ExternalVendorCode/serval-dna
1
0
Fork 0
mirror of https://github.com/servalproject/serval-dna.git synced 2024-12-19 21:27:57 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Squashed 'libsodium/' changes from 7d5d9204e..18609cffa

Browse Source 
4c37368f9 Nits
94550cefd Remove dev #warning
3e0b4dec6 Add sodium_base64_encoded_len()
4ce2856a5 Avoid negations on unsigned values
7e06a6a99 Annotate
18f0fff89 More tests: verify that they key gets updated after the counter wraps
e061abc2b The documentation is not a work in progress any more
91233a014 Tag salsa208 as deprecated
ee1d5c96d Move the codecs tests to their own test file
558355e56 Check if SIGABRT can be trapped multiple times in a row
8ee67b1dd More tests
1f72dec89 More tests
3db75fc64 No need for ge_scalarmult_vartime() in minimal mode
41dc93322 More tests
aec433cec Additional check
87af832ae Do not trigger Travis+Coverity in the master branch
7423408cd Make the behavior of hex2bin() consistent with base642bin()
00660d79b secretstream test: don't pull twice if we don't test with AD
3c8a7f17f Add tests for short, invalid unpadded base64 strings
c7fe84cfb Skip trailing ignored characters in base64 decoding
70e5ff5e1 Add a helper macro to compute the length of a base64 string
9209e89d9 More tests
31e9a5541 More tests
61214ba6b Remove redundant test
525c21ed1 Tests
77f3b7135 Indent
1875980d3 More tests
5b9680ead More tests
4828c5923 ~ 80 columns please
66c621f41 Faster; doesn't require to wipe the output stream
5da8f4fbc Add a global xor_buf() private helper function
7d756fab9 xor the key and the nonce on rekey for better separation
bb1b27fa3 Improve readability
10bb28b27 One more COMPILER_ASSERT()
2ce41de29 Define macros instead of repeated offsets
e878bc141 More keygen tests
f244f658d int -> size_t
9c53da4a6 metamorphic tests for HMAC
bd69a3083 metamorphic tests for onetimeauth
a7b75a2d7 + simple metamorphic tests for crypto_generichash()
a029b352a Don't generate SSE2 code if that instruction set hasn't been enabled
09fd953fc Revert "__SSE2__ may need to be explicitly enabled"
35d8aa5d3 __SSE2__ may need to be explicitly enabled
a161dd9fa On 32-bit systems, the limit is SIZE_MAX
251751e69 Update ChangeLog
d8a8201bb Avoid "in" and "out". Use "c" to represent the ciphertext.
1181a47cb Proper xchacha20poly1305_MESSAGEBYTES_MAX definition
bfab44aa4 initbytes -> headerbytes for clarity
e8f1c0be6 secretstream: use "header" instead of "in" and "out" for clarity
9e0ff55eb Add the ability to use only strong symbols, even on ELF targets
b0420b32d Define SODIUM_EXPORT_WEAK instead of adding __attribute__((weak)) tags
ae515a16a Bring back -fno-asynchronous-unwind-tables on MingW
3df3fabb8 No default clause needed
1f8056ab1 Use #error in autoconf tests
147d8b620 Disable AVX512 on MingW even harder
ffce4334e Disable AVX512 on MingW for now
07de00bc9 Revert -fno-asynchronous-unwind-tables addition
9aa116531 up
eb8c283dd Add -fno-asynchronous-unwind-tables to optimized builds
186b398a2 -fno-asynchronous-unwind-tables is now required on MingW
7de597f05 Update m4 deps ; remove pkg.m4
383705ffc The AVX512 optimized BLAKE2B implementation hasn't been imported yet
f86f021ac Travis CI : Move the tcc check to the install step
19496bcc0 Don't try to access /usr/local on Travis CI
ca43a1268 Old tcc versions miscompile `while (++in[x])`
10edd16b4 Modernize the core3 test
dcde773e5 Travis CI: don't run multiple jobs in parallel due to memory requirements
150c6930e Travis CI: avoid duplicate addons section
cdfb0aaa3 tcc + travis...
9f4011197 tcc doesn't seem to work on Travis CI
7e8cdd827 Travis: start with a quick compilation using tcc
c6aa04108 Move #ifdef up
b31a3f247 Disable AVX512 optimizations on clang < 4
4aba976d5 Explicit casts
15ee95c64 Remove unused var
dcd60ba66 Force inline
5cc334b33 Add AVX512F optimized Argon2 implementation
70f66c9a6 Check for avx/avx2/avx512f linkage
6866b3d55 Use macros instead of magic numbers
1c0677b09 Check for AVX512F support
80095105b Missing pieces of a version bump
390f865e3 Add tests for scrypt rehash
2a2b85eee Add tests for crypto_pwhash_str_needs_rehash()
979b21d67 Remove extra semicolumns
62c41c703 Avoid untagged unions
5cf1de94a Remove trailing coma
3aa1c71de Don't return void
d0a418a86 + _crypto_pwhash_scryptsalsa208sha256_str_needs_rehash()
6dcba550c Confirm that emcc is actually being used if EMSCRIPTEN is defined
0ae678b0f Avoid multiple declarations in an EN_ASM({}) block
b26de68a6 Use single quotes inside EM_ASM
1aae564da Avoid duplicate initializations; reorder for consistency w/ decl
81cf1ff6d Use unsigned for loop counters
e2efa6d7e Remove unused variable
e06c70afe Use the dedicated type for the argon2 type id
378304f81 Export crypto_pwhash_str_needs_rehash() to Javascript/WebAssembly
e8828eef7 Don't bother verifying hashes whose length is >= crypto_pwhash_STRBYTES
7cc482523 Add crypto_pwhash_str_needs_rehash()
c65189a0c Explicit casts
7b687bb45 + Jonathan Stowe for Natrium (Perl 6 bindings)
c72ef48f0 Static-ify what we currently don't need in crypto_core/curve25519_ref10
5c8b8ea01 Simplify
0af31aeb2 Fill the max output buffer size in sodium_bin2base64()
6b43c1ddb Javascript: don't define crypto_pwhash constants in non-sumo builds
e236df63e Trim empty lines
75cfcf208 Merge branch 'master' of github.com:jedisct1/libsodium
e40e0f6dd Adjust secretstream_..._rekey() after e84336ac
514150d8b Merge branch 'master' of github.com:jedisct1/libsodium
394e21884 Do not clear the padding (for alignment) section of a blake2b state
a0fea6965 Remove RUNNING_JS_OPTS for WebAssembly
d863c9665 chmod +x *.sh
957c251f8 chmod +x *.sh
ce2ecc596 One more compiler assertion
e84336ac4 secretstream: assume the internal nonce is little endian
fd4478288 Test sodium_pad() with a NULL pointer
f61a121b8 Regen emscripten symbols
f8e535a44 messagesbytes -> messagebytes
cd721cfc1 Have generate-emscripten-symbols.sh automatically update the js/wasm build script
aa20d2e86 Add secretstream constants
49f1d87cf salsa208: messagebyte -> messagebytes
a0b9bc46e constcheck: grab a few more constants
0ccdfd0c8 Update emscripten symbols list
242045cb4 Update emscripten symbols list
30a25dbb2 Bump
be58b2e66 Accept a NULL pointer for the padded length in sodium_pad()
b503d75e4 Add crypto_secretstream_*() to MSVC solutions
a55e13246 Update packaging for .NET Core (#583)
4c93d0391 C++ compat
0850e5580 Check that a zero blocksize returns -1
a27c18d0e No need for two buffers in the padding test
d5574a69f Complete sodium_pad/unpad() and add a couple tests
b9ed93fcb Change the sodium_pad() API to accept a maximum buffer length
4fd66e3ad Name similar things the same way in sodium_pad() and sodium_unpad()
fb4dc083e Update ChangeLog
50c7632cc + sodium_pad() / sodium_unpad()
55a578d62 Merge branch 'master' of github.com:jedisct1/libsodium
b27714898 Reorder crypto_secretstream_*() prototypes in a more intuitive sequence
c3b315ec7 + Firefox
80296be94 Some notes about RtlGenRandom
914ff8757 Format paragraphs
c65426147 Explain that sodium_misuse() still aborts by default
901c49203 + crypto_secretstream_*()
a335fc2da Merge branch 'master' of github.com:jedisct1/libsodium
5f1f6f747 THANKS += PIA
6e8e0a93f Add a couple tests for crypto_secretstream_*()
88c0b6538 Trigger sodium_misuse() if mlen > secretstream_MESSAGESBYTES_MAX
72d5d506d Sort
df7ad2632 Introduce a new crypto_secretstream_*() API
45f2759d8 Update packaging scripts to .NET Core 2.0 (#582)
c39ecb245 Update packaging for .NET Core (#581)
100a055a5 Indent
e6e3f7dd8 ChangeLog
76995c52f Argon2: use sodium_{bin2base64,base642bin} instead of a private implementation
265bdcfe0 bin2hex & bin2base64: return a null size on error
a6480aec4 b64 test: intentionally overestimate sizes
74fd8fd1c C++ compat
ad5a5232a Make that a size_t
f42390a55 Update Visual Studio solutions
cdbb43f44 base64 tests
eb84b00b7 glibc requires <stdint.h> for SIZE_MAX
3f272cbbf Add a base64 codec, due to popular request
308684790 Move the codecs from sodium/utils.c to a dedicated file
b49054ff8 Merge branch 'master' of github.com:jedisct1/libsodium
ef7c9f44c Sort
c87e6f5e1 Add -Wold-style-declaration
dd9416fd5 Doc
1c573d4cb Update
5b141eb9e Add some blank lines for readability
7e91aa3f8 s/the//
4baea3575 Merge branch 'master' of github.com:jedisct1/libsodium
9b7db7c3f Document crypto_aead_aes256gcm_*() limitations
8f0953b31 Merge branch 'master' of github.com:jedisct1/libsodium
9e0e77a3f Update ChangeLog
a894ec93f Add crypto_pwhash_str_alg()
cde31281d Bench: don't tie the printed result to the number of iterations
6d59a5897 Make the number of iterations configurable; reduce the default
28a1e6886 Add an interesting test case for a custom randombytes_uniform implementation
5b4db091d Add a benchmark mode
8813c36ff randombytes test: restore the salsa20-based rng at the end, for benchmarks
a8cc1634f Indent
9d03fbb38 Merge branch 'master' of github.com:jedisct1/libsodium
196e03299 Preliminary ChangeLog
19f76d7cb Simplify
544ce6400 Just a simple script to match constants with functions
f711c6d04 + emscripten-wasm.sh
1a3b474f7 Update the exported list of JS symbols
e1fa9cc90 Add *_messagebytes_max() wrappers
53280aa28 Revert "wasm tests: skip over *.asm.js files"
ac8111c31 wasm tests: skip over *.asm.js files
29914ec82 [Findsodium.cmake] DON'T OVERWRITE LIBRARY SUFFIXES (#576)
f02770b2a Revert "+ sodium_alloc_overhead()"
c5b61d812 + sodium_alloc_overhead()
23c36615c Remove TOTAL_MEMORY from wasm builds
c56fa3ccf Include private/common.h for COMPILER_ASSERT
56eb70f8b Sort
3c3214fbd Node need for --expose-wasm any more with recent nodejs versions
b5b67d074 Add -fembed-bitcode to the iOS 64 target, for WatchOS and TVOS
580bf7a19 emscripten-wasm.sh: generate HTML files even if we don't use them
ae8cd7208 emscript-wasm: don't use --enable-minimal on sumo builds
f2a7b6123 Update symbols
774ec67e2 Repair sodium_core test
8a14f5c16 Don't call sodium_misuse() in the sodium_core test for Javascript/wasm targets
0ce03b6ce misuse test: just return from main() on unsupported platforms
6ac18dae4 The MESSAGEBYTES_MAX constants are to be used with the libsodium API
180a89cb2 More tests for signatures
90bd94e4e Coverage exclusion
b34b89ab3 secrebox: add a test with in/out buffers next to each other
3dd56fa91 Coverage exclusions
ff8bb6705 More tests for scrypt
a3f90d602 Indent
63d8a896f Test KX with a weak PK
7ad9a46cb More tests
a9a21a7df Test Ed->X conversion with x not being a square root
982cde1a7 Test crypto_box_open_detached() with a weak PK
52bfc0325 Initialize the base&aligned addresses in argon2's allocate_memory
fc9088792 Add missing include "core.h"
c15173de1 Turn a few calls with an insane message length into a sodium_misuse()
f28fe0ae2 Cap argon2*_BYTES_MAX to SODIUM_SIZE_MAX
bac61ebf5 BYTES_MAX -> MESSAGEBYTES_MAX
16179b87f Introduce *_BYTES_MAX constants
568adb570 Trim crypto_pwhash_scryptsalsa208sha256_BYTES_MAX down to ~127 GB
3525f032d Inline
3ee2151f1 memzero(): with weak symbols, just call memset()
105f7108d Argon2: wipe all blocks if the ARGON2_FLAG_CLEAR_MEMORY flag is set
dc2c68067 C++ compat
fb739acd7 fill_memory_blocks() cannot possibly fail
c3908f87d Argon2: deallocate memory if fill_memory_blocks() ever fails
8d91a3275 Add more tests for crypto_sign_ed25519_pk_to_curve25519()
214fe473f Add an invalid key to the signature tests
e1b044820 Test crypto_secretbox_open_detached() with a NULL message pointer
c90ddae75 Use the right state type for the auth256 test
51a0b96f1 Test crypto_hmac_sha256_update() with empty chunks
2a2ed3df3 Volatilify the accumulator, at least for consistency with sodium_is_zero()
cd51ff29e Coverage exclusions
33d6908f9 Test crypto_auth_hmacsha256_*()
f92c82537 More tests
67a7df73b Add all the Visual Studio files in the tarball
56efb47ab .13 -> .14
334738cf2 Add resource.rc to the Visual Studio filters files
47796a5b8 Indent
d7ecf04d6 Comment randombytes_uniform()
eaab51278 Add specialized ge_mul_l() to multiply by the order of the main subgroup
6de26b59d ed25519_pk_to_curve25519: check that the input is in the right subgroup
571915ea2 ed25519: un-static the check for low-order points
b57f9668f More tests
cc5191607 Tag sodium_runtime_has_*() symbols as weak
8b9b6a54b Remove error string from sodium_misuse()
9361070f9 Merge branch 'master' of github.com:jedisct1/libsodium * 'master' of github.com:jedisct1/libsodium:   Tweak emscripten-wasm.sh   Clear the BLAKE2B state only once, on finalization   memzero() the state if we call generichash_final() twice
63cbad750 Visual Studio doesn't like abort() chains
21fd252ac Tweak emscripten-wasm.sh
97486f7d4 Clear the BLAKE2B state only once, on finalization
1090fcfd4 memzero() the state if we call generichash_final() twice
6768d82ea Add missing return value in set_misuse_handler()
9df008a78 Add some invalid base64 strings to pwhash_str_verify() tests
5d56821d3 More tests, and start testing misuse cases
0238cbcf6 Bump NuGet package
0e8d7c926 Implement sodium_set_misuse_handler()
9def4d9a8 Add tests for crypto_kx_*() when a single key is required
8a70f258f No more abort() calls!
c3b24c1d2 Explain why some abort() calls are still around
74703c63a More abort() -> sodium_misuse()
a0e997b8a More abort() -> sodium_misuse()
ea9281cb0 More abort() -> sodium_misuse()
c7459c125 Remove the useless donations button
a61dddd49 Back to dev mode. If you want a stable version, use the stable branch.
bcf98b554 Start replacing abort() with an internal sodium_misuse() function
c86080e7b Fix funky indentation
608e103e4 Finish the Argon2id tests
8b99f44ff Abort on misuse in crypto_kx_server_session_keys() too
765ba55cd crypto_kx(): abort if the function is called without any non-NULL pointer
90658321d Only include sodium/crypto_pwhash_scryptsalsa208sha256.h on !minimal
1f826df2d is_zero(): volatilize the accumulator
3d400363b sodium_compare: x1, x2 don't have to be volatile
99f8c19a1 memzero(): call the weak function after zeroing
30e8a2b23 The time has come to use memset_s() if available
f0c15da02 We don't need these extra loads
bcdb042ad Revert "Explicitly include <limits.h>"
7dbbd266b Simple SSE2 implementation of crypto_verify*()
94a8b3327 Simplify crypto_verify_*()
37e99aa4f Make it more difficult for the compiler to optimize crypto_verify_*()
c746eb277 Revert "Bail out if SIZE_MAX < crypto_pwhash_MEMLIMIT_MAX"
0fd9aae17 Explicitly include <limits.h>
c2ef7d088 Bail out if SIZE_MAX < crypto_pwhash_MEMLIMIT_MAX

git-subtree-dir: libsodium
git-subtree-split: 18609cffafed6ccfcac77088d402074e1d74f02c
This commit is contained in:
Andrew Bettison 2017-09-27 14:52:05 +09:30
parent fc5c87e213
commit 4e2658e3fd
183 changed files with 4560 additions and 1268 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.gitignore vendored
View File

@ -99,6 +99,7 @@ test/default/box_easy2
test/default/box_seal
test/default/box_seed
test/default/chacha20
test/default/codecs
test/default/core1
test/default/core2
test/default/core3
@ -114,6 +115,8 @@ test/default/hash3
test/default/kdf
test/default/keygen
test/default/kx
test/default/metamorphic
test/default/misuse
test/default/onetimeauth
test/default/onetimeauth2
test/default/onetimeauth7
@ -133,6 +136,7 @@ test/default/secretbox7
test/default/secretbox8
test/default/secretbox_easy
test/default/secretbox_easy2
test/default/secretstream
test/default/shorthash
test/default/sign
test/default/siphashx24

28
.travis.yml
View File

@ -10,30 +10,24 @@ compiler:
- gcc
- g++
before_script:
install:
- ./autogen.sh
- env CC=tcc CFLAGS='-w' ./configure --prefix=/tmp --disable-dependency-tracking --disable-shared || cat config.log
- make -j $(nproc) && make check && make install
- env CC=tcc CPPFLAGS='-I/tmp/include' LDFLAGS='-L/tmp/lib' LD_LIBRARY_PATH='/tmp/lib' ./test/constcheck.sh
- make uninstall
- make distclean
script:
- ./configure --disable-dependency-tracking
- >
if [ "$TRAVIS_OS_NAME" = 'linux' -a "$CC" = 'gcc' ]; then make CFLAGS='-g0' > /dev/null && cp src/libsodium/.libs/libsodium.so lib.so && make clean > /dev/null && make CFLAGS='-g0' CPPFLAGS='-DSODIUM_C99\(X\)=' > /dev/null && cp src/libsodium/.libs/libsodium.so lib-oldc.so && cmp lib.so lib-oldc.so && echo No binary changes && make clean > /dev/null ; fi
- if [ "$TRAVIS_OS_NAME" = 'linux' -a "$CC" = 'gcc' ]; then make -j $(nproc) CFLAGS='-g0' > /dev/null && cp src/libsodium/.libs/libsodium.so lib.so && make clean > /dev/null && make CFLAGS='-g0' CPPFLAGS='-DSODIUM_C99\(X\)=' > /dev/null && cp src/libsodium/.libs/libsodium.so lib-oldc.so && cmp lib.so lib-oldc.so && echo No binary changes && make clean > /dev/null ; fi
- make distcheck
- make distclean > /dev/null
- ./configure --disable-dependency-tracking --enable-minimal
- make distcheck
- make check
- ( echo '#include <sodium.h>' ; echo 'int main(void) { return sodium_init(); }' ) > /tmp/main.c && gcc -Isrc/libsodium/include -Isrc/libsodium/include/sodium $(find src -name '*.c' -o -name '*.S') /tmp/main.c
env:
global:
- secure: "OyX+ypmU5NLRiSsIg1HvaGYvlaHSN2S/0AyCIQt63PNdcG7o1xa9Sv1Tcujr/xuvSvNbchNVEyBvCbNgqp/R8kRRhNPqFo2pxMMjkEKrJQqOm8sjvwMqTV4k6axEq+WwKylQaNJSDq1G9n5J/s7hlVPaiKAjsOPKnMN5ThNAr8o="
addons:
coverity_scan:
project:
name: jedisct1/libsodium
version: 1.0.13
description: libsodium
notification_email: coverityscan@pureftpd.org
build_command_prepend: ./autogen.sh ; ./configure
build_command: make -j4
branch_pattern: coverity_scan
apt:
packages:
- tcc

47
ChangeLog
View File

@ -1,4 +1,51 @@
* Version 1.0.14
- iOS binaries should now be compatible with WatchOS and TVOS.
- WebAssembly is now officially supported. Special thanks to
@facekapow and @pepyakin who helped to make it happen.
- Internal consistency checks failing and primitives used with
dangerous/out-of-bounds/invalid parameters used to call abort(3).
Now, a custom handler *that doesn't return* can be set with the
`set_sodium_misuse()` function. It still aborts by default or if the
handler ever returns. This is not a replacement for non-fatal,
expected runtime errors. This handler will be only called in
unexpected situations due to potential bugs in the library or in
language bindings.
- `*_MESSAGEBYTES_MAX` macros (and the corresponding
`_messagebytes_max()` symbols) have been added to represent the
maximum message size that can be safely handled by a primitive.
Language bindings are encouraged to check user inputs against these
maximum lengths.
- The test suite has been extended to cover more edge cases.
- crypto_sign_ed25519_pk_to_curve25519() now rejects points that are
not on the curve, or not in the main subgroup.
- Further changes have been made to ensure that smart compilers will
not optimize out code that we don't want to be optimized.
- Visual Studio solutions are now included in distribution tarballs.
- The `sodium_runtime_has_*` symbols for CPU features detection are
now defined as weak symbols, i.e. they can be replaced with an
application-defined implementation. This can be useful to disable
AVX* when temperature/power consumption is a concern.
- `crypto_kx_*()` now aborts if called with no non-NULL pointers to
store keys to.
- SSE2 implementations of `crypto_verify_*()` have been added.
- Passwords can be hashed using a specific algorithm with the new
`crypto_pwhash_str_alg()` function.
- Due to popular demand, base64 encoding (`sodium_bin2base64()`) and
decoding (`sodium_base642bin()`) have been implemented.
- A new `crypto_secretstream_*()` API was added to safely encrypt files
and multi-part messages.
- The `sodium_pad()` and `sodium_unpad()` helper functions have been
added in order to add & remove padding.
- An AVX512 optimized implementation of Argon2 has been added (written
by Ondrej Mosnáček, thanks!)
- The `crypto_pwhash_str_needs_rehash()` function was added to check if
a password hash string matches the given parameters, or if it needs an
update.
- The library can now be compiled with recent versions of
emscripten/binaryen that don't allow multiple variables declarations
using a single `var` statement.
* Version 1.0.13
- Javascript: the sumo builds now include all symbols. They were
previously limited to symbols defined in minimal builds.

1
Makefile.am
View File

@ -10,6 +10,7 @@ EXTRA_DIST = \
THANKS
SUBDIRS = \
builds \
contrib \
dist-build \
msvc-scripts \

4
README.markdown
View File

@ -1,7 +1,6 @@
[![Build Status](https://travis-ci.org/jedisct1/libsodium.svg?branch=master)](https://travis-ci.org/jedisct1/libsodium?branch=master)
[![Windows build status](https://ci.appveyor.com/api/projects/status/fu8s2elx25il98hj?svg=true)](https://ci.appveyor.com/project/jedisct1/libsodium)
[![Coverity Scan Build Status](https://scan.coverity.com/projects/2397/badge.svg)](https://scan.coverity.com/projects/2397)
[![Make a donation to support this project](https://img.shields.io/badge/donate-PayPal-green.svg?style=flat)](https://www.libsodium.org/donate)
![libsodium](https://raw.github.com/jedisct1/libsodium/master/logo.png)
============
@ -21,8 +20,7 @@ including Windows (with MingW or Visual Studio, x86 and x64), iOS and Android.
## Documentation
The documentation is a work-in-progress, and is being written using
Gitbook:
The documentation is available on Gitbook:
* [libsodium documentation](https://download.libsodium.org/doc/) -
online, requires Javascript.

16
THANKS
View File

@ -1,3 +1,6 @@
Special thanks to people, companies and organizations having written
libsodium bindings for their favorite programming languages:
@alethia7
@artemisc
@carblue
@ -45,6 +48,7 @@ Jeroen Habraken (@VeXocide)
Jeroen Ooms (@jeroen)
Jesper Louis Andersen (@jlouis)
Joe Eli McIlvain (@jemc)
Jonathan Stowe (@jonathanstowe)
Joseph Abrahamson (@tel)
Julien Kauffmann (@ereOn)
Kenneth Ballenegger (@kballenegger)
@ -70,12 +74,18 @@ Tony Garnock-Jones (@tonyg)
Y. T. Chung (@zonyitoo)
Bytecurry Software
Cisco
Coverity, Inc.
Cryptotronix
Facebook
FSF France
MaidSafe
OVH
Paragonie Initiative Enterprises
Python Cryptographic Authority
(this list may not be complete, if you don't see your name, please
submit a pull request!)
Also thanks to:
- Coverity, Inc. to provide static analysis.
- FSF France for providing access to their compilation servers.
- Private Internet Access for having sponsored a complete security audit.

65
builds/Makefile.am Normal file
View File

@ -0,0 +1,65 @@
EXTRA_DIST = \
msvc/build/buildall.bat \
msvc/build/buildbase.bat \
msvc/properties/Common.props \
msvc/properties/Debug.props \
msvc/properties/DebugDEXE.props \
msvc/properties/DebugDLL.props \
msvc/properties/DebugLEXE.props \
msvc/properties/DebugLIB.props \
msvc/properties/DebugLTCG.props \
msvc/properties/DebugSEXE.props \
msvc/properties/DLL.props \
msvc/properties/EXE.props \
msvc/properties/LIB.props \
msvc/properties/Link.props \
msvc/properties/LTCG.props \
msvc/properties/Messages.props \
msvc/properties/Output.props \
msvc/properties/Release.props \
msvc/properties/ReleaseDEXE.props \
msvc/properties/ReleaseDLL.props \
msvc/properties/ReleaseLEXE.props \
msvc/properties/ReleaseLIB.props \
msvc/properties/ReleaseLTCG.props \
msvc/properties/ReleaseSEXE.props \
msvc/properties/Win32.props \
msvc/properties/x64.props \
msvc/resource.h \
msvc/resource.rc \
msvc/version.h \
msvc/vs2010/libsodium/libsodium.props \
msvc/vs2010/libsodium/libsodium.vcxproj \
msvc/vs2010/libsodium/libsodium.vcxproj.filters \
msvc/vs2010/libsodium/libsodium.xml \
msvc/vs2010/libsodium.import.props \
msvc/vs2010/libsodium.import.xml \
msvc/vs2010/libsodium.sln \
msvc/vs2012/libsodium/libsodium.props \
msvc/vs2012/libsodium/libsodium.vcxproj \
msvc/vs2012/libsodium/libsodium.vcxproj.filters \
msvc/vs2012/libsodium/libsodium.xml \
msvc/vs2012/libsodium.import.props \
msvc/vs2012/libsodium.import.xml \
msvc/vs2012/libsodium.sln \
msvc/vs2013/libsodium/libsodium.props \
msvc/vs2013/libsodium/libsodium.vcxproj \
msvc/vs2013/libsodium/libsodium.vcxproj.filters \
msvc/vs2013/libsodium/libsodium.xml \
msvc/vs2013/libsodium.import.props \
msvc/vs2013/libsodium.import.xml \
msvc/vs2013/libsodium.sln \
msvc/vs2015/libsodium/libsodium.props \
msvc/vs2015/libsodium/libsodium.vcxproj \
msvc/vs2015/libsodium/libsodium.vcxproj.filters \
msvc/vs2015/libsodium/libsodium.xml \
msvc/vs2015/libsodium.import.props \
msvc/vs2015/libsodium.import.xml \
msvc/vs2015/libsodium.sln \
msvc/vs2017/libsodium/libsodium.props \
msvc/vs2017/libsodium/libsodium.vcxproj \
msvc/vs2017/libsodium/libsodium.vcxproj.filters \
msvc/vs2017/libsodium/libsodium.xml \
msvc/vs2017/libsodium.import.props \
msvc/vs2017/libsodium.import.xml \
msvc/vs2017/libsodium.sln

4
builds/msvc/resource.rc
View File

@ -4,8 +4,8 @@
#include "windows.h"
//specify the version numbers for the dll's
#define LIBSODIUM_VERSION_STRING "1.0.13.0"
#define LIBSODIUM_VERSION_BIN 1,0,13,0
#define LIBSODIUM_VERSION_STRING "1.0.14.0"
#define LIBSODIUM_VERSION_BIN 1,0,14,0
//specify the product name for the dlls based on the platform we are compiling for
#if defined(x64)

4
builds/msvc/version.h
View File

@ -4,10 +4,10 @@
#include "export.h"
#define SODIUM_VERSION_STRING "1.0.13"
#define SODIUM_VERSION_STRING "1.0.14"
#define SODIUM_LIBRARY_VERSION_MAJOR 9
#define SODIUM_LIBRARY_VERSION_MINOR 5
#define SODIUM_LIBRARY_VERSION_MINOR 6
#ifdef __cplusplus
extern "C" {

6
builds/msvc/vs2010/libsodium/libsodium.vcxproj
View File

@ -119,6 +119,7 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-core.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-encoding.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-avx2.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-avx512f.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-ref.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-ssse3.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2.c" />
@ -142,6 +143,7 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretbox\crypto_secretbox_easy.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretbox\xchacha20poly1305\secretbox_xchacha20poly1305.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretbox\xsalsa20poly1305\secretbox_xsalsa20poly1305.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretstream\xchacha20poly1305\secretstream_xchacha20poly1305.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_shorthash\crypto_shorthash.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_shorthash\siphash24\shorthash_siphash24.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_shorthash\siphash24\shorthash_siphashx24.c" />
@ -181,6 +183,7 @@
<ClCompile Include="..\..\..\..\src\libsodium\randombytes\nativeclient\randombytes_nativeclient.c" />
<ClCompile Include="..\..\..\..\src\libsodium\randombytes\salsa20\randombytes_salsa20_random.c" />
<ClCompile Include="..\..\..\..\src\libsodium\randombytes\sysrandom\randombytes_sysrandom.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\codecs.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\core.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\runtime.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\utils.c" />
@ -206,6 +209,7 @@
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blake2b-long.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-avx2.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-avx512f.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-ref.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-ssse3.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\scryptsalsa208sha256\crypto_scrypt.h" />
@ -280,6 +284,7 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretbox.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretbox_xchacha20poly1305.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretbox_xsalsa20poly1305.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretstream_xchacha20poly1305.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_shorthash.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_shorthash_siphash24.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_sign.h" />
@ -303,6 +308,7 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\randombytes_sysrandom.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\runtime.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\utils.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\version.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\private\common.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\private\curve25519_ref10.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\private\implementations.h" />

27
builds/msvc/vs2010/libsodium/libsodium.vcxproj.filters
View File

@ -20,6 +20,9 @@
<Filter>packaging</Filter>
</Xml>
</ItemGroup>
<ItemGroup>
<ResourceCompile Include="..\..\resource.rc" />
</ItemGroup>
<ItemGroup>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_aead\aes256gcm\aesni\aead_aes256gcm_aesni.c">
<Filter>crypto_aead\aes256gcm\aesni</Filter>
@ -147,6 +150,9 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-avx2.c">
<Filter>crypto_pwhash\argon2</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-avx512f.c">
<Filter>crypto_pwhash\argon2</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-ref.c">
<Filter>crypto_pwhash\argon2</Filter>
</ClCompile>
@ -216,6 +222,9 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretbox\xsalsa20poly1305\secretbox_xsalsa20poly1305.c">
<Filter>crypto_secretbox\xsalsa20poly1305</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretstream\xchacha20poly1305\secretstream_xchacha20poly1305.c">
<Filter>crypto_secretstream\xchacha20poly1305</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_shorthash\crypto_shorthash.c">
<Filter>crypto_shorthash</Filter>
</ClCompile>
@ -333,6 +342,9 @@
<ClCompile Include="..\..\..\..\src\libsodium\randombytes\sysrandom\randombytes_sysrandom.c">
<Filter>randombytes\sysrandom</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\sodium\codecs.c">
<Filter>sodium</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\sodium\core.c">
<Filter>sodium</Filter>
</ClCompile>
@ -404,6 +416,9 @@
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-avx2.h">
<Filter>crypto_pwhash\argon2</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-avx512f.h">
<Filter>crypto_pwhash\argon2</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-ref.h">
<Filter>crypto_pwhash\argon2</Filter>
</ClInclude>
@ -626,6 +641,9 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretbox_xsalsa20poly1305.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretstream_xchacha20poly1305.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_shorthash.h">
<Filter>include\sodium</Filter>
</ClInclude>
@ -695,6 +713,9 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\utils.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\version.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\private\common.h">
<Filter>include\sodium\private</Filter>
</ClInclude>
@ -862,6 +883,12 @@
<Filter Include="crypto_secretbox\xsalsa20poly1305">
<UniqueIdentifier>{8bf11d29-2f5a-3f10-8ae6-82229d19c5b0}</UniqueIdentifier>
</Filter>
<Filter Include="crypto_secretstream">
<UniqueIdentifier>{62f7ae38-4ce6-3976-acc3-47c462db4fbe}</UniqueIdentifier>
</Filter>
<Filter Include="crypto_secretstream\xchacha20poly1305">
<UniqueIdentifier>{e07a28cd-775a-3798-bfdb-97842d3614d6}</UniqueIdentifier>
</Filter>
<Filter Include="crypto_shorthash">
<UniqueIdentifier>{bb073c16-adc8-3cff-80b9-99cf5a28de6c}</UniqueIdentifier>
</Filter>

6
builds/msvc/vs2012/libsodium/libsodium.vcxproj
View File

@ -119,6 +119,7 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-core.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-encoding.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-avx2.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-avx512f.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-ref.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-ssse3.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2.c" />
@ -142,6 +143,7 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretbox\crypto_secretbox_easy.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretbox\xchacha20poly1305\secretbox_xchacha20poly1305.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretbox\xsalsa20poly1305\secretbox_xsalsa20poly1305.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretstream\xchacha20poly1305\secretstream_xchacha20poly1305.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_shorthash\crypto_shorthash.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_shorthash\siphash24\shorthash_siphash24.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_shorthash\siphash24\shorthash_siphashx24.c" />
@ -181,6 +183,7 @@
<ClCompile Include="..\..\..\..\src\libsodium\randombytes\nativeclient\randombytes_nativeclient.c" />
<ClCompile Include="..\..\..\..\src\libsodium\randombytes\salsa20\randombytes_salsa20_random.c" />
<ClCompile Include="..\..\..\..\src\libsodium\randombytes\sysrandom\randombytes_sysrandom.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\codecs.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\core.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\runtime.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\utils.c" />
@ -206,6 +209,7 @@
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blake2b-long.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-avx2.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-avx512f.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-ref.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-ssse3.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\scryptsalsa208sha256\crypto_scrypt.h" />
@ -280,6 +284,7 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretbox.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretbox_xchacha20poly1305.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretbox_xsalsa20poly1305.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretstream_xchacha20poly1305.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_shorthash.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_shorthash_siphash24.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_sign.h" />
@ -303,6 +308,7 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\randombytes_sysrandom.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\runtime.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\utils.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\version.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\private\common.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\private\curve25519_ref10.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\private\implementations.h" />

27
builds/msvc/vs2012/libsodium/libsodium.vcxproj.filters
View File

@ -20,6 +20,9 @@
<Filter>packaging</Filter>
</Xml>
</ItemGroup>
<ItemGroup>
<ResourceCompile Include="..\..\resource.rc" />
</ItemGroup>
<ItemGroup>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_aead\aes256gcm\aesni\aead_aes256gcm_aesni.c">
<Filter>crypto_aead\aes256gcm\aesni</Filter>
@ -147,6 +150,9 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-avx2.c">
<Filter>crypto_pwhash\argon2</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-avx512f.c">
<Filter>crypto_pwhash\argon2</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-ref.c">
<Filter>crypto_pwhash\argon2</Filter>
</ClCompile>
@ -216,6 +222,9 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretbox\xsalsa20poly1305\secretbox_xsalsa20poly1305.c">
<Filter>crypto_secretbox\xsalsa20poly1305</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretstream\xchacha20poly1305\secretstream_xchacha20poly1305.c">
<Filter>crypto_secretstream\xchacha20poly1305</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_shorthash\crypto_shorthash.c">
<Filter>crypto_shorthash</Filter>
</ClCompile>
@ -333,6 +342,9 @@
<ClCompile Include="..\..\..\..\src\libsodium\randombytes\sysrandom\randombytes_sysrandom.c">
<Filter>randombytes\sysrandom</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\sodium\codecs.c">
<Filter>sodium</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\sodium\core.c">
<Filter>sodium</Filter>
</ClCompile>
@ -404,6 +416,9 @@
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-avx2.h">
<Filter>crypto_pwhash\argon2</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-avx512f.h">
<Filter>crypto_pwhash\argon2</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-ref.h">
<Filter>crypto_pwhash\argon2</Filter>
</ClInclude>
@ -626,6 +641,9 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretbox_xsalsa20poly1305.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretstream_xchacha20poly1305.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_shorthash.h">
<Filter>include\sodium</Filter>
</ClInclude>
@ -695,6 +713,9 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\utils.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\version.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\private\common.h">
<Filter>include\sodium\private</Filter>
</ClInclude>
@ -862,6 +883,12 @@
<Filter Include="crypto_secretbox\xsalsa20poly1305">
<UniqueIdentifier>{8bf11d29-2f5a-3f10-8ae6-82229d19c5b0}</UniqueIdentifier>
</Filter>
<Filter Include="crypto_secretstream">
<UniqueIdentifier>{62f7ae38-4ce6-3976-acc3-47c462db4fbe}</UniqueIdentifier>
</Filter>
<Filter Include="crypto_secretstream\xchacha20poly1305">
<UniqueIdentifier>{e07a28cd-775a-3798-bfdb-97842d3614d6}</UniqueIdentifier>
</Filter>
<Filter Include="crypto_shorthash">
<UniqueIdentifier>{bb073c16-adc8-3cff-80b9-99cf5a28de6c}</UniqueIdentifier>
</Filter>

6
builds/msvc/vs2013/libsodium/libsodium.vcxproj
View File

@ -119,6 +119,7 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-core.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-encoding.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-avx2.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-avx512f.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-ref.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-ssse3.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2.c" />
@ -142,6 +143,7 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretbox\crypto_secretbox_easy.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretbox\xchacha20poly1305\secretbox_xchacha20poly1305.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretbox\xsalsa20poly1305\secretbox_xsalsa20poly1305.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretstream\xchacha20poly1305\secretstream_xchacha20poly1305.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_shorthash\crypto_shorthash.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_shorthash\siphash24\shorthash_siphash24.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_shorthash\siphash24\shorthash_siphashx24.c" />
@ -181,6 +183,7 @@
<ClCompile Include="..\..\..\..\src\libsodium\randombytes\nativeclient\randombytes_nativeclient.c" />
<ClCompile Include="..\..\..\..\src\libsodium\randombytes\salsa20\randombytes_salsa20_random.c" />
<ClCompile Include="..\..\..\..\src\libsodium\randombytes\sysrandom\randombytes_sysrandom.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\codecs.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\core.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\runtime.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\utils.c" />
@ -206,6 +209,7 @@
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blake2b-long.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-avx2.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-avx512f.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-ref.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-ssse3.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\scryptsalsa208sha256\crypto_scrypt.h" />
@ -280,6 +284,7 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretbox.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretbox_xchacha20poly1305.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretbox_xsalsa20poly1305.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretstream_xchacha20poly1305.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_shorthash.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_shorthash_siphash24.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_sign.h" />
@ -303,6 +308,7 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\randombytes_sysrandom.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\runtime.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\utils.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\version.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\private\common.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\private\curve25519_ref10.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\private\implementations.h" />

27
builds/msvc/vs2013/libsodium/libsodium.vcxproj.filters
View File

@ -20,6 +20,9 @@
<Filter>packaging</Filter>
</Xml>
</ItemGroup>
<ItemGroup>
<ResourceCompile Include="..\..\resource.rc" />
</ItemGroup>
<ItemGroup>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_aead\aes256gcm\aesni\aead_aes256gcm_aesni.c">
<Filter>crypto_aead\aes256gcm\aesni</Filter>
@ -147,6 +150,9 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-avx2.c">
<Filter>crypto_pwhash\argon2</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-avx512f.c">
<Filter>crypto_pwhash\argon2</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-ref.c">
<Filter>crypto_pwhash\argon2</Filter>
</ClCompile>
@ -216,6 +222,9 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretbox\xsalsa20poly1305\secretbox_xsalsa20poly1305.c">
<Filter>crypto_secretbox\xsalsa20poly1305</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretstream\xchacha20poly1305\secretstream_xchacha20poly1305.c">
<Filter>crypto_secretstream\xchacha20poly1305</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_shorthash\crypto_shorthash.c">
<Filter>crypto_shorthash</Filter>
</ClCompile>
@ -333,6 +342,9 @@
<ClCompile Include="..\..\..\..\src\libsodium\randombytes\sysrandom\randombytes_sysrandom.c">
<Filter>randombytes\sysrandom</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\sodium\codecs.c">
<Filter>sodium</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\sodium\core.c">
<Filter>sodium</Filter>
</ClCompile>
@ -404,6 +416,9 @@
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-avx2.h">
<Filter>crypto_pwhash\argon2</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-avx512f.h">
<Filter>crypto_pwhash\argon2</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-ref.h">
<Filter>crypto_pwhash\argon2</Filter>
</ClInclude>
@ -626,6 +641,9 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretbox_xsalsa20poly1305.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretstream_xchacha20poly1305.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_shorthash.h">
<Filter>include\sodium</Filter>
</ClInclude>
@ -695,6 +713,9 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\utils.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\version.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\private\common.h">
<Filter>include\sodium\private</Filter>
</ClInclude>
@ -862,6 +883,12 @@
<Filter Include="crypto_secretbox\xsalsa20poly1305">
<UniqueIdentifier>{8bf11d29-2f5a-3f10-8ae6-82229d19c5b0}</UniqueIdentifier>
</Filter>
<Filter Include="crypto_secretstream">
<UniqueIdentifier>{62f7ae38-4ce6-3976-acc3-47c462db4fbe}</UniqueIdentifier>
</Filter>
<Filter Include="crypto_secretstream\xchacha20poly1305">
<UniqueIdentifier>{e07a28cd-775a-3798-bfdb-97842d3614d6}</UniqueIdentifier>
</Filter>
<Filter Include="crypto_shorthash">
<UniqueIdentifier>{bb073c16-adc8-3cff-80b9-99cf5a28de6c}</UniqueIdentifier>
</Filter>

6
builds/msvc/vs2015/libsodium/libsodium.vcxproj
View File

@ -119,6 +119,7 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-core.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-encoding.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-avx2.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-avx512f.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-ref.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-ssse3.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2.c" />
@ -142,6 +143,7 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretbox\crypto_secretbox_easy.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretbox\xchacha20poly1305\secretbox_xchacha20poly1305.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretbox\xsalsa20poly1305\secretbox_xsalsa20poly1305.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretstream\xchacha20poly1305\secretstream_xchacha20poly1305.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_shorthash\crypto_shorthash.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_shorthash\siphash24\shorthash_siphash24.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_shorthash\siphash24\shorthash_siphashx24.c" />
@ -181,6 +183,7 @@
<ClCompile Include="..\..\..\..\src\libsodium\randombytes\nativeclient\randombytes_nativeclient.c" />
<ClCompile Include="..\..\..\..\src\libsodium\randombytes\salsa20\randombytes_salsa20_random.c" />
<ClCompile Include="..\..\..\..\src\libsodium\randombytes\sysrandom\randombytes_sysrandom.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\codecs.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\core.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\runtime.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\utils.c" />
@ -206,6 +209,7 @@
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blake2b-long.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-avx2.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-avx512f.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-ref.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-ssse3.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\scryptsalsa208sha256\crypto_scrypt.h" />
@ -280,6 +284,7 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretbox.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretbox_xchacha20poly1305.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretbox_xsalsa20poly1305.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretstream_xchacha20poly1305.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_shorthash.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_shorthash_siphash24.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_sign.h" />
@ -303,6 +308,7 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\randombytes_sysrandom.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\runtime.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\utils.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\version.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\private\common.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\private\curve25519_ref10.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\private\implementations.h" />

27
builds/msvc/vs2015/libsodium/libsodium.vcxproj.filters
View File

@ -20,6 +20,9 @@
<Filter>packaging</Filter>
</Xml>
</ItemGroup>
<ItemGroup>
<ResourceCompile Include="..\..\resource.rc" />
</ItemGroup>
<ItemGroup>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_aead\aes256gcm\aesni\aead_aes256gcm_aesni.c">
<Filter>crypto_aead\aes256gcm\aesni</Filter>
@ -147,6 +150,9 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-avx2.c">
<Filter>crypto_pwhash\argon2</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-avx512f.c">
<Filter>crypto_pwhash\argon2</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-ref.c">
<Filter>crypto_pwhash\argon2</Filter>
</ClCompile>
@ -216,6 +222,9 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretbox\xsalsa20poly1305\secretbox_xsalsa20poly1305.c">
<Filter>crypto_secretbox\xsalsa20poly1305</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretstream\xchacha20poly1305\secretstream_xchacha20poly1305.c">
<Filter>crypto_secretstream\xchacha20poly1305</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_shorthash\crypto_shorthash.c">
<Filter>crypto_shorthash</Filter>
</ClCompile>
@ -333,6 +342,9 @@
<ClCompile Include="..\..\..\..\src\libsodium\randombytes\sysrandom\randombytes_sysrandom.c">
<Filter>randombytes\sysrandom</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\sodium\codecs.c">
<Filter>sodium</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\sodium\core.c">
<Filter>sodium</Filter>
</ClCompile>
@ -404,6 +416,9 @@
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-avx2.h">
<Filter>crypto_pwhash\argon2</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-avx512f.h">
<Filter>crypto_pwhash\argon2</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-ref.h">
<Filter>crypto_pwhash\argon2</Filter>
</ClInclude>
@ -626,6 +641,9 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretbox_xsalsa20poly1305.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretstream_xchacha20poly1305.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_shorthash.h">
<Filter>include\sodium</Filter>
</ClInclude>
@ -695,6 +713,9 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\utils.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\version.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\private\common.h">
<Filter>include\sodium\private</Filter>
</ClInclude>
@ -862,6 +883,12 @@
<Filter Include="crypto_secretbox\xsalsa20poly1305">
<UniqueIdentifier>{8bf11d29-2f5a-3f10-8ae6-82229d19c5b0}</UniqueIdentifier>
</Filter>
<Filter Include="crypto_secretstream">
<UniqueIdentifier>{62f7ae38-4ce6-3976-acc3-47c462db4fbe}</UniqueIdentifier>
</Filter>
<Filter Include="crypto_secretstream\xchacha20poly1305">
<UniqueIdentifier>{e07a28cd-775a-3798-bfdb-97842d3614d6}</UniqueIdentifier>
</Filter>
<Filter Include="crypto_shorthash">
<UniqueIdentifier>{bb073c16-adc8-3cff-80b9-99cf5a28de6c}</UniqueIdentifier>
</Filter>

6
builds/msvc/vs2017/libsodium/libsodium.vcxproj
View File

@ -119,6 +119,7 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-core.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-encoding.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-avx2.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-avx512f.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-ref.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-ssse3.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2.c" />
@ -142,6 +143,7 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretbox\crypto_secretbox_easy.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretbox\xchacha20poly1305\secretbox_xchacha20poly1305.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretbox\xsalsa20poly1305\secretbox_xsalsa20poly1305.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretstream\xchacha20poly1305\secretstream_xchacha20poly1305.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_shorthash\crypto_shorthash.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_shorthash\siphash24\shorthash_siphash24.c" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_shorthash\siphash24\shorthash_siphashx24.c" />
@ -181,6 +183,7 @@
<ClCompile Include="..\..\..\..\src\libsodium\randombytes\nativeclient\randombytes_nativeclient.c" />
<ClCompile Include="..\..\..\..\src\libsodium\randombytes\salsa20\randombytes_salsa20_random.c" />
<ClCompile Include="..\..\..\..\src\libsodium\randombytes\sysrandom\randombytes_sysrandom.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\codecs.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\core.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\runtime.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\utils.c" />
@ -206,6 +209,7 @@
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blake2b-long.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-avx2.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-avx512f.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-ref.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-ssse3.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\scryptsalsa208sha256\crypto_scrypt.h" />
@ -280,6 +284,7 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretbox.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretbox_xchacha20poly1305.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretbox_xsalsa20poly1305.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretstream_xchacha20poly1305.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_shorthash.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_shorthash_siphash24.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_sign.h" />
@ -303,6 +308,7 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\randombytes_sysrandom.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\runtime.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\utils.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\version.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\private\common.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\private\curve25519_ref10.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\private\implementations.h" />

27
builds/msvc/vs2017/libsodium/libsodium.vcxproj.filters
View File

@ -20,6 +20,9 @@
<Filter>packaging</Filter>
</Xml>
</ItemGroup>
<ItemGroup>
<ResourceCompile Include="..\..\resource.rc" />
</ItemGroup>
<ItemGroup>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_aead\aes256gcm\aesni\aead_aes256gcm_aesni.c">
<Filter>crypto_aead\aes256gcm\aesni</Filter>
@ -147,6 +150,9 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-avx2.c">
<Filter>crypto_pwhash\argon2</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-avx512f.c">
<Filter>crypto_pwhash\argon2</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\argon2-fill-block-ref.c">
<Filter>crypto_pwhash\argon2</Filter>
</ClCompile>
@ -216,6 +222,9 @@
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretbox\xsalsa20poly1305\secretbox_xsalsa20poly1305.c">
<Filter>crypto_secretbox\xsalsa20poly1305</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_secretstream\xchacha20poly1305\secretstream_xchacha20poly1305.c">
<Filter>crypto_secretstream\xchacha20poly1305</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_shorthash\crypto_shorthash.c">
<Filter>crypto_shorthash</Filter>
</ClCompile>
@ -333,6 +342,9 @@
<ClCompile Include="..\..\..\..\src\libsodium\randombytes\sysrandom\randombytes_sysrandom.c">
<Filter>randombytes\sysrandom</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\sodium\codecs.c">
<Filter>sodium</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\sodium\core.c">
<Filter>sodium</Filter>
</ClCompile>
@ -404,6 +416,9 @@
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-avx2.h">
<Filter>crypto_pwhash\argon2</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-avx512f.h">
<Filter>crypto_pwhash\argon2</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\crypto_pwhash\argon2\blamka-round-ref.h">
<Filter>crypto_pwhash\argon2</Filter>
</ClInclude>
@ -626,6 +641,9 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretbox_xsalsa20poly1305.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_secretstream_xchacha20poly1305.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_shorthash.h">
<Filter>include\sodium</Filter>
</ClInclude>
@ -695,6 +713,9 @@
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\utils.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\version.h">
<Filter>include\sodium</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\private\common.h">
<Filter>include\sodium\private</Filter>
</ClInclude>
@ -862,6 +883,12 @@
<Filter Include="crypto_secretbox\xsalsa20poly1305">
<UniqueIdentifier>{8bf11d29-2f5a-3f10-8ae6-82229d19c5b0}</UniqueIdentifier>
</Filter>
<Filter Include="crypto_secretstream">
<UniqueIdentifier>{62f7ae38-4ce6-3976-acc3-47c462db4fbe}</UniqueIdentifier>
</Filter>
<Filter Include="crypto_secretstream\xchacha20poly1305">
<UniqueIdentifier>{e07a28cd-775a-3798-bfdb-97842d3614d6}</UniqueIdentifier>
</Filter>
<Filter Include="crypto_shorthash">
<UniqueIdentifier>{bb073c16-adc8-3cff-80b9-99cf5a28de6c}</UniqueIdentifier>
</Filter>

65
configure.ac
View File

@ -1,5 +1,5 @@
AC_PREREQ([2.65])
AC_INIT([libsodium],[1.0.13],
AC_INIT([libsodium],[1.0.14],
[https://github.com/jedisct1/libsodium/issues],
[libsodium],
[https://github.com/jedisct1/libsodium])
@ -17,9 +17,9 @@ ISODATE=`date +%Y-%m-%d`
AC_SUBST(ISODATE)
SODIUM_LIBRARY_VERSION_MAJOR=9
SODIUM_LIBRARY_VERSION_MINOR=5
SODIUM_LIBRARY_VERSION_MINOR=6
DLL_VERSION=8
SODIUM_LIBRARY_VERSION=21:0:3
SODIUM_LIBRARY_VERSION=22:0:4
# | | |
# +------+ | +---+
# | | |
@ -74,8 +74,14 @@ AC_ARG_ENABLE(asm,
])
AS_IF([test "x$EMSCRIPTEN" != "x"], [
enable_asm="no"
AC_MSG_WARN([compiling to JavaScript - asm implementations disabled])
AX_CHECK_COMPILE_FLAG([-s ASSERTIONS=0], [
enable_asm="no"
AC_MSG_WARN([compiling to JavaScript - asm implementations disabled])
], [
AC_MSG_WARN([EMSCRIPTEN environment variable defined, but emcc doesn't appear to be used - Assuming compilation to native code])
CFLAGS="$CFLAGS -U__EMSCRIPTEN__"
unset EMSCRIPTEN
])
])
AS_IF([test "$host_os" = "nacl" -o "$host_os" = "pnacl"], [
enable_asm="no"
@ -236,6 +242,13 @@ AS_CASE([$host_os],
AX_CHECK_LINK_FLAG([-Wl,--nxcompat], [LDFLAGS="$LDFLAGS -Wl,--nxcompat"])
])
AS_CASE([$host_os],
[cygwin*|mingw*|msys|pw32*|cegcc*], [
AX_CHECK_COMPILE_FLAG([-fno-asynchronous-unwind-tables], [
[CFLAGS="$CFLAGS -fno-asynchronous-unwind-tables"]
])
])
AS_IF([test "x$enable_ssp" != "xno"],[
AS_CASE([$host_os],
@ -261,7 +274,7 @@ AX_CHECK_COMPILE_FLAG([$CWFLAGS -Wextra], [CWFLAGS="$CWFLAGS -Wextra"])
AC_MSG_CHECKING(for clang)
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], [[
#ifndef __clang__
be sad
#error Not clang
#endif
]])],
[AC_MSG_RESULT(yes)
@ -280,22 +293,37 @@ AX_CHECK_COMPILE_FLAG([$CWFLAGS -Wformat=2], [CWFLAGS="$CWFLAGS -Wformat=2"])
AX_CHECK_COMPILE_FLAG([$CWFLAGS -Wmissing-declarations], [CWFLAGS="$CWFLAGS -Wmissing-declarations"])
AX_CHECK_COMPILE_FLAG([$CWFLAGS -Wmissing-prototypes], [CWFLAGS="$CWFLAGS -Wmissing-prototypes"])
AX_CHECK_COMPILE_FLAG([$CWFLAGS -Wnested-externs], [CWFLAGS="$CWFLAGS -Wnested-externs"])
AX_CHECK_COMPILE_FLAG([$CWFLAGS -Wno-type-limits], [CWFLAGS="$CWFLAGS -Wno-type-limits"])
AX_CHECK_COMPILE_FLAG([$CWFLAGS -Wno-unknown-pragmas], [CWFLAGS="$CWFLAGS -Wno-unknown-pragmas"])
AX_CHECK_COMPILE_FLAG([$CWFLAGS -Wnormalized=id], [CWFLAGS="$CWFLAGS -Wnormalized=id"])
AX_CHECK_COMPILE_FLAG([$CWFLAGS -Wnull-dereference], [CWFLAGS="$CWFLAGS -Wnull-dereference"])
AX_CHECK_COMPILE_FLAG([$CWFLAGS -Wold-style-declaration], [CWFLAGS="$CWFLAGS -Wold-style-declaration"])
AX_CHECK_COMPILE_FLAG([$CWFLAGS -Wpointer-arith], [CWFLAGS="$CWFLAGS -Wpointer-arith"])
AX_CHECK_COMPILE_FLAG([$CWFLAGS -Wredundant-decls], [CWFLAGS="$CWFLAGS -Wredundant-decls"])
AX_CHECK_COMPILE_FLAG([$CWFLAGS -Wshorten-64-to-32], [CWFLAGS="$CWFLAGS -Wshorten-64-to-32"])
AX_CHECK_COMPILE_FLAG([$CWFLAGS -Wstrict-prototypes], [CWFLAGS="$CWFLAGS -Wstrict-prototypes"])
AX_CHECK_COMPILE_FLAG([$CWFLAGS -Wswitch-enum], [CWFLAGS="$CWFLAGS -Wswitch-enum"])
AX_CHECK_COMPILE_FLAG([$CWFLAGS -Wvariable-decl], [CWFLAGS="$CWFLAGS -Wvariable-decl"])
AX_CHECK_COMPILE_FLAG([$CWFLAGS -Wno-type-limits], [CWFLAGS="$CWFLAGS -Wno-type-limits"])
AX_CHECK_LINK_FLAG([-Wl,-z,relro], [LDFLAGS="$LDFLAGS -Wl,-z,relro"])
AX_CHECK_LINK_FLAG([-Wl,-z,now], [LDFLAGS="$LDFLAGS -Wl,-z,now"])
AX_CHECK_LINK_FLAG([-Wl,-z,noexecstack], [LDFLAGS="$LDFLAGS -Wl,-z,noexecstack"])
AC_MSG_CHECKING(for a broken clang + AVX512 combination)
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], [[
#if !(defined(__AVX512F__) && defined(__clang__) && __clang_major__ < 4)
#error Not a broken clang + AVX512 combination
#endif
]])],
[AC_MSG_RESULT(yes - disabling AVX512 optimizations)
AX_CHECK_COMPILE_FLAG([$CFLAGS -mno-avx512f],
[CFLAGS="$CFLAGS -mno-avx512f"])
],
[AC_MSG_RESULT(no)
])
AX_CHECK_CATCHABLE_SEGV
AX_CHECK_CATCHABLE_ABRT
LT_INIT
AC_SUBST(LIBTOOL_DEPS)
@ -426,6 +454,25 @@ return _mm256_movemask_ps(_mm256_cmp_ps(x, y, _CMP_NEQ_OQ));
[AC_MSG_RESULT(no)])
CFLAGS="$oldcflags"
oldcflags="$CFLAGS"
AX_CHECK_COMPILE_FLAG([-mavx512f], [CFLAGS="$CFLAGS -mavx512f"])
AC_MSG_CHECKING(for AVX512F instructions set)
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
#ifdef __native_client__
# error NativeClient detected - Avoiding AVX512F opcodes
#endif
#pragma GCC target("avx512f")
#include <immintrin.h>
]], [[
__m512i x = _mm512_setzero_epi32();
__m512i y = _mm512_permutexvar_epi64(_mm512_setr_epi64(0, 1, 4, 5, 2, 3, 6, 7), x);
]])],
[AC_MSG_RESULT(yes)
AC_DEFINE([HAVE_AVX512FINTRIN_H], [1], [AVX512F is available])
AX_CHECK_COMPILE_FLAG([-mavx512f], [CFLAGS_AVX512F="-mavx512f"])],
[AC_MSG_RESULT(no)])
CFLAGS="$oldcflags"
oldcflags="$CFLAGS"
AX_CHECK_COMPILE_FLAG([-maes], [CFLAGS="$CFLAGS -maes"])
AX_CHECK_COMPILE_FLAG([-mpclmul], [CFLAGS="$CFLAGS -mpclmul"])
@ -456,6 +503,7 @@ AC_SUBST(CFLAGS_SSSE3)
AC_SUBST(CFLAGS_SSE41)
AC_SUBST(CFLAGS_AVX)
AC_SUBST(CFLAGS_AVX2)
AC_SUBST(CFLAGS_AVX512F)
AC_SUBST(CFLAGS_AESNI)
AC_SUBST(CFLAGS_PCLMUL)
@ -686,7 +734,7 @@ dnl Checks for functions and headers
AS_IF([test "x$EMSCRIPTEN" = "x"],[
AC_CHECK_FUNCS([arc4random arc4random_buf])
AC_CHECK_FUNCS([mmap mlock madvise mprotect explicit_bzero nanosleep])
AC_CHECK_FUNCS([mmap mlock madvise mprotect memset_s explicit_bzero nanosleep])
])
AC_CHECK_FUNCS([posix_memalign getpid])
@ -718,6 +766,7 @@ AH_VERBATIM([NDEBUG], [/* Always evaluate assert() calls */
#endif])
AC_CONFIG_FILES([Makefile
builds/Makefile
contrib/Makefile
dist-build/Makefile
libsodium.pc

2
contrib/Findsodium.cmake
View File

@ -130,6 +130,7 @@ elseif (WIN32)
PATH_SUFFIXES ${_RELEASE_PATH_SUFFIX}
)
if (NOT sodium_USE_STATIC_LIBS)
set(CMAKE_FIND_LIBRARY_SUFFIXES_BCK ${CMAKE_FIND_LIBRARY_SUFFIXES})
set(CMAKE_FIND_LIBRARY_SUFFIXES ".dll")
find_library(sodium_DLL_DEBUG libsodium
HINTS ${sodium_DIR}
@ -139,6 +140,7 @@ elseif (WIN32)
HINTS ${sodium_DIR}
PATH_SUFFIXES ${_RELEASE_PATH_SUFFIX}
)
set(CMAKE_FIND_LIBRARY_SUFFIXES ${CMAKE_FIND_LIBRARY_SUFFIXES_BCK})
endif()
elseif(_GCC_COMPATIBLE)

1
dist-build/Makefile.am
View File

@ -9,6 +9,7 @@ EXTRA_DIST = \
android-x86.sh \
android-x86_64.sh \
emscripten.sh \
emscripten-wasm.sh \
ios.sh \
msys2-win32.sh \
msys2-win64.sh \

96
dist-build/emscripten-symbols.def
View File

@ -11,6 +11,7 @@ _crypto_aead_aes256gcm_encrypt_detached_afternm 0 0
_crypto_aead_aes256gcm_is_available 0 0
_crypto_aead_aes256gcm_keybytes 0 0
_crypto_aead_aes256gcm_keygen 0 0
_crypto_aead_aes256gcm_messagebytes_max 0 0
_crypto_aead_aes256gcm_npubbytes 0 0
_crypto_aead_aes256gcm_nsecbytes 0 0
_crypto_aead_aes256gcm_statebytes 0 0
@ -25,13 +26,15 @@ _crypto_aead_chacha20poly1305_ietf_decrypt_detached 1 1
_crypto_aead_chacha20poly1305_ietf_encrypt 1 1
_crypto_aead_chacha20poly1305_ietf_encrypt_detached 1 1
_crypto_aead_chacha20poly1305_ietf_keybytes 1 1
_crypto_aead_chacha20poly1305_ietf_keygen 1 1
_crypto_aead_chacha20poly1305_ietf_messagebytes_max 0 0
_crypto_aead_chacha20poly1305_ietf_npubbytes 1 1
_crypto_aead_chacha20poly1305_ietf_nsecbytes 1 1
_crypto_aead_chacha20poly1305_keybytes 1 1
_crypto_aead_chacha20poly1305_keygen 1 1
_crypto_aead_chacha20poly1305_messagebytes_max 0 0
_crypto_aead_chacha20poly1305_npubbytes 1 1
_crypto_aead_chacha20poly1305_nsecbytes 1 1
_crypto_aead_chacha20poly1305_ietf_keygen 1 1
_crypto_aead_chacha20poly1305_keygen 1 1
_crypto_aead_xchacha20poly1305_ietf_abytes 1 1
_crypto_aead_xchacha20poly1305_ietf_decrypt 1 1
_crypto_aead_xchacha20poly1305_ietf_decrypt_detached 1 1
@ -39,6 +42,7 @@ _crypto_aead_xchacha20poly1305_ietf_encrypt 1 1
_crypto_aead_xchacha20poly1305_ietf_encrypt_detached 1 1
_crypto_aead_xchacha20poly1305_ietf_keybytes 1 1
_crypto_aead_xchacha20poly1305_ietf_keygen 1 1
_crypto_aead_xchacha20poly1305_ietf_messagebytes_max 0 0
_crypto_aead_xchacha20poly1305_ietf_npubbytes 1 1
_crypto_aead_xchacha20poly1305_ietf_nsecbytes 1 1
_crypto_auth 1 1
@ -87,6 +91,7 @@ _crypto_box_curve25519xchacha20poly1305_easy 0 1
_crypto_box_curve25519xchacha20poly1305_easy_afternm 0 1
_crypto_box_curve25519xchacha20poly1305_keypair 0 1
_crypto_box_curve25519xchacha20poly1305_macbytes 0 1
_crypto_box_curve25519xchacha20poly1305_messagebytes_max 0 0
_crypto_box_curve25519xchacha20poly1305_noncebytes 0 1
_crypto_box_curve25519xchacha20poly1305_open_detached 0 1
_crypto_box_curve25519xchacha20poly1305_open_detached_afternm 0 1
@ -106,6 +111,7 @@ _crypto_box_curve25519xsalsa20poly1305_beforenmbytes 0 1
_crypto_box_curve25519xsalsa20poly1305_boxzerobytes 0 1
_crypto_box_curve25519xsalsa20poly1305_keypair 0 1
_crypto_box_curve25519xsalsa20poly1305_macbytes 0 1
_crypto_box_curve25519xsalsa20poly1305_messagebytes_max 0 0
_crypto_box_curve25519xsalsa20poly1305_noncebytes 0 1
_crypto_box_curve25519xsalsa20poly1305_open 0 1
_crypto_box_curve25519xsalsa20poly1305_open_afternm 0 1
@ -120,6 +126,7 @@ _crypto_box_easy 1 1
_crypto_box_easy_afternm 1 1
_crypto_box_keypair 1 1
_crypto_box_macbytes 1 1
_crypto_box_messagebytes_max 0 0
_crypto_box_noncebytes 1 1
_crypto_box_open 0 1
_crypto_box_open_afternm 0 1
@ -247,29 +254,30 @@ _crypto_onetimeauth_update 0 1
_crypto_onetimeauth_verify 0 1
_crypto_pwhash 0 1
_crypto_pwhash_alg_argon2i13 0 1
_crypto_pwhash_alg_argon2id13 0 1
_crypto_pwhash_alg_default 0 1
_crypto_pwhash_argon2i 0 1
_crypto_pwhash_argon2i_alg_argon2i13 0 1
_crypto_pwhash_argon2i_bytes_max 0 1
_crypto_pwhash_argon2i_bytes_min 0 1
_crypto_pwhash_argon2i_memlimit_interactive 0 1
_crypto_pwhash_argon2i_memlimit_moderate 0 1
_crypto_pwhash_argon2i_memlimit_sensitive 0 1
_crypto_pwhash_argon2i_memlimit_max 0 1
_crypto_pwhash_argon2i_memlimit_min 0 1
_crypto_pwhash_argon2i_memlimit_moderate 0 1
_crypto_pwhash_argon2i_memlimit_sensitive 0 1
_crypto_pwhash_argon2i_opslimit_interactive 0 1
_crypto_pwhash_argon2i_opslimit_moderate 0 1
_crypto_pwhash_argon2i_opslimit_sensitive 0 1
_crypto_pwhash_argon2i_opslimit_max 0 1
_crypto_pwhash_argon2i_opslimit_min 0 1
_crypto_pwhash_argon2i_opslimit_moderate 0 1
_crypto_pwhash_argon2i_opslimit_sensitive 0 1
_crypto_pwhash_argon2i_passwd_max 0 1
_crypto_pwhash_argon2i_passwd_min 0 1
_crypto_pwhash_argon2i_saltbytes 0 1
_crypto_pwhash_argon2i_str 0 1
_crypto_pwhash_argon2i_str_needs_rehash 0 1
_crypto_pwhash_argon2i_str_verify 0 1
_crypto_pwhash_argon2i_strbytes 0 1
_crypto_pwhash_argon2i_strprefix 0 1
_crypto_pwhash_alg_argon2id13 0 1
_crypto_pwhash_argon2id 0 1
_crypto_pwhash_argon2id_alg_argon2id13 0 1
_crypto_pwhash_argon2id_bytes_max 0 1
@ -288,45 +296,49 @@ _crypto_pwhash_argon2id_passwd_max 0 1
_crypto_pwhash_argon2id_passwd_min 0 1
_crypto_pwhash_argon2id_saltbytes 0 1
_crypto_pwhash_argon2id_str 0 1
_crypto_pwhash_argon2id_str_needs_rehash 0 1
_crypto_pwhash_argon2id_str_verify 0 1
_crypto_pwhash_argon2id_strbytes 0 1
_crypto_pwhash_argon2id_strprefix 0 1
_crypto_pwhash_bytes_max 1 1
_crypto_pwhash_bytes_min 1 1
_crypto_pwhash_bytes_max 0 1
_crypto_pwhash_bytes_min 0 1
_crypto_pwhash_memlimit_interactive 0 1
_crypto_pwhash_memlimit_max 1 1
_crypto_pwhash_memlimit_min 1 1
_crypto_pwhash_memlimit_max 0 1
_crypto_pwhash_memlimit_min 0 1
_crypto_pwhash_memlimit_moderate 0 1
_crypto_pwhash_memlimit_sensitive 0 1
_crypto_pwhash_opslimit_interactive 0 1
_crypto_pwhash_opslimit_max 1 1
_crypto_pwhash_opslimit_min 1 1
_crypto_pwhash_opslimit_max 0 1
_crypto_pwhash_opslimit_min 0 1
_crypto_pwhash_opslimit_moderate 0 1
_crypto_pwhash_opslimit_sensitive 0 1
_crypto_pwhash_passwd_max 1 1
_crypto_pwhash_passwd_min 1 1
_crypto_pwhash_passwd_max 0 1
_crypto_pwhash_passwd_min 0 1
_crypto_pwhash_primitive 0 1
_crypto_pwhash_saltbytes 0 1
_crypto_pwhash_scryptsalsa208sha256 0 1
_crypto_pwhash_scryptsalsa208sha256_bytes_max 0 1
_crypto_pwhash_scryptsalsa208sha256_bytes_min 0 1
_crypto_pwhash_scryptsalsa208sha256_ll 0 1
_crypto_pwhash_scryptsalsa208sha256_memlimit_interactive 0 1
_crypto_pwhash_scryptsalsa208sha256_memlimit_max 0 1
_crypto_pwhash_scryptsalsa208sha256_memlimit_min 0 1
_crypto_pwhash_scryptsalsa208sha256_memlimit_sensitive 0 1
_crypto_pwhash_scryptsalsa208sha256_opslimit_interactive 0 1
_crypto_pwhash_scryptsalsa208sha256_opslimit_max 0 1
_crypto_pwhash_scryptsalsa208sha256_opslimit_min 0 1
_crypto_pwhash_scryptsalsa208sha256_opslimit_sensitive 0 1
_crypto_pwhash_scryptsalsa208sha256_passwd_max 0 1
_crypto_pwhash_scryptsalsa208sha256_passwd_min 0 1
_crypto_pwhash_scryptsalsa208sha256_saltbytes 0 1
_crypto_pwhash_scryptsalsa208sha256_str 0 1
_crypto_pwhash_scryptsalsa208sha256_str_needs_rehash 0 1
_crypto_pwhash_scryptsalsa208sha256_str_verify 0 1
_crypto_pwhash_scryptsalsa208sha256_strbytes 0 1
_crypto_pwhash_scryptsalsa208sha256_strprefix 0 1
_crypto_pwhash_scryptsalsa208sha256_bytes_max 0 1
_crypto_pwhash_scryptsalsa208sha256_bytes_min 0 1
_crypto_pwhash_scryptsalsa208sha256_memlimit_max 0 1
_crypto_pwhash_scryptsalsa208sha256_memlimit_min 0 1
_crypto_pwhash_scryptsalsa208sha256_opslimit_max 0 1
_crypto_pwhash_scryptsalsa208sha256_opslimit_min 0 1
_crypto_pwhash_scryptsalsa208sha256_passwd_max 0 1
_crypto_pwhash_scryptsalsa208sha256_passwd_min 0 1
_crypto_pwhash_str 0 1
_crypto_pwhash_str_alg 0 1
_crypto_pwhash_str_needs_rehash 0 1
_crypto_pwhash_str_verify 0 1
_crypto_pwhash_strbytes 0 1
_crypto_pwhash_strprefix 0 1
@ -346,6 +358,7 @@ _crypto_secretbox_easy 1 1
_crypto_secretbox_keybytes 1 1
_crypto_secretbox_keygen 1 1
_crypto_secretbox_macbytes 1 1
_crypto_secretbox_messagebytes_max 0 0
_crypto_secretbox_noncebytes 1 1
_crypto_secretbox_open 0 1
_crypto_secretbox_open_detached 1 1
@ -355,18 +368,35 @@ _crypto_secretbox_xchacha20poly1305_detached 0 1
_crypto_secretbox_xchacha20poly1305_easy 0 1
_crypto_secretbox_xchacha20poly1305_keybytes 0 1
_crypto_secretbox_xchacha20poly1305_macbytes 0 1
_crypto_secretbox_xchacha20poly1305_messagebytes_max 0 0
_crypto_secretbox_xchacha20poly1305_noncebytes 0 1
_crypto_secretbox_xchacha20poly1305_open_detached 0 1
_crypto_secretbox_xchacha20poly1305_open_easy 0 1
_crypto_secretbox_xsalsa20poly1305 0 1
_crypto_secretbox_xsalsa20poly1305_boxzerobytes 0 1
_crypto_secretbox_xsalsa20poly1305_keybytes 0 1
_crypto_secretbox_xsalsa20poly1305_keygen 0 1
_crypto_secretbox_xsalsa20poly1305_macbytes 0 1
_crypto_secretbox_xsalsa20poly1305_messagebytes_max 0 0
_crypto_secretbox_xsalsa20poly1305_noncebytes 0 1
_crypto_secretbox_xsalsa20poly1305_open 0 1
_crypto_secretbox_xsalsa20poly1305_zerobytes 0 1
_crypto_secretbox_xsalsa20poly1305_keygen 0 1
_crypto_secretbox_zerobytes 0 1
_crypto_secretstream_xchacha20poly1305_abytes 1 1
_crypto_secretstream_xchacha20poly1305_init_pull 1 1
_crypto_secretstream_xchacha20poly1305_init_push 1 1
_crypto_secretstream_xchacha20poly1305_headerbytes 1 1
_crypto_secretstream_xchacha20poly1305_keybytes 1 1
_crypto_secretstream_xchacha20poly1305_keygen 1 1
_crypto_secretstream_xchacha20poly1305_messagebytes_max 1 1
_crypto_secretstream_xchacha20poly1305_pull 1 1
_crypto_secretstream_xchacha20poly1305_push 1 1
_crypto_secretstream_xchacha20poly1305_rekey 1 1
_crypto_secretstream_xchacha20poly1305_statebytes 1 1
_crypto_secretstream_xchacha20poly1305_tag_final 1 1
_crypto_secretstream_xchacha20poly1305_tag_message 1 1
_crypto_secretstream_xchacha20poly1305_tag_push 1 1
_crypto_secretstream_xchacha20poly1305_tag_rekey 1 1
_crypto_shorthash 1 1
_crypto_shorthash_bytes 1 1
_crypto_shorthash_keybytes 1 1
@ -385,6 +415,7 @@ _crypto_sign_ed25519 0 1
_crypto_sign_ed25519_bytes 0 1
_crypto_sign_ed25519_detached 0 1
_crypto_sign_ed25519_keypair 0 1
_crypto_sign_ed25519_messagebytes_max 0 0
_crypto_sign_ed25519_open 0 1
_crypto_sign_ed25519_pk_to_curve25519 1 1
_crypto_sign_ed25519_publickeybytes 0 1
@ -407,6 +438,7 @@ _crypto_sign_final_create 1 1
_crypto_sign_final_verify 1 1
_crypto_sign_init 1 1
_crypto_sign_keypair 1 1
_crypto_sign_messagebytes_max 0 0
_crypto_sign_open 1 1
_crypto_sign_primitive 0 1
_crypto_sign_publickeybytes 1 1
@ -429,37 +461,44 @@ _crypto_stream_chacha20 0 1
_crypto_stream_chacha20_ietf 0 1
_crypto_stream_chacha20_ietf_keybytes 0 1
_crypto_stream_chacha20_ietf_keygen 0 1
_crypto_stream_chacha20_ietf_messagebytes_max 0 0
_crypto_stream_chacha20_ietf_noncebytes 0 1
_crypto_stream_chacha20_ietf_xor 0 1
_crypto_stream_chacha20_ietf_xor_ic 0 1
_crypto_stream_chacha20_keybytes 0 1
_crypto_stream_chacha20_keygen 0 1
_crypto_stream_chacha20_messagebytes_max 0 0
_crypto_stream_chacha20_noncebytes 0 1
_crypto_stream_chacha20_xor 0 1
_crypto_stream_chacha20_xor_ic 0 1
_crypto_stream_keybytes 0 1
_crypto_stream_keygen 1 1
_crypto_stream_messagebytes_max 0 0
_crypto_stream_noncebytes 0 1
_crypto_stream_primitive 0 1
_crypto_stream_salsa20 0 1
_crypto_stream_salsa2012 0 1
_crypto_stream_salsa2012_keybytes 0 1
_crypto_stream_salsa2012_keygen 0 1
_crypto_stream_salsa2012_messagebytes_max 0 0
_crypto_stream_salsa2012_noncebytes 0 1
_crypto_stream_salsa2012_xor 0 1
_crypto_stream_salsa208 0 1
_crypto_stream_salsa208_keybytes 0 1
_crypto_stream_salsa208_keygen 0 1
_crypto_stream_salsa208_messagebytes_max 0 1
_crypto_stream_salsa208_noncebytes 0 1
_crypto_stream_salsa208_xor 0 1
_crypto_stream_salsa20_keybytes 0 1
_crypto_stream_salsa20_keygen 0 1
_crypto_stream_salsa20_messagebytes_max 0 0
_crypto_stream_salsa20_noncebytes 0 1
_crypto_stream_salsa20_xor 0 1
_crypto_stream_salsa20_xor_ic 0 1
_crypto_stream_xchacha20 0 1
_crypto_stream_xchacha20_keybytes 0 1
_crypto_stream_xchacha20_keygen 0 1
_crypto_stream_xchacha20_messagebytes_max 0 0
_crypto_stream_xchacha20_noncebytes 0 1
_crypto_stream_xchacha20_xor 0 1
_crypto_stream_xchacha20_xor_ic 0 1
@ -467,6 +506,7 @@ _crypto_stream_xor 0 1
_crypto_stream_xsalsa20 0 1
_crypto_stream_xsalsa20_keybytes 0 1
_crypto_stream_xsalsa20_keygen 0 1
_crypto_stream_xsalsa20_messagebytes_max 0 0
_crypto_stream_xsalsa20_noncebytes 0 1
_crypto_stream_xsalsa20_xor 0 1
_crypto_stream_xsalsa20_xor_ic 0 1
@ -488,6 +528,9 @@ _randombytes_stir 1 1
_randombytes_uniform 1 1
_sodium_add 0 0
_sodium_allocarray 0 0
_sodium_base64_encoded_len 1 1
_sodium_base642bin 1 1
_sodium_bin2base64 1 1
_sodium_bin2hex 1 1
_sodium_compare 0 0
_sodium_free 0 0
@ -501,18 +544,23 @@ _sodium_library_version_minor 1 1
_sodium_malloc 0 0
_sodium_memcmp 0 0
_sodium_memzero 0 0
_sodium_misuse 0 0
_sodium_mlock 0 0
_sodium_mprotect_noaccess 0 0
_sodium_mprotect_readonly 0 0
_sodium_mprotect_readwrite 0 0
_sodium_munlock 0 0
_sodium_pad 1 1
_sodium_runtime_has_aesni 0 0
_sodium_runtime_has_avx 0 0
_sodium_runtime_has_avx2 0 0
_sodium_runtime_has_avx512f 0 0
_sodium_runtime_has_neon 0 0
_sodium_runtime_has_pclmul 0 0
_sodium_runtime_has_sse2 0 0
_sodium_runtime_has_sse3 0 0
_sodium_runtime_has_sse41 0 0
_sodium_runtime_has_ssse3 0 0
_sodium_set_misuse_handler 0 0
_sodium_unpad 1 1
_sodium_version_string 1 1

22
dist-build/emscripten-wasm.sh
View File

File diff suppressed because one or more lines are too long

4
dist-build/emscripten.sh
View File

File diff suppressed because one or more lines are too long

94
dist-build/generate-emscripten-symbols.sh
View File

@ -1,43 +1,61 @@
#! /bin/sh
if [ "x$1" = "x--sumo" ]; then
SUMO=yes
fi
set -e
{
while read symbol standard sumo; do
found="$standard"
if [ "x$SUMO" != "x" ]; then
found="$sumo"
fi
if [ "$found" = "1" ]; then
eval "defined_${symbol}=yes"
else
eval "defined_${symbol}=no"
fi
done < emscripten-symbols.def
nm /usr/local/lib/libsodium.18.dylib | \
fgrep ' T _' | \
cut -d' ' -f3 | {
while read symbol; do
eval "found=\$defined_${symbol}"
if [ "$found" = "yes" ]; then
echo "$symbol"
elif [ "$found" != "no" ]; then
echo >&2
echo "*** [$symbol] was not expected ***" >&2
echo >&2
exit 1
symbols() {
{
SUMO="$1"
while read symbol standard sumo; do
found="$standard"
if [ "x$SUMO" = "xsumo" ]; then
found="$sumo"
fi
done
}
} | \
sort | \
{
out=''
while read symbol ; do
out="${out},\"${symbol}\""
done
echo $out
if [ "$found" = "1" ]; then
eval "defined_${symbol}=yes"
else
eval "defined_${symbol}=no"
fi
done < emscripten-symbols.def
nm /usr/local/lib/libsodium.18.dylib | \
fgrep ' T _' | \
cut -d' ' -f3 | {
while read symbol; do
eval "found=\$defined_${symbol}"
if [ "$found" = "yes" ]; then
echo "$symbol"
elif [ "$found" != "no" ]; then
echo >&2
echo "*** [$symbol] was not expected ***" >&2
echo >&2
exit 1
fi
done
}
} | \
sort | \
{
out=''
while read symbol ; do
if [ ! -z "$out" ]; then
out="${out},"
fi
out="${out}\"${symbol}\""
done
echo "[${out}]"
}
}
out=$(symbols standard)
sed s/EXPORTED_FUNCTIONS_STANDARD=\'.*\'/EXPORTED_FUNCTIONS_STANDARD=\'${out}\'/ < emscripten.sh > emscripten.sh.tmp && \
mv -f emscripten.sh.tmp emscripten.sh
sed s/EXPORTED_FUNCTIONS_STANDARD=\'.*\'/EXPORTED_FUNCTIONS_STANDARD=\'${out}\'/ < emscripten-wasm.sh > emscripten-wasm.sh.tmp && \
mv -f emscripten-wasm.sh.tmp emscripten-wasm.sh
out=$(symbols sumo)
sed s/EXPORTED_FUNCTIONS_SUMO=\'.*\'/EXPORTED_FUNCTIONS_SUMO=\'${out}\'/ < emscripten.sh > emscripten.sh.tmp && \
mv -f emscripten.sh.tmp emscripten.sh
sed s/EXPORTED_FUNCTIONS_SUMO=\'.*\'/EXPORTED_FUNCTIONS_SUMO=\'${out}\'/ < emscripten-wasm.sh > emscripten-wasm.sh.tmp && \
mv -f emscripten-wasm.sh.tmp emscripten-wasm.sh
chmod +x emscripten.sh emscripten-wasm.sh

4
dist-build/ios.sh
View File

@ -91,8 +91,8 @@ make distclean > /dev/null
make -j3 install || exit 1
## 64-bit iOS
export CFLAGS="-O2 -arch arm64 -isysroot ${SDK} -mios-version-min=${IOS_VERSION_MIN} -flto"
export LDFLAGS="-arch arm64 -isysroot ${SDK} -mios-version-min=${IOS_VERSION_MIN} -flto"
export CFLAGS="-O2 -arch arm64 -isysroot ${SDK} -mios-version-min=${IOS_VERSION_MIN} -flto -fembed-bitcode"
export LDFLAGS="-arch arm64 -isysroot ${SDK} -mios-version-min=${IOS_VERSION_MIN} -flto -fembed-bitcode"
make distclean > /dev/null

6
libsodium.vcxproj
View File

@ -357,6 +357,7 @@
<ClCompile Include="src\libsodium\crypto_pwhash\argon2\argon2-core.c" />
<ClCompile Include="src\libsodium\crypto_pwhash\argon2\argon2-encoding.c" />
<ClCompile Include="src\libsodium\crypto_pwhash\argon2\argon2-fill-block-avx2.c" />
<ClCompile Include="src\libsodium\crypto_pwhash\argon2\argon2-fill-block-avx512f.c" />
<ClCompile Include="src\libsodium\crypto_pwhash\argon2\argon2-fill-block-ref.c" />
<ClCompile Include="src\libsodium\crypto_pwhash\argon2\argon2-fill-block-ssse3.c" />
<ClCompile Include="src\libsodium\crypto_pwhash\argon2\argon2.c" />
@ -380,6 +381,7 @@
<ClCompile Include="src\libsodium\crypto_secretbox\crypto_secretbox_easy.c" />
<ClCompile Include="src\libsodium\crypto_secretbox\xchacha20poly1305\secretbox_xchacha20poly1305.c" />
<ClCompile Include="src\libsodium\crypto_secretbox\xsalsa20poly1305\secretbox_xsalsa20poly1305.c" />
<ClCompile Include="src\libsodium\crypto_secretstream\xchacha20poly1305\secretstream_xchacha20poly1305.c" />
<ClCompile Include="src\libsodium\crypto_shorthash\crypto_shorthash.c" />
<ClCompile Include="src\libsodium\crypto_shorthash\siphash24\shorthash_siphash24.c" />
<ClCompile Include="src\libsodium\crypto_shorthash\siphash24\shorthash_siphashx24.c" />
@ -419,6 +421,7 @@
<ClCompile Include="src\libsodium\randombytes\nativeclient\randombytes_nativeclient.c" />
<ClCompile Include="src\libsodium\randombytes\salsa20\randombytes_salsa20_random.c" />
<ClCompile Include="src\libsodium\randombytes\sysrandom\randombytes_sysrandom.c" />
<ClCompile Include="src\libsodium\sodium\codecs.c" />
<ClCompile Include="src\libsodium\sodium\core.c" />
<ClCompile Include="src\libsodium\sodium\runtime.c" />
<ClCompile Include="src\libsodium\sodium\utils.c" />
@ -444,6 +447,7 @@
<ClInclude Include="src\libsodium\crypto_pwhash\argon2\argon2.h" />
<ClInclude Include="src\libsodium\crypto_pwhash\argon2\blake2b-long.h" />
<ClInclude Include="src\libsodium\crypto_pwhash\argon2\blamka-round-avx2.h" />
<ClInclude Include="src\libsodium\crypto_pwhash\argon2\blamka-round-avx512f.h" />
<ClInclude Include="src\libsodium\crypto_pwhash\argon2\blamka-round-ref.h" />
<ClInclude Include="src\libsodium\crypto_pwhash\argon2\blamka-round-ssse3.h" />
<ClInclude Include="src\libsodium\crypto_pwhash\scryptsalsa208sha256\crypto_scrypt.h" />
@ -518,6 +522,7 @@
<ClInclude Include="src\libsodium\include\sodium\crypto_secretbox.h" />
<ClInclude Include="src\libsodium\include\sodium\crypto_secretbox_xchacha20poly1305.h" />
<ClInclude Include="src\libsodium\include\sodium\crypto_secretbox_xsalsa20poly1305.h" />
<ClInclude Include="src\libsodium\include\sodium\crypto_secretstream_xchacha20poly1305.h" />
<ClInclude Include="src\libsodium\include\sodium\crypto_shorthash.h" />
<ClInclude Include="src\libsodium\include\sodium\crypto_shorthash_siphash24.h" />
<ClInclude Include="src\libsodium\include\sodium\crypto_sign.h" />
@ -541,6 +546,7 @@
<ClInclude Include="src\libsodium\include\sodium\randombytes_sysrandom.h" />
<ClInclude Include="src\libsodium\include\sodium\runtime.h" />
<ClInclude Include="src\libsodium\include\sodium\utils.h" />
<ClInclude Include="src\libsodium\include\sodium\version.h" />
<ClInclude Include="src\libsodium\include\sodium\private\common.h" />
<ClInclude Include="src\libsodium\include\sodium\private\curve25519_ref10.h" />
<ClInclude Include="src\libsodium\include\sodium\private\implementations.h" />

18
libsodium.vcxproj.filters
View File

@ -141,6 +141,9 @@
<ClCompile Include="src\libsodium\crypto_pwhash\argon2\argon2-fill-block-avx2.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="src\libsodium\crypto_pwhash\argon2\argon2-fill-block-avx512f.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="src\libsodium\crypto_pwhash\argon2\argon2-fill-block-ref.c">
<Filter>Source Files</Filter>
</ClCompile>
@ -210,6 +213,9 @@
<ClCompile Include="src\libsodium\crypto_secretbox\xsalsa20poly1305\secretbox_xsalsa20poly1305.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="src\libsodium\crypto_secretstream\xchacha20poly1305\secretstream_xchacha20poly1305.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="src\libsodium\crypto_shorthash\crypto_shorthash.c">
<Filter>Source Files</Filter>
</ClCompile>
@ -327,6 +333,9 @@
<ClCompile Include="src\libsodium\randombytes\sysrandom\randombytes_sysrandom.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="src\libsodium\sodium\codecs.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="src\libsodium\sodium\core.c">
<Filter>Source Files</Filter>
</ClCompile>
@ -398,6 +407,9 @@
<ClInclude Include="src\libsodium\crypto_pwhash\argon2\blamka-round-avx2.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="src\libsodium\crypto_pwhash\argon2\blamka-round-avx512f.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="src\libsodium\crypto_pwhash\argon2\blamka-round-ref.h">
<Filter>Header Files</Filter>
</ClInclude>
@ -620,6 +632,9 @@
<ClInclude Include="src\libsodium\include\sodium\crypto_secretbox_xsalsa20poly1305.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="src\libsodium\include\sodium\crypto_secretstream_xchacha20poly1305.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="src\libsodium\include\sodium\crypto_shorthash.h">
<Filter>Header Files</Filter>
</ClInclude>
@ -689,6 +704,9 @@
<ClInclude Include="src\libsodium\include\sodium\utils.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="src\libsodium\include\sodium\version.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="src\libsodium\include\sodium\private\common.h">
<Filter>Header Files</Filter>
</ClInclude>

57
m4/ax_check_catchable_abrt.m4 Normal file
View File

@ -0,0 +1,57 @@
# SYNOPSIS
#
# AX_CHECK_CATCHABLE_ABRT
#
# DESCRIPTION
#
# Check whether SIGABRT can be caught using signal handlers.
#serial 1
AC_DEFUN([AX_CHECK_CATCHABLE_ABRT], [dnl
AC_PREREQ(2.64)
AS_VAR_PUSHDEF([CACHEVAR], [ax_cv_check_[]_AC_LANG_ABBREV[]CATCHABLE_ABRT])dnl
AC_CACHE_CHECK([whether SIGABRT can be caught when using the _AC_LANG compiler], CACHEVAR, [
AC_RUN_IFELSE([
AC_LANG_PROGRAM([[
#include <signal.h>
#include <stdlib.h>
#ifndef SIGABRT
# error SIGABRT is not defined
#endif
static void sigabrt_handler_3(int _)
{
exit(0);
}
static void sigabrt_handler_2(int _)
{
signal(SIGABRT, sigabrt_handler_3);
abort();
exit(1);
}
static void sigabrt_handler_1(int _)
{
signal(SIGABRT, sigabrt_handler_2);
abort();
exit(1);
}
]], [[
signal(SIGABRT, sigabrt_handler_1);
abort();
exit(1);
]])],
[AS_VAR_SET(CACHEVAR, [yes])],
[AS_VAR_SET(CACHEVAR, [no])],
[AS_VAR_SET(CACHEVAR, [unknown])]
)
])
AS_VAR_IF(CACHEVAR, yes,
[AC_DEFINE([HAVE_CATCHABLE_ABRT], [1], [Define if SIGABRT can be caught using signal handlers])],
[AC_MSG_WARN([On this platform, SIGABRT cannot be caught using signal handlers.])]
)
AS_VAR_POPDEF([CACHEVAR])dnl
])

4
m4/ax_check_gnu_make.m4
View File

@ -1,5 +1,5 @@
# ===========================================================================
# http://www.gnu.org/software/autoconf-archive/ax_check_gnu_make.html
# https://www.gnu.org/software/autoconf-archive/ax_check_gnu_make.html
# ===========================================================================
#
# SYNOPSIS
@ -61,7 +61,7 @@
# and this notice are preserved. This file is offered as-is, without any
# warranty.
#serial 8
#serial 9
AC_DEFUN([AX_CHECK_GNU_MAKE],dnl
[AC_PROG_AWK

4
m4/ax_pthread.m4
View File

@ -1,5 +1,5 @@
# ===========================================================================
# http://www.gnu.org/software/autoconf-archive/ax_pthread.html
# https://www.gnu.org/software/autoconf-archive/ax_pthread.html
# ===========================================================================
#
# SYNOPSIS
@ -67,7 +67,7 @@
# Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program. If not, see <http://www.gnu.org/licenses/>.
# with this program. If not, see <https://www.gnu.org/licenses/>.
#
# As a special exception, the respective Autoconf Macro's copyright owner
# gives unlimited permission to copy, distribute and modify the configure

214
m4/pkg.m4
View File

@ -1,214 +0,0 @@
# pkg.m4 - Macros to locate and utilise pkg-config. -*- Autoconf -*-
# serial 1 (pkg-config-0.24)
#
# Copyright © 2004 Scott James Remnant <scott@netsplit.com>.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
# configuration script generated by Autoconf, you may include it under
# the same distribution terms that you use for the rest of that program.
# PKG_PROG_PKG_CONFIG([MIN-VERSION])
# ----------------------------------
AC_DEFUN([PKG_PROG_PKG_CONFIG],
[m4_pattern_forbid([^_?PKG_[A-Z_]+$])
m4_pattern_allow([^PKG_CONFIG(_(PATH|LIBDIR|SYSROOT_DIR|ALLOW_SYSTEM_(CFLAGS|LIBS)))?$])
m4_pattern_allow([^PKG_CONFIG_(DISABLE_UNINSTALLED|TOP_BUILD_DIR|DEBUG_SPEW)$])
AC_ARG_VAR([PKG_CONFIG], [path to pkg-config utility])
AC_ARG_VAR([PKG_CONFIG_PATH], [directories to add to pkg-config's search path])
AC_ARG_VAR([PKG_CONFIG_LIBDIR], [path overriding pkg-config's built-in search path])
if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then
AC_PATH_TOOL([PKG_CONFIG], [pkg-config])
fi
if test -n "$PKG_CONFIG"; then
_pkg_min_version=m4_default([$1], [0.9.0])
AC_MSG_CHECKING([pkg-config is at least version $_pkg_min_version])
if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then
AC_MSG_RESULT([yes])
else
AC_MSG_RESULT([no])
PKG_CONFIG=""
fi
fi[]dnl
])# PKG_PROG_PKG_CONFIG
# PKG_CHECK_EXISTS(MODULES, [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND])
#
# Check to see whether a particular set of modules exists. Similar
# to PKG_CHECK_MODULES(), but does not set variables or print errors.
#
# Please remember that m4 expands AC_REQUIRE([PKG_PROG_PKG_CONFIG])
# only at the first occurrence in configure.ac, so if the first place
# it's called might be skipped (such as if it is within an "if", you
# have to call PKG_CHECK_EXISTS manually
# --------------------------------------------------------------
AC_DEFUN([PKG_CHECK_EXISTS],
[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl
if test -n "$PKG_CONFIG" && \
AC_RUN_LOG([$PKG_CONFIG --exists --print-errors "$1"]); then
m4_default([$2], [:])
m4_ifvaln([$3], [else
$3])dnl
fi])
# _PKG_CONFIG([VARIABLE], [COMMAND], [MODULES])
# ---------------------------------------------
m4_define([_PKG_CONFIG],
[if test -n "$$1"; then
pkg_cv_[]$1="$$1"
elif test -n "$PKG_CONFIG"; then
PKG_CHECK_EXISTS([$3],
[pkg_cv_[]$1=`$PKG_CONFIG --[]$2 "$3" 2>/dev/null`
test "x$?" != "x0" && pkg_failed=yes ],
[pkg_failed=yes])
else
pkg_failed=untried
fi[]dnl
])# _PKG_CONFIG
# _PKG_SHORT_ERRORS_SUPPORTED
# -----------------------------
AC_DEFUN([_PKG_SHORT_ERRORS_SUPPORTED],
[AC_REQUIRE([PKG_PROG_PKG_CONFIG])
if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
_pkg_short_errors_supported=yes
else
_pkg_short_errors_supported=no
fi[]dnl
])# _PKG_SHORT_ERRORS_SUPPORTED
# PKG_CHECK_MODULES(VARIABLE-PREFIX, MODULES, [ACTION-IF-FOUND],
# [ACTION-IF-NOT-FOUND])
#
#
# Note that if there is a possibility the first call to
# PKG_CHECK_MODULES might not happen, you should be sure to include an
# explicit call to PKG_PROG_PKG_CONFIG in your configure.ac
#
#
# --------------------------------------------------------------
AC_DEFUN([PKG_CHECK_MODULES],
[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl
AC_ARG_VAR([$1][_CFLAGS], [C compiler flags for $1, overriding pkg-config])dnl
AC_ARG_VAR([$1][_LIBS], [linker flags for $1, overriding pkg-config])dnl
pkg_failed=no
AC_MSG_CHECKING([for $1])
_PKG_CONFIG([$1][_CFLAGS], [cflags], [$2])
_PKG_CONFIG([$1][_LIBS], [libs], [$2])
m4_define([_PKG_TEXT], [Alternatively, you may set the environment variables $1[]_CFLAGS
and $1[]_LIBS to avoid the need to call pkg-config.
See the pkg-config man page for more details.])
if test $pkg_failed = yes; then
AC_MSG_RESULT([no])
_PKG_SHORT_ERRORS_SUPPORTED
if test $_pkg_short_errors_supported = yes; then
$1[]_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "$2" 2>&1`
else
$1[]_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "$2" 2>&1`
fi
# Put the nasty error message in config.log where it belongs
echo "$$1[]_PKG_ERRORS" >&AS_MESSAGE_LOG_FD
m4_default([$4], [AC_MSG_ERROR(
[Package requirements ($2) were not met:
$$1_PKG_ERRORS
Consider adjusting the PKG_CONFIG_PATH environment variable if you
installed software in a non-standard prefix.
_PKG_TEXT])[]dnl
])
elif test $pkg_failed = untried; then
AC_MSG_RESULT([no])
m4_default([$4], [AC_MSG_FAILURE(
[The pkg-config script could not be found or is too old. Make sure it
is in your PATH or set the PKG_CONFIG environment variable to the full
path to pkg-config.
_PKG_TEXT
To get pkg-config, see <http://pkg-config.freedesktop.org/>.])[]dnl
])
else
$1[]_CFLAGS=$pkg_cv_[]$1[]_CFLAGS
$1[]_LIBS=$pkg_cv_[]$1[]_LIBS
AC_MSG_RESULT([yes])
$3
fi[]dnl
])# PKG_CHECK_MODULES
# PKG_INSTALLDIR(DIRECTORY)
# -------------------------
# Substitutes the variable pkgconfigdir as the location where a module
# should install pkg-config .pc files. By default the directory is
# $libdir/pkgconfig, but the default can be changed by passing
# DIRECTORY. The user can override through the --with-pkgconfigdir
# parameter.
AC_DEFUN([PKG_INSTALLDIR],
[m4_pushdef([pkg_default], [m4_default([$1], ['${libdir}/pkgconfig'])])
m4_pushdef([pkg_description],
[pkg-config installation directory @<:@]pkg_default[@:>@])
AC_ARG_WITH([pkgconfigdir],
[AS_HELP_STRING([--with-pkgconfigdir], pkg_description)],,
[with_pkgconfigdir=]pkg_default)
AC_SUBST([pkgconfigdir], [$with_pkgconfigdir])
m4_popdef([pkg_default])
m4_popdef([pkg_description])
]) dnl PKG_INSTALLDIR
# PKG_NOARCH_INSTALLDIR(DIRECTORY)
# -------------------------
# Substitutes the variable noarch_pkgconfigdir as the location where a
# module should install arch-independent pkg-config .pc files. By
# default the directory is $datadir/pkgconfig, but the default can be
# changed by passing DIRECTORY. The user can override through the
# --with-noarch-pkgconfigdir parameter.
AC_DEFUN([PKG_NOARCH_INSTALLDIR],
[m4_pushdef([pkg_default], [m4_default([$1], ['${datadir}/pkgconfig'])])
m4_pushdef([pkg_description],
[pkg-config arch-independent installation directory @<:@]pkg_default[@:>@])
AC_ARG_WITH([noarch-pkgconfigdir],
[AS_HELP_STRING([--with-noarch-pkgconfigdir], pkg_description)],,
[with_noarch_pkgconfigdir=]pkg_default)
AC_SUBST([noarch_pkgconfigdir], [$with_noarch_pkgconfigdir])
m4_popdef([pkg_default])
m4_popdef([pkg_description])
]) dnl PKG_NOARCH_INSTALLDIR
# PKG_CHECK_VAR(VARIABLE, MODULE, CONFIG-VARIABLE,
# [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND])
# -------------------------------------------
# Retrieves the value of the pkg-config variable for the given module.
AC_DEFUN([PKG_CHECK_VAR],
[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl
AC_ARG_VAR([$1], [value of $3 for $2, overriding pkg-config])dnl
_PKG_CONFIG([$1], [variable="][$3]["], [$2])
AS_VAR_COPY([$1], [pkg_cv_][$1])
AS_VAR_IF([$1], [""], [$5], [$4])dnl
])# PKG_CHECK_VAR

4
msvc-scripts/process.bat
View File

@ -1,5 +1,5 @@
cscript msvc-scripts/rep.vbs //Nologo s/@VERSION@/1.0.13/ < src\libsodium\include\sodium\version.h.in > tmp
cscript msvc-scripts/rep.vbs //Nologo s/@VERSION@/1.0.14/ < src\libsodium\include\sodium\version.h.in > tmp
cscript msvc-scripts/rep.vbs //Nologo s/@SODIUM_LIBRARY_VERSION_MAJOR@/9/ < tmp > tmp2
cscript msvc-scripts/rep.vbs //Nologo s/@SODIUM_LIBRARY_VERSION_MINOR@/5/ < tmp2 > tmp3
cscript msvc-scripts/rep.vbs //Nologo s/@SODIUM_LIBRARY_VERSION_MINOR@/6/ < tmp2 > tmp3
cscript msvc-scripts/rep.vbs //Nologo s/@SODIUM_LIBRARY_MINIMAL_DEF@// < tmp3 > src\libsodium\include\sodium\version.h
del tmp tmp2 tmp3

10
packaging/dotnet-core/README.md
View File

@ -31,15 +31,15 @@ Version numbers for the packages for .NET Core consist of three components:
It may be necessary to release more than one package for a libsodium version,
e.g., when adding support for a new platform or if a release contains a broken
binary. In this case, a package revision number is added as a fourth part to
the libsodium version, starting at `1`. For example, `1.0.13` is the initial
release of the package for libsodium 1.0.13 and `1.0.13.5` is the fifth
the libsodium version, starting at `1`. For example, `1.0.14` is the initial
release of the package for libsodium 1.0.14 and `1.0.14.5` is the fifth
revision (sixth release) of that package.
* *pre-release label*
If a package is a pre-release, a label is appended to the version number in
`-preview-##` format where `##` is the number of the pre-release, starting at
`01`. For example, `1.0.13-preview-01` is the first pre-release of the package
for libsodium 1.0.13 and `1.0.13.5-preview-02` the second pre-release of the
fifth revision of the package for libsodium 1.0.13.
`01`. For example, `1.0.14-preview-01` is the first pre-release of the package
for libsodium 1.0.14 and `1.0.14.5-preview-02` the second pre-release of the
fifth revision of the package for libsodium 1.0.14.
**Making a release**

16
packaging/dotnet-core/desktop.targets
View File

@ -1,16 +0,0 @@
<Project xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup>
<None Include="$(MSBuildThisFileDirectory)..\..\runtimes\win7-x86\native\libsodium.dll">
<Link>x86\libsodium.dll</Link>
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
<CopyToPublishDirectory>PreserveNewest</CopyToPublishDirectory>
<Visible>false</Visible>
</None>
<None Include="$(MSBuildThisFileDirectory)..\..\runtimes\win7-x64\native\libsodium.dll">
<Link>x64\libsodium.dll</Link>
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
<CopyToPublishDirectory>PreserveNewest</CopyToPublishDirectory>
<Visible>false</Visible>
</None>
</ItemGroup>
</Project>

7
packaging/dotnet-core/libsodium.props
View File

@ -2,7 +2,7 @@
<Project>
<PropertyGroup>
<TargetFrameworks>netstandard1.1;net46</TargetFrameworks>
<TargetFramework>netstandard1.1</TargetFramework>
<DisableImplicitFrameworkReferences>true</DisableImplicitFrameworkReferences>
<NoBuild>true</NoBuild>
<IncludeBuildOutput>false</IncludeBuildOutput>
@ -22,12 +22,15 @@
<MinClientVersion>4.0</MinClientVersion>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Microsoft.NETCore.Platforms" Version="1.0.1" />
</ItemGroup>
<ItemGroup>
<Content Include="LICENSE" PackagePath="" />
<Content Include="AUTHORS" PackagePath="" />
<Content Include="ChangeLog" PackagePath="" />
<Content Include="runtimes\**\*.*" PackagePath="runtimes\" />
<Content Include="build\**\*.*" PackagePath="build\" />
</ItemGroup>
</Project>

44
packaging/dotnet-core/prepare.py
View File

@ -8,8 +8,8 @@ WINDOWS = [
# --------------------- ----------------- #
# Runtime ID Platform #
# --------------------- ----------------- #
( 'win7-x64', 'x64' ),
( 'win7-x86', 'Win32' ),
( 'win-x64', 'x64' ),
( 'win-x86', 'Win32' ),
# --------------------- ----------------- #
]
@ -17,9 +17,7 @@ MACOS = [
# --------------------- ----------------- #
# Runtime ID Codename #
# --------------------- ----------------- #
( 'osx.10.10-x64', 'yosemite' ),
( 'osx.10.11-x64', 'el_capitan' ),
( 'osx.10.12-x64', 'sierra' ),
( 'osx-x64', 'sierra' ),
# --------------------- ----------------- #
]
@ -27,22 +25,13 @@ LINUX = [
# --------------------- ----------------- #
# Runtime ID Docker Image #
# --------------------- ----------------- #
( 'centos.7-x64', 'centos:7.1.1503' ),
( 'debian.8-x64', 'debian:8.2' ),
( 'fedora.24-x64', 'fedora:24' ),
( 'fedora.25-x64', 'fedora:25' ),
( 'fedora.26-x64', 'fedora:26' ),
( 'opensuse.42.1-x64', 'opensuse:42.1' ),
( 'ubuntu.14.04-x64', 'ubuntu:trusty' ),
( 'ubuntu.16.04-x64', 'ubuntu:xenial' ),
( 'ubuntu.16.10-x64', 'ubuntu:yakkety' ),
( 'linux-x64', 'debian:stretch' ),
# --------------------- ----------------- #
]
EXTRAS = [ 'LICENSE', 'AUTHORS', 'ChangeLog' ]
PROPSFILE = 'libsodium.props'
DESKTOPTARGETSFILE = 'desktop.targets'
MAKEFILE = 'Makefile'
BUILDDIR = 'build'
CACHEDIR = 'cache'
@ -64,7 +53,6 @@ class Version:
self.projfile = os.path.join(self.builddir, '{0}.{1}.pkgproj'.format(PACKAGE, package_version))
self.propsfile = os.path.join(self.builddir, '{0}.props'.format(PACKAGE))
self.pkgfile = os.path.join(BUILDDIR, '{0}.{1}.nupkg'.format(PACKAGE, package_version))
self.desktoptargetsfile = os.path.join(self.builddir, 'build', 'net46', '{0}.targets'.format(PACKAGE))
class WindowsItem:
@ -182,13 +170,13 @@ def main(args):
print(' python3 prepare.py <version>')
print()
print('Examples:')
print(' python3 prepare.py 1.0.13-preview-01')
print(' python3 prepare.py 1.0.13-preview-02')
print(' python3 prepare.py 1.0.13-preview-03')
print(' python3 prepare.py 1.0.13')
print(' python3 prepare.py 1.0.13.1-preview-01')
print(' python3 prepare.py 1.0.13.1')
print(' python3 prepare.py 1.0.13.2')
print(' python3 prepare.py 1.0.14-preview-01')
print(' python3 prepare.py 1.0.14-preview-02')
print(' python3 prepare.py 1.0.14-preview-03')
print(' python3 prepare.py 1.0.14')
print(' python3 prepare.py 1.0.14.1-preview-01')
print(' python3 prepare.py 1.0.14.1')
print(' python3 prepare.py 1.0.14.2')
return 1
version = Version(m.group(2), m.group(0))
@ -212,11 +200,6 @@ def main(args):
for item in items:
item.make(f)
f.write('\n')
f.write('{0}: {1}\n'.format(version.desktoptargetsfile, DESKTOPTARGETSFILE))
f.write('\t@mkdir -p $(dir $@)\n')
f.write('\tcp -f $< $@\n')
f.write('\n')
f.write('{0}: {1}\n'.format(version.propsfile, PROPSFILE))
f.write('\t@mkdir -p $(dir $@)\n')
@ -237,7 +220,6 @@ def main(args):
f.write('{0}:'.format(version.pkgfile))
f.write(' \\\n\t\t{0}'.format(version.projfile))
f.write(' \\\n\t\t{0}'.format(version.propsfile))
f.write(' \\\n\t\t{0}'.format(version.desktoptargetsfile))
for item in items:
f.write(' \\\n\t\t{0}'.format(item.packfile))
f.write('\n')
@ -246,14 +228,14 @@ def main(args):
'-v $(abspath recipes):/io/recipes ' +
'-v $(abspath $(dir $<)):/io/input ' +
'-v $(abspath $(dir $@)):/io/output ' +
'{0} sh -x -e /io/recipes/{1} {2}\n'.format('microsoft/dotnet:1.1-sdk', 'pack', os.path.relpath(version.projfile, version.builddir)))
'{0} sh -x -e /io/recipes/{1} {2}\n'.format('microsoft/dotnet:2.0-sdk', 'pack', os.path.relpath(version.projfile, version.builddir)))
f.write('\n')
f.write('test: {0}\n'.format(version.pkgfile))
f.write('\t{0} run --rm '.format(DOCKER) +
'-v $(abspath recipes):/io/recipes ' +
'-v $(abspath $(dir $<)):/io/packages ' +
'{0} sh -x -e /io/recipes/{1} "{2}"\n'.format('microsoft/dotnet:1.1-sdk', 'test', version.package_version))
'{0} sh -x -e /io/recipes/{1} "{2}"\n'.format('microsoft/dotnet:2.0-sdk', 'test', version.package_version))
print('prepared', MAKEFILE, 'to make', version.pkgfile, 'for libsodium', version.libsodium_version)
return 0

4
packaging/dotnet-core/recipes/linux-x64 Normal file
View File

@ -0,0 +1,4 @@
apt-get update
apt-get install -y --no-install-recommends build-essential
. $(dirname $0)/build

2
packaging/nuget/package.config
View File

@ -1,4 +1,4 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- These values are populated into the package.gsl templates by package.bat. -->
<!-- The target attribute controls path and file name only, id controls package naming. -->
<package id="libsodium_vc120" target="libsodium" version = "1.0.12.0" pathversion="1_0_12_0" platformtoolset="v120" />
<package id="libsodium_vc120" target="libsodium" version = "1.0.14.0" pathversion="1_0_14_0" platformtoolset="v120" />

13
src/libsodium/Makefile.am
View File

@ -62,6 +62,7 @@ libsodium_la_SOURCES = \
crypto_secretbox/crypto_secretbox.c \
crypto_secretbox/crypto_secretbox_easy.c \
crypto_secretbox/xsalsa20poly1305/secretbox_xsalsa20poly1305.c \
crypto_secretstream/xchacha20poly1305/secretstream_xchacha20poly1305.c \
crypto_shorthash/crypto_shorthash.c \
crypto_shorthash/siphash24/shorthash_siphash24.c \
crypto_shorthash/siphash24/ref/shorthash_siphash24_ref.c \
@ -87,6 +88,7 @@ libsodium_la_SOURCES = \
include/sodium/private/mutex.h \
include/sodium/private/sse2_64_32.h \
randombytes/randombytes.c \
sodium/codecs.c \
sodium/core.c \
sodium/runtime.c \
sodium/utils.c \
@ -206,8 +208,8 @@ endif
SUBDIRS = \
include
libsodium_la_LIBADD = libaesni.la libsse2.la libssse3.la libsse41.la libavx2.la
noinst_LTLIBRARIES = libaesni.la libsse2.la libssse3.la libsse41.la libavx2.la
libsodium_la_LIBADD = libaesni.la libsse2.la libssse3.la libsse41.la libavx2.la libavx512f.la
noinst_LTLIBRARIES = libaesni.la libsse2.la libssse3.la libsse41.la libavx2.la libavx512f.la
libaesni_la_LDFLAGS = $(libsodium_la_LDFLAGS)
libaesni_la_CPPFLAGS = $(libsodium_la_CPPFLAGS) \
@ -273,3 +275,10 @@ libavx2_la_SOURCES = \
crypto_stream/salsa20/xmm6int/u1.h \
crypto_stream/salsa20/xmm6int/u4.h \
crypto_stream/salsa20/xmm6int/u8.h
libavx512f_la_LDFLAGS = $(libsodium_la_LDFLAGS)
libavx512f_la_CPPFLAGS = $(libsodium_la_CPPFLAGS) \
@CFLAGS_SSE2@ @CFLAGS_SSSE3@ @CFLAGS_SSE41@ @CFLAGS_AVX@ @CFLAGS_AVX2@ @CFLAGS_AVX512F@
libavx512f_la_SOURCES = \
crypto_pwhash/argon2/argon2-fill-block-avx512f.c \
crypto_pwhash/argon2/blamka-round-avx512f.h

15
src/libsodium/crypto_aead/aes256gcm/aesni/aead_aes256gcm_aesni.c
View File

@ -10,6 +10,7 @@
#include <stdlib.h>
#include <string.h>
#include "core.h"
#include "crypto_aead_aes256gcm.h"
#include "export.h"
#include "private/common.h"
@ -523,8 +524,8 @@ crypto_aead_aes256gcm_encrypt_detached_afternm(unsigned char *c,
(void) nsec;
memcpy(H, ctx->H, sizeof H);
if (mlen > 16ULL * ((1ULL << 32) - 2)) {
abort(); /* LCOV_EXCL_LINE */
if (mlen > crypto_aead_aes256gcm_MESSAGEBYTES_MAX) {
sodium_misuse(); /* LCOV_EXCL_LINE */
}
memcpy(&n2[0], npub, 3 * 4);
n2[3] = 0x01000000;
@ -661,8 +662,8 @@ crypto_aead_aes256gcm_decrypt_detached_afternm(unsigned char *m, unsigned char *
CRYPTO_ALIGN(16) unsigned char fb[16];
(void) nsec;
if (clen > 16ULL * (1ULL << 32)) {
abort(); /* LCOV_EXCL_LINE */
if (clen > crypto_aead_aes256gcm_MESSAGEBYTES_MAX) {
sodium_misuse(); /* LCOV_EXCL_LINE */
}
mlen = clen;
@ -1057,6 +1058,12 @@ crypto_aead_aes256gcm_statebytes(void)
return (sizeof(crypto_aead_aes256gcm_state) + (size_t) 15U) & ~(size_t) 15U;
}
size_t
crypto_aead_aes256gcm_messagebytes_max(void)
{
return crypto_aead_aes256gcm_MESSAGEBYTES_MAX;
}
void
crypto_aead_aes256gcm_keygen(unsigned char k[crypto_aead_aes256gcm_KEYBYTES])
{

21
src/libsodium/crypto_aead/chacha20poly1305/sodium/aead_chacha20poly1305.c
View File

@ -4,6 +4,7 @@
#include <limits.h>
#include <string.h>
#include "core.h"
#include "crypto_aead_chacha20poly1305.h"
#include "crypto_onetimeauth_poly1305.h"
#include "crypto_stream_chacha20.h"
@ -69,8 +70,8 @@ crypto_aead_chacha20poly1305_encrypt(unsigned char *c,
unsigned long long clen = 0ULL;
int ret;
if (mlen > UINT64_MAX - crypto_aead_chacha20poly1305_ABYTES) {
abort(); /* LCOV_EXCL_LINE */
if (mlen > crypto_aead_chacha20poly1305_MESSAGEBYTES_MAX) {
sodium_misuse();
}
ret = crypto_aead_chacha20poly1305_encrypt_detached(c,
c + mlen, NULL,
@ -144,8 +145,8 @@ crypto_aead_chacha20poly1305_ietf_encrypt(unsigned char *c,
unsigned long long clen = 0ULL;
int ret;
if (mlen > UINT64_MAX - crypto_aead_chacha20poly1305_ietf_ABYTES) {
abort(); /* LCOV_EXCL_LINE */
if (mlen > crypto_aead_chacha20poly1305_ietf_MESSAGEBYTES_MAX) {
sodium_misuse();
}
ret = crypto_aead_chacha20poly1305_ietf_encrypt_detached(c,
c + mlen, NULL,
@ -349,6 +350,12 @@ crypto_aead_chacha20poly1305_ietf_abytes(void)
return crypto_aead_chacha20poly1305_ietf_ABYTES;
}
size_t
crypto_aead_chacha20poly1305_ietf_messagebytes_max(void)
{
return crypto_aead_chacha20poly1305_ietf_MESSAGEBYTES_MAX;
}
void
crypto_aead_chacha20poly1305_ietf_keygen(unsigned char k[crypto_aead_chacha20poly1305_ietf_KEYBYTES])
{
@ -379,6 +386,12 @@ crypto_aead_chacha20poly1305_abytes(void)
return crypto_aead_chacha20poly1305_ABYTES;
}
size_t
crypto_aead_chacha20poly1305_messagebytes_max(void)
{
return crypto_aead_chacha20poly1305_MESSAGEBYTES_MAX;
}
void
crypto_aead_chacha20poly1305_keygen(unsigned char k[crypto_aead_chacha20poly1305_KEYBYTES])
{

9
src/libsodium/crypto_aead/xchacha20poly1305/sodium/aead_xchacha20poly1305.c
View File

@ -4,6 +4,7 @@
#include <limits.h>
#include <string.h>
#include "core.h"
#include "crypto_aead_xchacha20poly1305.h"
#include "crypto_aead_chacha20poly1305.h"
#include "crypto_core_hchacha20.h"
@ -53,7 +54,7 @@ crypto_aead_xchacha20poly1305_ietf_encrypt(unsigned char *c,
int ret;
if (mlen > UINT64_MAX - crypto_aead_xchacha20poly1305_ietf_ABYTES) {
abort(); /* LCOV_EXCL_LINE */
sodium_misuse();
}
ret = crypto_aead_xchacha20poly1305_ietf_encrypt_detached
(c, c + mlen, NULL, m, mlen, ad, adlen, nsec, npub, k);
@ -146,6 +147,12 @@ crypto_aead_xchacha20poly1305_ietf_abytes(void)
return crypto_aead_xchacha20poly1305_ietf_ABYTES;
}
size_t
crypto_aead_xchacha20poly1305_ietf_messagebytes_max(void)
{
return crypto_aead_xchacha20poly1305_ietf_MESSAGEBYTES_MAX;
}
void
crypto_aead_xchacha20poly1305_ietf_keygen(unsigned char k[crypto_aead_xchacha20poly1305_ietf_KEYBYTES])
{

6
src/libsodium/crypto_box/crypto_box.c
View File

@ -49,6 +49,12 @@ crypto_box_macbytes(void)
return crypto_box_MACBYTES;
}
size_t
crypto_box_messagebytes_max(void)
{
return crypto_box_MESSAGEBYTES_MAX;
}
const char *
crypto_box_primitive(void)
{

9
src/libsodium/crypto_box/crypto_box_easy.c
View File

@ -3,6 +3,7 @@
#include <stdint.h>
#include <stdlib.h>
#include "core.h"
#include "crypto_box.h"
#include "crypto_secretbox.h"
#include "private/common.h"
@ -40,8 +41,8 @@ crypto_box_easy_afternm(unsigned char *c, const unsigned char *m,
unsigned long long mlen, const unsigned char *n,
const unsigned char *k)
{
if (mlen > SIZE_MAX - crypto_box_MACBYTES) {
return -1;
if (mlen > crypto_box_MESSAGEBYTES_MAX) {
sodium_misuse();
}
return crypto_box_detached_afternm(c + crypto_box_MACBYTES, c, m, mlen, n,
k);
@ -52,8 +53,8 @@ crypto_box_easy(unsigned char *c, const unsigned char *m,
unsigned long long mlen, const unsigned char *n,
const unsigned char *pk, const unsigned char *sk)
{
if (mlen > SIZE_MAX - crypto_box_MACBYTES) {
return -1;
if (mlen > crypto_box_MESSAGEBYTES_MAX) {
sodium_misuse();
}
return crypto_box_detached(c + crypto_box_MACBYTES, c, m, mlen, n,
pk, sk);

15
src/libsodium/crypto_box/curve25519xchacha20poly1305/box_curve25519xchacha20poly1305.c
View File

@ -4,6 +4,7 @@
#include <stdlib.h>
#include <string.h>
#include "core.h"
#include "crypto_box_curve25519xchacha20poly1305.h"
#include "crypto_core_hchacha20.h"
#include "crypto_hash_sha512.h"
@ -86,8 +87,8 @@ crypto_box_curve25519xchacha20poly1305_easy_afternm(unsigned char *c,
const unsigned char *n,
const unsigned char *k)
{
if (mlen > SIZE_MAX - crypto_box_curve25519xchacha20poly1305_MACBYTES) {
return -1;
if (mlen > crypto_box_curve25519xchacha20poly1305_MESSAGEBYTES_MAX) {
sodium_misuse();
}
return crypto_box_curve25519xchacha20poly1305_detached_afternm(
c + crypto_box_curve25519xchacha20poly1305_MACBYTES, c, m, mlen, n, k);
@ -98,8 +99,8 @@ crypto_box_curve25519xchacha20poly1305_easy(
unsigned char *c, const unsigned char *m, unsigned long long mlen,
const unsigned char *n, const unsigned char *pk, const unsigned char *sk)
{
if (mlen > SIZE_MAX - crypto_box_curve25519xchacha20poly1305_MACBYTES) {
return -1;
if (mlen > crypto_box_curve25519xchacha20poly1305_MESSAGEBYTES_MAX) {
sodium_misuse();
}
return crypto_box_curve25519xchacha20poly1305_detached(
c + crypto_box_curve25519xchacha20poly1305_MACBYTES, c, m, mlen, n, pk,
@ -195,3 +196,9 @@ crypto_box_curve25519xchacha20poly1305_macbytes(void)
{
return crypto_box_curve25519xchacha20poly1305_MACBYTES;
}
size_t
crypto_box_curve25519xchacha20poly1305_messagebytes_max(void)
{
return crypto_box_curve25519xchacha20poly1305_MESSAGEBYTES_MAX;
}

6
src/libsodium/crypto_box/curve25519xsalsa20poly1305/box_curve25519xsalsa20poly1305.c
View File

@ -148,3 +148,9 @@ crypto_box_curve25519xsalsa20poly1305_macbytes(void)
{
return crypto_box_curve25519xsalsa20poly1305_MACBYTES;
}
size_t
crypto_box_curve25519xsalsa20poly1305_messagebytes_max(void)
{
return crypto_box_curve25519xsalsa20poly1305_MESSAGEBYTES_MAX;
}

95
src/libsodium/crypto_core/curve25519/ref10/curve25519_ref10.c
View File

@ -119,7 +119,7 @@ fe_add(fe h, const fe f, const fe g)
Preconditions: b in {0,1}.
*/
void
static void
fe_cmov(fe f, const fe g, unsigned int b)
{
int32_t f0 = f[0];
@ -428,7 +428,7 @@ fe_tobytes(unsigned char *s, const fe h)
|f| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc.
*/
int
static int
fe_isnegative(const fe f)
{
unsigned char s[32];
@ -759,7 +759,7 @@ fe_mul(fe h, const fe f, const fe g)
|h| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc.
*/
void
static void
fe_neg(fe h, const fe f)
{
int32_t f0 = f[0];
@ -987,7 +987,7 @@ fe_sq(fe h, const fe f)
See fe_mul.c for discussion of implementation strategy.
*/
void
static void
fe_sq2(fe h, const fe f)
{
int32_t f0 = f[0];
@ -1217,7 +1217,7 @@ fe_invert(fe out, const fe z)
fe_mul(out, t1, t0);
}
void
static void
fe_pow22523(fe out, const fe z)
{
fe t0;
@ -1457,7 +1457,7 @@ ge_frombytes_negate_vartime(ge_p3 *h, const unsigned char *s)
r = p + q
*/
void
static void
ge_madd(ge_p1p1 *r, const ge_p3 *p, const ge_precomp *q)
{
fe t0;
@ -1478,7 +1478,7 @@ ge_madd(ge_p1p1 *r, const ge_p3 *p, const ge_precomp *q)
r = p - q
*/
void
static void
ge_msub(ge_p1p1 *r, const ge_p3 *p, const ge_precomp *q)
{
fe t0;
@ -1499,7 +1499,7 @@ ge_msub(ge_p1p1 *r, const ge_p3 *p, const ge_precomp *q)
r = p
*/
extern void
void
ge_p1p1_to_p2(ge_p2 *r, const ge_p1p1 *p)
{
fe_mul(r->X, p->X, p->T);
@ -1511,7 +1511,7 @@ ge_p1p1_to_p2(ge_p2 *r, const ge_p1p1 *p)
r = p
*/
extern void
static void
ge_p1p1_to_p3(ge_p3 *r, const ge_p1p1 *p)
{
fe_mul(r->X, p->X, p->T);
@ -1520,7 +1520,7 @@ ge_p1p1_to_p3(ge_p3 *r, const ge_p1p1 *p)
fe_mul(r->T, p->X, p->Y);
}
void
static void
ge_p2_0(ge_p2 *h)
{
fe_0(h->X);
@ -1532,7 +1532,7 @@ ge_p2_0(ge_p2 *h)
r = 2 * p
*/
void
static void
ge_p2_dbl(ge_p1p1 *r, const ge_p2 *p)
{
fe t0;
@ -1548,7 +1548,7 @@ ge_p2_dbl(ge_p1p1 *r, const ge_p2 *p)
fe_sub(r->T, r->T, r->Z);
}
void
static void
ge_p3_0(ge_p3 *h)
{
fe_0(h->X);
@ -1567,7 +1567,7 @@ ge_p3_0(ge_p3 *h)
static const fe d2 = { -21827239, -5839606, -30745221, 13898782, 229458,
15978800, -12551817, -6495438, 29715968, 9444199 };
extern void
void
ge_p3_to_cached(ge_cached *r, const ge_p3 *p)
{
fe_add(r->YplusX, p->Y, p->X);
@ -1580,7 +1580,7 @@ ge_p3_to_cached(ge_cached *r, const ge_p3 *p)
r = p
*/
extern void
static void
ge_p3_to_p2(ge_p2 *r, const ge_p3 *p)
{
fe_copy(r->X, p->X);
@ -1606,7 +1606,7 @@ ge_p3_tobytes(unsigned char *s, const ge_p3 *h)
r = 2 * p
*/
void
static void
ge_p3_dbl(ge_p1p1 *r, const ge_p3 *p)
{
ge_p2 q;
@ -1614,7 +1614,7 @@ ge_p3_dbl(ge_p1p1 *r, const ge_p3 *p)
ge_p2_dbl(r, &q);
}
void
static void
ge_precomp_0(ge_precomp *h)
{
fe_1(h->yplusx);
@ -1686,7 +1686,7 @@ ge_select(ge_precomp *t, int pos, signed char b)
r = p - q
*/
void
static void
ge_sub(ge_p1p1 *r, const ge_p3 *p, const ge_cached *q)
{
fe t0;
@ -1804,6 +1804,10 @@ ge_double_scalarmult_vartime(ge_p2 *r, const unsigned char *a, const ge_p3 *A,
}
}
#ifndef MINIMAL
/* only used for verification of legacy (edwards25519sha512batch) signatures */
void
ge_scalarmult_vartime(ge_p3 *r, const unsigned char *a, const ge_p3 *A)
{
@ -1863,6 +1867,8 @@ ge_scalarmult_vartime(ge_p3 *r, const unsigned char *a, const ge_p3 *A)
}
}
#endif
void
ge_scalarmult_base(ge_p3 *h, const unsigned char *a)
{
@ -1913,6 +1919,61 @@ ge_scalarmult_base(ge_p3 *h, const unsigned char *a)
}
}
/* multiply by the order of the main subgroup l = 2^252+27742317777372353535851937790883648493 */
void
ge_mul_l(ge_p3 *r, const ge_p3 *A)
{
static const signed char aslide[253] = {
13, 0, 0, 0, 0, -1, 0, 0, 0, 0, -11, 0, 0, 0, 0, 0, 0, -5, 0, 0, 0, 0, 0, 0, -3, 0, 0, 0, 0, -13, 0, 0, 0, 0, 7, 0, 0, 0, 0, 0, 3, 0, 0, 0, 0, -13, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 11, 0, 0, 0, 0, 0, 11, 0, 0, 0, 0, -13, 0, 0, 0, 0, 0, 0, -3, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 3, 0, 0, 0, 0, -11, 0, 0, 0, 0, 0, 0, 0, 15, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, -1, 0, 0, 0, 0, 7, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1
};
ge_cached Ai[8];
ge_p1p1 t;
ge_p3 u;
ge_p3 A2;
int i;
ge_p3_to_cached(&Ai[0], A);
ge_p3_dbl(&t, A);
ge_p1p1_to_p3(&A2, &t);
ge_add(&t, &A2, &Ai[0]);
ge_p1p1_to_p3(&u, &t);
ge_p3_to_cached(&Ai[1], &u);
ge_add(&t, &A2, &Ai[1]);
ge_p1p1_to_p3(&u, &t);
ge_p3_to_cached(&Ai[2], &u);
ge_add(&t, &A2, &Ai[2]);
ge_p1p1_to_p3(&u, &t);
ge_p3_to_cached(&Ai[3], &u);
ge_add(&t, &A2, &Ai[3]);
ge_p1p1_to_p3(&u, &t);
ge_p3_to_cached(&Ai[4], &u);
ge_add(&t, &A2, &Ai[4]);
ge_p1p1_to_p3(&u, &t);
ge_p3_to_cached(&Ai[5], &u);
ge_add(&t, &A2, &Ai[5]);
ge_p1p1_to_p3(&u, &t);
ge_p3_to_cached(&Ai[6], &u);
ge_add(&t, &A2, &Ai[6]);
ge_p1p1_to_p3(&u, &t);
ge_p3_to_cached(&Ai[7], &u);
ge_p3_0(r);
for (i = 252; i >= 0; --i) {
ge_p3_dbl(&t, r);
if (aslide[i] > 0) {
ge_p1p1_to_p3(&u, &t);
ge_add(&t, &u, &Ai[aslide[i] / 2]);
} else if (aslide[i] < 0) {
ge_p1p1_to_p3(&u, &t);
ge_sub(&t, &u, &Ai[(-aslide[i]) / 2]);
}
ge_p1p1_to_p3(r, &t);
}
}
/*
Input:
a[0]+256*a[1]+...+256^31*a[31] = a

138
src/libsodium/crypto_generichash/blake2b/ref/blake2b-ref.c
View File

@ -14,11 +14,13 @@
*/
#include <assert.h>
#include <stddef.h>
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
#include "blake2.h"
#include "core.h"
#include "private/common.h"
#include "runtime.h"
#include "utils.h"
@ -159,11 +161,12 @@ static inline int
blake2b_init0(blake2b_state *S)
{
int i;
memset(S, 0, sizeof(blake2b_state));
for (i = 0; i < 8; i++) {
S->h[i] = blake2b_IV[i];
}
memset(S->t, 0, offsetof(blake2b_state, last_node) + sizeof(S->last_node)
- offsetof(blake2b_state, t));
return 0;
}
@ -190,9 +193,9 @@ blake2b_init(blake2b_state *S, const uint8_t outlen)
{
blake2b_param P[1];
if ((!outlen) || (outlen > BLAKE2B_OUTBYTES))
abort();
if ((!outlen) || (outlen > BLAKE2B_OUTBYTES)) {
sodium_misuse();
}
P->digest_length = outlen;
P->key_length = 0;
P->fanout = 1;
@ -213,9 +216,9 @@ blake2b_init_salt_personal(blake2b_state *S, const uint8_t outlen,
{
blake2b_param P[1];
if ((!outlen) || (outlen > BLAKE2B_OUTBYTES))
abort();
if ((!outlen) || (outlen > BLAKE2B_OUTBYTES)) {
sodium_misuse();
}
P->digest_length = outlen;
P->key_length = 0;
P->fanout = 1;
@ -244,12 +247,12 @@ blake2b_init_key(blake2b_state *S, const uint8_t outlen, const void *key,
{
blake2b_param P[1];
if ((!outlen) || (outlen > BLAKE2B_OUTBYTES))
abort();
if (!key || !keylen || keylen > BLAKE2B_KEYBYTES)
abort();
if ((!outlen) || (outlen > BLAKE2B_OUTBYTES)) {
sodium_misuse();
}
if (!key || !keylen || keylen > BLAKE2B_KEYBYTES) {
sodium_misuse();
}
P->digest_length = outlen;
P->key_length = keylen;
P->fanout = 1;
@ -262,9 +265,9 @@ blake2b_init_key(blake2b_state *S, const uint8_t outlen, const void *key,
memset(P->salt, 0, sizeof(P->salt));
memset(P->personal, 0, sizeof(P->personal));
if (blake2b_init_param(S, P) < 0)
abort();
if (blake2b_init_param(S, P) < 0) {
sodium_misuse();
}
{
uint8_t block[BLAKE2B_BLOCKBYTES];
memset(block, 0, BLAKE2B_BLOCKBYTES);
@ -282,12 +285,12 @@ blake2b_init_key_salt_personal(blake2b_state *S, const uint8_t outlen,
{
blake2b_param P[1];
if ((!outlen) || (outlen > BLAKE2B_OUTBYTES))
abort();
if (!key || !keylen || keylen > BLAKE2B_KEYBYTES)
abort();
if ((!outlen) || (outlen > BLAKE2B_OUTBYTES)) {
sodium_misuse();
}
if (!key || !keylen || keylen > BLAKE2B_KEYBYTES) {
sodium_misuse();
}
P->digest_length = outlen;
P->key_length = keylen;
P->fanout = 1;
@ -308,9 +311,9 @@ blake2b_init_key_salt_personal(blake2b_state *S, const uint8_t outlen,
memset(P->personal, 0, sizeof(P->personal));
}
if (blake2b_init_param(S, P) < 0)
abort();
if (blake2b_init_param(S, P) < 0) {
sodium_misuse();
}
{
uint8_t block[BLAKE2B_BLOCKBYTES];
memset(block, 0, BLAKE2B_BLOCKBYTES);
@ -355,7 +358,7 @@ int
blake2b_final(blake2b_state *S, uint8_t *out, uint8_t outlen)
{
if (!outlen || outlen > BLAKE2B_OUTBYTES) {
abort(); /* LCOV_EXCL_LINE */
sodium_misuse();
}
if (blake2b_is_lastblock(S)) {
return -1;
@ -387,6 +390,9 @@ blake2b_final(blake2b_state *S, uint8_t *out, uint8_t outlen)
memcpy(out, buffer, outlen);
}
#endif
sodium_memzero(S->h, sizeof S->h);
sodium_memzero(S->buf, sizeof S->buf);
return 0;
}
@ -398,27 +404,29 @@ blake2b(uint8_t *out, const void *in, const void *key, const uint8_t outlen,
blake2b_state S[1];
/* Verify parameters */
if (NULL == in && inlen > 0)
abort();
if (NULL == out)
abort();
if (!outlen || outlen > BLAKE2B_OUTBYTES)
abort();
if (NULL == key && keylen > 0)
abort();
if (keylen > BLAKE2B_KEYBYTES)
abort();
if (NULL == in && inlen > 0) {
sodium_misuse();
}
if (NULL == out) {
sodium_misuse();
}
if (!outlen || outlen > BLAKE2B_OUTBYTES) {
sodium_misuse();
}
if (NULL == key && keylen > 0) {
sodium_misuse();
}
if (keylen > BLAKE2B_KEYBYTES) {
sodium_misuse();
}
if (keylen > 0) {
if (blake2b_init_key(S, outlen, key, keylen) < 0)
abort();
if (blake2b_init_key(S, outlen, key, keylen) < 0) {
sodium_misuse();
}
} else {
if (blake2b_init(S, outlen) < 0)
abort();
if (blake2b_init(S, outlen) < 0) {
sodium_misuse();
}
}
blake2b_update(S, (const uint8_t *) in, inlen);
@ -434,28 +442,30 @@ blake2b_salt_personal(uint8_t *out, const void *in, const void *key,
blake2b_state S[1];
/* Verify parameters */
if (NULL == in && inlen > 0)
abort();
if (NULL == out)
abort();
if (!outlen || outlen > BLAKE2B_OUTBYTES)
abort();
if (NULL == key && keylen > 0)
abort();
if (keylen > BLAKE2B_KEYBYTES)
abort();
if (NULL == in && inlen > 0) {
sodium_misuse();
}
if (NULL == out) {
sodium_misuse();
}
if (!outlen || outlen > BLAKE2B_OUTBYTES) {
sodium_misuse();
}
if (NULL == key && keylen > 0) {
sodium_misuse();
}
if (keylen > BLAKE2B_KEYBYTES) {
sodium_misuse();
}
if (keylen > 0) {
if (blake2b_init_key_salt_personal(S, outlen, key, keylen, salt,
personal) < 0)
abort();
personal) < 0) {
sodium_misuse();
}
} else {
if (blake2b_init_salt_personal(S, outlen, salt, personal) < 0)
abort();
if (blake2b_init_salt_personal(S, outlen, salt, personal) < 0) {
sodium_misuse();
}
}
blake2b_update(S, (const uint8_t *) in, inlen);

2
src/libsodium/crypto_hash/sha512/cp/hash_sha512_cp.c
View File

@ -222,9 +222,11 @@ crypto_hash_sha512_update(crypto_hash_sha512_state *state,
bitlen[1] = ((uint64_t) inlen) << 3;
bitlen[0] = ((uint64_t) inlen) >> 61;
/* LCOV_EXCL_START */
if ((state->count[1] += bitlen[1]) < bitlen[1]) {
state->count[0]++;
}
/* LCOV_EXCL_STOP */
state->count[0] += bitlen[0];
if (inlen < 128 - r) {
for (i = 0; i < inlen; i++) {

7
src/libsodium/crypto_kx/crypto_kx.c
View File

@ -1,6 +1,7 @@
#include <stddef.h>
#include "core.h"
#include "crypto_generichash.h"
#include "crypto_kx.h"
#include "crypto_scalarmult.h"
@ -47,6 +48,9 @@ crypto_kx_client_session_keys(unsigned char rx[crypto_kx_SESSIONKEYBYTES],
if (tx == NULL) {
tx = rx;
}
if (rx == NULL) {
sodium_misuse(); /* LCOV_EXCL_LINE */
}
if (crypto_scalarmult(q, client_sk, server_pk) != 0) {
return -1;
}
@ -85,6 +89,9 @@ crypto_kx_server_session_keys(unsigned char rx[crypto_kx_SESSIONKEYBYTES],
if (tx == NULL) {
tx = rx;
}
if (rx == NULL) {
sodium_misuse(); /* LCOV_EXCL_LINE */
}
if (crypto_scalarmult(q, server_sk, client_pk) != 0) {
return -1;
}

34
src/libsodium/crypto_onetimeauth/poly1305/sse2/poly1305_sse2.c
View File

@ -40,14 +40,14 @@ enum poly1305_state_flags_t {
poly1305_final_shift8 = 4,
poly1305_final_shift16 = 8,
poly1305_final_r2_r = 16, /* use [r^2,r] for the final block */
poly1305_final_r_1 = 32, /* use [r,1] for the final block */
poly1305_final_r_1 = 32 /* use [r,1] for the final block */
};
typedef struct poly1305_state_internal_t {
union {
uint64_t h[3];
uint32_t hh[10];
}; /* 40 bytes */
} H; /* 40 bytes */
uint32_t R[5]; /* 20 bytes */
uint32_t R2[5]; /* 20 bytes */
uint32_t R4[5]; /* 20 bytes */
@ -120,9 +120,9 @@ poly1305_init_ext(poly1305_state_internal_t *st, const unsigned char key[32],
bytes = ~(unsigned long long) 0;
}
/* H = 0 */
_mm_storeu_si128((xmmi *) (void *) &st->hh[0], _mm_setzero_si128());
_mm_storeu_si128((xmmi *) (void *) &st->hh[4], _mm_setzero_si128());
_mm_storeu_si128((xmmi *) (void *) &st->hh[8], _mm_setzero_si128());
_mm_storeu_si128((xmmi *) (void *) &st->H.hh[0], _mm_setzero_si128());
_mm_storeu_si128((xmmi *) (void *) &st->H.hh[4], _mm_setzero_si128());
_mm_storeu_si128((xmmi *) (void *) &st->H.hh[8], _mm_setzero_si128());
/* clamp key */
memcpy(&t0, key, 8);
@ -242,9 +242,9 @@ poly1305_blocks(poly1305_state_internal_t *st, const unsigned char *m,
bytes -= 32;
st->flags |= poly1305_started;
} else {
T0 = _mm_loadu_si128((const xmmi *) (const void *) &st->hh[0]);
T1 = _mm_loadu_si128((const xmmi *) (const void *) &st->hh[4]);
T2 = _mm_loadu_si128((const xmmi *) (const void *) &st->hh[8]);
T0 = _mm_loadu_si128((const xmmi *) (const void *) &st->H.hh[0]);
T1 = _mm_loadu_si128((const xmmi *) (const void *) &st->H.hh[4]);
T2 = _mm_loadu_si128((const xmmi *) (const void *) &st->H.hh[8]);
H0 = _mm_shuffle_epi32(T0, _MM_SHUFFLE(1, 1, 0, 0));
H1 = _mm_shuffle_epi32(T0, _MM_SHUFFLE(3, 3, 2, 2));
H2 = _mm_shuffle_epi32(T1, _MM_SHUFFLE(1, 1, 0, 0));
@ -684,9 +684,9 @@ poly1305_blocks(poly1305_state_internal_t *st, const unsigned char *m,
T4 = _mm_shuffle_epi32(H4, _MM_SHUFFLE(0, 0, 2, 0));
T0 = _mm_unpacklo_epi64(T0, T1);
T1 = _mm_unpacklo_epi64(T2, T3);
_mm_storeu_si128((xmmi *) (void *) &st->hh[0], T0);
_mm_storeu_si128((xmmi *) (void *) &st->hh[4], T1);
_mm_storel_epi64((xmmi *) (void *) &st->hh[8], T4);
_mm_storeu_si128((xmmi *) (void *) &st->H.hh[0], T0);
_mm_storeu_si128((xmmi *) (void *) &st->H.hh[4], T1);
_mm_storel_epi64((xmmi *) (void *) &st->H.hh[8], T4);
} else {
uint32_t t0, t1, t2, t3, t4, b;
uint64_t h0, h1, h2, g0, g1, g2, c, nc;
@ -755,9 +755,9 @@ poly1305_blocks(poly1305_state_internal_t *st, const unsigned char *m,
h1 = (h1 & nc) | (g1 & c);
h2 = (h2 & nc) | (g2 & c);
st->h[0] = h0;
st->h[1] = h1;
st->h[2] = h2;
st->H.h[0] = h0;
st->H.h[1] = h1;
st->H.h[2] = h2;
}
}
@ -833,9 +833,9 @@ poly1305_finish_ext(poly1305_state_internal_t *st, const unsigned char *m,
poly1305_blocks(st, NULL, 32);
}
h0 = st->h[0];
h1 = st->h[1];
h2 = st->h[2];
h0 = st->H.h[0];
h1 = st->H.h[1];
h2 = st->H.h[2];
/* pad */
h0 = ((h0) | (h1 << 44));

101
src/libsodium/crypto_pwhash/argon2/argon2-core.c
View File

@ -36,28 +36,6 @@
static fill_segment_fn fill_segment = fill_segment_ref;
/***************Instance and Position constructors**********/
void
init_block_value(block *b, uint8_t in)
{
memset(b->v, in, sizeof(b->v));
}
void
copy_block(block *dst, const block *src)
{
memcpy(dst->v, src->v, sizeof(uint64_t) * ARGON2_QWORDS_IN_BLOCK);
}
void
xor_block(block *dst, const block *src)
{
int i;
for (i = 0; i < ARGON2_QWORDS_IN_BLOCK; ++i) {
dst->v[i] ^= src->v[i];
}
}
static void
load_block(block *dst, const void *input)
{
@ -105,6 +83,7 @@ allocate_memory(block_region **region, uint32_t m_cost)
if (!*region) {
return ARGON2_MEMORY_ALLOCATION_ERROR; /* LCOV_EXCL_LINE */
}
(*region)->base = (*region)->memory = NULL;
#if defined(MAP_ANON) && defined(HAVE_MMAP)
if ((base = mmap(NULL, memory_size, PROT_READ | PROT_WRITE,
@ -154,12 +133,18 @@ static void clear_memory(argon2_instance_t *instance, int clear);
static void
clear_memory(argon2_instance_t *instance, int clear)
{
if (instance->region != NULL && clear) {
/* LCOV_EXCL_START */
sodium_memzero(instance->region->memory,
sizeof(block) * instance->memory_blocks);
/* LCOV_EXCL_STOP */
/* LCOV_EXCL_START */
if (clear) {
if (instance->region != NULL) {
sodium_memzero(instance->region->memory,
sizeof(block) * instance->memory_blocks);
}
if (instance->pseudo_rands != NULL) {
sodium_memzero(instance->pseudo_rands,
sizeof(uint64_t) * instance->segment_length);
}
}
/* LCOV_EXCL_STOP */
}
/* Deallocates memory
@ -170,7 +155,7 @@ static void free_memory(block_region *memory);
static void
free_memory(block_region *region)
{
if (region->base) {
if (region && region->base) {
#if defined(MAP_ANON) && defined(HAVE_MMAP)
if (munmap(region->base, region->size)) {
return; /* LCOV_EXCL_LINE */
@ -182,6 +167,19 @@ free_memory(block_region *region)
free(region);
}
void
free_instance(argon2_instance_t *instance, int flags)
{
/* Clear memory */
clear_memory(instance, flags & ARGON2_FLAG_CLEAR_MEMORY);
/* Deallocate the memory */
free(instance->pseudo_rands);
instance->pseudo_rands = NULL;
free_memory(instance->region);
instance->region = NULL;
}
void
finalize(const argon2_context *context, argon2_instance_t *instance)
{
@ -212,11 +210,7 @@ finalize(const argon2_context *context, argon2_instance_t *instance)
ARGON2_BLOCK_SIZE); /* clear blockhash_bytes */
}
/* Clear memory */
clear_memory(instance, context->flags & ARGON2_FLAG_CLEAR_PASSWORD);
/* Deallocate the memory */
free_memory(instance->region);
free_instance(instance, context->flags);
}
}
@ -292,14 +286,13 @@ index_alpha(const argon2_instance_t *instance,
return absolute_position;
}
int
void
fill_memory_blocks(argon2_instance_t *instance)
{
int result;
uint32_t r, s;
if (instance == NULL || instance->lanes == 0) {
return ARGON2_OK; /* LCOV_EXCL_LINE */
return; /* LCOV_EXCL_LINE */
}
for (r = 0; r < instance->passes; ++r) {
@ -313,14 +306,10 @@ fill_memory_blocks(argon2_instance_t *instance)
position.lane = l;
position.slice = (uint8_t) s;
position.index = 0;
result = fill_segment(instance, position);
if (ARGON2_OK != result) {
return result; /* LCOV_EXCL_LINE */
}
fill_segment(instance, position);
}
}
}
return ARGON2_OK;
}
int
@ -510,10 +499,12 @@ initial_hash(uint8_t *blockhash, argon2_context *context, argon2_type type)
crypto_generichash_blake2b_update(
&BlakeHash, (const uint8_t *) context->pwd, context->pwdlen);
/* LCOV_EXCL_START */
if (context->flags & ARGON2_FLAG_CLEAR_PASSWORD) {
sodium_memzero(context->pwd, context->pwdlen); /* LCOV_EXCL_LINE */
context->pwdlen = 0; /* LCOV_EXCL_LINE */
sodium_memzero(context->pwd, context->pwdlen);
context->pwdlen = 0;
}
/* LCOV_EXCL_STOP */
}
STORE32_LE(value, context->saltlen);
@ -527,8 +518,8 @@ initial_hash(uint8_t *blockhash, argon2_context *context, argon2_type type)
STORE32_LE(value, context->secretlen);
crypto_generichash_blake2b_update(&BlakeHash, value, sizeof(value));
/* LCOV_EXCL_START */
if (context->secret != NULL) {
/* LCOV_EXCL_START */
crypto_generichash_blake2b_update(
&BlakeHash, (const uint8_t *) context->secret, context->secretlen);
@ -536,18 +527,18 @@ initial_hash(uint8_t *blockhash, argon2_context *context, argon2_type type)
sodium_memzero(context->secret, context->secretlen);
context->secretlen = 0;
}
/* LCOV_EXCL_STOP */
}
/* LCOV_EXCL_STOP */
STORE32_LE(value, context->adlen);
crypto_generichash_blake2b_update(&BlakeHash, value, sizeof(value));
/* LCOV_EXCL_START */
if (context->ad != NULL) {
/* LCOV_EXCL_START */
crypto_generichash_blake2b_update(
&BlakeHash, (const uint8_t *) context->ad, context->adlen);
/* LCOV_EXCL_STOP */
}
/* LCOV_EXCL_STOP */
crypto_generichash_blake2b_final(&BlakeHash, blockhash,
ARGON2_PREHASH_DIGEST_LENGTH);
@ -559,13 +550,20 @@ initialize(argon2_instance_t *instance, argon2_context *context)
uint8_t blockhash[ARGON2_PREHASH_SEED_LENGTH];
int result = ARGON2_OK;
if (instance == NULL || context == NULL)
if (instance == NULL || context == NULL) {
return ARGON2_INCORRECT_PARAMETER;
}
/* 1. Memory allocation */
if ((instance->pseudo_rands = (uint64_t *)
malloc(sizeof(uint64_t) * instance->segment_length)) == NULL) {
return ARGON2_MEMORY_ALLOCATION_ERROR;
}
result = allocate_memory(&(instance->region), instance->memory_blocks);
if (ARGON2_OK != result) {
free_instance(instance, context->flags);
return result;
}
@ -591,6 +589,13 @@ int
argon2_pick_best_implementation(void)
{
/* LCOV_EXCL_START */
#if defined(HAVE_AVX512FINTRIN_H) && defined(HAVE_AVX2INTRIN_H) && \
defined(HAVE_TMMINTRIN_H) && defined(HAVE_SMMINTRIN_H)
if (sodium_runtime_has_avx512f()) {
fill_segment = fill_segment_avx512f;
return 0;
}
#endif
#if defined(HAVE_AVX2INTRIN_H) && defined(HAVE_TMMINTRIN_H) && \
defined(HAVE_SMMINTRIN_H)
if (sodium_runtime_has_avx2()) {

48
src/libsodium/crypto_pwhash/argon2/argon2-core.h
View File

@ -14,6 +14,8 @@
#ifndef argon2_core_H
#define argon2_core_H
#include <string.h>
#include "argon2.h"
/*************************Argon2 internal
@ -28,6 +30,7 @@ enum argon2_ctx_constants {
ARGON2_QWORDS_IN_BLOCK = ARGON2_BLOCK_SIZE / 8,
ARGON2_OWORDS_IN_BLOCK = ARGON2_BLOCK_SIZE / 16,
ARGON2_HWORDS_IN_BLOCK = ARGON2_BLOCK_SIZE / 32,
ARGON2_512BIT_WORDS_IN_BLOCK = ARGON2_BLOCK_SIZE / 64,
/* Number of pseudo-random values generated by one call to Blake in Argon2i
to
@ -60,13 +63,28 @@ typedef struct block_region_ {
/*****************Functions that work with the block******************/
/* Initialize each byte of the block with @in */
void init_block_value(block *b, uint8_t in);
static inline void
init_block_value(block *b, uint8_t in)
{
memset(b->v, in, sizeof(b->v));
}
/* Copy block @src to block @dst */
void copy_block(block *dst, const block *src);
static inline void
copy_block(block *dst, const block *src)
{
memcpy(dst->v, src->v, sizeof(uint64_t) * ARGON2_QWORDS_IN_BLOCK);
}
/* XOR @src onto @dst bytewise */
void xor_block(block *dst, const block *src);
static inline void
xor_block(block *dst, const block *src)
{
int i;
for (i = 0; i < ARGON2_QWORDS_IN_BLOCK; ++i) {
dst->v[i] ^= src->v[i];
}
}
/*
* Argon2 instance: memory pointer, number of passes, amount of memory, type,
@ -76,6 +94,7 @@ void xor_block(block *dst, const block *src);
*/
typedef struct Argon2_instance_t {
block_region *region; /* Memory region pointer */
uint64_t *pseudo_rands;
uint32_t passes; /* Number of passes */
uint32_t memory_blocks; /* Number of blocks in memory */
uint32_t segment_length;
@ -162,6 +181,11 @@ void fill_first_blocks(uint8_t *blockhash, const argon2_instance_t *instance);
*/
int initialize(argon2_instance_t *instance, argon2_context *context);
/*
* Deallocates memory. Used on error path.
*/
void free_instance(argon2_instance_t *instance, int flags);
/*
* XORing the last block of each lane, hashing it, making the tag. Deallocates
* the memory.
@ -182,15 +206,17 @@ void finalize(const argon2_context *context, argon2_instance_t *instance);
* @param position Current position
* @pre all block pointers must be valid
*/
typedef int (*fill_segment_fn)(const argon2_instance_t *instance,
argon2_position_t position);
typedef void (*fill_segment_fn)(const argon2_instance_t *instance,
argon2_position_t position);
int argon2_pick_best_implementation(void);
int fill_segment_avx2(const argon2_instance_t *instance,
argon2_position_t position);
int fill_segment_ssse3(const argon2_instance_t *instance,
void fill_segment_avx512f(const argon2_instance_t *instance,
argon2_position_t position);
void fill_segment_avx2(const argon2_instance_t *instance,
argon2_position_t position);
int fill_segment_ref(const argon2_instance_t *instance,
argon2_position_t position);
void fill_segment_ssse3(const argon2_instance_t *instance,
argon2_position_t position);
void fill_segment_ref(const argon2_instance_t *instance,
argon2_position_t position);
/*
* Function that fills the entire memory t_cost times based on the first two
@ -198,6 +224,6 @@ int fill_segment_ref(const argon2_instance_t *instance,
* @param instance Pointer to the current instance
* @return Zero if successful, -1 if memory failed to allocate
*/
int fill_memory_blocks(argon2_instance_t *instance);
void fill_memory_blocks(argon2_instance_t *instance);
#endif

202
src/libsodium/crypto_pwhash/argon2/argon2-encoding.c
View File

@ -1,5 +1,6 @@
#include "argon2-encoding.h"
#include "argon2-core.h"
#include "utils.h"
#include <limits.h>
#include <stdio.h>
#include <stdlib.h>
@ -9,19 +10,6 @@
* Example code for a decoder and encoder of "hash strings", with Argon2
* parameters.
*
* This code comprises three sections:
*
* -- The first section contains generic Base64 encoding and decoding
* functions. It is conceptually applicable to any hash function
* implementation that uses Base64 to encode and decode parameters,
* salts and outputs. It could be made into a library, provided that
* the relevant functions are made public (non-static) and be given
* reasonable names to avoid collisions with other functions.
*
* -- The second section is specific to Argon2. It encodes and decodes
* the parameters, salts and outputs. It does not compute the hash
* itself.
*
* The code was originally written by Thomas Pornin <pornin@bolet.org>,
* to whom comments and remarks may be sent. It is released under what
* should amount to Public Domain or its closest equivalent; the
@ -39,156 +27,6 @@
*/
/* ==================================================================== */
/*
* Common code; could be shared between different hash functions.
*
* Note: the Base64 functions below assume that uppercase letters (resp.
* lowercase letters) have consecutive numerical codes, that fit on 8
* bits. All modern systems use ASCII-compatible charsets, where these
* properties are true. If you are stuck with a dinosaur of a system
* that still defaults to EBCDIC then you already have much bigger
* interoperability issues to deal with.
*/
/*
* Some macros for constant-time comparisons. These work over values in
* the 0..255 range. Returned value is 0x00 on "false", 0xFF on "true".
*/
#define EQ(x, y) \
((((0U - ((unsigned) (x) ^ (unsigned) (y))) >> 8) & 0xFF) ^ 0xFF)
#define GT(x, y) ((((unsigned) (y) - (unsigned) (x)) >> 8) & 0xFF)
#define GE(x, y) (GT(y, x) ^ 0xFF)
#define LT(x, y) GT(y, x)
#define LE(x, y) GE(y, x)
/*
* Convert value x (0..63) to corresponding Base64 character.
*/
static int
b64_byte_to_char(unsigned x)
{
return (LT(x, 26) & (x + 'A')) |
(GE(x, 26) & LT(x, 52) & (x + ('a' - 26))) |
(GE(x, 52) & LT(x, 62) & (x + ('0' - 52))) | (EQ(x, 62) & '+') |
(EQ(x, 63) & '/');
}
/*
* Convert character c to the corresponding 6-bit value. If character c
* is not a Base64 character, then 0xFF (255) is returned.
*/
static unsigned
b64_char_to_byte(int c)
{
unsigned x;
x = (GE(c, 'A') & LE(c, 'Z') & (c - 'A')) |
(GE(c, 'a') & LE(c, 'z') & (c - ('a' - 26))) |
(GE(c, '0') & LE(c, '9') & (c - ('0' - 52))) | (EQ(c, '+') & 62) |
(EQ(c, '/') & 63);
return x | (EQ(x, 0) & (EQ(c, 'A') ^ 0xFF));
}
/*
* Convert some bytes to Base64. 'dst_len' is the length (in characters)
* of the output buffer 'dst'; if that buffer is not large enough to
* receive the result (including the terminating 0), then (size_t)-1
* is returned. Otherwise, the zero-terminated Base64 string is written
* in the buffer, and the output length (counted WITHOUT the terminating
* zero) is returned.
*/
static size_t
to_base64(char *dst, size_t dst_len, const void *src, size_t src_len)
{
size_t olen;
const unsigned char *buf;
unsigned acc, acc_len;
olen = (src_len / 3) << 2;
switch (src_len % 3) {
case 2:
olen++;
/* fall through */
case 1:
olen += 2;
break;
}
if (dst_len <= olen) {
return (size_t) -1;
}
acc = 0;
acc_len = 0;
buf = (const unsigned char *) src;
while (src_len-- > 0) {
acc = (acc << 8) + (*buf++);
acc_len += 8;
while (acc_len >= 6) {
acc_len -= 6;
*dst++ = (char) b64_byte_to_char((acc >> acc_len) & 0x3F);
}
}
if (acc_len > 0) {
*dst++ = (char) b64_byte_to_char((acc << (6 - acc_len)) & 0x3F);
}
*dst++ = 0;
return olen;
}
/*
* Decode Base64 chars into bytes. The '*dst_len' value must initially
* contain the length of the output buffer '*dst'; when the decoding
* ends, the actual number of decoded bytes is written back in
* '*dst_len'.
*
* Decoding stops when a non-Base64 character is encountered, or when
* the output buffer capacity is exceeded. If an error occurred (output
* buffer is too small, invalid last characters leading to unprocessed
* buffered bits), then NULL is returned; otherwise, the returned value
* points to the first non-Base64 character in the source stream, which
* may be the terminating zero.
*/
static const char *
from_base64(void *dst, size_t *dst_len, const char *src)
{
size_t len;
unsigned char *buf;
unsigned acc, acc_len;
buf = (unsigned char *) dst;
len = 0;
acc = 0;
acc_len = 0;
for (;;) {
unsigned d;
d = b64_char_to_byte(*src);
if (d == 0xFF) {
break;
}
src++;
acc = (acc << 6) + d;
acc_len += 6;
if (acc_len >= 8) {
acc_len -= 8;
if ((len++) >= *dst_len) {
return NULL;
}
*buf++ = (acc >> acc_len) & 0xFF;
}
}
/*
* If the input length is equal to 1 modulo 4 (which is
* invalid), then there will remain 6 unprocessed bits;
* otherwise, only 0, 2 or 4 bits are buffered. The buffered
* bits must also all be zero.
*/
if (acc_len > 4 || (acc & ((1U << acc_len) - 1)) != 0) {
return NULL;
}
*dst_len = len;
return src;
}
/*
* Decode decimal integer from 'str'; the value is written in '*v'.
@ -300,14 +138,18 @@ decode_string(argon2_context *ctx, const char *str, argon2_type type)
} while ((void)0, 0)
/* Decoding base64 into a binary buffer */
#define BIN(buf, max_len, len) \
do { \
size_t bin_len = (max_len); \
str = from_base64(buf, &bin_len, str); \
if (str == NULL || bin_len > UINT32_MAX) { \
return ARGON2_DECODING_FAIL; \
} \
(len) = (uint32_t) bin_len; \
#define BIN(buf, max_len, len) \
do { \
size_t bin_len = (max_len); \
const char *str_end; \
if (sodium_base642bin((buf), (max_len), str, strlen(str), NULL, \
&bin_len, &str_end, \
sodium_base64_VARIANT_ORIGINAL_NO_PADDING) != 0 || \
bin_len > UINT32_MAX) { \
return ARGON2_DECODING_FAIL; \
} \
(len) = (uint32_t) bin_len; \
str = str_end; \
} while ((void) 0, 0)
size_t maxsaltlen = ctx->saltlen;
@ -416,14 +258,16 @@ encode_string(char *dst, size_t dst_len, argon2_context *ctx, argon2_type type)
SS(tmp); \
} while ((void) 0, 0)
#define SB(buf, len) \
do { \
size_t sb_len = to_base64(dst, dst_len, buf, len); \
if (sb_len == (size_t) -1) { \
return ARGON2_ENCODING_FAIL; \
} \
dst += sb_len; \
dst_len -= sb_len; \
#define SB(buf, len) \
do { \
size_t sb_len; \
if (sodium_bin2base64(dst, dst_len, (buf), (len), \
sodium_base64_VARIANT_ORIGINAL_NO_PADDING) == NULL) { \
return ARGON2_ENCODING_FAIL; \
} \
sb_len = strlen(dst); \
dst += sb_len; \
dst_len -= sb_len; \
} while ((void) 0, 0)
int validation_result;

16
src/libsodium/crypto_pwhash/argon2/argon2-fill-block-avx2.c
View File

@ -140,7 +140,7 @@ generate_addresses(const argon2_instance_t *instance,
}
}
int
void
fill_segment_avx2(const argon2_instance_t *instance,
argon2_position_t position)
{
@ -148,14 +148,14 @@ fill_segment_avx2(const argon2_instance_t *instance,
uint64_t pseudo_rand, ref_index, ref_lane;
uint32_t prev_offset, curr_offset;
uint32_t starting_index, i;
__m256i state[32];
__m256i state[ARGON2_HWORDS_IN_BLOCK];
int data_independent_addressing = 1;
/* Pseudo-random values that determine the reference block position */
uint64_t *pseudo_rands = NULL;
if (instance == NULL) {
return ARGON2_OK;
return;
}
if (instance->type == Argon2_id &&
@ -163,11 +163,7 @@ fill_segment_avx2(const argon2_instance_t *instance,
data_independent_addressing = 0;
}
pseudo_rands =
(uint64_t *) malloc(sizeof(uint64_t) * instance->segment_length);
if (pseudo_rands == NULL) {
return ARGON2_MEMORY_ALLOCATION_ERROR;
}
pseudo_rands = instance->pseudo_rands;
if (data_independent_addressing) {
generate_addresses(instance, &position, pseudo_rands);
@ -239,9 +235,5 @@ fill_segment_avx2(const argon2_instance_t *instance,
(uint8_t *) curr_block->v);
}
}
free(pseudo_rands);
return ARGON2_OK;
}
#endif

244
src/libsodium/crypto_pwhash/argon2/argon2-fill-block-avx512f.c Normal file
View File

@ -0,0 +1,244 @@
/*
* Argon2 source code package
*
* Written by Daniel Dinu and Dmitry Khovratovich, 2015
*
* This work is licensed under a Creative Commons CC0 1.0 License/Waiver.
*
* You should have received a copy of the CC0 Public Domain Dedication along
* with
* this software. If not, see
* <http://creativecommons.org/publicdomain/zero/1.0/>.
*/
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
#include "argon2-core.h"
#include "argon2.h"
#include "private/common.h"
#include "private/sse2_64_32.h"
#if defined(HAVE_AVX512FINTRIN_H) && defined(HAVE_AVX2INTRIN_H) && \
defined(HAVE_EMMINTRIN_H) && defined(HAVE_TMMINTRIN_H) && defined(HAVE_SMMINTRIN_H)
# ifdef __GNUC__
# pragma GCC target("sse2")
# pragma GCC target("ssse3")
# pragma GCC target("sse4.1")
# pragma GCC target("avx2")
# pragma GCC target("avx512f")
# endif
# ifdef _MSC_VER
# include <intrin.h> /* for _mm_set_epi64x */
# endif
#include <emmintrin.h>
#include <immintrin.h>
#include <smmintrin.h>
#include <tmmintrin.h>
# include "blamka-round-avx512f.h"
static void
fill_block(__m512i *state, const uint8_t *ref_block, uint8_t *next_block)
{
__m512i block_XY[ARGON2_512BIT_WORDS_IN_BLOCK];
uint32_t i;
for (i = 0; i < ARGON2_512BIT_WORDS_IN_BLOCK; i++) {
block_XY[i] = state[i] = _mm512_xor_si512(
state[i], _mm512_loadu_si512((__m512i const *) (&ref_block[64 * i])));
}
for (i = 0; i < 2; ++i) {
BLAKE2_ROUND_1(
state[8 * i + 0], state[8 * i + 1], state[8 * i + 2], state[8 * i + 3],
state[8 * i + 4], state[8 * i + 5], state[8 * i + 6], state[8 * i + 7]);
}
for (i = 0; i < 2; ++i) {
BLAKE2_ROUND_2(
state[2 * 0 + i], state[2 * 1 + i], state[2 * 2 + i], state[2 * 3 + i],
state[2 * 4 + i], state[2 * 5 + i], state[2 * 6 + i], state[2 * 7 + i]);
}
for (i = 0; i < ARGON2_512BIT_WORDS_IN_BLOCK; i++) {
state[i] = _mm512_xor_si512(state[i], block_XY[i]);
_mm512_storeu_si512((__m512i *) (&next_block[64 * i]), state[i]);
}
}
static void
fill_block_with_xor(__m512i *state, const uint8_t *ref_block,
uint8_t *next_block)
{
__m512i block_XY[ARGON2_512BIT_WORDS_IN_BLOCK];
uint32_t i;
for (i = 0; i < ARGON2_512BIT_WORDS_IN_BLOCK; i++) {
state[i] = _mm512_xor_si512(
state[i], _mm512_loadu_si512((__m512i const *) (&ref_block[64 * i])));
block_XY[i] = _mm512_xor_si512(
state[i], _mm512_loadu_si512((__m512i const *) (&next_block[64 * i])));
}
for (i = 0; i < 2; ++i) {
BLAKE2_ROUND_1(
state[8 * i + 0], state[8 * i + 1], state[8 * i + 2], state[8 * i + 3],
state[8 * i + 4], state[8 * i + 5], state[8 * i + 6], state[8 * i + 7]);
}
for (i = 0; i < 2; ++i) {
BLAKE2_ROUND_2(
state[2 * 0 + i], state[2 * 1 + i], state[2 * 2 + i], state[2 * 3 + i],
state[2 * 4 + i], state[2 * 5 + i], state[2 * 6 + i], state[2 * 7 + i]);
}
for (i = 0; i < ARGON2_512BIT_WORDS_IN_BLOCK; i++) {
state[i] = _mm512_xor_si512(state[i], block_XY[i]);
_mm512_storeu_si512((__m512i *) (&next_block[64 * i]), state[i]);
}
}
static void
generate_addresses(const argon2_instance_t *instance,
const argon2_position_t *position, uint64_t *pseudo_rands)
{
block address_block, input_block, tmp_block;
uint32_t i;
init_block_value(&address_block, 0);
init_block_value(&input_block, 0);
if (instance != NULL && position != NULL) {
input_block.v[0] = position->pass;
input_block.v[1] = position->lane;
input_block.v[2] = position->slice;
input_block.v[3] = instance->memory_blocks;
input_block.v[4] = instance->passes;
input_block.v[5] = instance->type;
for (i = 0; i < instance->segment_length; ++i) {
if (i % ARGON2_ADDRESSES_IN_BLOCK == 0) {
/* Temporary zero-initialized blocks */
__m512i zero_block[ARGON2_512BIT_WORDS_IN_BLOCK];
__m512i zero2_block[ARGON2_512BIT_WORDS_IN_BLOCK];
memset(zero_block, 0, sizeof(zero_block));
memset(zero2_block, 0, sizeof(zero2_block));
init_block_value(&address_block, 0);
init_block_value(&tmp_block, 0);
/* Increasing index counter */
input_block.v[6]++;
/* First iteration of G */
fill_block_with_xor(zero_block, (uint8_t *) &input_block.v,
(uint8_t *) &tmp_block.v);
/* Second iteration of G */
fill_block_with_xor(zero2_block, (uint8_t *) &tmp_block.v,
(uint8_t *) &address_block.v);
}
pseudo_rands[i] = address_block.v[i % ARGON2_ADDRESSES_IN_BLOCK];
}
}
}
void
fill_segment_avx512f(const argon2_instance_t *instance,
argon2_position_t position)
{
block *ref_block = NULL, *curr_block = NULL;
uint64_t pseudo_rand, ref_index, ref_lane;
uint32_t prev_offset, curr_offset;
uint32_t starting_index, i;
__m512i state[ARGON2_512BIT_WORDS_IN_BLOCK];
int data_independent_addressing = 1;
/* Pseudo-random values that determine the reference block position */
uint64_t *pseudo_rands = NULL;
if (instance == NULL) {
return;
}
if (instance->type == Argon2_id &&
(position.pass != 0 || position.slice >= ARGON2_SYNC_POINTS / 2)) {
data_independent_addressing = 0;
}
pseudo_rands = instance->pseudo_rands;
if (data_independent_addressing) {
generate_addresses(instance, &position, pseudo_rands);
}
starting_index = 0;
if ((0 == position.pass) && (0 == position.slice)) {
starting_index = 2; /* we have already generated the first two blocks */
}
/* Offset of the current block */
curr_offset = position.lane * instance->lane_length +
position.slice * instance->segment_length + starting_index;
if (0 == curr_offset % instance->lane_length) {
/* Last block in this lane */
prev_offset = curr_offset + instance->lane_length - 1;
} else {
/* Previous block */
prev_offset = curr_offset - 1;
}
memcpy(state, ((instance->region->memory + prev_offset)->v),
ARGON2_BLOCK_SIZE);
for (i = starting_index; i < instance->segment_length;
++i, ++curr_offset, ++prev_offset) {
/*1.1 Rotating prev_offset if needed */
if (curr_offset % instance->lane_length == 1) {
prev_offset = curr_offset - 1;
}
/* 1.2 Computing the index of the reference block */
/* 1.2.1 Taking pseudo-random value from the previous block */
if (data_independent_addressing) {
#pragma warning(push)
#pragma warning(disable : 6385)
pseudo_rand = pseudo_rands[i];
#pragma warning(pop)
} else {
pseudo_rand = instance->region->memory[prev_offset].v[0];
}
/* 1.2.2 Computing the lane of the reference block */
ref_lane = ((pseudo_rand >> 32)) % instance->lanes;
if ((position.pass == 0) && (position.slice == 0)) {
/* Can not reference other lanes yet */
ref_lane = position.lane;
}
/* 1.2.3 Computing the number of possible reference block within the
* lane.
*/
position.index = i;
ref_index = index_alpha(instance, &position, pseudo_rand & 0xFFFFFFFF,
ref_lane == position.lane);
/* 2 Creating a new block */
ref_block = instance->region->memory +
instance->lane_length * ref_lane + ref_index;
curr_block = instance->region->memory + curr_offset;
if (position.pass != 0) {
fill_block_with_xor(state, (uint8_t *) ref_block->v,
(uint8_t *) curr_block->v);
} else {
fill_block(state, (uint8_t *) ref_block->v,
(uint8_t *) curr_block->v);
}
}
}
#endif

15
src/libsodium/crypto_pwhash/argon2/argon2-fill-block-ref.c
View File

@ -140,7 +140,7 @@ generate_addresses(const argon2_instance_t *instance,
}
}
int
void
fill_segment_ref(const argon2_instance_t *instance, argon2_position_t position)
{
block *ref_block = NULL, *curr_block = NULL;
@ -153,7 +153,7 @@ fill_segment_ref(const argon2_instance_t *instance, argon2_position_t position)
int data_independent_addressing = 1;
if (instance == NULL) {
return ARGON2_OK;
return;
}
if (instance->type == Argon2_id &&
@ -161,12 +161,7 @@ fill_segment_ref(const argon2_instance_t *instance, argon2_position_t position)
data_independent_addressing = 0;
}
pseudo_rands =
(uint64_t *) malloc(sizeof(uint64_t) * (instance->segment_length));
if (pseudo_rands == NULL) {
return ARGON2_MEMORY_ALLOCATION_ERROR;
}
pseudo_rands = instance->pseudo_rands;
if (data_independent_addressing) {
generate_addresses(instance, &position, pseudo_rands);
@ -235,8 +230,4 @@ fill_segment_ref(const argon2_instance_t *instance, argon2_position_t position)
curr_block);
}
}
free(pseudo_rands);
return ARGON2_OK;
}

16
src/libsodium/crypto_pwhash/argon2/argon2-fill-block-ssse3.c
View File

@ -139,7 +139,7 @@ generate_addresses(const argon2_instance_t *instance,
}
}
int
void
fill_segment_ssse3(const argon2_instance_t *instance,
argon2_position_t position)
{
@ -147,14 +147,14 @@ fill_segment_ssse3(const argon2_instance_t *instance,
uint64_t pseudo_rand, ref_index, ref_lane;
uint32_t prev_offset, curr_offset;
uint32_t starting_index, i;
__m128i state[64];
__m128i state[ARGON2_OWORDS_IN_BLOCK];
int data_independent_addressing = 1;
/* Pseudo-random values that determine the reference block position */
uint64_t *pseudo_rands = NULL;
if (instance == NULL) {
return ARGON2_OK;
return;
}
if (instance->type == Argon2_id &&
@ -162,11 +162,7 @@ fill_segment_ssse3(const argon2_instance_t *instance,
data_independent_addressing = 0;
}
pseudo_rands =
(uint64_t *) malloc(sizeof(uint64_t) * instance->segment_length);
if (pseudo_rands == NULL) {
return ARGON2_MEMORY_ALLOCATION_ERROR;
}
pseudo_rands = instance->pseudo_rands;
if (data_independent_addressing) {
generate_addresses(instance, &position, pseudo_rands);
@ -238,9 +234,5 @@ fill_segment_ssse3(const argon2_instance_t *instance,
(uint8_t *) curr_block->v);
}
}
free(pseudo_rands);
return ARGON2_OK;
}
#endif

6
src/libsodium/crypto_pwhash/argon2/argon2.c
View File

@ -70,11 +70,7 @@ argon2_ctx(argon2_context *context, argon2_type type)
}
/* 4. Filling memory */
result = fill_memory_blocks(&instance);
if (ARGON2_OK != result) {
return result;
}
fill_memory_blocks(&instance);
/* 5. Finalization */
finalize(context, &instance);

145
src/libsodium/crypto_pwhash/argon2/blamka-round-avx512f.h Normal file
View File

@ -0,0 +1,145 @@
#ifndef blamka_round_avx512f_H
#define blamka_round_avx512f_H
#include "private/common.h"
#include "private/sse2_64_32.h"
#define ror64(x, n) _mm512_ror_epi64((x), (n))
static inline __m512i
muladd(__m512i x, __m512i y)
{
__m512i z = _mm512_mul_epu32(x, y);
return _mm512_add_epi64(_mm512_add_epi64(x, y), _mm512_add_epi64(z, z));
}
#define G1_AVX512F(A0, B0, C0, D0, A1, B1, C1, D1) \
do { \
A0 = muladd(A0, B0); \
A1 = muladd(A1, B1); \
\
D0 = _mm512_xor_si512(D0, A0); \
D1 = _mm512_xor_si512(D1, A1); \
\
D0 = ror64(D0, 32); \
D1 = ror64(D1, 32); \
\
C0 = muladd(C0, D0); \
C1 = muladd(C1, D1); \
\
B0 = _mm512_xor_si512(B0, C0); \
B1 = _mm512_xor_si512(B1, C1); \
\
B0 = ror64(B0, 24); \
B1 = ror64(B1, 24); \
} while ((void)0, 0)
#define G2_AVX512F(A0, B0, C0, D0, A1, B1, C1, D1) \
do { \
A0 = muladd(A0, B0); \
A1 = muladd(A1, B1); \
\
D0 = _mm512_xor_si512(D0, A0); \
D1 = _mm512_xor_si512(D1, A1); \
\
D0 = ror64(D0, 16); \
D1 = ror64(D1, 16); \
\
C0 = muladd(C0, D0); \
C1 = muladd(C1, D1); \
\
B0 = _mm512_xor_si512(B0, C0); \
B1 = _mm512_xor_si512(B1, C1); \
\
B0 = ror64(B0, 63); \
B1 = ror64(B1, 63); \
} while ((void)0, 0)
#define DIAGONALIZE(A0, B0, C0, D0, A1, B1, C1, D1) \
do { \
B0 = _mm512_permutex_epi64(B0, _MM_SHUFFLE(0, 3, 2, 1)); \
B1 = _mm512_permutex_epi64(B1, _MM_SHUFFLE(0, 3, 2, 1)); \
\
C0 = _mm512_permutex_epi64(C0, _MM_SHUFFLE(1, 0, 3, 2)); \
C1 = _mm512_permutex_epi64(C1, _MM_SHUFFLE(1, 0, 3, 2)); \
\
D0 = _mm512_permutex_epi64(D0, _MM_SHUFFLE(2, 1, 0, 3)); \
D1 = _mm512_permutex_epi64(D1, _MM_SHUFFLE(2, 1, 0, 3)); \
} while ((void)0, 0)
#define UNDIAGONALIZE(A0, B0, C0, D0, A1, B1, C1, D1) \
do { \
B0 = _mm512_permutex_epi64(B0, _MM_SHUFFLE(2, 1, 0, 3)); \
B1 = _mm512_permutex_epi64(B1, _MM_SHUFFLE(2, 1, 0, 3)); \
\
C0 = _mm512_permutex_epi64(C0, _MM_SHUFFLE(1, 0, 3, 2)); \
C1 = _mm512_permutex_epi64(C1, _MM_SHUFFLE(1, 0, 3, 2)); \
\
D0 = _mm512_permutex_epi64(D0, _MM_SHUFFLE(0, 3, 2, 1)); \
D1 = _mm512_permutex_epi64(D1, _MM_SHUFFLE(0, 3, 2, 1)); \
} while ((void)0, 0)
#define BLAKE2_ROUND(A0, B0, C0, D0, A1, B1, C1, D1) \
do { \
G1_AVX512F(A0, B0, C0, D0, A1, B1, C1, D1); \
G2_AVX512F(A0, B0, C0, D0, A1, B1, C1, D1); \
\
DIAGONALIZE(A0, B0, C0, D0, A1, B1, C1, D1); \
\
G1_AVX512F(A0, B0, C0, D0, A1, B1, C1, D1); \
G2_AVX512F(A0, B0, C0, D0, A1, B1, C1, D1); \
\
UNDIAGONALIZE(A0, B0, C0, D0, A1, B1, C1, D1); \
} while ((void)0, 0)
#define SWAP_HALVES(A0, A1) \
do { \
__m512i t0, t1; \
t0 = _mm512_shuffle_i64x2(A0, A1, _MM_SHUFFLE(1, 0, 1, 0)); \
t1 = _mm512_shuffle_i64x2(A0, A1, _MM_SHUFFLE(3, 2, 3, 2)); \
A0 = t0; \
A1 = t1; \
} while((void)0, 0)
#define SWAP_QUARTERS(A0, A1) \
do { \
SWAP_HALVES(A0, A1); \
A0 = _mm512_permutexvar_epi64(_mm512_setr_epi64(0, 1, 4, 5, 2, 3, 6, 7), A0); \
A1 = _mm512_permutexvar_epi64(_mm512_setr_epi64(0, 1, 4, 5, 2, 3, 6, 7), A1); \
} while((void)0, 0)
#define UNSWAP_QUARTERS(A0, A1) \
do { \
A0 = _mm512_permutexvar_epi64(_mm512_setr_epi64(0, 1, 4, 5, 2, 3, 6, 7), A0); \
A1 = _mm512_permutexvar_epi64(_mm512_setr_epi64(0, 1, 4, 5, 2, 3, 6, 7), A1); \
SWAP_HALVES(A0, A1); \
} while((void)0, 0)
#define BLAKE2_ROUND_1(A0, C0, B0, D0, A1, C1, B1, D1) \
do { \
SWAP_HALVES(A0, B0); \
SWAP_HALVES(C0, D0); \
SWAP_HALVES(A1, B1); \
SWAP_HALVES(C1, D1); \
BLAKE2_ROUND(A0, B0, C0, D0, A1, B1, C1, D1); \
SWAP_HALVES(A0, B0); \
SWAP_HALVES(C0, D0); \
SWAP_HALVES(A1, B1); \
SWAP_HALVES(C1, D1); \
} while ((void)0, 0)
#define BLAKE2_ROUND_2(A0, A1, B0, B1, C0, C1, D0, D1) \
do { \
SWAP_QUARTERS(A0, A1); \
SWAP_QUARTERS(B0, B1); \
SWAP_QUARTERS(C0, C1); \
SWAP_QUARTERS(D0, D1); \
BLAKE2_ROUND(A0, B0, C0, D0, A1, B1, C1, D1); \
UNSWAP_QUARTERS(A0, A1); \
UNSWAP_QUARTERS(B0, B1); \
UNSWAP_QUARTERS(C0, C1); \
UNSWAP_QUARTERS(D0, D1); \
} while ((void)0, 0)
#endif

56
src/libsodium/crypto_pwhash/argon2/pwhash_argon2i.c
View File

@ -3,11 +3,15 @@
#include <limits.h>
#include <stddef.h>
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
#include "argon2-core.h"
#include "argon2-encoding.h"
#include "argon2.h"
#include "crypto_pwhash.h"
#include "crypto_pwhash_argon2i.h"
#include "crypto_pwhash_argon2id.h"
#include "randombytes.h"
#include "utils.h"
@ -211,3 +215,55 @@ crypto_pwhash_argon2i_str_verify(const char str[crypto_pwhash_argon2i_STRBYTES],
}
return -1;
}
static int
_needs_rehash(const char *str, unsigned long long opslimit, size_t memlimit,
argon2_type type)
{
unsigned char *fodder;
argon2_context ctx;
size_t fodder_len;
int ret = -1;
fodder_len = strlen(str);
memlimit /= 1024U;
if (opslimit > UINT32_MAX || memlimit > UINT32_MAX ||
fodder_len >= crypto_pwhash_STRBYTES) {
errno = EINVAL;
return -1;
}
memset(&ctx, 0, sizeof ctx);
if ((fodder = (unsigned char *) calloc(fodder_len, 1U)) == NULL) {
return -1; /* LCOV_EXCL_LINE */
}
ctx.out = ctx.pwd = ctx.salt = fodder;
ctx.outlen = ctx.pwdlen = ctx.saltlen = (uint32_t) fodder_len;
ctx.ad = ctx.secret = NULL;
ctx.adlen = ctx.secretlen = 0U;
if (decode_string(&ctx, str, type) != 0) {
errno = EINVAL;
ret = -1;
} else if (ctx.t_cost != (uint32_t) opslimit ||
ctx.m_cost != (uint32_t) memlimit) {
ret = 1;
} else {
ret = 0;
}
free(fodder);
return ret;
}
int
crypto_pwhash_argon2i_str_needs_rehash(const char str[crypto_pwhash_argon2i_STRBYTES],
unsigned long long opslimit, size_t memlimit)
{
return _needs_rehash(str, opslimit, memlimit, Argon2_i);
}
int
crypto_pwhash_argon2id_str_needs_rehash(const char str[crypto_pwhash_argon2id_STRBYTES],
unsigned long long opslimit, size_t memlimit)
{
return _needs_rehash(str, opslimit, memlimit, Argon2_id);
}

35
src/libsodium/crypto_pwhash/crypto_pwhash.c
View File

@ -2,6 +2,7 @@
#include <errno.h>
#include <string.h>
#include "core.h"
#include "crypto_pwhash.h"
int
@ -150,6 +151,23 @@ crypto_pwhash_str(char out[crypto_pwhash_STRBYTES],
opslimit, memlimit);
}
int
crypto_pwhash_str_alg(char out[crypto_pwhash_STRBYTES],
const char * const passwd, unsigned long long passwdlen,
unsigned long long opslimit, size_t memlimit, int alg)
{
switch (alg) {
case crypto_pwhash_ALG_ARGON2I13:
return crypto_pwhash_argon2i_str(out, passwd, passwdlen,
opslimit, memlimit);
case crypto_pwhash_ALG_ARGON2ID13:
return crypto_pwhash_argon2id_str(out, passwd, passwdlen,
opslimit, memlimit);
}
sodium_misuse();
/* NOTREACHED */
}
int
crypto_pwhash_str_verify(const char str[crypto_pwhash_STRBYTES],
const char * const passwd,
@ -168,6 +186,23 @@ crypto_pwhash_str_verify(const char str[crypto_pwhash_STRBYTES],
return -1;
}
int
crypto_pwhash_str_needs_rehash(const char str[crypto_pwhash_STRBYTES],
unsigned long long opslimit, size_t memlimit)
{
if (strncmp(str, crypto_pwhash_argon2id_STRPREFIX,
sizeof crypto_pwhash_argon2id_STRPREFIX - 1) == 0) {
return crypto_pwhash_argon2id_str_needs_rehash(str, opslimit, memlimit);
}
if (strncmp(str, crypto_pwhash_argon2i_STRPREFIX,
sizeof crypto_pwhash_argon2i_STRPREFIX - 1) == 0) {
return crypto_pwhash_argon2i_str_needs_rehash(str, opslimit, memlimit);
}
errno = EINVAL;
return -1;
}
const char *
crypto_pwhash_primitive(void) {
return crypto_pwhash_PRIMITIVE;

48
src/libsodium/crypto_pwhash/scryptsalsa208sha256/crypto_scrypt-common.c
View File

@ -105,6 +105,34 @@ decode64_uint32(uint32_t *dst, uint32_t dstbits, const uint8_t *src)
return src;
}
const uint8_t *
escrypt_parse_setting(const uint8_t *setting,
uint32_t *N_log2_p, uint32_t *r_p, uint32_t *p_p)
{
const uint8_t *src;
if (setting[0] != '$' || setting[1] != '7' || setting[2] != '$') {
return NULL;
}
src = setting + 3;
if (decode64_one(N_log2_p, *src)) {
return NULL;
}
src++;
src = decode64_uint32(r_p, 30, src);
if (!src) {
return NULL;
}
src = decode64_uint32(p_p, 30, src);
if (!src) {
return NULL;
}
return src;
}
uint8_t *
escrypt_r(escrypt_local_t *local, const uint8_t *passwd, size_t passwdlen,
const uint8_t *setting, uint8_t *buf, size_t buflen)
@ -122,25 +150,11 @@ escrypt_r(escrypt_local_t *local, const uint8_t *passwd, size_t passwdlen,
uint32_t r;
uint32_t p;
if (setting[0] != '$' || setting[1] != '7' || setting[2] != '$') {
src = escrypt_parse_setting(setting, &N_log2, &r, &p);
if (!src) {
return NULL;
}
src = setting + 3;
if (decode64_one(&N_log2, *src)) {
return NULL;
}
src++;
N = (uint64_t) 1 << N_log2;
src = decode64_uint32(&r, 30, src);
if (!src) {
return NULL;
}
src = decode64_uint32(&p, 30, src);
if (!src) {
return NULL;
}
prefixlen = src - setting;
salt = src;
@ -195,7 +209,7 @@ escrypt_gensalt_r(uint32_t N_log2, uint32_t r, uint32_t p, const uint8_t *src,
return NULL; /* LCOV_EXCL_LINE */
}
if (N_log2 > 63 || ((uint64_t) r * (uint64_t) p >= (1U << 30))) {
return NULL;
return NULL; /* LCOV_EXCL_LINE */
}
dst = buf;
*dst++ = '$';

4
src/libsodium/crypto_pwhash/scryptsalsa208sha256/crypto_scrypt.h
View File

@ -91,4 +91,8 @@ extern uint8_t *escrypt_gensalt_r(uint32_t __N_log2, uint32_t __r, uint32_t __p,
const uint8_t *__src, size_t __srclen,
uint8_t *__buf, size_t __buflen);
extern const uint8_t *escrypt_parse_setting(const uint8_t *setting,
uint32_t *N_log2_p, uint32_t *r_p,
uint32_t *p_p);
#endif /* !_CRYPTO_SCRYPT_H_ */

6
src/libsodium/crypto_pwhash/scryptsalsa208sha256/pbkdf2-sha256.c
View File

@ -31,7 +31,9 @@
#include <sys/types.h>
#include "core.h"
#include "crypto_auth_hmacsha256.h"
#include "crypto_pwhash_scryptsalsa208sha256.h"
#include "pbkdf2-sha256.h"
#include "private/common.h"
#include "utils.h"
@ -55,8 +57,10 @@ PBKDF2_SHA256(const uint8_t *passwd, size_t passwdlen, const uint8_t *salt,
size_t clen;
#if SIZE_MAX > 0x1fffffffe0ULL
COMPILER_ASSERT(crypto_pwhash_scryptsalsa208sha256_BYTES_MAX
<= 0x1fffffffe0ULL);
if (dkLen > 0x1fffffffe0ULL) {
abort();
sodium_misuse(); /* LCOV_EXCL_LINE */
}
#endif
crypto_auth_hmacsha256_init(&PShctx, passwd, passwdlen);

29
src/libsodium/crypto_pwhash/scryptsalsa208sha256/pwhash_scryptsalsa208sha256.c
View File

@ -254,3 +254,32 @@ crypto_pwhash_scryptsalsa208sha256_str_verify(
return ret;
}
int
crypto_pwhash_scryptsalsa208sha256_str_needs_rehash(
const char str[crypto_pwhash_scryptsalsa208sha256_STRBYTES],
unsigned long long opslimit, size_t memlimit)
{
uint32_t N_log2, N_log2_;
uint32_t p, p_;
uint32_t r, r_;
if (pickparams(opslimit, memlimit, &N_log2, &p, &r) != 0) {
errno = EINVAL;
return -1;
}
if (memchr(str, 0, crypto_pwhash_scryptsalsa208sha256_STRBYTES) !=
&str[crypto_pwhash_scryptsalsa208sha256_STRBYTES - 1U]) {
errno = EINVAL;
return -1;
}
if (escrypt_parse_setting((const uint8_t *) str,
&N_log2_, &r_, &p_) == NULL) {
errno = EINVAL;
return -1;
}
if (N_log2 != N_log2_ || r != r_ || p != p_) {
return 1;
}
return 0;
}

8
src/libsodium/crypto_pwhash/scryptsalsa208sha256/sse/pwhash_scryptsalsa208sha256_sse.c
View File

@ -318,10 +318,12 @@ escrypt_kdf_sse(escrypt_local_t *local, const uint8_t *passwd, size_t passwdlen,
/* Sanity-check parameters. */
# if SIZE_MAX > UINT32_MAX
/* LCOV_EXCL_START */
if (buflen > (((uint64_t)(1) << 32) - 1) * 32) {
errno = EFBIG;
return -1;
}
/* LCOV_EXCL_END */
# endif
if ((uint64_t)(r) * (uint64_t)(p) >= ((uint64_t) 1 << 30)) {
errno = EFBIG;
@ -339,6 +341,7 @@ escrypt_kdf_sse(escrypt_local_t *local, const uint8_t *passwd, size_t passwdlen,
errno = EINVAL;
return -1;
}
/* LCOV_EXCL_START */
if ((r > SIZE_MAX / 128 / p) ||
# if SIZE_MAX / 256 <= UINT32_MAX
(r > SIZE_MAX / 256) ||
@ -347,21 +350,26 @@ escrypt_kdf_sse(escrypt_local_t *local, const uint8_t *passwd, size_t passwdlen,
errno = ENOMEM;
return -1;
}
/* LCOV_EXCL_END */
/* Allocate memory. */
B_size = (size_t) 128 * r * p;
V_size = (size_t) 128 * r * N;
need = B_size + V_size;
/* LCOV_EXCL_START */
if (need < V_size) {
errno = ENOMEM;
return -1;
}
/* LCOV_EXCL_END */
XY_size = (size_t) 256 * r + 64;
need += XY_size;
/* LCOV_EXCL_START */
if (need < XY_size) {
errno = ENOMEM;
return -1;
}
/* LCOV_EXCL_END */
if (local->size < need) {
if (free_region(local)) {
return -1; /* LCOV_EXCL_LINE */

6
src/libsodium/crypto_scalarmult/curve25519/scalarmult_curve25519.c
View File

@ -20,11 +20,11 @@ int
crypto_scalarmult_curve25519(unsigned char *q, const unsigned char *n,
const unsigned char *p)
{
size_t i;
unsigned char d = 0;
size_t i;
volatile unsigned char d = 0;
if (implementation->mult(q, n, p) != 0) {
return -1;
return -1; /* LCOV_EXCL_LINE */
}
for (i = 0; i < crypto_scalarmult_curve25519_BYTES; i++) {
d |= q[i];

6
src/libsodium/crypto_secretbox/crypto_secretbox.c
View File

@ -32,6 +32,12 @@ crypto_secretbox_macbytes(void)
return crypto_secretbox_MACBYTES;
}
size_t
crypto_secretbox_messagebytes_max(void)
{
return crypto_secretbox_MESSAGEBYTES_MAX;
}
const char *
crypto_secretbox_primitive(void)
{

9
src/libsodium/crypto_secretbox/crypto_secretbox_easy.c
View File

@ -5,6 +5,7 @@
#include <stdlib.h>
#include <string.h>
#include "core.h"
#include "crypto_core_hsalsa20.h"
#include "crypto_onetimeauth_poly1305.h"
#include "crypto_secretbox.h"
@ -29,7 +30,7 @@ crypto_secretbox_detached(unsigned char *c, unsigned char *mac,
if (((uintptr_t) c > (uintptr_t) m &&
(uintptr_t) c - (uintptr_t) m < mlen) ||
((uintptr_t) m > (uintptr_t) c &&
(uintptr_t) m - (uintptr_t) c < mlen)) {
(uintptr_t) m - (uintptr_t) c < mlen)) { /* LCOV_EXCL_LINE */
memmove(c, m, mlen);
m = c;
}
@ -71,8 +72,8 @@ crypto_secretbox_easy(unsigned char *c, const unsigned char *m,
unsigned long long mlen, const unsigned char *n,
const unsigned char *k)
{
if (mlen > SIZE_MAX - crypto_secretbox_MACBYTES) {
return -1;
if (mlen > crypto_secretbox_MESSAGEBYTES_MAX) {
sodium_misuse();
}
return crypto_secretbox_detached(c + crypto_secretbox_MACBYTES,
c, m, mlen, n, k);
@ -103,7 +104,7 @@ crypto_secretbox_open_detached(unsigned char *m, const unsigned char *c,
if (((uintptr_t) c >= (uintptr_t) m &&
(uintptr_t) c - (uintptr_t) m < clen) ||
((uintptr_t) m >= (uintptr_t) c &&
(uintptr_t) m - (uintptr_t) c < clen)) {
(uintptr_t) m - (uintptr_t) c < clen)) { /* LCOV_EXCL_LINE */
memmove(m, c, clen);
c = m;
}

15
src/libsodium/crypto_secretbox/xchacha20poly1305/secretbox_xchacha20poly1305.c
View File

@ -5,6 +5,7 @@
#include <stdlib.h>
#include <string.h>
#include "core.h"
#include "crypto_core_hchacha20.h"
#include "crypto_onetimeauth_poly1305.h"
#include "crypto_secretbox_xchacha20poly1305.h"
@ -33,7 +34,7 @@ crypto_secretbox_xchacha20poly1305_detached(unsigned char *c,
if (((uintptr_t) c > (uintptr_t) m &&
(uintptr_t) c - (uintptr_t) m < mlen) ||
((uintptr_t) m > (uintptr_t) c &&
(uintptr_t) m - (uintptr_t) c < mlen)) {
(uintptr_t) m - (uintptr_t) c < mlen)) { /* LCOV_EXCL_LINE */
memmove(c, m, mlen);
m = c;
}
@ -77,8 +78,8 @@ crypto_secretbox_xchacha20poly1305_easy(unsigned char *c,
const unsigned char *n,
const unsigned char *k)
{
if (mlen > SIZE_MAX - crypto_secretbox_xchacha20poly1305_MACBYTES) {
return -1;
if (mlen > crypto_secretbox_xchacha20poly1305_MESSAGEBYTES_MAX) {
sodium_misuse();
}
return crypto_secretbox_xchacha20poly1305_detached
(c + crypto_secretbox_xchacha20poly1305_MACBYTES, c, m, mlen, n, k);
@ -110,7 +111,7 @@ crypto_secretbox_xchacha20poly1305_open_detached(unsigned char *m,
if (((uintptr_t) c >= (uintptr_t) m &&
(uintptr_t) c - (uintptr_t) m < clen) ||
((uintptr_t) m >= (uintptr_t) c &&
(uintptr_t) m - (uintptr_t) c < clen)) {
(uintptr_t) m - (uintptr_t) c < clen)) { /* LCOV_EXCL_LINE */
memmove(m, c, clen);
c = m;
}
@ -168,3 +169,9 @@ crypto_secretbox_xchacha20poly1305_macbytes(void)
{
return crypto_secretbox_xchacha20poly1305_MACBYTES;
}
size_t
crypto_secretbox_xchacha20poly1305_messagebytes_max(void)
{
return crypto_secretbox_xchacha20poly1305_MESSAGEBYTES_MAX;
}

6
src/libsodium/crypto_secretbox/xsalsa20poly1305/secretbox_xsalsa20poly1305.c
View File

@ -76,6 +76,12 @@ crypto_secretbox_xsalsa20poly1305_macbytes(void)
return crypto_secretbox_xsalsa20poly1305_MACBYTES;
}
size_t
crypto_secretbox_xsalsa20poly1305_messagebytes_max(void)
{
return crypto_secretbox_xsalsa20poly1305_MESSAGEBYTES_MAX;
}
void
crypto_secretbox_xsalsa20poly1305_keygen(unsigned char k[crypto_secretbox_xsalsa20poly1305_KEYBYTES])
{

303
src/libsodium/crypto_secretstream/xchacha20poly1305/secretstream_xchacha20poly1305.c Normal file
View File

@ -0,0 +1,303 @@
#include <stdint.h>
#include <stdlib.h>
#include <limits.h>
#include <string.h>
#include "core.h"
#include "crypto_aead_chacha20poly1305.h"
#include "crypto_aead_xchacha20poly1305.h"
#include "crypto_core_hchacha20.h"
#include "crypto_onetimeauth_poly1305.h"
#include "crypto_secretstream_xchacha20poly1305.h"
#include "randombytes.h"
#include "utils.h"
#include "private/common.h"
#define crypto_secretstream_xchacha20poly1305_COUNTERBYTES 4U
#define crypto_secretstream_xchacha20poly1305_INONCEBYTES 8U
#define STATE_COUNTER(STATE) ((STATE)->nonce)
#define STATE_INONCE(STATE) ((STATE)->nonce + \
crypto_secretstream_xchacha20poly1305_COUNTERBYTES)
static const unsigned char _pad0[16] = { 0 };
void
crypto_secretstream_xchacha20poly1305_keygen
(unsigned char k[crypto_secretstream_xchacha20poly1305_KEYBYTES])
{
randombytes_buf(k, crypto_secretstream_xchacha20poly1305_KEYBYTES);
}
int
crypto_secretstream_xchacha20poly1305_init_push
(crypto_secretstream_xchacha20poly1305_state *state,
unsigned char out[crypto_secretstream_xchacha20poly1305_HEADERBYTES],
const unsigned char k[crypto_secretstream_xchacha20poly1305_KEYBYTES])
{
COMPILER_ASSERT(crypto_secretstream_xchacha20poly1305_HEADERBYTES ==
crypto_core_hchacha20_INPUTBYTES +
crypto_secretstream_xchacha20poly1305_INONCEBYTES);
COMPILER_ASSERT(crypto_secretstream_xchacha20poly1305_HEADERBYTES ==
crypto_aead_xchacha20poly1305_ietf_NPUBBYTES);
COMPILER_ASSERT(sizeof state->nonce ==
crypto_secretstream_xchacha20poly1305_INONCEBYTES +
crypto_secretstream_xchacha20poly1305_COUNTERBYTES);
randombytes_buf(out, crypto_secretstream_xchacha20poly1305_HEADERBYTES);
crypto_core_hchacha20(state->k, out, k, NULL);
memset(STATE_COUNTER(state), 0, crypto_secretstream_xchacha20poly1305_COUNTERBYTES);
memcpy(STATE_INONCE(state), out + crypto_core_hchacha20_INPUTBYTES,
crypto_secretstream_xchacha20poly1305_INONCEBYTES);
memset(state->_pad, 0, sizeof state->_pad);
return 0;
}
int
crypto_secretstream_xchacha20poly1305_init_pull
(crypto_secretstream_xchacha20poly1305_state *state,
const unsigned char in[crypto_secretstream_xchacha20poly1305_HEADERBYTES],
const unsigned char k[crypto_secretstream_xchacha20poly1305_KEYBYTES])
{
crypto_core_hchacha20(state->k, in, k, NULL);
memset(STATE_COUNTER(state), 0, crypto_secretstream_xchacha20poly1305_COUNTERBYTES);
memcpy(STATE_INONCE(state), in + crypto_core_hchacha20_INPUTBYTES,
crypto_secretstream_xchacha20poly1305_INONCEBYTES);
memset(state->_pad, 0, sizeof state->_pad);
return 0;
}
void
crypto_secretstream_xchacha20poly1305_rekey
(crypto_secretstream_xchacha20poly1305_state *state)
{
unsigned char new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES +
crypto_secretstream_xchacha20poly1305_INONCEBYTES];
size_t i;
for (i = 0U; i < crypto_stream_chacha20_ietf_KEYBYTES; i++) {
new_key_and_inonce[i] = state->k[i];
}
for (i = 0U; i < crypto_secretstream_xchacha20poly1305_INONCEBYTES; i++) {
new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES + i] =
STATE_INONCE(state)[i];
}
crypto_stream_chacha20_ietf_xor(new_key_and_inonce, new_key_and_inonce,
sizeof new_key_and_inonce,
state->nonce, state->k);
for (i = 0U; i < crypto_stream_chacha20_ietf_KEYBYTES; i++) {
state->k[i] = new_key_and_inonce[i];
}
for (i = 0U; i < crypto_secretstream_xchacha20poly1305_INONCEBYTES; i++) {
STATE_INONCE(state)[i] =
new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES + i];
}
memset(STATE_COUNTER(state), 0,
crypto_secretstream_xchacha20poly1305_COUNTERBYTES);
}
int
crypto_secretstream_xchacha20poly1305_push
(crypto_secretstream_xchacha20poly1305_state *state,
unsigned char *out, unsigned long long *outlen_p,
const unsigned char *m, unsigned long long mlen,
const unsigned char *ad, unsigned long long adlen, unsigned char tag)
{
crypto_onetimeauth_poly1305_state poly1305_state;
unsigned char block[64U];
unsigned char slen[8U];
unsigned char *c;
unsigned char *mac;
if (outlen_p != NULL) {
*outlen_p = 0U;
}
if (mlen > crypto_secretstream_xchacha20poly1305_MESSAGEBYTES_MAX) {
sodium_misuse();
}
crypto_stream_chacha20_ietf(block, sizeof block, state->nonce, state->k);
crypto_onetimeauth_poly1305_init(&poly1305_state, block);
sodium_memzero(block, sizeof block);
crypto_onetimeauth_poly1305_update(&poly1305_state, ad, adlen);
crypto_onetimeauth_poly1305_update(&poly1305_state, _pad0,
(0x10 - adlen) & 0xf);
memset(block, 0, sizeof block);
block[0] = tag;
crypto_stream_chacha20_ietf_xor_ic(block, block, sizeof block,
state->nonce, 1U, state->k);
crypto_onetimeauth_poly1305_update(&poly1305_state, block, sizeof block);
out[0] = block[0];
c = out + (sizeof tag);
crypto_stream_chacha20_ietf_xor_ic(c, m, mlen, state->nonce, 2U, state->k);
crypto_onetimeauth_poly1305_update(&poly1305_state, c, mlen);
crypto_onetimeauth_poly1305_update
(&poly1305_state, _pad0, (0x10 - (sizeof block) + mlen) & 0xf);
STORE64_LE(slen, (uint64_t) adlen);
crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
STORE64_LE(slen, (sizeof block) + mlen);
crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
mac = c + mlen;
crypto_onetimeauth_poly1305_final(&poly1305_state, mac);
sodium_memzero(&poly1305_state, sizeof poly1305_state);
COMPILER_ASSERT(crypto_onetimeauth_poly1305_BYTES >=
crypto_secretstream_xchacha20poly1305_INONCEBYTES);
XOR_BUF(STATE_INONCE(state), mac,
crypto_secretstream_xchacha20poly1305_INONCEBYTES);
sodium_increment(STATE_COUNTER(state),
crypto_secretstream_xchacha20poly1305_COUNTERBYTES);
if ((tag & crypto_secretstream_xchacha20poly1305_TAG_REKEY) != 0 ||
sodium_is_zero(STATE_COUNTER(state),
crypto_secretstream_xchacha20poly1305_COUNTERBYTES)) {
crypto_secretstream_xchacha20poly1305_rekey(state);
}
if (outlen_p != NULL) {
*outlen_p = crypto_secretstream_xchacha20poly1305_ABYTES + mlen;
}
return 0;
}
int
crypto_secretstream_xchacha20poly1305_pull
(crypto_secretstream_xchacha20poly1305_state *state,
unsigned char *m, unsigned long long *mlen_p, unsigned char *tag_p,
const unsigned char *in, unsigned long long inlen,
const unsigned char *ad, unsigned long long adlen)
{
crypto_onetimeauth_poly1305_state poly1305_state;
unsigned char block[64U];
unsigned char slen[8U];
unsigned char mac[crypto_onetimeauth_poly1305_BYTES];
const unsigned char *c;
const unsigned char *stored_mac;
unsigned long long mlen;
unsigned char tag;
if (mlen_p != NULL) {
*mlen_p = 0U;
}
if (tag_p != NULL) {
*tag_p = 0xff;
}
if (inlen < crypto_secretstream_xchacha20poly1305_ABYTES) {
return -1;
}
mlen = inlen - crypto_secretstream_xchacha20poly1305_ABYTES;
if (mlen > crypto_secretstream_xchacha20poly1305_MESSAGEBYTES_MAX) {
sodium_misuse();
}
crypto_stream_chacha20_ietf(block, sizeof block, state->nonce, state->k);
crypto_onetimeauth_poly1305_init(&poly1305_state, block);
sodium_memzero(block, sizeof block);
crypto_onetimeauth_poly1305_update(&poly1305_state, ad, adlen);
crypto_onetimeauth_poly1305_update(&poly1305_state, _pad0,
(0x10 - adlen) & 0xf);
memset(block, 0, sizeof block);
block[0] = in[0];
crypto_stream_chacha20_ietf_xor_ic(block, block, sizeof block,
state->nonce, 1U, state->k);
tag = block[0];
block[0] = in[0];
crypto_onetimeauth_poly1305_update(&poly1305_state, block, sizeof block);
c = in + (sizeof tag);
crypto_onetimeauth_poly1305_update(&poly1305_state, c, mlen);
crypto_onetimeauth_poly1305_update
(&poly1305_state, _pad0, (0x10 - (sizeof block) + mlen) & 0xf);
STORE64_LE(slen, (uint64_t) adlen);
crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
STORE64_LE(slen, (sizeof block) + mlen);
crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
crypto_onetimeauth_poly1305_final(&poly1305_state, mac);
sodium_memzero(&poly1305_state, sizeof poly1305_state);
stored_mac = c + mlen;
if (sodium_memcmp(mac, stored_mac, sizeof mac) != 0) {
sodium_memzero(mac, sizeof mac);
return -1;
}
crypto_stream_chacha20_ietf_xor_ic(m, c, mlen, state->nonce, 2U, state->k);
XOR_BUF(STATE_INONCE(state), mac,
crypto_secretstream_xchacha20poly1305_INONCEBYTES);
sodium_increment(STATE_COUNTER(state),
crypto_secretstream_xchacha20poly1305_COUNTERBYTES);
if ((tag & crypto_secretstream_xchacha20poly1305_TAG_REKEY) != 0 ||
sodium_is_zero(STATE_COUNTER(state),
crypto_secretstream_xchacha20poly1305_COUNTERBYTES)) {
crypto_secretstream_xchacha20poly1305_rekey(state);
}
if (mlen_p != NULL) {
*mlen_p = mlen;
}
if (tag_p != NULL) {
*tag_p = tag;
}
return 0;
}
size_t
crypto_secretstream_xchacha20poly1305_statebytes(void)
{
return sizeof(crypto_secretstream_xchacha20poly1305_state);
}
size_t
crypto_secretstream_xchacha20poly1305_abytes(void)
{
return crypto_secretstream_xchacha20poly1305_ABYTES;
}
size_t
crypto_secretstream_xchacha20poly1305_headerbytes(void)
{
return crypto_secretstream_xchacha20poly1305_HEADERBYTES;
}
size_t
crypto_secretstream_xchacha20poly1305_keybytes(void)
{
return crypto_secretstream_xchacha20poly1305_KEYBYTES;
}
size_t
crypto_secretstream_xchacha20poly1305_messagebytes_max(void)
{
return crypto_secretstream_xchacha20poly1305_MESSAGEBYTES_MAX;
}
unsigned char
crypto_secretstream_xchacha20poly1305_tag_message(void)
{
return crypto_secretstream_xchacha20poly1305_TAG_MESSAGE;
}
unsigned char
crypto_secretstream_xchacha20poly1305_tag_push(void)
{
return crypto_secretstream_xchacha20poly1305_TAG_PUSH;
}
unsigned char
crypto_secretstream_xchacha20poly1305_tag_rekey(void)
{
return crypto_secretstream_xchacha20poly1305_TAG_REKEY;
}
unsigned char
crypto_secretstream_xchacha20poly1305_tag_final(void)
{
return crypto_secretstream_xchacha20poly1305_TAG_FINAL;
}

6
src/libsodium/crypto_sign/crypto_sign.c
View File

@ -31,6 +31,12 @@ crypto_sign_secretkeybytes(void)
return crypto_sign_SECRETKEYBYTES;
}
size_t
crypto_sign_messagebytes_max(void)
{
return crypto_sign_MESSAGEBYTES_MAX;
}
const char *
crypto_sign_primitive(void)
{

3
src/libsodium/crypto_sign/ed25519/ref10/ed25519_ref10.h
View File

@ -15,4 +15,7 @@ int _crypto_sign_ed25519_verify_detached(const unsigned char *sig,
unsigned long long mlen,
const unsigned char *pk,
int prehashed);
int _crypto_sign_ed25519_small_order(const unsigned char p[32]);
#endif

11
src/libsodium/crypto_sign/ed25519/ref10/keypair.c
View File

@ -4,6 +4,7 @@
#include "crypto_hash_sha512.h"
#include "crypto_scalarmult_curve25519.h"
#include "crypto_sign_ed25519.h"
#include "ed25519_ref10.h"
#include "private/curve25519_ref10.h"
#include "randombytes.h"
#include "utils.h"
@ -46,10 +47,16 @@ crypto_sign_ed25519_pk_to_curve25519(unsigned char *curve25519_pk,
const unsigned char *ed25519_pk)
{
ge_p3 A;
ge_p3 pl;
fe x;
fe one_minus_y;
if (ge_frombytes_negate_vartime(&A, ed25519_pk) != 0) {
if (_crypto_sign_ed25519_small_order(ed25519_pk) ||
ge_frombytes_negate_vartime(&A, ed25519_pk) != 0) {
return -1;
}
ge_mul_l(&pl, &A);
if (fe_isnonzero(pl.X)) {
return -1;
}
fe_1(one_minus_y);
@ -71,7 +78,7 @@ crypto_sign_ed25519_sk_to_curve25519(unsigned char *curve25519_sk,
crypto_hash_sha512(h, ed25519_sk,
crypto_sign_ed25519_SECRETKEYBYTES -
crypto_sign_ed25519_PUBLICKEYBYTES);
crypto_sign_ed25519_PUBLICKEYBYTES);
h[0] &= 248;
h[31] &= 127;
h[31] |= 64;

2
src/libsodium/crypto_sign/ed25519/ref10/obsolete.c
View File

@ -83,7 +83,7 @@ crypto_sign_edwards25519sha512batch_open(unsigned char *m,
ge_p3 cs3;
*mlen_p = 0;
if (smlen < 64 || smlen > SIZE_MAX) {
if (smlen < 64 || smlen - 64 > crypto_sign_edwards25519sha512batch_MESSAGEBYTES_MAX) {
return -1;
}
mlen = smlen - 64;

11
src/libsodium/crypto_sign/ed25519/ref10/open.c
View File

@ -33,8 +33,8 @@ crypto_sign_check_S_lt_L(const unsigned char *S)
return -(c == 0);
}
static int
small_order(const unsigned char R[32])
int
_crypto_sign_ed25519_small_order(const unsigned char p[32])
{
CRYPTO_ALIGN(16)
static const unsigned char blacklist[][32] = {
@ -97,7 +97,7 @@ small_order(const unsigned char R[32])
for (i = 0; i < sizeof blacklist / sizeof blacklist[0]; i++) {
c = 0;
for (j = 0; j < 32; j++) {
c |= R[j] ^ blacklist[i][j];
c |= p[j] ^ blacklist[i][j];
}
if (c == 0) {
return 1;
@ -123,7 +123,8 @@ _crypto_sign_ed25519_verify_detached(const unsigned char *sig,
ge_p2 R;
#ifndef ED25519_COMPAT
if (crypto_sign_check_S_lt_L(sig + 32) != 0 || small_order(sig) != 0) {
if (crypto_sign_check_S_lt_L(sig + 32) != 0 ||
_crypto_sign_ed25519_small_order(sig) != 0) {
return -1;
}
#else
@ -170,7 +171,7 @@ crypto_sign_ed25519_open(unsigned char *m, unsigned long long *mlen_p,
{
unsigned long long mlen;
if (smlen < 64 || smlen > SIZE_MAX) {
if (smlen < 64 || smlen - 64 > crypto_sign_ed25519_MESSAGEBYTES_MAX) {
goto badsig;
}
mlen = smlen - 64;

6
src/libsodium/crypto_sign/ed25519/sign_ed25519.c
View File

@ -35,6 +35,12 @@ crypto_sign_ed25519_secretkeybytes(void)
return crypto_sign_ed25519_SECRETKEYBYTES;
}
size_t
crypto_sign_ed25519_messagebytes_max(void)
{
return crypto_sign_ed25519_MESSAGEBYTES_MAX;
}
int
crypto_sign_ed25519_sk_to_seed(unsigned char *seed, const unsigned char *sk)
{

5
src/libsodium/crypto_stream/chacha20/dolbeau/chacha20_dolbeau-avx2.c
View File

@ -3,6 +3,7 @@
#include <stdlib.h>
#include <string.h>
#include "core.h"
#include "crypto_stream_chacha20.h"
#include "private/common.h"
#include "private/sse2_64_32.h"
@ -76,8 +77,8 @@ chacha20_encrypt_bytes(chacha_ctx *ctx, const uint8_t *m, uint8_t *c,
if (!bytes) {
return; /* LCOV_EXCL_LINE */
}
if (bytes > 64ULL * (1ULL << 32) - 64ULL) {
abort();
if (bytes > crypto_stream_chacha20_MESSAGEBYTES_MAX) {
sodium_misuse();
}
# include "u8.h"
# include "u4.h"

5
src/libsodium/crypto_stream/chacha20/dolbeau/chacha20_dolbeau-ssse3.c
View File

@ -3,6 +3,7 @@
#include <stdlib.h>
#include <string.h>
#include "core.h"
#include "crypto_stream_chacha20.h"
#include "private/common.h"
#include "private/sse2_64_32.h"
@ -71,8 +72,8 @@ chacha20_encrypt_bytes(chacha_ctx *ctx, const uint8_t *m, uint8_t *c,
if (!bytes) {
return; /* LCOV_EXCL_LINE */
}
if (bytes > 64ULL * (1ULL << 32) - 64ULL) {
abort();
if (bytes > crypto_stream_chacha20_MESSAGEBYTES_MAX) {
sodium_misuse();
}
# include "u4.h"
# include "u1.h"

2
src/libsodium/crypto_stream/chacha20/dolbeau/u0.h
View File

@ -7,7 +7,7 @@ if (bytes > 0) {
_mm_set_epi8(14, 13, 12, 15, 10, 9, 8, 11, 6, 5, 4, 7, 2, 1, 0, 3);
uint8_t partialblock[64];
int i;
unsigned int i;
x_0 = _mm_loadu_si128((__m128i*) (x + 0));
x_1 = _mm_loadu_si128((__m128i*) (x + 4));

5
src/libsodium/crypto_stream/chacha20/ref/chacha20_ref.c
View File

@ -9,6 +9,7 @@
#include <stdlib.h>
#include <string.h>
#include "core.h"
#include "crypto_stream_chacha20.h"
#include "private/common.h"
#include "utils.h"
@ -91,8 +92,8 @@ chacha20_encrypt_bytes(chacha_ctx *ctx, const uint8_t *m, uint8_t *c,
if (!bytes) {
return; /* LCOV_EXCL_LINE */
}
if (bytes > 64ULL * (1ULL << 32) - 64ULL) {
abort();
if (bytes > crypto_stream_chacha20_MESSAGEBYTES_MAX) {
sodium_misuse();
}
j0 = ctx->input[0];
j1 = ctx->input[1];

12
src/libsodium/crypto_stream/chacha20/stream_chacha20.c
View File

@ -26,6 +26,12 @@ crypto_stream_chacha20_noncebytes(void) {
return crypto_stream_chacha20_NONCEBYTES;
}
size_t
crypto_stream_chacha20_messagebytes_max(void)
{
return crypto_stream_chacha20_MESSAGEBYTES_MAX;
}
size_t
crypto_stream_chacha20_ietf_keybytes(void) {
return crypto_stream_chacha20_ietf_KEYBYTES;
@ -36,6 +42,12 @@ crypto_stream_chacha20_ietf_noncebytes(void) {
return crypto_stream_chacha20_ietf_NONCEBYTES;
}
size_t
crypto_stream_chacha20_ietf_messagebytes_max(void)
{
return crypto_stream_chacha20_ietf_MESSAGEBYTES_MAX;
}
int
crypto_stream_chacha20(unsigned char *c, unsigned long long clen,
const unsigned char *n, const unsigned char *k)

6
src/libsodium/crypto_stream/crypto_stream.c
View File

@ -14,6 +14,12 @@ crypto_stream_noncebytes(void)
return crypto_stream_NONCEBYTES;
}
size_t
crypto_stream_messagebytes_max(void)
{
return crypto_stream_MESSAGEBYTES_MAX;
}
const char *
crypto_stream_primitive(void)
{

8
src/libsodium/crypto_stream/salsa20/stream_salsa20.c
View File

@ -37,6 +37,12 @@ crypto_stream_salsa20_noncebytes(void)
return crypto_stream_salsa20_NONCEBYTES;
}
size_t
crypto_stream_salsa20_messagebytes_max(void)
{
return crypto_stream_salsa20_MESSAGEBYTES_MAX;
}
int
crypto_stream_salsa20(unsigned char *c, unsigned long long clen,
const unsigned char *n, const unsigned char *k)
@ -89,5 +95,5 @@ _crypto_stream_salsa20_pick_best_implementation(void)
return 0;
}
#endif
return 0;
return 0; /* LCOV_EXCL_LINE */
}

2
src/libsodium/crypto_stream/salsa20/xmm6int/u0.h
View File

@ -7,7 +7,7 @@ if (bytes > 0) {
__m128i b0, b1, b2, b3, b4, b5, b6, b7;
uint8_t partialblock[64];
int i;
unsigned int i;
a0 = diag1;
for (i = 0; i < ROUNDS; i += 4) {

6
src/libsodium/crypto_stream/salsa2012/stream_salsa2012.c
View File

@ -13,6 +13,12 @@ crypto_stream_salsa2012_noncebytes(void)
return crypto_stream_salsa2012_NONCEBYTES;
}
size_t
crypto_stream_salsa2012_messagebytes_max(void)
{
return crypto_stream_salsa2012_MESSAGEBYTES_MAX;
}
void
crypto_stream_salsa2012_keygen(unsigned char k[crypto_stream_salsa2012_KEYBYTES])
{

6
src/libsodium/crypto_stream/salsa208/stream_salsa208.c
View File

@ -13,6 +13,12 @@ crypto_stream_salsa208_noncebytes(void)
return crypto_stream_salsa208_NONCEBYTES;
}
size_t
crypto_stream_salsa208_messagebytes_max(void)
{
return crypto_stream_salsa208_MESSAGEBYTES_MAX;
}
void
crypto_stream_salsa208_keygen(unsigned char k[crypto_stream_salsa208_KEYBYTES])
{

6
src/libsodium/crypto_stream/xchacha20/stream_xchacha20.c
View File

@ -19,6 +19,12 @@ crypto_stream_xchacha20_noncebytes(void)
return crypto_stream_xchacha20_NONCEBYTES;
}
size_t
crypto_stream_xchacha20_messagebytes_max(void)
{
return crypto_stream_xchacha20_MESSAGEBYTES_MAX;
}
int
crypto_stream_xchacha20(unsigned char *c, unsigned long long clen,
const unsigned char *n, const unsigned char *k)

6
src/libsodium/crypto_stream/xsalsa20/stream_xsalsa20.c
View File

@ -53,6 +53,12 @@ crypto_stream_xsalsa20_noncebytes(void)
return crypto_stream_xsalsa20_NONCEBYTES;
}
size_t
crypto_stream_xsalsa20_messagebytes_max(void)
{
return crypto_stream_xsalsa20_MESSAGEBYTES_MAX;
}
void
crypto_stream_xsalsa20_keygen(unsigned char k[crypto_stream_xsalsa20_KEYBYTES])
{

109
src/libsodium/crypto_verify/sodium/verify.c
View File

@ -6,56 +6,93 @@
#include "crypto_verify_32.h"
#include "crypto_verify_64.h"
int
crypto_verify_16(const unsigned char *x, const unsigned char *y)
{
uint_fast16_t d = 0U;
int i;
for (i = 0; i < 16; i++) {
d |= x[i] ^ y[i];
}
return (1 & ((d - 1) >> 8)) - 1;
}
size_t
crypto_verify_16_bytes(void)
{
return crypto_verify_16_BYTES;
}
int
crypto_verify_32(const unsigned char *x, const unsigned char *y)
{
uint_fast16_t d = 0U;
int i;
for (i = 0; i < 32; i++) {
d |= x[i] ^ y[i];
}
return (1 & ((d - 1) >> 8)) - 1;
}
size_t
crypto_verify_32_bytes(void)
{
return crypto_verify_32_BYTES;
}
int
crypto_verify_64(const unsigned char *x, const unsigned char *y)
{
uint_fast16_t d = 0U;
int i;
for (i = 0; i < 64; i++) {
d |= x[i] ^ y[i];
}
return (1 & ((d - 1) >> 8)) - 1;
}
size_t
crypto_verify_64_bytes(void)
{
return crypto_verify_64_BYTES;
}
#if defined(HAVE_EMMINTRIN_H) && defined(__SSE2__)
# ifdef __GNUC__
# pragma GCC target("sse2")
# endif
# include <emmintrin.h>
static inline int
crypto_verify_n(const unsigned char *x_, const unsigned char *y_,
const int n)
{
const __m128i zero = _mm_setzero_si128();
volatile __m128i v1, v2, z;
volatile int m;
int i;
const volatile __m128i *volatile x =
(const volatile __m128i *volatile) (const void *) x_;
const volatile __m128i *volatile y =
(const volatile __m128i *volatile) (const void *) y_;
v1 = _mm_loadu_si128((const __m128i *) &x[0]);
v2 = _mm_loadu_si128((const __m128i *) &y[0]);
z = _mm_xor_si128(v1, v2);
for (i = 1; i < n / 16; i++) {
v1 = _mm_loadu_si128((const __m128i *) &x[i]);
v2 = _mm_loadu_si128((const __m128i *) &y[i]);
z = _mm_or_si128(z, _mm_xor_si128(v1, v2));
}
m = _mm_movemask_epi8(_mm_cmpeq_epi32(z, zero));
v1 = zero; v2 = zero; z = zero;
return (int) (((uint32_t) m + 1U) >> 16) - 1;
}
#else
static inline int
crypto_verify_n(const unsigned char *x_, const unsigned char *y_,
const int n)
{
const volatile unsigned char *volatile x =
(const volatile unsigned char *volatile) x_;
const volatile unsigned char *volatile y =
(const volatile unsigned char *volatile) y_;
volatile uint_fast16_t d = 0U;
int i;
for (i = 0; i < n; i++) {
d |= x[i] ^ y[i];
}
return (1 & ((d - 1) >> 8)) - 1;
}
#endif
int
crypto_verify_16(const unsigned char *x, const unsigned char *y)
{
return crypto_verify_n(x, y, crypto_verify_16_BYTES);
}
int
crypto_verify_32(const unsigned char *x, const unsigned char *y)
{
return crypto_verify_n(x, y, crypto_verify_32_BYTES);
}
int
crypto_verify_64(const unsigned char *x, const unsigned char *y)
{
return crypto_verify_n(x, y, crypto_verify_64_BYTES);
}

1
src/libsodium/include/Makefile.am
View File

@ -36,6 +36,7 @@ SODIUM_EXPORT = \
sodium/crypto_secretbox.h \
sodium/crypto_secretbox_xchacha20poly1305.h \
sodium/crypto_secretbox_xsalsa20poly1305.h \
sodium/crypto_secretstream_xchacha20poly1305.h \
sodium/crypto_shorthash.h \
sodium/crypto_shorthash_siphash24.h \
sodium/crypto_sign.h \

3
src/libsodium/include/sodium.h
View File

@ -31,11 +31,11 @@
#include "sodium/crypto_onetimeauth_poly1305.h"
#include "sodium/crypto_pwhash.h"
#include "sodium/crypto_pwhash_argon2i.h"
#include "sodium/crypto_pwhash_scryptsalsa208sha256.h"
#include "sodium/crypto_scalarmult.h"
#include "sodium/crypto_scalarmult_curve25519.h"
#include "sodium/crypto_secretbox.h"
#include "sodium/crypto_secretbox_xsalsa20poly1305.h"
#include "sodium/crypto_secretstream_xchacha20poly1305.h"
#include "sodium/crypto_shorthash.h"
#include "sodium/crypto_shorthash_siphash24.h"
#include "sodium/crypto_sign.h"
@ -59,6 +59,7 @@
#ifndef SODIUM_LIBRARY_MINIMAL
# include "sodium/crypto_box_curve25519xchacha20poly1305.h"
# include "sodium/crypto_secretbox_xchacha20poly1305.h"
# include "sodium/crypto_pwhash_scryptsalsa208sha256.h"
# include "sodium/crypto_stream_aes128ctr.h"
# include "sodium/crypto_stream_salsa2012.h"
# include "sodium/crypto_stream_salsa208.h"

9
src/libsodium/include/sodium/core.h
View File

@ -12,6 +12,15 @@ SODIUM_EXPORT
int sodium_init(void)
__attribute__ ((warn_unused_result));
/* ---- */
SODIUM_EXPORT
int sodium_set_misuse_handler(void (*handler)(void));
SODIUM_EXPORT
void sodium_misuse(void)
__attribute__ ((noreturn));
#ifdef __cplusplus
}
#endif

26
src/libsodium/include/sodium/crypto_aead_aes256gcm.h
View File

@ -1,6 +1,26 @@
#ifndef crypto_aead_aes256gcm_H
#define crypto_aead_aes256gcm_H
/*
* WARNING: Despite being the most popular AEAD construction due to its
* use in TLS, safely using AES-GCM in a different context is tricky.
*
* No more than ~ 350 GB of input data should be encrypted with a given key.
* This is for ~ 16 KB messages -- Actual figures vary according to
* message sizes.
*
* In addition, nonces are short and repeated nonces would totally destroy
* the security of this scheme.
*
* Nonces should thus come from atomic counters, which can be difficult to
* set up in a distributed environment.
*
* Unless you absolutely need AES-GCM, use crypto_aead_xchacha20poly1305_ietf_*()
* instead. It doesn't have any of these limitations.
* Or, if you don't need to authenticate additional data, just stick to
* crypto_secretbox().
*/
#include <stddef.h>
#include "export.h"
@ -30,6 +50,12 @@ size_t crypto_aead_aes256gcm_npubbytes(void);
SODIUM_EXPORT
size_t crypto_aead_aes256gcm_abytes(void);
#define crypto_aead_aes256gcm_MESSAGEBYTES_MAX \
SODIUM_MIN(SODIUM_SIZE_MAX - crypto_aead_aes256gcm_ABYTES, \
(16ULL * ((1ULL << 32) - 2ULL)) - crypto_aead_aes256gcm_ABYTES)
SODIUM_EXPORT
size_t crypto_aead_aes256gcm_messagebytes_max(void);
typedef CRYPTO_ALIGN(16) unsigned char crypto_aead_aes256gcm_state[512];
SODIUM_EXPORT

20
src/libsodium/include/sodium/crypto_aead_chacha20poly1305.h
View File

@ -30,6 +30,12 @@ size_t crypto_aead_chacha20poly1305_ietf_npubbytes(void);
SODIUM_EXPORT
size_t crypto_aead_chacha20poly1305_ietf_abytes(void);
#define crypto_aead_chacha20poly1305_ietf_MESSAGEBYTES_MAX \
SODIUM_MIN(SODIUM_SIZE_MAX - crypto_aead_chacha20poly1305_ietf_ABYTES, \
(64ULL * (1ULL << 32) - 64ULL) - crypto_aead_chacha20poly1305_ietf_ABYTES)
SODIUM_EXPORT
size_t crypto_aead_chacha20poly1305_ietf_messagebytes_max(void);
SODIUM_EXPORT
int crypto_aead_chacha20poly1305_ietf_encrypt(unsigned char *c,
unsigned long long *clen_p,
@ -98,6 +104,11 @@ size_t crypto_aead_chacha20poly1305_npubbytes(void);
SODIUM_EXPORT
size_t crypto_aead_chacha20poly1305_abytes(void);
#define crypto_aead_chacha20poly1305_MESSAGEBYTES_MAX \
(SODIUM_SIZE_MAX - crypto_aead_chacha20poly1305_ABYTES)
SODIUM_EXPORT
size_t crypto_aead_chacha20poly1305_messagebytes_max(void);
SODIUM_EXPORT
int crypto_aead_chacha20poly1305_encrypt(unsigned char *c,
unsigned long long *clen_p,
@ -150,10 +161,11 @@ void crypto_aead_chacha20poly1305_keygen(unsigned char k[crypto_aead_chacha20pol
/* Aliases */
#define crypto_aead_chacha20poly1305_IETF_KEYBYTES crypto_aead_chacha20poly1305_ietf_KEYBYTES
#define crypto_aead_chacha20poly1305_IETF_NSECBYTES crypto_aead_chacha20poly1305_ietf_NSECBYTES
#define crypto_aead_chacha20poly1305_IETF_NPUBBYTES crypto_aead_chacha20poly1305_ietf_NPUBBYTES
#define crypto_aead_chacha20poly1305_IETF_ABYTES crypto_aead_chacha20poly1305_ietf_ABYTES
#define crypto_aead_chacha20poly1305_IETF_KEYBYTES crypto_aead_chacha20poly1305_ietf_KEYBYTES
#define crypto_aead_chacha20poly1305_IETF_NSECBYTES crypto_aead_chacha20poly1305_ietf_NSECBYTES
#define crypto_aead_chacha20poly1305_IETF_NPUBBYTES crypto_aead_chacha20poly1305_ietf_NPUBBYTES
#define crypto_aead_chacha20poly1305_IETF_ABYTES crypto_aead_chacha20poly1305_ietf_ABYTES
#define crypto_aead_chacha20poly1305_IETF_MESSAGEBYTES_MAX crypto_aead_chacha20poly1305_ietf_MESSAGEBYTES_MAX
#ifdef __cplusplus
}

14
src/libsodium/include/sodium/crypto_aead_xchacha20poly1305.h
View File

@ -27,6 +27,11 @@ size_t crypto_aead_xchacha20poly1305_ietf_npubbytes(void);
SODIUM_EXPORT
size_t crypto_aead_xchacha20poly1305_ietf_abytes(void);
#define crypto_aead_xchacha20poly1305_ietf_MESSAGEBYTES_MAX \
(SODIUM_SIZE_MAX - crypto_aead_xchacha20poly1305_ietf_ABYTES)
SODIUM_EXPORT
size_t crypto_aead_xchacha20poly1305_ietf_messagebytes_max(void);
SODIUM_EXPORT
int crypto_aead_xchacha20poly1305_ietf_encrypt(unsigned char *c,
unsigned long long *clen_p,
@ -79,10 +84,11 @@ void crypto_aead_xchacha20poly1305_ietf_keygen(unsigned char k[crypto_aead_xchac
/* Aliases */
#define crypto_aead_xchacha20poly1305_IETF_KEYBYTES crypto_aead_xchacha20poly1305_ietf_KEYBYTES
#define crypto_aead_xchacha20poly1305_IETF_NSECBYTES crypto_aead_xchacha20poly1305_ietf_NSECBYTES
#define crypto_aead_xchacha20poly1305_IETF_NPUBBYTES crypto_aead_xchacha20poly1305_ietf_NPUBBYTES
#define crypto_aead_xchacha20poly1305_IETF_ABYTES crypto_aead_xchacha20poly1305_ietf_ABYTES
#define crypto_aead_xchacha20poly1305_IETF_KEYBYTES crypto_aead_xchacha20poly1305_ietf_KEYBYTES
#define crypto_aead_xchacha20poly1305_IETF_NSECBYTES crypto_aead_xchacha20poly1305_ietf_NSECBYTES
#define crypto_aead_xchacha20poly1305_IETF_NPUBBYTES crypto_aead_xchacha20poly1305_ietf_NPUBBYTES
#define crypto_aead_xchacha20poly1305_IETF_ABYTES crypto_aead_xchacha20poly1305_ietf_ABYTES
#define crypto_aead_xchacha20poly1305_IETF_MESSAGEBYTES_MAX crypto_aead_xchacha20poly1305_ietf_MESSAGEBYTES_MAX
#ifdef __cplusplus
}

Some files were not shown because too many files have changed in this diff Show More