cheng/libsodium
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,961 Commits 1 Branch 0 Tags 32 MiB
a7b75a2d7d
Commit Graph

1474 Commits

Author SHA1 Message Date
Frank Denis
68d576cc95 Prevent possible optimizations in sodium_compare() 2017-04-21 00:30:19 +02:00
Frank Denis
bdd06e9074 Space 2017-04-04 18:06:38 -07:00
Chris Fogelklou
3f65a21212 Fix ref10 slide on PPC-VLE (#525) 
* Use intermediate variables in slide() which removes ambiguity for the compiler and fixes a crash in the PPC_VLE build with -O1 flag (added bonus: smaller compiled code.)

* Fix formatting in slide() loop counter to match the previously just-formatted version.
 2017-04-03 21:00:36 -07:00
Frank Denis
7fa678bdca April 1st is over 
This reverts commit 1668847409.
 2017-04-01 20:50:58 +02:00
Frank Denis
1668847409 Add support for random.org as a CSPRNG 2017-04-01 10:01:26 +02:00
Frank Denis
7a6a47a5a5 Format 2017-03-31 10:17:45 +02:00
Frank Denis
4e4756e676 Add braces for clarity 2017-03-31 10:10:27 +02:00
Frank Denis
c229663acf Argon2: add specialized macro to decode uint32_t values 2017-03-30 10:15:06 +02:00
Frank Denis
4dec1da7c5 Remove dev mode 2017-03-28 13:39:34 +02:00
Frank Denis
623cbfc168 Fix crypto_pwhash_argon2i_MEMLIMIT_MAX definition on 32-bit platforms 2017-03-27 00:52:03 +02:00
Frank Denis
2541886266 Merge branch 'master' of https://github.com/jedisct1/libsodium 
* 'master' of https://github.com/jedisct1/libsodium:
  Require @CFLAGS_SSE2@ to build libaesni
 2017-03-21 23:26:06 +01:00
Frank Denis
e6970ad4e6 Add explicit casts 2017-03-21 23:25:40 +01:00
Frank Denis
2e1106ed64 Require @CFLAGS_SSE2@ to build libaesni 
Fixes compilation on OpenBSD/i386 with the base gcc compiler.
 2017-03-20 15:46:49 +01:00
Frank Denis
4568b74cc8 Raise crypto_pwhash_argon2i_MEMLIMIT_MIN to 8192 2017-03-20 00:01:10 +01:00
Frank Denis
03787ad057 Back to dev mode 2017-03-16 18:58:06 +01:00
Frank Denis
70170c28c8 Indent 2017-03-13 09:22:21 +01:00
Frank Denis
8f353b5553 Correct indentation 2017-03-13 09:14:40 +01:00
Frank Denis
9d2e216c5b Ignore internal warnings about deprecated aes128 functions 2017-03-12 18:42:02 +01:00
Frank Denis
fd797db30a Remove crypto_[u]int*.h headers 
Not used internally by anything for a very long time.
Number of projects on GitHub using these: zero.

Standard types from stdint.h should be preferred.
 2017-03-12 18:13:31 +01:00
Frank Denis
81ed03a442 Tag crypto_stream_aes128ctr as deprecated 2017-03-12 18:08:16 +01:00
Frank Denis
bbcb8bd33b Avoid useless comparisons 2017-03-12 18:02:46 +01:00
Frank Denis
849a35bd82 + crypto_kx_*() API 
This doesn't include a full key exchange API yet.
 2017-03-12 13:15:39 +01:00
Frank Denis
88c77d6aa7 Do not use a zero nonce in randombytes_buf_deterministic() 
This can mitigate implications of reusing the same key across different
functions.
 2017-03-09 13:57:37 +01:00
Frank Denis
88f59c99c5 Avoid variable shadowing 2017-03-09 13:11:10 +01:00
Frank Denis
8679e717db + sodium_library_minimal() and SODIUM_LIBRARY_MINIMAL 2017-03-06 09:47:09 +01:00
Frank Denis
25287ce7fb Explicitly include <stdint.h> 2017-03-05 23:47:40 +01:00
Frank Denis
b3e27d14aa Move 64-bit emulation to a dedicated private header file 2017-03-05 23:44:51 +01:00
Frank Denis
0d270d8345 Include <emmintrin.h> to use SSE2 emulation 2017-03-05 23:08:34 +01:00
Frank Denis
9e87eb1365 Add emulation for SSE2 instructions requiring 64-bit registers 2017-03-05 23:06:53 +01:00
Frank Denis
cff00dbe75 Revert "Revert "Remove dev warning"" 
This reverts commit 2e0e7a150d.
 2017-03-05 21:09:59 +01:00
Frank Denis
b10be7a458 Import ed25519_ref10.h 2017-03-05 14:47:42 +01:00
Frank Denis
707f4c8e08 Add ed25519ph 2017-03-05 14:45:13 +01:00
Frank Denis
f493216abb crlf 2017-03-05 11:29:21 +01:00
Frank Denis
f1fdb2a763 Add crypto_onetimeauth_poly1305_statebytes() 2017-03-05 11:28:56 +01:00
Frank Denis
2e0e7a150d Revert "Remove dev warning" 
This reverts commit 65ddf8acfe.
 2017-03-03 15:15:48 +01:00
Frank Denis
65ddf8acfe Remove dev warning 2017-03-03 10:55:11 +01:00
Frank Denis
edb03b4ad8 Reorder includes 
This restores compatibility with CompCert
 2017-03-02 16:32:57 +01:00
Frank Denis
2fe7ccfbd6 Remove another useless test on 32-bit platforms 2017-03-02 14:52:29 +01:00
Frank Denis
0ae4fa63bf Avoid useless comparison 2017-03-02 14:38:20 +01:00
Frank Denis
faf40a1946 Define scrypt's opslimit_max as UINT32_MAX 
This is consistent with Argon2, will always be plenty enough, and
ensures that the constant is the same on 32- and 64-bit architectures.

Adjust memlimit_max accordingly
 2017-03-02 14:19:45 +01:00
Frank Denis
0ebae146ca UL -> U suffixes 2017-03-02 14:19:34 +01:00
Frank Denis
77950b544c Move core_hchacha20 out of the minimal build 2017-03-02 11:27:19 +01:00
Frank Denis
be9024c5db Merge branch 'master' of https://github.com/jedisct1/libsodium 
* 'master' of https://github.com/jedisct1/libsodium:
  Update comment on crypto_generichash_state allocation with sodium_malloc() (#501)
 2017-03-02 10:19:46 +01:00
Frank Denis
617862eb5a Make aead_xchacha20_poly1305 a first-class citizen 2017-03-02 10:19:08 +01:00
Alexander Iljin
fa0245cf1c Update comment on crypto_generichash_state allocation with sodium_malloc() (#501) 2017-03-02 00:29:50 +01:00
Frank Denis
862c747a20 Simplify 2017-03-01 14:40:58 +01:00
Frank Denis
6ac55a30be No need for memmove() when no overlap is possible 2017-03-01 14:07:12 +01:00
Frank Denis
6349e75304 Indent 2017-03-01 10:33:48 +01:00
Frank Denis
de6a932842 Include private/common.h in onetimeauth_poly1305.c 
(not available in MSVC yet)
 2017-03-01 10:33:32 +01:00
Frank Denis
89f9b7501a Include private/common.h in stream_chacha20.c 2017-03-01 10:33:06 +01:00
Frank Denis
ea7f03d9b4 Define HAVE_INTRIN_H on Windows; no need to reinclude it in runtime.c 2017-03-01 10:32:28 +01:00
Frank Denis
ed57801379 Avoid implicit types conversions and magic constants 2017-03-01 08:21:02 +01:00
Frank Denis
02565ad4c8 Mark the *_primitive() accessors as warn_unused_result 2017-03-01 08:14:03 +01:00
Frank Denis
ca188c59fd Make the SHA2 code slightly faster 
Bring the code up to date with FreeBSD and libcperciva
 2017-03-01 01:07:02 +01:00
Frank Denis
ab05ce906b Add missing preprocessor continuation, indent by the way 2017-02-28 18:27:06 +01:00
Frank Denis
e5a196a8ee Always include intrin.h if available 2017-02-28 17:58:50 +01:00
Frank Denis
9eea164007 Check for _xgetbv() presence 2017-02-28 17:51:18 +01:00
Frank Denis
bf9b322334 _mm_set_epi64x() emulation for MSVC < 2015 2017-02-28 16:27:45 +01:00
Frank Denis
72426ed9c0 Always include <intrin.h> on Visual Studio x86/x86_64 2017-02-28 15:28:59 +01:00
Frank Denis
88cc2c6ba5 scrypt_common: check for sse2 support the same way as everywhere else 2017-02-28 15:08:40 +01:00
Frank Denis
9904e95bde salsa_ref: properly initialize variables when NULL is used as constants 2017-02-27 17:06:14 +01:00
Frank Denis
8398b47573 Remove unused variable 2017-02-27 17:04:31 +01:00
Frank Denis
fa89071261 Manual unrolling 2017-02-27 17:03:03 +01:00
Frank Denis
c6460c9e9a Remove unreferenced variables 2017-02-27 16:57:37 +01:00
Frank Denis
03f27b4204 Use _xgetbv() on Visual Studio, when available 2017-02-27 16:54:20 +01:00
Frank Denis
4fea4d917b With MSVC, AVX2 cause ICEs on x86 targets 2017-02-27 16:34:41 +01:00
Frank Denis
0e4a05d558 MSVC can only assembly x86 instructions 2017-02-27 16:31:46 +01:00
Frank Denis
47bc8df460 Avoid unsupport pragmas 2017-02-27 16:07:57 +01:00
Frank Denis
cc55a084f8 MSC_VER -> _MSC_VER typo 2017-02-27 09:15:37 +01:00
Frank Denis
e05d2b3d8f C++ compat 2017-02-27 00:36:59 +01:00
Frank Denis
17b26a6e01 Missing \ 2017-02-27 00:30:30 +01:00
Frank Denis
9c699ecdd4 Don't ask too much from automake 2017-02-27 00:22:35 +01:00
Frank Denis
14bebe460b Allow compilation without a working x86_64 assembler 2017-02-27 00:19:42 +01:00
Frank Denis
e3b9907429 Use the assembly version of salsa20_xmm6 by default, if possible 
icc produces good code from the intrinsics-based translation,
clang produces okay code, but gcc doesn't perform very well ATM.

It's a bummer to have a 3rd implementation, but salsa20 is used quite
a lot in the library, so it deserves a special attention.

If the assembly code cannot be assembled, fall back to the reduced
version of the intrinsics-based translation.

So, in the final library, we always only get two implementations at most.
 2017-02-27 00:09:48 +01:00
Frank Denis
7d29c0fbd7 Remove useless prototypes 2017-02-26 23:51:58 +01:00
Frank Denis
3db624d335 Bring the asm amd64_xmm6 implementation back 2017-02-26 23:36:54 +01:00
Frank Denis
606f569c7b Replace the SSSE3 ChaCha20 impl with one derived from the AVX2 impl 2017-02-26 23:02:45 +01:00
Frank Denis
f60e4ae514 Capitalize macro params 2017-02-26 22:48:49 +01:00
Frank Denis
9d706253ff + AVX2 ChaCha20 implementation 2017-02-26 22:46:34 +01:00
Frank Denis
9dc21def26 Move declarations, for consistency 2017-02-26 22:18:09 +01:00
Frank Denis
8d256f0edd With the full counter, the limit is comfortable enough (2^70) 2017-02-26 22:04:50 +01:00
Frank Denis
d155bfd686 Remove useless brackets 2017-02-26 21:59:52 +01:00
Frank Denis
17ebc9cb07 Import SSE2 & AVX2 salsa20 implementations 2017-02-26 21:32:00 +01:00
Frank Denis
c0c645da45 Test crypto_kdf constants, add _PRIMITIVE 2017-02-26 21:30:40 +01:00
Frank Denis
8a213f021c Remove useless prototypes 2017-02-26 21:26:14 +01:00
Frank Denis
15f1904f00 Use the AVX2 salsa20 implementation if the CPU supports it 2017-02-26 21:23:39 +01:00
Frank Denis
d85454c3c7 No // comments 2017-02-26 21:23:17 +01:00
Frank Denis
5088ca52f6 Use <impl>/<primitive_name>*.[ch], not <impl>/<operation>_<primitive_name>* 2017-02-26 20:54:08 +01:00
Frank Denis
5ccf9c2f46 salsa20-xmm6int: don't hardcode the number of rounds 2017-02-26 19:04:34 +01:00
Frank Denis
78330822cb Save trees 2017-02-26 19:02:23 +01:00
Frank Denis
294007a16f Import u0.h 2017-02-26 19:00:01 +01:00
Frank Denis
e0ee69874f xmm6int: optimize the last block 2017-02-26 18:56:27 +01:00
Frank Denis
45160a0f78 Define the HAVE_* macros for SIMD instructions on Visual Studio 
This avoids a lot of redundant preprocessor checks
 2017-02-26 18:22:14 +01:00
Frank Denis
d781ec3cdf Add missing header for _crypto_stream_salsa20_pick_best_implementation 2017-02-26 17:50:11 +01:00
Frank Denis
e08843d138 Enable the xmm6int implementation on Visual Studio, too 2017-02-26 17:48:39 +01:00
Frank Denis
0a4418a25f Compile salsa20-xmm6int only if HAVE_EMMINTRIN_H is defined 
This is redundant with the next check, and needs to be adjusted for Visual Studio
 2017-02-26 17:41:03 +01:00
Frank Denis
e4a43d5cff Nits 2017-02-26 17:35:30 +01:00
Frank Denis
ed8277a2f6 Use a single way for stream_salsa20_ref conditional inclusion 2017-02-26 17:27:28 +01:00
Frank Denis
47a3461793 xor_salsa2012.c is not used any more 2017-02-26 17:21:13 +01:00
Frank Denis
3b3613d464 Add missing header files to the distfiles 2017-02-26 17:17:00 +01:00
Frank Denis
c58cbcbd90 Indent 2017-02-26 17:13:55 +01:00
Frank Denis
9294e2e699 Revamp the salsa20 implmentations and structure 
- Factorize core_salsa20{20,12,8}
- Add support for multiple salsa20 implementations
- Replace the assembly SSE2 implementation with its equivalent using intrisics
 2017-02-26 16:49:15 +01:00
Frank Denis
881f8ab599 initstate -> initial_state 2017-02-26 00:11:58 +01:00
Frank Denis
4e6091b347 Merge branch 'master' of https://github.com/jedisct1/libsodium 
* 'master' of https://github.com/jedisct1/libsodium:
  spelling fixes (touches code in tests) (#494)
  Feature/spelling (#495)
 2017-02-25 21:00:52 +01:00
Frank Denis
1295857ae5 Remove unused macros 2017-02-25 20:59:45 +01:00
ka7
21174cddc3 Feature/spelling (#495) 
* spelling fixes (comments only)

* spelling fixes (comments only)
 2017-02-25 14:21:10 +01:00
Frank Denis
81e37c6aa6 Add shorthash_siphashx24_*(): 128-bit Siphash 2017-02-24 19:06:21 +01:00
Frank Denis
710c36deb9 s/portable/nacl/g 2017-02-23 12:05:09 +01:00
Frank Denis
d26c8adf84 Get rid of core_hchacha20.h 2017-02-23 12:02:56 +01:00
Frank Denis
9cd732c88d Indent 2017-02-23 11:12:18 +01:00
Frank Denis
0ccc6d7661 Indent 2017-02-23 11:06:27 +01:00
Frank Denis
32a084222a Indent 2017-02-23 10:57:18 +01:00
Frank Denis
9626d7af59 Indent, remove duplicate includes 2017-02-23 10:51:42 +01:00
Frank Denis
61adf7f777 Leverage COMPILER_ASSERT 2017-02-23 10:49:53 +01:00
Frank Denis
02c2def25e inline 2017-02-23 10:40:42 +01:00
Frank Denis
5535ff8946 Indent 2017-02-23 10:38:37 +01:00
Frank Denis
68466a7ed7 Ident, reuse COMPILER_ASSERT 2017-02-23 10:37:57 +01:00
Frank Denis
14d54b9d22 Do not invent your own types 2017-02-23 10:34:32 +01:00
Frank Denis
a60ac31ba4 Clean up the aes128ctr code 2017-02-23 10:30:44 +01:00
Frank Denis
2be6fc4800 Indent 2017-02-23 10:14:13 +01:00
Frank Denis
2838bcd04c Indent 2017-02-23 10:12:43 +01:00
Frank Denis
a70446a127 Indent 2017-02-23 10:12:04 +01:00
Frank Denis
6980d47ec2 Indent 2017-02-23 10:09:08 +01:00
Frank Denis
2a24a27afa Indent 2017-02-23 09:57:09 +01:00
Frank Denis
a1c4cf5b3c Indent 2017-02-23 09:47:12 +01:00
Frank Denis
cad6561799 Indent 2017-02-23 09:42:15 +01:00
Frank Denis
9fbd5c0c18 Indent 2017-02-23 09:39:59 +01:00
Frank Denis
b25cffb7f1 Indent 2017-02-23 09:39:02 +01:00
Frank Denis
5a843719b1 Use inlined functions instead of macros 2017-02-23 09:35:41 +01:00
Frank Denis
fe3ed40a76 Reuse ROTR64 2017-02-23 09:27:47 +01:00
Frank Denis
a3d7bc065e Reuse macros 2017-02-23 09:24:15 +01:00
Frank Denis
c06418a382 Indent 2017-02-23 09:05:47 +01:00
Frank Denis
05349aa14d Avoid multiple definitions of ROTL/ROTR macros 2017-02-23 09:01:50 +01:00
Frank Denis
9fdca4a8c9 There's pretty much nothing left from the original code 2017-02-20 21:13:59 +01:00
Frank Denis
f5673c7cc0 Avoid negating unsigned values 2017-02-20 21:12:33 +01:00
Frank Denis
76e8776839 Merge a couple more files 2017-02-20 10:32:23 +01:00
Frank Denis
bb67b383ef Drop the _api suffixes 2017-02-20 09:50:34 +01:00
Frank Denis
7e5d64834c untab 2017-02-19 21:17:42 +01:00
Frank Denis
7f7e7235c5 Add a keygen function to all the primitives 2017-02-19 21:15:54 +01:00
Frank Denis
fe3e60392c C++ compat 2017-02-19 19:03:18 +01:00
Frank Denis
eb5ff7270e Use the IETF ChaCha20 version for randombytes_buf_deterministic() 
It doesn't make any difference except by limiting the maximum
length to 256 Gb. But the code for the IETF version has a higher
probability to already be used by something else than the original
version.
Enforcing a 256 Gb limit can also prevent surprises from happening
in other implementations.
 2017-02-19 18:55:32 +01:00
Frank Denis
4c6b0ac762 Add aliases for stream_chacha20 sizes, similar to chacha20poly1305 2017-02-19 18:54:25 +01:00
Frank Denis
cafb0a695b Add randombytes_buf_deterministic() 2017-02-19 18:40:29 +01:00
Frank Denis
70c2796ae5 + crypto_kdf high-level API 
This is a common need, and people end up reimplementing HKDF.

So, add a crypto_kdf() API similiar to libhydrogen's. The later has a
higher limit for the output length using BLAKE2X if required.

We can implement the same strategy later in libsodium if needed.
 2017-02-19 18:13:10 +01:00
Frank Denis
7555ae37f0 blake2 -> blake2b 2017-02-19 17:15:41 +01:00
Frank Denis
e0150faf56 Always zero the argon2 output buffer prior to doing anything 
This is consistent with what we are doing with scrypt.
On error/misuse, the buffer is zeroed; this may prevent bugs with
reused/invalid buffers.
 2017-02-19 12:40:28 +01:00
Frank Denis
2c6fb87708 Set crypto_pwhash_scryptsalsa208sha256_BYTES_MIN to 128 bits 2017-02-19 12:31:05 +01:00
Frank Denis
2e4e1c66a0 Complete 08c0e03f83 2017-02-19 12:23:37 +01:00
Emil Bay
08c0e03f83 WIP: crypto_pwhash constants (#464) 
* Test exposed constraint constants on crypto_pwhash

This includes the following constants for crypto_pwhash, crypto_pwhash_argon2i,
and crypto_pwhash_scryptsalsa208sha256:

- crypto_pwhash_BYTES_MIN
- crypto_pwhash_BYTES_MAX
- crypto_pwhash_PASSWD_MIN
- crypto_pwhash_PASSWD_MAX
- crypto_pwhash_OPSLIMIT_MIN
- crypto_pwhash_OPSLIMIT_MAX
- crypto_pwhash_MEMLIMIT_MIN
- crypto_pwhash_MEMLIMIT_MAX

* Expose constraint constants for crypto_pwhash

* Expose constant methods for crypto_pwhash
 2017-02-19 11:19:01 +01:00
Frank Denis
20d1d048fd Merge a couple files 
These are unlikely to have multiple implementations ever, unlike their
underlying primitives, so move them one folder up instead and take it
as an opportunity to merge small files.
 2017-02-18 21:53:32 +01:00
Frank Denis
a329340d90 Remove the NaCl-like APIs from *xchacha20 additions 
These APIs were useful with the salsa20 constructions for compatibility
with NaCl, but they are tricky to use and don't provide any benefits over
the _easy APIs.

Having them around was good for consistency with the salsa20-based ones,
but this is code that is unlikely to be used in actual projects.

So, don't include them, unless people actually ask for them.
 2017-02-18 21:22:39 +01:00
Frank Denis
4c2cf071f8 Include <intrin.h> on Visual Studio for __cpuid() 2017-02-16 09:24:33 +01:00
Frank Denis
727dae49e2 Back out locks in randombytes_salsa20 
These functions were not supposed to be thread-safe, and we can't
use crit_*() in the randombytes implementations anyway.
 2017-02-10 18:01:06 +01:00
Frank Denis
d5fc01b317 Merge branch 'master' of https://github.com/jedisct1/libsodium 
* 'master' of https://github.com/jedisct1/libsodium:
  C++ compat
 2017-02-04 11:41:49 +01:00
Frank Denis
5095fc9afa Reorder 2017-02-04 11:40:20 +01:00
Frank DENIS
e59bfee281 C++ compat 2017-01-31 17:14:12 +01:00
Frank Denis
8439df646b Favor the Windows API over pthreads on mingw 2017-01-26 20:34:46 +01:00
Frank Denis
de3c0ff85e Indent 2017-01-18 20:03:26 +01:00
Frank Denis
f053b98b64 Use getrandom() on dietlibc -- via Felix von Leitner 2017-01-18 20:00:25 +01:00
Frank Denis
3633726d56 Indent 2017-01-13 19:28:18 +01:00
Frank Denis
1686da3d3c Remove the non-IETF versions of crypto_aead_xchacha20poly1305 2017-01-13 19:24:48 +01:00
Frank Denis
4e8832ed57 Merge branch 'master' of https://github.com/jedisct1/libsodium 
* 'master' of https://github.com/jedisct1/libsodium:
  Indent
  xchacha20poly1305: optimize and be compatible with ietf chacha20poly1305 (#461)
 2016-12-27 21:03:12 +01:00
Frank DENIS
24fd77ded3 Indent 2016-12-24 02:24:24 +01:00
Jason A. Donenfeld
6abad20323 xchacha20poly1305: optimize and be compatible with ietf chacha20poly1305 (#461) 
Due to SSL, the IETF version of chacha20poly1305 is going to be the one
that's in libraries places. While the 12-byte nonce thing is a little
weird, it has other benefits, like adding padding to the auth tag, which
might help fend off certain attacks.

But more importantly, since chacha20poly1305 in the IETF construction is
lots of places, it would be useful to be able to build xchacha20poly1305
out of it. Fortunately it's very easy to make hchacha20 (either
stand-alone, or out of the normal chacha20 block function), and then
that can be composed with an existing library's chacha20poly1305. It
looks a bit like this:

    xchacha20poly1305(input, key, nonce) {
        new_key = hchacha20(key, nonce)
        return chacha20poly1305(input, new_key, nonce + 16)
    }

This is also an efficient way to do it, since it means hchacha20 must
only be computed once.

Unfortuantely, non-IETF xchacha20poly1305 means that you deprive
virtually all other libraries that only support the more common
IETF construction the ability the ability to interoperate with
libsodium, through the simple construction. Rather, it forces
everyone to reimplement the AEAD part.

So, this commit adds a xchacha20poly1305 that uses the IETF construction
with the padding.

While we're at it, we redefine xchacha20poly1305 in terms of
chacha20poly1305, which gives the same output, but computes one less
hchacha20 and is generally a lot cleaner and simpler to understand.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
 2016-12-24 02:17:33 +01:00
Frank Denis
c5735ef215 Merge branch 'master' of https://github.com/jedisct1/libsodium 
* 'master' of https://github.com/jedisct1/libsodium:
  Check if atomic operations are supported
  Remove a whitespace following trailing backslash in a Makefile
 2016-12-17 19:00:59 +01:00
Frank Denis
d54b0b8d69 Do not include xchacha20poly1305 in minimal mode 2016-12-17 18:59:17 +01:00
Frank Denis
db97a35502 Check if atomic operations are supported 2016-12-16 16:37:12 +01:00
Frank Denis
4c6f704084 Remove a whitespace following trailing backslash in a Makefile 2016-12-16 16:20:30 +01:00
Frank Denis
9d2ac5f747 Correct an assertion and prefer compile-time assertions 2016-12-11 20:28:03 +01:00
Frank Denis
9979762bbe Indent 2016-12-11 00:01:40 +01:00
Winston Durand
9cae7b6b7c fixed GCC2 bug seeing empty statement (#449) 2016-11-30 06:52:18 +01:00
Frank Denis
157c4a80c1 + crypto_aead_xchacha20poly1305 2016-11-26 21:29:26 +01:00
Frank Denis
8b7f03ddf7 Indent 2016-11-26 21:16:42 +01:00
Frank Denis
184110ccc5 + crypto_box_curve25519xchacha20poly1305_* 2016-11-26 21:06:23 +01:00
Frank Denis
54a1357ce3 Indent 2016-11-26 20:24:58 +01:00
Frank Denis
2ace041fd9 Add secretbox_xchacha20poly1305_easy 2016-11-26 19:45:24 +01:00
Frank Denis
d4f384e388 Make crypto_secretbox_xsalsa20poly1305_open() as __warn_unused_result__ 2016-11-26 19:44:51 +01:00
Frank Denis
669ed597d0 Rename box_x*poly1305.c -> secretbox_x*poly1305.c for consistency 2016-11-26 14:12:47 +01:00
Frank Denis
2848984edf + secretbox_xchacha20poly1305 2016-11-26 14:04:23 +01:00
Frank Denis
a86ac590d6 Reformat to make the style more consistent 2016-11-26 13:40:34 +01:00
Frank Denis
5eed910c11 Cast the scalar instead of the coefficient 2016-10-30 01:13:22 +02:00
Frank Denis
71f0693ee7 Argon2i: fix encoding issues 
For compatibility with hashes might have been encoded using other libraries.
 2016-10-26 22:50:38 +02:00
Frank Denis
aff4aaeabf Change the garbage value to 0xdb 
If that garbage value becomes the LSB of a pointer, the pointer is more
likely to be unaligned, an trigger more bugs.
 2016-10-15 18:54:56 +02:00
Frank Denis
49741c59e8 Allows RANDOMBYTES_DEFAULT_IMPLEMENTATION to be overriden 2016-10-13 22:57:01 +02:00
Frank Denis
583c16707c + crypto_stream_xchacha20 2016-09-30 22:57:56 +02:00
Frank Denis
42dc78b38b Indent 2016-09-30 08:40:15 +02:00
Frank Denis
b20d227f37 Avoid collision with a possibly existing int128 type definition 2016-09-30 08:36:50 +02:00
Frank Denis
53ee1fe758 Remove commented out code and avoid inconsistent indentation 2016-09-30 08:30:22 +02:00
Frank Denis
f257413772 uint32 -> uint32_t 2016-09-30 08:26:24 +02:00
Robert Spychala
94ea419247 add preprocessor flag to skip blocking /dev/random during libsodium init (#429) 2016-09-20 21:13:07 +02:00
Frank Denis
26e8b0253f Argon2: check that m_cost/t_cost/lanes decode to uint32 2016-09-18 09:33:35 +02:00
Frank Denis
6035c0779b Back to dev mode 2016-08-04 02:28:21 +02:00
Frank Denis
2f4f718cd9 Remove dev flag 2016-07-31 16:34:11 +02:00
Frank Denis
19a9d18b9c _MSC_VER > 1600 -> _MSC_VER >= 1700 for consistency 2016-07-24 19:58:00 +02:00
Jan-E
6b739fc821 Fix VS2010 (and VC9) x64 build 2016-07-24 02:13:22 +02:00
Frank Denis
89918e94f1 crit_{enter,leave} can fail 2016-07-06 12:03:08 +02:00
Frank Denis
29492143ab Warn if the library is being compiled in a custom way 2016-07-02 10:07:38 +02:00
Frank Denis
2cc0bab0e3 Update comment 2016-06-29 15:31:23 +02:00
Frank Denis
648f46d22a Expose sodium_crit_enter() and sodium_crit_leave() internally 2016-06-29 15:28:15 +02:00
Frank Denis
5a3ff833fd Slightly change how the length of argon2 strings is checked 2016-06-19 23:26:08 +02:00