oec/libbrandt
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

refactor smc and ec crypto functions and ad 0og zkp

Browse Source
This commit is contained in:
Markus Teich 2016-06-16 00:09:29 +02:00
parent 6f3fb46317
commit 761dd37e1f
8 changed files with 458 additions and 339 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
brandt.c
View File

@ -1,27 +1,47 @@
/* This file is part of libbrandt.
* Copyright (C) 2016 GNUnet e.V.
*
* libbrandt is free software: you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free Software
* Foundation, either version 3 of the License, or (at your option) any later
* version.
*
* libbrandt is distributed in the hope that it will be useful, but WITHOUT ANY
* WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
* A PARTICULAR PURPOSE. See the GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along with
* libbrandt. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* @file brandt.c
* @brief TODO
*/
#include <gcrypt.h> #include <gcrypt.h>
#include "crypto.h" #include "crypto.h"
#include "util.h" #include "util.h"
void BRANDT_init () void
BRANDT_init ()
{ {
gcry_error_t err = 0; gcry_error_t err = 0;
if (!gcry_check_version("1.6.0")) {
eprintf("libgcrypt version mismatch"); if (!gcry_check_version ("1.7.0"))
} eprintf ("libgcrypt version mismatch");
/* SECMEM cannot be resized dynamically. We do not know how much we need */ /* SECMEM cannot be resized dynamically. We do not know how much we need */
if ((err = gcry_control(GCRYCTL_DISABLE_SECMEM, 0))) if ((err = gcry_control (GCRYCTL_DISABLE_SECMEM, 0)))
weprintf("failed to set libgcrypt option DISABLE_SECMEM: %s", weprintf ("failed to set libgcrypt option DISABLE_SECMEM: %s",
gcry_strerror(err)); gcry_strerror (err));
/* ecc is slow otherwise. */ /* ecc is slow otherwise. */
if ((err = gcry_control(GCRYCTL_ENABLE_QUICK_RANDOM, 0))) if ((err = gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0)))
weprintf("failed to set libgcrypt option ENABLE_QUICK_RANDOM: %s", weprintf ("failed to set libgcrypt option ENABLE_QUICK_RANDOM: %s",
gcry_strerror(err)); gcry_strerror (err));
gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0); gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
brandt_rand_poll(); brandt_rand_poll ();
brandt_crypto_init(); brandt_crypto_init ();
} }

265
crypto.c
View File

@ -34,8 +34,10 @@ struct brandt_ec_pkey {
unsigned char q_y[256 / 8]; unsigned char q_y[256 / 8];
}; };
gcry_mpi_point_t ec_gen;
gcry_ctx_t ec_ctx; gcry_ctx_t ec_ctx;
gcry_mpi_point_t ec_gen;
gcry_mpi_point_t ec_zero;
gcry_mpi_t ec_n;
/** /**
* brandt_crypto_init * brandt_crypto_init
@ -49,10 +51,19 @@ brandt_crypto_init ()
rc = gcry_mpi_ec_new (&ec_ctx, NULL, CURVE); rc = gcry_mpi_ec_new (&ec_ctx, NULL, CURVE);
brandt_assert_gpgerr (rc); brandt_assert_gpgerr (rc);
ec_gen = gcry_mpi_ec_get_point ("g", ec_ctx, 0); ec_gen = gcry_mpi_ec_get_point ("g", ec_ctx, 0);
brandt_assert (NULL != ec_gen); brandt_assert (NULL != ec_gen);
ec_zero = gcry_mpi_point_new (0);
brandt_assert (NULL != ec_zero);
gcry_mpi_ec_sub (ec_zero, ec_gen, ec_gen, ec_ctx);
ec_n = gcry_mpi_ec_get_mpi ("n", ec_ctx, 1);
brandt_assert (NULL != ec_n);
} }
/* --- RANDOM --- */ /* --- RANDOM --- */
void void
@ -64,6 +75,7 @@ brandt_rand_poll ()
gcry_fast_random_poll (); gcry_fast_random_poll ();
} }
/* --- HASHING --- */ /* --- HASHING --- */
/** /**
@ -79,6 +91,7 @@ brandt_hash (const void *block, size_t size, struct brandt_hash_code *ret)
gcry_md_hash_buffer (GCRY_MD_SHA512, ret, block, size); gcry_md_hash_buffer (GCRY_MD_SHA512, ret, block, size);
} }
/* --- MPI --- */ /* --- MPI --- */
/** /**
@ -101,6 +114,7 @@ adjust (void *buf, size_t size, size_t target)
} }
} }
/** /**
* Output the given MPI value to the given buffer in * Output the given MPI value to the given buffer in
* network byte order. * network byte order.
@ -141,6 +155,7 @@ brandt_mpi_print_unsigned (void *buf, size_t size, gcry_mpi_t val)
} }
} }
/** /**
* Convert data buffer into MPI value. * Convert data buffer into MPI value.
* The buffer is interpreted as network * The buffer is interpreted as network
@ -159,6 +174,7 @@ brandt_mpi_scan_unsigned (gcry_mpi_t *result, const void *data, size_t size)
brandt_assert_gpgerr (rc); brandt_assert_gpgerr (rc);
} }
//gcry_mpi_point_t //gcry_mpi_point_t
//deserialize_point(const struct brandt_point* data, const int len) //deserialize_point(const struct brandt_point* data, const int len)
//{ //{
@ -184,74 +200,19 @@ brandt_mpi_scan_unsigned (gcry_mpi_t *result, const void *data, size_t size)
/* --- EC --- */ /* --- EC --- */
/**
* Extract values from an S-expression.
*
* @param array where to store the result(s)
* @param sexp S-expression to parse
* @param topname top-level name in the S-expression that is of interest
* @param elems names of the elements to extract
* @return 0 on success
*/
static int
key_from_sexp (gcry_mpi_t *array, gcry_sexp_t sexp, const char *topname,
const char *elems)
{
gcry_sexp_t list;
gcry_sexp_t l2;
const char *s;
unsigned int i;
unsigned int idx;
list = gcry_sexp_find_token (sexp, topname, 0);
if (!list)
return 1;
l2 = gcry_sexp_cadr (list);
gcry_sexp_release (list);
list = l2;
if (!list)
return 2;
idx = 0;
for (s = elems; *s; s++, idx++)
{
l2 = gcry_sexp_find_token (list, s, 1);
if (!l2)
{
for (i = 0; i < idx; i++)
{
gcry_free (array[i]);
array[i] = NULL;
}
gcry_sexp_release (list);
return 3; /* required parameter not found */
}
array[idx] = gcry_sexp_nth_mpi (l2, 1, GCRYMPI_FMT_USG);
gcry_sexp_release (l2);
if (!array[idx])
{
for (i = 0; i < idx; i++)
{
gcry_free (array[i]);
array[i] = NULL;
}
gcry_sexp_release (list);
return 4; /* required parameter is invalid */
}
}
gcry_sexp_release (list);
return 0;
}
/** /**
* brandt_ec_skey_create * brandt_ec_skey_create
* *
* @param[out] skey where to store the generated secret key * @param[out] skey where to store the generated secret key
*/ */
void void
brandt_ec_skey_create (gcry_mpi_t *skey) brandt_ec_skey_create (gcry_mpi_t skey)
{ {
gcry_mpi_t ret;
gcry_sexp_t s_keyparam; gcry_sexp_t s_keyparam;
gcry_sexp_t priv_sexp; gcry_sexp_t priv_sexp;
gcry_sexp_t priv_key;
gcry_sexp_t priv_key2;
gcry_error_t rc; gcry_error_t rc;
rc = gcry_sexp_build (&s_keyparam, NULL, "(genkey(ecc(curve \"" CURVE "\")" rc = gcry_sexp_build (&s_keyparam, NULL, "(genkey(ecc(curve \"" CURVE "\")"
@ -262,23 +223,21 @@ brandt_ec_skey_create (gcry_mpi_t *skey)
brandt_assert_gpgerr (rc); brandt_assert_gpgerr (rc);
gcry_sexp_release (s_keyparam); gcry_sexp_release (s_keyparam);
rc = key_from_sexp (skey, priv_sexp, "private-key", "d"); priv_key = gcry_sexp_find_token (priv_sexp, "private-key", 11);
brandt_assert_gpgerr (rc); brandt_assert (NULL != priv_key);
gcry_sexp_release (priv_sexp); gcry_sexp_release (priv_sexp);
priv_key2 = gcry_sexp_find_token (priv_key, "d", 1);
brandt_assert (NULL != priv_key2);
gcry_sexp_release (priv_key);
ret = gcry_sexp_nth_mpi (priv_key2, 1, GCRYMPI_FMT_USG);
brandt_assert (NULL != ret);
gcry_sexp_release (priv_key2);
gcry_mpi_snatch (skey, ret);
} }
/**
* brandt_ec_pkey_compute
*
* @param pkey TODO
* @param skey TODO
*/
void
brandt_ec_pkey_compute (gcry_mpi_point_t *pkey, const gcry_mpi_t skey)
{
}
/** /**
* brandt_ec_keypair_create * brandt_ec_keypair_create
@ -287,33 +246,16 @@ brandt_ec_pkey_compute (gcry_mpi_point_t *pkey, const gcry_mpi_t skey)
* @param[out] skey where to store the generated secret key * @param[out] skey where to store the generated secret key
*/ */
void void
brandt_ec_keypair_create (gcry_mpi_point_t *pkey, gcry_mpi_t *skey) brandt_ec_keypair_create (gcry_mpi_point_t pkey, gcry_mpi_t skey)
{ {
gcry_ctx_t ctx; brandt_assert (NULL != pkey);
gcry_sexp_t s_keyparam; brandt_assert (NULL != skey);
gcry_sexp_t priv_sexp;
gcry_error_t rc;
rc = gcry_sexp_build (&s_keyparam, NULL, "(genkey(ecc(curve \"" CURVE "\")" brandt_ec_skey_create (skey);
"(flags)))"); gcry_mpi_ec_mul (pkey, skey, ec_gen, ec_ctx);
brandt_assert_gpgerr (rc);
rc = gcry_pk_genkey (&priv_sexp, s_keyparam);
brandt_assert_gpgerr (rc);
gcry_sexp_release (s_keyparam);
rc = key_from_sexp (skey, priv_sexp, "private-key", "d");
brandt_assert_gpgerr (rc);
rc = gcry_mpi_ec_new (&ctx, priv_sexp, NULL);
brandt_assert_gpgerr (rc);
gcry_sexp_release (priv_sexp);
*pkey = gcry_mpi_ec_get_point ("q", ctx, 0);
brandt_assert (NULL != *pkey);
gcry_ctx_release (ctx);
} }
/** /**
* brandt_ec_keypair_create_base * brandt_ec_keypair_create_base
* *
@ -322,16 +264,19 @@ brandt_ec_keypair_create (gcry_mpi_point_t *pkey, gcry_mpi_t *skey)
* @param[in] base which base point should be used to calculate the public key * @param[in] base which base point should be used to calculate the public key
*/ */
void void
brandt_ec_keypair_create_base (gcry_mpi_point_t *pkey, gcry_mpi_t *skey, brandt_ec_keypair_create_base (gcry_mpi_point_t pkey,
gcry_mpi_t skey,
const gcry_mpi_point_t base) const gcry_mpi_point_t base)
{ {
brandt_assert (NULL != pkey);
brandt_assert (NULL != skey);
brandt_assert (NULL != base);
brandt_ec_skey_create (skey); brandt_ec_skey_create (skey);
brandt_assert (*skey); gcry_mpi_ec_mul (pkey, skey, base, ec_ctx);
*pkey = gcry_mpi_point_new (0);
brandt_assert (*pkey);
gcry_mpi_ec_mul (*pkey, *skey, base, ec_ctx);
} }
/** /**
* brandt_ec_point_cmp compares two curve points * brandt_ec_point_cmp compares two curve points
* *
@ -356,8 +301,8 @@ brandt_ec_point_cmp (const gcry_mpi_point_t a, const gcry_mpi_point_t b)
return 1; return 1;
} }
if (!gcry_mpi_ec_get_affine (ax, ay, a, ec_ctx) if (!gcry_mpi_ec_get_affine (ax, ay, a, ec_ctx) &&
&& !gcry_mpi_ec_get_affine (bx, by, b, ec_ctx)) !gcry_mpi_ec_get_affine (bx, by, b, ec_ctx))
{ {
ret = gcry_mpi_cmp (ax, bx) || gcry_mpi_cmp (ay, by); ret = gcry_mpi_cmp (ax, bx) || gcry_mpi_cmp (ay, by);
} }
@ -369,117 +314,6 @@ brandt_ec_point_cmp (const gcry_mpi_point_t a, const gcry_mpi_point_t b)
return ret; return ret;
} }
/**
* Convert the given private key from the network format to the
* S-expression that can be used by libgcrypt.
*
* @param priv private key to decode
* @return NULL on error
*/
static gcry_sexp_t
decode_private_ecdhe_key (const struct brandt_ec_skey *priv)
{
gcry_sexp_t result;
gcry_error_t rc;
rc = gcry_sexp_build (&result, NULL,
"(private-key(ecc(curve \"" CURVE "\")"
"(d %b)))",
(int)sizeof (priv->d), priv->d);
brandt_assert_gpgerr (rc);
return result;
}
/**
* Extract the public key for the given private key.
*
* @param priv the private key
* @param pub where to write the public key
*/
void
brandt_ecdhe_key_get_public (const struct brandt_ec_skey *priv,
struct brandt_ec_pkey *pub)
{
gcry_sexp_t sexp;
gcry_ctx_t ctx;
gcry_mpi_t q;
gcry_error_t rc;
sexp = decode_private_ecdhe_key (priv);
brandt_assert (NULL != sexp);
rc = gcry_mpi_ec_new (&ctx, sexp, NULL);
brandt_assert_gpgerr (rc);
gcry_sexp_release (sexp);
q = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0);
brandt_assert (NULL != q);
brandt_mpi_print_unsigned (pub->q_y, sizeof (pub->q_y), q);
gcry_mpi_release (q);
gcry_ctx_release (ctx);
}
/**
* Derive key material from a public and a private ECDHE key.
*
* @param priv private key to use for the ECDH (x)
* @param pub public key to use for the ECDH (yG)
* @param key_material where to write the key material (xyG)
* @return 0 on error, 1 on success
*/
int
brandt_ecdhe (const struct brandt_ec_skey *priv,
const struct brandt_ec_pkey *pub,
struct brandt_hash_code *key_material)
{
gcry_error_t rc;
int rc2;
gcry_mpi_point_t result;
gcry_mpi_point_t q;
gcry_mpi_t d;
gcry_ctx_t ctx;
gcry_sexp_t pub_sexpr;
gcry_mpi_t result_x;
unsigned char xbuf[256 / 8];
size_t rsize;
/* first, extract the q = dP value from the public key */
if (0 != gcry_sexp_build (&pub_sexpr, NULL,
"(public-key(ecc(curve " CURVE ")(q %b)))",
(int)sizeof (pub->q_y), pub->q_y))
return 0;
rc = gcry_mpi_ec_new (&ctx, pub_sexpr, NULL);
brandt_assert_gpgerr (rc);
gcry_sexp_release (pub_sexpr);
q = gcry_mpi_ec_get_point ("q", ctx, 0);
/* second, extract the d value from our private key */
brandt_mpi_scan_unsigned (&d, priv->d, sizeof (priv->d));
/* then call the 'multiply' function, to compute the product */
result = gcry_mpi_point_new (0);
gcry_mpi_ec_mul (result, d, q, ctx);
gcry_mpi_point_release (q);
gcry_mpi_release (d);
/* finally, convert point to string for hashing */
result_x = gcry_mpi_new (256);
rc = gcry_mpi_ec_get_affine (result_x, NULL, result, ctx);
brandt_assert (0 == rc);
gcry_mpi_point_release (result);
gcry_ctx_release (ctx);
rsize = sizeof (xbuf);
rc2 = gcry_mpi_get_flag (result_x, GCRYMPI_FLAG_OPAQUE);
brandt_assert (0 == rc2);
/* result_x can be negative here, so we do not use 'brandt_mpi_print_unsigned'
* as that does not include the sign bit; x should be a 255-bit
* value, so with the sign it should fit snugly into the 256-bit
* xbuf */
rc = gcry_mpi_print (GCRYMPI_FMT_STD, xbuf, rsize, &rsize, result_x);
brandt_assert_gpgerr (rc);
brandt_hash (xbuf, rsize, key_material);
gcry_mpi_release (result_x);
return 1;
}
/** /**
* Clear memory that was used to store a private key. * Clear memory that was used to store a private key.
@ -492,6 +326,7 @@ brandt_ec_key_clear (struct brandt_ec_skey *skey)
memset (skey, 0, sizeof (struct brandt_ec_skey)); memset (skey, 0, sizeof (struct brandt_ec_skey));
} }
/** /**
* Generate a random value mod n. * Generate a random value mod n.
* *

12
crypto.h
View File

@ -45,15 +45,19 @@ void brandt_hash (const void *block, size_t size, struct brandt_hash_code *ret);
/* --- MPI --- */ /* --- MPI --- */
void brandt_mpi_print_unsigned (void *buf, size_t size, gcry_mpi_t val); void brandt_mpi_print_unsigned (void *buf, size_t size, gcry_mpi_t val);
void brandt_mpi_scan_unsigned (gcry_mpi_t *result, const void *data, size_t size); void brandt_mpi_scan_unsigned (gcry_mpi_t *result,
const void *data,
size_t size);
/* --- EC --- */ /* --- EC --- */
void brandt_ec_skey_create (gcry_mpi_t *skey); void brandt_ec_skey_create (gcry_mpi_t skey);
void brandt_ec_pkey_compute (gcry_mpi_point_t *pkey, const gcry_mpi_t skey); void brandt_ec_pkey_compute (gcry_mpi_point_t *pkey, const gcry_mpi_t skey);
void brandt_ec_keypair_create (gcry_mpi_point_t *pkey, gcry_mpi_t *skey); void brandt_ec_keypair_create (gcry_mpi_point_t pkey, gcry_mpi_t skey);
void brandt_ec_keypair_create_base (gcry_mpi_point_t *pkey, gcry_mpi_t *skey, const gcry_mpi_point_t base); void brandt_ec_keypair_create_base (gcry_mpi_point_t pkey,
gcry_mpi_t skey,
const gcry_mpi_point_t base);
int brandt_ec_point_cmp (const gcry_mpi_point_t a, const gcry_mpi_point_t b); int brandt_ec_point_cmp (const gcry_mpi_point_t a, const gcry_mpi_point_t b);
#endif /* ifndef _BRANDT_CRYPTO_H */ #endif /* ifndef _BRANDT_CRYPTO_H */

229
smc.c
View File

@ -25,7 +25,10 @@
#include "smc.h" #include "smc.h"
#include "util.h" #include "util.h"
extern gcry_ctx_t ec_ctx; extern gcry_ctx_t ec_ctx;
extern gcry_mpi_point_t ec_gen;
extern gcry_mpi_point_t ec_zero;
extern gcry_mpi_t ec_n;
/** /**
* smc_zkp_dl * smc_zkp_dl
@ -38,21 +41,24 @@ extern gcry_ctx_t ec_ctx;
* @param r TODO * @param r TODO
*/ */
void void
smc_zkp_dl (gcry_mpi_point_t v, gcry_mpi_point_t g, gcry_mpi_t x, smc_zkp_dl (const gcry_mpi_point_t v,
gcry_mpi_point_t *a, gcry_mpi_t *c, const gcry_mpi_point_t g,
gcry_mpi_t *r) const gcry_mpi_t x,
const gcry_mpi_point_t a,
gcry_mpi_t c,
gcry_mpi_t r)
{ {
gcry_mpi_t z = gcry_mpi_new (0); gcry_mpi_t z = gcry_mpi_new (0);
brandt_ec_keypair_create_base (a, &z, g); brandt_ec_keypair_create_base (a, z, g);
/* compute challange c */ /* compute challange c */
/**TODO: generate c from HASH(g,v,a) and don't output it */ /**TODO: generate c from HASH(g,v,a) and don't output it */
brandt_ec_skey_create (c); brandt_ec_skey_create (c);
gcry_mpi_mod (c, c, ec_n);
*r = gcry_mpi_new (0); gcry_mpi_mulm (r, c, x, ec_n);
gcry_mpi_mul (*r, *c, x); gcry_mpi_addm (r, r, z, ec_n);
gcry_mpi_add (*r, *r, z);
gcry_mpi_release (z); gcry_mpi_release (z);
} }
@ -69,9 +75,11 @@ smc_zkp_dl (gcry_mpi_point_t v, gcry_mpi_point_t g, gcry_mpi_t x,
* @return 0 if the proof is correct, something else otherwise * @return 0 if the proof is correct, something else otherwise
*/ */
int int
smc_zkp_dl_check (gcry_mpi_point_t v, gcry_mpi_point_t g, gcry_mpi_point_t a, smc_zkp_dl_check (const gcry_mpi_point_t v,
gcry_mpi_t c, const gcry_mpi_point_t g,
gcry_mpi_t r) const gcry_mpi_point_t a,
const gcry_mpi_t c,
const gcry_mpi_t r)
{ {
int ret; int ret;
gcry_mpi_point_t left = gcry_mpi_point_new (0); gcry_mpi_point_t left = gcry_mpi_point_new (0);
@ -90,28 +98,42 @@ smc_zkp_dl_check (gcry_mpi_point_t v, gcry_mpi_point_t g, gcry_mpi_point_t a,
void void
smc_zkp_2dle (gcry_mpi_point_t v, gcry_mpi_point_t w, gcry_mpi_point_t g1, gcry_mpi_point_t g2, gcry_mpi_t x, gcry_mpi_point_t *a, gcry_mpi_point_t *b, gcry_mpi_t *c, gcry_mpi_t *r) smc_zkp_2dle (const gcry_mpi_point_t v,
const gcry_mpi_point_t w,
const gcry_mpi_point_t g1,
const gcry_mpi_point_t g2,
const gcry_mpi_t x,
gcry_mpi_point_t a,
gcry_mpi_point_t b,
gcry_mpi_t c,
gcry_mpi_t r)
{ {
gcry_mpi_t z = gcry_mpi_new (0); gcry_mpi_t z = gcry_mpi_new (0);
brandt_ec_keypair_create_base (a, &z, g1); brandt_ec_keypair_create_base (a, z, g1);
*b = gcry_mpi_point_new(0); gcry_mpi_ec_mul (b, z, g2, ec_ctx);
gcry_mpi_ec_mul(*b, z, g2, ec_ctx);
/* compute challange c */ /* compute challange c */
/**TODO: generate c from HASH(g1,g2,v,w,a,b) and don't output it */ /**TODO: generate c from HASH(g1,g2,v,w,a,b) and don't output it */
brandt_ec_skey_create (c); brandt_ec_skey_create (c);
gcry_mpi_mod (c, c, ec_n);
*r = gcry_mpi_new (0); gcry_mpi_mulm (r, c, x, ec_n);
gcry_mpi_mul (*r, *c, x); gcry_mpi_addm (r, r, z, ec_n);
gcry_mpi_add (*r, *r, z);
gcry_mpi_release (z); gcry_mpi_release (z);
} }
int int
smc_zkp_2dle_check (gcry_mpi_point_t v, gcry_mpi_point_t w, gcry_mpi_point_t g1, gcry_mpi_point_t g2, gcry_mpi_point_t a, gcry_mpi_point_t b, gcry_mpi_t c, gcry_mpi_t r) smc_zkp_2dle_check (const gcry_mpi_point_t v,
const gcry_mpi_point_t w,
const gcry_mpi_point_t g1,
const gcry_mpi_point_t g2,
const gcry_mpi_point_t a,
const gcry_mpi_point_t b,
const gcry_mpi_t c,
const gcry_mpi_t r)
{ {
int ret; int ret;
gcry_mpi_point_t left = gcry_mpi_point_new (0); gcry_mpi_point_t left = gcry_mpi_point_new (0);
@ -125,7 +147,7 @@ smc_zkp_2dle_check (gcry_mpi_point_t v, gcry_mpi_point_t w, gcry_mpi_point_t g1,
gcry_mpi_ec_mul (left, r, g2, ec_ctx); gcry_mpi_ec_mul (left, r, g2, ec_ctx);
gcry_mpi_ec_mul (right, c, w, ec_ctx); gcry_mpi_ec_mul (right, c, w, ec_ctx);
gcry_mpi_ec_add (right, b, right, ec_ctx); gcry_mpi_ec_add (right, b, right, ec_ctx);
ret &= brandt_ec_point_cmp (left, right); ret |= brandt_ec_point_cmp (left, right);
gcry_mpi_point_release (left); gcry_mpi_point_release (left);
gcry_mpi_point_release (right); gcry_mpi_point_release (right);
@ -133,6 +155,173 @@ smc_zkp_2dle_check (gcry_mpi_point_t v, gcry_mpi_point_t w, gcry_mpi_point_t g1,
return ret; return ret;
} }
void
smc_zkp_0og (gcry_mpi_point_t alpha,
const gcry_mpi_point_t m,
const gcry_mpi_point_t y,
gcry_mpi_point_t beta,
gcry_mpi_point_t a1,
gcry_mpi_point_t a2,
gcry_mpi_point_t b1,
gcry_mpi_point_t b2,
gcry_mpi_t c,
gcry_mpi_t d1,
gcry_mpi_t d2,
gcry_mpi_t r1,
gcry_mpi_t r2)
{
gcry_mpi_t r = gcry_mpi_new (0);
gcry_mpi_t w = gcry_mpi_new (0);
int eq0 = !brandt_ec_point_cmp (m, ec_zero);
int eqg = !brandt_ec_point_cmp (m, ec_gen);
if (!(eq0 ^ eqg))
eprintf ("zero knowledge proof: m is neither 0 nor g");
/* beta = r*g */
brandt_ec_keypair_create (beta, r);
gcry_mpi_mod (r, r, ec_n);
/* alpha = m + r*y */
gcry_mpi_ec_mul (alpha, r, y, ec_ctx);
gcry_mpi_ec_add (alpha, m, alpha, ec_ctx);
if (eq0)
{ /* m == 0 */
brandt_ec_keypair_create_base (a1, d1, beta);
gcry_mpi_mod (d1, d1, ec_n);
brandt_ec_keypair_create_base (b1, r1, y);
gcry_mpi_mod (r1, r1, ec_n);
/* a1 = r1*g + d1*beta */
gcry_mpi_ec_mul (a2, r1, ec_gen, ec_ctx);
gcry_mpi_ec_add (a1, a2, a1, ec_ctx);
/* b1 = r1*y + d1*(alpha-g) */
gcry_mpi_ec_sub (b2, alpha, ec_gen, ec_ctx);
gcry_mpi_ec_mul (a2, d1, b2, ec_ctx);
gcry_mpi_ec_add (b1, b1, a2, ec_ctx);
/* a2 = w * g */
brandt_ec_keypair_create_base (a2, w, ec_gen);
gcry_mpi_mod (w, w, ec_n);
/* b2 = w * y */
gcry_mpi_ec_mul (b2, w, y, ec_ctx);
/* compute challange c */
/**TODO: generate c from HASH(alpha,beta,a1,b1,a2,b2) and don't output it */
brandt_ec_skey_create (c);
gcry_mpi_mod (c, c, ec_n);
/* d2 = c - d1 */
gcry_mpi_subm (d2, c, d1, ec_n);
/* r2 = w - r*d2 */
gcry_mpi_mulm (r2, r, d2, ec_n);
gcry_mpi_subm (r2, w, r2, ec_n);
}
else
{ /* m == g */
brandt_ec_keypair_create_base (a2, d2, beta);
gcry_mpi_mod (d2, d2, ec_n);
brandt_ec_keypair_create_base (b2, r2, y);
gcry_mpi_mod (r2, r2, ec_n);
/* a2 = r2*g + d2*beta */
gcry_mpi_ec_mul (a1, r2, ec_gen, ec_ctx);
gcry_mpi_ec_add (a2, a1, a2, ec_ctx);
/* b2 = r2*y + d2*(alpha-0) */
/* useless subtraction to have same amount of operations as in m == 0 */
gcry_mpi_ec_sub (b1, alpha, ec_zero, ec_ctx);
gcry_mpi_ec_mul (a1, d2, b1, ec_ctx);
gcry_mpi_ec_add (b2, b2, a1, ec_ctx);
/* a1 = w * g */
brandt_ec_keypair_create_base (a1, w, ec_gen);
gcry_mpi_mod (w, w, ec_n);
/* b1 = w * y */
gcry_mpi_ec_mul (b1, w, y, ec_ctx);
/* compute challange c */
/**TODO: generate c from HASH(alpha,beta,a1,b1,a2,b2) and don't output it */
brandt_ec_skey_create (c);
gcry_mpi_mod (c, c, ec_n);
/* d1 = c - d2 */
gcry_mpi_subm (d1, c, d2, ec_n);
/* r1 = w - r*d1 */
gcry_mpi_mulm (r1, r, d1, ec_n);
gcry_mpi_subm (r1, w, r1, ec_n);
}
gcry_mpi_release (r);
gcry_mpi_release (w);
}
int
smc_zkp_0og_check (const gcry_mpi_point_t alpha,
const gcry_mpi_point_t y,
const gcry_mpi_point_t beta,
const gcry_mpi_point_t a1,
const gcry_mpi_point_t a2,
const gcry_mpi_point_t b1,
const gcry_mpi_point_t b2,
const gcry_mpi_t c,
const gcry_mpi_t d1,
const gcry_mpi_t d2,
const gcry_mpi_t r1,
const gcry_mpi_t r2)
{
int ret;
gcry_mpi_t sum = gcry_mpi_new (0);
gcry_mpi_point_t right = gcry_mpi_point_new (0);
gcry_mpi_point_t tmp = gcry_mpi_point_new (0);
/* c == d1 + d2 */
gcry_mpi_addm (sum, d1, d2, ec_n);
ret = gcry_mpi_cmp (c, sum);
/* a1 == r1*g + d1*beta */
gcry_mpi_ec_mul (tmp, r1, ec_gen, ec_ctx);
gcry_mpi_ec_mul (right, d1, beta, ec_ctx);
gcry_mpi_ec_add (right, tmp, right, ec_ctx);
ret |= brandt_ec_point_cmp (a1, right) << 1;
/* b1 == r1*y + d1*(alpha-g) */
gcry_mpi_ec_sub (right, alpha, ec_gen, ec_ctx);
gcry_mpi_ec_mul (tmp, d1, right, ec_ctx);
gcry_mpi_ec_mul (right, r1, y, ec_ctx);
gcry_mpi_ec_add (right, right, tmp, ec_ctx);
ret |= brandt_ec_point_cmp (b1, right) << 2;
/* a2 == r2*g + d2*beta */
gcry_mpi_ec_mul (tmp, d2, beta, ec_ctx);
gcry_mpi_ec_mul (right, r2, ec_gen, ec_ctx);
gcry_mpi_ec_add (right, right, tmp, ec_ctx);
ret |= brandt_ec_point_cmp (a2, right) << 3;
/* b2 == r2*y + d2*alpha */
gcry_mpi_ec_mul (tmp, d2, alpha, ec_ctx);
gcry_mpi_ec_mul (right, r2, y, ec_ctx);
gcry_mpi_ec_add (right, right, tmp, ec_ctx);
ret |= brandt_ec_point_cmp (b2, right) << 4;
gcry_mpi_release (sum);
gcry_mpi_point_release (right);
gcry_mpi_point_release (tmp);
if (ret)
weprintf ("ret: 0x%x", ret);
return ret;
}
//GEN //GEN
//smc_hextodec (const char *s) //smc_hextodec (const char *s)
//{ //{

58
smc.h
View File

@ -24,10 +24,60 @@
#include <gcrypt.h> #include <gcrypt.h>
void smc_zkp_dl (gcry_mpi_point_t v, gcry_mpi_point_t g, gcry_mpi_t x, gcry_mpi_point_t *a, gcry_mpi_t *c, gcry_mpi_t *r); void smc_zkp_dl (const gcry_mpi_point_t v,
int smc_zkp_dl_check (gcry_mpi_point_t v, gcry_mpi_point_t g, gcry_mpi_point_t a, gcry_mpi_t c, gcry_mpi_t r); const gcry_mpi_point_t g,
const gcry_mpi_t x,
const gcry_mpi_point_t a,
gcry_mpi_t c,
gcry_mpi_t r);
int smc_zkp_dl_check (const gcry_mpi_point_t v,
const gcry_mpi_point_t g,
const gcry_mpi_point_t a,
const gcry_mpi_t c,
const gcry_mpi_t r);
void smc_zkp_2dle (gcry_mpi_point_t v, gcry_mpi_point_t w, gcry_mpi_point_t g1, gcry_mpi_point_t g2, gcry_mpi_t x, gcry_mpi_point_t *a, gcry_mpi_point_t *b, gcry_mpi_t *c, gcry_mpi_t *r); void smc_zkp_2dle (const gcry_mpi_point_t v,
int smc_zkp_2dle_check (gcry_mpi_point_t v, gcry_mpi_point_t w, gcry_mpi_point_t g1, gcry_mpi_point_t g2, gcry_mpi_point_t a, gcry_mpi_point_t b, gcry_mpi_t c, gcry_mpi_t r); const gcry_mpi_point_t w,
const gcry_mpi_point_t g1,
const gcry_mpi_point_t g2,
const gcry_mpi_t x,
gcry_mpi_point_t a,
gcry_mpi_point_t b,
gcry_mpi_t c,
gcry_mpi_t r);
int smc_zkp_2dle_check (const gcry_mpi_point_t v,
const gcry_mpi_point_t w,
const gcry_mpi_point_t g1,
const gcry_mpi_point_t g2,
const gcry_mpi_point_t a,
const gcry_mpi_point_t b,
const gcry_mpi_t c,
const gcry_mpi_t r);
void smc_zkp_0og (gcry_mpi_point_t alpha,
const gcry_mpi_point_t m,
const gcry_mpi_point_t y,
gcry_mpi_point_t beta,
gcry_mpi_point_t a1,
gcry_mpi_point_t a2,
gcry_mpi_point_t b1,
gcry_mpi_point_t b2,
gcry_mpi_t c,
gcry_mpi_t d1,
gcry_mpi_t d2,
gcry_mpi_t r1,
gcry_mpi_t r2);
int smc_zkp_0og_check (const gcry_mpi_point_t alpha,
const gcry_mpi_point_t y,
const gcry_mpi_point_t beta,
const gcry_mpi_point_t a1,
const gcry_mpi_point_t a2,
const gcry_mpi_point_t b1,
const gcry_mpi_point_t b2,
const gcry_mpi_t c,
const gcry_mpi_t d1,
const gcry_mpi_t d2,
const gcry_mpi_t r1,
const gcry_mpi_t r2);
#endif // ifndef _BRANDT_SMC_H #endif // ifndef _BRANDT_SMC_H

2
test.h
View File

@ -27,6 +27,6 @@ int tests_run = 0;
int ret = 0; int ret = 0;
#define check(cond, message) do { if (!(cond)) { fputs (message, stderr); fputc ('\n', stderr); return 0; } } while (0) #define check(cond, message) do { if (!(cond)) { fputs (message, stderr); fputc ('\n', stderr); return 0; } } while (0)
#define run(test) do { tests_run++; if (!test ()) { ret = 1; } } while (0) #define run(test) do { if (!test ()) { ret = 1; } } while (0)
#endif // ifndef _BRANDT_TEST_H #endif // ifndef _BRANDT_TEST_H

160
test_crypto.c
View File

@ -23,111 +23,85 @@
#include "smc.h" #include "smc.h"
#include "test.h" #include "test.h"
extern gcry_mpi_point_t ec_gen;
extern gcry_ctx_t ec_ctx; extern gcry_ctx_t ec_ctx;
extern gcry_mpi_point_t ec_gen;
int extern gcry_mpi_point_t ec_zero;
test_brandt_ec_keypair_create () extern gcry_mpi_t ec_n;
{
gcry_mpi_t skey;
gcry_mpi_point_t pkey1;
gcry_mpi_point_t pkey2 = gcry_mpi_point_new (0);
brandt_ec_keypair_create (&pkey1, &skey);
check (skey, "no sec key created");
check (pkey1, "no pub key created");
check (pkey2, "could not init pkey2");
gcry_mpi_ec_mul (pkey2, skey, ec_gen, ec_ctx);
check (!brandt_ec_point_cmp (pkey1, pkey2), "pkeys do not match");
gcry_mpi_release (skey);
gcry_mpi_point_release (pkey1);
gcry_mpi_point_release (pkey2);
}
int int
test_smc_zkp_dl () test_smc_zkp_dl ()
{ {
static int first = 1; gcry_mpi_t c = gcry_mpi_new (0);
gcry_mpi_t c; gcry_mpi_t r = gcry_mpi_new (0);
gcry_mpi_t r; gcry_mpi_t x = gcry_mpi_new (0);
gcry_mpi_t s; gcry_mpi_point_t a = gcry_mpi_point_new (0);
gcry_mpi_t x; gcry_mpi_point_t g = gcry_mpi_point_new (0);
gcry_mpi_point_t a;
gcry_mpi_point_t g;
gcry_mpi_point_t v = gcry_mpi_point_new (0); gcry_mpi_point_t v = gcry_mpi_point_new (0);
check (v, "no pub key initialized"); brandt_ec_keypair_create (g, c);
brandt_ec_keypair_create (&g, &s);
check (g, "no gen created");
if (first) if (0 == tests_run)
{ {
/**TODO: there has to be a better way to copy a point */
gcry_mpi_ec_mul (g, GCRYMPI_CONST_ONE, ec_gen, ec_ctx); gcry_mpi_ec_mul (g, GCRYMPI_CONST_ONE, ec_gen, ec_ctx);
first = 0;
} }
brandt_ec_skey_create (&x); brandt_ec_keypair_create_base (v, x, g);
check (x, "no sec key created");
gcry_mpi_ec_mul (v, x, g, ec_ctx);
check (v, "no pub key created");
smc_zkp_dl (v, g, x, &a, &c, &r); smc_zkp_dl (v, g, x, a, c, r);
check (!smc_zkp_dl_check (v, g, a, c, r), "zkp was false, should be true"); check (!smc_zkp_dl_check (v, g, a, c, r), "zkp dl wrong");
check (gcry_mpi_ec_curve_point (a, ec_ctx), "not on curve");
check (gcry_mpi_ec_curve_point (g, ec_ctx), "not on curve");
check (gcry_mpi_ec_curve_point (v, ec_ctx), "not on curve");
gcry_mpi_release (c); gcry_mpi_release (c);
gcry_mpi_release (r); gcry_mpi_release (r);
gcry_mpi_release (s);
gcry_mpi_release (x); gcry_mpi_release (x);
gcry_mpi_point_release (a); gcry_mpi_point_release (a);
gcry_mpi_point_release (g); gcry_mpi_point_release (g);
gcry_mpi_point_release (v); gcry_mpi_point_release (v);
} }
int int
test_smc_zkp_2dle () test_smc_zkp_2dle ()
{ {
static int first = 1; gcry_mpi_t c = gcry_mpi_new (0);
gcry_mpi_t c; gcry_mpi_t r = gcry_mpi_new (0);
gcry_mpi_t r; gcry_mpi_t x = gcry_mpi_new (0);
gcry_mpi_t s; gcry_mpi_point_t a = gcry_mpi_point_new (0);
gcry_mpi_t x; gcry_mpi_point_t b = gcry_mpi_point_new (0);
gcry_mpi_point_t a; gcry_mpi_point_t g1 = gcry_mpi_point_new (0);
gcry_mpi_point_t b; gcry_mpi_point_t g2 = gcry_mpi_point_new (0);
gcry_mpi_point_t g1;
gcry_mpi_point_t g2;
gcry_mpi_point_t v = gcry_mpi_point_new (0); gcry_mpi_point_t v = gcry_mpi_point_new (0);
gcry_mpi_point_t w = gcry_mpi_point_new (0); gcry_mpi_point_t w = gcry_mpi_point_new (0);
check (v, "no pub1 key initialized"); brandt_ec_keypair_create (g1, c);
check (w, "no pub2 key initialized"); brandt_ec_keypair_create (g2, c);
brandt_ec_keypair_create (&g1, &s);
gcry_mpi_release (s);
brandt_ec_keypair_create (&g2, &s);
check (g1, "no gen1 created");
check (g2, "no gen2 created");
if (first) if (0 == tests_run)
{ {
/**TODO: there has to be a better way to copy a point */
gcry_mpi_ec_mul (g1, GCRYMPI_CONST_ONE, ec_gen, ec_ctx); gcry_mpi_ec_mul (g1, GCRYMPI_CONST_ONE, ec_gen, ec_ctx);
gcry_mpi_ec_mul (g2, GCRYMPI_CONST_ONE, ec_gen, ec_ctx); gcry_mpi_ec_mul (g2, GCRYMPI_CONST_ONE, ec_gen, ec_ctx);
first = 0;
} }
brandt_ec_skey_create (&x); brandt_ec_keypair_create_base (v, x, g1);
check (x, "no sec key created");
gcry_mpi_ec_mul (v, x, g1, ec_ctx);
check (v, "no pub1 key created");
gcry_mpi_ec_mul (w, x, g2, ec_ctx); gcry_mpi_ec_mul (w, x, g2, ec_ctx);
check (w, "no pub2 key created");
smc_zkp_2dle (v, w, g1, g2, x, &a, &b, &c, &r); smc_zkp_2dle (v, w, g1, g2, x, a, b, c, r);
check (!smc_zkp_2dle_check (v, w, g1, g2, a, b, c, r), "zkp was false, should be true"); check (!smc_zkp_2dle_check (v, w, g1, g2, a, b, c, r), "zkp 2dle wrong");
check (gcry_mpi_ec_curve_point (a, ec_ctx), "not on curve");
check (gcry_mpi_ec_curve_point (b, ec_ctx), "not on curve");
check (gcry_mpi_ec_curve_point (g1, ec_ctx), "not on curve");
check (gcry_mpi_ec_curve_point (g2, ec_ctx), "not on curve");
check (gcry_mpi_ec_curve_point (v, ec_ctx), "not on curve");
check (gcry_mpi_ec_curve_point (w, ec_ctx), "not on curve");
gcry_mpi_release (c); gcry_mpi_release (c);
gcry_mpi_release (r); gcry_mpi_release (r);
gcry_mpi_release (s);
gcry_mpi_release (x); gcry_mpi_release (x);
gcry_mpi_point_release (a); gcry_mpi_point_release (a);
gcry_mpi_point_release (b); gcry_mpi_point_release (b);
@ -137,19 +111,65 @@ test_smc_zkp_2dle ()
gcry_mpi_point_release (w); gcry_mpi_point_release (w);
} }
int
test_smc_zkp_0og ()
{
gcry_mpi_t c = gcry_mpi_new (0);
gcry_mpi_t d1 = gcry_mpi_new (0);
gcry_mpi_t d2 = gcry_mpi_new (0);
gcry_mpi_t r1 = gcry_mpi_new (0);
gcry_mpi_t r2 = gcry_mpi_new (0);
gcry_mpi_point_t y = gcry_mpi_point_new (0);
gcry_mpi_point_t alpha = gcry_mpi_point_new (0);
gcry_mpi_point_t beta = gcry_mpi_point_new (0);
gcry_mpi_point_t a1 = gcry_mpi_point_new (0);
gcry_mpi_point_t a2 = gcry_mpi_point_new (0);
gcry_mpi_point_t b1 = gcry_mpi_point_new (0);
gcry_mpi_point_t b2 = gcry_mpi_point_new (0);
brandt_ec_keypair_create (y, c);
smc_zkp_0og (alpha, (tests_run % 2 ? ec_zero : ec_gen), y, beta, a1, a2, b1,
b2, c, d1, d2, r1, r2);
check (!smc_zkp_0og_check (alpha, y, beta, a1, a2, b1, b2, c, d1, d2, r1,
r2), "zkp 0og is wrong");
check (gcry_mpi_ec_curve_point (y, ec_ctx), "not on curve");
check (gcry_mpi_ec_curve_point (alpha, ec_ctx), "not on curve");
check (gcry_mpi_ec_curve_point (beta, ec_ctx), "not on curve");
check (gcry_mpi_ec_curve_point (a1, ec_ctx), "not on curve");
check (gcry_mpi_ec_curve_point (a2, ec_ctx), "not on curve");
check (gcry_mpi_ec_curve_point (b1, ec_ctx), "not on curve");
check (gcry_mpi_ec_curve_point (b2, ec_ctx), "not on curve");
gcry_mpi_release (c);
gcry_mpi_release (d1);
gcry_mpi_release (d2);
gcry_mpi_release (r1);
gcry_mpi_release (r2);
gcry_mpi_point_release (y);
gcry_mpi_point_release (alpha);
gcry_mpi_point_release (beta);
gcry_mpi_point_release (a1);
gcry_mpi_point_release (a2);
gcry_mpi_point_release (b1);
gcry_mpi_point_release (b2);
}
int int
main (int argc, char *argv[]) main (int argc, char *argv[])
{ {
int repeat = 50; int repeat = 32;
int i;
BRANDT_init (); BRANDT_init ();
for (i = 0; i < repeat; i++) for (tests_run = 0; tests_run < repeat; tests_run++)
{ {
run (test_brandt_ec_keypair_create);
run (test_smc_zkp_dl); run (test_smc_zkp_dl);
run (test_smc_zkp_2dle); run (test_smc_zkp_2dle);
run (test_smc_zkp_0og);
} }
return ret; return ret;

25
uncrustify/conf
View File

@ -908,7 +908,7 @@ nl_switch_brace = add # ignore/add/remove/force
# Add a newline between ')' and '{' if the ')' is on a different line than the if/for/etc. # Add a newline between ')' and '{' if the ')' is on a different line than the if/for/etc.
# Overrides nl_for_brace, nl_if_brace, nl_switch_brace, nl_while_switch, and nl_catch_brace. # Overrides nl_for_brace, nl_if_brace, nl_switch_brace, nl_while_switch, and nl_catch_brace.
nl_multi_line_cond = false # false/true nl_multi_line_cond = true # false/true
# Force a newline in a define after the macro name for multi-line defines. # Force a newline in a define after the macro name for multi-line defines.
nl_multi_line_define = false # false/true nl_multi_line_define = false # false/true
@ -1093,14 +1093,14 @@ nl_create_while_one_liner = false # false/true
# #
# The position of arithmetic operators in wrapped expressions # The position of arithmetic operators in wrapped expressions
pos_arith = lead # ignore/lead/lead_break/lead_force/trail/trail_break/trail_force pos_arith = trail # ignore/lead/lead_break/lead_force/trail/trail_break/trail_force
# The position of assignment in wrapped expressions. # The position of assignment in wrapped expressions.
# Do not affect '=' followed by '{' # Do not affect '=' followed by '{'
pos_assign = trail # ignore/lead/lead_break/lead_force/trail/trail_break/trail_force pos_assign = trail # ignore/lead/lead_break/lead_force/trail/trail_break/trail_force
# The position of boolean operators in wrapped expressions # The position of boolean operators in wrapped expressions
pos_bool = lead # ignore/lead/lead_break/lead_force/trail/trail_break/trail_force pos_bool = trail # ignore/lead/lead_break/lead_force/trail/trail_break/trail_force
# The position of comparison operators in wrapped expressions # The position of comparison operators in wrapped expressions
pos_compare = lead # ignore/lead/lead_break/lead_force/trail/trail_break/trail_force pos_compare = lead # ignore/lead/lead_break/lead_force/trail/trail_break/trail_force
@ -1125,10 +1125,10 @@ pos_class_colon = ignore # ignore/lead/lead_break/lea
code_width = 80 # number code_width = 80 # number
# Whether to fully split long 'for' statements at semi-colons # Whether to fully split long 'for' statements at semi-colons
ls_for_split_full = false # false/true ls_for_split_full = true # false/true
# Whether to fully split long function protos/calls at commas # Whether to fully split long function protos/calls at commas
ls_func_split_full = false # false/true ls_func_split_full = true # false/true
# #
# Blank line options # Blank line options
@ -1144,7 +1144,7 @@ nl_after_func_proto = 0 # number
nl_after_func_proto_group = 0 # number nl_after_func_proto_group = 0 # number
# The number of newlines after '}' of a multi-line function body # The number of newlines after '}' of a multi-line function body
nl_after_func_body = 2 # number nl_after_func_body = 3 # number
# The number of newlines after '}' of a multi-line function body in a class declaration # The number of newlines after '}' of a multi-line function body in a class declaration
nl_after_func_body_class = 0 # number nl_after_func_body_class = 0 # number
@ -1212,20 +1212,20 @@ eat_blanks_before_close_brace = false # false/true
# #
# Add or remove braces on single-line 'do' statement # Add or remove braces on single-line 'do' statement
mod_full_brace_do = remove # ignore/add/remove/force mod_full_brace_do = force # ignore/add/remove/force
# Add or remove braces on single-line 'for' statement # Add or remove braces on single-line 'for' statement
mod_full_brace_for = add # ignore/add/remove/force mod_full_brace_for = remove # ignore/add/remove/force
# Add or remove braces on single-line function definitions. (Pawn) # Add or remove braces on single-line function definitions. (Pawn)
mod_full_brace_function = ignore # ignore/add/remove/force mod_full_brace_function = ignore # ignore/add/remove/force
# Add or remove braces on single-line 'if' statement. Will not remove the braces if they contain an 'else'. # Add or remove braces on single-line 'if' statement. Will not remove the braces if they contain an 'else'.
mod_full_brace_if = add # ignore/add/remove/force mod_full_brace_if = ignore # ignore/add/remove/force
# Make all if/elseif/else statements in a chain be braced or not. Overrides mod_full_brace_if. # Make all if/elseif/else statements in a chain be braced or not. Overrides mod_full_brace_if.
# If any must be braced, they are all braced. If all can be unbraced, then the braces are removed. # If any must be braced, they are all braced. If all can be unbraced, then the braces are removed.
mod_full_brace_if_chain = true # false/true mod_full_brace_if_chain = false # false/true
# Don't remove braces around statements that span N newlines # Don't remove braces around statements that span N newlines
mod_full_brace_nl = 3 # number mod_full_brace_nl = 3 # number
@ -1323,7 +1323,7 @@ cmt_cpp_nl_end = false # false/true
cmt_cpp_to_c = false # false/true cmt_cpp_to_c = false # false/true
# Whether to put a star on subsequent comment lines # Whether to put a star on subsequent comment lines
cmt_star_cont = true # false/true cmt_star_cont = false # false/true
# The number of spaces to insert at the start of subsequent comment lines # The number of spaces to insert at the start of subsequent comment lines
cmt_sp_before_star_cont = 0 # number cmt_sp_before_star_cont = 0 # number
@ -1346,7 +1346,8 @@ cmt_insert_file_footer = "" # string
# The filename that contains text to insert before a function implementation if the function isn't preceded with a C/C++ comment. # The filename that contains text to insert before a function implementation if the function isn't preceded with a C/C++ comment.
# Will substitute $(function) with the function name and $(javaparam) with the javadoc @param and @return stuff. # Will substitute $(function) with the function name and $(javaparam) with the javadoc @param and @return stuff.
# Will also substitute $(fclass) with the class name: void CFoo::Bar() { ... } # Will also substitute $(fclass) with the class name: void CFoo::Bar() { ... }
cmt_insert_func_header = "func_header" # string cmt_insert_func_header = "" # string
#cmt_insert_func_header = "func_header" # string
# The filename that contains text to insert before a class if the class isn't preceded with a C/C++ comment. # The filename that contains text to insert before a class if the class isn't preceded with a C/C++ comment.
# Will substitute $(class) with the class name. # Will substitute $(class) with the class name.