Commit Graph

3781 Commits

Author SHA1 Message Date
Andrew Bettison
fddd7b6640 Merge libsodium 1.0.14
git subtree pull --squash --prefix libsodium git@github.com:jedisct1/libsodium.git 1.0.14
2017-09-27 14:52:05 +09:30
Andrew Bettison
4e2658e3fd Squashed 'libsodium/' changes from 7d5d9204e..18609cffa
4c37368f9 Nits
94550cefd Remove dev #warning
3e0b4dec6 Add sodium_base64_encoded_len()
4ce2856a5 Avoid negations on unsigned values
7e06a6a99 Annotate
18f0fff89 More tests: verify that they key gets updated after the counter wraps
e061abc2b The documentation is not a work in progress any more
91233a014 Tag salsa208 as deprecated
ee1d5c96d Move the codecs tests to their own test file
558355e56 Check if SIGABRT can be trapped multiple times in a row
8ee67b1dd More tests
1f72dec89 More tests
3db75fc64 No need for ge_scalarmult_vartime() in minimal mode
41dc93322 More tests
aec433cec Additional check
87af832ae Do not trigger Travis+Coverity in the master branch
7423408cd Make the behavior of hex2bin() consistent with base642bin()
00660d79b secretstream test: don't pull twice if we don't test with AD
3c8a7f17f Add tests for short, invalid unpadded base64 strings
c7fe84cfb Skip trailing ignored characters in base64 decoding
70e5ff5e1 Add a helper macro to compute the length of a base64 string
9209e89d9 More tests
31e9a5541 More tests
61214ba6b Remove redundant test
525c21ed1 Tests
77f3b7135 Indent
1875980d3 More tests
5b9680ead More tests
4828c5923 ~ 80 columns please
66c621f41 Faster; doesn't require to wipe the output stream
5da8f4fbc Add a global xor_buf() private helper function
7d756fab9 xor the key and the nonce on rekey for better separation
bb1b27fa3 Improve readability
10bb28b27 One more COMPILER_ASSERT()
2ce41de29 Define macros instead of repeated offsets
e878bc141 More keygen tests
f244f658d int -> size_t
9c53da4a6 metamorphic tests for HMAC
bd69a3083 metamorphic tests for onetimeauth
a7b75a2d7 + simple metamorphic tests for crypto_generichash()
a029b352a Don't generate SSE2 code if that instruction set hasn't been enabled
09fd953fc Revert "__SSE2__ may need to be explicitly enabled"
35d8aa5d3 __SSE2__ may need to be explicitly enabled
a161dd9fa On 32-bit systems, the limit is SIZE_MAX
251751e69 Update ChangeLog
d8a8201bb Avoid "in" and "out". Use "c" to represent the ciphertext.
1181a47cb Proper xchacha20poly1305_MESSAGEBYTES_MAX definition
bfab44aa4 initbytes -> headerbytes for clarity
e8f1c0be6 secretstream: use "header" instead of "in" and "out" for clarity
9e0ff55eb Add the ability to use only strong symbols, even on ELF targets
b0420b32d Define SODIUM_EXPORT_WEAK instead of adding __attribute__((weak)) tags
ae515a16a Bring back -fno-asynchronous-unwind-tables on MingW
3df3fabb8 No default clause needed
1f8056ab1 Use #error in autoconf tests
147d8b620 Disable AVX512 on MingW even harder
ffce4334e Disable AVX512 on MingW for now
07de00bc9 Revert -fno-asynchronous-unwind-tables addition
9aa116531 up
eb8c283dd Add -fno-asynchronous-unwind-tables to optimized builds
186b398a2 -fno-asynchronous-unwind-tables is now required on MingW
7de597f05 Update m4 deps ; remove pkg.m4
383705ffc The AVX512 optimized BLAKE2B implementation hasn't been imported yet
f86f021ac Travis CI : Move the tcc check to the install step
19496bcc0 Don't try to access /usr/local on Travis CI
ca43a1268 Old tcc versions miscompile `while (++in[x])`
10edd16b4 Modernize the core3 test
dcde773e5 Travis CI: don't run multiple jobs in parallel due to memory requirements
150c6930e Travis CI: avoid duplicate addons section
cdfb0aaa3 tcc + travis...
9f4011197 tcc doesn't seem to work on Travis CI
7e8cdd827 Travis: start with a quick compilation using tcc
c6aa04108 Move #ifdef up
b31a3f247 Disable AVX512 optimizations on clang < 4
4aba976d5 Explicit casts
15ee95c64 Remove unused var
dcd60ba66 Force inline
5cc334b33 Add AVX512F optimized Argon2 implementation
70f66c9a6 Check for avx/avx2/avx512f linkage
6866b3d55 Use macros instead of magic numbers
1c0677b09 Check for AVX512F support
80095105b Missing pieces of a version bump
390f865e3 Add tests for scrypt rehash
2a2b85eee Add tests for crypto_pwhash_str_needs_rehash()
979b21d67 Remove extra semicolumns
62c41c703 Avoid untagged unions
5cf1de94a Remove trailing coma
3aa1c71de Don't return void
d0a418a86 + _crypto_pwhash_scryptsalsa208sha256_str_needs_rehash()
6dcba550c Confirm that emcc is actually being used if EMSCRIPTEN is defined
0ae678b0f Avoid multiple declarations in an EN_ASM({}) block
b26de68a6 Use single quotes inside EM_ASM
1aae564da Avoid duplicate initializations; reorder for consistency w/ decl
81cf1ff6d Use unsigned for loop counters
e2efa6d7e Remove unused variable
e06c70afe Use the dedicated type for the argon2 type id
378304f81 Export crypto_pwhash_str_needs_rehash() to Javascript/WebAssembly
e8828eef7 Don't bother verifying hashes whose length is >= crypto_pwhash_STRBYTES
7cc482523 Add crypto_pwhash_str_needs_rehash()
c65189a0c Explicit casts
7b687bb45 + Jonathan Stowe for Natrium (Perl 6 bindings)
c72ef48f0 Static-ify what we currently don't need in crypto_core/curve25519_ref10
5c8b8ea01 Simplify
0af31aeb2 Fill the max output buffer size in sodium_bin2base64()
6b43c1ddb Javascript: don't define crypto_pwhash constants in non-sumo builds
e236df63e Trim empty lines
75cfcf208 Merge branch 'master' of github.com:jedisct1/libsodium
e40e0f6dd Adjust secretstream_..._rekey() after e84336ac
514150d8b Merge branch 'master' of github.com:jedisct1/libsodium
394e21884 Do not clear the padding (for alignment) section of a blake2b state
a0fea6965 Remove RUNNING_JS_OPTS for WebAssembly
d863c9665 chmod +x *.sh
957c251f8 chmod +x *.sh
ce2ecc596 One more compiler assertion
e84336ac4 secretstream: assume the internal nonce is little endian
fd4478288 Test sodium_pad() with a NULL pointer
f61a121b8 Regen emscripten symbols
f8e535a44 messagesbytes -> messagebytes
cd721cfc1 Have generate-emscripten-symbols.sh automatically update the js/wasm build script
aa20d2e86 Add secretstream constants
49f1d87cf salsa208: messagebyte -> messagebytes
a0b9bc46e constcheck: grab a few more constants
0ccdfd0c8 Update emscripten symbols list
242045cb4 Update emscripten symbols list
30a25dbb2 Bump
be58b2e66 Accept a NULL pointer for the padded length in sodium_pad()
b503d75e4 Add crypto_secretstream_*() to MSVC solutions
a55e13246 Update packaging for .NET Core (#583)
4c93d0391 C++ compat
0850e5580 Check that a zero blocksize returns -1
a27c18d0e No need for two buffers in the padding test
d5574a69f Complete sodium_pad/unpad() and add a couple tests
b9ed93fcb Change the sodium_pad() API to accept a maximum buffer length
4fd66e3ad Name similar things the same way in sodium_pad() and sodium_unpad()
fb4dc083e Update ChangeLog
50c7632cc + sodium_pad() / sodium_unpad()
55a578d62 Merge branch 'master' of github.com:jedisct1/libsodium
b27714898 Reorder crypto_secretstream_*() prototypes in a more intuitive sequence
c3b315ec7 + Firefox
80296be94 Some notes about RtlGenRandom
914ff8757 Format paragraphs
c65426147 Explain that sodium_misuse() still aborts by default
901c49203 + crypto_secretstream_*()
a335fc2da Merge branch 'master' of github.com:jedisct1/libsodium
5f1f6f747 THANKS += PIA
6e8e0a93f Add a couple tests for crypto_secretstream_*()
88c0b6538 Trigger sodium_misuse() if mlen > secretstream_MESSAGESBYTES_MAX
72d5d506d Sort
df7ad2632 Introduce a new crypto_secretstream_*() API
45f2759d8 Update packaging scripts to .NET Core 2.0 (#582)
c39ecb245 Update packaging for .NET Core (#581)
100a055a5 Indent
e6e3f7dd8 ChangeLog
76995c52f Argon2: use sodium_{bin2base64,base642bin} instead of a private implementation
265bdcfe0 bin2hex & bin2base64: return a null size on error
a6480aec4 b64 test: intentionally overestimate sizes
74fd8fd1c C++ compat
ad5a5232a Make that a size_t
f42390a55 Update Visual Studio solutions
cdbb43f44 base64 tests
eb84b00b7 glibc requires <stdint.h> for SIZE_MAX
3f272cbbf Add a base64 codec, due to popular request
308684790 Move the codecs from sodium/utils.c to a dedicated file
b49054ff8 Merge branch 'master' of github.com:jedisct1/libsodium
ef7c9f44c Sort
c87e6f5e1 Add -Wold-style-declaration
dd9416fd5 Doc
1c573d4cb Update
5b141eb9e Add some blank lines for readability
7e91aa3f8 s/the//
4baea3575 Merge branch 'master' of github.com:jedisct1/libsodium
9b7db7c3f Document crypto_aead_aes256gcm_*() limitations
8f0953b31 Merge branch 'master' of github.com:jedisct1/libsodium
9e0e77a3f Update ChangeLog
a894ec93f Add crypto_pwhash_str_alg()
cde31281d Bench: don't tie the printed result to the number of iterations
6d59a5897 Make the number of iterations configurable; reduce the default
28a1e6886 Add an interesting test case for a custom randombytes_uniform implementation
5b4db091d Add a benchmark mode
8813c36ff randombytes test: restore the salsa20-based rng at the end, for benchmarks
a8cc1634f Indent
9d03fbb38 Merge branch 'master' of github.com:jedisct1/libsodium
196e03299 Preliminary ChangeLog
19f76d7cb Simplify
544ce6400 Just a simple script to match constants with functions
f711c6d04 + emscripten-wasm.sh
1a3b474f7 Update the exported list of JS symbols
e1fa9cc90 Add *_messagebytes_max() wrappers
53280aa28 Revert "wasm tests: skip over *.asm.js files"
ac8111c31 wasm tests: skip over *.asm.js files
29914ec82 [Findsodium.cmake] DON'T OVERWRITE LIBRARY SUFFIXES (#576)
f02770b2a Revert "+ sodium_alloc_overhead()"
c5b61d812 + sodium_alloc_overhead()
23c36615c Remove TOTAL_MEMORY from wasm builds
c56fa3ccf Include private/common.h for COMPILER_ASSERT
56eb70f8b Sort
3c3214fbd Node need for --expose-wasm any more with recent nodejs versions
b5b67d074 Add -fembed-bitcode to the iOS 64 target, for WatchOS and TVOS
580bf7a19 emscripten-wasm.sh: generate HTML files even if we don't use them
ae8cd7208 emscript-wasm: don't use --enable-minimal on sumo builds
f2a7b6123 Update symbols
774ec67e2 Repair sodium_core test
8a14f5c16 Don't call sodium_misuse() in the sodium_core test for Javascript/wasm targets
0ce03b6ce misuse test: just return from main() on unsupported platforms
6ac18dae4 The MESSAGEBYTES_MAX constants are to be used with the libsodium API
180a89cb2 More tests for signatures
90bd94e4e Coverage exclusion
b34b89ab3 secrebox: add a test with in/out buffers next to each other
3dd56fa91 Coverage exclusions
ff8bb6705 More tests for scrypt
a3f90d602 Indent
63d8a896f Test KX with a weak PK
7ad9a46cb More tests
a9a21a7df Test Ed->X conversion with x not being a square root
982cde1a7 Test crypto_box_open_detached() with a weak PK
52bfc0325 Initialize the base&aligned addresses in argon2's allocate_memory
fc9088792 Add missing include "core.h"
c15173de1 Turn a few calls with an insane message length into a sodium_misuse()
f28fe0ae2 Cap argon2*_BYTES_MAX to SODIUM_SIZE_MAX
bac61ebf5 BYTES_MAX -> MESSAGEBYTES_MAX
16179b87f Introduce *_BYTES_MAX constants
568adb570 Trim crypto_pwhash_scryptsalsa208sha256_BYTES_MAX down to ~127 GB
3525f032d Inline
3ee2151f1 memzero(): with weak symbols, just call memset()
105f7108d Argon2: wipe all blocks if the ARGON2_FLAG_CLEAR_MEMORY flag is set
dc2c68067 C++ compat
fb739acd7 fill_memory_blocks() cannot possibly fail
c3908f87d Argon2: deallocate memory if fill_memory_blocks() ever fails
8d91a3275 Add more tests for crypto_sign_ed25519_pk_to_curve25519()
214fe473f Add an invalid key to the signature tests
e1b044820 Test crypto_secretbox_open_detached() with a NULL message pointer
c90ddae75 Use the right state type for the auth256 test
51a0b96f1 Test crypto_hmac_sha256_update() with empty chunks
2a2ed3df3 Volatilify the accumulator, at least for consistency with sodium_is_zero()
cd51ff29e Coverage exclusions
33d6908f9 Test crypto_auth_hmacsha256_*()
f92c82537 More tests
67a7df73b Add all the Visual Studio files in the tarball
56efb47ab .13 -> .14
334738cf2 Add resource.rc to the Visual Studio filters files
47796a5b8 Indent
d7ecf04d6 Comment randombytes_uniform()
eaab51278 Add specialized ge_mul_l() to multiply by the order of the main subgroup
6de26b59d ed25519_pk_to_curve25519: check that the input is in the right subgroup
571915ea2 ed25519: un-static the check for low-order points
b57f9668f More tests
cc5191607 Tag sodium_runtime_has_*() symbols as weak
8b9b6a54b Remove error string from sodium_misuse()
9361070f9 Merge branch 'master' of github.com:jedisct1/libsodium * 'master' of github.com:jedisct1/libsodium:   Tweak emscripten-wasm.sh   Clear the BLAKE2B state only once, on finalization   memzero() the state if we call generichash_final() twice
63cbad750 Visual Studio doesn't like abort() chains
21fd252ac Tweak emscripten-wasm.sh
97486f7d4 Clear the BLAKE2B state only once, on finalization
1090fcfd4 memzero() the state if we call generichash_final() twice
6768d82ea Add missing return value in set_misuse_handler()
9df008a78 Add some invalid base64 strings to pwhash_str_verify() tests
5d56821d3 More tests, and start testing misuse cases
0238cbcf6 Bump NuGet package
0e8d7c926 Implement sodium_set_misuse_handler()
9def4d9a8 Add tests for crypto_kx_*() when a single key is required
8a70f258f No more abort() calls!
c3b24c1d2 Explain why some abort() calls are still around
74703c63a More abort() -> sodium_misuse()
a0e997b8a More abort() -> sodium_misuse()
ea9281cb0 More abort() -> sodium_misuse()
c7459c125 Remove the useless donations button
a61dddd49 Back to dev mode. If you want a stable version, use the stable branch.
bcf98b554 Start replacing abort() with an internal sodium_misuse() function
c86080e7b Fix funky indentation
608e103e4 Finish the Argon2id tests
8b99f44ff Abort on misuse in crypto_kx_server_session_keys() too
765ba55cd crypto_kx(): abort if the function is called without any non-NULL pointer
90658321d Only include sodium/crypto_pwhash_scryptsalsa208sha256.h on !minimal
1f826df2d is_zero(): volatilize the accumulator
3d400363b sodium_compare: x1, x2 don't have to be volatile
99f8c19a1 memzero(): call the weak function after zeroing
30e8a2b23 The time has come to use memset_s() if available
f0c15da02 We don't need these extra loads
bcdb042ad Revert "Explicitly include <limits.h>"
7dbbd266b Simple SSE2 implementation of crypto_verify*()
94a8b3327 Simplify crypto_verify_*()
37e99aa4f Make it more difficult for the compiler to optimize crypto_verify_*()
c746eb277 Revert "Bail out if SIZE_MAX < crypto_pwhash_MEMLIMIT_MAX"
0fd9aae17 Explicitly include <limits.h>
c2ef7d088 Bail out if SIZE_MAX < crypto_pwhash_MEMLIMIT_MAX

git-subtree-dir: libsodium
git-subtree-split: 18609cffafed6ccfcac77088d402074e1d74f02c
2017-09-27 14:52:05 +09:30
Andrew Bettison
5047e20bf0 Fix compile error with Java 1.6 2017-09-27 14:49:13 +09:30
Andrew Bettison
f4ef1e59c7 Require Java version 1.6 or later 2017-09-27 14:49:13 +09:30
Andrew Bettison
9d785acaf2 Add auto-generated files needed for OS-X 2017-09-27 14:49:13 +09:30
Andrew Bettison
46cfb81967 Configure and build libsodium from subtree
The libsodium source code is now embedded in the Serval DNA sourcecode
as a git subtree, so configure.ac and Makefile.in now recurse into it as
part of the Serval DNA build.

This simplifies the build instructions and eliminates all external
dependencies on libsodium development files and operating system
packages, returning Serval DNA to a self-contained component whose only
external dependencies are standard system libraries.

Remove the build-libsodium.sh script, as it is no longer needed.
2017-09-27 14:49:08 +09:30
Andrew Bettison
63d5cec1c6 Merge libsodium 1.0.13
git subtree add --squash --prefix libsodium git@github.com:jedisct1/libsodium.git 1.0.13
git commit --amend (to rewrite this commit message)
2017-09-19 10:16:40 +09:30
Andrew Bettison
fc5c87e213 Squashed 'libsodium/' content from commit 60329a84
git-subtree-dir: libsodium
git-subtree-split: 60329a84ef7edb278b949c53c640031e44ce0157
2017-09-19 10:15:28 +09:30
Andrew Bettison
ad676ad678 Add 'tags' target to Makefile
The 'make tags' indexes all the header and source files known to the
Makefile, and also all the non-standard library headers used for
compiling, such as libsodium, JNI and Android NDK.

This supports the sp-mktags utility in serval-tools, which tries "make
tags" before falling back to its own ctags command.
2017-09-18 16:55:08 +09:30
Andrew Bettison
8e69bd8a6c Set Makefile ALL_SOURCES in sourcefiles.mk
So that anyone re-organising sourcefiles.mk is more likely to update
ALL_SOURCES as well.
2017-09-18 16:55:08 +09:30
Jeremy Lakeman
0382e7990e Enable a more graceful shutdown of the server in most cases 2017-09-12 15:37:52 +09:30
Jeremy Lakeman
dfe108d287 Allow checking for a self signed manifest author with no loaded keyring 2017-09-12 15:04:24 +09:30
Jeremy Lakeman
e158a38137 Clean up a number of memory leaks, as revealed by clang's sanitiser 2017-09-11 14:09:27 +09:30
Jeremy Lakeman
6853f9a3e6 Treat all IOExceptions and all Runtime exceptions after closing as EOF 2017-09-11 14:09:27 +09:30
Andrew Bettison
093bdfdcd3 Add FALLTHROUGH macro to silence -Wimplicit-fallthrough in GCC7 2017-09-11 12:43:38 +09:30
Andrew Bettison
9ba74c6767 Update copyright messages in Java API 2017-09-11 11:39:44 +09:30
Jeremy Lakeman
1c543f3c41 Ensure space calculation is performed as a uint64_t (Fixes #125) 2017-09-06 13:01:58 +09:30
Jeremy Lakeman
3333d2faa2 Compare MeshMS sender first, so you can talk to yourself (Fixes #124) 2017-09-06 12:38:53 +09:30
Jeremy Lakeman
34ad8c0fc0 Treat IllegalStateExceptions thrown by some implementations as EOFExceptions 2017-08-29 16:51:14 +09:30
Jeremy Lakeman
cf4306cff2 Fix warnings on android ndk 2017-08-29 13:19:35 +09:30
Jeremy Lakeman
e8effa75e4 Refactor dns lookups to reuse the code 2017-07-11 11:42:15 +09:30
Jeremy Lakeman
8ad03cb427 Don't fail to write a message ply, if the payload is already stored 2017-07-03 12:15:36 +09:30
Jeremy Lakeman
d1a1a41f08 Escape codepoints U+10000 to U+10FFFF in json output as surrogate pairs 2017-06-29 19:23:51 +09:30
Jeremy Lakeman
fc943fdb19 Fix command line route print --monitor port binding 2017-06-28 15:36:19 +09:30
Jeremy Lakeman
5f1c476249 Fix fd in log message 2017-06-28 15:09:52 +09:30
Jeremy Lakeman
50a3f51c10 Check authorship when opening message ply's 2017-06-28 15:09:38 +09:30
Jeremy Lakeman
b38cc82b82 Tweak structure initialisation to avoid old gcc warnings 2017-06-28 13:34:38 +09:30
Jeremy Lakeman
2356a8ec20 Fix follow / ignore failure handling 2017-06-28 12:08:05 +09:30
Jeremy Lakeman
0cc0f37b52 Failures to set socket options should only be warnings 2017-06-28 10:48:48 +09:30
Jeremy Lakeman
65932e05db Improve reliability of last routing test 2017-06-20 16:32:12 +09:30
Jeremy Lakeman
89d5f877c1 Treat Subscribers as the same only if they have the same signing key 2017-06-20 16:31:56 +09:30
Jeremy Lakeman
ef2430fd58 Handle expected EOF after closing in a different thread 2017-06-20 16:31:20 +09:30
Jeremy Lakeman
9cb561229a Allow following a feed that isn't in rhizome yet, and override the displayed name 2017-06-20 12:17:57 +09:30
Jeremy Lakeman
508e95436a Add API's for marking a feed as blocked 2017-06-07 13:52:44 +09:30
Jeremy Lakeman
f83b15d251 Compile without warnings with android ndk 15 beta 2 2017-06-06 15:14:33 +09:30
Jeremy Lakeman
34b6ab6ec2 Update restful api docs 2017-05-30 09:27:48 +09:30
Jeremy Lakeman
65bc309999 Allow POST requests with no Content-Length 2017-05-24 16:38:42 +09:30
Jeremy Lakeman
af2d32c25b Add Java API for importing bundles with manifests in zip comments 2017-05-24 13:33:03 +09:30
Jeremy Lakeman
c7de17b552 Fix decoding of multiple chunks in the same buffer 2017-05-23 15:34:07 +09:30
Jeremy Lakeman
2db8c24e15 Use chunked transfer encoding and expect header in Java API 2017-05-23 11:37:26 +09:30
Jeremy Lakeman
c138c94ee5 Fix warnings highlighted by gcc 2017-05-22 16:57:57 +09:30
Jeremy Lakeman
77b603942f Support "Transfer-Encoding: chunked" for POST'ed content 2017-05-22 16:17:17 +09:30
Jeremy Lakeman
87d171cdf7 Reject rhizome import before sending manifest & payload 2017-05-17 14:55:56 +09:30
Jeremy Lakeman
8cdd849c3e Return STATUS_OLD from is_interesting 2017-05-17 14:24:28 +09:30
Jeremy Lakeman
e376c1cb80 Add proper server support for http/1.1 Expect header 2017-05-17 14:24:28 +09:30
Jeremy Lakeman
a473304c06 Add restful import API 2017-05-17 10:16:46 +09:30
Jeremy Lakeman
9b7d8bfa23 Resume activity newsince when acking our own message 2017-05-10 15:21:21 +09:30
Jeremy Lakeman
576e95e2cd Fix freeing peer state (Issue #121) 2017-05-10 11:23:13 +09:30
Jeremy Lakeman
3812587a31 Ack the senders ply and thread into activity feed 2017-05-10 11:01:02 +09:30
Jeremy Lakeman
cc0d6fcdb9 Return Invalid bundle status if rhizome manifest not found during import 2017-05-09 14:26:23 +09:30