From 824e1c2eb20190169c8d7c7619dd71ea7e483ddb Mon Sep 17 00:00:00 2001 From: Rhys Weatherley Date: Wed, 24 Aug 2016 05:24:51 +1000 Subject: [PATCH] Change the private key format in the NewHope API --- libraries/NewHope/NewHope.cpp | 34 ++++++++++++++----- libraries/NewHope/NewHope.h | 20 ++++------- .../examples/TestNewHope/TestNewHope.ino | 2 +- 3 files changed, 33 insertions(+), 23 deletions(-) diff --git a/libraries/NewHope/NewHope.cpp b/libraries/NewHope/NewHope.cpp index a77442ba..1c49396d 100644 --- a/libraries/NewHope/NewHope.cpp +++ b/libraries/NewHope/NewHope.cpp @@ -55,7 +55,7 @@ * * \code * uint8_t alice_public[NEWHOPE_SENDABYTES]; - * NewHopePoly alice_private; + * NewHopePrivateKey alice_private; * NewHope::keygen(alice_public, alice_private); * \endcode * @@ -104,8 +104,12 @@ */ /** - * \class NewHopePoly NewHope.h - * \brief NewHope polynomial representation + * \class NewHopePrivateKey NewHope.h + * \brief NewHope private key representation + * + * Instances of NewHopePrivateKey are used to hold the private key value + * for alice between the calls to keygen() and shareda(). It should be + * treated as opaque. * * Reference: https://cryptojedi.org/crypto/#newhope */ @@ -850,6 +854,20 @@ static int discardtopoly(uint16_t *x) // End of public domain code imported from the C reference code. +class NewHopePoly +{ +public: + NewHopePoly(); + ~NewHopePoly(); + + void clear(); + +private: + uint16_t coeffs[1024]; + + friend class NewHope; +}; + // Formats the ChaCha20 input block using a key and nonce. static void crypto_chacha20_set_key(uint32_t *block, const unsigned char *k, const unsigned char *n) { @@ -977,8 +995,6 @@ static void sha3256(unsigned char *output, const unsigned char *input, unsigned sha3.finalize(output, 32); } -/** @endcond */ - /** * \brief Constructs a new "poly" object for the NewHope algorithm. */ @@ -1002,6 +1018,8 @@ void NewHopePoly::clear() clean(coeffs); } +/** @endcond */ + /** * \enum NewHope::Variant * \brief Describes the variant of the New Hope algorithm to implement. @@ -1024,7 +1042,7 @@ void NewHopePoly::clear() * \brief Generates the key pair for Alice in a New Hope key exchange. * * \param send The public key value for Alice to be sent to Bob. - * \param sk The secret key value for Alice to be passed to shareda() later. + * \param sk The private key value for Alice to be passed to shareda() later. * \param variant The variant of the New Hope algorithm to use, usually Ref. * \param random_seed Points to 64 bytes of random data to use to generate * the key pair. This is intended for test vectors only and should be set @@ -1036,7 +1054,7 @@ void NewHopePoly::clear() * * \sa sharedb(), shareda() */ -void NewHope::keygen(uint8_t send[NEWHOPE_SENDABYTES], NewHopePoly &sk, +void NewHope::keygen(uint8_t send[NEWHOPE_SENDABYTES], NewHopePrivateKey &sk, Variant variant, const uint8_t *random_seed) { NewHopePolyExtended a; @@ -1157,7 +1175,7 @@ void NewHope::sharedb(uint8_t shared_key[NEWHOPE_SHAREDBYTES], * \sa sharedb(), keygen() */ void NewHope::shareda(uint8_t shared_key[NEWHOPE_SHAREDBYTES], - const NewHopePoly &sk, + const NewHopePrivateKey &sk, uint8_t received[NEWHOPE_SENDBBYTES]) { NewHopePoly v, bp; diff --git a/libraries/NewHope/NewHope.h b/libraries/NewHope/NewHope.h index 129a56f1..c88df645 100644 --- a/libraries/NewHope/NewHope.h +++ b/libraries/NewHope/NewHope.h @@ -29,21 +29,13 @@ #define NEWHOPE_SENDBBYTES 2048 #define NEWHOPE_SHAREDBYTES 32 -class NewHope; - -class NewHopePoly +typedef struct { -public: - NewHopePoly(); - ~NewHopePoly(); - - void clear(); - -private: + /** @cond */ uint16_t coeffs[1024]; + /** @endcond */ - friend class NewHope; -}; +} NewHopePrivateKey; class NewHope { @@ -58,14 +50,14 @@ class NewHope Torref }; - static void keygen(uint8_t send[NEWHOPE_SENDABYTES], NewHopePoly &sk, + static void keygen(uint8_t send[NEWHOPE_SENDABYTES], NewHopePrivateKey &sk, Variant variant = Ref, const uint8_t *random_seed = 0); static void sharedb(uint8_t shared_key[NEWHOPE_SHAREDBYTES], uint8_t send[NEWHOPE_SENDBBYTES], uint8_t received[NEWHOPE_SENDABYTES], Variant variant = Ref, const uint8_t *random_seed = 0); static void shareda(uint8_t shared_key[NEWHOPE_SHAREDBYTES], - const NewHopePoly &sk, + const NewHopePrivateKey &sk, uint8_t received[NEWHOPE_SENDBBYTES]); }; diff --git a/libraries/NewHope/examples/TestNewHope/TestNewHope.ino b/libraries/NewHope/examples/TestNewHope/TestNewHope.ino index fc0fc054..799e0b28 100644 --- a/libraries/NewHope/examples/TestNewHope/TestNewHope.ino +++ b/libraries/NewHope/examples/TestNewHope/TestNewHope.ino @@ -96,7 +96,7 @@ static struct TestVector const testNewHope2 = { // "torref" variant 0x3c, 0xfb, 0x28, 0xcc, 0xda, 0xe6, 0x36, 0x0c} }; -NewHopePoly alice_private; +NewHopePrivateKey alice_private; uint8_t alice_public[NEWHOPE_SENDABYTES]; uint8_t alice_shared[NEWHOPE_SHAREDBYTES]; uint8_t bob_public[NEWHOPE_SENDBBYTES];