From cec56d867f741e66f78b9fde37d9081643599a2a Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Tue, 23 Apr 2019 14:57:07 +0200 Subject: [PATCH 01/58] Lucet: set min-reserved-size to the same value as max-heap-size If is less than , the code will still assume that only bytes are accessible and will trap even if the runtime could allocate more.. So, `max` should always be <= `min`. Naming options is hard. --- test/default/wasi-test-wrapper.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/default/wasi-test-wrapper.sh b/test/default/wasi-test-wrapper.sh index 3ef6f844..599f32c9 100755 --- a/test/default/wasi-test-wrapper.sh +++ b/test/default/wasi-test-wrapper.sh @@ -13,7 +13,7 @@ if [ -z "$WASI_RUNTIME" ] || [ "$WASI_RUNTIME" = "lucet" ]; then lucetc-wasi \ --min-reserved-size "${MAX_MEMORY_MB}MiB" \ -o "${1}.so" --opt-level best "$1" && - lucet-wasi --dir=.:. "${1}.so" && + lucet-wasi --dir=.:. --max-heap-size "${MAX_MEMORY_MB}MiB" "${1}.so" && rm -f "${1}.so" && exit 0 fi fi From 261761a02c12c75c1541af691b5b0d6a30b68061 Mon Sep 17 00:00:00 2001 From: Fraser Hutchison Date: Sat, 27 Apr 2019 17:50:33 +0100 Subject: [PATCH 02/58] Fix placement of alignment specifier --- src/libsodium/include/sodium/crypto_aead_aes256gcm.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libsodium/include/sodium/crypto_aead_aes256gcm.h b/src/libsodium/include/sodium/crypto_aead_aes256gcm.h index 2d31a975..9baeb3f1 100644 --- a/src/libsodium/include/sodium/crypto_aead_aes256gcm.h +++ b/src/libsodium/include/sodium/crypto_aead_aes256gcm.h @@ -56,7 +56,7 @@ size_t crypto_aead_aes256gcm_abytes(void); SODIUM_EXPORT size_t crypto_aead_aes256gcm_messagebytes_max(void); -typedef CRYPTO_ALIGN(16) struct crypto_aead_aes256gcm_state_ { +typedef struct CRYPTO_ALIGN(16) crypto_aead_aes256gcm_state_ { unsigned char opaque[512]; } crypto_aead_aes256gcm_state; From 38ebbac33631f533516963491b03852448ef8fb6 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Tue, 30 Apr 2019 19:44:13 +0200 Subject: [PATCH 03/58] set ED25519_NONDETERMINISTIC on WebAssembly/WASI target --- dist-build/wasm32-wasi.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dist-build/wasm32-wasi.sh b/dist-build/wasm32-wasi.sh index 980d9639..bde72714 100755 --- a/dist-build/wasm32-wasi.sh +++ b/dist-build/wasm32-wasi.sh @@ -11,7 +11,7 @@ export PREFIX="$(pwd)/libsodium-wasm32-wasi" mkdir -p $PREFIX || exit 1 export CC="clang" -export CFLAGS="--target=wasm32-unknkown-wasi --sysroot=${WASI_SYSROOT} -O2" +export CFLAGS="-DED25519_NONDETERMINISTIC=1 --target=wasm32-unknkown-wasi --sysroot=${WASI_SYSROOT} -O2" export LDFLAGS="-s -Wl,--no-threads" export NM="llvm-nm" export AR="llvm-ar" From 689407c36d9d1c04771682be769a8d29950c2d93 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Wed, 1 May 2019 19:56:08 +0200 Subject: [PATCH 04/58] Rename ristretto_from_uniform() to ristretto_from_hash() --- .../crypto_core/ed25519/core_ristretto255.c | 8 +++--- .../crypto_core/ed25519/ref10/ed25519_ref10.c | 2 +- .../include/sodium/crypto_core_ristretto255.h | 8 +++--- .../include/sodium/private/ed25519_ref10.h | 2 +- test/default/core_ristretto255.c | 26 +++++++++---------- 5 files changed, 23 insertions(+), 23 deletions(-) diff --git a/src/libsodium/crypto_core/ed25519/core_ristretto255.c b/src/libsodium/crypto_core/ed25519/core_ristretto255.c index 94cc64a6..57305bef 100644 --- a/src/libsodium/crypto_core/ed25519/core_ristretto255.c +++ b/src/libsodium/crypto_core/ed25519/core_ristretto255.c @@ -60,9 +60,9 @@ crypto_core_ristretto255_sub(unsigned char *r, } int -crypto_core_ristretto255_from_uniform(unsigned char *p, const unsigned char *r) +crypto_core_ristretto255_from_hash(unsigned char *p, const unsigned char *r) { - ristretto255_from_uniform(p, r); + ristretto255_from_hash(p, r); return 0; } @@ -135,9 +135,9 @@ crypto_core_ristretto255_nonreducedscalarbytes(void) } size_t -crypto_core_ristretto255_uniformbytes(void) +crypto_core_ristretto255_hashbytes(void) { - return crypto_core_ristretto255_UNIFORMBYTES; + return crypto_core_ristretto255_HASHBYTES; } size_t diff --git a/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c b/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c index e7b44493..cd215f2b 100644 --- a/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c +++ b/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c @@ -2815,7 +2815,7 @@ ristretto255_elligator(ge25519_p3 *p, const fe25519 t) } void -ristretto255_from_uniform(unsigned char s[32], const unsigned char r[64]) +ristretto255_from_hash(unsigned char s[32], const unsigned char r[64]) { fe25519 r0, r1; ge25519_cached p1_cached; diff --git a/src/libsodium/include/sodium/crypto_core_ristretto255.h b/src/libsodium/include/sodium/crypto_core_ristretto255.h index 33522b07..9d642e33 100644 --- a/src/libsodium/include/sodium/crypto_core_ristretto255.h +++ b/src/libsodium/include/sodium/crypto_core_ristretto255.h @@ -12,9 +12,9 @@ extern "C" { SODIUM_EXPORT size_t crypto_core_ristretto255_bytes(void); -#define crypto_core_ristretto255_UNIFORMBYTES 64 +#define crypto_core_ristretto255_HASHBYTES 64 SODIUM_EXPORT -size_t crypto_core_ristretto255_uniformbytes(void); +size_t crypto_core_ristretto255_hashbytes(void); #define crypto_core_ristretto255_SCALARBYTES 32 SODIUM_EXPORT @@ -39,8 +39,8 @@ int crypto_core_ristretto255_sub(unsigned char *r, __attribute__ ((nonnull)); SODIUM_EXPORT -int crypto_core_ristretto255_from_uniform(unsigned char *p, - const unsigned char *r) +int crypto_core_ristretto255_from_hash(unsigned char *p, + const unsigned char *r) __attribute__ ((nonnull)); SODIUM_EXPORT diff --git a/src/libsodium/include/sodium/private/ed25519_ref10.h b/src/libsodium/include/sodium/private/ed25519_ref10.h index 5f7e67e3..344905b7 100644 --- a/src/libsodium/include/sodium/private/ed25519_ref10.h +++ b/src/libsodium/include/sodium/private/ed25519_ref10.h @@ -118,7 +118,7 @@ int ristretto255_frombytes(ge25519_p3 *h, const unsigned char *s); void ristretto255_p3_tobytes(unsigned char *s, const ge25519_p3 *h); -void ristretto255_from_uniform(unsigned char s[32], const unsigned char r[64]); +void ristretto255_from_hash(unsigned char s[32], const unsigned char r[64]); /* The set of scalars is \Z/l diff --git a/test/default/core_ristretto255.c b/test/default/core_ristretto255.c index 159cb8e3..a52ef8b7 100644 --- a/test/default/core_ristretto255.c +++ b/test/default/core_ristretto255.c @@ -62,7 +62,7 @@ tv1(void) static void tv2(void) { - static const char *uniform_hex[] = { + static const char *hash_hex[] = { "5d1be09e3d0c82fc538112490e35701979d99e06ca3e2b5b54bffe8b4dc772c1" "4d98b696a1bbfb5ca32c436cc61c16563790306c79eaca7705668b47dffe5bb6", @@ -90,13 +90,13 @@ tv2(void) size_t i; s = (unsigned char *) sodium_malloc(crypto_core_ristretto255_BYTES); - u = (unsigned char *) sodium_malloc(crypto_core_ristretto255_UNIFORMBYTES); + u = (unsigned char *) sodium_malloc(crypto_core_ristretto255_HASHBYTES); hex = (char *) sodium_malloc(crypto_core_ristretto255_BYTES * 2 + 1); - for (i = 0; i < sizeof uniform_hex / sizeof uniform_hex[0]; i++) { - sodium_hex2bin(u, crypto_core_ristretto255_UNIFORMBYTES, uniform_hex[i], - crypto_core_ristretto255_UNIFORMBYTES * 2 + 1, + for (i = 0; i < sizeof hash_hex / sizeof hash_hex[0]; i++) { + sodium_hex2bin(u, crypto_core_ristretto255_HASHBYTES, hash_hex[i], + crypto_core_ristretto255_HASHBYTES * 2 + 1, NULL, NULL, NULL); - crypto_core_ristretto255_from_uniform(s, u); + crypto_core_ristretto255_from_hash(s, u); sodium_bin2hex(hex, crypto_core_ristretto255_BYTES * 2 + 1, s, crypto_core_ristretto255_BYTES); printf("%s\n", hex); @@ -120,7 +120,7 @@ tv3(void) unsigned char *r_inv = (unsigned char *) sodium_malloc(crypto_core_ristretto255_SCALARBYTES); unsigned char *ru = - (unsigned char *) sodium_malloc(crypto_core_ristretto255_UNIFORMBYTES); + (unsigned char *) sodium_malloc(crypto_core_ristretto255_HASHBYTES); unsigned char *s = (unsigned char *) sodium_malloc(crypto_core_ristretto255_BYTES); unsigned char *s_ = @@ -138,10 +138,10 @@ tv3(void) if (crypto_scalarmult_ristretto255(s, l, s) == 0) { printf("s*l != inf (1)\n"); } - randombytes_buf(ru, crypto_core_ristretto255_UNIFORMBYTES); - if (crypto_core_ristretto255_from_uniform(s, ru) != 0 || + randombytes_buf(ru, crypto_core_ristretto255_HASHBYTES); + if (crypto_core_ristretto255_from_hash(s, ru) != 0 || crypto_core_ristretto255_is_valid_point(s) != 1) { - printf("crypto_core_ristretto255_from_uniform() failed\n"); + printf("crypto_core_ristretto255_from_hash() failed\n"); } if (crypto_scalarmult_ristretto255(s2, l, s) == 0) { printf("s*l != inf (2)\n"); @@ -184,12 +184,12 @@ main(void) assert(crypto_core_ristretto255_SCALARBYTES == crypto_core_ristretto255_scalarbytes()); assert(crypto_core_ristretto255_NONREDUCEDSCALARBYTES == crypto_core_ristretto255_nonreducedscalarbytes()); assert(crypto_core_ristretto255_NONREDUCEDSCALARBYTES >= crypto_core_ristretto255_SCALARBYTES); - assert(crypto_core_ristretto255_UNIFORMBYTES == crypto_core_ristretto255_uniformbytes()); - assert(crypto_core_ristretto255_UNIFORMBYTES >= crypto_core_ristretto255_BYTES); + assert(crypto_core_ristretto255_HASHBYTES == crypto_core_ristretto255_hashbytes()); + assert(crypto_core_ristretto255_HASHBYTES >= crypto_core_ristretto255_BYTES); assert(crypto_core_ristretto255_BYTES == crypto_core_ed25519_BYTES); assert(crypto_core_ristretto255_SCALARBYTES == crypto_core_ed25519_SCALARBYTES); assert(crypto_core_ristretto255_NONREDUCEDSCALARBYTES == crypto_core_ed25519_NONREDUCEDSCALARBYTES); - assert(crypto_core_ristretto255_UNIFORMBYTES > crypto_core_ed25519_UNIFORMBYTES); + assert(crypto_core_ristretto255_HASHBYTES >= 2 * crypto_core_ed25519_UNIFORMBYTES); printf("OK\n"); From 24c54073a89169334d359478b67be13ae9c33b0a Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Thu, 2 May 2019 00:51:17 +0200 Subject: [PATCH 05/58] Add core_ed25519_from_hash() and core_{ed25519, ristretto255}_random() --- .../crypto_core/ed25519/core_ed25519.c | 25 ++++++++++- .../crypto_core/ed25519/core_ristretto255.c | 9 ++++ .../crypto_core/ed25519/ref10/ed25519_ref10.c | 41 +++++++++++++----- .../include/sodium/crypto_core_ed25519.h | 12 ++++++ .../include/sodium/crypto_core_ristretto255.h | 4 ++ .../include/sodium/private/ed25519_ref10.h | 4 +- test/default/core_ed25519.c | 43 +++++++++++++------ test/default/core_ristretto255.c | 4 ++ 8 files changed, 115 insertions(+), 27 deletions(-) diff --git a/src/libsodium/crypto_core/ed25519/core_ed25519.c b/src/libsodium/crypto_core/ed25519/core_ed25519.c index ac1eed17..0029a093 100644 --- a/src/libsodium/crypto_core/ed25519/core_ed25519.c +++ b/src/libsodium/crypto_core/ed25519/core_ed25519.c @@ -67,7 +67,24 @@ crypto_core_ed25519_from_uniform(unsigned char *p, const unsigned char *r) { ge25519_from_uniform(p, r); - return - ge25519_has_small_order(p); + return 0; +} + +int +crypto_core_ed25519_from_hash(unsigned char *p, const unsigned char *h) +{ + ge25519_from_hash(p, h); + + return 0; +} + +void +crypto_core_ed25519_random(unsigned char *p) +{ + unsigned char h[crypto_core_ed25519_HASHBYTES]; + + randombytes_buf(h, sizeof h); + (void) crypto_core_ed25519_from_hash(p, h); } void @@ -195,6 +212,12 @@ crypto_core_ed25519_uniformbytes(void) return crypto_core_ed25519_UNIFORMBYTES; } +size_t +crypto_core_ed25519_hashbytes(void) +{ + return crypto_core_ed25519_HASHBYTES; +} + size_t crypto_core_ed25519_scalarbytes(void) { diff --git a/src/libsodium/crypto_core/ed25519/core_ristretto255.c b/src/libsodium/crypto_core/ed25519/core_ristretto255.c index 57305bef..cad3c802 100644 --- a/src/libsodium/crypto_core/ed25519/core_ristretto255.c +++ b/src/libsodium/crypto_core/ed25519/core_ristretto255.c @@ -67,6 +67,15 @@ crypto_core_ristretto255_from_hash(unsigned char *p, const unsigned char *r) return 0; } +void +crypto_core_ristretto255_random(unsigned char *p) +{ + unsigned char h[crypto_core_ristretto255_HASHBYTES]; + + randombytes_buf(h, sizeof h); + (void) crypto_core_ristretto255_from_hash(p, h); +} + void crypto_core_ristretto255_scalar_random(unsigned char *r) { diff --git a/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c b/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c index cd215f2b..4b1c4194 100644 --- a/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c +++ b/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c @@ -2525,8 +2525,8 @@ chi25519(fe25519 out, const fe25519 z) fe25519_mul(out, t1, t0); } -void -ge25519_from_uniform(unsigned char s[32], const unsigned char r[32]) +static void +ge25519_elligator2(unsigned char s[32], const unsigned char x_sign) { fe25519 e; fe25519 negx; @@ -2536,15 +2536,9 @@ ge25519_from_uniform(unsigned char s[32], const unsigned char r[32]) ge25519_p1p1 p1; ge25519_p2 p2; unsigned int e_is_minus_1; - unsigned char x_sign; - - memcpy(s, r, 32); - x_sign = s[31] & 0x80; - s[31] &= 0x7f; fe25519_frombytes(rr2, s); - /* elligator */ fe25519_sq2(rr2, rr2); rr2[0]++; fe25519_invert(rr2, rr2); @@ -2600,6 +2594,31 @@ ge25519_from_uniform(unsigned char s[32], const unsigned char r[32]) ge25519_p3_tobytes(s, &p3); } +void +ge25519_from_uniform(unsigned char s[32], const unsigned char r[32]) +{ + unsigned char x_sign; + + memcpy(s, r, 32); + x_sign = s[31] & 0x80; + s[31] &= 0x7f; + ge25519_elligator2(s, x_sign); +} + +void +ge25519_from_hash(unsigned char s[32], const unsigned char h[64]) +{ + unsigned char r[64]; + unsigned char x_sign; + + memcpy(r, h, 64); + x_sign = h[63] & 0x80; + r[63] &= 0x7f; + sc25519_reduce(r); + memcpy(s, r, 32); + ge25519_elligator2(s, x_sign); +} + /* Ristretto group */ static int @@ -2815,7 +2834,7 @@ ristretto255_elligator(ge25519_p3 *p, const fe25519 t) } void -ristretto255_from_hash(unsigned char s[32], const unsigned char r[64]) +ristretto255_from_hash(unsigned char s[32], const unsigned char h[64]) { fe25519 r0, r1; ge25519_cached p1_cached; @@ -2823,8 +2842,8 @@ ristretto255_from_hash(unsigned char s[32], const unsigned char r[64]) ge25519_p3 p0, p1; ge25519_p3 p; - fe25519_frombytes(r0, r); - fe25519_frombytes(r1, r + 32); + fe25519_frombytes(r0, h); + fe25519_frombytes(r1, h + 32); ristretto255_elligator(&p0, r0); ristretto255_elligator(&p1, r1); ge25519_p3_to_cached(&p1_cached, &p1); diff --git a/src/libsodium/include/sodium/crypto_core_ed25519.h b/src/libsodium/include/sodium/crypto_core_ed25519.h index a63d8382..3eae00c4 100644 --- a/src/libsodium/include/sodium/crypto_core_ed25519.h +++ b/src/libsodium/include/sodium/crypto_core_ed25519.h @@ -16,6 +16,10 @@ size_t crypto_core_ed25519_bytes(void); SODIUM_EXPORT size_t crypto_core_ed25519_uniformbytes(void); +#define crypto_core_ed25519_HASHBYTES 64 +SODIUM_EXPORT +size_t crypto_core_ed25519_hashbytes(void); + #define crypto_core_ed25519_SCALARBYTES 32 SODIUM_EXPORT size_t crypto_core_ed25519_scalarbytes(void); @@ -42,6 +46,14 @@ SODIUM_EXPORT int crypto_core_ed25519_from_uniform(unsigned char *p, const unsigned char *r) __attribute__ ((nonnull)); +SODIUM_EXPORT +int crypto_core_ed25519_from_hash(unsigned char *p, const unsigned char *h) + __attribute__ ((nonnull)); + +SODIUM_EXPORT +void crypto_core_ed25519_random(unsigned char *p) + __attribute__ ((nonnull)); + SODIUM_EXPORT void crypto_core_ed25519_scalar_random(unsigned char *r) __attribute__ ((nonnull)); diff --git a/src/libsodium/include/sodium/crypto_core_ristretto255.h b/src/libsodium/include/sodium/crypto_core_ristretto255.h index 9d642e33..f2820e55 100644 --- a/src/libsodium/include/sodium/crypto_core_ristretto255.h +++ b/src/libsodium/include/sodium/crypto_core_ristretto255.h @@ -43,6 +43,10 @@ int crypto_core_ristretto255_from_hash(unsigned char *p, const unsigned char *r) __attribute__ ((nonnull)); +SODIUM_EXPORT +void crypto_core_ristretto255_random(unsigned char *p) + __attribute__ ((nonnull)); + SODIUM_EXPORT void crypto_core_ristretto255_scalar_random(unsigned char *r) __attribute__ ((nonnull)); diff --git a/src/libsodium/include/sodium/private/ed25519_ref10.h b/src/libsodium/include/sodium/private/ed25519_ref10.h index 344905b7..3f4c45ca 100644 --- a/src/libsodium/include/sodium/private/ed25519_ref10.h +++ b/src/libsodium/include/sodium/private/ed25519_ref10.h @@ -110,6 +110,8 @@ int ge25519_has_small_order(const unsigned char s[32]); void ge25519_from_uniform(unsigned char s[32], const unsigned char r[32]); +void ge25519_from_hash(unsigned char s[32], const unsigned char h[64]); + /* Ristretto group */ @@ -118,7 +120,7 @@ int ristretto255_frombytes(ge25519_p3 *h, const unsigned char *s); void ristretto255_p3_tobytes(unsigned char *s, const ge25519_p3 *h); -void ristretto255_from_hash(unsigned char s[32], const unsigned char r[64]); +void ristretto255_from_hash(unsigned char s[32], const unsigned char h[64]); /* The set of scalars is \Z/l diff --git a/test/default/core_ed25519.c b/test/default/core_ed25519.c index cfafa83a..e3f39c38 100644 --- a/test/default/core_ed25519.c +++ b/test/default/core_ed25519.c @@ -44,29 +44,43 @@ add_l64(unsigned char * const S) int main(void) { - unsigned char *h; + unsigned char *h, *r; unsigned char *p, *p2, *p3; unsigned char *sc, *sc2, *sc3; unsigned char *sc64; char *hex; unsigned int i, j; - h = (unsigned char *) sodium_malloc(crypto_core_ed25519_UNIFORMBYTES); + h = (unsigned char *) sodium_malloc(crypto_core_ed25519_HASHBYTES); + r = (unsigned char *) sodium_malloc(crypto_core_ed25519_UNIFORMBYTES); p = (unsigned char *) sodium_malloc(crypto_core_ed25519_BYTES); - for (i = 0; i < 1000; i++) { - randombytes_buf(h, crypto_core_ed25519_UNIFORMBYTES); - if (crypto_core_ed25519_from_uniform(p, h) != 0) { + for (i = 0; i < 500; i++) { + randombytes_buf(r, crypto_core_ed25519_UNIFORMBYTES); + if (crypto_core_ed25519_from_uniform(p, r) != 0) { printf("crypto_core_ed25519_from_uniform() failed\n"); } if (crypto_core_ed25519_is_valid_point(p) == 0) { printf("crypto_core_ed25519_from_uniform() returned an invalid point\n"); } + + randombytes_buf(h, crypto_core_ed25519_HASHBYTES); + if (crypto_core_ed25519_from_hash(p, h) != 0) { + printf("crypto_core_ed25519_from_hash() failed\n"); + } + if (crypto_core_ed25519_is_valid_point(p) == 0) { + printf("crypto_core_ed25519_from_hash() returned an invalid point\n"); + } + + crypto_core_ed25519_random(p); + if (crypto_core_ed25519_is_valid_point(p) == 0) { + printf("crypto_core_ed25519_random() returned an invalid point\n"); + } } p2 = (unsigned char *) sodium_malloc(crypto_core_ed25519_BYTES); p3 = (unsigned char *) sodium_malloc(crypto_core_ed25519_BYTES); - randombytes_buf(h, crypto_core_ed25519_UNIFORMBYTES); - crypto_core_ed25519_from_uniform(p2, h); + + crypto_core_ed25519_random(p2); j = 1 + (unsigned int) randombytes_uniform(100); memcpy(p3, p, crypto_core_ed25519_BYTES); @@ -145,8 +159,7 @@ main(void) assert(crypto_core_ed25519_sub(p3, non_canonical_invalid_p, p3) == -1); for (i = 0; i < 1000; i++) { - randombytes_buf(h, crypto_core_ed25519_UNIFORMBYTES); - crypto_core_ed25519_from_uniform(p, h); + crypto_core_ed25519_random(p); do { crypto_core_ed25519_scalar_random(sc); } while (sodium_is_zero(sc, crypto_core_ed25519_SCALARBYTES)); @@ -177,8 +190,8 @@ main(void) printf("crypto_core_ed25519_scalar_reduce() failed\n"); } - randombytes_buf(h, crypto_core_ed25519_UNIFORMBYTES); - crypto_core_ed25519_from_uniform(p, h); + randombytes_buf(r, crypto_core_ed25519_UNIFORMBYTES); + crypto_core_ed25519_from_uniform(p, r); memcpy(p2, p, crypto_core_ed25519_BYTES); crypto_core_ed25519_scalar_random(sc); if (crypto_scalarmult_ed25519_noclamp(p, sc, p) != 0) { @@ -189,15 +202,14 @@ main(void) printf("crypto_scalarmult_ed25519_noclamp() failed (2)\n"); } crypto_core_ed25519_add(p3, p, p2); - crypto_core_ed25519_from_uniform(p, h); + crypto_core_ed25519_from_uniform(p, r); crypto_core_ed25519_sub(p, p, p3); assert(p[0] == 0x01); for (i = 1; i < crypto_core_ed25519_BYTES; i++) { assert(p[i] == 0); } - randombytes_buf(h, crypto_core_ed25519_UNIFORMBYTES); - crypto_core_ed25519_from_uniform(p, h); + crypto_core_ed25519_random(p); memcpy(p2, p, crypto_core_ed25519_BYTES); crypto_core_ed25519_scalar_random(sc); if (crypto_scalarmult_ed25519_noclamp(p, sc, p) != 0) { @@ -383,6 +395,7 @@ main(void) sodium_free(p3); sodium_free(p2); sodium_free(p); + sodium_free(r); sodium_free(h); assert(crypto_core_ed25519_BYTES == crypto_core_ed25519_bytes()); @@ -391,6 +404,8 @@ main(void) assert(crypto_core_ed25519_NONREDUCEDSCALARBYTES >= crypto_core_ed25519_SCALARBYTES); assert(crypto_core_ed25519_UNIFORMBYTES == crypto_core_ed25519_uniformbytes()); assert(crypto_core_ed25519_UNIFORMBYTES >= crypto_core_ed25519_BYTES); + assert(crypto_core_ed25519_HASHBYTES == crypto_core_ed25519_hashbytes()); + assert(crypto_core_ed25519_HASHBYTES >= 2 * crypto_core_ed25519_BYTES); printf("OK\n"); diff --git a/test/default/core_ristretto255.c b/test/default/core_ristretto255.c index a52ef8b7..10ada0a9 100644 --- a/test/default/core_ristretto255.c +++ b/test/default/core_ristretto255.c @@ -135,6 +135,10 @@ tv3(void) crypto_core_ristretto255_is_valid_point(s) != 1) { printf("crypto_scalarmult_ristretto255_base() failed\n"); } + crypto_core_ristretto255_random(s); + if (crypto_core_ristretto255_is_valid_point(s) != 1) { + printf("crypto_core_ristretto255_random() failed\n"); + } if (crypto_scalarmult_ristretto255(s, l, s) == 0) { printf("s*l != inf (1)\n"); } From 4f1d0ccfdb0ba5053283f41038090cf8ff11717f Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Thu, 2 May 2019 00:56:02 +0200 Subject: [PATCH 06/58] Update the symbol list of the emscripten target --- dist-build/emscripten-symbols.def | 9 ++++++++- dist-build/emscripten.sh | 2 +- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/dist-build/emscripten-symbols.def b/dist-build/emscripten-symbols.def index 000faf18..b1761c5d 100644 --- a/dist-build/emscripten-symbols.def +++ b/dist-build/emscripten-symbols.def @@ -145,12 +145,16 @@ _crypto_box_seedbytes 1 1 _crypto_box_zerobytes 0 1 _crypto_core_ed25519_add 0 1 _crypto_core_ed25519_bytes 0 1 +_crypto_core_ed25519_from_hash 0 1 _crypto_core_ed25519_from_uniform 0 1 +_crypto_core_ed25519_hashbytes 0 1 _crypto_core_ed25519_is_valid_point 0 1 _crypto_core_ed25519_nonreducedscalarbytes 0 1 +_crypto_core_ed25519_random 0 1 _crypto_core_ed25519_scalar_add 0 1 _crypto_core_ed25519_scalar_complement 0 1 _crypto_core_ed25519_scalar_invert 0 1 +_crypto_core_ed25519_scalar_mul 0 1 _crypto_core_ed25519_scalar_negate 0 1 _crypto_core_ed25519_scalar_random 0 1 _crypto_core_ed25519_scalar_reduce 0 1 @@ -170,12 +174,15 @@ _crypto_core_hsalsa20_keybytes 0 1 _crypto_core_hsalsa20_outputbytes 0 1 _crypto_core_ristretto255_add 0 1 _crypto_core_ristretto255_bytes 0 1 -_crypto_core_ristretto255_from_uniform 0 1 +_crypto_core_ristretto255_from_hash 0 1 +_crypto_core_ristretto255_hashbytes 0 1 _crypto_core_ristretto255_is_valid_point 0 1 _crypto_core_ristretto255_nonreducedscalarbytes 0 1 +_crypto_core_ristretto255_random 0 1 _crypto_core_ristretto255_scalar_add 0 1 _crypto_core_ristretto255_scalar_complement 0 1 _crypto_core_ristretto255_scalar_invert 0 1 +_crypto_core_ristretto255_scalar_mul 0 1 _crypto_core_ristretto255_scalar_negate 0 1 _crypto_core_ristretto255_scalar_random 0 1 _crypto_core_ristretto255_scalar_reduce 0 1 diff --git a/dist-build/emscripten.sh b/dist-build/emscripten.sh index 6c4844e9..4038e9b1 100755 --- a/dist-build/emscripten.sh +++ b/dist-build/emscripten.sh @@ -2,7 +2,7 @@ export MAKE_FLAGS='-j4' export EXPORTED_FUNCTIONS_STANDARD='["_malloc","_free","_crypto_aead_chacha20poly1305_abytes","_crypto_aead_chacha20poly1305_decrypt","_crypto_aead_chacha20poly1305_decrypt_detached","_crypto_aead_chacha20poly1305_encrypt","_crypto_aead_chacha20poly1305_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_abytes","_crypto_aead_chacha20poly1305_ietf_decrypt","_crypto_aead_chacha20poly1305_ietf_decrypt_detached","_crypto_aead_chacha20poly1305_ietf_encrypt","_crypto_aead_chacha20poly1305_ietf_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_keybytes","_crypto_aead_chacha20poly1305_ietf_keygen","_crypto_aead_chacha20poly1305_ietf_messagebytes_max","_crypto_aead_chacha20poly1305_ietf_npubbytes","_crypto_aead_chacha20poly1305_ietf_nsecbytes","_crypto_aead_chacha20poly1305_keybytes","_crypto_aead_chacha20poly1305_keygen","_crypto_aead_chacha20poly1305_messagebytes_max","_crypto_aead_chacha20poly1305_npubbytes","_crypto_aead_chacha20poly1305_nsecbytes","_crypto_aead_xchacha20poly1305_ietf_abytes","_crypto_aead_xchacha20poly1305_ietf_decrypt","_crypto_aead_xchacha20poly1305_ietf_decrypt_detached","_crypto_aead_xchacha20poly1305_ietf_encrypt","_crypto_aead_xchacha20poly1305_ietf_encrypt_detached","_crypto_aead_xchacha20poly1305_ietf_keybytes","_crypto_aead_xchacha20poly1305_ietf_keygen","_crypto_aead_xchacha20poly1305_ietf_messagebytes_max","_crypto_aead_xchacha20poly1305_ietf_npubbytes","_crypto_aead_xchacha20poly1305_ietf_nsecbytes","_crypto_auth","_crypto_auth_bytes","_crypto_auth_keybytes","_crypto_auth_keygen","_crypto_auth_verify","_crypto_box_beforenm","_crypto_box_beforenmbytes","_crypto_box_detached","_crypto_box_detached_afternm","_crypto_box_easy","_crypto_box_easy_afternm","_crypto_box_keypair","_crypto_box_macbytes","_crypto_box_messagebytes_max","_crypto_box_noncebytes","_crypto_box_open_detached","_crypto_box_open_detached_afternm","_crypto_box_open_easy","_crypto_box_open_easy_afternm","_crypto_box_publickeybytes","_crypto_box_seal","_crypto_box_seal_open","_crypto_box_sealbytes","_crypto_box_secretkeybytes","_crypto_box_seed_keypair","_crypto_box_seedbytes","_crypto_generichash","_crypto_generichash_bytes","_crypto_generichash_bytes_max","_crypto_generichash_bytes_min","_crypto_generichash_final","_crypto_generichash_init","_crypto_generichash_keybytes","_crypto_generichash_keybytes_max","_crypto_generichash_keybytes_min","_crypto_generichash_keygen","_crypto_generichash_statebytes","_crypto_generichash_update","_crypto_hash","_crypto_hash_bytes","_crypto_kdf_bytes_max","_crypto_kdf_bytes_min","_crypto_kdf_contextbytes","_crypto_kdf_derive_from_key","_crypto_kdf_keybytes","_crypto_kdf_keygen","_crypto_kx_client_session_keys","_crypto_kx_keypair","_crypto_kx_publickeybytes","_crypto_kx_secretkeybytes","_crypto_kx_seed_keypair","_crypto_kx_seedbytes","_crypto_kx_server_session_keys","_crypto_kx_sessionkeybytes","_crypto_pwhash","_crypto_pwhash_alg_argon2i13","_crypto_pwhash_alg_argon2id13","_crypto_pwhash_alg_default","_crypto_pwhash_bytes_max","_crypto_pwhash_bytes_min","_crypto_pwhash_memlimit_interactive","_crypto_pwhash_memlimit_max","_crypto_pwhash_memlimit_min","_crypto_pwhash_memlimit_moderate","_crypto_pwhash_memlimit_sensitive","_crypto_pwhash_opslimit_interactive","_crypto_pwhash_opslimit_max","_crypto_pwhash_opslimit_min","_crypto_pwhash_opslimit_moderate","_crypto_pwhash_opslimit_sensitive","_crypto_pwhash_passwd_max","_crypto_pwhash_passwd_min","_crypto_pwhash_saltbytes","_crypto_pwhash_str","_crypto_pwhash_str_alg","_crypto_pwhash_str_needs_rehash","_crypto_pwhash_str_verify","_crypto_pwhash_strbytes","_crypto_pwhash_strprefix","_crypto_scalarmult","_crypto_scalarmult_base","_crypto_scalarmult_bytes","_crypto_scalarmult_scalarbytes","_crypto_secretbox_detached","_crypto_secretbox_easy","_crypto_secretbox_keybytes","_crypto_secretbox_keygen","_crypto_secretbox_macbytes","_crypto_secretbox_messagebytes_max","_crypto_secretbox_noncebytes","_crypto_secretbox_open_detached","_crypto_secretbox_open_easy","_crypto_secretstream_xchacha20poly1305_abytes","_crypto_secretstream_xchacha20poly1305_headerbytes","_crypto_secretstream_xchacha20poly1305_init_pull","_crypto_secretstream_xchacha20poly1305_init_push","_crypto_secretstream_xchacha20poly1305_keybytes","_crypto_secretstream_xchacha20poly1305_keygen","_crypto_secretstream_xchacha20poly1305_messagebytes_max","_crypto_secretstream_xchacha20poly1305_pull","_crypto_secretstream_xchacha20poly1305_push","_crypto_secretstream_xchacha20poly1305_rekey","_crypto_secretstream_xchacha20poly1305_statebytes","_crypto_secretstream_xchacha20poly1305_tag_final","_crypto_secretstream_xchacha20poly1305_tag_message","_crypto_secretstream_xchacha20poly1305_tag_push","_crypto_secretstream_xchacha20poly1305_tag_rekey","_crypto_shorthash","_crypto_shorthash_bytes","_crypto_shorthash_keybytes","_crypto_shorthash_keygen","_crypto_sign","_crypto_sign_bytes","_crypto_sign_detached","_crypto_sign_ed25519_pk_to_curve25519","_crypto_sign_ed25519_sk_to_curve25519","_crypto_sign_final_create","_crypto_sign_final_verify","_crypto_sign_init","_crypto_sign_keypair","_crypto_sign_messagebytes_max","_crypto_sign_open","_crypto_sign_publickeybytes","_crypto_sign_secretkeybytes","_crypto_sign_seed_keypair","_crypto_sign_seedbytes","_crypto_sign_statebytes","_crypto_sign_update","_crypto_sign_verify_detached","_randombytes","_randombytes_buf","_randombytes_buf_deterministic","_randombytes_close","_randombytes_random","_randombytes_seedbytes","_randombytes_stir","_randombytes_uniform","_sodium_base642bin","_sodium_base64_encoded_len","_sodium_bin2base64","_sodium_bin2hex","_sodium_hex2bin","_sodium_init","_sodium_library_minimal","_sodium_library_version_major","_sodium_library_version_minor","_sodium_pad","_sodium_unpad","_sodium_version_string"]' -export EXPORTED_FUNCTIONS_SUMO='["_malloc","_free","_crypto_aead_chacha20poly1305_abytes","_crypto_aead_chacha20poly1305_decrypt","_crypto_aead_chacha20poly1305_decrypt_detached","_crypto_aead_chacha20poly1305_encrypt","_crypto_aead_chacha20poly1305_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_abytes","_crypto_aead_chacha20poly1305_ietf_decrypt","_crypto_aead_chacha20poly1305_ietf_decrypt_detached","_crypto_aead_chacha20poly1305_ietf_encrypt","_crypto_aead_chacha20poly1305_ietf_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_keybytes","_crypto_aead_chacha20poly1305_ietf_keygen","_crypto_aead_chacha20poly1305_ietf_messagebytes_max","_crypto_aead_chacha20poly1305_ietf_npubbytes","_crypto_aead_chacha20poly1305_ietf_nsecbytes","_crypto_aead_chacha20poly1305_keybytes","_crypto_aead_chacha20poly1305_keygen","_crypto_aead_chacha20poly1305_messagebytes_max","_crypto_aead_chacha20poly1305_npubbytes","_crypto_aead_chacha20poly1305_nsecbytes","_crypto_aead_xchacha20poly1305_ietf_abytes","_crypto_aead_xchacha20poly1305_ietf_decrypt","_crypto_aead_xchacha20poly1305_ietf_decrypt_detached","_crypto_aead_xchacha20poly1305_ietf_encrypt","_crypto_aead_xchacha20poly1305_ietf_encrypt_detached","_crypto_aead_xchacha20poly1305_ietf_keybytes","_crypto_aead_xchacha20poly1305_ietf_keygen","_crypto_aead_xchacha20poly1305_ietf_messagebytes_max","_crypto_aead_xchacha20poly1305_ietf_npubbytes","_crypto_aead_xchacha20poly1305_ietf_nsecbytes","_crypto_auth","_crypto_auth_bytes","_crypto_auth_hmacsha256","_crypto_auth_hmacsha256_bytes","_crypto_auth_hmacsha256_final","_crypto_auth_hmacsha256_init","_crypto_auth_hmacsha256_keybytes","_crypto_auth_hmacsha256_keygen","_crypto_auth_hmacsha256_statebytes","_crypto_auth_hmacsha256_update","_crypto_auth_hmacsha256_verify","_crypto_auth_hmacsha512","_crypto_auth_hmacsha512256","_crypto_auth_hmacsha512256_bytes","_crypto_auth_hmacsha512256_final","_crypto_auth_hmacsha512256_init","_crypto_auth_hmacsha512256_keybytes","_crypto_auth_hmacsha512256_keygen","_crypto_auth_hmacsha512256_statebytes","_crypto_auth_hmacsha512256_update","_crypto_auth_hmacsha512256_verify","_crypto_auth_hmacsha512_bytes","_crypto_auth_hmacsha512_final","_crypto_auth_hmacsha512_init","_crypto_auth_hmacsha512_keybytes","_crypto_auth_hmacsha512_keygen","_crypto_auth_hmacsha512_statebytes","_crypto_auth_hmacsha512_update","_crypto_auth_hmacsha512_verify","_crypto_auth_keybytes","_crypto_auth_keygen","_crypto_auth_primitive","_crypto_auth_verify","_crypto_box","_crypto_box_afternm","_crypto_box_beforenm","_crypto_box_beforenmbytes","_crypto_box_boxzerobytes","_crypto_box_curve25519xchacha20poly1305_beforenm","_crypto_box_curve25519xchacha20poly1305_beforenmbytes","_crypto_box_curve25519xchacha20poly1305_detached","_crypto_box_curve25519xchacha20poly1305_detached_afternm","_crypto_box_curve25519xchacha20poly1305_easy","_crypto_box_curve25519xchacha20poly1305_easy_afternm","_crypto_box_curve25519xchacha20poly1305_keypair","_crypto_box_curve25519xchacha20poly1305_macbytes","_crypto_box_curve25519xchacha20poly1305_messagebytes_max","_crypto_box_curve25519xchacha20poly1305_noncebytes","_crypto_box_curve25519xchacha20poly1305_open_detached","_crypto_box_curve25519xchacha20poly1305_open_detached_afternm","_crypto_box_curve25519xchacha20poly1305_open_easy","_crypto_box_curve25519xchacha20poly1305_open_easy_afternm","_crypto_box_curve25519xchacha20poly1305_publickeybytes","_crypto_box_curve25519xchacha20poly1305_seal","_crypto_box_curve25519xchacha20poly1305_seal_open","_crypto_box_curve25519xchacha20poly1305_sealbytes","_crypto_box_curve25519xchacha20poly1305_secretkeybytes","_crypto_box_curve25519xchacha20poly1305_seed_keypair","_crypto_box_curve25519xchacha20poly1305_seedbytes","_crypto_box_curve25519xsalsa20poly1305","_crypto_box_curve25519xsalsa20poly1305_afternm","_crypto_box_curve25519xsalsa20poly1305_beforenm","_crypto_box_curve25519xsalsa20poly1305_beforenmbytes","_crypto_box_curve25519xsalsa20poly1305_boxzerobytes","_crypto_box_curve25519xsalsa20poly1305_keypair","_crypto_box_curve25519xsalsa20poly1305_macbytes","_crypto_box_curve25519xsalsa20poly1305_messagebytes_max","_crypto_box_curve25519xsalsa20poly1305_noncebytes","_crypto_box_curve25519xsalsa20poly1305_open","_crypto_box_curve25519xsalsa20poly1305_open_afternm","_crypto_box_curve25519xsalsa20poly1305_publickeybytes","_crypto_box_curve25519xsalsa20poly1305_secretkeybytes","_crypto_box_curve25519xsalsa20poly1305_seed_keypair","_crypto_box_curve25519xsalsa20poly1305_seedbytes","_crypto_box_curve25519xsalsa20poly1305_zerobytes","_crypto_box_detached","_crypto_box_detached_afternm","_crypto_box_easy","_crypto_box_easy_afternm","_crypto_box_keypair","_crypto_box_macbytes","_crypto_box_messagebytes_max","_crypto_box_noncebytes","_crypto_box_open","_crypto_box_open_afternm","_crypto_box_open_detached","_crypto_box_open_detached_afternm","_crypto_box_open_easy","_crypto_box_open_easy_afternm","_crypto_box_primitive","_crypto_box_publickeybytes","_crypto_box_seal","_crypto_box_seal_open","_crypto_box_sealbytes","_crypto_box_secretkeybytes","_crypto_box_seed_keypair","_crypto_box_seedbytes","_crypto_box_zerobytes","_crypto_core_ed25519_add","_crypto_core_ed25519_bytes","_crypto_core_ed25519_from_uniform","_crypto_core_ed25519_is_valid_point","_crypto_core_ed25519_nonreducedscalarbytes","_crypto_core_ed25519_scalar_add","_crypto_core_ed25519_scalar_complement","_crypto_core_ed25519_scalar_invert","_crypto_core_ed25519_scalar_negate","_crypto_core_ed25519_scalar_random","_crypto_core_ed25519_scalar_reduce","_crypto_core_ed25519_scalar_sub","_crypto_core_ed25519_scalarbytes","_crypto_core_ed25519_sub","_crypto_core_ed25519_uniformbytes","_crypto_core_hchacha20","_crypto_core_hchacha20_constbytes","_crypto_core_hchacha20_inputbytes","_crypto_core_hchacha20_keybytes","_crypto_core_hchacha20_outputbytes","_crypto_core_hsalsa20","_crypto_core_hsalsa20_constbytes","_crypto_core_hsalsa20_inputbytes","_crypto_core_hsalsa20_keybytes","_crypto_core_hsalsa20_outputbytes","_crypto_core_ristretto255_add","_crypto_core_ristretto255_bytes","_crypto_core_ristretto255_from_uniform","_crypto_core_ristretto255_is_valid_point","_crypto_core_ristretto255_nonreducedscalarbytes","_crypto_core_ristretto255_scalar_add","_crypto_core_ristretto255_scalar_complement","_crypto_core_ristretto255_scalar_invert","_crypto_core_ristretto255_scalar_negate","_crypto_core_ristretto255_scalar_random","_crypto_core_ristretto255_scalar_reduce","_crypto_core_ristretto255_scalar_sub","_crypto_core_ristretto255_scalarbytes","_crypto_core_ristretto255_sub","_crypto_core_ristretto255_uniformbytes","_crypto_core_salsa20","_crypto_core_salsa2012","_crypto_core_salsa2012_constbytes","_crypto_core_salsa2012_inputbytes","_crypto_core_salsa2012_keybytes","_crypto_core_salsa2012_outputbytes","_crypto_core_salsa208","_crypto_core_salsa208_constbytes","_crypto_core_salsa208_inputbytes","_crypto_core_salsa208_keybytes","_crypto_core_salsa208_outputbytes","_crypto_core_salsa20_constbytes","_crypto_core_salsa20_inputbytes","_crypto_core_salsa20_keybytes","_crypto_core_salsa20_outputbytes","_crypto_generichash","_crypto_generichash_blake2b","_crypto_generichash_blake2b_bytes","_crypto_generichash_blake2b_bytes_max","_crypto_generichash_blake2b_bytes_min","_crypto_generichash_blake2b_final","_crypto_generichash_blake2b_init","_crypto_generichash_blake2b_init_salt_personal","_crypto_generichash_blake2b_keybytes","_crypto_generichash_blake2b_keybytes_max","_crypto_generichash_blake2b_keybytes_min","_crypto_generichash_blake2b_keygen","_crypto_generichash_blake2b_personalbytes","_crypto_generichash_blake2b_salt_personal","_crypto_generichash_blake2b_saltbytes","_crypto_generichash_blake2b_statebytes","_crypto_generichash_blake2b_update","_crypto_generichash_bytes","_crypto_generichash_bytes_max","_crypto_generichash_bytes_min","_crypto_generichash_final","_crypto_generichash_init","_crypto_generichash_keybytes","_crypto_generichash_keybytes_max","_crypto_generichash_keybytes_min","_crypto_generichash_keygen","_crypto_generichash_primitive","_crypto_generichash_statebytes","_crypto_generichash_update","_crypto_hash","_crypto_hash_bytes","_crypto_hash_primitive","_crypto_hash_sha256","_crypto_hash_sha256_bytes","_crypto_hash_sha256_final","_crypto_hash_sha256_init","_crypto_hash_sha256_statebytes","_crypto_hash_sha256_update","_crypto_hash_sha512","_crypto_hash_sha512_bytes","_crypto_hash_sha512_final","_crypto_hash_sha512_init","_crypto_hash_sha512_statebytes","_crypto_hash_sha512_update","_crypto_kdf_blake2b_bytes_max","_crypto_kdf_blake2b_bytes_min","_crypto_kdf_blake2b_contextbytes","_crypto_kdf_blake2b_derive_from_key","_crypto_kdf_blake2b_keybytes","_crypto_kdf_bytes_max","_crypto_kdf_bytes_min","_crypto_kdf_contextbytes","_crypto_kdf_derive_from_key","_crypto_kdf_keybytes","_crypto_kdf_keygen","_crypto_kdf_primitive","_crypto_kx_client_session_keys","_crypto_kx_keypair","_crypto_kx_primitive","_crypto_kx_publickeybytes","_crypto_kx_secretkeybytes","_crypto_kx_seed_keypair","_crypto_kx_seedbytes","_crypto_kx_server_session_keys","_crypto_kx_sessionkeybytes","_crypto_onetimeauth","_crypto_onetimeauth_bytes","_crypto_onetimeauth_final","_crypto_onetimeauth_init","_crypto_onetimeauth_keybytes","_crypto_onetimeauth_keygen","_crypto_onetimeauth_poly1305","_crypto_onetimeauth_poly1305_bytes","_crypto_onetimeauth_poly1305_final","_crypto_onetimeauth_poly1305_init","_crypto_onetimeauth_poly1305_keybytes","_crypto_onetimeauth_poly1305_keygen","_crypto_onetimeauth_poly1305_statebytes","_crypto_onetimeauth_poly1305_update","_crypto_onetimeauth_poly1305_verify","_crypto_onetimeauth_primitive","_crypto_onetimeauth_statebytes","_crypto_onetimeauth_update","_crypto_onetimeauth_verify","_crypto_pwhash","_crypto_pwhash_alg_argon2i13","_crypto_pwhash_alg_argon2id13","_crypto_pwhash_alg_default","_crypto_pwhash_argon2i","_crypto_pwhash_argon2i_alg_argon2i13","_crypto_pwhash_argon2i_bytes_max","_crypto_pwhash_argon2i_bytes_min","_crypto_pwhash_argon2i_memlimit_interactive","_crypto_pwhash_argon2i_memlimit_max","_crypto_pwhash_argon2i_memlimit_min","_crypto_pwhash_argon2i_memlimit_moderate","_crypto_pwhash_argon2i_memlimit_sensitive","_crypto_pwhash_argon2i_opslimit_interactive","_crypto_pwhash_argon2i_opslimit_max","_crypto_pwhash_argon2i_opslimit_min","_crypto_pwhash_argon2i_opslimit_moderate","_crypto_pwhash_argon2i_opslimit_sensitive","_crypto_pwhash_argon2i_passwd_max","_crypto_pwhash_argon2i_passwd_min","_crypto_pwhash_argon2i_saltbytes","_crypto_pwhash_argon2i_str","_crypto_pwhash_argon2i_str_needs_rehash","_crypto_pwhash_argon2i_str_verify","_crypto_pwhash_argon2i_strbytes","_crypto_pwhash_argon2i_strprefix","_crypto_pwhash_argon2id","_crypto_pwhash_argon2id_alg_argon2id13","_crypto_pwhash_argon2id_bytes_max","_crypto_pwhash_argon2id_bytes_min","_crypto_pwhash_argon2id_memlimit_interactive","_crypto_pwhash_argon2id_memlimit_max","_crypto_pwhash_argon2id_memlimit_min","_crypto_pwhash_argon2id_memlimit_moderate","_crypto_pwhash_argon2id_memlimit_sensitive","_crypto_pwhash_argon2id_opslimit_interactive","_crypto_pwhash_argon2id_opslimit_max","_crypto_pwhash_argon2id_opslimit_min","_crypto_pwhash_argon2id_opslimit_moderate","_crypto_pwhash_argon2id_opslimit_sensitive","_crypto_pwhash_argon2id_passwd_max","_crypto_pwhash_argon2id_passwd_min","_crypto_pwhash_argon2id_saltbytes","_crypto_pwhash_argon2id_str","_crypto_pwhash_argon2id_str_needs_rehash","_crypto_pwhash_argon2id_str_verify","_crypto_pwhash_argon2id_strbytes","_crypto_pwhash_argon2id_strprefix","_crypto_pwhash_bytes_max","_crypto_pwhash_bytes_min","_crypto_pwhash_memlimit_interactive","_crypto_pwhash_memlimit_max","_crypto_pwhash_memlimit_min","_crypto_pwhash_memlimit_moderate","_crypto_pwhash_memlimit_sensitive","_crypto_pwhash_opslimit_interactive","_crypto_pwhash_opslimit_max","_crypto_pwhash_opslimit_min","_crypto_pwhash_opslimit_moderate","_crypto_pwhash_opslimit_sensitive","_crypto_pwhash_passwd_max","_crypto_pwhash_passwd_min","_crypto_pwhash_primitive","_crypto_pwhash_saltbytes","_crypto_pwhash_scryptsalsa208sha256","_crypto_pwhash_scryptsalsa208sha256_bytes_max","_crypto_pwhash_scryptsalsa208sha256_bytes_min","_crypto_pwhash_scryptsalsa208sha256_ll","_crypto_pwhash_scryptsalsa208sha256_memlimit_interactive","_crypto_pwhash_scryptsalsa208sha256_memlimit_max","_crypto_pwhash_scryptsalsa208sha256_memlimit_min","_crypto_pwhash_scryptsalsa208sha256_memlimit_sensitive","_crypto_pwhash_scryptsalsa208sha256_opslimit_interactive","_crypto_pwhash_scryptsalsa208sha256_opslimit_max","_crypto_pwhash_scryptsalsa208sha256_opslimit_min","_crypto_pwhash_scryptsalsa208sha256_opslimit_sensitive","_crypto_pwhash_scryptsalsa208sha256_passwd_max","_crypto_pwhash_scryptsalsa208sha256_passwd_min","_crypto_pwhash_scryptsalsa208sha256_saltbytes","_crypto_pwhash_scryptsalsa208sha256_str","_crypto_pwhash_scryptsalsa208sha256_str_needs_rehash","_crypto_pwhash_scryptsalsa208sha256_str_verify","_crypto_pwhash_scryptsalsa208sha256_strbytes","_crypto_pwhash_scryptsalsa208sha256_strprefix","_crypto_pwhash_str","_crypto_pwhash_str_alg","_crypto_pwhash_str_needs_rehash","_crypto_pwhash_str_verify","_crypto_pwhash_strbytes","_crypto_pwhash_strprefix","_crypto_scalarmult","_crypto_scalarmult_base","_crypto_scalarmult_bytes","_crypto_scalarmult_curve25519","_crypto_scalarmult_curve25519_base","_crypto_scalarmult_curve25519_bytes","_crypto_scalarmult_curve25519_scalarbytes","_crypto_scalarmult_ed25519","_crypto_scalarmult_ed25519_base","_crypto_scalarmult_ed25519_base_noclamp","_crypto_scalarmult_ed25519_bytes","_crypto_scalarmult_ed25519_noclamp","_crypto_scalarmult_ed25519_scalarbytes","_crypto_scalarmult_primitive","_crypto_scalarmult_ristretto255","_crypto_scalarmult_ristretto255_base","_crypto_scalarmult_ristretto255_bytes","_crypto_scalarmult_ristretto255_scalarbytes","_crypto_scalarmult_scalarbytes","_crypto_secretbox","_crypto_secretbox_boxzerobytes","_crypto_secretbox_detached","_crypto_secretbox_easy","_crypto_secretbox_keybytes","_crypto_secretbox_keygen","_crypto_secretbox_macbytes","_crypto_secretbox_messagebytes_max","_crypto_secretbox_noncebytes","_crypto_secretbox_open","_crypto_secretbox_open_detached","_crypto_secretbox_open_easy","_crypto_secretbox_primitive","_crypto_secretbox_xchacha20poly1305_detached","_crypto_secretbox_xchacha20poly1305_easy","_crypto_secretbox_xchacha20poly1305_keybytes","_crypto_secretbox_xchacha20poly1305_macbytes","_crypto_secretbox_xchacha20poly1305_messagebytes_max","_crypto_secretbox_xchacha20poly1305_noncebytes","_crypto_secretbox_xchacha20poly1305_open_detached","_crypto_secretbox_xchacha20poly1305_open_easy","_crypto_secretbox_xsalsa20poly1305","_crypto_secretbox_xsalsa20poly1305_boxzerobytes","_crypto_secretbox_xsalsa20poly1305_keybytes","_crypto_secretbox_xsalsa20poly1305_keygen","_crypto_secretbox_xsalsa20poly1305_macbytes","_crypto_secretbox_xsalsa20poly1305_messagebytes_max","_crypto_secretbox_xsalsa20poly1305_noncebytes","_crypto_secretbox_xsalsa20poly1305_open","_crypto_secretbox_xsalsa20poly1305_zerobytes","_crypto_secretbox_zerobytes","_crypto_secretstream_xchacha20poly1305_abytes","_crypto_secretstream_xchacha20poly1305_headerbytes","_crypto_secretstream_xchacha20poly1305_init_pull","_crypto_secretstream_xchacha20poly1305_init_push","_crypto_secretstream_xchacha20poly1305_keybytes","_crypto_secretstream_xchacha20poly1305_keygen","_crypto_secretstream_xchacha20poly1305_messagebytes_max","_crypto_secretstream_xchacha20poly1305_pull","_crypto_secretstream_xchacha20poly1305_push","_crypto_secretstream_xchacha20poly1305_rekey","_crypto_secretstream_xchacha20poly1305_statebytes","_crypto_secretstream_xchacha20poly1305_tag_final","_crypto_secretstream_xchacha20poly1305_tag_message","_crypto_secretstream_xchacha20poly1305_tag_push","_crypto_secretstream_xchacha20poly1305_tag_rekey","_crypto_shorthash","_crypto_shorthash_bytes","_crypto_shorthash_keybytes","_crypto_shorthash_keygen","_crypto_shorthash_primitive","_crypto_shorthash_siphash24","_crypto_shorthash_siphash24_bytes","_crypto_shorthash_siphash24_keybytes","_crypto_shorthash_siphashx24","_crypto_shorthash_siphashx24_bytes","_crypto_shorthash_siphashx24_keybytes","_crypto_sign","_crypto_sign_bytes","_crypto_sign_detached","_crypto_sign_ed25519","_crypto_sign_ed25519_bytes","_crypto_sign_ed25519_detached","_crypto_sign_ed25519_keypair","_crypto_sign_ed25519_messagebytes_max","_crypto_sign_ed25519_open","_crypto_sign_ed25519_pk_to_curve25519","_crypto_sign_ed25519_publickeybytes","_crypto_sign_ed25519_secretkeybytes","_crypto_sign_ed25519_seed_keypair","_crypto_sign_ed25519_seedbytes","_crypto_sign_ed25519_sk_to_curve25519","_crypto_sign_ed25519_sk_to_pk","_crypto_sign_ed25519_sk_to_seed","_crypto_sign_ed25519_verify_detached","_crypto_sign_ed25519ph_final_create","_crypto_sign_ed25519ph_final_verify","_crypto_sign_ed25519ph_init","_crypto_sign_ed25519ph_statebytes","_crypto_sign_ed25519ph_update","_crypto_sign_final_create","_crypto_sign_final_verify","_crypto_sign_init","_crypto_sign_keypair","_crypto_sign_messagebytes_max","_crypto_sign_open","_crypto_sign_primitive","_crypto_sign_publickeybytes","_crypto_sign_secretkeybytes","_crypto_sign_seed_keypair","_crypto_sign_seedbytes","_crypto_sign_statebytes","_crypto_sign_update","_crypto_sign_verify_detached","_crypto_stream","_crypto_stream_chacha20","_crypto_stream_chacha20_ietf","_crypto_stream_chacha20_ietf_keybytes","_crypto_stream_chacha20_ietf_keygen","_crypto_stream_chacha20_ietf_messagebytes_max","_crypto_stream_chacha20_ietf_noncebytes","_crypto_stream_chacha20_ietf_xor","_crypto_stream_chacha20_ietf_xor_ic","_crypto_stream_chacha20_keybytes","_crypto_stream_chacha20_keygen","_crypto_stream_chacha20_messagebytes_max","_crypto_stream_chacha20_noncebytes","_crypto_stream_chacha20_xor","_crypto_stream_chacha20_xor_ic","_crypto_stream_keybytes","_crypto_stream_keygen","_crypto_stream_messagebytes_max","_crypto_stream_noncebytes","_crypto_stream_primitive","_crypto_stream_salsa20","_crypto_stream_salsa2012","_crypto_stream_salsa2012_keybytes","_crypto_stream_salsa2012_keygen","_crypto_stream_salsa2012_messagebytes_max","_crypto_stream_salsa2012_noncebytes","_crypto_stream_salsa2012_xor","_crypto_stream_salsa208","_crypto_stream_salsa208_keybytes","_crypto_stream_salsa208_keygen","_crypto_stream_salsa208_messagebytes_max","_crypto_stream_salsa208_noncebytes","_crypto_stream_salsa208_xor","_crypto_stream_salsa20_keybytes","_crypto_stream_salsa20_keygen","_crypto_stream_salsa20_messagebytes_max","_crypto_stream_salsa20_noncebytes","_crypto_stream_salsa20_xor","_crypto_stream_salsa20_xor_ic","_crypto_stream_xchacha20","_crypto_stream_xchacha20_keybytes","_crypto_stream_xchacha20_keygen","_crypto_stream_xchacha20_messagebytes_max","_crypto_stream_xchacha20_noncebytes","_crypto_stream_xchacha20_xor","_crypto_stream_xchacha20_xor_ic","_crypto_stream_xor","_crypto_stream_xsalsa20","_crypto_stream_xsalsa20_keybytes","_crypto_stream_xsalsa20_keygen","_crypto_stream_xsalsa20_messagebytes_max","_crypto_stream_xsalsa20_noncebytes","_crypto_stream_xsalsa20_xor","_crypto_stream_xsalsa20_xor_ic","_crypto_verify_16","_crypto_verify_16_bytes","_crypto_verify_32","_crypto_verify_32_bytes","_crypto_verify_64","_crypto_verify_64_bytes","_randombytes","_randombytes_buf","_randombytes_buf_deterministic","_randombytes_close","_randombytes_implementation_name","_randombytes_random","_randombytes_seedbytes","_randombytes_stir","_randombytes_uniform","_sodium_base642bin","_sodium_base64_encoded_len","_sodium_bin2base64","_sodium_bin2hex","_sodium_hex2bin","_sodium_init","_sodium_library_minimal","_sodium_library_version_major","_sodium_library_version_minor","_sodium_pad","_sodium_unpad","_sodium_version_string"]' +export EXPORTED_FUNCTIONS_SUMO='["_malloc","_free","_crypto_aead_chacha20poly1305_abytes","_crypto_aead_chacha20poly1305_decrypt","_crypto_aead_chacha20poly1305_decrypt_detached","_crypto_aead_chacha20poly1305_encrypt","_crypto_aead_chacha20poly1305_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_abytes","_crypto_aead_chacha20poly1305_ietf_decrypt","_crypto_aead_chacha20poly1305_ietf_decrypt_detached","_crypto_aead_chacha20poly1305_ietf_encrypt","_crypto_aead_chacha20poly1305_ietf_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_keybytes","_crypto_aead_chacha20poly1305_ietf_keygen","_crypto_aead_chacha20poly1305_ietf_messagebytes_max","_crypto_aead_chacha20poly1305_ietf_npubbytes","_crypto_aead_chacha20poly1305_ietf_nsecbytes","_crypto_aead_chacha20poly1305_keybytes","_crypto_aead_chacha20poly1305_keygen","_crypto_aead_chacha20poly1305_messagebytes_max","_crypto_aead_chacha20poly1305_npubbytes","_crypto_aead_chacha20poly1305_nsecbytes","_crypto_aead_xchacha20poly1305_ietf_abytes","_crypto_aead_xchacha20poly1305_ietf_decrypt","_crypto_aead_xchacha20poly1305_ietf_decrypt_detached","_crypto_aead_xchacha20poly1305_ietf_encrypt","_crypto_aead_xchacha20poly1305_ietf_encrypt_detached","_crypto_aead_xchacha20poly1305_ietf_keybytes","_crypto_aead_xchacha20poly1305_ietf_keygen","_crypto_aead_xchacha20poly1305_ietf_messagebytes_max","_crypto_aead_xchacha20poly1305_ietf_npubbytes","_crypto_aead_xchacha20poly1305_ietf_nsecbytes","_crypto_auth","_crypto_auth_bytes","_crypto_auth_hmacsha256","_crypto_auth_hmacsha256_bytes","_crypto_auth_hmacsha256_final","_crypto_auth_hmacsha256_init","_crypto_auth_hmacsha256_keybytes","_crypto_auth_hmacsha256_keygen","_crypto_auth_hmacsha256_statebytes","_crypto_auth_hmacsha256_update","_crypto_auth_hmacsha256_verify","_crypto_auth_hmacsha512","_crypto_auth_hmacsha512256","_crypto_auth_hmacsha512256_bytes","_crypto_auth_hmacsha512256_final","_crypto_auth_hmacsha512256_init","_crypto_auth_hmacsha512256_keybytes","_crypto_auth_hmacsha512256_keygen","_crypto_auth_hmacsha512256_statebytes","_crypto_auth_hmacsha512256_update","_crypto_auth_hmacsha512256_verify","_crypto_auth_hmacsha512_bytes","_crypto_auth_hmacsha512_final","_crypto_auth_hmacsha512_init","_crypto_auth_hmacsha512_keybytes","_crypto_auth_hmacsha512_keygen","_crypto_auth_hmacsha512_statebytes","_crypto_auth_hmacsha512_update","_crypto_auth_hmacsha512_verify","_crypto_auth_keybytes","_crypto_auth_keygen","_crypto_auth_primitive","_crypto_auth_verify","_crypto_box","_crypto_box_afternm","_crypto_box_beforenm","_crypto_box_beforenmbytes","_crypto_box_boxzerobytes","_crypto_box_curve25519xchacha20poly1305_beforenm","_crypto_box_curve25519xchacha20poly1305_beforenmbytes","_crypto_box_curve25519xchacha20poly1305_detached","_crypto_box_curve25519xchacha20poly1305_detached_afternm","_crypto_box_curve25519xchacha20poly1305_easy","_crypto_box_curve25519xchacha20poly1305_easy_afternm","_crypto_box_curve25519xchacha20poly1305_keypair","_crypto_box_curve25519xchacha20poly1305_macbytes","_crypto_box_curve25519xchacha20poly1305_messagebytes_max","_crypto_box_curve25519xchacha20poly1305_noncebytes","_crypto_box_curve25519xchacha20poly1305_open_detached","_crypto_box_curve25519xchacha20poly1305_open_detached_afternm","_crypto_box_curve25519xchacha20poly1305_open_easy","_crypto_box_curve25519xchacha20poly1305_open_easy_afternm","_crypto_box_curve25519xchacha20poly1305_publickeybytes","_crypto_box_curve25519xchacha20poly1305_seal","_crypto_box_curve25519xchacha20poly1305_seal_open","_crypto_box_curve25519xchacha20poly1305_sealbytes","_crypto_box_curve25519xchacha20poly1305_secretkeybytes","_crypto_box_curve25519xchacha20poly1305_seed_keypair","_crypto_box_curve25519xchacha20poly1305_seedbytes","_crypto_box_curve25519xsalsa20poly1305","_crypto_box_curve25519xsalsa20poly1305_afternm","_crypto_box_curve25519xsalsa20poly1305_beforenm","_crypto_box_curve25519xsalsa20poly1305_beforenmbytes","_crypto_box_curve25519xsalsa20poly1305_boxzerobytes","_crypto_box_curve25519xsalsa20poly1305_keypair","_crypto_box_curve25519xsalsa20poly1305_macbytes","_crypto_box_curve25519xsalsa20poly1305_messagebytes_max","_crypto_box_curve25519xsalsa20poly1305_noncebytes","_crypto_box_curve25519xsalsa20poly1305_open","_crypto_box_curve25519xsalsa20poly1305_open_afternm","_crypto_box_curve25519xsalsa20poly1305_publickeybytes","_crypto_box_curve25519xsalsa20poly1305_secretkeybytes","_crypto_box_curve25519xsalsa20poly1305_seed_keypair","_crypto_box_curve25519xsalsa20poly1305_seedbytes","_crypto_box_curve25519xsalsa20poly1305_zerobytes","_crypto_box_detached","_crypto_box_detached_afternm","_crypto_box_easy","_crypto_box_easy_afternm","_crypto_box_keypair","_crypto_box_macbytes","_crypto_box_messagebytes_max","_crypto_box_noncebytes","_crypto_box_open","_crypto_box_open_afternm","_crypto_box_open_detached","_crypto_box_open_detached_afternm","_crypto_box_open_easy","_crypto_box_open_easy_afternm","_crypto_box_primitive","_crypto_box_publickeybytes","_crypto_box_seal","_crypto_box_seal_open","_crypto_box_sealbytes","_crypto_box_secretkeybytes","_crypto_box_seed_keypair","_crypto_box_seedbytes","_crypto_box_zerobytes","_crypto_core_ed25519_add","_crypto_core_ed25519_bytes","_crypto_core_ed25519_from_hash","_crypto_core_ed25519_from_uniform","_crypto_core_ed25519_hashbytes","_crypto_core_ed25519_is_valid_point","_crypto_core_ed25519_nonreducedscalarbytes","_crypto_core_ed25519_random","_crypto_core_ed25519_scalar_add","_crypto_core_ed25519_scalar_complement","_crypto_core_ed25519_scalar_invert","_crypto_core_ed25519_scalar_mul","_crypto_core_ed25519_scalar_negate","_crypto_core_ed25519_scalar_random","_crypto_core_ed25519_scalar_reduce","_crypto_core_ed25519_scalar_sub","_crypto_core_ed25519_scalarbytes","_crypto_core_ed25519_sub","_crypto_core_ed25519_uniformbytes","_crypto_core_hchacha20","_crypto_core_hchacha20_constbytes","_crypto_core_hchacha20_inputbytes","_crypto_core_hchacha20_keybytes","_crypto_core_hchacha20_outputbytes","_crypto_core_hsalsa20","_crypto_core_hsalsa20_constbytes","_crypto_core_hsalsa20_inputbytes","_crypto_core_hsalsa20_keybytes","_crypto_core_hsalsa20_outputbytes","_crypto_core_ristretto255_add","_crypto_core_ristretto255_bytes","_crypto_core_ristretto255_from_hash","_crypto_core_ristretto255_hashbytes","_crypto_core_ristretto255_is_valid_point","_crypto_core_ristretto255_nonreducedscalarbytes","_crypto_core_ristretto255_random","_crypto_core_ristretto255_scalar_add","_crypto_core_ristretto255_scalar_complement","_crypto_core_ristretto255_scalar_invert","_crypto_core_ristretto255_scalar_mul","_crypto_core_ristretto255_scalar_negate","_crypto_core_ristretto255_scalar_random","_crypto_core_ristretto255_scalar_reduce","_crypto_core_ristretto255_scalar_sub","_crypto_core_ristretto255_scalarbytes","_crypto_core_ristretto255_sub","_crypto_core_salsa20","_crypto_core_salsa2012","_crypto_core_salsa2012_constbytes","_crypto_core_salsa2012_inputbytes","_crypto_core_salsa2012_keybytes","_crypto_core_salsa2012_outputbytes","_crypto_core_salsa208","_crypto_core_salsa208_constbytes","_crypto_core_salsa208_inputbytes","_crypto_core_salsa208_keybytes","_crypto_core_salsa208_outputbytes","_crypto_core_salsa20_constbytes","_crypto_core_salsa20_inputbytes","_crypto_core_salsa20_keybytes","_crypto_core_salsa20_outputbytes","_crypto_generichash","_crypto_generichash_blake2b","_crypto_generichash_blake2b_bytes","_crypto_generichash_blake2b_bytes_max","_crypto_generichash_blake2b_bytes_min","_crypto_generichash_blake2b_final","_crypto_generichash_blake2b_init","_crypto_generichash_blake2b_init_salt_personal","_crypto_generichash_blake2b_keybytes","_crypto_generichash_blake2b_keybytes_max","_crypto_generichash_blake2b_keybytes_min","_crypto_generichash_blake2b_keygen","_crypto_generichash_blake2b_personalbytes","_crypto_generichash_blake2b_salt_personal","_crypto_generichash_blake2b_saltbytes","_crypto_generichash_blake2b_statebytes","_crypto_generichash_blake2b_update","_crypto_generichash_bytes","_crypto_generichash_bytes_max","_crypto_generichash_bytes_min","_crypto_generichash_final","_crypto_generichash_init","_crypto_generichash_keybytes","_crypto_generichash_keybytes_max","_crypto_generichash_keybytes_min","_crypto_generichash_keygen","_crypto_generichash_primitive","_crypto_generichash_statebytes","_crypto_generichash_update","_crypto_hash","_crypto_hash_bytes","_crypto_hash_primitive","_crypto_hash_sha256","_crypto_hash_sha256_bytes","_crypto_hash_sha256_final","_crypto_hash_sha256_init","_crypto_hash_sha256_statebytes","_crypto_hash_sha256_update","_crypto_hash_sha512","_crypto_hash_sha512_bytes","_crypto_hash_sha512_final","_crypto_hash_sha512_init","_crypto_hash_sha512_statebytes","_crypto_hash_sha512_update","_crypto_kdf_blake2b_bytes_max","_crypto_kdf_blake2b_bytes_min","_crypto_kdf_blake2b_contextbytes","_crypto_kdf_blake2b_derive_from_key","_crypto_kdf_blake2b_keybytes","_crypto_kdf_bytes_max","_crypto_kdf_bytes_min","_crypto_kdf_contextbytes","_crypto_kdf_derive_from_key","_crypto_kdf_keybytes","_crypto_kdf_keygen","_crypto_kdf_primitive","_crypto_kx_client_session_keys","_crypto_kx_keypair","_crypto_kx_primitive","_crypto_kx_publickeybytes","_crypto_kx_secretkeybytes","_crypto_kx_seed_keypair","_crypto_kx_seedbytes","_crypto_kx_server_session_keys","_crypto_kx_sessionkeybytes","_crypto_onetimeauth","_crypto_onetimeauth_bytes","_crypto_onetimeauth_final","_crypto_onetimeauth_init","_crypto_onetimeauth_keybytes","_crypto_onetimeauth_keygen","_crypto_onetimeauth_poly1305","_crypto_onetimeauth_poly1305_bytes","_crypto_onetimeauth_poly1305_final","_crypto_onetimeauth_poly1305_init","_crypto_onetimeauth_poly1305_keybytes","_crypto_onetimeauth_poly1305_keygen","_crypto_onetimeauth_poly1305_statebytes","_crypto_onetimeauth_poly1305_update","_crypto_onetimeauth_poly1305_verify","_crypto_onetimeauth_primitive","_crypto_onetimeauth_statebytes","_crypto_onetimeauth_update","_crypto_onetimeauth_verify","_crypto_pwhash","_crypto_pwhash_alg_argon2i13","_crypto_pwhash_alg_argon2id13","_crypto_pwhash_alg_default","_crypto_pwhash_argon2i","_crypto_pwhash_argon2i_alg_argon2i13","_crypto_pwhash_argon2i_bytes_max","_crypto_pwhash_argon2i_bytes_min","_crypto_pwhash_argon2i_memlimit_interactive","_crypto_pwhash_argon2i_memlimit_max","_crypto_pwhash_argon2i_memlimit_min","_crypto_pwhash_argon2i_memlimit_moderate","_crypto_pwhash_argon2i_memlimit_sensitive","_crypto_pwhash_argon2i_opslimit_interactive","_crypto_pwhash_argon2i_opslimit_max","_crypto_pwhash_argon2i_opslimit_min","_crypto_pwhash_argon2i_opslimit_moderate","_crypto_pwhash_argon2i_opslimit_sensitive","_crypto_pwhash_argon2i_passwd_max","_crypto_pwhash_argon2i_passwd_min","_crypto_pwhash_argon2i_saltbytes","_crypto_pwhash_argon2i_str","_crypto_pwhash_argon2i_str_needs_rehash","_crypto_pwhash_argon2i_str_verify","_crypto_pwhash_argon2i_strbytes","_crypto_pwhash_argon2i_strprefix","_crypto_pwhash_argon2id","_crypto_pwhash_argon2id_alg_argon2id13","_crypto_pwhash_argon2id_bytes_max","_crypto_pwhash_argon2id_bytes_min","_crypto_pwhash_argon2id_memlimit_interactive","_crypto_pwhash_argon2id_memlimit_max","_crypto_pwhash_argon2id_memlimit_min","_crypto_pwhash_argon2id_memlimit_moderate","_crypto_pwhash_argon2id_memlimit_sensitive","_crypto_pwhash_argon2id_opslimit_interactive","_crypto_pwhash_argon2id_opslimit_max","_crypto_pwhash_argon2id_opslimit_min","_crypto_pwhash_argon2id_opslimit_moderate","_crypto_pwhash_argon2id_opslimit_sensitive","_crypto_pwhash_argon2id_passwd_max","_crypto_pwhash_argon2id_passwd_min","_crypto_pwhash_argon2id_saltbytes","_crypto_pwhash_argon2id_str","_crypto_pwhash_argon2id_str_needs_rehash","_crypto_pwhash_argon2id_str_verify","_crypto_pwhash_argon2id_strbytes","_crypto_pwhash_argon2id_strprefix","_crypto_pwhash_bytes_max","_crypto_pwhash_bytes_min","_crypto_pwhash_memlimit_interactive","_crypto_pwhash_memlimit_max","_crypto_pwhash_memlimit_min","_crypto_pwhash_memlimit_moderate","_crypto_pwhash_memlimit_sensitive","_crypto_pwhash_opslimit_interactive","_crypto_pwhash_opslimit_max","_crypto_pwhash_opslimit_min","_crypto_pwhash_opslimit_moderate","_crypto_pwhash_opslimit_sensitive","_crypto_pwhash_passwd_max","_crypto_pwhash_passwd_min","_crypto_pwhash_primitive","_crypto_pwhash_saltbytes","_crypto_pwhash_scryptsalsa208sha256","_crypto_pwhash_scryptsalsa208sha256_bytes_max","_crypto_pwhash_scryptsalsa208sha256_bytes_min","_crypto_pwhash_scryptsalsa208sha256_ll","_crypto_pwhash_scryptsalsa208sha256_memlimit_interactive","_crypto_pwhash_scryptsalsa208sha256_memlimit_max","_crypto_pwhash_scryptsalsa208sha256_memlimit_min","_crypto_pwhash_scryptsalsa208sha256_memlimit_sensitive","_crypto_pwhash_scryptsalsa208sha256_opslimit_interactive","_crypto_pwhash_scryptsalsa208sha256_opslimit_max","_crypto_pwhash_scryptsalsa208sha256_opslimit_min","_crypto_pwhash_scryptsalsa208sha256_opslimit_sensitive","_crypto_pwhash_scryptsalsa208sha256_passwd_max","_crypto_pwhash_scryptsalsa208sha256_passwd_min","_crypto_pwhash_scryptsalsa208sha256_saltbytes","_crypto_pwhash_scryptsalsa208sha256_str","_crypto_pwhash_scryptsalsa208sha256_str_needs_rehash","_crypto_pwhash_scryptsalsa208sha256_str_verify","_crypto_pwhash_scryptsalsa208sha256_strbytes","_crypto_pwhash_scryptsalsa208sha256_strprefix","_crypto_pwhash_str","_crypto_pwhash_str_alg","_crypto_pwhash_str_needs_rehash","_crypto_pwhash_str_verify","_crypto_pwhash_strbytes","_crypto_pwhash_strprefix","_crypto_scalarmult","_crypto_scalarmult_base","_crypto_scalarmult_bytes","_crypto_scalarmult_curve25519","_crypto_scalarmult_curve25519_base","_crypto_scalarmult_curve25519_bytes","_crypto_scalarmult_curve25519_scalarbytes","_crypto_scalarmult_ed25519","_crypto_scalarmult_ed25519_base","_crypto_scalarmult_ed25519_base_noclamp","_crypto_scalarmult_ed25519_bytes","_crypto_scalarmult_ed25519_noclamp","_crypto_scalarmult_ed25519_scalarbytes","_crypto_scalarmult_primitive","_crypto_scalarmult_ristretto255","_crypto_scalarmult_ristretto255_base","_crypto_scalarmult_ristretto255_bytes","_crypto_scalarmult_ristretto255_scalarbytes","_crypto_scalarmult_scalarbytes","_crypto_secretbox","_crypto_secretbox_boxzerobytes","_crypto_secretbox_detached","_crypto_secretbox_easy","_crypto_secretbox_keybytes","_crypto_secretbox_keygen","_crypto_secretbox_macbytes","_crypto_secretbox_messagebytes_max","_crypto_secretbox_noncebytes","_crypto_secretbox_open","_crypto_secretbox_open_detached","_crypto_secretbox_open_easy","_crypto_secretbox_primitive","_crypto_secretbox_xchacha20poly1305_detached","_crypto_secretbox_xchacha20poly1305_easy","_crypto_secretbox_xchacha20poly1305_keybytes","_crypto_secretbox_xchacha20poly1305_macbytes","_crypto_secretbox_xchacha20poly1305_messagebytes_max","_crypto_secretbox_xchacha20poly1305_noncebytes","_crypto_secretbox_xchacha20poly1305_open_detached","_crypto_secretbox_xchacha20poly1305_open_easy","_crypto_secretbox_xsalsa20poly1305","_crypto_secretbox_xsalsa20poly1305_boxzerobytes","_crypto_secretbox_xsalsa20poly1305_keybytes","_crypto_secretbox_xsalsa20poly1305_keygen","_crypto_secretbox_xsalsa20poly1305_macbytes","_crypto_secretbox_xsalsa20poly1305_messagebytes_max","_crypto_secretbox_xsalsa20poly1305_noncebytes","_crypto_secretbox_xsalsa20poly1305_open","_crypto_secretbox_xsalsa20poly1305_zerobytes","_crypto_secretbox_zerobytes","_crypto_secretstream_xchacha20poly1305_abytes","_crypto_secretstream_xchacha20poly1305_headerbytes","_crypto_secretstream_xchacha20poly1305_init_pull","_crypto_secretstream_xchacha20poly1305_init_push","_crypto_secretstream_xchacha20poly1305_keybytes","_crypto_secretstream_xchacha20poly1305_keygen","_crypto_secretstream_xchacha20poly1305_messagebytes_max","_crypto_secretstream_xchacha20poly1305_pull","_crypto_secretstream_xchacha20poly1305_push","_crypto_secretstream_xchacha20poly1305_rekey","_crypto_secretstream_xchacha20poly1305_statebytes","_crypto_secretstream_xchacha20poly1305_tag_final","_crypto_secretstream_xchacha20poly1305_tag_message","_crypto_secretstream_xchacha20poly1305_tag_push","_crypto_secretstream_xchacha20poly1305_tag_rekey","_crypto_shorthash","_crypto_shorthash_bytes","_crypto_shorthash_keybytes","_crypto_shorthash_keygen","_crypto_shorthash_primitive","_crypto_shorthash_siphash24","_crypto_shorthash_siphash24_bytes","_crypto_shorthash_siphash24_keybytes","_crypto_shorthash_siphashx24","_crypto_shorthash_siphashx24_bytes","_crypto_shorthash_siphashx24_keybytes","_crypto_sign","_crypto_sign_bytes","_crypto_sign_detached","_crypto_sign_ed25519","_crypto_sign_ed25519_bytes","_crypto_sign_ed25519_detached","_crypto_sign_ed25519_keypair","_crypto_sign_ed25519_messagebytes_max","_crypto_sign_ed25519_open","_crypto_sign_ed25519_pk_to_curve25519","_crypto_sign_ed25519_publickeybytes","_crypto_sign_ed25519_secretkeybytes","_crypto_sign_ed25519_seed_keypair","_crypto_sign_ed25519_seedbytes","_crypto_sign_ed25519_sk_to_curve25519","_crypto_sign_ed25519_sk_to_pk","_crypto_sign_ed25519_sk_to_seed","_crypto_sign_ed25519_verify_detached","_crypto_sign_ed25519ph_final_create","_crypto_sign_ed25519ph_final_verify","_crypto_sign_ed25519ph_init","_crypto_sign_ed25519ph_statebytes","_crypto_sign_ed25519ph_update","_crypto_sign_final_create","_crypto_sign_final_verify","_crypto_sign_init","_crypto_sign_keypair","_crypto_sign_messagebytes_max","_crypto_sign_open","_crypto_sign_primitive","_crypto_sign_publickeybytes","_crypto_sign_secretkeybytes","_crypto_sign_seed_keypair","_crypto_sign_seedbytes","_crypto_sign_statebytes","_crypto_sign_update","_crypto_sign_verify_detached","_crypto_stream","_crypto_stream_chacha20","_crypto_stream_chacha20_ietf","_crypto_stream_chacha20_ietf_keybytes","_crypto_stream_chacha20_ietf_keygen","_crypto_stream_chacha20_ietf_messagebytes_max","_crypto_stream_chacha20_ietf_noncebytes","_crypto_stream_chacha20_ietf_xor","_crypto_stream_chacha20_ietf_xor_ic","_crypto_stream_chacha20_keybytes","_crypto_stream_chacha20_keygen","_crypto_stream_chacha20_messagebytes_max","_crypto_stream_chacha20_noncebytes","_crypto_stream_chacha20_xor","_crypto_stream_chacha20_xor_ic","_crypto_stream_keybytes","_crypto_stream_keygen","_crypto_stream_messagebytes_max","_crypto_stream_noncebytes","_crypto_stream_primitive","_crypto_stream_salsa20","_crypto_stream_salsa2012","_crypto_stream_salsa2012_keybytes","_crypto_stream_salsa2012_keygen","_crypto_stream_salsa2012_messagebytes_max","_crypto_stream_salsa2012_noncebytes","_crypto_stream_salsa2012_xor","_crypto_stream_salsa208","_crypto_stream_salsa208_keybytes","_crypto_stream_salsa208_keygen","_crypto_stream_salsa208_messagebytes_max","_crypto_stream_salsa208_noncebytes","_crypto_stream_salsa208_xor","_crypto_stream_salsa20_keybytes","_crypto_stream_salsa20_keygen","_crypto_stream_salsa20_messagebytes_max","_crypto_stream_salsa20_noncebytes","_crypto_stream_salsa20_xor","_crypto_stream_salsa20_xor_ic","_crypto_stream_xchacha20","_crypto_stream_xchacha20_keybytes","_crypto_stream_xchacha20_keygen","_crypto_stream_xchacha20_messagebytes_max","_crypto_stream_xchacha20_noncebytes","_crypto_stream_xchacha20_xor","_crypto_stream_xchacha20_xor_ic","_crypto_stream_xor","_crypto_stream_xsalsa20","_crypto_stream_xsalsa20_keybytes","_crypto_stream_xsalsa20_keygen","_crypto_stream_xsalsa20_messagebytes_max","_crypto_stream_xsalsa20_noncebytes","_crypto_stream_xsalsa20_xor","_crypto_stream_xsalsa20_xor_ic","_crypto_verify_16","_crypto_verify_16_bytes","_crypto_verify_32","_crypto_verify_32_bytes","_crypto_verify_64","_crypto_verify_64_bytes","_randombytes","_randombytes_buf","_randombytes_buf_deterministic","_randombytes_close","_randombytes_implementation_name","_randombytes_random","_randombytes_seedbytes","_randombytes_stir","_randombytes_uniform","_sodium_base642bin","_sodium_base64_encoded_len","_sodium_bin2base64","_sodium_bin2hex","_sodium_hex2bin","_sodium_init","_sodium_library_minimal","_sodium_library_version_major","_sodium_library_version_minor","_sodium_pad","_sodium_unpad","_sodium_version_string"]' export EXPORTED_RUNTIME_METHODS='["Pointer_stringify","getValue","setValue"]' export TOTAL_MEMORY=16777216 export TOTAL_MEMORY_SUMO=16777216 From ab1e720a305a340722cf2b673317c86fb866a0bf Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Thu, 2 May 2019 10:12:12 +0200 Subject: [PATCH 07/58] Postpone from_hash() --- .../crypto_core/ed25519/core_ed25519.c | 20 +++---------------- .../crypto_core/ed25519/ref10/ed25519_ref10.c | 14 ------------- .../include/sodium/crypto_core_ed25519.h | 8 -------- .../include/sodium/private/ed25519_ref10.h | 2 -- test/default/core_ed25519.c | 16 ++------------- 5 files changed, 5 insertions(+), 55 deletions(-) diff --git a/src/libsodium/crypto_core/ed25519/core_ed25519.c b/src/libsodium/crypto_core/ed25519/core_ed25519.c index 0029a093..1956a4a1 100644 --- a/src/libsodium/crypto_core/ed25519/core_ed25519.c +++ b/src/libsodium/crypto_core/ed25519/core_ed25519.c @@ -70,21 +70,13 @@ crypto_core_ed25519_from_uniform(unsigned char *p, const unsigned char *r) return 0; } -int -crypto_core_ed25519_from_hash(unsigned char *p, const unsigned char *h) -{ - ge25519_from_hash(p, h); - - return 0; -} - void crypto_core_ed25519_random(unsigned char *p) { - unsigned char h[crypto_core_ed25519_HASHBYTES]; + unsigned char r[crypto_core_ed25519_UNIFORMBYTES]; - randombytes_buf(h, sizeof h); - (void) crypto_core_ed25519_from_hash(p, h); + randombytes_buf(r, sizeof r); + (void) crypto_core_ed25519_from_uniform(p, r); } void @@ -212,12 +204,6 @@ crypto_core_ed25519_uniformbytes(void) return crypto_core_ed25519_UNIFORMBYTES; } -size_t -crypto_core_ed25519_hashbytes(void) -{ - return crypto_core_ed25519_HASHBYTES; -} - size_t crypto_core_ed25519_scalarbytes(void) { diff --git a/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c b/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c index 4b1c4194..7ab9bdc2 100644 --- a/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c +++ b/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c @@ -2605,20 +2605,6 @@ ge25519_from_uniform(unsigned char s[32], const unsigned char r[32]) ge25519_elligator2(s, x_sign); } -void -ge25519_from_hash(unsigned char s[32], const unsigned char h[64]) -{ - unsigned char r[64]; - unsigned char x_sign; - - memcpy(r, h, 64); - x_sign = h[63] & 0x80; - r[63] &= 0x7f; - sc25519_reduce(r); - memcpy(s, r, 32); - ge25519_elligator2(s, x_sign); -} - /* Ristretto group */ static int diff --git a/src/libsodium/include/sodium/crypto_core_ed25519.h b/src/libsodium/include/sodium/crypto_core_ed25519.h index 3eae00c4..f8d55de0 100644 --- a/src/libsodium/include/sodium/crypto_core_ed25519.h +++ b/src/libsodium/include/sodium/crypto_core_ed25519.h @@ -16,10 +16,6 @@ size_t crypto_core_ed25519_bytes(void); SODIUM_EXPORT size_t crypto_core_ed25519_uniformbytes(void); -#define crypto_core_ed25519_HASHBYTES 64 -SODIUM_EXPORT -size_t crypto_core_ed25519_hashbytes(void); - #define crypto_core_ed25519_SCALARBYTES 32 SODIUM_EXPORT size_t crypto_core_ed25519_scalarbytes(void); @@ -46,10 +42,6 @@ SODIUM_EXPORT int crypto_core_ed25519_from_uniform(unsigned char *p, const unsigned char *r) __attribute__ ((nonnull)); -SODIUM_EXPORT -int crypto_core_ed25519_from_hash(unsigned char *p, const unsigned char *h) - __attribute__ ((nonnull)); - SODIUM_EXPORT void crypto_core_ed25519_random(unsigned char *p) __attribute__ ((nonnull)); diff --git a/src/libsodium/include/sodium/private/ed25519_ref10.h b/src/libsodium/include/sodium/private/ed25519_ref10.h index 3f4c45ca..9e18935c 100644 --- a/src/libsodium/include/sodium/private/ed25519_ref10.h +++ b/src/libsodium/include/sodium/private/ed25519_ref10.h @@ -110,8 +110,6 @@ int ge25519_has_small_order(const unsigned char s[32]); void ge25519_from_uniform(unsigned char s[32], const unsigned char r[32]); -void ge25519_from_hash(unsigned char s[32], const unsigned char h[64]); - /* Ristretto group */ diff --git a/test/default/core_ed25519.c b/test/default/core_ed25519.c index e3f39c38..6d3b8ca8 100644 --- a/test/default/core_ed25519.c +++ b/test/default/core_ed25519.c @@ -44,17 +44,16 @@ add_l64(unsigned char * const S) int main(void) { - unsigned char *h, *r; + unsigned char *r; unsigned char *p, *p2, *p3; unsigned char *sc, *sc2, *sc3; unsigned char *sc64; char *hex; unsigned int i, j; - h = (unsigned char *) sodium_malloc(crypto_core_ed25519_HASHBYTES); r = (unsigned char *) sodium_malloc(crypto_core_ed25519_UNIFORMBYTES); p = (unsigned char *) sodium_malloc(crypto_core_ed25519_BYTES); - for (i = 0; i < 500; i++) { + for (i = 0; i < 1000; i++) { randombytes_buf(r, crypto_core_ed25519_UNIFORMBYTES); if (crypto_core_ed25519_from_uniform(p, r) != 0) { printf("crypto_core_ed25519_from_uniform() failed\n"); @@ -63,14 +62,6 @@ main(void) printf("crypto_core_ed25519_from_uniform() returned an invalid point\n"); } - randombytes_buf(h, crypto_core_ed25519_HASHBYTES); - if (crypto_core_ed25519_from_hash(p, h) != 0) { - printf("crypto_core_ed25519_from_hash() failed\n"); - } - if (crypto_core_ed25519_is_valid_point(p) == 0) { - printf("crypto_core_ed25519_from_hash() returned an invalid point\n"); - } - crypto_core_ed25519_random(p); if (crypto_core_ed25519_is_valid_point(p) == 0) { printf("crypto_core_ed25519_random() returned an invalid point\n"); @@ -396,7 +387,6 @@ main(void) sodium_free(p2); sodium_free(p); sodium_free(r); - sodium_free(h); assert(crypto_core_ed25519_BYTES == crypto_core_ed25519_bytes()); assert(crypto_core_ed25519_SCALARBYTES == crypto_core_ed25519_scalarbytes()); @@ -404,8 +394,6 @@ main(void) assert(crypto_core_ed25519_NONREDUCEDSCALARBYTES >= crypto_core_ed25519_SCALARBYTES); assert(crypto_core_ed25519_UNIFORMBYTES == crypto_core_ed25519_uniformbytes()); assert(crypto_core_ed25519_UNIFORMBYTES >= crypto_core_ed25519_BYTES); - assert(crypto_core_ed25519_HASHBYTES == crypto_core_ed25519_hashbytes()); - assert(crypto_core_ed25519_HASHBYTES >= 2 * crypto_core_ed25519_BYTES); printf("OK\n"); From 56d93ffe628ad3bf80920a1252a76f07ee54e356 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Thu, 2 May 2019 10:16:21 +0200 Subject: [PATCH 08/58] Lucet now has a --reserved-size knob --- test/default/wasi-test-wrapper.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/default/wasi-test-wrapper.sh b/test/default/wasi-test-wrapper.sh index 599f32c9..a94dbc49 100755 --- a/test/default/wasi-test-wrapper.sh +++ b/test/default/wasi-test-wrapper.sh @@ -11,7 +11,7 @@ fi if [ -z "$WASI_RUNTIME" ] || [ "$WASI_RUNTIME" = "lucet" ]; then if command -v lucetc-wasi >/dev/null && command -v lucet-wasi >/dev/null; then lucetc-wasi \ - --min-reserved-size "${MAX_MEMORY_MB}MiB" \ + --reserved-size "${MAX_MEMORY_MB}MiB" \ -o "${1}.so" --opt-level best "$1" && lucet-wasi --dir=.:. --max-heap-size "${MAX_MEMORY_MB}MiB" "${1}.so" && rm -f "${1}.so" && exit 0 From 4b7e497a926646607f93a40bf05a0828a8648594 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Thu, 2 May 2019 13:40:01 +0200 Subject: [PATCH 09/58] Revert "Postpone from_hash()" Use proper reduction, and don't mask the high bit, so that H2C-Curve25519-SHA512-Elligator-Clear can be implemented if required --- .../crypto_core/ed25519/core_ed25519.c | 20 +++++++++++--- .../crypto_core/ed25519/ref10/ed25519_ref10.c | 26 +++++++++++++++++++ .../include/sodium/crypto_core_ed25519.h | 8 ++++++ .../include/sodium/private/ed25519_ref10.h | 2 ++ test/default/core_ed25519.c | 16 ++++++++++-- 5 files changed, 67 insertions(+), 5 deletions(-) diff --git a/src/libsodium/crypto_core/ed25519/core_ed25519.c b/src/libsodium/crypto_core/ed25519/core_ed25519.c index 1956a4a1..0029a093 100644 --- a/src/libsodium/crypto_core/ed25519/core_ed25519.c +++ b/src/libsodium/crypto_core/ed25519/core_ed25519.c @@ -70,13 +70,21 @@ crypto_core_ed25519_from_uniform(unsigned char *p, const unsigned char *r) return 0; } +int +crypto_core_ed25519_from_hash(unsigned char *p, const unsigned char *h) +{ + ge25519_from_hash(p, h); + + return 0; +} + void crypto_core_ed25519_random(unsigned char *p) { - unsigned char r[crypto_core_ed25519_UNIFORMBYTES]; + unsigned char h[crypto_core_ed25519_HASHBYTES]; - randombytes_buf(r, sizeof r); - (void) crypto_core_ed25519_from_uniform(p, r); + randombytes_buf(h, sizeof h); + (void) crypto_core_ed25519_from_hash(p, h); } void @@ -204,6 +212,12 @@ crypto_core_ed25519_uniformbytes(void) return crypto_core_ed25519_UNIFORMBYTES; } +size_t +crypto_core_ed25519_hashbytes(void) +{ + return crypto_core_ed25519_HASHBYTES; +} + size_t crypto_core_ed25519_scalarbytes(void) { diff --git a/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c b/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c index 7ab9bdc2..82e7e1d6 100644 --- a/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c +++ b/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c @@ -2605,6 +2605,32 @@ ge25519_from_uniform(unsigned char s[32], const unsigned char r[32]) ge25519_elligator2(s, x_sign); } +void +ge25519_from_hash(unsigned char s[32], const unsigned char h[64]) +{ + unsigned char fl[32]; + unsigned char gl[32]; + fe25519 fe_f; + fe25519 fe_g; + int i; + unsigned char x_sign; + + x_sign = h[63] & 0x80; + memcpy(fl, &h[0], 32); + memcpy(gl, &h[32], 32); + fl[31] &= 0x7f; + gl[31] &= 0x7f; + fe25519_frombytes(fe_f, fl); + fe25519_frombytes(fe_g, gl); + fe_f[0] += (h[0 + 31] >> 7) * 19; + fe_g[0] += (h[32 + 31] >> 7) * 19; + for (i = 0; i < sizeof (fe25519) / sizeof fe_f[0]; i++) { + fe_f[i] += 38 * fe_g[i]; + } + fe25519_tobytes(s, fe_f); + ge25519_elligator2(s, x_sign); +} + /* Ristretto group */ static int diff --git a/src/libsodium/include/sodium/crypto_core_ed25519.h b/src/libsodium/include/sodium/crypto_core_ed25519.h index f8d55de0..3eae00c4 100644 --- a/src/libsodium/include/sodium/crypto_core_ed25519.h +++ b/src/libsodium/include/sodium/crypto_core_ed25519.h @@ -16,6 +16,10 @@ size_t crypto_core_ed25519_bytes(void); SODIUM_EXPORT size_t crypto_core_ed25519_uniformbytes(void); +#define crypto_core_ed25519_HASHBYTES 64 +SODIUM_EXPORT +size_t crypto_core_ed25519_hashbytes(void); + #define crypto_core_ed25519_SCALARBYTES 32 SODIUM_EXPORT size_t crypto_core_ed25519_scalarbytes(void); @@ -42,6 +46,10 @@ SODIUM_EXPORT int crypto_core_ed25519_from_uniform(unsigned char *p, const unsigned char *r) __attribute__ ((nonnull)); +SODIUM_EXPORT +int crypto_core_ed25519_from_hash(unsigned char *p, const unsigned char *h) + __attribute__ ((nonnull)); + SODIUM_EXPORT void crypto_core_ed25519_random(unsigned char *p) __attribute__ ((nonnull)); diff --git a/src/libsodium/include/sodium/private/ed25519_ref10.h b/src/libsodium/include/sodium/private/ed25519_ref10.h index 9e18935c..3f4c45ca 100644 --- a/src/libsodium/include/sodium/private/ed25519_ref10.h +++ b/src/libsodium/include/sodium/private/ed25519_ref10.h @@ -110,6 +110,8 @@ int ge25519_has_small_order(const unsigned char s[32]); void ge25519_from_uniform(unsigned char s[32], const unsigned char r[32]); +void ge25519_from_hash(unsigned char s[32], const unsigned char h[64]); + /* Ristretto group */ diff --git a/test/default/core_ed25519.c b/test/default/core_ed25519.c index 6d3b8ca8..e3f39c38 100644 --- a/test/default/core_ed25519.c +++ b/test/default/core_ed25519.c @@ -44,16 +44,17 @@ add_l64(unsigned char * const S) int main(void) { - unsigned char *r; + unsigned char *h, *r; unsigned char *p, *p2, *p3; unsigned char *sc, *sc2, *sc3; unsigned char *sc64; char *hex; unsigned int i, j; + h = (unsigned char *) sodium_malloc(crypto_core_ed25519_HASHBYTES); r = (unsigned char *) sodium_malloc(crypto_core_ed25519_UNIFORMBYTES); p = (unsigned char *) sodium_malloc(crypto_core_ed25519_BYTES); - for (i = 0; i < 1000; i++) { + for (i = 0; i < 500; i++) { randombytes_buf(r, crypto_core_ed25519_UNIFORMBYTES); if (crypto_core_ed25519_from_uniform(p, r) != 0) { printf("crypto_core_ed25519_from_uniform() failed\n"); @@ -62,6 +63,14 @@ main(void) printf("crypto_core_ed25519_from_uniform() returned an invalid point\n"); } + randombytes_buf(h, crypto_core_ed25519_HASHBYTES); + if (crypto_core_ed25519_from_hash(p, h) != 0) { + printf("crypto_core_ed25519_from_hash() failed\n"); + } + if (crypto_core_ed25519_is_valid_point(p) == 0) { + printf("crypto_core_ed25519_from_hash() returned an invalid point\n"); + } + crypto_core_ed25519_random(p); if (crypto_core_ed25519_is_valid_point(p) == 0) { printf("crypto_core_ed25519_random() returned an invalid point\n"); @@ -387,6 +396,7 @@ main(void) sodium_free(p2); sodium_free(p); sodium_free(r); + sodium_free(h); assert(crypto_core_ed25519_BYTES == crypto_core_ed25519_bytes()); assert(crypto_core_ed25519_SCALARBYTES == crypto_core_ed25519_scalarbytes()); @@ -394,6 +404,8 @@ main(void) assert(crypto_core_ed25519_NONREDUCEDSCALARBYTES >= crypto_core_ed25519_SCALARBYTES); assert(crypto_core_ed25519_UNIFORMBYTES == crypto_core_ed25519_uniformbytes()); assert(crypto_core_ed25519_UNIFORMBYTES >= crypto_core_ed25519_BYTES); + assert(crypto_core_ed25519_HASHBYTES == crypto_core_ed25519_hashbytes()); + assert(crypto_core_ed25519_HASHBYTES >= 2 * crypto_core_ed25519_BYTES); printf("OK\n"); From f1309fd752024bec34e8363c2bbf2aaa7517ce4b Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Thu, 2 May 2019 15:04:31 +0200 Subject: [PATCH 10/58] Avoid useless pack/unpack operation --- .../crypto_core/ed25519/ref10/ed25519_ref10.c | 32 +++++++++---------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c b/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c index 82e7e1d6..4b0797e9 100644 --- a/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c +++ b/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c @@ -2526,20 +2526,18 @@ chi25519(fe25519 out, const fe25519 z) } static void -ge25519_elligator2(unsigned char s[32], const unsigned char x_sign) +ge25519_elligator2(unsigned char s[32], const fe25519 r, const unsigned char x_sign) { - fe25519 e; - fe25519 negx; - fe25519 rr2; - fe25519 x, x2, x3; - ge25519_p3 p3; - ge25519_p1p1 p1; - ge25519_p2 p2; - unsigned int e_is_minus_1; - - fe25519_frombytes(rr2, s); - - fe25519_sq2(rr2, rr2); + fe25519 e; + fe25519 negx; + fe25519 rr2; + fe25519 x, x2, x3; + ge25519_p3 p3; + ge25519_p1p1 p1; + ge25519_p2 p2; + unsigned int e_is_minus_1; + + fe25519_sq2(rr2, r); rr2[0]++; fe25519_invert(rr2, rr2); fe25519_mul(x, curve25519_A, rr2); @@ -2597,12 +2595,14 @@ ge25519_elligator2(unsigned char s[32], const unsigned char x_sign) void ge25519_from_uniform(unsigned char s[32], const unsigned char r[32]) { + fe25519 r_fe; unsigned char x_sign; memcpy(s, r, 32); x_sign = s[31] & 0x80; s[31] &= 0x7f; - ge25519_elligator2(s, x_sign); + fe25519_frombytes(r_fe, s); + ge25519_elligator2(s, r_fe, x_sign); } void @@ -2627,8 +2627,8 @@ ge25519_from_hash(unsigned char s[32], const unsigned char h[64]) for (i = 0; i < sizeof (fe25519) / sizeof fe_f[0]; i++) { fe_f[i] += 38 * fe_g[i]; } - fe25519_tobytes(s, fe_f); - ge25519_elligator2(s, x_sign); + fe25519_reduce(fe_f, fe_f); + ge25519_elligator2(s, fe_f, x_sign); } /* Ristretto group */ From aff4a605812f7e30060d590c44890f38150310ed Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Fri, 3 May 2019 11:15:27 +0200 Subject: [PATCH 11/58] Automatically update config.{sub,guess} in autogen.sh --- autogen.sh | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/autogen.sh b/autogen.sh index 394e6f7a..73a92b2b 100755 --- a/autogen.sh +++ b/autogen.sh @@ -27,10 +27,22 @@ command -v automake >/dev/null 2>&1 || { } if autoreconf --version > /dev/null 2>&1 ; then - exec autoreconf -ivf + autoreconf -ivf +else + $LIBTOOLIZE && \ + aclocal && \ + automake --add-missing --force-missing --include-deps && \ + autoconf fi -$LIBTOOLIZE && \ -aclocal && \ -automake --add-missing --force-missing --include-deps && \ -autoconf +command -v curl >/dev/null 2>&1 && { + curl -sL -o config.guess \ + 'https://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD' && + mv -f config.guess build-aux/config.guess + + curl -sL -o config.sub \ + 'https://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD' && + mv -f config.sub build-aux/config.sub +} + +rm -f config.guess config.sub From a47159de27d54f25642df38a348914113fded4b0 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Fri, 3 May 2019 11:15:42 +0200 Subject: [PATCH 12/58] Just look for the 'wasi' substring --- dist-build/wasm32-wasi.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dist-build/wasm32-wasi.sh b/dist-build/wasm32-wasi.sh index bde72714..0b165745 100755 --- a/dist-build/wasm32-wasi.sh +++ b/dist-build/wasm32-wasi.sh @@ -20,7 +20,7 @@ export STRIP="llvm-strip" make distclean > /dev/null -grep -q -F -- '-wasi' build-aux/config.sub || \ +grep -q -F -- 'wasi' build-aux/config.sub || \ sed -i -e 's/-nacl\*)/-nacl*|-wasi)/' build-aux/config.sub if [ "x$1" = "x--bench" ]; then From 10b991d5184bd1157d1cbad4525ab6a351f6aa98 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Fri, 3 May 2019 11:38:37 +0200 Subject: [PATCH 13/58] wasm32-unknown-wasi -> wasm32-wasi --- dist-build/wasm32-wasi.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dist-build/wasm32-wasi.sh b/dist-build/wasm32-wasi.sh index 0b165745..0b28dff7 100755 --- a/dist-build/wasm32-wasi.sh +++ b/dist-build/wasm32-wasi.sh @@ -11,7 +11,7 @@ export PREFIX="$(pwd)/libsodium-wasm32-wasi" mkdir -p $PREFIX || exit 1 export CC="clang" -export CFLAGS="-DED25519_NONDETERMINISTIC=1 --target=wasm32-unknkown-wasi --sysroot=${WASI_SYSROOT} -O2" +export CFLAGS="-DED25519_NONDETERMINISTIC=1 --target=wasm32-wasi --sysroot=${WASI_SYSROOT} -O2" export LDFLAGS="-s -Wl,--no-threads" export NM="llvm-nm" export AR="llvm-ar" @@ -36,7 +36,7 @@ fi ./configure ${LIBSODIUM_ENABLE_MINIMAL_FLAG} \ --prefix="$PREFIX" --with-sysroot="$WASI_SYSROOT" \ - --host=wasm32-unknown-wasi \ + --host=wasm32-wasi \ --disable-ssp --disable-shared || exit 1 NPROCESSORS=$(getconf NPROCESSORS_ONLN 2>/dev/null || getconf _NPROCESSORS_ONLN 2>/dev/null) From 8a1ac8e11fda8b77af0d9073f57475f9f66cb509 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Fri, 3 May 2019 18:40:48 +0200 Subject: [PATCH 14/58] from_hash: clear the high bit --- src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c | 1 - .../randombytes/internal/randombytes_internal_random.c | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c b/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c index 4b0797e9..3bf6c82e 100644 --- a/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c +++ b/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c @@ -2623,7 +2623,6 @@ ge25519_from_hash(unsigned char s[32], const unsigned char h[64]) fe25519_frombytes(fe_f, fl); fe25519_frombytes(fe_g, gl); fe_f[0] += (h[0 + 31] >> 7) * 19; - fe_g[0] += (h[32 + 31] >> 7) * 19; for (i = 0; i < sizeof (fe25519) / sizeof fe_f[0]; i++) { fe_f[i] += 38 * fe_g[i]; } diff --git a/src/libsodium/randombytes/internal/randombytes_internal_random.c b/src/libsodium/randombytes/internal/randombytes_internal_random.c index 7098f28b..c7c23291 100644 --- a/src/libsodium/randombytes/internal/randombytes_internal_random.c +++ b/src/libsodium/randombytes/internal/randombytes_internal_random.c @@ -152,7 +152,7 @@ sodium_hrtime(void) static uint64_t sodium_hrtime(void) { - struct timeval tv; + struct timeval tv; if (gettimeofday(&tv, NULL) != 0) { sodium_misuse(); /* LCOV_EXCL_LINE */ From 80206ada6339313b5e77a6248e97f2d91b7bb43f Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Fri, 3 May 2019 20:14:05 +0200 Subject: [PATCH 15/58] 10% speedup on AVX2 for BLAKE2b Thanks to Shunsuke Shimizu (@grafi-tt) --- .../blake2b/ref/blake2b-compress-avx2.h | 16 +-- .../blake2b/ref/blake2b-load-avx2.h | 126 +++++++++--------- 2 files changed, 71 insertions(+), 71 deletions(-) diff --git a/src/libsodium/crypto_generichash/blake2b/ref/blake2b-compress-avx2.h b/src/libsodium/crypto_generichash/blake2b/ref/blake2b-compress-avx2.h index d08603a8..7c11321b 100644 --- a/src/libsodium/crypto_generichash/blake2b/ref/blake2b-compress-avx2.h +++ b/src/libsodium/crypto_generichash/blake2b/ref/blake2b-compress-avx2.h @@ -68,17 +68,17 @@ LOADU64(const void *p) #define BLAKE2B_DIAG_V1(a, b, c, d) \ do { \ - d = _mm256_permute4x64_epi64(d, _MM_SHUFFLE(2, 1, 0, 3)); \ - c = _mm256_permute4x64_epi64(c, _MM_SHUFFLE(1, 0, 3, 2)); \ - b = _mm256_permute4x64_epi64(b, _MM_SHUFFLE(0, 3, 2, 1)); \ - } while (0) + a = _mm256_permute4x64_epi64(a, _MM_SHUFFLE(2, 1, 0, 3)); \ + d = _mm256_permute4x64_epi64(d, _MM_SHUFFLE(1, 0, 3, 2)); \ + c = _mm256_permute4x64_epi64(c, _MM_SHUFFLE(0, 3, 2, 1)); \ + } while(0) #define BLAKE2B_UNDIAG_V1(a, b, c, d) \ do { \ - d = _mm256_permute4x64_epi64(d, _MM_SHUFFLE(0, 3, 2, 1)); \ - c = _mm256_permute4x64_epi64(c, _MM_SHUFFLE(1, 0, 3, 2)); \ - b = _mm256_permute4x64_epi64(b, _MM_SHUFFLE(2, 1, 0, 3)); \ - } while (0) + a = _mm256_permute4x64_epi64(a, _MM_SHUFFLE(0, 3, 2, 1)); \ + d = _mm256_permute4x64_epi64(d, _MM_SHUFFLE(1, 0, 3, 2)); \ + c = _mm256_permute4x64_epi64(c, _MM_SHUFFLE(2, 1, 0, 3)); \ + } while(0) #include "blake2b-load-avx2.h" diff --git a/src/libsodium/crypto_generichash/blake2b/ref/blake2b-load-avx2.h b/src/libsodium/crypto_generichash/blake2b/ref/blake2b-load-avx2.h index 8c15f177..12a5d189 100644 --- a/src/libsodium/crypto_generichash/blake2b/ref/blake2b-load-avx2.h +++ b/src/libsodium/crypto_generichash/blake2b/ref/blake2b-load-avx2.h @@ -17,15 +17,15 @@ #define BLAKE2B_LOAD_MSG_0_3(b0) \ do { \ - t0 = _mm256_unpacklo_epi64(m4, m5); \ - t1 = _mm256_unpacklo_epi64(m6, m7); \ + t0 = _mm256_unpacklo_epi64(m7, m4); \ + t1 = _mm256_unpacklo_epi64(m5, m6); \ b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) #define BLAKE2B_LOAD_MSG_0_4(b0) \ do { \ - t0 = _mm256_unpackhi_epi64(m4, m5); \ - t1 = _mm256_unpackhi_epi64(m6, m7); \ + t0 = _mm256_unpackhi_epi64(m7, m4); \ + t1 = _mm256_unpackhi_epi64(m5, m6); \ b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) @@ -43,17 +43,17 @@ b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) -#define BLAKE2B_LOAD_MSG_1_3(b0) \ - do { \ - t0 = _mm256_shuffle_epi32(m0, _MM_SHUFFLE(1, 0, 3, 2)); \ - t1 = _mm256_unpackhi_epi64(m5, m2); \ - b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ +#define BLAKE2B_LOAD_MSG_1_3(b0) \ + do { \ + t0 = _mm256_unpackhi_epi64(m2, m0); \ + t1 = _mm256_blend_epi32(m5, m0, 0x33); \ + b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) #define BLAKE2B_LOAD_MSG_1_4(b0) \ do { \ - t0 = _mm256_unpacklo_epi64(m6, m1); \ - t1 = _mm256_unpackhi_epi64(m3, m1); \ + t0 = _mm256_alignr_epi8(m6, m1, 8); \ + t1 = _mm256_blend_epi32(m3, m1, 0x33); \ b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) @@ -73,15 +73,15 @@ #define BLAKE2B_LOAD_MSG_2_3(b0) \ do { \ - t0 = _mm256_blend_epi32(m1, m5, 0x33); \ - t1 = _mm256_unpackhi_epi64(m3, m4); \ + t0 = _mm256_alignr_epi8(m5, m4, 8); \ + t1 = _mm256_unpackhi_epi64(m1, m3); \ b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) #define BLAKE2B_LOAD_MSG_2_4(b0) \ do { \ - t0 = _mm256_unpacklo_epi64(m7, m3); \ - t1 = _mm256_alignr_epi8(m2, m0, 8); \ + t0 = _mm256_unpacklo_epi64(m2, m7); \ + t1 = _mm256_blend_epi32(m0, m3, 0x33); \ b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) @@ -99,17 +99,17 @@ b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) -#define BLAKE2B_LOAD_MSG_3_3(b0) \ - do { \ - t0 = _mm256_blend_epi32(m2, m1, 0x33); \ - t1 = _mm256_blend_epi32(m7, m2, 0x33); \ - b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ +#define BLAKE2B_LOAD_MSG_3_3(b0) \ + do { \ + t0 = _mm256_alignr_epi8(m1, m7, 8); \ + t1 = _mm256_shuffle_epi32(m2, _MM_SHUFFLE(1, 0, 3, 2)); \ + b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) #define BLAKE2B_LOAD_MSG_3_4(b0) \ do { \ - t0 = _mm256_unpacklo_epi64(m3, m5); \ - t1 = _mm256_unpacklo_epi64(m0, m4); \ + t0 = _mm256_unpacklo_epi64(m4, m3); \ + t1 = _mm256_unpacklo_epi64(m5, m0); \ b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) @@ -129,15 +129,15 @@ #define BLAKE2B_LOAD_MSG_4_3(b0) \ do { \ - t0 = _mm256_blend_epi32(m5, m7, 0x33); \ - t1 = _mm256_blend_epi32(m1, m3, 0x33); \ + t0 = _mm256_alignr_epi8(m7, m1, 8); \ + t1 = _mm256_alignr_epi8(m3, m5, 8); \ b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) #define BLAKE2B_LOAD_MSG_4_4(b0) \ do { \ - t0 = _mm256_alignr_epi8(m6, m0, 8); \ - t1 = _mm256_blend_epi32(m6, m4, 0x33); \ + t0 = _mm256_unpackhi_epi64(m6, m0); \ + t1 = _mm256_unpacklo_epi64(m6, m4); \ b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) @@ -157,15 +157,15 @@ #define BLAKE2B_LOAD_MSG_5_3(b0) \ do { \ - t0 = _mm256_blend_epi32(m3, m2, 0x33); \ - t1 = _mm256_unpackhi_epi64(m7, m0); \ + t0 = _mm256_alignr_epi8(m2, m0, 8); \ + t1 = _mm256_unpackhi_epi64(m3, m7); \ b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) #define BLAKE2B_LOAD_MSG_5_4(b0) \ do { \ - t0 = _mm256_unpackhi_epi64(m6, m2); \ - t1 = _mm256_blend_epi32(m4, m7, 0x33); \ + t0 = _mm256_unpackhi_epi64(m4, m6); \ + t1 = _mm256_alignr_epi8(m7, m2, 8); \ b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) @@ -183,20 +183,20 @@ b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) -#define BLAKE2B_LOAD_MSG_6_3(b0) \ - do { \ - t0 = _mm256_unpacklo_epi64(m0, m3); \ - t1 = _mm256_shuffle_epi32(m4, _MM_SHUFFLE(1, 0, 3, 2)); \ - b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ - } while (0) - -#define BLAKE2B_LOAD_MSG_6_4(b0) \ +#define BLAKE2B_LOAD_MSG_6_3(b0) \ do { \ - t0 = _mm256_unpackhi_epi64(m3, m1); \ - t1 = _mm256_blend_epi32(m5, m1, 0x33); \ + t0 = _mm256_unpacklo_epi64(m4, m0); \ + t1 = _mm256_blend_epi32(m4, m3, 0x33); \ b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) +#define BLAKE2B_LOAD_MSG_6_4(b0) \ + do { \ + t0 = _mm256_unpackhi_epi64(m5, m3); \ + t1 = _mm256_shuffle_epi32(m1, _MM_SHUFFLE(1, 0, 3, 2)); \ + b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ + } while (0) + #define BLAKE2B_LOAD_MSG_7_1(b0) \ do { \ t0 = _mm256_unpackhi_epi64(m6, m3); \ @@ -213,15 +213,15 @@ #define BLAKE2B_LOAD_MSG_7_3(b0) \ do { \ - t0 = _mm256_unpackhi_epi64(m2, m7); \ - t1 = _mm256_unpacklo_epi64(m4, m1); \ + t0 = _mm256_blend_epi32(m2, m1, 0x33); \ + t1 = _mm256_alignr_epi8(m4, m7, 8); \ b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) #define BLAKE2B_LOAD_MSG_7_4(b0) \ do { \ - t0 = _mm256_unpacklo_epi64(m0, m2); \ - t1 = _mm256_unpacklo_epi64(m3, m5); \ + t0 = _mm256_unpacklo_epi64(m5, m0); \ + t1 = _mm256_unpacklo_epi64(m2, m3); \ b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) @@ -241,15 +241,15 @@ #define BLAKE2B_LOAD_MSG_8_3(b0) \ do { \ - t0 = m6; \ - t1 = _mm256_alignr_epi8(m5, m0, 8); \ + t0 = _mm256_unpacklo_epi64(m5, m6); \ + t1 = _mm256_unpackhi_epi64(m6, m0); \ b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) #define BLAKE2B_LOAD_MSG_8_4(b0) \ do { \ - t0 = _mm256_blend_epi32(m3, m1, 0x33); \ - t1 = m2; \ + t0 = _mm256_alignr_epi8(m1, m2, 8); \ + t1 = _mm256_alignr_epi8(m2, m3, 8); \ b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) @@ -269,15 +269,15 @@ #define BLAKE2B_LOAD_MSG_9_3(b0) \ do { \ - t0 = _mm256_unpackhi_epi64(m7, m4); \ - t1 = _mm256_unpackhi_epi64(m1, m6); \ + t0 = _mm256_unpackhi_epi64(m6, m7); \ + t1 = _mm256_unpackhi_epi64(m4, m1); \ b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) #define BLAKE2B_LOAD_MSG_9_4(b0) \ do { \ - t0 = _mm256_alignr_epi8(m7, m5, 8); \ - t1 = _mm256_unpacklo_epi64(m6, m0); \ + t0 = _mm256_blend_epi32(m5, m0, 0x33); \ + t1 = _mm256_unpacklo_epi64(m7, m6); \ b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) @@ -297,15 +297,15 @@ #define BLAKE2B_LOAD_MSG_10_3(b0) \ do { \ - t0 = _mm256_unpacklo_epi64(m4, m5); \ - t1 = _mm256_unpacklo_epi64(m6, m7); \ + t0 = _mm256_unpacklo_epi64(m7, m4); \ + t1 = _mm256_unpacklo_epi64(m5, m6); \ b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) #define BLAKE2B_LOAD_MSG_10_4(b0) \ do { \ - t0 = _mm256_unpackhi_epi64(m4, m5); \ - t1 = _mm256_unpackhi_epi64(m6, m7); \ + t0 = _mm256_unpackhi_epi64(m7, m4); \ + t1 = _mm256_unpackhi_epi64(m5, m6); \ b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) @@ -323,17 +323,17 @@ b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) -#define BLAKE2B_LOAD_MSG_11_3(b0) \ - do { \ - t0 = _mm256_shuffle_epi32(m0, _MM_SHUFFLE(1, 0, 3, 2)); \ - t1 = _mm256_unpackhi_epi64(m5, m2); \ - b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ +#define BLAKE2B_LOAD_MSG_11_3(b0) \ + do { \ + t0 = _mm256_unpackhi_epi64(m2, m0); \ + t1 = _mm256_blend_epi32(m5, m0, 0x33); \ + b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) #define BLAKE2B_LOAD_MSG_11_4(b0) \ do { \ - t0 = _mm256_unpacklo_epi64(m6, m1); \ - t1 = _mm256_unpackhi_epi64(m3, m1); \ + t0 = _mm256_alignr_epi8(m6, m1, 8); \ + t1 = _mm256_blend_epi32(m3, m1, 0x33); \ b0 = _mm256_blend_epi32(t0, t1, 0xF0); \ } while (0) From 53cd7d6a6f840ff97134cad3370dbbdafd4ed9c9 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Sat, 4 May 2019 18:06:05 +0200 Subject: [PATCH 16/58] Export UTF8ToString instead of Pointer_stringify --- dist-build/emscripten.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dist-build/emscripten.sh b/dist-build/emscripten.sh index 4038e9b1..d8975e5d 100755 --- a/dist-build/emscripten.sh +++ b/dist-build/emscripten.sh @@ -3,7 +3,7 @@ export MAKE_FLAGS='-j4' export EXPORTED_FUNCTIONS_STANDARD='["_malloc","_free","_crypto_aead_chacha20poly1305_abytes","_crypto_aead_chacha20poly1305_decrypt","_crypto_aead_chacha20poly1305_decrypt_detached","_crypto_aead_chacha20poly1305_encrypt","_crypto_aead_chacha20poly1305_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_abytes","_crypto_aead_chacha20poly1305_ietf_decrypt","_crypto_aead_chacha20poly1305_ietf_decrypt_detached","_crypto_aead_chacha20poly1305_ietf_encrypt","_crypto_aead_chacha20poly1305_ietf_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_keybytes","_crypto_aead_chacha20poly1305_ietf_keygen","_crypto_aead_chacha20poly1305_ietf_messagebytes_max","_crypto_aead_chacha20poly1305_ietf_npubbytes","_crypto_aead_chacha20poly1305_ietf_nsecbytes","_crypto_aead_chacha20poly1305_keybytes","_crypto_aead_chacha20poly1305_keygen","_crypto_aead_chacha20poly1305_messagebytes_max","_crypto_aead_chacha20poly1305_npubbytes","_crypto_aead_chacha20poly1305_nsecbytes","_crypto_aead_xchacha20poly1305_ietf_abytes","_crypto_aead_xchacha20poly1305_ietf_decrypt","_crypto_aead_xchacha20poly1305_ietf_decrypt_detached","_crypto_aead_xchacha20poly1305_ietf_encrypt","_crypto_aead_xchacha20poly1305_ietf_encrypt_detached","_crypto_aead_xchacha20poly1305_ietf_keybytes","_crypto_aead_xchacha20poly1305_ietf_keygen","_crypto_aead_xchacha20poly1305_ietf_messagebytes_max","_crypto_aead_xchacha20poly1305_ietf_npubbytes","_crypto_aead_xchacha20poly1305_ietf_nsecbytes","_crypto_auth","_crypto_auth_bytes","_crypto_auth_keybytes","_crypto_auth_keygen","_crypto_auth_verify","_crypto_box_beforenm","_crypto_box_beforenmbytes","_crypto_box_detached","_crypto_box_detached_afternm","_crypto_box_easy","_crypto_box_easy_afternm","_crypto_box_keypair","_crypto_box_macbytes","_crypto_box_messagebytes_max","_crypto_box_noncebytes","_crypto_box_open_detached","_crypto_box_open_detached_afternm","_crypto_box_open_easy","_crypto_box_open_easy_afternm","_crypto_box_publickeybytes","_crypto_box_seal","_crypto_box_seal_open","_crypto_box_sealbytes","_crypto_box_secretkeybytes","_crypto_box_seed_keypair","_crypto_box_seedbytes","_crypto_generichash","_crypto_generichash_bytes","_crypto_generichash_bytes_max","_crypto_generichash_bytes_min","_crypto_generichash_final","_crypto_generichash_init","_crypto_generichash_keybytes","_crypto_generichash_keybytes_max","_crypto_generichash_keybytes_min","_crypto_generichash_keygen","_crypto_generichash_statebytes","_crypto_generichash_update","_crypto_hash","_crypto_hash_bytes","_crypto_kdf_bytes_max","_crypto_kdf_bytes_min","_crypto_kdf_contextbytes","_crypto_kdf_derive_from_key","_crypto_kdf_keybytes","_crypto_kdf_keygen","_crypto_kx_client_session_keys","_crypto_kx_keypair","_crypto_kx_publickeybytes","_crypto_kx_secretkeybytes","_crypto_kx_seed_keypair","_crypto_kx_seedbytes","_crypto_kx_server_session_keys","_crypto_kx_sessionkeybytes","_crypto_pwhash","_crypto_pwhash_alg_argon2i13","_crypto_pwhash_alg_argon2id13","_crypto_pwhash_alg_default","_crypto_pwhash_bytes_max","_crypto_pwhash_bytes_min","_crypto_pwhash_memlimit_interactive","_crypto_pwhash_memlimit_max","_crypto_pwhash_memlimit_min","_crypto_pwhash_memlimit_moderate","_crypto_pwhash_memlimit_sensitive","_crypto_pwhash_opslimit_interactive","_crypto_pwhash_opslimit_max","_crypto_pwhash_opslimit_min","_crypto_pwhash_opslimit_moderate","_crypto_pwhash_opslimit_sensitive","_crypto_pwhash_passwd_max","_crypto_pwhash_passwd_min","_crypto_pwhash_saltbytes","_crypto_pwhash_str","_crypto_pwhash_str_alg","_crypto_pwhash_str_needs_rehash","_crypto_pwhash_str_verify","_crypto_pwhash_strbytes","_crypto_pwhash_strprefix","_crypto_scalarmult","_crypto_scalarmult_base","_crypto_scalarmult_bytes","_crypto_scalarmult_scalarbytes","_crypto_secretbox_detached","_crypto_secretbox_easy","_crypto_secretbox_keybytes","_crypto_secretbox_keygen","_crypto_secretbox_macbytes","_crypto_secretbox_messagebytes_max","_crypto_secretbox_noncebytes","_crypto_secretbox_open_detached","_crypto_secretbox_open_easy","_crypto_secretstream_xchacha20poly1305_abytes","_crypto_secretstream_xchacha20poly1305_headerbytes","_crypto_secretstream_xchacha20poly1305_init_pull","_crypto_secretstream_xchacha20poly1305_init_push","_crypto_secretstream_xchacha20poly1305_keybytes","_crypto_secretstream_xchacha20poly1305_keygen","_crypto_secretstream_xchacha20poly1305_messagebytes_max","_crypto_secretstream_xchacha20poly1305_pull","_crypto_secretstream_xchacha20poly1305_push","_crypto_secretstream_xchacha20poly1305_rekey","_crypto_secretstream_xchacha20poly1305_statebytes","_crypto_secretstream_xchacha20poly1305_tag_final","_crypto_secretstream_xchacha20poly1305_tag_message","_crypto_secretstream_xchacha20poly1305_tag_push","_crypto_secretstream_xchacha20poly1305_tag_rekey","_crypto_shorthash","_crypto_shorthash_bytes","_crypto_shorthash_keybytes","_crypto_shorthash_keygen","_crypto_sign","_crypto_sign_bytes","_crypto_sign_detached","_crypto_sign_ed25519_pk_to_curve25519","_crypto_sign_ed25519_sk_to_curve25519","_crypto_sign_final_create","_crypto_sign_final_verify","_crypto_sign_init","_crypto_sign_keypair","_crypto_sign_messagebytes_max","_crypto_sign_open","_crypto_sign_publickeybytes","_crypto_sign_secretkeybytes","_crypto_sign_seed_keypair","_crypto_sign_seedbytes","_crypto_sign_statebytes","_crypto_sign_update","_crypto_sign_verify_detached","_randombytes","_randombytes_buf","_randombytes_buf_deterministic","_randombytes_close","_randombytes_random","_randombytes_seedbytes","_randombytes_stir","_randombytes_uniform","_sodium_base642bin","_sodium_base64_encoded_len","_sodium_bin2base64","_sodium_bin2hex","_sodium_hex2bin","_sodium_init","_sodium_library_minimal","_sodium_library_version_major","_sodium_library_version_minor","_sodium_pad","_sodium_unpad","_sodium_version_string"]' export EXPORTED_FUNCTIONS_SUMO='["_malloc","_free","_crypto_aead_chacha20poly1305_abytes","_crypto_aead_chacha20poly1305_decrypt","_crypto_aead_chacha20poly1305_decrypt_detached","_crypto_aead_chacha20poly1305_encrypt","_crypto_aead_chacha20poly1305_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_abytes","_crypto_aead_chacha20poly1305_ietf_decrypt","_crypto_aead_chacha20poly1305_ietf_decrypt_detached","_crypto_aead_chacha20poly1305_ietf_encrypt","_crypto_aead_chacha20poly1305_ietf_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_keybytes","_crypto_aead_chacha20poly1305_ietf_keygen","_crypto_aead_chacha20poly1305_ietf_messagebytes_max","_crypto_aead_chacha20poly1305_ietf_npubbytes","_crypto_aead_chacha20poly1305_ietf_nsecbytes","_crypto_aead_chacha20poly1305_keybytes","_crypto_aead_chacha20poly1305_keygen","_crypto_aead_chacha20poly1305_messagebytes_max","_crypto_aead_chacha20poly1305_npubbytes","_crypto_aead_chacha20poly1305_nsecbytes","_crypto_aead_xchacha20poly1305_ietf_abytes","_crypto_aead_xchacha20poly1305_ietf_decrypt","_crypto_aead_xchacha20poly1305_ietf_decrypt_detached","_crypto_aead_xchacha20poly1305_ietf_encrypt","_crypto_aead_xchacha20poly1305_ietf_encrypt_detached","_crypto_aead_xchacha20poly1305_ietf_keybytes","_crypto_aead_xchacha20poly1305_ietf_keygen","_crypto_aead_xchacha20poly1305_ietf_messagebytes_max","_crypto_aead_xchacha20poly1305_ietf_npubbytes","_crypto_aead_xchacha20poly1305_ietf_nsecbytes","_crypto_auth","_crypto_auth_bytes","_crypto_auth_hmacsha256","_crypto_auth_hmacsha256_bytes","_crypto_auth_hmacsha256_final","_crypto_auth_hmacsha256_init","_crypto_auth_hmacsha256_keybytes","_crypto_auth_hmacsha256_keygen","_crypto_auth_hmacsha256_statebytes","_crypto_auth_hmacsha256_update","_crypto_auth_hmacsha256_verify","_crypto_auth_hmacsha512","_crypto_auth_hmacsha512256","_crypto_auth_hmacsha512256_bytes","_crypto_auth_hmacsha512256_final","_crypto_auth_hmacsha512256_init","_crypto_auth_hmacsha512256_keybytes","_crypto_auth_hmacsha512256_keygen","_crypto_auth_hmacsha512256_statebytes","_crypto_auth_hmacsha512256_update","_crypto_auth_hmacsha512256_verify","_crypto_auth_hmacsha512_bytes","_crypto_auth_hmacsha512_final","_crypto_auth_hmacsha512_init","_crypto_auth_hmacsha512_keybytes","_crypto_auth_hmacsha512_keygen","_crypto_auth_hmacsha512_statebytes","_crypto_auth_hmacsha512_update","_crypto_auth_hmacsha512_verify","_crypto_auth_keybytes","_crypto_auth_keygen","_crypto_auth_primitive","_crypto_auth_verify","_crypto_box","_crypto_box_afternm","_crypto_box_beforenm","_crypto_box_beforenmbytes","_crypto_box_boxzerobytes","_crypto_box_curve25519xchacha20poly1305_beforenm","_crypto_box_curve25519xchacha20poly1305_beforenmbytes","_crypto_box_curve25519xchacha20poly1305_detached","_crypto_box_curve25519xchacha20poly1305_detached_afternm","_crypto_box_curve25519xchacha20poly1305_easy","_crypto_box_curve25519xchacha20poly1305_easy_afternm","_crypto_box_curve25519xchacha20poly1305_keypair","_crypto_box_curve25519xchacha20poly1305_macbytes","_crypto_box_curve25519xchacha20poly1305_messagebytes_max","_crypto_box_curve25519xchacha20poly1305_noncebytes","_crypto_box_curve25519xchacha20poly1305_open_detached","_crypto_box_curve25519xchacha20poly1305_open_detached_afternm","_crypto_box_curve25519xchacha20poly1305_open_easy","_crypto_box_curve25519xchacha20poly1305_open_easy_afternm","_crypto_box_curve25519xchacha20poly1305_publickeybytes","_crypto_box_curve25519xchacha20poly1305_seal","_crypto_box_curve25519xchacha20poly1305_seal_open","_crypto_box_curve25519xchacha20poly1305_sealbytes","_crypto_box_curve25519xchacha20poly1305_secretkeybytes","_crypto_box_curve25519xchacha20poly1305_seed_keypair","_crypto_box_curve25519xchacha20poly1305_seedbytes","_crypto_box_curve25519xsalsa20poly1305","_crypto_box_curve25519xsalsa20poly1305_afternm","_crypto_box_curve25519xsalsa20poly1305_beforenm","_crypto_box_curve25519xsalsa20poly1305_beforenmbytes","_crypto_box_curve25519xsalsa20poly1305_boxzerobytes","_crypto_box_curve25519xsalsa20poly1305_keypair","_crypto_box_curve25519xsalsa20poly1305_macbytes","_crypto_box_curve25519xsalsa20poly1305_messagebytes_max","_crypto_box_curve25519xsalsa20poly1305_noncebytes","_crypto_box_curve25519xsalsa20poly1305_open","_crypto_box_curve25519xsalsa20poly1305_open_afternm","_crypto_box_curve25519xsalsa20poly1305_publickeybytes","_crypto_box_curve25519xsalsa20poly1305_secretkeybytes","_crypto_box_curve25519xsalsa20poly1305_seed_keypair","_crypto_box_curve25519xsalsa20poly1305_seedbytes","_crypto_box_curve25519xsalsa20poly1305_zerobytes","_crypto_box_detached","_crypto_box_detached_afternm","_crypto_box_easy","_crypto_box_easy_afternm","_crypto_box_keypair","_crypto_box_macbytes","_crypto_box_messagebytes_max","_crypto_box_noncebytes","_crypto_box_open","_crypto_box_open_afternm","_crypto_box_open_detached","_crypto_box_open_detached_afternm","_crypto_box_open_easy","_crypto_box_open_easy_afternm","_crypto_box_primitive","_crypto_box_publickeybytes","_crypto_box_seal","_crypto_box_seal_open","_crypto_box_sealbytes","_crypto_box_secretkeybytes","_crypto_box_seed_keypair","_crypto_box_seedbytes","_crypto_box_zerobytes","_crypto_core_ed25519_add","_crypto_core_ed25519_bytes","_crypto_core_ed25519_from_hash","_crypto_core_ed25519_from_uniform","_crypto_core_ed25519_hashbytes","_crypto_core_ed25519_is_valid_point","_crypto_core_ed25519_nonreducedscalarbytes","_crypto_core_ed25519_random","_crypto_core_ed25519_scalar_add","_crypto_core_ed25519_scalar_complement","_crypto_core_ed25519_scalar_invert","_crypto_core_ed25519_scalar_mul","_crypto_core_ed25519_scalar_negate","_crypto_core_ed25519_scalar_random","_crypto_core_ed25519_scalar_reduce","_crypto_core_ed25519_scalar_sub","_crypto_core_ed25519_scalarbytes","_crypto_core_ed25519_sub","_crypto_core_ed25519_uniformbytes","_crypto_core_hchacha20","_crypto_core_hchacha20_constbytes","_crypto_core_hchacha20_inputbytes","_crypto_core_hchacha20_keybytes","_crypto_core_hchacha20_outputbytes","_crypto_core_hsalsa20","_crypto_core_hsalsa20_constbytes","_crypto_core_hsalsa20_inputbytes","_crypto_core_hsalsa20_keybytes","_crypto_core_hsalsa20_outputbytes","_crypto_core_ristretto255_add","_crypto_core_ristretto255_bytes","_crypto_core_ristretto255_from_hash","_crypto_core_ristretto255_hashbytes","_crypto_core_ristretto255_is_valid_point","_crypto_core_ristretto255_nonreducedscalarbytes","_crypto_core_ristretto255_random","_crypto_core_ristretto255_scalar_add","_crypto_core_ristretto255_scalar_complement","_crypto_core_ristretto255_scalar_invert","_crypto_core_ristretto255_scalar_mul","_crypto_core_ristretto255_scalar_negate","_crypto_core_ristretto255_scalar_random","_crypto_core_ristretto255_scalar_reduce","_crypto_core_ristretto255_scalar_sub","_crypto_core_ristretto255_scalarbytes","_crypto_core_ristretto255_sub","_crypto_core_salsa20","_crypto_core_salsa2012","_crypto_core_salsa2012_constbytes","_crypto_core_salsa2012_inputbytes","_crypto_core_salsa2012_keybytes","_crypto_core_salsa2012_outputbytes","_crypto_core_salsa208","_crypto_core_salsa208_constbytes","_crypto_core_salsa208_inputbytes","_crypto_core_salsa208_keybytes","_crypto_core_salsa208_outputbytes","_crypto_core_salsa20_constbytes","_crypto_core_salsa20_inputbytes","_crypto_core_salsa20_keybytes","_crypto_core_salsa20_outputbytes","_crypto_generichash","_crypto_generichash_blake2b","_crypto_generichash_blake2b_bytes","_crypto_generichash_blake2b_bytes_max","_crypto_generichash_blake2b_bytes_min","_crypto_generichash_blake2b_final","_crypto_generichash_blake2b_init","_crypto_generichash_blake2b_init_salt_personal","_crypto_generichash_blake2b_keybytes","_crypto_generichash_blake2b_keybytes_max","_crypto_generichash_blake2b_keybytes_min","_crypto_generichash_blake2b_keygen","_crypto_generichash_blake2b_personalbytes","_crypto_generichash_blake2b_salt_personal","_crypto_generichash_blake2b_saltbytes","_crypto_generichash_blake2b_statebytes","_crypto_generichash_blake2b_update","_crypto_generichash_bytes","_crypto_generichash_bytes_max","_crypto_generichash_bytes_min","_crypto_generichash_final","_crypto_generichash_init","_crypto_generichash_keybytes","_crypto_generichash_keybytes_max","_crypto_generichash_keybytes_min","_crypto_generichash_keygen","_crypto_generichash_primitive","_crypto_generichash_statebytes","_crypto_generichash_update","_crypto_hash","_crypto_hash_bytes","_crypto_hash_primitive","_crypto_hash_sha256","_crypto_hash_sha256_bytes","_crypto_hash_sha256_final","_crypto_hash_sha256_init","_crypto_hash_sha256_statebytes","_crypto_hash_sha256_update","_crypto_hash_sha512","_crypto_hash_sha512_bytes","_crypto_hash_sha512_final","_crypto_hash_sha512_init","_crypto_hash_sha512_statebytes","_crypto_hash_sha512_update","_crypto_kdf_blake2b_bytes_max","_crypto_kdf_blake2b_bytes_min","_crypto_kdf_blake2b_contextbytes","_crypto_kdf_blake2b_derive_from_key","_crypto_kdf_blake2b_keybytes","_crypto_kdf_bytes_max","_crypto_kdf_bytes_min","_crypto_kdf_contextbytes","_crypto_kdf_derive_from_key","_crypto_kdf_keybytes","_crypto_kdf_keygen","_crypto_kdf_primitive","_crypto_kx_client_session_keys","_crypto_kx_keypair","_crypto_kx_primitive","_crypto_kx_publickeybytes","_crypto_kx_secretkeybytes","_crypto_kx_seed_keypair","_crypto_kx_seedbytes","_crypto_kx_server_session_keys","_crypto_kx_sessionkeybytes","_crypto_onetimeauth","_crypto_onetimeauth_bytes","_crypto_onetimeauth_final","_crypto_onetimeauth_init","_crypto_onetimeauth_keybytes","_crypto_onetimeauth_keygen","_crypto_onetimeauth_poly1305","_crypto_onetimeauth_poly1305_bytes","_crypto_onetimeauth_poly1305_final","_crypto_onetimeauth_poly1305_init","_crypto_onetimeauth_poly1305_keybytes","_crypto_onetimeauth_poly1305_keygen","_crypto_onetimeauth_poly1305_statebytes","_crypto_onetimeauth_poly1305_update","_crypto_onetimeauth_poly1305_verify","_crypto_onetimeauth_primitive","_crypto_onetimeauth_statebytes","_crypto_onetimeauth_update","_crypto_onetimeauth_verify","_crypto_pwhash","_crypto_pwhash_alg_argon2i13","_crypto_pwhash_alg_argon2id13","_crypto_pwhash_alg_default","_crypto_pwhash_argon2i","_crypto_pwhash_argon2i_alg_argon2i13","_crypto_pwhash_argon2i_bytes_max","_crypto_pwhash_argon2i_bytes_min","_crypto_pwhash_argon2i_memlimit_interactive","_crypto_pwhash_argon2i_memlimit_max","_crypto_pwhash_argon2i_memlimit_min","_crypto_pwhash_argon2i_memlimit_moderate","_crypto_pwhash_argon2i_memlimit_sensitive","_crypto_pwhash_argon2i_opslimit_interactive","_crypto_pwhash_argon2i_opslimit_max","_crypto_pwhash_argon2i_opslimit_min","_crypto_pwhash_argon2i_opslimit_moderate","_crypto_pwhash_argon2i_opslimit_sensitive","_crypto_pwhash_argon2i_passwd_max","_crypto_pwhash_argon2i_passwd_min","_crypto_pwhash_argon2i_saltbytes","_crypto_pwhash_argon2i_str","_crypto_pwhash_argon2i_str_needs_rehash","_crypto_pwhash_argon2i_str_verify","_crypto_pwhash_argon2i_strbytes","_crypto_pwhash_argon2i_strprefix","_crypto_pwhash_argon2id","_crypto_pwhash_argon2id_alg_argon2id13","_crypto_pwhash_argon2id_bytes_max","_crypto_pwhash_argon2id_bytes_min","_crypto_pwhash_argon2id_memlimit_interactive","_crypto_pwhash_argon2id_memlimit_max","_crypto_pwhash_argon2id_memlimit_min","_crypto_pwhash_argon2id_memlimit_moderate","_crypto_pwhash_argon2id_memlimit_sensitive","_crypto_pwhash_argon2id_opslimit_interactive","_crypto_pwhash_argon2id_opslimit_max","_crypto_pwhash_argon2id_opslimit_min","_crypto_pwhash_argon2id_opslimit_moderate","_crypto_pwhash_argon2id_opslimit_sensitive","_crypto_pwhash_argon2id_passwd_max","_crypto_pwhash_argon2id_passwd_min","_crypto_pwhash_argon2id_saltbytes","_crypto_pwhash_argon2id_str","_crypto_pwhash_argon2id_str_needs_rehash","_crypto_pwhash_argon2id_str_verify","_crypto_pwhash_argon2id_strbytes","_crypto_pwhash_argon2id_strprefix","_crypto_pwhash_bytes_max","_crypto_pwhash_bytes_min","_crypto_pwhash_memlimit_interactive","_crypto_pwhash_memlimit_max","_crypto_pwhash_memlimit_min","_crypto_pwhash_memlimit_moderate","_crypto_pwhash_memlimit_sensitive","_crypto_pwhash_opslimit_interactive","_crypto_pwhash_opslimit_max","_crypto_pwhash_opslimit_min","_crypto_pwhash_opslimit_moderate","_crypto_pwhash_opslimit_sensitive","_crypto_pwhash_passwd_max","_crypto_pwhash_passwd_min","_crypto_pwhash_primitive","_crypto_pwhash_saltbytes","_crypto_pwhash_scryptsalsa208sha256","_crypto_pwhash_scryptsalsa208sha256_bytes_max","_crypto_pwhash_scryptsalsa208sha256_bytes_min","_crypto_pwhash_scryptsalsa208sha256_ll","_crypto_pwhash_scryptsalsa208sha256_memlimit_interactive","_crypto_pwhash_scryptsalsa208sha256_memlimit_max","_crypto_pwhash_scryptsalsa208sha256_memlimit_min","_crypto_pwhash_scryptsalsa208sha256_memlimit_sensitive","_crypto_pwhash_scryptsalsa208sha256_opslimit_interactive","_crypto_pwhash_scryptsalsa208sha256_opslimit_max","_crypto_pwhash_scryptsalsa208sha256_opslimit_min","_crypto_pwhash_scryptsalsa208sha256_opslimit_sensitive","_crypto_pwhash_scryptsalsa208sha256_passwd_max","_crypto_pwhash_scryptsalsa208sha256_passwd_min","_crypto_pwhash_scryptsalsa208sha256_saltbytes","_crypto_pwhash_scryptsalsa208sha256_str","_crypto_pwhash_scryptsalsa208sha256_str_needs_rehash","_crypto_pwhash_scryptsalsa208sha256_str_verify","_crypto_pwhash_scryptsalsa208sha256_strbytes","_crypto_pwhash_scryptsalsa208sha256_strprefix","_crypto_pwhash_str","_crypto_pwhash_str_alg","_crypto_pwhash_str_needs_rehash","_crypto_pwhash_str_verify","_crypto_pwhash_strbytes","_crypto_pwhash_strprefix","_crypto_scalarmult","_crypto_scalarmult_base","_crypto_scalarmult_bytes","_crypto_scalarmult_curve25519","_crypto_scalarmult_curve25519_base","_crypto_scalarmult_curve25519_bytes","_crypto_scalarmult_curve25519_scalarbytes","_crypto_scalarmult_ed25519","_crypto_scalarmult_ed25519_base","_crypto_scalarmult_ed25519_base_noclamp","_crypto_scalarmult_ed25519_bytes","_crypto_scalarmult_ed25519_noclamp","_crypto_scalarmult_ed25519_scalarbytes","_crypto_scalarmult_primitive","_crypto_scalarmult_ristretto255","_crypto_scalarmult_ristretto255_base","_crypto_scalarmult_ristretto255_bytes","_crypto_scalarmult_ristretto255_scalarbytes","_crypto_scalarmult_scalarbytes","_crypto_secretbox","_crypto_secretbox_boxzerobytes","_crypto_secretbox_detached","_crypto_secretbox_easy","_crypto_secretbox_keybytes","_crypto_secretbox_keygen","_crypto_secretbox_macbytes","_crypto_secretbox_messagebytes_max","_crypto_secretbox_noncebytes","_crypto_secretbox_open","_crypto_secretbox_open_detached","_crypto_secretbox_open_easy","_crypto_secretbox_primitive","_crypto_secretbox_xchacha20poly1305_detached","_crypto_secretbox_xchacha20poly1305_easy","_crypto_secretbox_xchacha20poly1305_keybytes","_crypto_secretbox_xchacha20poly1305_macbytes","_crypto_secretbox_xchacha20poly1305_messagebytes_max","_crypto_secretbox_xchacha20poly1305_noncebytes","_crypto_secretbox_xchacha20poly1305_open_detached","_crypto_secretbox_xchacha20poly1305_open_easy","_crypto_secretbox_xsalsa20poly1305","_crypto_secretbox_xsalsa20poly1305_boxzerobytes","_crypto_secretbox_xsalsa20poly1305_keybytes","_crypto_secretbox_xsalsa20poly1305_keygen","_crypto_secretbox_xsalsa20poly1305_macbytes","_crypto_secretbox_xsalsa20poly1305_messagebytes_max","_crypto_secretbox_xsalsa20poly1305_noncebytes","_crypto_secretbox_xsalsa20poly1305_open","_crypto_secretbox_xsalsa20poly1305_zerobytes","_crypto_secretbox_zerobytes","_crypto_secretstream_xchacha20poly1305_abytes","_crypto_secretstream_xchacha20poly1305_headerbytes","_crypto_secretstream_xchacha20poly1305_init_pull","_crypto_secretstream_xchacha20poly1305_init_push","_crypto_secretstream_xchacha20poly1305_keybytes","_crypto_secretstream_xchacha20poly1305_keygen","_crypto_secretstream_xchacha20poly1305_messagebytes_max","_crypto_secretstream_xchacha20poly1305_pull","_crypto_secretstream_xchacha20poly1305_push","_crypto_secretstream_xchacha20poly1305_rekey","_crypto_secretstream_xchacha20poly1305_statebytes","_crypto_secretstream_xchacha20poly1305_tag_final","_crypto_secretstream_xchacha20poly1305_tag_message","_crypto_secretstream_xchacha20poly1305_tag_push","_crypto_secretstream_xchacha20poly1305_tag_rekey","_crypto_shorthash","_crypto_shorthash_bytes","_crypto_shorthash_keybytes","_crypto_shorthash_keygen","_crypto_shorthash_primitive","_crypto_shorthash_siphash24","_crypto_shorthash_siphash24_bytes","_crypto_shorthash_siphash24_keybytes","_crypto_shorthash_siphashx24","_crypto_shorthash_siphashx24_bytes","_crypto_shorthash_siphashx24_keybytes","_crypto_sign","_crypto_sign_bytes","_crypto_sign_detached","_crypto_sign_ed25519","_crypto_sign_ed25519_bytes","_crypto_sign_ed25519_detached","_crypto_sign_ed25519_keypair","_crypto_sign_ed25519_messagebytes_max","_crypto_sign_ed25519_open","_crypto_sign_ed25519_pk_to_curve25519","_crypto_sign_ed25519_publickeybytes","_crypto_sign_ed25519_secretkeybytes","_crypto_sign_ed25519_seed_keypair","_crypto_sign_ed25519_seedbytes","_crypto_sign_ed25519_sk_to_curve25519","_crypto_sign_ed25519_sk_to_pk","_crypto_sign_ed25519_sk_to_seed","_crypto_sign_ed25519_verify_detached","_crypto_sign_ed25519ph_final_create","_crypto_sign_ed25519ph_final_verify","_crypto_sign_ed25519ph_init","_crypto_sign_ed25519ph_statebytes","_crypto_sign_ed25519ph_update","_crypto_sign_final_create","_crypto_sign_final_verify","_crypto_sign_init","_crypto_sign_keypair","_crypto_sign_messagebytes_max","_crypto_sign_open","_crypto_sign_primitive","_crypto_sign_publickeybytes","_crypto_sign_secretkeybytes","_crypto_sign_seed_keypair","_crypto_sign_seedbytes","_crypto_sign_statebytes","_crypto_sign_update","_crypto_sign_verify_detached","_crypto_stream","_crypto_stream_chacha20","_crypto_stream_chacha20_ietf","_crypto_stream_chacha20_ietf_keybytes","_crypto_stream_chacha20_ietf_keygen","_crypto_stream_chacha20_ietf_messagebytes_max","_crypto_stream_chacha20_ietf_noncebytes","_crypto_stream_chacha20_ietf_xor","_crypto_stream_chacha20_ietf_xor_ic","_crypto_stream_chacha20_keybytes","_crypto_stream_chacha20_keygen","_crypto_stream_chacha20_messagebytes_max","_crypto_stream_chacha20_noncebytes","_crypto_stream_chacha20_xor","_crypto_stream_chacha20_xor_ic","_crypto_stream_keybytes","_crypto_stream_keygen","_crypto_stream_messagebytes_max","_crypto_stream_noncebytes","_crypto_stream_primitive","_crypto_stream_salsa20","_crypto_stream_salsa2012","_crypto_stream_salsa2012_keybytes","_crypto_stream_salsa2012_keygen","_crypto_stream_salsa2012_messagebytes_max","_crypto_stream_salsa2012_noncebytes","_crypto_stream_salsa2012_xor","_crypto_stream_salsa208","_crypto_stream_salsa208_keybytes","_crypto_stream_salsa208_keygen","_crypto_stream_salsa208_messagebytes_max","_crypto_stream_salsa208_noncebytes","_crypto_stream_salsa208_xor","_crypto_stream_salsa20_keybytes","_crypto_stream_salsa20_keygen","_crypto_stream_salsa20_messagebytes_max","_crypto_stream_salsa20_noncebytes","_crypto_stream_salsa20_xor","_crypto_stream_salsa20_xor_ic","_crypto_stream_xchacha20","_crypto_stream_xchacha20_keybytes","_crypto_stream_xchacha20_keygen","_crypto_stream_xchacha20_messagebytes_max","_crypto_stream_xchacha20_noncebytes","_crypto_stream_xchacha20_xor","_crypto_stream_xchacha20_xor_ic","_crypto_stream_xor","_crypto_stream_xsalsa20","_crypto_stream_xsalsa20_keybytes","_crypto_stream_xsalsa20_keygen","_crypto_stream_xsalsa20_messagebytes_max","_crypto_stream_xsalsa20_noncebytes","_crypto_stream_xsalsa20_xor","_crypto_stream_xsalsa20_xor_ic","_crypto_verify_16","_crypto_verify_16_bytes","_crypto_verify_32","_crypto_verify_32_bytes","_crypto_verify_64","_crypto_verify_64_bytes","_randombytes","_randombytes_buf","_randombytes_buf_deterministic","_randombytes_close","_randombytes_implementation_name","_randombytes_random","_randombytes_seedbytes","_randombytes_stir","_randombytes_uniform","_sodium_base642bin","_sodium_base64_encoded_len","_sodium_bin2base64","_sodium_bin2hex","_sodium_hex2bin","_sodium_init","_sodium_library_minimal","_sodium_library_version_major","_sodium_library_version_minor","_sodium_pad","_sodium_unpad","_sodium_version_string"]' -export EXPORTED_RUNTIME_METHODS='["Pointer_stringify","getValue","setValue"]' +export EXPORTED_RUNTIME_METHODS='["UTF8ToString","getValue","setValue"]' export TOTAL_MEMORY=16777216 export TOTAL_MEMORY_SUMO=16777216 export TOTAL_MEMORY_TESTS=16777216 From c9e8e47049c01d65a2b38182e8506e7d68acee1a Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Sun, 5 May 2019 22:50:15 +0200 Subject: [PATCH 17/58] SHA2 uses big-endian, but we use little-endian internally So, we need to swap encodings in hash2base() --- .../crypto_core/ed25519/ref10/ed25519_ref10.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c b/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c index 3bf6c82e..4bd35c2d 100644 --- a/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c +++ b/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c @@ -2615,14 +2615,16 @@ ge25519_from_hash(unsigned char s[32], const unsigned char h[64]) int i; unsigned char x_sign; - x_sign = h[63] & 0x80; - memcpy(fl, &h[0], 32); - memcpy(gl, &h[32], 32); + x_sign = h[0] & 0x80; + for (i = 0; i < 32; i++) { + fl[i] = h[63 - i]; + gl[i] = h[31 - i]; + } fl[31] &= 0x7f; gl[31] &= 0x7f; fe25519_frombytes(fe_f, fl); fe25519_frombytes(fe_g, gl); - fe_f[0] += (h[0 + 31] >> 7) * 19; + fe_f[0] += (h[32] >> 7) * 19; for (i = 0; i < sizeof (fe25519) / sizeof fe_f[0]; i++) { fe_f[i] += 38 * fe_g[i]; } From 3d379746ee2d75e3a2c5c1f7a4e5adf670e1db78 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Mon, 6 May 2019 10:57:36 +0200 Subject: [PATCH 18/58] Use size_t --- src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c b/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c index 4bd35c2d..dda67360 100644 --- a/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c +++ b/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c @@ -2612,7 +2612,7 @@ ge25519_from_hash(unsigned char s[32], const unsigned char h[64]) unsigned char gl[32]; fe25519 fe_f; fe25519 fe_g; - int i; + size_t i; unsigned char x_sign; x_sign = h[0] & 0x80; From ed4e053fb0e05078a406a3998d49b4daaec3d8d4 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Mon, 6 May 2019 11:13:31 +0200 Subject: [PATCH 19/58] lcov exclusions --- .../randombytes/internal/randombytes_internal_random.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/src/libsodium/randombytes/internal/randombytes_internal_random.c b/src/libsodium/randombytes/internal/randombytes_internal_random.c index c7c23291..f0794f80 100644 --- a/src/libsodium/randombytes/internal/randombytes_internal_random.c +++ b/src/libsodium/randombytes/internal/randombytes_internal_random.c @@ -181,7 +181,7 @@ _randombytes_getentropy(void * const buf, const size_t size) { assert(size <= 256U); if (getentropy(buf, size) != 0) { - return -1; + return -1; /* LCOV_EXCL_LINE */ } return 0; } @@ -198,7 +198,7 @@ randombytes_getentropy(void * const buf_, size_t size) assert(chunk_size > (size_t) 0U); } if (_randombytes_getentropy(buf, chunk_size) != 0) { - return -1; + return -1; /* LCOV_EXCL_LINE */ } size -= chunk_size; buf += chunk_size; @@ -273,10 +273,10 @@ randombytes_block_on_dev_random(void) } # endif +/* LCOV_EXCL_START */ static int randombytes_internal_random_random_dev_open(void) { - /* LCOV_EXCL_START */ struct stat st; static const char *devices[] = { # ifndef USE_BLOCKING_RANDOM @@ -310,8 +310,8 @@ randombytes_internal_random_random_dev_open(void) errno = EIO; return -1; - /* LCOV_EXCL_STOP */ } +/* LCOV_EXCL_STOP */ static ssize_t safe_read(const int fd, void * const buf_, size_t size) @@ -369,6 +369,7 @@ randombytes_internal_random_init(void) } } # endif +/* LCOV_EXCL_START */ # if !defined(NONEXISTENT_DEV_RANDOM) assert((global.getentropy_available | global.getrandom_available) == 0); if ((global.random_data_source_fd = @@ -378,6 +379,7 @@ randombytes_internal_random_init(void) errno = errno_save; return; # endif +/* LCOV_EXCL_STOP */ # ifndef HAVE_SAFE_ARC4RANDOM sodium_misuse(); # endif From ffdaf6d16bdc73b932bba2988ae7bfe0a52d0fad Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Mon, 6 May 2019 11:15:11 +0200 Subject: [PATCH 20/58] aead_xchacha20poly1305_ietf_decrypt(): add a test with a NULL message --- test/default/aead_xchacha20poly1305.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/test/default/aead_xchacha20poly1305.c b/test/default/aead_xchacha20poly1305.c index 9c51623a..12059b6e 100644 --- a/test/default/aead_xchacha20poly1305.c +++ b/test/default/aead_xchacha20poly1305.c @@ -20,7 +20,7 @@ tv(void) }; #undef MESSAGE #define MESSAGE "Ladies and Gentlemen of the class of '99: If I could offer you " \ -"only one tip for the future, sunscreen would be it." + "only one tip for the future, sunscreen would be it." unsigned char *m = (unsigned char *) sodium_malloc(MLEN); static const unsigned char nonce[crypto_aead_xchacha20poly1305_ietf_NPUBBYTES] = { 0x07, 0x00, 0x00, 0x00, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, @@ -64,6 +64,10 @@ tv(void) printf("detached ciphertext is bogus\n"); } + if (crypto_aead_xchacha20poly1305_ietf_decrypt(NULL, 0, NULL, c, CLEN, ad, + ADLEN, nonce, firstkey) != 0) { + printf("crypto_aead_xchacha20poly1305_ietf_decrypt() tag-only verification failed\n"); + } if (crypto_aead_xchacha20poly1305_ietf_decrypt(m2, &m2len, NULL, c, CLEN, ad, ADLEN, nonce, firstkey) != 0) { printf("crypto_aead_xchacha20poly1305_ietf_decrypt() failed\n"); From 06e4a485c4e73c623ee276f53151be870c66ea4d Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Mon, 6 May 2019 11:40:57 +0200 Subject: [PATCH 21/58] More tests --- .../crypto_core/salsa/ref/core_salsa_ref.c | 4 +- .../crypto_pwhash/argon2/argon2-core.c | 4 +- src/libsodium/sodium/runtime.c | 2 + test/default/box_seal.c | 58 +++++++++++++++++-- test/default/box_seal.exp | 4 ++ 5 files changed, 65 insertions(+), 7 deletions(-) diff --git a/src/libsodium/crypto_core/salsa/ref/core_salsa_ref.c b/src/libsodium/crypto_core/salsa/ref/core_salsa_ref.c index a077d7f4..c023378c 100644 --- a/src/libsodium/crypto_core/salsa/ref/core_salsa_ref.c +++ b/src/libsodium/crypto_core/salsa/ref/core_salsa_ref.c @@ -127,7 +127,7 @@ crypto_core_salsa20_constbytes(void) } #ifndef MINIMAL - +/* LCOV_EXCL_START */ int crypto_core_salsa2012(unsigned char *out, const unsigned char *in, const unsigned char *k, const unsigned char *c) @@ -191,5 +191,5 @@ crypto_core_salsa208_constbytes(void) { return crypto_core_salsa208_CONSTBYTES; } - +/* LCOV_EXCL_END */ #endif diff --git a/src/libsodium/crypto_pwhash/argon2/argon2-core.c b/src/libsodium/crypto_pwhash/argon2/argon2-core.c index bfe3fbbf..c4e4d842 100644 --- a/src/libsodium/crypto_pwhash/argon2/argon2-core.c +++ b/src/libsodium/crypto_pwhash/argon2/argon2-core.c @@ -113,9 +113,11 @@ allocate_memory(block_region **region, uint32_t m_cost) } #endif if (base == NULL) { + /* LCOV_EXCL_START */ free(*region); *region = NULL; - return ARGON2_MEMORY_ALLOCATION_ERROR; /* LCOV_EXCL_LINE */ + return ARGON2_MEMORY_ALLOCATION_ERROR; + /* LCOV_EXCL_STOP */ } (*region)->base = base; (*region)->memory = memory; diff --git a/src/libsodium/sodium/runtime.c b/src/libsodium/sodium/runtime.c index a5a89bca..9dfe54f8 100644 --- a/src/libsodium/sodium/runtime.c +++ b/src/libsodium/sodium/runtime.c @@ -203,11 +203,13 @@ _sodium_runtime_intel_cpu_features(CPUFeatures * const cpu_features) unsigned int cpu_info7[4]; _cpuid(cpu_info7, 0x00000007); + /* LCOV_EXCL_START */ if ((cpu_info7[1] & CPUID_EBX_AVX512F) == CPUID_EBX_AVX512F && (xcr0 & (XCR0_OPMASK | XCR0_ZMM_HI256 | XCR0_HI16_ZMM)) == (XCR0_OPMASK | XCR0_ZMM_HI256 | XCR0_HI16_ZMM)) { cpu_features->has_avx512f = 1; } + /* LCOV_EXCL_STOP */ } #endif diff --git a/test/default/box_seal.c b/test/default/box_seal.c index f9c970bc..e19ddd62 100644 --- a/test/default/box_seal.c +++ b/test/default/box_seal.c @@ -2,8 +2,8 @@ #define TEST_NAME "box_seal" #include "cmptest.h" -int -main(void) +static +void tv1(void) { unsigned char pk[crypto_box_PUBLICKEYBYTES]; unsigned char sk[crypto_box_SECRETKEYBYTES]; @@ -22,11 +22,11 @@ main(void) randombytes_buf(m, m_len); if (crypto_box_seal(c, m, m_len, pk) != 0) { printf("crypto_box_seal() failure\n"); - return 1; + return; } if (crypto_box_seal_open(m2, c, c_len, pk, sk) != 0) { printf("crypto_box_seal_open() failure\n"); - return 1; + return; } printf("%d\n", memcmp(m, m2, m_len)); @@ -39,6 +39,56 @@ main(void) sodium_free(m2); assert(crypto_box_sealbytes() == crypto_box_SEALBYTES); +} +#ifndef SODIUM_LIBRARY_MINIMAL +static +void tv2(void) +{ + unsigned char pk[crypto_box_curve25519xchacha20poly1305_PUBLICKEYBYTES]; + unsigned char sk[crypto_box_curve25519xchacha20poly1305_SECRETKEYBYTES]; + unsigned char *c; + unsigned char *m; + unsigned char *m2; + size_t m_len; + size_t c_len; + + crypto_box_curve25519xchacha20poly1305_keypair(pk, sk); + m_len = (size_t) randombytes_uniform(1000); + c_len = crypto_box_curve25519xchacha20poly1305_SEALBYTES + m_len; + m = (unsigned char *) sodium_malloc(m_len); + m2 = (unsigned char *) sodium_malloc(m_len); + c = (unsigned char *) sodium_malloc(c_len); + randombytes_buf(m, m_len); + if (crypto_box_curve25519xchacha20poly1305_seal(c, m, m_len, pk) != 0) { + printf("crypto_box_curve25519xchacha20poly1305_seal() failure\n"); + return; + } + if (crypto_box_curve25519xchacha20poly1305_seal_open(m2, c, c_len, pk, sk) != 0) { + printf("crypto_box_curve25519xchacha20poly1305_seal_open() failure\n"); + return; + } + printf("%d\n", memcmp(m, m2, m_len)); + + printf("%d\n", crypto_box_curve25519xchacha20poly1305_seal_open(m, c, 0U, pk, sk)); + printf("%d\n", crypto_box_curve25519xchacha20poly1305_seal_open(m, c, c_len - 1U, pk, sk)); + printf("%d\n", crypto_box_curve25519xchacha20poly1305_seal_open(m, c, c_len, sk, pk)); + + sodium_free(c); + sodium_free(m); + sodium_free(m2); + + assert(crypto_box_curve25519xchacha20poly1305_sealbytes() == + crypto_box_curve25519xchacha20poly1305_SEALBYTES); +} +#endif + +int +main(void) +{ + tv1(); +#ifndef SODIUM_LIBRARY_MINIMAL + tv2(); +#endif return 0; } diff --git a/test/default/box_seal.exp b/test/default/box_seal.exp index 78ea705a..ded7a43c 100644 --- a/test/default/box_seal.exp +++ b/test/default/box_seal.exp @@ -2,3 +2,7 @@ -1 -1 -1 +0 +-1 +-1 +-1 From 141de9be1351c573335f8788b1d8a8a891d5a9aa Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Mon, 6 May 2019 12:32:42 +0200 Subject: [PATCH 22/58] Indent --- .../ristretto255/ref10/scalarmult_ristretto255_ref10.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/libsodium/crypto_scalarmult/ristretto255/ref10/scalarmult_ristretto255_ref10.c b/src/libsodium/crypto_scalarmult/ristretto255/ref10/scalarmult_ristretto255_ref10.c index 09d87eba..433a9a26 100644 --- a/src/libsodium/crypto_scalarmult/ristretto255/ref10/scalarmult_ristretto255_ref10.c +++ b/src/libsodium/crypto_scalarmult/ristretto255/ref10/scalarmult_ristretto255_ref10.c @@ -8,7 +8,7 @@ int crypto_scalarmult_ristretto255(unsigned char *q, const unsigned char *n, - const unsigned char *p) + const unsigned char *p) { unsigned char *t = q; ge25519_p3 Q; @@ -49,6 +49,7 @@ crypto_scalarmult_ristretto255_base(unsigned char *q, } return 0; } + size_t crypto_scalarmult_ristretto255_bytes(void) { From 12277ee6b50254664afe1bc9fa2510f2c14dfe49 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Mon, 6 May 2019 12:40:21 +0200 Subject: [PATCH 23/58] More tests --- .../crypto_sign/ed25519/ref10/obsolete.c | 2 ++ test/default/core_ristretto255.c | 18 ++++++++++++++++++ test/default/scalarmult_ed25519.c | 12 ++++++++++++ test/default/scalarmult_ristretto255.c | 4 ++++ 4 files changed, 36 insertions(+) diff --git a/src/libsodium/crypto_sign/ed25519/ref10/obsolete.c b/src/libsodium/crypto_sign/ed25519/ref10/obsolete.c index 03440cfa..64ded79e 100644 --- a/src/libsodium/crypto_sign/ed25519/ref10/obsolete.c +++ b/src/libsodium/crypto_sign/ed25519/ref10/obsolete.c @@ -10,6 +10,7 @@ #include "randombytes.h" #include "utils.h" +/* LCOV_EXCL_START */ int crypto_sign_edwards25519sha512batch_keypair(unsigned char *pk, unsigned char *sk) @@ -114,3 +115,4 @@ crypto_sign_edwards25519sha512batch_open(unsigned char *m, return 0; } +/* LCOV_EXCL_END */ diff --git a/test/default/core_ristretto255.c b/test/default/core_ristretto255.c index 10ada0a9..a3973604 100644 --- a/test/default/core_ristretto255.c +++ b/test/default/core_ristretto255.c @@ -167,6 +167,24 @@ tv3(void) if (crypto_scalarmult_ristretto255(s2, l, s2) == 0) { printf("s*l != inf (3)\n"); } + if (crypto_core_ristretto255_add(s2, s, s_) != 0) { + printf("addition failed"); + } + if (crypto_core_ristretto255_sub(s2, s2, s_) != 0) { + printf("substraction failed"); + } + if (crypto_core_ristretto255_is_valid_point(s2) == 0) { + printf("invalid point"); + } + if (memcmp(s, s2, crypto_core_ristretto255_BYTES) != 0) { + printf("s2 + s - s_ != s\n"); + } + if (crypto_core_ristretto255_sub(s2, s2, s) != 0) { + printf("substraction failed"); + } + if (crypto_core_ristretto255_is_valid_point(s2) == -1) { + printf("s + s' - s - s' != 0"); + } } sodium_free(s2); diff --git a/test/default/scalarmult_ed25519.c b/test/default/scalarmult_ed25519.c index 26d431ae..795647b5 100644 --- a/test/default/scalarmult_ed25519.c +++ b/test/default/scalarmult_ed25519.c @@ -83,6 +83,18 @@ main(void) if (memcmp(q, q2, crypto_scalarmult_ed25519_BYTES) == 0) { printf("clamping not applied\n"); } + + n[0] = 9; + if (crypto_scalarmult_ed25519_base(q, n) != 0) { + printf("crypto_scalarmult_ed25519_base() failed\n"); + } + if (crypto_scalarmult_ed25519_base_noclamp(q2, n) != 0) { + printf("crypto_scalarmult_ed25519_base_noclamp() failed\n"); + } + if (memcmp(q, q2, crypto_scalarmult_ed25519_BYTES) == 0) { + printf("clamping not applied\n"); + } + n[0] = 8; n[31] = 64; if (crypto_scalarmult_ed25519_noclamp(q2, n, p) != 0) { diff --git a/test/default/scalarmult_ristretto255.c b/test/default/scalarmult_ristretto255.c index 96a813cb..1acd1216 100644 --- a/test/default/scalarmult_ristretto255.c +++ b/test/default/scalarmult_ristretto255.c @@ -32,6 +32,10 @@ main(void) assert(memcmp(p, p2, crypto_scalarmult_ristretto255_BYTES) == 0); sodium_increment(n, crypto_scalarmult_ristretto255_SCALARBYTES); } + + memset(p, 0xfe, crypto_scalarmult_ristretto255_BYTES); + assert(crypto_scalarmult_ristretto255(guard_page, n, p) == -1); + sodium_free(hex); sodium_free(p2); sodium_free(p); From 011343e88c778f67ec1416f16a9ff3412505786c Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Mon, 6 May 2019 12:48:02 +0200 Subject: [PATCH 24/58] More tests --- test/default/core_ristretto255.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/test/default/core_ristretto255.c b/test/default/core_ristretto255.c index a3973604..c6bbd7a5 100644 --- a/test/default/core_ristretto255.c +++ b/test/default/core_ristretto255.c @@ -187,6 +187,17 @@ tv3(void) } } + crypto_core_ristretto255_random(s); + memset(s_, 0xfe, crypto_core_ristretto255_BYTES); + assert(crypto_core_ristretto255_add(s2, s_, s) == -1); + assert(crypto_core_ristretto255_add(s2, s, s_) == -1); + assert(crypto_core_ristretto255_add(s2, s_, s_) == -1); + assert(crypto_core_ristretto255_add(s2, s, s) == 0); + assert(crypto_core_ristretto255_sub(s2, s_, s) == -1); + assert(crypto_core_ristretto255_sub(s2, s, s_) == -1); + assert(crypto_core_ristretto255_sub(s2, s_, s_) == -1); + assert(crypto_core_ristretto255_sub(s2, s, s) == 0); + sodium_free(s2); sodium_free(s_); sodium_free(s); From 6d9e2f0c8490a3af0384bff397779e3440a05ba6 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Mon, 6 May 2019 13:02:20 +0200 Subject: [PATCH 25/58] More tests --- test/default/box_seal.c | 11 +++++++-- test/default/core_ristretto255.c | 40 ++++++++++++++++++++++++++++++++ 2 files changed, 49 insertions(+), 2 deletions(-) diff --git a/test/default/box_seal.c b/test/default/box_seal.c index e19ddd62..01765ca8 100644 --- a/test/default/box_seal.c +++ b/test/default/box_seal.c @@ -81,14 +81,21 @@ void tv2(void) assert(crypto_box_curve25519xchacha20poly1305_sealbytes() == crypto_box_curve25519xchacha20poly1305_SEALBYTES); } + +#else + +static +void tv2(void) +{ + printf("0\n-1\n-1\n-1\n"); +} #endif int main(void) { tv1(); -#ifndef SODIUM_LIBRARY_MINIMAL tv2(); -#endif + return 0; } diff --git a/test/default/core_ristretto255.c b/test/default/core_ristretto255.c index c6bbd7a5..bd67f71d 100644 --- a/test/default/core_ristretto255.c +++ b/test/default/core_ristretto255.c @@ -206,12 +206,52 @@ tv3(void) sodium_free(r); } +static void +tv4(void) +{ + unsigned char *r; + unsigned char *s1; + unsigned char *s2; + unsigned char *s3; + unsigned char *s4; + + r = (unsigned char *) sodium_malloc(crypto_core_ristretto255_NONREDUCEDSCALARBYTES); + s1 = (unsigned char *) sodium_malloc(crypto_core_ristretto255_SCALARBYTES); + s2 = (unsigned char *) sodium_malloc(crypto_core_ristretto255_SCALARBYTES); + s3 = (unsigned char *) sodium_malloc(crypto_core_ristretto255_SCALARBYTES); + s4 = (unsigned char *) sodium_malloc(crypto_core_ristretto255_SCALARBYTES); + + crypto_core_ristretto255_scalar_random(s1); + randombytes_buf(r, crypto_core_ristretto255_NONREDUCEDSCALARBYTES); + crypto_core_ristretto255_scalar_reduce(s2, r); + memcpy(s4, s1, crypto_core_ristretto255_SCALARBYTES); + crypto_core_ristretto255_scalar_add(s3, s1, s2); + crypto_core_ristretto255_scalar_sub(s4, s1, s2); + crypto_core_ristretto255_scalar_add(s2, s3, s4); + crypto_core_ristretto255_scalar_sub(s2, s2, s1); + crypto_core_ristretto255_scalar_mul(s2, s3, s2); + crypto_core_ristretto255_scalar_invert(s4, s3); + crypto_core_ristretto255_scalar_mul(s2, s2, s4); + crypto_core_ristretto255_scalar_negate(s1, s1); + crypto_core_ristretto255_scalar_add(s2, s2, s1); + crypto_core_ristretto255_scalar_complement(s1, s2); + s1[0]--; + assert(sodium_is_zero(s1, crypto_core_ristretto255_SCALARBYTES)); + + sodium_free(s1); + sodium_free(s2); + sodium_free(s3); + sodium_free(s4); + sodium_free(r); +} + int main(void) { tv1(); tv2(); tv3(); + tv4(); assert(crypto_core_ristretto255_BYTES == crypto_core_ristretto255_bytes()); assert(crypto_core_ristretto255_SCALARBYTES == crypto_core_ristretto255_scalarbytes()); From 95a1f7d6266d2d6cd161c05430c56df322c1863b Mon Sep 17 00:00:00 2001 From: dsc Date: Sat, 11 May 2019 03:50:23 +0200 Subject: [PATCH 26/58] Fix Sodium version detection in CMake recipe --- contrib/Findsodium.cmake | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/contrib/Findsodium.cmake b/contrib/Findsodium.cmake index 0667920c..ff7ed9ea 100644 --- a/contrib/Findsodium.cmake +++ b/contrib/Findsodium.cmake @@ -21,6 +21,7 @@ # sodium_INCLUDE_DIR # sodium_LIBRARY_DEBUG # sodium_LIBRARY_RELEASE +# sodium_VERSION # # # Furthermore an imported "sodium" target is created. @@ -213,12 +214,12 @@ endif() # extract sodium version if (sodium_INCLUDE_DIR) - set(_VERSION_HEADER "${_INCLUDE_DIR}/sodium/version.h") - if (EXISTS _VERSION_HEADER) + set(_VERSION_HEADER "${sodium_INCLUDE_DIR}/sodium/version.h") + if (EXISTS "${_VERSION_HEADER}") file(READ "${_VERSION_HEADER}" _VERSION_HEADER_CONTENT) string(REGEX REPLACE ".*#[ \t]*define[ \t]*SODIUM_VERSION_STRING[ \t]*\"([^\n]*)\".*" "\\1" - sodium_VERSION "${_VERSION_HEADER_CONTENT}") - set(sodium_VERSION "${sodium_VERSION}" PARENT_SCOPE) + sodium_VERSION "${_VERSION_HEADER_CONTENT}") + set(sodium_VERSION "${sodium_VERSION}") endif() endif() From fdbfdf5089f53de353183775642e8331d608677a Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Sat, 11 May 2019 12:13:08 +0200 Subject: [PATCH 27/58] cmake-format --- contrib/Findsodium.cmake | 427 ++++++++++++++++++++------------------- 1 file changed, 215 insertions(+), 212 deletions(-) diff --git a/contrib/Findsodium.cmake b/contrib/Findsodium.cmake index 0667920c..92797e5b 100644 --- a/contrib/Findsodium.cmake +++ b/contrib/Findsodium.cmake @@ -1,107 +1,100 @@ # Written in 2016 by Henrik Steffen Gaßmann # -# To the extent possible under law, the author(s) have dedicated all -# copyright and related and neighboring rights to this software to the -# public domain worldwide. This software is distributed without any warranty. +# To the extent possible under law, the author(s) have dedicated all copyright +# and related and neighboring rights to this software to the public domain +# worldwide. This software is distributed without any warranty. # -# You should have received a copy of the CC0 Public Domain Dedication -# along with this software. If not, see +# You should have received a copy of the CC0 Public Domain Dedication along with +# this software. If not, see # -# http://creativecommons.org/publicdomain/zero/1.0/ +# http://creativecommons.org/publicdomain/zero/1.0/ # -######################################################################## +# ############################################################################## # Tries to find the local libsodium installation. # -# On Windows the sodium_DIR environment variable is used as a default -# hint which can be overridden by setting the corresponding cmake variable. +# On Windows the sodium_DIR environment variable is used as a default hint which +# can be overridden by setting the corresponding cmake variable. # # Once done the following variables will be defined: # -# sodium_FOUND -# sodium_INCLUDE_DIR -# sodium_LIBRARY_DEBUG -# sodium_LIBRARY_RELEASE -# +# sodium_FOUND sodium_INCLUDE_DIR sodium_LIBRARY_DEBUG sodium_LIBRARY_RELEASE # # Furthermore an imported "sodium" target is created. # -if (CMAKE_C_COMPILER_ID STREQUAL "GNU" - OR CMAKE_C_COMPILER_ID STREQUAL "Clang") - set(_GCC_COMPATIBLE 1) +if(CMAKE_C_COMPILER_ID STREQUAL "GNU" OR CMAKE_C_COMPILER_ID STREQUAL "Clang") + set(_GCC_COMPATIBLE 1) endif() # static library option -if (NOT DEFINED sodium_USE_STATIC_LIBS) - option(sodium_USE_STATIC_LIBS "enable to statically link against sodium" OFF) +if(NOT DEFINED sodium_USE_STATIC_LIBS) + option(sodium_USE_STATIC_LIBS "enable to statically link against sodium" OFF) endif() if(NOT (sodium_USE_STATIC_LIBS EQUAL sodium_USE_STATIC_LIBS_LAST)) - unset(sodium_LIBRARY CACHE) - unset(sodium_LIBRARY_DEBUG CACHE) - unset(sodium_LIBRARY_RELEASE CACHE) - unset(sodium_DLL_DEBUG CACHE) - unset(sodium_DLL_RELEASE CACHE) - set(sodium_USE_STATIC_LIBS_LAST ${sodium_USE_STATIC_LIBS} CACHE INTERNAL "internal change tracking variable") + unset(sodium_LIBRARY CACHE) + unset(sodium_LIBRARY_DEBUG CACHE) + unset(sodium_LIBRARY_RELEASE CACHE) + unset(sodium_DLL_DEBUG CACHE) + unset(sodium_DLL_RELEASE CACHE) + set(sodium_USE_STATIC_LIBS_LAST + ${sodium_USE_STATIC_LIBS} + CACHE INTERNAL "internal change tracking variable") endif() - -######################################################################## +# ############################################################################## # UNIX -if (UNIX) - # import pkg-config - find_package(PkgConfig QUIET) - if (PKG_CONFIG_FOUND) - pkg_check_modules(sodium_PKG QUIET libsodium) - endif() +if(UNIX) + # import pkg-config + find_package(PkgConfig QUIET) + if(PKG_CONFIG_FOUND) + pkg_check_modules(sodium_PKG QUIET libsodium) + endif() - if(sodium_USE_STATIC_LIBS) - if (sodium_PKG_STATIC_LIBRARIES) - foreach(_libname ${sodium_PKG_STATIC_LIBRARIES}) - if (NOT _libname MATCHES "^lib.*\\.a$") # ignore strings already ending with .a - list(INSERT sodium_PKG_STATIC_LIBRARIES 0 "lib${_libname}.a") - endif() - endforeach() - list(REMOVE_DUPLICATES sodium_PKG_STATIC_LIBRARIES) - else() - # if pkgconfig for libsodium doesn't provide - # static lib info, then override PKG_STATIC here.. - set(sodium_PKG_STATIC_LIBRARIES libsodium.a) + if(sodium_USE_STATIC_LIBS) + if(sodium_PKG_STATIC_LIBRARIES) + foreach(_libname ${sodium_PKG_STATIC_LIBRARIES}) + if(NOT _libname MATCHES "^lib.*\\.a$") # ignore strings already ending + # with .a + list(INSERT sodium_PKG_STATIC_LIBRARIES 0 "lib${_libname}.a") endif() - - set(XPREFIX sodium_PKG_STATIC) + endforeach() + list(REMOVE_DUPLICATES sodium_PKG_STATIC_LIBRARIES) else() - if (sodium_PKG_LIBRARIES STREQUAL "") - set(sodium_PKG_LIBRARIES sodium) - endif() + # if pkgconfig for libsodium doesn't provide static lib info, then + # override PKG_STATIC here.. + set(sodium_PKG_STATIC_LIBRARIES libsodium.a) + endif() - set(XPREFIX sodium_PKG) + set(XPREFIX sodium_PKG_STATIC) + else() + if(sodium_PKG_LIBRARIES STREQUAL "") + set(sodium_PKG_LIBRARIES sodium) endif() - find_path(sodium_INCLUDE_DIR sodium.h - HINTS ${${XPREFIX}_INCLUDE_DIRS} - ) - find_library(sodium_LIBRARY_DEBUG NAMES ${${XPREFIX}_LIBRARIES} - HINTS ${${XPREFIX}_LIBRARY_DIRS} - ) - find_library(sodium_LIBRARY_RELEASE NAMES ${${XPREFIX}_LIBRARIES} - HINTS ${${XPREFIX}_LIBRARY_DIRS} - ) + set(XPREFIX sodium_PKG) + endif() + find_path(sodium_INCLUDE_DIR sodium.h HINTS ${${XPREFIX}_INCLUDE_DIRS}) + find_library(sodium_LIBRARY_DEBUG + NAMES ${${XPREFIX}_LIBRARIES} + HINTS ${${XPREFIX}_LIBRARY_DIRS}) + find_library(sodium_LIBRARY_RELEASE + NAMES ${${XPREFIX}_LIBRARIES} + HINTS ${${XPREFIX}_LIBRARY_DIRS}) -######################################################################## -# Windows -elseif (WIN32) - set(sodium_DIR "$ENV{sodium_DIR}" CACHE FILEPATH "sodium install directory") - mark_as_advanced(sodium_DIR) + # ############################################################################ + # Windows +elseif(WIN32) + set(sodium_DIR "$ENV{sodium_DIR}" CACHE FILEPATH "sodium install directory") + mark_as_advanced(sodium_DIR) - find_path(sodium_INCLUDE_DIR sodium.h - HINTS ${sodium_DIR} - PATH_SUFFIXES include - ) + find_path(sodium_INCLUDE_DIR sodium.h + HINTS ${sodium_DIR} + PATH_SUFFIXES include) - if (MSVC) - # detect target architecture - file(WRITE "${CMAKE_CURRENT_BINARY_DIR}/arch.c" [=[ + if(MSVC) + # detect target architecture + file(WRITE "${CMAKE_CURRENT_BINARY_DIR}/arch.c" [=[ #if defined _M_IX86 #error ARCH_VALUE x86_32 #elif defined _M_X64 @@ -109,180 +102,190 @@ elseif (WIN32) #endif #error ARCH_VALUE unknown ]=]) - try_compile(_UNUSED_VAR "${CMAKE_CURRENT_BINARY_DIR}" "${CMAKE_CURRENT_BINARY_DIR}/arch.c" - OUTPUT_VARIABLE _COMPILATION_LOG - ) - string(REGEX REPLACE ".*ARCH_VALUE ([a-zA-Z0-9_]+).*" "\\1" _TARGET_ARCH "${_COMPILATION_LOG}") + try_compile(_UNUSED_VAR "${CMAKE_CURRENT_BINARY_DIR}" + "${CMAKE_CURRENT_BINARY_DIR}/arch.c" + OUTPUT_VARIABLE _COMPILATION_LOG) + string(REGEX + REPLACE ".*ARCH_VALUE ([a-zA-Z0-9_]+).*" + "\\1" + _TARGET_ARCH + "${_COMPILATION_LOG}") - # construct library path - if (_TARGET_ARCH STREQUAL "x86_32") - string(APPEND _PLATFORM_PATH "Win32") - elseif(_TARGET_ARCH STREQUAL "x86_64") - string(APPEND _PLATFORM_PATH "x64") - else() - message(FATAL_ERROR "the ${_TARGET_ARCH} architecture is not supported by Findsodium.cmake.") - endif() - string(APPEND _PLATFORM_PATH "/$$CONFIG$$") + # construct library path + if(_TARGET_ARCH STREQUAL "x86_32") + string(APPEND _PLATFORM_PATH "Win32") + elseif(_TARGET_ARCH STREQUAL "x86_64") + string(APPEND _PLATFORM_PATH "x64") + else() + message( + FATAL_ERROR + "the ${_TARGET_ARCH} architecture is not supported by Findsodium.cmake." + ) + endif() + string(APPEND _PLATFORM_PATH "/$$CONFIG$$") - if (MSVC_VERSION LESS 1900) - math(EXPR _VS_VERSION "${MSVC_VERSION} / 10 - 60") - else() - math(EXPR _VS_VERSION "${MSVC_VERSION} / 10 - 50") - endif() - string(APPEND _PLATFORM_PATH "/v${_VS_VERSION}") + if(MSVC_VERSION LESS 1900) + math(EXPR _VS_VERSION "${MSVC_VERSION} / 10 - 60") + else() + math(EXPR _VS_VERSION "${MSVC_VERSION} / 10 - 50") + endif() + string(APPEND _PLATFORM_PATH "/v${_VS_VERSION}") - if (sodium_USE_STATIC_LIBS) - string(APPEND _PLATFORM_PATH "/static") - else() - string(APPEND _PLATFORM_PATH "/dynamic") - endif() + if(sodium_USE_STATIC_LIBS) + string(APPEND _PLATFORM_PATH "/static") + else() + string(APPEND _PLATFORM_PATH "/dynamic") + endif() - string(REPLACE "$$CONFIG$$" "Debug" _DEBUG_PATH_SUFFIX "${_PLATFORM_PATH}") - string(REPLACE "$$CONFIG$$" "Release" _RELEASE_PATH_SUFFIX "${_PLATFORM_PATH}") + string(REPLACE "$$CONFIG$$" + "Debug" + _DEBUG_PATH_SUFFIX + "${_PLATFORM_PATH}") + string(REPLACE "$$CONFIG$$" + "Release" + _RELEASE_PATH_SUFFIX + "${_PLATFORM_PATH}") - find_library(sodium_LIBRARY_DEBUG libsodium.lib - HINTS ${sodium_DIR} - PATH_SUFFIXES ${_DEBUG_PATH_SUFFIX} - ) - find_library(sodium_LIBRARY_RELEASE libsodium.lib - HINTS ${sodium_DIR} - PATH_SUFFIXES ${_RELEASE_PATH_SUFFIX} - ) - if (NOT sodium_USE_STATIC_LIBS) - set(CMAKE_FIND_LIBRARY_SUFFIXES_BCK ${CMAKE_FIND_LIBRARY_SUFFIXES}) - set(CMAKE_FIND_LIBRARY_SUFFIXES ".dll") - find_library(sodium_DLL_DEBUG libsodium - HINTS ${sodium_DIR} - PATH_SUFFIXES ${_DEBUG_PATH_SUFFIX} - ) - find_library(sodium_DLL_RELEASE libsodium - HINTS ${sodium_DIR} - PATH_SUFFIXES ${_RELEASE_PATH_SUFFIX} - ) - set(CMAKE_FIND_LIBRARY_SUFFIXES ${CMAKE_FIND_LIBRARY_SUFFIXES_BCK}) - endif() - - elseif(_GCC_COMPATIBLE) - if (sodium_USE_STATIC_LIBS) - find_library(sodium_LIBRARY_DEBUG libsodium.a - HINTS ${sodium_DIR} - PATH_SUFFIXES lib - ) - find_library(sodium_LIBRARY_RELEASE libsodium.a - HINTS ${sodium_DIR} - PATH_SUFFIXES lib - ) - else() - find_library(sodium_LIBRARY_DEBUG libsodium.dll.a - HINTS ${sodium_DIR} - PATH_SUFFIXES lib - ) - find_library(sodium_LIBRARY_RELEASE libsodium.dll.a - HINTS ${sodium_DIR} - PATH_SUFFIXES lib - ) + find_library(sodium_LIBRARY_DEBUG libsodium.lib + HINTS ${sodium_DIR} + PATH_SUFFIXES ${_DEBUG_PATH_SUFFIX}) + find_library(sodium_LIBRARY_RELEASE libsodium.lib + HINTS ${sodium_DIR} + PATH_SUFFIXES ${_RELEASE_PATH_SUFFIX}) + if(NOT sodium_USE_STATIC_LIBS) + set(CMAKE_FIND_LIBRARY_SUFFIXES_BCK ${CMAKE_FIND_LIBRARY_SUFFIXES}) + set(CMAKE_FIND_LIBRARY_SUFFIXES ".dll") + find_library(sodium_DLL_DEBUG libsodium + HINTS ${sodium_DIR} + PATH_SUFFIXES ${_DEBUG_PATH_SUFFIX}) + find_library(sodium_DLL_RELEASE libsodium + HINTS ${sodium_DIR} + PATH_SUFFIXES ${_RELEASE_PATH_SUFFIX}) + set(CMAKE_FIND_LIBRARY_SUFFIXES ${CMAKE_FIND_LIBRARY_SUFFIXES_BCK}) + endif() - file(GLOB _DLL - LIST_DIRECTORIES false - RELATIVE "${sodium_DIR}/bin" - "${sodium_DIR}/bin/libsodium*.dll" - ) - find_library(sodium_DLL_DEBUG ${_DLL} libsodium - HINTS ${sodium_DIR} - PATH_SUFFIXES bin - ) - find_library(sodium_DLL_RELEASE ${_DLL} libsodium - HINTS ${sodium_DIR} - PATH_SUFFIXES bin - ) - endif() + elseif(_GCC_COMPATIBLE) + if(sodium_USE_STATIC_LIBS) + find_library(sodium_LIBRARY_DEBUG libsodium.a + HINTS ${sodium_DIR} + PATH_SUFFIXES lib) + find_library(sodium_LIBRARY_RELEASE libsodium.a + HINTS ${sodium_DIR} + PATH_SUFFIXES lib) else() - message(FATAL_ERROR "this platform is not supported by FindSodium.cmake") - endif() + find_library(sodium_LIBRARY_DEBUG libsodium.dll.a + HINTS ${sodium_DIR} + PATH_SUFFIXES lib) + find_library(sodium_LIBRARY_RELEASE libsodium.dll.a + HINTS ${sodium_DIR} + PATH_SUFFIXES lib) + file(GLOB _DLL + LIST_DIRECTORIES false + RELATIVE "${sodium_DIR}/bin" + "${sodium_DIR}/bin/libsodium*.dll") + find_library(sodium_DLL_DEBUG ${_DLL} libsodium + HINTS ${sodium_DIR} + PATH_SUFFIXES bin) + find_library(sodium_DLL_RELEASE ${_DLL} libsodium + HINTS ${sodium_DIR} + PATH_SUFFIXES bin) + endif() + else() + message(FATAL_ERROR "this platform is not supported by FindSodium.cmake") + endif() -######################################################################## -# unsupported + # ############################################################################ + # unsupported else() - message(FATAL_ERROR "this platform is not supported by FindSodium.cmake") + message(FATAL_ERROR "this platform is not supported by FindSodium.cmake") endif() - -######################################################################## +# ############################################################################## # common stuff # extract sodium version -if (sodium_INCLUDE_DIR) - set(_VERSION_HEADER "${_INCLUDE_DIR}/sodium/version.h") - if (EXISTS _VERSION_HEADER) - file(READ "${_VERSION_HEADER}" _VERSION_HEADER_CONTENT) - string(REGEX REPLACE ".*#[ \t]*define[ \t]*SODIUM_VERSION_STRING[ \t]*\"([^\n]*)\".*" "\\1" - sodium_VERSION "${_VERSION_HEADER_CONTENT}") - set(sodium_VERSION "${sodium_VERSION}" PARENT_SCOPE) - endif() +if(sodium_INCLUDE_DIR) + set(_VERSION_HEADER "${_INCLUDE_DIR}/sodium/version.h") + if(EXISTS _VERSION_HEADER) + file(READ "${_VERSION_HEADER}" _VERSION_HEADER_CONTENT) + string( + REGEX + REPLACE ".*#[ \t]*define[ \t]*SODIUM_VERSION_STRING[ \t]*\"([^\n]*)\".*" + "\\1" + sodium_VERSION + "${_VERSION_HEADER_CONTENT}") + set(sodium_VERSION "${sodium_VERSION}" PARENT_SCOPE) + endif() endif() # communicate results include(FindPackageHandleStandardArgs) find_package_handle_standard_args(sodium - REQUIRED_VARS - sodium_LIBRARY_RELEASE - sodium_LIBRARY_DEBUG - sodium_INCLUDE_DIR - VERSION_VAR - sodium_VERSION -) + REQUIRED_VARS + sodium_LIBRARY_RELEASE + sodium_LIBRARY_DEBUG + sodium_INCLUDE_DIR + VERSION_VAR + sodium_VERSION) # mark file paths as advanced mark_as_advanced(sodium_INCLUDE_DIR) mark_as_advanced(sodium_LIBRARY_DEBUG) mark_as_advanced(sodium_LIBRARY_RELEASE) -if (WIN32) - mark_as_advanced(sodium_DLL_DEBUG) - mark_as_advanced(sodium_DLL_RELEASE) +if(WIN32) + mark_as_advanced(sodium_DLL_DEBUG) + mark_as_advanced(sodium_DLL_RELEASE) endif() # create imported target if(sodium_USE_STATIC_LIBS) - set(_LIB_TYPE STATIC) + set(_LIB_TYPE STATIC) else() - set(_LIB_TYPE SHARED) + set(_LIB_TYPE SHARED) endif() add_library(sodium ${_LIB_TYPE} IMPORTED) -set_target_properties(sodium PROPERTIES - INTERFACE_INCLUDE_DIRECTORIES "${sodium_INCLUDE_DIR}" - IMPORTED_LINK_INTERFACE_LANGUAGES "C" -) +set_target_properties(sodium + PROPERTIES INTERFACE_INCLUDE_DIRECTORIES + "${sodium_INCLUDE_DIR}" + IMPORTED_LINK_INTERFACE_LANGUAGES + "C") -if (sodium_USE_STATIC_LIBS) - set_target_properties(sodium PROPERTIES - INTERFACE_COMPILE_DEFINITIONS "SODIUM_STATIC" - IMPORTED_LOCATION "${sodium_LIBRARY_RELEASE}" - IMPORTED_LOCATION_DEBUG "${sodium_LIBRARY_DEBUG}" - ) +if(sodium_USE_STATIC_LIBS) + set_target_properties(sodium + PROPERTIES INTERFACE_COMPILE_DEFINITIONS + "SODIUM_STATIC" + IMPORTED_LOCATION + "${sodium_LIBRARY_RELEASE}" + IMPORTED_LOCATION_DEBUG + "${sodium_LIBRARY_DEBUG}") else() - if (UNIX) - set_target_properties(sodium PROPERTIES - IMPORTED_LOCATION "${sodium_LIBRARY_RELEASE}" - IMPORTED_LOCATION_DEBUG "${sodium_LIBRARY_DEBUG}" - ) - elseif (WIN32) - set_target_properties(sodium PROPERTIES - IMPORTED_IMPLIB "${sodium_LIBRARY_RELEASE}" - IMPORTED_IMPLIB_DEBUG "${sodium_LIBRARY_DEBUG}" - ) - if (NOT (sodium_DLL_DEBUG MATCHES ".*-NOTFOUND")) - set_target_properties(sodium PROPERTIES - IMPORTED_LOCATION_DEBUG "${sodium_DLL_DEBUG}" - ) - endif() - if (NOT (sodium_DLL_RELEASE MATCHES ".*-NOTFOUND")) - set_target_properties(sodium PROPERTIES - IMPORTED_LOCATION_RELWITHDEBINFO "${sodium_DLL_RELEASE}" - IMPORTED_LOCATION_MINSIZEREL "${sodium_DLL_RELEASE}" - IMPORTED_LOCATION_RELEASE "${sodium_DLL_RELEASE}" - ) - endif() + if(UNIX) + set_target_properties(sodium + PROPERTIES IMPORTED_LOCATION + "${sodium_LIBRARY_RELEASE}" + IMPORTED_LOCATION_DEBUG + "${sodium_LIBRARY_DEBUG}") + elseif(WIN32) + set_target_properties(sodium + PROPERTIES IMPORTED_IMPLIB + "${sodium_LIBRARY_RELEASE}" + IMPORTED_IMPLIB_DEBUG + "${sodium_LIBRARY_DEBUG}") + if(NOT (sodium_DLL_DEBUG MATCHES ".*-NOTFOUND")) + set_target_properties(sodium + PROPERTIES IMPORTED_LOCATION_DEBUG + "${sodium_DLL_DEBUG}") + endif() + if(NOT (sodium_DLL_RELEASE MATCHES ".*-NOTFOUND")) + set_target_properties(sodium + PROPERTIES IMPORTED_LOCATION_RELWITHDEBINFO + "${sodium_DLL_RELEASE}" + IMPORTED_LOCATION_MINSIZEREL + "${sodium_DLL_RELEASE}" + IMPORTED_LOCATION_RELEASE + "${sodium_DLL_RELEASE}") endif() + endif() endif() From e1176fe2bb75544752843919232c3a910f14061c Mon Sep 17 00:00:00 2001 From: bas-d <7903735+bas-d@users.noreply.github.com> Date: Sat, 11 May 2019 17:15:14 +0200 Subject: [PATCH 28/58] Override print and printErr --- dist-build/emscripten.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/dist-build/emscripten.sh b/dist-build/emscripten.sh index d8975e5d..fb810781 100755 --- a/dist-build/emscripten.sh +++ b/dist-build/emscripten.sh @@ -99,6 +99,12 @@ if [ "$DIST" = yes ]; then Module.ready = new Promise(function(resolve, reject) { var Module = _Module; Module.onAbort = reject; + Module.print = function(what) { + console.log(what); + } + Module.printErr = function(what) { + console.warn(what); + } Module.onRuntimeInitialized = function() { try { /* Test arbitrary wasm function */ From 646c0cfd4621a04f7814fb29b75c9712e985cf0e Mon Sep 17 00:00:00 2001 From: bas-d <7903735+bas-d@users.noreply.github.com> Date: Sun, 12 May 2019 12:41:55 +0200 Subject: [PATCH 29/58] Check if console is null or undefined. --- dist-build/emscripten.sh | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/dist-build/emscripten.sh b/dist-build/emscripten.sh index fb810781..f5de28d9 100755 --- a/dist-build/emscripten.sh +++ b/dist-build/emscripten.sh @@ -100,10 +100,14 @@ if [ "$DIST" = yes ]; then var Module = _Module; Module.onAbort = reject; Module.print = function(what) { - console.log(what); + if (console != null) { + console.log(what); + } } Module.printErr = function(what) { - console.warn(what); + if (console != null) { + console.warn(what); + } } Module.onRuntimeInitialized = function() { try { From 1fd2422623db6e413054c79931cd4391598c9a1c Mon Sep 17 00:00:00 2001 From: bas-d <7903735+bas-d@users.noreply.github.com> Date: Sun, 12 May 2019 13:04:11 +0200 Subject: [PATCH 30/58] Properly check if console exists. --- dist-build/emscripten.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dist-build/emscripten.sh b/dist-build/emscripten.sh index f5de28d9..4dfd899b 100755 --- a/dist-build/emscripten.sh +++ b/dist-build/emscripten.sh @@ -100,12 +100,12 @@ if [ "$DIST" = yes ]; then var Module = _Module; Module.onAbort = reject; Module.print = function(what) { - if (console != null) { + if (typeof(console) !== 'undefined') { console.log(what); } } Module.printErr = function(what) { - if (console != null) { + if (typeof(console) !== 'undefined') { console.warn(what); } } From dee20234c84b918e175d32ba13ee0781e38c497c Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Sun, 12 May 2019 13:51:41 +0200 Subject: [PATCH 31/58] Shorten --- dist-build/emscripten.sh | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/dist-build/emscripten.sh b/dist-build/emscripten.sh index 4dfd899b..e7d7a9bc 100755 --- a/dist-build/emscripten.sh +++ b/dist-build/emscripten.sh @@ -100,14 +100,10 @@ if [ "$DIST" = yes ]; then var Module = _Module; Module.onAbort = reject; Module.print = function(what) { - if (typeof(console) !== 'undefined') { - console.log(what); - } + typeof(console) !== 'undefined' && console.log(what); } Module.printErr = function(what) { - if (typeof(console) !== 'undefined') { - console.warn(what); - } + typeof(console) !== 'undefined' && console.warn(what); } Module.onRuntimeInitialized = function() { try { From 515d540524619987443d88c097888ee74d3fd142 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Thu, 16 May 2019 23:38:48 +0200 Subject: [PATCH 32/58] autogen.sh: make config.guess update optional --- autogen.sh | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/autogen.sh b/autogen.sh index 73a92b2b..3743f706 100755 --- a/autogen.sh +++ b/autogen.sh @@ -1,6 +1,6 @@ #! /bin/sh -if glibtoolize --version > /dev/null 2>&1; then +if glibtoolize --version >/dev/null 2>&1; then LIBTOOLIZE='glibtoolize' else LIBTOOLIZE='libtoolize' @@ -26,16 +26,19 @@ command -v automake >/dev/null 2>&1 || { exit 1 } -if autoreconf --version > /dev/null 2>&1 ; then +if autoreconf --version >/dev/null 2>&1; then autoreconf -ivf else - $LIBTOOLIZE && \ - aclocal && \ - automake --add-missing --force-missing --include-deps && \ - autoconf + $LIBTOOLIZE && + aclocal && + automake --add-missing --force-missing --include-deps && + autoconf fi -command -v curl >/dev/null 2>&1 && { +[ -z "$DO_NOT_UPDATE_CONFIG_SCRIPTS" ] && + command -v curl >/dev/null 2>&1 && { + echo "Downloading config.guess and config.sub..." + curl -sL -o config.guess \ 'https://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD' && mv -f config.guess build-aux/config.guess @@ -43,6 +46,8 @@ command -v curl >/dev/null 2>&1 && { curl -sL -o config.sub \ 'https://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD' && mv -f config.sub build-aux/config.sub + + echo "Done." } rm -f config.guess config.sub From e24847c36426518fb5b9f6fc2aae214f9e6f0eec Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Tue, 21 May 2019 10:17:35 +0200 Subject: [PATCH 33/58] Comment --- src/libsodium/crypto_sign/ed25519/ref10/sign.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libsodium/crypto_sign/ed25519/ref10/sign.c b/src/libsodium/crypto_sign/ed25519/ref10/sign.c index 3e34e170..bbdd8f72 100644 --- a/src/libsodium/crypto_sign/ed25519/ref10/sign.c +++ b/src/libsodium/crypto_sign/ed25519/ref10/sign.c @@ -76,7 +76,7 @@ _crypto_sign_ed25519_detached(unsigned char *sig, unsigned long long *siglen_p, crypto_hash_sha512(az, sk, 32); #ifdef ED25519_NONDETERMINISTIC - _crypto_sign_ed25519_synthetic_r_hv(&hs, nonce, az); + _crypto_sign_ed25519_synthetic_r_hv(&hs, nonce /* Z */, az); #else crypto_hash_sha512_update(&hs, az + 32, 32); #endif From 9567bbe65fc64c870ea5e7925c809ba70c4a896b Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Tue, 21 May 2019 10:50:44 +0200 Subject: [PATCH 34/58] Limit resources when running tests The default memory limit matches the limit already used when running the javascript and webassembly tests. Original diff by @pilou- Fixes #837 --- configure.ac | 3 ++- test/default/cmptest.h | 33 +++++++++++++++++++++++++++++++++ 2 files changed, 35 insertions(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac index e1fceada..9a8fa74a 100644 --- a/configure.ac +++ b/configure.ac @@ -554,7 +554,7 @@ AC_SUBST(CFLAGS_AESNI) AC_SUBST(CFLAGS_PCLMUL) AC_SUBST(CFLAGS_RDRAND) -AC_CHECK_HEADERS([sys/mman.h sys/random.h intrin.h]) +AC_CHECK_HEADERS([sys/mman.h sys/random.h sys/resource.h intrin.h]) AC_MSG_CHECKING([if _xgetbv() is available]) AC_LINK_IFELSE( @@ -796,6 +796,7 @@ AC_FUNC_ALLOCA AS_IF([test "x$EMSCRIPTEN" = "x"],[ AC_CHECK_FUNCS([arc4random arc4random_buf]) AC_CHECK_FUNCS([mmap mlock madvise mprotect]) + AC_CHECK_FUNCS([setrlimit]) AC_MSG_CHECKING(for getrandom with a standard API) AC_LINK_IFELSE([AC_LANG_PROGRAM([[ diff --git a/test/default/cmptest.h b/test/default/cmptest.h index 1ecc5cd9..6721f41a 100644 --- a/test/default/cmptest.h +++ b/test/default/cmptest.h @@ -14,9 +14,19 @@ #include #include +#if defined(HAVE_SYS_RESOURCE_H) && defined(HAVE_SETRLIMIT) +# include +# include +# include +#endif + #include "sodium.h" #include "quirks.h" +#ifndef TOTAL_MEMORY_TESTS +# define TOTAL_MEMORY_TESTS 16777216 +#endif + #ifdef __EMSCRIPTEN__ # undef TEST_SRCDIR # define TEST_SRCDIR "/test-data" @@ -37,6 +47,25 @@ int xmain(void); static unsigned char *guard_page; +static int set_resource_limits(void) +{ + int res = 0; + +#if defined(RLIM_INFINITY) && defined(HAVE_SETRLIMIT) + struct rlimit limits; + + limits.rlim_cur = limits.rlim_max = TOTAL_MEMORY_TESTS; +# ifdef RLIMIT_AS + res |= setrlimit(RLIMIT_AS, &limits); +# endif +# ifdef RLIMIT_DATA + res |= setrlimit(RLIMIT_DATA, &limits); +# endif +#endif + + return res; +} + #ifdef BENCHMARKS # include @@ -136,6 +165,8 @@ int main(void) unsigned long long ts_end; unsigned int i; + (void) set_resource_limits(); + if (sodium_init() != 0) { return 99; } @@ -171,6 +202,8 @@ int main(void) unsigned char *_guard_page; int c; + (void) set_resource_limits(); + if ((fp_res = fopen(TEST_NAME_RES, "w+")) == NULL) { perror("fopen(" TEST_NAME_RES ")"); return 99; From 06f331d153d38d973baf66f13f1a64ae8c1b144c Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Tue, 21 May 2019 11:12:07 +0200 Subject: [PATCH 35/58] Use the same memory limit everywhere --- dist-build/emscripten.sh | 14 +++++++------- test/default/cmptest.h | 6 +++--- test/default/wasi-test-wrapper.sh | 6 +++--- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/dist-build/emscripten.sh b/dist-build/emscripten.sh index e7d7a9bc..63bb9979 100755 --- a/dist-build/emscripten.sh +++ b/dist-build/emscripten.sh @@ -4,9 +4,9 @@ export MAKE_FLAGS='-j4' export EXPORTED_FUNCTIONS_STANDARD='["_malloc","_free","_crypto_aead_chacha20poly1305_abytes","_crypto_aead_chacha20poly1305_decrypt","_crypto_aead_chacha20poly1305_decrypt_detached","_crypto_aead_chacha20poly1305_encrypt","_crypto_aead_chacha20poly1305_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_abytes","_crypto_aead_chacha20poly1305_ietf_decrypt","_crypto_aead_chacha20poly1305_ietf_decrypt_detached","_crypto_aead_chacha20poly1305_ietf_encrypt","_crypto_aead_chacha20poly1305_ietf_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_keybytes","_crypto_aead_chacha20poly1305_ietf_keygen","_crypto_aead_chacha20poly1305_ietf_messagebytes_max","_crypto_aead_chacha20poly1305_ietf_npubbytes","_crypto_aead_chacha20poly1305_ietf_nsecbytes","_crypto_aead_chacha20poly1305_keybytes","_crypto_aead_chacha20poly1305_keygen","_crypto_aead_chacha20poly1305_messagebytes_max","_crypto_aead_chacha20poly1305_npubbytes","_crypto_aead_chacha20poly1305_nsecbytes","_crypto_aead_xchacha20poly1305_ietf_abytes","_crypto_aead_xchacha20poly1305_ietf_decrypt","_crypto_aead_xchacha20poly1305_ietf_decrypt_detached","_crypto_aead_xchacha20poly1305_ietf_encrypt","_crypto_aead_xchacha20poly1305_ietf_encrypt_detached","_crypto_aead_xchacha20poly1305_ietf_keybytes","_crypto_aead_xchacha20poly1305_ietf_keygen","_crypto_aead_xchacha20poly1305_ietf_messagebytes_max","_crypto_aead_xchacha20poly1305_ietf_npubbytes","_crypto_aead_xchacha20poly1305_ietf_nsecbytes","_crypto_auth","_crypto_auth_bytes","_crypto_auth_keybytes","_crypto_auth_keygen","_crypto_auth_verify","_crypto_box_beforenm","_crypto_box_beforenmbytes","_crypto_box_detached","_crypto_box_detached_afternm","_crypto_box_easy","_crypto_box_easy_afternm","_crypto_box_keypair","_crypto_box_macbytes","_crypto_box_messagebytes_max","_crypto_box_noncebytes","_crypto_box_open_detached","_crypto_box_open_detached_afternm","_crypto_box_open_easy","_crypto_box_open_easy_afternm","_crypto_box_publickeybytes","_crypto_box_seal","_crypto_box_seal_open","_crypto_box_sealbytes","_crypto_box_secretkeybytes","_crypto_box_seed_keypair","_crypto_box_seedbytes","_crypto_generichash","_crypto_generichash_bytes","_crypto_generichash_bytes_max","_crypto_generichash_bytes_min","_crypto_generichash_final","_crypto_generichash_init","_crypto_generichash_keybytes","_crypto_generichash_keybytes_max","_crypto_generichash_keybytes_min","_crypto_generichash_keygen","_crypto_generichash_statebytes","_crypto_generichash_update","_crypto_hash","_crypto_hash_bytes","_crypto_kdf_bytes_max","_crypto_kdf_bytes_min","_crypto_kdf_contextbytes","_crypto_kdf_derive_from_key","_crypto_kdf_keybytes","_crypto_kdf_keygen","_crypto_kx_client_session_keys","_crypto_kx_keypair","_crypto_kx_publickeybytes","_crypto_kx_secretkeybytes","_crypto_kx_seed_keypair","_crypto_kx_seedbytes","_crypto_kx_server_session_keys","_crypto_kx_sessionkeybytes","_crypto_pwhash","_crypto_pwhash_alg_argon2i13","_crypto_pwhash_alg_argon2id13","_crypto_pwhash_alg_default","_crypto_pwhash_bytes_max","_crypto_pwhash_bytes_min","_crypto_pwhash_memlimit_interactive","_crypto_pwhash_memlimit_max","_crypto_pwhash_memlimit_min","_crypto_pwhash_memlimit_moderate","_crypto_pwhash_memlimit_sensitive","_crypto_pwhash_opslimit_interactive","_crypto_pwhash_opslimit_max","_crypto_pwhash_opslimit_min","_crypto_pwhash_opslimit_moderate","_crypto_pwhash_opslimit_sensitive","_crypto_pwhash_passwd_max","_crypto_pwhash_passwd_min","_crypto_pwhash_saltbytes","_crypto_pwhash_str","_crypto_pwhash_str_alg","_crypto_pwhash_str_needs_rehash","_crypto_pwhash_str_verify","_crypto_pwhash_strbytes","_crypto_pwhash_strprefix","_crypto_scalarmult","_crypto_scalarmult_base","_crypto_scalarmult_bytes","_crypto_scalarmult_scalarbytes","_crypto_secretbox_detached","_crypto_secretbox_easy","_crypto_secretbox_keybytes","_crypto_secretbox_keygen","_crypto_secretbox_macbytes","_crypto_secretbox_messagebytes_max","_crypto_secretbox_noncebytes","_crypto_secretbox_open_detached","_crypto_secretbox_open_easy","_crypto_secretstream_xchacha20poly1305_abytes","_crypto_secretstream_xchacha20poly1305_headerbytes","_crypto_secretstream_xchacha20poly1305_init_pull","_crypto_secretstream_xchacha20poly1305_init_push","_crypto_secretstream_xchacha20poly1305_keybytes","_crypto_secretstream_xchacha20poly1305_keygen","_crypto_secretstream_xchacha20poly1305_messagebytes_max","_crypto_secretstream_xchacha20poly1305_pull","_crypto_secretstream_xchacha20poly1305_push","_crypto_secretstream_xchacha20poly1305_rekey","_crypto_secretstream_xchacha20poly1305_statebytes","_crypto_secretstream_xchacha20poly1305_tag_final","_crypto_secretstream_xchacha20poly1305_tag_message","_crypto_secretstream_xchacha20poly1305_tag_push","_crypto_secretstream_xchacha20poly1305_tag_rekey","_crypto_shorthash","_crypto_shorthash_bytes","_crypto_shorthash_keybytes","_crypto_shorthash_keygen","_crypto_sign","_crypto_sign_bytes","_crypto_sign_detached","_crypto_sign_ed25519_pk_to_curve25519","_crypto_sign_ed25519_sk_to_curve25519","_crypto_sign_final_create","_crypto_sign_final_verify","_crypto_sign_init","_crypto_sign_keypair","_crypto_sign_messagebytes_max","_crypto_sign_open","_crypto_sign_publickeybytes","_crypto_sign_secretkeybytes","_crypto_sign_seed_keypair","_crypto_sign_seedbytes","_crypto_sign_statebytes","_crypto_sign_update","_crypto_sign_verify_detached","_randombytes","_randombytes_buf","_randombytes_buf_deterministic","_randombytes_close","_randombytes_random","_randombytes_seedbytes","_randombytes_stir","_randombytes_uniform","_sodium_base642bin","_sodium_base64_encoded_len","_sodium_bin2base64","_sodium_bin2hex","_sodium_hex2bin","_sodium_init","_sodium_library_minimal","_sodium_library_version_major","_sodium_library_version_minor","_sodium_pad","_sodium_unpad","_sodium_version_string"]' export EXPORTED_FUNCTIONS_SUMO='["_malloc","_free","_crypto_aead_chacha20poly1305_abytes","_crypto_aead_chacha20poly1305_decrypt","_crypto_aead_chacha20poly1305_decrypt_detached","_crypto_aead_chacha20poly1305_encrypt","_crypto_aead_chacha20poly1305_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_abytes","_crypto_aead_chacha20poly1305_ietf_decrypt","_crypto_aead_chacha20poly1305_ietf_decrypt_detached","_crypto_aead_chacha20poly1305_ietf_encrypt","_crypto_aead_chacha20poly1305_ietf_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_keybytes","_crypto_aead_chacha20poly1305_ietf_keygen","_crypto_aead_chacha20poly1305_ietf_messagebytes_max","_crypto_aead_chacha20poly1305_ietf_npubbytes","_crypto_aead_chacha20poly1305_ietf_nsecbytes","_crypto_aead_chacha20poly1305_keybytes","_crypto_aead_chacha20poly1305_keygen","_crypto_aead_chacha20poly1305_messagebytes_max","_crypto_aead_chacha20poly1305_npubbytes","_crypto_aead_chacha20poly1305_nsecbytes","_crypto_aead_xchacha20poly1305_ietf_abytes","_crypto_aead_xchacha20poly1305_ietf_decrypt","_crypto_aead_xchacha20poly1305_ietf_decrypt_detached","_crypto_aead_xchacha20poly1305_ietf_encrypt","_crypto_aead_xchacha20poly1305_ietf_encrypt_detached","_crypto_aead_xchacha20poly1305_ietf_keybytes","_crypto_aead_xchacha20poly1305_ietf_keygen","_crypto_aead_xchacha20poly1305_ietf_messagebytes_max","_crypto_aead_xchacha20poly1305_ietf_npubbytes","_crypto_aead_xchacha20poly1305_ietf_nsecbytes","_crypto_auth","_crypto_auth_bytes","_crypto_auth_hmacsha256","_crypto_auth_hmacsha256_bytes","_crypto_auth_hmacsha256_final","_crypto_auth_hmacsha256_init","_crypto_auth_hmacsha256_keybytes","_crypto_auth_hmacsha256_keygen","_crypto_auth_hmacsha256_statebytes","_crypto_auth_hmacsha256_update","_crypto_auth_hmacsha256_verify","_crypto_auth_hmacsha512","_crypto_auth_hmacsha512256","_crypto_auth_hmacsha512256_bytes","_crypto_auth_hmacsha512256_final","_crypto_auth_hmacsha512256_init","_crypto_auth_hmacsha512256_keybytes","_crypto_auth_hmacsha512256_keygen","_crypto_auth_hmacsha512256_statebytes","_crypto_auth_hmacsha512256_update","_crypto_auth_hmacsha512256_verify","_crypto_auth_hmacsha512_bytes","_crypto_auth_hmacsha512_final","_crypto_auth_hmacsha512_init","_crypto_auth_hmacsha512_keybytes","_crypto_auth_hmacsha512_keygen","_crypto_auth_hmacsha512_statebytes","_crypto_auth_hmacsha512_update","_crypto_auth_hmacsha512_verify","_crypto_auth_keybytes","_crypto_auth_keygen","_crypto_auth_primitive","_crypto_auth_verify","_crypto_box","_crypto_box_afternm","_crypto_box_beforenm","_crypto_box_beforenmbytes","_crypto_box_boxzerobytes","_crypto_box_curve25519xchacha20poly1305_beforenm","_crypto_box_curve25519xchacha20poly1305_beforenmbytes","_crypto_box_curve25519xchacha20poly1305_detached","_crypto_box_curve25519xchacha20poly1305_detached_afternm","_crypto_box_curve25519xchacha20poly1305_easy","_crypto_box_curve25519xchacha20poly1305_easy_afternm","_crypto_box_curve25519xchacha20poly1305_keypair","_crypto_box_curve25519xchacha20poly1305_macbytes","_crypto_box_curve25519xchacha20poly1305_messagebytes_max","_crypto_box_curve25519xchacha20poly1305_noncebytes","_crypto_box_curve25519xchacha20poly1305_open_detached","_crypto_box_curve25519xchacha20poly1305_open_detached_afternm","_crypto_box_curve25519xchacha20poly1305_open_easy","_crypto_box_curve25519xchacha20poly1305_open_easy_afternm","_crypto_box_curve25519xchacha20poly1305_publickeybytes","_crypto_box_curve25519xchacha20poly1305_seal","_crypto_box_curve25519xchacha20poly1305_seal_open","_crypto_box_curve25519xchacha20poly1305_sealbytes","_crypto_box_curve25519xchacha20poly1305_secretkeybytes","_crypto_box_curve25519xchacha20poly1305_seed_keypair","_crypto_box_curve25519xchacha20poly1305_seedbytes","_crypto_box_curve25519xsalsa20poly1305","_crypto_box_curve25519xsalsa20poly1305_afternm","_crypto_box_curve25519xsalsa20poly1305_beforenm","_crypto_box_curve25519xsalsa20poly1305_beforenmbytes","_crypto_box_curve25519xsalsa20poly1305_boxzerobytes","_crypto_box_curve25519xsalsa20poly1305_keypair","_crypto_box_curve25519xsalsa20poly1305_macbytes","_crypto_box_curve25519xsalsa20poly1305_messagebytes_max","_crypto_box_curve25519xsalsa20poly1305_noncebytes","_crypto_box_curve25519xsalsa20poly1305_open","_crypto_box_curve25519xsalsa20poly1305_open_afternm","_crypto_box_curve25519xsalsa20poly1305_publickeybytes","_crypto_box_curve25519xsalsa20poly1305_secretkeybytes","_crypto_box_curve25519xsalsa20poly1305_seed_keypair","_crypto_box_curve25519xsalsa20poly1305_seedbytes","_crypto_box_curve25519xsalsa20poly1305_zerobytes","_crypto_box_detached","_crypto_box_detached_afternm","_crypto_box_easy","_crypto_box_easy_afternm","_crypto_box_keypair","_crypto_box_macbytes","_crypto_box_messagebytes_max","_crypto_box_noncebytes","_crypto_box_open","_crypto_box_open_afternm","_crypto_box_open_detached","_crypto_box_open_detached_afternm","_crypto_box_open_easy","_crypto_box_open_easy_afternm","_crypto_box_primitive","_crypto_box_publickeybytes","_crypto_box_seal","_crypto_box_seal_open","_crypto_box_sealbytes","_crypto_box_secretkeybytes","_crypto_box_seed_keypair","_crypto_box_seedbytes","_crypto_box_zerobytes","_crypto_core_ed25519_add","_crypto_core_ed25519_bytes","_crypto_core_ed25519_from_hash","_crypto_core_ed25519_from_uniform","_crypto_core_ed25519_hashbytes","_crypto_core_ed25519_is_valid_point","_crypto_core_ed25519_nonreducedscalarbytes","_crypto_core_ed25519_random","_crypto_core_ed25519_scalar_add","_crypto_core_ed25519_scalar_complement","_crypto_core_ed25519_scalar_invert","_crypto_core_ed25519_scalar_mul","_crypto_core_ed25519_scalar_negate","_crypto_core_ed25519_scalar_random","_crypto_core_ed25519_scalar_reduce","_crypto_core_ed25519_scalar_sub","_crypto_core_ed25519_scalarbytes","_crypto_core_ed25519_sub","_crypto_core_ed25519_uniformbytes","_crypto_core_hchacha20","_crypto_core_hchacha20_constbytes","_crypto_core_hchacha20_inputbytes","_crypto_core_hchacha20_keybytes","_crypto_core_hchacha20_outputbytes","_crypto_core_hsalsa20","_crypto_core_hsalsa20_constbytes","_crypto_core_hsalsa20_inputbytes","_crypto_core_hsalsa20_keybytes","_crypto_core_hsalsa20_outputbytes","_crypto_core_ristretto255_add","_crypto_core_ristretto255_bytes","_crypto_core_ristretto255_from_hash","_crypto_core_ristretto255_hashbytes","_crypto_core_ristretto255_is_valid_point","_crypto_core_ristretto255_nonreducedscalarbytes","_crypto_core_ristretto255_random","_crypto_core_ristretto255_scalar_add","_crypto_core_ristretto255_scalar_complement","_crypto_core_ristretto255_scalar_invert","_crypto_core_ristretto255_scalar_mul","_crypto_core_ristretto255_scalar_negate","_crypto_core_ristretto255_scalar_random","_crypto_core_ristretto255_scalar_reduce","_crypto_core_ristretto255_scalar_sub","_crypto_core_ristretto255_scalarbytes","_crypto_core_ristretto255_sub","_crypto_core_salsa20","_crypto_core_salsa2012","_crypto_core_salsa2012_constbytes","_crypto_core_salsa2012_inputbytes","_crypto_core_salsa2012_keybytes","_crypto_core_salsa2012_outputbytes","_crypto_core_salsa208","_crypto_core_salsa208_constbytes","_crypto_core_salsa208_inputbytes","_crypto_core_salsa208_keybytes","_crypto_core_salsa208_outputbytes","_crypto_core_salsa20_constbytes","_crypto_core_salsa20_inputbytes","_crypto_core_salsa20_keybytes","_crypto_core_salsa20_outputbytes","_crypto_generichash","_crypto_generichash_blake2b","_crypto_generichash_blake2b_bytes","_crypto_generichash_blake2b_bytes_max","_crypto_generichash_blake2b_bytes_min","_crypto_generichash_blake2b_final","_crypto_generichash_blake2b_init","_crypto_generichash_blake2b_init_salt_personal","_crypto_generichash_blake2b_keybytes","_crypto_generichash_blake2b_keybytes_max","_crypto_generichash_blake2b_keybytes_min","_crypto_generichash_blake2b_keygen","_crypto_generichash_blake2b_personalbytes","_crypto_generichash_blake2b_salt_personal","_crypto_generichash_blake2b_saltbytes","_crypto_generichash_blake2b_statebytes","_crypto_generichash_blake2b_update","_crypto_generichash_bytes","_crypto_generichash_bytes_max","_crypto_generichash_bytes_min","_crypto_generichash_final","_crypto_generichash_init","_crypto_generichash_keybytes","_crypto_generichash_keybytes_max","_crypto_generichash_keybytes_min","_crypto_generichash_keygen","_crypto_generichash_primitive","_crypto_generichash_statebytes","_crypto_generichash_update","_crypto_hash","_crypto_hash_bytes","_crypto_hash_primitive","_crypto_hash_sha256","_crypto_hash_sha256_bytes","_crypto_hash_sha256_final","_crypto_hash_sha256_init","_crypto_hash_sha256_statebytes","_crypto_hash_sha256_update","_crypto_hash_sha512","_crypto_hash_sha512_bytes","_crypto_hash_sha512_final","_crypto_hash_sha512_init","_crypto_hash_sha512_statebytes","_crypto_hash_sha512_update","_crypto_kdf_blake2b_bytes_max","_crypto_kdf_blake2b_bytes_min","_crypto_kdf_blake2b_contextbytes","_crypto_kdf_blake2b_derive_from_key","_crypto_kdf_blake2b_keybytes","_crypto_kdf_bytes_max","_crypto_kdf_bytes_min","_crypto_kdf_contextbytes","_crypto_kdf_derive_from_key","_crypto_kdf_keybytes","_crypto_kdf_keygen","_crypto_kdf_primitive","_crypto_kx_client_session_keys","_crypto_kx_keypair","_crypto_kx_primitive","_crypto_kx_publickeybytes","_crypto_kx_secretkeybytes","_crypto_kx_seed_keypair","_crypto_kx_seedbytes","_crypto_kx_server_session_keys","_crypto_kx_sessionkeybytes","_crypto_onetimeauth","_crypto_onetimeauth_bytes","_crypto_onetimeauth_final","_crypto_onetimeauth_init","_crypto_onetimeauth_keybytes","_crypto_onetimeauth_keygen","_crypto_onetimeauth_poly1305","_crypto_onetimeauth_poly1305_bytes","_crypto_onetimeauth_poly1305_final","_crypto_onetimeauth_poly1305_init","_crypto_onetimeauth_poly1305_keybytes","_crypto_onetimeauth_poly1305_keygen","_crypto_onetimeauth_poly1305_statebytes","_crypto_onetimeauth_poly1305_update","_crypto_onetimeauth_poly1305_verify","_crypto_onetimeauth_primitive","_crypto_onetimeauth_statebytes","_crypto_onetimeauth_update","_crypto_onetimeauth_verify","_crypto_pwhash","_crypto_pwhash_alg_argon2i13","_crypto_pwhash_alg_argon2id13","_crypto_pwhash_alg_default","_crypto_pwhash_argon2i","_crypto_pwhash_argon2i_alg_argon2i13","_crypto_pwhash_argon2i_bytes_max","_crypto_pwhash_argon2i_bytes_min","_crypto_pwhash_argon2i_memlimit_interactive","_crypto_pwhash_argon2i_memlimit_max","_crypto_pwhash_argon2i_memlimit_min","_crypto_pwhash_argon2i_memlimit_moderate","_crypto_pwhash_argon2i_memlimit_sensitive","_crypto_pwhash_argon2i_opslimit_interactive","_crypto_pwhash_argon2i_opslimit_max","_crypto_pwhash_argon2i_opslimit_min","_crypto_pwhash_argon2i_opslimit_moderate","_crypto_pwhash_argon2i_opslimit_sensitive","_crypto_pwhash_argon2i_passwd_max","_crypto_pwhash_argon2i_passwd_min","_crypto_pwhash_argon2i_saltbytes","_crypto_pwhash_argon2i_str","_crypto_pwhash_argon2i_str_needs_rehash","_crypto_pwhash_argon2i_str_verify","_crypto_pwhash_argon2i_strbytes","_crypto_pwhash_argon2i_strprefix","_crypto_pwhash_argon2id","_crypto_pwhash_argon2id_alg_argon2id13","_crypto_pwhash_argon2id_bytes_max","_crypto_pwhash_argon2id_bytes_min","_crypto_pwhash_argon2id_memlimit_interactive","_crypto_pwhash_argon2id_memlimit_max","_crypto_pwhash_argon2id_memlimit_min","_crypto_pwhash_argon2id_memlimit_moderate","_crypto_pwhash_argon2id_memlimit_sensitive","_crypto_pwhash_argon2id_opslimit_interactive","_crypto_pwhash_argon2id_opslimit_max","_crypto_pwhash_argon2id_opslimit_min","_crypto_pwhash_argon2id_opslimit_moderate","_crypto_pwhash_argon2id_opslimit_sensitive","_crypto_pwhash_argon2id_passwd_max","_crypto_pwhash_argon2id_passwd_min","_crypto_pwhash_argon2id_saltbytes","_crypto_pwhash_argon2id_str","_crypto_pwhash_argon2id_str_needs_rehash","_crypto_pwhash_argon2id_str_verify","_crypto_pwhash_argon2id_strbytes","_crypto_pwhash_argon2id_strprefix","_crypto_pwhash_bytes_max","_crypto_pwhash_bytes_min","_crypto_pwhash_memlimit_interactive","_crypto_pwhash_memlimit_max","_crypto_pwhash_memlimit_min","_crypto_pwhash_memlimit_moderate","_crypto_pwhash_memlimit_sensitive","_crypto_pwhash_opslimit_interactive","_crypto_pwhash_opslimit_max","_crypto_pwhash_opslimit_min","_crypto_pwhash_opslimit_moderate","_crypto_pwhash_opslimit_sensitive","_crypto_pwhash_passwd_max","_crypto_pwhash_passwd_min","_crypto_pwhash_primitive","_crypto_pwhash_saltbytes","_crypto_pwhash_scryptsalsa208sha256","_crypto_pwhash_scryptsalsa208sha256_bytes_max","_crypto_pwhash_scryptsalsa208sha256_bytes_min","_crypto_pwhash_scryptsalsa208sha256_ll","_crypto_pwhash_scryptsalsa208sha256_memlimit_interactive","_crypto_pwhash_scryptsalsa208sha256_memlimit_max","_crypto_pwhash_scryptsalsa208sha256_memlimit_min","_crypto_pwhash_scryptsalsa208sha256_memlimit_sensitive","_crypto_pwhash_scryptsalsa208sha256_opslimit_interactive","_crypto_pwhash_scryptsalsa208sha256_opslimit_max","_crypto_pwhash_scryptsalsa208sha256_opslimit_min","_crypto_pwhash_scryptsalsa208sha256_opslimit_sensitive","_crypto_pwhash_scryptsalsa208sha256_passwd_max","_crypto_pwhash_scryptsalsa208sha256_passwd_min","_crypto_pwhash_scryptsalsa208sha256_saltbytes","_crypto_pwhash_scryptsalsa208sha256_str","_crypto_pwhash_scryptsalsa208sha256_str_needs_rehash","_crypto_pwhash_scryptsalsa208sha256_str_verify","_crypto_pwhash_scryptsalsa208sha256_strbytes","_crypto_pwhash_scryptsalsa208sha256_strprefix","_crypto_pwhash_str","_crypto_pwhash_str_alg","_crypto_pwhash_str_needs_rehash","_crypto_pwhash_str_verify","_crypto_pwhash_strbytes","_crypto_pwhash_strprefix","_crypto_scalarmult","_crypto_scalarmult_base","_crypto_scalarmult_bytes","_crypto_scalarmult_curve25519","_crypto_scalarmult_curve25519_base","_crypto_scalarmult_curve25519_bytes","_crypto_scalarmult_curve25519_scalarbytes","_crypto_scalarmult_ed25519","_crypto_scalarmult_ed25519_base","_crypto_scalarmult_ed25519_base_noclamp","_crypto_scalarmult_ed25519_bytes","_crypto_scalarmult_ed25519_noclamp","_crypto_scalarmult_ed25519_scalarbytes","_crypto_scalarmult_primitive","_crypto_scalarmult_ristretto255","_crypto_scalarmult_ristretto255_base","_crypto_scalarmult_ristretto255_bytes","_crypto_scalarmult_ristretto255_scalarbytes","_crypto_scalarmult_scalarbytes","_crypto_secretbox","_crypto_secretbox_boxzerobytes","_crypto_secretbox_detached","_crypto_secretbox_easy","_crypto_secretbox_keybytes","_crypto_secretbox_keygen","_crypto_secretbox_macbytes","_crypto_secretbox_messagebytes_max","_crypto_secretbox_noncebytes","_crypto_secretbox_open","_crypto_secretbox_open_detached","_crypto_secretbox_open_easy","_crypto_secretbox_primitive","_crypto_secretbox_xchacha20poly1305_detached","_crypto_secretbox_xchacha20poly1305_easy","_crypto_secretbox_xchacha20poly1305_keybytes","_crypto_secretbox_xchacha20poly1305_macbytes","_crypto_secretbox_xchacha20poly1305_messagebytes_max","_crypto_secretbox_xchacha20poly1305_noncebytes","_crypto_secretbox_xchacha20poly1305_open_detached","_crypto_secretbox_xchacha20poly1305_open_easy","_crypto_secretbox_xsalsa20poly1305","_crypto_secretbox_xsalsa20poly1305_boxzerobytes","_crypto_secretbox_xsalsa20poly1305_keybytes","_crypto_secretbox_xsalsa20poly1305_keygen","_crypto_secretbox_xsalsa20poly1305_macbytes","_crypto_secretbox_xsalsa20poly1305_messagebytes_max","_crypto_secretbox_xsalsa20poly1305_noncebytes","_crypto_secretbox_xsalsa20poly1305_open","_crypto_secretbox_xsalsa20poly1305_zerobytes","_crypto_secretbox_zerobytes","_crypto_secretstream_xchacha20poly1305_abytes","_crypto_secretstream_xchacha20poly1305_headerbytes","_crypto_secretstream_xchacha20poly1305_init_pull","_crypto_secretstream_xchacha20poly1305_init_push","_crypto_secretstream_xchacha20poly1305_keybytes","_crypto_secretstream_xchacha20poly1305_keygen","_crypto_secretstream_xchacha20poly1305_messagebytes_max","_crypto_secretstream_xchacha20poly1305_pull","_crypto_secretstream_xchacha20poly1305_push","_crypto_secretstream_xchacha20poly1305_rekey","_crypto_secretstream_xchacha20poly1305_statebytes","_crypto_secretstream_xchacha20poly1305_tag_final","_crypto_secretstream_xchacha20poly1305_tag_message","_crypto_secretstream_xchacha20poly1305_tag_push","_crypto_secretstream_xchacha20poly1305_tag_rekey","_crypto_shorthash","_crypto_shorthash_bytes","_crypto_shorthash_keybytes","_crypto_shorthash_keygen","_crypto_shorthash_primitive","_crypto_shorthash_siphash24","_crypto_shorthash_siphash24_bytes","_crypto_shorthash_siphash24_keybytes","_crypto_shorthash_siphashx24","_crypto_shorthash_siphashx24_bytes","_crypto_shorthash_siphashx24_keybytes","_crypto_sign","_crypto_sign_bytes","_crypto_sign_detached","_crypto_sign_ed25519","_crypto_sign_ed25519_bytes","_crypto_sign_ed25519_detached","_crypto_sign_ed25519_keypair","_crypto_sign_ed25519_messagebytes_max","_crypto_sign_ed25519_open","_crypto_sign_ed25519_pk_to_curve25519","_crypto_sign_ed25519_publickeybytes","_crypto_sign_ed25519_secretkeybytes","_crypto_sign_ed25519_seed_keypair","_crypto_sign_ed25519_seedbytes","_crypto_sign_ed25519_sk_to_curve25519","_crypto_sign_ed25519_sk_to_pk","_crypto_sign_ed25519_sk_to_seed","_crypto_sign_ed25519_verify_detached","_crypto_sign_ed25519ph_final_create","_crypto_sign_ed25519ph_final_verify","_crypto_sign_ed25519ph_init","_crypto_sign_ed25519ph_statebytes","_crypto_sign_ed25519ph_update","_crypto_sign_final_create","_crypto_sign_final_verify","_crypto_sign_init","_crypto_sign_keypair","_crypto_sign_messagebytes_max","_crypto_sign_open","_crypto_sign_primitive","_crypto_sign_publickeybytes","_crypto_sign_secretkeybytes","_crypto_sign_seed_keypair","_crypto_sign_seedbytes","_crypto_sign_statebytes","_crypto_sign_update","_crypto_sign_verify_detached","_crypto_stream","_crypto_stream_chacha20","_crypto_stream_chacha20_ietf","_crypto_stream_chacha20_ietf_keybytes","_crypto_stream_chacha20_ietf_keygen","_crypto_stream_chacha20_ietf_messagebytes_max","_crypto_stream_chacha20_ietf_noncebytes","_crypto_stream_chacha20_ietf_xor","_crypto_stream_chacha20_ietf_xor_ic","_crypto_stream_chacha20_keybytes","_crypto_stream_chacha20_keygen","_crypto_stream_chacha20_messagebytes_max","_crypto_stream_chacha20_noncebytes","_crypto_stream_chacha20_xor","_crypto_stream_chacha20_xor_ic","_crypto_stream_keybytes","_crypto_stream_keygen","_crypto_stream_messagebytes_max","_crypto_stream_noncebytes","_crypto_stream_primitive","_crypto_stream_salsa20","_crypto_stream_salsa2012","_crypto_stream_salsa2012_keybytes","_crypto_stream_salsa2012_keygen","_crypto_stream_salsa2012_messagebytes_max","_crypto_stream_salsa2012_noncebytes","_crypto_stream_salsa2012_xor","_crypto_stream_salsa208","_crypto_stream_salsa208_keybytes","_crypto_stream_salsa208_keygen","_crypto_stream_salsa208_messagebytes_max","_crypto_stream_salsa208_noncebytes","_crypto_stream_salsa208_xor","_crypto_stream_salsa20_keybytes","_crypto_stream_salsa20_keygen","_crypto_stream_salsa20_messagebytes_max","_crypto_stream_salsa20_noncebytes","_crypto_stream_salsa20_xor","_crypto_stream_salsa20_xor_ic","_crypto_stream_xchacha20","_crypto_stream_xchacha20_keybytes","_crypto_stream_xchacha20_keygen","_crypto_stream_xchacha20_messagebytes_max","_crypto_stream_xchacha20_noncebytes","_crypto_stream_xchacha20_xor","_crypto_stream_xchacha20_xor_ic","_crypto_stream_xor","_crypto_stream_xsalsa20","_crypto_stream_xsalsa20_keybytes","_crypto_stream_xsalsa20_keygen","_crypto_stream_xsalsa20_messagebytes_max","_crypto_stream_xsalsa20_noncebytes","_crypto_stream_xsalsa20_xor","_crypto_stream_xsalsa20_xor_ic","_crypto_verify_16","_crypto_verify_16_bytes","_crypto_verify_32","_crypto_verify_32_bytes","_crypto_verify_64","_crypto_verify_64_bytes","_randombytes","_randombytes_buf","_randombytes_buf_deterministic","_randombytes_close","_randombytes_implementation_name","_randombytes_random","_randombytes_seedbytes","_randombytes_stir","_randombytes_uniform","_sodium_base642bin","_sodium_base64_encoded_len","_sodium_bin2base64","_sodium_bin2hex","_sodium_hex2bin","_sodium_init","_sodium_library_minimal","_sodium_library_version_major","_sodium_library_version_minor","_sodium_pad","_sodium_unpad","_sodium_version_string"]' export EXPORTED_RUNTIME_METHODS='["UTF8ToString","getValue","setValue"]' -export TOTAL_MEMORY=16777216 -export TOTAL_MEMORY_SUMO=16777216 -export TOTAL_MEMORY_TESTS=16777216 +export MAX_MEMORY=16777216 +export MAX_MEMORY_SUMO=16777216 +export MAX_MEMORY_TESTS=16777216 export LDFLAGS="-s RESERVED_FUNCTION_POINTERS=8" export LDFLAGS="${LDFLAGS} -s ALLOW_MEMORY_GROWTH=1" export LDFLAGS="${LDFLAGS} -s SINGLE_FILE=1" @@ -19,7 +19,7 @@ export CFLAGS="-Os" echo if [ "x$1" = "x--standard" ]; then export EXPORTED_FUNCTIONS="$EXPORTED_FUNCTIONS_STANDARD" - export LDFLAGS="${LDFLAGS} ${LDFLAGS_DIST} -s TOTAL_MEMORY=${TOTAL_MEMORY}" + export LDFLAGS="${LDFLAGS} ${LDFLAGS_DIST} -s TOTAL_MEMORY=${MAX_MEMORY}" export PREFIX="$(pwd)/libsodium-js" export DONE_FILE="$(pwd)/js.done" export CONFIG_EXTRA="--enable-minimal" @@ -27,14 +27,14 @@ if [ "x$1" = "x--standard" ]; then echo "Building a standard distribution in [${PREFIX}]" elif [ "x$1" = "x--sumo" ]; then export EXPORTED_FUNCTIONS="$EXPORTED_FUNCTIONS_SUMO" - export LDFLAGS="${LDFLAGS} ${LDFLAGS_DIST} -s TOTAL_MEMORY=${TOTAL_MEMORY_SUMO}" + export LDFLAGS="${LDFLAGS} ${LDFLAGS_DIST} -s TOTAL_MEMORY=${MAX_MEMORY_SUMO}" export PREFIX="$(pwd)/libsodium-js-sumo" export DONE_FILE="$(pwd)/js-sumo.done" export DIST='yes' echo "Building a sumo distribution in [${PREFIX}]" elif [ "x$1" = "x--browser-tests" ]; then export EXPORTED_FUNCTIONS="$EXPORTED_FUNCTIONS_SUMO" - export LDFLAGS="${LDFLAGS} -s TOTAL_MEMORY=${TOTAL_MEMORY_TESTS}" + export LDFLAGS="${LDFLAGS} -s TOTAL_MEMORY=${MAX_MEMORY_TESTS}" export PREFIX="$(pwd)/libsodium-js-tests" export DONE_FILE="$(pwd)/js-tests-browser.done" export BROWSER_TESTS='yes' @@ -44,7 +44,7 @@ elif [ "x$1" = "x--tests" ]; then echo "Building for testing" export EXPORTED_FUNCTIONS="$EXPORTED_FUNCTIONS_SUMO" export CPPFLAGS="${CPPFLAGS} -DBENCHMARKS -DITERATIONS=10" - export LDFLAGS="${LDFLAGS} -s TOTAL_MEMORY=${TOTAL_MEMORY_TESTS}" + export LDFLAGS="${LDFLAGS} -s TOTAL_MEMORY=${MAX_MEMORY_TESTS}" export PREFIX="$(pwd)/libsodium-js-tests" export DONE_FILE="$(pwd)/js-tests.done" export DIST='no' diff --git a/test/default/cmptest.h b/test/default/cmptest.h index 6721f41a..edffe822 100644 --- a/test/default/cmptest.h +++ b/test/default/cmptest.h @@ -23,8 +23,8 @@ #include "sodium.h" #include "quirks.h" -#ifndef TOTAL_MEMORY_TESTS -# define TOTAL_MEMORY_TESTS 16777216 +#ifndef MAX_MEMORY_TESTS +# define MAX_MEMORY_TESTS 67108864 #endif #ifdef __EMSCRIPTEN__ @@ -54,7 +54,7 @@ static int set_resource_limits(void) #if defined(RLIM_INFINITY) && defined(HAVE_SETRLIMIT) struct rlimit limits; - limits.rlim_cur = limits.rlim_max = TOTAL_MEMORY_TESTS; + limits.rlim_cur = limits.rlim_max = MAX_MEMORY_TESTS; # ifdef RLIMIT_AS res |= setrlimit(RLIMIT_AS, &limits); # endif diff --git a/test/default/wasi-test-wrapper.sh b/test/default/wasi-test-wrapper.sh index a94dbc49..bcb16a82 100755 --- a/test/default/wasi-test-wrapper.sh +++ b/test/default/wasi-test-wrapper.sh @@ -1,6 +1,6 @@ #! /bin/sh -MAX_MEMORY_MB="128" +MAX_MEMORY_TESTS_MB="64" if [ -z "$WASI_RUNTIME" ] || [ "$WASI_RUNTIME" = "wasmtime" ]; then if command -v wasmtime >/dev/null; then @@ -11,9 +11,9 @@ fi if [ -z "$WASI_RUNTIME" ] || [ "$WASI_RUNTIME" = "lucet" ]; then if command -v lucetc-wasi >/dev/null && command -v lucet-wasi >/dev/null; then lucetc-wasi \ - --reserved-size "${MAX_MEMORY_MB}MiB" \ + --reserved-size "${MAX_MEMORY_TESTS_MB}MiB" \ -o "${1}.so" --opt-level best "$1" && - lucet-wasi --dir=.:. --max-heap-size "${MAX_MEMORY_MB}MiB" "${1}.so" && + lucet-wasi --dir=.:. --max-heap-size "${MAX_MEMORY_TESTS_MB}MiB" "${1}.so" && rm -f "${1}.so" && exit 0 fi fi From 91c98bad15b3379de576070b8e25c389639b0b12 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Tue, 21 May 2019 11:22:49 +0200 Subject: [PATCH 36/58] lucet seems to accept sizes without a suffix --- test/default/wasi-test-wrapper.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/test/default/wasi-test-wrapper.sh b/test/default/wasi-test-wrapper.sh index bcb16a82..d5f0dd41 100755 --- a/test/default/wasi-test-wrapper.sh +++ b/test/default/wasi-test-wrapper.sh @@ -1,6 +1,6 @@ #! /bin/sh -MAX_MEMORY_TESTS_MB="64" +MAX_MEMORY_TESTS="67108864" if [ -z "$WASI_RUNTIME" ] || [ "$WASI_RUNTIME" = "wasmtime" ]; then if command -v wasmtime >/dev/null; then @@ -11,9 +11,9 @@ fi if [ -z "$WASI_RUNTIME" ] || [ "$WASI_RUNTIME" = "lucet" ]; then if command -v lucetc-wasi >/dev/null && command -v lucet-wasi >/dev/null; then lucetc-wasi \ - --reserved-size "${MAX_MEMORY_TESTS_MB}MiB" \ + --reserved-size "${MAX_MEMORY_TESTS}" \ -o "${1}.so" --opt-level best "$1" && - lucet-wasi --dir=.:. --max-heap-size "${MAX_MEMORY_TESTS_MB}MiB" "${1}.so" && + lucet-wasi --dir=.:. --max-heap-size "${MAX_MEMORY_TESTS}" "${1}.so" && rm -f "${1}.so" && exit 0 fi fi From 76ac6ef605d40ea72d755f28764353ef4587f8f7 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Tue, 21 May 2019 13:14:06 +0200 Subject: [PATCH 37/58] Remove an unreliable scrypt test Fixes #837 --- test/default/pwhash_scrypt.c | 2 -- test/default/pwhash_scrypt.exp | 1 - 2 files changed, 3 deletions(-) diff --git a/test/default/pwhash_scrypt.c b/test/default/pwhash_scrypt.c index 334c2ed3..a0efcd7a 100644 --- a/test/default/pwhash_scrypt.c +++ b/test/default/pwhash_scrypt.c @@ -265,8 +265,6 @@ tv3(void) "$7$.6..../.....lgPchkGHqbeONR/xtuXyjCrt9kUSg6NlKFQO0OSxo/$.DbajbPYH9T7sg3fOtcgxvJzzfIgJBIxMkeQ8b24YQ." }, { "test", "$7$z6..../.....lgPchkGHqbeONR/xtuXyjCrt9kUSg6NlKFQO0OSxo/$.DbajbPYH9T7sg3fOtcgxvJzzfIgJBIxMkeQ8b24YQ." }, - { "test", - "$7$8zzzzz/.....lgPchkGHqbeONR/xtuXyjCrt9kUSg6NlKFQO0OSxo/$.DbajbPYH9T7sg3fOtcgxvJzzfIgJBIxMkeQ8b24YQ." }, { "test", "$7$8zzzzzzzzzz.lgPchkGHqbeONR/xtuXyjCrt9kUSg6NlKFQO0OSxo/$.DbajbPYH9T7sg3fOtcgxvJzzfIgJBIxMkeQ8b24YQ." }, { "test", diff --git a/test/default/pwhash_scrypt.exp b/test/default/pwhash_scrypt.exp index fa9320d6..2f98d0e8 100644 --- a/test/default/pwhash_scrypt.exp +++ b/test/default/pwhash_scrypt.exp @@ -34,5 +34,4 @@ pwhash_str failure: [29] pwhash_str failure: [30] pwhash_str failure: [31] pwhash_str failure: [32] -pwhash_str failure: [33] OK From 00c8ecd1c492cf5c6599ff5b8c28ed35d54cf2a1 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Tue, 21 May 2019 14:11:03 +0200 Subject: [PATCH 38/58] scrypt: reject r == 0 and p == 0 --- .../nosse/pwhash_scryptsalsa208sha256_nosse.c | 4 ++++ .../sse/pwhash_scryptsalsa208sha256_sse.c | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/src/libsodium/crypto_pwhash/scryptsalsa208sha256/nosse/pwhash_scryptsalsa208sha256_nosse.c b/src/libsodium/crypto_pwhash/scryptsalsa208sha256/nosse/pwhash_scryptsalsa208sha256_nosse.c index b1c1bd84..5bf0d704 100644 --- a/src/libsodium/crypto_pwhash/scryptsalsa208sha256/nosse/pwhash_scryptsalsa208sha256_nosse.c +++ b/src/libsodium/crypto_pwhash/scryptsalsa208sha256/nosse/pwhash_scryptsalsa208sha256_nosse.c @@ -305,6 +305,10 @@ escrypt_kdf_nosse(escrypt_local_t *local, const uint8_t *passwd, uint32_t i; /* Sanity-check parameters. */ + if (r == 0 || p == 0) { + errno = EINVAL; + return -1; + } #if SIZE_MAX > UINT32_MAX if (buflen > (((uint64_t)(1) << 32) - 1) * 32) { errno = EFBIG; diff --git a/src/libsodium/crypto_pwhash/scryptsalsa208sha256/sse/pwhash_scryptsalsa208sha256_sse.c b/src/libsodium/crypto_pwhash/scryptsalsa208sha256/sse/pwhash_scryptsalsa208sha256_sse.c index 754a19fd..688f2d30 100644 --- a/src/libsodium/crypto_pwhash/scryptsalsa208sha256/sse/pwhash_scryptsalsa208sha256_sse.c +++ b/src/libsodium/crypto_pwhash/scryptsalsa208sha256/sse/pwhash_scryptsalsa208sha256_sse.c @@ -317,6 +317,10 @@ escrypt_kdf_sse(escrypt_local_t *local, const uint8_t *passwd, size_t passwdlen, uint32_t i; /* Sanity-check parameters. */ + if (r == 0 || p == 0) { + errno = EINVAL; + return -1; + } # if SIZE_MAX > UINT32_MAX /* LCOV_EXCL_START */ if (buflen > (((uint64_t)(1) << 32) - 1) * 32) { From af6df5f4a591ea3216d80fb34694a3c292e9b51e Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Thu, 23 May 2019 00:38:14 +0200 Subject: [PATCH 39/58] Revert "Limit resources when running tests" This reverts commit 9567bbe65fc64c870ea5e7925c809ba70c4a896b. --- configure.ac | 3 +-- test/default/cmptest.h | 33 --------------------------------- 2 files changed, 1 insertion(+), 35 deletions(-) diff --git a/configure.ac b/configure.ac index 9a8fa74a..e1fceada 100644 --- a/configure.ac +++ b/configure.ac @@ -554,7 +554,7 @@ AC_SUBST(CFLAGS_AESNI) AC_SUBST(CFLAGS_PCLMUL) AC_SUBST(CFLAGS_RDRAND) -AC_CHECK_HEADERS([sys/mman.h sys/random.h sys/resource.h intrin.h]) +AC_CHECK_HEADERS([sys/mman.h sys/random.h intrin.h]) AC_MSG_CHECKING([if _xgetbv() is available]) AC_LINK_IFELSE( @@ -796,7 +796,6 @@ AC_FUNC_ALLOCA AS_IF([test "x$EMSCRIPTEN" = "x"],[ AC_CHECK_FUNCS([arc4random arc4random_buf]) AC_CHECK_FUNCS([mmap mlock madvise mprotect]) - AC_CHECK_FUNCS([setrlimit]) AC_MSG_CHECKING(for getrandom with a standard API) AC_LINK_IFELSE([AC_LANG_PROGRAM([[ diff --git a/test/default/cmptest.h b/test/default/cmptest.h index edffe822..1ecc5cd9 100644 --- a/test/default/cmptest.h +++ b/test/default/cmptest.h @@ -14,19 +14,9 @@ #include #include -#if defined(HAVE_SYS_RESOURCE_H) && defined(HAVE_SETRLIMIT) -# include -# include -# include -#endif - #include "sodium.h" #include "quirks.h" -#ifndef MAX_MEMORY_TESTS -# define MAX_MEMORY_TESTS 67108864 -#endif - #ifdef __EMSCRIPTEN__ # undef TEST_SRCDIR # define TEST_SRCDIR "/test-data" @@ -47,25 +37,6 @@ int xmain(void); static unsigned char *guard_page; -static int set_resource_limits(void) -{ - int res = 0; - -#if defined(RLIM_INFINITY) && defined(HAVE_SETRLIMIT) - struct rlimit limits; - - limits.rlim_cur = limits.rlim_max = MAX_MEMORY_TESTS; -# ifdef RLIMIT_AS - res |= setrlimit(RLIMIT_AS, &limits); -# endif -# ifdef RLIMIT_DATA - res |= setrlimit(RLIMIT_DATA, &limits); -# endif -#endif - - return res; -} - #ifdef BENCHMARKS # include @@ -165,8 +136,6 @@ int main(void) unsigned long long ts_end; unsigned int i; - (void) set_resource_limits(); - if (sodium_init() != 0) { return 99; } @@ -202,8 +171,6 @@ int main(void) unsigned char *_guard_page; int c; - (void) set_resource_limits(); - if ((fp_res = fopen(TEST_NAME_RES, "w+")) == NULL) { perror("fopen(" TEST_NAME_RES ")"); return 99; From c95e803cb97456853c7d6df69c04c4e35aacb07a Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Tue, 28 May 2019 20:27:36 +0200 Subject: [PATCH 40/58] Support the enterprise version of Visual Studio --- builds/msvc/build/buildbase.bat | 41 ++++++++++++++++++++++++++------- 1 file changed, 33 insertions(+), 8 deletions(-) diff --git a/builds/msvc/build/buildbase.bat b/builds/msvc/build/buildbase.bat index 35ecbc5f..b68cd2ca 100644 --- a/builds/msvc/build/buildbase.bat +++ b/builds/msvc/build/buildbase.bat @@ -1,19 +1,44 @@ @ECHO OFF REM Usage: [buildbase.bat ..\vs2019\mysolution.sln 16] +SETLOCAL enabledelayedexpansion + SET solution=%1 SET version=%2 SET log=build_%version%.log SET tools=Microsoft Visual Studio %version%.0\VC\vcvarsall.bat -IF %version% == 16 SET tools=Microsoft Visual Studio\2019\Community\VC\Auxiliary\Build\vcvarsall.bat -IF %version% == 15 SET tools=Microsoft Visual Studio\2017\Community\VC\Auxiliary\Build\vcvarsall.bat -SET environment="%programfiles(x86)%\%tools%" -IF NOT EXIST %environment% SET environment="%programfiles%\%tools%" -IF NOT EXIST %environment% GOTO no_tools + +IF %version% == 16 ( + SET tools=Microsoft Visual Studio\2019\Enterprise\VC\Auxiliary\Build\vcvarsall.bat + SET environment="%programfiles%\!tools!" + IF NOT EXIST !environment! ( + SET environment="%programfiles(x86)%\!tools!" + IF NOT EXIST !environment! ( + SET tools=Microsoft Visual Studio\2019\Community\VC\Auxiliary\Build\vcvarsall.bat + ) + ) +) + +IF %version% == 15 ( + SET tools=Microsoft Visual Studio\2017\Enterprise\VC\Auxiliary\Build\vcvarsall.bat + SET environment="%programfiles%\!tools!" + IF NOT EXIST !environment! ( + SET environment="%programfiles(x86)%\!tools!" + IF NOT EXIST !environment! ( + SET tools=Microsoft Visual Studio\2017\Community\VC\Auxiliary\Build\vcvarsall.bat + ) + ) +) +SET environment="%programfiles%\!tools!" +IF NOT EXIST !environment! SET environment="%programfiles(x86)%\!tools!" + +ECHO Environment: !environment! + +IF NOT EXIST !environment! GOTO no_tools ECHO Building: %solution% -CALL %environment% x86 > nul +CALL !environment! x86 > nul ECHO Platform=x86 ECHO Configuration=DynDebug @@ -35,7 +60,7 @@ ECHO Configuration=StaticRelease msbuild /m /v:n /p:Configuration=StaticRelease /p:Platform=Win32 %solution% >> %log% IF errorlevel 1 GOTO error -CALL %environment% x86_amd64 > nul +CALL !environment! x86_amd64 > nul ECHO Platform=x64 ECHO Configuration=DynDebug @@ -65,7 +90,7 @@ ECHO *** ERROR, build terminated early, see: %log% GOTO end :no_tools -ECHO *** ERROR, build tools not found: %tools% +ECHO *** ERROR, build tools not found: !tools! :end From 825656862c4bc51f3297b1f8cbaa60855b47fca5 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Tue, 28 May 2019 20:59:44 +0200 Subject: [PATCH 41/58] Indent Appveyor rules --- appveyor.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/appveyor.yml b/appveyor.yml index 4947c08f..5fdcdc8a 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -16,8 +16,7 @@ environment: matrix: fast_finish: false -init: - msbuild /version +init: msbuild /version build: parallel: true From 35d1e848f5e23d1c869b1d19032c51e01a2141d4 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Tue, 28 May 2019 21:01:01 +0200 Subject: [PATCH 42/58] Add Azure Pipelines rules --- azure-pipelines.yml | 75 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 75 insertions(+) create mode 100644 azure-pipelines.yml diff --git a/azure-pipelines.yml b/azure-pipelines.yml new file mode 100644 index 00000000..c69cce1c --- /dev/null +++ b/azure-pipelines.yml @@ -0,0 +1,75 @@ +trigger: + - stable +pr: + - stable + +jobs: + - job: "windows" + pool: + vmImage: "windows-2019" + steps: + - powershell: | + cd builds\msvc\build + & .\buildbase.bat ..\vs2019\libsodium.sln 16 + displayName: Compile it all + - powershell: | + mkdir bin\include\sodium + Copy-Item "src\libsodium\include\sodium\*.h" -Destination "bin\include\sodium" -Recurse + Copy-Item "src\libsodium\include\*.h" -Destination "bin\include\" + displayName: Copy header files + - task: PublishBuildArtifacts@1 + inputs: + pathToPublish: bin + artifactName: libsodium + + - job: "windows_old" + pool: + vmImage: "vs2017-win2016" + steps: + - powershell: | + cd builds\msvc\build + & .\buildbase.bat ..\vs2017\libsodium.sln 15 + displayName: Compile it all + - task: PublishBuildArtifacts@1 + inputs: + pathToPublish: bin + artifactName: libsodium + + - job: "windows_reallyold" + pool: + vmImage: "vs2015-win2012r2" + steps: + - powershell: | + cd builds\msvc\build + & .\buildbase.bat ..\vs2015\libsodium.sln 14 + & .\buildbase.bat ..\vs2013\libsodium.sln 12 + & .\buildbase.bat ..\vs2012\libsodium.sln 11 + & .\buildbase.bat ..\vs2010\libsodium.sln 10 + displayName: Compile it all + - task: PublishBuildArtifacts@1 + inputs: + pathToPublish: bin + artifactName: libsodium + + - job: "package" + dependsOn: + - windows + - windows_old + - windows_reallyold + pool: + vmImage: "windows-2019" + steps: + - powershell: | + cd $(Build.ArtifactStagingDirectory) + & ls + displayName: Checking the staged files + - powershell: | + Set-ExecutionPolicy Bypass -Scope Process -Force; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1')) + displayName: Install chocolatey + - powershell: | + $Env:Path += ";C:\ProgramData\chocolatey\bin" + choco install -y 7zip + displayName: Install 7zip + - powershell: | + "C:\Program Files\7-Zip\7za.exe" a -mx=9 libsodium-msvc.zip * + displayName: Create archive From 093bd973ede8aa72a167a60abd5cbbf342790afe Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Tue, 28 May 2019 23:16:33 +0200 Subject: [PATCH 43/58] azure-pipelines: remove the packages job --- azure-pipelines.yml | 25 +------------------------ 1 file changed, 1 insertion(+), 24 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index c69cce1c..88f43931 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -16,7 +16,7 @@ jobs: mkdir bin\include\sodium Copy-Item "src\libsodium\include\sodium\*.h" -Destination "bin\include\sodium" -Recurse Copy-Item "src\libsodium\include\*.h" -Destination "bin\include\" - displayName: Copy header files + displayName: Copy header files - task: PublishBuildArtifacts@1 inputs: pathToPublish: bin @@ -50,26 +50,3 @@ jobs: inputs: pathToPublish: bin artifactName: libsodium - - - job: "package" - dependsOn: - - windows - - windows_old - - windows_reallyold - pool: - vmImage: "windows-2019" - steps: - - powershell: | - cd $(Build.ArtifactStagingDirectory) - & ls - displayName: Checking the staged files - - powershell: | - Set-ExecutionPolicy Bypass -Scope Process -Force; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1')) - displayName: Install chocolatey - - powershell: | - $Env:Path += ";C:\ProgramData\chocolatey\bin" - choco install -y 7zip - displayName: Install 7zip - - powershell: | - "C:\Program Files\7-Zip\7za.exe" a -mx=9 libsodium-msvc.zip * - displayName: Create archive From 801229d946ec450c6d104b4c99cfdbcd0dfe308b Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Wed, 29 May 2019 14:20:56 +0200 Subject: [PATCH 44/58] Azure Pipelines: build MinGW binaries --- azure-pipelines.yml | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 88f43931..bfd77f14 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -18,6 +18,7 @@ jobs: Copy-Item "src\libsodium\include\*.h" -Destination "bin\include\" displayName: Copy header files - task: PublishBuildArtifacts@1 + condition: not(canceled()) inputs: pathToPublish: bin artifactName: libsodium @@ -31,6 +32,7 @@ jobs: & .\buildbase.bat ..\vs2017\libsodium.sln 15 displayName: Compile it all - task: PublishBuildArtifacts@1 + condition: not(canceled()) inputs: pathToPublish: bin artifactName: libsodium @@ -47,6 +49,48 @@ jobs: & .\buildbase.bat ..\vs2010\libsodium.sln 10 displayName: Compile it all - task: PublishBuildArtifacts@1 + condition: not(canceled()) inputs: pathToPublish: bin artifactName: libsodium + + - job: mingw + pool: + vmImage: "windows-2019" + steps: + - script: | + git clone https://github.com/msys2/msys2-ci-base.git %CD:~0,2%\msys64 + %CD:~0,2%\msys64\usr\bin\rm -rf %CD:~0,2%\msys64\.git + displayName: Install MSYS2 + - script: | + set PATH=%CD:~0,2%\msys64\usr\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem + %CD:~0,2%\msys64\usr\bin\pacman --noconfirm -Syyuu + %CD:~0,2%\msys64\usr\bin\pacman --noconfirm -Syuu + displayName: Update MSYS2 + - script: | + set PATH=%CD:~0,2%\msys64\usr\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem + %CD:~0,2%\msys64\usr\bin\pacman --noconfirm --needed -S base-devel mingw-w64-i686-toolchain mingw-w64-x86_64-toolchain + %CD:~0,2%\msys64\usr\bin\pacman --noconfirm -Scc + displayName: Install Toolchain + - script: | + set PATH=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;%CD:~0,2%\msys64\usr\bin;%CD:~0,2%\msys64\bin + set MSYS2_ROOT=%CD:~0,2%\msys64 + %CD:~0,2%\msys64\usr\bin\sed -i "s|#CacheDir.*|CacheDir=/c/Users/%USERNAME%/AppData/Local/Temp|g" /etc/pacman.conf + %MSYS2_ROOT%\cmd\msystem MINGW32 + %CD:~0,2%\msys64\usr\bin\bash -lc dist-build/msys2-win32.sh + %MSYS2_ROOT%\cmd\msystem MINGW64 + %CD:~0,2%\msys64\usr\bin\bash -lc dist-build/msys2-win64.sh + env: + CHERE_INVOKING: yes + MSYS2_ARCH: x86_64 + displayName: Compile libsodium + - task: PublishBuildArtifacts@1 + condition: not(canceled()) + inputs: + pathToPublish: libsodium-win32 + artifactName: libsodium-mingw32 + - task: PublishBuildArtifacts@1 + condition: not(canceled()) + inputs: + pathToPublish: libsodium-win64 + artifactName: libsodium-mingw64 From a401c9825abf990d0e89f981a88bf9cbee564aeb Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Wed, 29 May 2019 14:27:40 +0200 Subject: [PATCH 45/58] Don't trigger Azure Pipelines on PRs, keep Appveyor for this --- azure-pipelines.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index bfd77f14..0fc8abcf 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -1,7 +1,7 @@ trigger: - stable -pr: - - stable + +pr: none jobs: - job: "windows" @@ -76,8 +76,10 @@ jobs: set PATH=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;%CD:~0,2%\msys64\usr\bin;%CD:~0,2%\msys64\bin set MSYS2_ROOT=%CD:~0,2%\msys64 %CD:~0,2%\msys64\usr\bin\sed -i "s|#CacheDir.*|CacheDir=/c/Users/%USERNAME%/AppData/Local/Temp|g" /etc/pacman.conf + set MSYSTEM=MINGW32 %MSYS2_ROOT%\cmd\msystem MINGW32 %CD:~0,2%\msys64\usr\bin\bash -lc dist-build/msys2-win32.sh + set MSYSTEM=MINGW64 %MSYS2_ROOT%\cmd\msystem MINGW64 %CD:~0,2%\msys64\usr\bin\bash -lc dist-build/msys2-win64.sh env: @@ -93,4 +95,4 @@ jobs: condition: not(canceled()) inputs: pathToPublish: libsodium-win64 - artifactName: libsodium-mingw64 + artifactName: libsodium-mingw64 \ No newline at end of file From 2c8ba1354bed7dc4b34cf4d5f531882bec619cd2 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Wed, 29 May 2019 14:31:21 +0200 Subject: [PATCH 46/58] Reserve a branch for testing the next version --- azure-pipelines.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 0fc8abcf..40a0d77d 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -1,5 +1,6 @@ trigger: - stable + - next pr: none From 694420a82b957960bd9705edb467e1260ef6c416 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Wed, 29 May 2019 14:56:29 +0200 Subject: [PATCH 47/58] Parallelize MinGW builds --- azure-pipelines.yml | 61 +++++++++++++++++++++++++++++++++++++-------- 1 file changed, 51 insertions(+), 10 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 40a0d77d..d3c51d73 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -55,7 +55,7 @@ jobs: pathToPublish: bin artifactName: libsodium - - job: mingw + - job: mingw64 pool: vmImage: "windows-2019" steps: @@ -70,16 +70,20 @@ jobs: displayName: Update MSYS2 - script: | set PATH=%CD:~0,2%\msys64\usr\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem - %CD:~0,2%\msys64\usr\bin\pacman --noconfirm --needed -S base-devel mingw-w64-i686-toolchain mingw-w64-x86_64-toolchain + %CD:~0,2%\msys64\usr\bin\pacman --noconfirm --needed -S base-devel libtool mingw-w64-x86_64-toolchain %CD:~0,2%\msys64\usr\bin\pacman --noconfirm -Scc + %CD:~0,2%\msys64\usr\bin\sed -i "s|#CacheDir.*|CacheDir=/c/Users/%USERNAME%/AppData/Local/Temp|g" /etc/pacman.conf displayName: Install Toolchain + - script: | + condition: and(succeeded(), eq(variables['Build.SourceBranch'], 'refs/heads/master')) + set PATH=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;%CD:~0,2%\msys64\usr\bin;%CD:~0,2%\msys64\bin + set MSYS2_ROOT=%CD:~0,2%\msys64 + set MSYSTEM=MINGW64 + %MSYS2_ROOT%\cmd\msystem MINGW64 + %CD:~0,2%\msys64\usr\bin\bash -lc ./autogen.sh - script: | set PATH=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;%CD:~0,2%\msys64\usr\bin;%CD:~0,2%\msys64\bin set MSYS2_ROOT=%CD:~0,2%\msys64 - %CD:~0,2%\msys64\usr\bin\sed -i "s|#CacheDir.*|CacheDir=/c/Users/%USERNAME%/AppData/Local/Temp|g" /etc/pacman.conf - set MSYSTEM=MINGW32 - %MSYS2_ROOT%\cmd\msystem MINGW32 - %CD:~0,2%\msys64\usr\bin\bash -lc dist-build/msys2-win32.sh set MSYSTEM=MINGW64 %MSYS2_ROOT%\cmd\msystem MINGW64 %CD:~0,2%\msys64\usr\bin\bash -lc dist-build/msys2-win64.sh @@ -90,10 +94,47 @@ jobs: - task: PublishBuildArtifacts@1 condition: not(canceled()) inputs: - pathToPublish: libsodium-win32 - artifactName: libsodium-mingw32 + pathToPublish: libsodium-win64 + artifactName: libsodium-mingw64 + + - job: mingw32 + pool: + vmImage: "windows-2019" + steps: + - script: | + git clone https://github.com/msys2/msys2-ci-base.git %CD:~0,2%\msys64 + %CD:~0,2%\msys64\usr\bin\rm -rf %CD:~0,2%\msys64\.git + displayName: Install MSYS2 + - script: | + set PATH=%CD:~0,2%\msys64\usr\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem + %CD:~0,2%\msys64\usr\bin\pacman --noconfirm -Syyuu + %CD:~0,2%\msys64\usr\bin\pacman --noconfirm -Syuu + displayName: Update MSYS2 + - script: | + set PATH=%CD:~0,2%\msys64\usr\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem + %CD:~0,2%\msys64\usr\bin\pacman --noconfirm --needed -S base-devel libtool mingw-w64-i686-toolchain + %CD:~0,2%\msys64\usr\bin\pacman --noconfirm -Scc + %CD:~0,2%\msys64\usr\bin\sed -i "s|#CacheDir.*|CacheDir=/c/Users/%USERNAME%/AppData/Local/Temp|g" /etc/pacman.conf + displayName: Install Toolchain + - script: | + condition: and(succeeded(), eq(variables['Build.SourceBranch'], 'refs/heads/master')) + set PATH=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;%CD:~0,2%\msys64\usr\bin;%CD:~0,2%\msys64\bin + set MSYS2_ROOT=%CD:~0,2%\msys64 + set MSYSTEM=MINGW32 + %MSYS2_ROOT%\cmd\msystem MINGW32 + %CD:~0,2%\msys64\usr\bin\bash -lc ./autogen.sh + - script: | + set PATH=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;%CD:~0,2%\msys64\usr\bin;%CD:~0,2%\msys64\bin + set MSYS2_ROOT=%CD:~0,2%\msys64 + set MSYSTEM=MINGW32 + %MSYS2_ROOT%\cmd\msystem MINGW32 + %CD:~0,2%\msys64\usr\bin\bash -lc dist-build/msys2-win32.sh + env: + CHERE_INVOKING: yes + MSYS2_ARCH: x86_64 + displayName: Compile libsodium - task: PublishBuildArtifacts@1 condition: not(canceled()) inputs: - pathToPublish: libsodium-win64 - artifactName: libsodium-mingw64 \ No newline at end of file + pathToPublish: libsodium-win32 + artifactName: libsodium-mingw32 From 0a9ec5c8437d4ade5cf2f95e00dc53317712bb07 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Wed, 29 May 2019 15:08:25 +0200 Subject: [PATCH 48/58] Conditions don't apply to scripts --- azure-pipelines.yml | 18 ++---------------- 1 file changed, 2 insertions(+), 16 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index d3c51d73..d12c762e 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -70,17 +70,10 @@ jobs: displayName: Update MSYS2 - script: | set PATH=%CD:~0,2%\msys64\usr\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem - %CD:~0,2%\msys64\usr\bin\pacman --noconfirm --needed -S base-devel libtool mingw-w64-x86_64-toolchain + %CD:~0,2%\msys64\usr\bin\pacman --noconfirm --needed -S base-devel mingw-w64-x86_64-toolchain %CD:~0,2%\msys64\usr\bin\pacman --noconfirm -Scc %CD:~0,2%\msys64\usr\bin\sed -i "s|#CacheDir.*|CacheDir=/c/Users/%USERNAME%/AppData/Local/Temp|g" /etc/pacman.conf displayName: Install Toolchain - - script: | - condition: and(succeeded(), eq(variables['Build.SourceBranch'], 'refs/heads/master')) - set PATH=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;%CD:~0,2%\msys64\usr\bin;%CD:~0,2%\msys64\bin - set MSYS2_ROOT=%CD:~0,2%\msys64 - set MSYSTEM=MINGW64 - %MSYS2_ROOT%\cmd\msystem MINGW64 - %CD:~0,2%\msys64\usr\bin\bash -lc ./autogen.sh - script: | set PATH=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;%CD:~0,2%\msys64\usr\bin;%CD:~0,2%\msys64\bin set MSYS2_ROOT=%CD:~0,2%\msys64 @@ -112,17 +105,10 @@ jobs: displayName: Update MSYS2 - script: | set PATH=%CD:~0,2%\msys64\usr\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem - %CD:~0,2%\msys64\usr\bin\pacman --noconfirm --needed -S base-devel libtool mingw-w64-i686-toolchain + %CD:~0,2%\msys64\usr\bin\pacman --noconfirm --needed -S base-devel mingw-w64-i686-toolchain %CD:~0,2%\msys64\usr\bin\pacman --noconfirm -Scc %CD:~0,2%\msys64\usr\bin\sed -i "s|#CacheDir.*|CacheDir=/c/Users/%USERNAME%/AppData/Local/Temp|g" /etc/pacman.conf displayName: Install Toolchain - - script: | - condition: and(succeeded(), eq(variables['Build.SourceBranch'], 'refs/heads/master')) - set PATH=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;%CD:~0,2%\msys64\usr\bin;%CD:~0,2%\msys64\bin - set MSYS2_ROOT=%CD:~0,2%\msys64 - set MSYSTEM=MINGW32 - %MSYS2_ROOT%\cmd\msystem MINGW32 - %CD:~0,2%\msys64\usr\bin\bash -lc ./autogen.sh - script: | set PATH=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;%CD:~0,2%\msys64\usr\bin;%CD:~0,2%\msys64\bin set MSYS2_ROOT=%CD:~0,2%\msys64 From 53346c95532cb1d345dcf9d36eee3e821db01b2a Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Wed, 29 May 2019 15:34:08 +0200 Subject: [PATCH 49/58] Name things consistently --- azure-pipelines.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index d12c762e..754f1140 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -88,7 +88,7 @@ jobs: condition: not(canceled()) inputs: pathToPublish: libsodium-win64 - artifactName: libsodium-mingw64 + artifactName: libsodium-win64 - job: mingw32 pool: @@ -123,4 +123,4 @@ jobs: condition: not(canceled()) inputs: pathToPublish: libsodium-win32 - artifactName: libsodium-mingw32 + artifactName: libsodium-win32 From 49e6e4b84134646954a2cda810880868040ab076 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Wed, 29 May 2019 15:42:06 +0200 Subject: [PATCH 50/58] Add Azure Pipelines build status --- README.markdown | 1 + 1 file changed, 1 insertion(+) diff --git a/README.markdown b/README.markdown index 61a0ec5d..3aa45b3c 100644 --- a/README.markdown +++ b/README.markdown @@ -1,6 +1,7 @@ [![Build Status](https://travis-ci.org/jedisct1/libsodium.svg?branch=master)](https://travis-ci.org/jedisct1/libsodium?branch=master) [![Windows build status](https://ci.appveyor.com/api/projects/status/fu8s2elx25il98hj?svg=true)](https://ci.appveyor.com/project/jedisct1/libsodium) [![Coverity Scan Build Status](https://scan.coverity.com/projects/2397/badge.svg)](https://scan.coverity.com/projects/2397) +[![Azure build status](https://dev.azure.com/jedisct1/testing-azure-pipelines/_apis/build/status/jedisct1.libsodium?branchName=stable)](https://dev.azure.com/jedisct1/testing-azure-pipelines/_build/latest?definitionId=2&branchName=stable) ![libsodium](https://raw.github.com/jedisct1/libsodium/master/logo.png) ============ From 7421ad133ce537a5177c8d3fb427bea4ccd6ccfd Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Wed, 29 May 2019 20:54:51 +0200 Subject: [PATCH 51/58] Update status badge --- README.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.markdown b/README.markdown index 3aa45b3c..412693d3 100644 --- a/README.markdown +++ b/README.markdown @@ -1,7 +1,7 @@ [![Build Status](https://travis-ci.org/jedisct1/libsodium.svg?branch=master)](https://travis-ci.org/jedisct1/libsodium?branch=master) [![Windows build status](https://ci.appveyor.com/api/projects/status/fu8s2elx25il98hj?svg=true)](https://ci.appveyor.com/project/jedisct1/libsodium) [![Coverity Scan Build Status](https://scan.coverity.com/projects/2397/badge.svg)](https://scan.coverity.com/projects/2397) -[![Azure build status](https://dev.azure.com/jedisct1/testing-azure-pipelines/_apis/build/status/jedisct1.libsodium?branchName=stable)](https://dev.azure.com/jedisct1/testing-azure-pipelines/_build/latest?definitionId=2&branchName=stable) +[![Azure build status](https://jedisct1.visualstudio.com/Libsodium/_apis/build/status/jedisct1.libsodium?branchName=stable)](https://jedisct1.visualstudio.com/Libsodium/_build/latest?definitionId=3&branchName=stable) ![libsodium](https://raw.github.com/jedisct1/libsodium/master/logo.png) ============ From db30653ca59601dd31c71d910c0651215a801bce Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Thu, 30 May 2019 13:23:53 +0200 Subject: [PATCH 52/58] Use Azure Pipelines to produce WASI binaries --- azure-pipelines.yml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 754f1140..b688459b 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -5,6 +5,33 @@ trigger: pr: none jobs: + - job: "wasi" + pool: + vmImage: "ubuntu-16.04" + steps: + - script: | + sudo apt-get install build-essential curl cmake + displayName: Install system packages + - script: | + curl https://sh.rustup.rs -sSf | sh -s -- -y + source ${HOME}/.cargo/env + git clone --recursive https://github.com/wasmerio/wasmer.git + (cd wasmer && cargo install --path .) + displayName: Install wasmer + - script: | + curl -sL -o wasi-sdk.deb https://github.com/CraneStation/wasi-sdk/releases/download/wasi-sdk-5/wasi-sdk_5.0_amd64.deb + sudo dpkg -i wasi-sdk.deb && rm -f wasi-sdk.deb + sudo ln -s /opt/wasi-sdk/share/*sysroot* /opt/wasi-sysroot + displayName: Install the WASI SDK + - script: | + env PATH=/opt/wasi-sdk/bin:${HOME}/.cargo/bin:$PATH dist-build/wasm32-wasi.sh + displayName: Compile libsodium + - task: PublishBuildArtifacts@1 + condition: not(canceled()) + inputs: + pathToPublish: libsodium-wasm32-wasi + artifactName: libsodium-wasm32-wasi + - job: "windows" pool: vmImage: "windows-2019" From 2e6c26ebd885336f56652dad54469fb59827bba4 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Thu, 30 May 2019 13:38:40 +0200 Subject: [PATCH 53/58] Update ChangeLog --- ChangeLog | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/ChangeLog b/ChangeLog index 22702276..e6969338 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,33 @@ +* Version 1.0.18 + - The Enterprise versions of Visual Studio are now supported. + - Visual Studio 2019 is now supported. + - 32-bit binaries for Visual Studio 2010 are now provided. + - A test that didn't work properly on Linux systems with overcommit +memory turned on has been removed. This fixes Ansible builds. + - Emscripten: `print` and `printErr` functions are overridden to send +errors to the console, if there is one. + - Emscripten: `UTF8ToString()` is now exported since `Pointer_stringify()` +has been deprecated. + - Libsodium version detection has been fixed in the CMake recipe. + - Generic hashing got a 10% speedup on AVX2. + - New target: WebAssembly/WASI (compile with `dist-builds/wasm32-wasi.sh`). + - New functions to map a hash to an edwards25519 point or get a random point: +`core_ed25519_from_hash()` and `core_ed25519_random()`. + - `crypto_core_ed25519_scalar_mul()` has been implemented for `scalar*scalar` +`(mod L)` multiplication. + - Support for the Ristretto group has been implemented, for compatibility +with wasm-crypto. + - Improvements have been made to the test suite. + - Portability improvements has been made. + - `getentropy()` is now used on systems providing this system call. + - `randombytes_salsa20 has been renamed to `randombytes_internal`. + - Support for (p)nacl has been removed. + - Most `((nonnull))` attributes have been relaxed to allow 0-length inputs +to be `NULL`. + - The `-ftree-vectorize` and `-ftree-slp-vectorize` compiler switches are +now used, if available, for optimized builds. + * Version 1.0.17 - Bug fix: `sodium_pad()` didn't properly support block sizes >= 256 bytes. - JS/WebAssembly: some old iOS versions can't instantiate the WebAssembly From 252fda724c1d89e9f7ce17c47e9b134938899a9f Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Thu, 30 May 2019 15:52:09 +0200 Subject: [PATCH 54/58] Bump --- builds/msvc/resource.rc | 4 ++-- builds/msvc/version.h | 4 ++-- configure.ac | 8 ++++---- msvc-scripts/process.bat | 4 ++-- packaging/dotnet-core/README.md | 10 +++++----- packaging/dotnet-core/prepare.py | 14 +++++++------- packaging/nuget/package.config | 2 +- src/libsodium/include/sodium/private/common.h | 2 +- 8 files changed, 24 insertions(+), 24 deletions(-) diff --git a/builds/msvc/resource.rc b/builds/msvc/resource.rc index db9c5226..feb27d5a 100644 --- a/builds/msvc/resource.rc +++ b/builds/msvc/resource.rc @@ -4,8 +4,8 @@ #include "windows.h" //specify the version numbers for the dll's -#define LIBSODIUM_VERSION_STRING "1.0.17.0" -#define LIBSODIUM_VERSION_BIN 1,0,17,0 +#define LIBSODIUM_VERSION_STRING "1.0.18.0" +#define LIBSODIUM_VERSION_BIN 1,0,18,0 //specify the product name for the dlls based on the platform we are compiling for #if defined(x64) diff --git a/builds/msvc/version.h b/builds/msvc/version.h index 031d298f..174d9921 100644 --- a/builds/msvc/version.h +++ b/builds/msvc/version.h @@ -4,10 +4,10 @@ #include "export.h" -#define SODIUM_VERSION_STRING "1.0.17" +#define SODIUM_VERSION_STRING "1.0.18" #define SODIUM_LIBRARY_VERSION_MAJOR 10 -#define SODIUM_LIBRARY_VERSION_MINOR 2 +#define SODIUM_LIBRARY_VERSION_MINOR 3 #ifdef __cplusplus extern "C" { diff --git a/configure.ac b/configure.ac index e1fceada..88259b75 100644 --- a/configure.ac +++ b/configure.ac @@ -1,5 +1,5 @@ AC_PREREQ([2.65]) -AC_INIT([libsodium],[1.0.17], +AC_INIT([libsodium],[1.0.18], [https://github.com/jedisct1/libsodium/issues], [libsodium], [https://github.com/jedisct1/libsodium]) @@ -15,9 +15,9 @@ AM_DEP_TRACK AC_SUBST(VERSION) SODIUM_LIBRARY_VERSION_MAJOR=10 -SODIUM_LIBRARY_VERSION_MINOR=2 -DLL_VERSION=23 -SODIUM_LIBRARY_VERSION=25:0:2 +SODIUM_LIBRARY_VERSION_MINOR=3 +DLL_VERSION=24 +SODIUM_LIBRARY_VERSION=26:0:3 # | | | # +------+ | +---+ # | | | diff --git a/msvc-scripts/process.bat b/msvc-scripts/process.bat index fdaeaecf..291679e4 100755 --- a/msvc-scripts/process.bat +++ b/msvc-scripts/process.bat @@ -1,5 +1,5 @@ -cscript msvc-scripts/rep.vbs //Nologo s/@VERSION@/1.0.17/ < src\libsodium\include\sodium\version.h.in > tmp +cscript msvc-scripts/rep.vbs //Nologo s/@VERSION@/1.0.18/ < src\libsodium\include\sodium\version.h.in > tmp cscript msvc-scripts/rep.vbs //Nologo s/@SODIUM_LIBRARY_VERSION_MAJOR@/10/ < tmp > tmp2 -cscript msvc-scripts/rep.vbs //Nologo s/@SODIUM_LIBRARY_VERSION_MINOR@/2/ < tmp2 > tmp3 +cscript msvc-scripts/rep.vbs //Nologo s/@SODIUM_LIBRARY_VERSION_MINOR@/3/ < tmp2 > tmp3 cscript msvc-scripts/rep.vbs //Nologo s/@SODIUM_LIBRARY_MINIMAL_DEF@// < tmp3 > src\libsodium\include\sodium\version.h del tmp tmp2 tmp3 diff --git a/packaging/dotnet-core/README.md b/packaging/dotnet-core/README.md index 462ec29f..a9016b6b 100644 --- a/packaging/dotnet-core/README.md +++ b/packaging/dotnet-core/README.md @@ -31,15 +31,15 @@ Version numbers for the packages for .NET Core consist of three components: It may be necessary to release more than one package for a libsodium version, e.g., when adding support for a new platform or if a release contains a broken binary. In this case, a package revision number is added as a fourth part to - the libsodium version, starting at `1`. For example, `1.0.17` is the initial - release of the package for libsodium 1.0.17 and `1.0.17.5` is the fifth + the libsodium version, starting at `1`. For example, `1.0.18` is the initial + release of the package for libsodium 1.0.18 and `1.0.18.5` is the fifth revision (sixth release) of that package. * *pre-release label* If a package is a pre-release, a label is appended to the version number in `-preview-##` format where `##` is the number of the pre-release, starting at - `01`. For example, `1.0.17-preview-01` is the first pre-release of the package - for libsodium 1.0.17 and `1.0.17.5-preview-02` the second pre-release of the - fifth revision of the package for libsodium 1.0.17. + `01`. For example, `1.0.18-preview-01` is the first pre-release of the package + for libsodium 1.0.18 and `1.0.18.5-preview-02` the second pre-release of the + fifth revision of the package for libsodium 1.0.18. **Making a release** diff --git a/packaging/dotnet-core/prepare.py b/packaging/dotnet-core/prepare.py index b1abde14..7a4883f5 100755 --- a/packaging/dotnet-core/prepare.py +++ b/packaging/dotnet-core/prepare.py @@ -203,13 +203,13 @@ def main(args): print(" python3 prepare.py ") print() print("Examples:") - print(" python3 prepare.py 1.0.17-preview-01") - print(" python3 prepare.py 1.0.17-preview-02") - print(" python3 prepare.py 1.0.17-preview-03") - print(" python3 prepare.py 1.0.17") - print(" python3 prepare.py 1.0.17.1-preview-01") - print(" python3 prepare.py 1.0.17.1") - print(" python3 prepare.py 1.0.17.2") + print(" python3 prepare.py 1.0.18-preview-01") + print(" python3 prepare.py 1.0.18-preview-02") + print(" python3 prepare.py 1.0.18-preview-03") + print(" python3 prepare.py 1.0.18") + print(" python3 prepare.py 1.0.18.1-preview-01") + print(" python3 prepare.py 1.0.18.1") + print(" python3 prepare.py 1.0.18.2") return 1 version = Version(m.group(2), m.group(0)) diff --git a/packaging/nuget/package.config b/packaging/nuget/package.config index 3e678873..33eda2dd 100644 --- a/packaging/nuget/package.config +++ b/packaging/nuget/package.config @@ -1,4 +1,4 @@ - + diff --git a/src/libsodium/include/sodium/private/common.h b/src/libsodium/include/sodium/private/common.h index dd95f0fa..339e725b 100644 --- a/src/libsodium/include/sodium/private/common.h +++ b/src/libsodium/include/sodium/private/common.h @@ -1,7 +1,7 @@ #ifndef common_H #define common_H 1 -#if !defined(_MSC_VER) && !defined(DEV_MODE) && 1 +#if !defined(_MSC_VER) && !defined(DEV_MODE) && 0 # warning *** This is unstable, untested, development code. # warning It might not compile. It might not work as expected. # warning It might be totally insecure. From 1854820cc3449a0ee147458eca3569c88a2a68f5 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Thu, 30 May 2019 16:01:00 +0200 Subject: [PATCH 55/58] Ignore azure-pipelines.yml --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index c842285d..f8d2f671 100644 --- a/.gitignore +++ b/.gitignore @@ -35,6 +35,7 @@ aclocal.m4 android-toolchain android-toolchain-* autom4te.cache +azure-pipelines.yml build compile confdefs.h From 922e91a7bff6c28136b16a23b3a1a334fbb4a55e Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Thu, 30 May 2019 20:30:45 +0200 Subject: [PATCH 56/58] lucetc will eventually use --opt-level fast instead of --opt-level best --- test/default/wasi-test-wrapper.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/default/wasi-test-wrapper.sh b/test/default/wasi-test-wrapper.sh index d5f0dd41..af64884c 100755 --- a/test/default/wasi-test-wrapper.sh +++ b/test/default/wasi-test-wrapper.sh @@ -12,7 +12,7 @@ if [ -z "$WASI_RUNTIME" ] || [ "$WASI_RUNTIME" = "lucet" ]; then if command -v lucetc-wasi >/dev/null && command -v lucet-wasi >/dev/null; then lucetc-wasi \ --reserved-size "${MAX_MEMORY_TESTS}" \ - -o "${1}.so" --opt-level best "$1" && + -o "${1}.so" --opt-level fast "$1" && lucet-wasi --dir=.:. --max-heap-size "${MAX_MEMORY_TESTS}" "${1}.so" && rm -f "${1}.so" && exit 0 fi From 9710a33ba1ee40e043dee50b6f483d7727cf1512 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Thu, 30 May 2019 21:56:22 +0200 Subject: [PATCH 57/58] Disable getentropy() on Apple devices --- configure.ac | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/configure.ac b/configure.ac index 88259b75..9e2de27c 100644 --- a/configure.ac +++ b/configure.ac @@ -825,6 +825,10 @@ unsigned char buf; # include #endif ]], [[ +#ifdef __APPLE__ +# error getentropy() is currently disabled on Apple operating systems +#endif + unsigned char buf; (void) getentropy((void *) &buf, 1U); ]])], From 4f5e89fa84ce1d178a6765b8b46f2b6f91216677 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Thu, 30 May 2019 22:13:18 +0200 Subject: [PATCH 58/58] Don't ignore azure-pipelines.yml --- .gitignore | 1 - 1 file changed, 1 deletion(-) diff --git a/.gitignore b/.gitignore index f8d2f671..c842285d 100644 --- a/.gitignore +++ b/.gitignore @@ -35,7 +35,6 @@ aclocal.m4 android-toolchain android-toolchain-* autom4te.cache -azure-pipelines.yml build compile confdefs.h