Merge a couple files

These are unlikely to have multiple implementations ever, unlike their underlying primitives, so move them one folder up instead and take it as an opportunity to merge small files.
2017-02-18 21:53:32 +01:00 · 2017-02-18 21:53:32 +01:00 · 20d1d048fd
commit 20d1d048fd
parent a329340d90
25 changed files with 357 additions and 414 deletions
--- a/src/libsodium/Makefile.am
+++ b/src/libsodium/Makefile.am
@ -16,11 +16,7 @@ libsodium_la_SOURCES = \
 	crypto_box/crypto_box.c \
 	crypto_box/crypto_box_easy.c \
 	crypto_box/crypto_box_seal.c \
-	crypto_box/curve25519xsalsa20poly1305/box_curve25519xsalsa20poly1305_api.c \
+	crypto_box/curve25519xsalsa20poly1305/box_curve25519xsalsa20poly1305.c \
 	crypto_box/curve25519xsalsa20poly1305/ref/after_curve25519xsalsa20poly1305.c \
 	crypto_box/curve25519xsalsa20poly1305/ref/before_curve25519xsalsa20poly1305.c \
 	crypto_box/curve25519xsalsa20poly1305/ref/box_curve25519xsalsa20poly1305.c \
 	crypto_box/curve25519xsalsa20poly1305/ref/keypair_curve25519xsalsa20poly1305.c \
 	crypto_core/curve25519/ref10/base.h \
 	crypto_core/curve25519/ref10/base2.h \
 	crypto_core/curve25519/ref10/curve25519_ref10.c \
@ -75,8 +71,7 @@ libsodium_la_SOURCES = \
 	crypto_scalarmult/curve25519/scalarmult_curve25519.h \
 	crypto_secretbox/crypto_secretbox.c \
 	crypto_secretbox/crypto_secretbox_easy.c \
-	crypto_secretbox/xsalsa20poly1305/secretbox_xsalsa20poly1305_api.c \
+	crypto_secretbox/xsalsa20poly1305/secretbox_xsalsa20poly1305.c \
 	crypto_secretbox/xsalsa20poly1305/ref/secretbox_xsalsa20poly1305.c \
 	crypto_shorthash/crypto_shorthash.c \
 	crypto_shorthash/siphash24/shorthash_siphash24_api.c \
 	crypto_shorthash/siphash24/ref/shorthash_siphash24.c \
@ -91,15 +86,8 @@ libsodium_la_SOURCES = \
 	crypto_stream/chacha20/ref/stream_chacha20_ref.c \
 	crypto_stream/crypto_stream.c \
 	crypto_stream/salsa20/stream_salsa20_api.c \
-	crypto_stream/xsalsa20/stream_xsalsa20_api.c \
+	crypto_stream/xsalsa20/stream_xsalsa20.c \
-	crypto_stream/xsalsa20/ref/stream_xsalsa20.c \
+	crypto_verify/sodium/verify.c \
 	crypto_stream/xsalsa20/ref/xor_xsalsa20.c \
 	crypto_verify/16/verify_16_api.c \
 	crypto_verify/16/ref/verify_16.c \
 	crypto_verify/32/verify_32_api.c \
 	crypto_verify/32/ref/verify_32.c \
 	crypto_verify/64/verify_64_api.c \
 	crypto_verify/64/ref/verify_64.c \
 	include/sodium/private/common.h \
 	include/sodium/private/curve25519_ref10.h \
 	include/sodium/private/mutex.h \
@ -170,18 +158,14 @@ endif
 if !MINIMAL
 libsodium_la_SOURCES += \
 	crypto_aead/xchacha20poly1305/sodium/aead_xchacha20poly1305.c \
-	crypto_box/curve25519xchacha20poly1305/box_curve25519xchacha20poly1305_api.c \
+	crypto_box/curve25519xchacha20poly1305/box_curve25519xchacha20poly1305.c \
 	crypto_box/curve25519xchacha20poly1305/box_curve25519xchacha20poly1305_easy.c \
 	crypto_box/curve25519xchacha20poly1305/sodium/before_curve25519xchacha20poly1305.c \
 	crypto_box/curve25519xchacha20poly1305/sodium/keypair_curve25519xchacha20poly1305.c \
 	crypto_core/hchacha20/core_hchacha20.c \
 	crypto_core/hchacha20/core_hchacha20.h \
 	crypto_core/salsa2012/ref/core_salsa2012.c \
 	crypto_core/salsa2012/core_salsa2012_api.c \
 	crypto_core/salsa208/ref/core_salsa208.c \
 	crypto_core/salsa208/core_salsa208_api.c \
-	crypto_secretbox/xchacha20poly1305/secretbox_xchacha20poly1305_api.c \
+	crypto_secretbox/xchacha20poly1305/secretbox_xchacha20poly1305.c \
 	crypto_secretbox/xchacha20poly1305/secretbox_xchacha20poly1305_easy.c \
 	crypto_sign/ed25519/ref10/obsolete.c \
 	crypto_stream/aes128ctr/portable/afternm_aes128ctr.c \
 	crypto_stream/aes128ctr/stream_aes128ctr_api.c \
--- a/src/libsodium/crypto_box/curve25519xchacha20poly1305/box_curve25519xchacha20poly1305_easy.c
+++ b/src/libsodium/crypto_box/curve25519xchacha20poly1305/box_curve25519xchacha20poly1305_easy.c
@ -1,12 +1,55 @@
 #include <limits.h>
 #include <stdint.h>
 #include <string.h>
 #include <stdlib.h>
 #include "crypto_box_curve25519xchacha20poly1305.h"
 #include "crypto_core_hchacha20.h"
 #include "crypto_hash_sha512.h"
 #include "crypto_secretbox_xchacha20poly1305.h"
 #include "crypto_scalarmult_curve25519.h"
 #include "randombytes.h"
 #include "utils.h"
 int
 crypto_box_curve25519xchacha20poly1305_seed_keypair(unsigned char *pk,
                                                    unsigned char *sk,
                                                    const unsigned char *seed)
 {
    unsigned char hash[64];
    crypto_hash_sha512(hash, seed, 32);
    memmove(sk, hash, 32);
    sodium_memzero(hash, sizeof hash);
    return crypto_scalarmult_curve25519_base(pk, sk);
 }
 int
 crypto_box_curve25519xchacha20poly1305_keypair(unsigned char *pk,
                                               unsigned char *sk)
 {
    randombytes_buf(sk, 32);
    return crypto_scalarmult_curve25519_base(pk, sk);
 }
 static const unsigned char n[16] = { 0 };
 int
 crypto_box_curve25519xchacha20poly1305_beforenm(unsigned char *k,
                                                const unsigned char *pk,
                                                const unsigned char *sk)
 {
    unsigned char s[32];
    if (crypto_scalarmult_curve25519(s, sk, pk) != 0) {
        return -1;
    }
    return crypto_core_hchacha20(k, n, s, NULL);
 }
 int
 crypto_box_curve25519xchacha20poly1305_detached_afternm(unsigned char *c,
                                                        unsigned char *mac,
@ -136,3 +179,33 @@ crypto_box_curve25519xchacha20poly1305_open_easy(unsigned char *m,
        m, c + crypto_box_curve25519xchacha20poly1305_MACBYTES, c,
        clen - crypto_box_curve25519xchacha20poly1305_MACBYTES, n, pk, sk);
 }
 size_t
 crypto_box_curve25519xchacha20poly1305_seedbytes(void) {
    return crypto_box_curve25519xchacha20poly1305_SEEDBYTES;
 }
 size_t
 crypto_box_curve25519xchacha20poly1305_publickeybytes(void) {
    return crypto_box_curve25519xchacha20poly1305_PUBLICKEYBYTES;
 }
 size_t
 crypto_box_curve25519xchacha20poly1305_secretkeybytes(void) {
    return crypto_box_curve25519xchacha20poly1305_SECRETKEYBYTES;
 }
 size_t
 crypto_box_curve25519xchacha20poly1305_beforenmbytes(void) {
    return crypto_box_curve25519xchacha20poly1305_BEFORENMBYTES;
 }
 size_t
 crypto_box_curve25519xchacha20poly1305_noncebytes(void) {
    return crypto_box_curve25519xchacha20poly1305_NONCEBYTES;
 }
 size_t
 crypto_box_curve25519xchacha20poly1305_macbytes(void) {
    return crypto_box_curve25519xchacha20poly1305_MACBYTES;
 }
--- a/src/libsodium/crypto_box/curve25519xchacha20poly1305/box_curve25519xchacha20poly1305_api.c
+++ b/src/libsodium/crypto_box/curve25519xchacha20poly1305/box_curve25519xchacha20poly1305_api.c
@ -1,31 +0,0 @@
 #include "crypto_box_curve25519xchacha20poly1305.h"
 size_t
 crypto_box_curve25519xchacha20poly1305_seedbytes(void) {
    return crypto_box_curve25519xchacha20poly1305_SEEDBYTES;
 }
 size_t
 crypto_box_curve25519xchacha20poly1305_publickeybytes(void) {
    return crypto_box_curve25519xchacha20poly1305_PUBLICKEYBYTES;
 }
 size_t
 crypto_box_curve25519xchacha20poly1305_secretkeybytes(void) {
    return crypto_box_curve25519xchacha20poly1305_SECRETKEYBYTES;
 }
 size_t
 crypto_box_curve25519xchacha20poly1305_beforenmbytes(void) {
    return crypto_box_curve25519xchacha20poly1305_BEFORENMBYTES;
 }
 size_t
 crypto_box_curve25519xchacha20poly1305_noncebytes(void) {
    return crypto_box_curve25519xchacha20poly1305_NONCEBYTES;
 }
 size_t
 crypto_box_curve25519xchacha20poly1305_macbytes(void) {
    return crypto_box_curve25519xchacha20poly1305_MACBYTES;
 }
--- a/src/libsodium/crypto_box/curve25519xchacha20poly1305/sodium/before_curve25519xchacha20poly1305.c
+++ b/src/libsodium/crypto_box/curve25519xchacha20poly1305/sodium/before_curve25519xchacha20poly1305.c
@ -1,18 +0,0 @@
 #include "crypto_box_curve25519xchacha20poly1305.h"
 #include "crypto_core_hchacha20.h"
 #include "crypto_scalarmult_curve25519.h"
 static const unsigned char n[16] = { 0 };
 int
 crypto_box_curve25519xchacha20poly1305_beforenm(unsigned char *k,
                                                const unsigned char *pk,
                                                const unsigned char *sk)
 {
    unsigned char s[32];
    if (crypto_scalarmult_curve25519(s, sk, pk) != 0) {
        return -1;
    }
    return crypto_core_hchacha20(k, n, s, NULL);
 }
--- a/src/libsodium/crypto_box/curve25519xchacha20poly1305/sodium/keypair_curve25519xchacha20poly1305.c
+++ b/src/libsodium/crypto_box/curve25519xchacha20poly1305/sodium/keypair_curve25519xchacha20poly1305.c
@ -1,30 +0,0 @@
 #include <string.h>
 #include "crypto_box_curve25519xchacha20poly1305.h"
 #include "crypto_hash_sha512.h"
 #include "crypto_scalarmult_curve25519.h"
 #include "randombytes.h"
 #include "utils.h"
 int
 crypto_box_curve25519xchacha20poly1305_seed_keypair(unsigned char *pk,
                                                    unsigned char *sk,
                                                    const unsigned char *seed)
 {
    unsigned char hash[64];
    crypto_hash_sha512(hash, seed, 32);
    memmove(sk, hash, 32);
    sodium_memzero(hash, sizeof hash);
    return crypto_scalarmult_curve25519_base(pk, sk);
 }
 int
 crypto_box_curve25519xchacha20poly1305_keypair(unsigned char *pk,
                                               unsigned char *sk)
 {
    randombytes_buf(sk, 32);
    return crypto_scalarmult_curve25519_base(pk, sk);
 }
--- a/src/libsodium/crypto_box/curve25519xsalsa20poly1305/box_curve25519xsalsa20poly1305.c
+++ b/src/libsodium/crypto_box/curve25519xsalsa20poly1305/box_curve25519xsalsa20poly1305.c
@ -0,0 +1,148 @@
 #include <string.h>
 #include "crypto_box_curve25519xsalsa20poly1305.h"
 #include "crypto_core_hsalsa20.h"
 #include "crypto_hash_sha512.h"
 #include "crypto_scalarmult_curve25519.h"
 #include "crypto_secretbox_xsalsa20poly1305.h"
 #include "crypto_scalarmult_curve25519.h"
 #include "randombytes.h"
 #include "utils.h"
 int
 crypto_box_curve25519xsalsa20poly1305_seed_keypair(unsigned char *pk,
                                                   unsigned char *sk,
                                                   const unsigned char *seed)
 {
    unsigned char hash[64];
    crypto_hash_sha512(hash, seed, 32);
    memmove(sk, hash, 32);
    sodium_memzero(hash, sizeof hash);
    return crypto_scalarmult_curve25519_base(pk, sk);
 }
 int
 crypto_box_curve25519xsalsa20poly1305_keypair(unsigned char *pk,
                                              unsigned char *sk)
 {
    randombytes_buf(sk, 32);
    return crypto_scalarmult_curve25519_base(pk, sk);
 }
 static const unsigned char n[16] = { 0 };
 int
 crypto_box_curve25519xsalsa20poly1305_beforenm(unsigned char *k,
                                               const unsigned char *pk,
                                               const unsigned char *sk)
 {
    unsigned char s[32];
    if (crypto_scalarmult_curve25519(s, sk, pk) != 0) {
        return -1;
    }
    return crypto_core_hsalsa20(k, n, s, NULL);
 }
 int
 crypto_box_curve25519xsalsa20poly1305_afternm(unsigned char *c,
                                              const unsigned char *m,
                                              unsigned long long mlen,
                                              const unsigned char *n,
                                              const unsigned char *k)
 {
    return crypto_secretbox_xsalsa20poly1305(c, m, mlen, n, k);
 }
 int
 crypto_box_curve25519xsalsa20poly1305_open_afternm(unsigned char *m,
                                                   const unsigned char *c,
                                                   unsigned long long clen,
                                                   const unsigned char *n,
                                                   const unsigned char *k)
 {
    return crypto_secretbox_xsalsa20poly1305_open(m, c, clen, n, k);
 }
 int
 crypto_box_curve25519xsalsa20poly1305(unsigned char *c,
                                      const unsigned char *m,
                                      unsigned long long mlen,
                                      const unsigned char *n,
                                      const unsigned char *pk,
                                      const unsigned char *sk)
 {
    unsigned char k[crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES];
    int           ret;
    if (crypto_box_curve25519xsalsa20poly1305_beforenm(k, pk, sk) != 0) {
        return -1;
    }
    ret = crypto_box_curve25519xsalsa20poly1305_afternm(c, m, mlen, n, k);
    sodium_memzero(k, sizeof k);
    return ret;
 }
 int
 crypto_box_curve25519xsalsa20poly1305_open(unsigned char *m,
                                           const unsigned char *c,
                                           unsigned long long clen,
                                           const unsigned char *n,
                                           const unsigned char *pk,
                                           const unsigned char *sk)
 {
    unsigned char k[crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES];
    int           ret;
    if (crypto_box_curve25519xsalsa20poly1305_beforenm(k, pk, sk) != 0) {
        return -1;
    }
    ret = crypto_box_curve25519xsalsa20poly1305_open_afternm(m, c, clen, n, k);
    sodium_memzero(k, sizeof k);
    return ret;
 }
 size_t
 crypto_box_curve25519xsalsa20poly1305_seedbytes(void) {
    return crypto_box_curve25519xsalsa20poly1305_SEEDBYTES;
 }
 size_t
 crypto_box_curve25519xsalsa20poly1305_publickeybytes(void) {
    return crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES;
 }
 size_t
 crypto_box_curve25519xsalsa20poly1305_secretkeybytes(void) {
    return crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES;
 }
 size_t
 crypto_box_curve25519xsalsa20poly1305_beforenmbytes(void) {
    return crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES;
 }
 size_t
 crypto_box_curve25519xsalsa20poly1305_noncebytes(void) {
    return crypto_box_curve25519xsalsa20poly1305_NONCEBYTES;
 }
 size_t
 crypto_box_curve25519xsalsa20poly1305_zerobytes(void) {
    return crypto_box_curve25519xsalsa20poly1305_ZEROBYTES;
 }
 size_t
 crypto_box_curve25519xsalsa20poly1305_boxzerobytes(void) {
    return crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES;
 }
 size_t
 crypto_box_curve25519xsalsa20poly1305_macbytes(void) {
    return crypto_box_curve25519xsalsa20poly1305_MACBYTES;
 }
--- a/src/libsodium/crypto_box/curve25519xsalsa20poly1305/box_curve25519xsalsa20poly1305_api.c
+++ b/src/libsodium/crypto_box/curve25519xsalsa20poly1305/box_curve25519xsalsa20poly1305_api.c
@ -1,41 +0,0 @@
 #include "crypto_box_curve25519xsalsa20poly1305.h"
 size_t
 crypto_box_curve25519xsalsa20poly1305_seedbytes(void) {
    return crypto_box_curve25519xsalsa20poly1305_SEEDBYTES;
 }
 size_t
 crypto_box_curve25519xsalsa20poly1305_publickeybytes(void) {
    return crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES;
 }
 size_t
 crypto_box_curve25519xsalsa20poly1305_secretkeybytes(void) {
    return crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES;
 }
 size_t
 crypto_box_curve25519xsalsa20poly1305_beforenmbytes(void) {
    return crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES;
 }
 size_t
 crypto_box_curve25519xsalsa20poly1305_noncebytes(void) {
    return crypto_box_curve25519xsalsa20poly1305_NONCEBYTES;
 }
 size_t
 crypto_box_curve25519xsalsa20poly1305_zerobytes(void) {
    return crypto_box_curve25519xsalsa20poly1305_ZEROBYTES;
 }
 size_t
 crypto_box_curve25519xsalsa20poly1305_boxzerobytes(void) {
    return crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES;
 }
 size_t
 crypto_box_curve25519xsalsa20poly1305_macbytes(void) {
    return crypto_box_curve25519xsalsa20poly1305_MACBYTES;
 }
--- a/src/libsodium/crypto_box/curve25519xsalsa20poly1305/ref/after_curve25519xsalsa20poly1305.c
+++ b/src/libsodium/crypto_box/curve25519xsalsa20poly1305/ref/after_curve25519xsalsa20poly1305.c
@ -1,22 +0,0 @@
 #include "crypto_box_curve25519xsalsa20poly1305.h"
 #include "crypto_secretbox_xsalsa20poly1305.h"
 int
 crypto_box_curve25519xsalsa20poly1305_afternm(unsigned char *c,
                                              const unsigned char *m,
                                              unsigned long long mlen,
                                              const unsigned char *n,
                                              const unsigned char *k)
 {
    return crypto_secretbox_xsalsa20poly1305(c, m, mlen, n, k);
 }
 int
 crypto_box_curve25519xsalsa20poly1305_open_afternm(unsigned char *m,
                                                   const unsigned char *c,
                                                   unsigned long long clen,
                                                   const unsigned char *n,
                                                   const unsigned char *k)
 {
    return crypto_secretbox_xsalsa20poly1305_open(m, c, clen, n, k);
 }
--- a/src/libsodium/crypto_box/curve25519xsalsa20poly1305/ref/before_curve25519xsalsa20poly1305.c
+++ b/src/libsodium/crypto_box/curve25519xsalsa20poly1305/ref/before_curve25519xsalsa20poly1305.c
@ -1,18 +0,0 @@
 #include "crypto_box_curve25519xsalsa20poly1305.h"
 #include "crypto_core_hsalsa20.h"
 #include "crypto_scalarmult_curve25519.h"
 static const unsigned char n[16] = { 0 };
 int
 crypto_box_curve25519xsalsa20poly1305_beforenm(unsigned char *k,
                                               const unsigned char *pk,
                                               const unsigned char *sk)
 {
    unsigned char s[32];
    if (crypto_scalarmult_curve25519(s, sk, pk) != 0) {
        return -1;
    }
    return crypto_core_hsalsa20(k, n, s, NULL);
 }
--- a/src/libsodium/crypto_box/curve25519xsalsa20poly1305/ref/box_curve25519xsalsa20poly1305.c
+++ b/src/libsodium/crypto_box/curve25519xsalsa20poly1305/ref/box_curve25519xsalsa20poly1305.c
@ -1,42 +0,0 @@
 #include "crypto_box_curve25519xsalsa20poly1305.h"
 #include "utils.h"
 int
 crypto_box_curve25519xsalsa20poly1305(unsigned char *c,
                                      const unsigned char *m,
                                      unsigned long long mlen,
                                      const unsigned char *n,
                                      const unsigned char *pk,
                                      const unsigned char *sk)
 {
    unsigned char k[crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES];
    int           ret;
    if (crypto_box_curve25519xsalsa20poly1305_beforenm(k, pk, sk) != 0) {
        return -1;
    }
    ret = crypto_box_curve25519xsalsa20poly1305_afternm(c, m, mlen, n, k);
    sodium_memzero(k, sizeof k);
    return ret;
 }
 int
 crypto_box_curve25519xsalsa20poly1305_open(unsigned char *m,
                                           const unsigned char *c,
                                           unsigned long long clen,
                                           const unsigned char *n,
                                           const unsigned char *pk,
                                           const unsigned char *sk)
 {
    unsigned char k[crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES];
    int           ret;
    if (crypto_box_curve25519xsalsa20poly1305_beforenm(k, pk, sk) != 0) {
        return -1;
    }
    ret = crypto_box_curve25519xsalsa20poly1305_open_afternm(m, c, clen, n, k);
    sodium_memzero(k, sizeof k);
    return ret;
 }
--- a/src/libsodium/crypto_box/curve25519xsalsa20poly1305/ref/keypair_curve25519xsalsa20poly1305.c
+++ b/src/libsodium/crypto_box/curve25519xsalsa20poly1305/ref/keypair_curve25519xsalsa20poly1305.c
@ -1,30 +0,0 @@
 #include <string.h>
 #include "crypto_box_curve25519xsalsa20poly1305.h"
 #include "crypto_hash_sha512.h"
 #include "crypto_scalarmult_curve25519.h"
 #include "randombytes.h"
 #include "utils.h"
 int
 crypto_box_curve25519xsalsa20poly1305_seed_keypair(unsigned char *pk,
                                                   unsigned char *sk,
                                                   const unsigned char *seed)
 {
    unsigned char hash[64];
    crypto_hash_sha512(hash, seed, 32);
    memmove(sk, hash, 32);
    sodium_memzero(hash, sizeof hash);
    return crypto_scalarmult_curve25519_base(pk, sk);
 }
 int
 crypto_box_curve25519xsalsa20poly1305_keypair(unsigned char *pk,
                                              unsigned char *sk)
 {
    randombytes_buf(sk, 32);
    return crypto_scalarmult_curve25519_base(pk, sk);
 }
--- a/src/libsodium/crypto_secretbox/xchacha20poly1305/secretbox_xchacha20poly1305_easy.c
+++ b/src/libsodium/crypto_secretbox/xchacha20poly1305/secretbox_xchacha20poly1305_easy.c
@ -150,3 +150,21 @@ crypto_secretbox_xchacha20poly1305_open_easy(unsigned char *m,
        (m, c + crypto_secretbox_xchacha20poly1305_MACBYTES, c,
         clen - crypto_secretbox_xchacha20poly1305_MACBYTES, n, k);
 }
 size_t
 crypto_secretbox_xchacha20poly1305_keybytes(void)
 {
    return crypto_secretbox_xchacha20poly1305_KEYBYTES;
 }
 size_t
 crypto_secretbox_xchacha20poly1305_noncebytes(void)
 {
    return crypto_secretbox_xchacha20poly1305_NONCEBYTES;
 }
 size_t
 crypto_secretbox_xchacha20poly1305_macbytes(void)
 {
    return crypto_secretbox_xchacha20poly1305_MACBYTES;
 }
--- a/src/libsodium/crypto_secretbox/xchacha20poly1305/secretbox_xchacha20poly1305_api.c
+++ b/src/libsodium/crypto_secretbox/xchacha20poly1305/secretbox_xchacha20poly1305_api.c
@ -1,19 +0,0 @@
 #include "crypto_secretbox_xchacha20poly1305.h"
 size_t
 crypto_secretbox_xchacha20poly1305_keybytes(void)
 {
    return crypto_secretbox_xchacha20poly1305_KEYBYTES;
 }
 size_t
 crypto_secretbox_xchacha20poly1305_noncebytes(void)
 {
    return crypto_secretbox_xchacha20poly1305_NONCEBYTES;
 }
 size_t
 crypto_secretbox_xchacha20poly1305_macbytes(void)
 {
    return crypto_secretbox_xchacha20poly1305_MACBYTES;
 }
--- a/src/libsodium/crypto_secretbox/xsalsa20poly1305/ref/secretbox_xsalsa20poly1305.c
+++ b/src/libsodium/crypto_secretbox/xsalsa20poly1305/ref/secretbox_xsalsa20poly1305.c
@ -44,3 +44,33 @@ crypto_secretbox_xsalsa20poly1305_open(unsigned char *m, const unsigned char *c,
    }
    return 0;
 }
 size_t
 crypto_secretbox_xsalsa20poly1305_keybytes(void)
 {
    return crypto_secretbox_xsalsa20poly1305_KEYBYTES;
 }
 size_t
 crypto_secretbox_xsalsa20poly1305_noncebytes(void)
 {
    return crypto_secretbox_xsalsa20poly1305_NONCEBYTES;
 }
 size_t
 crypto_secretbox_xsalsa20poly1305_zerobytes(void)
 {
    return crypto_secretbox_xsalsa20poly1305_ZEROBYTES;
 }
 size_t
 crypto_secretbox_xsalsa20poly1305_boxzerobytes(void)
 {
    return crypto_secretbox_xsalsa20poly1305_BOXZEROBYTES;
 }
 size_t
 crypto_secretbox_xsalsa20poly1305_macbytes(void)
 {
    return crypto_secretbox_xsalsa20poly1305_MACBYTES;
 }
--- a/src/libsodium/crypto_secretbox/xsalsa20poly1305/secretbox_xsalsa20poly1305_api.c
+++ b/src/libsodium/crypto_secretbox/xsalsa20poly1305/secretbox_xsalsa20poly1305_api.c
@ -1,31 +0,0 @@
 #include "crypto_secretbox_xsalsa20poly1305.h"
 size_t
 crypto_secretbox_xsalsa20poly1305_keybytes(void)
 {
    return crypto_secretbox_xsalsa20poly1305_KEYBYTES;
 }
 size_t
 crypto_secretbox_xsalsa20poly1305_noncebytes(void)
 {
    return crypto_secretbox_xsalsa20poly1305_NONCEBYTES;
 }
 size_t
 crypto_secretbox_xsalsa20poly1305_zerobytes(void)
 {
    return crypto_secretbox_xsalsa20poly1305_ZEROBYTES;
 }
 size_t
 crypto_secretbox_xsalsa20poly1305_boxzerobytes(void)
 {
    return crypto_secretbox_xsalsa20poly1305_BOXZEROBYTES;
 }
 size_t
 crypto_secretbox_xsalsa20poly1305_macbytes(void)
 {
    return crypto_secretbox_xsalsa20poly1305_MACBYTES;
 }
--- a/src/libsodium/crypto_stream/xsalsa20/ref/stream_xsalsa20.c
+++ b/src/libsodium/crypto_stream/xsalsa20/ref/stream_xsalsa20.c
@ -1,24 +0,0 @@
 /*
 version 20080914
 D. J. Bernstein
 Public domain.
 */
 #include "crypto_core_hsalsa20.h"
 #include "crypto_stream_salsa20.h"
 #include "crypto_stream_xsalsa20.h"
 #include "utils.h"
 int
 crypto_stream_xsalsa20(unsigned char *c, unsigned long long clen,
                       const unsigned char *n, const unsigned char *k)
 {
    unsigned char subkey[32];
    int           ret;
    crypto_core_hsalsa20(subkey, n, k, NULL);
    ret = crypto_stream_salsa20(c, clen, n + 16, subkey);
    sodium_memzero(subkey, sizeof subkey);
    return ret;
 }
--- a/src/libsodium/crypto_stream/xsalsa20/ref/xor_xsalsa20.c
+++ b/src/libsodium/crypto_stream/xsalsa20/ref/xor_xsalsa20.c
@ -1,14 +1,22 @@
 /*
 version 20080913
 D. J. Bernstein
 Public domain.
 */
 #include "crypto_core_hsalsa20.h"
 #include "crypto_stream_salsa20.h"
 #include "crypto_stream_xsalsa20.h"
 #include "utils.h"
 int
 crypto_stream_xsalsa20(unsigned char *c, unsigned long long clen,
                       const unsigned char *n, const unsigned char *k)
 {
    unsigned char subkey[32];
    int           ret;
    crypto_core_hsalsa20(subkey, n, k, NULL);
    ret = crypto_stream_salsa20(c, clen, n + 16, subkey);
    sodium_memzero(subkey, sizeof subkey);
    return ret;
 }
 int
 crypto_stream_xsalsa20_xor_ic(unsigned char *c, const unsigned char *m,
                              unsigned long long mlen, const unsigned char *n,
@ -31,3 +39,13 @@ crypto_stream_xsalsa20_xor(unsigned char *c, const unsigned char *m,
 {
    return crypto_stream_xsalsa20_xor_ic(c, m, mlen, n, 0ULL, k);
 }
 size_t
 crypto_stream_xsalsa20_keybytes(void) {
    return crypto_stream_xsalsa20_KEYBYTES;
 }
 size_t
 crypto_stream_xsalsa20_noncebytes(void) {
    return crypto_stream_xsalsa20_NONCEBYTES;
 }
--- a/src/libsodium/crypto_stream/xsalsa20/stream_xsalsa20_api.c
+++ b/src/libsodium/crypto_stream/xsalsa20/stream_xsalsa20_api.c
@ -1,11 +0,0 @@
 #include "crypto_stream_xsalsa20.h"
 size_t
 crypto_stream_xsalsa20_keybytes(void) {
    return crypto_stream_xsalsa20_KEYBYTES;
 }
 size_t
 crypto_stream_xsalsa20_noncebytes(void) {
    return crypto_stream_xsalsa20_NONCEBYTES;
 }
--- a/src/libsodium/crypto_verify/16/ref/verify_16.c
+++ b/src/libsodium/crypto_verify/16/ref/verify_16.c
@ -1,17 +0,0 @@
 #include <stddef.h>
 #include <stdint.h>
 #include "crypto_verify_16.h"
 int
 crypto_verify_16(const unsigned char *x, const unsigned char *y)
 {
    uint_fast16_t d = 0U;
    int           i;
    for (i = 0; i < 16; i++) {
        d |= x[i] ^ y[i];
    }
    return (1 & ((d - 1) >> 8)) - 1;
 }
--- a/src/libsodium/crypto_verify/16/verify_16_api.c
+++ b/src/libsodium/crypto_verify/16/verify_16_api.c
@ -1,6 +0,0 @@
 #include "crypto_verify_16.h"
 size_t
 crypto_verify_16_bytes(void) {
    return crypto_verify_16_BYTES;
 }
--- a/src/libsodium/crypto_verify/32/ref/verify_32.c
+++ b/src/libsodium/crypto_verify/32/ref/verify_32.c
@ -1,17 +0,0 @@
 #include <stddef.h>
 #include <stdint.h>
 #include "crypto_verify_32.h"
 int
 crypto_verify_32(const unsigned char *x, const unsigned char *y)
 {
    uint_fast16_t d = 0U;
    int           i;
    for (i = 0; i < 32; i++) {
        d |= x[i] ^ y[i];
    }
    return (1 & ((d - 1) >> 8)) - 1;
 }
--- a/src/libsodium/crypto_verify/32/verify_32_api.c
+++ b/src/libsodium/crypto_verify/32/verify_32_api.c
@ -1,6 +0,0 @@
 #include "crypto_verify_32.h"
 size_t
 crypto_verify_32_bytes(void) {
    return crypto_verify_32_BYTES;
 }
--- a/src/libsodium/crypto_verify/64/ref/verify_64.c
+++ b/src/libsodium/crypto_verify/64/ref/verify_64.c
@ -1,17 +0,0 @@
 #include <stddef.h>
 #include <stdint.h>
 #include "crypto_verify_64.h"
 int
 crypto_verify_64(const unsigned char *x, const unsigned char *y)
 {
    uint_fast16_t d = 0U;
    int           i;
    for (i = 0; i < 64; i++) {
        d |= x[i] ^ y[i];
    }
    return (1 & ((d - 1) >> 8)) - 1;
 }
--- a/src/libsodium/crypto_verify/64/verify_64_api.c
+++ b/src/libsodium/crypto_verify/64/verify_64_api.c
@ -1,6 +0,0 @@
 #include "crypto_verify_64.h"
 size_t
 crypto_verify_64_bytes(void) {
    return crypto_verify_64_BYTES;
 }
--- a/src/libsodium/crypto_verify/sodium/verify.c
+++ b/src/libsodium/crypto_verify/sodium/verify.c
@ -0,0 +1,58 @@
 #include <stddef.h>
 #include <stdint.h>
 #include "crypto_verify_16.h"
 #include "crypto_verify_32.h"
 #include "crypto_verify_64.h"
 int
 crypto_verify_16(const unsigned char *x, const unsigned char *y)
 {
    uint_fast16_t d = 0U;
    int           i;
    for (i = 0; i < 16; i++) {
        d |= x[i] ^ y[i];
    }
    return (1 & ((d - 1) >> 8)) - 1;
 }
 size_t
 crypto_verify_16_bytes(void) {
    return crypto_verify_16_BYTES;
 }
 int
 crypto_verify_32(const unsigned char *x, const unsigned char *y)
 {
    uint_fast16_t d = 0U;
    int           i;
    for (i = 0; i < 32; i++) {
        d |= x[i] ^ y[i];
    }
    return (1 & ((d - 1) >> 8)) - 1;
 }
 size_t
 crypto_verify_32_bytes(void) {
    return crypto_verify_32_BYTES;
 }
 int
 crypto_verify_64(const unsigned char *x, const unsigned char *y)
 {
    uint_fast16_t d = 0U;
    int           i;
    for (i = 0; i < 64; i++) {
        d |= x[i] ^ y[i];
    }
    return (1 & ((d - 1) >> 8)) - 1;
 }
 size_t
 crypto_verify_64_bytes(void) {
    return crypto_verify_64_BYTES;
 }