cheng/libsodium
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,036 Commits 1 Branch 0 Tags 32 MiB
df1f1f6ace
Commit Graph

508 Commits

Author SHA1 Message Date
Frank Denis
e4c751b214 Merge branch 'master' of github.com:jedisct1/libsodium 
* 'master' of github.com:jedisct1/libsodium:
  Shave a few lines in the ChangeLog file
  Use unsigned constants for all sizes
  Use unsigned types for sizes in tests.
  Having dead code in the tree is sad, but keeps the diff with the reference implementation to a minimum.
 2014-07-03 00:31:40 -07:00
Frank Denis
fca020945c Align aes256 tables 2014-07-03 00:31:15 -07:00
Frank Denis
70c731c95f Merge branch 'master' of github.com:jedisct1/libsodium 
* 'master' of github.com:jedisct1/libsodium:
  Use unsigned types for sizes in tests.
  Having dead code in the tree is sad, but keeps the diff with the reference implementation to a minimum.
  THANKS += @jshahbazi for the Fortran bindings
 2014-07-01 12:37:30 -07:00
Frank Denis
e3d915143a Use unsigned constants for all sizes 2014-07-01 12:37:13 -07:00
Frank Denis
c87d9f38f8 Having dead code in the tree is sad, but keeps the diff with the 
reference implementation to a minimum.
 2014-07-01 19:27:34 +00:00
Frank Denis
d334b93d0d Mention that edwards25519sha512batch() should not be used in new projects. 2014-06-30 21:09:32 -07:00
Frank Denis
f53590f38b More warnings about aes256estream 2014-06-30 20:52:46 -07:00
Frank Denis
46181575fa Mention that SHA2 is vulnerable to length extension attacks. 2014-06-30 20:30:49 -07:00
Frank Denis
b555ed6cf0 Tag a few unused parameters 2014-06-30 20:06:30 -07:00
Frank Denis
001177251e Add a compile-time check before using crypto_verify_16() 2014-06-30 16:43:33 -07:00
Frank Denis
6ea70839df MAP_ANONYMOUS might be defined instead of MAP_ANON 2014-06-30 14:46:00 -07:00
Frank Denis
33a699cc0c Remove useless spaces 2014-06-30 14:46:00 -07:00
Frank Denis
e309c92e9b poly1305_finish(): zero the whole state using sodium_memzero() 2014-06-28 19:21:30 -07:00
Frank Denis
32947225e4 Add pwhash recommended minimum parameters (interactive & sensitive) 2014-06-28 18:46:03 -07:00
Colm MacCarthaigh
08e578c421 Don't include locked memory in coredumps 
Linux 3.4+ supports a DONTDUMP advisory, which prevents memory
from being included in coredumps.
 2014-06-28 14:04:15 -07:00
Frank Denis
768b78b711 crypto_(secret)box_easy_detached() -> crypto_(secret)box_detached() 2014-06-27 18:29:03 -07:00
Frank Denis
9d8b184c1a Add another static assertion 2014-06-27 18:29:03 -07:00
Frank Denis
c8dfd0d211 _detached versions of crypto_box 2014-06-26 15:54:03 -07:00
Frank Denis
44f7a9f3cb Allow the authentication tag to be stored separately from the message. 
Encrypting in-place and storing the tag separately is a very common need.
Instead of forcing people to do their own cuisine, let's provide simple
variants of the _easy interfaces to do that.
 2014-06-26 15:18:39 -07:00
Frank Denis
d00f0ef94a Move the chacha20poly1305 implementation to a subfolder for consistency 2014-06-26 11:42:49 -07:00
Frank Denis
d80dce9139 Handle c / ad overlap in crypto_aead_chacha20poly1305_encrypt() 2014-06-26 09:57:39 -07:00
Frank Denis
eec0f78af6 Move the tag to the end for crypto_aead_chacha20poly1305 2014-06-26 09:15:20 -07:00
Frank Denis
a7410966ea Rename secretbox_chacha20poly1305() -> aead_chacha20poly1305() 
The tag is still at the end. This will be changed right after.
 2014-06-26 08:48:13 -07:00
Frank Denis
d983bbe860 zerocopy crypto_box_easy() and crypto_box_open_easy() 2014-06-25 21:42:33 -07:00
Frank Denis
b2a8367b2b Zerocopy crypto_secretbox_open_easy() 2014-06-25 20:17:50 -07:00
Frank Denis
8e22264e85 zerocopy crypto_secretbox_easy() 2014-06-25 00:39:00 -07:00
Frank Denis
f08666b0c6 Add crypto_stream_salsa20_xor_ic() to set the initial counter value. 2014-06-24 22:16:55 -07:00
Frank Denis
957315035a Use weak symbols to prevent LTO if this is an option. 
Idea from Matthew Dempsky.
 2014-06-20 21:11:53 -07:00
Frank Denis
c7418dfd58 zero the poly1305 state in crypto_secretbox_chacha20poly1305* 2014-06-20 16:28:00 -07:00
Frank Denis
bd1490a6cd Add AEAD_CHACHA20_POLY1305 
With a twist: in order to be consistent with the crypto_stream
interface, the tag has to come before the ciphertext.
 2014-06-19 22:49:33 -07:00
Frank Denis
9cba9c39e3 + crypto_onetimeauth streaming interface 2014-06-19 20:32:37 -07:00
Frank Denis
4df5a1b404 + poly1305 streaming interface (2) 2014-06-19 20:14:56 -07:00
Frank Denis
b6fbb0ca6a + poly1305 streaming interface 2014-06-19 20:04:48 -07:00
Frank Denis
ffdbac52ce poly1305_state_internal_t alignment is fine; add intermediary void * cast. 2014-06-19 19:39:50 -07:00
Frank Denis
c914f6a1af Remove implementation-specific header crypto_onetimeauth_poly1305_donna.h 
Remove macro magic for poly1305_donna by the way
 2014-06-19 19:26:40 -07:00
Frank Denis
47f409a0c8 Expose poly1305_context as crypto_onetimeauth_poly1305_state 2014-06-19 18:55:21 -07:00
Frank Denis
3ae2cb5c26 Indent 2014-06-19 18:45:56 -07:00
Frank Denis
b0f798aa66 + crypto_stream_chacha20_xor_ic() to set the initial value of the block counter 2014-06-19 00:28:02 -07:00
Frank Denis
64154fb9f5 Use RtlGenRandom() instead of CryptGenRandom() on Windows 2014-06-15 22:39:10 -07:00
Frank Denis
bc11c90bf5 Merge branch 'master' of github.com:jedisct1/libsodium 
* 'master' of github.com:jedisct1/libsodium:
  Avoid naming a function select() in order to avoid confusion with select(2)
  Comment dead code generated by qhasm
  Remove useless access() before open()
  Add annotations for Coverity FPs
  test/default/sign.c: make the test vectors static
  Make crypto_sign() test code more explicit. crypto_sign() doesn't just need the secret key. The public key has to follow. Which is why the test vectors are laid out in this order. But this can confuse static analysis, as well as people looking at the test in order to better understand how crypto_sign() works. So, just copy the sk and the pk into a dedicated buffer, for clarity.
  Disable the pwhash_scrypt_ll test that requires 1 Gb RAM. This is way too much for many devices and for VPS users.
 2014-06-13 17:17:31 -07:00
Frank Denis
7b7e223d39 Do not allocate more memory than needed in the easy interfaces. 
And compute m_boxed_len as (ZEROBYTES || message len) to match the way the
documentation describes the output.
 2014-06-13 17:15:34 -07:00
Frank Denis
dfade241e7 Avoid naming a function select() in order to avoid confusion with select(2) 2014-06-09 19:29:08 -07:00
Frank Denis
9b3da167fd Comment dead code generated by qhasm 2014-06-09 19:27:54 -07:00
Frank Denis
3acdfa99a6 Remove useless access() before open() 2014-06-09 19:27:54 -07:00
Frank Denis
befd9c257d Add annotations for Coverity FPs 2014-06-09 19:27:54 -07:00
Frank Denis
6aacecac60 Rename curve25519/ref10 files to avoid duplicate file names. 
Sharing code between curve25519 and ed25519 would be way better, but
until then, having distinct file names is required for Cocoapods, and makes
things easier in Visual Studio.
 2014-06-06 23:36:27 -07:00
Frank Denis
fee99c1b2e Remove the ref curve25519 implementation from the tree. 2014-06-06 14:25:04 -07:00
Frank Denis
a0a3741ea3 Replace curve25519 ref implementation with latest ref10 from Supercop. 2014-06-06 08:42:19 -07:00
Frank Denis
6145edc563 Revert "Make curve25519-donna-c64 handle non-canonical points like the ref implementation." 
This reverts commit bd8cbd3175.

Conflicts:
	src/libsodium/crypto_scalarmult/curve25519/donna_c64/smult_curve25519_donna_c64.c
	test/default/scalarmult7.c
	test/default/scalarmult8.c
 2014-06-06 08:19:49 -07:00
Frank Denis
42b2d5c8e7 Indent 2014-06-03 23:51:51 -07:00