Frank Denis
ae82b44b70
ghash: move addmul operation into inline functions
2022-11-14 22:07:02 +01:00
Frank Denis
8489b4d124
__vectorcall didn't exist prior to Visual Studio 2012
2022-11-14 13:12:15 +01:00
Frank Denis
ad3241a0da
Add __vectorcall to please MSVC
2022-11-14 12:51:11 +01:00
Frank Denis
479c370bc1
Require zig cc or clang for the amazing __builtin_shufflevector()
2022-11-13 23:53:28 +01:00
Frank Denis
b677924b2e
Use enum instead of integers for C++ compat
2022-11-13 22:36:54 +01:00
Frank Denis
495a16cbe0
MSVC cannot compile AES-GCM for now
2022-11-13 21:26:04 +01:00
Frank Denis
379cd8303b
Avoid C99isms
2022-11-13 21:23:19 +01:00
Frank Denis
ae8f462ad3
Avoid gcc extensions in aead_aes256gcm_aesni
2022-11-13 21:18:03 +01:00
Frank Denis
36d0196a4a
Don't try ARM Crypto implementations on big-endian yet
2022-11-13 20:56:21 +01:00
Frank Denis
f3cf71edd7
Add AES256-GCM support for ARM crypto
2022-11-13 20:23:15 +01:00
Frank Denis
45a0cef2fc
AES-NI can be available on i386
2022-11-13 19:40:39 +01:00
Frank Denis
73d039d8ca
Remove unused macro
2022-11-13 18:46:22 +01:00
Frank Denis
9b623852bd
Rewrite the AES256-GCM implementation
...
Faster, way more readable, easier to port to other architectures.
2022-11-13 18:42:38 +01:00
Frank Denis
a972fe6498
Indent
2022-10-21 17:54:39 +02:00
Frank Denis
992168c50f
Win32: SecureZeroMemory may not be available
2022-10-20 14:42:55 +02:00
Frank Denis
b4c5d37fb5
scalarmult(): don't use the output as a temporary buffer
...
So that application can use the same pointer for the public key
and the shared secret.
2022-10-11 14:02:29 +02:00
Steve Thomas
0a6178f203
Clear decrypted block from stack ( #1190 )
2022-06-18 20:32:35 +02:00
Frank Denis
4bffcc63b1
sodium_compare(): cast operands to unsigned int
...
This matches the Zig implementation and
fixes #1184
2022-06-05 14:28:54 +02:00
Frank Denis
0124c4cddb
Indent
2022-05-11 18:13:08 +02:00
Frank Denis
f425d4d96f
Simplify blkxor()
2022-05-11 18:02:10 +02:00
Frank Denis
75bde19055
Revert "Add the shifumi128 ZKP system"
...
This reverts commit 6efe9ee2b5
.
2022-04-02 09:32:22 +02:00
Frank Denis
6efe9ee2b5
Add the shifumi128 ZKP system
2022-03-31 20:04:51 +02:00
Frank Denis
69d15f1123
Support gcc-like and C11-like memory fences
2022-03-07 16:47:43 +01:00
Frank Denis
d4ee08ab8a
Add memory fences where supported
2022-03-07 16:38:37 +01:00
Frank Denis
fbe2c92f0d
AEGIS: rename constants to match the draft
2022-01-04 16:06:44 +01:00
Frank Denis
447cd270d9
edwards25519: faster recovery of the X coordinate
2021-12-27 15:16:56 +01:00
Frank Denis
089f850608
Remove expected length from the pwhash_str_verify()/needs_rehash()
2021-11-11 14:15:24 +01:00
Frank Denis
b65f8fdf4f
Remove unused variables
2021-11-08 22:00:33 +01:00
Frank Denis
7052e4733f
H2C: Y should be negative is gx1 is a square
...
Fixes #1119
2021-11-08 14:31:14 +01:00
Jørgen P. Tjernø
64129657a5
Portability improvements ( #1105 )
...
* Move `raise` code to be behind an autoconf check
This moves the call to `raise` behind a `HAVE_RAISE` autoconf check,
in addition to `__wasm__`. This is intended to help porting to
other platforms that don't support `raise` (e.g. modern game consoles).
* Add autoconf check for `sysconf`
Only try to invoke `sysconf` if the target platform supports it, and
don't warn about unknown page size if `PAGE_SIZE` was defined. Add an
include for `sys/param.h` to increase likelihood of finding `PAGE_SIZE`.
This is intended to help porting to other platforms that don't support
`sysconf` (e.g. modern game consoles) that have a fixed hardware page
size.
* Don't try to use raise & sysconf in a WASI environment
Co-authored-by: Frank Denis <124872+jedisct1@users.noreply.github.com>
2021-09-16 20:01:24 +02:00
Frank Denis
038e4114e9
fe25519_reduce64: handle the top bit
...
This is only for code clarity and for people copy/pasting that
private code to use it in a different context.
The top 128 bits are always zero.
2021-07-22 00:41:50 +02:00
Frank Denis
07c2f6c053
Handle the Sun and the IBM compilers separately
2021-07-09 15:47:40 +02:00
infinitydev
b9b66faddb
Fix build on z/OS using XLC ( #1089 )
...
* Fix incorrect XLC #pragma in public header
* Fix incorrect XLC #pragma in internal blake2 header
2021-07-09 15:38:07 +02:00
niooss-ledger
6cd2677d44
Remove unused variable from _sodium_runtime_intel_cpu_features ( #1085 )
...
The function `_sodium_runtime_intel_cpu_features` assigns some value to
its local variable `id` but never reads it. Remove this variable, which
also simplifies the `if` statement that contains the assignment.
2021-07-01 10:05:30 +02:00
Frank Denis
558886fd0e
Use assignement + case instead of memcpy()
2021-06-17 20:57:21 +02:00
Frank Denis
a2ee77b90a
Include private/sse2_64_32.h only where SSE2 is required
...
Fixes #1074
2021-06-13 21:40:54 +02:00
Alcaro
9faa6bb62b
core.c: Make _sodium_crit_init static ( #1073 )
2021-06-13 18:22:32 +02:00
Jordan Frank
7d1aad1797
define randombytes_set_implementation argument to be const ( #1068 )
2021-05-25 19:25:56 +02:00
Frank Denis
0e870c5406
Don't define DllMain in static builds
2021-05-22 10:29:00 +02:00
Christoph M. Becker
8b66d2b969
Delete critical section on DLL_PROCESS_DETACH ( #1058 )
...
To explicitly release all allocated resources on shutdown on Windows, we delete the critical section on `DLL_PROCESS_DETACH`.
We do not employ any locking to avoid any potential deadlock. In case of normal
DLL unloading there is no need to, and in case of forced unloading all bets are likely off anyway.
2021-05-22 10:26:13 +02:00
P.I.E. Security Team
710b2d3963
Fix comment in ristretto255_elligator ( #1052 )
2021-04-21 11:21:58 +02:00
harl
144e6e3161
Fix MAC computation in AEGIS128L on aarch64
2021-03-15 10:24:48 +01:00
martingd
3de0b3cdad
Error from argon2_hash() during verify propagated. ( #1039 )
2021-03-12 18:01:08 +01:00
Frank Denis
f01675fcf2
Fix alignment after #1032
2021-02-12 17:15:00 +01:00
Tobias Nießen
219e74cc98
src: improve a few comments ( #1032 )
2021-02-12 17:13:22 +01:00
Frank Denis
e4206f1337
Change crypto_core_ed25519_from_string() to accept a hash function
2021-01-24 19:21:07 +01:00
Frank Denis
e0629769d3
Move the H2C string->hash functions to their own files
2021-01-24 18:45:14 +01:00
Frank Denis
5ff2b1a0e7
Allow arbitrary long string-to-H2C-hash operations
...
Make the ristretto and edwards25519 string to hash code lookalike.
2021-01-23 21:41:20 +01:00
Frank Denis
41e6cb3368
Use SHA-256 for the hash-to-ristretto255 operation
...
We may eventually revert to SHA-512
2021-01-23 19:00:05 +01:00
Frank Denis
89916bbe11
Explicit
2021-01-07 19:54:07 +01:00