rbnacl-libsodium 1.0.6 → 1.0.7

data/vendor/libsodium/src/libsodium/sodium/core.c

@@ -2,6 +2,8 @@
 #include "core.h"
 #include "crypto_generichash.h"
 #include "crypto_onetimeauth.h"
+#include "crypto_scalarmult.h"
+#include "crypto_stream_chacha20.h"
 #include "randombytes.h"
 #include "runtime.h"
 #include "utils.h"
@@ -19,6 +21,8 @@ sodium_init(void)
     _sodium_alloc_init();
     _crypto_generichash_blake2b_pick_best_implementation();
     _crypto_onetimeauth_poly1305_pick_best_implementation();
+    _crypto_scalarmult_curve25519_pick_best_implementation();
+    _crypto_stream_chacha20_pick_best_implementation();
     initialized = 1;
 
     return 0;

data/vendor/libsodium/src/libsodium/sodium/runtime.c

@@ -12,6 +12,7 @@ typedef struct CPUFeatures_ {
     int has_sse3;
     int has_ssse3;
     int has_sse41;
+    int has_avx;
     int has_pclmul;
     int has_aesni;
 } CPUFeatures;
@@ -22,6 +23,7 @@ static CPUFeatures _cpu_features;
 #define CPUIDECX_SSE3   0x00000001
 #define CPUIDECX_SSSE3  0x00000200
 #define CPUIDECX_SSE41  0x00080000
+#define CPUIDECX_AVX    0x10000000
 #define CPUIDECX_PCLMUL 0x00000002
 #define CPUIDECX_AESNI  0x02000000
 
@@ -100,36 +102,48 @@ _sodium_runtime_intel_cpu_features(CPUFeatures * const cpu_features)
         return -1; /* LCOV_EXCL_LINE */
     }
     _cpuid(cpu_info, 0x00000001);
-#ifndef HAVE_EMMINTRIN_H
-    cpu_features->has_sse2 = 0;
-#else
+#if defined(HAVE_EMMINTRIN_H) || \
+    (defined(_MSC_VER) && (defined(_M_X64) || defined(_M_AMD64) || defined(_M_IX86)))
     cpu_features->has_sse2 = ((cpu_info[3] & CPUID_SSE2) != 0x0);
+#else
+    cpu_features->has_sse2 = 0;
 #endif
 
-#ifndef HAVE_PMMINTRIN_H
-    cpu_features->has_sse3 = 0;
-#else
+#if defined(HAVE_PMMINTRIN_H) || \
+    (defined(_MSC_VER) && (defined(_M_X64) || defined(_M_AMD64) || defined(_M_IX86)))
     cpu_features->has_sse3 = ((cpu_info[2] & CPUIDECX_SSE3) != 0x0);
+#else
+    cpu_features->has_sse3 = 0;
 #endif
 
-#ifndef HAVE_TMMINTRIN_H
-    cpu_features->has_ssse3 = 0;
-#else
+#if defined(HAVE_TMMINTRIN_H) || \
+    (defined(_MSC_VER) && (defined(_M_X64) || defined(_M_AMD64) || defined(_M_IX86)))
     cpu_features->has_ssse3 = ((cpu_info[2] & CPUIDECX_SSSE3) != 0x0);
+#else
+    cpu_features->has_ssse3 = 0;
 #endif
 
-#ifndef HAVE_SMMINTRIN_H
-    cpu_features->has_sse41 = 0;
-#else
+#if defined(HAVE_SMMINTRIN_H) || \
+    (defined(_MSC_VER) && (defined(_M_X64) || defined(_M_AMD64) || defined(_M_IX86)))
     cpu_features->has_sse41 = ((cpu_info[2] & CPUIDECX_SSE41) != 0x0);
+#else
+    cpu_features->has_sse41 = 0;
 #endif
 
-#ifndef HAVE_WMMINTRIN_H
-    cpu_features->has_pclmul = 0;
-    cpu_features->has_aesni = 0;
+#if defined(HAVE_AVXINTRIN_H) || \
+    (defined(_MSC_VER) && (defined(_M_X64) || defined(_M_AMD64) || defined(_M_IX86)))
+    cpu_features->has_avx = ((cpu_info[2] & CPUIDECX_AVX) != 0x0);
 #else
+    cpu_features->has_avx = 0;
+#endif
+
+#if defined(HAVE_WMMINTRIN_H) || \
+    (defined(_MSC_VER) && (defined(_M_X64) || defined(_M_AMD64) || defined(_M_IX86)))
     cpu_features->has_pclmul = ((cpu_info[2] & CPUIDECX_PCLMUL) != 0x0);
     cpu_features->has_aesni = ((cpu_info[2] & CPUIDECX_AESNI) != 0x0);
+#else
+    cpu_features->has_pclmul = 0;
+    cpu_features->has_aesni = 0;
 #endif
 
     return 0;
@@ -172,6 +186,11 @@ sodium_runtime_has_sse41(void) {
     return _cpu_features.has_sse41;
 }
 
+int
+sodium_runtime_has_avx(void) {
+    return _cpu_features.has_avx;
+}
+
 int
 sodium_runtime_has_pclmul(void) {
     return _cpu_features.has_pclmul;

data/vendor/libsodium/src/libsodium/sodium/utils.c

@@ -113,7 +113,7 @@ sodium_memcmp(const void * const b1_, const void * const b2_, size_t len)
     for (i = 0U; i < len; i++) {
         d |= b1[i] ^ b2[i];
     }
-    return (int) ((1 & ((d - 1) >> 8)) - 1);
+    return (1 & ((d - 1) >> 8)) - 1;
 }
 
 #ifdef HAVE_WEAK_SYMBOLS
@@ -154,6 +154,109 @@ sodium_compare(const unsigned char *b1_, const unsigned char *b2_, size_t len)
     return (int) (gt + gt + eq) - 1;
 }
 
+int
+sodium_is_zero(const unsigned char *n, const size_t nlen)
+{
+    size_t        i;
+    unsigned char d = 0U;
+
+    for (i = 0U; i < nlen; i++) {
+        d |= n[i];
+    }
+    return 1 & ((d - 1) >> 8);
+}
+
+void
+sodium_increment(unsigned char *n, const size_t nlen)
+{
+    size_t        i = 0U;
+    uint_fast16_t c = 1U;
+
+#ifdef HAVE_AMD64_ASM
+    uint64_t      t64, t64_2;
+    uint32_t      t32;
+
+    if (nlen == 12U) {
+        __asm__ __volatile__("xorq %[t64], %[t64] \n"
+                             "xorl %[t32], %[t32] \n"
+                             "stc \n"
+                             "adcq %[t64], (%[out]) \n"
+                             "adcl %[t32], 8(%[out]) \n"
+                             : [t64] "=&r"(t64), [t32] "=&r" (t32)
+                             : [out] "D"(n)
+                             : "memory", "flags", "cc");
+        return;
+    } else if (nlen == 24U) {
+        __asm__ __volatile__("movq $1, %[t64] \n"
+                             "xorq %[t64_2], %[t64_2] \n"
+                             "addq %[t64], (%[out]) \n"
+                             "adcq %[t64_2], 8(%[out]) \n"
+                             "adcq %[t64_2], 16(%[out]) \n"
+                             : [t64] "=&r"(t64), [t64_2] "=&r" (t64_2)
+                             : [out] "D"(n)
+                             : "memory", "flags", "cc");
+        return;
+    } else if (nlen == 8U) {
+        __asm__ __volatile__("incq (%[out]) \n"
+                             :
+                             : [out] "D"(n)
+                             : "memory", "flags", "cc");
+        return;
+    }
+#endif
+    for (; i < nlen; i++) {
+        c += (uint_fast16_t) n[i];
+        n[i] = (unsigned char) c;
+        c >>= 8;
+    }
+}
+
+void
+sodium_add(unsigned char *a, const unsigned char *b, const size_t len)
+{
+    size_t        i = 0U;
+    uint_fast16_t c = 0U;
+
+#ifdef HAVE_AMD64_ASM
+    uint64_t      t64, t64_2, t64_3;
+    uint32_t      t32;
+
+    if (len == 12U) {
+        __asm__ __volatile__("movq (%[in]), %[t64] \n"
+                             "movl 8(%[in]), %[t32] \n"
+                             "addq %[t64], (%[out]) \n"
+                             "adcl %[t32], 8(%[out]) \n"
+                             : [t64] "=&r"(t64), [t32] "=&r" (t32)
+                             : [in] "S"(b), [out] "D"(a)
+                             : "memory", "flags", "cc");
+        return;
+    } else if (len == 24U) {
+        __asm__ __volatile__("movq (%[in]), %[t64] \n"
+                             "movq 8(%[in]), %[t64_2] \n"
+                             "movq 16(%[in]), %[t64_3] \n"
+                             "addq %[t64], (%[out]) \n"
+                             "adcq %[t64_2], 8(%[out]) \n"
+                             "adcq %[t64_3], 16(%[out]) \n"
+                             : [t64] "=&r"(t64), [t64_2] "=&r"(t64_2), [t64_3] "=&r"(t64_3)
+                             : [in] "S"(b), [out] "D"(a)
+                             : "memory", "flags", "cc");
+        return;
+    } else if (len == 8U) {
+        __asm__ __volatile__("movq (%[in]), %[t64] \n"
+                             "addq %[t64], (%[out]) \n"
+                             : [t64] "=&r"(t64)
+                             : [in] "S"(b), [out] "D"(a)
+                             : "memory", "flags", "cc");
+        return;
+    }
+#endif
+    for (; i < len; i++) {
+        c += (uint_fast16_t) a[i] + (uint_fast16_t) b[i];
+        a[i] = (unsigned char) c;
+        c >>= 8;
+    }
+}
+
 /* Derived from original code by CodesInChaos */
 char *
 sodium_bin2hex(char * const hex, const size_t hex_maxlen,
@@ -568,16 +671,3 @@ sodium_mprotect_readwrite(void *ptr)
 {
     return _sodium_mprotect(ptr, _mprotect_readwrite);
 }
-
-void
-sodium_increment(unsigned char *n, const size_t nlen)
-{
-    size_t       i;
-    unsigned int c = 1U << 8;
-
-    for (i = (size_t) 0U; i < nlen; i++) {
-        c >>= 8;
-        c += n[i];
-        n[i] = (unsigned char) c;
-    }
-}

data/vendor/libsodium/test/Makefile.in

@@ -224,6 +224,7 @@ EXEEXT = @EXEEXT@
 FGREP = @FGREP@
 GREP = @GREP@
 HAVE_AMD64_ASM_V = @HAVE_AMD64_ASM_V@
+HAVE_AVX_ASM_V = @HAVE_AVX_ASM_V@
 HAVE_CPUID_V = @HAVE_CPUID_V@
 HAVE_TI_MODE_V = @HAVE_TI_MODE_V@
 INSTALL = @INSTALL@

data/vendor/libsodium/test/default/Makefile.in

@@ -641,6 +641,7 @@ EXEEXT = @EXEEXT@
 FGREP = @FGREP@
 GREP = @GREP@
 HAVE_AMD64_ASM_V = @HAVE_AMD64_ASM_V@
+HAVE_AVX_ASM_V = @HAVE_AVX_ASM_V@
 HAVE_CPUID_V = @HAVE_CPUID_V@
 HAVE_TI_MODE_V = @HAVE_TI_MODE_V@
 INSTALL = @INSTALL@

data/vendor/libsodium/test/default/auth.c

@@ -3,14 +3,14 @@
 #include "cmptest.h"
 
 /* "Test Case 2" from RFC 4231 */
-unsigned char key[32] = "Jefe";
-unsigned char c[] = "what do ya want for nothing?";
+static unsigned char key[32] = "Jefe";
+static unsigned char c[] = "what do ya want for nothing?";
 
 /* Hacker manifesto */
-unsigned char key2[] = "Another one got caught today, it's all over the papers. \"Teenager Arrested in Computer Crime Scandal\", \"Hacker Arrested after Bank Tampering\"... Damn kids. They're all alike.";
+static unsigned char key2[] = "Another one got caught today, it's all over the papers. \"Teenager Arrested in Computer Crime Scandal\", \"Hacker Arrested after Bank Tampering\"... Damn kids. They're all alike.";
 
-unsigned char a[crypto_auth_BYTES];
-unsigned char a2[crypto_auth_hmacsha512_BYTES];
+static unsigned char a[crypto_auth_BYTES];
+static unsigned char a2[crypto_auth_hmacsha512_BYTES];
 
 int main(void)
 {

data/vendor/libsodium/test/default/auth2.c

@@ -3,19 +3,19 @@
 #define TEST_NAME "auth2"
 #include "cmptest.h"
 
-unsigned char key[32]
+static unsigned char key[32]
     = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
         0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
         0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20 };
 
-unsigned char c[50]
+static unsigned char c[50]
     = { 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
         0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
         0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
         0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
         0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd };
 
-unsigned char a[32];
+static unsigned char a[32];
 
 int main(void)
 {

data/vendor/libsodium/test/default/auth3.c

@@ -3,19 +3,19 @@
 #define TEST_NAME "auth3"
 #include "cmptest.h"
 
-unsigned char key[32]
+static unsigned char key[32]
     = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
         0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
         0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20 };
 
-unsigned char c[50]
+static unsigned char c[50]
     = { 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
         0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
         0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
         0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
         0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd };
 
-unsigned char a[32]
+static unsigned char a[32]
     = { 0x37, 0x2e, 0xfc, 0xf9, 0xb4, 0x0b, 0x35, 0xc2, 0x11, 0x5b, 0x13,
         0x46, 0x90, 0x3d, 0x2e, 0xf4, 0x2f, 0xce, 0xd4, 0x6f, 0x08, 0x46,
         0xe7, 0x25, 0x7b, 0xb1, 0x56, 0xd3, 0xd7, 0xb3, 0x0d, 0x3f };

data/vendor/libsodium/test/default/auth5.c

@@ -2,15 +2,15 @@
 #define TEST_NAME "auth5"
 #include "cmptest.h"
 
-unsigned char key[32];
-unsigned char c[10000];
-unsigned char a[32];
+static unsigned char key[32];
+static unsigned char c[1000];
+static unsigned char a[32];
 
 int main(void)
 {
     size_t clen;
 
-    for (clen = 0; clen < 10000; ++clen) {
+    for (clen = 0; clen < 1000; ++clen) {
         randombytes_buf(key, sizeof key);
         randombytes_buf(c, clen);
         crypto_auth(a, c, clen, key);

data/vendor/libsodium/test/default/auth6.c

@@ -3,10 +3,10 @@
 #include "cmptest.h"
 
 /* "Test Case 2" from RFC 4231 */
-unsigned char key[32] = "Jefe";
-unsigned char c[] = "what do ya want for nothing?";
+static unsigned char key[32] = "Jefe";
+static unsigned char c[] = "what do ya want for nothing?";
 
-unsigned char a[64];
+static unsigned char a[64];
 
 int main(void)
 {

data/vendor/libsodium/test/default/auth7.c

@@ -2,15 +2,15 @@
 #define TEST_NAME "auth7"
 #include "cmptest.h"
 
-unsigned char key[32];
-unsigned char c[10000];
-unsigned char a[64];
+static unsigned char key[32];
+static unsigned char c[600];
+static unsigned char a[64];
 
 int main(void)
 {
     int clen;
 
-    for (clen = 0; clen < 10000; ++clen) {
+    for (clen = 0; clen < sizeof c; ++clen) {
         randombytes_buf(key, sizeof key);
         randombytes_buf(c, clen);
         crypto_auth_hmacsha512(a, c, clen, key);

data/vendor/libsodium/test/default/box.c

@@ -2,22 +2,23 @@
 #define TEST_NAME "box"
 #include "cmptest.h"
 
-unsigned char alicesk[32]
+static unsigned char alicesk[32]
     = { 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16, 0xc1,
         0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87, 0xeb, 0xc0,
         0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9, 0x2c, 0x2a };
 
-unsigned char bobpk[32]
+static unsigned char bobpk[32]
     = { 0xde, 0x9e, 0xdb, 0x7d, 0x7b, 0x7d, 0xc1, 0xb4, 0xd3, 0x5b, 0x61,
         0xc2, 0xec, 0xe4, 0x35, 0x37, 0x3f, 0x83, 0x43, 0xc8, 0x5b, 0x78,
         0x67, 0x4d, 0xad, 0xfc, 0x7e, 0x14, 0x6f, 0x88, 0x2b, 0x4f };
 
-unsigned char nonce[24] = { 0x69, 0x69, 0x6e, 0xe9, 0x55, 0xb6, 0x2b, 0x73,
-                            0xcd, 0x62, 0xbd, 0xa8, 0x75, 0xfc, 0x73, 0xd6,
-                            0x82, 0x19, 0xe0, 0x03, 0x6b, 0x7a, 0x0b, 0x37 };
+static unsigned char nonce[24]
+    = { 0x69, 0x69, 0x6e, 0xe9, 0x55, 0xb6, 0x2b, 0x73,
+        0xcd, 0x62, 0xbd, 0xa8, 0x75, 0xfc, 0x73, 0xd6,
+        0x82, 0x19, 0xe0, 0x03, 0x6b, 0x7a, 0x0b, 0x37 };
 
 // API requires first 32 bytes to be 0
-unsigned char m[163]
+static unsigned char m[163]
     = { 0,    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
         0,    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
         0,    0,    0,    0,    0,    0,    0,    0,    0xbe, 0x07, 0x5f, 0xc5,
@@ -33,14 +34,16 @@ unsigned char m[163]
         0xf0, 0xa0, 0x89, 0xbc, 0x76, 0x89, 0x70, 0x40, 0xe0, 0x82, 0xf9, 0x37,
         0x76, 0x38, 0x48, 0x64, 0x5e, 0x07, 0x05 };
 
-unsigned char c[163];
+static unsigned char c[163];
 
 int main(void)
 {
     unsigned char k[crypto_box_BEFORENMBYTES];
     int i;
+    int ret;
 
-    crypto_box(c, m, 163, nonce, bobpk, alicesk);
+    ret = crypto_box(c, m, 163, nonce, bobpk, alicesk);
+    assert(ret == 0);
     for (i = 16; i < 163; ++i) {
         printf(",0x%02x", (unsigned int)c[i]);
         if (i % 8 == 7)
@@ -49,7 +52,8 @@ int main(void)
     printf("\n");
 
     memset(c, 0, sizeof c);
-    crypto_box_beforenm(k, bobpk, alicesk);
+    ret = crypto_box_beforenm(k, bobpk, alicesk);
+    assert(ret == 0);
     crypto_box_afternm(c, m, 163, nonce, k);
     for (i = 16; i < 163; ++i) {
         printf(",0x%02x", (unsigned int)c[i]);

data/vendor/libsodium/test/default/box2.c

@@ -2,22 +2,23 @@
 #define TEST_NAME "box2"
 #include "cmptest.h"
 
-unsigned char bobsk[32]
+static unsigned char bobsk[32]
     = { 0x5d, 0xab, 0x08, 0x7e, 0x62, 0x4a, 0x8a, 0x4b, 0x79, 0xe1, 0x7f,
         0x8b, 0x83, 0x80, 0x0e, 0xe6, 0x6f, 0x3b, 0xb1, 0x29, 0x26, 0x18,
         0xb6, 0xfd, 0x1c, 0x2f, 0x8b, 0x27, 0xff, 0x88, 0xe0, 0xeb };
 
-unsigned char alicepk[32]
+static unsigned char alicepk[32]
     = { 0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b, 0x7d,
         0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d, 0x26, 0x38,
         0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b, 0x4e, 0x6a };
 
-unsigned char nonce[24] = { 0x69, 0x69, 0x6e, 0xe9, 0x55, 0xb6, 0x2b, 0x73,
-                            0xcd, 0x62, 0xbd, 0xa8, 0x75, 0xfc, 0x73, 0xd6,
-                            0x82, 0x19, 0xe0, 0x03, 0x6b, 0x7a, 0x0b, 0x37 };
+static unsigned char nonce[24]
+    = { 0x69, 0x69, 0x6e, 0xe9, 0x55, 0xb6, 0x2b, 0x73,
+        0xcd, 0x62, 0xbd, 0xa8, 0x75, 0xfc, 0x73, 0xd6,
+        0x82, 0x19, 0xe0, 0x03, 0x6b, 0x7a, 0x0b, 0x37 };
 
 // API requires first 16 bytes to be 0
-unsigned char c[163]
+static unsigned char c[163]
     = { 0,    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
         0,    0,    0,    0,    0xf3, 0xff, 0xc7, 0x70, 0x3f, 0x94, 0x00, 0xe5,
         0x2a, 0x7d, 0xfb, 0x4b, 0x3d, 0x33, 0x05, 0xd9, 0x8e, 0x99, 0x3b, 0x9f,
@@ -33,12 +34,13 @@ unsigned char c[163]
         0x79, 0x73, 0xf6, 0x22, 0xa4, 0x3d, 0x14, 0xa6, 0x59, 0x9b, 0x1f, 0x65,
         0x4c, 0xb4, 0x5a, 0x74, 0xe3, 0x55, 0xa5 };
 
-unsigned char m[163];
+static unsigned char m[163];
 
 int main(void)
 {
     unsigned char k[crypto_box_BEFORENMBYTES];
     int i;
+    int ret;
 
     if (crypto_box_open(m, c, 163, nonce, alicepk, bobsk) == 0) {
         for (i = 32; i < 163; ++i) {
@@ -50,7 +52,8 @@ int main(void)
     }
 
     memset(m, 0, sizeof m);
-    crypto_box_beforenm(k, alicepk, bobsk);
+    ret = crypto_box_beforenm(k, alicepk, bobsk);
+    assert(ret == 0);
     if (crypto_box_open_afternm(m, c, 163, nonce, k) == 0) {
         for (i = 32; i < 163; ++i) {
             printf(",0x%02x", (unsigned int)m[i]);