cheng/libsodium
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,403 Commits 1 Branch 0 Tags 32 MiB
b209a7c0af
Commit Graph

2403 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Frank Denis
b209a7c0af Add a test for HChaCha20 2017-02-12 22:28:35 +01:00
Frank Denis
727dae49e2 Back out locks in randombytes_salsa20 
These functions were not supposed to be thread-safe, and we can't
use crit_*() in the randombytes implementations anyway.
 2017-02-10 18:01:06 +01:00
Frank Denis
d5fc01b317 Merge branch 'master' of https://github.com/jedisct1/libsodium 
* 'master' of https://github.com/jedisct1/libsodium:
  C++ compat
 2017-02-04 11:41:49 +01:00
Frank Denis
5095fc9afa Reorder 2017-02-04 11:40:20 +01:00
Frank DENIS
e59bfee281 C++ compat 2017-01-31 17:14:12 +01:00
Frank Denis
8439df646b Favor the Windows API over pthreads on mingw 2017-01-26 20:34:46 +01:00
Frank Denis
865a4a48ca Merge branch 'master' of https://github.com/jedisct1/libsodium 
* 'master' of https://github.com/jedisct1/libsodium:
  Compile with -Wno-type-limits
 2017-01-21 01:42:50 +01:00
Frank Denis
8b961fb1bd Trim TOTAL_MEMORY_SUMO to a 64k multiple 2017-01-21 01:42:28 +01:00
Frank Denis
3965574d3b Merge branch 'master' of https://github.com/jedisct1/libsodium 2017-01-19 21:27:28 +01:00
Frank Denis
9f489f0794 Compile with -Wno-type-limits 2017-01-19 21:26:46 +01:00
Frank Denis
de3c0ff85e Indent 2017-01-18 20:03:26 +01:00
Frank Denis
f053b98b64 Use getrandom() on dietlibc -- via Felix von Leitner 2017-01-18 20:00:25 +01:00
Henrik Gaßmann
a81cea2366 FindSodium.cmake MAKE VS FOLDER SELECTION GENERIC (#471) 2017-01-15 14:12:57 +01:00
Frank Denis
3633726d56 Indent 2017-01-13 19:28:18 +01:00
Frank Denis
1686da3d3c Remove the non-IETF versions of crypto_aead_xchacha20poly1305 2017-01-13 19:24:48 +01:00
Frank Denis
43821d7756 Update the Makefile after the FindSodium.cmake renaming 2017-01-11 09:41:11 -08:00
Henrik Gaßmann
9eeaffe934 RENAME FindSodium.cmake TO Findsodium.cmake (#473) 
Fixes jedisct1/libsodium#466
 2017-01-11 09:40:51 -08:00
Frank Denis
dad03904c8 2017 2017-01-01 00:17:27 +01:00
Frank Denis
f03f28a18a Try running autoreconf --version 
This checks that autoreconf is actually the one we expect and not
some unrelated script.
 2016-12-31 23:04:05 +01:00
Frank Denis
0b10be1092 Update some m4 scripts 2016-12-29 08:16:17 +01:00
Frank Denis
f31a4b759d Tweak AX_CHECK_COMPILE_FLAG to also try to link the test program 2016-12-29 07:51:50 +01:00
Frank Denis
4e8832ed57 Merge branch 'master' of https://github.com/jedisct1/libsodium 
* 'master' of https://github.com/jedisct1/libsodium:
  Indent
  xchacha20poly1305: optimize and be compatible with ietf chacha20poly1305 (#461)
 2016-12-27 21:03:12 +01:00
Frank DENIS
24fd77ded3 Indent 2016-12-24 02:24:24 +01:00
Jason A. Donenfeld
6abad20323 xchacha20poly1305: optimize and be compatible with ietf chacha20poly1305 (#461) 
Due to SSL, the IETF version of chacha20poly1305 is going to be the one
that's in libraries places. While the 12-byte nonce thing is a little
weird, it has other benefits, like adding padding to the auth tag, which
might help fend off certain attacks.

But more importantly, since chacha20poly1305 in the IETF construction is
lots of places, it would be useful to be able to build xchacha20poly1305
out of it. Fortunately it's very easy to make hchacha20 (either
stand-alone, or out of the normal chacha20 block function), and then
that can be composed with an existing library's chacha20poly1305. It
looks a bit like this:

    xchacha20poly1305(input, key, nonce) {
        new_key = hchacha20(key, nonce)
        return chacha20poly1305(input, new_key, nonce + 16)
    }

This is also an efficient way to do it, since it means hchacha20 must
only be computed once.

Unfortuantely, non-IETF xchacha20poly1305 means that you deprive
virtually all other libraries that only support the more common
IETF construction the ability the ability to interoperate with
libsodium, through the simple construction. Rather, it forces
everyone to reimplement the AEAD part.

So, this commit adds a xchacha20poly1305 that uses the IETF construction
with the padding.

While we're at it, we redefine xchacha20poly1305 in terms of
chacha20poly1305, which gives the same output, but computes one less
hchacha20 and is generally a lot cleaner and simpler to understand.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
 2016-12-24 02:17:33 +01:00
Frank Denis
c5735ef215 Merge branch 'master' of https://github.com/jedisct1/libsodium 
* 'master' of https://github.com/jedisct1/libsodium:
  Check if atomic operations are supported
  Remove a whitespace following trailing backslash in a Makefile
 2016-12-17 19:00:59 +01:00
Frank Denis
d54b0b8d69 Do not include xchacha20poly1305 in minimal mode 2016-12-17 18:59:17 +01:00
Frank Denis
5aaff1ce2a Remove unexpected tabs 2016-12-17 18:52:52 +01:00
Frank Denis
db97a35502 Check if atomic operations are supported 2016-12-16 16:37:12 +01:00
Frank Denis
4c6f704084 Remove a whitespace following trailing backslash in a Makefile 2016-12-16 16:20:30 +01:00
Frank Denis
9d2ac5f747 Correct an assertion and prefer compile-time assertions 2016-12-11 20:28:03 +01:00
Frank Denis
9979762bbe Indent 2016-12-11 00:01:40 +01:00
Winston Durand
9cae7b6b7c fixed GCC2 bug seeing empty statement (#449) 2016-11-30 06:52:18 +01:00
Frank Denis
157c4a80c1 + crypto_aead_xchacha20poly1305 2016-11-26 21:29:26 +01:00
Frank Denis
8b7f03ddf7 Indent 2016-11-26 21:16:42 +01:00
Frank Denis
184110ccc5 + crypto_box_curve25519xchacha20poly1305_* 2016-11-26 21:06:23 +01:00
Frank Denis
54a1357ce3 Indent 2016-11-26 20:24:58 +01:00
Frank Denis
2ace041fd9 Add secretbox_xchacha20poly1305_easy 2016-11-26 19:45:24 +01:00
Frank Denis
d4f384e388 Make crypto_secretbox_xsalsa20poly1305_open() as __warn_unused_result__ 2016-11-26 19:44:51 +01:00
Frank Denis
669ed597d0 Rename box_x*poly1305.c -> secretbox_x*poly1305.c for consistency 2016-11-26 14:12:47 +01:00
Frank Denis
2848984edf + secretbox_xchacha20poly1305 2016-11-26 14:04:23 +01:00
Frank Denis
a86ac590d6 Reformat to make the style more consistent 2016-11-26 13:40:34 +01:00
Frank Denis
11eef91e49 Update Coverity Scan token 2016-11-09 17:58:45 +01:00
Frank Denis
7afd929e70 js: measuring make check time is not useful, especially not in a web browser 2016-10-30 01:25:32 +02:00
Frank Denis
5eed910c11 Cast the scalar instead of the coefficient 2016-10-30 01:13:22 +02:00
Frank Denis
71f0693ee7 Argon2i: fix encoding issues 
For compatibility with hashes might have been encoded using other libraries.
 2016-10-26 22:50:38 +02:00
Frank Denis
aff4aaeabf Change the garbage value to 0xdb 
If that garbage value becomes the LSB of a pointer, the pointer is more
likely to be unaligned, an trigger more bugs.
 2016-10-15 18:54:56 +02:00
Frank Denis
49741c59e8 Allows RANDOMBYTES_DEFAULT_IMPLEMENTATION to be overriden 2016-10-13 22:57:01 +02:00
Frank Denis
1ede5cc0bc $MAKE_TOOLCHAIN --force 2016-10-10 14:43:57 +02:00
Frank Denis
e4b716cd20 SUBDIRS << "contrib" 2016-10-05 15:46:02 +02:00
Frank Denis
3203811ee2 Trim spaces 2016-10-05 15:42:02 +02:00