Commit Graph

1636 Commits

Author SHA1 Message Date
Frank Denis
e2124999cc doesn't -> does not 2015-10-19 00:24:39 +02:00
Frank Denis
af9c77b171 Remove "not released yet" 2015-10-18 15:00:08 +02:00
Frank Denis
c5d675ebba MSVC solutions: exclude test files from build 2015-10-18 14:50:58 +02:00
Frank Denis
8b4be96453 Make it explicit that aes256gcm_statebytes() returns a rounded value
No actual changes to the returned value
2015-10-18 10:33:32 +02:00
Frank Denis
143e1c1a14 Do not compile unused sections 2015-10-18 01:33:35 +02:00
Frank Denis
1cfa5ec6c1 Add Blake2b test vectors from the reference code 2015-10-18 00:55:10 +02:00
Frank Denis
f01c303631 Blake2b: refuse a NULL key with a length > 0 2015-10-18 00:27:03 +02:00
Frank Denis
eeb31af578 Let crypto_generichash_statebytes() return a size rounded to the alignment
Add similar check in the aead_aes256gcm test.
2015-10-18 00:16:05 +02:00
Frank Denis
1c98a61a2e Update ChangeLog 2015-10-17 21:34:45 +02:00
Frank Denis
a2c8ff5ccb Visual Studio doesn't have %zu 2015-10-17 21:32:25 +02:00
Frank Denis
d667efde68 Add sodium_compare()
A constant-time version of memcmp(), useful to compare nonces and counters
in little-endian format, that plays well with sodium_increment().

Unlike sodium_memcmp() which can compare anything for equality,
sodium_compare() is designed to compare things that are comparable, byte by
byte. Therefore, the prototype is slightly different: its arguments are
supposed to be `const unsigned char *`.

The names sodium_memcmp() and sodium_compare() are slightly confusing.
But we're not going to rename sodium_memcmp(), and I cannot think of a
better name for sodium_compare() than sodium_compare().
2015-10-17 21:25:30 +02:00
Frank Denis
2aef671fd9 Indent 2015-10-17 21:10:52 +02:00
Frank Denis
1647b30f1a Constify 2015-10-16 22:43:28 +02:00
Frank Denis
beb826f6fd S_IFNAM -> S_ISNAM (for QNX) 2015-10-14 20:19:57 +02:00
Frank Denis
676d8a1a9b Merge branch 'master' of https://github.com/jedisct1/libsodium
* 'master' of https://github.com/jedisct1/libsodium:
  Update MSVC2015 solution
2015-10-14 16:55:15 +02:00
Frank Denis
046c1f03fe Correct path in the main VS2010 solution 2015-10-14 16:54:51 +02:00
Frank Denis
606ead7e16 Update MSVC2015 solution 2015-10-14 07:47:45 -07:00
Frank Denis
684a7e3788 Avoid variable shadowing 2015-10-14 16:42:57 +02:00
Frank Denis
3f8d23f226 Rename acc to accv for consistency 2015-10-14 16:29:38 +02:00
Frank Denis
e868211d72 Reuse previous declaration 2015-10-14 16:22:03 +02:00
Frank Denis
9aec6662b2 Name round counters "roundctr", not a generic "i" 2015-10-14 16:12:13 +02:00
Frank Denis
bfed7b91b6 Explicit cast 2015-10-14 15:54:27 +02:00
Frank Denis
ec7b8e5605 Version bump [but still not released] 2015-10-14 14:43:22 +02:00
Frank Denis
14cc1e4836 Avoid variable shadowing 2015-10-14 11:29:39 +02:00
Frank Denis
2ee2e86f80 Explicit cast 2015-10-14 11:29:38 +02:00
Frank Denis
fa71e064ef Update the MSVC2013 solution 2015-10-14 11:29:38 +02:00
Frank Denis
6e243160e8 Don't build for WP8 2015-10-13 15:12:48 +02:00
Frank Denis
a4a9f24f28 Update MSVS2012 solution 2015-10-13 05:57:15 -07:00
Frank Denis
da35396e90 Don't mix code and declarations 2015-10-13 14:32:37 +02:00
Frank Denis
ea5c989096 Update MSVC2010 solution 2015-10-13 05:07:09 -07:00
Frank Denis
8d35435a6d Add aes256gcm to the main Visual Studio solution 2015-10-13 13:57:37 +02:00
Frank Denis
5d2692c499 Update ChangeLog 2015-10-12 15:12:31 +02:00
Frank Denis
794b0e9bfe Update ChangeLog 2015-10-12 14:51:37 +02:00
Frank Denis
cc56966d7e 1.0.4 may still not work out of the box on Windows Phone
due to no CSPRNG being available to C applications.
2015-10-12 14:45:49 +02:00
Frank Denis
f169623d4e C++ compat 2015-10-12 14:44:00 +02:00
Frank Denis
84625742c6 More test vectors 2015-10-12 13:58:10 +02:00
Frank Denis
40ba7ea531 More test vectors
from http://www.ieee802.org/1/files/public/docs2011/bn-randall-test-vectors-0511-v1.pdf
2015-10-12 10:03:09 +02:00
Frank Denis
98550acafb Add tests for the aes256gcm functions returning sizes
Which spotted a typo by the way.
2015-10-11 19:19:31 +02:00
Frank Denis
7082a3c8d1 Ignore the aes256gcm test if aes256gcm hasn't been compiled in 2015-10-11 19:14:29 +02:00
Frank Denis
20e384988c Test for presence of new sodium_runtime_has_*() functions 2015-10-11 18:51:30 +02:00
Frank Denis
c8be336506 C++ compat 2015-10-11 14:35:32 +02:00
Frank Denis
aa965a580b Expose only crypto_aead_aes256gcm_*() not crypto_aead_aes256gcm_aesni_*()
libsodium typically doesn't expose specific implementations.
It shouldn't be the case for that construction either, especially since
an ARM8 implementation might be added later.
We want a single interface for both.
2015-10-11 14:29:25 +02:00
Frank Denis
dadc5d9906 Add crypto_aead_aes256gcm_aesni_is_available() 2015-10-11 13:05:32 +02:00
Frank Denis
76846bd3ee Indent 2015-10-11 12:59:34 +02:00
Frank Denis
93295855cf Add aes256gcm test vectors 2015-10-11 12:56:20 +02:00
Frank Denis
16beebb2ec Don't use implementation-specific functions to expose sizes 2015-10-11 11:58:34 +02:00
Frank Denis
1dddd63a19 Merge branch 'aes256gcm'
* aes256gcm: (25 commits)
  aes256gcm: we can expect the accumulator and the padding buffer to be aligned
  aesgcm: don't expect input & output buffers to be aligned
  aes256gcm doesn't use SSE4.1 instructions any more
  Don't read past the AD buffer, even through an SIMD register
  Convert more functions to macros
  Add do { ... } while(0) when relevant
  Turn reduce4 into a macro That's too much registers for a function call in 32-bit mode. And in MSVC, this is even the case if the function is marked inline.
  Enable aes256gcm on Visual Studio
  Don't declare new variables after a line of code
  Declare __m128 arrays used as parameters as pointers Required for MSVC
  Proper casts for aeskeygenassist()
  Let's hope that requiring ssse3 is not required any more
  Try to enable specific cflags before testing each intructions set
  ssse3 target is required in addition to sse4.1
  Use SIMD-specific compiler flags only for files needing them
  Define __SSSE3__ if required
  Do not try to compile aesni code if this is not going to compile
  Check for AESNI & PCLMUL presence/usability
  Replace the aes256gcm implementation with Romain Dolbeau's implementation which is slightly faster than mine. Reimplement features from the previous implementation: add batch mode and use two passes in the decryption function in order to check the tag before decrypting.
  Explicit cast
  ...
2015-10-11 02:45:36 +02:00
Frank Denis
82e9c729f1 aes256gcm: we can expect the accumulator and the padding buffer to be aligned 2015-10-11 02:39:28 +02:00
Frank Denis
66d55c1939 aesgcm: don't expect input & output buffers to be aligned 2015-10-11 02:39:28 +02:00
Frank Denis
b618248c11 Merge pull request #304 from Sc00bz/patch-1
Zero the padding after having computed a hmac
2015-10-11 02:37:05 +02:00