1
mirror of https://github.com/jedisct1/libsodium.git synced 2024-12-20 10:37:24 -07:00
Commit Graph

623 Commits

Author SHA1 Message Date
Frank Denis
2a562f8986 Proper overlapping check; memmove() was called when it was superfluous. 2015-01-15 00:44:28 +01:00
Frank Denis
f0b76de13e chacha20: counting the remaining bytes in a block doesn't require ULL 2015-01-13 20:43:27 +01:00
Frank Denis
f580fcfa92 Sync reduced rounds versions of salsa20 with supercop 2015-01-13 19:36:50 +01:00
Frank Denis
0fef202b37 Wipe the last salsa20 block in the reduced rounds versions 2015-01-13 19:18:50 +01:00
Frank Denis
ab4171e37f Error checking 2015-01-13 16:26:58 +01:00
Frank Denis
8ba7fbd062 Mention that sodium_alloc() can be used with sodium data structures
And explain how to deal with crypto_generichash_state
2015-01-13 11:04:39 +01:00
Frank Denis
2d380c97f3 Move prototypes of functions requiring padding together 2015-01-06 18:28:07 +01:00
Frank Denis
aaf5fbf2e5 + precomputed interface for crypto_box() 2015-01-06 17:52:42 +01:00
Frank Denis
fab8a0b55f Indentation 2015-01-06 17:22:12 +01:00
Frank Denis
49f87845b7 Missing #include for sodium_memzero() 2015-01-04 20:02:03 +01:00
Frank Denis
16f32cf1a5 Wipe the shared key in crypto_box() and crypto_secretbox()
The _easy and _detached interfaces already did this.
2015-01-04 18:29:17 +01:00
Frank Denis
26f87e266e Let sodium_malloc() and friends work on systems without protected memory.
On these systems, they become simple aliases for malloc() and friends.

Canaries could be added, but adding too much bloat for these rare systems
is probably not worth it, and malloc debuggers are better tools to use.
2014-12-29 23:23:33 +01:00
Frank Denis
cae09d458a Let crypto_sign_open() accept NULL for the message length pointer
Ditto for edwards25519sha512batch for consistency
Add a _p suffix to lengths that are actually pointers for clarity
2014-12-28 21:34:59 +01:00
Frank Denis
4cd1d03a28 Use relative paths in sodium.h
This make it easier to use sodium when bundled with another project.
2014-12-27 09:15:02 +01:00
Frank Denis
d5ad99fed6 Retry if open(2) is interrupted; set the CLOEXEC flag as well.
Also retry if read(2) returns EAGAIN. This shouldn't happen in blocking mode,
but it can't hurt either.
2014-12-25 12:30:14 +01:00
Frank Denis
e7a84c9e84 We always need to allocate aligned memory 2014-12-12 08:52:05 -08:00
Frank Denis
9b27460618 We always need a page size 2014-12-12 08:51:47 -08:00
Frank Denis
b1cac74b00 We can still directly call _mprotect_readwrite() instead of the high-level function. 2014-12-07 14:59:32 -08:00
Frank Denis
5e364632e0 Make sodium_free() callable even if protection is PROT_NONE.
Reported by @stouset, thanks!
2014-12-07 14:52:44 -08:00
Frank Denis
e5024c368f Remove obsolete, undocumented compatibility layer with Sodium 0.5 2014-11-30 19:57:41 -08:00
Frank Denis
da2c9952db Check if mmap(2) works, not just the presence of MAP_ANON
In particular, mmap(2) doesn't return an aligner pointer on Emscripten.
2014-11-24 10:22:50 -08:00
Frank Denis
60610da39d Zero the subkey in {stream,xor}_xsalsa20
Spotted by Michael Rogers.
2014-11-23 23:42:07 -08:00
Frank Denis
d0eab9323f Don't assume that madvise() is available even if related macros are defined. 2014-11-22 13:32:54 -08:00
Frank Denis
28a07bf0c9 Add explicit size_t conversions. 2014-11-20 13:31:13 -08:00
Frank Denis
a31a353f0e curve25519-donna-c64: use limb instead of uint64_t everywhere for consistency 2014-11-20 11:46:25 -08:00
Frank Denis
ae13df74e1 curve25519-donna-c64: replace U8TO64/U64TO8 with load_limb/store_limb
To match the current @agl code.
2014-11-20 11:43:53 -08:00
Frank Denis
d3e716aa49 curve25519-donna-c64: don't read an extra byte when expanding a 32-byte number into polynomial form
Reported by Michael Holmwood.
2014-11-20 11:22:24 -08:00
Frank Denis
63ee1abf82 Explicit int32 -> int64 conversions 2014-10-29 08:37:21 -07:00
Frank Denis
caeeefbcf4 Credit CodesInChaos 2014-10-19 19:26:15 -07:00
Andre Caron
a7a04d7af5 Changes DLL_EXPORT to SODIUM_DLL_EXPORT.
This macro conflicts with other projects.  This results in the inability to
build one DLL that depends on libsodium if the other DLL also uses the
DLL_EXPORT macro to control visibility of library symbols.  Since the choice of
name for this macro is arbitrary, use of a library prefix is preferred.
2014-10-13 15:18:09 -04:00
Frank Denis
9e64361e66 Make sodium_bin2hex() slightly faster 2014-10-07 21:15:46 -07:00
Frank Denis
814df1e60d Constant-time sodium_bin2hex()
Original C# code by CodesInChaos.
2014-10-07 20:50:26 -07:00
Frank Denis
5c3c132e47 Make include guards consistent, and avoid reserved identifiers. 2014-10-06 14:14:49 -07:00
Frank Denis
cb07df046f Remove S<l check.
Plan is to add is_standard()/is_canonical() instead of changing the current behavior
of the verification function. Suggested by CodesInChaos.
2014-10-06 12:21:40 -07:00
Frank Denis
15889c2e64 Remove dead variable and assignment 2014-10-05 01:28:00 -07:00
Frank Denis
e04f1b6854 Avoid a conditional jump 2014-10-04 23:36:53 -07:00
Frank Denis
d34743241e Add a test for ed25519 malleability and restore traditional behavior.
If an application really requires non-malleability, ED25519_PREVENT_MALLEABILITY
can be defined to enable the check.

This might become the default behavior depending on what other implementations
are planning to do.
2014-10-04 23:25:01 -07:00
Frank Denis
9f6d37d9c6 Support overlapping input and output regions in crypto_secretbox_detached()
crypto_stream_salsa20() doesn't support overlapping input and output regions,
except when they are aliases.
2014-10-04 22:08:09 -07:00
Frank Denis
4099618de2 ed25519_open(): check that S < l
Not strictly required, but I don't see any downsides either.
2014-10-04 22:07:58 -07:00
Frank Denis
727f3993a1 lcov exclusion 2014-09-23 21:22:44 -07:00
Frank Denis
f71c1c0e17 lcov exclusion 2014-09-23 21:19:49 -07:00
Frank Denis
41db958e83 lcov exclusion 2014-09-23 14:54:10 -07:00
Frank Denis
0cb0578ede lcov exclusion 2014-09-23 14:03:28 -07:00
Frank Denis
0c73253249 lcov exclusions 2014-09-23 13:45:11 -07:00
Frank Denis
dcbc538cd9 lcov exclusions 2014-09-23 13:31:42 -07:00
Frank Denis
99734cf8b4 lcov exclusions 2014-09-23 13:22:24 -07:00
Frank Denis
c775f87260 escrypt_gensalt_r() cannot fail 2014-09-23 13:20:39 -07:00
Frank Denis
116cdf32f1 pickparams() and escrypt_init_local() cannot fail 2014-09-23 13:08:25 -07:00
Frank Denis
a858a1971e lcov exclusion
Testing for this case rather belongs to the sodium-validation project.
2014-09-23 12:39:15 -07:00
Frank Denis
5fc704cbf0 lcov exclusions 2014-09-23 12:18:24 -07:00