From 60266f377c9d0ae73a3d6ab8f09cc311b180e9a3 Mon Sep 17 00:00:00 2001
From: Charles Wright <cvwright@futo.org>
Date: Mon, 4 Apr 2022 19:40:48 -0500
Subject: [PATCH] Stupid changes to placate Xcode, which apparently sucks at
 compiling C

---
 Sources/BSSpeke/bsspeke.c | 94 ++++++++++++++++++++-------------------
 1 file changed, 49 insertions(+), 45 deletions(-)

diff --git a/Sources/BSSpeke/bsspeke.c b/Sources/BSSpeke/bsspeke.c
index d9acc0b..06d895f 100644
--- a/Sources/BSSpeke/bsspeke.c
+++ b/Sources/BSSpeke/bsspeke.c
@@ -23,17 +23,21 @@
 #include <string.h>
 
 #include "minimonocypher.h"
-#include "bsspeke.h"
+#include "include/bsspeke.h"
 
-typedef enum {
-    DEBUG,
-    INFO,
-    WARN,
-    ERROR,
-    FATAL
-} debug_level_t;
 
-debug_level_t curr_level = DEBUG;
+enum debug_level {
+    LOG_DEBUG,
+    LOG_INFO,
+    LOG_WARN,
+    LOG_ERROR,
+    LOG_FATAL
+};
+typedef enum debug_level debug_level_t;
+
+//typedef int debug_level_t;
+
+debug_level_t curr_level = LOG_DEBUG;
 
 void debug(debug_level_t level,
            const char *msg
@@ -123,7 +127,7 @@ bsspeke_client_generate_blind
     uint8_t blind[32],
     bsspeke_client_ctx *client
 ) {
-    debug(DEBUG, "Hashing client's password");
+    debug(LOG_DEBUG, "Hashing client's password");
     // 1. Hash the client's password, client_id, server_id to a point on the curve
     uint8_t scalar_hash[32];
     uint8_t curve_point[32];
@@ -144,7 +148,7 @@ bsspeke_client_generate_blind
         // Write the digest value into `scalar_hash`
         crypto_blake2b_final(&hash_ctx, scalar_hash);
     }
-    debug(DEBUG, "Mapping password hash onto the curve");
+    debug(LOG_DEBUG, "Mapping password hash onto the curve");
     // Now use Elligator to map our scalar hash to a point on the curve
     crypto_hidden_to_curve(curve_point, scalar_hash);
 
@@ -155,19 +159,19 @@ bsspeke_client_generate_blind
     //      That way we know it will always lead us back to a point on the curve
     //    * Then use the inverse of 1/r as `r`
     //  FIXME: On second thought, monocypher seems to handle all of this complexity for us.  Let's see what happens if we just do things the straightforward way for now...
-    debug(DEBUG, "Generating random blind `r`");
+    debug(LOG_DEBUG, "Generating random blind `r`");
     //arc4random_buf(client->r, 32);
     generate_random_bytes(client->r, 32);
     print_point("r", client->r);
-    debug(DEBUG, "Clamping r");
+    debug(LOG_DEBUG, "Clamping r");
     crypto_x25519_clamp(client->r);
     print_point("r", client->r);
 
-    debug(DEBUG, "Multiplying curve point by r");
+    debug(LOG_DEBUG, "Multiplying curve point by r");
     // 3. Multiply our curve point by r
     crypto_x25519_scalarmult(blind, client->r, curve_point, 256);
     print_point("blind", blind);
-    debug(DEBUG, "Done");
+    debug(LOG_DEBUG, "Done");
 
     return;
 }
@@ -185,14 +189,14 @@ bsspeke_server_blind_salt
     //       We MUST do this before calling the function!!!
     // We're setting up a new account
     // So we have to create a new random salt for the user
-    debug(DEBUG, "Generating new salt");
+    debug(LOG_DEBUG, "Generating new salt");
     salt_len = 32;
     generate_random_bytes(user_info->salt, user_info->salt_len);
     */
     print_point("salt", salt);
 
     // Hash the salt
-    debug(DEBUG, "Hashing the salt");
+    debug(LOG_DEBUG, "Hashing the salt");
     uint8_t H_salt[32];
     crypto_blake2b_general(H_salt, 32,
                            NULL, 0,
@@ -202,7 +206,7 @@ bsspeke_server_blind_salt
     crypto_x25519_clamp(H_salt);
     print_point("H_salt", H_salt);
     // Multiply H(salt) by blind, save into blind_salt
-    debug(DEBUG, "Multiplying H_salt by the user's blind");
+    debug(LOG_DEBUG, "Multiplying H_salt by the user's blind");
     crypto_x25519_scalarmult(blind_salt, H_salt, blind, 256);
     print_point("blndsalt", blind_salt);
 }
@@ -212,17 +216,17 @@ bsspeke_server_generate_B(const uint8_t P[32],
                           bsspeke_server_ctx *server)
 {
     // Generate random ephemeral private key b, save it in server->b
-    debug(DEBUG, "Generating ephemeral private key b");
+    debug(LOG_DEBUG, "Generating ephemeral private key b");
     //arc4random_buf(server->b, 32);
     generate_random_bytes(server->b, 32);
     crypto_x25519_clamp(server->b);
     print_point("b", server->b);
 
-    debug(DEBUG, "Using user's base point P");
+    debug(LOG_DEBUG, "Using user's base point P");
     print_point("P", P);
 
     // Compute public key B = b * P, save it in msg2->B
-    debug(DEBUG, "Computing ephemeral public key B = b * P");
+    debug(LOG_DEBUG, "Computing ephemeral public key B = b * P");
     crypto_x25519_scalarmult(server->B, server->b, P, 256);
     print_point("B", server->B);
 
@@ -235,23 +239,23 @@ bsspeke_client_generate_keys_from_password(const uint8_t blind_salt[32],
 {
     // Sanity checks first, before we do any work
     if( phf_blocks < BSSPEKE_ARGON2_MIN_PHF_BLOCKS ) {
-        debug(ERROR, "Requested PHF blocks below the minimum");
+        debug(LOG_ERROR, "Requested PHF blocks below the minimum");
         return -1;
     }
     if( phf_iterations < BSSPEKE_ARGON2_MIN_PHF_ITERATIONS ) {
-        debug(ERROR, "Requested PHF iterations below the minimum");
+        debug(LOG_ERROR, "Requested PHF iterations below the minimum");
         return -1;
     }
 
     uint8_t oblivious_salt[32];
     // Multiply the blinded salt by 1/r to get the oblivious salt
     // Here we rely on Monocypher to do the heavy lifting for us
-    debug(DEBUG, "Removing the blind from the oblivious salt");
+    debug(LOG_DEBUG, "Removing the blind from the oblivious salt");
     crypto_x25519_inverse(oblivious_salt, client->r, blind_salt);
     print_point("obv_salt", oblivious_salt);
 
     // Hash the oblivious salt together with the id's to create the salt for the PHF
-    debug(DEBUG, "Creating the salt for the PHF");
+    debug(LOG_DEBUG, "Creating the salt for the PHF");
     uint8_t phf_salt[32];
     {
         crypto_blake2b_ctx hash_ctx;
@@ -267,7 +271,7 @@ bsspeke_client_generate_keys_from_password(const uint8_t blind_salt[32],
     }
     print_point("phf_salt", phf_salt);
 
-    debug(DEBUG, "Running the PHF to generate p and v");
+    debug(LOG_DEBUG, "Running the PHF to generate p and v");
     uint8_t password_hash[64];
     void *work_area;
     if ((work_area = malloc(phf_blocks * 1024)) == NULL) {
@@ -309,18 +313,18 @@ bsspeke_client_generate_P_and_V
                                                         phf_blocks, phf_iterations,
                                                         client);
     if( rc != 0 ) {
-        debug(ERROR, "Password hashing function failed");
+        debug(LOG_ERROR, "Password hashing function failed");
         return -1;
     }
 
     // Hash p onto the curve to get this user's base point P
     //uint8_t P[32];
-    debug(DEBUG, "Hashing p onto the curve to get P");
+    debug(LOG_DEBUG, "Hashing p onto the curve to get P");
     crypto_hidden_to_curve(P, client->p);
     print_point("P", P);
 
     // Generate our long-term public key V = v * P
-    debug(DEBUG, "V = v * P");
+    debug(LOG_DEBUG, "V = v * P");
     crypto_x25519_scalarmult(V, client->v, P, 256);
     print_point("V", V);
 
@@ -337,24 +341,24 @@ bsspeke_client_generate_A(const uint8_t blind_salt[32],
                                                         phf_blocks, phf_iterations,
                                                         client);
     if( rc != 0 ) {
-        debug(ERROR, "Password hashing failed");
+        debug(LOG_ERROR, "Password hashing failed");
         return -1;
     }
 
     // Hash p onto the curve to get this user's base point P
     uint8_t P[32];
-    debug(DEBUG, "Hashing p onto the curve to get P");
+    debug(LOG_DEBUG, "Hashing p onto the curve to get P");
     crypto_hidden_to_curve(P, client->p);
     print_point("P", P);
 
     // Generate a random ephemeral private key a, store it in ctx->a
-    debug(DEBUG, "Generating ephemeral private key a");
+    debug(LOG_DEBUG, "Generating ephemeral private key a");
     //arc4random_buf(client->a, 32);
     generate_random_bytes(client->a, 32);
     crypto_x25519_clamp(client->a);
     print_point("a", client->a);
     // Generate the ephemeral public key A = a * P, store it in msg3->A
-    debug(DEBUG, "Generating ephemeral public key A = a * P");
+    debug(LOG_DEBUG, "Generating ephemeral public key A = a * P");
     crypto_x25519_scalarmult(client->A, client->a, P, 256);
     print_point("A", client->A);
 
@@ -366,7 +370,7 @@ bsspeke_client_derive_shared_key(const uint8_t B[32],
                                  bsspeke_client_ctx *client)
 {
     // Compute the two Diffie-Hellman shared secrets 
-    debug(DEBUG, "Computing Diffie-Hellman shared secrets");
+    debug(LOG_DEBUG, "Computing Diffie-Hellman shared secrets");
     // DH shared secret from a * B
     uint8_t a_B[32];
     crypto_x25519(a_B, client->a, B);
@@ -377,7 +381,7 @@ bsspeke_client_derive_shared_key(const uint8_t B[32],
     print_point("v * B", v_B);
 
     // Hash everything we know so far to generate our key, save it in ctx->K_c
-    debug(DEBUG, "Hashing current state to get key K_c");
+    debug(LOG_DEBUG, "Hashing current state to get key K_c");
     {
         crypto_blake2b_ctx hash_ctx;
         crypto_blake2b_general_init(&hash_ctx, 32, NULL, 0);
@@ -401,7 +405,7 @@ bsspeke_client_generate_verifier(uint8_t client_verifier[32],
                                  bsspeke_client_ctx *client)
 {
     // Hash k and the client modifier to get our verifier, save it in msg3->client_verifier
-    debug(DEBUG, "Hashing K_c and modifier to get our verifier");
+    debug(LOG_DEBUG, "Hashing K_c and modifier to get our verifier");
     {
         crypto_blake2b_ctx hash_ctx;
         crypto_blake2b_general_init(&hash_ctx, 32, NULL, 0);
@@ -420,7 +424,7 @@ bsspeke_server_derive_shared_key(const uint8_t A[32],
                                  bsspeke_server_ctx *server
 ) {
     // Compute the two Diffie-Hellman shared secrets
-    debug(DEBUG, "Computing Diffie-Hellman shared secrets");
+    debug(LOG_DEBUG, "Computing Diffie-Hellman shared secrets");
     // DH shared secret from b * A
     uint8_t b_A[32];
     crypto_x25519(b_A, server->b, A);
@@ -431,7 +435,7 @@ bsspeke_server_derive_shared_key(const uint8_t A[32],
     print_point("b * V", b_V);
 
     // Hash everything we've learned so far to generate k, save it in ctx->k
-    debug(DEBUG, "Hashing state so far to generate K_s");
+    debug(LOG_DEBUG, "Hashing state so far to generate K_s");
     {
         crypto_blake2b_ctx hash_ctx;
         crypto_blake2b_general_init(&hash_ctx, 32, NULL, 0);
@@ -457,7 +461,7 @@ bsspeke_server_verify_client(uint8_t client_verifier[32],
 
     // Check that the client's hash is correct
     // Compute H( k || VERIFY_CLIENT_MODIFIER )
-    debug(DEBUG, "Checking client's verifier hash");
+    debug(LOG_DEBUG, "Checking client's verifier hash");
     uint8_t my_client_verifier[32];
     {
         crypto_blake2b_ctx hash_ctx;
@@ -473,10 +477,10 @@ bsspeke_server_verify_client(uint8_t client_verifier[32],
 
     // Compare vs msg3->client_verifier
     if( crypto_verify32(client_verifier, my_client_verifier) != 0 ) {
-        debug(ERROR, "Client's verifier doesn't match!");
+        debug(LOG_ERROR, "Client's verifier doesn't match!");
         return -1;
     }
-    debug(DEBUG, "Client's verifier checks out");
+    debug(LOG_DEBUG, "Client's verifier checks out");
 
     return 0;
 }
@@ -486,7 +490,7 @@ bsspeke_server_generate_verifier(uint8_t server_verifier[32],
                                  bsspeke_server_ctx *server
 ) {
     // Compute our own verifier H( k || VERIFY_SERVER_MODIFIER ), save it in server_verifier
-    debug(DEBUG, "Computing server verifier hash");
+    debug(LOG_DEBUG, "Computing server verifier hash");
     {
         crypto_blake2b_ctx hash_ctx;
         crypto_blake2b_general_init(&hash_ctx, 32, NULL, 0);
@@ -504,7 +508,7 @@ bsspeke_client_verify_server(const uint8_t server_verifier[32],
                              const bsspeke_client_ctx *client
 ) {
     // Compute our own version of the server's verifier hash
-    debug(DEBUG, "Verifying hash from the server");
+    debug(LOG_DEBUG, "Verifying hash from the server");
     uint8_t my_server_verifier[32];
     {
         crypto_blake2b_ctx hash_ctx;
@@ -520,10 +524,10 @@ bsspeke_client_verify_server(const uint8_t server_verifier[32],
 
     // If the hashes don't match, return failure
     if( crypto_verify32(server_verifier, my_server_verifier) != 0 ) {
-        debug(WARN, "Server's hash doesn't match.  Aborting.");
+        debug(LOG_WARN, "Server's hash doesn't match.  Aborting.");
         return -1;
     }
-    debug(DEBUG, "Server's hash checks out.  SUCCESS!");
+    debug(LOG_DEBUG, "Server's hash checks out.  SUCCESS!");
 
     // Otherwise, return success
     return 0;
-- 
GitLab