mirror of
https://github.com/servalproject/serval-dna.git
synced 2024-12-18 20:57:56 +00:00
Make NaCl ge25519() kludge compile on Debian Linux
This commit is contained in:
parent
39be8a0b75
commit
2c1b42413a
@ -88,7 +88,8 @@ LOCAL_CFLAGS += \
|
||||
-DHAVE_ERRNO_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRINGS_H=1 -DHAVE_UNISTD_H=1 \
|
||||
-DHAVE_STRING_H=1 -DHAVE_ARPA_INET_H=1 -DHAVE_SYS_SOCKET_H=1 \
|
||||
-DHAVE_SYS_MMAN_H=1 -DHAVE_SYS_TIME_H=1 -DHAVE_POLL_H=1 -DHAVE_NETDB_H=1 \
|
||||
-DHAVE_JNI_H=1 -DHAVE_STRUCT_UCRED=1 -DBYTE_ORDER=_BYTE_ORDER \
|
||||
-DHAVE_JNI_H=1 -DHAVE_STRUCT_UCRED=1 -DHAVE_CRYPTO_SIGN_NACL_GE25519_H=1 \
|
||||
-DBYTE_ORDER=_BYTE_ORDER \
|
||||
-I$(NACL_INC) \
|
||||
-I$(SQLITE3_INC)
|
||||
LOCAL_LDLIBS := -L$(SYSROOT)/usr/lib -llog
|
||||
|
19
configure.in
19
configure.in
@ -95,8 +95,23 @@ echo " but fortunately it only needs to happen once.)"
|
||||
cd nacl
|
||||
./nacl-gcc-prep
|
||||
cd ..
|
||||
CFLAGS="$CFLAGS -Inacl/"`cat nacl/naclinc.txt`
|
||||
LDFLAGS="$LDFLAGS nacl/"`cat nacl/nacllib.txt`
|
||||
NACL_INC=`cat nacl/naclinc.txt`
|
||||
NACL_LIB=`cat nacl/nacllib.txt`
|
||||
CPPFLAGS="$CPPFLAGS -Inacl/$NACL_INC"
|
||||
LDFLAGS="$LDFLAGS nacl/$NACL_LIB"
|
||||
AC_CHECK_HEADER(crypto_sign_edwards25519sha512batch_ref/ge25519.h,
|
||||
AC_DEFINE([HAVE_CRYPTO_SIGN_NACL_GE25519_H]),
|
||||
[
|
||||
dnl A kludge to get to the NaCl ge25519 functions, which are not included in the public API
|
||||
dnl in a native build (but are available in the Android build).
|
||||
oCPPFLAGS="$CPPFLAGS"
|
||||
CPPFLAGS="$CPPFLAGS -Inacl/$NACL_INC -Inacl/${NACL_INC%%/*}/crypto_sign"
|
||||
AC_CHECK_HEADER([edwards25519sha512batch/ref/ge25519.h],
|
||||
AC_DEFINE([HAVE_KLUDGE_NACL_GE25519_H]),
|
||||
CPPFLAGS="$oCPPFLAGS"
|
||||
)
|
||||
]
|
||||
)
|
||||
|
||||
AC_CHECK_LIB(m,sqrtf,[LDFLAGS="$LDFLAGS -lm"])
|
||||
AC_CHECK_LIB(nsl,callrpc,[LDFLAGS="$LDFLAGS -lnsl"])
|
||||
|
@ -152,21 +152,32 @@ int rhizome_extract_privatekey(rhizome_manifest *m,const char *authorHex)
|
||||
XXX This is a pretty ugly way to do it, but NaCl offers no API to
|
||||
do this cleanly. */
|
||||
{
|
||||
#include "nacl-source/nacl-20110221/nacl-source/crypto_sign_edwards25519sha512batch_ref/ge25519.h"
|
||||
#ifdef HAVE_CRYPTO_SIGN_NACL_GE25519_H
|
||||
# include "crypto_sign_edwards25519sha512batch_ref/ge25519.h"
|
||||
#else
|
||||
# ifdef HAVE_KLUDGE_NACL_GE25519_H
|
||||
# include "edwards25519sha512batch/ref/ge25519.h"
|
||||
# endif
|
||||
#endif
|
||||
#ifdef ge25519
|
||||
unsigned char *sk=m->cryptoSignSecret;
|
||||
unsigned char pk[crypto_sign_edwards25519sha512batch_PUBLICKEYBYTES];
|
||||
sc25519 scsk;
|
||||
ge25519 gepk;
|
||||
|
||||
sc25519_from32bytes(&scsk,sk);
|
||||
|
||||
ge25519_scalarmult_base(&gepk, &scsk);
|
||||
ge25519_pack(pk, &gepk);
|
||||
bzero(&scsk,sizeof(scsk));
|
||||
if (bcmp(pk,m->cryptoSignPublic,
|
||||
crypto_sign_edwards25519sha512batch_PUBLICKEYBYTES))
|
||||
if (memcmp(pk, m->cryptoSignPublic, crypto_sign_edwards25519sha512batch_PUBLICKEYBYTES))
|
||||
return WHY("BID secret key decoded from BK was not valid");
|
||||
else return 0;
|
||||
else
|
||||
return 0;
|
||||
#else //!ge25519
|
||||
/* XXX Need to test key by signing and testing signature validity. */
|
||||
/* For the time being barf so that the caller does not think we have a validated BK
|
||||
when in fact we do not. */
|
||||
return WHY("ge25519 function not available");
|
||||
#endif //!ge25519
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user