1
mirror of https://github.com/jedisct1/libsodium.git synced 2024-12-24 12:36:01 -07:00
Commit Graph

2059 Commits

Author SHA1 Message Date
Frank Denis
a586df583a Use blake2b_init() *or* blake2b_init_key(). Calling both is not needed. 2013-11-05 21:00:04 -08:00
Frank Denis
1ca05f6b16 Have sodium_memcmp(a,b,s) return -1 if a != b, document return value. 2013-10-30 06:47:13 -07:00
Frank Denis
82046cbd5e Face it, /dev/arandom was removed from OpenBSD a loooooong time ago. 2013-10-28 10:59:51 -07:00
Frank Denis
afb89c7e16 Some systems have arc4random() but not arc4random_buf() 2013-10-22 02:54:45 -07:00
Frank Denis
af28f8f2cd Export stream_salsa20 constants 2013-10-21 22:03:37 -07:00
Frank Denis
e10a84350f Keep crypto_stream_salsa* constants close to their wrappers 2013-10-21 21:51:59 -07:00
Frank Denis
415b50d56b Package crypto_scalarmult/curve25519/scalarmult_curve25519_api.c 2013-10-21 21:44:03 -07:00
Frank Denis
a5834e1e25 Use arc4random() if available in onetimeauth_poly1305_try.c 2013-10-21 21:11:06 -07:00
Frank Denis
696934b123 _sodium_alignedcalloc(): use arc4random_buf() if available 2013-10-21 21:07:39 -07:00
Frank Denis
f9aff06dc0 Remove all use of booleans. Because MSVC < 2013. Sigh. 2013-10-21 17:49:48 -07:00
Frank Denis
afa49d340c Add stdbool.h for old MSVC. 2013-10-14 17:15:50 -07:00
Frank Denis
81321c8809 Define _SODIUM_C99 as empty on retarded compilers, not only when using C++ 2013-10-14 16:45:02 -07:00
Frank Denis
fcf4b21149 sha256 IV should be unsigned chars. 2013-10-14 13:43:12 -07:00
Frank Denis
8fa91a91ab Cast CryptGenRandom pointer to (BYTE *) to make MSVC happy when compiling as a C++ project 2013-10-14 13:40:54 -07:00
Frank Denis
6df6be8911 Remove some unneeded includes 2013-10-14 13:38:36 -07:00
Frank Denis
64729711c4 Merge branch 'master' of github.com:jedisct1/libsodium
* 'master' of github.com:jedisct1/libsodium:
  Fixed sodium.h install
2013-10-13 12:50:00 -07:00
Frank Denis
bd8cbd3175 Make curve25519-donna-c64 handle non-canonical points like the ref implementation. 2013-10-13 12:49:15 -07:00
xantares
c6cd95f716 Fixed sodium.h install 2013-10-12 23:46:37 +02:00
xantares
5f5c82aa2f Fixed headers install 2013-10-10 23:03:07 +02:00
xantares
8d0942d5b1 Do not include configured headers 2013-10-09 20:57:32 +02:00
xantares
e2a30a859d Fixed libsodium.def dependency 2013-10-09 19:22:23 +02:00
Frank Denis
9599289ae0 Use HAVE_TI_MODE in portable-jane.h to use (or not) int128_t 2013-10-08 13:10:16 -07:00
Frank Denis
5ae6712192 More C89 compat 2013-10-07 19:58:06 -07:00
Frank Denis
1e4157ad19 blake2b: use only pre-C99 style declarations. 2013-10-07 19:46:32 -07:00
Frank Denis
82c7b125af Define an empty SODIUM_EXPORT if SODIUM_STATIC is defined. 2013-10-07 19:32:58 -07:00
Frank Denis
8fbbb98847 Be consistent, keep macros and related functions next to each other. 2013-10-05 14:11:57 -07:00
Frank Denis
5e4e3c9ecf Add an empty line. Yeah, that's a fantastic commit. 2013-10-05 14:08:03 -07:00
Frank Denis
8effa1ea88 Export scalarmult_curve25519 constants 2013-10-05 14:06:09 -07:00
Frank Denis
71489f447a Make MSVC parser not panic when it parses a long literal.
Just use the scientific notation instead.
Found by @sneves, thanks!
2013-10-04 14:48:33 -07:00
Frank Denis
32a8591985 Fix randombytes_salsa20_random.c for MSVC 2013-09-24 14:20:52 -07:00
Frank Denis
26d108d468 MSVC fixes for randombytes_sysrandom.c 2013-09-24 14:09:26 -07:00
Frank Denis
ad49d05a8b Match randombytes() prototype with declaration. 2013-09-24 14:06:26 -07:00
Frank Denis
18015e71e2 randombytes_stir() returns void 2013-09-24 14:05:34 -07:00
Frank Denis
02bb86d18b MSVC/portable-jane.h: don't redefine _CRT_SECURE_NO_WARNINGS 2013-09-24 13:42:23 -07:00
Frank Denis
8086d6f696 blake2: remove more declarations in for() for MSVC 2013-09-24 13:38:02 -07:00
Frank Denis
14809c12c4 MSVC doesn't like a definition in a for() loop. 2013-09-24 13:28:31 -07:00
Frank Denis
c43440f01c More fixes for big-endian architectures 2013-09-21 19:43:39 -07:00
Frank Denis
c19b0128e2 Add aes256-table-be.h to the Makefile 2013-09-21 18:56:24 -07:00
Frank Denis
29f81d167c aes256 table for big endian 2013-09-21 18:55:36 -07:00
Frank Denis
15f87c1c90 Reformat aes-table-le.h 2013-09-21 18:50:59 -07:00
Frank Denis
5dd623e96d Move endian-dependent aes256estream/aes-table.h bits to aes-table-le.h 2013-09-21 18:27:11 -07:00
Frank Denis
30e27fcd25 Make aes256estream implementation less LE dependant. BE Sbox coming up next. 2013-09-21 15:27:34 -07:00
Frank Denis
b03a2991b2 Add crypto_onetimeauth_poly1305_ref() wrapper. 2013-09-09 22:17:54 -07:00
Frank Denis
554ad5bb6c Remove ALIGN definition from portable-jane.h
A macro of the same name is already defined by OpenBSD's libc, and the
portable-jane.h one is not in use yet.
2013-09-08 13:55:54 -07:00
Frank Denis
493f71a98a Use autoconf to possibly define CPU_ALIGNED_ACCESS_REQUIRED 2013-09-08 10:39:27 -07:00
Frank Denis
2181c087e3 Define CPU type in aes256ctr.
That should be changed to an autoconf test.
2013-09-08 10:01:32 -07:00
Frank Denis
05d6defd77 Quick quirk to support unaligned input for aes256estream. 2013-09-07 16:40:51 -07:00
Frank Denis
82d97ce5fb aes256estream: don't assume that unaligned words can be read (for the input) 2013-09-07 16:13:16 -07:00
Frank Denis
69641010c9 Reindent aes256.h, remove commented code 2013-09-07 16:02:24 -07:00
Frank Denis
25c9a00868 Add explicit "const" when casting pointers. No binary changes.
By Massimo Cetra.
2013-09-07 15:39:03 -07:00
Frank Denis
df5a4f56c3 aes256-hongjun: move partial_precompute_tworounds() out of aes256.h 2013-09-07 15:26:46 -07:00
Frank Denis
ecff56742b Rename crypto_onetimeauth_poly1305_ref_implementation_name() prototype. 2013-09-07 15:21:37 -07:00
Massimo Cetra
4e35c3f327 fix compile warnings
When compiling with [-Wold-style-declaration] on GCC, this warning appears:

  warning: ‘inline’ is not at beginning of declaration

This is easily fixed moving the INLINE directive at the very beginning of the declaration
2013-09-07 00:15:36 +02:00
Frank Denis
6b3691be00 More CPUs supporting unaligned access 2013-08-07 16:49:45 -07:00
Frank Denis
4b6f1f5114 Don't assume that unaligned word access is ok, except on x86 & amd64. 2013-08-07 16:38:54 -07:00
Frank Denis
bcfed75ad4 Rename stream_salsa20_amd64_xmm6.s to stream_salsa20_amd64_xmm6.S 2013-08-07 14:53:15 -07:00
Manuel Rüger
1f4b11d5ab Add stackmarkings to stream_salsa20_amd64_xmm6.s
I'm trying to package libsodium for gentoo and received
 * !WX --- --- usr/lib64/libsodium.a:stream_salsa20_amd64_xmm6.o

According to http://www.gentoo.org/proj/en/hardened/gnu-stack.xml
this commit fixes it.
2013-08-04 04:42:56 +02:00
Frank Denis
879112786c Switch poly1305-ref to Floodyberry's poly1305-donna-unrolled. 2013-07-20 17:57:32 -07:00
Frank Denis
49f658c647 Fix C++ compat for utils.c 2013-07-12 21:46:27 -07:00
David Sheets
c7313f56a6 Add a crypto_sign_SEEDBYTES macro/getter and associated ed25519 macro/getter 2013-07-12 17:44:32 +01:00
Frank Denis
6ee74618d0 Use sodium_bin2hex() instead of duplicating the same code everywhere. 2013-07-07 23:46:42 -07:00
Frank Denis
1a3786705e Add a sodium_bin2hex utility function. 2013-07-07 23:38:14 -07:00
Frank Denis
34fe1205ac Mark clang false positives 2013-07-07 18:57:09 -07:00
Frank Denis
cdbbe47ed9 Remove dead assignments that the compiler optimizes out. 2013-07-07 14:27:31 -07:00
irungentoo
4c43660f68 libsodium now cross compiles correctly for Windows from Linux. 2013-07-03 14:41:47 -04:00
Frank Denis
d0e84777ab Add missing SODIUM_EXPORT in crypto_stream.h 2013-06-05 21:54:52 -07:00
Frank Denis
01ee32e3a3 Merge remote-tracking branch 'stouset/add-lookup-methods-for-all-constants'
* stouset/add-lookup-methods-for-all-constants:
  Add remaining functions for looking up constants
  Fix definition of crypto_box_curve25519xsalsa20poly1305_macbytes
  Add functions exposing constants for all operation/primitive pairs
2013-05-22 11:42:58 -07:00
Frank Denis
802369e9dd No need to call randombytes_sysrandom_stir_if_needed() twice. 2013-05-22 11:19:13 -07:00
Frank Denis
e68b08a4ff Call randombytes_salsa20_random_stir_if_needed() only when we don't have
anything in stock, and reduce the number of required getpid() calls.
2013-05-22 11:17:37 -07:00
Stephen Touset
98c02a21d6 Add remaining functions for looking up constants
The automated script that generated functions for looking up #define'd
constants didn't handle edge cases in these files, so these have been
added by hand. They're thus either more likely or less likely to
contain mistakes (depending on one's particular point of view).
2013-05-16 15:48:08 -07:00
Stephen Touset
2a0f3d040f Fix definition of crypto_box_curve25519xsalsa20poly1305_macbytes
This function definition was created by an automated script that
incorrectly handled a corner case.
2013-05-16 15:27:28 -07:00
Stephen Touset
8eea4a3f74 Add functions exposing constants for all operation/primitive pairs
Wrappers for other languages can't access constants defined by C
preprocessor macros, so they must be exposed as functions. This was
already done for the "default" implementation of each operation, but
this commit adds functions for (almost) all of the underlying
primitives.

A few are currently excluded due to problems with the automated script
used to generated this commit. They are:

  * crypto_onetimeauth_poly1305
  * crypto_generichash_blake2b
  * crypto_verify16
  * crypto_verify32
2013-05-16 13:17:18 -07:00
Frank Denis
81d604c70c Add crypto_generichash_keybytes() and crypto_generichash_bytes()
to provide a default key/output size.
2013-05-16 11:45:19 -07:00
Frank Denis
4d147466bc Bump generichash minimum key and output size to 128 bits.
People who know what they are doing and who need a truncated output or a
shorter key can still do it.
But we should keep the chance for users to shoot themselves in the foot down
to a minimum.
2013-05-16 11:25:33 -07:00
Frank Denis
9578af69d2 Use crypto_generichash_state for crypto_generichash_*() wrappers. 2013-05-15 21:21:39 -07:00
Jeroen Habraken
fcc7df0e54 Trivial cleanup of crypto_generichash.h 2013-05-15 22:29:21 -05:00
Frank Denis
a8d4c24e42 <stdlib.h> -> <stddef.h> for size_t 2013-05-15 19:57:07 -07:00
Frank Denis
6988a02e4f Remove trailing whitespaces 2013-05-13 17:00:56 -07:00
Frank Denis
ab2e1ab140 hmac/256 -> hmac512/256 in randombytes_salsa20_random_stir() to make code smaller. 2013-05-13 16:59:57 -07:00
Frank Denis
210de1570a Add --disable-asm option to disable assembly implementations.
Check that fesetenv() and fegetenv() are available. If they aren't, still
compile the floating-point implementation of poly1305, but never pick it
in sodium_init().

This helps libsodium compile and work on Emscripten and on environments with
an incomplete libc.
2013-04-28 09:44:23 -07:00
Frank Denis
013cca7087 Remove crypto_stream_salsa20.h for the distfiles. 2013-04-27 11:17:33 -07:00
Frank Denis
808d1807dc Add optimized salsa20 amd64 assembly implementation 2013-04-27 10:21:32 -07:00
Frank Denis
ffb1e24ef1 Make the crypto_stream_salsa20 implementation switchable at compile-time 2013-04-27 09:12:26 -07:00
Frank Denis
5b09876c95 DRY 2013-04-27 09:03:31 -07:00
Frank Denis
cfe3f24964 sizes are unsigned. 2013-04-27 04:41:34 -07:00
Frank Denis
9a35ba5bfd crypto_stream_(before|after)nm is not implemented for salsa20* stream ciphers
Adding this interface is trivial, but until it's done, remove references to it.
2013-04-27 04:34:53 -07:00
Frank Denis
e1a0faee7f Move force_inline to beginning of declarations. 2013-04-26 23:21:46 -07:00
Frank Denis
c9fe802b9b Remove/ignore unused vars, use unsigned long long to iterate over sizes 2013-04-26 23:16:30 -07:00
Frank Denis
a5e9dc8467 Don't doit() 2013-04-26 23:10:47 -07:00
Frank Denis
81be9738ef More int vs unsigned long long 2013-04-26 23:07:27 -07:00
Frank Denis
f3b7ad8817 Remove doit() from onetimeauth_poly1305_try.c - we're not benchmarking for now 2013-04-26 23:05:58 -07:00
Frank Denis
ef1273126e Try a simple verification in onetimeauth_poly1305_try 2013-04-26 23:03:38 -07:00
Frank Denis
c2b6529577 In crypto_hash() lengths are ULL, so dont loop using and int value 2013-04-26 23:00:51 -07:00
Frank Denis
6ec9828b9f Reindent 2013-04-26 22:19:24 -07:00
Frank Denis
0f68434d68 Visual C++ compat is neat, except when it breaks everything else. 2013-04-26 21:59:31 -07:00
Frank Denis
73f68e27ca Add missing return in crypto_stream_aes256estream_beforenm() 2013-04-26 21:55:10 -07:00
Frank Denis
1706d63d65 More Visual C++ compat 2013-04-26 21:48:05 -07:00
Frank Denis
7f7eaf76b0 Missing #include "randombytes.h" 2013-04-26 21:47:19 -07:00
Frank Denis
330fb494e1 More Visual C++ compat 2013-04-26 21:46:57 -07:00
Frank Denis
65a30e52d4 Make ECRYPT_ctx non-anonymous 2013-04-26 21:43:20 -07:00
Frank Denis
ad44ec5b15 Don't use C99isms on Visual C++. 2013-04-26 21:41:32 -07:00
Frank Denis
47bb35cb8b Make struct crypto_generichash_blake2b_state non-anonymous 2013-04-26 21:29:53 -07:00
Frank Denis
bd6fb7e03c style 2013-04-26 21:14:12 -07:00
Frank Denis
57a4552eb1 + aes256estream 2013-04-26 21:06:34 -07:00
Frank Denis
edc5faffd6 Add more information about thread safety until we provide a thread-safe API. 2013-04-26 17:27:55 -07:00
Frank Denis
1b87626e9f Move randombytes_stir() before returning sodium_init(). 2013-04-26 17:05:23 -07:00
Frank Denis
8de0ae0e73 Call randombytes_stir() in sodium_init(). 2013-04-26 17:03:50 -07:00
Frank Denis
076eb56e24 Set initialized=1 when everything has actually been initialized 2013-04-26 17:02:53 -07:00
Frank Denis
efb3d9919f randombytes_buf() returns void. 2013-04-26 16:55:01 -07:00
Frank Denis
1e7fccf806 Sort 2013-04-26 11:26:37 -07:00
Frank Denis
6df4c3a1f3 Explicitly include sodium/crypto_scalarmult_curve25519.h.in in dist files 2013-04-26 11:25:58 -07:00
Frank Denis
65e1b792dc Don't forget SODIUM_EXPORT in version.h.in 2013-04-25 21:43:31 -07:00
Frank Denis
f0d71f9df0 Check allocate() return code. 2013-04-25 15:54:25 -07:00
Jeroen Habraken
eeab6bd2ce The "__attribute__((always_inline))" attribute does not replace "inline", they need to be used togher. This fixes the "warning: always_inline function might not be inlinable [-Wattributes]" warnings emitted by GCC 4.7. 2013-04-24 13:58:35 -05:00
Frank Denis
18369c960f Don't forget exporting symbols from crypto_scalarmult_curve25519 2013-04-24 08:40:43 -07:00
Frank Denis
b381f42d17 Move blake2 own functions to the crypto_generichash_blake2b namespace 2013-04-24 08:10:15 -07:00
Frank Denis
30909a7dea Fix DISTCLEANFILES 2013-04-23 22:57:05 -07:00
Frank Denis
f41677ef2e Remove extra leading spaces 2013-04-23 22:54:14 -07:00
Frank Denis
655a9589b8 Output .DEF file on Win32 2013-04-23 21:24:35 -07:00
Frank Denis
60e8d3c6da No need to define crypto_hash_sha512 as a macro, it's a real function. 2013-04-23 20:38:39 -07:00
Frank Denis
0b4affc436 Add a big fat warning to crypto_stream* 2013-04-23 14:28:51 -07:00
Frank Denis
51fb0f4c64 Add sodium_memcmp() 2013-04-23 11:56:10 -07:00
Frank Denis
313e440209 crypto_verify compat 2013-04-23 11:34:56 -07:00
Frank Denis
6777368185 crypto_stream_xsalsa20 compat 2013-04-23 11:32:15 -07:00
Frank Denis
44ad99f7f6 crypto_sign_ed25519_ref compat 2013-04-23 08:31:57 -07:00
Frank Denis
5e0193b8a1 Export sodium_library_version_*() not sodium_version_*() as intended. 2013-04-23 04:55:42 -07:00
Frank Denis
03120406e3 crypto_hash compat 2013-04-22 22:49:53 -07:00
Frank Denis
db8e3dc472 crypto_box compat 2013-04-22 22:34:36 -07:00
Frank Denis
977c4e8c70 Add crypto_scalarmult compat 2013-04-22 22:26:48 -07:00
Frank Denis
393aa1a229 crypto_box_curve25519xsalsa20poly1305_ref compat 2013-04-22 22:15:19 -07:00
Frank Denis
cb7c294cb8 Start a compat layer 2013-04-22 22:03:16 -07:00
Frank Denis
1b0328610f Remaining changes to export primitives, not implementations. 2013-04-22 17:22:40 -07:00
Frank Denis
6e3e997faa Export the primitive themselves, not the implementations. 2013-04-22 17:18:19 -07:00
Frank Denis
e144f9d40d crypto_hash_sha(256|512) are the exported functions that have to be exported.
_ref are implementations, that shouldn't be exported.
2013-04-22 16:30:31 -07:00
Frank Denis
7356770dbe Another random() -> rand() 2013-04-22 13:13:31 -07:00
Frank Denis
c4f75c4896 random() doesn't exist on Win32. Just use rand() 2013-04-22 13:10:11 -07:00
Frank Denis
b50e6fb5e7 Don't protect api.h against double inclusion, it's useless.
Plus, we need to use dedicated macros for that.
2013-04-22 12:47:32 -07:00
Frank Denis
b146c5150a Improve Visual C++ compat. 2013-04-22 12:35:59 -07:00
Frank Denis
c21c7eb3f7 indent 2013-04-22 11:50:20 -07:00
Frank Denis
e11c852ab3 Fix bad typo in the crypto_box wrapper 2013-04-22 11:20:45 -07:00
Frank Denis
0f3f3f8b92 No more arithmetic needed 2013-04-21 17:32:10 -07:00
Frank Denis
019064e663 Use HAVE_TI_MODE for the macro and HAVE_TI_MODE_V for the substitution 2013-04-21 17:32:10 -07:00
Frank Denis
08e08c966b Wrap crypto_onetimeauth 2013-04-21 17:32:10 -07:00
Frank Denis
61c4f21c97 Add SODIUM_EXPORT to all functions that need to be visible. 2013-04-21 17:32:10 -07:00
Frank Denis
6db3177585 Include export.h everywhere. 2013-04-21 17:32:10 -07:00
Frank Denis
f44c1e477f And finally, wrap crypto_stream macros 2013-04-21 17:32:10 -07:00
Frank Denis
765cad9146 Wrap crypto_sign macros 2013-04-21 17:32:10 -07:00
Frank Denis
d689a92c17 Wrap crypto_shorthash macros 2013-04-21 17:32:10 -07:00
Frank Denis
6dd19c1665 Wrap crypto_secretbox macros 2013-04-21 17:32:10 -07:00
Frank Denis
4a9a9ffeb8 Wrap crypto_scalarmult macros. 2013-04-21 17:32:10 -07:00
Frank Denis
98da611f98 Explicitly include <stdlib.h> in crypto_generichash.h for size_t 2013-04-21 17:32:09 -07:00
Frank Denis
fa7ed1faad Add macros for crypto_hash block size 2013-04-21 17:32:09 -07:00
Frank Denis
7c67c81444 Add wrappers around crypto_generichash macros 2013-04-21 17:32:09 -07:00
Frank Denis
b52f513f90 Untab, remove trailing spaces and other no-ops. 2013-04-21 17:32:09 -07:00
Frank Denis
4d953b1d97 Add missing extern "C" 2013-04-21 17:32:09 -07:00
Frank Denis
b3a1d6b967 Add function wrappers around macros, for crypto_auth and crypto_box 2013-04-21 17:32:09 -07:00
Frank Denis
9459a4b5ff Change the generichash API to better match other NaCl APIs
i.e. give a size right after the pointer.
2013-04-21 17:32:09 -07:00
Frank Denis
5e748bbc8c Add a streaming interface to crypto_generichash 2013-04-21 17:32:09 -07:00
Frank Denis
76cb00d56f Add export.h to define SODIUM_EXPORT 2013-04-21 17:32:09 -07:00
Frank Denis
0426aa28da Welcome, Blake2 2013-04-21 17:32:08 -07:00
Frank Denis
ec38ca745d Wrap crypto_generichash() and add necessary macros.
The streaming API will be wrapped next.
2013-04-21 17:32:08 -07:00
Frank Denis
2bf7fb85bf Nits 2013-04-21 17:32:08 -07:00
Frank Denis
3f13a1e9d0 Turn crypto_verify macros to functions.
No wrappers since there isn't going to be alternative implementations anytime
soon.
2013-04-21 17:32:08 -07:00
Frank Denis
3ffdfd2b3d crypto_stream macros -> functions 2013-04-21 17:32:08 -07:00
Frank Denis
55d0b9f486 Shave some lines in crypto_sign_keypair(), reintroduce @bascule's original code 2013-04-21 17:32:08 -07:00
Frank Denis
5ca15fa3e8 Change some crypto_sign macros to functions. 2013-04-21 17:32:08 -07:00
Frank Denis
a821eae055 Reintroduce crypto_sign_seed_keypair 2013-04-21 17:32:08 -07:00
Frank Denis
83a3892209 Wrap crypto_shorthash 2013-04-21 17:32:08 -07:00
Frank Denis
c46e08585b Wrap crypto_secretbox 2013-04-21 17:32:08 -07:00
Frank Denis
fade3b640c crypto_scalarmult wrappers 2013-04-21 17:32:08 -07:00
Frank Denis
25c18b66e5 Make crypto_hash a real function. 2013-04-21 17:32:07 -07:00
Frank Denis
7d916fb0b1 Make crypto_box functions actual functions, not macros. 2013-04-21 17:32:07 -07:00
Frank Denis
1cbe55f9bd Sort filenames 2013-04-21 17:32:07 -07:00
Frank Denis
8a5165bf06 Start replacing macros with real functions. First candidate: crypto_auth 2013-04-21 17:32:07 -07:00
Frank Denis
1da604d27d Allow building in a separate directory 2013-04-21 17:32:07 -07:00
Frank Denis
2b2b9846a6 Only compile curve25519_ref or curve25519_donna_c64 2013-04-21 17:32:07 -07:00
Frank Denis
2916224650 Use curve25519_donna_c64 instead of curve25519_ref if supported. 2013-04-21 17:32:07 -07:00
Frank Denis
7139def69f HAVE_MODE_TI -> HAVE_TI_MODE 2013-04-21 17:32:07 -07:00
Frank Denis
9626bbeb44 (re)import curve25519_donna_c64 2013-04-21 17:32:07 -07:00
Frank Denis
1f596a0966 Add crypto_scalarmult.h 2013-04-21 17:32:07 -07:00
Frank Denis
ba13e40ad1 Update Makefile.am 2013-04-21 17:32:07 -07:00
Frank Denis
280ff25f52 Avoid duplicate crypto_verify.h 2013-04-21 17:32:07 -07:00
Frank Denis
b86a933ba5 Link aes128ctr 2013-04-21 17:32:06 -07:00
Frank Denis
7844b905d4 Avoid duplicate crypto_stream.h 2013-04-21 17:32:06 -07:00
Frank Denis
83842a73c8 Avoid duplicate crypto_sign.h 2013-04-21 17:32:06 -07:00
Frank Denis
8da4cb057c Avoid duplicate crypto_shorthash.h 2013-04-21 17:32:06 -07:00
Frank Denis
d6636dbc7a Avoid duplicate crypto_secretbox.h 2013-04-21 17:32:06 -07:00
Frank Denis
195df90524 Avoid duplicate crypto_scalarmult.h 2013-04-21 17:32:06 -07:00
Frank Denis
bb2af7396e Avoid duplicate crypto_hashblocks.h 2013-04-21 17:32:06 -07:00
Frank Denis
32c2d620a9 Import missing api.h files 2013-04-21 17:32:06 -07:00
Frank Denis
c1c3ecd80a Avoid duplicate crypto_hash.h 2013-04-21 17:32:06 -07:00
Frank Denis
34731d9717 Rename crypto_generichash.h 2013-04-21 17:32:06 -07:00
Frank Denis
24bd4137e9 Avoid duplicate crypto_core.h definitions 2013-04-21 17:32:06 -07:00
Frank Denis
03196c9550 Avoid duplicate crypto_box.h files 2013-04-21 17:32:05 -07:00
Frank Denis
1a86716acf Avoid duplicate crypto_auth.h 2013-04-21 17:32:05 -07:00
Frank Denis
54d96dd417 rename crypto_onetimeauth local defines. 2013-04-21 17:32:05 -07:00
Frank Denis
fc98102f2a sodium_reinit() and sodium_shutdown() are gone. 2013-04-21 17:32:05 -07:00
Frank Denis
05f45575bb sodium_init() is not thread-safe. Roll your own locks if you need that. 2013-04-21 17:32:05 -07:00
Frank Denis
48d4b5ab1e Rename curve25519 files so that we can introduce the donna_c64 version later. 2013-04-21 17:32:05 -07:00
Frank Denis
6f5f793195 Remove crypto_onetimeauth/poly1305/checksum 2013-04-21 17:32:05 -07:00
Frank Denis
e29d92347b Remove crypto_onetimeauth/try.c 2013-04-21 17:32:05 -07:00
Frank Denis
03b82780fd Import missing onetimeauth_poly1305_try.c 2013-04-21 17:32:05 -07:00
Frank Denis
3b57f77262 Pick the best working poly1305 implementation at runtime. 2013-04-21 17:32:05 -07:00
Frank Denis
aa6488dbe9 Include <stdint.h> when we need SIZE_MAX 2013-04-21 17:32:05 -07:00
Frank Denis
98a87d8ea7 Add _sodium_alignedcalloc() 2013-04-21 17:32:05 -07:00
Frank Denis
c3d9659fc6 80 columns whenever possible 2013-04-21 17:32:04 -07:00
Frank Denis
7e2ccbe5ed No more options 2013-04-21 17:32:04 -07:00
Frank Denis
47bc0aab79 sodium_init() doesn't take any options any more. 2013-04-21 17:32:04 -07:00
Frank Denis
8e7bb5d0ce Move sodium-specific files to a dedicated directory 2013-04-21 17:32:04 -07:00
Frank Denis
98a58ff3f9 Fix sodium_init() 2013-04-21 17:32:04 -07:00
Frank Denis
dd45e3824f Declare the sodium_options anon struct. 2013-04-21 17:32:04 -07:00
Frank Denis
b8bfcb7bd6 Link core.c 2013-04-21 17:32:04 -07:00
Frank Denis
363ff0bdc5 Import src/libsodium/include/sodium/crypto_onetimeauth_poly1305_53.h 2013-04-21 17:32:04 -07:00
Frank Denis
fe909c674f Link the floating point implementation of poly1305 2013-04-21 17:32:04 -07:00
Frank Denis
ca781f4837 Include core.[ch] 2013-04-21 17:32:04 -07:00
Frank Denis
02cea61336 Add sodium_init(), sodium_reinit() and sodium_shutdown() 2013-04-21 17:32:03 -07:00
Frank Denis
232702ca83 Include randombytes implementations in sodium.h 2013-04-21 17:32:03 -07:00
Frank Denis
9f1fd2a71d Turn implementation definitions to globals. 2013-04-21 17:32:03 -07:00
Frank Denis
7aa057dcd8 Make the randombytes interface consistent with crypto_onetimeauth 2013-04-21 17:32:03 -07:00
Frank Denis
5ba6aef1da Export randombytes implementation structs 2013-04-21 17:32:03 -07:00
Frank Denis
05eefa306e Export crypto_onetimeauth_poly1305_[ref_]implementation_name() 2013-04-21 17:32:03 -07:00
Frank Denis
ddb268c47c Export crypto_onetimeauth_poly1305_ref_implementation() 2013-04-21 17:32:03 -07:00
Frank Denis
ab23649de5 Shorten randombytes_implementation members. 2013-04-21 17:32:03 -07:00
Frank Denis
f3e0d9a140 Make the crypto_onetimeauth_poly1305() implementation switchable at runtime 2013-04-21 17:32:03 -07:00
Frank Denis
96db80f17f Move randombytes implementations to their own directory for consistency. 2013-04-21 17:32:03 -07:00
Frank Denis
707dcb0c44 Check if we need -lm for fe[gs]etenv() 2013-04-21 17:32:03 -07:00
Frank Denis
b64beede1d Enforce round-to-nearest. 2013-04-21 17:32:03 -07:00
Frank Denis
b282b45dc7 Use standard C99 types 2013-04-21 17:32:02 -07:00
Frank Denis
a74cfe4112 Import poly1305_53 2013-04-21 17:31:54 -07:00
Frank Denis
e53e0895e7 Remove *_implementation_ macros.
They are identical for all implementations of a given primitive and
it's bound to always be the case.
We will eventually pick suitable implementations at run-time, so
these won't make any sense.
Remove implementation names/versions macros as well.
These should be functions, not macros.
2013-04-16 10:59:40 +02:00
Frank Denis
b33dba4fd7 ge25519_base.data is not required any more 2013-04-09 18:36:31 +02:00
Frank Denis
9833dfeac8 Don't forget to include crypto_shorthash headers in sodium.h 2013-04-04 14:21:20 -07:00
Frank Denis
d50249c927 Use stdbool macros instead of _Bool
Just to cope with that Visual Studio thing that still doesn't support C99.
I hate that because some libraries can redefine "bool" in an incompatible way.
It's okay. Until we have that in an exported prototype.
2013-03-31 15:28:15 -07:00
Frank Denis
e59ed29ee8 Export the shared library version, not just the package version. 2013-03-31 15:22:43 -07:00
Frank Denis
5f3104cf5f Turn COMPILER_ASSERT() to assert() in generichash_blake2b.c
Thanks to @sneves
2013-03-31 14:56:27 -07:00
Frank Denis
077e89b6b5 Types definitions in randombytes.h require stdint.h, not inttypes.h 2013-03-31 14:51:06 -07:00
Frank Denis
b88d92d69d Replace the ed25519 ref implementation with ref10 from supercop 2013-03-25 11:47:15 -07:00
Frank Denis
a8ba78e527 Accept a null keylen for blake2 2013-03-19 00:35:53 -07:00
Frank Denis
34f2982754 Use sodium_memzero() for secure_zero_memory() in Blake2 2013-03-19 00:16:09 -07:00
Frank Denis
aa422c7493 Import Blake2 - WIP 2013-03-19 00:13:25 -07:00
Frank Denis
8f83466c87 Don't include <string> when parsing headers as C++ code. 2013-03-18 23:29:58 -07:00
Frank Denis
2f30b21a5c Remove api.h, we don't use it any more 2013-03-18 23:01:25 -07:00
Frank Denis
8b728c9034 Export sodium_memzero() as this will be required for Blake2, too. 2013-03-18 21:45:05 -07:00
Frank Denis
bc05a0f3d8 Remove sha512 inplace implementation 2013-03-18 21:05:24 -07:00
Frank Denis
f5f72f0165 Remove CurveCP 2013-03-16 19:59:25 -07:00
Frank Denis
9e7c960a02 const on return type is useless. Bump lib version by the way. 2013-03-11 22:46:17 -07:00
Frank Denis
c0475cc1e2 Remove donna_c64 implementation until we actually link it on 64-bit platforms 2013-03-11 15:15:10 -07:00
Frank Denis
12c4bee782 Remove unused implementations. 2013-03-11 15:14:52 -07:00
Frank Denis
f62f5ceb04 1L << 51 is an undefined behavior. Use 1 as a int64_t value. 2013-03-11 13:28:03 -07:00
Frank Denis
00b454d1f1 Revert "crypto_scalarmult_raw()"
This reverts commit 08a11d1a05.
2013-03-03 14:03:54 -08:00
Frank Denis
37a1358b81 glibc needs -lrt to get clock_gettime()
Reported by csosstudy
2013-02-28 19:13:07 -08:00
Frank Denis
df814f98b4 Don't forget the prototype for crypto_sign_seed_keypair()
Spotted by @dstufft
2013-02-23 02:51:19 -08:00
Tony Arcieri
08a11d1a05 crypto_scalarmult_raw()
This provides a more direct interface to the crypto_scalarmult function.
By default, this function includes some bit-twiddling, which, to the
best of my understanding, ensures the integer provided as the left
operand of the multiplication operation fits within a specific limit.
(I believe this limit is the order of NaCl's standard group element,
but am not entirely certain). This change allows a user to pass in
an integer which is not subject to this bit-twiddling and can be passed
in wholesale.

The reason NaCl provides this API is to intentionally make it
easy-to-use for the purposes of computing public keys from private keys
or for performing Diffie-Hellman. The API it provides now makes it
quite difficult to do anything wrong yet still get a correct answer.

If we split this function in half, however, we can expose some
power-user functionality. Specifically I need this to implement
semiprivate keys:

https://gist.github.com/tarcieri/4760215

I've been double checking my implementation against a similar version in
SAGE for the past week or so trying to figure out what's wrong, and
today it was pointed out to me that NaCl's scalar multiplication
function automatically performs bit-twiddling for you.

I would love to continue to experiment with semiprivate keys on top of
NaCl. I have no serious intentions of actually using them as part of a
cryptosystem until there's some sort of proof of their security, or at
the very least, some reasonably educated guesses as to its security
properties.

That said, I would love to have this API. If there's worries about
exposing power-user APIs like this, perhaps we can be a bit more
"shouty" in the API name?

crypto_scalarmult_dangerously_direct_access() ? ;)
2013-02-21 20:59:57 -08:00
Frank Denis
0926fc974d Some systems lack flock() 2013-02-18 15:51:21 -08:00
Frank Denis
329ec43e02 Include CurveCP's README 2013-02-18 15:40:41 -08:00
Frank Denis
f5af42f48d CurveCP is optional 2013-02-18 15:28:43 -08:00
Frank Denis
926803f996 Move curvecp, split libcurvecp to its own dir 2013-02-18 15:14:55 -08:00
Frank Denis
60d788a444 Compile curvecp. This will be optional and disabled by default as it is
not exactly portable.
2013-02-18 13:56:29 -08:00
Frank Denis
6774b47cd4 Reintroduce shorthash, this time with the key... 2013-02-13 21:14:29 +08:00
Frank Denis
e5e2150919 Revert "Add crypto_shorthash() for non collision-resistant hash functions"
This reverts commit c8fe5c4afb.

Conflicts:
	.gitignore
	test/Makefile.am
	test/default/shorthash.c
	test/default/shorthash.exp
2013-02-13 20:33:17 +08:00
Frank Denis
c8fe5c4afb Add crypto_shorthash() for non collision-resistant hash functions
Currently using siphash-2-4
2013-02-09 03:51:20 +08:00
Frank Denis
eb96dcb0f7 Skip library version info on Windows 2013-02-04 22:52:51 -08:00
Frank Denis
2abcfa283a BUmp version to 0.3 2013-02-04 22:28:17 -08:00
Frank Denis
6d3afb32de Build the library as a module on Windows 2013-02-04 17:16:46 -08:00
Frank Denis
49461b5e66 Pass -no-undefined to libtool so that a native DLL can be built on Windows 2013-02-04 16:31:02 -08:00
Frank Denis
85ba9d3ff5 Add crypto_box_MACBYTES 2013-02-04 14:51:04 -08:00
Frank Denis
ca02a49b25 Bump minor 2013-01-28 21:46:51 -08:00
Tony Arcieri
c046fe8ccc Rename crypto_sign_publickey to crypto_sign_seed_keypair
The crypto_sign_seed_keypair function is analagous to
crypto_sign_keypair, except it generates a keypair for a seed instead of
a random keypair.

I think this name makes more sense than crypto_sign_publickey.
2013-01-28 21:31:25 -08:00
Tony Arcieri
53d3b5969e Add crypto_sign_publickey() API
This adds a new API crypto_sign_publickey, which works similarly to the
existing crypto_sign_keypair() API, but supports a 32-byte
user-specified seed value (k).

This API is necessary for implementing Ed25519 test vectors, for
example, since we need to pass in a known seed to ensure we're
computing the public key correctly.

The name and implementation are largely borrowed from Brian Warner's
python-ed25519 library. See:

d42d4b7049/src/ed25519.c (L21)

That said, perhaps a different name would be more descriptive, since it
still returns a keypair, not just the public key? Or perhaps that's
needless bikeshedding since this name is already in use.
2013-01-26 13:12:10 -08:00
Frank Denis
0ca9901e14 <poll.h> is not needed any more 2013-01-21 20:45:39 -08:00
Frank Denis
0d48d2a10b Of course (...) in CryptGenRandom() the size comes before the buffer. 2013-01-21 19:45:58 -08:00
Frank Denis
4668611533 <sys/timeb.h> is required for Windows 2013-01-21 19:30:39 -08:00
Frank Denis
7ba8af5936 Check for SecureZeroMemory at compile time. 2013-01-21 19:18:15 -08:00
Frank Denis
0aaa42ed69 libsodium-randombytes is gone, remove it from all Makefiles 2013-01-21 18:43:11 -08:00
Frank Denis
dff36063a6 randombytes/randombytes_sysrandom.h moved to includes/sodium 2013-01-21 18:11:19 -08:00
Douglas Campos
fdbaa9a9ea add AUTHORS file from designers/implementors files 2013-01-21 23:25:51 -02:00
Frank Denis
40d6182ecd Indentation wankery 2013-01-21 14:44:22 -08:00
Frank Denis
68822dab0a COMPILER_ASSERT is not needed for randombytes_sysrandom 2013-01-21 14:39:22 -08:00
Frank Denis
3505db86a5 Add randombytes_sysrandom and use that as the default randombytes impl. 2013-01-21 14:36:26 -08:00
Frank Denis
3bb7e4b1b7 Rename salsa20_random.c to randombytes_salsa20_random.c for consistency 2013-01-21 13:58:18 -08:00
Frank Denis
8a54e2efa8 Implement randombytes_set_implementation() 2013-01-21 13:52:37 -08:00
Frank Denis
5788f3d6a8 Add randombytes wrappers.
These are real wrappers, not globals or macros, in order to make it easier
to use them in different programming languages.
2013-01-21 13:50:00 -08:00
Frank Denis
3444a46f35 Prepare for pluggable randombytes*() implementations. 2013-01-21 13:28:27 -08:00
Frank Denis
4c6e162c52 Remove libsodium-randombytes. 2013-01-21 12:46:40 -08:00
Frank Denis
137ae007ae Export randombytes helpers 2013-01-21 12:35:58 -08:00
Frank Denis
dde2e8086c Use salsa20_random() for randombytes, install libsodium-randombytes DLL. 2013-01-21 12:23:57 -08:00
Frank Denis
87af79c629 Don't include randombyte - move it to a different library. 2013-01-21 11:32:34 -08:00
Frank Denis
b4e28221e8 Add library version 2013-01-20 17:51:57 -08:00
Frank Denis
61775cc84d Add missing dependencies 2013-01-20 17:23:37 -08:00
Frank Denis
d4a5db2459 Remove benchmark progs for now, they will be reintroduced later. 2013-01-20 17:05:24 -08:00
Frank Denis
9bb13efa5a Don't forget to install version.h 2013-01-20 16:21:37 -08:00
Frank Denis
83961aae3b How about just #include <sodium.h> to include everything you need? 2013-01-20 16:18:36 -08:00
Frank Denis
4825914aa8 Give C++ some love 2013-01-20 16:13:09 -08:00
Frank Denis
cfd84663b9 A library should expose its version 2013-01-20 16:04:43 -08:00
Frank Denis
40567fe583 Use $(top_srcdir) to reference the path to headers 2013-01-20 13:29:54 -08:00
Frank Denis
221da81226 Switch crypto_sign* to ed25519
Ok qmx@
2013-01-20 12:09:00 -08:00
Frank Denis
ed943d58f3 Link ed25519 2013-01-20 11:58:20 -08:00
Frank Denis
972984880e Fix double definition of ge25519_base in ed25519 2013-01-20 11:57:39 -08:00
Douglas Campos
ee16bc6e6c rename libnacl-ref -> libsodium 2013-01-20 17:23:32 -02:00
Frank Denis
8b3ac469f1 Install headers with high-level macros 2013-01-20 00:32:51 -08:00
Frank Denis
f266b4cbd4 Keep library version, it's not a plugin 2013-01-20 00:25:18 -08:00
Frank Denis
11bc2610ae edwards25519sha512batch requires api.h
(but it will be replaced by ed25519 anyways)
2013-01-20 00:09:22 -08:00
Frank Denis
5a9209a4a8 Remove old dependencies 2013-01-20 00:01:29 -08:00
Frank Denis
33f97cbb3b Replace the build system 2013-01-19 23:51:05 -08:00
Frank Denis
b801c07db2 One more Makefile.in 2013-01-19 18:10:29 -08:00
Frank Denis
9cd4c769a7 Add libnacl/Makefile.in 2013-01-19 18:08:06 -08:00
Frank Denis
9177909d03 Remove C++ wrappers 2013-01-19 16:45:10 -08:00
Frank Denis
b7075c1d9f Drop PROTOTYPES.cpp, we don't build C++ wrappers. 2013-01-19 16:36:18 -08:00
Frank Denis
95b9c37cc5 Import libnacl from dnscrypt-proxy 2013-01-19 16:02:02 -08:00