Frank Denis
|
b7abc4542e
|
No need to provison for the tag if we are below SIZE_MAX
|
2018-09-12 15:22:30 +02:00 |
|
Frank Denis
|
f0e5c3940d
|
Substract the number of blocks, and make similar code more uniform
|
2018-09-12 15:19:56 +02:00 |
|
Frank Denis
|
3574ab879e
|
Do not even use untested code in non-production environments
|
2018-09-12 14:53:16 +02:00 |
|
Frank Denis
|
5a7290ce6a
|
Make this warning more difficult to ignore
|
2018-09-12 14:51:03 +02:00 |
|
Frank Denis
|
43909c1ffb
|
Allow ic + mlen to overflow a size_t in chacha20_ietf_xor_ic()
|
2018-09-12 08:40:22 +02:00 |
|
Frank Denis
|
bea8839c6b
|
Do not count the overhead in xchacha20poly1305_MESSAGEBYTES_MAX
|
2018-09-12 08:19:12 +02:00 |
|
Frank Denis
|
04a7ab95f2
|
Don't mix lengths and block sizes
|
2018-09-10 19:57:06 +02:00 |
|
Frank Denis
|
3e9d341d06
|
Add crypto_stream_chacha20_ietf_ext, use _ext suffix everywhere for consistency
|
2018-09-08 14:54:12 +02:00 |
|
Frank Denis
|
cf217e3dfc
|
Call misuse() if we ask too much data from the IETF variant of ChaCha20
Fix #753
|
2018-09-08 02:12:23 +02:00 |
|
Frank Denis
|
ab4ab23d57
|
x25519_ref: ignore the high bit in the small order PK check
|
2018-08-29 16:04:40 +02:00 |
|
Frank Denis
|
1ec6edc1a8
|
Indent
|
2018-08-27 12:29:49 +02:00 |
|
Jakob Rieck
|
543b5ad068
|
Fixes padding for blocksizes > 256
|
2018-08-27 11:42:49 +02:00 |
|
Frank Denis
|
7cdf3f0e84
|
strnlen() may not be available everywhere
|
2018-07-22 21:54:38 +02:00 |
|
Frank Denis
|
922e4dcd9e
|
Merge branch 'master' of github.com:jedisct1/libsodium
* 'master' of github.com:jedisct1/libsodium:
Invert (1-y) just before the multiplication by (1+y) for readability
Nits
|
2018-07-22 21:40:39 +02:00 |
|
Frank Denis
|
74ba82210e
|
memchr() can process its input in any order
Fixes #737
|
2018-07-22 21:26:31 +02:00 |
|
Frank Denis
|
d25d6ce7fb
|
Invert (1-y) just before the multiplication by (1+y) for readability
|
2018-07-21 00:43:39 +02:00 |
|
Frank Denis
|
91d9051bce
|
Nits
|
2018-07-19 14:44:17 +02:00 |
|
Anton Maklakov
|
f16896146a
|
Fix warnings that appeared in GCC7+ (related to -Wimplicit-fallthrough)
|
2018-07-04 23:29:33 +07:00 |
|
Frank Denis
|
cfb0f94704
|
Visual Studio documentation states that eax/ecx/edx don't need to be
preserved in inline assembly code. But that doesn't seem to always
hold true on Visual Studio 2010.
|
2018-05-12 09:12:36 +02:00 |
|
Tom Auger
|
462a8ab775
|
Use _MESSAGEBYTES_MAX in crypto_aead_xchacha20poly1305
|
2018-04-29 15:12:39 +01:00 |
|
Frank Denis
|
10207d5aa6
|
This reverts commit 38b19412e8 .
|
2018-04-01 23:25:06 +02:00 |
|
Frank Denis
|
38b19412e8
|
Introduce pwhash_ntlm() for low-sodium, salt-free password hashing
. #passthesalt
|
2018-03-31 21:46:37 +02:00 |
|
Frank Denis
|
19f5c4f620
|
Include limits.h for ancient Android NDKs. Sigh.
|
2018-01-19 16:48:06 +01:00 |
|
Frank Denis
|
57ca449c7e
|
Include <stdint.h> for SIZE_MAX, and <stddef.h> as a dependency
|
2018-01-19 15:25:01 +01:00 |
|
Frank Denis
|
13513e886b
|
Keep things simple; directly initialize the example RNG from the system one
|
2018-01-17 15:11:18 +01:00 |
|
Frank Denis
|
e2581d9105
|
Swap #ifdef branches for clarity
|
2018-01-16 01:06:03 +01:00 |
|
Frank Denis
|
958060e2ec
|
Signatures: do not reject weak public keys if ED25519_COMPAT is defined
|
2018-01-16 01:02:29 +01:00 |
|
Frank Denis
|
0468e778d2
|
Revert "Solaris Studio apparently supports __attribute__()"
This reverts commit 74a4496cc5 .
|
2018-01-15 13:34:31 +01:00 |
|
Frank Denis
|
74a4496cc5
|
Solaris Studio apparently supports __attribute__()
Fixes #660
|
2018-01-14 23:09:46 +01:00 |
|
Frank Denis
|
764656443f
|
Check if we can use inline asm code, not only on x86_64
|
2017-12-31 01:23:58 +01:00 |
|
Frank Denis
|
a18e21b49d
|
Use (""::"r"(pnt):"memory") instead of (""::"p"(pnt)) for the barrier
|
2017-12-31 01:11:45 +01:00 |
|
Ryan Lester
|
607d9b7943
|
Closure fix
|
2017-12-26 22:39:17 -05:00 |
|
Frank Denis
|
0187ba70ad
|
Require the generichash state to be aligned
Alignment is already required by other functions anyway.
|
2017-12-21 18:21:43 +01:00 |
|
Frank Denis
|
1e7839a90c
|
Lift alignment requirements in crypto_generichash()
|
2017-12-21 18:14:17 +01:00 |
|
Frank Denis
|
2604a41774
|
Add extra align statements
|
2017-12-21 17:24:23 +01:00 |
|
Frank Denis
|
ffb8475a4a
|
Brace yourself
|
2017-12-21 17:24:01 +01:00 |
|
Frank Denis
|
3383fd1bdf
|
Extra braces
|
2017-12-21 16:57:27 +01:00 |
|
Frank Denis
|
107b42af3f
|
Remove unused LOAD128() and STORE128() macros
|
2017-12-21 16:48:15 +01:00 |
|
Frank Denis
|
1f1b0afb5c
|
Do not assume that __clang__ being defined implied __GNUC__ defined as well
|
2017-12-19 21:44:48 +01:00 |
|
Frank Denis
|
b1273b0411
|
Back to dev mode
|
2017-12-19 21:44:25 +01:00 |
|
Frank Denis
|
77e7d88d89
|
We really don't need an intermediate variable here
|
2017-12-16 13:04:59 +01:00 |
|
Frank Denis
|
675149b9b8
|
Comment
|
2017-12-13 10:24:13 +01:00 |
|
Frank Denis
|
a1d438c8ba
|
Comments
|
2017-12-13 00:03:01 +01:00 |
|
Frank Denis
|
95a7dc5e46
|
Always prefer vararrays to alloca()
|
2017-12-12 22:27:21 +01:00 |
|
Frank Denis
|
2f56443631
|
Don't redefine alloca
|
2017-12-12 22:23:37 +01:00 |
|
Frank Denis
|
ac8dffbecb
|
Return -1 if the scalar is 0 in crypto_scalarmult_ed25519()
For consistency with _base()
|
2017-12-12 14:35:08 +01:00 |
|
Frank Denis
|
ec67b0890f
|
Do not wipe the workspace after argon2 completes
The overhead can be really prohibitive on servers.
|
2017-12-11 23:38:20 +01:00 |
|
Frank Denis
|
534250a833
|
Give the compiler a change to inline index_alpha()
|
2017-12-11 23:22:34 +01:00 |
|
Frank Denis
|
5aa2b913f4
|
Immediately allocate all required memory in argon2/scrypt
|
2017-12-11 23:15:15 +01:00 |
|
Frank Denis
|
bd9e859e52
|
Coverage exclusion -- this is just an extra, redundant check
|
2017-12-11 20:08:56 +01:00 |
|