RubyGems - rbnacl-libsodium - Versions diffs - 1.0.6 → 1.0.7 - Mend

rbnacl-libsodium 1.0.6 → 1.0.7

Files changed (243) hide show

data/vendor/libsodium/src/libsodium/crypto_aead/aes256gcm/aesni/aead_aes256gcm_aesni.c CHANGED

@@ -173,7 +173,7 @@ aesni_encrypt1(unsigned char *out, __m128i nv, const __m128i *rkeys)
     X(6);        \
     X(7)
-#define COUNTER_INC2(N) (*(uint32_t *) &(N)[12]) = (2U + (((*(uint32_t *) &(N)[12]))))
+#define COUNTER_INC2(N) (N)[3] += 2
 /* create a function of unrolling N ; the MAKEN is the unrolling
    macro, defined above. The N in MAKEN must match N, obviously. */
@@ -518,8 +518,8 @@ crypto_aead_aes256gcm_encrypt_afternm(unsigned char *c, unsigned long long *clen
     unsigned long long  i, j;
     unsigned long long  adlen_rnd64 = adlen & ~63ULL;
     unsigned long long  mlen_rnd128 = mlen & ~127ULL;
+    CRYPTO_ALIGN(16) uint32_t      n2[4];
     CRYPTO_ALIGN(16) unsigned char H[16];
-    CRYPTO_ALIGN(16) unsigned char n2[16];
     CRYPTO_ALIGN(16) unsigned char T[16];
     CRYPTO_ALIGN(16) unsigned char accum[16];
     CRYPTO_ALIGN(16) unsigned char fb[16];
@@ -529,13 +529,16 @@ crypto_aead_aes256gcm_encrypt_afternm(unsigned char *c, unsigned long long *clen
     if (mlen > 16ULL * (1ULL << 32)) {
         abort();
     }
-    memcpy(&n2[0], npub, 12);
-    *(uint32_t *) &n2[12] = 0x01000000;
+    memcpy(&n2[0], npub, 3 * 4);
+    n2[3] = 0x01000000;
     aesni_encrypt1(T, _mm_load_si128((const __m128i *) n2), rkeys);
-    (*(uint64_t *) &fb[0]) = _bswap64((uint64_t) (8 * adlen));
-    (*(uint64_t *) &fb[8]) = _bswap64((uint64_t) (8 * mlen));
+    {
+        uint64_t x;
+        x = _bswap64((uint64_t) (8 * adlen));
+        memcpy(&fb[0], &x, sizeof x);
+        x = _bswap64((uint64_t) (8 * mlen));
+        memcpy(&fb[8], &x, sizeof x);
+    }
     /* we store H (and it's power) byte-reverted once and for all */
     Hv = _mm_shuffle_epi8(_mm_load_si128((const __m128i *) H), rev);
     _mm_store_si128((__m128i *) H, Hv);
@@ -571,7 +574,7 @@ crypto_aead_aes256gcm_encrypt_afternm(unsigned char *c, unsigned long long *clen
         const int lb = iter * 16;                                                                    \
                                                                                                      \
         for (i = 0; i < mlen_rnd128; i += lb) {                                                      \
-            aesni_encrypt8full(c + i, (uint32_t *) n2, rkeys, m + i, accum, Hv, H2v, H3v, H4v, rev); \
+            aesni_encrypt8full(c + i, n2, rkeys, m + i, accum, Hv, H2v, H3v, H4v, rev);              \
         }                                                                                            \
     } while(0)
@@ -585,7 +588,7 @@ crypto_aead_aes256gcm_encrypt_afternm(unsigned char *c, unsigned long long *clen
             CRYPTO_ALIGN(16) unsigned char outni[8 * 16];    \
             unsigned long long mj = lb;                      \
                                                              \
-            aesni_encrypt8(outni, (uint32_t *) n2, rkeys);   \
+            aesni_encrypt8(outni, n2, rkeys);                \
             if ((i + mj) >= mlen) {                          \
                 mj = mlen - i;                               \
             }                                                \
@@ -603,7 +606,7 @@ crypto_aead_aes256gcm_encrypt_afternm(unsigned char *c, unsigned long long *clen
         }                                                    \
     } while(0)
-    n2[15] = 0;
+    n2[3] &= 0x00ffffff;
     COUNTER_INC2(n2);
     LOOPRND128;
     LOOPRMD128;
@@ -635,8 +638,8 @@ crypto_aead_aes256gcm_decrypt_afternm(unsigned char *m, unsigned long long *mlen
     unsigned long long  adlen_rnd64 = adlen & ~63ULL;
     unsigned long long  mlen;
     unsigned long long  mlen_rnd128;
+    CRYPTO_ALIGN(16) uint32_t      n2[4];
     CRYPTO_ALIGN(16) unsigned char H[16];
-    CRYPTO_ALIGN(16) unsigned char n2[16];
     CRYPTO_ALIGN(16) unsigned char T[16];
     CRYPTO_ALIGN(16) unsigned char accum[16];
     CRYPTO_ALIGN(16) unsigned char fb[16];
@@ -653,13 +656,16 @@ crypto_aead_aes256gcm_decrypt_afternm(unsigned char *m, unsigned long long *mlen
     }
     mlen = clen - 16;
-    memcpy(&n2[0], npub, 12);
-    *(uint32_t *) &n2[12] = 0x01000000;
+    memcpy(&n2[0], npub, 3 * 4);
+    n2[3] = 0x01000000;
     aesni_encrypt1(T, _mm_load_si128((const __m128i *) n2), rkeys);
-    (*(uint64_t *) &fb[0]) = _bswap64((uint64_t)(8 * adlen));
-    (*(uint64_t *) &fb[8]) = _bswap64((uint64_t)(8 * mlen));
+    {
+        uint64_t x;
+        x = _bswap64((uint64_t)(8 * adlen));
+        memcpy(&fb[0], &x, sizeof x);
+        x = _bswap64((uint64_t)(8 * mlen));
+        memcpy(&fb[8], &x, sizeof x);
+    }
     memcpy(H, ctx->H, sizeof H);
     Hv = _mm_shuffle_epi8(_mm_load_si128((const __m128i *) H), rev);
     _mm_store_si128((__m128i *) H, Hv);
@@ -702,7 +708,7 @@ crypto_aead_aes256gcm_decrypt_afternm(unsigned char *m, unsigned long long *mlen
         const int lb = iter * 16;                                                                 \
                                                                                                   \
         for (i = 0; i < mlen_rnd128; i += lb) {                                                   \
-            aesni_decrypt8full(m + i, (uint32_t *) n2, rkeys, c + i);                             \
+            aesni_decrypt8full(m + i, n2, rkeys, c + i);                                          \
         }                                                                                         \
     } while(0)
@@ -740,13 +746,13 @@ crypto_aead_aes256gcm_decrypt_afternm(unsigned char *m, unsigned long long *mlen
             if ((i + mj) >= mlen) {                          \
                 mj = mlen - i;                               \
             }                                                \
-            aesni_encrypt8(outni, (uint32_t *) n2, rkeys);   \
+            aesni_encrypt8(outni, n2, rkeys);                \
             for (j = 0; j < mj; j++) {                       \
                 m[i + j] = c[i + j] ^ outni[j];              \
             }                                                \
         }                                                    \
     } while(0)
-    n2[15] = 0;
+    n2[3] &= 0x00ffffff;
     COUNTER_INC2(n2);
     LOOPACCUMDRND128;
@@ -762,7 +768,7 @@ crypto_aead_aes256gcm_decrypt_afternm(unsigned char *m, unsigned long long *mlen
             return -1;
         }
     }
-    *(uint32_t *) &n2[12] = 0;
+    n2[3] = 0U;
     COUNTER_INC2(n2);
     LOOPDRND128;
     LOOPDRMD128;

data/vendor/libsodium/src/libsodium/crypto_auth/hmacsha256/cp/hmac_hmacsha256.c CHANGED

@@ -26,7 +26,6 @@
  *
  */
-#include "api.h"
 #include "crypto_auth_hmacsha256.h"
 #include "crypto_hash_sha256.h"
 #include "utils.h"
@@ -98,12 +97,12 @@ crypto_auth_hmacsha256_final(crypto_auth_hmacsha256_state *state,
 }
 int
-crypto_auth(unsigned char *out, const unsigned char *in,
-            unsigned long long inlen, const unsigned char *k)
+crypto_auth_hmacsha256(unsigned char *out, const unsigned char *in,
+                       unsigned long long inlen, const unsigned char *k)
 {
     crypto_auth_hmacsha256_state state;
-    crypto_auth_hmacsha256_init(&state, k, crypto_auth_KEYBYTES);
+    crypto_auth_hmacsha256_init(&state, k, crypto_auth_hmacsha256_KEYBYTES);
     crypto_auth_hmacsha256_update(&state, in, inlen);
     crypto_auth_hmacsha256_final(&state, out);

data/vendor/libsodium/src/libsodium/crypto_auth/hmacsha256/cp/verify_hmacsha256.c CHANGED

@@ -1,11 +1,11 @@
-#include "api.h"
+#include "crypto_auth_hmacsha256.h"
 #include "crypto_verify_32.h"
 #include "utils.h"
-int crypto_auth_verify(const unsigned char *h,const unsigned char *in,unsigned long long inlen,const unsigned char *k)
+int crypto_auth_hmacsha256_verify(const unsigned char *h,const unsigned char *in,unsigned long long inlen,const unsigned char *k)
 {
   unsigned char correct[32];
-  crypto_auth(correct,in,inlen,k);
+  crypto_auth_hmacsha256(correct,in,inlen,k);
   return crypto_verify_32(h,correct) | (-(h == correct)) |
          sodium_memcmp(correct,h,32);
 }

data/vendor/libsodium/src/libsodium/crypto_auth/hmacsha512/cp/hmac_hmacsha512.c CHANGED

@@ -26,7 +26,6 @@
  *
  */
-#include "api.h"
 #include "crypto_auth_hmacsha512.h"
 #include "crypto_hash_sha512.h"
 #include "utils.h"
@@ -98,12 +97,12 @@ crypto_auth_hmacsha512_final(crypto_auth_hmacsha512_state *state,
 }
 int
-crypto_auth(unsigned char *out, const unsigned char *in,
-            unsigned long long inlen, const unsigned char *k)
+crypto_auth_hmacsha512(unsigned char *out, const unsigned char *in,
+                       unsigned long long inlen, const unsigned char *k)
 {
     crypto_auth_hmacsha512_state state;
-    crypto_auth_hmacsha512_init(&state, k, crypto_auth_KEYBYTES);
+    crypto_auth_hmacsha512_init(&state, k, crypto_auth_hmacsha512_KEYBYTES);
     crypto_auth_hmacsha512_update(&state, in, inlen);
     crypto_auth_hmacsha512_final(&state, out);

data/vendor/libsodium/src/libsodium/crypto_auth/hmacsha512/cp/verify_hmacsha512.c CHANGED

@@ -1,12 +1,12 @@
-#include "api.h"
+#include "crypto_auth_hmacsha512.h"
 #include "crypto_verify_64.h"
 #include "utils.h"
-int crypto_auth_verify(const unsigned char *h, const unsigned char *in,
-                       unsigned long long inlen, const unsigned char *k)
+int crypto_auth_hmacsha512_verify(const unsigned char *h, const unsigned char *in,
+                                  unsigned long long inlen, const unsigned char *k)
 {
   unsigned char correct[64];
-  crypto_auth(correct,in,inlen,k);
+  crypto_auth_hmacsha512(correct,in,inlen,k);
   return crypto_verify_64(h,correct) | (-(h == correct)) |
          sodium_memcmp(correct,h,64);
 }

data/vendor/libsodium/src/libsodium/crypto_auth/hmacsha512256/cp/hmac_hmacsha512256.c CHANGED

@@ -1,5 +1,4 @@
-#include "api.h"
 #include "crypto_auth_hmacsha512256.h"
 #include "crypto_auth_hmacsha512.h"
 #include "crypto_hash_sha512.h"
@@ -41,12 +40,13 @@ crypto_auth_hmacsha512256_final(crypto_auth_hmacsha512256_state *state,
 }
 int
-crypto_auth(unsigned char *out, const unsigned char *in,
-            unsigned long long inlen, const unsigned char *k)
+crypto_auth_hmacsha512256(unsigned char *out, const unsigned char *in,
+                          unsigned long long inlen, const unsigned char *k)
 {
     crypto_auth_hmacsha512256_state state;
-    crypto_auth_hmacsha512256_init(&state, k, crypto_auth_KEYBYTES);
+    crypto_auth_hmacsha512256_init(&state, k,
+                                   crypto_auth_hmacsha512256_KEYBYTES);
     crypto_auth_hmacsha512256_update(&state, in, inlen);
     crypto_auth_hmacsha512256_final(&state, out);

data/vendor/libsodium/src/libsodium/crypto_auth/hmacsha512256/cp/verify_hmacsha512256.c CHANGED

@@ -1,12 +1,14 @@
-#include "api.h"
+#include "crypto_auth_hmacsha512256.h"
 #include "crypto_verify_32.h"
 #include "utils.h"
-int crypto_auth_verify(const unsigned char *h, const unsigned char *in,
-                       unsigned long long inlen, const unsigned char *k)
+int crypto_auth_hmacsha512256_verify(const unsigned char *h,
+                                     const unsigned char *in,
+                                     unsigned long long inlen,
+                                     const unsigned char *k)
 {
   unsigned char correct[32];
-  crypto_auth(correct,in,inlen,k);
+  crypto_auth_hmacsha512256(correct,in,inlen,k);
   return crypto_verify_32(h,correct) | (-(h == correct)) |
          sodium_memcmp(correct,h,32);
 }

data/vendor/libsodium/src/libsodium/crypto_box/crypto_box_easy.c CHANGED

@@ -26,7 +26,9 @@ crypto_box_detached(unsigned char *c, unsigned char *mac,
     (void) sizeof(int[crypto_box_BEFORENMBYTES >=
                       crypto_secretbox_KEYBYTES ? 1 : -1]);
-    crypto_box_beforenm(k, pk, sk);
+    if (crypto_box_beforenm(k, pk, sk) != 0) {
+        return -1;
+    }
     ret = crypto_box_detached_afternm(c, mac, m, mlen, n, k);
     sodium_memzero(k, sizeof k);
@@ -75,7 +77,9 @@ crypto_box_open_detached(unsigned char *m, const unsigned char *c,
     unsigned char k[crypto_box_BEFORENMBYTES];
     int           ret;
-    crypto_box_beforenm(k, pk, sk);
+    if (crypto_box_beforenm(k, pk, sk) != 0) {
+        return -1;
+    }
     ret = crypto_box_open_detached_afternm(m, c, mac, clen, n, k);
     sodium_memzero(k, sizeof k);

data/vendor/libsodium/src/libsodium/crypto_box/curve25519xsalsa20poly1305/ref/after_curve25519xsalsa20poly1305.c CHANGED

@@ -1,7 +1,7 @@
-#include "api.h"
+#include "crypto_box_curve25519xsalsa20poly1305.h"
 #include "crypto_secretbox_xsalsa20poly1305.h"
-int crypto_box_afternm(
+int crypto_box_curve25519xsalsa20poly1305_afternm(
   unsigned char *c,
   const unsigned char *m,unsigned long long mlen,
   const unsigned char *n,
@@ -11,7 +11,7 @@ int crypto_box_afternm(
   return crypto_secretbox_xsalsa20poly1305(c,m,mlen,n,k);
 }
-int crypto_box_open_afternm(
+int crypto_box_curve25519xsalsa20poly1305_open_afternm(
   unsigned char *m,
   const unsigned char *c,unsigned long long clen,
   const unsigned char *n,

data/vendor/libsodium/src/libsodium/crypto_box/curve25519xsalsa20poly1305/ref/before_curve25519xsalsa20poly1305.c CHANGED

@@ -1,4 +1,4 @@
-#include "api.h"
+#include "crypto_box_curve25519xsalsa20poly1305.h"
 #include "crypto_core_hsalsa20.h"
 #include "crypto_scalarmult_curve25519.h"
@@ -7,13 +7,15 @@ static const unsigned char sigma[16] = {
 };
 static const unsigned char n[16] = {0};
-int crypto_box_beforenm(
+int crypto_box_curve25519xsalsa20poly1305_beforenm(
   unsigned char *k,
   const unsigned char *pk,
   const unsigned char *sk
 )
 {
   unsigned char s[32];
-  crypto_scalarmult_curve25519(s,sk,pk);
+  if (crypto_scalarmult_curve25519(s,sk,pk) != 0) {
+      return -1;
+  }
   return crypto_core_hsalsa20(k,n,s,sigma);
 }

data/vendor/libsodium/src/libsodium/crypto_box/curve25519xsalsa20poly1305/ref/box_curve25519xsalsa20poly1305.c CHANGED

@@ -1,7 +1,7 @@
-#include "api.h"
+#include "crypto_box_curve25519xsalsa20poly1305.h"
 #include "utils.h"
-int crypto_box(
+int crypto_box_curve25519xsalsa20poly1305(
   unsigned char *c,
   const unsigned char *m,unsigned long long mlen,
   const unsigned char *n,
@@ -9,17 +9,19 @@ int crypto_box(
   const unsigned char *sk
 )
 {
-  unsigned char k[crypto_box_BEFORENMBYTES];
+  unsigned char k[crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES];
   int           ret;
-  crypto_box_beforenm(k,pk,sk);
-  ret = crypto_box_afternm(c,m,mlen,n,k);
+  if (crypto_box_curve25519xsalsa20poly1305_beforenm(k,pk,sk) != 0) {
+      return -1;
+  }
+  ret = crypto_box_curve25519xsalsa20poly1305_afternm(c,m,mlen,n,k);
   sodium_memzero(k, sizeof k);
   return ret;
 }
-int crypto_box_open(
+int crypto_box_curve25519xsalsa20poly1305_open(
   unsigned char *m,
   const unsigned char *c,unsigned long long clen,
   const unsigned char *n,
@@ -27,11 +29,13 @@ int crypto_box_open(
   const unsigned char *sk
 )
 {
-  unsigned char k[crypto_box_BEFORENMBYTES];
+  unsigned char k[crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES];
   int           ret;
-  crypto_box_beforenm(k,pk,sk);
-  ret = crypto_box_open_afternm(m,c,clen,n,k);
+  if (crypto_box_curve25519xsalsa20poly1305_beforenm(k,pk,sk) != 0) {
+      return -1;
+  }
+  ret = crypto_box_curve25519xsalsa20poly1305_open_afternm(m,c,clen,n,k);
   sodium_memzero(k, sizeof k);
   return ret;

data/vendor/libsodium/src/libsodium/crypto_box/curve25519xsalsa20poly1305/ref/keypair_curve25519xsalsa20poly1305.c CHANGED

@@ -1,12 +1,12 @@
 #include <string.h>
+#include "crypto_box_curve25519xsalsa20poly1305.h"
 #include "crypto_hash_sha512.h"
 #include "crypto_scalarmult_curve25519.h"
-#include "api.h"
 #include "randombytes.h"
 #include "utils.h"
-int crypto_box_seed_keypair(
+int crypto_box_curve25519xsalsa20poly1305_seed_keypair(
   unsigned char *pk,
   unsigned char *sk,
   const unsigned char *seed
@@ -19,7 +19,7 @@ int crypto_box_seed_keypair(
   return crypto_scalarmult_curve25519_base(pk,sk);
 }
-int crypto_box_keypair(
+int crypto_box_curve25519xsalsa20poly1305_keypair(
   unsigned char *pk,
   unsigned char *sk
 )

data/vendor/libsodium/src/libsodium/crypto_core/hsalsa20/ref2/core_hsalsa20.c CHANGED

@@ -4,7 +4,7 @@ D. J. Bernstein
 Public domain.
 */
-#include "api.h"
+#include "crypto_core_hsalsa20.h"
 #define ROUNDS 20
@@ -33,7 +33,7 @@ static void store_littleendian(unsigned char *x,uint32 u)
   x[3] = u;
 }
-int crypto_core(
+int crypto_core_hsalsa20(
         unsigned char *out,
   const unsigned char *in,
   const unsigned char *k,

data/vendor/libsodium/src/libsodium/crypto_core/salsa20/ref/core_salsa20.c CHANGED

@@ -4,7 +4,7 @@ D. J. Bernstein
 Public domain.
 */
-#include "api.h"
+#include "crypto_core_salsa20.h"
 #define ROUNDS 20
@@ -33,7 +33,7 @@ static void store_littleendian(unsigned char *x,uint32 u)
   x[3] = u;
 }
-int crypto_core(
+int crypto_core_salsa20(
         unsigned char *out,
   const unsigned char *in,
   const unsigned char *k,

data/vendor/libsodium/src/libsodium/crypto_core/salsa2012/ref/core_salsa2012.c CHANGED

@@ -4,7 +4,7 @@ D. J. Bernstein
 Public domain.
 */
-#include "api.h"
+#include "crypto_core_salsa2012.h"
 #define ROUNDS 12
@@ -33,7 +33,7 @@ static void store_littleendian(unsigned char *x,uint32 u)
   x[3] = u;
 }
-int crypto_core(
+int crypto_core_salsa2012(
         unsigned char *out,
   const unsigned char *in,
   const unsigned char *k,