diff --git a/.envrc b/.envrc new file mode 100644 index 0000000..1d953f4 --- /dev/null +++ b/.envrc @@ -0,0 +1 @@ +use nix diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..698bbcc --- /dev/null +++ b/Makefile @@ -0,0 +1,36 @@ +RUSTFLAGS := RUSTFLAGS='-C link-arg=-s' +BUILD_CMD := cargo build --release + +.PHONY: all clean clean-all + +golib: rustlib header + go build + +rustlib: libzkgroup-amd64 libzkgroup-arm64 libzkgroup-armhf + +libzkgroup-amd64: + cd lib/zkgroup && \ + $(RUSTFLAGS) $(BUILD_CMD) + cp lib/zkgroup/target/release/libzkgroup.a lib/libzkgroup_linux_amd64.a + +libzkgroup-arm64: + cd lib/zkgroup && \ + $(RUSTFLAGS) CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_LINKER=aarch64-unknown-linux-gnu-gcc $(BUILD_CMD) --target=aarch64-unknown-linux-gnu + cp lib/zkgroup/target/aarch64-unknown-linux-gnu/release/libzkgroup.a lib/libzkgroup_linux_arm64.a + +libzkgroup-armhf: + cd lib/zkgroup && \ + $(RUSTFLAGS) CARGO_TARGET_ARMV7_UNKNOWN_LINUX_GNUEABIHF_LINKER=armv7l-unknown-linux-gnueabihf-gcc $(BUILD_CMD) --target=armv7-unknown-linux-gnueabihf + cp lib/zkgroup/target/armv7-unknown-linux-gnueabihf/release/libzkgroup.a lib/libzkgroup_linux_armhf.a + +header: + cbindgen --lang c lib/zkgroup/rust -o lib/zkgroup.h + +clean: + go clean + cd lib/zkgroup && \ + cargo clean + +clean-all: clean + rm lib/*.a + rm lib/*.h diff --git a/README.md b/README.md index 6cb5d5f..d148f57 100644 --- a/README.md +++ b/README.md @@ -4,33 +4,62 @@ Go library for the Signal Private Group System. See [github.com/signalapp/zkgroup](https://github.com/signalapp/zkgroup). -# build zkgroup +## Build the Rust library -- checkout git submodules -- +### Build environment -# cross compile +### With [Nix](https://nixos.org/) -`cargo install cross` -`cd lib/zkgroup/` +Simply enter the Nix shell: -## linux aarch64 + $ nix-shell +Alternatively, if you are also using [direnv](https://direnv.net/), you can +allow the `.envrc` to enter automatically the Nix shell whenever you enter the +project: -`cross build --target aarch64-unknown-linux-gnu` + $ direnv allow -`cp target/aarch64-unknown-linux-gnu/debug/libzkgroup.so ../libzkgroup_linux_aarch64.so` +### Without Nix +In order to build the Rust library for all three supported platform, you’ll +first need [Rustup](https://rustup.rs/). -## linux,armhf +Then, install the stable Rust toolchain: -`cross build --target armv7-unknown-linux-gnueabihf` -`cp target/armv7-unknown-linux-gnueabihf/debug/libzkgroup.so ../libzkgroup_linux_armhf.so` + $ rustup install stable -or install arm-linux-gnueabihf-gcc and +Install the targets for the mobile platforms: -``` -export CARGO_TARGET_ARMV7_UNKNOWN_LINUX_GNUEABIHF_LINKER=/usr/bin/arm-linux-gnueabihf-gcc + $ rustup target add aarch64-unknown-linux-gnu + $ rustup target add armv7-unknown-linux-gnueabihf -cargo build --target armv7-unknown-linux-gnueabihf --release --verbose -``` \ No newline at end of file +Install C compilers for these targets. Instructions depend on your distribution, +but you should have `aarch64-unknown-linux-gnu-gcc` and +`armv7l-unknown-linux-gnueabihf-gcc` in your path. + +Install `cbindgen` to generate the C header for the Rust FFI: + + $ cargo install cbindgen + +### Build instructions + +1. Fetch the submodule, if not already done: + + $ git submodule init + $ git submodule update + +2. Build the library: + + $ make + +This will build the Rust library into a static library for `amd64`, `arm64` and +`armhf` on Linux, put them in `lib/` and generate `lib/zkgroup.h`. + +3. Clean the Rust articafcts: + + $ make clean + +You can also remove the generated files by running: + + $ make clean-all diff --git a/auth_credential.go b/auth_credential.go index 9d0f057..6f97c50 100644 --- a/auth_credential.go +++ b/auth_credential.go @@ -1,9 +1,9 @@ package zkgroup /* -#cgo linux,amd64 LDFLAGS: -L${SRCDIR}/lib '-Wl,-rpath,$$ORIGIN/' -lzkgroup_linux_amd64 -#cgo linux,arm64 LDFLAGS: -L${SRCDIR}/lib '-Wl,-rpath,$$ORIGIN/' -lzkgroup_linux_arm64 -#cgo linux,arm LDFLAGS: -L${SRCDIR}/lib '-Wl,-rpath,$$ORIGIN/' -lzkgroup_linux_armhf +#cgo linux,amd64 LDFLAGS: -L${SRCDIR}/lib -ldl -lzkgroup_linux_amd64 +#cgo linux,arm64 LDFLAGS: -L${SRCDIR}/lib -ldl -lzkgroup_linux_arm64 +#cgo linux,arm LDFLAGS: -L${SRCDIR}/lib -ldl -lzkgroup_linux_armhf #include "lib/zkgroup.h" */ diff --git a/client.go b/client.go index 0cd7015..437be84 100644 --- a/client.go +++ b/client.go @@ -1,9 +1,9 @@ package zkgroup /* -#cgo linux,amd64 LDFLAGS: -L${SRCDIR}/lib '-Wl,-rpath,$$ORIGIN/' -lzkgroup_linux_amd64 -#cgo linux,arm64 LDFLAGS: -L${SRCDIR}/lib '-Wl,-rpath,$$ORIGIN/' -lzkgroup_linux_arm64 -#cgo linux,arm LDFLAGS: -L${SRCDIR}/lib '-Wl,-rpath,$$ORIGIN/' -lzkgroup_linux_armhf +#cgo linux,amd64 LDFLAGS: -L${SRCDIR}/lib -ldl -lzkgroup_linux_amd64 +#cgo linux,arm64 LDFLAGS: -L${SRCDIR}/lib -ldl -lzkgroup_linux_arm64 +#cgo linux,arm LDFLAGS: -L${SRCDIR}/lib -ldl -lzkgroup_linux_armhf #include "lib/zkgroup.h" */ diff --git a/error.go b/error.go index 5f5fa6d..cc15f26 100644 --- a/error.go +++ b/error.go @@ -1,9 +1,9 @@ package zkgroup /* -#cgo linux,amd64 LDFLAGS: -L${SRCDIR}/lib '-Wl,-rpath,$$ORIGIN/' -lzkgroup_linux_amd64 -#cgo linux,arm64 LDFLAGS: -L${SRCDIR}/lib '-Wl,-rpath,$$ORIGIN/' -lzkgroup_linux_arm64 -#cgo linux,arm LDFLAGS: -L${SRCDIR}/lib '-Wl,-rpath,$$ORIGIN/' -lzkgroup_linux_armhf +#cgo linux,amd64 LDFLAGS: -L${SRCDIR}/lib -ldl -lzkgroup_linux_amd64 +#cgo linux,arm64 LDFLAGS: -L${SRCDIR}/lib -ldl -lzkgroup_linux_arm64 +#cgo linux,arm LDFLAGS: -L${SRCDIR}/lib -ldl -lzkgroup_linux_armhf #include "lib/zkgroup.h" */ diff --git a/group.go b/group.go index c3351d8..25dbbc1 100644 --- a/group.go +++ b/group.go @@ -1,9 +1,9 @@ package zkgroup /* -#cgo linux,amd64 LDFLAGS: -L${SRCDIR}/lib '-Wl,-rpath,$$ORIGIN/' -lzkgroup_linux_amd64 -#cgo linux,arm64 LDFLAGS: -L${SRCDIR}/lib '-Wl,-rpath,$$ORIGIN/' -lzkgroup_linux_arm64 -#cgo linux,arm LDFLAGS: -L${SRCDIR}/lib '-Wl,-rpath,$$ORIGIN/' -lzkgroup_linux_armhf +#cgo linux,amd64 LDFLAGS: -L${SRCDIR}/lib -ldl -lzkgroup_linux_amd64 +#cgo linux,arm64 LDFLAGS: -L${SRCDIR}/lib -ldl -lzkgroup_linux_arm64 +#cgo linux,arm LDFLAGS: -L${SRCDIR}/lib -ldl -lzkgroup_linux_armhf #include "lib/zkgroup.h" */ diff --git a/lib/libzkgroup_linux_arm64.so b/lib/libzkgroup_linux_amd64.a old mode 100755 new mode 100644 similarity index 55% rename from lib/libzkgroup_linux_arm64.so rename to lib/libzkgroup_linux_amd64.a index 22bb46f..8828f28 Binary files a/lib/libzkgroup_linux_arm64.so and b/lib/libzkgroup_linux_amd64.a differ diff --git a/lib/libzkgroup_linux_amd64.so b/lib/libzkgroup_linux_amd64.so deleted file mode 100755 index 440bd4c..0000000 Binary files a/lib/libzkgroup_linux_amd64.so and /dev/null differ diff --git a/lib/libzkgroup_linux_arm64.a b/lib/libzkgroup_linux_arm64.a new file mode 100644 index 0000000..4f2a83a Binary files /dev/null and b/lib/libzkgroup_linux_arm64.a differ diff --git a/lib/libzkgroup_linux_armhf.a b/lib/libzkgroup_linux_armhf.a new file mode 100644 index 0000000..0eeb7c1 Binary files /dev/null and b/lib/libzkgroup_linux_armhf.a differ diff --git a/lib/libzkgroup_linux_armhf.so b/lib/libzkgroup_linux_armhf.so deleted file mode 100755 index 56313da..0000000 Binary files a/lib/libzkgroup_linux_armhf.so and /dev/null differ diff --git a/lib/zkgroup.h b/lib/zkgroup.h index 6587518..a971f9c 100644 --- a/lib/zkgroup.h +++ b/lib/zkgroup.h @@ -3,31 +3,35 @@ #include #include -#define NUM_AUTH_CRED_ATTRIBUTES 3 +#define AESGCM_NONCE_LEN 12 -#define NUM_PROFILE_KEY_CRED_ATTRIBUTES 4 +#define AESGCM_TAG_LEN 16 #define AES_KEY_LEN 32 -#define AESGCM_NONCE_LEN 12 +#define AUTH_CREDENTIAL_LEN 342 -#define AESGCM_TAG_LEN 16 +#define AUTH_CREDENTIAL_PRESENTATION_LEN 493 -#define GROUP_MASTER_KEY_LEN 32 +#define AUTH_CREDENTIAL_RESPONSE_LEN 361 -#define GROUP_SECRET_PARAMS_LEN 289 +#define FFI_RETURN_INPUT_ERROR 2 -#define GROUP_PUBLIC_PARAMS_LEN 97 +#define FFI_RETURN_INTERNAL_ERROR 1 + +#define FFI_RETURN_OK 0 #define GROUP_IDENTIFIER_LEN 32 -#define AUTH_CREDENTIAL_LEN 342 +#define GROUP_MASTER_KEY_LEN 32 -#define AUTH_CREDENTIAL_PRESENTATION_LEN 493 +#define GROUP_PUBLIC_PARAMS_LEN 97 -#define AUTH_CREDENTIAL_RESPONSE_LEN 361 +#define GROUP_SECRET_PARAMS_LEN 289 -#define PROFILE_KEY_LEN 32 +#define NUM_AUTH_CRED_ATTRIBUTES 3 + +#define NUM_PROFILE_KEY_CRED_ATTRIBUTES 4 #define PROFILE_KEY_CIPHERTEXT_LEN 65 @@ -37,98 +41,68 @@ #define PROFILE_KEY_CREDENTIAL_PRESENTATION_LEN 713 -#define PROFILE_KEY_CREDENTIAL_REQUEST_LEN 329 - #define PROFILE_KEY_CREDENTIAL_REQUEST_CONTEXT_LEN 473 +#define PROFILE_KEY_CREDENTIAL_REQUEST_LEN 329 + #define PROFILE_KEY_CREDENTIAL_RESPONSE_LEN 457 -#define PROFILE_KEY_VERSION_LEN 32 +#define PROFILE_KEY_LEN 32 #define PROFILE_KEY_VERSION_ENCODED_LEN 64 -#define RESERVED_LEN 1 +#define PROFILE_KEY_VERSION_LEN 32 -#define SERVER_SECRET_PARAMS_LEN 769 +#define RANDOMNESS_LEN 32 -#define SERVER_PUBLIC_PARAMS_LEN 161 +#define RESERVED_LEN 1 -#define UUID_CIPHERTEXT_LEN 65 +#define SERVER_PUBLIC_PARAMS_LEN 161 -#define RANDOMNESS_LEN 32 +#define SERVER_SECRET_PARAMS_LEN 769 #define SIGNATURE_LEN 64 -#define UUID_LEN 16 +#define UUID_CIPHERTEXT_LEN 65 -#define FFI_RETURN_OK 0 +#define UUID_LEN 16 -#define FFI_RETURN_INTERNAL_ERROR 1 +int32_t FFI_AuthCredentialPresentation_checkValidContents(const uint8_t *authCredentialPresentation, + uint32_t authCredentialPresentationLen); -#define FFI_RETURN_INPUT_ERROR 2 +int32_t FFI_AuthCredentialPresentation_getRedemptionTime(const uint8_t *authCredentialPresentation, + uint32_t authCredentialPresentationLen, + uint8_t *redemptionTimeOut, + uint32_t redemptionTimeLen); -int32_t FFI_ProfileKey_getCommitment(const uint8_t *profileKey, - uint32_t profileKeyLen, - const uint8_t *uuid, - uint32_t uuidLen, - uint8_t *profileKeyCommitmentOut, - uint32_t profileKeyCommitmentLen); +int32_t FFI_AuthCredentialPresentation_getUuidCiphertext(const uint8_t *authCredentialPresentation, + uint32_t authCredentialPresentationLen, + uint8_t *uuidCiphertextOut, + uint32_t uuidCiphertextLen); -int32_t FFI_ProfileKey_getProfileKeyVersion(const uint8_t *profileKey, - uint32_t profileKeyLen, - const uint8_t *uuid, - uint32_t uuidLen, - uint8_t *profileKeyVersionOut, - uint32_t profileKeyVersionLen); +int32_t FFI_AuthCredentialResponse_checkValidContents(const uint8_t *authCredentialResponse, + uint32_t authCredentialResponseLen); -int32_t FFI_ProfileKeyCommitment_checkValidContents(const uint8_t *profileKeyCommitment, - uint32_t profileKeyCommitmentLen); +int32_t FFI_AuthCredential_checkValidContents(const uint8_t *authCredential, + uint32_t authCredentialLen); -int32_t FFI_GroupSecretParams_generateDeterministic(const uint8_t *randomness, - uint32_t randomnessLen, - uint8_t *groupSecretParamsOut, - uint32_t groupSecretParamsLen); +int32_t FFI_GroupPublicParams_checkValidContents(const uint8_t *groupPublicParams, + uint32_t groupPublicParamsLen); -int32_t FFI_GroupSecretParams_deriveFromMasterKey(const uint8_t *groupMasterKey, - uint32_t groupMasterKeyLen, - uint8_t *groupSecretParamsOut, - uint32_t groupSecretParamsLen); +int32_t FFI_GroupPublicParams_getGroupIdentifier(const uint8_t *groupPublicParams, + uint32_t groupPublicParamsLen, + uint8_t *groupIdentifierOut, + uint32_t groupIdentifierLen); int32_t FFI_GroupSecretParams_checkValidContents(const uint8_t *groupSecretParams, uint32_t groupSecretParamsLen); -int32_t FFI_GroupSecretParams_getMasterKey(const uint8_t *groupSecretParams, - uint32_t groupSecretParamsLen, - uint8_t *groupMasterKeyOut, - uint32_t groupMasterKeyLen); - -int32_t FFI_GroupSecretParams_getPublicParams(const uint8_t *groupSecretParams, - uint32_t groupSecretParamsLen, - uint8_t *groupPublicParamsOut, - uint32_t groupPublicParamsLen); - -int32_t FFI_GroupSecretParams_encryptUuid(const uint8_t *groupSecretParams, - uint32_t groupSecretParamsLen, - const uint8_t *uuid, - uint32_t uuidLen, - uint8_t *uuidCiphertextOut, - uint32_t uuidCiphertextLen); - -int32_t FFI_GroupSecretParams_decryptUuid(const uint8_t *groupSecretParams, +int32_t FFI_GroupSecretParams_decryptBlob(const uint8_t *groupSecretParams, uint32_t groupSecretParamsLen, - const uint8_t *uuidCiphertext, - uint32_t uuidCiphertextLen, - uint8_t *uuidOut, - uint32_t uuidLen); - -int32_t FFI_GroupSecretParams_encryptProfileKey(const uint8_t *groupSecretParams, - uint32_t groupSecretParamsLen, - const uint8_t *profileKey, - uint32_t profileKeyLen, - const uint8_t *uuid, - uint32_t uuidLen, - uint8_t *profileKeyCiphertextOut, - uint32_t profileKeyCiphertextLen); + const uint8_t *blobCiphertext, + uint32_t blobCiphertextLen, + uint8_t *plaintextOut, + uint32_t plaintextLen); int32_t FFI_GroupSecretParams_decryptProfileKey(const uint8_t *groupSecretParams, uint32_t groupSecretParamsLen, @@ -139,6 +113,18 @@ int32_t FFI_GroupSecretParams_decryptProfileKey(const uint8_t *groupSecretParams uint8_t *profileKeyOut, uint32_t profileKeyLen); +int32_t FFI_GroupSecretParams_decryptUuid(const uint8_t *groupSecretParams, + uint32_t groupSecretParamsLen, + const uint8_t *uuidCiphertext, + uint32_t uuidCiphertextLen, + uint8_t *uuidOut, + uint32_t uuidLen); + +int32_t FFI_GroupSecretParams_deriveFromMasterKey(const uint8_t *groupMasterKey, + uint32_t groupMasterKeyLen, + uint8_t *groupSecretParamsOut, + uint32_t groupSecretParamsLen); + int32_t FFI_GroupSecretParams_encryptBlobDeterministic(const uint8_t *groupSecretParams, uint32_t groupSecretParamsLen, const uint8_t *randomness, @@ -148,44 +134,91 @@ int32_t FFI_GroupSecretParams_encryptBlobDeterministic(const uint8_t *groupSecre uint8_t *blobCiphertextOut, uint32_t blobCiphertextLen); -int32_t FFI_GroupSecretParams_decryptBlob(const uint8_t *groupSecretParams, +int32_t FFI_GroupSecretParams_encryptProfileKey(const uint8_t *groupSecretParams, + uint32_t groupSecretParamsLen, + const uint8_t *profileKey, + uint32_t profileKeyLen, + const uint8_t *uuid, + uint32_t uuidLen, + uint8_t *profileKeyCiphertextOut, + uint32_t profileKeyCiphertextLen); + +int32_t FFI_GroupSecretParams_encryptUuid(const uint8_t *groupSecretParams, uint32_t groupSecretParamsLen, - const uint8_t *blobCiphertext, - uint32_t blobCiphertextLen, - uint8_t *plaintextOut, - uint32_t plaintextLen); + const uint8_t *uuid, + uint32_t uuidLen, + uint8_t *uuidCiphertextOut, + uint32_t uuidCiphertextLen); -int32_t FFI_ServerSecretParams_generateDeterministic(const uint8_t *randomness, - uint32_t randomnessLen, - uint8_t *serverSecretParamsOut, - uint32_t serverSecretParamsLen); +int32_t FFI_GroupSecretParams_generateDeterministic(const uint8_t *randomness, + uint32_t randomnessLen, + uint8_t *groupSecretParamsOut, + uint32_t groupSecretParamsLen); -int32_t FFI_ServerSecretParams_checkValidContents(const uint8_t *serverSecretParams, - uint32_t serverSecretParamsLen); +int32_t FFI_GroupSecretParams_getMasterKey(const uint8_t *groupSecretParams, + uint32_t groupSecretParamsLen, + uint8_t *groupMasterKeyOut, + uint32_t groupMasterKeyLen); -int32_t FFI_ServerSecretParams_getPublicParams(const uint8_t *serverSecretParams, - uint32_t serverSecretParamsLen, - uint8_t *serverPublicParamsOut, - uint32_t serverPublicParamsLen); +int32_t FFI_GroupSecretParams_getPublicParams(const uint8_t *groupSecretParams, + uint32_t groupSecretParamsLen, + uint8_t *groupPublicParamsOut, + uint32_t groupPublicParamsLen); -int32_t FFI_ServerSecretParams_signDeterministic(const uint8_t *serverSecretParams, - uint32_t serverSecretParamsLen, - const uint8_t *randomness, - uint32_t randomnessLen, - const uint8_t *message, - uint32_t messageLen, - uint8_t *notarySignatureOut, - uint32_t notarySignatureLen); +int32_t FFI_ProfileKeyCiphertext_checkValidContents(const uint8_t *profileKeyCiphertext, + uint32_t profileKeyCiphertextLen); -int32_t FFI_ServerPublicParams_receiveAuthCredential(const uint8_t *serverPublicParams, - uint32_t serverPublicParamsLen, - const uint8_t *uuid, - uint32_t uuidLen, - uint32_t redemptionTime, - const uint8_t *authCredentialResponse, - uint32_t authCredentialResponseLen, - uint8_t *authCredentialOut, - uint32_t authCredentialLen); +int32_t FFI_ProfileKeyCommitment_checkValidContents(const uint8_t *profileKeyCommitment, + uint32_t profileKeyCommitmentLen); + +int32_t FFI_ProfileKeyCredentialPresentation_checkValidContents(const uint8_t *profileKeyCredentialPresentation, + uint32_t profileKeyCredentialPresentationLen); + +int32_t FFI_ProfileKeyCredentialPresentation_getProfileKeyCiphertext(const uint8_t *profileKeyCredentialPresentation, + uint32_t profileKeyCredentialPresentationLen, + uint8_t *profileKeyCiphertextOut, + uint32_t profileKeyCiphertextLen); + +int32_t FFI_ProfileKeyCredentialPresentation_getUuidCiphertext(const uint8_t *profileKeyCredentialPresentation, + uint32_t profileKeyCredentialPresentationLen, + uint8_t *uuidCiphertextOut, + uint32_t uuidCiphertextLen); + +int32_t FFI_ProfileKeyCredentialRequestContext_checkValidContents(const uint8_t *profileKeyCredentialRequestContext, + uint32_t profileKeyCredentialRequestContextLen); + +int32_t FFI_ProfileKeyCredentialRequestContext_getRequest(const uint8_t *profileKeyCredentialRequestContext, + uint32_t profileKeyCredentialRequestContextLen, + uint8_t *profileKeyCredentialRequestOut, + uint32_t profileKeyCredentialRequestLen); + +int32_t FFI_ProfileKeyCredentialRequest_checkValidContents(const uint8_t *profileKeyCredentialRequest, + uint32_t profileKeyCredentialRequestLen); + +int32_t FFI_ProfileKeyCredentialResponse_checkValidContents(const uint8_t *profileKeyCredentialResponse, + uint32_t profileKeyCredentialResponseLen); + +int32_t FFI_ProfileKeyCredential_checkValidContents(const uint8_t *profileKeyCredential, + uint32_t profileKeyCredentialLen); + +int32_t FFI_ProfileKey_getCommitment(const uint8_t *profileKey, + uint32_t profileKeyLen, + const uint8_t *uuid, + uint32_t uuidLen, + uint8_t *profileKeyCommitmentOut, + uint32_t profileKeyCommitmentLen); + +int32_t FFI_ProfileKey_getProfileKeyVersion(const uint8_t *profileKey, + uint32_t profileKeyLen, + const uint8_t *uuid, + uint32_t uuidLen, + uint8_t *profileKeyVersionOut, + uint32_t profileKeyVersionLen); + +int32_t FFI_Randomness_checkValidContents(const uint8_t *randomness, uint32_t randomnessLen); + +int32_t FFI_ServerPublicParams_checkValidContents(const uint8_t *serverPublicParams, + uint32_t serverPublicParamsLen); int32_t FFI_ServerPublicParams_createAuthCredentialPresentationDeterministic(const uint8_t *serverPublicParams, uint32_t serverPublicParamsLen, @@ -198,6 +231,17 @@ int32_t FFI_ServerPublicParams_createAuthCredentialPresentationDeterministic(con uint8_t *authCredentialPresentationOut, uint32_t authCredentialPresentationLen); +int32_t FFI_ServerPublicParams_createProfileKeyCredentialPresentationDeterministic(const uint8_t *serverPublicParams, + uint32_t serverPublicParamsLen, + const uint8_t *randomness, + uint32_t randomnessLen, + const uint8_t *groupSecretParams, + uint32_t groupSecretParamsLen, + const uint8_t *profileKeyCredential, + uint32_t profileKeyCredentialLen, + uint8_t *profileKeyCredentialPresentationOut, + uint32_t profileKeyCredentialPresentationLen); + int32_t FFI_ServerPublicParams_createProfileKeyCredentialRequestContextDeterministic(const uint8_t *serverPublicParams, uint32_t serverPublicParamsLen, const uint8_t *randomness, @@ -209,6 +253,16 @@ int32_t FFI_ServerPublicParams_createProfileKeyCredentialRequestContextDetermini uint8_t *profileKeyCredentialRequestContextOut, uint32_t profileKeyCredentialRequestContextLen); +int32_t FFI_ServerPublicParams_receiveAuthCredential(const uint8_t *serverPublicParams, + uint32_t serverPublicParamsLen, + const uint8_t *uuid, + uint32_t uuidLen, + uint32_t redemptionTime, + const uint8_t *authCredentialResponse, + uint32_t authCredentialResponseLen, + uint8_t *authCredentialOut, + uint32_t authCredentialLen); + int32_t FFI_ServerPublicParams_receiveProfileKeyCredential(const uint8_t *serverPublicParams, uint32_t serverPublicParamsLen, const uint8_t *profileKeyCredentialRequestContext, @@ -218,16 +272,25 @@ int32_t FFI_ServerPublicParams_receiveProfileKeyCredential(const uint8_t *server uint8_t *profileKeyCredentialOut, uint32_t profileKeyCredentialLen); -int32_t FFI_ServerPublicParams_createProfileKeyCredentialPresentationDeterministic(const uint8_t *serverPublicParams, - uint32_t serverPublicParamsLen, - const uint8_t *randomness, - uint32_t randomnessLen, - const uint8_t *groupSecretParams, - uint32_t groupSecretParamsLen, - const uint8_t *profileKeyCredential, - uint32_t profileKeyCredentialLen, - uint8_t *profileKeyCredentialPresentationOut, - uint32_t profileKeyCredentialPresentationLen); +int32_t FFI_ServerPublicParams_verifySignature(const uint8_t *serverPublicParams, + uint32_t serverPublicParamsLen, + const uint8_t *message, + uint32_t messageLen, + const uint8_t *notarySignature, + uint32_t notarySignatureLen); + +int32_t FFI_ServerSecretParams_checkValidContents(const uint8_t *serverSecretParams, + uint32_t serverSecretParamsLen); + +int32_t FFI_ServerSecretParams_generateDeterministic(const uint8_t *randomness, + uint32_t randomnessLen, + uint8_t *serverSecretParamsOut, + uint32_t serverSecretParamsLen); + +int32_t FFI_ServerSecretParams_getPublicParams(const uint8_t *serverSecretParams, + uint32_t serverSecretParamsLen, + uint8_t *serverPublicParamsOut, + uint32_t serverPublicParamsLen); int32_t FFI_ServerSecretParams_issueAuthCredentialDeterministic(const uint8_t *serverSecretParams, uint32_t serverSecretParamsLen, @@ -239,13 +302,6 @@ int32_t FFI_ServerSecretParams_issueAuthCredentialDeterministic(const uint8_t *s uint8_t *authCredentialResponseOut, uint32_t authCredentialResponseLen); -int32_t FFI_ServerSecretParams_verifyAuthCredentialPresentation(const uint8_t *serverSecretParams, - uint32_t serverSecretParamsLen, - const uint8_t *groupPublicParams, - uint32_t groupPublicParamsLen, - const uint8_t *authCredentialPresentation, - uint32_t authCredentialPresentationLen); - int32_t FFI_ServerSecretParams_issueProfileKeyCredentialDeterministic(const uint8_t *serverSecretParams, uint32_t serverSecretParamsLen, const uint8_t *randomness, @@ -259,6 +315,22 @@ int32_t FFI_ServerSecretParams_issueProfileKeyCredentialDeterministic(const uint uint8_t *profileKeyCredentialResponseOut, uint32_t profileKeyCredentialResponseLen); +int32_t FFI_ServerSecretParams_signDeterministic(const uint8_t *serverSecretParams, + uint32_t serverSecretParamsLen, + const uint8_t *randomness, + uint32_t randomnessLen, + const uint8_t *message, + uint32_t messageLen, + uint8_t *notarySignatureOut, + uint32_t notarySignatureLen); + +int32_t FFI_ServerSecretParams_verifyAuthCredentialPresentation(const uint8_t *serverSecretParams, + uint32_t serverSecretParamsLen, + const uint8_t *groupPublicParams, + uint32_t groupPublicParamsLen, + const uint8_t *authCredentialPresentation, + uint32_t authCredentialPresentationLen); + int32_t FFI_ServerSecretParams_verifyProfileKeyCredentialPresentation(const uint8_t *serverSecretParams, uint32_t serverSecretParamsLen, const uint8_t *groupPublicParams, @@ -266,79 +338,7 @@ int32_t FFI_ServerSecretParams_verifyProfileKeyCredentialPresentation(const uint const uint8_t *profileKeyCredentialPresentation, uint32_t profileKeyCredentialPresentationLen); -int32_t FFI_GroupPublicParams_checkValidContents(const uint8_t *groupPublicParams, - uint32_t groupPublicParamsLen); - -int32_t FFI_GroupPublicParams_getGroupIdentifier(const uint8_t *groupPublicParams, - uint32_t groupPublicParamsLen, - uint8_t *groupIdentifierOut, - uint32_t groupIdentifierLen); - -int32_t FFI_ServerPublicParams_checkValidContents(const uint8_t *serverPublicParams, - uint32_t serverPublicParamsLen); - -int32_t FFI_ServerPublicParams_verifySignature(const uint8_t *serverPublicParams, - uint32_t serverPublicParamsLen, - const uint8_t *message, - uint32_t messageLen, - const uint8_t *notarySignature, - uint32_t notarySignatureLen); - -int32_t FFI_AuthCredentialResponse_checkValidContents(const uint8_t *authCredentialResponse, - uint32_t authCredentialResponseLen); - -int32_t FFI_AuthCredential_checkValidContents(const uint8_t *authCredential, - uint32_t authCredentialLen); - -int32_t FFI_AuthCredentialPresentation_checkValidContents(const uint8_t *authCredentialPresentation, - uint32_t authCredentialPresentationLen); - -int32_t FFI_AuthCredentialPresentation_getUuidCiphertext(const uint8_t *authCredentialPresentation, - uint32_t authCredentialPresentationLen, - uint8_t *uuidCiphertextOut, - uint32_t uuidCiphertextLen); - -int32_t FFI_AuthCredentialPresentation_getRedemptionTime(const uint8_t *authCredentialPresentation, - uint32_t authCredentialPresentationLen, - uint8_t *redemptionTimeOut, - uint32_t redemptionTimeLen); - -int32_t FFI_ProfileKeyCredentialRequestContext_checkValidContents(const uint8_t *profileKeyCredentialRequestContext, - uint32_t profileKeyCredentialRequestContextLen); - -int32_t FFI_ProfileKeyCredentialRequestContext_getRequest(const uint8_t *profileKeyCredentialRequestContext, - uint32_t profileKeyCredentialRequestContextLen, - uint8_t *profileKeyCredentialRequestOut, - uint32_t profileKeyCredentialRequestLen); - -int32_t FFI_ProfileKeyCredentialRequest_checkValidContents(const uint8_t *profileKeyCredentialRequest, - uint32_t profileKeyCredentialRequestLen); - -int32_t FFI_ProfileKeyCredentialResponse_checkValidContents(const uint8_t *profileKeyCredentialResponse, - uint32_t profileKeyCredentialResponseLen); - -int32_t FFI_ProfileKeyCredential_checkValidContents(const uint8_t *profileKeyCredential, - uint32_t profileKeyCredentialLen); - -int32_t FFI_ProfileKeyCredentialPresentation_checkValidContents(const uint8_t *profileKeyCredentialPresentation, - uint32_t profileKeyCredentialPresentationLen); - -int32_t FFI_ProfileKeyCredentialPresentation_getUuidCiphertext(const uint8_t *profileKeyCredentialPresentation, - uint32_t profileKeyCredentialPresentationLen, - uint8_t *uuidCiphertextOut, - uint32_t uuidCiphertextLen); - -int32_t FFI_ProfileKeyCredentialPresentation_getProfileKeyCiphertext(const uint8_t *profileKeyCredentialPresentation, - uint32_t profileKeyCredentialPresentationLen, - uint8_t *profileKeyCiphertextOut, - uint32_t profileKeyCiphertextLen); - int32_t FFI_UuidCiphertext_checkValidContents(const uint8_t *uuidCiphertext, uint32_t uuidCiphertextLen); -int32_t FFI_ProfileKeyCiphertext_checkValidContents(const uint8_t *profileKeyCiphertext, - uint32_t profileKeyCiphertextLen); - -int32_t FFI_Randomness_checkValidContents(const uint8_t *randomness, uint32_t randomnessLen); - int32_t FFI_Uuid_checkValidContents(const uint8_t *uuid, uint32_t uuidLen); diff --git a/profile.go b/profile.go index 1019eb6..f599437 100644 --- a/profile.go +++ b/profile.go @@ -1,9 +1,9 @@ package zkgroup /* -#cgo linux,amd64 LDFLAGS: -L${SRCDIR}/lib '-Wl,-rpath,$$ORIGIN/' -lzkgroup_linux_amd64 -#cgo linux,arm64 LDFLAGS: -L${SRCDIR}/lib '-Wl,-rpath,$$ORIGIN/' -lzkgroup_linux_arm64 -#cgo linux,arm LDFLAGS: -L${SRCDIR}/lib '-Wl,-rpath,$$ORIGIN/' -lzkgroup_linux_armhf +#cgo linux,amd64 LDFLAGS: -L${SRCDIR}/lib -ldl -lzkgroup_linux_amd64 +#cgo linux,arm64 LDFLAGS: -L${SRCDIR}/lib -ldl -lzkgroup_linux_arm64 +#cgo linux,arm LDFLAGS: -L${SRCDIR}/lib -ldl -lzkgroup_linux_armhf #include "lib/zkgroup.h" */ diff --git a/server.go b/server.go index 5b903a6..74b0ade 100644 --- a/server.go +++ b/server.go @@ -1,9 +1,9 @@ package zkgroup /* -#cgo linux,amd64 LDFLAGS: -L${SRCDIR}/lib '-Wl,-rpath,$$ORIGIN/' -lzkgroup_linux_amd64 -#cgo linux,arm64 LDFLAGS: -L${SRCDIR}/lib '-Wl,-rpath,$$ORIGIN/' -lzkgroup_linux_arm64 -#cgo linux,arm LDFLAGS: -L${SRCDIR}/lib '-Wl,-rpath,$$ORIGIN/' -lzkgroup_linux_armhf +#cgo linux,amd64 LDFLAGS: -L${SRCDIR}/lib -ldl -lzkgroup_linux_amd64 +#cgo linux,arm64 LDFLAGS: -L${SRCDIR}/lib -ldl -lzkgroup_linux_arm64 +#cgo linux,arm LDFLAGS: -L${SRCDIR}/lib -ldl -lzkgroup_linux_armhf #include "lib/zkgroup.h" */ diff --git a/shell.nix b/shell.nix new file mode 100644 index 0000000..e8305d4 --- /dev/null +++ b/shell.nix @@ -0,0 +1,29 @@ +{ pkgs ? import { + overlays = [ (import (builtins.fetchTarball "https://github.com/oxalica/rust-overlay/archive/master.tar.gz")) ]; +} }: + +with pkgs; + +let + rust-toolchain = rust-bin.stable.latest.default.override { + targets = [ + "aarch64-unknown-linux-gnu" + "armv7-unknown-linux-gnueabihf" + ]; + }; +in + +mkShell { + buildInputs = [ + go + rust-toolchain + rust-cbindgen + + # NOTE: This is not the best way to create a cross-compilation environment + # in Nix, as libraries cannot be handled this way. However, it works + # currently for our use case, and allow us to have all three build + # environments in a single Nix shell. + pkgsCross.aarch64-multiplatform.pkgsBuildHost.gcc + pkgsCross.armv7l-hf-multiplatform.pkgsBuildHost.gcc + ]; +} diff --git a/zkgroup.go b/zkgroup.go index 0a485d2..3f5129b 100644 --- a/zkgroup.go +++ b/zkgroup.go @@ -1,9 +1,9 @@ package zkgroup /* -#cgo linux,amd64 LDFLAGS: -L${SRCDIR}/lib '-Wl,-rpath,$$ORIGIN/' -lzkgroup_linux_amd64 -#cgo linux,arm64 LDFLAGS: -L${SRCDIR}/lib '-Wl,-rpath,$$ORIGIN/' -lzkgroup_linux_arm64 -#cgo linux,arm LDFLAGS: -L${SRCDIR}/lib '-Wl,-rpath,$$ORIGIN/' -lzkgroup_linux_armhf +#cgo linux,amd64 LDFLAGS: -L${SRCDIR}/lib -ldl -lzkgroup_linux_amd64 +#cgo linux,arm64 LDFLAGS: -L${SRCDIR}/lib -ldl -lzkgroup_linux_arm64 +#cgo linux,arm LDFLAGS: -L${SRCDIR}/lib -ldl -lzkgroup_linux_armhf #include "lib/zkgroup.h" */