1
mirror of https://github.com/jedisct1/libsodium.git synced 2024-12-24 20:45:17 -07:00
Commit Graph

1962 Commits

Author SHA1 Message Date
Frank Denis
ae82b44b70 ghash: move addmul operation into inline functions 2022-11-14 22:07:02 +01:00
Frank Denis
8489b4d124 __vectorcall didn't exist prior to Visual Studio 2012 2022-11-14 13:12:15 +01:00
Frank Denis
ad3241a0da Add __vectorcall to please MSVC 2022-11-14 12:51:11 +01:00
Frank Denis
479c370bc1 Require zig cc or clang for the amazing __builtin_shufflevector() 2022-11-13 23:53:28 +01:00
Frank Denis
b677924b2e Use enum instead of integers for C++ compat 2022-11-13 22:36:54 +01:00
Frank Denis
495a16cbe0 MSVC cannot compile AES-GCM for now 2022-11-13 21:26:04 +01:00
Frank Denis
379cd8303b Avoid C99isms 2022-11-13 21:23:19 +01:00
Frank Denis
ae8f462ad3 Avoid gcc extensions in aead_aes256gcm_aesni 2022-11-13 21:18:03 +01:00
Frank Denis
36d0196a4a Don't try ARM Crypto implementations on big-endian yet 2022-11-13 20:56:21 +01:00
Frank Denis
f3cf71edd7 Add AES256-GCM support for ARM crypto 2022-11-13 20:23:15 +01:00
Frank Denis
45a0cef2fc AES-NI can be available on i386 2022-11-13 19:40:39 +01:00
Frank Denis
73d039d8ca Remove unused macro 2022-11-13 18:46:22 +01:00
Frank Denis
9b623852bd Rewrite the AES256-GCM implementation
Faster, way more readable, easier to port to other architectures.
2022-11-13 18:42:38 +01:00
Frank Denis
a972fe6498 Indent 2022-10-21 17:54:39 +02:00
Frank Denis
992168c50f Win32: SecureZeroMemory may not be available 2022-10-20 14:42:55 +02:00
Frank Denis
b4c5d37fb5 scalarmult(): don't use the output as a temporary buffer
So that application can use the same pointer for the public key
and the shared secret.
2022-10-11 14:02:29 +02:00
Steve Thomas
0a6178f203
Clear decrypted block from stack (#1190) 2022-06-18 20:32:35 +02:00
Frank Denis
4bffcc63b1 sodium_compare(): cast operands to unsigned int
This matches the Zig implementation and
fixes #1184
2022-06-05 14:28:54 +02:00
Frank Denis
0124c4cddb Indent 2022-05-11 18:13:08 +02:00
Frank Denis
f425d4d96f Simplify blkxor() 2022-05-11 18:02:10 +02:00
Frank Denis
75bde19055 Revert "Add the shifumi128 ZKP system"
This reverts commit 6efe9ee2b5.
2022-04-02 09:32:22 +02:00
Frank Denis
6efe9ee2b5 Add the shifumi128 ZKP system 2022-03-31 20:04:51 +02:00
Frank Denis
69d15f1123 Support gcc-like and C11-like memory fences 2022-03-07 16:47:43 +01:00
Frank Denis
d4ee08ab8a Add memory fences where supported 2022-03-07 16:38:37 +01:00
Frank Denis
fbe2c92f0d AEGIS: rename constants to match the draft 2022-01-04 16:06:44 +01:00
Frank Denis
447cd270d9 edwards25519: faster recovery of the X coordinate 2021-12-27 15:16:56 +01:00
Frank Denis
089f850608 Remove expected length from the pwhash_str_verify()/needs_rehash() 2021-11-11 14:15:24 +01:00
Frank Denis
b65f8fdf4f Remove unused variables 2021-11-08 22:00:33 +01:00
Frank Denis
7052e4733f H2C: Y should be negative is gx1 is a square
Fixes #1119
2021-11-08 14:31:14 +01:00
Jørgen P. Tjernø
64129657a5
Portability improvements (#1105)
* Move `raise` code to be behind an autoconf check

This moves the call to `raise` behind a `HAVE_RAISE` autoconf check,
in addition to `__wasm__`. This is intended to help porting to
other platforms that don't support `raise` (e.g. modern game consoles).

* Add autoconf check for `sysconf`

Only try to invoke `sysconf` if the target platform supports it, and
don't warn about unknown page size if `PAGE_SIZE` was defined. Add an
include for `sys/param.h` to increase likelihood of finding `PAGE_SIZE`.
This is intended to help porting to other platforms that don't support
`sysconf` (e.g. modern game consoles) that have a fixed hardware page
size.

* Don't try to use raise & sysconf in a WASI environment

Co-authored-by: Frank Denis <124872+jedisct1@users.noreply.github.com>
2021-09-16 20:01:24 +02:00
Frank Denis
038e4114e9 fe25519_reduce64: handle the top bit
This is only for code clarity and for people copy/pasting that
private code to use it in a different context.

The top 128 bits are always zero.
2021-07-22 00:41:50 +02:00
Frank Denis
07c2f6c053 Handle the Sun and the IBM compilers separately 2021-07-09 15:47:40 +02:00
infinitydev
b9b66faddb
Fix build on z/OS using XLC (#1089)
* Fix incorrect XLC #pragma in public header

* Fix incorrect XLC #pragma in internal blake2 header
2021-07-09 15:38:07 +02:00
niooss-ledger
6cd2677d44
Remove unused variable from _sodium_runtime_intel_cpu_features (#1085)
The function `_sodium_runtime_intel_cpu_features` assigns some value to
its local variable `id` but never reads it. Remove this variable, which
also simplifies the `if` statement that contains the assignment.
2021-07-01 10:05:30 +02:00
Frank Denis
558886fd0e Use assignement + case instead of memcpy() 2021-06-17 20:57:21 +02:00
Frank Denis
a2ee77b90a Include private/sse2_64_32.h only where SSE2 is required
Fixes #1074
2021-06-13 21:40:54 +02:00
Alcaro
9faa6bb62b
core.c: Make _sodium_crit_init static (#1073) 2021-06-13 18:22:32 +02:00
Jordan Frank
7d1aad1797
define randombytes_set_implementation argument to be const (#1068) 2021-05-25 19:25:56 +02:00
Frank Denis
0e870c5406 Don't define DllMain in static builds 2021-05-22 10:29:00 +02:00
Christoph M. Becker
8b66d2b969
Delete critical section on DLL_PROCESS_DETACH (#1058)
To explicitly release all allocated resources on shutdown on Windows, we delete the critical section on `DLL_PROCESS_DETACH`.

We do not employ any locking to avoid any potential deadlock.  In case of normal
DLL unloading there is no need to, and in case of forced unloading all bets are likely off anyway.
2021-05-22 10:26:13 +02:00
P.I.E. Security Team
710b2d3963
Fix comment in ristretto255_elligator (#1052) 2021-04-21 11:21:58 +02:00
harl
144e6e3161
Fix MAC computation in AEGIS128L on aarch64 2021-03-15 10:24:48 +01:00
martingd
3de0b3cdad
Error from argon2_hash() during verify propagated. (#1039) 2021-03-12 18:01:08 +01:00
Frank Denis
f01675fcf2 Fix alignment after #1032 2021-02-12 17:15:00 +01:00
Tobias Nießen
219e74cc98
src: improve a few comments (#1032) 2021-02-12 17:13:22 +01:00
Frank Denis
e4206f1337 Change crypto_core_ed25519_from_string() to accept a hash function 2021-01-24 19:21:07 +01:00
Frank Denis
e0629769d3 Move the H2C string->hash functions to their own files 2021-01-24 18:45:14 +01:00
Frank Denis
5ff2b1a0e7 Allow arbitrary long string-to-H2C-hash operations
Make the ristretto and edwards25519 string to hash code lookalike.
2021-01-23 21:41:20 +01:00
Frank Denis
41e6cb3368 Use SHA-256 for the hash-to-ristretto255 operation
We may eventually revert to SHA-512
2021-01-23 19:00:05 +01:00
Frank Denis
89916bbe11 Explicit 2021-01-07 19:54:07 +01:00