[fix] should hide some symbols that are mostly internal and likely co…

src/dkg-vss.c

@@ -7,7 +7,7 @@
 
 // nothing up my sleeve generator H, generated with:
 // hash_to_group((uint8_t*)"DKG Generator H on ristretto255", 32, H)
-const uint8_t H[crypto_core_ristretto255_BYTES]= {
+const __attribute__((visibility("hidden"))) uint8_t H[crypto_core_ristretto255_BYTES]= {
   0x66, 0x4e, 0x4c, 0xb5, 0x89, 0x0e, 0xb3, 0xe4,
   0xc0, 0xd5, 0x48, 0x02, 0x74, 0x8a, 0xb2, 0x25,
   0xf9, 0x73, 0xda, 0xe5, 0xc0, 0xef, 0xc1, 0x68,

src/dkg.c

@@ -38,7 +38,7 @@
 
 // calculates polynomial f(j) given the polynomials threshold coefficients in
 // array a
-void polynom(const uint8_t j, const uint8_t threshold,
+void __attribute__((visibility("hidden"))) polynom(const uint8_t j, const uint8_t threshold,
                     const uint8_t a[threshold][crypto_core_ristretto255_SCALARBYTES],
                     TOPRF_Share *result) {
   //f(z) = a_0 + a_1*z + a_2*z^2 + a_3*z^3 + ⋯ + (a_t)*(z^t)
@@ -202,7 +202,7 @@ void dkg_reconstruct(const size_t threshold,
 
 //////////////////// utility functions for [s]tp-dkg  ////////////////////
 
-int check_ts(const uint64_t ts_epsilon, uint64_t *last_ts, const uint64_t ts) {
+int __attribute__((visibility("hidden"))) check_ts(const uint64_t ts_epsilon, uint64_t *last_ts, const uint64_t ts) {
   if(*last_ts == 0) {
     uint64_t now = (uint64_t)time(NULL);
     if(ts < now - ts_epsilon) return 3;
@@ -215,7 +215,7 @@ int check_ts(const uint64_t ts_epsilon, uint64_t *last_ts, const uint64_t ts) {
   return 0;
 }
 
-int send_msg(uint8_t* msg_buf, const size_t msg_buf_len, const uint8_t type, const uint8_t version, const uint8_t msgno, const uint8_t from, const uint8_t to, const uint8_t *sig_sk, const uint8_t sessionid[dkg_sessionid_SIZE]) {
+int __attribute__((visibility("hidden"))) send_msg(uint8_t* msg_buf, const size_t msg_buf_len, const uint8_t type, const uint8_t version, const uint8_t msgno, const uint8_t from, const uint8_t to, const uint8_t *sig_sk, const uint8_t sessionid[dkg_sessionid_SIZE]) {
   if(msg_buf==NULL) return 1;
   DKG_Message* msg = (DKG_Message*) msg_buf;
   msg->type = type;
@@ -231,7 +231,7 @@ int send_msg(uint8_t* msg_buf, const size_t msg_buf_len, const uint8_t type, con
   return 0;
 }
 
-int recv_msg(const uint8_t *msg_buf, const size_t msg_buf_len, const uint8_t type, const uint8_t version, const uint8_t msgno, const uint8_t from, const uint8_t to, const uint8_t *sig_pk, const uint8_t sessionid[dkg_sessionid_SIZE], const uint64_t ts_epsilon, uint64_t *last_ts ) {
+int __attribute__((visibility("hidden"))) recv_msg(const uint8_t *msg_buf, const size_t msg_buf_len, const uint8_t type, const uint8_t version, const uint8_t msgno, const uint8_t from, const uint8_t to, const uint8_t *sig_pk, const uint8_t sessionid[dkg_sessionid_SIZE], const uint64_t ts_epsilon, uint64_t *last_ts ) {
   if(msg_buf==NULL) return 8;
   const DKG_Message* msg = (const DKG_Message*) msg_buf;
   if(msg->type != type) return 9;
@@ -467,7 +467,7 @@ int dkg_noise_decrypt(const uint8_t *input,
 /**
   Return the session unique send key, needed for tp-dkg reveal share.
 */
-uint8_t* Noise_XK_session_get_key(const Noise_XK_session_t *sn) {
+uint8_t __attribute__((visibility("hidden"))) *Noise_XK_session_get_key(const Noise_XK_session_t *sn) {
   Noise_XK_session_t st = sn[0U];
   if (st.tag == Noise_XK_DS_Initiator && st.val.case_DS_Initiator.state.tag == Noise_XK_IMS_Transport)
     return st.val.case_DS_Initiator.state.val.case_IMS_Transport.send_key;
@@ -476,7 +476,7 @@ uint8_t* Noise_XK_session_get_key(const Noise_XK_session_t *sn) {
   return NULL;
 }
 
-void update_transcript(crypto_generichash_state *transcript, const uint8_t *msg, const size_t msg_len) {
+void __attribute__((visibility("hidden"))) update_transcript(crypto_generichash_state *transcript, const uint8_t *msg, const size_t msg_len) {
   uint32_t msg_size_32b = htonl((uint32_t)msg_len);
   crypto_generichash_update(transcript, (uint8_t*) &msg_size_32b, sizeof(msg_size_32b));
   crypto_generichash_update(transcript, msg, msg_len);

src/mpmult.c

@@ -144,9 +144,9 @@ static void genVDMmatrix(const uint8_t indexes[], const uint8_t index_len,
   }
 }
 
-void invertedVDMmatrix(const uint8_t dealers,
-                       const uint8_t indexes[dealers],
-                       uint8_t inverted[dealers][dealers][crypto_core_ristretto255_SCALARBYTES]) {
+void __attribute__((visibility("hidden"))) invertedVDMmatrix(const uint8_t dealers,
+                                                             const uint8_t indexes[dealers],
+                                                             uint8_t inverted[dealers][dealers][crypto_core_ristretto255_SCALARBYTES]) {
   uint8_t vdm[dealers][dealers][crypto_core_ristretto255_SCALARBYTES];
   genVDMmatrix(indexes, dealers, vdm);
   invert(dealers, vdm, inverted);

src/oprf.c

@@ -121,7 +121,7 @@ static void expand_loop(const uint8_t *b_0, const uint8_t *b_i, const uint8_t i,
 }
 
 /*
- * expand_message_xmd(msg, DST, len_in_bytes)
+ * oprf_expand_message_xmd(msg, DST, len_in_bytes)
  * as defined by https://github.com/cfrg/draft-irtf-cfrg-hash-to-curve/blob/master/draft-irtf-cfrg-hash-to-curve.md#expand_message_xmd-hashtofield-expand-xmd
  *
  * Parameters:
@@ -154,7 +154,7 @@ static void expand_loop(const uint8_t *b_0, const uint8_t *b_i, const uint8_t i,
  * 11. uniform_bytes = b_1 || ... || b_ell
  * 12. return substr(uniform_bytes, 0, len_in_bytes)
  */
-int expand_message_xmd(const uint8_t *msg, const uint16_t msg_len, const uint8_t *dst, const uint8_t dst_len, const uint8_t len_in_bytes, uint8_t *uniform_bytes) {
+int oprf_expand_message_xmd(const uint8_t *msg, const uint16_t msg_len, const uint8_t *dst, const uint8_t dst_len, const uint8_t len_in_bytes, uint8_t *uniform_bytes) {
   // 1.  ell = ceil(len_in_bytes / b_in_bytes)
   const unsigned ell = (len_in_bytes + crypto_hash_sha512_BYTES-1) / crypto_hash_sha512_BYTES;
 #ifdef TRACE
@@ -256,7 +256,7 @@ int voprf_hash_to_group(const uint8_t *msg, const uint16_t msg_len, uint8_t p[cr
   if(0!=sodium_mlock(uniform_bytes,sizeof uniform_bytes)) {
     return -1;
   }
-  if(0!=expand_message_xmd(msg, msg_len, dst, dst_len, crypto_core_ristretto255_HASHBYTES, uniform_bytes)) {
+  if(0!=oprf_expand_message_xmd(msg, msg_len, dst, dst_len, crypto_core_ristretto255_HASHBYTES, uniform_bytes)) {
     sodium_munlock(uniform_bytes,sizeof uniform_bytes);
     return -1;
   }

src/oprf.h

@@ -148,7 +148,7 @@ int voprf_hash_to_group(const uint8_t *msg, const uint16_t msg_len, uint8_t p[cr
  *
  * @return 0 on success, non-zero on error
  */
-int expand_message_xmd(const uint8_t *msg, const uint16_t msg_len, const uint8_t *dst, const uint8_t dst_len, const uint8_t len_in_bytes, uint8_t *uniform_bytes);
+int oprf_expand_message_xmd(const uint8_t *msg, const uint16_t msg_len, const uint8_t *dst, const uint8_t dst_len, const uint8_t len_in_bytes, uint8_t *uniform_bytes);
 
 #ifdef __EMSCRIPTEN__
 /**

src/toprf.c

@@ -51,7 +51,7 @@ typedef struct {
   uint8_t value[crypto_core_ristretto255_BYTES];
 } __attribute((packed)) TOPRF_Part;
 
-void lcoeff(const uint8_t index, const uint8_t x, const size_t degree, const uint8_t peers[degree], uint8_t result[crypto_scalarmult_ristretto255_SCALARBYTES]) {
+void __attribute__((visibility("hidden"))) lcoeff(const uint8_t index, const uint8_t x, const size_t degree, const uint8_t peers[degree], uint8_t result[crypto_scalarmult_ristretto255_SCALARBYTES]) {
   uint8_t xscalar[crypto_scalarmult_ristretto255_SCALARBYTES]={0};
   xscalar[0]=x;
 
@@ -82,7 +82,7 @@ void lcoeff(const uint8_t index, const uint8_t x, const size_t degree, const uin
 }
 
 // interpolates a polynomial of degree t at point x: y = f(x), given t shares of the polynomial
-void interpolate(const uint8_t x, const uint8_t t, const TOPRF_Share shares[t], uint8_t y[crypto_scalarmult_ristretto255_SCALARBYTES]) {
+void __attribute__((visibility("hidden"))) interpolate(const uint8_t x, const uint8_t t, const TOPRF_Share shares[t], uint8_t y[crypto_scalarmult_ristretto255_SCALARBYTES]) {
   memset(y,0,crypto_scalarmult_ristretto255_SCALARBYTES);
   uint8_t l[crypto_scalarmult_ristretto255_SCALARBYTES];
 
@@ -103,7 +103,7 @@ void interpolate(const uint8_t x, const uint8_t t, const TOPRF_Share shares[t],
   }
 }
 
-void coeff(const uint8_t index, const size_t peers_len, const uint8_t peers[peers_len], uint8_t result[crypto_scalarmult_ristretto255_SCALARBYTES]) {
+void __attribute__((visibility("hidden"))) coeff(const uint8_t index, const size_t peers_len, const uint8_t peers[peers_len], uint8_t result[crypto_scalarmult_ristretto255_SCALARBYTES]) {
   lcoeff(index,0,peers_len,peers,result);
 }
 

src/utils.c

@@ -3,8 +3,8 @@
 #include <string.h>
 #include <sodium.h>
 
-int debug = 0;
-FILE* log_file=NULL;
+int __attribute__((visibility("hidden"))) debug = 0;
+FILE __attribute__((visibility("hidden"))) *log_file=NULL;
 
 #ifdef UNIT_TEST
 void debian_rng_scalar(uint8_t *scalar) {
@@ -26,7 +26,7 @@ void debian_rng_scalar(uint8_t *scalar) {
 }
 #endif
 
-void dump(const uint8_t *p, const size_t len, const char* msg, ...) {
+void __attribute__((visibility("hidden"))) dump(const uint8_t *p, const size_t len, const char* msg, ...) {
   FILE* lf = stderr;
   if(!debug) return;
   if(log_file!=NULL) lf = log_file;
@@ -41,7 +41,7 @@ void dump(const uint8_t *p, const size_t len, const char* msg, ...) {
   fflush(lf);
 }
 
-void fail(const char* msg, ...) {
+void __attribute__((visibility("hidden"))) fail(const char* msg, ...) {
   va_list args;
   va_start(args, msg);
   fprintf(stderr, "\x1b[0;31m");
@@ -52,7 +52,7 @@ void fail(const char* msg, ...) {
 
 #ifndef htonll
 #include <arpa/inet.h>
-uint64_t htonll(uint64_t n) {
+uint64_t __attribute__((visibility("hidden"))) htonll(uint64_t n) {
 #if __BYTE_ORDER == __BIG_ENDIAN
     return n;
 #else
@@ -62,7 +62,7 @@ uint64_t htonll(uint64_t n) {
 #endif // htonll
 
 #ifndef ntohll
-uint64_t ntohll(uint64_t n) {
+uint64_t __attribute__((visibility("hidden"))) ntohll(uint64_t n) {
 #if __BYTE_ORDER == __BIG_ENDIAN
     return n;
 #else