Commit Graph

3368 Commits

Author SHA1 Message Date
Frank Denis
ab23649de5 Shorten randombytes_implementation members. 2013-04-21 17:32:03 -07:00
Frank Denis
f3e0d9a140 Make the crypto_onetimeauth_poly1305() implementation switchable at runtime 2013-04-21 17:32:03 -07:00
Frank Denis
96db80f17f Move randombytes implementations to their own directory for consistency. 2013-04-21 17:32:03 -07:00
Frank Denis
707dcb0c44 Check if we need -lm for fe[gs]etenv() 2013-04-21 17:32:03 -07:00
Frank Denis
b64beede1d Enforce round-to-nearest. 2013-04-21 17:32:03 -07:00
Frank Denis
b282b45dc7 Use standard C99 types 2013-04-21 17:32:02 -07:00
Frank Denis
a74cfe4112 Import poly1305_53 2013-04-21 17:31:54 -07:00
Frank Denis
e53e0895e7 Remove *_implementation_ macros.
They are identical for all implementations of a given primitive and
it's bound to always be the case.
We will eventually pick suitable implementations at run-time, so
these won't make any sense.
Remove implementation names/versions macros as well.
These should be functions, not macros.
2013-04-16 10:59:40 +02:00
Frank Denis
b33dba4fd7 ge25519_base.data is not required any more 2013-04-09 18:36:31 +02:00
Frank Denis
9833dfeac8 Don't forget to include crypto_shorthash headers in sodium.h 2013-04-04 14:21:20 -07:00
Frank Denis
d50249c927 Use stdbool macros instead of _Bool
Just to cope with that Visual Studio thing that still doesn't support C99.
I hate that because some libraries can redefine "bool" in an incompatible way.
It's okay. Until we have that in an exported prototype.
2013-03-31 15:28:15 -07:00
Frank Denis
e59ed29ee8 Export the shared library version, not just the package version. 2013-03-31 15:22:43 -07:00
Frank Denis
5f3104cf5f Turn COMPILER_ASSERT() to assert() in generichash_blake2b.c
Thanks to @sneves
2013-03-31 14:56:27 -07:00
Frank Denis
077e89b6b5 Types definitions in randombytes.h require stdint.h, not inttypes.h 2013-03-31 14:51:06 -07:00
Frank Denis
fbdc55daf6 Add Kalium 2013-03-30 21:55:45 -07:00
Frank Denis
b88d92d69d Replace the ed25519 ref implementation with ref10 from supercop 2013-03-25 11:47:15 -07:00
Frank Denis
a8ba78e527 Accept a null keylen for blake2 2013-03-19 00:35:53 -07:00
Frank Denis
34f2982754 Use sodium_memzero() for secure_zero_memory() in Blake2 2013-03-19 00:16:09 -07:00
Frank Denis
aa422c7493 Import Blake2 - WIP 2013-03-19 00:13:25 -07:00
Frank Denis
8f83466c87 Don't include <string> when parsing headers as C++ code. 2013-03-18 23:29:58 -07:00
Frank Denis
9dac631c27 Don't forget the credits for siphash, oops. 2013-03-18 23:22:51 -07:00
Frank Denis
2f30b21a5c Remove api.h, we don't use it any more 2013-03-18 23:01:25 -07:00
Frank Denis
8b728c9034 Export sodium_memzero() as this will be required for Blake2, too. 2013-03-18 21:45:05 -07:00
Frank Denis
bc05a0f3d8 Remove sha512 inplace implementation 2013-03-18 21:05:24 -07:00
Frank Denis
99eb176e82 Mention libchloride 2013-03-17 23:22:40 -07:00
Frank Denis
4395817042 Check for gcc TI mode availablity 2013-03-17 18:40:14 -07:00
Frank Denis
289a75113c Remove SODIUM_PATH 2013-03-16 20:08:13 -07:00
Frank Denis
039636e34c Add a new --enable-debug autoconf switch
Remove duplicate --enable-blocking-random by the way
2013-03-16 20:06:00 -07:00
Frank Denis
f5f72f0165 Remove CurveCP 2013-03-16 19:59:25 -07:00
Frank Denis
9e7c960a02 const on return type is useless. Bump lib version by the way. 2013-03-11 22:46:17 -07:00
Frank Denis
f559391557 Remove (soon to be) obsolete -fcatch-undefined-c99-behavior 2013-03-11 22:40:58 -07:00
Frank Denis
c0475cc1e2 Remove donna_c64 implementation until we actually link it on 64-bit platforms 2013-03-11 15:15:10 -07:00
Frank Denis
12c4bee782 Remove unused implementations. 2013-03-11 15:14:52 -07:00
Frank Denis
f62f5ceb04 1L << 51 is an undefined behavior. Use 1 as a int64_t value. 2013-03-11 13:28:03 -07:00
Frank Denis
aa7291fcd2 Revert "Even smaller logo" - Go home, smusher, you're drunk
This reverts commit 372dde6113.
2013-03-09 18:48:55 -08:00
Frank Denis
372dde6113 Even smaller logo 2013-03-09 18:26:37 -08:00
Frank Denis
3038587695 Merge pull request #18 from neheb/master
Smaller logo.png
2013-03-09 18:24:07 -08:00
Mangix
d0d971ef44 Compress PNG image 2013-03-09 18:12:46 -08:00
Frank Denis
421b0cf34b Define USE_*, HAVE_* and CROSS_COMPILING macros to 1 instead of just
defining then, for consistency.
2013-03-08 09:13:48 -08:00
Frank Denis
fa79a693a3 Merge pull request #11 from cvrebert/patch-1
Fix 2 spelling errors in README
2013-03-06 20:12:09 -08:00
Chris Rebert
4ffaf4254c Fix 2 spelling errors in README 2013-03-06 19:46:09 -08:00
Frank Denis
c595edd85e Update library version number 2013-03-03 14:06:20 -08:00
Frank Denis
00b454d1f1 Revert "crypto_scalarmult_raw()"
This reverts commit 08a11d1a05.
2013-03-03 14:03:54 -08:00
Frank Denis
52b979ddc0 Mention PyNaCl 2013-03-02 21:29:28 -08:00
Frank Denis
37a1358b81 glibc needs -lrt to get clock_gettime()
Reported by csosstudy
2013-02-28 19:13:07 -08:00
Frank Denis
c6fa04725f Better antispam. Or not. 2013-02-23 15:22:53 -08:00
Frank Denis
a3bbfe18f6 Mention the mailing list 2013-02-23 15:21:45 -08:00
Frank Denis
df814f98b4 Don't forget the prototype for crypto_sign_seed_keypair()
Spotted by @dstufft
2013-02-23 02:51:19 -08:00
Frank Denis
9b14a46a0c Merge pull request #10 from tarcieri/scalarmult_raw
crypto_scalarmult_raw()
2013-02-22 11:09:41 -08:00
Tony Arcieri
08a11d1a05 crypto_scalarmult_raw()
This provides a more direct interface to the crypto_scalarmult function.
By default, this function includes some bit-twiddling, which, to the
best of my understanding, ensures the integer provided as the left
operand of the multiplication operation fits within a specific limit.
(I believe this limit is the order of NaCl's standard group element,
but am not entirely certain). This change allows a user to pass in
an integer which is not subject to this bit-twiddling and can be passed
in wholesale.

The reason NaCl provides this API is to intentionally make it
easy-to-use for the purposes of computing public keys from private keys
or for performing Diffie-Hellman. The API it provides now makes it
quite difficult to do anything wrong yet still get a correct answer.

If we split this function in half, however, we can expose some
power-user functionality. Specifically I need this to implement
semiprivate keys:

https://gist.github.com/tarcieri/4760215

I've been double checking my implementation against a similar version in
SAGE for the past week or so trying to figure out what's wrong, and
today it was pointed out to me that NaCl's scalar multiplication
function automatically performs bit-twiddling for you.

I would love to continue to experiment with semiprivate keys on top of
NaCl. I have no serious intentions of actually using them as part of a
cryptosystem until there's some sort of proof of their security, or at
the very least, some reasonably educated guesses as to its security
properties.

That said, I would love to have this API. If there's worries about
exposing power-user APIs like this, perhaps we can be a bit more
"shouty" in the API name?

crypto_scalarmult_dangerously_direct_access() ? ;)
2013-02-21 20:59:57 -08:00