures, there are as well other proposed Digital Signature schemes which are resistant to Quantum attacks. Such cryptography is often known as <i>Post-quantum Cryptography</i>. One of the most famous candidates for the &quot;Quantum Apocalypse&quot; is the Ring Learning With Errors Signature, an instance of the Lattice-based Cryptography (said to be resistant to Quantum key inversion attacks).</p></aside><dl><dt class="spec type" id="type-priv"><a href="#type-priv" class="anchor"></a><code><span class="keyword">type</span> priv</code></dt><dd><p>The opaque/abstract type for our private keys.</p></dd></dl><dl><dt class="spec type" id="type-pub"><a href="#type-pub" class="anchor"></a><code><span class="keyword">type</span> pub</code></dt><dd><p>The opaque/abstract type for our public keys.</p></dd></dl><dl><dt class="spec value" id="val-generate"><a href="#val-generate" class="anchor"></a><code><span class="keyword">val</span> generate : unit <span>&#45;&gt;</span> <a href="index.html#type-priv">priv</a></code></dt><dd><p>Generates an unique private key.</p></dd></dl><dl><dt class="spec value" id="val-derive"><a href="#val-derive" class="anchor"></a><code><span class="keyword">val</span> derive : <a href="index.html#type-priv">priv</a> <span>&#45;&gt;</span> <a href="index.html#type-pub">pub</a></code></dt><dd><p>Derives an unique public key from private key.</p></dd></dl><dl><dt class="spec value" id="val-pair"><a href="#val-pair" class="anchor"></a><code><span class="keyword">val</span> pair : unit <span>&#45;&gt;</span> <a href="index.html#type-priv">priv</a> * <a href="index.html#type-pub">pub</a></code></dt><dd><p>Helper function which generates a signature key pair.</p></dd></dl><dl><dt class="spec value" id="val-export"><a href="#val-export" class="anchor"></a><code><span class="keyword">val</span> export : priv:<a href="index.html#type-priv">priv</a> <span>&#45;&gt;</span> pass:string <span>&#45;&gt;</span> string</code></dt><dd><p><code>export ~priv ~pass</code> dumps an encrypted version of the private key.</p></dd></dl><dl><dt class="spec value" id="val-import"><a href="#val-import" class="anchor"></a><code><span class="keyword">val</span> import : cipher:string <span>&#45;&gt;</span> pass:string <span>&#45;&gt;</span> <a href="index.html#type-priv">priv</a> option</code></dt><dd><p><code>import ~cipher ~pass</code> tries to load a previously exported private key, only if the cipher text and the password yield a valid, internally parseable private key.</p></dd></dl><dl><dt class="spec value" id="val-load"><a href="#val-load" class="anchor"></a><code><span class="keyword">val</span> load : string <span>&#45;&gt;</span> <a href="index.html#type-pub">pub</a> option</code></dt><dd><p><code>load text</code> parses a valid public key, otherwise, returns None.</p></dd></dl><dl><dt class="spec value" id="val-show"><a href="#val-show" class="anchor"></a><code><span class="keyword">val</span> show : <a href="index.html#type-pub">pub</a> <span>&#45;&gt;</span> string</code></dt><dd><p><code>show pubkey</code> dumps/serialize a public key under string format.</p></dd></dl><dl><dt class="spec value" id="val-address"><a href="#val-address" class="anchor"></a><code><span class="keyword">val</span> address : <a href="index.html#type-pub">pub</a> <span>&#45;&gt;</span> string</code></dt><dd><p><code>address pubkey</code> generates an unique, deterministic ID for given public key. It's useful, for instance, to externally track the used/consumed private keys with a maintained state under a blacklist, cause there's an unique mapping from <i>priv</i> to <i>pub</i>, and therefore, from <i>priv</i> to <i>id : string</i> (the composition of <code>derive</code> with <code>address</code>.</p></dd></dl><dl><dt class="spec value" id="val-sign"><a href="#val-sign" class="anchor"></a><code><span class="keyword">val</span> sign : priv:<a href="index.html#type-priv">priv</a> <span>&#45;&gt;</span> msg:string <span>&#45;&gt;</span> string option</code></dt><dd><p><code>sign ~priv ~msg</code> creates a deterministic string signature given the same private key and same message. Fails if the private key was already used previously to sign a message, even if the message was the same (TODO: it's safe to sign many times the same message, 'cause it still makes inversion/prediction attacks impossible).</p></dd></dl><dl><dt class="spec value" id="val-verify"><a href="#val-verify" class="anchor"></a><code><span class="keyword">val</span> verify : pub:<a href="index.html#type-pub">pub</a> <span>&#45;&gt;</span> msg:string <span>&#45;&gt;</span> signature:string <span>&#45;&gt;</span> bool</code></dt><dd><p><code>verify ~pub ~msg ~signature</code> succeeds if the signature is valid for given message and was generated by the private key which generated the given public key.</p></dd></dl></div></body></html>
diff --git a/docs/apiref/hieroglyphs/Hieroglyphs__/Blacklist/index.html b/docs/apiref/hieroglyphs/Hieroglyphs__/Blacklist/index.html
@@ -1,2 +1,2 @@
 <!DOCTYPE html>
-<html xmlns="http://www.w3.org/1999/xhtml"><head><title>Blacklist (hieroglyphs.Hieroglyphs__.Blacklist)</title><link rel="stylesheet" href="../../../odoc.css"/><meta charset="utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1.0"/><script src="../../../highlight.pack.js"></script><script>hljs.initHighlightingOnLoad();</script></head><body><div class="content"><header><nav><a href="../index.html">Up</a> – <a href="../../index.html">hieroglyphs</a> &#x00BB; <a href="../index.html">Hieroglyphs__</a> &#x00BB; Blacklist</nav><h1>Module <code>Hieroglyphs__.Blacklist</code></h1></header><dl><dt class="spec value" id="val-add"><a href="#val-add" class="anchor"></a><code><span class="keyword">val </span>add : string <span>&#45;&gt;</span> unit</code></dt><dt class="spec value" id="val-exists"><a href="#val-exists" class="anchor"></a><code><span class="keyword">val </span>exists : string <span>&#45;&gt;</span> bool</code></dt></dl></div></body></html>
+<html xmlns="http://www.w3.org/1999/xhtml"><head><title>Blacklist (hieroglyphs.Hieroglyphs__.Blacklist)</title><link rel="stylesheet" href="../../../odoc.css"/><meta charset="utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1.0"/><script src="../../../highlight.pack.js"></script><script>hljs.initHighlightingOnLoad();</script></head><body><div class="content"><header><nav><a href="../index.html">Up</a> – <a href="../../index.html">hieroglyphs</a> &#x00BB; <a href="../index.html">Hieroglyphs__</a> &#x00BB; Blacklist</nav><h1>Module <code>Hieroglyphs__.Blacklist</code></h1></header><dl><dt class="spec value" id="val-add"><a href="#val-add" class="anchor"></a><code><span class="keyword">val</span> add : string <span>&#45;&gt;</span> unit</code></dt><dt class="spec value" id="val-exists"><a href="#val-exists" class="anchor"></a><code><span class="keyword">val</span> exists : string <span>&#45;&gt;</span> bool</code></dt></dl></div></body></html>
diff --git a/docs/apiref/hieroglyphs/Hieroglyphs__/Encryption/index.html b/docs/apiref/hieroglyphs/Hieroglyphs__/Encryption/index.html
@@ -1,2 +1,2 @@
 <!DOCTYPE html>
-<html xmlns="http://www.w3.org/1999/xhtml"><head><title>Encryption (hieroglyphs.Hieroglyphs__.Encryption)</title><link rel="stylesheet" href="../../../odoc.css"/><meta charset="utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1.0"/><script src="../../../highlight.pack.js"></script><script>hljs.initHighlightingOnLoad();</script></head><body><div class="content"><header><nav><a href="../index.html">Up</a> – <a href="../../index.html">hieroglyphs</a> &#x00BB; <a href="../index.html">Hieroglyphs__</a> &#x00BB; Encryption</nav><h1>Module <code>Hieroglyphs__.Encryption</code></h1></header><dl><dt class="spec value" id="val-encrypt"><a href="#val-encrypt" class="anchor"></a><code><span class="keyword">val </span>encrypt : string <span>&#45;&gt;</span> pass:string <span>&#45;&gt;</span> string</code></dt><dt class="spec value" id="val-decrypt"><a href="#val-decrypt" class="anchor"></a><code><span class="keyword">val </span>decrypt : string <span>&#45;&gt;</span> pass:string <span>&#45;&gt;</span> string option</code></dt></dl></div></body></html>
+<html xmlns="http://www.w3.org/1999/xhtml"><head><title>Encryption (hieroglyphs.Hieroglyphs__.Encryption)</title><link rel="stylesheet" href="../../../odoc.css"/><meta charset="utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1.0"/><script src="../../../highlight.pack.js"></script><script>hljs.initHighlightingOnLoad();</script></head><body><div class="content"><header><nav><a href="../index.html">Up</a> – <a href="../../index.html">hieroglyphs</a> &#x00BB; <a href="../index.html">Hieroglyphs__</a> &#x00BB; Encryption</nav><h1>Module <code>Hieroglyphs__.Encryption</code></h1></header><dl><dt class="spec value" id="val-encrypt"><a href="#val-encrypt" class="anchor"></a><code><span class="keyword">val</span> encrypt : string <span>&#45;&gt;</span> pass:string <span>&#45;&gt;</span> string</code></dt><dt class="spec value" id="val-decrypt"><a href="#val-decrypt" class="anchor"></a><code><span class="keyword">val</span> decrypt : string <span>&#45;&gt;</span> pass:string <span>&#45;&gt;</span> string option</code></dt></dl></div></body></html>