rbnacl-libsodium 1.0.2 → 1.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGES.md +4 -0
- data/lib/rbnacl/libsodium/version.rb +1 -1
- data/vendor/libsodium/ChangeLog +20 -1
- data/vendor/libsodium/Makefile.in +39 -27
- data/vendor/libsodium/README.markdown +2 -2
- data/vendor/libsodium/THANKS +2 -0
- data/vendor/libsodium/aclocal.m4 +36 -33
- data/vendor/libsodium/autom4te.cache/output.1 +1118 -841
- data/vendor/libsodium/autom4te.cache/output.4 +17517 -0
- data/vendor/libsodium/autom4te.cache/requests +760 -531
- data/vendor/libsodium/autom4te.cache/traces.1 +13 -14
- data/vendor/libsodium/autom4te.cache/traces.4 +2951 -0
- data/vendor/libsodium/build-aux/compile +1 -1
- data/vendor/libsodium/build-aux/config.guess +13 -160
- data/vendor/libsodium/build-aux/config.sub +25 -11
- data/vendor/libsodium/build-aux/depcomp +1 -1
- data/vendor/libsodium/build-aux/install-sh +170 -196
- data/vendor/libsodium/build-aux/ltmain.sh +3459 -2026
- data/vendor/libsodium/build-aux/missing +1 -1
- data/vendor/libsodium/build-aux/test-driver +12 -3
- data/vendor/libsodium/builds/msvc/version.h +2 -2
- data/vendor/libsodium/builds/msvc/vs2010/libsodium/libsodium.vcxproj +1 -4
- data/vendor/libsodium/builds/msvc/vs2010/libsodium/libsodium.vcxproj.filters +3 -8
- data/vendor/libsodium/builds/msvc/vs2010/test/test.vcxproj +11 -2
- data/vendor/libsodium/builds/msvc/vs2010/test/test.vcxproj.filters +11 -2
- data/vendor/libsodium/builds/msvc/vs2012/libsodium/libsodium.vcxproj +2 -5
- data/vendor/libsodium/builds/msvc/vs2012/libsodium/libsodium.vcxproj.filters +3 -8
- data/vendor/libsodium/builds/msvc/vs2012/test/test.vcxproj +11 -2
- data/vendor/libsodium/builds/msvc/vs2012/test/test.vcxproj.filters +11 -2
- data/vendor/libsodium/builds/msvc/vs2013/libsodium/libsodium.vcxproj +1 -4
- data/vendor/libsodium/builds/msvc/vs2013/libsodium/libsodium.vcxproj.filters +3 -8
- data/vendor/libsodium/builds/msvc/vs2013/test/test.vcxproj +11 -2
- data/vendor/libsodium/builds/msvc/vs2013/test/test.vcxproj.filters +11 -2
- data/vendor/libsodium/builds/msvc/vs2015/libsodium.import.props +52 -0
- data/vendor/libsodium/{packaging/nuget/package.xml → builds/msvc/vs2015/libsodium.import.xml} +2 -7
- data/vendor/libsodium/builds/msvc/vs2015/libsodium.sln +81 -0
- data/vendor/libsodium/builds/msvc/vs2015/libsodium/libsodium.props +43 -0
- data/vendor/libsodium/builds/msvc/vs2015/libsodium/libsodium.vcxproj +352 -0
- data/vendor/libsodium/builds/msvc/vs2015/libsodium/libsodium.vcxproj.filters +1073 -0
- data/vendor/libsodium/builds/msvc/vs2015/libsodium/libsodium.xml +15 -0
- data/vendor/libsodium/builds/msvc/vs2015/test/test.props +43 -0
- data/vendor/libsodium/builds/msvc/vs2015/test/test.runner.bat +78 -0
- data/vendor/libsodium/builds/msvc/vs2015/test/test.vcxproj +241 -0
- data/vendor/libsodium/builds/msvc/vs2015/test/test.vcxproj.filters +189 -0
- data/vendor/libsodium/configure +1117 -840
- data/vendor/libsodium/configure.ac +4 -4
- data/vendor/libsodium/dist-build/Makefile.am +2 -2
- data/vendor/libsodium/dist-build/Makefile.in +19 -7
- data/vendor/libsodium/dist-build/android-arm.sh +3 -2
- data/vendor/libsodium/dist-build/android-armv7-a.sh +4 -0
- data/vendor/libsodium/dist-build/android-build.sh +4 -5
- data/vendor/libsodium/dist-build/android-mips32.sh +4 -0
- data/vendor/libsodium/dist-build/android-x86.sh +3 -2
- data/vendor/libsodium/dist-build/emscripten.sh +4 -5
- data/vendor/libsodium/dist-build/ios.sh +56 -25
- data/vendor/libsodium/dist-build/osx.sh +20 -0
- data/vendor/libsodium/libsodium.vcxproj +1 -0
- data/vendor/libsodium/libsodium.vcxproj.filters +3 -0
- data/vendor/libsodium/m4/libtool.m4 +1366 -1030
- data/vendor/libsodium/m4/ltoptions.m4 +90 -37
- data/vendor/libsodium/m4/ltsugar.m4 +4 -3
- data/vendor/libsodium/m4/ltversion.m4 +6 -6
- data/vendor/libsodium/m4/lt~obsolete.m4 +4 -3
- data/vendor/libsodium/msvc-scripts/Makefile.in +17 -5
- data/vendor/libsodium/msvc-scripts/process.bat +2 -2
- data/vendor/libsodium/packaging/nuget/package.config +1 -1
- data/vendor/libsodium/src/Makefile.in +17 -5
- data/vendor/libsodium/src/libsodium/Makefile.am +7 -2
- data/vendor/libsodium/src/libsodium/Makefile.in +83 -55
- data/vendor/libsodium/src/libsodium/crypto_auth/hmacsha256/auth_hmacsha256_api.c +5 -0
- data/vendor/libsodium/src/libsodium/crypto_auth/hmacsha256/cp/verify_hmacsha256.c +1 -1
- data/vendor/libsodium/src/libsodium/crypto_auth/hmacsha512/auth_hmacsha512_api.c +5 -0
- data/vendor/libsodium/src/libsodium/crypto_auth/hmacsha512/cp/verify_hmacsha512.c +1 -1
- data/vendor/libsodium/src/libsodium/crypto_auth/hmacsha512256/auth_hmacsha512256_api.c +5 -0
- data/vendor/libsodium/src/libsodium/crypto_auth/hmacsha512256/cp/verify_hmacsha512256.c +1 -1
- data/vendor/libsodium/src/libsodium/crypto_box/crypto_box_seal.c +67 -0
- data/vendor/libsodium/src/libsodium/crypto_generichash/crypto_generichash.c +8 -1
- data/vendor/libsodium/src/libsodium/crypto_hash/sha256/hash_sha256_api.c +5 -0
- data/vendor/libsodium/src/libsodium/crypto_hash/sha512/hash_sha512_api.c +5 -0
- data/vendor/libsodium/src/libsodium/crypto_onetimeauth/crypto_onetimeauth.c +12 -6
- data/vendor/libsodium/src/libsodium/crypto_pwhash/scryptsalsa208sha256/crypto_scrypt.h +11 -0
- data/vendor/libsodium/src/libsodium/crypto_pwhash/scryptsalsa208sha256/nosse/pwhash_scryptsalsa208sha256_nosse.c +60 -25
- data/vendor/libsodium/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pwhash_scryptsalsa208sha256.c +12 -12
- data/vendor/libsodium/src/libsodium/crypto_scalarmult/curve25519/donna_c64/smult_curve25519_donna_c64.c +11 -3
- data/vendor/libsodium/src/libsodium/crypto_sign/ed25519/ref10/open.c +1 -1
- data/vendor/libsodium/src/libsodium/crypto_sign/ed25519/ref10/sign.c +1 -4
- data/vendor/libsodium/src/libsodium/crypto_stream/xsalsa20/ref/api.h +1 -0
- data/vendor/libsodium/src/libsodium/crypto_stream/xsalsa20/ref/xor_xsalsa20.c +13 -3
- data/vendor/libsodium/src/libsodium/include/Makefile.in +18 -6
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_auth_hmacsha256.h +9 -5
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_auth_hmacsha512.h +9 -5
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_auth_hmacsha512256.h +6 -2
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_box.h +15 -0
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_generichash.h +2 -0
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_generichash_blake2b.h +1 -1
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_hash_sha256.h +2 -0
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_hash_sha512.h +2 -0
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_onetimeauth.h +2 -0
- data/vendor/libsodium/src/libsodium/include/sodium/crypto_stream_xsalsa20.h +6 -0
- data/vendor/libsodium/src/libsodium/include/sodium/randombytes.h +6 -6
- data/vendor/libsodium/src/libsodium/include/sodium/utils.h +2 -2
- data/vendor/libsodium/src/libsodium/randombytes/randombytes.c +82 -3
- data/vendor/libsodium/src/libsodium/randombytes/salsa20/randombytes_salsa20_random.c +85 -33
- data/vendor/libsodium/src/libsodium/randombytes/sysrandom/randombytes_sysrandom.c +80 -42
- data/vendor/libsodium/src/libsodium/sodium/utils.c +16 -13
- data/vendor/libsodium/test/Makefile.am +1 -1
- data/vendor/libsodium/test/Makefile.in +18 -6
- data/vendor/libsodium/test/default/Makefile.am +9 -3
- data/vendor/libsodium/test/default/Makefile.in +72 -38
- data/vendor/libsodium/test/default/auth.c +8 -0
- data/vendor/libsodium/test/default/auth5.c +0 -2
- data/vendor/libsodium/test/default/auth7.c +0 -2
- data/vendor/libsodium/test/default/box8.c +0 -2
- data/vendor/libsodium/test/default/box_easy2.c +1 -1
- data/vendor/libsodium/test/default/box_seal.c +43 -0
- data/vendor/libsodium/test/default/box_seal.exp +4 -0
- data/vendor/libsodium/test/default/cmptest.h +1 -0
- data/vendor/libsodium/test/default/generichash2.c +1 -0
- data/vendor/libsodium/test/default/hash.c +2 -0
- data/vendor/libsodium/test/default/onetimeauth.c +1 -0
- data/vendor/libsodium/test/default/onetimeauth7.c +0 -2
- data/vendor/libsodium/test/default/pre.js.inc +0 -27
- data/vendor/libsodium/test/default/pwhash.c +18 -5
- data/vendor/libsodium/test/default/randombytes.c +44 -2
- data/vendor/libsodium/test/default/secretbox8.c +0 -2
- data/vendor/libsodium/test/default/sodium_utils2.c +5 -1
- data/vendor/libsodium/test/default/sodium_utils3.c +1 -1
- data/vendor/libsodium/test/default/stream.c +13 -1
- data/vendor/libsodium/test/default/stream.exp +1 -0
- data/vendor/libsodium/test/default/stream2.c +13 -1
- data/vendor/libsodium/test/default/stream2.exp +1 -0
- data/vendor/libsodium/test/quirks/quirks.h +26 -0
- metadata +23 -12
- data/vendor/libsodium/builds/msvc/resource.h +0 -0
- data/vendor/libsodium/builds/msvc/resource.rc +0 -0
- data/vendor/libsodium/dist-build/android-armv7.sh +0 -3
- data/vendor/libsodium/dist-build/android-mips.sh +0 -3
- data/vendor/libsodium/packaging/nuget/package.nuspec +0 -95
- data/vendor/libsodium/packaging/nuget/package.targets +0 -128
- data/vendor/libsodium/test/quirks/windows/windows-quirks.h +0 -18
@@ -12,11 +12,6 @@
|
|
12
12
|
extern "C" {
|
13
13
|
#endif
|
14
14
|
|
15
|
-
typedef struct crypto_auth_hmacsha256_state {
|
16
|
-
crypto_hash_sha256_state ictx;
|
17
|
-
crypto_hash_sha256_state octx;
|
18
|
-
} crypto_auth_hmacsha256_state;
|
19
|
-
|
20
15
|
#define crypto_auth_hmacsha256_BYTES 32U
|
21
16
|
SODIUM_EXPORT
|
22
17
|
size_t crypto_auth_hmacsha256_bytes(void);
|
@@ -37,6 +32,15 @@ int crypto_auth_hmacsha256_verify(const unsigned char *h,
|
|
37
32
|
unsigned long long inlen,
|
38
33
|
const unsigned char *k);
|
39
34
|
|
35
|
+
/* ------------------------------------------------------------------------- */
|
36
|
+
|
37
|
+
typedef struct crypto_auth_hmacsha256_state {
|
38
|
+
crypto_hash_sha256_state ictx;
|
39
|
+
crypto_hash_sha256_state octx;
|
40
|
+
} crypto_auth_hmacsha256_state;
|
41
|
+
SODIUM_EXPORT
|
42
|
+
size_t crypto_auth_hmacsha256_statebytes(void);
|
43
|
+
|
40
44
|
SODIUM_EXPORT
|
41
45
|
int crypto_auth_hmacsha256_init(crypto_auth_hmacsha256_state *state,
|
42
46
|
const unsigned char *key,
|
@@ -12,11 +12,6 @@
|
|
12
12
|
extern "C" {
|
13
13
|
#endif
|
14
14
|
|
15
|
-
typedef struct crypto_auth_hmacsha512_state {
|
16
|
-
crypto_hash_sha512_state ictx;
|
17
|
-
crypto_hash_sha512_state octx;
|
18
|
-
} crypto_auth_hmacsha512_state;
|
19
|
-
|
20
15
|
#define crypto_auth_hmacsha512_BYTES 64U
|
21
16
|
SODIUM_EXPORT
|
22
17
|
size_t crypto_auth_hmacsha512_bytes(void);
|
@@ -37,6 +32,15 @@ int crypto_auth_hmacsha512_verify(const unsigned char *h,
|
|
37
32
|
unsigned long long inlen,
|
38
33
|
const unsigned char *k);
|
39
34
|
|
35
|
+
/* ------------------------------------------------------------------------- */
|
36
|
+
|
37
|
+
typedef struct crypto_auth_hmacsha512_state {
|
38
|
+
crypto_hash_sha512_state ictx;
|
39
|
+
crypto_hash_sha512_state octx;
|
40
|
+
} crypto_auth_hmacsha512_state;
|
41
|
+
SODIUM_EXPORT
|
42
|
+
size_t crypto_auth_hmacsha512_statebytes(void);
|
43
|
+
|
40
44
|
SODIUM_EXPORT
|
41
45
|
int crypto_auth_hmacsha512_init(crypto_auth_hmacsha512_state *state,
|
42
46
|
const unsigned char *key,
|
@@ -12,8 +12,6 @@
|
|
12
12
|
extern "C" {
|
13
13
|
#endif
|
14
14
|
|
15
|
-
typedef struct crypto_auth_hmacsha512_state crypto_auth_hmacsha512256_state;
|
16
|
-
|
17
15
|
#define crypto_auth_hmacsha512256_BYTES 32U
|
18
16
|
SODIUM_EXPORT
|
19
17
|
size_t crypto_auth_hmacsha512256_bytes(void);
|
@@ -32,6 +30,12 @@ int crypto_auth_hmacsha512256_verify(const unsigned char *h,
|
|
32
30
|
unsigned long long inlen,
|
33
31
|
const unsigned char *k);
|
34
32
|
|
33
|
+
/* ------------------------------------------------------------------------- */
|
34
|
+
|
35
|
+
typedef crypto_auth_hmacsha512_state crypto_auth_hmacsha512256_state;
|
36
|
+
SODIUM_EXPORT
|
37
|
+
size_t crypto_auth_hmacsha512256_statebytes(void);
|
38
|
+
|
35
39
|
SODIUM_EXPORT
|
36
40
|
int crypto_auth_hmacsha512256_init(crypto_auth_hmacsha512256_state *state,
|
37
41
|
const unsigned char *key,
|
@@ -106,6 +106,21 @@ int crypto_box_open_detached_afternm(unsigned char *m, const unsigned char *c,
|
|
106
106
|
unsigned long long clen, const unsigned char *n,
|
107
107
|
const unsigned char *k);
|
108
108
|
|
109
|
+
/* -- Ephemeral SK interface -- */
|
110
|
+
|
111
|
+
#define crypto_box_SEALBYTES (crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES)
|
112
|
+
SODIUM_EXPORT
|
113
|
+
size_t crypto_box_sealbytes(void);
|
114
|
+
|
115
|
+
SODIUM_EXPORT
|
116
|
+
int crypto_box_seal(unsigned char *c, const unsigned char *m,
|
117
|
+
unsigned long long mlen, const unsigned char *pk);
|
118
|
+
|
119
|
+
SODIUM_EXPORT
|
120
|
+
int crypto_box_seal_open(unsigned char *m, const unsigned char *c,
|
121
|
+
unsigned long long clen,
|
122
|
+
const unsigned char *pk, const unsigned char *sk);
|
123
|
+
|
109
124
|
/* -- NaCl compatibility interface ; Requires padding -- */
|
110
125
|
|
111
126
|
#define crypto_box_ZEROBYTES crypto_box_curve25519xsalsa20poly1305_ZEROBYTES
|
@@ -42,6 +42,8 @@ SODIUM_EXPORT
|
|
42
42
|
const char *crypto_generichash_primitive(void);
|
43
43
|
|
44
44
|
typedef crypto_generichash_blake2b_state crypto_generichash_state;
|
45
|
+
SODIUM_EXPORT
|
46
|
+
size_t crypto_generichash_statebytes(void);
|
45
47
|
|
46
48
|
SODIUM_EXPORT
|
47
49
|
int crypto_generichash(unsigned char *out, size_t outlen,
|
@@ -10,6 +10,7 @@
|
|
10
10
|
*/
|
11
11
|
|
12
12
|
#include <stddef.h>
|
13
|
+
#include <stdint.h>
|
13
14
|
#include "export.h"
|
14
15
|
|
15
16
|
#ifdef __cplusplus
|
@@ -36,6 +37,11 @@ int crypto_stream_xsalsa20_xor(unsigned char *c, const unsigned char *m,
|
|
36
37
|
unsigned long long mlen, const unsigned char *n,
|
37
38
|
const unsigned char *k);
|
38
39
|
|
40
|
+
SODIUM_EXPORT
|
41
|
+
int crypto_stream_xsalsa20_xor_ic(unsigned char *c, const unsigned char *m,
|
42
|
+
unsigned long long mlen,
|
43
|
+
const unsigned char *n, uint64_t ic,
|
44
|
+
const unsigned char *k);
|
39
45
|
#ifdef __cplusplus
|
40
46
|
}
|
41
47
|
#endif
|
@@ -17,12 +17,12 @@ extern "C" {
|
|
17
17
|
#endif
|
18
18
|
|
19
19
|
typedef struct randombytes_implementation {
|
20
|
-
const char *(*implementation_name)(void);
|
21
|
-
uint32_t (*random)(void);
|
22
|
-
void (*stir)(void);
|
23
|
-
uint32_t (*uniform)(const uint32_t upper_bound);
|
24
|
-
void (*buf)(void * const buf, const size_t size);
|
25
|
-
int (*close)(void);
|
20
|
+
const char *(*implementation_name)(void); /* required */
|
21
|
+
uint32_t (*random)(void); /* required */
|
22
|
+
void (*stir)(void); /* optional */
|
23
|
+
uint32_t (*uniform)(const uint32_t upper_bound); /* optional, a default implementation will be used if NULL */
|
24
|
+
void (*buf)(void * const buf, const size_t size); /* required */
|
25
|
+
int (*close)(void); /* optional */
|
26
26
|
} randombytes_implementation;
|
27
27
|
|
28
28
|
SODIUM_EXPORT
|
@@ -73,8 +73,8 @@ int sodium_munlock(void * const addr, const size_t len);
|
|
73
73
|
* either 357 or 361 bytes. For this reason, when using sodium_malloc() to
|
74
74
|
* allocate a crypto_generichash_state structure, padding must be added in
|
75
75
|
* order to ensure proper alignment:
|
76
|
-
* state = sodium_malloc((
|
77
|
-
*
|
76
|
+
* state = sodium_malloc((crypto_generichash_statebytes() + (size_t) 63U)
|
77
|
+
* & ~(size_t) 63U);
|
78
78
|
*/
|
79
79
|
|
80
80
|
SODIUM_EXPORT
|
@@ -5,11 +5,19 @@
|
|
5
5
|
#include <limits.h>
|
6
6
|
#include <stdint.h>
|
7
7
|
|
8
|
+
#ifdef __EMSCRIPTEN__
|
9
|
+
# include <emscripten.h>
|
10
|
+
#endif
|
11
|
+
|
8
12
|
#include "randombytes.h"
|
9
13
|
#include "randombytes_sysrandom.h"
|
10
14
|
|
15
|
+
#ifndef __EMSCRIPTEN__
|
11
16
|
static const randombytes_implementation *implementation =
|
12
17
|
&randombytes_sysrandom_implementation;
|
18
|
+
#else
|
19
|
+
static const randombytes_implementation *implementation = NULL;
|
20
|
+
#endif
|
13
21
|
|
14
22
|
int
|
15
23
|
randombytes_set_implementation(randombytes_implementation *impl)
|
@@ -22,39 +30,110 @@ randombytes_set_implementation(randombytes_implementation *impl)
|
|
22
30
|
const char *
|
23
31
|
randombytes_implementation_name(void)
|
24
32
|
{
|
33
|
+
#ifndef __EMSCRIPTEN__
|
25
34
|
return implementation->implementation_name();
|
35
|
+
#else
|
36
|
+
return "js";
|
37
|
+
#endif
|
26
38
|
}
|
27
39
|
|
28
40
|
uint32_t
|
29
41
|
randombytes_random(void)
|
30
42
|
{
|
43
|
+
#ifndef __EMSCRIPTEN__
|
31
44
|
return implementation->random();
|
45
|
+
#else
|
46
|
+
return EM_ASM_INT_V({
|
47
|
+
return Module.getRandomValue();
|
48
|
+
});
|
49
|
+
#endif
|
32
50
|
}
|
33
51
|
|
34
52
|
void
|
35
53
|
randombytes_stir(void)
|
36
54
|
{
|
37
|
-
|
55
|
+
#ifndef __EMSCRIPTEN__
|
56
|
+
if (implementation != NULL && implementation->stir != NULL) {
|
57
|
+
implementation->stir();
|
58
|
+
}
|
59
|
+
#else
|
60
|
+
EM_ASM({
|
61
|
+
if (Module.getRandomValue === undefined) {
|
62
|
+
try {
|
63
|
+
var crypto_ = ("object" === typeof window ? window : self).crypto,
|
64
|
+
randomValuesStandard = function() {
|
65
|
+
var buf = new Uint32Array(1);
|
66
|
+
crypto_.getRandomValues(buf);
|
67
|
+
return buf[0] >>> 0;
|
68
|
+
};
|
69
|
+
randomValuesStandard();
|
70
|
+
Module.getRandomValue = randomValuesStandard;
|
71
|
+
} catch (e) {
|
72
|
+
try {
|
73
|
+
var crypto = require('crypto'),
|
74
|
+
randomValueIOJS = function() {
|
75
|
+
var buf = crypto.randomBytes(4);
|
76
|
+
return (buf[0] << 24 | buf[1] << 16 | buf[2] << 8 | buf[3]) >>> 0;
|
77
|
+
};
|
78
|
+
randomValueIOJS();
|
79
|
+
Module.getRandomValue = randomValueIOJS;
|
80
|
+
} catch (e) {
|
81
|
+
throw 'No secure random number generator found';
|
82
|
+
}
|
83
|
+
}
|
84
|
+
}
|
85
|
+
});
|
86
|
+
#endif
|
38
87
|
}
|
39
88
|
|
89
|
+
/*
|
90
|
+
* randombytes_uniform() derives from OpenBSD's arc4random_uniform()
|
91
|
+
* Copyright (c) 2008, Damien Miller <djm@openbsd.org>
|
92
|
+
*/
|
40
93
|
uint32_t
|
41
94
|
randombytes_uniform(const uint32_t upper_bound)
|
42
95
|
{
|
43
|
-
|
96
|
+
uint32_t min;
|
97
|
+
uint32_t r;
|
98
|
+
|
99
|
+
if (implementation != NULL && implementation->uniform != NULL) {
|
100
|
+
return implementation->uniform(upper_bound);
|
101
|
+
}
|
102
|
+
if (upper_bound < 2) {
|
103
|
+
return 0;
|
104
|
+
}
|
105
|
+
min = (uint32_t) (-upper_bound % upper_bound);
|
106
|
+
do {
|
107
|
+
r = randombytes_random();
|
108
|
+
} while (r < min);
|
109
|
+
|
110
|
+
return r % upper_bound;
|
44
111
|
}
|
45
112
|
|
46
113
|
void
|
47
114
|
randombytes_buf(void * const buf, const size_t size)
|
48
115
|
{
|
116
|
+
#ifndef __EMSCRIPTEN__
|
49
117
|
if (size > (size_t) 0U) {
|
50
118
|
implementation->buf(buf, size);
|
51
119
|
}
|
120
|
+
#else
|
121
|
+
unsigned char *p = buf;
|
122
|
+
size_t i;
|
123
|
+
|
124
|
+
for (i = (size_t) 0U; i < size; i++) {
|
125
|
+
p[i] = (unsigned char) randombytes_random();
|
126
|
+
}
|
127
|
+
#endif
|
52
128
|
}
|
53
129
|
|
54
130
|
int
|
55
131
|
randombytes_close(void)
|
56
132
|
{
|
57
|
-
|
133
|
+
if (implementation != NULL && implementation->close != NULL) {
|
134
|
+
return implementation->close();
|
135
|
+
}
|
136
|
+
return 0;
|
58
137
|
}
|
59
138
|
|
60
139
|
void
|
@@ -4,6 +4,9 @@
|
|
4
4
|
# include <sys/stat.h>
|
5
5
|
# include <sys/time.h>
|
6
6
|
#endif
|
7
|
+
#ifdef __linux__
|
8
|
+
# include <sys/syscall.h>
|
9
|
+
#endif
|
7
10
|
|
8
11
|
#include <assert.h>
|
9
12
|
#include <errno.h>
|
@@ -49,12 +52,14 @@ typedef struct Salsa20Random_ {
|
|
49
52
|
#endif
|
50
53
|
int random_data_source_fd;
|
51
54
|
int initialized;
|
55
|
+
int getrandom_available;
|
52
56
|
} Salsa20Random;
|
53
57
|
|
54
58
|
static Salsa20Random stream = {
|
55
59
|
SODIUM_C99(.random_data_source_fd =) -1,
|
56
60
|
SODIUM_C99(.rnd32_outleft =) (size_t) 0U,
|
57
|
-
SODIUM_C99(.initialized =) 0
|
61
|
+
SODIUM_C99(.initialized =) 0,
|
62
|
+
SODIUM_C99(.getrandom_available =) 0
|
58
63
|
};
|
59
64
|
|
60
65
|
static uint64_t
|
@@ -86,14 +91,14 @@ sodium_hrtime(void)
|
|
86
91
|
|
87
92
|
#ifndef _WIN32
|
88
93
|
static ssize_t
|
89
|
-
safe_read(const int fd, void * const buf_, size_t
|
94
|
+
safe_read(const int fd, void * const buf_, size_t size)
|
90
95
|
{
|
91
96
|
unsigned char *buf = (unsigned char *) buf_;
|
92
97
|
ssize_t readnb;
|
93
98
|
|
94
|
-
assert(
|
99
|
+
assert(size > (size_t) 0U);
|
95
100
|
do {
|
96
|
-
while ((readnb = read(fd, buf,
|
101
|
+
while ((readnb = read(fd, buf, size)) < (ssize_t) 0 &&
|
97
102
|
(errno == EINTR || errno == EAGAIN)); /* LCOV_EXCL_LINE */
|
98
103
|
if (readnb < (ssize_t) 0) {
|
99
104
|
return readnb; /* LCOV_EXCL_LINE */
|
@@ -101,9 +106,9 @@ safe_read(const int fd, void * const buf_, size_t count)
|
|
101
106
|
if (readnb == (ssize_t) 0) {
|
102
107
|
break; /* LCOV_EXCL_LINE */
|
103
108
|
}
|
104
|
-
|
109
|
+
size -= (size_t) readnb;
|
105
110
|
buf += readnb;
|
106
|
-
} while (
|
111
|
+
} while (size > (ssize_t) 0);
|
107
112
|
|
108
113
|
return (ssize_t) (buf - (unsigned char *) buf_);
|
109
114
|
}
|
@@ -145,6 +150,42 @@ randombytes_salsa20_random_random_dev_open(void)
|
|
145
150
|
/* LCOV_EXCL_STOP */
|
146
151
|
}
|
147
152
|
|
153
|
+
#ifdef SYS_getrandom
|
154
|
+
static int
|
155
|
+
_randombytes_linux_getrandom(void * const buf, const size_t size)
|
156
|
+
{
|
157
|
+
int readnb;
|
158
|
+
|
159
|
+
assert(size <= 256U);
|
160
|
+
do {
|
161
|
+
readnb = syscall(SYS_getrandom, buf, (int) size, 0);
|
162
|
+
} while (readnb < 0 && (errno == EINTR || errno == EAGAIN));
|
163
|
+
|
164
|
+
return (readnb == (int) size) - 1;
|
165
|
+
}
|
166
|
+
|
167
|
+
static int
|
168
|
+
randombytes_linux_getrandom(void * const buf_, size_t size)
|
169
|
+
{
|
170
|
+
unsigned char *buf = (unsigned char *) buf_;
|
171
|
+
size_t chunk_size = 256U;
|
172
|
+
|
173
|
+
do {
|
174
|
+
if (size < chunk_size) {
|
175
|
+
chunk_size = size;
|
176
|
+
assert(chunk_size > (size_t) 0U);
|
177
|
+
}
|
178
|
+
if (_randombytes_linux_getrandom(buf, chunk_size) != 0) {
|
179
|
+
return -1;
|
180
|
+
}
|
181
|
+
size -= chunk_size;
|
182
|
+
buf += chunk_size;
|
183
|
+
} while (size > (size_t) 0U);
|
184
|
+
|
185
|
+
return 0;
|
186
|
+
}
|
187
|
+
#endif
|
188
|
+
|
148
189
|
static void
|
149
190
|
randombytes_salsa20_random_init(void)
|
150
191
|
{
|
@@ -153,6 +194,19 @@ randombytes_salsa20_random_init(void)
|
|
153
194
|
stream.nonce = sodium_hrtime();
|
154
195
|
assert(stream.nonce != (uint64_t) 0U);
|
155
196
|
|
197
|
+
# ifdef SYS_getrandom
|
198
|
+
{
|
199
|
+
unsigned char fodder[16];
|
200
|
+
|
201
|
+
if (randombytes_linux_getrandom(fodder, sizeof fodder) == 0) {
|
202
|
+
stream.getrandom_available = 1;
|
203
|
+
errno = errno_save;
|
204
|
+
return;
|
205
|
+
}
|
206
|
+
stream.getrandom_available = 0;
|
207
|
+
}
|
208
|
+
# endif
|
209
|
+
|
156
210
|
if ((stream.random_data_source_fd =
|
157
211
|
randombytes_salsa20_random_random_dev_open()) == -1) {
|
158
212
|
abort(); /* LCOV_EXCL_LINE */
|
@@ -191,10 +245,23 @@ randombytes_salsa20_random_stir(void)
|
|
191
245
|
stream.initialized = 1;
|
192
246
|
}
|
193
247
|
#ifndef _WIN32
|
194
|
-
|
248
|
+
# ifdef SYS_getrandom
|
249
|
+
if (stream.getrandom_available != 0) {
|
250
|
+
if (randombytes_linux_getrandom(m0, sizeof m0) != 0) {
|
251
|
+
abort(); /* LCOV_EXCL_LINE */
|
252
|
+
}
|
253
|
+
} else if (stream.random_data_source_fd == -1 ||
|
254
|
+
safe_read(stream.random_data_source_fd, m0,
|
255
|
+
sizeof m0) != (ssize_t) sizeof m0) {
|
256
|
+
abort(); /* LCOV_EXCL_LINE */
|
257
|
+
}
|
258
|
+
# else
|
259
|
+
if (stream.random_data_source_fd == -1 ||
|
260
|
+
safe_read(stream.random_data_source_fd, m0,
|
195
261
|
sizeof m0) != (ssize_t) sizeof m0) {
|
196
262
|
abort(); /* LCOV_EXCL_LINE */
|
197
263
|
}
|
264
|
+
# endif
|
198
265
|
#else /* _WIN32 */
|
199
266
|
if (! RtlGenRandom((PVOID) m0, (ULONG) sizeof m0)) {
|
200
267
|
abort(); /* LCOV_EXCL_LINE */
|
@@ -277,6 +344,11 @@ randombytes_salsa20_random_close(void)
|
|
277
344
|
stream.initialized = 0;
|
278
345
|
ret = 0;
|
279
346
|
}
|
347
|
+
# ifdef SYS_getrandom
|
348
|
+
if (stream.getrandom_available != 0) {
|
349
|
+
ret = 0;
|
350
|
+
}
|
351
|
+
# endif
|
280
352
|
#else /* _WIN32 */
|
281
353
|
if (stream.initialized != 0) {
|
282
354
|
stream.initialized = 0;
|
@@ -295,7 +367,8 @@ randombytes_salsa20_random(void)
|
|
295
367
|
void
|
296
368
|
randombytes_salsa20_random_buf(void * const buf, const size_t size)
|
297
369
|
{
|
298
|
-
|
370
|
+
size_t i;
|
371
|
+
int ret;
|
299
372
|
|
300
373
|
randombytes_salsa20_random_stir_if_needed();
|
301
374
|
COMPILER_ASSERT(sizeof stream.nonce == crypto_stream_salsa20_NONCEBYTES);
|
@@ -306,35 +379,14 @@ randombytes_salsa20_random_buf(void * const buf, const size_t size)
|
|
306
379
|
ret = crypto_stream_salsa20((unsigned char *) buf, (unsigned long long) size,
|
307
380
|
(unsigned char *) &stream.nonce, stream.key);
|
308
381
|
assert(ret == 0);
|
382
|
+
for (i = 0U; i < sizeof size; i++) {
|
383
|
+
stream.key[i] ^= ((const unsigned char *) (const void *) &size)[i];
|
384
|
+
}
|
309
385
|
stream.nonce++;
|
310
386
|
crypto_stream_salsa20_xor(stream.key, stream.key, sizeof stream.key,
|
311
387
|
(unsigned char *) &stream.nonce, stream.key);
|
312
388
|
}
|
313
389
|
|
314
|
-
/*
|
315
|
-
* randombytes_salsa20_random_uniform() derives from OpenBSD's arc4random_uniform()
|
316
|
-
* Copyright (c) 2008, Damien Miller <djm@openbsd.org>
|
317
|
-
*/
|
318
|
-
|
319
|
-
uint32_t
|
320
|
-
randombytes_salsa20_random_uniform(const uint32_t upper_bound)
|
321
|
-
{
|
322
|
-
uint32_t min;
|
323
|
-
uint32_t r;
|
324
|
-
|
325
|
-
if (upper_bound < 2) {
|
326
|
-
return 0;
|
327
|
-
}
|
328
|
-
min = (uint32_t) (-upper_bound % upper_bound);
|
329
|
-
for (;;) {
|
330
|
-
r = randombytes_salsa20_random();
|
331
|
-
if (r >= min) {
|
332
|
-
break;
|
333
|
-
}
|
334
|
-
} /* LCOV_EXCL_LINE */
|
335
|
-
return r % upper_bound;
|
336
|
-
}
|
337
|
-
|
338
390
|
const char *
|
339
391
|
randombytes_salsa20_implementation_name(void)
|
340
392
|
{
|
@@ -345,7 +397,7 @@ struct randombytes_implementation randombytes_salsa20_implementation = {
|
|
345
397
|
SODIUM_C99(.implementation_name =) randombytes_salsa20_implementation_name,
|
346
398
|
SODIUM_C99(.random =) randombytes_salsa20_random,
|
347
399
|
SODIUM_C99(.stir =) randombytes_salsa20_random_stir,
|
348
|
-
SODIUM_C99(.uniform =)
|
400
|
+
SODIUM_C99(.uniform =) NULL,
|
349
401
|
SODIUM_C99(.buf =) randombytes_salsa20_random_buf,
|
350
402
|
SODIUM_C99(.close =) randombytes_salsa20_random_close
|
351
403
|
};
|