Merge pull request #1794 from hintjens/master

Problem: tweetnacl sources are a mess

Merge pull request #1794 from hintjens/master
Problem: tweetnacl sources are a mess
1fb48409 · Luca Boccassi · a460e5ab · f8ed793f · 1fb48409 · 1fb48409
Commit 1fb48409 authored Feb 11, 2016 by Luca Boccassi
17 changed files
--- a/AUTHORS
+++ b/AUTHORS
@@ -12,7 +12,7 @@ Copyright (c) 2014 AppDynamics Inc.
 Individual Contributors
 =======================

-AJ Lewis 
+AJ Lewis
 Alexej Lotz 
 Andrew Thompson 
 Asko Kauppi 
@@ -36,10 +36,11 @@ Christian Kamm
 Chuck Remes 
 Conrad D. Steenberg 
 Constantin Rack
-Dhammika Pathirana 
+Daniel J. Bernstein
+Dhammika Pathirana
 Dhruva Krishnamurthy 
 Dirk O. Kaar 
-Douglas Creager 
+Douglas Creager
 Drew Crawford 
 Erich Heine 
 Erik Hugne 

--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -26,13 +26,14 @@ elseif (WITH_SODIUM)
    find_package (Sodium)
    if (SODIUM_FOUND)
        message (STATUS "Using libsodium for CURVE security")
-        add_definitions (-DZMQ_HAVE_CURVE -DHAVE_LIBSODIUM)
        include_directories (${SODIUM_INCLUDE_DIRS})

        # On Solaris, libsodium depends on libssp
        if (${CMAKE_SYSTEM_NAME} matches "SunOS")
            target_link_libraries (libzmq ssp)
        endif ()
+        set (HAVE_LIBSODIUM 1)
+        set (ZMQ_HAVE_CURVE 1)
    else ()
        message (FATAL_ERROR
            "libsodium is not installed. Install it, then run CMake again")
@@ -40,17 +41,9 @@ elseif (WITH_SODIUM)

 else ()
    message (STATUS "Using tweetnacl for CURVE security")
-    add_definitions (-DZMQ_HAVE_CURVE -DHAVE_TWEETNACL)
-    include_directories (tweetnacl/contrib/randombytes tweetnacl/src)
-    list (APPEND sources ${CMAKE_CURRENT_SOURCE_DIR}/tweetnacl/src/tweetnacl.c)
-    #   TODO: this should be a single coherent source file
-    if (WIN32)
-        list (APPEND sources
-            ${CMAKE_CURRENT_SOURCE_DIR}/tweetnacl/contrib/randombytes/winrandom.c)
-    else ()
-        list (APPEND sources
-            ${CMAKE_CURRENT_SOURCE_DIR}/tweetnacl/contrib/randombytes/devurandom.c)
-    endif ()
+    list (APPEND sources ${CMAKE_CURRENT_SOURCE_DIR}/src/tweetnacl.c)
+    set (ZMQ_USE_TWEETNACL 1)
+    set (ZMQ_HAVE_CURVE 1)
 endif ()

 set (POLLER "" CACHE STRING "Choose polling system. valid values are
@@ -565,8 +558,6 @@ if (NOT ZMQ_BUILD_FRAMEWORK)
  install (FILES ${CMAKE_CURRENT_BINARY_DIR}/libzmq.pc DESTINATION lib/pkgconfig)
 endif ()

-
-
 if (MSVC)
  if (CMAKE_CL_64)
    set (nsis-template ${CMAKE_CURRENT_SOURCE_DIR}/builds/cmake/NSIS.template64.in)

--- a/Makefile.am
+++ b/Makefile.am
@@ -192,6 +192,8 @@ src_libzmq_la_SOURCES = \
 	src/tipc_listener.hpp \
 	src/trie.cpp \
 	src/trie.hpp \
+	src/tweetnacl.c \
+	src/tweetnacl.h \
 	src/udp_address.cpp \
 	src/udp_address.hpp \
 	src/udp_engine.cpp \
@@ -269,15 +271,6 @@ src_libzmq_la_CPPFLAGS =
 src_libzmq_la_CXXFLAGS = @LIBZMQ_EXTRA_CXXFLAGS@
 src_libzmq_la_LIBADD =

-if USE_TWEETNACL
-src_libzmq_la_SOURCES += \
-    tweetnacl/src/tweetnacl.c \
-    tweetnacl/contrib/randombytes/devurandom.c
-src_libzmq_la_CXXFLAGS += \
-    -I$(top_builddir)/tweetnacl/contrib/randombytes \
-    -I$(top_builddir)/tweetnacl/src
-endif
-
 if USE_LIBSODIUM
 src_libzmq_la_CPPFLAGS += ${sodium_CFLAGS}
 src_libzmq_la_LIBADD += ${sodium_LIBS}
@@ -753,7 +746,6 @@ EXTRA_DIST = \
 	MAINTAINERS	\
 	src/libzmq.pc.cmake.in \
 	src/libzmq.vers \
-	tweetnacl \
 	tools/curve_keygen.cpp

 MAINTAINERCLEANFILES = \

--- a/builds/cmake/platform.hpp.in
+++ b/builds/cmake/platform.hpp.in
@@ -9,7 +9,6 @@

 #cmakedefine ZMQ_FORCE_MUTEXES

-
 #cmakedefine HAVE_FORK
 #cmakedefine HAVE_CLOCK_GETTIME
 #cmakedefine HAVE_GETHRTIME
@@ -31,6 +30,9 @@
 #cmakedefine ZMQ_HAVE_OPENPGM
 #cmakedefine ZMQ_MAKE_VALGRIND_HAPPY

+#cmakedefine ZMQ_HAVE_CURVE
+#cmakedefine HAVE_TWEETNACL
+#cmakedefine HAVE_LIBSODIUM

 #ifdef _AIX
  #define ZMQ_HAVE_AIX
@@ -86,4 +88,4 @@

 #cmakedefine ZMQ_HAVE_WINDOWS

-#endif
\ No newline at end of file
+#endif
--- a/configure.ac
+++ b/configure.ac
@@ -456,7 +456,7 @@ elif test "x$with_libsodium" == "xyes"; then
 else
    AC_MSG_NOTICE([Using tweetnacl for CURVE security])
    AC_DEFINE(ZMQ_HAVE_CURVE, [1], [Using curve encryption])
-    AC_DEFINE(HAVE_TWEETNACL, [1], [Using tweetnacl for curve encryption])
+    AC_DEFINE(ZMQ_USE_TWEETNACL, [1], [Using tweetnacl for curve encryption])
    curve_library="tweetnacl"
    libzmq_pedantic="no"    #   Disable pedantic warnings
 fi

--- a/src/ctx.cpp
+++ b/src/ctx.cpp
@@ -48,8 +48,8 @@
 #include "err.hpp"
 #include "msg.hpp"

-#if defined (HAVE_TWEETNACL)
-#   include "randombytes.h"
+#if defined (ZMQ_USE_TWEETNACL)
+#   include "tweetnacl.h"
 #elif defined (HAVE_LIBSODIUM)
 #   include "sodium.h"
 #endif

--- a/src/curve_client.cpp
+++ b/src/curve_client.cpp
@@ -53,7 +53,7 @@ zmq::curve_client_t::curve_client_t (const options_t &options_) :
    memcpy (secret_key, options_.curve_secret_key, crypto_box_SECRETKEYBYTES);
    memcpy (server_key, options_.curve_server_key, crypto_box_PUBLICKEYBYTES);
    scoped_lock_t lock (sync);
-#if defined(HAVE_TWEETNACL)
+#if defined (ZMQ_USE_TWEETNACL)
    // allow opening of /dev/urandom
    unsigned char tmpbytes[4];
    randombytes(tmpbytes, 4);

--- a/src/curve_client.hpp
+++ b/src/curve_client.hpp
@@ -35,9 +35,8 @@
 #include "platform.hpp"
 #include "mutex.hpp"

-#if defined (HAVE_TWEETNACL)
-#   include "tweetnacl_base.h"
-#   include "randombytes.h"
+#if defined (ZMQ_USE_TWEETNACL)
+#   include "tweetnacl.h"
 #elif defined (HAVE_LIBSODIUM)
 #   include "sodium.h"
 #endif
@@ -47,7 +46,7 @@
 ||  crypto_box_SECRETKEYBYTES != 32 \
 ||  crypto_box_ZEROBYTES != 32 \
 ||  crypto_box_BOXZEROBYTES != 16
-#   error "libsodium not built properly"
+#   error "CURVE library not built properly"
 #endif

 #include "mechanism.hpp"

--- a/src/curve_server.cpp
+++ b/src/curve_server.cpp
@@ -56,10 +56,10 @@ zmq::curve_server_t::curve_server_t (session_base_t *session_,
    //  Fetch our secret key from socket options
    memcpy (secret_key, options_.curve_secret_key, crypto_box_SECRETKEYBYTES);
    scoped_lock_t lock (sync);
-#if defined(HAVE_TWEETNACL)
+#if defined (ZMQ_USE_TWEETNACL)
    // allow opening of /dev/urandom
    unsigned char tmpbytes[4];
-    randombytes(tmpbytes, 4);
+    randombytes (tmpbytes, 4);
 #else
    rc = sodium_init ();
    zmq_assert (rc != -1);

--- a/src/curve_server.hpp
+++ b/src/curve_server.hpp
@@ -34,9 +34,8 @@

 #include "platform.hpp"

-#if defined (HAVE_TWEETNACL)
-#   include "tweetnacl_base.h"
-#   include "randombytes.h"
+#if defined (ZMQ_USE_TWEETNACL)
+#   include "tweetnacl.h"
 #elif defined (HAVE_LIBSODIUM)
 #   include "sodium.h"
 #endif
@@ -49,7 +48,7 @@
 ||  crypto_secretbox_NONCEBYTES != 24 \
 ||  crypto_secretbox_ZEROBYTES != 32 \
 ||  crypto_secretbox_BOXZEROBYTES != 16
-#   error "libsodium not built properly"
+#   error "CURVE library not built properly"
 #endif

 #include "mechanism.hpp"

--- a/tweetnacl/src/tweetnacl.c
+++ b/tweetnacl/src/tweetnacl.c
-#if defined(HAVE_NACL_COMPABILTY)
-/* NaCL Compabilty */
+/*
+    Copyright (c) 2016 Contributors as noted in the AUTHORS file
+
+    This file is part of libzmq, the ZeroMQ core engine in C++.
+
+    libzmq is free software; you can redistribute it and/or modify it under
+    the terms of the GNU Lesser General Public License (LGPL) as published
+    by the Free Software Foundation; either version 3 of the License, or
+    (at your option) any later version.
+
+    As a special exception, the Contributors give you permission to link
+    this library with independent modules to produce an executable,
+    regardless of the license terms of these independent modules, and to
+    copy and distribute the resulting executable under terms of your choice,
+    provided that you also meet, for each linked independent module, the
+    terms and conditions of the license of that module. An independent
+    module is a module which is not derived from or based on this library.
+    If you modify this library, you must extend this exception to your
+    version of the library.
+
+    libzmq is distributed in the hope that it will be useful, but WITHOUT
+    ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+    FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
+    License for more details.
+
+    You should have received a copy of the GNU Lesser General Public License
+    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "platform.hpp"
+#if defined (ZMQ_USE_TWEETNACL)
+
 #include "tweetnacl.h"
-#else
-/* direct tweetnacl usage */
-#include "tweetnacl_base.h"
-#endif

 #define FOR(i,n) for (i = 0;i < n;++i)
 #define sv static void

-#ifndef TWEETNACL_BASE_H
-typedef unsigned char u8;
-typedef unsigned long u32;
-typedef unsigned long long u64;
-typedef long long i64;
-typedef i64 gf[16];
-#endif
-extern void randombytes(u8 *,u64);
-
 static const u8
  _0[16],
  _9[32] = {9};
@@ -816,3 +833,102 @@ int crypto_sign_open(u8 *m,u64 *mlen,const u8 *sm,u64 n,const u8 *pk)
  *mlen = n;
  return 0;
 }
+
+
+#ifdef ZMQ_HAVE_WINDOWS
+
+#include <windows.h>
+#include <WinCrypt.h>
+
+#define NCP ((HCRYPTPROV) 0)
+
+HCRYPTPROV hProvider = NCP;
+
+void randombytes(unsigned char *x,unsigned long long xlen)
+{
+    unsigned i;
+    BOOL ret;
+
+    if (hProvider == NCP) {
+        for (;;) {
+            ret = CryptAcquireContext(&hProvider, NULL, NULL,
+                                      PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT);
+            if (ret != FALSE)
+                break;
+            Sleep (1);
+        }
+    }
+    while (xlen > 0) {
+        if (xlen < 1048576)
+            i = (unsigned) xlen;
+        else
+            i = 1048576;
+
+        ret = CryptGenRandom(hProvider, i, x);
+        if (ret == FALSE) {
+            Sleep(1);
+            continue;
+        }
+        x += i;
+        xlen -= i;
+    }
+}
+
+int randombytes_close(void)
+{
+    int rc = -1;
+    if ((hProvider != NCP) && (CryptReleaseContext(hProvider, 0) != FALSE)) {
+        hProvider = NCP;
+        rc = 0;
+    }
+    return rc;
+}
+
+#else
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <unistd.h>
+
+static int fd = -1;
+
+void randombytes (unsigned char *x,unsigned long long xlen)
+{
+    int i;
+    if (fd == -1) {
+        for (;;) {
+            fd = open("/dev/urandom",O_RDONLY);
+            if (fd != -1) break;
+                sleep (1);
+        }
+    }
+    while (xlen > 0) {
+        if (xlen < 1048576)
+            i = xlen;
+        else
+            i = 1048576;
+
+        i = read(fd,x,i);
+        if (i < 1) {
+            sleep (1);
+            continue;
+        }
+        x += i;
+        xlen -= i;
+    }
+}
+
+int randombytes_close (void)
+{
+    int rc = -1;
+    if (fd != -1 && close(fd) == 0) {
+        fd = -1;
+        rc = 0;
+    }
+    return rc;
+}
+
+#endif
+
+#endif
--- a/tweetnacl/src/tweetnacl_base.h
+++ b/tweetnacl/src/tweetnacl_base.h
-#ifndef TWEETNACL_BASE_H
-#define TWEETNACL_BASE_H
+/*
+    Copyright (c) 2016 Contributors as noted in the AUTHORS file

-/* the original file seems to be a compability layer for NaCL */
+    This file is part of libzmq, the ZeroMQ core engine in C++.

-/* This here is for direct tweetnacl usage */ 
+    libzmq is free software; you can redistribute it and/or modify it under
+    the terms of the GNU Lesser General Public License (LGPL) as published
+    by the Free Software Foundation; either version 3 of the License, or
+    (at your option) any later version.
+
+    As a special exception, the Contributors give you permission to link
+    this library with independent modules to produce an executable,
+    regardless of the license terms of these independent modules, and to
+    copy and distribute the resulting executable under terms of your choice,
+    provided that you also meet, for each linked independent module, the
+    terms and conditions of the license of that module. An independent
+    module is a module which is not derived from or based on this library.
+    If you modify this library, you must extend this exception to your
+    version of the library.
+
+    libzmq is distributed in the hope that it will be useful, but WITHOUT
+    ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+    FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
+    License for more details.
+
+    You should have received a copy of the GNU Lesser General Public License
+    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#ifndef TWEETNACL_H
+#define TWEETNACL_H
+
+#include "platform.hpp"
+#if defined (ZMQ_USE_TWEETNACL)

 #define crypto_box_SECRETKEYBYTES 32
 #define crypto_box_BOXZEROBYTES 16
@@ -24,10 +52,11 @@ typedef i64 gf[16];
 #ifdef __cplusplus
 extern "C" {
 #endif
+void randombytes (unsigned char *, unsigned long long);
+int randombytes_close (void);
+
 int crypto_box_keypair(u8 *y,u8 *x);
 int crypto_box_afternm(u8 *c,const u8 *m,u64 d,const u8 *n,const u8 *k);
-
-
 int crypto_box_open_afternm(u8 *m,const u8 *c,u64 d,const u8 *n,const u8 *k);
 int crypto_box(u8 *c,const u8 *m,u64 d,const u8 *n,const u8 *y,const u8 *x);
 int crypto_box_open(u8 *m,const u8 *c,u64 d,const u8 *n,const u8 *y,const u8 *x);
@@ -39,3 +68,5 @@ int crypto_secretbox_open(u8 *m,const u8 *c,u64 d,const u8 *n,const u8 *k);
 #endif

 #endif
+
+#endif
--- a/src/zmq_utils.cpp
+++ b/src/zmq_utils.cpp
@@ -38,14 +38,13 @@
 #include <assert.h>

 #if !defined ZMQ_HAVE_WINDOWS
-#include <unistd.h>
+#   include <unistd.h>
 #else
-#include "windows.hpp"
+#   include "windows.hpp"
 #endif

-#if defined (HAVE_TWEETNACL)
-#   include "tweetnacl_base.h"
-#   include "randombytes.h"
+#if defined (ZMQ_USE_TWEETNACL)
+#   include "tweetnacl.h"
 #elif defined (HAVE_LIBSODIUM)
 #   include "sodium.h"
 #endif

--- a/tweetnacl/contrib/randombytes/devurandom.c
+++ b/tweetnacl/contrib/randombytes/devurandom.c
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-#include <unistd.h>
-
-/* it's really stupid that there isn't a syscall for this */
-
-static int fd = -1;
-
-void randombytes(unsigned char *x,unsigned long long xlen)
-{
-  int i;
-
-  if (fd == -1) {
-    for (;;) {
-      fd = open("/dev/urandom",O_RDONLY);
-      if (fd != -1) break;
-      sleep(1);
-    }
-  }
-
-  while (xlen > 0) {
-    if (xlen < 1048576) i = xlen; else i = 1048576;
-
-    i = read(fd,x,i);
-    if (i < 1) {
-      sleep(1);
-      continue;
-    }
-
-    x += i;
-    xlen -= i;
-  }
-}
-
-int randombytes_close(void)
-{
-  int rc = -1;
-  if(fd != -1 && close(fd) == 0) {
-    fd = -1;
-    rc = 0;
-  }
-  return rc;
-}
--- a/tweetnacl/contrib/randombytes/randombytes.h
+++ b/tweetnacl/contrib/randombytes/randombytes.h
-/*
-randombytes/randombytes.h version 20080713
-D. J. Bernstein
-Public domain.
-*/
-
-#ifndef randombytes_H
-#define randombytes_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-extern void randombytes(unsigned char *,unsigned long long);
-extern int randombytes_close(void);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
--- a/tweetnacl/contrib/randombytes/winrandom.c
+++ b/tweetnacl/contrib/randombytes/winrandom.c
-#include <windows.h>
-#include <WinCrypt.h>
-
-#define NCP ((HCRYPTPROV) 0)
-
-HCRYPTPROV hProvider = NCP;
-
-void randombytes(unsigned char *x,unsigned long long xlen)
-{
-  unsigned i;
-  BOOL ret;
-
-  if (hProvider == NCP) {
-    for(;;) {
-      ret = CryptAcquireContext(&hProvider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT);
-      if (ret != FALSE) break;
-      Sleep(1);
-    }
-  }
-
-  while (xlen > 0) {
-    if (xlen < 1048576) i = (unsigned) xlen; else i = 1048576;
-
-    ret = CryptGenRandom(hProvider, i, x);
-    if (ret == FALSE) {
-      Sleep(1);
-      continue;
-    }
-
-    x += i;
-    xlen -= i;
-  }
-}
-
-int randombytes_close(void)
-{
-  int rc = -1;
-  if((hProvider != NCP) && (CryptReleaseContext(hProvider, 0) != FALSE)) {
-    hProvider = NCP;
-    rc = 0;
-  }
-  return rc;
-}
--- a/tweetnacl/src/tweetnacl.h
+++ b/tweetnacl/src/tweetnacl.h