mirrors/minisign
1
0
Fork 0
mirror of https://github.com/jedisct1/minisign.git synced 2025-04-05 03:47:45 +03:00
Code Issues Projects Releases Packages Wiki Activity

Make libsodium optional

Browse source
This commit is contained in:
Frank Denis 2025-01-15 22:11:52 +01:00
parent e640be4b8f
commit e43b9ff13b
5 changed files with 184 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

13
README.md
View file

@ -20,17 +20,24 @@ Compilation / installation
Dependencies: Dependencies:
* [libsodium](https://libsodium.org/) * [libsodium](https://libsodium.org/) (*optional*)
* [zig](https://ziglang.org)
Compilation: Compilation with libsodium:
$ zig build -Drelease $ zig build -Drelease
Compilation without libsodium:
$ zig build -Drelease -Dwithout_libsodium
The resulting binary can be found in `zig-out/bin/minisign`. The resulting binary can be found in `zig-out/bin/minisign`.
## Using cmake and gcc or clang: ## Using cmake and gcc or clang:
* [libsodium](https://libsodium.org/) Dependencies:
* [libsodium](https://libsodium.org/) (*required*)
* cmake * cmake
* pkg-config * pkg-config
* gcc or clang * gcc or clang

27
build.zig
View file

@ -4,6 +4,8 @@ pub fn build(b: *std.Build) !void {
const target = b.standardTargetOptions(.{}); const target = b.standardTargetOptions(.{});
const optimize = b.standardOptimizeOption(.{ .preferred_optimize_mode = .ReleaseSmall }); const optimize = b.standardOptimizeOption(.{ .preferred_optimize_mode = .ReleaseSmall });
const use_libzodium = b.option(bool, "without_libsodium", "Use the zig standard library instead of libsodium") orelse false;
const minisign = b.addExecutable(.{ const minisign = b.addExecutable(.{
.name = "minisign", .name = "minisign",
.target = target, .target = target,
@ -11,10 +13,27 @@ pub fn build(b: *std.Build) !void {
.strip = true, .strip = true,
}); });
minisign.linkLibC(); minisign.linkLibC();
minisign.root_module.linkSystemLibrary( if (use_libzodium) {
"sodium", const libzodium_mod = b.createModule(.{
.{ .use_pkg_config = .yes }, .root_source_file = b.path("src/libzodium.zig"),
); .target = target,
.optimize = optimize,
});
const libzodium = b.addStaticLibrary(.{
.name = "zodium",
.root_module = libzodium_mod,
.strip = true,
});
libzodium.linkLibC();
b.installArtifact(libzodium);
minisign.root_module.addCMacro("LIBZODIUM", "1");
minisign.linkLibrary(libzodium);
} else {
minisign.root_module.linkSystemLibrary(
"sodium",
.{ .use_pkg_config = .yes },
);
}
minisign.addIncludePath(b.path("src")); minisign.addIncludePath(b.path("src"));
minisign.addSystemIncludePath(.{ .cwd_relative = "/opt/homebrew/include" }); minisign.addSystemIncludePath(.{ .cwd_relative = "/opt/homebrew/include" });
minisign.addSystemIncludePath(.{ .cwd_relative = "/usr/local/include" }); minisign.addSystemIncludePath(.{ .cwd_relative = "/usr/local/include" });

22
src/helpers.c
View file

@ -1,10 +1,10 @@
#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__)) || defined(__HAIKU__) #if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__)) || defined(__HAIKU__)
#include <fcntl.h> # include <fcntl.h>
#include <sys/stat.h> # include <sys/stat.h>
#include <sys/types.h> # include <sys/types.h>
#elif defined(_WIN32) #elif defined(_WIN32)
#include <direct.h> # include <direct.h>
#endif #endif
#include <errno.h> #include <errno.h>
@ -14,7 +14,11 @@
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <sodium.h> #ifdef LIBZODIUM
# include "zodium.h"
#else
# include <sodium.h>
#endif
#include "base64.h" #include "base64.h"
#include "helpers.h" #include "helpers.h"
@ -100,7 +104,7 @@ xor_buf(unsigned char *dst, const unsigned char *src, size_t len)
int int
xfprintf(FILE *fp, const char *format, ...) xfprintf(FILE *fp, const char *format, ...)
{ {
char * out; char *out;
size_t out_maxlen = 4096U; size_t out_maxlen = 4096U;
int len; int len;
va_list va; va_list va;
@ -126,7 +130,7 @@ int
xfput_b64(FILE *fp, const unsigned char *bin, size_t bin_len) xfput_b64(FILE *fp, const unsigned char *bin, size_t bin_len)
{ {
const size_t b64_maxlen = (bin_len + 2) * 4 / 3 + 1; const size_t b64_maxlen = (bin_len + 2) * 4 / 3 + 1;
char * b64; char *b64;
b64 = xsodium_malloc(b64_maxlen); b64 = xsodium_malloc(b64_maxlen);
if (bin_to_b64(b64, bin, b64_maxlen, bin_len) == NULL) { if (bin_to_b64(b64, bin, b64_maxlen, bin_len) == NULL) {
@ -160,7 +164,7 @@ trim(char *str)
while (i-- > (size_t) 0U) { while (i-- > (size_t) 0U) {
if (str[i] == '\n') { if (str[i] == '\n') {
str[i] = 0; str[i] = 0;
t = 1; t = 1;
} else if (str[i] == '\r') { } else if (str[i] == '\r') {
str[i] = 0; str[i] = 0;
} }
@ -198,7 +202,7 @@ int
basedir_create_useronly(const char *file) basedir_create_useronly(const char *file)
{ {
const char *basename; const char *basename;
char * dir; char *dir;
int ret = -1; int ret = -1;
dir = xstrdup(file); dir = xstrdup(file);

120
src/libzodium.zig Normal file
View file

@ -0,0 +1,120 @@
const std = @import("std");
const crypto = std.crypto;
const mem = std.mem;
const Ed25519 = crypto.sign.Ed25519;
export fn sodium_init() callconv(.C) c_int {
return 0;
}
export fn sodium_memzero(pnt: [*c]u8, len: usize) callconv(.C) void {
crypto.utils.secureZero(u8, pnt[0..len]);
}
export fn randombytes_buf(pnt: [*c]u8, len: usize) callconv(.C) void {
crypto.random.bytes(pnt[0..len]);
}
export fn sodium_malloc(len: usize) callconv(.C) ?*anyopaque {
return std.c.malloc(len);
}
export fn sodium_free(pnt: ?*anyopaque) callconv(.C) void {
return std.c.free(pnt);
}
export fn crypto_pwhash_scryptsalsa208sha256(
out: [*c]u8,
outlen: c_ulonglong,
passwd: [*c]const u8,
passwdlen: c_ulonglong,
salt: [*c]const u8,
opslimit: c_ulonglong,
memlimit: usize,
) callconv(.C) c_int {
crypto.pwhash.scrypt.kdf(
std.heap.c_allocator,
out[0..outlen],
passwd[0..passwdlen],
salt[0..32],
crypto.pwhash.scrypt.Params.fromLimits(opslimit, memlimit),
) catch return -1;
return 0;
}
const crypto_generichash_state = crypto.hash.blake2.Blake2b512;
export fn crypto_generichash_init(
state: *crypto_generichash_state,
_: [*c]const u8,
_: usize,
outlen: usize,
) c_int {
state.* = crypto.hash.blake2.Blake2b512.init(.{ .expected_out_bits = outlen * 8 });
return 0;
}
export fn crypto_generichash_update(
state: *crypto_generichash_state,
in: [*c]const u8,
inlen: c_ulonglong,
) c_int {
state.*.update(in[0..inlen]);
return 0;
}
export fn crypto_generichash_final(
state: *crypto_generichash_state,
out: [*c]u8,
outlen: usize,
) c_int {
var h: [64]u8 = undefined;
state.*.final(&h);
@memcpy(out[0..outlen], h[0..outlen]);
return 0;
}
export fn crypto_sign_keypair(pk: [*c]u8, sk: [*c]u8) callconv(.C) c_int {
const kp = Ed25519.KeyPair.generate();
pk[0..32].* = kp.public_key.toBytes();
sk[0..64].* = kp.secret_key.toBytes();
return 0;
}
export fn crypto_sign_detached(
sig_bytes: [*c]u8,
_: [*c]c_ulonglong,
m: [*c]const u8,
mlen: c_ulonglong,
sk_bytes: [*c]const u8,
) callconv(.C) c_int {
const sk = Ed25519.SecretKey.fromBytes(sk_bytes[0..64].*) catch return -1;
const kp = Ed25519.KeyPair.fromSecretKey(sk) catch return -1;
var noise: [Ed25519.noise_length]u8 = undefined;
crypto.random.bytes(&noise);
const s = kp.sign(m[0..mlen], noise) catch return -1;
sig_bytes[0..64].* = s.toBytes();
return 0;
}
export fn crypto_sign_verify_detached(
sig_bytes: [*c]const u8,
m: [*c]const u8,
mlen: c_ulonglong,
pk_bytes: [*c]const u8,
) callconv(.C) c_int {
const pk = Ed25519.PublicKey.fromBytes(pk_bytes[0..32].*) catch return -1;
const sig = Ed25519.Signature.fromBytes(sig_bytes[0..64].*);
sig.verify(m[0..mlen], pk) catch return 1;
return 0;
}
export fn sodium_bin2hex(
hex: [*c]u8,
hex_maxlen: usize,
bin: [*c]const u8,
bin_len: usize,
) callconv(.C) [*c]u8 {
_ = std.fmt.bufPrint(hex[0..hex_maxlen], "{s}", .{std.fmt.fmtSliceHexLower(bin[0..bin_len])}) catch return null;
return hex;
}

32
src/minisign.c
View file

@ -10,7 +10,11 @@
#include <time.h> #include <time.h>
#include <unistd.h> #include <unistd.h>
#include <sodium.h> #ifdef LIBZODIUM
# include "zodium.h"
#else
# include <sodium.h>
#endif
#include "base64.h" #include "base64.h"
#include "get_line.h" #include "get_line.h"
@ -829,28 +833,28 @@ main(int argc, char **argv)
#ifndef VERIFY_ONLY #ifndef VERIFY_ONLY
char *sk_file = sig_default_skfile(); char *sk_file = sig_default_skfile();
#endif #endif
const char *sig_file = NULL; const char *sig_file = NULL;
const char *message_file = NULL; const char *message_file = NULL;
#ifndef VERIFY_ONLY #ifndef VERIFY_ONLY
const char *comment = NULL; const char *comment = NULL;
#endif #endif
const char *pubkey_s = NULL; const char *pubkey_s = NULL;
#ifndef VERIFY_ONLY #ifndef VERIFY_ONLY
const char *trusted_comment = NULL; const char *trusted_comment = NULL;
#endif #endif
unsigned char opt_seen[16] = { 0 }; unsigned char opt_seen[16] = { 0 };
int opt_flag; int opt_flag;
int quiet = 0; int quiet = 0;
int output = 0; int output = 0;
#ifndef VERIFY_ONLY #ifndef VERIFY_ONLY
int force = 0; int force = 0;
#endif #endif
int allow_legacy = 1; int allow_legacy = 1;
#ifndef VERIFY_ONLY #ifndef VERIFY_ONLY
int sign_legacy = 0; int sign_legacy = 0;
int unencrypted_key = 0; int unencrypted_key = 0;
#endif #endif
Action action = ACTION_NONE; Action action = ACTION_NONE;
while ((opt_flag = getopt(argc, argv, getopt_options)) != -1) { while ((opt_flag = getopt(argc, argv, getopt_options)) != -1) {
switch (opt_flag) { switch (opt_flag) {