cheng/libsodium
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,951 Commits 1 Branch 0 Tags 32 MiB
e936002885
Commit Graph

1951 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Frank Denis
5e17a7adf8 Check that scalarmult() returns -1 with a point of small order 
325606250916557431795983626356110631294008115727848805560023387167927233504
is a point of order 8
 2015-11-17 11:07:37 +01:00
Frank Denis
1e33a0beab Update ChangeLog 2015-11-17 11:07:37 +01:00
Frank Denis
2bc5874874 Check that the output of X25519 is not the all-zero value 
Return -1 if this happens, and mark crypto_scalarmult() as warn_unused_result
Mark dependent functions with warn_unused_result as well
 2015-11-17 11:07:33 +01:00
Frank Denis
bdd2cdb3ac Consistency 2015-11-17 00:38:17 +01:00
Frank Denis
55f6eb83f8 Keep it simple 2015-11-16 23:47:33 +01:00
Frank Denis
9337ecfa60 Add tests for sodium_add(), more tests for sodium_increment() and is_zero() 2015-11-16 23:22:01 +01:00
Frank Denis
27466ded16 Indent 2015-11-16 23:19:24 +01:00
Frank Denis
07c42492e5 Repair sodium_is_zero() 2015-11-16 23:17:42 +01:00
Frank Denis
397d50664a Faster sodium_is_zero() and sodium_increment() helpers 
Also add sodium_add(), since people tend to reimplement this in order to
add constants to nonces.
 2015-11-16 22:14:27 +01:00
Frank Denis
b74f644d3f Replace CPU_ALIGNED_ACCESS_REQUIRED with CPU_UNALIGNED_ACCESS 
Instead of defining a macro when aligned memory access is required,
define one when unaligned memory access is supported.

Safer when cross-compiling or not using autoconf
 2015-11-16 22:01:19 +01:00
Frank Denis
7371f0dca4 Use SSSE3 instructions even on Visual Studio with a 32-bit target 2015-11-16 16:26:02 +01:00
Frank Denis
0ad21a218c Return CPU features in Visual Studio builds 
Please note that on other platforms, we keep checking if intrinsics are available.
has_*() means that not only a CPU feature is present, but also that Sodium can
use it.
 2015-11-16 16:16:54 +01:00
Frank Denis
eb8119d65c Enable 128-bit arithmetic if __int128 is available 2015-11-15 18:16:15 +01:00
Frank Denis
347464d3fd Update ChangeLog 2015-11-15 18:15:05 +01:00
Frank Denis
08a61e16d0 Update the top level VS solution 2015-11-15 18:01:17 +01:00
Frank Denis
f9169ac55b Add a compile-time size check 2015-11-14 16:56:47 +01:00
Frank Denis
707562cd4b Update ChangeLog 2015-11-14 16:46:54 +01:00
Frank Denis
cf3064b08f More explicit casts. Unaligned accesses are fine on these architectures. 2015-11-14 16:22:28 +01:00
Frank Denis
27048b06aa Clear the state after poly1305_finish() 2015-11-14 16:22:28 +01:00
Frank Denis
e4167d66fe Do not require assembly code to increment with carry 2015-11-14 16:22:24 +01:00
Frank Denis
dd238f518d Bump major 2015-11-14 15:33:15 +01:00
Frank Denis
0af177d1bf Indent 2015-11-14 15:28:29 +01:00
Frank Denis
096ea8a91d Handle partial blocks in poly1305_sse2 2015-11-14 15:23:25 +01:00
Frank Denis
2742547a27 Link poly1305_sse2 
Breakage is expected as partial blocks are not handled yet
 2015-11-14 14:34:34 +01:00
Frank Denis
a964055487 Make the poly1305_sse2 code more consistent with the other implementation 2015-11-14 13:57:25 +01:00
Frank Denis
6b7811471b Import vanilla poly1305_sse2 2015-11-14 13:55:40 +01:00
Frank Denis
121978e2c3 Different ways to avoid inlining 2015-11-14 10:27:08 +01:00
Frank Denis
bd4c5c0d17 Remove crypto_onetimeauth_poly1305_donna_implementation_name() prototype 2015-11-14 01:57:46 +01:00
Frank Denis
c179651c62 auth_poly1305_donna.c -> poly1305_donna.c for consistency 2015-11-14 01:40:09 +01:00
Frank Denis
fb28119a38 Check inline assembly code using __asm__ __volatile__ 2015-11-14 01:21:55 +01:00
Frank Denis
985d3891f9 Use poly1305_state_internal_t for the state of poly1305 internal functions 2015-11-14 01:04:28 +01:00
Frank Denis
2550fd8f1c Indent 2015-11-14 00:38:07 +01:00
Frank Denis
75cc7123da ctx -> state for consistency with the high-level functions 2015-11-14 00:30:08 +01:00
Frank Denis
580c22fd21 Get rid of poly1305_state to reduce the number of indirections 2015-11-14 00:19:18 +01:00
Frank Denis
8bced53601 Add compilation-time poly1305 structure size checks 2015-11-13 23:12:20 +01:00
Frank Denis
7561a25d5a Add a is_zero() helper 2015-11-13 01:48:34 +01:00
Frank Denis
cc29da17c3 Use minimal builds on msys2 2015-11-11 12:41:41 +01:00
Frank Denis
1f18cf383a Always include <stdint.h> and <limits.h> for SIZE_MAX 2015-11-10 19:01:39 +01:00
Frank Denis
ceb9c566fb Implement the old edwards25519sha512batch construction on top of ref10 
Only for backward compatibility; not compiled in minimal mode.
 2015-11-10 11:06:13 +01:00
Frank Denis
2ff0ec3aa1 Move the legacy edwards25519sha512batch code to the attic 2015-11-10 07:48:11 +01:00
Frank Denis
7e995780a8 Remove useless sodium_memzero() 2015-11-10 07:39:37 +01:00
Frank Denis
179587d1cc Travis: sudo is not needed 2015-11-09 01:11:34 +01:00
Frank Denis
49e160a165 In blake2b_final() the leftover shouldn't exceed two blocks 2015-11-08 23:17:57 +01:00
Frank Denis
8986a95fd8 Update the top Visual Studio solution 2015-11-07 22:25:33 +01:00
Frank Denis
25d93a501f Travis: run the compile-everything task after having run ./configure 2015-11-07 19:23:54 +01:00
Frank Denis
a46e3dc8c6 Travis: check that the project compiles by including everything 
and completely ignoring the normal autotools way.

This is completely unsupported, but some projects use it that
way no matter what.
 2015-11-07 19:17:54 +01:00
Frank Denis
8b94965b71 Check HAVE_AMD64_ASM to assemble x86_64 code (or not), not __x86_64__ 2015-11-07 19:15:04 +01:00
Frank Denis
5ea53c32ee HMAC-SHA1 -> Blake2b in randombytes_salsa20 
No functional changes but it's slightly faster and more readable.
 2015-11-07 18:45:45 +01:00
Frank Denis
77c25db23a Rename s to hsigma, use hex, clarify that this constant is not a PRNG "seed" 2015-11-07 09:35:12 +01:00
Frank Denis
c574ad86e5 Remove unused base_curve25519_donna_c64.c file from the repository 2015-11-07 00:16:32 +01:00