Remove openssl imports from public header files
Currently, protocol.h includes openssl/curve25519.h, meaning code which
wishes to link against a roughtime library must also have the OpenSSL/
BoringSSL source available. That's an unneeded dependency.
This CL introduces three new symbols for the Ed25519 public key, private
key, and signature lengths need in the headers and adds static asserts
in protocol.cc to pin them to the libcrypto values.
Change-Id: I1ef78e66bf83ae98b0a82a12d4130c053c70c5e2
diff --git a/protocol.cc b/protocol.cc
index 751f1cc..744dc04 100644
--- a/protocol.cc
+++ b/protocol.cc
@@ -24,6 +24,7 @@
#include <string.h>
#include <openssl/sha.h>
+#include <openssl/curve25519.h>
#include "logging.h"
@@ -32,6 +33,15 @@
static_assert(BYTE_ORDER == LITTLE_ENDIAN,
"This code assumes little-endian processors");
+// The OpenSSL constants are kept out of the headers to allow consumers to
+// avoid needing OpenSSL's at build time, but the values should still match.
+static_assert(kPrivateKeyLength == ED25519_PRIVATE_KEY_LEN,
+ "Private key length mismatch");
+static_assert(kPublicKeyLength == ED25519_PUBLIC_KEY_LEN,
+ "Public key length mismatch");
+static_assert(kSignatureLength == ED25519_SIGNATURE_LEN,
+ "Signature length mismatch");
+
static void advance(const uint8_t **ptr, size_t *len, size_t bytes) {
*ptr += bytes;
*len -= bytes;
diff --git a/protocol.h b/protocol.h
index a64932f..c32919f 100644
--- a/protocol.h
+++ b/protocol.h
@@ -18,8 +18,6 @@
#include <stdint.h>
#include <string.h>
-#include <openssl/curve25519.h>
-
namespace roughtime {
// Minimum size of a time request. Requests must be padded to larger than their
@@ -32,6 +30,12 @@
constexpr size_t kRadiusSize = 4; // Size of the server's uncertainty.
+constexpr size_t kPrivateKeyLength = 64; // Size of the server's private key.
+
+constexpr size_t kPublicKeyLength = 32; // Size of the server's public key.
+
+constexpr size_t kSignatureLength = 64; // Size of server signatures.
+
typedef uint32_t tag_t;
// rough_time_t is the type of a time stamp. Time is UTC and is given as
diff --git a/server.h b/server.h
index 6a119b5..cf3d84d 100644
--- a/server.h
+++ b/server.h
@@ -18,7 +18,6 @@
#include <memory>
#include <utility>
-
#include "protocol.h"
#include "time_source.h"
@@ -27,12 +26,12 @@
// kToBeSignedCertSize is the size of the signed portion (DELE) of a
// certificate. Its tags are (PUBK, MINT, MAXT).
constexpr size_t kToBeSignedCertSize = MessageHeaderLen(3) +
- ED25519_PUBLIC_KEY_LEN + kTimestampSize +
+ kPublicKeyLength + kTimestampSize +
kTimestampSize;
// kCertSize is the size of the entire certificate. Its tags are (DELE, SIG).
constexpr size_t kCertSize =
- MessageHeaderLen(2) + ED25519_SIGNATURE_LEN + kToBeSignedCertSize;
+ MessageHeaderLen(2) + kSignatureLength + kToBeSignedCertSize;
// CreateCertificate signs the supplied |public_key| using |root_private_key|,
// and sets |out_cert| to a certificate containing the public key, the
@@ -40,14 +39,14 @@
// otherwise false.
// TODO(mab): Find better home for this, likely in an offline tool.
bool CreateCertificate(uint8_t out_cert[kCertSize],
- const uint8_t root_private_key[ED25519_PRIVATE_KEY_LEN],
+ const uint8_t root_private_key[kPrivateKeyLength],
rough_time_t start_time, rough_time_t end_time,
- const uint8_t public_key[ED25519_PUBLIC_KEY_LEN]);
+ const uint8_t public_key[kPublicKeyLength]);
// Identity is a server's private key and certificate. (The certificate is the
// server's public key signed by an offline private master key.)
struct Identity {
- uint8_t private_key[ED25519_PRIVATE_KEY_LEN];
+ uint8_t private_key[kPrivateKeyLength];
uint8_t certificate[kCertSize];
};
@@ -118,7 +117,7 @@
// kMaxResponseSize is the size of the largest possible server response.
constexpr size_t kMaxResponseSize =
- MessageHeaderLen(5) + kCertSize + kToBeSignedSize + ED25519_SIGNATURE_LEN +
+ MessageHeaderLen(5) + kCertSize + kToBeSignedSize + kSignatureLength +
(kBatchSizeLog2 * kNonceLength) + sizeof(uint32_t) /* index */;
class Server {
@@ -163,7 +162,7 @@
uint8_t* const to_be_signed_;
// Signature is the ED25519 signature over |to_be_signed_with_context_|.
- uint8_t signature_[ED25519_SIGNATURE_LEN];
+ uint8_t signature_[kSignatureLength];
};
// BrokenReplyGenerator is an interface for generating replies that are broken
diff --git a/simple_server.h b/simple_server.h
index 30f09f7..4d9284e 100644
--- a/simple_server.h
+++ b/simple_server.h
@@ -47,7 +47,7 @@
// MakeIdentity creates a dummy server certificate that is valid for the
// given time range.
static std::unique_ptr<Identity> MakeIdentity(
- const uint8_t root_private_key[ED25519_PRIVATE_KEY_LEN],
+ const uint8_t root_private_key[kPrivateKeyLength],
rough_time_t mint, rough_time_t maxt);
private:
diff --git a/simple_server_main.cc b/simple_server_main.cc
index c008513..225859a 100644
--- a/simple_server_main.cc
+++ b/simple_server_main.cc
@@ -26,7 +26,7 @@
// root_private_key is an Ed25519 private key used by simple_server. The
// private part consists of all zeros and so is only for use in this example.
-constexpr uint8_t root_private_key[ED25519_PRIVATE_KEY_LEN] = {
+constexpr uint8_t root_private_key[roughtime::kPrivateKeyLength] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x3b, 0x6a, 0x27, 0xbc,
