kevin/libsodium
1
Fork 0
mirror of https://github.com/jedisct1/libsodium.git synced 2024-12-19 18:15:18 -07:00
Code Releases Wiki Activity
3,772 Commits 7 Branches 36 Tags 16 MiB
bf3bc8c386
Commit Graph

1830 Commits

Author SHA1 Message Date
Frank Denis
bf3bc8c386 Add nonnull attributes for new functions 2020-03-30 17:44:17 +02:00
Frank Denis
5fdd12fa97 Add crypto_core_ed25519_from_string() and crypto_core_ed25519_from_string_ro() 2020-03-30 17:19:36 +02:00
Frank Denis
1cedeee7fe Code cleanup 2020-03-30 16:41:21 +02:00
Frank Denis
1e7562f59b Remove useless self inclusion 2020-03-28 21:36:01 +01:00
Frank Denis
eab70f79c0 Add HKDF/SHA-512 and HKDF/SHA-256 2020-03-28 21:35:54 +01:00
Frank Denis
451bafc0d3 Include private/common.h wherever HAVE_*TRIN_H is required, for MSVC 2020-03-18 17:19:58 +01:00
Frank Denis
3881198254 Bring back explicit 64 bit xor on 64 bit archs for gcc 
gcc doesn't seem to be very efficient here, especially with -O2

up
 2020-03-14 17:06:16 +01:00
Frank Denis
2105fbfd46 Remove XOP stub 
XOP is dead
 2020-03-14 15:56:08 +01:00
Frank Denis
cce4a86f99 Reformat comments 2020-03-14 00:22:41 +01:00
Frank Denis
8e21cab950 Simplify integerify() 
Make offsets 64 bit in the SSE scrypt impl
 2020-03-14 00:20:23 +01:00
Frank Denis
6c4437d987 Get rid of escrypt_block_t 
Fixes #937
 2020-03-13 23:21:27 +01:00
Frank Denis
f3b0e32d64 Format multi-line comments consistently 2020-03-11 19:14:54 +01:00
Loup Vaillant
e7e378fad1
Secretbox: explained non-portable behavior (#936) 
Addresses #934

Some tools believe that comparing pointers, *even after converting them
to integers*, is undefined. A comment acknowledging this (as well as the
necessity of the comparison to begin with), can facilitate audits.

Co-authored-by: Frank Denis <124872+jedisct1@users.noreply.github.com>
 2020-03-11 19:07:54 +01:00
Loup Vaillant
4bbc34c09c
Avoid memmove() call when buffers are already the same. (#935) 
This completes the work started in commit
fbe3eb265f
 2020-03-11 19:05:57 +01:00
Frank Denis
a0a8706c9d Revert "Use CMOV on x86_64" 
This reverts commit afae623190.
 2020-02-26 15:02:21 +01:00
Frank Denis
afae623190 Use CMOV on x86_64 
CMOV has been constant time on all generations of x86_64 CPUs, even when
reading from memory.
 2020-02-25 09:22:47 +01:00
Frank Denis
a6d317b2f3 Don't even define a .mult_base placeholder for sandy2x 
Avoid two indirections for fixed base multiplication until another
implementation possibly exists.
 2020-02-06 00:47:18 +01:00
Frank Denis
6a7fbccfd8 Remove sandy2x fixed base scalar multiplication 
Thanks to precomputation, the generic implementation is faster.
 2020-02-06 00:34:08 +01:00
Frank Denis
41c7e47efd Set a default page size to 64K (wasm/linux large pages) 2020-01-05 21:01:28 -05:00
Frank Denis
a72abb0ae1 Add missing randombytes.h inclusion in aead_aegis256.c 2019-12-04 21:07:33 +01:00
Frank Denis
066150a94d Swapped aegis256_is_available implementations 2019-10-31 09:23:33 +01:00
Frank Denis
0f8e034f97 Reorganize aead_aegis256 a bit 2019-10-23 20:03:23 +02:00
Frank Denis
728b7ef237 Add libarmcrypto.la 2019-10-23 19:30:48 +02:00
Frank Denis
c8b6906c60 has_armcrypto_aes -> has_armcrypto 2019-10-23 19:07:33 +02:00
Frank Denis
c9d80901bf __ARM_NEON is enough 2019-10-23 19:02:54 +02:00
Frank Denis
a8dc93192d On Apple devices, the ARM64_V8 subtype always has the crypto extensions 2019-10-23 17:59:17 +02:00
Frank Denis
dd5fbb632b Check for AT_HWCAP2 instead of AT_HWCAP where it's used 2019-10-22 23:24:16 +02:00
Frank Denis
1910ca83d8 Detect NEON and ARMCRYPTO on ARM32 
Which doesn't mean that the compiler will support these opcodes, so
we need to autoconf magic as well.
 2019-10-22 23:20:15 +02:00
Frank Denis
456a57f235 __arm__ => __ARM_ARCH 2019-10-22 22:59:45 +02:00
Frank Denis
acaed459ce Add ARM NEON and AES runtime checks 2019-10-22 22:51:58 +02:00
Frank Denis
9e22cb4ad2 Nits 2019-10-21 15:14:13 +02:00
Frank Denis
111f99a2d4 Nits. No binary code change. 2019-10-21 14:52:20 +02:00
Frank Denis
8a76789de3 Add required headers for aegis256_armcrypto 2019-10-21 14:23:15 +02:00
Adrien Gallouët
fd5bc21b60 Rework NEON version of AEGIS256 
Signed-off-by: Adrien Gallouët <adrien@gallouet.fr>
 2019-10-21 10:56:09 +00:00
Adrien Gallouët
4542a04e1d Indent 
Signed-off-by: Adrien Gallouët <adrien@gallouet.fr>
 2019-10-12 06:54:58 +00:00
Frank Denis
ef89aea64e
Merge pull request #884 from isislovecruft/feature/scalar-succeed-fast 
Optimisation to succeed fast when checking signature scalar is reduced.
 2019-10-12 02:19:42 +02:00
Frank Denis
6abc6c292a Compile only the NEON version of AEGIS256 on relevant platforms 2019-10-12 02:18:36 +02:00
Isis Lovecruft
6136871607
Optimisation to succeed fast when checking signature scalar is reduced. 
This provides a minor optimisation for ed25519 signature verification, when used
without the -DED25519_COMPAT feature, to strictly check for a fully reduced
scalar, `s`, component in variable time by first checking that the most
significant *four* bits are unset, and only if any of them are set proceed to
the `sc25519_is_canonical` check which performs the full reduction.  This should
result in succeeding fast for the check on roughly half of all well-formed,
canonicalised signatures.

This is safely backwards compatible with the previous implementation
of strict checking for signature scalars.
 2019-10-11 21:58:15 +00:00
Frank Denis
e1bff2608f Merge branch 'master' of github.com:jedisct1/libsodium 
* 'master' of github.com:jedisct1/libsodium:
  Add -S for curl
  randombytes: make the emscripten version consistent with others
 2019-09-25 17:16:43 +02:00
Frank Denis
2f915846ff randombytes: make the emscripten version consistent with others 2019-09-24 16:56:49 +02:00
Frank Denis
44b4526309 Add ARM implementation of aegis256 - Not connected to builds yet 2019-09-16 14:52:10 +02:00
Frank Denis
5990dc00d0 Fix crypto_aead_aegis256_MESSAGEBYTES_MAX 2019-09-13 19:46:57 +02:00
Frank Denis
cb4160b82c
Merge pull request #869 from angt/aegis256-mac-verification 
aegis256: Support mac verification when m is NULL
 2019-09-13 10:39:43 +02:00
Frank Denis
1d536ffab7 Indent 2019-09-13 00:17:46 +02:00
Adrien Gallouët
0a31dd5a31 aegis256: Support mac verification when m is NULL 
Signed-off-by: Adrien Gallouët <adrien@gallouet.fr>
 2019-09-12 21:11:07 +00:00
Frank Denis
f537541a0a For clarity, don't use different terms for the same thing 2019-09-12 22:24:39 +02:00
Frank Denis
4de2620fb1 Indent 2019-09-12 20:48:52 +02:00
Adrien Gallouët
4520c080cc Define ENOSYS where it is useful 
Signed-off-by: Adrien Gallouët <adrien@gallouet.fr>
 2019-09-12 18:13:19 +00:00
Adrien Gallouët
0eecb81466 aegis256: Remove restrict 
Signed-off-by: Adrien Gallouët <adrien@gallouet.fr>
 2019-09-11 13:14:32 +00:00
Adrien Gallouët
452ac1f3ee Add AEGIS-256 (aesni only) 
Signed-off-by: Adrien Gallouët <adrien@gallouet.fr>
 2019-09-11 12:53:22 +00:00