1
mirror of https://github.com/jedisct1/libsodium.git synced 2024-12-20 02:25:14 -07:00
Commit Graph

2991 Commits

Author SHA1 Message Date
Frank Denis
a3f90d6020 Indent 2017-07-29 21:49:20 +02:00
Frank Denis
63d8a896fe Test KX with a weak PK 2017-07-29 21:46:14 +02:00
Frank Denis
7ad9a46cb7 More tests 2017-07-29 21:43:18 +02:00
Frank Denis
a9a21a7dff Test Ed->X conversion with x not being a square root 2017-07-29 21:36:02 +02:00
Frank Denis
982cde1a77 Test crypto_box_open_detached() with a weak PK 2017-07-29 21:34:28 +02:00
Frank Denis
52bfc0325b Initialize the base&aligned addresses in argon2's allocate_memory
Also memzero() pseudo_rands, not the segments twice.
2017-07-29 18:54:52 +02:00
Frank Denis
fc90887921 Add missing include "core.h" 2017-07-29 18:42:39 +02:00
Frank Denis
c15173de1e Turn a few calls with an insane message length into a sodium_misuse() 2017-07-29 18:37:55 +02:00
Frank Denis
f28fe0ae29 Cap argon2*_BYTES_MAX to SODIUM_SIZE_MAX 2017-07-29 18:05:08 +02:00
Frank Denis
bac61ebf50 BYTES_MAX -> MESSAGEBYTES_MAX 2017-07-29 17:58:18 +02:00
Frank Denis
16179b87f3 Introduce *_BYTES_MAX constants
*_BYTES_MAX constants constants represent the maximum size of
a message.

No accessor functions for now. They will be renamed, as the
*_BYTES_MAX suffix was previously also used for the maximum output
size of stream ciphers.

These macros are designed to be used by language bindings, so they
can perform some sanity checks before calling the sodium API.
2017-07-29 17:39:31 +02:00
Frank Denis
568adb570d Trim crypto_pwhash_scryptsalsa208sha256_BYTES_MAX down to ~127 GB 2017-07-29 15:02:51 +02:00
Frank Denis
3525f032df Inline 2017-07-28 18:51:04 +02:00
Frank Denis
3ee2151f1d memzero(): with weak symbols, just call memset() 2017-07-28 18:26:36 +02:00
Frank Denis
105f7108d6 Argon2: wipe all blocks if the ARGON2_FLAG_CLEAR_MEMORY flag is set
Not ARGON2_FLAG_CLEAR_PASSWORD
2017-07-28 18:22:51 +02:00
Frank Denis
dc2c68067b C++ compat 2017-07-28 18:08:10 +02:00
Frank Denis
fb739acd7b fill_memory_blocks() cannot possibly fail 2017-07-28 18:07:45 +02:00
Frank Denis
c3908f87d6 Argon2: deallocate memory if fill_memory_blocks() ever fails
Also perform a single allocation to store random numbers.
2017-07-28 17:58:16 +02:00
Frank Denis
8d91a32754 Add more tests for crypto_sign_ed25519_pk_to_curve25519() 2017-07-24 23:56:56 +02:00
Frank Denis
214fe473f1 Add an invalid key to the signature tests 2017-07-24 23:40:14 +02:00
Frank Denis
e1b0448205 Test crypto_secretbox_open_detached() with a NULL message pointer 2017-07-24 23:17:55 +02:00
Frank Denis
c90ddae75e Use the right state type for the auth256 test 2017-07-24 23:04:23 +02:00
Frank Denis
51a0b96f1d Test crypto_hmac_sha256_update() with empty chunks 2017-07-24 22:25:33 +02:00
Frank Denis
2a2ed3df3a Volatilify the accumulator, at least for consistency with sodium_is_zero() 2017-07-24 22:20:51 +02:00
Frank Denis
cd51ff29e9 Coverage exclusions 2017-07-24 22:19:50 +02:00
Frank Denis
33d6908f9b Test crypto_auth_hmacsha256_*() 2017-07-24 22:08:07 +02:00
Frank Denis
f92c82537b More tests 2017-07-24 15:16:22 +02:00
Frank Denis
67a7df73b1 Add all the Visual Studio files in the tarball
This is gonna make a big tarball!

Fixes #569
2017-07-24 14:27:33 +02:00
Frank Denis
56efb47ab7 .13 -> .14 2017-07-24 14:13:18 +02:00
Frank Denis
334738cf29 Add resource.rc to the Visual Studio filters files 2017-07-24 14:06:21 +02:00
Frank Denis
47796a5b89 Indent 2017-07-23 20:17:53 +02:00
Frank Denis
d7ecf04d68 Comment randombytes_uniform() 2017-07-23 19:44:22 +02:00
Frank Denis
eaab512788 Add specialized ge_mul_l() to multiply by the order of the main subgroup 2017-07-23 13:50:10 +02:00
Frank Denis
6de26b59d7 ed25519_pk_to_curve25519: check that the input is in the right subgroup 2017-07-23 13:25:02 +02:00
Frank Denis
571915ea2c ed25519: un-static the check for low-order points 2017-07-23 13:15:50 +02:00
Frank Denis
b57f9668fc More tests 2017-07-21 16:52:01 +02:00
Frank Denis
cc51916072 Tag sodium_runtime_has_*() symbols as weak 2017-07-19 12:30:40 +02:00
Frank Denis
8b9b6a54be Remove error string from sodium_misuse()
Returning the name of an internal function to bindings is useless.

They need way more context to recover from these errors, and
their own backtrace will be way more useful for diagnostics.
2017-07-19 00:57:19 +02:00
Frank Denis
9361070f96 Merge branch 'master' of github.com:jedisct1/libsodium
* 'master' of github.com:jedisct1/libsodium:
  Tweak emscripten-wasm.sh
  Clear the BLAKE2B state only once, on finalization
  memzero() the state if we call generichash_final() twice
2017-07-19 00:20:53 +02:00
Frank Denis
63cbad7506 Visual Studio doesn't like abort() chains
Let's limit this test to systems this has been tested on for the
time being.
2017-07-19 00:20:06 +02:00
Frank Denis
21fd252ac2 Tweak emscripten-wasm.sh 2017-07-18 22:08:15 +02:00
Frank Denis
97486f7d45 Clear the BLAKE2B state only once, on finalization
No need to clear everything, and no need to clear again
if _final() is called more than once.
2017-07-18 20:16:47 +02:00
Frank Denis
1090fcfd4d memzero() the state if we call generichash_final() twice 2017-07-18 19:19:04 +02:00
Frank Denis
6768d82ea2 Add missing return value in set_misuse_handler() 2017-07-18 03:49:58 +02:00
Frank Denis
9df008a786 Add some invalid base64 strings to pwhash_str_verify() tests 2017-07-17 23:26:36 +02:00
Frank Denis
5d56821d3d More tests, and start testing misuse cases 2017-07-17 23:09:44 +02:00
Frank Denis
0238cbcf68 Bump NuGet package 2017-07-17 22:38:04 +02:00
Frank Denis
0e8d7c9268 Implement sodium_set_misuse_handler() 2017-07-17 01:00:00 +02:00
Frank Denis
9def4d9a8a Add tests for crypto_kx_*() when a single key is required 2017-07-17 00:36:55 +02:00
Frank Denis
8a70f258fd No more abort() calls! 2017-07-16 23:11:36 +02:00