You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@milagro.apache.org by km...@apache.org on 2020/02/28 13:24:02 UTC
[incubator-milagro-MPC] 01/01: add static code analysis
This is an automated email from the ASF dual-hosted git repository.
kmccusker pushed a commit to branch issue21
in repository https://gitbox.apache.org/repos/asf/incubator-milagro-MPC.git
commit f5993119805fd39d7b8666790dc55c8258b9dc1f
Author: Kealan McCusker <ke...@gmail.com>
AuthorDate: Fri Feb 28 13:23:43 2020 +0000
add static code analysis
---
.travis.yml | 31 ++++++++++++++++++++++-
Dockerfile | 14 -----------
README.md | 2 ++
include/amcl/commitments.h | 4 +--
include/amcl/mpc.h | 16 ++++++------
include/amcl/mta.h | 8 +++---
include/amcl/schnorr.h | 12 ++++-----
python/amcl/commitments.py | 4 +--
python/amcl/mpc.py | 10 ++++----
python/amcl/schnorr.py | 6 ++---
sonar-project.properties | 24 ++++++++++++++++++
src/commitments.c | 14 ++++++-----
src/factoring_zk.c | 4 +--
src/mpc.c | 63 +++++++++++++++++++++++-----------------------
src/mta.c | 12 ++++-----
src/schnorr.c | 14 +++++------
16 files changed, 140 insertions(+), 98 deletions(-)
diff --git a/.travis.yml b/.travis.yml
index fd7c4f3..6bedfbf 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,14 +1,43 @@
language: c
compiler: gcc
-dist: bionic
+dist: trusty
+
services:
- docker
+addons:
+ sonarcloud:
+ organization: "kealan-github"
+ token:
+ secure: "ORVvvXrl7OGjTb+8FIKHUKVwvI5N9QEul4xX8lyRk8b1tAq5ZiqgZkQBC2FlKYAw/filKVn/XWUsm86moPIWl/ek6gxvWY5dD4Al4C9onMKFlNthjMdYBs5cMr8O7xaGSKJZxPtwLwiVa7h6AwZIzOaTIgI22lwgY5M8uW2L781JwK/TqOhClfsRrOmCHKrd+7fOeErCA9B/4fleZcvUGvkX4Cpl95nJt8LbsN17bxB5c0bieWTIQppZSQU3PZwNEjnvxYtcEMLZShv/0kO8QVxWZn8X/KBAnA38Cj9qtexwFXK3zExQjv7j9Jpz89T8VdIrckF21VgIKFPxaFZ1Xibgd8XjzOf6Fr5t+juc+fYvCnARxrHdGCajI5GlHt0yYGUSOR4zlj2Ie2l0j/tOx0N1TKXvfaBDy8PIUK2eLAws2IWnZRKBPUUeWeXK7mIH7tpHvWiCsjyVZ6Ud7mX9/tu9YubPb [...]
+
install:
- gem install coveralls-lcov
jobs:
include:
+ - stage: sonar
+ script:
+ - echo "Run static code analysis"
+ - git clone https://github.com/apache/incubator-milagro-crypto-c.git
+ - cd incubator-milagro-crypto-c
+ - mkdir build
+ - cd build
+ - cmake -D CMAKE_BUILD_TYPE=Release -D BUILD_SHARED_LIBS=ON -D AMCL_CHUNK=64 -D AMCL_CURVE="BLS381,SECP256K1" -D AMCL_RSA="" -D BUILD_PAILLIER=ON -D BUILD_PYTHON=OFF -D BUILD_BLS=ON -D BUILD_WCC=OFF -D BUILD_MPIN=OFF -D BUILD_X509=OFF -D CMAKE_INSTALL_PREFIX=/usr/local ..
+ - make
+ - sudo make install
+ - cd ../..
+ - rm -rf python
+ - mkdir build
+ - cd build
+ - cmake -D BUILD_TESTS=OFF -D BUILD_EXAMPLES=OFF -D BUILD_BENCHMARK=OFF -D BUILD_PYTHON=OFF -D BUILD_DOXYGEN=OFF ..
+ - build-wrapper-linux-x86-64 --out-dir bw-output make
+ - mv bw-output ..
+ - cd ..
+ - rm -rf test
+ - rm -rf examples
+ - rm -rf benchmark
+ - sonar-scanner -X
- stage: test
script:
- echo "Build docker image and run tests"
diff --git a/Dockerfile b/Dockerfile
index ae6c905..91b4f44 100755
--- a/Dockerfile
+++ b/Dockerfile
@@ -39,20 +39,6 @@ RUN apt-get update && \
RUN pip3 install cffi
-# install golang
-RUN cd /tmp && \
- wget https://dl.google.com/go/go1.13.linux-amd64.tar.gz && \
- tar -xzf go1.13.linux-amd64.tar.gz && \
- cp -r go /usr/local && \
- echo 'export PATH=$PATH:/usr/local/go/bin' >> /root/.bashrc
-
-# configure GO
-RUN mkdir -p /root/go/bin && \
- mkdir -p /root/go/pkg && \
- mkdir -p /root/go/src && \
- echo 'export GOPATH=/root/go' >> /root/.bashrc && \
- echo 'export PATH=$GOPATH/bin:$PATH' >> /root/.bashrc
-
# install AMCL
RUN git clone https://github.com/apache/incubator-milagro-crypto-c.git && \
cd incubator-milagro-crypto-c && \
diff --git a/README.md b/README.md
index 7653a86..85a66f1 100644
--- a/README.md
+++ b/README.md
@@ -27,6 +27,8 @@
[![Develop Build Status](https://travis-ci.org/apache/incubator-milagro-MPC.svg?branch=develop)](https://travis-ci.org/apache/incubator-milagro-MPC)
[![Develop Coverage Status](https://coveralls.io/repos/github/apache/incubator-milagro-MPC/badge.svg?branch=develop)](https://coveralls.io/github/apache/incubator-milagro-MPC?branch=develop)
+[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=apache_incubator-milagro-MPC&metric=alert_status)](https://sonarcloud.io/dashboard?id=apache_incubator-milagro-MPC)
+
* **category**: Library
* **copyright**: 2020 The Apache Software Foundation
* **license**: ASL 2.0 ([Apache License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0))
diff --git a/include/amcl/commitments.h b/include/amcl/commitments.h
index 25e7c75..d0dff24 100644
--- a/include/amcl/commitments.h
+++ b/include/amcl/commitments.h
@@ -46,7 +46,7 @@ extern "C"
* @param R Decommitment value. If RNG is null then this value is read and must be 256 bit long
* @param C Commitment value
*/
-extern void COMMITMENTS_NM_commit(csprng *RNG, octet *X, octet *R, octet *C);
+extern void COMMITMENTS_NM_commit(csprng *RNG, const octet *X, octet *R, octet *C);
/*! \brief Decommit the value X
*
@@ -55,7 +55,7 @@ extern void COMMITMENTS_NM_commit(csprng *RNG, octet *X, octet *R, octet *C);
* @param C Commitment value
* @return Returns 1 for a valid decommitment, 0 otherwise
*/
-extern int COMMITMENTS_NM_decommit(octet* X, octet* R, octet* C);
+extern int COMMITMENTS_NM_decommit(const octet* X, const octet* R, octet* C);
/* Bit Commitment Setup API */
diff --git a/include/amcl/mpc.h b/include/amcl/mpc.h
index 9e5045e..75e9fbc 100644
--- a/include/amcl/mpc.h
+++ b/include/amcl/mpc.h
@@ -56,7 +56,7 @@ extern "C" {
* @param R component of the signature
* @param S component of the signature
*/
-int MPC_ECDSA_SIGN(int sha, octet *K, octet *SK, octet *M, octet *R, octet *S);
+int MPC_ECDSA_SIGN(int sha, const octet *K, const octet *SK, octet *M, octet *R, octet *S);
/** \brief ECDSA Verify signature
*
@@ -68,7 +68,7 @@ int MPC_ECDSA_SIGN(int sha, octet *K, octet *SK, octet *M, octet *R, octet *S);
* @param S S component of signature
* @return Returns 0 or else error code
*/
-int MPC_ECDSA_VERIFY(octet *HM,octet *PK, octet *R,octet *S);
+int MPC_ECDSA_VERIFY(const octet *HM,octet *PK, octet *R,octet *S);
/** \brief Calculate the inverse of the sum of kgamma values
*
@@ -82,7 +82,7 @@ int MPC_ECDSA_VERIFY(octet *HM,octet *PK, octet *R,octet *S);
* @param KGAMMA2 Actor 2 additive share
* @param INVKGAMMA Inverse of the sum of the additive shares
*/
-void MPC_INVKGAMMA(octet *KGAMMA1, octet *KGAMMA2, octet *INVKGAMMA);
+void MPC_INVKGAMMA(const octet *KGAMMA1, const octet *KGAMMA2, octet *INVKGAMMA);
/** \brief R component
*
@@ -101,7 +101,7 @@ void MPC_INVKGAMMA(octet *KGAMMA1, octet *KGAMMA2, octet *INVKGAMMA);
* @param RP ECP associated to the R component of the signature. Optional
* @return Returns 0 or else error code
*/
-int MPC_R(octet *INVKGAMMA, octet *GAMMAPT1, octet *GAMMAPT2, octet *R, octet *RP);
+int MPC_R(const octet *INVKGAMMA, octet *GAMMAPT1, octet *GAMMAPT2, octet *R, octet *RP);
/** \brief Hash the message value
*
@@ -131,7 +131,7 @@ void MPC_HASH(int sha, octet *M, octet *HM);
* @param S S component output
* @return Returns 0 or else error code
*/
-int MPC_S(octet *HM, octet *R, octet *K, octet *SIGMA, octet *S);
+int MPC_S(const octet *HM, const octet *R, const octet *K, const octet *SIGMA, octet *S);
/** \brief Sum of ECDSA s components
*
@@ -145,7 +145,7 @@ int MPC_S(octet *HM, octet *R, octet *K, octet *SIGMA, octet *S);
* @param S2 Actor 2 ECDSA s component
* @param S S component sum
*/
-void MPC_SUM_S(octet *S1, octet *S2, octet *S);
+void MPC_SUM_S(const octet *S1, const octet *S2, octet *S);
/** \brief Sum of ECDSA public key shares
*
@@ -184,7 +184,7 @@ int MPC_SUM_PK(octet *PK1, octet *PK2, octet *PK);
* @param A Second component of the player commitment. An ECP in compressed form
* @return Returns MPC_OK or an error code
*/
-extern int MPC_PHASE5_commit(csprng *RNG, octet *R, octet *S, octet *PHI, octet *RHO, octet *V, octet *A);
+extern int MPC_PHASE5_commit(csprng *RNG, octet *R, const octet *S, octet *PHI, octet *RHO, octet *V, octet *A);
/** \brief Generate Proof for the MPC Phase 5
*
@@ -209,7 +209,7 @@ extern int MPC_PHASE5_commit(csprng *RNG, octet *R, octet *S, octet *PHI, octet
* @param T Second component of the player proof. An ECP in compressed form
* @return Returns MPC_OK or an error code
*/
-extern int MPC_PHASE5_prove(octet *PHI, octet *RHO, octet *V[2], octet *A[2], octet *PK, octet *HM, octet *RX, octet *U, octet *T);
+extern int MPC_PHASE5_prove(const octet *PHI, const octet *RHO, octet *V[2], octet *A[2], octet *PK, const octet *HM, const octet *RX, octet *U, octet *T);
/** \brief Verify Proof for the MPC Phase 5
*
diff --git a/include/amcl/mta.h b/include/amcl/mta.h
index 824989e..5df6504 100644
--- a/include/amcl/mta.h
+++ b/include/amcl/mta.h
@@ -105,7 +105,7 @@ void MPC_MTA_SERVER(csprng *RNG, PAILLIER_public_key *PUB, octet *B, octet *CA,
* @param BETA Additive share of A2.B1
* @param SUM The sum of all values
*/
-void MPC_SUM_MTA(octet *A, octet *B, octet *ALPHA, octet *BETA, octet *SUM);
+void MPC_SUM_MTA(const octet *A, const octet *B, const octet *ALPHA, const octet *BETA, octet *SUM);
/* MTA Zero Knowledge Proofs API*/
@@ -191,7 +191,7 @@ extern void MTA_RP_commit(csprng *RNG, PAILLIER_private_key *key, COMMITMENTS_BC
* @param c Commitment of the prover
* @param E Destination challenge
*/
-extern void MTA_RP_challenge(PAILLIER_public_key *key, COMMITMENTS_BC_pub_modulus *mod, octet *CT, MTA_RP_commitment *c, octet *E);
+extern void MTA_RP_challenge(PAILLIER_public_key *key, COMMITMENTS_BC_pub_modulus *mod, const octet *CT, MTA_RP_commitment *c, octet *E);
/** \brief Proof generation
*
@@ -353,7 +353,7 @@ extern void MTA_ZK_commit(csprng *RNG, PAILLIER_public_key *key, COMMITMENTS_BC_
* @param c Commitment of the prover
* @param E Destination challenge
*/
-extern void MTA_ZK_challenge(PAILLIER_public_key *key, COMMITMENTS_BC_pub_modulus *mod, octet *C1, octet *C2, MTA_ZK_commitment *c, octet *E);
+extern void MTA_ZK_challenge(PAILLIER_public_key *key, COMMITMENTS_BC_pub_modulus *mod, const octet *C1, const octet *C2, MTA_ZK_commitment *c, octet *E);
/** \brief Proof generation for Receiver ZKP
*
@@ -510,7 +510,7 @@ extern void MTA_ZKWC_commit(csprng *RNG, PAILLIER_public_key *key, COMMITMENTS_B
* @param c Commitment of the prover
* @param E Destination challenge
*/
-extern void MTA_ZKWC_challenge(PAILLIER_public_key *key, COMMITMENTS_BC_pub_modulus *mod, octet *C1, octet *C2, octet *X, MTA_ZKWC_commitment *c, octet *E);
+extern void MTA_ZKWC_challenge(PAILLIER_public_key *key, COMMITMENTS_BC_pub_modulus *mod, const octet *C1, const octet *C2, const octet *X, MTA_ZKWC_commitment *c, octet *E);
/** \brief Proof generation for Receiver ZKP with check
*
diff --git a/include/amcl/schnorr.h b/include/amcl/schnorr.h
index 087d6ce..da2d5d9 100644
--- a/include/amcl/schnorr.h
+++ b/include/amcl/schnorr.h
@@ -70,7 +70,7 @@ extern void SCHNORR_commit(csprng *RNG, octet *R, octet *C);
* @param C Public commitment value. Compressed form
* @param E Challenge generated
*/
-extern void SCHNORR_challenge(octet *V, octet *C, octet *E);
+extern void SCHNORR_challenge(const octet *V, const octet *C, octet *E);
/*! \brief Generate the proof for the given commitment and challenge
*
@@ -79,7 +79,7 @@ extern void SCHNORR_challenge(octet *V, octet *C, octet *E);
* @param X Secret exponent of the DLOG. V = x.G
* @param P Proof of knowldege of the DLOG
*/
-extern void SCHNORR_prove(octet *R, octet *E, octet *X, octet *P);
+extern void SCHNORR_prove(const octet *R, const octet *E, const octet *X, octet *P);
/*! \brief Verify the proof of knowledge for the DLOG
*
@@ -89,7 +89,7 @@ extern void SCHNORR_prove(octet *R, octet *E, octet *X, octet *P);
* @param P Proof received from the prover
* @return SCHNORR_OK if the prove is valid or an error code
*/
-extern int SCHNORR_verify(octet *V, octet *C, octet *E, octet *P);
+extern int SCHNORR_verify(octet *V, octet *C, const octet *E, const octet *P);
/* Double Schnorr's proofs API */
@@ -118,7 +118,7 @@ extern int SCHNORR_D_commit(csprng *RNG, octet *R, octet *A, octet *B, octet *C)
* @param C Public commitment value. Compressed form
* @param E Challenge generated
*/
-extern void SCHNORR_D_challenge(octet *R, octet *V, octet *C, octet *E);
+extern void SCHNORR_D_challenge(const octet *R, const octet *V, const octet *C, octet *E);
/*! \brief Generate the proof for the given commitment and challenge
*
@@ -130,7 +130,7 @@ extern void SCHNORR_D_challenge(octet *R, octet *V, octet *C, octet *E);
* @param T First component of the proof of knowldege of the DLOG
* @param U Second component of the proof of knowldege of the DLOG
*/
-extern void SCHNORR_D_prove(octet *A, octet *B, octet *E, octet *S, octet *L, octet *T, octet *U);
+extern void SCHNORR_D_prove(const octet *A, const octet *B, const octet *E, const octet *S, const octet *L, octet *T, octet *U);
/*! \brief Verify the proof of knowledge for the DLOG
*
@@ -142,7 +142,7 @@ extern void SCHNORR_D_prove(octet *A, octet *B, octet *E, octet *S, octet *L, oc
* @param U Second component of the proof received
* @return SCHNORR_OK if the prove is valid or an error code
*/
-extern int SCHNORR_D_verify(octet *R, octet *V, octet *C, octet *E, octet *T, octet *U);
+extern int SCHNORR_D_verify(octet *R, octet *V, octet *C, const octet *E, const octet *T, const octet *U);
#ifdef __cplusplus
}
diff --git a/python/amcl/commitments.py b/python/amcl/commitments.py
index d9b4dc8..4cf82f4 100644
--- a/python/amcl/commitments.py
+++ b/python/amcl/commitments.py
@@ -30,8 +30,8 @@ from . import core_utils
_ffi = core_utils._ffi
_ffi.cdef("""
-extern void COMMITMENTS_NM_commit(csprng *RNG, octet *X, octet *R, octet *C);
-extern int COMMITMENTS_NM_decommit(octet* X, octet* R, octet* C);
+extern void COMMITMENTS_NM_commit(csprng *RNG, const octet *X, octet *R, octet *C);
+extern int COMMITMENTS_NM_decommit(const octet* X, const octet* R, octet* C);
""")
if (platform.system() == 'Windows'):
diff --git a/python/amcl/mpc.py b/python/amcl/mpc.py
index a77f1a8..45dcee2 100644
--- a/python/amcl/mpc.py
+++ b/python/amcl/mpc.py
@@ -57,16 +57,16 @@ extern void PAILLIER_PK_fromOctet(PAILLIER_public_key *PUB, octet *PK);
extern int ECP_SECP256K1_KEY_PAIR_GENERATE(csprng *R,octet *s,octet *W);
extern int ECP_SECP256K1_PUBLIC_KEY_VALIDATE(octet *W);
-extern int MPC_ECDSA_VERIFY(octet *HM,octet *PK, octet *R,octet *S);
+extern int MPC_ECDSA_VERIFY(const octet *HM,octet *PK, octet *R,octet *S);
extern void MPC_MTA_CLIENT1(csprng *RNG, PAILLIER_public_key* PUB, octet* A, octet* CA, octet* R);
extern void MPC_MTA_CLIENT2(PAILLIER_private_key *PRIV, octet* CB, octet *ALPHA);
extern void MPC_MTA_SERVER(csprng *RNG, PAILLIER_public_key *PUB, octet *B, octet *CA, octet *Z, octet *R, octet *CB, octet *BETA);
extern void MPC_SUM_MTA(octet *A, octet *B, octet *ALPHA, octet *BETA, octet *SUM);
-extern void MPC_INVKGAMMA(octet *KGAMMA1, octet *KGAMMA2, octet *INVKGAMMA);
-extern extern int MPC_R(octet *INVKGAMMA, octet *GAMMAPT1, octet *GAMMAPT2, octet *R, octet *RP);
+extern void MPC_INVKGAMMA(const octet *KGAMMA1, const octet *KGAMMA2, octet *INVKGAMMA);
+extern int MPC_R(const octet *INVKGAMMA, octet *GAMMAPT1, octet *GAMMAPT2, octet *R, octet *RP);
extern void MPC_HASH(int sha, octet *M, octet *HM);
-extern int MPC_S(octet *HM, octet *R, octet *K, octet *SIGMA, octet *S);
-extern void MPC_SUM_S(octet *S1, octet *S2, octet *S);
+extern int MPC_S(const octet *HM, const octet *R, const octet *K, const octet *SIGMA, octet *S);
+extern void MPC_SUM_S(const octet *S1, const octet *S2, octet *S);
extern int MPC_SUM_PK(octet *PK1, octet *PK2, octet *PK);
extern void MPC_DUMP_PAILLIER_SK(PAILLIER_private_key *PRIV, octet *P, octet *Q);
""")
diff --git a/python/amcl/schnorr.py b/python/amcl/schnorr.py
index 584af95..d6c462c 100644
--- a/python/amcl/schnorr.py
+++ b/python/amcl/schnorr.py
@@ -30,9 +30,9 @@ _ffi = core_utils._ffi
_ffi.cdef("""
extern void SCHNORR_random_challenge(csprng *RNG, octet *E);
extern void SCHNORR_commit(csprng *RNG, octet *R, octet *C);
-extern void SCHNORR_challenge(octet *V, octet *C, octet *E);
-extern void SCHNORR_prove(octet *R, octet *E, octet *X, octet *P);
-extern int SCHNORR_verify(octet *V, octet *C, octet *E, octet *P);
+extern void SCHNORR_challenge(const octet *V, const octet *C, octet *E);
+extern void SCHNORR_prove(const octet *R, const octet *E, const octet *X, octet *P);
+extern int SCHNORR_verify(octet *V, octet *C, const octet *E, const octet *P);
""")
if (platform.system() == 'Windows'):
diff --git a/sonar-project.properties b/sonar-project.properties
new file mode 100644
index 0000000..4f67575
--- /dev/null
+++ b/sonar-project.properties
@@ -0,0 +1,24 @@
+sonar.projectKey=apache_incubator-milagro-MPC
+sonar.projectName=apache_incubator-milagro-MPC
+sonar.projectVersion=0.1.0
+
+# =====================================================
+# Meta-data for the project
+# =====================================================
+
+sonar.links.homepage=https://github.com/apache/incubator-milagro-MPC
+sonar.links.ci=https://travis-ci.com/kealan/incubator-milagro-MPC
+sonar.links.scm=https://github.com/apache/incubator-milagro-MPC
+sonar.links.issue=https://github.com/apache/incubator-milagro-MPC/issues
+
+
+# =====================================================
+# Properties that will be shared amongst all modules
+# =====================================================
+
+# SQ standard properties
+sonar.sources=.
+
+# Properties specific to the C/C++ analyzer:
+sonar.cfamily.build-wrapper-output=bw-output
+sonar.cfamily.gcov.reportsPath=.
diff --git a/src/commitments.c b/src/commitments.c
index f9ba973..b191c98 100644
--- a/src/commitments.c
+++ b/src/commitments.c
@@ -22,7 +22,7 @@ under the License.
/* NM Commitments Definitions */
// Compute the hash of X || R
-void hash(octet *X, octet *R, octet *C)
+static void hash(const octet *X, const octet *R, octet *C)
{
int i;
hash256 sha256;
@@ -47,7 +47,7 @@ void hash(octet *X, octet *R, octet *C)
}
// Compute a commitment for the value X
-void COMMITMENTS_NM_commit(csprng *RNG, octet *X, octet *R, octet *C)
+void COMMITMENTS_NM_commit(csprng *RNG, const octet *X, octet *R, octet *C)
{
if (RNG != NULL)
{
@@ -58,7 +58,7 @@ void COMMITMENTS_NM_commit(csprng *RNG, octet *X, octet *R, octet *C)
}
// Verify the commitment for the value X
-int COMMITMENTS_NM_decommit(octet *X, octet *R, octet *C)
+int COMMITMENTS_NM_decommit(const octet *X, const octet *R, octet *C)
{
char d[SHA256];
octet D = {0, sizeof(d), d};
@@ -86,12 +86,14 @@ int COMMITMENTS_NM_decommit(octet *X, octet *R, octet *C)
/*
* Check if a number is a safe prime
*/
-int is_safe_prime(BIG_1024_58 *p, BIG_1024_58 *P, csprng *RNG, int n)
+static int is_safe_prime(BIG_1024_58 *p, BIG_1024_58 *P, csprng *RNG, int n)
{
#ifndef C99
- BIG_1024_58 Pm1[FFLEN_2048], f[FFLEN_2048];
+ BIG_1024_58 Pm1[FFLEN_2048];
+ BIG_1024_58 f[FFLEN_2048];
#else
- BIG_1024_58 Pm1[n], f[n];
+ BIG_1024_58 Pm1[n];
+ BIG_1024_58 f[n];
#endif
// Sieve small primes from P, p is already checked in Miller-Rabin
diff --git a/src/factoring_zk.c b/src/factoring_zk.c
index 339d349..07dd2e8 100644
--- a/src/factoring_zk.c
+++ b/src/factoring_zk.c
@@ -25,7 +25,7 @@ under the License.
#define FACTORING_ZK_K 2
// Copy the internal state of an hash function
-void hash_copy(hash256 *dst, hash256 *src)
+static void hash_copy(hash256 *dst, const hash256 *src)
{
memcpy(dst->length, src->length, sizeof(dst->length));
memcpy(dst->h, src->h, sizeof(dst->h));
@@ -34,7 +34,7 @@ void hash_copy(hash256 *dst, hash256 *src)
}
// utility function to has an octet
-void hash_oct(hash256 *sha, octet *O)
+static void hash_oct(hash256 *sha, const octet *O)
{
int i;
diff --git a/src/mpc.c b/src/mpc.c
index 80babcc..42b26d2 100644
--- a/src/mpc.c
+++ b/src/mpc.c
@@ -24,7 +24,7 @@ under the License.
#include <amcl/mpc.h>
/* ECDSA Signature, R and S are the signature on M using private key SK */
-int MPC_ECDSA_SIGN(int sha, octet *K, octet *SK, octet *M, octet *R, octet *S)
+int MPC_ECDSA_SIGN(int sha, const octet *K, const octet *SK, octet *M, octet *R, octet *S)
{
char h[128];
octet H = {0,sizeof(h),h};
@@ -81,7 +81,6 @@ int MPC_ECDSA_SIGN(int sha, octet *K, octet *SK, octet *M, octet *R, octet *S)
// s = z + r.sk mod q
BIG_256_56_add(s,z,s);
- //BIG_256_56_mod(s,q);
// s = k(z + r.sk) mod q
BIG_256_56_modmul(s,k,s,q);
@@ -101,9 +100,8 @@ int MPC_ECDSA_SIGN(int sha, octet *K, octet *SK, octet *M, octet *R, octet *S)
/* IEEE1363 ECDSA Signature Verification. Signature R and S on M is verified using public key, PK */
-int MPC_ECDSA_VERIFY(octet *HM, octet *PK, octet *R,octet *S)
+int MPC_ECDSA_VERIFY(const octet *HM, octet *PK, octet *R,octet *S)
{
- int res=0;
BIG_256_56 q;
BIG_256_56 z;
BIG_256_56 c;
@@ -128,37 +126,38 @@ int MPC_ECDSA_VERIFY(octet *HM, octet *PK, octet *R,octet *S)
if (BIG_256_56_iszilch(c) || BIG_256_56_comp(c,q)>=0 || BIG_256_56_iszilch(d) || BIG_256_56_comp(d,q)>=0)
{
- res=ECDH_INVALID;
+ return ECDH_INVALID;
}
- if (res==0)
+ BIG_256_56_invmodp(d,d,q);
+ BIG_256_56_modmul(z,z,d,q);
+ BIG_256_56_modmul(h2,c,d,q);
+
+ valid=ECP_SECP256K1_fromOctet(&WP,PK);
+ if (!valid)
+ {
+ return ECDH_ERROR;
+ }
+
+ ECP_SECP256K1_mul2(&WP,&G,h2,z);
+
+ if (ECP_SECP256K1_isinf(&WP))
{
- BIG_256_56_invmodp(d,d,q);
- BIG_256_56_modmul(z,z,d,q);
- BIG_256_56_modmul(h2,c,d,q);
-
- valid=ECP_SECP256K1_fromOctet(&WP,PK);
-
- if (!valid) res=ECDH_ERROR;
- else
- {
- ECP_SECP256K1_mul2(&WP,&G,h2,z);
-
- if (ECP_SECP256K1_isinf(&WP)) res=ECDH_INVALID;
- else
- {
- ECP_SECP256K1_get(d,d,&WP);
- BIG_256_56_mod(d,q);
- if (BIG_256_56_comp(d,c)!=0) res=ECDH_INVALID;
- }
- }
+ return ECDH_INVALID;
}
- return res;
+ ECP_SECP256K1_get(d,d,&WP);
+ BIG_256_56_mod(d,q);
+ if (BIG_256_56_comp(d,c)!=0)
+ {
+ return ECDH_INVALID;
+ }
+
+ return 0;
}
/* Calculate the inverse of kgamma */
-void MPC_INVKGAMMA(octet *KGAMMA1, octet *KGAMMA2, octet *INVKGAMMA)
+void MPC_INVKGAMMA(const octet *KGAMMA1, const octet *KGAMMA2, octet *INVKGAMMA)
{
BIG_256_56 kgamma1;
BIG_256_56 kgamma2;
@@ -185,7 +184,7 @@ void MPC_INVKGAMMA(octet *KGAMMA1, octet *KGAMMA2, octet *INVKGAMMA)
/* Calculate the r component of the signature */
-int MPC_R(octet *INVKGAMMA, octet *GAMMAPT1, octet *GAMMAPT2, octet *R, octet *RP)
+int MPC_R(const octet *INVKGAMMA, octet *GAMMAPT1, octet *GAMMAPT2, octet *R, octet *RP)
{
BIG_256_56 invkgamma;
BIG_256_56 q;
@@ -243,7 +242,7 @@ void MPC_HASH(int sha, octet *M, octet *HM)
}
// Calculate the s component of the signature
-int MPC_S(octet *HM, octet *R, octet *K, octet *SIGMA, octet *S)
+int MPC_S(const octet *HM, const octet *R, const octet *K, const octet *SIGMA, octet *S)
{
BIG_256_56 q;
BIG_256_56 k;
@@ -285,7 +284,7 @@ int MPC_S(octet *HM, octet *R, octet *K, octet *SIGMA, octet *S)
}
/* Calculate sum of s components of signature */
-void MPC_SUM_S(octet *S1, octet *S2, octet *S)
+void MPC_SUM_S(const octet *S1, const octet *S2, octet *S)
{
BIG_256_56 s1;
BIG_256_56 s2;
@@ -334,7 +333,7 @@ int MPC_SUM_PK(octet *PK1, octet *PK2, octet *PK)
return MPC_OK;
}
-int MPC_PHASE5_commit(csprng *RNG, octet *R, octet *S, octet *PHI, octet *RHO, octet *V, octet *A)
+int MPC_PHASE5_commit(csprng *RNG, octet *R, const octet *S, octet *PHI, octet *RHO, octet *V, octet *A)
{
BIG_256_56 ws;
BIG_256_56 phi;
@@ -386,7 +385,7 @@ int MPC_PHASE5_commit(csprng *RNG, octet *R, octet *S, octet *PHI, octet *RHO, o
return MPC_OK;
}
-int MPC_PHASE5_prove(octet *PHI, octet *RHO, octet *V[2], octet *A[2], octet *PK, octet *HM, octet *RX, octet *U, octet *T)
+int MPC_PHASE5_prove(const octet *PHI, const octet *RHO, octet *V[2], octet *A[2], octet *PK, const octet *HM, const octet *RX, octet *U, octet *T)
{
BIG_256_56 m;
BIG_256_56 r;
diff --git a/src/mta.c b/src/mta.c
index 86f07fa..6e72303 100644
--- a/src/mta.c
+++ b/src/mta.c
@@ -28,7 +28,7 @@ static char* curve_order_hex = "fffffffffffffffffffffffffffffffebaaedce6af48a03b
/* Octet manipulation utilities */
-void OCT_hash(hash256 *sha, octet *O)
+static void OCT_hash(hash256 *sha, const octet *O)
{
int i;
@@ -264,7 +264,7 @@ void MPC_MTA_SERVER(csprng *RNG, PAILLIER_public_key *PUB, octet *B, octet *CA,
}
/* sum = a1.b1 + alpha + beta */
-void MPC_SUM_MTA(octet *A, octet *B, octet *ALPHA, octet *BETA, octet *SUM)
+void MPC_SUM_MTA(const octet *A, const octet *B, const octet *ALPHA, const octet *BETA, octet *SUM)
{
BIG_256_56 a;
BIG_256_56 b;
@@ -387,7 +387,7 @@ void MTA_RP_commit(csprng *RNG, PAILLIER_private_key *key, COMMITMENTS_BC_pub_mo
FF_2048_zero(dws, HFLEN_2048);
}
-void MTA_RP_challenge(PAILLIER_public_key *key, COMMITMENTS_BC_pub_modulus *mod, octet *CT, MTA_RP_commitment *c, octet *E)
+void MTA_RP_challenge(PAILLIER_public_key *key, COMMITMENTS_BC_pub_modulus *mod, const octet *CT, MTA_RP_commitment *c, octet *E)
{
hash256 sha;
@@ -770,7 +770,7 @@ void MTA_ZK_commit(csprng *RNG, PAILLIER_public_key *key, COMMITMENTS_BC_pub_mod
FF_4096_zero(gamma, HFLEN_4096);
}
-void MTA_ZK_challenge(PAILLIER_public_key *key, COMMITMENTS_BC_pub_modulus *mod, octet *C1, octet *C2, MTA_ZK_commitment *c, octet *E)
+void MTA_ZK_challenge(PAILLIER_public_key *key, COMMITMENTS_BC_pub_modulus *mod, const octet *C1, const octet *C2, MTA_ZK_commitment *c, octet *E)
{
hash256 sha;
char digest[SHA256];
@@ -1070,7 +1070,7 @@ void MTA_ZKWC_commit(csprng *RNG, PAILLIER_public_key *key, COMMITMENTS_BC_pub_m
ECP_SECP256K1_mul(&(c->U), alpha);
}
-void MTA_ZKWC_challenge(PAILLIER_public_key *key, COMMITMENTS_BC_pub_modulus *mod, octet *C1, octet *C2, octet *X, MTA_ZKWC_commitment *c, octet *E)
+void MTA_ZKWC_challenge(PAILLIER_public_key *key, COMMITMENTS_BC_pub_modulus *mod, const octet *C1, const octet *C2, const octet *X, MTA_ZKWC_commitment *c, octet *E)
{
hash256 sha;
char digest[SHA256];
@@ -1208,4 +1208,4 @@ void MTA_ZKWC_proof_fromOctets(MTA_ZKWC_proof *p, octet *S, octet *S1, octet *S2
void MTA_ZKWC_commitment_rv_kill(MTA_ZKWC_commitment_rv *rv)
{
MTA_ZK_commitment_rv_kill(rv);
-}
\ No newline at end of file
+}
diff --git a/src/schnorr.c b/src/schnorr.c
index 7c898d9..7d20095 100644
--- a/src/schnorr.c
+++ b/src/schnorr.c
@@ -19,7 +19,7 @@ under the License.
#include "amcl/schnorr.h"
-void hash_octet(hash256 *sha, octet *O)
+static void hash_octet(hash256 *sha, const octet *O)
{
int i;
@@ -75,7 +75,7 @@ void SCHNORR_commit(csprng *RNG, octet *R, octet *C)
BIG_256_56_zero(r);
}
-void SCHNORR_challenge(octet *V, octet *C, octet *E)
+void SCHNORR_challenge(const octet *V, const octet *C, octet *E)
{
hash256 sha;
@@ -105,7 +105,7 @@ void SCHNORR_challenge(octet *V, octet *C, octet *E)
E->len = SGS_SECP256K1;
}
-void SCHNORR_prove(octet *R, octet *E, octet *X, octet *P)
+void SCHNORR_prove(const octet *R, const octet *E, const octet *X, octet *P)
{
BIG_256_56 r;
BIG_256_56 e;
@@ -135,7 +135,7 @@ void SCHNORR_prove(octet *R, octet *E, octet *X, octet *P)
BIG_256_56_dzero(d);
}
-int SCHNORR_verify(octet *V, octet*C, octet *E, octet *P)
+int SCHNORR_verify(octet *V, octet*C, const octet *E, const octet *P)
{
int rc;
@@ -219,7 +219,7 @@ int SCHNORR_D_commit(csprng *RNG, octet *R, octet *A, octet *B, octet *C)
return SCHNORR_OK;
}
-void SCHNORR_D_challenge(octet *R, octet *V, octet *C, octet *E)
+void SCHNORR_D_challenge(const octet *R, const octet *V, const octet *C, octet *E)
{
hash256 sha;
@@ -250,7 +250,7 @@ void SCHNORR_D_challenge(octet *R, octet *V, octet *C, octet *E)
E->len = MODBYTES_256_56;
}
-void SCHNORR_D_prove(octet *A, octet *B, octet *E, octet *S, octet *L, octet *T, octet *U)
+void SCHNORR_D_prove(const octet *A, const octet *B, const octet *E, const octet *S, const octet *L, octet *T, octet *U)
{
BIG_256_56 r;
BIG_256_56 e;
@@ -290,7 +290,7 @@ void SCHNORR_D_prove(octet *A, octet *B, octet *E, octet *S, octet *L, octet *T,
BIG_256_56_dzero(d);
}
-int SCHNORR_D_verify(octet *R, octet *V, octet *C, octet *E, octet *T, octet *U)
+int SCHNORR_D_verify(octet *R, octet *V, octet *C, const octet *E, const octet *T, const octet *U)
{
ECP_SECP256K1 G;
ECP_SECP256K1 ECPR;