diff options
author | Vsevolod Stakhov <vsevolod@rspamd.com> | 2023-07-26 10:49:23 +0100 |
---|---|---|
committer | Vsevolod Stakhov <vsevolod@rspamd.com> | 2023-07-26 10:49:23 +0100 |
commit | 537a7180a0d5132c11636c4fd8b1450cd99d352c (patch) | |
tree | fb9f8c84955a411bdffbd6371ea32f2716fb3687 /src/libcryptobox | |
parent | 5fd7a90fdaa33f52c59bdb0ca84451e5c1e22365 (diff) | |
download | rspamd-537a7180a0d5132c11636c4fd8b1450cd99d352c.tar.gz rspamd-537a7180a0d5132c11636c4fd8b1450cd99d352c.zip |
[Rework] Use clang-format to unify formatting in all sources
No meaningful changes.
Diffstat (limited to 'src/libcryptobox')
-rw-r--r-- | src/libcryptobox/base64/avx2.c | 110 | ||||
-rw-r--r-- | src/libcryptobox/base64/base64.c | 368 | ||||
-rw-r--r-- | src/libcryptobox/base64/base64.h | 6 | ||||
-rw-r--r-- | src/libcryptobox/base64/ref.c | 187 | ||||
-rw-r--r-- | src/libcryptobox/base64/sse42.c | 111 | ||||
-rw-r--r-- | src/libcryptobox/catena/catena.c | 286 | ||||
-rw-r--r-- | src/libcryptobox/catena/catena.h | 27 | ||||
-rw-r--r-- | src/libcryptobox/chacha20/chacha.c | 143 | ||||
-rw-r--r-- | src/libcryptobox/chacha20/chacha.h | 34 | ||||
-rw-r--r-- | src/libcryptobox/chacha20/ref.c | 135 | ||||
-rw-r--r-- | src/libcryptobox/cryptobox.c | 1251 | ||||
-rw-r--r-- | src/libcryptobox/cryptobox.h | 186 | ||||
-rw-r--r-- | src/libcryptobox/keypair.c | 691 | ||||
-rw-r--r-- | src/libcryptobox/keypair.h | 118 | ||||
-rw-r--r-- | src/libcryptobox/keypair_private.h | 26 | ||||
-rw-r--r-- | src/libcryptobox/keypairs_cache.c | 104 | ||||
-rw-r--r-- | src/libcryptobox/keypairs_cache.h | 14 |
17 files changed, 2001 insertions, 1796 deletions
diff --git a/src/libcryptobox/base64/avx2.c b/src/libcryptobox/base64/avx2.c index c44f8edf1..38abffc32 100644 --- a/src/libcryptobox/base64/avx2.c +++ b/src/libcryptobox/base64/avx2.c @@ -77,16 +77,16 @@ extern const uint8_t base64_table_dec[256]; #include <immintrin.h> -#define CMPGT(s,n) _mm256_cmpgt_epi8((s), _mm256_set1_epi8(n)) -#define CMPEQ(s,n) _mm256_cmpeq_epi8((s), _mm256_set1_epi8(n)) -#define REPLACE(s,n) _mm256_and_si256((s), _mm256_set1_epi8(n)) -#define RANGE(s,a,b) _mm256_andnot_si256(CMPGT((s), (b)), CMPGT((s), (a) - 1)) +#define CMPGT(s, n) _mm256_cmpgt_epi8((s), _mm256_set1_epi8(n)) +#define CMPEQ(s, n) _mm256_cmpeq_epi8((s), _mm256_set1_epi8(n)) +#define REPLACE(s, n) _mm256_and_si256((s), _mm256_set1_epi8(n)) +#define RANGE(s, a, b) _mm256_andnot_si256(CMPGT((s), (b)), CMPGT((s), (a) -1)) static inline __m256i -dec_reshuffle (__m256i in) __attribute__((__target__("avx2"))); +dec_reshuffle(__m256i in) __attribute__((__target__("avx2"))); static inline __m256i -dec_reshuffle (__m256i in) +dec_reshuffle(__m256i in) { // in, lower lane, bits, upper case are most significant bits, lower case are least significant bits: // 00llllll 00kkkkLL 00jjKKKK 00JJJJJJ @@ -108,8 +108,8 @@ dec_reshuffle (__m256i in) // Pack bytes together in each lane: out = _mm256_shuffle_epi8(out, _mm256_setr_epi8( - 2, 1, 0, 6, 5, 4, 10, 9, 8, 14, 13, 12, -1, -1, -1, -1, - 2, 1, 0, 6, 5, 4, 10, 9, 8, 14, 13, 12, -1, -1, -1, -1)); + 2, 1, 0, 6, 5, 4, 10, 9, 8, 14, 13, 12, -1, -1, -1, -1, + 2, 1, 0, 6, 5, 4, 10, 9, 8, 14, 13, 12, -1, -1, -1, -1)); // 00000000 00000000 00000000 00000000 // LLllllll KKKKkkkk JJJJJJjj IIiiiiii // HHHHhhhh GGGGGGgg FFffffff EEEEeeee @@ -120,54 +120,52 @@ dec_reshuffle (__m256i in) } -#define INNER_LOOP_AVX2 \ - while (inlen >= 45) { \ - __m256i str = _mm256_loadu_si256((__m256i *)c); \ - const __m256i lut_lo = _mm256_setr_epi8( \ - 0x15, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, \ - 0x11, 0x11, 0x13, 0x1A, 0x1B, 0x1B, 0x1B, 0x1A, \ - 0x15, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, \ - 0x11, 0x11, 0x13, 0x1A, 0x1B, 0x1B, 0x1B, 0x1A); \ - const __m256i lut_hi = _mm256_setr_epi8( \ - 0x10, 0x10, 0x01, 0x02, 0x04, 0x08, 0x04, 0x08, \ - 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, \ - 0x10, 0x10, 0x01, 0x02, 0x04, 0x08, 0x04, 0x08, \ - 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10); \ - const __m256i lut_roll = _mm256_setr_epi8( \ - 0, 16, 19, 4, -65, -65, -71, -71, \ - 0, 0, 0, 0, 0, 0, 0, 0, \ - 0, 16, 19, 4, -65, -65, -71, -71, \ - 0, 0, 0, 0, 0, 0, 0, 0); \ - const __m256i mask_2F = _mm256_set1_epi8(0x2f); \ - const __m256i hi_nibbles = _mm256_and_si256(_mm256_srli_epi32(str, 4), mask_2F); \ - const __m256i lo_nibbles = _mm256_and_si256(str, mask_2F); \ - const __m256i hi = _mm256_shuffle_epi8(lut_hi, hi_nibbles); \ - const __m256i lo = _mm256_shuffle_epi8(lut_lo, lo_nibbles); \ - const __m256i eq_2F = _mm256_cmpeq_epi8(str, mask_2F); \ - const __m256i roll = _mm256_shuffle_epi8(lut_roll, _mm256_add_epi8(eq_2F, hi_nibbles)); \ - if (!_mm256_testz_si256(lo, hi)) { \ - seen_error = true; \ - break; \ - } \ - str = _mm256_add_epi8(str, roll); \ - str = dec_reshuffle(str); \ - _mm256_storeu_si256((__m256i *)o, str); \ - c += 32; \ - o += 24; \ - outl += 24; \ - inlen -= 32; \ +#define INNER_LOOP_AVX2 \ + while (inlen >= 45) { \ + __m256i str = _mm256_loadu_si256((__m256i *) c); \ + const __m256i lut_lo = _mm256_setr_epi8( \ + 0x15, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, \ + 0x11, 0x11, 0x13, 0x1A, 0x1B, 0x1B, 0x1B, 0x1A, \ + 0x15, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, \ + 0x11, 0x11, 0x13, 0x1A, 0x1B, 0x1B, 0x1B, 0x1A); \ + const __m256i lut_hi = _mm256_setr_epi8( \ + 0x10, 0x10, 0x01, 0x02, 0x04, 0x08, 0x04, 0x08, \ + 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, \ + 0x10, 0x10, 0x01, 0x02, 0x04, 0x08, 0x04, 0x08, \ + 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10); \ + const __m256i lut_roll = _mm256_setr_epi8( \ + 0, 16, 19, 4, -65, -65, -71, -71, \ + 0, 0, 0, 0, 0, 0, 0, 0, \ + 0, 16, 19, 4, -65, -65, -71, -71, \ + 0, 0, 0, 0, 0, 0, 0, 0); \ + const __m256i mask_2F = _mm256_set1_epi8(0x2f); \ + const __m256i hi_nibbles = _mm256_and_si256(_mm256_srli_epi32(str, 4), mask_2F); \ + const __m256i lo_nibbles = _mm256_and_si256(str, mask_2F); \ + const __m256i hi = _mm256_shuffle_epi8(lut_hi, hi_nibbles); \ + const __m256i lo = _mm256_shuffle_epi8(lut_lo, lo_nibbles); \ + const __m256i eq_2F = _mm256_cmpeq_epi8(str, mask_2F); \ + const __m256i roll = _mm256_shuffle_epi8(lut_roll, _mm256_add_epi8(eq_2F, hi_nibbles)); \ + if (!_mm256_testz_si256(lo, hi)) { \ + seen_error = true; \ + break; \ + } \ + str = _mm256_add_epi8(str, roll); \ + str = dec_reshuffle(str); \ + _mm256_storeu_si256((__m256i *) o, str); \ + c += 32; \ + o += 24; \ + outl += 24; \ + inlen -= 32; \ } -int -base64_decode_avx2 (const char *in, size_t inlen, - unsigned char *out, size_t *outlen) __attribute__((__target__("avx2"))); -int -base64_decode_avx2 (const char *in, size_t inlen, - unsigned char *out, size_t *outlen) +int base64_decode_avx2(const char *in, size_t inlen, + unsigned char *out, size_t *outlen) __attribute__((__target__("avx2"))); +int base64_decode_avx2(const char *in, size_t inlen, + unsigned char *out, size_t *outlen) { ssize_t ret = 0; - const uint8_t *c = (const uint8_t *)in; - uint8_t *o = (uint8_t *)out; + const uint8_t *c = (const uint8_t *) in; + uint8_t *o = (uint8_t *) out; uint8_t q, carry; size_t outl = 0; size_t leftover = 0; @@ -177,7 +175,7 @@ repeat: switch (leftover) { for (;;) { case 0: - if (G_LIKELY (!seen_error)) { + if (G_LIKELY(!seen_error)) { INNER_LOOP_AVX2 } @@ -227,7 +225,7 @@ repeat: } } else { - leftover --; + leftover--; } /* If we get here, there was an error: */ break; @@ -268,8 +266,8 @@ repeat: if (!ret && inlen > 0) { /* Skip to the next valid character in input */ while (inlen > 0 && base64_table_dec[*c] >= 254) { - c ++; - inlen --; + c++; + inlen--; } if (inlen > 0) { diff --git a/src/libcryptobox/base64/base64.c b/src/libcryptobox/base64/base64.c index efa356252..0dc93b3d2 100644 --- a/src/libcryptobox/base64/base64.c +++ b/src/libcryptobox/base64/base64.c @@ -24,24 +24,264 @@ extern unsigned cpu_config; const uint8_t -base64_table_dec[256] = -{ - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 62, 255, 255, 255, 63, - 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 255, 255, 255, 254, 255, 255, - 255, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, - 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 255, 255, 255, 255, 255, - 255, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, - 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 255, 255, 255, 255, 255, - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, - 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, + base64_table_dec[256] = + { + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 62, + 255, + 255, + 255, + 63, + 52, + 53, + 54, + 55, + 56, + 57, + 58, + 59, + 60, + 61, + 255, + 255, + 255, + 254, + 255, + 255, + 255, + 0, + 1, + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 255, + 255, + 255, + 255, + 255, + 255, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33, + 34, + 35, + 36, + 37, + 38, + 39, + 40, + 41, + 42, + 43, + 44, + 45, + 46, + 47, + 48, + 49, + 50, + 51, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, }; static const char base64_alphabet[] = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/"; @@ -51,52 +291,54 @@ typedef struct base64_impl { unsigned short min_len; unsigned int cpu_flags; const char *desc; - int (*decode) (const char *in, size_t inlen, - unsigned char *out, size_t *outlen); + int (*decode)(const char *in, size_t inlen, + unsigned char *out, size_t *outlen); } base64_impl_t; #define BASE64_DECLARE(ext) \ - int base64_decode_##ext(const char *in, size_t inlen, unsigned char *out, size_t *outlen); -#define BASE64_IMPL(cpuflags, min_len, desc, ext) \ - {0, (min_len), (cpuflags), desc, base64_decode_##ext} + int base64_decode_##ext(const char *in, size_t inlen, unsigned char *out, size_t *outlen); +#define BASE64_IMPL(cpuflags, min_len, desc, ext) \ + { \ + 0, (min_len), (cpuflags), desc, base64_decode_##ext \ + } BASE64_DECLARE(ref); #define BASE64_REF BASE64_IMPL(0, 0, "ref", ref) #ifdef RSPAMD_HAS_TARGET_ATTR -# if defined(HAVE_SSE42) -int base64_decode_sse42 (const char *in, size_t inlen, - unsigned char *out, size_t *outlen) __attribute__((__target__("sse4.2"))); +#if defined(HAVE_SSE42) +int base64_decode_sse42(const char *in, size_t inlen, + unsigned char *out, size_t *outlen) __attribute__((__target__("sse4.2"))); BASE64_DECLARE(sse42); -# define BASE64_SSE42 BASE64_IMPL(CPUID_SSE42, 24, "sse42", sse42) -# endif +#define BASE64_SSE42 BASE64_IMPL(CPUID_SSE42, 24, "sse42", sse42) +#endif #endif #ifdef RSPAMD_HAS_TARGET_ATTR -# if defined(HAVE_AVX2) -int base64_decode_avx2 (const char *in, size_t inlen, - unsigned char *out, size_t *outlen) __attribute__((__target__("avx2"))); +#if defined(HAVE_AVX2) +int base64_decode_avx2(const char *in, size_t inlen, + unsigned char *out, size_t *outlen) __attribute__((__target__("avx2"))); BASE64_DECLARE(avx2); -# define BASE64_AVX2 BASE64_IMPL(CPUID_AVX2, 128, "avx2", avx2) -# endif +#define BASE64_AVX2 BASE64_IMPL(CPUID_AVX2, 128, "avx2", avx2) +#endif #endif static base64_impl_t base64_list[] = { - BASE64_REF, + BASE64_REF, #ifdef BASE64_SSE42 - BASE64_SSE42, + BASE64_SSE42, #endif #ifdef BASE64_AVX2 - BASE64_AVX2, + BASE64_AVX2, #endif }; static const base64_impl_t *base64_ref = &base64_list[0]; const char * -base64_load (void) +base64_load(void) { guint i; const base64_impl_t *opt_impl = base64_ref; @@ -105,7 +347,7 @@ base64_load (void) base64_list[0].enabled = true; if (cpu_config != 0) { - for (i = 1; i < G_N_ELEMENTS (base64_list); i++) { + for (i = 1; i < G_N_ELEMENTS(base64_list); i++) { if (base64_list[i].cpu_flags & cpu_config) { base64_list[i].enabled = true; opt_impl = &base64_list[i]; @@ -118,68 +360,68 @@ base64_load (void) } gboolean -rspamd_cryptobox_base64_decode (const gchar *in, gsize inlen, - guchar *out, gsize *outlen) +rspamd_cryptobox_base64_decode(const gchar *in, gsize inlen, + guchar *out, gsize *outlen) { const base64_impl_t *opt_impl = base64_ref; - for (gint i = G_N_ELEMENTS (base64_list) - 1; i > 0; i --) { + for (gint i = G_N_ELEMENTS(base64_list) - 1; i > 0; i--) { if (base64_list[i].enabled && base64_list[i].min_len <= inlen) { opt_impl = &base64_list[i]; break; } } - return opt_impl->decode (in, inlen, out, outlen); + return opt_impl->decode(in, inlen, out, outlen); } double -base64_test (bool generic, size_t niters, size_t len, size_t str_len) +base64_test(bool generic, size_t niters, size_t len, size_t str_len) { size_t cycles; guchar *in, *out, *tmp; gdouble t1, t2, total = 0; gsize outlen; - g_assert (len > 0); - in = g_malloc (len); - tmp = g_malloc (len); - ottery_rand_bytes (in, len); + g_assert(len > 0); + in = g_malloc(len); + tmp = g_malloc(len); + ottery_rand_bytes(in, len); - out = rspamd_encode_base64_fold (in, len, str_len, &outlen, - RSPAMD_TASK_NEWLINES_CRLF); + out = rspamd_encode_base64_fold(in, len, str_len, &outlen, + RSPAMD_TASK_NEWLINES_CRLF); if (generic) { - base64_list[0].decode (out, outlen, tmp, &len); + base64_list[0].decode(out, outlen, tmp, &len); } else { - rspamd_cryptobox_base64_decode (out, outlen, tmp, &len); + rspamd_cryptobox_base64_decode(out, outlen, tmp, &len); } - g_assert (memcmp (in, tmp, len) == 0); + g_assert(memcmp(in, tmp, len) == 0); - for (cycles = 0; cycles < niters; cycles ++) { - t1 = rspamd_get_ticks (TRUE); + for (cycles = 0; cycles < niters; cycles++) { + t1 = rspamd_get_ticks(TRUE); if (generic) { - base64_list[0].decode (out, outlen, tmp, &len); + base64_list[0].decode(out, outlen, tmp, &len); } else { - rspamd_cryptobox_base64_decode (out, outlen, tmp, &len); + rspamd_cryptobox_base64_decode(out, outlen, tmp, &len); } - t2 = rspamd_get_ticks (TRUE); + t2 = rspamd_get_ticks(TRUE); total += t2 - t1; } - g_free (in); - g_free (tmp); - g_free (out); + g_free(in); + g_free(tmp); + g_free(out); return total; } gboolean -rspamd_cryptobox_base64_is_valid (const gchar *in, gsize inlen) +rspamd_cryptobox_base64_is_valid(const gchar *in, gsize inlen) { const guchar *p, *end; @@ -191,12 +433,12 @@ rspamd_cryptobox_base64_is_valid (const gchar *in, gsize inlen) end = in + inlen; while (p < end && *p != '=') { - if (!g_ascii_isspace (*p)) { + if (!g_ascii_isspace(*p)) { if (base64_table_dec[*p] == 255) { return FALSE; } } - p ++; + p++; } return TRUE; diff --git a/src/libcryptobox/base64/base64.h b/src/libcryptobox/base64/base64.h index e2be379b5..f53c80afd 100644 --- a/src/libcryptobox/base64/base64.h +++ b/src/libcryptobox/base64/base64.h @@ -18,13 +18,13 @@ #include "config.h" -#ifdef __cplusplus +#ifdef __cplusplus extern "C" { #endif -const char *base64_load (void); +const char *base64_load(void); -#ifdef __cplusplus +#ifdef __cplusplus } #endif diff --git a/src/libcryptobox/base64/ref.c b/src/libcryptobox/base64/ref.c index e01a4dc5e..61df68e35 100644 --- a/src/libcryptobox/base64/ref.c +++ b/src/libcryptobox/base64/ref.c @@ -32,92 +32,99 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. extern const uint8_t base64_table_dec[256]; -#define INNER_LOOP_64 do { \ - uint64_t str, res, dec; \ - bool aligned = rspamd_is_aligned_as(c, str); \ - while (inlen >= 13) { \ - if (aligned) { str = *(uint64_t *)c; } else {memcpy(&str, c, sizeof(str)); } \ - str = GUINT64_TO_BE(str); \ - if ((dec = base64_table_dec[str >> 56]) > 63) { \ - break; \ - } \ - res = dec << 58; \ - if ((dec = base64_table_dec[(str >> 48) & 0xFF]) > 63) { \ - break; \ - } \ - res |= dec << 52; \ - if ((dec = base64_table_dec[(str >> 40) & 0xFF]) > 63) { \ - break; \ - } \ - res |= dec << 46; \ - if ((dec = base64_table_dec[(str >> 32) & 0xFF]) > 63) { \ - break; \ - } \ - res |= dec << 40; \ - if ((dec = base64_table_dec[(str >> 24) & 0xFF]) > 63) { \ - break; \ - } \ - res |= dec << 34; \ - if ((dec = base64_table_dec[(str >> 16) & 0xFF]) > 63) { \ - break; \ - } \ - res |= dec << 28; \ - if ((dec = base64_table_dec[(str >> 8) & 0xFF]) > 63) { \ - break; \ - } \ - res |= dec << 22; \ - if ((dec = base64_table_dec[str & 0xFF]) > 63) { \ - break; \ - } \ - res |= dec << 16; \ - res = GUINT64_FROM_BE(res); \ - memcpy(o, &res, sizeof(res)); \ - c += 8; \ - o += 6; \ - outl += 6; \ - inlen -= 8; \ - } \ -} while (0) - -#define INNER_LOOP_32 do { \ - uint32_t str, res, dec; \ - bool aligned = rspamd_is_aligned_as(c, str); \ - while (inlen >= 8) { \ - if (aligned) { str = *(uint32_t *)c; } else {memcpy(&str, c, sizeof(str)); } \ - str = GUINT32_TO_BE(str); \ - if ((dec = base64_table_dec[str >> 24]) > 63) { \ - break; \ - } \ - res = dec << 26; \ - if ((dec = base64_table_dec[(str >> 16) & 0xFF]) > 63) { \ - break; \ - } \ - res |= dec << 20; \ - if ((dec = base64_table_dec[(str >> 8) & 0xFF]) > 63) { \ - break; \ - } \ - res |= dec << 14; \ - if ((dec = base64_table_dec[str & 0xFF]) > 63) { \ - break; \ - } \ - res |= dec << 8; \ - res = GUINT32_FROM_BE(res); \ - memcpy(o, &res, sizeof(res)); \ - c += 4; \ - o += 3; \ - outl += 3; \ - inlen -= 4; \ - } \ -} while (0) - - -int -base64_decode_ref (const char *in, size_t inlen, - unsigned char *out, size_t *outlen) +#define INNER_LOOP_64 \ + do { \ + uint64_t str, res, dec; \ + bool aligned = rspamd_is_aligned_as(c, str); \ + while (inlen >= 13) { \ + if (aligned) { str = *(uint64_t *) c; } \ + else { \ + memcpy(&str, c, sizeof(str)); \ + } \ + str = GUINT64_TO_BE(str); \ + if ((dec = base64_table_dec[str >> 56]) > 63) { \ + break; \ + } \ + res = dec << 58; \ + if ((dec = base64_table_dec[(str >> 48) & 0xFF]) > 63) { \ + break; \ + } \ + res |= dec << 52; \ + if ((dec = base64_table_dec[(str >> 40) & 0xFF]) > 63) { \ + break; \ + } \ + res |= dec << 46; \ + if ((dec = base64_table_dec[(str >> 32) & 0xFF]) > 63) { \ + break; \ + } \ + res |= dec << 40; \ + if ((dec = base64_table_dec[(str >> 24) & 0xFF]) > 63) { \ + break; \ + } \ + res |= dec << 34; \ + if ((dec = base64_table_dec[(str >> 16) & 0xFF]) > 63) { \ + break; \ + } \ + res |= dec << 28; \ + if ((dec = base64_table_dec[(str >> 8) & 0xFF]) > 63) { \ + break; \ + } \ + res |= dec << 22; \ + if ((dec = base64_table_dec[str & 0xFF]) > 63) { \ + break; \ + } \ + res |= dec << 16; \ + res = GUINT64_FROM_BE(res); \ + memcpy(o, &res, sizeof(res)); \ + c += 8; \ + o += 6; \ + outl += 6; \ + inlen -= 8; \ + } \ + } while (0) + +#define INNER_LOOP_32 \ + do { \ + uint32_t str, res, dec; \ + bool aligned = rspamd_is_aligned_as(c, str); \ + while (inlen >= 8) { \ + if (aligned) { str = *(uint32_t *) c; } \ + else { \ + memcpy(&str, c, sizeof(str)); \ + } \ + str = GUINT32_TO_BE(str); \ + if ((dec = base64_table_dec[str >> 24]) > 63) { \ + break; \ + } \ + res = dec << 26; \ + if ((dec = base64_table_dec[(str >> 16) & 0xFF]) > 63) { \ + break; \ + } \ + res |= dec << 20; \ + if ((dec = base64_table_dec[(str >> 8) & 0xFF]) > 63) { \ + break; \ + } \ + res |= dec << 14; \ + if ((dec = base64_table_dec[str & 0xFF]) > 63) { \ + break; \ + } \ + res |= dec << 8; \ + res = GUINT32_FROM_BE(res); \ + memcpy(o, &res, sizeof(res)); \ + c += 4; \ + o += 3; \ + outl += 3; \ + inlen -= 4; \ + } \ + } while (0) + + +int base64_decode_ref(const char *in, size_t inlen, + unsigned char *out, size_t *outlen) { ssize_t ret = 0; - const uint8_t *c = (const uint8_t *)in; - uint8_t *o = (uint8_t *)out; + const uint8_t *c = (const uint8_t *) in; + uint8_t *o = (uint8_t *) out; uint8_t q, carry; size_t outl = 0; size_t leftover = 0; @@ -140,7 +147,7 @@ repeat: ret = 0; break; } - carry = (uint8_t)(q << 2); + carry = (uint8_t) (q << 2); leftover++; case 1: @@ -153,7 +160,7 @@ repeat: break; } *o++ = carry | (q >> 4); - carry = (uint8_t)(q << 4); + carry = (uint8_t) (q << 4); leftover++; outl++; @@ -178,13 +185,13 @@ repeat: } } else { - leftover --; + leftover--; } /* If we get here, there was an error: */ break; } *o++ = carry | (q >> 2); - carry = (uint8_t)(q << 6); + carry = (uint8_t) (q << 6); leftover++; outl++; @@ -219,8 +226,8 @@ repeat: if (!ret && inlen > 0) { /* Skip to the next valid character in input */ while (inlen > 0 && base64_table_dec[*c] >= 254) { - c ++; - inlen --; + c++; + inlen--; } if (inlen > 0) { diff --git a/src/libcryptobox/base64/sse42.c b/src/libcryptobox/base64/sse42.c index f3b812dc9..36070abe8 100644 --- a/src/libcryptobox/base64/sse42.c +++ b/src/libcryptobox/base64/sse42.c @@ -73,9 +73,9 @@ extern const uint8_t base64_table_dec[256]; static inline __m128i -dec_reshuffle (__m128i in) __attribute__((__target__("sse4.2"))); +dec_reshuffle(__m128i in) __attribute__((__target__("sse4.2"))); -static inline __m128i dec_reshuffle (__m128i in) +static inline __m128i dec_reshuffle(__m128i in) { // Mask in a single byte per shift: const __m128i maskB2 = _mm_set1_epi32(0x003F0000); @@ -92,64 +92,61 @@ static inline __m128i dec_reshuffle (__m128i in) // Reshuffle and repack into 12-byte output format: return _mm_shuffle_epi8(out, _mm_setr_epi8( - 3, 2, 1, - 7, 6, 5, - 11, 10, 9, - 15, 14, 13, - -1, -1, -1, -1)); + 3, 2, 1, + 7, 6, 5, + 11, 10, 9, + 15, 14, 13, + -1, -1, -1, -1)); } -#define CMPGT(s,n) _mm_cmpgt_epi8((s), _mm_set1_epi8(n)) - -#define INNER_LOOP_SSE42 \ - while (inlen >= 24) { \ - __m128i str = _mm_loadu_si128((__m128i *)c); \ - const __m128i lut = _mm_setr_epi8( \ - 19, 16, 4, 4, \ - 4, 4, 4, 4, \ - 4, 4, 4, 4, \ - 0, 0, -71, -65 \ - ); \ - const __m128i range = _mm_setr_epi8( \ - '+','+', \ - '+','+', \ - '+','+', \ - '+','+', \ - '/','/', \ - '0','9', \ - 'A','Z', \ - 'a','z'); \ +#define CMPGT(s, n) _mm_cmpgt_epi8((s), _mm_set1_epi8(n)) + +#define INNER_LOOP_SSE42 \ + while (inlen >= 24) { \ + __m128i str = _mm_loadu_si128((__m128i *) c); \ + const __m128i lut = _mm_setr_epi8( \ + 19, 16, 4, 4, \ + 4, 4, 4, 4, \ + 4, 4, 4, 4, \ + 0, 0, -71, -65); \ + const __m128i range = _mm_setr_epi8( \ + '+', '+', \ + '+', '+', \ + '+', '+', \ + '+', '+', \ + '/', '/', \ + '0', '9', \ + 'A', 'Z', \ + 'a', 'z'); \ if (_mm_cmpistrc(range, str, _SIDD_UBYTE_OPS | _SIDD_CMP_RANGES | _SIDD_NEGATIVE_POLARITY)) { \ - seen_error = true; \ - break; \ - } \ - __m128i indices = _mm_subs_epu8(str, _mm_set1_epi8(46)); \ - __m128i mask45 = CMPGT(str, 64); \ - __m128i mask5 = CMPGT(str, 96); \ - indices = _mm_andnot_si128(mask45, indices); \ - mask45 = _mm_add_epi8(_mm_slli_epi16(_mm_abs_epi8(mask45), 4), mask45); \ - indices = _mm_add_epi8(indices, mask45); \ - indices = _mm_add_epi8(indices, mask5); \ - __m128i delta = _mm_shuffle_epi8(lut, indices); \ - str = _mm_add_epi8(str, delta); \ - str = dec_reshuffle(str); \ - _mm_storeu_si128((__m128i *)o, str); \ - c += 16; \ - o += 12; \ - outl += 12; \ - inlen -= 16; \ + seen_error = true; \ + break; \ + } \ + __m128i indices = _mm_subs_epu8(str, _mm_set1_epi8(46)); \ + __m128i mask45 = CMPGT(str, 64); \ + __m128i mask5 = CMPGT(str, 96); \ + indices = _mm_andnot_si128(mask45, indices); \ + mask45 = _mm_add_epi8(_mm_slli_epi16(_mm_abs_epi8(mask45), 4), mask45); \ + indices = _mm_add_epi8(indices, mask45); \ + indices = _mm_add_epi8(indices, mask5); \ + __m128i delta = _mm_shuffle_epi8(lut, indices); \ + str = _mm_add_epi8(str, delta); \ + str = dec_reshuffle(str); \ + _mm_storeu_si128((__m128i *) o, str); \ + c += 16; \ + o += 12; \ + outl += 12; \ + inlen -= 16; \ } -int -base64_decode_sse42 (const char *in, size_t inlen, - unsigned char *out, size_t *outlen) __attribute__((__target__("sse4.2"))); -int -base64_decode_sse42 (const char *in, size_t inlen, - unsigned char *out, size_t *outlen) +int base64_decode_sse42(const char *in, size_t inlen, + unsigned char *out, size_t *outlen) __attribute__((__target__("sse4.2"))); +int base64_decode_sse42(const char *in, size_t inlen, + unsigned char *out, size_t *outlen) { ssize_t ret = 0; - const uint8_t *c = (const uint8_t *)in; - uint8_t *o = (uint8_t *)out; + const uint8_t *c = (const uint8_t *) in; + uint8_t *o = (uint8_t *) out; uint8_t q, carry; size_t outl = 0; size_t leftover = 0; @@ -159,7 +156,7 @@ repeat: switch (leftover) { for (;;) { case 0: - if (G_LIKELY (!seen_error)) { + if (G_LIKELY(!seen_error)) { INNER_LOOP_SSE42 } @@ -209,7 +206,7 @@ repeat: } } else { - leftover --; + leftover--; } /* If we get here, there was an error: */ break; @@ -250,8 +247,8 @@ repeat: if (!ret && inlen > 0) { /* Skip to the next valid character in input */ while (inlen > 0 && base64_table_dec[*c] >= 254) { - c ++; - inlen --; + c++; + inlen--; } if (inlen > 0) { diff --git a/src/libcryptobox/catena/catena.c b/src/libcryptobox/catena/catena.c index 816b1154c..7e066dd7d 100644 --- a/src/libcryptobox/catena/catena.c +++ b/src/libcryptobox/catena/catena.c @@ -34,8 +34,8 @@ #endif /* Recommended default values */ -#define H_LEN CATENA_HLEN -#define KEY_LEN 16 +#define H_LEN CATENA_HLEN +#define KEY_LEN 16 const uint8_t VERSION_ID[] = "Butterfly-Full"; const uint8_t LAMBDA = 4; @@ -51,82 +51,78 @@ __Hash1(const uint8_t *input, const uint32_t inputlen, uint8_t hash[H_LEN]) { crypto_generichash_blake2b_state ctx; - crypto_generichash_blake2b_init (&ctx, NULL, 0, H_LEN); - crypto_generichash_blake2b_update (&ctx, input, inputlen); - crypto_generichash_blake2b_final (&ctx, hash, H_LEN); + crypto_generichash_blake2b_init(&ctx, NULL, 0, H_LEN); + crypto_generichash_blake2b_update(&ctx, input, inputlen); + crypto_generichash_blake2b_final(&ctx, hash, H_LEN); } /***************************************************/ -static inline -void __Hash2(const uint8_t *i1, const uint8_t i1len, const uint8_t *i2, - const uint8_t i2len, uint8_t hash[H_LEN]) +static inline void __Hash2(const uint8_t *i1, const uint8_t i1len, const uint8_t *i2, + const uint8_t i2len, uint8_t hash[H_LEN]) { crypto_generichash_blake2b_state ctx; - crypto_generichash_blake2b_init (&ctx, NULL, 0, H_LEN); - crypto_generichash_blake2b_update (&ctx, i1, i1len); - crypto_generichash_blake2b_update (&ctx, i2, i2len); - crypto_generichash_blake2b_final (&ctx, hash, H_LEN); + crypto_generichash_blake2b_init(&ctx, NULL, 0, H_LEN); + crypto_generichash_blake2b_update(&ctx, i1, i1len); + crypto_generichash_blake2b_update(&ctx, i2, i2len); + crypto_generichash_blake2b_final(&ctx, hash, H_LEN); } /***************************************************/ -static inline -void __Hash3(const uint8_t *i1, const uint8_t i1len, const uint8_t *i2, - const uint8_t i2len, const uint8_t *i3, const uint8_t i3len, - uint8_t hash[H_LEN]) +static inline void __Hash3(const uint8_t *i1, const uint8_t i1len, const uint8_t *i2, + const uint8_t i2len, const uint8_t *i3, const uint8_t i3len, + uint8_t hash[H_LEN]) { crypto_generichash_blake2b_state ctx; - crypto_generichash_blake2b_init (&ctx, NULL, 0, H_LEN); - crypto_generichash_blake2b_update (&ctx, i1, i1len); - crypto_generichash_blake2b_update (&ctx, i2, i2len); - crypto_generichash_blake2b_update (&ctx, i3, i3len); - crypto_generichash_blake2b_final (&ctx, hash, H_LEN); + crypto_generichash_blake2b_init(&ctx, NULL, 0, H_LEN); + crypto_generichash_blake2b_update(&ctx, i1, i1len); + crypto_generichash_blake2b_update(&ctx, i2, i2len); + crypto_generichash_blake2b_update(&ctx, i3, i3len); + crypto_generichash_blake2b_final(&ctx, hash, H_LEN); } /***************************************************/ -static inline -void __Hash4(const uint8_t *i1, const uint8_t i1len, const uint8_t *i2, - const uint8_t i2len, const uint8_t *i3, const uint8_t i3len, - const uint8_t *i4, const uint8_t i4len, uint8_t hash[H_LEN]) +static inline void __Hash4(const uint8_t *i1, const uint8_t i1len, const uint8_t *i2, + const uint8_t i2len, const uint8_t *i3, const uint8_t i3len, + const uint8_t *i4, const uint8_t i4len, uint8_t hash[H_LEN]) { crypto_generichash_blake2b_state ctx; - crypto_generichash_blake2b_init (&ctx, NULL, 0, H_LEN); - crypto_generichash_blake2b_update (&ctx, i1, i1len); - crypto_generichash_blake2b_update (&ctx, i2, i2len); - crypto_generichash_blake2b_update (&ctx, i3, i3len); - crypto_generichash_blake2b_update (&ctx, i4, i4len); - crypto_generichash_blake2b_final (&ctx, hash, H_LEN); + crypto_generichash_blake2b_init(&ctx, NULL, 0, H_LEN); + crypto_generichash_blake2b_update(&ctx, i1, i1len); + crypto_generichash_blake2b_update(&ctx, i2, i2len); + crypto_generichash_blake2b_update(&ctx, i3, i3len); + crypto_generichash_blake2b_update(&ctx, i4, i4len); + crypto_generichash_blake2b_final(&ctx, hash, H_LEN); } /***************************************************/ -static inline -void __Hash5(const uint8_t *i1, const uint8_t i1len, const uint8_t *i2, - const uint8_t i2len, const uint8_t *i3, const uint8_t i3len, - const uint8_t *i4, const uint8_t i4len, const uint8_t *i5, - const uint8_t i5len, uint8_t hash[H_LEN]) +static inline void __Hash5(const uint8_t *i1, const uint8_t i1len, const uint8_t *i2, + const uint8_t i2len, const uint8_t *i3, const uint8_t i3len, + const uint8_t *i4, const uint8_t i4len, const uint8_t *i5, + const uint8_t i5len, uint8_t hash[H_LEN]) { crypto_generichash_blake2b_state ctx; - crypto_generichash_blake2b_init (&ctx, NULL, 0, H_LEN); - crypto_generichash_blake2b_update (&ctx, i1, i1len); - crypto_generichash_blake2b_update (&ctx, i2, i2len); - crypto_generichash_blake2b_update (&ctx, i3, i3len); - crypto_generichash_blake2b_update (&ctx, i4, i4len); - crypto_generichash_blake2b_update (&ctx, i5, i5len); - crypto_generichash_blake2b_final (&ctx, hash, H_LEN); + crypto_generichash_blake2b_init(&ctx, NULL, 0, H_LEN); + crypto_generichash_blake2b_update(&ctx, i1, i1len); + crypto_generichash_blake2b_update(&ctx, i2, i2len); + crypto_generichash_blake2b_update(&ctx, i3, i3len); + crypto_generichash_blake2b_update(&ctx, i4, i4len); + crypto_generichash_blake2b_update(&ctx, i5, i5len); + crypto_generichash_blake2b_final(&ctx, hash, H_LEN); } static inline void -__HashFast(int vindex, const uint8_t* i1, const uint8_t* i2, - uint8_t hash[H_LEN]) +__HashFast(int vindex, const uint8_t *i1, const uint8_t *i2, + uint8_t hash[H_LEN]) { - __Hash2 (i1, H_LEN, i2, H_LEN, hash); + __Hash2(i1, H_LEN, i2, H_LEN, hash); } static void __ResetState(void) @@ -143,7 +139,7 @@ static int p; static uint64_t s[16]; static void -initXSState (const uint8_t* a, const uint8_t* b) +initXSState(const uint8_t *a, const uint8_t *b) { p = 0; @@ -159,7 +155,7 @@ initXSState (const uint8_t* a, const uint8_t* b) } static uint64_t -xorshift1024star (void) +xorshift1024star(void) { uint64_t s0 = s[p]; uint64_t s1 = s[p = (p + 1) & 15]; @@ -170,83 +166,83 @@ xorshift1024star (void) } static void -H_INIT (const uint8_t* x, const uint16_t xlen, uint8_t *vm1, uint8_t *vm2) +H_INIT(const uint8_t *x, const uint16_t xlen, uint8_t *vm1, uint8_t *vm2) { const uint8_t l = 2; - uint8_t *tmp = (uint8_t*) g_malloc (l * H_LEN); + uint8_t *tmp = (uint8_t *) g_malloc(l * H_LEN); for (uint8_t i = 0; i != l; ++i) { - __Hash2 (&i, 1, x, xlen, tmp + i * H_LEN); + __Hash2(&i, 1, x, xlen, tmp + i * H_LEN); } - memcpy (vm1, tmp, H_LEN); - memcpy (vm2, tmp+(l/2*H_LEN), H_LEN); - g_free (tmp); + memcpy(vm1, tmp, H_LEN); + memcpy(vm2, tmp + (l / 2 * H_LEN), H_LEN); + g_free(tmp); } static void -H_First (const uint8_t* i1, const uint8_t* i2, uint8_t* hash) +H_First(const uint8_t *i1, const uint8_t *i2, uint8_t *hash) { uint8_t i = 0; - uint8_t *x = (uint8_t*) g_malloc (H_LEN); + uint8_t *x = (uint8_t *) g_malloc(H_LEN); - __ResetState (); - __Hash2 (i1, H_LEN, i2, H_LEN, x); - __Hash2 (&i, 1, x, H_LEN, hash); - g_free (x); + __ResetState(); + __Hash2(i1, H_LEN, i2, H_LEN, x); + __Hash2(&i, 1, x, H_LEN, hash); + g_free(x); } static inline void -initmem (const uint8_t x[H_LEN], const uint64_t c, uint8_t *r) +initmem(const uint8_t x[H_LEN], const uint64_t c, uint8_t *r) { - uint8_t *vm2 = (uint8_t*) g_malloc (H_LEN); - uint8_t *vm1 = (uint8_t*) g_malloc (H_LEN); + uint8_t *vm2 = (uint8_t *) g_malloc(H_LEN); + uint8_t *vm1 = (uint8_t *) g_malloc(H_LEN); - H_INIT (x, H_LEN, vm1, vm2); - __ResetState (); - __HashFast (0, vm1, vm2, r); - __HashFast (1, r, vm1, r + H_LEN); + H_INIT(x, H_LEN, vm1, vm2); + __ResetState(); + __HashFast(0, vm1, vm2, r); + __HashFast(1, r, vm1, r + H_LEN); /* Top row */ for (uint64_t i = 2; i < c; i++) { - __HashFast (i, r + (i - 1) * H_LEN, r + (i - 2) * H_LEN, r + i * H_LEN); + __HashFast(i, r + (i - 1) * H_LEN, r + (i - 2) * H_LEN, r + i * H_LEN); } - g_free (vm2); - g_free (vm1); + g_free(vm2); + g_free(vm1); } static inline void -catena_gamma (const uint8_t garlic, const uint8_t *salt, - const uint8_t saltlen, uint8_t *r) +catena_gamma(const uint8_t garlic, const uint8_t *salt, + const uint8_t saltlen, uint8_t *r) { const uint64_t q = UINT64_C(1) << ((3 * garlic + 3) / 4); uint64_t i, j, j2; - uint8_t *tmp = g_malloc (H_LEN); - uint8_t *tmp2 = g_malloc (H_LEN); + uint8_t *tmp = g_malloc(H_LEN); + uint8_t *tmp2 = g_malloc(H_LEN); - __Hash1 (salt, saltlen, tmp); - __Hash1 (tmp, H_LEN, tmp2); - initXSState (tmp, tmp2); + __Hash1(salt, saltlen, tmp); + __Hash1(tmp, H_LEN, tmp2); + initXSState(tmp, tmp2); - __ResetState (); + __ResetState(); for (i = 0; i < q; i++) { - j = xorshift1024star () >> (64 - garlic); - j2 = xorshift1024star () >> (64 - garlic); - __HashFast (i, r + j * H_LEN, r + j2 * H_LEN, r + j * H_LEN); + j = xorshift1024star() >> (64 - garlic); + j2 = xorshift1024star() >> (64 - garlic); + __HashFast(i, r + j * H_LEN, r + j2 * H_LEN, r + j * H_LEN); } - g_free (tmp); - g_free (tmp2); + g_free(tmp); + g_free(tmp2); } static void -XOR (const uint8_t *input1, const uint8_t *input2, uint8_t *output) +XOR(const uint8_t *input1, const uint8_t *input2, uint8_t *output) { uint32_t i; - for(i = 0; i < H_LEN; i++) { + for (i = 0; i < H_LEN; i++) { output[i] = input1[i] ^ input2[i]; } } @@ -297,79 +293,78 @@ idx(uint64_t i, uint64_t j, uint8_t co, uint64_t c, uint64_t m) * that forms as (2^g,\lamba)-Superconcentrator */ static void -Flap (const uint8_t x[H_LEN], const uint8_t lambda, const uint8_t garlic, - const uint8_t *salt, const uint8_t saltlen, uint8_t h[H_LEN]) +Flap(const uint8_t x[H_LEN], const uint8_t lambda, const uint8_t garlic, + const uint8_t *salt, const uint8_t saltlen, uint8_t h[H_LEN]) { const uint64_t c = UINT64_C(1) << garlic; - const uint64_t m = UINT64_C(1) << (garlic - 1); /* 0.5 * 2^g */ + const uint64_t m = UINT64_C(1) << (garlic - 1); /* 0.5 * 2^g */ const uint32_t l = 2 * garlic; - uint8_t *r = g_malloc ((c + m) * H_LEN); - uint8_t *tmp = g_malloc (H_LEN); + uint8_t *r = g_malloc((c + m) * H_LEN); + uint8_t *tmp = g_malloc(H_LEN); uint64_t i, j; uint8_t k; - uint8_t co = 0; /* carry over from last iteration */ + uint8_t co = 0; /* carry over from last iteration */ /* Top row */ - initmem (x, c, r); + initmem(x, c, r); /*Gamma Function*/ - catena_gamma (garlic, salt, saltlen, r); + catena_gamma(garlic, salt, saltlen, r); /* DBH */ for (k = 0; k < lambda; k++) { for (i = 1; i < l; i++) { - XOR (r + idx (i - 1, c - 1, co, c, m) * H_LEN, - r + idx (i - 1, 0, co, c, m) * H_LEN, tmp); + XOR(r + idx(i - 1, c - 1, co, c, m) * H_LEN, + r + idx(i - 1, 0, co, c, m) * H_LEN, tmp); /* * r0 := H(tmp || vsigma(g,i-1,0) ) * __Hash2(tmp, H_LEN, r+idx(i-1,sigma(garlic,i-1,0),co,c,m) * H_LEN, H_LEN, * r+idx(i,0,co,c,m) *H_LEN); */ - H_First (tmp, - r + idx (i - 1, sigma (garlic, i - 1, 0), co, c, m) * H_LEN, - r + idx (i, 0, co, c, m) * H_LEN); - __ResetState (); + H_First(tmp, + r + idx(i - 1, sigma(garlic, i - 1, 0), co, c, m) * H_LEN, + r + idx(i, 0, co, c, m) * H_LEN); + __ResetState(); /* vertices */ for (j = 1; j < c; j++) { /* tmp:= rj-1 XOR vj */ - XOR (r + idx (i, j - 1, co, c, m) * H_LEN, - r + idx (i - 1, j, co, c, m) * H_LEN, tmp); + XOR(r + idx(i, j - 1, co, c, m) * H_LEN, + r + idx(i - 1, j, co, c, m) * H_LEN, tmp); /* rj := H(tmp || vsigma(g,i-1,j)) */ - __HashFast (j, tmp, - r + idx (i - 1, sigma (garlic, i - 1, j), co, c, m) * H_LEN, - r + idx (i, j, co, c, m) * H_LEN); + __HashFast(j, tmp, + r + idx(i - 1, sigma(garlic, i - 1, j), co, c, m) * H_LEN, + r + idx(i, j, co, c, m) * H_LEN); } } co = (co + (i - 1)) % 3; } - memcpy(h, r + idx(0,c-1,co,c,m) * H_LEN, H_LEN); - g_free (r); - g_free (tmp); + memcpy(h, r + idx(0, c - 1, co, c, m) * H_LEN, H_LEN); + g_free(r); + g_free(tmp); } static int -__Catena (const uint8_t *pwd, const uint32_t pwdlen, - const uint8_t *salt, const uint8_t saltlen, const uint8_t *data, - const uint32_t datalen, const uint8_t lambda, const uint8_t min_garlic, - const uint8_t garlic, const uint8_t hashlen, const uint8_t client, - const uint8_t tweak_id, uint8_t *hash) +__Catena(const uint8_t *pwd, const uint32_t pwdlen, + const uint8_t *salt, const uint8_t saltlen, const uint8_t *data, + const uint32_t datalen, const uint8_t lambda, const uint8_t min_garlic, + const uint8_t garlic, const uint8_t hashlen, const uint8_t client, + const uint8_t tweak_id, uint8_t *hash) { uint8_t x[H_LEN]; uint8_t hv[H_LEN]; uint8_t t[4]; uint8_t c; - if ((hashlen > H_LEN) || (garlic > 63) || (min_garlic > garlic) - || (lambda == 0) || (min_garlic == 0)) { + if ((hashlen > H_LEN) || (garlic > 63) || (min_garlic > garlic) || (lambda == 0) || (min_garlic == 0)) { return -1; } /*Compute H(V)*/ - __Hash1 (VERSION_ID, strlen ((char*) VERSION_ID), hv); + __Hash1(VERSION_ID, strlen((char *) VERSION_ID), hv); /* Compute Tweak */ t[0] = tweak_id; @@ -378,77 +373,72 @@ __Catena (const uint8_t *pwd, const uint32_t pwdlen, t[3] = saltlen; /* Compute H(AD) */ - __Hash1 ((uint8_t *) data, datalen, x); + __Hash1((uint8_t *) data, datalen, x); /* Compute the initial value to hash */ - __Hash5 (hv, H_LEN, t, 4, x, H_LEN, pwd, pwdlen, salt, saltlen, x); + __Hash5(hv, H_LEN, t, 4, x, H_LEN, pwd, pwdlen, salt, saltlen, x); /*Overwrite Password if enabled*/ #ifdef OVERWRITE - erasepwd(pwd,pwdlen); + erasepwd(pwd, pwdlen); #endif - Flap (x, lambda, (min_garlic + 1) / 2, salt, saltlen, x); + Flap(x, lambda, (min_garlic + 1) / 2, salt, saltlen, x); for (c = min_garlic; c <= garlic; c++) { - Flap (x, lambda, c, salt, saltlen, x); + Flap(x, lambda, c, salt, saltlen, x); if ((c == garlic) && (client == CLIENT)) { - memcpy (hash, x, H_LEN); + memcpy(hash, x, H_LEN); return 0; } - __Hash2 (&c, 1, x, H_LEN, x); - memset (x + hashlen, 0, H_LEN - hashlen); + __Hash2(&c, 1, x, H_LEN, x); + memset(x + hashlen, 0, H_LEN - hashlen); } - memcpy (hash, x, hashlen); + memcpy(hash, x, hashlen); return 0; } /***************************************************/ -int -catena (const uint8_t *pwd, const uint32_t pwdlen, const uint8_t *salt, - const uint8_t saltlen, const uint8_t *data, const uint32_t datalen, - const uint8_t lambda, const uint8_t min_garlic, const uint8_t garlic, - const uint8_t hashlen, uint8_t *hash) +int catena(const uint8_t *pwd, const uint32_t pwdlen, const uint8_t *salt, + const uint8_t saltlen, const uint8_t *data, const uint32_t datalen, + const uint8_t lambda, const uint8_t min_garlic, const uint8_t garlic, + const uint8_t hashlen, uint8_t *hash) { - return __Catena (pwd, pwdlen, salt, saltlen, data, datalen, lambda, - min_garlic, garlic, hashlen, REGULAR, PASSWORD_HASHING_MODE, hash); - + return __Catena(pwd, pwdlen, salt, saltlen, data, datalen, lambda, + min_garlic, garlic, hashlen, REGULAR, PASSWORD_HASHING_MODE, hash); } -int -simple_catena (const uint8_t *pwd, const uint32_t pwdlen, - const uint8_t *salt, const uint8_t saltlen, - const uint8_t *data, const uint32_t datalen, - uint8_t hash[H_LEN]) +int simple_catena(const uint8_t *pwd, const uint32_t pwdlen, + const uint8_t *salt, const uint8_t saltlen, + const uint8_t *data, const uint32_t datalen, + uint8_t hash[H_LEN]) { - return __Catena (pwd, pwdlen, salt, saltlen, data, datalen, - LAMBDA, MIN_GARLIC, GARLIC, H_LEN, - REGULAR, PASSWORD_HASHING_MODE, hash); + return __Catena(pwd, pwdlen, salt, saltlen, data, datalen, + LAMBDA, MIN_GARLIC, GARLIC, H_LEN, + REGULAR, PASSWORD_HASHING_MODE, hash); } -int -catena_test (void) +int catena_test(void) { /* From catena-v3.1 spec */ guint8 pw[] = {0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64}; guint8 salt[] = {0x73, 0x61, 0x6c, 0x74}; - guint8 ad[] = {0x64, 0x61,0x74, 0x61}; + guint8 ad[] = {0x64, 0x61, 0x74, 0x61}; guint8 expected[] = { 0x20, 0xc5, 0x91, 0x93, 0x8f, 0xc3, 0xaf, 0xcc, 0x3b, 0xba, 0x91, 0xd2, 0xfb, 0x84, 0xbf, 0x7b, 0x44, 0x04, 0xf9, 0x4c, 0x45, 0xed, 0x4d, 0x11, 0xa7, 0xe2, 0xb4, 0x12, 0x3e, 0xab, 0x0b, 0x77, 0x4a, 0x12, 0xb4, 0x22, 0xd0, 0xda, 0xb5, 0x25, 0x29, 0x02, 0xfc, 0x54, 0x47, 0xea, 0x82, 0x63, 0x8c, 0x1a, 0xfb, 0xa7, - 0xa9, 0x94, 0x24, 0x13, 0x0e, 0x44, 0x36, 0x3b, 0x9d, 0x9f, 0xc9, 0x60 - }; + 0xa9, 0x94, 0x24, 0x13, 0x0e, 0x44, 0x36, 0x3b, 0x9d, 0x9f, 0xc9, 0x60}; guint8 real[H_LEN]; - if (catena (pw, sizeof (pw), salt, sizeof (salt), ad, sizeof (ad), - 4, 10, 10, H_LEN, real) != 0) { + if (catena(pw, sizeof(pw), salt, sizeof(salt), ad, sizeof(ad), + 4, 10, 10, H_LEN, real) != 0) { return -1; } - return memcmp (real, expected, H_LEN); + return memcmp(real, expected, H_LEN); } diff --git a/src/libcryptobox/catena/catena.h b/src/libcryptobox/catena/catena.h index bf81cc0f9..1fcea21c3 100644 --- a/src/libcryptobox/catena/catena.h +++ b/src/libcryptobox/catena/catena.h @@ -18,22 +18,21 @@ /* Modes */ #define PASSWORD_HASHING_MODE 0 -#define KEY_DERIVATION_MODE 1 +#define KEY_DERIVATION_MODE 1 #define REGULAR 0 #define CLIENT 1 #define CATENA_HLEN 64 -#ifdef __cplusplus +#ifdef __cplusplus extern "C" { #endif -int -catena (const uint8_t *pwd, const uint32_t pwdlen, - const uint8_t *salt, const uint8_t saltlen, - const uint8_t *data, const uint32_t datalen, - const uint8_t lambda, const uint8_t min_garlic, - const uint8_t garlic, const uint8_t hashlen, uint8_t *hash); +int catena(const uint8_t *pwd, const uint32_t pwdlen, + const uint8_t *salt, const uint8_t saltlen, + const uint8_t *data, const uint32_t datalen, + const uint8_t lambda, const uint8_t min_garlic, + const uint8_t garlic, const uint8_t hashlen, uint8_t *hash); /** * Simple interface for catena PBKDF @@ -46,17 +45,17 @@ catena (const uint8_t *pwd, const uint32_t pwdlen, * @param hash output hash * @return 0 if hash is generated, -1 in case of error */ -int simple_catena (const uint8_t *pwd, const uint32_t pwdlen, - const uint8_t *salt, const uint8_t saltlen, - const uint8_t *data, const uint32_t datalen, - uint8_t hash[CATENA_HLEN]); +int simple_catena(const uint8_t *pwd, const uint32_t pwdlen, + const uint8_t *salt, const uint8_t saltlen, + const uint8_t *data, const uint32_t datalen, + uint8_t hash[CATENA_HLEN]); /** * Run a quick test on catena implementation */ -int catena_test (void); +int catena_test(void); -#ifdef __cplusplus +#ifdef __cplusplus } #endif diff --git a/src/libcryptobox/chacha20/chacha.c b/src/libcryptobox/chacha20/chacha.c index 653c614d9..0b471c80a 100644 --- a/src/libcryptobox/chacha20/chacha.c +++ b/src/libcryptobox/chacha20/chacha.c @@ -32,37 +32,39 @@ extern unsigned cpu_config; typedef struct chacha_impl_t { unsigned long cpu_flags; const char *desc; - void (*chacha) (const chacha_key *key, const chacha_iv *iv, - const unsigned char *in, unsigned char *out, size_t inlen, - size_t rounds); - void (*xchacha) (const chacha_key *key, const chacha_iv24 *iv, - const unsigned char *in, unsigned char *out, size_t inlen, - size_t rounds); - void (*chacha_blocks) (chacha_state_internal *state, - const unsigned char *in, unsigned char *out, size_t bytes); - void (*hchacha) (const unsigned char key[32], const unsigned char iv[16], - unsigned char out[32], size_t rounds); + void (*chacha)(const chacha_key *key, const chacha_iv *iv, + const unsigned char *in, unsigned char *out, size_t inlen, + size_t rounds); + void (*xchacha)(const chacha_key *key, const chacha_iv24 *iv, + const unsigned char *in, unsigned char *out, size_t inlen, + size_t rounds); + void (*chacha_blocks)(chacha_state_internal *state, + const unsigned char *in, unsigned char *out, size_t bytes); + void (*hchacha)(const unsigned char key[32], const unsigned char iv[16], + unsigned char out[32], size_t rounds); } chacha_impl_t; -#define CHACHA_DECLARE(ext) \ - void chacha_##ext(const chacha_key *key, const chacha_iv *iv, const unsigned char *in, unsigned char *out, size_t inlen, size_t rounds); \ - void xchacha_##ext(const chacha_key *key, const chacha_iv24 *iv, const unsigned char *in, unsigned char *out, size_t inlen, size_t rounds); \ - void chacha_blocks_##ext(chacha_state_internal *state, const unsigned char *in, unsigned char *out, size_t bytes); \ - void hchacha_##ext(const unsigned char key[32], const unsigned char iv[16], unsigned char out[32], size_t rounds); -#define CHACHA_IMPL(cpuflags, desc, ext) \ - {(cpuflags), desc, chacha_##ext, xchacha_##ext, chacha_blocks_##ext, hchacha_##ext} +#define CHACHA_DECLARE(ext) \ + void chacha_##ext(const chacha_key *key, const chacha_iv *iv, const unsigned char *in, unsigned char *out, size_t inlen, size_t rounds); \ + void xchacha_##ext(const chacha_key *key, const chacha_iv24 *iv, const unsigned char *in, unsigned char *out, size_t inlen, size_t rounds); \ + void chacha_blocks_##ext(chacha_state_internal *state, const unsigned char *in, unsigned char *out, size_t bytes); \ + void hchacha_##ext(const unsigned char key[32], const unsigned char iv[16], unsigned char out[32], size_t rounds); +#define CHACHA_IMPL(cpuflags, desc, ext) \ + { \ + (cpuflags), desc, chacha_##ext, xchacha_##ext, chacha_blocks_##ext, hchacha_##ext \ + } #if defined(HAVE_AVX2) && defined(__x86_64__) - CHACHA_DECLARE(avx2) - #define CHACHA_AVX2 CHACHA_IMPL(CPUID_AVX2, "avx2", avx2) +CHACHA_DECLARE(avx2) +#define CHACHA_AVX2 CHACHA_IMPL(CPUID_AVX2, "avx2", avx2) #endif #if defined(HAVE_AVX) && defined(__x86_64__) - CHACHA_DECLARE(avx) - #define CHACHA_AVX CHACHA_IMPL(CPUID_AVX, "avx", avx) +CHACHA_DECLARE(avx) +#define CHACHA_AVX CHACHA_IMPL(CPUID_AVX, "avx", avx) #endif #if defined(HAVE_SSE2) && defined(__x86_64__) - CHACHA_DECLARE(sse2) - #define CHACHA_SSE2 CHACHA_IMPL(CPUID_SSE2, "sse2", sse2) +CHACHA_DECLARE(sse2) +#define CHACHA_SSE2 CHACHA_IMPL(CPUID_SSE2, "sse2", sse2) #endif CHACHA_DECLARE(ref) @@ -84,18 +86,18 @@ static const chacha_impl_t chacha_list[] = { static const chacha_impl_t *chacha_impl = &chacha_list[0]; static int -chacha_is_aligned (const void *p) +chacha_is_aligned(const void *p) { return ((size_t) p & (sizeof(size_t) - 1)) == 0; } const char * -chacha_load (void) +chacha_load(void) { guint i; if (cpu_config != 0) { - for (i = 0; i < G_N_ELEMENTS (chacha_list); i ++) { + for (i = 0; i < G_N_ELEMENTS(chacha_list); i++) { if (chacha_list[i].cpu_flags & cpu_config) { chacha_impl = &chacha_list[i]; break; @@ -106,21 +108,21 @@ chacha_load (void) return chacha_impl->desc; } -void chacha_init (chacha_state *S, const chacha_key *key, - const chacha_iv *iv, size_t rounds) +void chacha_init(chacha_state *S, const chacha_key *key, + const chacha_iv *iv, size_t rounds) { chacha_state_internal *state = (chacha_state_internal *) S; - memcpy (state->s + 0, key, 32); - memset (state->s + 32, 0, 8); - memcpy (state->s + 40, iv, 8); + memcpy(state->s + 0, key, 32); + memset(state->s + 32, 0, 8); + memcpy(state->s + 40, iv, 8); state->rounds = rounds; state->leftover = 0; } /* processes inlen bytes (can do partial blocks), handling input/output alignment */ static void -chacha_consume (chacha_state_internal *state, - const unsigned char *in, unsigned char *out, size_t inlen) +chacha_consume(chacha_state_internal *state, + const unsigned char *in, unsigned char *out, size_t inlen) { unsigned char buffer[16 * CHACHA_BLOCKBYTES]; int in_aligned, out_aligned; @@ -130,10 +132,10 @@ chacha_consume (chacha_state_internal *state, return; /* if everything is aligned, handle directly */ - in_aligned = chacha_is_aligned (in); - out_aligned = chacha_is_aligned (out); + in_aligned = chacha_is_aligned(in); + out_aligned = chacha_is_aligned(out); if (in_aligned && out_aligned) { - chacha_impl->chacha_blocks (state, in, out, inlen); + chacha_impl->chacha_blocks(state, in, out, inlen); return; } @@ -143,12 +145,12 @@ chacha_consume (chacha_state_internal *state, const unsigned char *src = in; unsigned char *dst = (out_aligned) ? out : buffer; if (!in_aligned) { - memcpy (buffer, in, bytes); + memcpy(buffer, in, bytes); src = buffer; } - chacha_impl->chacha_blocks (state, src, dst, bytes); + chacha_impl->chacha_blocks(state, src, dst, bytes); if (!out_aligned) - memcpy (out, buffer, bytes); + memcpy(out, buffer, bytes); if (in) in += bytes; out += bytes; @@ -157,16 +159,16 @@ chacha_consume (chacha_state_internal *state, } /* hchacha */ -void hchacha (const unsigned char key[32], - const unsigned char iv[16], unsigned char out[32], size_t rounds) +void hchacha(const unsigned char key[32], + const unsigned char iv[16], unsigned char out[32], size_t rounds) { - chacha_impl->hchacha (key, iv, out, rounds); + chacha_impl->hchacha(key, iv, out, rounds); } /* update, returns number of bytes written to out */ size_t -chacha_update (chacha_state *S, const unsigned char *in, unsigned char *out, - size_t inlen) +chacha_update(chacha_state *S, const unsigned char *in, unsigned char *out, + size_t inlen) { chacha_state_internal *state = (chacha_state_internal *) S; unsigned char *out_start = out; @@ -178,11 +180,11 @@ chacha_update (chacha_state *S, const unsigned char *in, unsigned char *out, if (state->leftover) { bytes = (CHACHA_BLOCKBYTES - state->leftover); if (in) { - memcpy (state->buffer + state->leftover, in, bytes); + memcpy(state->buffer + state->leftover, in, bytes); in += bytes; } - chacha_consume (state, (in) ? state->buffer : NULL, out, - CHACHA_BLOCKBYTES); + chacha_consume(state, (in) ? state->buffer : NULL, out, + CHACHA_BLOCKBYTES); inlen -= bytes; out += CHACHA_BLOCKBYTES; state->leftover = 0; @@ -191,7 +193,7 @@ chacha_update (chacha_state *S, const unsigned char *in, unsigned char *out, /* handle the direct data */ bytes = (inlen & ~(CHACHA_BLOCKBYTES - 1)); if (bytes) { - chacha_consume (state, in, out, bytes); + chacha_consume(state, in, out, bytes); inlen -= bytes; if (in) in += bytes; @@ -202,9 +204,9 @@ chacha_update (chacha_state *S, const unsigned char *in, unsigned char *out, /* handle leftover data */ if (inlen) { if (in) - memcpy (state->buffer + state->leftover, in, inlen); + memcpy(state->buffer + state->leftover, in, inlen); else - memset (state->buffer + state->leftover, 0, inlen); + memset(state->buffer + state->leftover, 0, inlen); state->leftover += inlen; } @@ -213,51 +215,48 @@ chacha_update (chacha_state *S, const unsigned char *in, unsigned char *out, /* finalize, write out any leftover data */ size_t -chacha_final (chacha_state *S, unsigned char *out) +chacha_final(chacha_state *S, unsigned char *out) { chacha_state_internal *state = (chacha_state_internal *) S; size_t leftover = state->leftover; if (leftover) { - if (chacha_is_aligned (out)) { - chacha_impl->chacha_blocks (state, state->buffer, out, leftover); + if (chacha_is_aligned(out)) { + chacha_impl->chacha_blocks(state, state->buffer, out, leftover); } else { - chacha_impl->chacha_blocks (state, state->buffer, state->buffer, - leftover); - memcpy (out, state->buffer, leftover); + chacha_impl->chacha_blocks(state, state->buffer, state->buffer, + leftover); + memcpy(out, state->buffer, leftover); } } - rspamd_explicit_memzero (S, sizeof(chacha_state)); + rspamd_explicit_memzero(S, sizeof(chacha_state)); return leftover; } /* one-shot, input/output assumed to be word aligned */ -void -chacha (const chacha_key *key, const chacha_iv *iv, - const unsigned char *in, unsigned char *out, size_t inlen, - size_t rounds) +void chacha(const chacha_key *key, const chacha_iv *iv, + const unsigned char *in, unsigned char *out, size_t inlen, + size_t rounds) { - chacha_impl->chacha (key, iv, in, out, inlen, rounds); + chacha_impl->chacha(key, iv, in, out, inlen, rounds); } /* xchacha, chacha with a 192 bit nonce */ -void -xchacha_init (chacha_state *S, const chacha_key *key, - const chacha_iv24 *iv, size_t rounds) +void xchacha_init(chacha_state *S, const chacha_key *key, + const chacha_iv24 *iv, size_t rounds) { chacha_key subkey; - hchacha (key->b, iv->b, subkey.b, rounds); - chacha_init (S, &subkey, (chacha_iv *) (iv->b + 16), rounds); + hchacha(key->b, iv->b, subkey.b, rounds); + chacha_init(S, &subkey, (chacha_iv *) (iv->b + 16), rounds); } /* one-shot, input/output assumed to be word aligned */ -void -xchacha (const chacha_key *key, const chacha_iv24 *iv, - const unsigned char *in, unsigned char *out, size_t inlen, - size_t rounds) +void xchacha(const chacha_key *key, const chacha_iv24 *iv, + const unsigned char *in, unsigned char *out, size_t inlen, + size_t rounds) { - chacha_impl->xchacha (key, iv, in, out, inlen, rounds); + chacha_impl->xchacha(key, iv, in, out, inlen, rounds); } diff --git a/src/libcryptobox/chacha20/chacha.h b/src/libcryptobox/chacha20/chacha.h index 02d6dba00..d05088a86 100644 --- a/src/libcryptobox/chacha20/chacha.h +++ b/src/libcryptobox/chacha20/chacha.h @@ -29,7 +29,7 @@ #define CHACHA_BLOCKBYTES 64 -#ifdef __cplusplus +#ifdef __cplusplus extern "C" { #endif @@ -56,31 +56,31 @@ typedef struct chacha_iv24_t { unsigned char b[24]; } chacha_iv24; -void hchacha (const unsigned char key[32], const unsigned char iv[16], - unsigned char out[32], size_t rounds); +void hchacha(const unsigned char key[32], const unsigned char iv[16], + unsigned char out[32], size_t rounds); -void chacha_init (chacha_state *S, const chacha_key *key, const chacha_iv *iv, - size_t rounds); +void chacha_init(chacha_state *S, const chacha_key *key, const chacha_iv *iv, + size_t rounds); -void xchacha_init (chacha_state *S, const chacha_key *key, - const chacha_iv24 *iv, size_t rounds); +void xchacha_init(chacha_state *S, const chacha_key *key, + const chacha_iv24 *iv, size_t rounds); -size_t chacha_update (chacha_state *S, const unsigned char *in, - unsigned char *out, size_t inlen); +size_t chacha_update(chacha_state *S, const unsigned char *in, + unsigned char *out, size_t inlen); -size_t chacha_final (chacha_state *S, unsigned char *out); +size_t chacha_final(chacha_state *S, unsigned char *out); -void chacha (const chacha_key *key, const chacha_iv *iv, +void chacha(const chacha_key *key, const chacha_iv *iv, + const unsigned char *in, unsigned char *out, size_t inlen, + size_t rounds); + +void xchacha(const chacha_key *key, const chacha_iv24 *iv, const unsigned char *in, unsigned char *out, size_t inlen, size_t rounds); -void xchacha (const chacha_key *key, const chacha_iv24 *iv, - const unsigned char *in, unsigned char *out, size_t inlen, - size_t rounds); - -const char *chacha_load (void); +const char *chacha_load(void); -#ifdef __cplusplus +#ifdef __cplusplus } #endif diff --git a/src/libcryptobox/chacha20/ref.c b/src/libcryptobox/chacha20/ref.c index 905e76c83..ee646dbf3 100644 --- a/src/libcryptobox/chacha20/ref.c +++ b/src/libcryptobox/chacha20/ref.c @@ -10,36 +10,37 @@ typedef guint32 chacha_int32; /* interpret four 8 bit unsigned integers as a 32 bit unsigned integer in little endian */ static chacha_int32 -U8TO32(const unsigned char *p) { - return - (((chacha_int32)(p[0]) ) | - ((chacha_int32)(p[1]) << 8) | - ((chacha_int32)(p[2]) << 16) | - ((chacha_int32)(p[3]) << 24)); +U8TO32(const unsigned char *p) +{ + return (((chacha_int32) (p[0])) | + ((chacha_int32) (p[1]) << 8) | + ((chacha_int32) (p[2]) << 16) | + ((chacha_int32) (p[3]) << 24)); } /* store a 32 bit unsigned integer as four 8 bit unsigned integers in little endian */ static void -U32TO8(unsigned char *p, chacha_int32 v) { - p[0] = (v ) & 0xff; - p[1] = (v >> 8) & 0xff; +U32TO8(unsigned char *p, chacha_int32 v) +{ + p[0] = (v) &0xff; + p[1] = (v >> 8) & 0xff; p[2] = (v >> 16) & 0xff; p[3] = (v >> 24) & 0xff; } /* 32 bit left rotate */ static chacha_int32 -ROTL32(chacha_int32 x, int k) { +ROTL32(chacha_int32 x, int k) +{ return ((x << k) | (x >> (32 - k))) & 0xffffffff; } /* "expand 32-byte k", as 4 little endian 32-bit unsigned integers */ -static const chacha_int32 chacha_constants[4] = { - 0x61707865, 0x3320646e, 0x79622d32, 0x6b206574 -}; +static const chacha_int32 chacha_constants[4] = { + 0x61707865, 0x3320646e, 0x79622d32, 0x6b206574}; -void -chacha_blocks_ref(chacha_state_internal *state, const unsigned char *in, unsigned char *out, size_t bytes) { +void chacha_blocks_ref(chacha_state_internal *state, const unsigned char *in, unsigned char *out, size_t bytes) +{ chacha_int32 x[16], j[12]; chacha_int32 t; unsigned char *ctarget = out, tmp[64]; @@ -89,26 +90,34 @@ chacha_blocks_ref(chacha_state_internal *state, const unsigned char *in, unsigne x[14] = j[10]; x[15] = j[11]; - #define quarter(a,b,c,d) \ - a += b; t = d^a; d = ROTL32(t,16); \ - c += d; t = b^c; b = ROTL32(t,12); \ - a += b; t = d^a; d = ROTL32(t, 8); \ - c += d; t = b^c; b = ROTL32(t, 7); +#define quarter(a, b, c, d) \ + a += b; \ + t = d ^ a; \ + d = ROTL32(t, 16); \ + c += d; \ + t = b ^ c; \ + b = ROTL32(t, 12); \ + a += b; \ + t = d ^ a; \ + d = ROTL32(t, 8); \ + c += d; \ + t = b ^ c; \ + b = ROTL32(t, 7); - #define doubleround() \ - quarter( x[0], x[4], x[8],x[12]) \ - quarter( x[1], x[5], x[9],x[13]) \ - quarter( x[2], x[6],x[10],x[14]) \ - quarter( x[3], x[7],x[11],x[15]) \ - quarter( x[0], x[5],x[10],x[15]) \ - quarter( x[1], x[6],x[11],x[12]) \ - quarter( x[2], x[7], x[8],x[13]) \ - quarter( x[3], x[4], x[9],x[14]) +#define doubleround() \ + quarter(x[0], x[4], x[8], x[12]) \ + quarter(x[1], x[5], x[9], x[13]) \ + quarter(x[2], x[6], x[10], x[14]) \ + quarter(x[3], x[7], x[11], x[15]) \ + quarter(x[0], x[5], x[10], x[15]) \ + quarter(x[1], x[6], x[11], x[12]) \ + quarter(x[2], x[7], x[8], x[13]) \ + quarter(x[3], x[4], x[9], x[14]) i = r; do { doubleround() - i -= 2; + i -= 2; } while (i); x[0] += chacha_constants[0]; @@ -129,16 +138,16 @@ chacha_blocks_ref(chacha_state_internal *state, const unsigned char *in, unsigne x[15] += j[11]; if (in) { - U32TO8(out + 0, x[0] ^ U8TO32(in + 0)); - U32TO8(out + 4, x[1] ^ U8TO32(in + 4)); - U32TO8(out + 8, x[2] ^ U8TO32(in + 8)); - U32TO8(out + 12, x[3] ^ U8TO32(in + 12)); - U32TO8(out + 16, x[4] ^ U8TO32(in + 16)); - U32TO8(out + 20, x[5] ^ U8TO32(in + 20)); - U32TO8(out + 24, x[6] ^ U8TO32(in + 24)); - U32TO8(out + 28, x[7] ^ U8TO32(in + 28)); - U32TO8(out + 32, x[8] ^ U8TO32(in + 32)); - U32TO8(out + 36, x[9] ^ U8TO32(in + 36)); + U32TO8(out + 0, x[0] ^ U8TO32(in + 0)); + U32TO8(out + 4, x[1] ^ U8TO32(in + 4)); + U32TO8(out + 8, x[2] ^ U8TO32(in + 8)); + U32TO8(out + 12, x[3] ^ U8TO32(in + 12)); + U32TO8(out + 16, x[4] ^ U8TO32(in + 16)); + U32TO8(out + 20, x[5] ^ U8TO32(in + 20)); + U32TO8(out + 24, x[6] ^ U8TO32(in + 24)); + U32TO8(out + 28, x[7] ^ U8TO32(in + 28)); + U32TO8(out + 32, x[8] ^ U8TO32(in + 32)); + U32TO8(out + 36, x[9] ^ U8TO32(in + 36)); U32TO8(out + 40, x[10] ^ U8TO32(in + 40)); U32TO8(out + 44, x[11] ^ U8TO32(in + 44)); U32TO8(out + 48, x[12] ^ U8TO32(in + 48)); @@ -146,17 +155,18 @@ chacha_blocks_ref(chacha_state_internal *state, const unsigned char *in, unsigne U32TO8(out + 56, x[14] ^ U8TO32(in + 56)); U32TO8(out + 60, x[15] ^ U8TO32(in + 60)); in += 64; - } else { - U32TO8(out + 0, x[0]); - U32TO8(out + 4, x[1]); - U32TO8(out + 8, x[2]); - U32TO8(out + 12, x[3]); - U32TO8(out + 16, x[4]); - U32TO8(out + 20, x[5]); - U32TO8(out + 24, x[6]); - U32TO8(out + 28, x[7]); - U32TO8(out + 32, x[8]); - U32TO8(out + 36, x[9]); + } + else { + U32TO8(out + 0, x[0]); + U32TO8(out + 4, x[1]); + U32TO8(out + 8, x[2]); + U32TO8(out + 12, x[3]); + U32TO8(out + 16, x[4]); + U32TO8(out + 20, x[5]); + U32TO8(out + 24, x[6]); + U32TO8(out + 28, x[7]); + U32TO8(out + 32, x[8]); + U32TO8(out + 36, x[9]); U32TO8(out + 40, x[10]); U32TO8(out + 44, x[11]); U32TO8(out + 48, x[12]); @@ -171,7 +181,8 @@ chacha_blocks_ref(chacha_state_internal *state, const unsigned char *in, unsigne j[9]++; if (bytes <= 64) { - if (bytes < 64) for (i = 0; i < bytes; i++) ctarget[i] = out[i]; + if (bytes < 64) + for (i = 0; i < bytes; i++) ctarget[i] = out[i]; /* store the counter back to the state */ U32TO8(state->s + 32, j[8]); @@ -186,8 +197,8 @@ cleanup: rspamd_explicit_memzero(j, sizeof(j)); } -void -hchacha_ref(const unsigned char key[32], const unsigned char iv[16], unsigned char out[32], size_t rounds) { +void hchacha_ref(const unsigned char key[32], const unsigned char iv[16], unsigned char out[32], size_t rounds) +{ chacha_int32 x[16]; chacha_int32 t; @@ -210,7 +221,7 @@ hchacha_ref(const unsigned char key[32], const unsigned char iv[16], unsigned ch do { doubleround() - rounds -= 2; + rounds -= 2; } while (rounds); /* indices for the chacha constant */ @@ -226,13 +237,13 @@ hchacha_ref(const unsigned char key[32], const unsigned char iv[16], unsigned ch U32TO8(out + 28, x[15]); } -void -chacha_clear_state_ref(chacha_state_internal *state) { - rspamd_explicit_memzero (state, 48); +void chacha_clear_state_ref(chacha_state_internal *state) +{ + rspamd_explicit_memzero(state, 48); } -void -chacha_ref(const chacha_key *key, const chacha_iv *iv, const unsigned char *in, unsigned char *out, size_t inlen, size_t rounds) { +void chacha_ref(const chacha_key *key, const chacha_iv *iv, const unsigned char *in, unsigned char *out, size_t inlen, size_t rounds) +{ chacha_state_internal state; size_t i; for (i = 0; i < 32; i++) @@ -246,8 +257,8 @@ chacha_ref(const chacha_key *key, const chacha_iv *iv, const unsigned char *in, chacha_clear_state_ref(&state); } -void -xchacha_ref(const chacha_key *key, const chacha_iv24 *iv, const unsigned char *in, unsigned char *out, size_t inlen, size_t rounds) { +void xchacha_ref(const chacha_key *key, const chacha_iv24 *iv, const unsigned char *in, unsigned char *out, size_t inlen, size_t rounds) +{ chacha_state_internal state; size_t i; hchacha_ref(key->b, iv->b, &state.s[0], rounds); diff --git a/src/libcryptobox/cryptobox.c b/src/libcryptobox/cryptobox.c index 6364afdce..e118c4a73 100644 --- a/src/libcryptobox/cryptobox.c +++ b/src/libcryptobox/cryptobox.c @@ -65,105 +65,108 @@ static gboolean cryptobox_loaded = FALSE; static const guchar n0[16] = {0}; -#define CRYPTOBOX_ALIGNMENT 16 -#define cryptobox_align_ptr(p, a) \ - (void *) (((uintptr_t) (p) + ((uintptr_t) a - 1)) & ~((uintptr_t) a - 1)) +#define CRYPTOBOX_ALIGNMENT 16 +#define cryptobox_align_ptr(p, a) \ + (void *) (((uintptr_t) (p) + ((uintptr_t) a - 1)) & ~((uintptr_t) a - 1)) static void -rspamd_cryptobox_cpuid (gint cpu[4], gint info) +rspamd_cryptobox_cpuid(gint cpu[4], gint info) { - guint32 __attribute__ ((unused)) eax, __attribute__ ((unused)) ecx = 0, __attribute__ ((unused)) ebx = 0, __attribute__ ((unused)) edx = 0; + guint32 __attribute__((unused)) eax, __attribute__((unused)) ecx = 0, __attribute__((unused)) ebx = 0, __attribute__((unused)) edx = 0; eax = info; #if defined(__GNUC__) && (defined(__x86_64__) || defined(__i386__)) -# if defined( __i386__ ) && defined ( __PIC__ ) +#if defined(__i386__) && defined(__PIC__) /* in case of PIC under 32-bit EBX cannot be clobbered */ - __asm__ volatile ("movl %%ebx, %%edi \n\t cpuid \n\t xchgl %%ebx, %%edi" : "=D" (ebx), - "+a" (eax), "+c" (ecx), "=d" (edx)); -# else - __asm__ volatile ("cpuid" : "+b" (ebx), "+a" (eax), "+c" (ecx), "=d" (edx)); -# endif + __asm__ volatile("movl %%ebx, %%edi \n\t cpuid \n\t xchgl %%ebx, %%edi" + : "=D"(ebx), + "+a"(eax), "+c"(ecx), "=d"(edx)); +#else + __asm__ volatile("cpuid" + : "+b"(ebx), "+a"(eax), "+c"(ecx), "=d"(edx)); +#endif - cpu[0] = eax; cpu[1] = ebx; cpu[2] = ecx; cpu[3] = edx; + cpu[0] = eax; + cpu[1] = ebx; + cpu[2] = ecx; + cpu[3] = edx; #else - memset (cpu, 0, sizeof (gint) * 4); + memset(cpu, 0, sizeof(gint) * 4); #endif } static sig_atomic_t ok = 0; static jmp_buf j; -__attribute__((noreturn)) -static void -rspamd_cryptobox_ill_handler (int signo) +__attribute__((noreturn)) static void +rspamd_cryptobox_ill_handler(int signo) { ok = 0; - longjmp (j, -1); + longjmp(j, -1); } static gboolean -rspamd_cryptobox_test_instr (gint instr) +rspamd_cryptobox_test_instr(gint instr) { - void (*old_handler) (int); + void (*old_handler)(int); guint32 rd; #if defined(__GNUC__) ok = 1; - old_handler = signal (SIGILL, rspamd_cryptobox_ill_handler); + old_handler = signal(SIGILL, rspamd_cryptobox_ill_handler); - if (setjmp (j) != 0) { - signal (SIGILL, old_handler); + if (setjmp(j) != 0) { + signal(SIGILL, old_handler); return FALSE; } switch (instr) { -#if defined HAVE_SSE2 && defined (__x86_64__) +#if defined HAVE_SSE2 && defined(__x86_64__) case CPUID_SSE2: - __asm__ volatile ("psubb %xmm0, %xmm0"); + __asm__ volatile("psubb %xmm0, %xmm0"); break; case CPUID_RDRAND: /* Use byte code here for compatibility */ - __asm__ volatile (".byte 0x0f,0xc7,0xf0; setc %1" - : "=a" (rd), "=qm" (ok) - : - : "edx" - ); + __asm__ volatile(".byte 0x0f,0xc7,0xf0; setc %1" + : "=a"(rd), "=qm"(ok) + : + : "edx"); break; #endif #ifdef HAVE_SSE3 case CPUID_SSE3: - __asm__ volatile ("movshdup %xmm0, %xmm0"); + __asm__ volatile("movshdup %xmm0, %xmm0"); break; #endif #ifdef HAVE_SSSE3 case CPUID_SSSE3: - __asm__ volatile ("pshufb %xmm0, %xmm0"); + __asm__ volatile("pshufb %xmm0, %xmm0"); break; #endif #ifdef HAVE_SSE41 case CPUID_SSE41: - __asm__ volatile ("pcmpeqq %xmm0, %xmm0"); + __asm__ volatile("pcmpeqq %xmm0, %xmm0"); break; #endif #if defined HAVE_SSE42 && defined(__x86_64__) case CPUID_SSE42: - __asm__ volatile ("pushq %rax\n" - "xorq %rax, %rax\n" - "crc32 %rax, %rax\n" - "popq %rax"); + __asm__ volatile("pushq %rax\n" + "xorq %rax, %rax\n" + "crc32 %rax, %rax\n" + "popq %rax"); break; #endif #ifdef HAVE_AVX case CPUID_AVX: - __asm__ volatile ("vpaddq %xmm0, %xmm0, %xmm0"); + __asm__ volatile("vpaddq %xmm0, %xmm0, %xmm0"); break; #endif #ifdef HAVE_AVX2 case CPUID_AVX2: - __asm__ volatile ("vpaddq %ymm0, %ymm0, %ymm0");\ + __asm__ volatile("vpaddq %ymm0, %ymm0, %ymm0"); break; #endif default: @@ -171,17 +174,17 @@ rspamd_cryptobox_test_instr (gint instr) break; } - signal (SIGILL, old_handler); + signal(SIGILL, old_handler); #endif - (void)rd; /* Silence warning */ + (void) rd; /* Silence warning */ /* We actually never return here if SIGILL has been caught */ return ok == 1; } -struct rspamd_cryptobox_library_ctx* -rspamd_cryptobox_init (void) +struct rspamd_cryptobox_library_ctx * +rspamd_cryptobox_init(void) { gint cpu[4], nid; const guint32 osxsave_mask = (1 << 27); @@ -197,58 +200,58 @@ rspamd_cryptobox_init (void) } cryptobox_loaded = TRUE; - ctx = g_malloc0 (sizeof (*ctx)); + ctx = g_malloc0(sizeof(*ctx)); - rspamd_cryptobox_cpuid (cpu, 0); + rspamd_cryptobox_cpuid(cpu, 0); nid = cpu[0]; - rspamd_cryptobox_cpuid (cpu, 1); + rspamd_cryptobox_cpuid(cpu, 1); if (nid > 1) { - if ((cpu[3] & ((guint32)1 << 26))) { - if (rspamd_cryptobox_test_instr (CPUID_SSE2)) { + if ((cpu[3] & ((guint32) 1 << 26))) { + if (rspamd_cryptobox_test_instr(CPUID_SSE2)) { cpu_config |= CPUID_SSE2; } } - if ((cpu[2] & ((guint32)1 << 0))) { - if (rspamd_cryptobox_test_instr (CPUID_SSE3)) { + if ((cpu[2] & ((guint32) 1 << 0))) { + if (rspamd_cryptobox_test_instr(CPUID_SSE3)) { cpu_config |= CPUID_SSE3; } } - if ((cpu[2] & ((guint32)1 << 9))) { - if (rspamd_cryptobox_test_instr (CPUID_SSSE3)) { + if ((cpu[2] & ((guint32) 1 << 9))) { + if (rspamd_cryptobox_test_instr(CPUID_SSSE3)) { cpu_config |= CPUID_SSSE3; } } - if ((cpu[2] & ((guint32)1 << 19))) { - if (rspamd_cryptobox_test_instr (CPUID_SSE41)) { + if ((cpu[2] & ((guint32) 1 << 19))) { + if (rspamd_cryptobox_test_instr(CPUID_SSE41)) { cpu_config |= CPUID_SSE41; } } - if ((cpu[2] & ((guint32)1 << 20))) { - if (rspamd_cryptobox_test_instr (CPUID_SSE42)) { + if ((cpu[2] & ((guint32) 1 << 20))) { + if (rspamd_cryptobox_test_instr(CPUID_SSE42)) { cpu_config |= CPUID_SSE42; } } - if ((cpu[2] & ((guint32)1 << 30))) { - if (rspamd_cryptobox_test_instr (CPUID_RDRAND)) { + if ((cpu[2] & ((guint32) 1 << 30))) { + if (rspamd_cryptobox_test_instr(CPUID_RDRAND)) { cpu_config |= CPUID_RDRAND; } } /* OSXSAVE */ if ((cpu[2] & osxsave_mask) == osxsave_mask) { - if ((cpu[2] & ((guint32)1 << 28))) { - if (rspamd_cryptobox_test_instr (CPUID_AVX)) { + if ((cpu[2] & ((guint32) 1 << 28))) { + if (rspamd_cryptobox_test_instr(CPUID_AVX)) { cpu_config |= CPUID_AVX; } } if (nid >= 7 && - (cpu[2] & fma_movbe_osxsave_mask) == fma_movbe_osxsave_mask) { - rspamd_cryptobox_cpuid (cpu, 7); + (cpu[2] & fma_movbe_osxsave_mask) == fma_movbe_osxsave_mask) { + rspamd_cryptobox_cpuid(cpu, 7); if ((cpu[1] & avx2_bmi12_mask) == avx2_bmi12_mask) { - if (rspamd_cryptobox_test_instr (CPUID_AVX2)) { + if (rspamd_cryptobox_test_instr(CPUID_AVX2)) { cpu_config |= CPUID_AVX2; } } @@ -256,34 +259,34 @@ rspamd_cryptobox_init (void) } } - buf = g_string_new (""); + buf = g_string_new(""); for (bit = 0x1; bit != 0; bit <<= 1) { if (cpu_config & bit) { switch (bit) { case CPUID_SSE2: - rspamd_printf_gstring (buf, "sse2, "); + rspamd_printf_gstring(buf, "sse2, "); break; case CPUID_SSE3: - rspamd_printf_gstring (buf, "sse3, "); + rspamd_printf_gstring(buf, "sse3, "); break; case CPUID_SSSE3: - rspamd_printf_gstring (buf, "ssse3, "); + rspamd_printf_gstring(buf, "ssse3, "); break; case CPUID_SSE41: - rspamd_printf_gstring (buf, "sse4.1, "); + rspamd_printf_gstring(buf, "sse4.1, "); break; case CPUID_SSE42: - rspamd_printf_gstring (buf, "sse4.2, "); + rspamd_printf_gstring(buf, "sse4.2, "); break; case CPUID_AVX: - rspamd_printf_gstring (buf, "avx, "); + rspamd_printf_gstring(buf, "avx, "); break; case CPUID_AVX2: - rspamd_printf_gstring (buf, "avx2, "); + rspamd_printf_gstring(buf, "avx2, "); break; case CPUID_RDRAND: - rspamd_printf_gstring (buf, "rdrand, "); + rspamd_printf_gstring(buf, "rdrand, "); break; default: break; /* Silence warning */ @@ -293,50 +296,48 @@ rspamd_cryptobox_init (void) if (buf->len > 2) { /* Trim last chars */ - g_string_erase (buf, buf->len - 2, 2); + g_string_erase(buf, buf->len - 2, 2); } ctx->cpu_extensions = buf->str; - g_string_free (buf, FALSE); + g_string_free(buf, FALSE); ctx->cpu_config = cpu_config; - g_assert (sodium_init () != -1); + g_assert(sodium_init() != -1); - ctx->chacha20_impl = chacha_load (); - ctx->base64_impl = base64_load (); + ctx->chacha20_impl = chacha_load(); + ctx->base64_impl = base64_load(); #if defined(HAVE_USABLE_OPENSSL) && (OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)) /* Needed for old openssl api, not sure about LibreSSL */ - ERR_load_EC_strings (); - ERR_load_RAND_strings (); - ERR_load_EVP_strings (); + ERR_load_EC_strings(); + ERR_load_RAND_strings(); + ERR_load_EVP_strings(); #endif return ctx; } -void -rspamd_cryptobox_deinit (struct rspamd_cryptobox_library_ctx *ctx) +void rspamd_cryptobox_deinit(struct rspamd_cryptobox_library_ctx *ctx) { if (ctx) { - g_free (ctx->cpu_extensions); - g_free (ctx); + g_free(ctx->cpu_extensions); + g_free(ctx); } } -void -rspamd_cryptobox_keypair (rspamd_pk_t pk, rspamd_sk_t sk, - enum rspamd_cryptobox_mode mode) +void rspamd_cryptobox_keypair(rspamd_pk_t pk, rspamd_sk_t sk, + enum rspamd_cryptobox_mode mode) { - if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) { - ottery_rand_bytes (sk, rspamd_cryptobox_MAX_SKBYTES); + if (G_LIKELY(mode == RSPAMD_CRYPTOBOX_MODE_25519)) { + ottery_rand_bytes(sk, rspamd_cryptobox_MAX_SKBYTES); sk[0] &= 248; sk[31] &= 127; sk[31] |= 64; - crypto_scalarmult_base (pk, sk); + crypto_scalarmult_base(pk, sk); } else { #ifndef HAVE_USABLE_OPENSSL - g_assert (0); + g_assert(0); #else EC_KEY *ec_sec; const BIGNUM *bn_sec; @@ -344,86 +345,85 @@ rspamd_cryptobox_keypair (rspamd_pk_t pk, rspamd_sk_t sk, const EC_POINT *ec_pub; gsize len; - ec_sec = EC_KEY_new_by_curve_name (CRYPTOBOX_CURVE_NID); - g_assert (ec_sec != NULL); - g_assert (EC_KEY_generate_key (ec_sec) != 0); + ec_sec = EC_KEY_new_by_curve_name(CRYPTOBOX_CURVE_NID); + g_assert(ec_sec != NULL); + g_assert(EC_KEY_generate_key(ec_sec) != 0); - bn_sec = EC_KEY_get0_private_key (ec_sec); - g_assert (bn_sec != NULL); - ec_pub = EC_KEY_get0_public_key (ec_sec); - g_assert (ec_pub != NULL); + bn_sec = EC_KEY_get0_private_key(ec_sec); + g_assert(bn_sec != NULL); + ec_pub = EC_KEY_get0_public_key(ec_sec); + g_assert(ec_pub != NULL); #if OPENSSL_VERSION_MAJOR >= 3 unsigned char *buf = NULL; /* Thanks openssl for this API (no) */ - len = EC_POINT_point2buf (EC_KEY_get0_group (ec_sec), ec_pub, - POINT_CONVERSION_UNCOMPRESSED, &buf, NULL); - g_assert (len <= (gint)rspamd_cryptobox_pk_bytes (mode)); - memcpy (pk, buf, len); - OPENSSL_free (buf); + len = EC_POINT_point2buf(EC_KEY_get0_group(ec_sec), ec_pub, + POINT_CONVERSION_UNCOMPRESSED, &buf, NULL); + g_assert(len <= (gint) rspamd_cryptobox_pk_bytes(mode)); + memcpy(pk, buf, len); + OPENSSL_free(buf); #else BIGNUM *bn_pub; - bn_pub = EC_POINT_point2bn (EC_KEY_get0_group (ec_sec), - ec_pub, POINT_CONVERSION_UNCOMPRESSED, NULL, NULL); - len = BN_num_bytes (bn_pub); - g_assert (len <= (gint)rspamd_cryptobox_pk_bytes (mode)); - BN_bn2bin (bn_pub, pk); - BN_free (bn_pub); + bn_pub = EC_POINT_point2bn(EC_KEY_get0_group(ec_sec), + ec_pub, POINT_CONVERSION_UNCOMPRESSED, NULL, NULL); + len = BN_num_bytes(bn_pub); + g_assert(len <= (gint) rspamd_cryptobox_pk_bytes(mode)); + BN_bn2bin(bn_pub, pk); + BN_free(bn_pub); #endif - len = BN_num_bytes (bn_sec); - g_assert (len <= (gint)sizeof (rspamd_sk_t)); - BN_bn2bin (bn_sec, sk); + len = BN_num_bytes(bn_sec); + g_assert(len <= (gint) sizeof(rspamd_sk_t)); + BN_bn2bin(bn_sec, sk); - EC_KEY_free (ec_sec); + EC_KEY_free(ec_sec); #endif } } -void -rspamd_cryptobox_keypair_sig (rspamd_sig_pk_t pk, rspamd_sig_sk_t sk, - enum rspamd_cryptobox_mode mode) +void rspamd_cryptobox_keypair_sig(rspamd_sig_pk_t pk, rspamd_sig_sk_t sk, + enum rspamd_cryptobox_mode mode) { - if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) { - crypto_sign_keypair (pk, sk); + if (G_LIKELY(mode == RSPAMD_CRYPTOBOX_MODE_25519)) { + crypto_sign_keypair(pk, sk); } else { #ifndef HAVE_USABLE_OPENSSL - g_assert (0); + g_assert(0); #else EC_KEY *ec_sec; const BIGNUM *bn_sec; const EC_POINT *ec_pub; gsize len; - ec_sec = EC_KEY_new_by_curve_name (CRYPTOBOX_CURVE_NID); - g_assert (ec_sec != NULL); - g_assert (EC_KEY_generate_key (ec_sec) != 0); + ec_sec = EC_KEY_new_by_curve_name(CRYPTOBOX_CURVE_NID); + g_assert(ec_sec != NULL); + g_assert(EC_KEY_generate_key(ec_sec) != 0); - bn_sec = EC_KEY_get0_private_key (ec_sec); - g_assert (bn_sec != NULL); - ec_pub = EC_KEY_get0_public_key (ec_sec); - g_assert (ec_pub != NULL); + bn_sec = EC_KEY_get0_private_key(ec_sec); + g_assert(bn_sec != NULL); + ec_pub = EC_KEY_get0_public_key(ec_sec); + g_assert(ec_pub != NULL); #if OPENSSL_VERSION_MAJOR >= 3 unsigned char *buf = NULL; /* Thanks openssl for this API (no) */ - len = EC_POINT_point2buf (EC_KEY_get0_group (ec_sec), ec_pub, - POINT_CONVERSION_UNCOMPRESSED, &buf, NULL); - g_assert (len <= (gint)rspamd_cryptobox_pk_bytes (mode)); - memcpy (pk, buf, len); - OPENSSL_free (buf); + len = EC_POINT_point2buf(EC_KEY_get0_group(ec_sec), ec_pub, + POINT_CONVERSION_UNCOMPRESSED, &buf, NULL); + g_assert(len <= (gint) rspamd_cryptobox_pk_bytes(mode)); + memcpy(pk, buf, len); + OPENSSL_free(buf); #else BIGNUM *bn_pub; - bn_pub = EC_POINT_point2bn (EC_KEY_get0_group (ec_sec), - ec_pub, POINT_CONVERSION_UNCOMPRESSED, NULL, NULL); - len = BN_num_bytes (bn_pub); - g_assert (len <= (gint)rspamd_cryptobox_pk_bytes (mode)); - BN_bn2bin (bn_pub, pk); - BN_free (bn_pub); + bn_pub = EC_POINT_point2bn(EC_KEY_get0_group(ec_sec), + ec_pub, POINT_CONVERSION_UNCOMPRESSED, NULL, NULL); + len = BN_num_bytes(bn_pub); + g_assert(len <= (gint) rspamd_cryptobox_pk_bytes(mode)); + BN_bn2bin(bn_pub, pk); + BN_free(bn_pub); #endif - len = BN_num_bytes (bn_sec); - g_assert (len <= (gint)sizeof (rspamd_sk_t)); - BN_bn2bin (bn_sec, sk); - EC_KEY_free (ec_sec); + len = BN_num_bytes(bn_sec); + g_assert(len <= (gint) sizeof(rspamd_sk_t)); + BN_bn2bin(bn_sec, sk); + EC_KEY_free(ec_sec); #endif } } @@ -431,7 +431,7 @@ rspamd_cryptobox_keypair_sig (rspamd_sig_pk_t pk, rspamd_sig_sk_t sk, #if OPENSSL_VERSION_MAJOR >= 3 /* Compatibility function for OpenSSL 3.0 - thanks for breaking all API one more time */ EC_POINT *ec_point_bn2point_compat(const EC_GROUP *group, - const BIGNUM *bn, EC_POINT *point, BN_CTX *ctx) + const BIGNUM *bn, EC_POINT *point, BN_CTX *ctx) { size_t buf_len = 0; unsigned char *buf; @@ -453,7 +453,8 @@ EC_POINT *ec_point_bn2point_compat(const EC_GROUP *group, OPENSSL_free(buf); return NULL; } - } else + } + else ret = point; if (!EC_POINT_oct2point(group, ret, buf, buf_len, ctx)) { @@ -470,29 +471,28 @@ EC_POINT *ec_point_bn2point_compat(const EC_GROUP *group, #define ec_point_bn2point_compat EC_POINT_bn2point #endif -void -rspamd_cryptobox_nm (rspamd_nm_t nm, - const rspamd_pk_t pk, const rspamd_sk_t sk, - enum rspamd_cryptobox_mode mode) +void rspamd_cryptobox_nm(rspamd_nm_t nm, + const rspamd_pk_t pk, const rspamd_sk_t sk, + enum rspamd_cryptobox_mode mode) { - if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) { + if (G_LIKELY(mode == RSPAMD_CRYPTOBOX_MODE_25519)) { guchar s[32]; guchar e[32]; - memcpy (e, sk, 32); + memcpy(e, sk, 32); e[0] &= 248; e[31] &= 127; e[31] |= 64; - if (crypto_scalarmult (s, e, pk) != -1) { - hchacha (s, n0, nm, 20); + if (crypto_scalarmult(s, e, pk) != -1) { + hchacha(s, n0, nm, 20); } - rspamd_explicit_memzero (e, 32); + rspamd_explicit_memzero(e, 32); } else { #ifndef HAVE_USABLE_OPENSSL - g_assert (0); + g_assert(0); #else EC_KEY *lk; EC_POINT *ec_pub; @@ -500,96 +500,94 @@ rspamd_cryptobox_nm (rspamd_nm_t nm, gint len; guchar s[32]; - lk = EC_KEY_new_by_curve_name (CRYPTOBOX_CURVE_NID); - g_assert (lk != NULL); + lk = EC_KEY_new_by_curve_name(CRYPTOBOX_CURVE_NID); + g_assert(lk != NULL); - bn_pub = BN_bin2bn (pk, rspamd_cryptobox_pk_bytes (mode), NULL); - g_assert (bn_pub != NULL); - bn_sec = BN_bin2bn (sk, sizeof (rspamd_sk_t), NULL); - g_assert (bn_sec != NULL); + bn_pub = BN_bin2bn(pk, rspamd_cryptobox_pk_bytes(mode), NULL); + g_assert(bn_pub != NULL); + bn_sec = BN_bin2bn(sk, sizeof(rspamd_sk_t), NULL); + g_assert(bn_sec != NULL); - g_assert (EC_KEY_set_private_key (lk, bn_sec) == 1); - ec_pub = ec_point_bn2point_compat (EC_KEY_get0_group (lk), bn_pub, NULL, NULL); - g_assert (ec_pub != NULL); - len = ECDH_compute_key (s, sizeof (s), ec_pub, lk, NULL); - g_assert (len == sizeof (s)); + g_assert(EC_KEY_set_private_key(lk, bn_sec) == 1); + ec_pub = ec_point_bn2point_compat(EC_KEY_get0_group(lk), bn_pub, NULL, NULL); + g_assert(ec_pub != NULL); + len = ECDH_compute_key(s, sizeof(s), ec_pub, lk, NULL); + g_assert(len == sizeof(s)); /* Still do hchacha iteration since we are not using SHA1 KDF */ - hchacha (s, n0, nm, 20); + hchacha(s, n0, nm, 20); - EC_KEY_free (lk); - EC_POINT_free (ec_pub); - BN_free (bn_sec); - BN_free (bn_pub); + EC_KEY_free(lk); + EC_POINT_free(ec_pub); + BN_free(bn_sec); + BN_free(bn_pub); #endif } } -void -rspamd_cryptobox_sign (guchar *sig, unsigned long long *siglen_p, - const guchar *m, gsize mlen, - const rspamd_sk_t sk, - enum rspamd_cryptobox_mode mode) +void rspamd_cryptobox_sign(guchar *sig, unsigned long long *siglen_p, + const guchar *m, gsize mlen, + const rspamd_sk_t sk, + enum rspamd_cryptobox_mode mode) { - if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) { - crypto_sign_detached (sig, siglen_p, m, mlen, sk); + if (G_LIKELY(mode == RSPAMD_CRYPTOBOX_MODE_25519)) { + crypto_sign_detached(sig, siglen_p, m, mlen, sk); } else { #ifndef HAVE_USABLE_OPENSSL - g_assert (0); + g_assert(0); #else EC_KEY *lk; BIGNUM *bn_sec; EVP_MD_CTX *sha_ctx; unsigned char h[64]; - guint diglen = rspamd_cryptobox_signature_bytes (mode); + guint diglen = rspamd_cryptobox_signature_bytes(mode); /* Prehash */ - sha_ctx = EVP_MD_CTX_create (); - g_assert (EVP_DigestInit (sha_ctx, EVP_sha512()) == 1); - EVP_DigestUpdate (sha_ctx, m, mlen); - EVP_DigestFinal (sha_ctx, h, NULL); + sha_ctx = EVP_MD_CTX_create(); + g_assert(EVP_DigestInit(sha_ctx, EVP_sha512()) == 1); + EVP_DigestUpdate(sha_ctx, m, mlen); + EVP_DigestFinal(sha_ctx, h, NULL); /* Key setup */ - lk = EC_KEY_new_by_curve_name (CRYPTOBOX_CURVE_NID); - g_assert (lk != NULL); - bn_sec = BN_bin2bn (sk, sizeof (rspamd_sk_t), NULL); - g_assert (bn_sec != NULL); - g_assert (EC_KEY_set_private_key (lk, bn_sec) == 1); + lk = EC_KEY_new_by_curve_name(CRYPTOBOX_CURVE_NID); + g_assert(lk != NULL); + bn_sec = BN_bin2bn(sk, sizeof(rspamd_sk_t), NULL); + g_assert(bn_sec != NULL); + g_assert(EC_KEY_set_private_key(lk, bn_sec) == 1); /* ECDSA */ - g_assert (ECDSA_sign (0, h, sizeof (h), sig, &diglen, lk) == 1); - g_assert (diglen <= sizeof (rspamd_signature_t)); + g_assert(ECDSA_sign(0, h, sizeof(h), sig, &diglen, lk) == 1); + g_assert(diglen <= sizeof(rspamd_signature_t)); if (siglen_p) { *siglen_p = diglen; } - EC_KEY_free (lk); - EVP_MD_CTX_destroy (sha_ctx); - BN_free (bn_sec); + EC_KEY_free(lk); + EVP_MD_CTX_destroy(sha_ctx); + BN_free(bn_sec); #endif } } -bool -rspamd_cryptobox_verify (const guchar *sig, - gsize siglen, - const guchar *m, - gsize mlen, - const rspamd_pk_t pk, - enum rspamd_cryptobox_mode mode) +bool rspamd_cryptobox_verify(const guchar *sig, + gsize siglen, + const guchar *m, + gsize mlen, + const rspamd_pk_t pk, + enum rspamd_cryptobox_mode mode) { bool ret = false; - if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) { - if (siglen == rspamd_cryptobox_signature_bytes (RSPAMD_CRYPTOBOX_MODE_25519)) { - ret = (crypto_sign_verify_detached (sig, m, mlen, pk) == 0); + if (G_LIKELY(mode == RSPAMD_CRYPTOBOX_MODE_25519)) { + if (siglen == rspamd_cryptobox_signature_bytes(RSPAMD_CRYPTOBOX_MODE_25519)) { + ret = (crypto_sign_verify_detached(sig, m, mlen, pk) == 0); } } else { #ifndef HAVE_USABLE_OPENSSL - g_assert (0); + g_assert(0); #else EC_KEY *lk; EC_POINT *ec_pub; @@ -598,27 +596,27 @@ rspamd_cryptobox_verify (const guchar *sig, unsigned char h[64]; /* Prehash */ - sha_ctx = EVP_MD_CTX_create (); - g_assert (EVP_DigestInit (sha_ctx, EVP_sha512()) == 1); - EVP_DigestUpdate (sha_ctx, m, mlen); - EVP_DigestFinal (sha_ctx, h, NULL); + sha_ctx = EVP_MD_CTX_create(); + g_assert(EVP_DigestInit(sha_ctx, EVP_sha512()) == 1); + EVP_DigestUpdate(sha_ctx, m, mlen); + EVP_DigestFinal(sha_ctx, h, NULL); /* Key setup */ - lk = EC_KEY_new_by_curve_name (CRYPTOBOX_CURVE_NID); - g_assert (lk != NULL); - bn_pub = BN_bin2bn (pk, rspamd_cryptobox_pk_bytes (mode), NULL); - g_assert (bn_pub != NULL); - ec_pub = ec_point_bn2point_compat (EC_KEY_get0_group (lk), bn_pub, NULL, NULL); - g_assert (ec_pub != NULL); - g_assert (EC_KEY_set_public_key (lk, ec_pub) == 1); + lk = EC_KEY_new_by_curve_name(CRYPTOBOX_CURVE_NID); + g_assert(lk != NULL); + bn_pub = BN_bin2bn(pk, rspamd_cryptobox_pk_bytes(mode), NULL); + g_assert(bn_pub != NULL); + ec_pub = ec_point_bn2point_compat(EC_KEY_get0_group(lk), bn_pub, NULL, NULL); + g_assert(ec_pub != NULL); + g_assert(EC_KEY_set_public_key(lk, ec_pub) == 1); /* ECDSA */ - ret = ECDSA_verify (0, h, sizeof (h), sig, siglen, lk) == 1; + ret = ECDSA_verify(0, h, sizeof(h), sig, siglen, lk) == 1; - EC_KEY_free (lk); - EVP_MD_CTX_destroy (sha_ctx); - BN_free (bn_pub); - EC_POINT_free (ec_pub); + EC_KEY_free(lk); + EVP_MD_CTX_destroy(sha_ctx); + BN_free(bn_pub); + EC_POINT_free(ec_pub); #endif } @@ -626,16 +624,16 @@ rspamd_cryptobox_verify (const guchar *sig, } static gsize -rspamd_cryptobox_encrypt_ctx_len (enum rspamd_cryptobox_mode mode) +rspamd_cryptobox_encrypt_ctx_len(enum rspamd_cryptobox_mode mode) { - if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) { - return sizeof (chacha_state) + CRYPTOBOX_ALIGNMENT; + if (G_LIKELY(mode == RSPAMD_CRYPTOBOX_MODE_25519)) { + return sizeof(chacha_state) + CRYPTOBOX_ALIGNMENT; } else { #ifndef HAVE_USABLE_OPENSSL - g_assert (0); + g_assert(0); #else - return sizeof (EVP_CIPHER_CTX *) + CRYPTOBOX_ALIGNMENT; + return sizeof(EVP_CIPHER_CTX *) + CRYPTOBOX_ALIGNMENT; #endif } @@ -643,16 +641,16 @@ rspamd_cryptobox_encrypt_ctx_len (enum rspamd_cryptobox_mode mode) } static gsize -rspamd_cryptobox_auth_ctx_len (enum rspamd_cryptobox_mode mode) +rspamd_cryptobox_auth_ctx_len(enum rspamd_cryptobox_mode mode) { - if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) { - return sizeof (crypto_onetimeauth_state) + RSPAMD_ALIGNOF(crypto_onetimeauth_state); + if (G_LIKELY(mode == RSPAMD_CRYPTOBOX_MODE_25519)) { + return sizeof(crypto_onetimeauth_state) + RSPAMD_ALIGNOF(crypto_onetimeauth_state); } else { #ifndef HAVE_USABLE_OPENSSL - g_assert (0); + g_assert(0); #else - return sizeof (void *); + return sizeof(void *); #endif } @@ -660,34 +658,34 @@ rspamd_cryptobox_auth_ctx_len (enum rspamd_cryptobox_mode mode) } static void * -rspamd_cryptobox_encrypt_init (void *enc_ctx, const rspamd_nonce_t nonce, - const rspamd_nm_t nm, - enum rspamd_cryptobox_mode mode) +rspamd_cryptobox_encrypt_init(void *enc_ctx, const rspamd_nonce_t nonce, + const rspamd_nm_t nm, + enum rspamd_cryptobox_mode mode) { - if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) { + if (G_LIKELY(mode == RSPAMD_CRYPTOBOX_MODE_25519)) { chacha_state *s; - s = cryptobox_align_ptr (enc_ctx, CRYPTOBOX_ALIGNMENT); - xchacha_init (s, - (const chacha_key *) nm, - (const chacha_iv24 *) nonce, - 20); + s = cryptobox_align_ptr(enc_ctx, CRYPTOBOX_ALIGNMENT); + xchacha_init(s, + (const chacha_key *) nm, + (const chacha_iv24 *) nonce, + 20); return s; } else { #ifndef HAVE_USABLE_OPENSSL - g_assert (0); + g_assert(0); #else EVP_CIPHER_CTX **s; - s = cryptobox_align_ptr (enc_ctx, CRYPTOBOX_ALIGNMENT); - memset (s, 0, sizeof (*s)); - *s = EVP_CIPHER_CTX_new (); - g_assert (EVP_EncryptInit_ex (*s, EVP_aes_256_gcm (), NULL, NULL, NULL) == 1); - g_assert (EVP_CIPHER_CTX_ctrl (*s, EVP_CTRL_GCM_SET_IVLEN, - rspamd_cryptobox_nonce_bytes (mode), NULL) == 1); - g_assert (EVP_EncryptInit_ex (*s, NULL, NULL, nm, nonce) == 1); + s = cryptobox_align_ptr(enc_ctx, CRYPTOBOX_ALIGNMENT); + memset(s, 0, sizeof(*s)); + *s = EVP_CIPHER_CTX_new(); + g_assert(EVP_EncryptInit_ex(*s, EVP_aes_256_gcm(), NULL, NULL, NULL) == 1); + g_assert(EVP_CIPHER_CTX_ctrl(*s, EVP_CTRL_GCM_SET_IVLEN, + rspamd_cryptobox_nonce_bytes(mode), NULL) == 1); + g_assert(EVP_EncryptInit_ex(*s, NULL, NULL, nm, nonce) == 1); return s; #endif @@ -697,24 +695,24 @@ rspamd_cryptobox_encrypt_init (void *enc_ctx, const rspamd_nonce_t nonce, } static void * -rspamd_cryptobox_auth_init (void *auth_ctx, void *enc_ctx, - enum rspamd_cryptobox_mode mode) +rspamd_cryptobox_auth_init(void *auth_ctx, void *enc_ctx, + enum rspamd_cryptobox_mode mode) { - if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) { + if (G_LIKELY(mode == RSPAMD_CRYPTOBOX_MODE_25519)) { crypto_onetimeauth_state *mac_ctx; guchar RSPAMD_ALIGNED(32) subkey[CHACHA_BLOCKBYTES]; - mac_ctx = cryptobox_align_ptr (auth_ctx, CRYPTOBOX_ALIGNMENT); - memset (subkey, 0, sizeof (subkey)); - chacha_update (enc_ctx, subkey, subkey, sizeof (subkey)); - crypto_onetimeauth_init (mac_ctx, subkey); - rspamd_explicit_memzero (subkey, sizeof (subkey)); + mac_ctx = cryptobox_align_ptr(auth_ctx, CRYPTOBOX_ALIGNMENT); + memset(subkey, 0, sizeof(subkey)); + chacha_update(enc_ctx, subkey, subkey, sizeof(subkey)); + crypto_onetimeauth_init(mac_ctx, subkey); + rspamd_explicit_memzero(subkey, sizeof(subkey)); return mac_ctx; } else { #ifndef HAVE_USABLE_OPENSSL - g_assert (0); + g_assert(0); #else auth_ctx = enc_ctx; @@ -726,17 +724,17 @@ rspamd_cryptobox_auth_init (void *auth_ctx, void *enc_ctx, } static gboolean -rspamd_cryptobox_encrypt_update (void *enc_ctx, const guchar *in, gsize inlen, - guchar *out, gsize *outlen, - enum rspamd_cryptobox_mode mode) +rspamd_cryptobox_encrypt_update(void *enc_ctx, const guchar *in, gsize inlen, + guchar *out, gsize *outlen, + enum rspamd_cryptobox_mode mode) { - if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) { + if (G_LIKELY(mode == RSPAMD_CRYPTOBOX_MODE_25519)) { gsize r; chacha_state *s; - s = cryptobox_align_ptr (enc_ctx, CRYPTOBOX_ALIGNMENT); + s = cryptobox_align_ptr(enc_ctx, CRYPTOBOX_ALIGNMENT); - r = chacha_update (s, in, out, inlen); + r = chacha_update(s, in, out, inlen); if (outlen != NULL) { *outlen = r; @@ -746,13 +744,13 @@ rspamd_cryptobox_encrypt_update (void *enc_ctx, const guchar *in, gsize inlen, } else { #ifndef HAVE_USABLE_OPENSSL - g_assert (0); + g_assert(0); #else EVP_CIPHER_CTX **s = enc_ctx; gint r; r = inlen; - g_assert (EVP_EncryptUpdate (*s, out, &r, in, inlen) == 1); + g_assert(EVP_EncryptUpdate(*s, out, &r, in, inlen) == 1); if (outlen) { *outlen = r; @@ -766,20 +764,20 @@ rspamd_cryptobox_encrypt_update (void *enc_ctx, const guchar *in, gsize inlen, } static gboolean -rspamd_cryptobox_auth_update (void *auth_ctx, const guchar *in, gsize inlen, - enum rspamd_cryptobox_mode mode) +rspamd_cryptobox_auth_update(void *auth_ctx, const guchar *in, gsize inlen, + enum rspamd_cryptobox_mode mode) { - if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) { + if (G_LIKELY(mode == RSPAMD_CRYPTOBOX_MODE_25519)) { crypto_onetimeauth_state *mac_ctx; - mac_ctx = cryptobox_align_ptr (auth_ctx, CRYPTOBOX_ALIGNMENT); - crypto_onetimeauth_update (mac_ctx, in, inlen); + mac_ctx = cryptobox_align_ptr(auth_ctx, CRYPTOBOX_ALIGNMENT); + crypto_onetimeauth_update(mac_ctx, in, inlen); return TRUE; } else { #ifndef HAVE_USABLE_OPENSSL - g_assert (0); + g_assert(0); #else return TRUE; #endif @@ -789,23 +787,23 @@ rspamd_cryptobox_auth_update (void *auth_ctx, const guchar *in, gsize inlen, } static gsize -rspamd_cryptobox_encrypt_final (void *enc_ctx, guchar *out, gsize remain, - enum rspamd_cryptobox_mode mode) +rspamd_cryptobox_encrypt_final(void *enc_ctx, guchar *out, gsize remain, + enum rspamd_cryptobox_mode mode) { - if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) { + if (G_LIKELY(mode == RSPAMD_CRYPTOBOX_MODE_25519)) { chacha_state *s; - s = cryptobox_align_ptr (enc_ctx, CRYPTOBOX_ALIGNMENT); - return chacha_final (s, out); + s = cryptobox_align_ptr(enc_ctx, CRYPTOBOX_ALIGNMENT); + return chacha_final(s, out); } else { #ifndef HAVE_USABLE_OPENSSL - g_assert (0); + g_assert(0); #else EVP_CIPHER_CTX **s = enc_ctx; gint r = remain; - g_assert (EVP_EncryptFinal_ex (*s, out, &r) == 1); + g_assert(EVP_EncryptFinal_ex(*s, out, &r) == 1); return r; #endif @@ -815,25 +813,25 @@ rspamd_cryptobox_encrypt_final (void *enc_ctx, guchar *out, gsize remain, } static gboolean -rspamd_cryptobox_auth_final (void *auth_ctx, rspamd_mac_t sig, - enum rspamd_cryptobox_mode mode) +rspamd_cryptobox_auth_final(void *auth_ctx, rspamd_mac_t sig, + enum rspamd_cryptobox_mode mode) { - if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) { + if (G_LIKELY(mode == RSPAMD_CRYPTOBOX_MODE_25519)) { crypto_onetimeauth_state *mac_ctx; - mac_ctx = cryptobox_align_ptr (auth_ctx, CRYPTOBOX_ALIGNMENT); - crypto_onetimeauth_final (mac_ctx, sig); + mac_ctx = cryptobox_align_ptr(auth_ctx, CRYPTOBOX_ALIGNMENT); + crypto_onetimeauth_final(mac_ctx, sig); return TRUE; } else { #ifndef HAVE_USABLE_OPENSSL - g_assert (0); + g_assert(0); #else EVP_CIPHER_CTX **s = auth_ctx; - g_assert (EVP_CIPHER_CTX_ctrl (*s, EVP_CTRL_GCM_GET_TAG, - sizeof (rspamd_mac_t), sig) == 1); + g_assert(EVP_CIPHER_CTX_ctrl(*s, EVP_CTRL_GCM_GET_TAG, + sizeof(rspamd_mac_t), sig) == 1); return TRUE; #endif @@ -843,35 +841,35 @@ rspamd_cryptobox_auth_final (void *auth_ctx, rspamd_mac_t sig, } static void * -rspamd_cryptobox_decrypt_init (void *enc_ctx, const rspamd_nonce_t nonce, - const rspamd_nm_t nm, - enum rspamd_cryptobox_mode mode) +rspamd_cryptobox_decrypt_init(void *enc_ctx, const rspamd_nonce_t nonce, + const rspamd_nm_t nm, + enum rspamd_cryptobox_mode mode) { - if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) { + if (G_LIKELY(mode == RSPAMD_CRYPTOBOX_MODE_25519)) { chacha_state *s; - s = cryptobox_align_ptr (enc_ctx, CRYPTOBOX_ALIGNMENT); - xchacha_init (s, - (const chacha_key *) nm, - (const chacha_iv24 *) nonce, - 20); + s = cryptobox_align_ptr(enc_ctx, CRYPTOBOX_ALIGNMENT); + xchacha_init(s, + (const chacha_key *) nm, + (const chacha_iv24 *) nonce, + 20); return s; } else { #ifndef HAVE_USABLE_OPENSSL - g_assert (0); + g_assert(0); #else EVP_CIPHER_CTX **s; - s = cryptobox_align_ptr (enc_ctx, CRYPTOBOX_ALIGNMENT); - memset (s, 0, sizeof (*s)); - *s = EVP_CIPHER_CTX_new (); - g_assert (EVP_DecryptInit_ex(*s, EVP_aes_256_gcm (), NULL, NULL, NULL) == 1); - g_assert (EVP_CIPHER_CTX_ctrl (*s, EVP_CTRL_GCM_SET_IVLEN, - rspamd_cryptobox_nonce_bytes (mode), NULL) == 1); - g_assert (EVP_DecryptInit_ex (*s, NULL, NULL, nm, nonce) == 1); + s = cryptobox_align_ptr(enc_ctx, CRYPTOBOX_ALIGNMENT); + memset(s, 0, sizeof(*s)); + *s = EVP_CIPHER_CTX_new(); + g_assert(EVP_DecryptInit_ex(*s, EVP_aes_256_gcm(), NULL, NULL, NULL) == 1); + g_assert(EVP_CIPHER_CTX_ctrl(*s, EVP_CTRL_GCM_SET_IVLEN, + rspamd_cryptobox_nonce_bytes(mode), NULL) == 1); + g_assert(EVP_DecryptInit_ex(*s, NULL, NULL, nm, nonce) == 1); return s; #endif @@ -881,24 +879,24 @@ rspamd_cryptobox_decrypt_init (void *enc_ctx, const rspamd_nonce_t nonce, } static void * -rspamd_cryptobox_auth_verify_init (void *auth_ctx, void *enc_ctx, - enum rspamd_cryptobox_mode mode) +rspamd_cryptobox_auth_verify_init(void *auth_ctx, void *enc_ctx, + enum rspamd_cryptobox_mode mode) { - if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) { + if (G_LIKELY(mode == RSPAMD_CRYPTOBOX_MODE_25519)) { crypto_onetimeauth_state *mac_ctx; guchar RSPAMD_ALIGNED(32) subkey[CHACHA_BLOCKBYTES]; - mac_ctx = cryptobox_align_ptr (auth_ctx, CRYPTOBOX_ALIGNMENT); - memset (subkey, 0, sizeof (subkey)); - chacha_update (enc_ctx, subkey, subkey, sizeof (subkey)); - crypto_onetimeauth_init (mac_ctx, subkey); - rspamd_explicit_memzero (subkey, sizeof (subkey)); + mac_ctx = cryptobox_align_ptr(auth_ctx, CRYPTOBOX_ALIGNMENT); + memset(subkey, 0, sizeof(subkey)); + chacha_update(enc_ctx, subkey, subkey, sizeof(subkey)); + crypto_onetimeauth_init(mac_ctx, subkey); + rspamd_explicit_memzero(subkey, sizeof(subkey)); return mac_ctx; } else { #ifndef HAVE_USABLE_OPENSSL - g_assert (0); + g_assert(0); #else auth_ctx = enc_ctx; @@ -910,16 +908,16 @@ rspamd_cryptobox_auth_verify_init (void *auth_ctx, void *enc_ctx, } static gboolean -rspamd_cryptobox_decrypt_update (void *enc_ctx, const guchar *in, gsize inlen, - guchar *out, gsize *outlen, - enum rspamd_cryptobox_mode mode) +rspamd_cryptobox_decrypt_update(void *enc_ctx, const guchar *in, gsize inlen, + guchar *out, gsize *outlen, + enum rspamd_cryptobox_mode mode) { - if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) { + if (G_LIKELY(mode == RSPAMD_CRYPTOBOX_MODE_25519)) { gsize r; chacha_state *s; - s = cryptobox_align_ptr (enc_ctx, CRYPTOBOX_ALIGNMENT); - r = chacha_update (s, in, out, inlen); + s = cryptobox_align_ptr(enc_ctx, CRYPTOBOX_ALIGNMENT); + r = chacha_update(s, in, out, inlen); if (outlen != NULL) { *outlen = r; @@ -929,13 +927,13 @@ rspamd_cryptobox_decrypt_update (void *enc_ctx, const guchar *in, gsize inlen, } else { #ifndef HAVE_USABLE_OPENSSL - g_assert (0); + g_assert(0); #else EVP_CIPHER_CTX **s = enc_ctx; gint r; r = outlen ? *outlen : inlen; - g_assert (EVP_DecryptUpdate (*s, out, &r, in, inlen) == 1); + g_assert(EVP_DecryptUpdate(*s, out, &r, in, inlen) == 1); if (outlen) { *outlen = r; @@ -947,15 +945,15 @@ rspamd_cryptobox_decrypt_update (void *enc_ctx, const guchar *in, gsize inlen, } static gboolean -rspamd_cryptobox_auth_verify_update (void *auth_ctx, - const guchar *in, gsize inlen, - enum rspamd_cryptobox_mode mode) +rspamd_cryptobox_auth_verify_update(void *auth_ctx, + const guchar *in, gsize inlen, + enum rspamd_cryptobox_mode mode) { - if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) { + if (G_LIKELY(mode == RSPAMD_CRYPTOBOX_MODE_25519)) { crypto_onetimeauth_state *mac_ctx; - mac_ctx = cryptobox_align_ptr (auth_ctx, CRYPTOBOX_ALIGNMENT); - crypto_onetimeauth_update (mac_ctx, in, inlen); + mac_ctx = cryptobox_align_ptr(auth_ctx, CRYPTOBOX_ALIGNMENT); + crypto_onetimeauth_update(mac_ctx, in, inlen); return TRUE; } @@ -971,25 +969,25 @@ rspamd_cryptobox_auth_verify_update (void *auth_ctx, } static gboolean -rspamd_cryptobox_decrypt_final (void *enc_ctx, guchar *out, gsize remain, - enum rspamd_cryptobox_mode mode) +rspamd_cryptobox_decrypt_final(void *enc_ctx, guchar *out, gsize remain, + enum rspamd_cryptobox_mode mode) { - if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) { + if (G_LIKELY(mode == RSPAMD_CRYPTOBOX_MODE_25519)) { chacha_state *s; - s = cryptobox_align_ptr (enc_ctx, CRYPTOBOX_ALIGNMENT); - chacha_final (s, out); + s = cryptobox_align_ptr(enc_ctx, CRYPTOBOX_ALIGNMENT); + chacha_final(s, out); return TRUE; } else { #ifndef HAVE_USABLE_OPENSSL - g_assert (0); + g_assert(0); #else EVP_CIPHER_CTX **s = enc_ctx; gint r = remain; - if (EVP_DecryptFinal_ex (*s, out, &r) < 0) { + if (EVP_DecryptFinal_ex(*s, out, &r) < 0) { return FALSE; } @@ -1001,17 +999,17 @@ rspamd_cryptobox_decrypt_final (void *enc_ctx, guchar *out, gsize remain, } static gboolean -rspamd_cryptobox_auth_verify_final (void *auth_ctx, const rspamd_mac_t sig, - enum rspamd_cryptobox_mode mode) +rspamd_cryptobox_auth_verify_final(void *auth_ctx, const rspamd_mac_t sig, + enum rspamd_cryptobox_mode mode) { - if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) { + if (G_LIKELY(mode == RSPAMD_CRYPTOBOX_MODE_25519)) { rspamd_mac_t mac; crypto_onetimeauth_state *mac_ctx; - mac_ctx = cryptobox_align_ptr (auth_ctx, CRYPTOBOX_ALIGNMENT); - crypto_onetimeauth_final (mac_ctx, mac); + mac_ctx = cryptobox_align_ptr(auth_ctx, CRYPTOBOX_ALIGNMENT); + crypto_onetimeauth_final(mac_ctx, mac); - if (crypto_verify_16 (mac, sig) != 0) { + if (crypto_verify_16(mac, sig) != 0) { return FALSE; } @@ -1019,11 +1017,11 @@ rspamd_cryptobox_auth_verify_final (void *auth_ctx, const rspamd_mac_t sig, } else { #ifndef HAVE_USABLE_OPENSSL - g_assert (0); + g_assert(0); #else EVP_CIPHER_CTX **s = auth_ctx; - if (EVP_CIPHER_CTX_ctrl (*s, EVP_CTRL_GCM_SET_TAG, 16, (guchar *)sig) != 1) { + if (EVP_CIPHER_CTX_ctrl(*s, EVP_CTRL_GCM_SET_TAG, 16, (guchar *) sig) != 1) { return FALSE; } @@ -1036,73 +1034,72 @@ rspamd_cryptobox_auth_verify_final (void *auth_ctx, const rspamd_mac_t sig, static void -rspamd_cryptobox_cleanup (void *enc_ctx, void *auth_ctx, - enum rspamd_cryptobox_mode mode) +rspamd_cryptobox_cleanup(void *enc_ctx, void *auth_ctx, + enum rspamd_cryptobox_mode mode) { - if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) { + if (G_LIKELY(mode == RSPAMD_CRYPTOBOX_MODE_25519)) { crypto_onetimeauth_state *mac_ctx; - mac_ctx = cryptobox_align_ptr (auth_ctx, CRYPTOBOX_ALIGNMENT); - rspamd_explicit_memzero (mac_ctx, sizeof (*mac_ctx)); + mac_ctx = cryptobox_align_ptr(auth_ctx, CRYPTOBOX_ALIGNMENT); + rspamd_explicit_memzero(mac_ctx, sizeof(*mac_ctx)); } else { #ifndef HAVE_USABLE_OPENSSL - g_assert (0); + g_assert(0); #else EVP_CIPHER_CTX **s = enc_ctx; - EVP_CIPHER_CTX_cleanup (*s); - EVP_CIPHER_CTX_free (*s); + EVP_CIPHER_CTX_cleanup(*s); + EVP_CIPHER_CTX_free(*s); #endif } } -void rspamd_cryptobox_encrypt_nm_inplace (guchar *data, gsize len, - const rspamd_nonce_t nonce, - const rspamd_nm_t nm, - rspamd_mac_t sig, - enum rspamd_cryptobox_mode mode) +void rspamd_cryptobox_encrypt_nm_inplace(guchar *data, gsize len, + const rspamd_nonce_t nonce, + const rspamd_nm_t nm, + rspamd_mac_t sig, + enum rspamd_cryptobox_mode mode) { gsize r; void *enc_ctx, *auth_ctx; - enc_ctx = g_alloca (rspamd_cryptobox_encrypt_ctx_len (mode)); - auth_ctx = g_alloca (rspamd_cryptobox_auth_ctx_len (mode)); + enc_ctx = g_alloca(rspamd_cryptobox_encrypt_ctx_len(mode)); + auth_ctx = g_alloca(rspamd_cryptobox_auth_ctx_len(mode)); - enc_ctx = rspamd_cryptobox_encrypt_init (enc_ctx, nonce, nm, mode); - auth_ctx = rspamd_cryptobox_auth_init (auth_ctx, enc_ctx, mode); + enc_ctx = rspamd_cryptobox_encrypt_init(enc_ctx, nonce, nm, mode); + auth_ctx = rspamd_cryptobox_auth_init(auth_ctx, enc_ctx, mode); - rspamd_cryptobox_encrypt_update (enc_ctx, data, len, data, &r, mode); - rspamd_cryptobox_encrypt_final (enc_ctx, data + r, len - r, mode); + rspamd_cryptobox_encrypt_update(enc_ctx, data, len, data, &r, mode); + rspamd_cryptobox_encrypt_final(enc_ctx, data + r, len - r, mode); - rspamd_cryptobox_auth_update (auth_ctx, data, len, mode); - rspamd_cryptobox_auth_final (auth_ctx, sig, mode); + rspamd_cryptobox_auth_update(auth_ctx, data, len, mode); + rspamd_cryptobox_auth_final(auth_ctx, sig, mode); - rspamd_cryptobox_cleanup (enc_ctx, auth_ctx, mode); + rspamd_cryptobox_cleanup(enc_ctx, auth_ctx, mode); } static void -rspamd_cryptobox_flush_outbuf (struct rspamd_cryptobox_segment *st, - const guchar *buf, gsize len, gsize offset) +rspamd_cryptobox_flush_outbuf(struct rspamd_cryptobox_segment *st, + const guchar *buf, gsize len, gsize offset) { gsize cpy_len; while (len > 0) { - cpy_len = MIN (len, st->len - offset); - memcpy (st->data + offset, buf, cpy_len); - st ++; + cpy_len = MIN(len, st->len - offset); + memcpy(st->data + offset, buf, cpy_len); + st++; buf += cpy_len; len -= cpy_len; offset = 0; } } -void -rspamd_cryptobox_encryptv_nm_inplace (struct rspamd_cryptobox_segment *segments, - gsize cnt, - const rspamd_nonce_t nonce, - const rspamd_nm_t nm, rspamd_mac_t sig, - enum rspamd_cryptobox_mode mode) +void rspamd_cryptobox_encryptv_nm_inplace(struct rspamd_cryptobox_segment *segments, + gsize cnt, + const rspamd_nonce_t nonce, + const rspamd_nm_t nm, rspamd_mac_t sig, + enum rspamd_cryptobox_mode mode) { struct rspamd_cryptobox_segment *cur = segments, *start_seg = segments; guchar outbuf[CHACHA_BLOCKBYTES * 16]; @@ -1110,49 +1107,49 @@ rspamd_cryptobox_encryptv_nm_inplace (struct rspamd_cryptobox_segment *segments, guchar *out, *in; gsize r, remain, inremain, seg_offset; - enc_ctx = g_alloca (rspamd_cryptobox_encrypt_ctx_len (mode)); - auth_ctx = g_alloca (rspamd_cryptobox_auth_ctx_len (mode)); + enc_ctx = g_alloca(rspamd_cryptobox_encrypt_ctx_len(mode)); + auth_ctx = g_alloca(rspamd_cryptobox_auth_ctx_len(mode)); - enc_ctx = rspamd_cryptobox_encrypt_init (enc_ctx, nonce, nm, mode); - auth_ctx = rspamd_cryptobox_auth_init (auth_ctx, enc_ctx, mode); + enc_ctx = rspamd_cryptobox_encrypt_init(enc_ctx, nonce, nm, mode); + auth_ctx = rspamd_cryptobox_auth_init(auth_ctx, enc_ctx, mode); - remain = sizeof (outbuf); + remain = sizeof(outbuf); out = outbuf; inremain = cur->len; seg_offset = 0; for (;;) { - if (cur - segments == (gint)cnt) { + if (cur - segments == (gint) cnt) { break; } if (cur->len <= remain) { - memcpy (out, cur->data, cur->len); + memcpy(out, cur->data, cur->len); remain -= cur->len; out += cur->len; - cur ++; + cur++; if (remain == 0) { - rspamd_cryptobox_encrypt_update (enc_ctx, outbuf, sizeof (outbuf), - outbuf, NULL, mode); - rspamd_cryptobox_auth_update (auth_ctx, outbuf, sizeof (outbuf), - mode); - rspamd_cryptobox_flush_outbuf (start_seg, outbuf, - sizeof (outbuf), seg_offset); + rspamd_cryptobox_encrypt_update(enc_ctx, outbuf, sizeof(outbuf), + outbuf, NULL, mode); + rspamd_cryptobox_auth_update(auth_ctx, outbuf, sizeof(outbuf), + mode); + rspamd_cryptobox_flush_outbuf(start_seg, outbuf, + sizeof(outbuf), seg_offset); start_seg = cur; seg_offset = 0; - remain = sizeof (outbuf); + remain = sizeof(outbuf); out = outbuf; } } else { - memcpy (out, cur->data, remain); - rspamd_cryptobox_encrypt_update (enc_ctx, outbuf, sizeof (outbuf), - outbuf, NULL, mode); - rspamd_cryptobox_auth_update (auth_ctx, outbuf, sizeof (outbuf), - mode); - rspamd_cryptobox_flush_outbuf (start_seg, outbuf, sizeof (outbuf), - seg_offset); + memcpy(out, cur->data, remain); + rspamd_cryptobox_encrypt_update(enc_ctx, outbuf, sizeof(outbuf), + outbuf, NULL, mode); + rspamd_cryptobox_auth_update(auth_ctx, outbuf, sizeof(outbuf), + mode); + rspamd_cryptobox_flush_outbuf(start_seg, outbuf, sizeof(outbuf), + seg_offset); seg_offset = 0; inremain = cur->len - remain; @@ -1162,135 +1159,132 @@ rspamd_cryptobox_encryptv_nm_inplace (struct rspamd_cryptobox_segment *segments, start_seg = cur; while (inremain > 0) { - if (sizeof (outbuf) <= inremain) { - memcpy (outbuf, in, sizeof (outbuf)); - rspamd_cryptobox_encrypt_update (enc_ctx, - outbuf, - sizeof (outbuf), - outbuf, - NULL, - mode); - rspamd_cryptobox_auth_update (auth_ctx, - outbuf, - sizeof (outbuf), - mode); - memcpy (in, outbuf, sizeof (outbuf)); - in += sizeof (outbuf); - inremain -= sizeof (outbuf); - remain = sizeof (outbuf); + if (sizeof(outbuf) <= inremain) { + memcpy(outbuf, in, sizeof(outbuf)); + rspamd_cryptobox_encrypt_update(enc_ctx, + outbuf, + sizeof(outbuf), + outbuf, + NULL, + mode); + rspamd_cryptobox_auth_update(auth_ctx, + outbuf, + sizeof(outbuf), + mode); + memcpy(in, outbuf, sizeof(outbuf)); + in += sizeof(outbuf); + inremain -= sizeof(outbuf); + remain = sizeof(outbuf); } else { - memcpy (outbuf, in, inremain); - remain = sizeof (outbuf) - inremain; + memcpy(outbuf, in, inremain); + remain = sizeof(outbuf) - inremain; out = outbuf + inremain; inremain = 0; } } - seg_offset = cur->len - (sizeof (outbuf) - remain); - cur ++; + seg_offset = cur->len - (sizeof(outbuf) - remain); + cur++; } } - rspamd_cryptobox_encrypt_update (enc_ctx, outbuf, sizeof (outbuf) - remain, - outbuf, &r, mode); + rspamd_cryptobox_encrypt_update(enc_ctx, outbuf, sizeof(outbuf) - remain, + outbuf, &r, mode); out = outbuf + r; - rspamd_cryptobox_encrypt_final (enc_ctx, out, sizeof (outbuf) - remain - r, - mode); + rspamd_cryptobox_encrypt_final(enc_ctx, out, sizeof(outbuf) - remain - r, + mode); - rspamd_cryptobox_auth_update (auth_ctx, outbuf, sizeof (outbuf) - remain, - mode); - rspamd_cryptobox_auth_final (auth_ctx, sig, mode); + rspamd_cryptobox_auth_update(auth_ctx, outbuf, sizeof(outbuf) - remain, + mode); + rspamd_cryptobox_auth_final(auth_ctx, sig, mode); - rspamd_cryptobox_flush_outbuf (start_seg, outbuf, sizeof (outbuf) - remain, - seg_offset); - rspamd_cryptobox_cleanup (enc_ctx, auth_ctx, mode); + rspamd_cryptobox_flush_outbuf(start_seg, outbuf, sizeof(outbuf) - remain, + seg_offset); + rspamd_cryptobox_cleanup(enc_ctx, auth_ctx, mode); } gboolean -rspamd_cryptobox_decrypt_nm_inplace (guchar *data, gsize len, - const rspamd_nonce_t nonce, const rspamd_nm_t nm, - const rspamd_mac_t sig, enum rspamd_cryptobox_mode mode) +rspamd_cryptobox_decrypt_nm_inplace(guchar *data, gsize len, + const rspamd_nonce_t nonce, const rspamd_nm_t nm, + const rspamd_mac_t sig, enum rspamd_cryptobox_mode mode) { gsize r = 0; gboolean ret = TRUE; void *enc_ctx, *auth_ctx; - enc_ctx = g_alloca (rspamd_cryptobox_encrypt_ctx_len (mode)); - auth_ctx = g_alloca (rspamd_cryptobox_auth_ctx_len (mode)); + enc_ctx = g_alloca(rspamd_cryptobox_encrypt_ctx_len(mode)); + auth_ctx = g_alloca(rspamd_cryptobox_auth_ctx_len(mode)); - enc_ctx = rspamd_cryptobox_decrypt_init (enc_ctx, nonce, nm, mode); - auth_ctx = rspamd_cryptobox_auth_verify_init (auth_ctx, enc_ctx, mode); + enc_ctx = rspamd_cryptobox_decrypt_init(enc_ctx, nonce, nm, mode); + auth_ctx = rspamd_cryptobox_auth_verify_init(auth_ctx, enc_ctx, mode); - rspamd_cryptobox_auth_verify_update (auth_ctx, data, len, mode); + rspamd_cryptobox_auth_verify_update(auth_ctx, data, len, mode); - if (!rspamd_cryptobox_auth_verify_final (auth_ctx, sig, mode)) { + if (!rspamd_cryptobox_auth_verify_final(auth_ctx, sig, mode)) { ret = FALSE; } else { - rspamd_cryptobox_decrypt_update (enc_ctx, data, len, data, &r, mode); - ret = rspamd_cryptobox_decrypt_final (enc_ctx, data + r, len - r, mode); + rspamd_cryptobox_decrypt_update(enc_ctx, data, len, data, &r, mode); + ret = rspamd_cryptobox_decrypt_final(enc_ctx, data + r, len - r, mode); } - rspamd_cryptobox_cleanup (enc_ctx, auth_ctx, mode); + rspamd_cryptobox_cleanup(enc_ctx, auth_ctx, mode); return ret; } gboolean -rspamd_cryptobox_decrypt_inplace (guchar *data, gsize len, - const rspamd_nonce_t nonce, - const rspamd_pk_t pk, const rspamd_sk_t sk, - const rspamd_mac_t sig, - enum rspamd_cryptobox_mode mode) +rspamd_cryptobox_decrypt_inplace(guchar *data, gsize len, + const rspamd_nonce_t nonce, + const rspamd_pk_t pk, const rspamd_sk_t sk, + const rspamd_mac_t sig, + enum rspamd_cryptobox_mode mode) { guchar nm[rspamd_cryptobox_MAX_NMBYTES]; gboolean ret; - rspamd_cryptobox_nm (nm, pk, sk, mode); - ret = rspamd_cryptobox_decrypt_nm_inplace (data, len, nonce, nm, sig, mode); + rspamd_cryptobox_nm(nm, pk, sk, mode); + ret = rspamd_cryptobox_decrypt_nm_inplace(data, len, nonce, nm, sig, mode); - rspamd_explicit_memzero (nm, sizeof (nm)); + rspamd_explicit_memzero(nm, sizeof(nm)); return ret; } -void -rspamd_cryptobox_encrypt_inplace (guchar *data, gsize len, - const rspamd_nonce_t nonce, - const rspamd_pk_t pk, const rspamd_sk_t sk, - rspamd_mac_t sig, - enum rspamd_cryptobox_mode mode) +void rspamd_cryptobox_encrypt_inplace(guchar *data, gsize len, + const rspamd_nonce_t nonce, + const rspamd_pk_t pk, const rspamd_sk_t sk, + rspamd_mac_t sig, + enum rspamd_cryptobox_mode mode) { guchar nm[rspamd_cryptobox_MAX_NMBYTES]; - rspamd_cryptobox_nm (nm, pk, sk, mode); - rspamd_cryptobox_encrypt_nm_inplace (data, len, nonce, nm, sig, mode); - rspamd_explicit_memzero (nm, sizeof (nm)); + rspamd_cryptobox_nm(nm, pk, sk, mode); + rspamd_cryptobox_encrypt_nm_inplace(data, len, nonce, nm, sig, mode); + rspamd_explicit_memzero(nm, sizeof(nm)); } -void -rspamd_cryptobox_encryptv_inplace (struct rspamd_cryptobox_segment *segments, - gsize cnt, - const rspamd_nonce_t nonce, - const rspamd_pk_t pk, const rspamd_sk_t sk, - rspamd_mac_t sig, - enum rspamd_cryptobox_mode mode) +void rspamd_cryptobox_encryptv_inplace(struct rspamd_cryptobox_segment *segments, + gsize cnt, + const rspamd_nonce_t nonce, + const rspamd_pk_t pk, const rspamd_sk_t sk, + rspamd_mac_t sig, + enum rspamd_cryptobox_mode mode) { guchar nm[rspamd_cryptobox_MAX_NMBYTES]; - rspamd_cryptobox_nm (nm, pk, sk, mode); - rspamd_cryptobox_encryptv_nm_inplace (segments, cnt, nonce, nm, sig, mode); - rspamd_explicit_memzero (nm, sizeof (nm)); + rspamd_cryptobox_nm(nm, pk, sk, mode); + rspamd_cryptobox_encryptv_nm_inplace(segments, cnt, nonce, nm, sig, mode); + rspamd_explicit_memzero(nm, sizeof(nm)); } -void -rspamd_cryptobox_siphash (unsigned char *out, const unsigned char *in, - unsigned long long inlen, - const rspamd_sipkey_t k) +void rspamd_cryptobox_siphash(unsigned char *out, const unsigned char *in, + unsigned long long inlen, + const rspamd_sipkey_t k) { - crypto_shorthash_siphash24 (out, in, inlen, k); + crypto_shorthash_siphash24(out, in, inlen, k); } /* @@ -1298,13 +1292,13 @@ rspamd_cryptobox_siphash (unsigned char *out, const unsigned char *in, * Code based on IEEE Std 802.11-2007, Annex H.4.2. */ static gboolean -rspamd_cryptobox_pbkdf2 (const char *pass, gsize pass_len, - const guint8 *salt, gsize salt_len, guint8 *key, gsize key_len, - unsigned int rounds) +rspamd_cryptobox_pbkdf2(const char *pass, gsize pass_len, + const guint8 *salt, gsize salt_len, guint8 *key, gsize key_len, + unsigned int rounds) { guint8 *asalt, obuf[crypto_generichash_blake2b_BYTES_MAX]; guint8 d1[crypto_generichash_blake2b_BYTES_MAX], - d2[crypto_generichash_blake2b_BYTES_MAX]; + d2[crypto_generichash_blake2b_BYTES_MAX]; unsigned int i, j; unsigned int count; gsize r; @@ -1316,8 +1310,8 @@ rspamd_cryptobox_pbkdf2 (const char *pass, gsize pass_len, return FALSE; } - asalt = g_malloc (salt_len + 4); - memcpy (asalt, salt, salt_len); + asalt = g_malloc(salt_len + 4); + memcpy(asalt, salt, salt_len); for (count = 1; key_len > 0; count++) { asalt[salt_len + 0] = (count >> 24) & 0xff; @@ -1326,8 +1320,8 @@ rspamd_cryptobox_pbkdf2 (const char *pass, gsize pass_len, asalt[salt_len + 3] = count & 0xff; if (pass_len <= crypto_generichash_blake2b_KEYBYTES_MAX) { - crypto_generichash_blake2b (d1, sizeof (d1), asalt, salt_len + 4, - pass, pass_len); + crypto_generichash_blake2b(d1, sizeof(d1), asalt, salt_len + 4, + pass, pass_len); } else { guint8 k[crypto_generichash_blake2b_BYTES_MAX]; @@ -1336,18 +1330,18 @@ rspamd_cryptobox_pbkdf2 (const char *pass, gsize pass_len, * We use additional blake2 iteration to store large key * XXX: it is not compatible with the original implementation but safe */ - crypto_generichash_blake2b (k, sizeof (k), pass, pass_len, - NULL, 0); - crypto_generichash_blake2b (d1, sizeof (d1), asalt, salt_len + 4, - k, sizeof (k)); + crypto_generichash_blake2b(k, sizeof(k), pass, pass_len, + NULL, 0); + crypto_generichash_blake2b(d1, sizeof(d1), asalt, salt_len + 4, + k, sizeof(k)); } - memcpy (obuf, d1, sizeof(obuf)); + memcpy(obuf, d1, sizeof(obuf)); for (i = 1; i < rounds; i++) { if (pass_len <= crypto_generichash_blake2b_KEYBYTES_MAX) { - crypto_generichash_blake2b (d2, sizeof (d2), d1, sizeof (d1), - pass, pass_len); + crypto_generichash_blake2b(d2, sizeof(d2), d1, sizeof(d1), + pass, pass_len); } else { guint8 k[crypto_generichash_blake2b_BYTES_MAX]; @@ -1356,13 +1350,13 @@ rspamd_cryptobox_pbkdf2 (const char *pass, gsize pass_len, * We use additional blake2 iteration to store large key * XXX: it is not compatible with the original implementation but safe */ - crypto_generichash_blake2b (k, sizeof (k), pass, pass_len, - NULL, 0); - crypto_generichash_blake2b (d2, sizeof (d2), d1, sizeof (d1), - k, sizeof (k)); + crypto_generichash_blake2b(k, sizeof(k), pass, pass_len, + NULL, 0); + crypto_generichash_blake2b(d2, sizeof(d2), d1, sizeof(d1), + k, sizeof(k)); } - memcpy (d1, d2, sizeof(d1)); + memcpy(d1, d2, sizeof(d1)); for (j = 0; j < sizeof(obuf); j++) { obuf[j] ^= d1[j]; @@ -1370,48 +1364,47 @@ rspamd_cryptobox_pbkdf2 (const char *pass, gsize pass_len, } r = MIN(key_len, crypto_generichash_blake2b_BYTES_MAX); - memcpy (key, obuf, r); + memcpy(key, obuf, r); key += r; key_len -= r; } - rspamd_explicit_memzero (asalt, salt_len + 4); - g_free (asalt); - rspamd_explicit_memzero (d1, sizeof (d1)); - rspamd_explicit_memzero (d2, sizeof (d2)); - rspamd_explicit_memzero (obuf, sizeof (obuf)); + rspamd_explicit_memzero(asalt, salt_len + 4); + g_free(asalt); + rspamd_explicit_memzero(d1, sizeof(d1)); + rspamd_explicit_memzero(d2, sizeof(d2)); + rspamd_explicit_memzero(obuf, sizeof(obuf)); return TRUE; } gboolean -rspamd_cryptobox_pbkdf (const char *pass, gsize pass_len, - const guint8 *salt, gsize salt_len, guint8 *key, gsize key_len, - unsigned int complexity, enum rspamd_cryptobox_pbkdf_type type) +rspamd_cryptobox_pbkdf(const char *pass, gsize pass_len, + const guint8 *salt, gsize salt_len, guint8 *key, gsize key_len, + unsigned int complexity, enum rspamd_cryptobox_pbkdf_type type) { gboolean ret = FALSE; switch (type) { case RSPAMD_CRYPTOBOX_CATENA: - if (catena (pass, pass_len, salt, salt_len, "rspamd", 6, - 4, complexity, complexity, key_len, key) == 0) { + if (catena(pass, pass_len, salt, salt_len, "rspamd", 6, + 4, complexity, complexity, key_len, key) == 0) { ret = TRUE; } break; case RSPAMD_CRYPTOBOX_PBKDF2: default: - ret = rspamd_cryptobox_pbkdf2 (pass, pass_len, salt, salt_len, key, - key_len, complexity); + ret = rspamd_cryptobox_pbkdf2(pass, pass_len, salt, salt_len, key, + key_len, complexity); break; } return ret; } -guint -rspamd_cryptobox_pk_bytes (enum rspamd_cryptobox_mode mode) +guint rspamd_cryptobox_pk_bytes(enum rspamd_cryptobox_mode mode) { - if (G_UNLIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) { + if (G_UNLIKELY(mode == RSPAMD_CRYPTOBOX_MODE_25519)) { return 32; } else { @@ -1419,10 +1412,9 @@ rspamd_cryptobox_pk_bytes (enum rspamd_cryptobox_mode mode) } } -guint -rspamd_cryptobox_pk_sig_bytes (enum rspamd_cryptobox_mode mode) +guint rspamd_cryptobox_pk_sig_bytes(enum rspamd_cryptobox_mode mode) { - if (G_UNLIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) { + if (G_UNLIKELY(mode == RSPAMD_CRYPTOBOX_MODE_25519)) { return 32; } else { @@ -1430,10 +1422,9 @@ rspamd_cryptobox_pk_sig_bytes (enum rspamd_cryptobox_mode mode) } } -guint -rspamd_cryptobox_nonce_bytes (enum rspamd_cryptobox_mode mode) +guint rspamd_cryptobox_nonce_bytes(enum rspamd_cryptobox_mode mode) { - if (G_UNLIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) { + if (G_UNLIKELY(mode == RSPAMD_CRYPTOBOX_MODE_25519)) { return 24; } else { @@ -1442,16 +1433,14 @@ rspamd_cryptobox_nonce_bytes (enum rspamd_cryptobox_mode mode) } -guint -rspamd_cryptobox_sk_bytes (enum rspamd_cryptobox_mode mode) +guint rspamd_cryptobox_sk_bytes(enum rspamd_cryptobox_mode mode) { return 32; } -guint -rspamd_cryptobox_sk_sig_bytes (enum rspamd_cryptobox_mode mode) +guint rspamd_cryptobox_sk_sig_bytes(enum rspamd_cryptobox_mode mode) { - if (G_UNLIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) { + if (G_UNLIKELY(mode == RSPAMD_CRYPTOBOX_MODE_25519)) { return 64; } else { @@ -1459,106 +1448,100 @@ rspamd_cryptobox_sk_sig_bytes (enum rspamd_cryptobox_mode mode) } } -guint -rspamd_cryptobox_signature_bytes (enum rspamd_cryptobox_mode mode) +guint rspamd_cryptobox_signature_bytes(enum rspamd_cryptobox_mode mode) { static guint ssl_keylen; - if (G_UNLIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) { + if (G_UNLIKELY(mode == RSPAMD_CRYPTOBOX_MODE_25519)) { return 64; } else { #ifndef HAVE_USABLE_OPENSSL - g_assert (0); + g_assert(0); #else if (ssl_keylen == 0) { EC_KEY *lk; - lk = EC_KEY_new_by_curve_name (CRYPTOBOX_CURVE_NID); - ssl_keylen = ECDSA_size (lk); - EC_KEY_free (lk); + lk = EC_KEY_new_by_curve_name(CRYPTOBOX_CURVE_NID); + ssl_keylen = ECDSA_size(lk); + EC_KEY_free(lk); } #endif return ssl_keylen; } } -guint -rspamd_cryptobox_nm_bytes (enum rspamd_cryptobox_mode mode) +guint rspamd_cryptobox_nm_bytes(enum rspamd_cryptobox_mode mode) { return 32; } -guint -rspamd_cryptobox_mac_bytes (enum rspamd_cryptobox_mode mode) +guint rspamd_cryptobox_mac_bytes(enum rspamd_cryptobox_mode mode) { return 16; } -void -rspamd_cryptobox_hash_init (rspamd_cryptobox_hash_state_t *p, const guchar *key, gsize keylen) +void rspamd_cryptobox_hash_init(rspamd_cryptobox_hash_state_t *p, const guchar *key, gsize keylen) { - crypto_generichash_blake2b_state *st = cryptobox_align_ptr (p, - RSPAMD_ALIGNOF(crypto_generichash_blake2b_state)); - crypto_generichash_blake2b_init (st, key, keylen, - crypto_generichash_blake2b_BYTES_MAX); + crypto_generichash_blake2b_state *st = cryptobox_align_ptr(p, + RSPAMD_ALIGNOF(crypto_generichash_blake2b_state)); + crypto_generichash_blake2b_init(st, key, keylen, + crypto_generichash_blake2b_BYTES_MAX); } /** * Update hash with data portion */ -void -rspamd_cryptobox_hash_update (rspamd_cryptobox_hash_state_t *p, const guchar *data, gsize len) +void rspamd_cryptobox_hash_update(rspamd_cryptobox_hash_state_t *p, const guchar *data, gsize len) { - crypto_generichash_blake2b_state *st = cryptobox_align_ptr (p, - RSPAMD_ALIGNOF(crypto_generichash_blake2b_state)); - crypto_generichash_blake2b_update (st, data, len); + crypto_generichash_blake2b_state *st = cryptobox_align_ptr(p, + RSPAMD_ALIGNOF(crypto_generichash_blake2b_state)); + crypto_generichash_blake2b_update(st, data, len); } /** * Output hash to the buffer of rspamd_cryptobox_HASHBYTES length */ -void -rspamd_cryptobox_hash_final (rspamd_cryptobox_hash_state_t *p, guchar *out) +void rspamd_cryptobox_hash_final(rspamd_cryptobox_hash_state_t *p, guchar *out) { - crypto_generichash_blake2b_state *st = cryptobox_align_ptr (p, - RSPAMD_ALIGNOF(crypto_generichash_blake2b_state)); - crypto_generichash_blake2b_final (st, out, crypto_generichash_blake2b_BYTES_MAX); + crypto_generichash_blake2b_state *st = cryptobox_align_ptr(p, + RSPAMD_ALIGNOF(crypto_generichash_blake2b_state)); + crypto_generichash_blake2b_final(st, out, crypto_generichash_blake2b_BYTES_MAX); } /** * One in all function */ -void rspamd_cryptobox_hash (guchar *out, - const guchar *data, - gsize len, - const guchar *key, - gsize keylen) +void rspamd_cryptobox_hash(guchar *out, + const guchar *data, + gsize len, + const guchar *key, + gsize keylen) { - crypto_generichash_blake2b (out, crypto_generichash_blake2b_BYTES_MAX, - data, len, key, keylen); + crypto_generichash_blake2b(out, crypto_generichash_blake2b_BYTES_MAX, + data, len, key, keylen); } -G_STATIC_ASSERT (sizeof (t1ha_context_t) <= - sizeof (((rspamd_cryptobox_fast_hash_state_t *)NULL)->opaque)); -G_STATIC_ASSERT (sizeof (struct XXH3_state_s) <= - sizeof (((rspamd_cryptobox_fast_hash_state_t *)NULL)->opaque)); +G_STATIC_ASSERT(sizeof(t1ha_context_t) <= + sizeof(((rspamd_cryptobox_fast_hash_state_t *) NULL)->opaque)); +G_STATIC_ASSERT(sizeof(struct XXH3_state_s) <= + sizeof(((rspamd_cryptobox_fast_hash_state_t *) NULL)->opaque)); struct RSPAMD_ALIGNED(16) _mum_iuf { union { gint64 ll; - unsigned char b[sizeof (guint64)]; + unsigned char b[sizeof(guint64)]; } buf; gint64 h; unsigned rem; }; -rspamd_cryptobox_fast_hash_state_t* +rspamd_cryptobox_fast_hash_state_t * rspamd_cryptobox_fast_hash_new(void) { rspamd_cryptobox_fast_hash_state_t *nst; - int ret = posix_memalign ((void **)&nst, RSPAMD_ALIGNOF(rspamd_cryptobox_fast_hash_state_t), - sizeof(rspamd_cryptobox_fast_hash_state_t)); + int ret = posix_memalign((void **) &nst, RSPAMD_ALIGNOF(rspamd_cryptobox_fast_hash_state_t), + sizeof(rspamd_cryptobox_fast_hash_state_t)); if (ret != 0) { abort(); @@ -1567,26 +1550,23 @@ rspamd_cryptobox_fast_hash_new(void) return nst; } -void -rspamd_cryptobox_fast_hash_free(rspamd_cryptobox_fast_hash_state_t *st) +void rspamd_cryptobox_fast_hash_free(rspamd_cryptobox_fast_hash_state_t *st) { free(st); } -void -rspamd_cryptobox_fast_hash_init (rspamd_cryptobox_fast_hash_state_t *st, - guint64 seed) +void rspamd_cryptobox_fast_hash_init(rspamd_cryptobox_fast_hash_state_t *st, + guint64 seed) { - XXH3_state_t *xst = (XXH3_state_t *)st->opaque; + XXH3_state_t *xst = (XXH3_state_t *) st->opaque; st->type = RSPAMD_CRYPTOBOX_XXHASH3; - XXH3_INITSTATE (xst); - XXH3_64bits_reset_withSeed (xst, seed); + XXH3_INITSTATE(xst); + XXH3_64bits_reset_withSeed(xst, seed); } -void -rspamd_cryptobox_fast_hash_init_specific (rspamd_cryptobox_fast_hash_state_t *st, - enum rspamd_cryptobox_fast_hash_type type, - guint64 seed) +void rspamd_cryptobox_fast_hash_init_specific(rspamd_cryptobox_fast_hash_state_t *st, + enum rspamd_cryptobox_fast_hash_type type, + guint64 seed) { switch (type) { case RSPAMD_CRYPTOBOX_T1HA: @@ -1594,34 +1574,32 @@ rspamd_cryptobox_fast_hash_init_specific (rspamd_cryptobox_fast_hash_state_t *st case RSPAMD_CRYPTOBOX_HASHFAST_INDEPENDENT: { t1ha_context_t *rst = (t1ha_context_t *) st->opaque; st->type = RSPAMD_CRYPTOBOX_T1HA; - t1ha2_init (rst, seed, 0); + t1ha2_init(rst, seed, 0); break; } case RSPAMD_CRYPTOBOX_XXHASH64: { - XXH64_state_t *xst = (XXH64_state_t *) st->opaque; + XXH64_state_t *xst = (XXH64_state_t *) st->opaque; memset(xst, 0, sizeof(*xst)); st->type = RSPAMD_CRYPTOBOX_XXHASH64; - XXH64_reset (xst, seed); + XXH64_reset(xst, seed); break; } - case RSPAMD_CRYPTOBOX_XXHASH32: - { - XXH32_state_t *xst = (XXH32_state_t *) st->opaque; + case RSPAMD_CRYPTOBOX_XXHASH32: { + XXH32_state_t *xst = (XXH32_state_t *) st->opaque; memset(xst, 0, sizeof(*xst)); st->type = RSPAMD_CRYPTOBOX_XXHASH32; - XXH32_reset (xst, seed); + XXH32_reset(xst, seed); break; } - case RSPAMD_CRYPTOBOX_XXHASH3: - { - XXH3_state_t *xst = (XXH3_state_t *) st->opaque; + case RSPAMD_CRYPTOBOX_XXHASH3: { + XXH3_state_t *xst = (XXH3_state_t *) st->opaque; XXH3_INITSTATE(xst); st->type = RSPAMD_CRYPTOBOX_XXHASH3; - XXH3_64bits_reset_withSeed (xst, seed); + XXH3_64bits_reset_withSeed(xst, seed); break; } case RSPAMD_CRYPTOBOX_MUMHASH: { - struct _mum_iuf *iuf = (struct _mum_iuf *) st->opaque; + struct _mum_iuf *iuf = (struct _mum_iuf *) st->opaque; st->type = RSPAMD_CRYPTOBOX_MUMHASH; iuf->h = seed; iuf->buf.ll = 0; @@ -1631,75 +1609,72 @@ rspamd_cryptobox_fast_hash_init_specific (rspamd_cryptobox_fast_hash_state_t *st } } -void -rspamd_cryptobox_fast_hash_update (rspamd_cryptobox_fast_hash_state_t *st, - const void *data, gsize len) +void rspamd_cryptobox_fast_hash_update(rspamd_cryptobox_fast_hash_state_t *st, + const void *data, gsize len) { if (st->type == RSPAMD_CRYPTOBOX_T1HA) { t1ha_context_t *rst = (t1ha_context_t *) st->opaque; - t1ha2_update (rst, data, len); + t1ha2_update(rst, data, len); } else { switch (st->type) { case RSPAMD_CRYPTOBOX_XXHASH64: { - XXH64_state_t *xst = (XXH64_state_t *) st->opaque; - XXH64_update (xst, data, len); + XXH64_state_t *xst = (XXH64_state_t *) st->opaque; + XXH64_update(xst, data, len); break; } - case RSPAMD_CRYPTOBOX_XXHASH32: - { - XXH32_state_t *xst = (XXH32_state_t *) st->opaque; - XXH32_update (xst, data, len); + case RSPAMD_CRYPTOBOX_XXHASH32: { + XXH32_state_t *xst = (XXH32_state_t *) st->opaque; + XXH32_update(xst, data, len); break; } - case RSPAMD_CRYPTOBOX_XXHASH3: - { - XXH3_state_t *xst = (XXH3_state_t *) st->opaque; - XXH3_64bits_update (xst, data, len); + case RSPAMD_CRYPTOBOX_XXHASH3: { + XXH3_state_t *xst = (XXH3_state_t *) st->opaque; + XXH3_64bits_update(xst, data, len); break; } case RSPAMD_CRYPTOBOX_MUMHASH: { - struct _mum_iuf *iuf = (struct _mum_iuf *) st->opaque; + struct _mum_iuf *iuf = (struct _mum_iuf *) st->opaque; gsize drem = len; const guchar *p = data; if (iuf->rem > 0) { /* Process remainder */ if (drem >= iuf->rem) { - memcpy (iuf->buf.b + sizeof (iuf->buf.ll) - iuf->rem, - p, iuf->rem); + memcpy(iuf->buf.b + sizeof(iuf->buf.ll) - iuf->rem, + p, iuf->rem); drem -= iuf->rem; p += iuf->rem; - iuf->h = mum_hash_step (iuf->h, iuf->buf.ll); + iuf->h = mum_hash_step(iuf->h, iuf->buf.ll); iuf->rem = 0; } else { - memcpy (iuf->buf.b + sizeof (iuf->buf.ll) - iuf->rem, p, drem); + memcpy(iuf->buf.b + sizeof(iuf->buf.ll) - iuf->rem, p, drem); iuf->rem -= drem; drem = 0; } } - while (drem >= sizeof (iuf->buf.ll)) { - memcpy (iuf->buf.b, p, sizeof (iuf->buf.ll)); - iuf->h = mum_hash_step (iuf->h, iuf->buf.ll); - drem -= sizeof (iuf->buf.ll); - p += sizeof (iuf->buf.ll); + while (drem >= sizeof(iuf->buf.ll)) { + memcpy(iuf->buf.b, p, sizeof(iuf->buf.ll)); + iuf->h = mum_hash_step(iuf->h, iuf->buf.ll); + drem -= sizeof(iuf->buf.ll); + p += sizeof(iuf->buf.ll); } /* Leftover */ if (drem > 0) { - iuf->rem = sizeof (guint64) - drem; + iuf->rem = sizeof(guint64) - drem; iuf->buf.ll = 0; - memcpy (iuf->buf.b, p, drem); + memcpy(iuf->buf.b, p, drem); } break; } case RSPAMD_CRYPTOBOX_T1HA: case RSPAMD_CRYPTOBOX_HASHFAST: case RSPAMD_CRYPTOBOX_HASHFAST_INDEPENDENT: { - t1ha_context_t *rst = (t1ha_context_t *) st->opaque; - t1ha2_update (rst, data, len); + t1ha_context_t *rst = (t1ha_context_t *) st->opaque; + t1ha2_update(rst, data, len); break; } } @@ -1707,36 +1682,36 @@ rspamd_cryptobox_fast_hash_update (rspamd_cryptobox_fast_hash_state_t *st, } guint64 -rspamd_cryptobox_fast_hash_final (rspamd_cryptobox_fast_hash_state_t *st) +rspamd_cryptobox_fast_hash_final(rspamd_cryptobox_fast_hash_state_t *st) { guint64 ret; if (st->type == RSPAMD_CRYPTOBOX_T1HA) { t1ha_context_t *rst = (t1ha_context_t *) st->opaque; - return t1ha2_final (rst, NULL); + return t1ha2_final(rst, NULL); } else { switch (st->type) { case RSPAMD_CRYPTOBOX_XXHASH64: { - XXH64_state_t *xst = (XXH64_state_t *) st->opaque; - ret = XXH64_digest (xst); + XXH64_state_t *xst = (XXH64_state_t *) st->opaque; + ret = XXH64_digest(xst); break; } case RSPAMD_CRYPTOBOX_XXHASH32: { - XXH32_state_t *xst = (XXH32_state_t *) st->opaque; - ret = XXH32_digest (xst); + XXH32_state_t *xst = (XXH32_state_t *) st->opaque; + ret = XXH32_digest(xst); break; } case RSPAMD_CRYPTOBOX_XXHASH3: { - XXH3_state_t *xst = (XXH3_state_t *) st->opaque; - ret = XXH3_64bits_digest (xst); + XXH3_state_t *xst = (XXH3_state_t *) st->opaque; + ret = XXH3_64bits_digest(xst); break; } case RSPAMD_CRYPTOBOX_MUMHASH: { - struct _mum_iuf *iuf = (struct _mum_iuf *) st->opaque; - iuf->h = mum_hash_step (iuf->h, iuf->buf.ll); - ret = mum_hash_finish (iuf->h); + struct _mum_iuf *iuf = (struct _mum_iuf *) st->opaque; + iuf->h = mum_hash_step(iuf->h, iuf->buf.ll); + ret = mum_hash_finish(iuf->h); break; } case RSPAMD_CRYPTOBOX_T1HA: @@ -1744,7 +1719,7 @@ rspamd_cryptobox_fast_hash_final (rspamd_cryptobox_fast_hash_state_t *st) case RSPAMD_CRYPTOBOX_HASHFAST_INDEPENDENT: { t1ha_context_t *rst = (t1ha_context_t *) st->opaque; - ret = t1ha2_final (rst, NULL); + ret = t1ha2_final(rst, NULL); break; } } @@ -1757,47 +1732,47 @@ rspamd_cryptobox_fast_hash_final (rspamd_cryptobox_fast_hash_state_t *st) * One in all function */ static inline guint64 -rspamd_cryptobox_fast_hash_machdep (const void *data, - gsize len, guint64 seed) +rspamd_cryptobox_fast_hash_machdep(const void *data, + gsize len, guint64 seed) { return XXH3_64bits_withSeed(data, len, seed); } static inline guint64 -rspamd_cryptobox_fast_hash_indep (const void *data, - gsize len, guint64 seed) +rspamd_cryptobox_fast_hash_indep(const void *data, + gsize len, guint64 seed) { return XXH3_64bits_withSeed(data, len, seed); } guint64 -rspamd_cryptobox_fast_hash (const void *data, - gsize len, guint64 seed) +rspamd_cryptobox_fast_hash(const void *data, + gsize len, guint64 seed) { - return rspamd_cryptobox_fast_hash_machdep (data, len, seed); + return rspamd_cryptobox_fast_hash_machdep(data, len, seed); } guint64 -rspamd_cryptobox_fast_hash_specific ( - enum rspamd_cryptobox_fast_hash_type type, - const void *data, - gsize len, guint64 seed) +rspamd_cryptobox_fast_hash_specific( + enum rspamd_cryptobox_fast_hash_type type, + const void *data, + gsize len, guint64 seed) { switch (type) { case RSPAMD_CRYPTOBOX_XXHASH32: - return XXH32 (data, len, seed); + return XXH32(data, len, seed); case RSPAMD_CRYPTOBOX_XXHASH3: - return XXH3_64bits_withSeed (data, len, seed); + return XXH3_64bits_withSeed(data, len, seed); case RSPAMD_CRYPTOBOX_XXHASH64: - return XXH64 (data, len, seed); + return XXH64(data, len, seed); case RSPAMD_CRYPTOBOX_MUMHASH: - return mum_hash (data, len, seed); + return mum_hash(data, len, seed); case RSPAMD_CRYPTOBOX_T1HA: - return t1ha2_atonce (data, len, seed); + return t1ha2_atonce(data, len, seed); case RSPAMD_CRYPTOBOX_HASHFAST_INDEPENDENT: - return rspamd_cryptobox_fast_hash_indep (data, len, seed); + return rspamd_cryptobox_fast_hash_indep(data, len, seed); case RSPAMD_CRYPTOBOX_HASHFAST: default: - return rspamd_cryptobox_fast_hash_machdep (data, len, seed); + return rspamd_cryptobox_fast_hash_machdep(data, len, seed); } } diff --git a/src/libcryptobox/cryptobox.h b/src/libcryptobox/cryptobox.h index e7d2dc79a..8cd79bbad 100644 --- a/src/libcryptobox/cryptobox.h +++ b/src/libcryptobox/cryptobox.h @@ -20,7 +20,7 @@ #include <sodium.h> -#ifdef __cplusplus +#ifdef __cplusplus extern "C" { #endif @@ -29,9 +29,9 @@ struct rspamd_cryptobox_segment { gsize len; }; -#if defined(__GNUC__) && \ - ((defined(__clang__) && (__clang_major__ >= 4 || (__clang_major__ >= 3 && __clang_minor__ >= 8))) || \ - ((__GNUC__ == 4) && (__GNUC_MINOR__ >= 8) || (__GNUC__ > 4))) +#if defined(__GNUC__) && \ + ((defined(__clang__) && (__clang_major__ >= 4 || (__clang_major__ >= 3 && __clang_minor__ >= 8))) || \ + ((__GNUC__ == 4) && (__GNUC_MINOR__ >= 8) || (__GNUC__ > 4))) #define RSPAMD_HAS_TARGET_ATTR 1 #endif @@ -82,24 +82,24 @@ struct rspamd_cryptobox_library_ctx { /** * Init cryptobox library */ -struct rspamd_cryptobox_library_ctx *rspamd_cryptobox_init (void); +struct rspamd_cryptobox_library_ctx *rspamd_cryptobox_init(void); -void rspamd_cryptobox_deinit (struct rspamd_cryptobox_library_ctx *); +void rspamd_cryptobox_deinit(struct rspamd_cryptobox_library_ctx *); /** * Generate new keypair * @param pk public key buffer * @param sk secret key buffer */ -void rspamd_cryptobox_keypair (rspamd_pk_t pk, rspamd_sk_t sk, - enum rspamd_cryptobox_mode mode); +void rspamd_cryptobox_keypair(rspamd_pk_t pk, rspamd_sk_t sk, + enum rspamd_cryptobox_mode mode); /** * Generate new keypair for signing * @param pk public key buffer * @param sk secret key buffer */ -void rspamd_cryptobox_keypair_sig (rspamd_sig_pk_t pk, rspamd_sig_sk_t sk, - enum rspamd_cryptobox_mode mode); +void rspamd_cryptobox_keypair_sig(rspamd_sig_pk_t pk, rspamd_sig_sk_t sk, + enum rspamd_cryptobox_mode mode); /** * Encrypt data inplace adding signature to sig afterwards @@ -108,10 +108,10 @@ void rspamd_cryptobox_keypair_sig (rspamd_sig_pk_t pk, rspamd_sig_sk_t sk, * @param sk local secret key * @param sig output signature */ -void rspamd_cryptobox_encrypt_inplace (guchar *data, gsize len, - const rspamd_nonce_t nonce, - const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_mac_t sig, - enum rspamd_cryptobox_mode mode); +void rspamd_cryptobox_encrypt_inplace(guchar *data, gsize len, + const rspamd_nonce_t nonce, + const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_mac_t sig, + enum rspamd_cryptobox_mode mode); /** * Encrypt segments of data inplace adding signature to sig afterwards @@ -121,11 +121,11 @@ void rspamd_cryptobox_encrypt_inplace (guchar *data, gsize len, * @param sk local secret key * @param sig output signature */ -void rspamd_cryptobox_encryptv_inplace (struct rspamd_cryptobox_segment *segments, - gsize cnt, - const rspamd_nonce_t nonce, - const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_mac_t sig, - enum rspamd_cryptobox_mode mode); +void rspamd_cryptobox_encryptv_inplace(struct rspamd_cryptobox_segment *segments, + gsize cnt, + const rspamd_nonce_t nonce, + const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_mac_t sig, + enum rspamd_cryptobox_mode mode); /** @@ -137,10 +137,10 @@ void rspamd_cryptobox_encryptv_inplace (struct rspamd_cryptobox_segment *segment * @param sig signature input * @return TRUE if input has been verified successfully */ -gboolean rspamd_cryptobox_decrypt_inplace (guchar *data, gsize len, - const rspamd_nonce_t nonce, - const rspamd_pk_t pk, const rspamd_sk_t sk, const rspamd_mac_t sig, - enum rspamd_cryptobox_mode mode); +gboolean rspamd_cryptobox_decrypt_inplace(guchar *data, gsize len, + const rspamd_nonce_t nonce, + const rspamd_pk_t pk, const rspamd_sk_t sk, const rspamd_mac_t sig, + enum rspamd_cryptobox_mode mode); /** * Encrypt segments of data inplace adding signature to sig afterwards @@ -150,10 +150,10 @@ gboolean rspamd_cryptobox_decrypt_inplace (guchar *data, gsize len, * @param sk local secret key * @param sig output signature */ -void rspamd_cryptobox_encrypt_nm_inplace (guchar *data, gsize len, - const rspamd_nonce_t nonce, - const rspamd_nm_t nm, rspamd_mac_t sig, - enum rspamd_cryptobox_mode mode); +void rspamd_cryptobox_encrypt_nm_inplace(guchar *data, gsize len, + const rspamd_nonce_t nonce, + const rspamd_nm_t nm, rspamd_mac_t sig, + enum rspamd_cryptobox_mode mode); /** * Encrypt segments of data inplace adding signature to sig afterwards @@ -163,11 +163,11 @@ void rspamd_cryptobox_encrypt_nm_inplace (guchar *data, gsize len, * @param sk local secret key * @param sig output signature */ -void rspamd_cryptobox_encryptv_nm_inplace (struct rspamd_cryptobox_segment *segments, - gsize cnt, - const rspamd_nonce_t nonce, - const rspamd_nm_t nm, rspamd_mac_t sig, - enum rspamd_cryptobox_mode mode); +void rspamd_cryptobox_encryptv_nm_inplace(struct rspamd_cryptobox_segment *segments, + gsize cnt, + const rspamd_nonce_t nonce, + const rspamd_nm_t nm, rspamd_mac_t sig, + enum rspamd_cryptobox_mode mode); /** @@ -179,10 +179,10 @@ void rspamd_cryptobox_encryptv_nm_inplace (struct rspamd_cryptobox_segment *segm * @param sig signature input * @return TRUE if input has been verified successfully */ -gboolean rspamd_cryptobox_decrypt_nm_inplace (guchar *data, gsize len, - const rspamd_nonce_t nonce, - const rspamd_nm_t nm, const rspamd_mac_t sig, - enum rspamd_cryptobox_mode mode); +gboolean rspamd_cryptobox_decrypt_nm_inplace(guchar *data, gsize len, + const rspamd_nonce_t nonce, + const rspamd_nm_t nm, const rspamd_mac_t sig, + enum rspamd_cryptobox_mode mode); /** * Generate shared secret from local sk and remote pk @@ -190,8 +190,8 @@ gboolean rspamd_cryptobox_decrypt_nm_inplace (guchar *data, gsize len, * @param pk remote pubkey * @param sk local privkey */ -void rspamd_cryptobox_nm (rspamd_nm_t nm, const rspamd_pk_t pk, - const rspamd_sk_t sk, enum rspamd_cryptobox_mode mode); +void rspamd_cryptobox_nm(rspamd_nm_t nm, const rspamd_pk_t pk, + const rspamd_sk_t sk, enum rspamd_cryptobox_mode mode); /** * Create digital signature for the specified message and place result in `sig` @@ -201,10 +201,10 @@ void rspamd_cryptobox_nm (rspamd_nm_t nm, const rspamd_pk_t pk, * @param mlen input length * @param sk secret key */ -void rspamd_cryptobox_sign (guchar *sig, unsigned long long *siglen_p, - const guchar *m, gsize mlen, - const rspamd_sk_t sk, - enum rspamd_cryptobox_mode mode); +void rspamd_cryptobox_sign(guchar *sig, unsigned long long *siglen_p, + const guchar *m, gsize mlen, + const rspamd_sk_t sk, + enum rspamd_cryptobox_mode mode); /** * Verifies digital signature for the specified message using the specified @@ -215,12 +215,12 @@ void rspamd_cryptobox_sign (guchar *sig, unsigned long long *siglen_p, * @param pk public key for verification * @return true if signature is valid, false otherwise */ -bool rspamd_cryptobox_verify (const guchar *sig, - gsize siglen, - const guchar *m, - gsize mlen, - const rspamd_pk_t pk, - enum rspamd_cryptobox_mode mode); +bool rspamd_cryptobox_verify(const guchar *sig, + gsize siglen, + const guchar *m, + gsize mlen, + const rspamd_pk_t pk, + enum rspamd_cryptobox_mode mode); /** * Securely clear the buffer specified @@ -246,9 +246,9 @@ bool rspamd_cryptobox_verify (const guchar *sig, * @param inlen * @param k key (must be 16 bytes) */ -void rspamd_cryptobox_siphash (unsigned char *out, const unsigned char *in, - unsigned long long inlen, - const rspamd_sipkey_t k); +void rspamd_cryptobox_siphash(unsigned char *out, const unsigned char *in, + unsigned long long inlen, + const rspamd_sipkey_t k); enum rspamd_cryptobox_pbkdf_type { RSPAMD_CRYPTOBOX_PBKDF2 = 0, @@ -267,52 +267,52 @@ enum rspamd_cryptobox_pbkdf_type { * @param complexity empiric number of complexity (rounds for pbkdf2 and garlic for catena) * @return TRUE in case of success and FALSE if failed */ -gboolean rspamd_cryptobox_pbkdf (const char *pass, gsize pass_len, - const guint8 *salt, gsize salt_len, - guint8 *key, gsize key_len, - unsigned int complexity, - enum rspamd_cryptobox_pbkdf_type type); +gboolean rspamd_cryptobox_pbkdf(const char *pass, gsize pass_len, + const guint8 *salt, gsize salt_len, + guint8 *key, gsize key_len, + unsigned int complexity, + enum rspamd_cryptobox_pbkdf_type type); /** * Real size of rspamd cryptobox public key */ -guint rspamd_cryptobox_pk_bytes (enum rspamd_cryptobox_mode mode); +guint rspamd_cryptobox_pk_bytes(enum rspamd_cryptobox_mode mode); /** * Real size of rspamd cryptobox signing public key */ -guint rspamd_cryptobox_pk_sig_bytes (enum rspamd_cryptobox_mode mode); +guint rspamd_cryptobox_pk_sig_bytes(enum rspamd_cryptobox_mode mode); /** * Real size of crypto nonce */ -guint rspamd_cryptobox_nonce_bytes (enum rspamd_cryptobox_mode mode); +guint rspamd_cryptobox_nonce_bytes(enum rspamd_cryptobox_mode mode); /** * Real size of rspamd cryptobox secret key */ -guint rspamd_cryptobox_sk_bytes (enum rspamd_cryptobox_mode mode); +guint rspamd_cryptobox_sk_bytes(enum rspamd_cryptobox_mode mode); /** * Real size of rspamd cryptobox signing secret key */ -guint rspamd_cryptobox_sk_sig_bytes (enum rspamd_cryptobox_mode mode); +guint rspamd_cryptobox_sk_sig_bytes(enum rspamd_cryptobox_mode mode); /** * Real size of rspamd cryptobox shared key */ -guint rspamd_cryptobox_nm_bytes (enum rspamd_cryptobox_mode mode); +guint rspamd_cryptobox_nm_bytes(enum rspamd_cryptobox_mode mode); /** * Real size of rspamd cryptobox MAC signature */ -guint rspamd_cryptobox_mac_bytes (enum rspamd_cryptobox_mode mode); +guint rspamd_cryptobox_mac_bytes(enum rspamd_cryptobox_mode mode); /** * Real size of rspamd cryptobox digital signature */ -guint rspamd_cryptobox_signature_bytes (enum rspamd_cryptobox_mode mode); +guint rspamd_cryptobox_signature_bytes(enum rspamd_cryptobox_mode mode); /* Hash IUF interface */ typedef crypto_generichash_blake2b_state rspamd_cryptobox_hash_state_t; @@ -322,28 +322,28 @@ typedef crypto_generichash_blake2b_state rspamd_cryptobox_hash_state_t; * with at least rspamd_cryptobox_HASHSTATEBYTES bytes length. If keylen == 0, then * non-keyed hash is generated */ -void rspamd_cryptobox_hash_init (rspamd_cryptobox_hash_state_t *st, - const guchar *key, gsize keylen); +void rspamd_cryptobox_hash_init(rspamd_cryptobox_hash_state_t *st, + const guchar *key, gsize keylen); /** * Update hash with data portion */ -void rspamd_cryptobox_hash_update (rspamd_cryptobox_hash_state_t *st, - const guchar *data, gsize len); +void rspamd_cryptobox_hash_update(rspamd_cryptobox_hash_state_t *st, + const guchar *data, gsize len); /** * Output hash to the buffer of rspamd_cryptobox_HASHBYTES length */ -void rspamd_cryptobox_hash_final (rspamd_cryptobox_hash_state_t *st, guchar *out); +void rspamd_cryptobox_hash_final(rspamd_cryptobox_hash_state_t *st, guchar *out); /** * One in all function */ -void rspamd_cryptobox_hash (guchar *out, - const guchar *data, - gsize len, - const guchar *key, - gsize keylen); +void rspamd_cryptobox_hash(guchar *out, + const guchar *data, + gsize len, + const guchar *key, + gsize keylen); enum rspamd_cryptobox_fast_hash_type { RSPAMD_CRYPTOBOX_XXHASH64 = 0, @@ -366,7 +366,7 @@ typedef struct CRYPTO_ALIGN(64) rspamd_cryptobox_fast_hash_state_s { * Creates a new cryptobox state properly aligned * @return */ -rspamd_cryptobox_fast_hash_state_t* rspamd_cryptobox_fast_hash_new(void); +rspamd_cryptobox_fast_hash_state_t *rspamd_cryptobox_fast_hash_new(void); void rspamd_cryptobox_fast_hash_free(rspamd_cryptobox_fast_hash_state_t *st); /** @@ -374,42 +374,42 @@ void rspamd_cryptobox_fast_hash_free(rspamd_cryptobox_fast_hash_state_t *st); * with at least rspamd_cryptobox_HASHSTATEBYTES bytes length. If keylen == 0, then * non-keyed hash is generated */ -void rspamd_cryptobox_fast_hash_init (rspamd_cryptobox_fast_hash_state_t *st, - guint64 seed); +void rspamd_cryptobox_fast_hash_init(rspamd_cryptobox_fast_hash_state_t *st, + guint64 seed); /** * Init cryptobox hash state using key if needed, `st` must point to the buffer * with at least rspamd_cryptobox_HASHSTATEBYTES bytes length. If keylen == 0, then * non-keyed hash is generated */ -void rspamd_cryptobox_fast_hash_init_specific (rspamd_cryptobox_fast_hash_state_t *st, - enum rspamd_cryptobox_fast_hash_type type, - guint64 seed); +void rspamd_cryptobox_fast_hash_init_specific(rspamd_cryptobox_fast_hash_state_t *st, + enum rspamd_cryptobox_fast_hash_type type, + guint64 seed); /** * Update hash with data portion */ -void rspamd_cryptobox_fast_hash_update (rspamd_cryptobox_fast_hash_state_t *st, - const void *data, gsize len); +void rspamd_cryptobox_fast_hash_update(rspamd_cryptobox_fast_hash_state_t *st, + const void *data, gsize len); /** * Output hash to the buffer of rspamd_cryptobox_HASHBYTES length */ -guint64 rspamd_cryptobox_fast_hash_final (rspamd_cryptobox_fast_hash_state_t *st); +guint64 rspamd_cryptobox_fast_hash_final(rspamd_cryptobox_fast_hash_state_t *st); /** * One in all function */ -guint64 rspamd_cryptobox_fast_hash (const void *data, - gsize len, guint64 seed); +guint64 rspamd_cryptobox_fast_hash(const void *data, + gsize len, guint64 seed); /** * Platform independent version */ -guint64 rspamd_cryptobox_fast_hash_specific ( - enum rspamd_cryptobox_fast_hash_type type, - const void *data, - gsize len, guint64 seed); +guint64 rspamd_cryptobox_fast_hash_specific( + enum rspamd_cryptobox_fast_hash_type type, + const void *data, + gsize len, guint64 seed); /** * Decode base64 using platform optimized code @@ -419,8 +419,8 @@ guint64 rspamd_cryptobox_fast_hash_specific ( * @param outlen * @return */ -gboolean rspamd_cryptobox_base64_decode (const gchar *in, gsize inlen, - guchar *out, gsize *outlen); +gboolean rspamd_cryptobox_base64_decode(const gchar *in, gsize inlen, + guchar *out, gsize *outlen); /** * Returns TRUE if data looks like a valid base64 string @@ -428,9 +428,9 @@ gboolean rspamd_cryptobox_base64_decode (const gchar *in, gsize inlen, * @param inlen * @return */ -gboolean rspamd_cryptobox_base64_is_valid (const gchar *in, gsize inlen); +gboolean rspamd_cryptobox_base64_is_valid(const gchar *in, gsize inlen); -#ifdef __cplusplus +#ifdef __cplusplus } #endif diff --git a/src/libcryptobox/keypair.c b/src/libcryptobox/keypair.c index 2ef996527..ec7490a56 100644 --- a/src/libcryptobox/keypair.c +++ b/src/libcryptobox/keypair.c @@ -24,19 +24,19 @@ const guchar encrypted_magic[7] = {'r', 'u', 'c', 'l', 'e', 'v', '1'}; static GQuark -rspamd_keypair_quark (void) +rspamd_keypair_quark(void) { - return g_quark_from_static_string ("rspamd-cryptobox-keypair"); + return g_quark_from_static_string("rspamd-cryptobox-keypair"); } /** * Returns specific private key for different keypair types */ static void * -rspamd_cryptobox_keypair_sk (struct rspamd_cryptobox_keypair *kp, - guint *len) +rspamd_cryptobox_keypair_sk(struct rspamd_cryptobox_keypair *kp, + guint *len) { - g_assert (kp != NULL); + g_assert(kp != NULL); if (kp->alg == RSPAMD_CRYPTOBOX_MODE_25519) { if (kp->type == RSPAMD_KEYPAIR_KEX) { @@ -64,10 +64,10 @@ rspamd_cryptobox_keypair_sk (struct rspamd_cryptobox_keypair *kp, } static void * -rspamd_cryptobox_keypair_pk (struct rspamd_cryptobox_keypair *kp, - guint *len) +rspamd_cryptobox_keypair_pk(struct rspamd_cryptobox_keypair *kp, + guint *len) { - g_assert (kp != NULL); + g_assert(kp != NULL); if (kp->alg == RSPAMD_CRYPTOBOX_MODE_25519) { if (kp->type == RSPAMD_KEYPAIR_KEX) { @@ -95,10 +95,10 @@ rspamd_cryptobox_keypair_pk (struct rspamd_cryptobox_keypair *kp, } static void * -rspamd_cryptobox_pubkey_pk (const struct rspamd_cryptobox_pubkey *kp, - guint *len) +rspamd_cryptobox_pubkey_pk(const struct rspamd_cryptobox_pubkey *kp, + guint *len) { - g_assert (kp != NULL); + g_assert(kp != NULL); if (kp->alg == RSPAMD_CRYPTOBOX_MODE_25519) { if (kp->type == RSPAMD_KEYPAIR_KEX) { @@ -126,208 +126,203 @@ rspamd_cryptobox_pubkey_pk (const struct rspamd_cryptobox_pubkey *kp, } static struct rspamd_cryptobox_keypair * -rspamd_cryptobox_keypair_alloc (enum rspamd_cryptobox_keypair_type type, - enum rspamd_cryptobox_mode alg) +rspamd_cryptobox_keypair_alloc(enum rspamd_cryptobox_keypair_type type, + enum rspamd_cryptobox_mode alg) { struct rspamd_cryptobox_keypair *kp; guint size = 0; if (alg == RSPAMD_CRYPTOBOX_MODE_25519) { if (type == RSPAMD_KEYPAIR_KEX) { - size = sizeof (struct rspamd_cryptobox_keypair_25519); + size = sizeof(struct rspamd_cryptobox_keypair_25519); } else { - size = sizeof (struct rspamd_cryptobox_keypair_sig_25519); + size = sizeof(struct rspamd_cryptobox_keypair_sig_25519); } } else { if (type == RSPAMD_KEYPAIR_KEX) { - size = sizeof (struct rspamd_cryptobox_keypair_nist); + size = sizeof(struct rspamd_cryptobox_keypair_nist); } else { - size = sizeof (struct rspamd_cryptobox_keypair_sig_nist); + size = sizeof(struct rspamd_cryptobox_keypair_sig_nist); } } - g_assert (size >= sizeof (*kp)); + g_assert(size >= sizeof(*kp)); - if (posix_memalign ((void **)&kp, 32, size) != 0) { - abort (); + if (posix_memalign((void **) &kp, 32, size) != 0) { + abort(); } - memset (kp, 0, size); + memset(kp, 0, size); return kp; } static struct rspamd_cryptobox_pubkey * -rspamd_cryptobox_pubkey_alloc (enum rspamd_cryptobox_keypair_type type, - enum rspamd_cryptobox_mode alg) +rspamd_cryptobox_pubkey_alloc(enum rspamd_cryptobox_keypair_type type, + enum rspamd_cryptobox_mode alg) { struct rspamd_cryptobox_pubkey *pk; guint size = 0; if (alg == RSPAMD_CRYPTOBOX_MODE_25519) { if (type == RSPAMD_KEYPAIR_KEX) { - size = sizeof (struct rspamd_cryptobox_pubkey_25519); + size = sizeof(struct rspamd_cryptobox_pubkey_25519); } else { - size = sizeof (struct rspamd_cryptobox_pubkey_sig_25519); + size = sizeof(struct rspamd_cryptobox_pubkey_sig_25519); } } else { if (type == RSPAMD_KEYPAIR_KEX) { - size = sizeof (struct rspamd_cryptobox_pubkey_nist); + size = sizeof(struct rspamd_cryptobox_pubkey_nist); } else { - size = sizeof (struct rspamd_cryptobox_pubkey_sig_nist); + size = sizeof(struct rspamd_cryptobox_pubkey_sig_nist); } } - g_assert (size >= sizeof (*pk)); + g_assert(size >= sizeof(*pk)); - if (posix_memalign ((void **)&pk, 32, size) != 0) { - abort (); + if (posix_memalign((void **) &pk, 32, size) != 0) { + abort(); } - memset (pk, 0, size); + memset(pk, 0, size); return pk; } -void -rspamd_cryptobox_nm_dtor (struct rspamd_cryptobox_nm *nm) +void rspamd_cryptobox_nm_dtor(struct rspamd_cryptobox_nm *nm) { - rspamd_explicit_memzero (nm->nm, sizeof (nm->nm)); - free (nm); + rspamd_explicit_memzero(nm->nm, sizeof(nm->nm)); + free(nm); } -void -rspamd_cryptobox_keypair_dtor (struct rspamd_cryptobox_keypair *kp) +void rspamd_cryptobox_keypair_dtor(struct rspamd_cryptobox_keypair *kp) { void *sk; guint len = 0; - sk = rspamd_cryptobox_keypair_sk (kp, &len); - g_assert (sk != NULL && len > 0); - rspamd_explicit_memzero (sk, len); + sk = rspamd_cryptobox_keypair_sk(kp, &len); + g_assert(sk != NULL && len > 0); + rspamd_explicit_memzero(sk, len); if (kp->extensions) { - ucl_object_unref (kp->extensions); + ucl_object_unref(kp->extensions); } /* Not g_free as kp is aligned using posix_memalign */ - free (kp); + free(kp); } -void -rspamd_cryptobox_pubkey_dtor (struct rspamd_cryptobox_pubkey *p) +void rspamd_cryptobox_pubkey_dtor(struct rspamd_cryptobox_pubkey *p) { if (p->nm) { - REF_RELEASE (p->nm); + REF_RELEASE(p->nm); } /* Not g_free as p is aligned using posix_memalign */ - free (p); + free(p); } -struct rspamd_cryptobox_keypair* -rspamd_keypair_new (enum rspamd_cryptobox_keypair_type type, - enum rspamd_cryptobox_mode alg) +struct rspamd_cryptobox_keypair * +rspamd_keypair_new(enum rspamd_cryptobox_keypair_type type, + enum rspamd_cryptobox_mode alg) { struct rspamd_cryptobox_keypair *kp; void *pk, *sk; guint size; - kp = rspamd_cryptobox_keypair_alloc (type, alg); + kp = rspamd_cryptobox_keypair_alloc(type, alg); kp->alg = alg; kp->type = type; - sk = rspamd_cryptobox_keypair_sk (kp, &size); - pk = rspamd_cryptobox_keypair_pk (kp, &size); + sk = rspamd_cryptobox_keypair_sk(kp, &size); + pk = rspamd_cryptobox_keypair_pk(kp, &size); if (type == RSPAMD_KEYPAIR_KEX) { - rspamd_cryptobox_keypair (pk, sk, alg); + rspamd_cryptobox_keypair(pk, sk, alg); } else { - rspamd_cryptobox_keypair_sig (pk, sk, alg); + rspamd_cryptobox_keypair_sig(pk, sk, alg); } - rspamd_cryptobox_hash (kp->id, pk, size, NULL, 0); + rspamd_cryptobox_hash(kp->id, pk, size, NULL, 0); - REF_INIT_RETAIN (kp, rspamd_cryptobox_keypair_dtor); + REF_INIT_RETAIN(kp, rspamd_cryptobox_keypair_dtor); return kp; } -struct rspamd_cryptobox_keypair* -rspamd_keypair_ref (struct rspamd_cryptobox_keypair *kp) +struct rspamd_cryptobox_keypair * +rspamd_keypair_ref(struct rspamd_cryptobox_keypair *kp) { - REF_RETAIN (kp); + REF_RETAIN(kp); return kp; } -void -rspamd_keypair_unref (struct rspamd_cryptobox_keypair *kp) +void rspamd_keypair_unref(struct rspamd_cryptobox_keypair *kp) { - REF_RELEASE (kp); + REF_RELEASE(kp); } -struct rspamd_cryptobox_pubkey* -rspamd_pubkey_ref (struct rspamd_cryptobox_pubkey *kp) +struct rspamd_cryptobox_pubkey * +rspamd_pubkey_ref(struct rspamd_cryptobox_pubkey *kp) { - REF_RETAIN (kp); + REF_RETAIN(kp); return kp; } -void -rspamd_pubkey_unref (struct rspamd_cryptobox_pubkey *kp) +void rspamd_pubkey_unref(struct rspamd_cryptobox_pubkey *kp) { - REF_RELEASE (kp); + REF_RELEASE(kp); } enum rspamd_cryptobox_keypair_type -rspamd_keypair_type (struct rspamd_cryptobox_keypair *kp) +rspamd_keypair_type(struct rspamd_cryptobox_keypair *kp) { - g_assert (kp != NULL); + g_assert(kp != NULL); return kp->type; } enum rspamd_cryptobox_keypair_type -rspamd_pubkey_type (struct rspamd_cryptobox_pubkey *p) +rspamd_pubkey_type(struct rspamd_cryptobox_pubkey *p) { - g_assert (p != NULL); + g_assert(p != NULL); return p->type; } enum rspamd_cryptobox_mode -rspamd_keypair_alg (struct rspamd_cryptobox_keypair *kp) +rspamd_keypair_alg(struct rspamd_cryptobox_keypair *kp) { - g_assert (kp != NULL); + g_assert(kp != NULL); return kp->alg; } enum rspamd_cryptobox_mode -rspamd_pubkey_alg (struct rspamd_cryptobox_pubkey *p) +rspamd_pubkey_alg(struct rspamd_cryptobox_pubkey *p) { - g_assert (p != NULL); + g_assert(p != NULL); return p->alg; } -struct rspamd_cryptobox_pubkey* -rspamd_pubkey_from_base32 (const gchar *b32, - gsize len, - enum rspamd_cryptobox_keypair_type type, - enum rspamd_cryptobox_mode alg) +struct rspamd_cryptobox_pubkey * +rspamd_pubkey_from_base32(const gchar *b32, + gsize len, + enum rspamd_cryptobox_keypair_type type, + enum rspamd_cryptobox_mode alg) { guchar *decoded; gsize dlen, expected_len; @@ -335,44 +330,43 @@ rspamd_pubkey_from_base32 (const gchar *b32, struct rspamd_cryptobox_pubkey *pk; guchar *pk_data; - g_assert (b32 != NULL); + g_assert(b32 != NULL); if (len == 0) { - len = strlen (b32); + len = strlen(b32); } - decoded = rspamd_decode_base32 (b32, len, &dlen, RSPAMD_BASE32_DEFAULT); + decoded = rspamd_decode_base32(b32, len, &dlen, RSPAMD_BASE32_DEFAULT); if (decoded == NULL) { return NULL; } - expected_len = (type == RSPAMD_KEYPAIR_KEX) ? - rspamd_cryptobox_pk_bytes (alg) : rspamd_cryptobox_pk_sig_bytes (alg); + expected_len = (type == RSPAMD_KEYPAIR_KEX) ? rspamd_cryptobox_pk_bytes(alg) : rspamd_cryptobox_pk_sig_bytes(alg); if (dlen != expected_len) { - g_free (decoded); + g_free(decoded); return NULL; } - pk = rspamd_cryptobox_pubkey_alloc (type, alg); - REF_INIT_RETAIN (pk, rspamd_cryptobox_pubkey_dtor); + pk = rspamd_cryptobox_pubkey_alloc(type, alg); + REF_INIT_RETAIN(pk, rspamd_cryptobox_pubkey_dtor); pk->alg = alg; pk->type = type; - pk_data = rspamd_cryptobox_pubkey_pk (pk, &pklen); + pk_data = rspamd_cryptobox_pubkey_pk(pk, &pklen); - memcpy (pk_data, decoded, pklen); - g_free (decoded); - rspamd_cryptobox_hash (pk->id, pk_data, pklen, NULL, 0); + memcpy(pk_data, decoded, pklen); + g_free(decoded); + rspamd_cryptobox_hash(pk->id, pk_data, pklen, NULL, 0); return pk; } -struct rspamd_cryptobox_pubkey* -rspamd_pubkey_from_hex (const gchar *hex, - gsize len, - enum rspamd_cryptobox_keypair_type type, - enum rspamd_cryptobox_mode alg) +struct rspamd_cryptobox_pubkey * +rspamd_pubkey_from_hex(const gchar *hex, + gsize len, + enum rspamd_cryptobox_keypair_type type, + enum rspamd_cryptobox_mode alg) { guchar *decoded; gsize dlen, expected_len; @@ -380,87 +374,85 @@ rspamd_pubkey_from_hex (const gchar *hex, struct rspamd_cryptobox_pubkey *pk; guchar *pk_data; - g_assert (hex != NULL); + g_assert(hex != NULL); if (len == 0) { - len = strlen (hex); + len = strlen(hex); } dlen = len / 2; - decoded = rspamd_decode_hex (hex, len); + decoded = rspamd_decode_hex(hex, len); if (decoded == NULL) { return NULL; } - expected_len = (type == RSPAMD_KEYPAIR_KEX) ? - rspamd_cryptobox_pk_bytes (alg) : rspamd_cryptobox_pk_sig_bytes (alg); + expected_len = (type == RSPAMD_KEYPAIR_KEX) ? rspamd_cryptobox_pk_bytes(alg) : rspamd_cryptobox_pk_sig_bytes(alg); if (dlen != expected_len) { - g_free (decoded); + g_free(decoded); return NULL; } - pk = rspamd_cryptobox_pubkey_alloc (type, alg); - REF_INIT_RETAIN (pk, rspamd_cryptobox_pubkey_dtor); + pk = rspamd_cryptobox_pubkey_alloc(type, alg); + REF_INIT_RETAIN(pk, rspamd_cryptobox_pubkey_dtor); pk->alg = alg; pk->type = type; - pk_data = rspamd_cryptobox_pubkey_pk (pk, &pklen); + pk_data = rspamd_cryptobox_pubkey_pk(pk, &pklen); - memcpy (pk_data, decoded, pklen); - g_free (decoded); - rspamd_cryptobox_hash (pk->id, pk_data, pklen, NULL, 0); + memcpy(pk_data, decoded, pklen); + g_free(decoded); + rspamd_cryptobox_hash(pk->id, pk_data, pklen, NULL, 0); return pk; } -struct rspamd_cryptobox_pubkey* -rspamd_pubkey_from_bin (const guchar *raw, - gsize len, - enum rspamd_cryptobox_keypair_type type, - enum rspamd_cryptobox_mode alg) +struct rspamd_cryptobox_pubkey * +rspamd_pubkey_from_bin(const guchar *raw, + gsize len, + enum rspamd_cryptobox_keypair_type type, + enum rspamd_cryptobox_mode alg) { gsize expected_len; guint pklen; struct rspamd_cryptobox_pubkey *pk; guchar *pk_data; - g_assert (raw != NULL && len > 0); + g_assert(raw != NULL && len > 0); - expected_len = (type == RSPAMD_KEYPAIR_KEX) ? - rspamd_cryptobox_pk_bytes (alg) : rspamd_cryptobox_pk_sig_bytes (alg); + expected_len = (type == RSPAMD_KEYPAIR_KEX) ? rspamd_cryptobox_pk_bytes(alg) : rspamd_cryptobox_pk_sig_bytes(alg); if (len != expected_len) { return NULL; } - pk = rspamd_cryptobox_pubkey_alloc (type, alg); - REF_INIT_RETAIN (pk, rspamd_cryptobox_pubkey_dtor); + pk = rspamd_cryptobox_pubkey_alloc(type, alg); + REF_INIT_RETAIN(pk, rspamd_cryptobox_pubkey_dtor); pk->alg = alg; pk->type = type; - pk_data = rspamd_cryptobox_pubkey_pk (pk, &pklen); + pk_data = rspamd_cryptobox_pubkey_pk(pk, &pklen); - memcpy (pk_data, raw, pklen); - rspamd_cryptobox_hash (pk->id, pk_data, pklen, NULL, 0); + memcpy(pk_data, raw, pklen); + rspamd_cryptobox_hash(pk->id, pk_data, pklen, NULL, 0); return pk; } const guchar * -rspamd_pubkey_get_nm (struct rspamd_cryptobox_pubkey *p, - struct rspamd_cryptobox_keypair *kp) +rspamd_pubkey_get_nm(struct rspamd_cryptobox_pubkey *p, + struct rspamd_cryptobox_keypair *kp) { - g_assert (p != NULL); + g_assert(p != NULL); if (p->nm) { - if (memcmp (kp->id, (const guchar *)&p->nm->sk_id, sizeof (guint64)) == 0) { + if (memcmp(kp->id, (const guchar *) &p->nm->sk_id, sizeof(guint64)) == 0) { return p->nm->nm; } /* Wrong ID, need to recalculate */ - REF_RELEASE (p->nm); + REF_RELEASE(p->nm); p->nm = NULL; } @@ -468,74 +460,74 @@ rspamd_pubkey_get_nm (struct rspamd_cryptobox_pubkey *p, } const guchar * -rspamd_pubkey_calculate_nm (struct rspamd_cryptobox_pubkey *p, - struct rspamd_cryptobox_keypair *kp) +rspamd_pubkey_calculate_nm(struct rspamd_cryptobox_pubkey *p, + struct rspamd_cryptobox_keypair *kp) { - g_assert (kp->alg == p->alg); - g_assert (kp->type == p->type); - g_assert (p->type == RSPAMD_KEYPAIR_KEX); + g_assert(kp->alg == p->alg); + g_assert(kp->type == p->type); + g_assert(p->type == RSPAMD_KEYPAIR_KEX); if (p->nm == NULL) { - if (posix_memalign ((void **)&p->nm, 32, sizeof (*p->nm)) != 0) { - abort (); + if (posix_memalign((void **) &p->nm, 32, sizeof(*p->nm)) != 0) { + abort(); } - memcpy (&p->nm->sk_id, kp->id, sizeof (guint64)); - REF_INIT_RETAIN (p->nm, rspamd_cryptobox_nm_dtor); + memcpy(&p->nm->sk_id, kp->id, sizeof(guint64)); + REF_INIT_RETAIN(p->nm, rspamd_cryptobox_nm_dtor); } if (kp->alg == RSPAMD_CRYPTOBOX_MODE_25519) { struct rspamd_cryptobox_pubkey_25519 *rk_25519 = - RSPAMD_CRYPTOBOX_PUBKEY_25519(p); + RSPAMD_CRYPTOBOX_PUBKEY_25519(p); struct rspamd_cryptobox_keypair_25519 *sk_25519 = - RSPAMD_CRYPTOBOX_KEYPAIR_25519(kp); + RSPAMD_CRYPTOBOX_KEYPAIR_25519(kp); - rspamd_cryptobox_nm (p->nm->nm, rk_25519->pk, sk_25519->sk, p->alg); + rspamd_cryptobox_nm(p->nm->nm, rk_25519->pk, sk_25519->sk, p->alg); } else { struct rspamd_cryptobox_pubkey_nist *rk_nist = - RSPAMD_CRYPTOBOX_PUBKEY_NIST(p); + RSPAMD_CRYPTOBOX_PUBKEY_NIST(p); struct rspamd_cryptobox_keypair_nist *sk_nist = - RSPAMD_CRYPTOBOX_KEYPAIR_NIST(kp); + RSPAMD_CRYPTOBOX_KEYPAIR_NIST(kp); - rspamd_cryptobox_nm (p->nm->nm, rk_nist->pk, sk_nist->sk, p->alg); + rspamd_cryptobox_nm(p->nm->nm, rk_nist->pk, sk_nist->sk, p->alg); } return p->nm->nm; } const guchar * -rspamd_keypair_get_id (struct rspamd_cryptobox_keypair *kp) +rspamd_keypair_get_id(struct rspamd_cryptobox_keypair *kp) { - g_assert (kp != NULL); + g_assert(kp != NULL); return kp->id; } const ucl_object_t * -rspamd_keypair_get_extensions (struct rspamd_cryptobox_keypair *kp) +rspamd_keypair_get_extensions(struct rspamd_cryptobox_keypair *kp) { - g_assert (kp != NULL); + g_assert(kp != NULL); return kp->extensions; } const guchar * -rspamd_pubkey_get_id (struct rspamd_cryptobox_pubkey *pk) +rspamd_pubkey_get_id(struct rspamd_cryptobox_pubkey *pk) { - g_assert (pk != NULL); + g_assert(pk != NULL); return pk->id; } const guchar * -rspamd_pubkey_get_pk (struct rspamd_cryptobox_pubkey *pk, - guint *len) +rspamd_pubkey_get_pk(struct rspamd_cryptobox_pubkey *pk, + guint *len) { guchar *ret = NULL; guint rlen; - ret = rspamd_cryptobox_pubkey_pk (pk, &rlen); + ret = rspamd_cryptobox_pubkey_pk(pk, &rlen); if (len) { *len = rlen; @@ -545,21 +537,21 @@ rspamd_pubkey_get_pk (struct rspamd_cryptobox_pubkey *pk, } static void -rspamd_keypair_print_component (guchar *data, gsize datalen, - GString *res, guint how, const gchar *description) +rspamd_keypair_print_component(guchar *data, gsize datalen, + GString *res, guint how, const gchar *description) { gint olen, b32_len; if (how & RSPAMD_KEYPAIR_HUMAN) { - rspamd_printf_gstring (res, "%s: ", description); + rspamd_printf_gstring(res, "%s: ", description); } if (how & RSPAMD_KEYPAIR_BASE32) { b32_len = (datalen * 8 / 5) + 2; - g_string_set_size (res, res->len + b32_len); + g_string_set_size(res, res->len + b32_len); res->len -= b32_len; - olen = rspamd_encode_base32_buf (data, datalen, res->str + res->len, - res->len + b32_len - 1, RSPAMD_BASE32_DEFAULT); + olen = rspamd_encode_base32_buf(data, datalen, res->str + res->len, + res->len + b32_len - 1, RSPAMD_BASE32_DEFAULT); if (olen > 0) { res->len += olen; @@ -567,93 +559,93 @@ rspamd_keypair_print_component (guchar *data, gsize datalen, } } else if (how & RSPAMD_KEYPAIR_HEX) { - rspamd_printf_gstring (res, "%*xs", (gint)datalen, data); + rspamd_printf_gstring(res, "%*xs", (gint) datalen, data); } else { - g_string_append_len (res, data, datalen); + g_string_append_len(res, data, datalen); } if (how & RSPAMD_KEYPAIR_HUMAN) { - g_string_append_c (res, '\n'); + g_string_append_c(res, '\n'); } } GString * -rspamd_keypair_print (struct rspamd_cryptobox_keypair *kp, guint how) +rspamd_keypair_print(struct rspamd_cryptobox_keypair *kp, guint how) { GString *res; guint len; gpointer p; - g_assert (kp != NULL); + g_assert(kp != NULL); - res = g_string_sized_new (63); + res = g_string_sized_new(63); if ((how & RSPAMD_KEYPAIR_PUBKEY)) { - p = rspamd_cryptobox_keypair_pk (kp, &len); - rspamd_keypair_print_component (p, len, res, how, "Public key"); + p = rspamd_cryptobox_keypair_pk(kp, &len); + rspamd_keypair_print_component(p, len, res, how, "Public key"); } if ((how & RSPAMD_KEYPAIR_PRIVKEY)) { - p = rspamd_cryptobox_keypair_sk (kp, &len); - rspamd_keypair_print_component (p, len, res, how, "Private key"); + p = rspamd_cryptobox_keypair_sk(kp, &len); + rspamd_keypair_print_component(p, len, res, how, "Private key"); } if ((how & RSPAMD_KEYPAIR_ID_SHORT)) { - rspamd_keypair_print_component (kp->id, RSPAMD_KEYPAIR_SHORT_ID_LEN, - res, how, "Short key ID"); + rspamd_keypair_print_component(kp->id, RSPAMD_KEYPAIR_SHORT_ID_LEN, + res, how, "Short key ID"); } if ((how & RSPAMD_KEYPAIR_ID)) { - rspamd_keypair_print_component (kp->id, sizeof (kp->id), res, how, "Key ID"); + rspamd_keypair_print_component(kp->id, sizeof(kp->id), res, how, "Key ID"); } return res; } GString * -rspamd_pubkey_print (struct rspamd_cryptobox_pubkey *pk, guint how) +rspamd_pubkey_print(struct rspamd_cryptobox_pubkey *pk, guint how) { GString *res; guint len; gpointer p; - g_assert (pk != NULL); + g_assert(pk != NULL); - res = g_string_sized_new (63); + res = g_string_sized_new(63); if ((how & RSPAMD_KEYPAIR_PUBKEY)) { - p = rspamd_cryptobox_pubkey_pk (pk, &len); - rspamd_keypair_print_component (p, len, res, how, "Public key"); + p = rspamd_cryptobox_pubkey_pk(pk, &len); + rspamd_keypair_print_component(p, len, res, how, "Public key"); } if ((how & RSPAMD_KEYPAIR_ID_SHORT)) { - rspamd_keypair_print_component (pk->id, RSPAMD_KEYPAIR_SHORT_ID_LEN, - res, how, "Short key ID"); + rspamd_keypair_print_component(pk->id, RSPAMD_KEYPAIR_SHORT_ID_LEN, + res, how, "Short key ID"); } if ((how & RSPAMD_KEYPAIR_ID)) { - rspamd_keypair_print_component (pk->id, sizeof (pk->id), res, how, - "Key ID"); + rspamd_keypair_print_component(pk->id, sizeof(pk->id), res, how, + "Key ID"); } return res; } const guchar * -rspamd_keypair_component (struct rspamd_cryptobox_keypair *kp, - guint ncomp, guint *len) +rspamd_keypair_component(struct rspamd_cryptobox_keypair *kp, + guint ncomp, guint *len) { guint rlen = 0; const guchar *ret = NULL; - g_assert (kp != NULL); + g_assert(kp != NULL); switch (ncomp) { case RSPAMD_KEYPAIR_COMPONENT_ID: - rlen = sizeof (kp->id); + rlen = sizeof(kp->id); ret = kp->id; break; case RSPAMD_KEYPAIR_COMPONENT_PK: - ret = rspamd_cryptobox_keypair_pk (kp, &rlen); + ret = rspamd_cryptobox_keypair_pk(kp, &rlen); break; case RSPAMD_KEYPAIR_COMPONENT_SK: - ret = rspamd_cryptobox_keypair_sk (kp, &rlen); + ret = rspamd_cryptobox_keypair_sk(kp, &rlen); break; } @@ -665,7 +657,7 @@ rspamd_keypair_component (struct rspamd_cryptobox_keypair *kp, } struct rspamd_cryptobox_keypair * -rspamd_keypair_from_ucl (const ucl_object_t *obj) +rspamd_keypair_from_ucl(const ucl_object_t *obj) { const ucl_object_t *privkey, *pubkey, *elt; const gchar *str; @@ -678,123 +670,123 @@ rspamd_keypair_from_ucl (const ucl_object_t *obj) gint dec_len; gpointer target; - if (ucl_object_type (obj) != UCL_OBJECT) { + if (ucl_object_type(obj) != UCL_OBJECT) { return NULL; } - elt = ucl_object_lookup (obj, "keypair"); + elt = ucl_object_lookup(obj, "keypair"); if (elt != NULL) { obj = elt; } - pubkey = ucl_object_lookup_any (obj, "pubkey", "public", "public_key", - NULL); - if (pubkey == NULL || ucl_object_type (pubkey) != UCL_STRING) { + pubkey = ucl_object_lookup_any(obj, "pubkey", "public", "public_key", + NULL); + if (pubkey == NULL || ucl_object_type(pubkey) != UCL_STRING) { return NULL; } - privkey = ucl_object_lookup_any (obj, "privkey", "private", "private_key", - "secret", "secret_key", NULL); - if (privkey == NULL || ucl_object_type (privkey) != UCL_STRING) { + privkey = ucl_object_lookup_any(obj, "privkey", "private", "private_key", + "secret", "secret_key", NULL); + if (privkey == NULL || ucl_object_type(privkey) != UCL_STRING) { return NULL; } /* Optional fields */ - elt = ucl_object_lookup (obj, "type"); - if (elt && ucl_object_type (elt) == UCL_STRING) { - str = ucl_object_tostring (elt); + elt = ucl_object_lookup(obj, "type"); + if (elt && ucl_object_type(elt) == UCL_STRING) { + str = ucl_object_tostring(elt); - if (g_ascii_strcasecmp (str, "kex") == 0) { + if (g_ascii_strcasecmp(str, "kex") == 0) { type = RSPAMD_KEYPAIR_KEX; } - else if (g_ascii_strcasecmp (str, "sign") == 0) { + else if (g_ascii_strcasecmp(str, "sign") == 0) { type = RSPAMD_KEYPAIR_SIGN; } /* TODO: handle errors */ } - elt = ucl_object_lookup (obj, "algorithm"); - if (elt && ucl_object_type (elt) == UCL_STRING) { - str = ucl_object_tostring (elt); + elt = ucl_object_lookup(obj, "algorithm"); + if (elt && ucl_object_type(elt) == UCL_STRING) { + str = ucl_object_tostring(elt); - if (g_ascii_strcasecmp (str, "curve25519") == 0) { + if (g_ascii_strcasecmp(str, "curve25519") == 0) { mode = RSPAMD_CRYPTOBOX_MODE_25519; } - else if (g_ascii_strcasecmp (str, "nistp256") == 0) { + else if (g_ascii_strcasecmp(str, "nistp256") == 0) { mode = RSPAMD_CRYPTOBOX_MODE_NIST; } /* TODO: handle errors */ } - elt = ucl_object_lookup (obj, "encoding"); - if (elt && ucl_object_type (elt) == UCL_STRING) { - str = ucl_object_tostring (elt); + elt = ucl_object_lookup(obj, "encoding"); + if (elt && ucl_object_type(elt) == UCL_STRING) { + str = ucl_object_tostring(elt); - if (g_ascii_strcasecmp (str, "hex") == 0) { + if (g_ascii_strcasecmp(str, "hex") == 0) { is_hex = TRUE; } /* TODO: handle errors */ } - kp = rspamd_cryptobox_keypair_alloc (type, mode); + kp = rspamd_cryptobox_keypair_alloc(type, mode); kp->type = type; kp->alg = mode; - REF_INIT_RETAIN (kp, rspamd_cryptobox_keypair_dtor); - g_assert (kp != NULL); + REF_INIT_RETAIN(kp, rspamd_cryptobox_keypair_dtor); + g_assert(kp != NULL); - target = rspamd_cryptobox_keypair_sk (kp, &len); - str = ucl_object_tolstring (privkey, &ucl_len); + target = rspamd_cryptobox_keypair_sk(kp, &len); + str = ucl_object_tolstring(privkey, &ucl_len); if (is_hex) { - dec_len = rspamd_decode_hex_buf (str, ucl_len, target, len); + dec_len = rspamd_decode_hex_buf(str, ucl_len, target, len); } else { - dec_len = rspamd_decode_base32_buf (str, ucl_len, target, len, RSPAMD_BASE32_DEFAULT); + dec_len = rspamd_decode_base32_buf(str, ucl_len, target, len, RSPAMD_BASE32_DEFAULT); } - if (dec_len != (gint)len) { - rspamd_keypair_unref (kp); + if (dec_len != (gint) len) { + rspamd_keypair_unref(kp); return NULL; } - target = rspamd_cryptobox_keypair_pk (kp, &len); - str = ucl_object_tolstring (pubkey, &ucl_len); + target = rspamd_cryptobox_keypair_pk(kp, &len); + str = ucl_object_tolstring(pubkey, &ucl_len); if (is_hex) { - dec_len = rspamd_decode_hex_buf (str, ucl_len, target, len); + dec_len = rspamd_decode_hex_buf(str, ucl_len, target, len); } else { - dec_len = rspamd_decode_base32_buf (str, ucl_len, target, len, RSPAMD_BASE32_DEFAULT); + dec_len = rspamd_decode_base32_buf(str, ucl_len, target, len, RSPAMD_BASE32_DEFAULT); } - if (dec_len != (gint)len) { - rspamd_keypair_unref (kp); + if (dec_len != (gint) len) { + rspamd_keypair_unref(kp); return NULL; } - rspamd_cryptobox_hash (kp->id, target, len, NULL, 0); + rspamd_cryptobox_hash(kp->id, target, len, NULL, 0); - elt = ucl_object_lookup (obj, "extensions"); - if (elt && ucl_object_type (elt) == UCL_OBJECT) { + elt = ucl_object_lookup(obj, "extensions"); + if (elt && ucl_object_type(elt) == UCL_OBJECT) { /* Use copy to avoid issues with the refcounts */ - kp->extensions = ucl_object_copy (elt); + kp->extensions = ucl_object_copy(elt); } return kp; } ucl_object_t * -rspamd_keypair_to_ucl (struct rspamd_cryptobox_keypair *kp, - enum rspamd_keypair_dump_flags flags) +rspamd_keypair_to_ucl(struct rspamd_cryptobox_keypair *kp, + enum rspamd_keypair_dump_flags flags) { ucl_object_t *ucl_out, *elt; gint how = 0; GString *keypair_out; const gchar *encoding; - g_assert (kp != NULL); + g_assert(kp != NULL); if (flags & RSPAMD_KEYPAIR_DUMP_HEX) { how |= RSPAMD_KEYPAIR_HEX; @@ -806,106 +798,104 @@ rspamd_keypair_to_ucl (struct rspamd_cryptobox_keypair *kp, } if (flags & RSPAMD_KEYPAIR_DUMP_FLATTENED) { - ucl_out = ucl_object_typed_new (UCL_OBJECT); + ucl_out = ucl_object_typed_new(UCL_OBJECT); elt = ucl_out; } else { - ucl_out = ucl_object_typed_new (UCL_OBJECT); - elt = ucl_object_typed_new (UCL_OBJECT); - ucl_object_insert_key (ucl_out, elt, "keypair", 0, false); + ucl_out = ucl_object_typed_new(UCL_OBJECT); + elt = ucl_object_typed_new(UCL_OBJECT); + ucl_object_insert_key(ucl_out, elt, "keypair", 0, false); } /* pubkey part */ - keypair_out = rspamd_keypair_print (kp, - RSPAMD_KEYPAIR_PUBKEY|how); - ucl_object_insert_key (elt, - ucl_object_fromlstring (keypair_out->str, keypair_out->len), - "pubkey", 0, false); - g_string_free (keypair_out, TRUE); + keypair_out = rspamd_keypair_print(kp, + RSPAMD_KEYPAIR_PUBKEY | how); + ucl_object_insert_key(elt, + ucl_object_fromlstring(keypair_out->str, keypair_out->len), + "pubkey", 0, false); + g_string_free(keypair_out, TRUE); if (!(flags & RSPAMD_KEYPAIR_DUMP_NO_SECRET)) { /* privkey part */ keypair_out = rspamd_keypair_print(kp, - RSPAMD_KEYPAIR_PRIVKEY | how); + RSPAMD_KEYPAIR_PRIVKEY | how); ucl_object_insert_key(elt, - ucl_object_fromlstring(keypair_out->str, keypair_out->len), - "privkey", 0, false); + ucl_object_fromlstring(keypair_out->str, keypair_out->len), + "privkey", 0, false); g_string_free(keypair_out, TRUE); } - keypair_out = rspamd_keypair_print (kp, - RSPAMD_KEYPAIR_ID|how); - ucl_object_insert_key (elt, - ucl_object_fromlstring (keypair_out->str, keypair_out->len), - "id", 0, false); - g_string_free (keypair_out, TRUE); + keypair_out = rspamd_keypair_print(kp, + RSPAMD_KEYPAIR_ID | how); + ucl_object_insert_key(elt, + ucl_object_fromlstring(keypair_out->str, keypair_out->len), + "id", 0, false); + g_string_free(keypair_out, TRUE); - ucl_object_insert_key (elt, - ucl_object_fromstring (encoding), - "encoding", 0, false); + ucl_object_insert_key(elt, + ucl_object_fromstring(encoding), + "encoding", 0, false); - ucl_object_insert_key (elt, - ucl_object_fromstring ( - kp->alg == RSPAMD_CRYPTOBOX_MODE_NIST ? - "nistp256" : "curve25519"), - "algorithm", 0, false); + ucl_object_insert_key(elt, + ucl_object_fromstring( + kp->alg == RSPAMD_CRYPTOBOX_MODE_NIST ? "nistp256" : "curve25519"), + "algorithm", 0, false); - ucl_object_insert_key (elt, - ucl_object_fromstring ( - kp->type == RSPAMD_KEYPAIR_KEX ? - "kex" : "sign"), - "type", 0, false); + ucl_object_insert_key(elt, + ucl_object_fromstring( + kp->type == RSPAMD_KEYPAIR_KEX ? "kex" : "sign"), + "type", 0, false); if (kp->extensions) { - ucl_object_insert_key (elt, ucl_object_copy (kp->extensions), - "extensions", 0, false); + ucl_object_insert_key(elt, ucl_object_copy(kp->extensions), + "extensions", 0, false); } return ucl_out; } gboolean -rspamd_keypair_decrypt (struct rspamd_cryptobox_keypair *kp, - const guchar *in, gsize inlen, - guchar **out, gsize *outlen, - GError **err) +rspamd_keypair_decrypt(struct rspamd_cryptobox_keypair *kp, + const guchar *in, gsize inlen, + guchar **out, gsize *outlen, + GError **err) { const guchar *nonce, *mac, *data, *pubkey; - g_assert (kp != NULL); - g_assert (in != NULL); + g_assert(kp != NULL); + g_assert(in != NULL); if (kp->type != RSPAMD_KEYPAIR_KEX) { - g_set_error (err, rspamd_keypair_quark (), EINVAL, - "invalid keypair type"); + g_set_error(err, rspamd_keypair_quark(), EINVAL, + "invalid keypair type"); return FALSE; } - if (inlen < sizeof (encrypted_magic) + rspamd_cryptobox_pk_bytes (kp->alg) + - rspamd_cryptobox_mac_bytes (kp->alg) + - rspamd_cryptobox_nonce_bytes (kp->alg)) { - g_set_error (err, rspamd_keypair_quark (), E2BIG, "invalid size: too small"); + if (inlen < sizeof(encrypted_magic) + rspamd_cryptobox_pk_bytes(kp->alg) + + rspamd_cryptobox_mac_bytes(kp->alg) + + rspamd_cryptobox_nonce_bytes(kp->alg)) { + g_set_error(err, rspamd_keypair_quark(), E2BIG, "invalid size: too small"); return FALSE; } - if (memcmp (in, encrypted_magic, sizeof (encrypted_magic)) != 0) { - g_set_error (err, rspamd_keypair_quark (), EINVAL, - "invalid magic"); + if (memcmp(in, encrypted_magic, sizeof(encrypted_magic)) != 0) { + g_set_error(err, rspamd_keypair_quark(), EINVAL, + "invalid magic"); return FALSE; } /* Set pointers */ - pubkey = in + sizeof (encrypted_magic); - mac = pubkey + rspamd_cryptobox_pk_bytes (kp->alg); - nonce = mac + rspamd_cryptobox_mac_bytes (kp->alg); - data = nonce + rspamd_cryptobox_nonce_bytes (kp->alg); + pubkey = in + sizeof(encrypted_magic); + mac = pubkey + rspamd_cryptobox_pk_bytes(kp->alg); + nonce = mac + rspamd_cryptobox_mac_bytes(kp->alg); + data = nonce + rspamd_cryptobox_nonce_bytes(kp->alg); if (data - in >= inlen) { - g_set_error (err, rspamd_keypair_quark (), E2BIG, "invalid size: too small"); + g_set_error(err, rspamd_keypair_quark(), E2BIG, "invalid size: too small"); return FALSE; } @@ -913,14 +903,14 @@ rspamd_keypair_decrypt (struct rspamd_cryptobox_keypair *kp, inlen -= data - in; /* Allocate memory for output */ - *out = g_malloc (inlen); - memcpy (*out, data, inlen); + *out = g_malloc(inlen); + memcpy(*out, data, inlen); - if (!rspamd_cryptobox_decrypt_inplace (*out, inlen, nonce, pubkey, - rspamd_keypair_component (kp, RSPAMD_KEYPAIR_COMPONENT_SK, NULL), - mac, kp->alg)) { - g_set_error (err, rspamd_keypair_quark (), EPERM, "verification failed"); - g_free (*out); + if (!rspamd_cryptobox_decrypt_inplace(*out, inlen, nonce, pubkey, + rspamd_keypair_component(kp, RSPAMD_KEYPAIR_COMPONENT_SK, NULL), + mac, kp->alg)) { + g_set_error(err, rspamd_keypair_quark(), EPERM, "verification failed"); + g_free(*out); return FALSE; } @@ -933,47 +923,46 @@ rspamd_keypair_decrypt (struct rspamd_cryptobox_keypair *kp, } gboolean -rspamd_keypair_encrypt (struct rspamd_cryptobox_keypair *kp, - const guchar *in, gsize inlen, - guchar **out, gsize *outlen, - GError **err) +rspamd_keypair_encrypt(struct rspamd_cryptobox_keypair *kp, + const guchar *in, gsize inlen, + guchar **out, gsize *outlen, + GError **err) { guchar *nonce, *mac, *data, *pubkey; struct rspamd_cryptobox_keypair *local; gsize olen; - g_assert (kp != NULL); - g_assert (in != NULL); + g_assert(kp != NULL); + g_assert(in != NULL); if (kp->type != RSPAMD_KEYPAIR_KEX) { - g_set_error (err, rspamd_keypair_quark (), EINVAL, - "invalid keypair type"); + g_set_error(err, rspamd_keypair_quark(), EINVAL, + "invalid keypair type"); return FALSE; } - local = rspamd_keypair_new (kp->type, kp->alg); - - olen = inlen + sizeof (encrypted_magic) + - rspamd_cryptobox_pk_bytes (kp->alg) + - rspamd_cryptobox_mac_bytes (kp->alg) + - rspamd_cryptobox_nonce_bytes (kp->alg); - *out = g_malloc (olen); - memcpy (*out, encrypted_magic, sizeof (encrypted_magic)); - pubkey = *out + sizeof (encrypted_magic); - mac = pubkey + rspamd_cryptobox_pk_bytes (kp->alg); - nonce = mac + rspamd_cryptobox_mac_bytes (kp->alg); - data = nonce + rspamd_cryptobox_nonce_bytes (kp->alg); - - ottery_rand_bytes (nonce, rspamd_cryptobox_nonce_bytes (kp->alg)); - memcpy (data, in, inlen); - memcpy (pubkey, rspamd_keypair_component (kp, - RSPAMD_KEYPAIR_COMPONENT_PK, NULL), - rspamd_cryptobox_pk_bytes (kp->alg)); - rspamd_cryptobox_encrypt_inplace (data, inlen, nonce, pubkey, - rspamd_keypair_component (local, RSPAMD_KEYPAIR_COMPONENT_SK, NULL), - mac, kp->alg); - rspamd_keypair_unref (local); + local = rspamd_keypair_new(kp->type, kp->alg); + + olen = inlen + sizeof(encrypted_magic) + + rspamd_cryptobox_pk_bytes(kp->alg) + + rspamd_cryptobox_mac_bytes(kp->alg) + + rspamd_cryptobox_nonce_bytes(kp->alg); + *out = g_malloc(olen); + memcpy(*out, encrypted_magic, sizeof(encrypted_magic)); + pubkey = *out + sizeof(encrypted_magic); + mac = pubkey + rspamd_cryptobox_pk_bytes(kp->alg); + nonce = mac + rspamd_cryptobox_mac_bytes(kp->alg); + data = nonce + rspamd_cryptobox_nonce_bytes(kp->alg); + + ottery_rand_bytes(nonce, rspamd_cryptobox_nonce_bytes(kp->alg)); + memcpy(data, in, inlen); + memcpy(pubkey, rspamd_keypair_component(kp, RSPAMD_KEYPAIR_COMPONENT_PK, NULL), + rspamd_cryptobox_pk_bytes(kp->alg)); + rspamd_cryptobox_encrypt_inplace(data, inlen, nonce, pubkey, + rspamd_keypair_component(local, RSPAMD_KEYPAIR_COMPONENT_SK, NULL), + mac, kp->alg); + rspamd_keypair_unref(local); if (outlen) { *outlen = olen; @@ -983,46 +972,46 @@ rspamd_keypair_encrypt (struct rspamd_cryptobox_keypair *kp, } gboolean -rspamd_pubkey_encrypt (struct rspamd_cryptobox_pubkey *pk, - const guchar *in, gsize inlen, - guchar **out, gsize *outlen, - GError **err) +rspamd_pubkey_encrypt(struct rspamd_cryptobox_pubkey *pk, + const guchar *in, gsize inlen, + guchar **out, gsize *outlen, + GError **err) { guchar *nonce, *mac, *data, *pubkey; struct rspamd_cryptobox_keypair *local; gsize olen; - g_assert (pk != NULL); - g_assert (in != NULL); + g_assert(pk != NULL); + g_assert(in != NULL); if (pk->type != RSPAMD_KEYPAIR_KEX) { - g_set_error (err, rspamd_keypair_quark (), EINVAL, - "invalid pubkey type"); + g_set_error(err, rspamd_keypair_quark(), EINVAL, + "invalid pubkey type"); return FALSE; } - local = rspamd_keypair_new (pk->type, pk->alg); - - olen = inlen + sizeof (encrypted_magic) + - rspamd_cryptobox_pk_bytes (pk->alg) + - rspamd_cryptobox_mac_bytes (pk->alg) + - rspamd_cryptobox_nonce_bytes (pk->alg); - *out = g_malloc (olen); - memcpy (*out, encrypted_magic, sizeof (encrypted_magic)); - pubkey = *out + sizeof (encrypted_magic); - mac = pubkey + rspamd_cryptobox_pk_bytes (pk->alg); - nonce = mac + rspamd_cryptobox_mac_bytes (pk->alg); - data = nonce + rspamd_cryptobox_nonce_bytes (pk->alg); - - ottery_rand_bytes (nonce, rspamd_cryptobox_nonce_bytes (pk->alg)); - memcpy (data, in, inlen); - memcpy (pubkey, rspamd_pubkey_get_pk (pk, NULL), - rspamd_cryptobox_pk_bytes (pk->alg)); - rspamd_cryptobox_encrypt_inplace (data, inlen, nonce, pubkey, - rspamd_keypair_component (local, RSPAMD_KEYPAIR_COMPONENT_SK, NULL), - mac, pk->alg); - rspamd_keypair_unref (local); + local = rspamd_keypair_new(pk->type, pk->alg); + + olen = inlen + sizeof(encrypted_magic) + + rspamd_cryptobox_pk_bytes(pk->alg) + + rspamd_cryptobox_mac_bytes(pk->alg) + + rspamd_cryptobox_nonce_bytes(pk->alg); + *out = g_malloc(olen); + memcpy(*out, encrypted_magic, sizeof(encrypted_magic)); + pubkey = *out + sizeof(encrypted_magic); + mac = pubkey + rspamd_cryptobox_pk_bytes(pk->alg); + nonce = mac + rspamd_cryptobox_mac_bytes(pk->alg); + data = nonce + rspamd_cryptobox_nonce_bytes(pk->alg); + + ottery_rand_bytes(nonce, rspamd_cryptobox_nonce_bytes(pk->alg)); + memcpy(data, in, inlen); + memcpy(pubkey, rspamd_pubkey_get_pk(pk, NULL), + rspamd_cryptobox_pk_bytes(pk->alg)); + rspamd_cryptobox_encrypt_inplace(data, inlen, nonce, pubkey, + rspamd_keypair_component(local, RSPAMD_KEYPAIR_COMPONENT_SK, NULL), + mac, pk->alg); + rspamd_keypair_unref(local); if (outlen) { *outlen = olen; diff --git a/src/libcryptobox/keypair.h b/src/libcryptobox/keypair.h index 18a87d7f5..64461b7d4 100644 --- a/src/libcryptobox/keypair.h +++ b/src/libcryptobox/keypair.h @@ -20,7 +20,7 @@ #include "cryptobox.h" #include "ucl.h" -#ifdef __cplusplus +#ifdef __cplusplus extern "C" { #endif @@ -49,31 +49,31 @@ struct rspamd_cryptobox_pubkey; * @param alg algorithm for the keypair * @return fresh keypair generated */ -struct rspamd_cryptobox_keypair *rspamd_keypair_new ( - enum rspamd_cryptobox_keypair_type type, - enum rspamd_cryptobox_mode alg); +struct rspamd_cryptobox_keypair *rspamd_keypair_new( + enum rspamd_cryptobox_keypair_type type, + enum rspamd_cryptobox_mode alg); /** * Increase refcount for the specific keypair * @param kp * @return */ -struct rspamd_cryptobox_keypair *rspamd_keypair_ref ( - struct rspamd_cryptobox_keypair *kp); +struct rspamd_cryptobox_keypair *rspamd_keypair_ref( + struct rspamd_cryptobox_keypair *kp); /** * Decrease refcount for the specific keypair (or destroy when refcount == 0) * @param kp */ -void rspamd_keypair_unref (struct rspamd_cryptobox_keypair *kp); +void rspamd_keypair_unref(struct rspamd_cryptobox_keypair *kp); /** * Increase refcount for the specific pubkey * @param kp * @return */ -struct rspamd_cryptobox_pubkey *rspamd_pubkey_ref ( - struct rspamd_cryptobox_pubkey *kp); +struct rspamd_cryptobox_pubkey *rspamd_pubkey_ref( + struct rspamd_cryptobox_pubkey *kp); /** * Load pubkey from base32 string @@ -82,10 +82,10 @@ struct rspamd_cryptobox_pubkey *rspamd_pubkey_ref ( * @param alg algorithm of the key (nist or curve25519) * @return new pubkey or NULL in case of error */ -struct rspamd_cryptobox_pubkey *rspamd_pubkey_from_base32 (const gchar *b32, - gsize len, - enum rspamd_cryptobox_keypair_type type, - enum rspamd_cryptobox_mode alg); +struct rspamd_cryptobox_pubkey *rspamd_pubkey_from_base32(const gchar *b32, + gsize len, + enum rspamd_cryptobox_keypair_type type, + enum rspamd_cryptobox_mode alg); /** * Load pubkey from hex string @@ -94,10 +94,10 @@ struct rspamd_cryptobox_pubkey *rspamd_pubkey_from_base32 (const gchar *b32, * @param alg algorithm of the key (nist or curve25519) * @return new pubkey or NULL in case of error */ -struct rspamd_cryptobox_pubkey *rspamd_pubkey_from_hex (const gchar *hex, - gsize len, - enum rspamd_cryptobox_keypair_type type, - enum rspamd_cryptobox_mode alg); +struct rspamd_cryptobox_pubkey *rspamd_pubkey_from_hex(const gchar *hex, + gsize len, + enum rspamd_cryptobox_keypair_type type, + enum rspamd_cryptobox_mode alg); /** * Load pubkey from raw chunk string @@ -106,76 +106,76 @@ struct rspamd_cryptobox_pubkey *rspamd_pubkey_from_hex (const gchar *hex, * @param alg algorithm of the key (nist or curve25519) * @return new pubkey or NULL in case of error */ -struct rspamd_cryptobox_pubkey *rspamd_pubkey_from_bin (const guchar *raw, - gsize len, - enum rspamd_cryptobox_keypair_type type, - enum rspamd_cryptobox_mode alg); +struct rspamd_cryptobox_pubkey *rspamd_pubkey_from_bin(const guchar *raw, + gsize len, + enum rspamd_cryptobox_keypair_type type, + enum rspamd_cryptobox_mode alg); /** * Decrease refcount for the specific pubkey (or destroy when refcount == 0) * @param kp */ -void rspamd_pubkey_unref (struct rspamd_cryptobox_pubkey *kp); +void rspamd_pubkey_unref(struct rspamd_cryptobox_pubkey *kp); /** * Get type of keypair */ -enum rspamd_cryptobox_keypair_type rspamd_keypair_type ( - struct rspamd_cryptobox_keypair *kp); +enum rspamd_cryptobox_keypair_type rspamd_keypair_type( + struct rspamd_cryptobox_keypair *kp); /** * Get type of pubkey */ -enum rspamd_cryptobox_keypair_type rspamd_pubkey_type ( - struct rspamd_cryptobox_pubkey *p); +enum rspamd_cryptobox_keypair_type rspamd_pubkey_type( + struct rspamd_cryptobox_pubkey *p); /** * Get algorithm of keypair */ -enum rspamd_cryptobox_mode rspamd_keypair_alg (struct rspamd_cryptobox_keypair *kp); +enum rspamd_cryptobox_mode rspamd_keypair_alg(struct rspamd_cryptobox_keypair *kp); /** * Get algorithm of pubkey */ -enum rspamd_cryptobox_mode rspamd_pubkey_alg (struct rspamd_cryptobox_pubkey *p); +enum rspamd_cryptobox_mode rspamd_pubkey_alg(struct rspamd_cryptobox_pubkey *p); /** * Get cached NM for this specific pubkey * @param p * @return */ -const guchar *rspamd_pubkey_get_nm (struct rspamd_cryptobox_pubkey *p, - struct rspamd_cryptobox_keypair *kp); +const guchar *rspamd_pubkey_get_nm(struct rspamd_cryptobox_pubkey *p, + struct rspamd_cryptobox_keypair *kp); /** * Calculate and store nm value for the specified local key (performs ECDH) * @param p * @return */ -const guchar *rspamd_pubkey_calculate_nm (struct rspamd_cryptobox_pubkey *p, - struct rspamd_cryptobox_keypair *kp); +const guchar *rspamd_pubkey_calculate_nm(struct rspamd_cryptobox_pubkey *p, + struct rspamd_cryptobox_keypair *kp); /** * Get raw public key id for a specified keypair (rspamd_cryptobox_HASHBYTES) * @param kp * @return */ -const guchar *rspamd_keypair_get_id (struct rspamd_cryptobox_keypair *kp); +const guchar *rspamd_keypair_get_id(struct rspamd_cryptobox_keypair *kp); /** * Returns keypair extensions if any * @param kp * @return */ -const ucl_object_t *rspamd_keypair_get_extensions (struct rspamd_cryptobox_keypair *kp); +const ucl_object_t *rspamd_keypair_get_extensions(struct rspamd_cryptobox_keypair *kp); /** * Get raw public key id for a specified key (rspamd_cryptobox_HASHBYTES) * @param kp * @return */ -const guchar *rspamd_pubkey_get_id (struct rspamd_cryptobox_pubkey *pk); +const guchar *rspamd_pubkey_get_id(struct rspamd_cryptobox_pubkey *pk); /** * Get raw public key from pubkey opaque structure @@ -183,8 +183,8 @@ const guchar *rspamd_pubkey_get_id (struct rspamd_cryptobox_pubkey *pk); * @param len * @return */ -const guchar *rspamd_pubkey_get_pk (struct rspamd_cryptobox_pubkey *pk, - guint *len); +const guchar *rspamd_pubkey_get_pk(struct rspamd_cryptobox_pubkey *pk, + guint *len); /** Short ID characters count */ #define RSPAMD_KEYPAIR_SHORT_ID_LEN 5 @@ -208,8 +208,8 @@ const guchar *rspamd_pubkey_get_pk (struct rspamd_cryptobox_pubkey *pk, * @param how flags that specifies printing behaviour * @return newly allocated string with keypair */ -GString *rspamd_keypair_print (struct rspamd_cryptobox_keypair *kp, - guint how); +GString *rspamd_keypair_print(struct rspamd_cryptobox_keypair *kp, + guint how); /** * Print pubkey encoding it if needed @@ -217,8 +217,8 @@ GString *rspamd_keypair_print (struct rspamd_cryptobox_keypair *kp, * @param how flags that specifies printing behaviour * @return newly allocated string with keypair */ -GString *rspamd_pubkey_print (struct rspamd_cryptobox_pubkey *pk, - guint how); +GString *rspamd_pubkey_print(struct rspamd_cryptobox_pubkey *pk, + guint how); /** Get keypair pubkey ID */ #define RSPAMD_KEYPAIR_COMPONENT_ID 0 @@ -234,15 +234,15 @@ GString *rspamd_pubkey_print (struct rspamd_cryptobox_pubkey *pk, * @param len length of input * @return raw content of the component */ -const guchar *rspamd_keypair_component (struct rspamd_cryptobox_keypair *kp, - guint ncomp, guint *len); +const guchar *rspamd_keypair_component(struct rspamd_cryptobox_keypair *kp, + guint ncomp, guint *len); /** * Create a new keypair from ucl object * @param obj object to load * @return new structure or NULL if an object is invalid */ -struct rspamd_cryptobox_keypair *rspamd_keypair_from_ucl (const ucl_object_t *obj); +struct rspamd_cryptobox_keypair *rspamd_keypair_from_ucl(const ucl_object_t *obj); enum rspamd_keypair_dump_flags { @@ -257,8 +257,8 @@ enum rspamd_keypair_dump_flags { * @param kp * @return */ -ucl_object_t *rspamd_keypair_to_ucl (struct rspamd_cryptobox_keypair *kp, - enum rspamd_keypair_dump_flags flags); +ucl_object_t *rspamd_keypair_to_ucl(struct rspamd_cryptobox_keypair *kp, + enum rspamd_keypair_dump_flags flags); /** @@ -271,10 +271,10 @@ ucl_object_t *rspamd_keypair_to_ucl (struct rspamd_cryptobox_keypair *kp, * @param outlen output size * @return TRUE if decryption is completed, out must be freed in this case */ -gboolean rspamd_keypair_decrypt (struct rspamd_cryptobox_keypair *kp, - const guchar *in, gsize inlen, - guchar **out, gsize *outlen, - GError **err); +gboolean rspamd_keypair_decrypt(struct rspamd_cryptobox_keypair *kp, + const guchar *in, gsize inlen, + guchar **out, gsize *outlen, + GError **err); /** * Encrypts data usign specific keypair. @@ -288,10 +288,10 @@ gboolean rspamd_keypair_decrypt (struct rspamd_cryptobox_keypair *kp, * @param err pointer to error * @return TRUE if encryption has been completed, out must be freed in this case */ -gboolean rspamd_keypair_encrypt (struct rspamd_cryptobox_keypair *kp, - const guchar *in, gsize inlen, - guchar **out, gsize *outlen, - GError **err); +gboolean rspamd_keypair_encrypt(struct rspamd_cryptobox_keypair *kp, + const guchar *in, gsize inlen, + guchar **out, gsize *outlen, + GError **err); /** * Encrypts data usign specific pubkey (must have KEX type). @@ -305,12 +305,12 @@ gboolean rspamd_keypair_encrypt (struct rspamd_cryptobox_keypair *kp, * @param err pointer to error * @return TRUE if encryption has been completed, out must be freed in this case */ -gboolean rspamd_pubkey_encrypt (struct rspamd_cryptobox_pubkey *pk, - const guchar *in, gsize inlen, - guchar **out, gsize *outlen, - GError **err); +gboolean rspamd_pubkey_encrypt(struct rspamd_cryptobox_pubkey *pk, + const guchar *in, gsize inlen, + guchar **out, gsize *outlen, + GError **err); -#ifdef __cplusplus +#ifdef __cplusplus } #endif diff --git a/src/libcryptobox/keypair_private.h b/src/libcryptobox/keypair_private.h index 705d1a4fc..16e17e0b2 100644 --- a/src/libcryptobox/keypair_private.h +++ b/src/libcryptobox/keypair_private.h @@ -20,7 +20,7 @@ #include "ref.h" #include "cryptobox.h" -#ifdef __cplusplus +#ifdef __cplusplus extern "C" { #endif /* @@ -46,7 +46,7 @@ struct rspamd_cryptobox_keypair { /* * NIST p256 ecdh keypair */ -#define RSPAMD_CRYPTOBOX_KEYPAIR_NIST(x) ((struct rspamd_cryptobox_keypair_nist *)(x)) +#define RSPAMD_CRYPTOBOX_KEYPAIR_NIST(x) ((struct rspamd_cryptobox_keypair_nist *) (x)) struct rspamd_cryptobox_keypair_nist { struct rspamd_cryptobox_keypair parent; guchar sk[32]; @@ -56,7 +56,7 @@ struct rspamd_cryptobox_keypair_nist { /* * Curve25519 ecdh keypair */ -#define RSPAMD_CRYPTOBOX_KEYPAIR_25519(x) ((struct rspamd_cryptobox_keypair_25519 *)(x)) +#define RSPAMD_CRYPTOBOX_KEYPAIR_25519(x) ((struct rspamd_cryptobox_keypair_25519 *) (x)) struct rspamd_cryptobox_keypair_25519 { struct rspamd_cryptobox_keypair parent; guchar sk[32]; @@ -66,7 +66,7 @@ struct rspamd_cryptobox_keypair_25519 { /* * NIST p256 ecdsa keypair */ -#define RSPAMD_CRYPTOBOX_KEYPAIR_SIG_NIST(x) ((struct rspamd_cryptobox_keypair_sig_nist *)(x)) +#define RSPAMD_CRYPTOBOX_KEYPAIR_SIG_NIST(x) ((struct rspamd_cryptobox_keypair_sig_nist *) (x)) struct rspamd_cryptobox_keypair_sig_nist { struct rspamd_cryptobox_keypair parent; guchar sk[32]; @@ -76,7 +76,7 @@ struct rspamd_cryptobox_keypair_sig_nist { /* * Ed25519 keypair */ -#define RSPAMD_CRYPTOBOX_KEYPAIR_SIG_25519(x) ((struct rspamd_cryptobox_keypair_sig_25519 *)(x)) +#define RSPAMD_CRYPTOBOX_KEYPAIR_SIG_25519(x) ((struct rspamd_cryptobox_keypair_sig_25519 *) (x)) struct rspamd_cryptobox_keypair_sig_25519 { struct rspamd_cryptobox_keypair parent; guchar sk[64]; @@ -97,7 +97,7 @@ struct rspamd_cryptobox_pubkey { /* * Public p256 ecdh */ -#define RSPAMD_CRYPTOBOX_PUBKEY_NIST(x) ((struct rspamd_cryptobox_pubkey_nist *)(x)) +#define RSPAMD_CRYPTOBOX_PUBKEY_NIST(x) ((struct rspamd_cryptobox_pubkey_nist *) (x)) struct rspamd_cryptobox_pubkey_nist { struct rspamd_cryptobox_pubkey parent; guchar pk[65]; @@ -106,7 +106,7 @@ struct rspamd_cryptobox_pubkey_nist { /* * Public curve25519 ecdh */ -#define RSPAMD_CRYPTOBOX_PUBKEY_25519(x) ((struct rspamd_cryptobox_pubkey_25519 *)(x)) +#define RSPAMD_CRYPTOBOX_PUBKEY_25519(x) ((struct rspamd_cryptobox_pubkey_25519 *) (x)) struct rspamd_cryptobox_pubkey_25519 { struct rspamd_cryptobox_pubkey parent; guchar pk[32]; @@ -115,7 +115,7 @@ struct rspamd_cryptobox_pubkey_25519 { /* * Public p256 ecdsa */ -#define RSPAMD_CRYPTOBOX_PUBKEY_SIG_NIST(x) ((struct rspamd_cryptobox_pubkey_sig_nist *)(x)) +#define RSPAMD_CRYPTOBOX_PUBKEY_SIG_NIST(x) ((struct rspamd_cryptobox_pubkey_sig_nist *) (x)) struct rspamd_cryptobox_pubkey_sig_nist { struct rspamd_cryptobox_pubkey parent; guchar pk[65]; @@ -124,19 +124,19 @@ struct rspamd_cryptobox_pubkey_sig_nist { /* * Public ed25519 */ -#define RSPAMD_CRYPTOBOX_PUBKEY_SIG_25519(x) ((struct rspamd_cryptobox_pubkey_sig_25519 *)(x)) +#define RSPAMD_CRYPTOBOX_PUBKEY_SIG_25519(x) ((struct rspamd_cryptobox_pubkey_sig_25519 *) (x)) struct rspamd_cryptobox_pubkey_sig_25519 { struct rspamd_cryptobox_pubkey parent; guchar pk[32]; }; -void rspamd_cryptobox_nm_dtor (struct rspamd_cryptobox_nm *nm); +void rspamd_cryptobox_nm_dtor(struct rspamd_cryptobox_nm *nm); -void rspamd_cryptobox_keypair_dtor (struct rspamd_cryptobox_keypair *kp); +void rspamd_cryptobox_keypair_dtor(struct rspamd_cryptobox_keypair *kp); -void rspamd_cryptobox_pubkey_dtor (struct rspamd_cryptobox_pubkey *p); +void rspamd_cryptobox_pubkey_dtor(struct rspamd_cryptobox_pubkey *p); -#ifdef __cplusplus +#ifdef __cplusplus } #endif diff --git a/src/libcryptobox/keypairs_cache.c b/src/libcryptobox/keypairs_cache.c index bcba5e247..0616bb940 100644 --- a/src/libcryptobox/keypairs_cache.c +++ b/src/libcryptobox/keypairs_cache.c @@ -29,115 +29,113 @@ struct rspamd_keypair_cache { }; static void -rspamd_keypair_destroy (gpointer ptr) +rspamd_keypair_destroy(gpointer ptr) { - struct rspamd_keypair_elt *elt = (struct rspamd_keypair_elt *)ptr; + struct rspamd_keypair_elt *elt = (struct rspamd_keypair_elt *) ptr; - REF_RELEASE (elt->nm); - g_free (elt); + REF_RELEASE(elt->nm); + g_free(elt); } static guint -rspamd_keypair_hash (gconstpointer ptr) +rspamd_keypair_hash(gconstpointer ptr) { - struct rspamd_keypair_elt *elt = (struct rspamd_keypair_elt *)ptr; + struct rspamd_keypair_elt *elt = (struct rspamd_keypair_elt *) ptr; - return rspamd_cryptobox_fast_hash (elt->pair, sizeof (elt->pair), - rspamd_hash_seed ()); + return rspamd_cryptobox_fast_hash(elt->pair, sizeof(elt->pair), + rspamd_hash_seed()); } static gboolean -rspamd_keypair_equal (gconstpointer p1, gconstpointer p2) +rspamd_keypair_equal(gconstpointer p1, gconstpointer p2) { - struct rspamd_keypair_elt *e1 = (struct rspamd_keypair_elt *)p1, - *e2 = (struct rspamd_keypair_elt *)p2; + struct rspamd_keypair_elt *e1 = (struct rspamd_keypair_elt *) p1, + *e2 = (struct rspamd_keypair_elt *) p2; - return memcmp (e1->pair, e2->pair, sizeof (e1->pair)) == 0; + return memcmp(e1->pair, e2->pair, sizeof(e1->pair)) == 0; } struct rspamd_keypair_cache * -rspamd_keypair_cache_new (guint max_items) +rspamd_keypair_cache_new(guint max_items) { struct rspamd_keypair_cache *c; - g_assert (max_items > 0); + g_assert(max_items > 0); - c = g_malloc0 (sizeof (*c)); - c->hash = rspamd_lru_hash_new_full (max_items, NULL, - rspamd_keypair_destroy, rspamd_keypair_hash, rspamd_keypair_equal); + c = g_malloc0(sizeof(*c)); + c->hash = rspamd_lru_hash_new_full(max_items, NULL, + rspamd_keypair_destroy, rspamd_keypair_hash, rspamd_keypair_equal); return c; } -void -rspamd_keypair_cache_process (struct rspamd_keypair_cache *c, - struct rspamd_cryptobox_keypair *lk, - struct rspamd_cryptobox_pubkey *rk) +void rspamd_keypair_cache_process(struct rspamd_keypair_cache *c, + struct rspamd_cryptobox_keypair *lk, + struct rspamd_cryptobox_pubkey *rk) { struct rspamd_keypair_elt search, *new; - g_assert (lk != NULL); - g_assert (rk != NULL); - g_assert (rk->alg == lk->alg); - g_assert (rk->type == lk->type); - g_assert (rk->type == RSPAMD_KEYPAIR_KEX); + g_assert(lk != NULL); + g_assert(rk != NULL); + g_assert(rk->alg == lk->alg); + g_assert(rk->type == lk->type); + g_assert(rk->type == RSPAMD_KEYPAIR_KEX); - memset (&search, 0, sizeof (search)); - memcpy (search.pair, rk->id, rspamd_cryptobox_HASHBYTES); - memcpy (&search.pair[rspamd_cryptobox_HASHBYTES], lk->id, - rspamd_cryptobox_HASHBYTES); - new = rspamd_lru_hash_lookup (c->hash, &search, time (NULL)); + memset(&search, 0, sizeof(search)); + memcpy(search.pair, rk->id, rspamd_cryptobox_HASHBYTES); + memcpy(&search.pair[rspamd_cryptobox_HASHBYTES], lk->id, + rspamd_cryptobox_HASHBYTES); + new = rspamd_lru_hash_lookup(c->hash, &search, time(NULL)); if (rk->nm) { - REF_RELEASE (rk->nm); + REF_RELEASE(rk->nm); rk->nm = NULL; } if (new == NULL) { - new = g_malloc0 (sizeof (*new)); + new = g_malloc0(sizeof(*new)); - if (posix_memalign ((void **)&new->nm, 32, sizeof (*new->nm)) != 0) { - abort (); + if (posix_memalign((void **) &new->nm, 32, sizeof(*new->nm)) != 0) { + abort(); } - REF_INIT_RETAIN (new->nm, rspamd_cryptobox_nm_dtor); + REF_INIT_RETAIN(new->nm, rspamd_cryptobox_nm_dtor); - memcpy (new->pair, rk->id, rspamd_cryptobox_HASHBYTES); - memcpy (&new->pair[rspamd_cryptobox_HASHBYTES], lk->id, - rspamd_cryptobox_HASHBYTES); - memcpy (&new->nm->sk_id, lk->id, sizeof (guint64)); + memcpy(new->pair, rk->id, rspamd_cryptobox_HASHBYTES); + memcpy(&new->pair[rspamd_cryptobox_HASHBYTES], lk->id, + rspamd_cryptobox_HASHBYTES); + memcpy(&new->nm->sk_id, lk->id, sizeof(guint64)); if (rk->alg == RSPAMD_CRYPTOBOX_MODE_25519) { struct rspamd_cryptobox_pubkey_25519 *rk_25519 = - RSPAMD_CRYPTOBOX_PUBKEY_25519(rk); + RSPAMD_CRYPTOBOX_PUBKEY_25519(rk); struct rspamd_cryptobox_keypair_25519 *sk_25519 = - RSPAMD_CRYPTOBOX_KEYPAIR_25519(lk); + RSPAMD_CRYPTOBOX_KEYPAIR_25519(lk); - rspamd_cryptobox_nm (new->nm->nm, rk_25519->pk, sk_25519->sk, rk->alg); + rspamd_cryptobox_nm(new->nm->nm, rk_25519->pk, sk_25519->sk, rk->alg); } else { struct rspamd_cryptobox_pubkey_nist *rk_nist = - RSPAMD_CRYPTOBOX_PUBKEY_NIST(rk); + RSPAMD_CRYPTOBOX_PUBKEY_NIST(rk); struct rspamd_cryptobox_keypair_nist *sk_nist = - RSPAMD_CRYPTOBOX_KEYPAIR_NIST(lk); + RSPAMD_CRYPTOBOX_KEYPAIR_NIST(lk); - rspamd_cryptobox_nm (new->nm->nm, rk_nist->pk, sk_nist->sk, rk->alg); + rspamd_cryptobox_nm(new->nm->nm, rk_nist->pk, sk_nist->sk, rk->alg); } - rspamd_lru_hash_insert (c->hash, new, new, time (NULL), -1); + rspamd_lru_hash_insert(c->hash, new, new, time(NULL), -1); } - g_assert (new != NULL); + g_assert(new != NULL); rk->nm = new->nm; - REF_RETAIN (rk->nm); + REF_RETAIN(rk->nm); } -void -rspamd_keypair_cache_destroy (struct rspamd_keypair_cache *c) +void rspamd_keypair_cache_destroy(struct rspamd_keypair_cache *c) { if (c != NULL) { - rspamd_lru_hash_destroy (c->hash); - g_free (c); + rspamd_lru_hash_destroy(c->hash); + g_free(c); } } diff --git a/src/libcryptobox/keypairs_cache.h b/src/libcryptobox/keypairs_cache.h index 4f54b6c9d..96e356a80 100644 --- a/src/libcryptobox/keypairs_cache.h +++ b/src/libcryptobox/keypairs_cache.h @@ -20,7 +20,7 @@ #include "keypair.h" -#ifdef __cplusplus +#ifdef __cplusplus extern "C" { #endif @@ -31,7 +31,7 @@ struct rspamd_keypair_cache; * @param max_items defines maximum count of elements in the cache * @return new cache */ -struct rspamd_keypair_cache *rspamd_keypair_cache_new (guint max_items); +struct rspamd_keypair_cache *rspamd_keypair_cache_new(guint max_items); /** @@ -40,17 +40,17 @@ struct rspamd_keypair_cache *rspamd_keypair_cache_new (guint max_items); * @param lk local key * @param rk remote key */ -void rspamd_keypair_cache_process (struct rspamd_keypair_cache *c, - struct rspamd_cryptobox_keypair *lk, - struct rspamd_cryptobox_pubkey *rk); +void rspamd_keypair_cache_process(struct rspamd_keypair_cache *c, + struct rspamd_cryptobox_keypair *lk, + struct rspamd_cryptobox_pubkey *rk); /** * Destroy old keypair cache * @param c cache object */ -void rspamd_keypair_cache_destroy (struct rspamd_keypair_cache *c); +void rspamd_keypair_cache_destroy(struct rspamd_keypair_cache *c); -#ifdef __cplusplus +#ifdef __cplusplus } #endif |