65621a1059
Add support for node via wasmer-js
V8 doesn't seem to be currently willing to load the metamorphic test.
5 years ago
c8b6906c60
has_armcrypto_aes -> has_armcrypto
5 years ago
acaed459ce
Add ARM NEON and AES runtime checks
5 years ago
c9e95c59bd
Run wasm-opt -O4
5 years ago
b40674e29a
Add support for WAVM as a WebAssembly runtime
5 years ago
c638d25583
Try Lucet as a last option, after wasmer, due to its unstable interface
5 years ago
da75f6824b
Lucet removed the "fast" optimization level
We may drop Lucet support entirely until the interface gets more stable
5 years ago
019db2bc84
Make room for several secretstream
Signed-off-by: Adrien Gallouët <adrien@gallouet.fr>
5 years ago
eb96e7ecda
WASI can't read its own writes without an explicit fflush()
5 years ago
0a31dd5a31
aegis256: Support mac verification when m is NULL
Signed-off-by: Adrien Gallouët <adrien@gallouet.fr>
5 years ago
a59e1f8b54
aegis256: update MSVC solutions, .gitignore, exported emscripten symbols
and the global list of symbols
5 years ago
88717d995b
Indent
5 years ago
3c14a1581c
Add tests for AEGIS-256
Signed-off-by: Adrien Gallouët <adrien@gallouet.fr>
5 years ago
aaaaf7b8b8
Units are not required any more for Lucet
5 years ago
55a81d9460
lucetc-wasi requires units with --max-heap-size
5 years ago
e97760ad68
shielding requires memory protection
5 years ago
61992a838d
Register new symbols
5 years ago
bfeca0eb73
Implement key shielding to protect against side channels
We may want to fold this into `sodium_mprotect_*()` instead of
exposing these functions.
The drawback is that a transition from PROT_NONE to PROT_READ
(or the other way round) would need an intermediary state in PROT_WRITE
for shielding/unshielding.
Shielding is also not thread-safe, while the `mprotect_*()` functions
are, and adding locks would make things more complicated than they
probably should.
5 years ago
60f4bc8212
getconf(1) may not be available
5 years ago
2dd3b91628
Try to rename internal symbols that were visible in static libraries
Fixes #839
5 years ago
922e91a7bf
lucetc will eventually use --opt-level fast instead of --opt-level best
5 years ago
af6df5f4a5
Revert "Limit resources when running tests"
This reverts commit 9567bbe65f
5 years ago
76ac6ef605
Remove an unreliable scrypt test
Fixes #837
5 years ago
91c98bad15
lucet seems to accept sizes without a suffix
5 years ago
06f331d153
Use the same memory limit everywhere
5 years ago
9567bbe65f
Limit resources when running tests
The default memory limit matches the limit already used when running
the javascript and webassembly tests.
Original diff by @pilou-
Fixes #837
5 years ago
6d9e2f0c84
More tests
5 years ago
011343e88c
More tests
5 years ago
12277ee6b5
More tests
5 years ago
06e4a485c4
More tests
5 years ago
ffdaf6d16b
aead_xchacha20poly1305_ietf_decrypt(): add a test with a NULL message
5 years ago
4b7e497a92
Revert "Postpone from_hash()"
Use proper reduction, and don't mask the high bit, so that
H2C-Curve25519-SHA512-Elligator-Clear can be implemented if required
5 years ago
56d93ffe62
Lucet now has a --reserved-size knob
5 years ago
ab1e720a30
Postpone from_hash()
5 years ago
24c54073a8
Add core_ed25519_from_hash() and core_{ed25519, ristretto255}_random()
5 years ago
689407c36d
Rename ristretto_from_uniform() to ristretto_from_hash()
5 years ago
cec56d867f
Lucet: set min-reserved-size to the same value as max-heap-size
If <min-reserved-size> is less than <max-heap-size>, the code will
still assume that only <min-reserved-size> bytes are accessible and
will trap even if the runtime could allocate more..
So, `max` should always be <= `min`. Naming options is hard.
5 years ago
e7942ad150
Make the stream and stream2 test object code 1000x smaller
5 years ago
3fde7349e1
Clarify that --min-reserved-size surprisingly sets the max memory
5 years ago
05c86927f4
Remove temporary files
5 years ago
fbe5d52a81
Spaces
5 years ago
ff88392d8c
Make the WASI backend configurable
5 years ago
2277e7f4f0
Lucet requires --min-reserved-size or tests with large allocations will fail
5 years ago
e38128998b
lucet --dir=.:. works
Current WebAssembly runtimes status:
- wasmtime: no tests are failing.
- wasmer: 3 tests are failing:
sodium_core, sodium_utils2, sodium_utils3
- lucet: 8 tests are failing:
core3, pwhash_argon2i, pwhash_argon2id, secretstream, stream, stream2,
pwhash_scrypt, pwhash_scrypt_ll
5 years ago
7993e35227
Try wasmer and lucet as alternatives to wasmtime
However:
- wasmer seems to have issues with signals, causing some tests to fail
- lucet's --dir option doesn't seem to work with relative paths
These are temporary limitations, that are likely to be fixed soon.
5 years ago
3d6151ae62
constcheck: ignore deprecated declarations
5 years ago
22c289d195
Ensure that we use non-zero random scalars for inversion
5 years ago
db6f43d25e
Add crypto_core_{ed25519,ristretto255}_scalar_mul
5 years ago
2d87abe21a
Use the correct constant for the buffer lengths in scalar tests
5 years ago
a7ebe2856f
Turn on wasmtime optimizations
5 years ago
Frank Denis