cheng/libsodium
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,100 Commits 1 Branch 0 Tags 32 MiB
a4327a90f4
Commit Graph

1013 Commits

Author SHA1 Message Date
Frank Denis
a4327a90f4 Spacing 2016-03-17 09:22:09 +01:00
Frank Denis
e8dfc764d3 Add a detached API for aes256gcm 2016-03-15 11:02:25 +01:00
Frank Denis
d8845c04dd Update blake2b licensing 2016-03-13 09:12:34 +01:00
Frank Denis
630ac0913b We only support data independent addressing for Argon2 
Let the compiler automatically remove unused code
 2016-03-11 16:41:06 +01:00
Frank Denis
5a00dff84d p -> R for clarity 2016-03-11 13:45:39 +01:00
Frank Denis
676950d206 Remove superflous constant type qualifiers 2016-03-10 16:43:42 +01:00
Frank Denis
ab2f22137e ed25519_verify: check for small-order R 2016-03-10 16:39:54 +01:00
Frank Denis
7597b7cc13 Check what the implications of versioned Argon2 strings will be 2016-03-10 12:26:17 +01:00
Frank Denis
805fd3589d The version number in Argon2 strings will require 5 extra bytes 
Round `crypto_pwhash_argon2i_STRBYTES` up to 128
 2016-03-10 12:22:13 +01:00
Frank Denis
7c5d30a6a3 Consistent indentation 2016-03-09 15:37:47 +01:00
Frank Denis
62911edb7f Ed25519: verify 0<=s<2^252+27742317777372353535851937790883648493 
This reintroduces removed code to match the irtf-cfrg-eddsa draft

ED25519_COMPAT can be defined to keep the old behavior
 2016-03-08 20:35:21 +01:00
Frank Denis
7d4cfbf7af pwhash_argon2i_str(): zero the output buffer even on error path 2016-03-08 13:55:04 +01:00
Frank Denis
3853d5a824 Require a least 128 bits for an Argon2i digest 2016-03-08 13:51:23 +01:00
Frank Denis
7e4f83a54d Revisit Argon2i predefined parameters 2016-03-08 11:55:03 +01:00
Frank Denis
0158b2b1fd Argon2: use negative error codes 2016-03-08 09:32:37 +01:00
Frank Denis
f4397f12d0 Remove unneeded prototypes 2016-03-06 13:55:04 +01:00
Frank Denis
ddc1bbad73 Remove unused variables 2016-03-06 13:51:42 +01:00
Frank Denis
2fb69179cd scrypt: zeroize the temporary output buffer 2016-03-06 00:08:35 +01:00
Frank Denis
edcd258417 inttypes.h -> stdint.h 2016-03-05 18:23:53 +01:00
Frank Denis
8b139cdc31 Compile optimized Argon2i impl on 32-bit MSVC 2016-03-05 18:21:59 +01:00
Frank Denis
db139ced5f MSVC analyzer FP 2016-03-05 17:56:40 +01:00
Frank Denis
b55febaafa Bump ARGON2_MIN_TIME to 3, adjust tests accordingly 2016-03-01 14:08:31 +01:00
Frank Denis
0868222732 Let core_salsa20* accept a default constant 2016-02-29 12:04:34 +01:00
Frank Denis
9fbb822281 Use stdint types a bit more 2016-02-27 16:33:22 +01:00
Frank Denis
4e9b0b67ce Let crypto_core_hsalsa20() accept NULL for the default constants 2016-02-27 16:19:38 +01:00
Frank Denis
bb596e8eb7 Trim/untab/indent 2016-02-27 13:26:42 +01:00
Frank Denis
6dc466ee8b Use a single way to do unaligned memory access/endianness conversion 2016-02-27 12:46:07 +01:00
Frank Denis
d9493834b2 Hide store32()/load32() in the header 2016-02-26 13:22:33 +01:00
Frank Denis
49c57dfe0a Faster HChaCha20 2016-02-26 13:15:36 +01:00
Frank Denis
1e2a9eb062 Faster with clang 2016-02-26 12:59:14 +01:00
Frank Denis
4d5c3976db Add HChaCha20 2016-02-26 12:50:17 +01:00
Frank Denis
ecdcfba07e Argon2: issue different error codes for VERIFY_MISMATCH and DECODING_FAIL 
Only used internally, not exposed in the Sodium API
 2016-02-23 15:24:37 +01:00
Frank Denis
80d24c00cc Use calloc() instead of malloc()+memset() 2016-02-19 07:40:09 +01:00
Frank Denis
4b6a909d8a Argon2: fill_block() now XORs blocks instead of overwriting them 2016-02-17 16:26:37 +01:00
Frank Denis
e153debd0d Remove ...edwards25519sha512batch_*() wrappers for the constants 
The ...edwards25519sha512batch_*() functions are only here for ABI
compatibility with NaCl, where constants were only defined as macros.

Plus, these functions were only present as prototypes since 1.0.6;
the actual symbols were no defined any more.
 2016-02-13 08:15:00 +01:00
Frank Denis
54915743f4 Define ZEROBYTES as BOXZEROBYTES + MACBYTES 
ZEROBYTES and BOXZEROBYTES are rarely used compared to MACBYTES,
so it makes more sense to define MACBYTES and define the compat macros
based on it that the other way round.
 2016-02-11 15:19:58 +01:00
Frank Denis
36e60b2d28 Wipe secret keys before public keys and nonces 2016-02-03 01:19:24 +01:00
Frank Denis
1b63773986 Comments cleanup 2016-02-01 16:08:29 +01:00
Frank Denis
7035bbb8b8 Indent 2016-01-28 14:44:41 +01:00
Frank Denis
aa2ae5642b aes256gcm_encrypt_afternm() - abort() if mlen > 2^39-256 bits 2016-01-27 14:42:32 +01:00
Frank Denis
113091b2a0 On non-ELF platforms, mark pointers as volatile, not just what they point to. 
See http://sk.tl/Wj3pmI vs http://sk.tl/VNsyd9
 2016-01-27 08:24:19 +01:00
Frank Denis
bd15b68569 Argon2: explicitly initialize ctx.secret to NULL 2016-01-26 11:14:40 +01:00
Frank Denis
367afac0bf Sync argon2 implementation with upstream 2016-01-24 20:35:00 +01:00
Frank Denis
31a153c937 argon2_core() -> argon2_ctx() 2016-01-23 22:52:11 +01:00
Frank Denis
8bd6c9e289 Caps 2016-01-22 16:16:15 +01:00
Frank Denis
dc4a9791a7 Add comments to argon2-encoding.c 
Upstream `decode_string()` can return `ARGON2_INCORRECT_TYPE`.
This change is not merged. Either have a function return an ARGON2 constant,
have it return 0/1, or have it return 0/-1, but mixing different systems
is confusing. (encode|decode)_string() should probably all return an ARGON2
code.
 2016-01-22 16:12:24 +01:00
Frank Denis
921507cc59 Add extra sodium_memzero() in Argon2 2016-01-22 16:03:09 +01:00
Frank Denis
a814810a43 Relax max sizes in argon2 decoding 2016-01-22 15:59:54 +01:00
Frank Denis
17248540e3 Add aes256gcm stubs for platforms where it is not available 2016-01-22 10:21:24 +01:00
Frank Denis
d1b028abe3 Initialize ctx->pwdlen in argon2 string decoder 2016-01-21 08:42:23 +01:00