cleanup, docs

node/Identity.cpp

@@ -105,7 +105,7 @@ bool Identity::generate(const Type t)
 				ECC384GenerateKey(_pub.p384,_priv.p384);
 				Utils::storeBigEndian(_pub.t1mimc52,mimc52Delay(&_pub,sizeof(_pub) - sizeof(_pub.t1mimc52),ZT_V1_IDENTITY_MIMC52_VDF_ROUNDS_BASE));
 				_computeHash();
-				_address.setTo(_hash.data());
+				_address.setTo(_fp.data());
 				if (!_address.isReserved())
 					break;
 			}
@@ -130,12 +130,12 @@ bool Identity::locallyValidate() const
 				char *genmem = new char[ZT_V0_IDENTITY_GEN_MEMORY];
 				_computeMemoryHardHash(_pub.c25519,ZT_C25519_PUBLIC_KEY_LEN,digest,genmem);
 				delete [] genmem;
-				return ((_address == Address(digest + 59))&&(!_address.isReserved())&&(digest[0] < 17));
+				return ((_address == Address(digest + 59))&&(digest[0] < 17));
 			} catch ( ... ) {}
 			break;
 
 		case P384:
-			if ((_address == Address(_hash.data()))&&(!_address.isReserved())) {
+			if (_address == Address(_fp.data())) {
 				// The most significant 8 bits of the MIMC proof included with v1 identities can be used to store a multiplier
 				// that can indicate that more work than the required minimum has been performed. Right now this is never done
 				// but it could have some use in the future. There is no harm in doing it, and we'll accept any round count
@@ -303,7 +303,7 @@ char *Identity::toString(bool includePrivate,char buf[ZT_IDENTITY_STRING_BUFFER_
 
 bool Identity::fromString(const char *str)
 {
-	_hash.zero();
+	_fp.zero();
 	_hasPrivate = false;
 
 	if (!str) {
@@ -438,7 +438,7 @@ int Identity::marshal(uint8_t data[ZT_IDENTITY_MARSHAL_SIZE_MAX],const bool incl
 
 int Identity::unmarshal(const uint8_t *data,const int len) noexcept
 {
-	_hash.zero();
+	_fp.zero();
 	_hasPrivate = false;
 
 	if (len < (ZT_ADDRESS_LENGTH + 1))
@@ -504,15 +504,15 @@ void Identity::_computeHash()
 {
 	switch(_type) {
 		default:
-			_hash.zero();
+			_fp.zero();
 			break;
 
 		case C25519:
-			SHA384(_hash.data(),_pub.c25519,ZT_C25519_PUBLIC_KEY_LEN);
+			SHA384(_fp.data(),_pub.c25519,ZT_C25519_PUBLIC_KEY_LEN);
 			break;
 
 		case P384:
-			SHA384(_hash.data(),&_pub,sizeof(_pub));
+			SHA384(_fp.data(),&_pub,sizeof(_pub));
 			break;
 	}
 }

node/Identity.hpp

@@ -41,7 +41,10 @@ namespace ZeroTier {
  * and Ed25519 and type 1 identities that include both a 25519 key pair and a NIST P-384
  * key pair. Type 1 identities use P-384 for signatures but use both key pairs at once
  * (hashing both keys together) for key agreement with other type 1 identities, and can
- * agree with type 0 identities by only using the Curve25519 component.
+ * agree with type 0 identities using only Curve25519.
+ *
+ * Type 1 identities are better in many ways but type 0 will remain the default until
+ * 1.x nodes are pretty much dead in the wild.
  */
 class Identity : public TriviallyCopyable
 {
@@ -121,7 +124,7 @@ public:
 	 *
 	 * @return Hash of public key(s)
 	 */
-	ZT_ALWAYS_INLINE const Fingerprint &fingerprint() const noexcept { return _hash; }
+	ZT_ALWAYS_INLINE const Fingerprint &fingerprint() const noexcept { return _fp; }
 
 	/**
 	 * Compute a hash of this identity's public and private keys.
@@ -198,11 +201,11 @@ public:
 	 */
 	explicit ZT_ALWAYS_INLINE operator bool() const noexcept { return (_address); }
 
-	ZT_ALWAYS_INLINE unsigned long hashCode() const noexcept { return _hash.hashCode(); }
+	ZT_ALWAYS_INLINE unsigned long hashCode() const noexcept { return _fp.hashCode(); }
 
 	ZT_ALWAYS_INLINE bool operator==(const Identity &id) const noexcept
 	{
-		return ((_address == id._address)&&(_type == id._type)&&(memcmp(_hash.data(),id._hash.data(),ZT_SHA384_DIGEST_LEN) == 0));
+		return ((_address == id._address)&&(_type == id._type)&&(memcmp(_fp.data(),id._fp.data(),ZT_SHA384_DIGEST_LEN) == 0));
 	}
 	ZT_ALWAYS_INLINE bool operator!=(const Identity &id) const noexcept { return !(*this == id); }
 	ZT_ALWAYS_INLINE bool operator<(const Identity &id) const noexcept
@@ -213,7 +216,7 @@ public:
 			if ((int)_type < (int)id._type)
 				return true;
 			if (_type == id._type)
-				return memcmp(_hash.data(),id._hash.data(),ZT_SHA384_DIGEST_LEN) < 0;
+				return memcmp(_fp.data(),id._fp.data(),ZT_SHA384_DIGEST_LEN) < 0;
 		}
 		return false;
 	}
@@ -229,7 +232,7 @@ private:
 	void _computeHash();
 
 	Address _address;
-	Fingerprint _hash;
+	Fingerprint _fp;
 	ZT_PACKED_STRUCT(struct { // do not re-order these fields
 		uint8_t c25519[ZT_C25519_PRIVATE_KEY_LEN];
 		uint8_t p384[ZT_ECC384_PRIVATE_KEY_SIZE];

node/MIMC52.cpp

@@ -42,8 +42,7 @@ ZT_ALWAYS_INLINE uint64_t mulmod52(uint64_t a,uint64_t b,const uint64_t m) noexc
 	// It seems to be the fastest method on systems with a good double precision FPU.
 	return ((a * b) - (((uint64_t)(((double)a * (double)b) / (double)m) - 1ULL) * m)) % m;
 #else
-	// This is significantly slower on systems with a good FPU but will work any others. It supports 63 bits
-	// of precision even though we use only 52.
+	// This can be used as a fallback for any systems without FPU or with FPU precision issues.
 	int64_t res = 0;
 	for(;;) {
 		if (a & 1ULL)

node/Tests.cpp

@@ -1024,6 +1024,12 @@ extern "C" const char *ZTT_benchmarkCrypto()
 			}
 			int64_t end = now();
 			ZT_T_PRINTF("%.4f ms/generation (average, can vary quite a bit)" ZT_EOL_S,(double)(end - start) / 5.0);
+			ZT_T_PRINTF("[crypto] Benchmarking V0 Identity full validation... ");
+			start = now();
+			for(long i=0;i<10;++i)
+				foo = (uint8_t)id.locallyValidate();
+			end = now();
+			ZT_T_PRINTF("%.4f μs/validation" ZT_EOL_S,((double)(end - start) * 1000.0) / 10.0);
 			ZT_T_PRINTF("[crypto] Benchmarking V1 Identity generation... ");
 			start = now();
 			for(long i=0;i<5;++i) {
@@ -1032,6 +1038,12 @@ extern "C" const char *ZTT_benchmarkCrypto()
 			}
 			end = now();
 			ZT_T_PRINTF("%.4f ms/generation (relatively constant time)" ZT_EOL_S,(double)(end - start) / 5.0);
+			ZT_T_PRINTF("[crypto] Benchmarking V1 Identity full validation... ");
+			start = now();
+			for(long i=0;i<100;++i)
+				foo = (uint8_t)id.locallyValidate();
+			end = now();
+			ZT_T_PRINTF("%.4f μs/validation" ZT_EOL_S,((double)(end - start) * 1000.0) / 100.0);
 		}
 	} catch (std::exception &e) {
 		ZT_T_PRINTF(ZT_EOL_S "[crypto] Unexpected exception: %s" ZT_EOL_S,e.what());