rbnacl-libsodium 1.0.13 → 1.0.15
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGES.md +5 -0
- data/lib/rbnacl/libsodium.rb +1 -0
- data/lib/rbnacl/libsodium/version.rb +1 -1
- data/vendor/libsodium/AUTHORS +2 -2
- data/vendor/libsodium/ChangeLog +64 -0
- data/vendor/libsodium/Makefile.am +1 -0
- data/vendor/libsodium/README.markdown +1 -3
- data/vendor/libsodium/THANKS +13 -3
- data/vendor/libsodium/builds/Makefile.am +65 -0
- data/vendor/libsodium/builds/msvc/resource.rc +2 -2
- data/vendor/libsodium/builds/msvc/version.h +3 -3
- data/vendor/libsodium/builds/msvc/vs2010/libsodium/libsodium.vcxproj +168 -173
- data/vendor/libsodium/builds/msvc/vs2010/libsodium/libsodium.vcxproj.filters +382 -394
- data/vendor/libsodium/builds/msvc/vs2012/libsodium/libsodium.vcxproj +168 -173
- data/vendor/libsodium/builds/msvc/vs2012/libsodium/libsodium.vcxproj.filters +382 -394
- data/vendor/libsodium/builds/msvc/vs2013/libsodium/libsodium.vcxproj +168 -173
- data/vendor/libsodium/builds/msvc/vs2013/libsodium/libsodium.vcxproj.filters +382 -394
- data/vendor/libsodium/builds/msvc/vs2015/libsodium/libsodium.vcxproj +168 -173
- data/vendor/libsodium/builds/msvc/vs2015/libsodium/libsodium.vcxproj.filters +382 -394
- data/vendor/libsodium/builds/msvc/vs2017/libsodium/libsodium.vcxproj +168 -173
- data/vendor/libsodium/builds/msvc/vs2017/libsodium/libsodium.vcxproj.filters +382 -394
- data/vendor/libsodium/configure.ac +59 -10
- data/vendor/libsodium/contrib/Findsodium.cmake +2 -0
- data/vendor/libsodium/dist-build/emscripten-symbols.def +72 -32
- data/vendor/libsodium/dist-build/emscripten.sh +33 -6
- data/vendor/libsodium/dist-build/generate-emscripten-symbols.sh +52 -38
- data/vendor/libsodium/dist-build/ios.sh +2 -2
- data/vendor/libsodium/libsodium.vcxproj +168 -173
- data/vendor/libsodium/libsodium.vcxproj.filters +220 -235
- data/vendor/libsodium/m4/ax_check_catchable_abrt.m4 +57 -0
- data/vendor/libsodium/m4/ax_check_gnu_make.m4 +2 -2
- data/vendor/libsodium/m4/ax_pthread.m4 +2 -2
- data/vendor/libsodium/msvc-scripts/process.bat +3 -3
- data/vendor/libsodium/packaging/dotnet-core/README.md +5 -5
- data/vendor/libsodium/packaging/dotnet-core/libsodium.props +5 -2
- data/vendor/libsodium/packaging/dotnet-core/prepare.py +13 -31
- data/vendor/libsodium/packaging/dotnet-core/recipes/linux-x64 +4 -0
- data/vendor/libsodium/packaging/nuget/package.config +1 -1
- data/vendor/libsodium/src/libsodium/Makefile.am +11 -12
- data/vendor/libsodium/src/libsodium/crypto_aead/aes256gcm/aesni/aead_aes256gcm_aesni.c +11 -4
- data/vendor/libsodium/src/libsodium/crypto_aead/chacha20poly1305/sodium/aead_chacha20poly1305.c +17 -4
- data/vendor/libsodium/src/libsodium/crypto_aead/xchacha20poly1305/sodium/aead_xchacha20poly1305.c +8 -1
- data/vendor/libsodium/src/libsodium/crypto_box/crypto_box.c +6 -0
- data/vendor/libsodium/src/libsodium/crypto_box/crypto_box_easy.c +5 -4
- data/vendor/libsodium/src/libsodium/crypto_box/curve25519xchacha20poly1305/box_curve25519xchacha20poly1305.c +11 -4
- data/vendor/libsodium/src/libsodium/crypto_box/curve25519xsalsa20poly1305/box_curve25519xsalsa20poly1305.c +6 -0
- data/vendor/libsodium/src/libsodium/crypto_core/curve25519/ref10/curve25519_ref10.c +78 -17
- data/vendor/libsodium/src/libsodium/crypto_generichash/blake2b/ref/blake2b-ref.c +74 -64
- data/vendor/libsodium/src/libsodium/crypto_hash/sha512/cp/hash_sha512_cp.c +2 -0
- data/vendor/libsodium/src/libsodium/crypto_kx/crypto_kx.c +7 -0
- data/vendor/libsodium/src/libsodium/crypto_onetimeauth/poly1305/donna/poly1305_donna32.h +1 -1
- data/vendor/libsodium/src/libsodium/crypto_onetimeauth/poly1305/donna/poly1305_donna64.h +1 -0
- data/vendor/libsodium/src/libsodium/crypto_onetimeauth/poly1305/sse2/poly1305_sse2.c +17 -17
- data/vendor/libsodium/src/libsodium/crypto_pwhash/argon2/argon2-core.c +53 -48
- data/vendor/libsodium/src/libsodium/crypto_pwhash/argon2/argon2-core.h +37 -11
- data/vendor/libsodium/src/libsodium/crypto_pwhash/argon2/argon2-encoding.c +23 -179
- data/vendor/libsodium/src/libsodium/crypto_pwhash/argon2/argon2-fill-block-avx2.c +4 -12
- data/vendor/libsodium/src/libsodium/crypto_pwhash/argon2/argon2-fill-block-avx512f.c +244 -0
- data/vendor/libsodium/src/libsodium/crypto_pwhash/argon2/argon2-fill-block-ref.c +3 -12
- data/vendor/libsodium/src/libsodium/crypto_pwhash/argon2/argon2-fill-block-ssse3.c +4 -12
- data/vendor/libsodium/src/libsodium/crypto_pwhash/argon2/argon2.c +1 -5
- data/vendor/libsodium/src/libsodium/crypto_pwhash/argon2/argon2.h +1 -1
- data/vendor/libsodium/src/libsodium/crypto_pwhash/argon2/blamka-round-avx512f.h +145 -0
- data/vendor/libsodium/src/libsodium/crypto_pwhash/argon2/pwhash_argon2i.c +91 -14
- data/vendor/libsodium/src/libsodium/crypto_pwhash/argon2/pwhash_argon2id.c +35 -14
- data/vendor/libsodium/src/libsodium/crypto_pwhash/crypto_pwhash.c +41 -4
- data/vendor/libsodium/src/libsodium/crypto_pwhash/scryptsalsa208sha256/crypto_scrypt-common.c +31 -17
- data/vendor/libsodium/src/libsodium/crypto_pwhash/scryptsalsa208sha256/crypto_scrypt.h +4 -0
- data/vendor/libsodium/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pbkdf2-sha256.c +5 -1
- data/vendor/libsodium/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pwhash_scryptsalsa208sha256.c +30 -1
- data/vendor/libsodium/src/libsodium/crypto_pwhash/scryptsalsa208sha256/sse/pwhash_scryptsalsa208sha256_sse.c +8 -0
- data/vendor/libsodium/src/libsodium/crypto_scalarmult/curve25519/scalarmult_curve25519.c +3 -3
- data/vendor/libsodium/src/libsodium/crypto_secretbox/crypto_secretbox.c +6 -0
- data/vendor/libsodium/src/libsodium/crypto_secretbox/crypto_secretbox_easy.c +5 -4
- data/vendor/libsodium/src/libsodium/crypto_secretbox/xchacha20poly1305/secretbox_xchacha20poly1305.c +11 -4
- data/vendor/libsodium/src/libsodium/crypto_secretbox/xsalsa20poly1305/secretbox_xsalsa20poly1305.c +6 -0
- data/vendor/libsodium/src/libsodium/crypto_secretstream/xchacha20poly1305/secretstream_xchacha20poly1305.c +311 -0
- data/vendor/libsodium/src/libsodium/crypto_sign/crypto_sign.c +6 -0
- data/vendor/libsodium/src/libsodium/crypto_sign/ed25519/ref10/ed25519_ref10.h +3 -0
- data/vendor/libsodium/src/libsodium/crypto_sign/ed25519/ref10/keypair.c +9 -2
- data/vendor/libsodium/src/libsodium/crypto_sign/ed25519/ref10/obsolete.c +1 -1
- data/vendor/libsodium/src/libsodium/crypto_sign/ed25519/ref10/open.c +6 -5
- data/vendor/libsodium/src/libsodium/crypto_sign/ed25519/sign_ed25519.c +6 -0
- data/vendor/libsodium/src/libsodium/crypto_stream/chacha20/dolbeau/chacha20_dolbeau-avx2.c +3 -2
- data/vendor/libsodium/src/libsodium/crypto_stream/chacha20/dolbeau/chacha20_dolbeau-ssse3.c +3 -2
- data/vendor/libsodium/src/libsodium/crypto_stream/chacha20/dolbeau/u0.h +1 -1
- data/vendor/libsodium/src/libsodium/crypto_stream/chacha20/ref/chacha20_ref.c +3 -2
- data/vendor/libsodium/src/libsodium/crypto_stream/chacha20/stream_chacha20.c +12 -0
- data/vendor/libsodium/src/libsodium/crypto_stream/crypto_stream.c +6 -0
- data/vendor/libsodium/src/libsodium/crypto_stream/salsa20/stream_salsa20.c +7 -1
- data/vendor/libsodium/src/libsodium/crypto_stream/salsa20/xmm6int/u0.h +1 -1
- data/vendor/libsodium/src/libsodium/crypto_stream/salsa2012/stream_salsa2012.c +6 -0
- data/vendor/libsodium/src/libsodium/crypto_stream/salsa208/stream_salsa208.c +6 -0
- data/vendor/libsodium/src/libsodium/crypto_stream/xchacha20/stream_xchacha20.c +6 -0
- data/vendor/libsodium/src/libsodium/crypto_stream/xsalsa20/stream_xsalsa20.c +6 -0
- data/vendor/libsodium/src/libsodium/crypto_verify/sodium/verify.c +66 -29
- data/vendor/libsodium/src/libsodium/include/Makefile.am +1 -1
- data/vendor/libsodium/src/libsodium/include/sodium.h +2 -2
- data/vendor/libsodium/src/libsodium/include/sodium/core.h +9 -0
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_aead_aes256gcm.h +26 -0
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_aead_chacha20poly1305.h +16 -4
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_aead_xchacha20poly1305.h +10 -4
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_box.h +4 -0
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_box_curve25519xchacha20poly1305.h +6 -0
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_box_curve25519xsalsa20poly1305.h +24 -15
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_core_salsa208.h +8 -4
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_pwhash.h +40 -18
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_pwhash_argon2i.h +8 -2
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_pwhash_argon2id.h +8 -2
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_pwhash_scryptsalsa208sha256.h +11 -3
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_secretbox.h +4 -0
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_secretbox_xchacha20poly1305.h +6 -0
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_secretbox_xsalsa20poly1305.h +17 -8
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_secretstream_xchacha20poly1305.h +102 -0
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_sign.h +4 -0
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_sign_ed25519.h +4 -0
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_sign_edwards25519sha512batch.h +1 -0
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_stream.h +4 -0
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_stream_chacha20.h +10 -0
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_stream_salsa20.h +4 -0
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_stream_salsa2012.h +4 -0
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_stream_salsa208.h +15 -5
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_stream_xchacha20.h +4 -0
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_stream_xsalsa20.h +4 -0
- data/vendor/libsodium/src/libsodium/include/sodium/export.h +9 -0
- data/vendor/libsodium/src/libsodium/include/sodium/private/common.h +11 -0
- data/vendor/libsodium/src/libsodium/include/sodium/private/curve25519_ref10.h +2 -30
- data/vendor/libsodium/src/libsodium/include/sodium/randombytes.h +2 -0
- data/vendor/libsodium/src/libsodium/include/sodium/runtime.h +12 -9
- data/vendor/libsodium/src/libsodium/include/sodium/utils.h +36 -0
- data/vendor/libsodium/src/libsodium/randombytes/nativeclient/randombytes_nativeclient.c +3 -2
- data/vendor/libsodium/src/libsodium/randombytes/randombytes.c +18 -14
- data/vendor/libsodium/src/libsodium/randombytes/salsa20/randombytes_salsa20_random.c +11 -10
- data/vendor/libsodium/src/libsodium/randombytes/sysrandom/randombytes_sysrandom.c +20 -8
- data/vendor/libsodium/src/libsodium/sodium/codecs.c +333 -0
- data/vendor/libsodium/src/libsodium/sodium/core.c +36 -4
- data/vendor/libsodium/src/libsodium/sodium/runtime.c +18 -0
- data/vendor/libsodium/src/libsodium/sodium/utils.c +87 -100
- data/vendor/libsodium/test/constcheck.sh +19 -0
- data/vendor/libsodium/test/default/Makefile.am +39 -7
- data/vendor/libsodium/test/default/aead_aes256gcm.c +6 -0
- data/vendor/libsodium/test/default/aead_chacha20poly1305.c +16 -0
- data/vendor/libsodium/test/default/aead_xchacha20poly1305.c +25 -15
- data/vendor/libsodium/test/default/auth.c +13 -0
- data/vendor/libsodium/test/default/auth.exp +8 -0
- data/vendor/libsodium/test/default/box.c +3 -0
- data/vendor/libsodium/test/default/box2.c +2 -0
- data/vendor/libsodium/test/default/box_easy.c +1 -4
- data/vendor/libsodium/test/default/box_easy2.c +7 -3
- data/vendor/libsodium/test/default/chacha20.c +9 -2
- data/vendor/libsodium/test/default/cmptest.h +47 -1
- data/vendor/libsodium/test/default/codecs.c +226 -0
- data/vendor/libsodium/test/default/codecs.exp +28 -0
- data/vendor/libsodium/test/default/core3.c +42 -15
- data/vendor/libsodium/test/default/ed25519_convert.c +17 -0
- data/vendor/libsodium/test/default/kdf.c +8 -4
- data/vendor/libsodium/test/default/keygen.c +5 -2
- data/vendor/libsodium/test/default/kx.c +30 -0
- data/vendor/libsodium/test/default/metamorphic.c +187 -0
- data/vendor/libsodium/test/default/metamorphic.exp +1 -0
- data/vendor/libsodium/test/default/misuse.c +145 -0
- data/vendor/libsodium/test/default/misuse.exp +0 -0
- data/vendor/libsodium/test/default/onetimeauth.c +2 -0
- data/vendor/libsodium/test/default/{pwhash.c → pwhash_argon2i.c} +133 -106
- data/vendor/libsodium/test/default/{pwhash.exp → pwhash_argon2i.exp} +0 -1
- data/vendor/libsodium/test/default/pwhash_argon2id.c +254 -144
- data/vendor/libsodium/test/default/pwhash_argon2id.exp +2 -3
- data/vendor/libsodium/test/default/pwhash_scrypt.c +61 -18
- data/vendor/libsodium/test/default/pwhash_scrypt.exp +6 -0
- data/vendor/libsodium/test/default/randombytes.c +8 -3
- data/vendor/libsodium/test/default/secretbox.c +8 -0
- data/vendor/libsodium/test/default/secretbox2.c +5 -0
- data/vendor/libsodium/test/default/secretbox_easy.c +19 -1
- data/vendor/libsodium/test/default/secretbox_easy.exp +2 -0
- data/vendor/libsodium/test/default/secretbox_easy2.c +4 -0
- data/vendor/libsodium/test/default/secretstream.c +280 -0
- data/vendor/libsodium/test/default/secretstream.exp +1 -0
- data/vendor/libsodium/test/default/sign.c +31 -0
- data/vendor/libsodium/test/default/sodium_core.c +23 -1
- data/vendor/libsodium/test/default/sodium_core.exp +1 -1
- data/vendor/libsodium/test/default/sodium_utils.c +45 -56
- data/vendor/libsodium/test/default/sodium_utils.exp +0 -8
- data/vendor/libsodium/test/default/stream.c +2 -0
- data/vendor/libsodium/test/default/stream2.c +1 -0
- data/vendor/libsodium/test/default/xchacha20.c +58 -7
- metadata +21 -18
- data/vendor/libsodium/dist-build/emscripten-wasm.sh +0 -132
- data/vendor/libsodium/m4/pkg.m4 +0 -214
- data/vendor/libsodium/packaging/dotnet-core/desktop.targets +0 -16
- data/vendor/libsodium/src/libsodium/crypto_stream/aes128ctr/nacl/afternm_aes128ctr.c +0 -174
- data/vendor/libsodium/src/libsodium/crypto_stream/aes128ctr/nacl/beforenm_aes128ctr.c +0 -66
- data/vendor/libsodium/src/libsodium/crypto_stream/aes128ctr/nacl/common.h +0 -766
- data/vendor/libsodium/src/libsodium/crypto_stream/aes128ctr/nacl/consts.h +0 -28
- data/vendor/libsodium/src/libsodium/crypto_stream/aes128ctr/nacl/consts_aes128ctr.c +0 -28
- data/vendor/libsodium/src/libsodium/crypto_stream/aes128ctr/nacl/int128.h +0 -50
- data/vendor/libsodium/src/libsodium/crypto_stream/aes128ctr/nacl/int128_aes128ctr.c +0 -149
- data/vendor/libsodium/src/libsodium/crypto_stream/aes128ctr/nacl/stream_aes128ctr_nacl.c +0 -31
- data/vendor/libsodium/src/libsodium/crypto_stream/aes128ctr/nacl/xor_afternm_aes128ctr.c +0 -195
- data/vendor/libsodium/src/libsodium/crypto_stream/aes128ctr/stream_aes128ctr.c +0 -19
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_stream_aes128ctr.h +0 -65
@@ -8,31 +8,34 @@
|
|
8
8
|
extern "C" {
|
9
9
|
#endif
|
10
10
|
|
11
|
-
|
11
|
+
SODIUM_EXPORT_WEAK
|
12
12
|
int sodium_runtime_has_neon(void);
|
13
13
|
|
14
|
-
|
14
|
+
SODIUM_EXPORT_WEAK
|
15
15
|
int sodium_runtime_has_sse2(void);
|
16
16
|
|
17
|
-
|
17
|
+
SODIUM_EXPORT_WEAK
|
18
18
|
int sodium_runtime_has_sse3(void);
|
19
19
|
|
20
|
-
|
20
|
+
SODIUM_EXPORT_WEAK
|
21
21
|
int sodium_runtime_has_ssse3(void);
|
22
22
|
|
23
|
-
|
23
|
+
SODIUM_EXPORT_WEAK
|
24
24
|
int sodium_runtime_has_sse41(void);
|
25
25
|
|
26
|
-
|
26
|
+
SODIUM_EXPORT_WEAK
|
27
27
|
int sodium_runtime_has_avx(void);
|
28
28
|
|
29
|
-
|
29
|
+
SODIUM_EXPORT_WEAK
|
30
30
|
int sodium_runtime_has_avx2(void);
|
31
31
|
|
32
|
-
|
32
|
+
SODIUM_EXPORT_WEAK
|
33
|
+
int sodium_runtime_has_avx512f(void);
|
34
|
+
|
35
|
+
SODIUM_EXPORT_WEAK
|
33
36
|
int sodium_runtime_has_pclmul(void);
|
34
37
|
|
35
|
-
|
38
|
+
SODIUM_EXPORT_WEAK
|
36
39
|
int sodium_runtime_has_aesni(void);
|
37
40
|
|
38
41
|
/* ------------------------------------------------------------------------- */
|
@@ -61,6 +61,34 @@ int sodium_hex2bin(unsigned char * const bin, const size_t bin_maxlen,
|
|
61
61
|
const char * const ignore, size_t * const bin_len,
|
62
62
|
const char ** const hex_end);
|
63
63
|
|
64
|
+
#define sodium_base64_VARIANT_ORIGINAL 1
|
65
|
+
#define sodium_base64_VARIANT_ORIGINAL_NO_PADDING 3
|
66
|
+
#define sodium_base64_VARIANT_URLSAFE 5
|
67
|
+
#define sodium_base64_VARIANT_URLSAFE_NO_PADDING 7
|
68
|
+
|
69
|
+
/*
|
70
|
+
* Computes the required length to encode BIN_LEN bytes as a base64 string
|
71
|
+
* using the given variant. The computed length includes a trailing \0.
|
72
|
+
*/
|
73
|
+
#define sodium_base64_ENCODED_LEN(BIN_LEN, VARIANT) \
|
74
|
+
(((BIN_LEN) / 3U) * 4U + \
|
75
|
+
((((BIN_LEN) - ((BIN_LEN) / 3U) * 3U) | (((BIN_LEN) - ((BIN_LEN) / 3U) * 3U) >> 1)) & 1U) * \
|
76
|
+
(4U - (~((((VARIANT) & 2U) >> 1) - 1U) & (3U - ((BIN_LEN) - ((BIN_LEN) / 3U) * 3U)))) + 1U)
|
77
|
+
|
78
|
+
SODIUM_EXPORT
|
79
|
+
size_t sodium_base64_encoded_len(const size_t bin_len, const int variant);
|
80
|
+
|
81
|
+
SODIUM_EXPORT
|
82
|
+
char *sodium_bin2base64(char * const b64, const size_t b64_maxlen,
|
83
|
+
const unsigned char * const bin, const size_t bin_len,
|
84
|
+
const int variant);
|
85
|
+
|
86
|
+
SODIUM_EXPORT
|
87
|
+
int sodium_base642bin(unsigned char * const bin, const size_t bin_maxlen,
|
88
|
+
const char * const b64, const size_t b64_len,
|
89
|
+
const char * const ignore, size_t * const bin_len,
|
90
|
+
const char ** const b64_end, const int variant);
|
91
|
+
|
64
92
|
SODIUM_EXPORT
|
65
93
|
int sodium_mlock(void * const addr, const size_t len);
|
66
94
|
|
@@ -120,6 +148,14 @@ int sodium_mprotect_readonly(void *ptr);
|
|
120
148
|
SODIUM_EXPORT
|
121
149
|
int sodium_mprotect_readwrite(void *ptr);
|
122
150
|
|
151
|
+
SODIUM_EXPORT
|
152
|
+
int sodium_pad(size_t *padded_buflen_p, unsigned char *buf,
|
153
|
+
size_t unpadded_buflen, size_t blocksize, size_t max_buflen);
|
154
|
+
|
155
|
+
SODIUM_EXPORT
|
156
|
+
int sodium_unpad(size_t *unpadded_buflen_p, const unsigned char *buf,
|
157
|
+
size_t padded_buflen, size_t blocksize);
|
158
|
+
|
123
159
|
/* -------- */
|
124
160
|
|
125
161
|
int _sodium_alloc_init(void);
|
@@ -6,6 +6,7 @@
|
|
6
6
|
#ifdef __native_client__
|
7
7
|
# include <irt.h>
|
8
8
|
|
9
|
+
# include "core.h"
|
9
10
|
# include "utils.h"
|
10
11
|
# include "randombytes.h"
|
11
12
|
# include "randombytes_nativeclient.h"
|
@@ -20,12 +21,12 @@ randombytes_nativeclient_buf(void * const buf, const size_t size)
|
|
20
21
|
|
21
22
|
if (nacl_interface_query(NACL_IRT_RANDOM_v0_1, &rand_intf,
|
22
23
|
sizeof rand_intf) != sizeof rand_intf) {
|
23
|
-
|
24
|
+
sodium_misuse();
|
24
25
|
}
|
25
26
|
while (toread > (size_t) 0U) {
|
26
27
|
if (rand_intf.get_random_bytes(buf_, size, &readnb) != 0 ||
|
27
28
|
readnb > size) {
|
28
|
-
|
29
|
+
sodium_misuse();
|
29
30
|
}
|
30
31
|
toread -= readnb;
|
31
32
|
buf_ += readnb;
|
@@ -10,6 +10,7 @@
|
|
10
10
|
# include <emscripten.h>
|
11
11
|
#endif
|
12
12
|
|
13
|
+
#include "core.h"
|
13
14
|
#include "crypto_stream_chacha20.h"
|
14
15
|
#include "randombytes.h"
|
15
16
|
#ifdef RANDOMBYTES_DEFAULT_IMPLEMENTATION
|
@@ -93,22 +94,22 @@ randombytes_stir(void)
|
|
93
94
|
EM_ASM({
|
94
95
|
if (Module.getRandomValue === undefined) {
|
95
96
|
try {
|
96
|
-
var window_ =
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
|
97
|
+
var window_ = 'object' === typeof window ? window : self;
|
98
|
+
var crypto_ = typeof window_.crypto !== 'undefined' ? window_.crypto : window_.msCrypto;
|
99
|
+
var randomValuesStandard = function() {
|
100
|
+
var buf = new Uint32Array(1);
|
101
|
+
crypto_.getRandomValues(buf);
|
102
|
+
return buf[0] >>> 0;
|
103
|
+
};
|
103
104
|
randomValuesStandard();
|
104
105
|
Module.getRandomValue = randomValuesStandard;
|
105
106
|
} catch (e) {
|
106
107
|
try {
|
107
|
-
var crypto = require('crypto')
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
|
108
|
+
var crypto = require('crypto');
|
109
|
+
var randomValueNodeJS = function() {
|
110
|
+
var buf = crypto.randomBytes(4);
|
111
|
+
return (buf[0] << 24 | buf[1] << 16 | buf[2] << 8 | buf[3]) >>> 0;
|
112
|
+
};
|
112
113
|
randomValueNodeJS();
|
113
114
|
Module.getRandomValue = randomValueNodeJS;
|
114
115
|
} catch (e) {
|
@@ -135,10 +136,12 @@ randombytes_uniform(const uint32_t upper_bound)
|
|
135
136
|
if (upper_bound < 2) {
|
136
137
|
return 0;
|
137
138
|
}
|
138
|
-
min = (1U + ~upper_bound) % upper_bound;
|
139
|
+
min = (1U + ~upper_bound) % upper_bound; /* = 2**32 mod upper_bound */
|
139
140
|
do {
|
140
141
|
r = randombytes_random();
|
141
142
|
} while (r < min);
|
143
|
+
/* r is now clamped to a set whose size mod upper_bound == 0
|
144
|
+
* the worst case (2**31+1) requires ~ 2 attempts */
|
142
145
|
|
143
146
|
return r % upper_bound;
|
144
147
|
}
|
@@ -171,8 +174,9 @@ randombytes_buf_deterministic(void * const buf, const size_t size,
|
|
171
174
|
|
172
175
|
COMPILER_ASSERT(randombytes_SEEDBYTES == crypto_stream_chacha20_ietf_KEYBYTES);
|
173
176
|
#if SIZE_MAX > 0x4000000000ULL
|
177
|
+
COMPILER_ASSERT(randombytes_BYTES_MAX <= 0x4000000000ULL);
|
174
178
|
if (size > 0x4000000000ULL) {
|
175
|
-
|
179
|
+
sodium_misuse();
|
176
180
|
}
|
177
181
|
#endif
|
178
182
|
crypto_stream_chacha20_ietf((unsigned char *) buf, (unsigned long long) size,
|
@@ -25,13 +25,14 @@
|
|
25
25
|
# include <poll.h>
|
26
26
|
#endif
|
27
27
|
|
28
|
+
#include "core.h"
|
28
29
|
#include "crypto_core_salsa20.h"
|
29
30
|
#include "crypto_generichash.h"
|
30
31
|
#include "crypto_stream_salsa20.h"
|
32
|
+
#include "private/common.h"
|
31
33
|
#include "randombytes.h"
|
32
34
|
#include "randombytes_salsa20_random.h"
|
33
35
|
#include "utils.h"
|
34
|
-
#include "private/common.h"
|
35
36
|
|
36
37
|
#ifdef _WIN32
|
37
38
|
# include <windows.h>
|
@@ -98,7 +99,7 @@ sodium_hrtime(void)
|
|
98
99
|
struct timeval tv;
|
99
100
|
|
100
101
|
if (gettimeofday(&tv, NULL) != 0) {
|
101
|
-
|
102
|
+
sodium_misuse(); /* LCOV_EXCL_LINE */
|
102
103
|
}
|
103
104
|
ts = ((uint64_t) tv.tv_sec) * 1000000U + (uint64_t) tv.tv_usec;
|
104
105
|
}
|
@@ -172,7 +173,7 @@ randombytes_salsa20_random_random_dev_open(void)
|
|
172
173
|
# endif
|
173
174
|
"/dev/random", NULL
|
174
175
|
};
|
175
|
-
const char
|
176
|
+
const char **device = devices;
|
176
177
|
int fd;
|
177
178
|
|
178
179
|
# if defined(__linux__) && !defined(USE_BLOCKING_RANDOM) && !defined(NO_BLOCKING_RANDOM_POLL)
|
@@ -277,7 +278,7 @@ randombytes_salsa20_random_init(void)
|
|
277
278
|
|
278
279
|
if ((stream.random_data_source_fd =
|
279
280
|
randombytes_salsa20_random_random_dev_open()) == -1) {
|
280
|
-
|
281
|
+
sodium_misuse(); /* LCOV_EXCL_LINE */
|
281
282
|
}
|
282
283
|
errno = errno_save;
|
283
284
|
# endif /* HAVE_SAFE_ARC4RANDOM */
|
@@ -331,29 +332,29 @@ randombytes_salsa20_random_stir(void)
|
|
331
332
|
# elif defined(SYS_getrandom) && defined(__NR_getrandom)
|
332
333
|
if (stream.getrandom_available != 0) {
|
333
334
|
if (randombytes_linux_getrandom(m0, sizeof m0) != 0) {
|
334
|
-
|
335
|
+
sodium_misuse(); /* LCOV_EXCL_LINE */
|
335
336
|
}
|
336
337
|
} else if (stream.random_data_source_fd == -1 ||
|
337
338
|
safe_read(stream.random_data_source_fd, m0,
|
338
339
|
sizeof m0) != (ssize_t) sizeof m0) {
|
339
|
-
|
340
|
+
sodium_misuse(); /* LCOV_EXCL_LINE */
|
340
341
|
}
|
341
342
|
# else
|
342
343
|
if (stream.random_data_source_fd == -1 ||
|
343
344
|
safe_read(stream.random_data_source_fd, m0,
|
344
345
|
sizeof m0) != (ssize_t) sizeof m0) {
|
345
|
-
|
346
|
+
sodium_misuse(); /* LCOV_EXCL_LINE */
|
346
347
|
}
|
347
348
|
# endif
|
348
349
|
|
349
350
|
#else /* _WIN32 */
|
350
351
|
if (! RtlGenRandom((PVOID) m0, (ULONG) sizeof m0)) {
|
351
|
-
|
352
|
+
sodium_misuse(); /* LCOV_EXCL_LINE */
|
352
353
|
}
|
353
354
|
#endif
|
354
355
|
if (crypto_generichash(stream.key, sizeof stream.key, k0, sizeof_k0,
|
355
356
|
hsigma, sizeof hsigma) != 0) {
|
356
|
-
abort(); /* LCOV_EXCL_LINE */
|
357
|
+
abort(); /* really abort -- it should never happen */ /* LCOV_EXCL_LINE */
|
357
358
|
}
|
358
359
|
COMPILER_ASSERT(sizeof stream.key <= sizeof m0);
|
359
360
|
randombytes_salsa20_random_rekey(m0);
|
@@ -370,7 +371,7 @@ randombytes_salsa20_random_stir_if_needed(void)
|
|
370
371
|
if (stream.initialized == 0) {
|
371
372
|
randombytes_salsa20_random_stir();
|
372
373
|
} else if (stream.pid != getpid()) {
|
373
|
-
|
374
|
+
sodium_misuse(); /* LCOV_EXCL_LINE */
|
374
375
|
}
|
375
376
|
#else
|
376
377
|
if (stream.initialized == 0) {
|
@@ -24,6 +24,8 @@
|
|
24
24
|
# include <poll.h>
|
25
25
|
#endif
|
26
26
|
|
27
|
+
#include "core.h"
|
28
|
+
#include "private/common.h"
|
27
29
|
#include "randombytes.h"
|
28
30
|
#include "randombytes_sysrandom.h"
|
29
31
|
#include "utils.h"
|
@@ -34,6 +36,15 @@
|
|
34
36
|
* memory overhead if this API is not being used for other purposes
|
35
37
|
* - `RtlGenRandom` is thus called directly instead. A detailed explanation
|
36
38
|
* can be found here: https://blogs.msdn.microsoft.com/michael_howard/2005/01/14/cryptographically-secure-random-number-on-windows-without-using-cryptoapi/
|
39
|
+
*
|
40
|
+
* In spite of the disclaimer on the `RtlGenRandom` documentation page that was
|
41
|
+
* written back in the Windows XP days, this function is here to stay. The CRT
|
42
|
+
* function `rand_s()` directly depends on it, so touching it would break many
|
43
|
+
* applications released since Windows XP.
|
44
|
+
*
|
45
|
+
* Also note that Rust, Firefox and BoringSSL (thus, Google Chrome and everything
|
46
|
+
* based on Chromium) also depend on it, and that libsodium allows the RNG to be
|
47
|
+
* replaced without patching nor recompiling the library.
|
37
48
|
*/
|
38
49
|
# include <windows.h>
|
39
50
|
# define RtlGenRandom SystemFunction036
|
@@ -68,7 +79,7 @@ randombytes_sysrandom_stir(void)
|
|
68
79
|
static void
|
69
80
|
randombytes_sysrandom_buf(void * const buf, const size_t size)
|
70
81
|
{
|
71
|
-
|
82
|
+
arc4random_buf(buf, size);
|
72
83
|
}
|
73
84
|
|
74
85
|
static int
|
@@ -156,7 +167,7 @@ randombytes_sysrandom_random_dev_open(void)
|
|
156
167
|
# endif
|
157
168
|
"/dev/random", NULL
|
158
169
|
};
|
159
|
-
const char
|
170
|
+
const char **device = devices;
|
160
171
|
int fd;
|
161
172
|
|
162
173
|
# if defined(__linux__) && !defined(USE_BLOCKING_RANDOM) && !defined(NO_BLOCKING_RANDOM_POLL)
|
@@ -253,7 +264,7 @@ randombytes_sysrandom_init(void)
|
|
253
264
|
|
254
265
|
if ((stream.random_data_source_fd =
|
255
266
|
randombytes_sysrandom_random_dev_open()) == -1) {
|
256
|
-
|
267
|
+
sodium_misuse(); /* LCOV_EXCL_LINE */
|
257
268
|
}
|
258
269
|
errno = errno_save;
|
259
270
|
}
|
@@ -323,21 +334,22 @@ randombytes_sysrandom_buf(void * const buf, const size_t size)
|
|
323
334
|
# if defined(SYS_getrandom) && defined(__NR_getrandom)
|
324
335
|
if (stream.getrandom_available != 0) {
|
325
336
|
if (randombytes_linux_getrandom(buf, size) != 0) {
|
326
|
-
|
337
|
+
sodium_misuse(); /* LCOV_EXCL_LINE */
|
327
338
|
}
|
328
339
|
return;
|
329
340
|
}
|
330
341
|
# endif
|
331
342
|
if (stream.random_data_source_fd == -1 ||
|
332
343
|
safe_read(stream.random_data_source_fd, buf, size) != (ssize_t) size) {
|
333
|
-
|
344
|
+
sodium_misuse(); /* LCOV_EXCL_LINE */
|
334
345
|
}
|
335
346
|
#else
|
336
|
-
|
337
|
-
|
347
|
+
COMPILER_ASSERT(randombytes_BYTES_MAX <= 0xffffffffUL);
|
348
|
+
if (size > (size_t) 0xffffffffUL) {
|
349
|
+
sodium_misuse(); /* LCOV_EXCL_LINE */
|
338
350
|
}
|
339
351
|
if (! RtlGenRandom((PVOID) buf, (ULONG) size)) {
|
340
|
-
|
352
|
+
sodium_misuse(); /* LCOV_EXCL_LINE */
|
341
353
|
}
|
342
354
|
#endif
|
343
355
|
}
|
@@ -0,0 +1,333 @@
|
|
1
|
+
#include <assert.h>
|
2
|
+
#include <errno.h>
|
3
|
+
#include <limits.h>
|
4
|
+
#include <stddef.h>
|
5
|
+
#include <stdint.h>
|
6
|
+
#include <stdlib.h>
|
7
|
+
#include <string.h>
|
8
|
+
|
9
|
+
#include "core.h"
|
10
|
+
#include "utils.h"
|
11
|
+
|
12
|
+
/* Derived from original code by CodesInChaos */
|
13
|
+
char *
|
14
|
+
sodium_bin2hex(char *const hex, const size_t hex_maxlen,
|
15
|
+
const unsigned char *const bin, const size_t bin_len)
|
16
|
+
{
|
17
|
+
size_t i = (size_t) 0U;
|
18
|
+
unsigned int x;
|
19
|
+
int b;
|
20
|
+
int c;
|
21
|
+
|
22
|
+
if (bin_len >= SIZE_MAX / 2 || hex_maxlen <= bin_len * 2U) {
|
23
|
+
sodium_misuse(); /* LCOV_EXCL_LINE */
|
24
|
+
}
|
25
|
+
while (i < bin_len) {
|
26
|
+
c = bin[i] & 0xf;
|
27
|
+
b = bin[i] >> 4;
|
28
|
+
x = (unsigned char) (87U + c + (((c - 10U) >> 8) & ~38U)) << 8 |
|
29
|
+
(unsigned char) (87U + b + (((b - 10U) >> 8) & ~38U));
|
30
|
+
hex[i * 2U] = (char) x;
|
31
|
+
x >>= 8;
|
32
|
+
hex[i * 2U + 1U] = (char) x;
|
33
|
+
i++;
|
34
|
+
}
|
35
|
+
hex[i * 2U] = 0U;
|
36
|
+
|
37
|
+
return hex;
|
38
|
+
}
|
39
|
+
|
40
|
+
int
|
41
|
+
sodium_hex2bin(unsigned char *const bin, const size_t bin_maxlen,
|
42
|
+
const char *const hex, const size_t hex_len,
|
43
|
+
const char *const ignore, size_t *const bin_len,
|
44
|
+
const char **const hex_end)
|
45
|
+
{
|
46
|
+
size_t bin_pos = (size_t) 0U;
|
47
|
+
size_t hex_pos = (size_t) 0U;
|
48
|
+
int ret = 0;
|
49
|
+
unsigned char c;
|
50
|
+
unsigned char c_acc = 0U;
|
51
|
+
unsigned char c_alpha0, c_alpha;
|
52
|
+
unsigned char c_num0, c_num;
|
53
|
+
unsigned char c_val;
|
54
|
+
unsigned char state = 0U;
|
55
|
+
|
56
|
+
while (hex_pos < hex_len) {
|
57
|
+
c = (unsigned char) hex[hex_pos];
|
58
|
+
c_num = c ^ 48U;
|
59
|
+
c_num0 = (c_num - 10U) >> 8;
|
60
|
+
c_alpha = (c & ~32U) - 55U;
|
61
|
+
c_alpha0 = ((c_alpha - 10U) ^ (c_alpha - 16U)) >> 8;
|
62
|
+
if ((c_num0 | c_alpha0) == 0U) {
|
63
|
+
if (ignore != NULL && state == 0U && strchr(ignore, c) != NULL) {
|
64
|
+
hex_pos++;
|
65
|
+
continue;
|
66
|
+
}
|
67
|
+
break;
|
68
|
+
}
|
69
|
+
c_val = (c_num0 & c_num) | (c_alpha0 & c_alpha);
|
70
|
+
if (bin_pos >= bin_maxlen) {
|
71
|
+
ret = -1;
|
72
|
+
errno = ERANGE;
|
73
|
+
break;
|
74
|
+
}
|
75
|
+
if (state == 0U) {
|
76
|
+
c_acc = c_val * 16U;
|
77
|
+
} else {
|
78
|
+
bin[bin_pos++] = c_acc | c_val;
|
79
|
+
}
|
80
|
+
state = ~state;
|
81
|
+
hex_pos++;
|
82
|
+
}
|
83
|
+
if (state != 0U) {
|
84
|
+
hex_pos--;
|
85
|
+
errno = EINVAL;
|
86
|
+
ret = -1;
|
87
|
+
}
|
88
|
+
if (ret != 0) {
|
89
|
+
bin_pos = (size_t) 0U;
|
90
|
+
}
|
91
|
+
if (hex_end != NULL) {
|
92
|
+
*hex_end = &hex[hex_pos];
|
93
|
+
} else if (hex_pos != hex_len) {
|
94
|
+
errno = EINVAL;
|
95
|
+
ret = -1;
|
96
|
+
}
|
97
|
+
if (bin_len != NULL) {
|
98
|
+
*bin_len = bin_pos;
|
99
|
+
}
|
100
|
+
return ret;
|
101
|
+
}
|
102
|
+
|
103
|
+
/*
|
104
|
+
* Some macros for constant-time comparisons. These work over values in
|
105
|
+
* the 0..255 range. Returned value is 0x00 on "false", 0xFF on "true".
|
106
|
+
*
|
107
|
+
* Original code by Thomas Pornin.
|
108
|
+
*/
|
109
|
+
#define EQ(x, y) \
|
110
|
+
((((0U - ((unsigned int) (x) ^ (unsigned int) (y))) >> 8) & 0xFF) ^ 0xFF)
|
111
|
+
#define GT(x, y) ((((unsigned int) (y) - (unsigned int) (x)) >> 8) & 0xFF)
|
112
|
+
#define GE(x, y) (GT(y, x) ^ 0xFF)
|
113
|
+
#define LT(x, y) GT(y, x)
|
114
|
+
#define LE(x, y) GE(y, x)
|
115
|
+
|
116
|
+
static int
|
117
|
+
b64_byte_to_char(unsigned int x)
|
118
|
+
{
|
119
|
+
return (LT(x, 26) & (x + 'A')) |
|
120
|
+
(GE(x, 26) & LT(x, 52) & (x + ('a' - 26))) |
|
121
|
+
(GE(x, 52) & LT(x, 62) & (x + ('0' - 52))) | (EQ(x, 62) & '+') |
|
122
|
+
(EQ(x, 63) & '/');
|
123
|
+
}
|
124
|
+
|
125
|
+
static unsigned int
|
126
|
+
b64_char_to_byte(int c)
|
127
|
+
{
|
128
|
+
const unsigned int x =
|
129
|
+
(GE(c, 'A') & LE(c, 'Z') & (c - 'A')) |
|
130
|
+
(GE(c, 'a') & LE(c, 'z') & (c - ('a' - 26))) |
|
131
|
+
(GE(c, '0') & LE(c, '9') & (c - ('0' - 52))) | (EQ(c, '+') & 62) |
|
132
|
+
(EQ(c, '/') & 63);
|
133
|
+
|
134
|
+
return x | (EQ(x, 0) & (EQ(c, 'A') ^ 0xFF));
|
135
|
+
}
|
136
|
+
|
137
|
+
static int
|
138
|
+
b64_byte_to_urlsafe_char(unsigned int x)
|
139
|
+
{
|
140
|
+
return (LT(x, 26) & (x + 'A')) |
|
141
|
+
(GE(x, 26) & LT(x, 52) & (x + ('a' - 26))) |
|
142
|
+
(GE(x, 52) & LT(x, 62) & (x + ('0' - 52))) | (EQ(x, 62) & '-') |
|
143
|
+
(EQ(x, 63) & '_');
|
144
|
+
}
|
145
|
+
|
146
|
+
static unsigned int
|
147
|
+
b64_urlsafe_char_to_byte(int c)
|
148
|
+
{
|
149
|
+
const unsigned x =
|
150
|
+
(GE(c, 'A') & LE(c, 'Z') & (c - 'A')) |
|
151
|
+
(GE(c, 'a') & LE(c, 'z') & (c - ('a' - 26))) |
|
152
|
+
(GE(c, '0') & LE(c, '9') & (c - ('0' - 52))) | (EQ(c, '-') & 62) |
|
153
|
+
(EQ(c, '_') & 63);
|
154
|
+
|
155
|
+
return x | (EQ(x, 0) & (EQ(c, 'A') ^ 0xFF));
|
156
|
+
}
|
157
|
+
|
158
|
+
|
159
|
+
#define VARIANT_NO_PADDING_MASK 0x2U
|
160
|
+
#define VARIANT_URLSAFE_MASK 0x4U
|
161
|
+
|
162
|
+
static void
|
163
|
+
sodium_base64_check_variant(const int variant)
|
164
|
+
{
|
165
|
+
if ((((unsigned int) variant) & ~ 0x6U) != 0x1U) {
|
166
|
+
sodium_misuse();
|
167
|
+
}
|
168
|
+
}
|
169
|
+
|
170
|
+
size_t
|
171
|
+
sodium_base64_encoded_len(const size_t bin_len, const int variant)
|
172
|
+
{
|
173
|
+
sodium_base64_check_variant(variant);
|
174
|
+
|
175
|
+
return sodium_base64_ENCODED_LEN(bin_len, variant);
|
176
|
+
}
|
177
|
+
|
178
|
+
char *
|
179
|
+
sodium_bin2base64(char * const b64, const size_t b64_maxlen,
|
180
|
+
const unsigned char * const bin, const size_t bin_len,
|
181
|
+
const int variant)
|
182
|
+
{
|
183
|
+
size_t acc_len = (size_t) 0;
|
184
|
+
size_t b64_len;
|
185
|
+
size_t b64_pos = (size_t) 0;
|
186
|
+
size_t bin_pos = (size_t) 0;
|
187
|
+
size_t nibbles;
|
188
|
+
size_t remainder;
|
189
|
+
unsigned int acc = 0U;
|
190
|
+
|
191
|
+
sodium_base64_check_variant(variant);
|
192
|
+
nibbles = bin_len / 3;
|
193
|
+
remainder = bin_len - 3 * nibbles;
|
194
|
+
b64_len = nibbles * 4;
|
195
|
+
if (remainder != 0) {
|
196
|
+
if ((((unsigned int) variant) & VARIANT_NO_PADDING_MASK) == 0U) {
|
197
|
+
b64_len += 4;
|
198
|
+
} else {
|
199
|
+
b64_len += 2 + (remainder >> 1);
|
200
|
+
}
|
201
|
+
}
|
202
|
+
if (b64_maxlen <= b64_len) {
|
203
|
+
sodium_misuse();
|
204
|
+
}
|
205
|
+
if ((((unsigned int) variant) & VARIANT_URLSAFE_MASK) != 0U) {
|
206
|
+
while (bin_pos < bin_len) {
|
207
|
+
acc = (acc << 8) + bin[bin_pos++];
|
208
|
+
acc_len += 8;
|
209
|
+
while (acc_len >= 6) {
|
210
|
+
acc_len -= 6;
|
211
|
+
b64[b64_pos++] = (char) b64_byte_to_urlsafe_char((acc >> acc_len) & 0x3F);
|
212
|
+
}
|
213
|
+
}
|
214
|
+
if (acc_len > 0) {
|
215
|
+
b64[b64_pos++] = (char) b64_byte_to_urlsafe_char((acc << (6 - acc_len)) & 0x3F);
|
216
|
+
}
|
217
|
+
} else {
|
218
|
+
while (bin_pos < bin_len) {
|
219
|
+
acc = (acc << 8) + bin[bin_pos++];
|
220
|
+
acc_len += 8;
|
221
|
+
while (acc_len >= 6) {
|
222
|
+
acc_len -= 6;
|
223
|
+
b64[b64_pos++] = (char) b64_byte_to_char((acc >> acc_len) & 0x3F);
|
224
|
+
}
|
225
|
+
}
|
226
|
+
if (acc_len > 0) {
|
227
|
+
b64[b64_pos++] = (char) b64_byte_to_char((acc << (6 - acc_len)) & 0x3F);
|
228
|
+
}
|
229
|
+
}
|
230
|
+
assert(b64_pos <= b64_len);
|
231
|
+
while (b64_pos < b64_len) {
|
232
|
+
b64[b64_pos++] = '=';
|
233
|
+
}
|
234
|
+
do {
|
235
|
+
b64[b64_pos++] = 0U;
|
236
|
+
} while (b64_pos < b64_maxlen);
|
237
|
+
|
238
|
+
return b64;
|
239
|
+
}
|
240
|
+
|
241
|
+
static int
|
242
|
+
_sodium_base642bin_skip_padding(const char * const b64, const size_t b64_len,
|
243
|
+
size_t * const b64_pos_p,
|
244
|
+
const char * const ignore, size_t padding_len)
|
245
|
+
{
|
246
|
+
int c;
|
247
|
+
|
248
|
+
while (padding_len > 0) {
|
249
|
+
if (*b64_pos_p >= b64_len) {
|
250
|
+
errno = ERANGE;
|
251
|
+
return -1;
|
252
|
+
}
|
253
|
+
c = b64[*b64_pos_p];
|
254
|
+
if (c == '=') {
|
255
|
+
padding_len--;
|
256
|
+
} else if (ignore == NULL || strchr(ignore, c) == NULL) {
|
257
|
+
errno = EINVAL;
|
258
|
+
return -1;
|
259
|
+
}
|
260
|
+
(*b64_pos_p)++;
|
261
|
+
}
|
262
|
+
return 0;
|
263
|
+
}
|
264
|
+
|
265
|
+
int
|
266
|
+
sodium_base642bin(unsigned char * const bin, const size_t bin_maxlen,
|
267
|
+
const char * const b64, const size_t b64_len,
|
268
|
+
const char * const ignore, size_t * const bin_len,
|
269
|
+
const char ** const b64_end, const int variant)
|
270
|
+
{
|
271
|
+
size_t acc_len = (size_t) 0;
|
272
|
+
size_t b64_pos = (size_t) 0;
|
273
|
+
size_t bin_pos = (size_t) 0;
|
274
|
+
int is_urlsafe;
|
275
|
+
int ret = 0;
|
276
|
+
unsigned int acc = 0U;
|
277
|
+
unsigned int d;
|
278
|
+
char c;
|
279
|
+
|
280
|
+
sodium_base64_check_variant(variant);
|
281
|
+
is_urlsafe = ((unsigned int) variant) & VARIANT_URLSAFE_MASK;
|
282
|
+
while (b64_pos < b64_len) {
|
283
|
+
c = b64[b64_pos];
|
284
|
+
if (is_urlsafe) {
|
285
|
+
d = b64_urlsafe_char_to_byte(c);
|
286
|
+
} else {
|
287
|
+
d = b64_char_to_byte(c);
|
288
|
+
}
|
289
|
+
if (d == 0xFF) {
|
290
|
+
if (ignore != NULL && strchr(ignore, c) != NULL) {
|
291
|
+
b64_pos++;
|
292
|
+
continue;
|
293
|
+
}
|
294
|
+
break;
|
295
|
+
}
|
296
|
+
acc = (acc << 6) + d;
|
297
|
+
acc_len += 6;
|
298
|
+
if (acc_len >= 8) {
|
299
|
+
acc_len -= 8;
|
300
|
+
if (bin_pos >= bin_maxlen) {
|
301
|
+
errno = ERANGE;
|
302
|
+
ret = -1;
|
303
|
+
break;
|
304
|
+
}
|
305
|
+
bin[bin_pos++] = (acc >> acc_len) & 0xFF;
|
306
|
+
}
|
307
|
+
b64_pos++;
|
308
|
+
}
|
309
|
+
if (acc_len > 4U || (acc & ((1U << acc_len) - 1U)) != 0U) {
|
310
|
+
ret = -1;
|
311
|
+
} else if (ret == 0 &&
|
312
|
+
(((unsigned int) variant) & VARIANT_NO_PADDING_MASK) == 0U) {
|
313
|
+
ret = _sodium_base642bin_skip_padding(b64, b64_len, &b64_pos, ignore,
|
314
|
+
acc_len / 2);
|
315
|
+
}
|
316
|
+
if (ret != 0) {
|
317
|
+
bin_pos = (size_t) 0U;
|
318
|
+
} else if (ignore != NULL) {
|
319
|
+
while (b64_pos < b64_len && strchr(ignore, b64[b64_pos]) != NULL) {
|
320
|
+
b64_pos++;
|
321
|
+
}
|
322
|
+
}
|
323
|
+
if (b64_end != NULL) {
|
324
|
+
*b64_end = &b64[b64_pos];
|
325
|
+
} else if (b64_pos != b64_len) {
|
326
|
+
errno = EINVAL;
|
327
|
+
ret = -1;
|
328
|
+
}
|
329
|
+
if (bin_len != NULL) {
|
330
|
+
*bin_len = bin_pos;
|
331
|
+
}
|
332
|
+
return ret;
|
333
|
+
}
|