dualcone 0.0.1 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b2cefd1451fcbb7e091ab48f74b5cbca1eb8a585e3cc28edb34ff5a6f04beaac
-  data.tar.gz: 5ba6021faa19db6e737f669459f86c464fc6878bfad7250bead60004f0f60c60
+  metadata.gz: 1564ad34458b134926891c68315f545012a27caa1b32ede501914e8bbbc3399f
+  data.tar.gz: c6ec5c47094d1aad2b4e1c6395fa98032e190bcda498dc1c8018065ce65a3d59
 SHA512:
-  metadata.gz: 5b1a2bc0687e734ec4b7a103825a2b698f15ae01a3d8efca9a0fd27b6b8d41e42b66b103c93770b7fc2df46ce5deccdce81723eb0cb406578ae8a52b6ebf5c3e
-  data.tar.gz: 98f13c8cc8c35459f34698d84f119fb7e5550128c76af207151ba3438b6ac056f5c199b17a54c8f95848e427ec3dcd71e05c5c58ba84e5f1ef4b486e95f8ad68
+  metadata.gz: c8c3774ca0f84a1d9863b907d361b7b1c5c13f6e60c31b42748af0096141d72a66256ddfeb77924ba01bad6e3fa76402d4083fc72492ee86d618f8de90c24158
+  data.tar.gz: a9d39de78eba10857b0a457f5dec3a61dfc73d3c07051bafc27ffd0c6e4c9402d35cb475e1ed5486da619af347717ca1b6aa283399db363466bc12860d6964e1

data/LICENSE.txt

@@ -1,21 +1,15 @@
-The MIT License (MIT)
+ISC License
 
 Copyright (c) 2020 Tom Richards
 
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-THE SOFTWARE.
+Permission to use, copy, modify, and/or distribute this software for any
+purpose with or without fee is hereby granted, provided that the above
+copyright notice and this permission notice appear in all copies.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

data/README.md

@@ -1,6 +1,6 @@
 # Dualcone
 
-[![CircleCI](https://circleci.com/gh/t-richards/dualcone.svg?style=svg)](https://circleci.com/gh/t-richards/dualcone)
+![Test](https://github.com/t-richards/dualcone/actions/workflows/test.yml/badge.svg)
 
 Dualcone is a Ruby source code protection system. Dualcone uses symmetric encryption to protect your source code.
 
@@ -8,20 +8,6 @@ Dualcone is a self-contained gem. It brings along its own copy of the lightweigh
 
 Dualcone supports GNU + Linux and other Unix-like operating systems. Windows is not supported.
 
-## Roadmap
-
-### Part 1
- - [x] Key generation: `Dualcone.generate_key`
- - [x] Encrypted code running: `Dualcone.run(code)`
- - [x] Encrypted code generation: `Dualcone.encrypt(path)`
- - [x] Specs passing
-
-### Part 2
- - [x] Runnable trivial ruby script
- - [ ] Runnable non-trivial ruby script
- - [ ] Runnable sinatra app
- - [ ] Runnable rails app
-
 ## Installation
 
 Add this gem to your application's Gemfile:
@@ -103,14 +89,21 @@ You can also run `bin/console` for an interactive prompt that will allow you to
 
 To install this gem onto your local machine, run `bin/rake install`. To release a new version, update the version number in `version.rb`, and then run `bin/rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org][rubygems].
 
+## Roadmap
+
+ - [x] Runnable trivial ruby script
+ - [ ] Runnable non-trivial ruby script
+ - [ ] Runnable sinatra app
+ - [ ] Runnable rails app
+
 ## Contributing
 
 Bug reports and pull requests are welcome on GitHub at https://github.com/t-richards/dualcone.
 
 ## License
 
-The gem is available as open source under the terms of the [MIT License][mit-license].
+The gem is available as open source under the terms of the [ISC License][isc-license].
 
 [libhydrogen]: https://github.com/jedisct1/libhydrogen
-[mit-license]: https://opensource.org/licenses/MIT
+[isc-license]: LICENSE.txt
 [rubygems]: https://rubygems.org

data/ext/dualcone/dualcone.c

@@ -2,7 +2,8 @@
 
 VALUE rb_mDualcone;
 
-void rb_dualcone_cleanup(DualconeContext *ctx) {
+static void
+rb_dualcone_cleanup(DualconeContext *ctx) {
   if (ctx->input_path != NULL) {
     free(ctx->input_path);
   }
@@ -31,7 +32,8 @@ void rb_dualcone_cleanup(DualconeContext *ctx) {
   hydro_memzero(ctx, sizeof(DualconeContext));
 }
 
-void rb_dualcone_get_key(DualconeContext *ctx) {
+static void
+rb_dualcone_get_key(DualconeContext *ctx) {
   int result = 0;
   int errno_sv = 0;
 
@@ -51,7 +53,22 @@ void rb_dualcone_get_key(DualconeContext *ctx) {
   }
 }
 
-VALUE rb_dualcone_run(VALUE _self, VALUE code) {
+/*
+ * call-seq:
+ *   Dualcone.run(code) -> nil
+ *
+ * Executes the encrypted +code+.
+ *
+ * If successful, this method returns nil.
+ * Otherwise, it raises a fatal error.
+ *
+ *   ENV['DUALCONE_HEX_KEY'] = '7240adfda679de86902864bc4e05864fda6e06cd24256885e0cda1ac02d03dd8'
+ *   Dualcone.run('d4d745de7437d7d66fb78b5d16b41de0eb716d26b282226e3e3d5b826f4704cc0e19d1fee990d059c198')
+ *   "a"
+ *   => nil
+ */
+static VALUE
+rb_dualcone_run(VALUE _self, VALUE code) {
   int result = 0;
   int errno_sv = 0;
 
@@ -117,7 +134,17 @@ VALUE rb_dualcone_run(VALUE _self, VALUE code) {
   return Qnil;
 }
 
-VALUE rb_dualcone_generate_key(VALUE _self) {
+/*
+ * call-seq:
+ *   Dualcone.generate_key -> string
+ *
+ * Returns a new secret encryption key in hex-encoded format.
+ *
+ *   Dualcone.generate_key
+ *   => "7240adfda679de86902864bc4e05864fda6e06cd24256885e0cda1ac02d03dd8"
+ */
+static VALUE
+rb_dualcone_generate_key(VALUE _self) {
   uint8_t key[hydro_secretbox_KEYBYTES];
   char hex[hydro_secretbox_KEYBYTES * 2 + 1];
 
@@ -131,7 +158,20 @@ VALUE rb_dualcone_generate_key(VALUE _self) {
   return rb_str_new_cstr(hex);
 }
 
-VALUE rb_dualcone_encrypt(VALUE _self, VALUE path) {
+/*
+ * call-seq:
+ *   Dualcone.encrypt(path) -> nil
+ *
+ * Encrypts (and overwrites!) the Ruby code file specified by +path+.
+ *
+ * If successful, this method returns nil.
+ * Otherwise, it raises a fatal error.
+ *
+ *   Dualcone.encrypt('hello.rb')
+ *   => nil
+ */
+static VALUE
+rb_dualcone_encrypt(VALUE _self, VALUE path) {
   int result = 0;
   int errno_sv = 0;
 

data/ext/dualcone/extconf.rb

@@ -2,33 +2,34 @@
 
 require 'mkmf'
 
+# :stopdoc:
+
 cflags = %w[
-  -march=native -fno-exceptions -pipe
-  -fstack-protector-strong -fPIC -Wall -Werror
-  -Wno-missing-braces
+  -march=native -mtune=generic -pipe -fno-plt
+  -fstack-protector-strong -fPIC
 ]
 
 if ENV['DEBUG']
   cflags.unshift('-O0', '-g')
 else
-  cflags.unshift('-Os')
+  cflags.unshift('-O2')
 end
 
-LIBHYDROGEN_DIR = File.join(__dir__, '..', '..', 'vendor', 'libhydrogen')
+libhydrogen_dir = File.join(__dir__, '..', '..', 'vendor', 'libhydrogen')
 
 abort 'ERROR: make is required to build libhydrogen.' unless find_executable('make')
 
 append_cflags(cflags)
 
 # Build the bundled version of libhydrogen in vendor
-Dir.chdir(LIBHYDROGEN_DIR) do
+Dir.chdir(libhydrogen_dir) do
   system('make clean')
   system("export CFLAGS='#{cflags.join(' ')}'; make")
   system('PREFIX=. make install')
 
   # Ensure that our bundled version of libhydrogen is always used
-  $DEFLIBPATH.unshift("#{LIBHYDROGEN_DIR}/lib")
-  dir_config('hydrogen', "#{LIBHYDROGEN_DIR}/include", "#{LIBHYDROGEN_DIR}/lib")
+  $DEFLIBPATH.unshift("#{libhydrogen_dir}/lib")
+  dir_config('hydrogen', "#{libhydrogen_dir}/include", "#{libhydrogen_dir}/lib")
 end
 
 abort 'ERROR: Failed to build libhydrogen.' unless have_library('hydrogen') && have_header('hydrogen.h')

data/lib/dualcone/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Dualcone
-  VERSION = '0.0.1'
+  VERSION = '1.0.0'
 end

data/vendor/libhydrogen/LICENSE

@@ -1,7 +1,7 @@
 /*
  * ISC License
  *
- * Copyright (c) 2017-2019
+ * Copyright (c) 2017-2022
  * Frank Denis <j at pureftpd dot org>
  *
  * Permission to use, copy, modify, and/or distribute this software for any

data/vendor/libhydrogen/Makefile

@@ -1,6 +1,6 @@
 PREFIX ?= /usr/local
 WFLAGS ?= -Wall -Wextra -Wmissing-prototypes -Wdiv-by-zero -Wbad-function-cast -Wcast-align -Wcast-qual -Wfloat-equal -Wmissing-declarations -Wnested-externs -Wno-unknown-pragmas -Wpointer-arith -Wredundant-decls -Wstrict-prototypes -Wswitch-enum -Wno-type-limits
-CFLAGS ?= -Os -march=native -fno-exceptions $(WFLAGS)
+CFLAGS ?= -Os -mcpu=native -fno-exceptions $(WFLAGS)
 CFLAGS += -I.
 OBJ = hydrogen.o
 AR ?= ar

data/vendor/libhydrogen/README.md

@@ -1,5 +1,7 @@
-[![Build Status](https://travis-ci.org/jedisct1/libhydrogen.svg?branch=master)](https://travis-ci.org/jedisct1/libhydrogen?branch=master)
+[![Build status](https://travis-ci.org/jedisct1/libhydrogen.svg?branch=master)](https://travis-ci.org/jedisct1/libhydrogen?branch=master)
+![CodeQL scan](https://github.com/jedisct1/libhydrogen/workflows/Code%20scanning%20-%20action/badge.svg)
 [![Financial Contributors on Open Collective](https://opencollective.com/libhydrogen/all/badge.svg?label=financial+contributors)](https://opencollective.com/libhydrogen) [![Coverity Scan Build Status](https://scan.coverity.com/projects/13315/badge.svg)](https://scan.coverity.com/projects/13315)
+[![TrustInSoft CI](https://ci.trust-in-soft.com/projects/jedisct1/libhydrogen.svg?branch=master)](https://ci.trust-in-soft.com/projects/jedisct1/libhydrogen)
 
 ![libhydrogen](https://raw.github.com/jedisct1/libhydrogen/master/logo.png)
 ==============

data/vendor/libhydrogen/hydrogen.c

@@ -3,9 +3,10 @@
 #include "impl/common.h"
 #include "impl/hydrogen_p.h"
 
+#include "impl/random.h"
+
 #include "impl/core.h"
 #include "impl/gimli-core.h"
-#include "impl/random.h"
 
 #include "impl/hash.h"
 #include "impl/kdf.h"

data/vendor/libhydrogen/hydrogen.h

@@ -17,12 +17,12 @@ extern "C" {
 #else
 #define _hydro_attr_(X)
 #endif
-#define _hydro_attr_deprecated_ _hydro_attr_((deprecated))
-#define _hydro_attr_malloc_ _hydro_attr_((malloc))
-#define _hydro_attr_noinline_ _hydro_attr_((noinline))
-#define _hydro_attr_noreturn_ _hydro_attr_((noreturn))
+#define _hydro_attr_deprecated_         _hydro_attr_((deprecated))
+#define _hydro_attr_malloc_             _hydro_attr_((malloc))
+#define _hydro_attr_noinline_           _hydro_attr_((noinline))
+#define _hydro_attr_noreturn_           _hydro_attr_((noreturn))
 #define _hydro_attr_warn_unused_result_ _hydro_attr_((warn_unused_result))
-#define _hydro_attr_weak_ _hydro_attr_((weak))
+#define _hydro_attr_weak_               _hydro_attr_((weak))
 
 #if defined(__INTEL_COMPILER) || defined(_MSC_VER)
 #define _hydro_attr_aligned_(X) __declspec(align(X))
@@ -56,11 +56,11 @@ void hydro_random_reseed(void);
 
 /* ---------------- */
 
-#define hydro_hash_BYTES 32
-#define hydro_hash_BYTES_MAX 65535
-#define hydro_hash_BYTES_MIN 16
+#define hydro_hash_BYTES        32
+#define hydro_hash_BYTES_MAX    65535
+#define hydro_hash_BYTES_MIN    16
 #define hydro_hash_CONTEXTBYTES 8
-#define hydro_hash_KEYBYTES 32
+#define hydro_hash_KEYBYTES     32
 
 typedef struct hydro_hash_state {
     uint32_t state[12];
@@ -84,9 +84,9 @@ int hydro_hash_hash(uint8_t *out, size_t out_len, const void *in_, size_t in_len
 /* ---------------- */
 
 #define hydro_secretbox_CONTEXTBYTES 8
-#define hydro_secretbox_HEADERBYTES (20 + 16)
-#define hydro_secretbox_KEYBYTES 32
-#define hydro_secretbox_PROBEBYTES 16
+#define hydro_secretbox_HEADERBYTES  (20 + 16)
+#define hydro_secretbox_KEYBYTES     32
+#define hydro_secretbox_PROBEBYTES   16
 
 void hydro_secretbox_keygen(uint8_t key[hydro_secretbox_KEYBYTES]);
 
@@ -111,9 +111,9 @@ int hydro_secretbox_probe_verify(const uint8_t probe[hydro_secretbox_PROBEBYTES]
 /* ---------------- */
 
 #define hydro_kdf_CONTEXTBYTES 8
-#define hydro_kdf_KEYBYTES 32
-#define hydro_kdf_BYTES_MAX 65535
-#define hydro_kdf_BYTES_MIN 16
+#define hydro_kdf_KEYBYTES     32
+#define hydro_kdf_BYTES_MAX    65535
+#define hydro_kdf_BYTES_MIN    16
 
 void hydro_kdf_keygen(uint8_t key[hydro_kdf_KEYBYTES]);
 
@@ -123,11 +123,11 @@ int hydro_kdf_derive_from_key(uint8_t *subkey, size_t subkey_len, uint64_t subke
 
 /* ---------------- */
 
-#define hydro_sign_BYTES 64
-#define hydro_sign_CONTEXTBYTES 8
+#define hydro_sign_BYTES          64
+#define hydro_sign_CONTEXTBYTES   8
 #define hydro_sign_PUBLICKEYBYTES 32
 #define hydro_sign_SECRETKEYBYTES 64
-#define hydro_sign_SEEDBYTES 32
+#define hydro_sign_SEEDBYTES      32
 
 typedef struct hydro_sign_state {
     hydro_hash_state hash_st;
@@ -165,10 +165,10 @@ int hydro_sign_verify(const uint8_t csig[hydro_sign_BYTES], const void *m_, size
 /* ---------------- */
 
 #define hydro_kx_SESSIONKEYBYTES 32
-#define hydro_kx_PUBLICKEYBYTES 32
-#define hydro_kx_SECRETKEYBYTES 32
-#define hydro_kx_PSKBYTES 32
-#define hydro_kx_SEEDBYTES 32
+#define hydro_kx_PUBLICKEYBYTES  32
+#define hydro_kx_SECRETKEYBYTES  32
+#define hydro_kx_PSKBYTES        32
+#define hydro_kx_SEEDBYTES       32
 
 typedef struct hydro_kx_keypair {
     uint8_t pk[hydro_kx_PUBLICKEYBYTES];
@@ -261,9 +261,9 @@ int hydro_kx_nk_3(hydro_kx_state *state, hydro_kx_session_keypair *kp,
 
 /* ---------------- */
 
-#define hydro_pwhash_CONTEXTBYTES 8
+#define hydro_pwhash_CONTEXTBYTES   8
 #define hydro_pwhash_MASTERKEYBYTES 32
-#define hydro_pwhash_STOREDBYTES 128
+#define hydro_pwhash_STOREDBYTES    128
 
 void hydro_pwhash_keygen(uint8_t master_key[hydro_pwhash_MASTERKEYBYTES]);
 

data/vendor/libhydrogen/impl/common.h

@@ -93,7 +93,7 @@ store64_le(uint8_t dst[8], uint64_t w)
     w >>= 8;
     dst[6] = (uint8_t) w;
     w >>= 8;
-    dst[7]     = (uint8_t) w;
+    dst[7] = (uint8_t) w;
 #endif
 }
 
@@ -127,7 +127,7 @@ store32_le(uint8_t dst[4], uint32_t w)
     w >>= 8;
     dst[2] = (uint8_t) w;
     w >>= 8;
-    dst[3]     = (uint8_t) w;
+    dst[3] = (uint8_t) w;
 #endif
 }
 
@@ -203,7 +203,7 @@ store64_be(uint8_t dst[8], uint64_t w)
     w >>= 8;
     dst[1] = (uint8_t) w;
     w >>= 8;
-    dst[0]     = (uint8_t) w;
+    dst[0] = (uint8_t) w;
 #endif
 }
 

data/vendor/libhydrogen/impl/core.h

@@ -1,9 +1,7 @@
 int
 hydro_init(void)
 {
-    if (hydro_random_init() != 0) {
-        abort();
-    }
+    hydro_random_ensure_initialized();
     return 0;
 }
 
@@ -88,7 +86,7 @@ hydro_hex2bin(uint8_t *bin, size_t bin_maxlen, const char *hex, size_t hex_len,
             }
             break;
         }
-        c_val = (uint8_t)((c_num0 & c_num) | (c_alpha0 & c_alpha));
+        c_val = (uint8_t) ((c_num0 & c_num) | (c_alpha0 & c_alpha));
         if (bin_pos >= bin_maxlen) {
             ret   = -1;
             errno = ERANGE;

data/vendor/libhydrogen/impl/gimli-core/sse2.h

@@ -40,7 +40,7 @@ rotate24(__m128i x)
 }
 #endif
 
-static const uint32_t coeffs[24] _hydro_attr_aligned_(16) = {
+static const uint32_t _hydro_attr_aligned_(16) coeffs[24] = {
     0x9e377904, 0, 0, 0, 0x9e377908, 0, 0, 0, 0x9e37790c, 0, 0, 0,
     0x9e377910, 0, 0, 0, 0x9e377914, 0, 0, 0, 0x9e377918, 0, 0, 0,
 };

data/vendor/libhydrogen/impl/hash.h

@@ -43,10 +43,10 @@ hydro_hash_init(hydro_hash_state *state, const char ctx[hydro_hash_CONTEXTBYTES]
     if (key != NULL) {
         block[gimli_RATE] = (uint8_t) hydro_hash_KEYBYTES;
         memcpy(block + gimli_RATE + 1, key, hydro_hash_KEYBYTES);
-        p = (gimli_RATE + 1 + hydro_hash_KEYBYTES + (gimli_RATE - 1)) & ~(size_t)(gimli_RATE - 1);
+        p = (gimli_RATE + 1 + hydro_hash_KEYBYTES + (gimli_RATE - 1)) & ~(size_t) (gimli_RATE - 1);
     } else {
         block[gimli_RATE] = (uint8_t) 0;
-        p                 = (gimli_RATE + 1 + 0 + (gimli_RATE - 1)) & ~(size_t)(gimli_RATE - 1);
+        p = (gimli_RATE + 1 + 0 + (gimli_RATE - 1)) & ~(size_t) (gimli_RATE - 1);
     }
     mem_zero(state, sizeof *state);
     hydro_hash_update(state, block, p);
@@ -71,10 +71,10 @@ hydro_hash_init_with_tweak(hydro_hash_state *state, const char ctx[hydro_hash_CO
     if (key != NULL) {
         block[gimli_RATE] = (uint8_t) hydro_hash_KEYBYTES;
         memcpy(block + gimli_RATE + 1, key, hydro_hash_KEYBYTES);
-        p = (gimli_RATE + 1 + hydro_hash_KEYBYTES + (gimli_RATE - 1)) & ~(size_t)(gimli_RATE - 1);
+        p = (gimli_RATE + 1 + hydro_hash_KEYBYTES + (gimli_RATE - 1)) & ~(size_t) (gimli_RATE - 1);
     } else {
         block[gimli_RATE] = (uint8_t) 0;
-        p                 = (gimli_RATE + 1 + 0 + (gimli_RATE - 1)) & ~(size_t)(gimli_RATE - 1);
+        p = (gimli_RATE + 1 + 0 + (gimli_RATE - 1)) & ~(size_t) (gimli_RATE - 1);
     }
     block[p] = (uint8_t) sizeof tweak;
     STORE64_LE(&block[p + 1], tweak);
@@ -99,9 +99,9 @@ hydro_hash_final(hydro_hash_state *state, uint8_t *out, size_t out_len)
     }
     COMPILER_ASSERT(hydro_hash_BYTES_MAX <= 0xffff);
     lc[1]  = (uint8_t) out_len;
-    lc[2]  = (uint8_t)(out_len >> 8);
+    lc[2]  = (uint8_t) (out_len >> 8);
     lc[3]  = 0;
-    lc_len = (size_t)(1 + (lc[2] != 0));
+    lc_len = (size_t) (1 + (lc[2] != 0));
     lc[0]  = (uint8_t) lc_len;
     hydro_hash_update(state, lc, 1 + lc_len + 1);
     gimli_pad_u8(buf, state->buf_off, gimli_DOMAIN_XOF);

data/vendor/libhydrogen/impl/hydrogen_p.h

@@ -3,18 +3,18 @@ static int hydro_random_init(void);
 /* ---------------- */
 
 #define gimli_BLOCKBYTES 48
-#define gimli_CAPACITY 32
-#define gimli_RATE 16
+#define gimli_CAPACITY   32
+#define gimli_RATE       16
 
-#define gimli_TAG_HEADER 0x01
+#define gimli_TAG_HEADER  0x01
 #define gimli_TAG_PAYLOAD 0x02
-#define gimli_TAG_FINAL 0x08
-#define gimli_TAG_FINAL0 0xf8
-#define gimli_TAG_KEY0 0xfe
-#define gimli_TAG_KEY 0xff
+#define gimli_TAG_FINAL   0x08
+#define gimli_TAG_FINAL0  0xf8
+#define gimli_TAG_KEY0    0xfe
+#define gimli_TAG_KEY     0xff
 
 #define gimli_DOMAIN_AEAD 0x0
-#define gimli_DOMAIN_XOF 0xf
+#define gimli_DOMAIN_XOF  0xf
 
 static void gimli_core_u8(uint8_t state_u8[gimli_BLOCKBYTES], uint8_t tag);
 
@@ -28,7 +28,7 @@ gimli_pad_u8(uint8_t buf[gimli_BLOCKBYTES], size_t pos, uint8_t domain)
 static inline void
 hydro_mem_ct_zero_u32(uint32_t *dst_, size_t n)
 {
-    volatile uint32_t *volatile dst = (volatile uint32_t * volatile)(void *) dst_;
+    volatile uint32_t *volatile dst = (volatile uint32_t *volatile) (void *) dst_;
     size_t i;
 
     for (i = 0; i < n; i++) {
@@ -42,7 +42,7 @@ static inline uint32_t hydro_mem_ct_cmp_u32(const uint32_t *b1_, const uint32_t
 static inline uint32_t
 hydro_mem_ct_cmp_u32(const uint32_t *b1_, const uint32_t *b2, size_t n)
 {
-    const volatile uint32_t *volatile b1 = (const volatile uint32_t *volatile)(const void *) b1_;
+    const volatile uint32_t *volatile b1 = (const volatile uint32_t *volatile) (const void *) b1_;
     size_t   i;
     uint32_t cv = 0;
 
@@ -61,11 +61,11 @@ static int hydro_hash_init_with_tweak(hydro_hash_state *state,
 /* ---------------- */
 
 #define hydro_secretbox_NONCEBYTES 20
-#define hydro_secretbox_MACBYTES 16
+#define hydro_secretbox_MACBYTES   16
 
 /* ---------------- */
 
-#define hydro_x25519_BYTES 32
+#define hydro_x25519_BYTES          32
 #define hydro_x25519_PUBLICKEYBYTES 32
 #define hydro_x25519_SECRETKEYBYTES 32
 

data/vendor/libhydrogen/impl/pwhash.h

@@ -1,16 +1,16 @@
-#define hydro_pwhash_ENC_ALGBYTES 1
+#define hydro_pwhash_ENC_ALGBYTES  1
 #define hydro_pwhash_HASH_ALGBYTES 1
-#define hydro_pwhash_THREADSBYTES 1
+#define hydro_pwhash_THREADSBYTES  1
 #define hydro_pwhash_OPSLIMITBYTES 8
 #define hydro_pwhash_MEMLIMITBYTES 8
-#define hydro_pwhash_HASHBYTES 32
-#define hydro_pwhash_SALTBYTES 16
+#define hydro_pwhash_HASHBYTES     32
+#define hydro_pwhash_SALTBYTES     16
 #define hydro_pwhash_PARAMSBYTES                                                           \
     (hydro_pwhash_HASH_ALGBYTES + hydro_pwhash_THREADSBYTES + hydro_pwhash_OPSLIMITBYTES + \
      hydro_pwhash_MEMLIMITBYTES + hydro_pwhash_SALTBYTES + hydro_pwhash_HASHBYTES)
-#define hydro_pwhash_ENC_ALG 0x01
+#define hydro_pwhash_ENC_ALG  0x01
 #define hydro_pwhash_HASH_ALG 0x01
-#define hydro_pwhash_CONTEXT "hydro_pw"
+#define hydro_pwhash_CONTEXT  "hydro_pw"
 
 static int
 _hydro_pwhash_hash(uint8_t out[hydro_random_SEEDBYTES], size_t h_len,

data/vendor/libhydrogen/impl/random/avr.h

@@ -0,0 +1,61 @@
+#include <Arduino.h>
+
+static bool
+hydro_random_rbit(uint16_t x)
+{
+    uint8_t x8;
+
+    x8 = ((uint8_t) (x >> 8)) ^ (uint8_t) x;
+    x8 = (x8 >> 4) ^ (x8 & 0xf);
+    x8 = (x8 >> 2) ^ (x8 & 0x3);
+    x8 = (x8 >> 1) ^ x8;
+
+    return (bool) (x8 & 1);
+}
+
+static int
+hydro_random_init(void)
+{
+    const char       ctx[hydro_hash_CONTEXTBYTES] = { 'h', 'y', 'd', 'r', 'o', 'P', 'R', 'G' };
+    hydro_hash_state st;
+    uint16_t         ebits = 0;
+    uint16_t         tc;
+    bool             a, b;
+
+    cli();
+    MCUSR = 0;
+    WDTCSR |= _BV(WDCE) | _BV(WDE);
+    WDTCSR = _BV(WDIE);
+    sei();
+
+    hydro_hash_init(&st, ctx, NULL);
+
+    while (ebits < 256) {
+        delay(1);
+        tc = TCNT1;
+        hydro_hash_update(&st, (const uint8_t *) &tc, sizeof tc);
+        a = hydro_random_rbit(tc);
+        delay(1);
+        tc = TCNT1;
+        b  = hydro_random_rbit(tc);
+        hydro_hash_update(&st, (const uint8_t *) &tc, sizeof tc);
+        if (a == b) {
+            continue;
+        }
+        hydro_hash_update(&st, (const uint8_t *) &b, sizeof b);
+        ebits++;
+    }
+
+    cli();
+    MCUSR = 0;
+    WDTCSR |= _BV(WDCE) | _BV(WDE);
+    WDTCSR = 0;
+    sei();
+
+    hydro_hash_final(&st, hydro_random_context.state, sizeof hydro_random_context.state);
+    hydro_random_context.counter = ~LOAD64_LE(hydro_random_context.state);
+
+    return 0;
+}
+
+ISR(WDT_vect) { }

data/vendor/libhydrogen/impl/random/esp32.h

@@ -0,0 +1,32 @@
+// Important: RF *must* be activated on ESP board
+// https://techtutorialsx.com/2017/12/22/esp32-arduino-random-number-generation/
+#ifdef ESP32
+#include <esp_system.h>
+#endif
+
+#ifdef ARDUINO
+#include <Arduino.h>
+#endif
+
+static int
+hydro_random_init(void)
+{
+    const char       ctx[hydro_hash_CONTEXTBYTES] = { 'h', 'y', 'd', 'r', 'o', 'P', 'R', 'G' };
+    hydro_hash_state st;
+    uint16_t         ebits = 0;
+
+    hydro_hash_init(&st, ctx, NULL);
+
+    while (ebits < 256) {
+        uint32_t r = esp_random();
+
+        delay(10);
+        hydro_hash_update(&st, (const uint32_t *) &r, sizeof r);
+        ebits += 32;
+    }
+
+    hydro_hash_final(&st, hydro_random_context.state, sizeof hydro_random_context.state);
+    hydro_random_context.counter = ~LOAD64_LE(hydro_random_context.state);
+
+    return 0;
+}