Branch: master

coverity_scan

master

next

stable

0.1

0.2

0.3

0.4

0.4.1

0.4.2

0.4.3

0.4.4

0.4.5

0.5.0

0.6.0

0.6.1

0.7.0

0.7.1

1.0.0

1.0.1

1.0.10

1.0.11

1.0.12

1.0.13

1.0.14

1.0.15

1.0.16

1.0.17

1.0.18

1.0.18-RELEASE

1.0.2

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

1.0.8

1.0.9

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from 'master'

${ noResults }

Commit Graph

1811 Commits (master)

Author	SHA1	Message	Date
Frank Denis	a72abb0ae1	Add missing randombytes.h inclusion in aead_aegis256.c	5 years ago
Frank Denis	066150a94d	Swapped aegis256_is_available implementations	5 years ago
Frank Denis	0f8e034f97	Reorganize aead_aegis256 a bit	5 years ago
Frank Denis	728b7ef237	Add libarmcrypto.la	5 years ago
Frank Denis	c8b6906c60	has_armcrypto_aes -> has_armcrypto	5 years ago
Frank Denis	c9d80901bf	__ARM_NEON is enough	5 years ago
Frank Denis	a8dc93192d	On Apple devices, the ARM64_V8 subtype always has the crypto extensions	5 years ago
Frank Denis	dd5fbb632b	Check for AT_HWCAP2 instead of AT_HWCAP where it's used	5 years ago
Frank Denis	1910ca83d8	Detect NEON and ARMCRYPTO on ARM32 Which doesn't mean that the compiler will support these opcodes, so we need to autoconf magic as well.	5 years ago
Frank Denis	456a57f235	__arm__ => __ARM_ARCH	5 years ago
Frank Denis	acaed459ce	Add ARM NEON and AES runtime checks	5 years ago
Frank Denis	9e22cb4ad2	Nits	5 years ago
Frank Denis	111f99a2d4	Nits. No binary code change.	5 years ago
Frank Denis	8a76789de3	Add required headers for aegis256_armcrypto	5 years ago
Adrien Gallouët	fd5bc21b60	Rework NEON version of AEGIS256 Signed-off-by: Adrien Gallouët <adrien@gallouet.fr>	5 years ago
Adrien Gallouët	4542a04e1d	Indent Signed-off-by: Adrien Gallouët <adrien@gallouet.fr>	5 years ago
Frank Denis	6abc6c292a	Compile only the NEON version of AEGIS256 on relevant platforms	5 years ago
Isis Lovecruft	6136871607	Optimisation to succeed fast when checking signature scalar is reduced. This provides a minor optimisation for ed25519 signature verification, when used without the -DED25519_COMPAT feature, to strictly check for a fully reduced scalar, `s`, component in variable time by first checking that the most significant *four* bits are unset, and only if any of them are set proceed to the `sc25519_is_canonical` check which performs the full reduction. This should result in succeeding fast for the check on roughly half of all well-formed, canonicalised signatures. This is safely backwards compatible with the previous implementation of strict checking for signature scalars.	5 years ago
Frank Denis	2f915846ff	randombytes: make the emscripten version consistent with others	5 years ago
Frank Denis	44b4526309	Add ARM implementation of aegis256 - Not connected to builds yet	5 years ago
Frank Denis	5990dc00d0	Fix crypto_aead_aegis256_MESSAGEBYTES_MAX	5 years ago
Frank Denis	1d536ffab7	Indent	5 years ago
Adrien Gallouët	0a31dd5a31	aegis256: Support mac verification when m is NULL Signed-off-by: Adrien Gallouët <adrien@gallouet.fr>	5 years ago
Frank Denis	f537541a0a	For clarity, don't use different terms for the same thing	5 years ago
Frank Denis	4de2620fb1	Indent	5 years ago
Adrien Gallouët	4520c080cc	Define ENOSYS where it is useful Signed-off-by: Adrien Gallouët <adrien@gallouet.fr>	5 years ago
Adrien Gallouët	0eecb81466	aegis256: Remove restrict Signed-off-by: Adrien Gallouët <adrien@gallouet.fr>	5 years ago
Adrien Gallouët	452ac1f3ee	Add AEGIS-256 (aesni only) Signed-off-by: Adrien Gallouët <adrien@gallouet.fr>	5 years ago
mpex	fb8e4d00df	Update utils.c I noticed that the shielding_key is not used in sodium_mshield() (only filled in crypto_generichash()) Is the wrong key used in crypto_stream_xor?	5 years ago
Frank Denis	495fdb3693	mshield requires memory protection	5 years ago
Frank Denis	bfeca0eb73	Implement key shielding to protect against side channels We may want to fold this into `sodium_mprotect_*()` instead of exposing these functions. The drawback is that a transition from PROT_NONE to PROT_READ (or the other way round) would need an intermediary state in PROT_WRITE for shielding/unshielding. Shielding is also not thread-safe, while the `mprotect_*()` functions are, and adding locks would make things more complicated than they probably should.	5 years ago
Frank Denis	2dd3b91628	Try to rename internal symbols that were visible in static libraries Fixes #839	5 years ago
Frank Denis	a97ab7085f	argon2_pick_best_implementation() can be static	5 years ago
Frank Denis	47153bb56e	Style: remove unneeded extern	5 years ago
Frank Denis	42a06fdecc	common.h -> private/common.h	5 years ago
Frank Denis	7214dff083	Rename the remaining unprefixed functions argon2_fill_first_blocks() can be static	5 years ago
Frank Denis	550622b04b	Rename fill_segment_* to argon2_fill_segment_*	5 years ago
Frank Denis	9f14962388	Rename a few common internal symbols	5 years ago
Frank Denis	6723e22907	Rename PBKDF2_SHA256 to escrypt_PBKDF2_SHA256	5 years ago
Frank Denis	bdc4db7c9c	Remove useless macros hiding the actual symbol names	5 years ago
Frank Denis	d855d30826	Use MAP_CONCEAL on OpenBSD	5 years ago
Frank Denis	d54f0721cd	getentropy() may be defined but NULL on older iOS versions	5 years ago
Frank Denis	1707281a3a	Revert "scrypt: reject r == 0 and p == 0" This reverts commit 00c8ecd1c4.	5 years ago
Frank Denis	3e5c2531eb	Back to dev mode	5 years ago
Frank Denis	252fda724c	Bump	5 years ago
Frank Denis	00c8ecd1c4	scrypt: reject r == 0 and p == 0	5 years ago
Frank Denis	e24847c364	Comment	5 years ago
Frank Denis	12277ee6b5	More tests	5 years ago
Frank Denis	141de9be13	Indent	5 years ago
Frank Denis	06e4a485c4	More tests	5 years ago