rbnacl-libsodium 1.0.10 → 1.0.11

data/vendor/libsodium/src/libsodium/sodium/runtime.c

@@ -168,12 +168,15 @@ _sodium_runtime_intel_cpu_features(CPUFeatures * const cpu_features)
 #if defined(HAVE_AVX2INTRIN_H) || \
     (defined(_MSC_VER) && (defined(_M_X64) || defined(_M_AMD64) || defined(_M_IX86)))
     if (cpu_features->has_avx) {
-        cpu_features->has_avx2 = ((cpu_info[1] & CPUID_EBX_AVX2) != 0x0);
+        unsigned int cpu_info7[4];
+
+        _cpuid(cpu_info7, 0x00000007);
+        cpu_features->has_avx2 = ((cpu_info7[1] & CPUID_EBX_AVX2) != 0x0);
     }
 #endif
 
 #if defined(HAVE_WMMINTRIN_H) || \
-    (defined(_MSC_VER) && (defined(_M_X64) || defined(_M_AMD64) || defined(_M_IX86)))
+    (defined(_MSC_VER) && _MSC_VER >= 1600 && (defined(_M_X64) || defined(_M_AMD64) || defined(_M_IX86)))
     cpu_features->has_pclmul = ((cpu_info[2] & CPUID_ECX_PCLMUL) != 0x0);
     cpu_features->has_aesni = ((cpu_info[2] & CPUID_ECX_AESNI) != 0x0);
 #else

data/vendor/libsodium/src/libsodium/sodium/utils.c

@@ -14,8 +14,6 @@
 # include <sys/mman.h>
 #endif
 
-#include "utils.h"
-#include "randombytes.h"
 #ifdef _WIN32
 # include <windows.h>
 # include <wincrypt.h>
@@ -23,6 +21,9 @@
 # include <unistd.h>
 #endif
 
+#include "utils.h"
+#include "randombytes.h"
+
 #ifndef ENOSYS
 # define ENOSYS ENXIO
 #endif
@@ -49,16 +50,24 @@
 #if defined(HAVE_ALIGNED_MALLOC) && (defined(WINAPI_DESKTOP) || defined(HAVE_MPROTECT))
 # define HAVE_PAGE_PROTECTION
 #endif
+#if !defined(MADV_DODUMP) && defined(MADV_CORE)
+# define MADV_DODUMP   MADV_CORE
+# define MADV_DONTDUMP MADV_NOCORE
+#endif
 
 static size_t page_size;
 static unsigned char canary[CANARY_SIZE];
 
 #ifdef HAVE_WEAK_SYMBOLS
 __attribute__ ((weak)) void
-_sodium_dummy_symbol_to_prevent_memzero_lto(void * const pnt, const size_t len)
+_sodium_memzero_as_a_weak_symbol_to_prevent_lto(void * const pnt, const size_t len)
 {
-    (void) pnt;
-    (void) len;
+    unsigned char *pnt_ = (unsigned char *) pnt;;
+    size_t         i = (size_t) 0U;
+
+    while (i < len) {
+        pnt_[i++] = 0U;
+    }
 }
 #endif
 
@@ -68,14 +77,13 @@ sodium_memzero(void * const pnt, const size_t len)
 #ifdef _WIN32
     SecureZeroMemory(pnt, len);
 #elif defined(HAVE_MEMSET_S)
-    if (memset_s(pnt, (rsize_t) len, 0, (rsize_t) len) != 0) {
+    if (len > 0U && memset_s(pnt, (rsize_t) len, 0, (rsize_t) len) != 0) {
         abort(); /* LCOV_EXCL_LINE */
     }
 #elif defined(HAVE_EXPLICIT_BZERO)
     explicit_bzero(pnt, len);
 #elif HAVE_WEAK_SYMBOLS
-    memset(pnt, 0, len);
-    _sodium_dummy_symbol_to_prevent_memzero_lto(pnt, len);
+    _sodium_memzero_as_a_weak_symbol_to_prevent_lto(pnt, len);
 #else
     volatile unsigned char *volatile pnt_ =
         (volatile unsigned char * volatile) pnt;

data/vendor/libsodium/test/Makefile.in

@@ -92,6 +92,7 @@ ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
 am__aclocal_m4_deps = $(top_srcdir)/m4/ax_check_compile_flag.m4 \
 	$(top_srcdir)/m4/ax_check_define.m4 \
 	$(top_srcdir)/m4/ax_check_link_flag.m4 \
+	$(top_srcdir)/m4/ax_pthread.m4 \
 	$(top_srcdir)/m4/ax_valgrind_check.m4 \
 	$(top_srcdir)/m4/ld-output-def.m4 $(top_srcdir)/m4/libtool.m4 \
 	$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
@@ -265,6 +266,9 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
 PACKAGE_URL = @PACKAGE_URL@
 PACKAGE_VERSION = @PACKAGE_VERSION@
 PATH_SEPARATOR = @PATH_SEPARATOR@
+PTHREAD_CC = @PTHREAD_CC@
+PTHREAD_CFLAGS = @PTHREAD_CFLAGS@
+PTHREAD_LIBS = @PTHREAD_LIBS@
 RANLIB = @RANLIB@
 SAFECODE_HOME = @SAFECODE_HOME@
 SED = @SED@
@@ -294,6 +298,7 @@ am__leading_dot = @am__leading_dot@
 am__quote = @am__quote@
 am__tar = @am__tar@
 am__untar = @am__untar@
+ax_pthread_config = @ax_pthread_config@
 bindir = @bindir@
 build = @build@
 build_alias = @build_alias@

data/vendor/libsodium/test/default/Makefile.in

@@ -98,6 +98,7 @@ ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
 am__aclocal_m4_deps = $(top_srcdir)/m4/ax_check_compile_flag.m4 \
 	$(top_srcdir)/m4/ax_check_define.m4 \
 	$(top_srcdir)/m4/ax_check_link_flag.m4 \
+	$(top_srcdir)/m4/ax_pthread.m4 \
 	$(top_srcdir)/m4/ax_valgrind_check.m4 \
 	$(top_srcdir)/m4/ld-output-def.m4 $(top_srcdir)/m4/libtool.m4 \
 	$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
@@ -685,6 +686,9 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
 PACKAGE_URL = @PACKAGE_URL@
 PACKAGE_VERSION = @PACKAGE_VERSION@
 PATH_SEPARATOR = @PATH_SEPARATOR@
+PTHREAD_CC = @PTHREAD_CC@
+PTHREAD_CFLAGS = @PTHREAD_CFLAGS@
+PTHREAD_LIBS = @PTHREAD_LIBS@
 RANLIB = @RANLIB@
 SAFECODE_HOME = @SAFECODE_HOME@
 SED = @SED@
@@ -714,6 +718,7 @@ am__leading_dot = @am__leading_dot@
 am__quote = @am__quote@
 am__tar = @am__tar@
 am__untar = @am__untar@
+ax_pthread_config = @ax_pthread_config@
 bindir = @bindir@
 build = @build@
 build_alias = @build_alias@

data/vendor/libsodium/test/default/generichash2.c

@@ -26,12 +26,18 @@ main(void)
         crypto_generichash_update(&st, in, i);
         crypto_generichash_update(&st, in, i);
         crypto_generichash_update(&st, in, i);
-        crypto_generichash_final(&st, out,
-                                 1 + i % crypto_generichash_BYTES_MAX);
+        if (crypto_generichash_final(&st, out,
+                                     1 + i % crypto_generichash_BYTES_MAX) != 0) {
+            printf("crypto_generichash_final() should have returned 0\n");
+        }
         for (j = 0; j < 1 + i % crypto_generichash_BYTES_MAX; ++j) {
             printf("%02x", (unsigned int)out[j]);
         }
         printf("\n");
+        if (crypto_generichash_final(&st, out,
+                                     1 + i % crypto_generichash_BYTES_MAX) != -1) {
+            printf("crypto_generichash_final() should have returned -1\n");
+        }
     }
 
     assert(crypto_generichash_init(&st, k, sizeof k, 0U) == -1);

data/vendor/libsodium/test/default/nacl-test-wrapper.sh

@@ -1,26 +1,28 @@
 #! /bin/sh
 
-if [ -z "$NACL_SDK_ROOT" -o -z "$PNACL_TRANSLATE" -o -z "$PNACL_FINALIZE" ]
-then
-	echo "One or more variables need to be set:
-	\$NACL_SDK_ROOT=$NACL_SDK_ROOT
-	\$PNACL_TRANSLATE=$PNACL_TRANSLATE
-	\$PNACL_FINALIZE=$PNACL_FINALIZE"
-	exit 1
+if [ -z "$NACL_SDK_ROOT" ]; then
+  echo "The following variable needs to be set:
+  \$NACL_SDK_ROOT=$NACL_SDK_ROOT" >&2
+  exit 1
 fi
 
-if [ ! -f "$1.nexe" ]
-then
-	$PNACL_FINALIZE "$1" -o "$1.final"
-	$PNACL_TRANSLATE -arch $(uname -m) "$1.final" -o "$1.nexe"
+if [ -z "$PNACL_FINALIZE" -o -z "$PNACL_TRANSLATE" ]; then
+  exe="$1"
+else
+  exe="$1.nexe"
+  if [ ! -f "$exe" ]; then
+    $PNACL_FINALIZE "$1" -o "$1.final"
+    $PNACL_TRANSLATE -arch $(uname -m) "$1.final" -o "$exe"
+  fi
 fi
 
-command -v python >/dev/null 2>&1 || { echo >&2 "I require python but it's not installed. Aborting."; exit 1; }
+which python >/dev/null 2>&1 || \
+  { echo >&2 "Python not found. Aborting."; exit 1; }
+
 SEL_LDR=$(find "$NACL_SDK_ROOT" -name sel_ldr.py | head -n 1)
-if [ -z "$SEL_LDR" ]
-then
-	echo "Couldn't find a sel_ldr.py under $NACL_SDK_ROOT"
-	exit 1
+if [ -z "$SEL_LDR" ]; then
+  echo "Couldn't find sel_ldr.py under $NACL_SDK_ROOT" >&2
+  exit 1
 fi
 
-exec python "$SEL_LDR" "$1.nexe"
+exec python "$SEL_LDR" "$exe"

data/vendor/libsodium/test/default/randombytes.c

@@ -32,9 +32,11 @@ static int randombytes_tests(void)
     uint32_t     n;
 
 #ifdef __EMSCRIPTEN__
-    assert(strcmp(randombytes_implementation_name(), "sysrandom"));
+    assert(strcmp(randombytes_implementation_name(), "js") == 0);
+#elif defined(__native_client__)
+    assert(strcmp(randombytes_implementation_name(), "nativeclient") == 0);
 #else
-    assert(strcmp(randombytes_implementation_name(), "js"));
+    assert(strcmp(randombytes_implementation_name(), "sysrandom") == 0);
 #endif
     randombytes(x, 1U);
     do {

data/vendor/libsodium/test/quirks/quirks.h

@@ -4,12 +4,33 @@
 /* C++Builder defines a "random" macro */
 #undef random
 
+#ifdef __native_client__
+# define memset(dst, c, n) xmemset(dst, c, n)
+
+static void *
+xmemset(void *dst, int c, size_t n)
+{
+    unsigned char      *dst_ = (unsigned char *) dst;
+    const unsigned char c_ = (unsigned char) c;
+    size_t              i;
+
+    for (i = 0; i < n; i++) {
+        dst_[i] = c_;
+    }
+    return dst;
+}
+#endif
+
 #ifdef __EMSCRIPTEN__
 # define strcmp(s1, s2) xstrcmp(s1, s2)
 
-int
+static int
 strcmp(const char *s1, const char *s2) {
-    while (*s1 == *s2++) { if (*s1++ == 0) return 0; }
+    while (*s1 == *s2++) {
+        if (*s1++ == 0) {
+            return 0;
+        }
+    }
     return *(unsigned char *) s1 - *(unsigned char *) --s2;
 }
 #endif

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rbnacl-libsodium
 version: !ruby/object:Gem::Version
-  version: 1.0.10
+  version: 1.0.11
 platform: ruby
 authors:
 - Artiom Di
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-04-16 00:00:00.000000000 Z
+date: 2016-11-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rbnacl
@@ -79,7 +79,6 @@ files:
 - vendor/libsodium/LICENSE
 - vendor/libsodium/Makefile.am
 - vendor/libsodium/Makefile.in
-- vendor/libsodium/README
 - vendor/libsodium/README.markdown
 - vendor/libsodium/THANKS
 - vendor/libsodium/aclocal.m4
@@ -92,6 +91,7 @@ files:
 - vendor/libsodium/autom4te.cache/output.4
 - vendor/libsodium/autom4te.cache/output.5
 - vendor/libsodium/autom4te.cache/output.6
+- vendor/libsodium/autom4te.cache/output.7
 - vendor/libsodium/autom4te.cache/requests
 - vendor/libsodium/autom4te.cache/traces.0
 - vendor/libsodium/autom4te.cache/traces.1
@@ -100,6 +100,7 @@ files:
 - vendor/libsodium/autom4te.cache/traces.4
 - vendor/libsodium/autom4te.cache/traces.5
 - vendor/libsodium/autom4te.cache/traces.6
+- vendor/libsodium/autom4te.cache/traces.7
 - vendor/libsodium/build-aux/compile
 - vendor/libsodium/build-aux/config.guess
 - vendor/libsodium/build-aux/config.sub
@@ -178,25 +179,18 @@ files:
 - vendor/libsodium/dist-build/android-build.sh
 - vendor/libsodium/dist-build/android-mips32.sh
 - vendor/libsodium/dist-build/android-mips64.sh
-- vendor/libsodium/dist-build/android-x86-64.sh
 - vendor/libsodium/dist-build/android-x86.sh
+- vendor/libsodium/dist-build/android-x86_64.sh
 - vendor/libsodium/dist-build/emscripten-symbols.def
 - vendor/libsodium/dist-build/emscripten.sh
 - vendor/libsodium/dist-build/generate-emscripten-symbols.sh
 - vendor/libsodium/dist-build/ios.sh
 - vendor/libsodium/dist-build/msys2-win32.sh
 - vendor/libsodium/dist-build/msys2-win64.sh
-- vendor/libsodium/dist-build/nativeclient.sh
+- vendor/libsodium/dist-build/nativeclient-pnacl.sh
+- vendor/libsodium/dist-build/nativeclient-x86.sh
+- vendor/libsodium/dist-build/nativeclient-x86_64.sh
 - vendor/libsodium/dist-build/osx.sh
-- vendor/libsodium/examples/Makefile
-- vendor/libsodium/examples/auth.c
-- vendor/libsodium/examples/box.c
-- vendor/libsodium/examples/box_detached.c
-- vendor/libsodium/examples/generichash.c
-- vendor/libsodium/examples/generichash_stream.c
-- vendor/libsodium/examples/shorthash.c
-- vendor/libsodium/examples/sign.c
-- vendor/libsodium/examples/utils.h
 - vendor/libsodium/install-sh
 - vendor/libsodium/libsodium-uninstalled.pc.in
 - vendor/libsodium/libsodium.pc.in
@@ -209,6 +203,7 @@ files:
 - vendor/libsodium/m4/ax_check_define.m4
 - vendor/libsodium/m4/ax_check_gnu_make.m4
 - vendor/libsodium/m4/ax_check_link_flag.m4
+- vendor/libsodium/m4/ax_pthread.m4
 - vendor/libsodium/m4/ax_valgrind_check.m4
 - vendor/libsodium/m4/ld-output-def.m4
 - vendor/libsodium/m4/libtool.m4
@@ -448,6 +443,7 @@ files:
 - vendor/libsodium/src/libsodium/include/sodium/export.h
 - vendor/libsodium/src/libsodium/include/sodium/private/common.h
 - vendor/libsodium/src/libsodium/include/sodium/private/curve25519_ref10.h
+- vendor/libsodium/src/libsodium/include/sodium/private/mutex.h
 - vendor/libsodium/src/libsodium/include/sodium/randombytes.h
 - vendor/libsodium/src/libsodium/include/sodium/randombytes_nativeclient.h
 - vendor/libsodium/src/libsodium/include/sodium/randombytes_salsa20_random.h
@@ -613,7 +609,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.1
+rubygems_version: 2.4.8
 signing_key: 
 specification_version: 4
 summary: rbnacl with bundled libsodium

data/vendor/libsodium/README

@@ -1 +0,0 @@
-See README.markdown

data/vendor/libsodium/dist-build/android-x86-64.sh

@@ -1,4 +0,0 @@
-#!/bin/sh
-export TARGET_ARCH=x86-64
-export CFLAGS="-Os -march=${TARGET_ARCH}"
-ARCH=x86_64 HOST_COMPILER=x86_64-linux-android "$(dirname "$0")/android-build.sh"

data/vendor/libsodium/examples/Makefile

@@ -1,21 +0,0 @@
-
-TARGETS = \
-	auth \
-	box \
-	box_detached \
-	generichash \
-	generichash_stream \
-	shorthash \
-	sign
-
-SODIUM_CFLAGS != pkg-config --cflags libsodium
-SODIUM_LIBS != pkg-config --libs libsodium
-CFLAGS += $(SODIUM_CFLAGS)
-LDFLAGS += $(SODIUM_LIBS)
-
-all: $(TARGETS)
-
-clean:
-	rm -f $(TARGETS)
-
-distclean: clean

data/vendor/libsodium/examples/auth.c

@@ -1,68 +0,0 @@
-/*
- * GraxRabble
- * example programs for libsodium.
- */
-
-#include <sodium.h> /* library header */
-
-#include "utils.h" /* utility functions shared by examples */
-
-/*
- * This operation computes an authentication tag for a message and a
- * secret key, and provides a way to verify that a given tag is valid
- * for a given message and a key.
- *
- * The function computing the tag deterministic: the same (message,
- * key) tuple will always produce the same output.
- *
- * However, even if the message is public, knowing the key is
- * required in order to be able to compute a valid tag. Therefore,
- * the key should remain confidential. The tag, however, can be
- * public.
- *
- * A typical use case is:
- *
- * - A prepares a message, add an authentication tag, sends it to B
- * - A doesn't store the message
- * - Later on, B sends the message and the authentication tag to A
- * - A uses the authentication tag to verify that it created this message.
- *
- * This operation does not encrypt the message. It only computes and
- * verifies an authentication tag.
- */
-static int
-auth(void)
-{
-    unsigned char key[crypto_auth_KEYBYTES];
-    unsigned char mac[crypto_auth_BYTES];
-    unsigned char message[MAX_INPUT_LEN];
-    size_t        message_len;
-    int           ret;
-
-    puts("Example: crypto_auth\n");
-
-    prompt_input("a key", (char*)key, sizeof key, 0);
-    message_len = prompt_input("a message", (char*)message, sizeof message, 1);
-
-    printf("Generating %s authentication...\n", crypto_auth_primitive());
-    crypto_auth(mac, message, message_len, key);
-
-    printf("Authentication tag: ");
-    print_hex(mac, sizeof mac);
-
-    puts("Verifying authentication tag...");
-    ret = crypto_auth_verify(mac, message, message_len, key);
-    print_verification(ret);
-
-    sodium_memzero(key, sizeof key); /* wipe sensitive data */
-
-    return ret;
-}
-
-int
-main(void)
-{
-    init();
-
-    return auth() != 0;
-}

data/vendor/libsodium/examples/box.c

@@ -1,135 +0,0 @@
-/*
- * GraxRabble
- * example programs for libsodium.
- */
-
-#include <sodium.h> /* library header */
-
-#include "utils.h" /* utility functions shared by examples */
-
-/*
- * Using public-key authenticated encryption, Bob can encrypt a
- * confidential message specifically for Alice, using Alice's public
- * key.
- *
- * Using Bob's public key, Alice can verify that the encrypted
- * message was actually created by Bob and was not tampered with,
- * before eventually decrypting it.
- *
- * Alice only needs Bob's public key, the nonce and the ciphertext.
- * Bob should never ever share his secret key, even with Alice.
- *
- * And in order to send messages to Alice, Bob only needs Alice's
- * public key. Alice should never ever share her secret key either,
- * even with Bob.
- *
- * Alice can reply to Bob using the same system, without having to
- * generate a distinct key pair.
- *
- * The nonce doesn't have to be confidential, but it should be used
- * with just one invokation of crypto_box_open_easy() for a
- * particular pair of public and secret keys.
- *
- * One easy way to generate a nonce is to use randombytes_buf(),
- * considering the size of nonces the risk of any random collisions
- * is negligible. For some applications, if you wish to use nonces to
- * detect missing messages or to ignore replayed messages, it is also
- * ok to use a simple incrementing counter as a nonce.
- *
- * When doing so you must ensure that the same value can never be
- * re-used (for example you may have multiple threads or even hosts
- * generating messages using the same key pairs).
- *
- * This system provides mutual authentication. However, a typical use
- * case is to secure communications between a server, whose public
- * key is known in advance, and clients connecting anonymously.
- */
-static int
-box(void)
-{
-    unsigned char bob_pk[crypto_box_PUBLICKEYBYTES]; /* Bob's public key */
-    unsigned char bob_sk[crypto_box_SECRETKEYBYTES]; /* Bob's secret key */
-
-    unsigned char alice_pk[crypto_box_PUBLICKEYBYTES]; /* Alice's public key */
-    unsigned char alice_sk[crypto_box_SECRETKEYBYTES]; /* Alice's secret key */
-
-    unsigned char nonce[crypto_box_NONCEBYTES];
-    unsigned char message[MAX_INPUT_LEN];
-    unsigned char ciphertext[crypto_box_MACBYTES + MAX_INPUT_LEN];
-    size_t        message_len;
-    size_t        ciphertext_len;
-    int           ret;
-
-    puts("Example: crypto_box_easy\n");
-
-    puts("Generating keypairs...\n");
-    crypto_box_keypair(bob_pk, bob_sk);     /* generate Bob's keys */
-    crypto_box_keypair(alice_pk, alice_sk); /* generate Alice's keys */
-
-    puts("Bob");
-    printf("Public key: ");
-    print_hex(bob_pk, sizeof bob_pk);
-    printf("Secret key: ");
-    print_hex(bob_sk, sizeof bob_sk);
-
-    puts("Alice");
-    printf("Public key: ");
-    print_hex(alice_pk, sizeof alice_pk);
-    printf("Secret key: ");
-    print_hex(alice_sk, sizeof alice_sk);
-
-    /* nonce must be unique per (key, message) - it can be public and deterministic */
-    puts("Generating nonce...");
-    randombytes_buf(nonce, sizeof nonce);
-    printf("Nonce: ");
-    print_hex(nonce, sizeof nonce);
-
-    /* read input */
-    message_len = prompt_input("a message", (char*)message, sizeof message, 1);
-
-    print_hex(message, message_len);
-
-    /* encrypt and authenticate the message */
-    printf("Encrypting and authenticating with %s\n\n", crypto_box_primitive());
-    if (crypto_box_easy(ciphertext, message, message_len, nonce, alice_pk, bob_sk) != 0) {
-        abort();
-    }
-    ciphertext_len = crypto_box_MACBYTES + message_len;
-
-    /* send the nonce and the ciphertext */
-    puts("Bob sends the nonce and the ciphertext...\n");
-    printf("Ciphertext len: %zu bytes - Original message length: %zu bytes\n",
-           ciphertext_len, message_len);
-    puts("Notice the prepended 16 byte authentication token\n");
-    printf("Nonce: ");
-    print_hex(nonce, sizeof nonce);
-    printf("Ciphertext: ");
-    print_hex(ciphertext, ciphertext_len);
-
-    /* decrypt the message */
-    puts("Alice verifies and decrypts the ciphertext...");
-    ret = crypto_box_open_easy(message, ciphertext, ciphertext_len, nonce, bob_pk,
-                               alice_sk);
-    print_hex(message, message_len);
-
-    print_verification(ret);
-    if (ret == 0) {
-        printf("Plaintext: ");
-        fwrite(message, 1U, message_len, stdout);
-        putchar('\n');
-    }
-    sodium_memzero(bob_sk, sizeof bob_sk); /* wipe sensitive data */
-    sodium_memzero(alice_sk, sizeof alice_sk);
-    sodium_memzero(message, sizeof message);
-    sodium_memzero(ciphertext, sizeof ciphertext);
-
-    return ret;
-}
-
-int
-main(void)
-{
-    init();
-
-    return box() != 0;
-}