tweetnacl 0.3.0 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 3c1932fa8b635f8c885f09dc44235ddf4b8a0c82
-  data.tar.gz: 0b1a0d43b9f60f1885b20bde5b5916246601d872
+SHA256:
+  metadata.gz: df32ba55a66d1f9acd3f40099ffc4e866c56abdb704a7191b2b4c0ffad4089b6
+  data.tar.gz: 90fa17459095c80c00910b0900a02ac11fe35a142dac323ae4427f3cd0aad7e7
 SHA512:
-  metadata.gz: 3d29a42561260b81947f4988443a41233561f38b7169772d9d488ce7376b8f7d93e92601d3903b00df13cb35b65b2e887a4e1b939e893fa55a1af728705b0bb8
-  data.tar.gz: e3bfb32b5a80d8e3cbe83e9522fb2f37320683ce5b7e30c1c43c38e325465e0debd27323c3c2c03b5e7ce790e76001361543cb3bf5093eef0dd7e704aed6f802
+  metadata.gz: 986de1548f6a609b464ca5905bf007af6136e0dc33463ccce70598ce92d4317ea713d248bae833936e8f661462287da0b9779583515ec3a37f5edf32da8bf8ff
+  data.tar.gz: 7b9fb5c8285e391a161feb8774efaf038c3c08adc45cec032b9f9d92d36d335cb6952ee6ca62f3f4bdc1ebf87f9cbe88ab9c8be1b27a6554778f9750ec736ec7

checksums.yaml.gz.sig

@@ -0,0 +1,4 @@
+�)!nR�����Ay%�r���R���K�2W��9�x`
��4^#�A�+[C2T��vt?����ogZQ?�Mz���e�K����jT�ݯ��3�n�����A�{5��� n6�>B`�ց��m����%����q���'�
+4anV"F17Mv�4�%W�ǭw�$�Ȅ���P[ȫN堃Tk���T�6���X�փH��
5�z�Ѽ�j�P���/ړ��-��L�c�8�\��в�e�3���<h��\��
+������:���H���@I[1Ś/�&��7@ywO1$��E�3�����������<Q��9&�ߞ<����>���ۅgL�؛� ��K"X/G{5]�MB��;3�
�5I�A8y��Ϝ�,X�
+�

data/.circleci/config.yml

@@ -0,0 +1,50 @@
+version: 2
+
+shared: &shared
+  working_directory: ~/repo
+  steps:
+    - checkout
+
+    # Download and cache dependencies
+    - restore_cache:
+        keys:
+          - v1-dependencies-{{ checksum "Gemfile.lock" }}
+          # fallback to using the latest cache if no exact match is found
+          - v1-dependencies-
+
+    - run:
+        name: install dependencies
+        command: |
+          bundle install --jobs=4 --retry=3 --path vendor/bundle
+
+    - save_cache:
+        paths:
+          - ./vendor/bundle
+        key: v1-dependencies-{{ checksum "Gemfile.lock" }}
+
+    # run tests!
+    - run:
+        name: run tests
+        command: bundle exec rake
+
+jobs:
+  "ruby-2.4":
+    <<: *shared
+    docker:
+      - image: circleci/ruby:2.4
+  "ruby-2.5":
+    <<: *shared
+    docker:
+      - image: circleci/ruby:2.5
+  "ruby-2.6":
+    <<: *shared
+    docker:
+      - image: circleci/ruby:2.6
+
+workflows:
+  version: 2
+  build:
+    jobs:
+      - "ruby-2.4"
+      - "ruby-2.5"
+      - "ruby-2.6"

data/CHANGELOG.md

@@ -1,6 +1,27 @@
 # Releases
 
-## UNRELEASED (0.4.0)
+## UNRELEASED
+
+## 1.0.0 – Apr 30th 2019
+
+### BREAKING CHANGES
+
+* Drop leading 0s from encrypted boxes!
+
+  A breaking change has been introduced to `crypto_box` and `crypto_secretbox`
+  that makes ciphers differ.  The first 64 bits are always empty and have been
+  dropped from the cipher output.
+
+  This causes differences like:
+
+```
+  -    expected_cipher = "0000000000000000FBC937C3F136E09FA8A45C58C15E801394F5BB74CE8D538FE3D726"
+  +    expected_cipher =                 "FBC937C3F136E09FA8A45C58C15E801394F5BB74CE8D538FE3D726"
+```
+
+  You might need to go through all persisted ciphers and change these values.
+
+  If you have more questions, please file a ticket!  Thanks!
 
 ## 0.3.0 - Aug 19th 2014
 

data/README.md

@@ -5,7 +5,7 @@
 TweetNaCl is a C-extension for Ruby built on top of the official TweetNacl
 distribution. It exposes the basic functions using Ruby objects.
 
-For a detailed explanation of TweetNaCl, [here's the research paper associated with it][paper]
+For a detailed explanation of TweetNaCl, [here's the research paper associated with it][paper].
 
 ## INSTALL
 
@@ -159,4 +159,4 @@ No. Until proven otherwise.
 Franck Verrot, Copyright 2014. See LICENSE.txt.
 
 
-[paper] : http://tweetnacl.cr.yp.to/tweetnacl-20131229.pdf
+[paper]: http://tweetnacl.cr.yp.to/tweetnacl-20131229.pdf

data/Rakefile

@@ -1,4 +1,10 @@
+require 'rubygems'
+require 'rubygems/specification'
+
+require 'bundler'
 require 'rake/extensiontask'
+Bundler::GemHelper.install_tasks
+
 spec = Gem::Specification.load('tweetnacl.gemspec')
 Rake::ExtensionTask.new('tweetnacl', spec) do |ext|
   ext.source_pattern = "*.{c,h}"
@@ -16,3 +22,47 @@ task :default => :full
 
 desc "Run the full spec suite"
 task :full => ["clean", "compile", "test"]
+
+def gemspec
+  @gemspec ||= begin
+                 file = File.expand_path('../tweetnacl.gemspec', __FILE__)
+                 eval(File.read(file), binding, file)
+               end
+end
+
+desc "Clean the current directory"
+task :clean do
+  rm_rf 'tmp'
+  rm_rf 'pkg'
+end
+
+desc "Run the full spec suite"
+task :full => ["clean", "test"]
+
+desc "install the gem locally"
+task :install => :package do
+  sh %{gem install pkg/#{gemspec.name}-#{gemspec.version}}
+end
+
+desc "validate the gemspec"
+task :gemspec do
+  gemspec.validate
+end
+
+desc "Build the gem"
+task :gem => [:gemspec, :build] do
+  mkdir_p "pkg"
+  sh "gem build tweetnacl.gemspec"
+  mv "#{gemspec.full_name}.gem", "pkg"
+
+  require 'digest/sha2'
+  built_gem_path = "pkg/#{gemspec.full_name}.gem"
+  checksum = Digest::SHA512.new.hexdigest(File.read(built_gem_path))
+  checksum_path = "checksums/#{gemspec.version}.sha512"
+  File.open(checksum_path, 'w' ) {|f| f.write(checksum) }
+end
+
+desc "Install TweetNaCl"
+task :install => :gem do
+  sh "gem install pkg/#{gemspec.full_name}.gem"
+end

data/certs/franckverrot.pem

@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIEMDCCApigAwIBAgIBATANBgkqhkiG9w0BAQsFADAhMR8wHQYDVQQDDBZmcmFu
+Y2svREM9dmVycm90L0RDPWZyMB4XDTE4MTIyMTAxMzgwNVoXDTE5MTIyMTAxMzgw
+NVowITEfMB0GA1UEAwwWZnJhbmNrL0RDPXZlcnJvdC9EQz1mcjCCAaIwDQYJKoZI
+hvcNAQEBBQADggGPADCCAYoCggGBANjZ/7L2ECEQAVOYvMl0JOwyVXKRCsLnVrmP
+mcwpCMFL0ennkpLJcqiDNsm0b/RkJHSLu3FMoYrIU5KoaP7iMIsLGv846aw2wSNI
+G5XWGnRY9dWVu7Gz2OZbsDi18WT94Y/s2yf+orPLAiaJb451decYEpHqLTiaJhhJ
+xHckJixfDVwZGJpow7rrJAJMbU9ZCJFUFAfNpgkOqhbBU4Ehi1umbC/ZBsVDiRVa
+ZjfNhe7kgx6jo3EfPY4izPW2IKkpk7nJKNfZnM2r0cnpPJbhyH1m5fsikBD5tRNe
+YxJpxDPf8UBTTXqoeSSQygiHWWZVbH3zj2jWzi5T0do5PbZcCeoIKR4TyOgbOgBW
+Ra7bm9uVXo6MQWpp0aeC/X+F2Y/dFjXAP/TPL89ownd3XZUaNDdZfS6aKBMG3a5C
+gcRLMt1hOJchslGNtvkq5W4Wq8hw+zNHzTMpRkIsYTbvlJCDxXRKR3jwPDTRvNAl
+aemBW1g3yerHeDQr6GtxKEvhmHdw/wIDAQABo3MwcTAJBgNVHRMEAjAAMAsGA1Ud
+DwQEAwIEsDAdBgNVHQ4EFgQUgG77cLAMzowManymHX63DbvfR5IwGwYDVR0RBBQw
+EoEQZnJhbmNrQHZlcnJvdC5mcjAbBgNVHRIEFDASgRBmcmFuY2tAdmVycm90LmZy
+MA0GCSqGSIb3DQEBCwUAA4IBgQAofcg/2kPT9VMBGEuO17F3yH6fiJboQeLL1nlM
+ULZv5LyyqV6Yq0cQ+TZMGHd/hbvBFTN9/55WmiN66tYLaunyfr4aUflCQcM/qu2g
+Ieoz8QLxfIi24DCDezpODHaud6Qt0VmMpalSOxbCuMeNnXLpnxbP/7fJBJoum5GS
+CqGuH81fXy7KAAlgMBcsYb3+vZJhuAeM/zSrE5Hmf1zApTEVZc4Y0dO6eRC6WbXW
+pJfyNXyITkkr7pTRYO/wj3lFoeDqfGXb48HvpJ54lqfeIvr9Hek7grcyQGfZ1rFY
+Dx3RTjxParzCWk/HCFHQiZmU5lnOl7GShwAZrG6l0UHST3/YNCA52KDrmC/T0A2N
+d2MQGgSZerYTx+HRKlradglBDPCs4nxQj5pnoDvGbngeZUua+ZZGFM9SXBT3zAIQ
+akLQjJWKHQCzyqDChJHRGhlxyVFKP2JwqFgzE3p1l64JArsb7BEqhpoBPXMwlChE
+HgzCBTsCU0syQBb1s6lBz2HrWA4=
+-----END CERTIFICATE-----

data/ext/tweetnacl/rbext.c

@@ -12,6 +12,18 @@ void hexdump(char * data, int len)
   printf("\n");
 }
 
+extern int salsa_rounds;
+
+VALUE m_crypto_box_salsa_rounds_set(VALUE self, VALUE _n) {
+  if(_n == Qnil) { rb_raise(rb_eArgError, "`TweetNaCl#salsa_round=` called with nil argument"); }
+  salsa_rounds = NUM2INT(_n);
+  return _n;
+}
+
+VALUE m_crypto_box_salsa_rounds_get(VALUE self) {
+  return INT2NUM(salsa_rounds);
+}
+
 VALUE m_crypto_box_keypair(VALUE self) {
   VALUE ary = rb_ary_new2(2);
   unsigned char *pk = calloc(crypto_box_PUBLICKEYBYTES, sizeof(unsigned char));
@@ -39,14 +51,14 @@ VALUE m_crypto_box(VALUE self, VALUE _m, VALUE _n, VALUE _pk, VALUE _sk) {
   char * nonce = RSTRING_PTR(_n);
   char * pk = RSTRING_PTR(_pk);
   char * sk = RSTRING_PTR(_sk);
-  int len = strlen(message);
+  int len = RSTRING_LEN(_m);
   char * padded_message = (char*)calloc(sizeof(char), len + PADDING_LEN);
-  memcpy(padded_message + PADDING_LEN, message, strlen(message));
-  char * c = malloc(strlen(message) + PADDING_LEN);
+  memcpy(padded_message + PADDING_LEN, message, len);
+  char * c = malloc(len + PADDING_LEN);
   int res = crypto_box(c, padded_message, len + PADDING_LEN, nonce, pk, sk);
   // TODO: use an exception instead of exit()
   if (0 != res) { fprintf(stderr, "Something went wrong\n"); exit(res); }
-  VALUE ret = rb_str_new(c, len + PADDING_LEN);
+  VALUE ret = rb_str_new(c + 16, len + 16);
   return ret;
 }
 
@@ -63,15 +75,16 @@ VALUE m_crypto_box_open(VALUE self, VALUE _c, VALUE _n, VALUE _pk, VALUE _sk) {
   char * nonce = RSTRING_PTR(_n);
   char * pk = RSTRING_PTR(_pk);
   char * sk = RSTRING_PTR(_sk);
-  int padded_mlen = rb_str_strlen(_c);
-  unsigned char * message = (unsigned char*)calloc(padded_mlen, sizeof(unsigned char));
+  int len = RSTRING_LEN(_c);
+  unsigned char * ciphertext = (unsigned char*)calloc(sizeof(unsigned char), len + 16);
+  memcpy(ciphertext + 16, c, len);
 
-  int res = crypto_box_open(message, c, padded_mlen, nonce, pk, sk);
-  if (0 != res) { rb_raise(rb_eRuntimeError, "crypto_box_open did not work. error %d", res); }
+  unsigned char * message = (unsigned char*)calloc(len + PADDING_LEN, sizeof(unsigned char));
 
-  message[padded_mlen + 1] = 0;
+  int res = crypto_box_open(message, ciphertext, len + 16, nonce, pk, sk);
+  if (0 != res) { rb_raise(rb_eRuntimeError, "crypto_box_open did not work. error %d", res); }
 
-  VALUE ret = rb_str_new2(message + PADDING_LEN);
+  VALUE ret = rb_str_new(message + PADDING_LEN, len - 16);
   return ret;
 }
 
@@ -79,19 +92,19 @@ VALUE m_crypto_secretbox(VALUE self, VALUE _m, VALUE _n, VALUE _k) {
   if(_m == Qnil) { rb_raise(rb_eArgError, "A message should have been given"); }
   if(_k == Qnil) { rb_raise(rb_eArgError, "Secret key should have been given"); }
   if (RSTRING_LEN(_n)  != 24) { rb_raise(rb_eArgError, "nonce should be 24-byte long"); }
-  if (RSTRING_LEN(_k) != 32) { rb_raise(rb_eArgError, "Secret key should be 24-byte long"); }
+  if (RSTRING_LEN(_k) != 32) { rb_raise(rb_eArgError, "Secret key should be 32-byte long"); }
 
   char * message = RSTRING_PTR(_m);
   char * nonce = RSTRING_PTR(_n);
   char * k = RSTRING_PTR(_k);
-  int len = strlen(message);
+  int len = RSTRING_LEN(_m);
   char * padded_message = (char*)calloc(sizeof(char), len + PADDING_LEN);
-  memcpy(padded_message + PADDING_LEN, message, strlen(message));
-  char * c = malloc(strlen(message) + PADDING_LEN);
+  memcpy(padded_message + PADDING_LEN, message, len);
+  char * c = malloc(len + PADDING_LEN);
   int res = crypto_secretbox(c, padded_message, len + PADDING_LEN, nonce, k);
   // TODO: use an exception instead of exit()
   if (0 != res) { fprintf(stderr, "Something went wrong\n"); exit(res); }
-  VALUE ret = rb_str_new(c, len + PADDING_LEN);
+  VALUE ret = rb_str_new(c + 16, len + 16);
   return ret;
 }
 
@@ -104,13 +117,17 @@ VALUE m_crypto_secretbox_open(VALUE self, VALUE _c, VALUE _n, VALUE _k) {
   unsigned char * c = RSTRING_PTR(_c);
   char * nonce = RSTRING_PTR(_n);
   char * k = RSTRING_PTR(_k);
-  int padded_mlen = rb_str_strlen(_c);
-  char * message = calloc(padded_mlen, sizeof(char));
+  int len = RSTRING_LEN(_c);
+
+  unsigned char * ciphertext = (unsigned char*)calloc(sizeof(unsigned char), len + 16);
+  memcpy(ciphertext + 16, c, len);
 
-  int res = crypto_secretbox_open(message, c, padded_mlen, nonce, k);
+  char * message = calloc(len + PADDING_LEN, sizeof(char));
+
+  int res = crypto_secretbox_open(message, ciphertext, len + 16, nonce, k);
   if (0 != res) { rb_raise(rb_eRuntimeError, "crypto_secretbox_open did not work"); }
 
-  return rb_str_new2(message + PADDING_LEN);
+  return rb_str_new(message + PADDING_LEN, len - 16);
 }
 
 VALUE m_crypto_sign_keypair(VALUE self) {
@@ -165,6 +182,9 @@ VALUE m_crypto_sign_open(VALUE self, VALUE _c, VALUE _k) {
 void Init_tweetnacl() {
   VALUE c = rb_define_module("TweetNaCl");
 
+  rb_define_module_function(c , "salsa_rounds="                              , RUBY_METHOD_FUNC(m_crypto_box_salsa_rounds_set), 1);
+  rb_define_module_function(c , "salsa_rounds"                               , RUBY_METHOD_FUNC(m_crypto_box_salsa_rounds_get), 0);
+
   rb_define_module_function(c , "crypto_box_keypair"                         , RUBY_METHOD_FUNC(m_crypto_box_keypair)    , 0);
 
   rb_define_module_function(c , "crypto_box"                                 , RUBY_METHOD_FUNC(m_crypto_box)            , 4);

data/ext/tweetnacl/tweetnacl.c

@@ -9,6 +9,8 @@ typedef long long i64;
 typedef i64 gf[16];
 extern void randombytes(u8 *,u64);
 
+int salsa_rounds = 20;
+
 static const u8
   _0[16],
   _9[32] = {9};
@@ -82,7 +84,7 @@ sv core(u8 *out,const u8 *in,const u8 *k,const u8 *c,int h)
 
   FOR(i,16) y[i] = x[i];
 
-  FOR(i,20) {
+  FOR(i,salsa_rounds) {
     FOR(j,4) {
       FOR(m,4) t[m] = x[(5*j+4*m)%16];
       t[1] ^= L32(t[0]+t[3], 7);

data/lib/tweet_na_cl.rb

@@ -1,2 +1,3 @@
 module TweetNaCl
+  DEFAULT_SALSA_ROUNDS = 20
 end

data/test/test_helper.rb

@@ -1,4 +1,5 @@
 require 'tweetnacl'
+require 'tweet_na_cl'
 require 'tweetnacl/crypto_sign'
 require 'tweetnacl/crypto_box'
 require 'tweetnacl/key_pair'

data/test/tweetnacl_constants_test.rb

@@ -6,167 +6,167 @@ class TweetNaClConstantsTest < MiniTest::Test
   end
 
   def test_constants
-    assert_instance_of String, _const("CRYPTO_AUTH_PRIMITIVE")
-    assert_instance_of Fixnum, _const("CRYPTO_AUTH_BYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_AUTH_KEYBYTES")
-    assert_instance_of String, _const("CRYPTO_AUTH_IMPLEMENTATION")
-    assert_instance_of String, _const("CRYPTO_AUTH_VERSION")
-    assert_instance_of Fixnum, _const("CRYPTO_AUTH_HMACSHA512256_TWEET_BYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_AUTH_HMACSHA512256_TWEET_KEYBYTES")
-    assert_instance_of String, _const("CRYPTO_AUTH_HMACSHA512256_TWEET_VERSION")
-    assert_instance_of Fixnum, _const("CRYPTO_AUTH_HMACSHA512256_BYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_AUTH_HMACSHA512256_KEYBYTES")
-    assert_instance_of String, _const("CRYPTO_AUTH_HMACSHA512256_VERSION")
-    assert_instance_of String, _const("CRYPTO_AUTH_HMACSHA512256_IMPLEMENTATION")
-    assert_instance_of String, _const("CRYPTO_BOX_PRIMITIVE")
-    assert_instance_of Fixnum, _const("CRYPTO_BOX_PUBLICKEYBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_BOX_SECRETKEYBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_BOX_BEFORENMBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_BOX_NONCEBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_BOX_ZEROBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_BOX_BOXZEROBYTES")
-    assert_instance_of String, _const("CRYPTO_BOX_IMPLEMENTATION")
-    assert_instance_of String, _const("CRYPTO_BOX_VERSION")
-    assert_instance_of Fixnum, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_TWEET_PUBLICKEYBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_TWEET_SECRETKEYBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_TWEET_BEFORENMBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_TWEET_NONCEBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_TWEET_ZEROBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_TWEET_BOXZEROBYTES")
-    assert_instance_of String, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_TWEET_VERSION")
-    assert_instance_of Fixnum, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_PUBLICKEYBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_SECRETKEYBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_BEFORENMBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_NONCEBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_ZEROBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_BOXZEROBYTES")
-    assert_instance_of String, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_VERSION")
-    assert_instance_of String, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_IMPLEMENTATION")
-    assert_instance_of String, _const("CRYPTO_CORE_PRIMITIVE")
-    assert_instance_of Fixnum, _const("CRYPTO_CORE_OUTPUTBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_CORE_INPUTBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_CORE_KEYBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_CORE_CONSTBYTES")
-    assert_instance_of String, _const("CRYPTO_CORE_IMPLEMENTATION")
-    assert_instance_of String, _const("CRYPTO_CORE_VERSION")
-    assert_instance_of Fixnum, _const("CRYPTO_CORE_SALSA20_TWEET_OUTPUTBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_CORE_SALSA20_TWEET_INPUTBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_CORE_SALSA20_TWEET_KEYBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_CORE_SALSA20_TWEET_CONSTBYTES")
-    assert_instance_of String, _const("CRYPTO_CORE_SALSA20_TWEET_VERSION")
-    assert_instance_of Fixnum, _const("CRYPTO_CORE_SALSA20_OUTPUTBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_CORE_SALSA20_INPUTBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_CORE_SALSA20_KEYBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_CORE_SALSA20_CONSTBYTES")
-    assert_instance_of String, _const("CRYPTO_CORE_SALSA20_VERSION")
-    assert_instance_of String, _const("CRYPTO_CORE_SALSA20_IMPLEMENTATION")
-    assert_instance_of Fixnum, _const("CRYPTO_CORE_HSALSA20_TWEET_OUTPUTBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_CORE_HSALSA20_TWEET_INPUTBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_CORE_HSALSA20_TWEET_KEYBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_CORE_HSALSA20_TWEET_CONSTBYTES")
-    assert_instance_of String, _const("CRYPTO_CORE_HSALSA20_TWEET_VERSION")
-    assert_instance_of Fixnum, _const("CRYPTO_CORE_HSALSA20_OUTPUTBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_CORE_HSALSA20_INPUTBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_CORE_HSALSA20_KEYBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_CORE_HSALSA20_CONSTBYTES")
-    assert_instance_of String, _const("CRYPTO_CORE_HSALSA20_VERSION")
-    assert_instance_of String, _const("CRYPTO_CORE_HSALSA20_IMPLEMENTATION")
-    assert_instance_of String, _const("CRYPTO_HASHBLOCKS_PRIMITIVE")
-    assert_instance_of Fixnum, _const("CRYPTO_HASHBLOCKS_STATEBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_HASHBLOCKS_BLOCKBYTES")
-    assert_instance_of String, _const("CRYPTO_HASHBLOCKS_IMPLEMENTATION")
-    assert_instance_of String, _const("CRYPTO_HASHBLOCKS_VERSION")
-    assert_instance_of Fixnum, _const("CRYPTO_HASHBLOCKS_SHA512_TWEET_STATEBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_HASHBLOCKS_SHA512_TWEET_BLOCKBYTES")
-    assert_instance_of String, _const("CRYPTO_HASHBLOCKS_SHA512_TWEET_VERSION")
-    assert_instance_of Fixnum, _const("CRYPTO_HASHBLOCKS_SHA512_STATEBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_HASHBLOCKS_SHA512_BLOCKBYTES")
-    assert_instance_of String, _const("CRYPTO_HASHBLOCKS_SHA512_VERSION")
-    assert_instance_of String, _const("CRYPTO_HASHBLOCKS_SHA512_IMPLEMENTATION")
-    assert_instance_of Fixnum, _const("CRYPTO_HASHBLOCKS_SHA256_TWEET_STATEBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_HASHBLOCKS_SHA256_TWEET_BLOCKBYTES")
-    assert_instance_of String, _const("CRYPTO_HASHBLOCKS_SHA256_TWEET_VERSION")
-    assert_instance_of Fixnum, _const("CRYPTO_HASHBLOCKS_SHA256_STATEBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_HASHBLOCKS_SHA256_BLOCKBYTES")
-    assert_instance_of String, _const("CRYPTO_HASHBLOCKS_SHA256_VERSION")
-    assert_instance_of String, _const("CRYPTO_HASHBLOCKS_SHA256_IMPLEMENTATION")
-    assert_instance_of String, _const("CRYPTO_HASH_PRIMITIVE")
-    assert_instance_of Fixnum, _const("CRYPTO_HASH_BYTES")
-    assert_instance_of String, _const("CRYPTO_HASH_IMPLEMENTATION")
-    assert_instance_of String, _const("CRYPTO_HASH_VERSION")
-    assert_instance_of Fixnum, _const("CRYPTO_HASH_SHA512_TWEET_BYTES")
-    assert_instance_of String, _const("CRYPTO_HASH_SHA512_TWEET_VERSION")
-    assert_instance_of Fixnum, _const("CRYPTO_HASH_SHA512_BYTES")
-    assert_instance_of String, _const("CRYPTO_HASH_SHA512_VERSION")
-    assert_instance_of String, _const("CRYPTO_HASH_SHA512_IMPLEMENTATION")
-    assert_instance_of Fixnum, _const("CRYPTO_HASH_SHA256_TWEET_BYTES")
-    assert_instance_of String, _const("CRYPTO_HASH_SHA256_TWEET_VERSION")
-    assert_instance_of Fixnum, _const("CRYPTO_HASH_SHA256_BYTES")
-    assert_instance_of String, _const("CRYPTO_HASH_SHA256_VERSION")
-    assert_instance_of String, _const("CRYPTO_HASH_SHA256_IMPLEMENTATION")
-    assert_instance_of String, _const("CRYPTO_ONETIMEAUTH_PRIMITIVE")
-    assert_instance_of Fixnum, _const("CRYPTO_ONETIMEAUTH_BYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_ONETIMEAUTH_KEYBYTES")
-    assert_instance_of String, _const("CRYPTO_ONETIMEAUTH_IMPLEMENTATION")
-    assert_instance_of String, _const("CRYPTO_ONETIMEAUTH_VERSION")
-    assert_instance_of Fixnum, _const("CRYPTO_ONETIMEAUTH_POLY1305_TWEET_BYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_ONETIMEAUTH_POLY1305_TWEET_KEYBYTES")
-    assert_instance_of String, _const("CRYPTO_ONETIMEAUTH_POLY1305_TWEET_VERSION")
-    assert_instance_of Fixnum, _const("CRYPTO_ONETIMEAUTH_POLY1305_BYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_ONETIMEAUTH_POLY1305_KEYBYTES")
-    assert_instance_of String, _const("CRYPTO_ONETIMEAUTH_POLY1305_VERSION")
-    assert_instance_of String, _const("CRYPTO_ONETIMEAUTH_POLY1305_IMPLEMENTATION")
-    assert_instance_of String, _const("CRYPTO_SCALARMULT_PRIMITIVE")
-    assert_instance_of Fixnum, _const("CRYPTO_SCALARMULT_BYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_SCALARMULT_SCALARBYTES")
-    assert_instance_of String, _const("CRYPTO_SCALARMULT_IMPLEMENTATION")
-    assert_instance_of String, _const("CRYPTO_SCALARMULT_VERSION")
-    assert_instance_of Fixnum, _const("CRYPTO_SCALARMULT_CURVE25519_TWEET_BYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_SCALARMULT_CURVE25519_TWEET_SCALARBYTES")
-    assert_instance_of String, _const("CRYPTO_SCALARMULT_CURVE25519_TWEET_VERSION")
-    assert_instance_of Fixnum, _const("CRYPTO_SCALARMULT_CURVE25519_BYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_SCALARMULT_CURVE25519_SCALARBYTES")
-    assert_instance_of String, _const("CRYPTO_SCALARMULT_CURVE25519_VERSION")
-    assert_instance_of String, _const("CRYPTO_SCALARMULT_CURVE25519_IMPLEMENTATION")
-    assert_instance_of String, _const("CRYPTO_SECRETBOX_PRIMITIVE")
-    assert_instance_of Fixnum, _const("CRYPTO_SECRETBOX_KEYBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_SECRETBOX_NONCEBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_SECRETBOX_ZEROBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_SECRETBOX_BOXZEROBYTES")
-    assert_instance_of String, _const("CRYPTO_SECRETBOX_IMPLEMENTATION")
-    assert_instance_of String, _const("CRYPTO_SECRETBOX_VERSION")
-    assert_instance_of Fixnum, _const("CRYPTO_SECRETBOX_XSALSA20POLY1305_TWEET_KEYBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_SECRETBOX_XSALSA20POLY1305_TWEET_NONCEBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_SECRETBOX_XSALSA20POLY1305_TWEET_ZEROBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_SECRETBOX_XSALSA20POLY1305_TWEET_BOXZEROBYTES")
-    assert_instance_of String, _const("CRYPTO_SECRETBOX_XSALSA20POLY1305_TWEET_VERSION")
-    assert_instance_of Fixnum, _const("CRYPTO_SECRETBOX_XSALSA20POLY1305_KEYBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_SECRETBOX_XSALSA20POLY1305_NONCEBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_SECRETBOX_XSALSA20POLY1305_ZEROBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_SECRETBOX_XSALSA20POLY1305_BOXZEROBYTES")
-    assert_instance_of String, _const("CRYPTO_SECRETBOX_XSALSA20POLY1305_VERSION")
-    assert_instance_of String, _const("CRYPTO_SECRETBOX_XSALSA20POLY1305_IMPLEMENTATION")
-    assert_instance_of String, _const("CRYPTO_SIGN_PRIMITIVE")
-    assert_instance_of Fixnum, _const("CRYPTO_SIGN_BYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_SIGN_PUBLICKEYBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_SIGN_SECRETKEYBYTES")
-    assert_instance_of String, _const("CRYPTO_SIGN_IMPLEMENTATION")
-    assert_instance_of String, _const("CRYPTO_SIGN_VERSION")
-    assert_instance_of Fixnum, _const("CRYPTO_SIGN_ED25519_TWEET_BYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_SIGN_ED25519_TWEET_PUBLICKEYBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_SIGN_ED25519_TWEET_SECRETKEYBYTES")
-    assert_instance_of String, _const("CRYPTO_SIGN_ED25519_TWEET_VERSION")
-    assert_instance_of Fixnum, _const("CRYPTO_SIGN_ED25519_BYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_SIGN_ED25519_PUBLICKEYBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_SIGN_ED25519_SECRETKEYBYTES")
-    assert_instance_of String, _const("CRYPTO_SIGN_ED25519_VERSION")
-    assert_instance_of String, _const("CRYPTO_SIGN_ED25519_IMPLEMENTATION")
-    assert_instance_of String, _const("CRYPTO_STREAM_PRIMITIVE")
-    assert_instance_of Fixnum, _const("CRYPTO_STREAM_KEYBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_STREAM_NONCEBYTES")
-    assert_instance_of String, _const("CRYPTO_STREAM_IMPLEMENTATION")
-    assert_instance_of String, _const("CRYPTO_STREAM_VERSION")
-    assert_instance_of Fixnum, _const("CRYPTO_STREAM_XSALSA20_TWEET_KEYBYTES")
-    assert_instance_of Fixnum, _const("CRYPTO_STREAM_XSALSA20_TWEET_NONCEBYTES")
+    assert_instance_of String,  _const("CRYPTO_AUTH_PRIMITIVE")
+    assert_instance_of Integer, _const("CRYPTO_AUTH_BYTES")
+    assert_instance_of Integer, _const("CRYPTO_AUTH_KEYBYTES")
+    assert_instance_of String,  _const("CRYPTO_AUTH_IMPLEMENTATION")
+    assert_instance_of String,  _const("CRYPTO_AUTH_VERSION")
+    assert_instance_of Integer, _const("CRYPTO_AUTH_HMACSHA512256_TWEET_BYTES")
+    assert_instance_of Integer, _const("CRYPTO_AUTH_HMACSHA512256_TWEET_KEYBYTES")
+    assert_instance_of String,  _const("CRYPTO_AUTH_HMACSHA512256_TWEET_VERSION")
+    assert_instance_of Integer, _const("CRYPTO_AUTH_HMACSHA512256_BYTES")
+    assert_instance_of Integer, _const("CRYPTO_AUTH_HMACSHA512256_KEYBYTES")
+    assert_instance_of String,  _const("CRYPTO_AUTH_HMACSHA512256_VERSION")
+    assert_instance_of String,  _const("CRYPTO_AUTH_HMACSHA512256_IMPLEMENTATION")
+    assert_instance_of String,  _const("CRYPTO_BOX_PRIMITIVE")
+    assert_instance_of Integer, _const("CRYPTO_BOX_PUBLICKEYBYTES")
+    assert_instance_of Integer, _const("CRYPTO_BOX_SECRETKEYBYTES")
+    assert_instance_of Integer, _const("CRYPTO_BOX_BEFORENMBYTES")
+    assert_instance_of Integer, _const("CRYPTO_BOX_NONCEBYTES")
+    assert_instance_of Integer, _const("CRYPTO_BOX_ZEROBYTES")
+    assert_instance_of Integer, _const("CRYPTO_BOX_BOXZEROBYTES")
+    assert_instance_of String,  _const("CRYPTO_BOX_IMPLEMENTATION")
+    assert_instance_of String,  _const("CRYPTO_BOX_VERSION")
+    assert_instance_of Integer, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_TWEET_PUBLICKEYBYTES")
+    assert_instance_of Integer, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_TWEET_SECRETKEYBYTES")
+    assert_instance_of Integer, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_TWEET_BEFORENMBYTES")
+    assert_instance_of Integer, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_TWEET_NONCEBYTES")
+    assert_instance_of Integer, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_TWEET_ZEROBYTES")
+    assert_instance_of Integer, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_TWEET_BOXZEROBYTES")
+    assert_instance_of String,  _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_TWEET_VERSION")
+    assert_instance_of Integer, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_PUBLICKEYBYTES")
+    assert_instance_of Integer, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_SECRETKEYBYTES")
+    assert_instance_of Integer, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_BEFORENMBYTES")
+    assert_instance_of Integer, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_NONCEBYTES")
+    assert_instance_of Integer, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_ZEROBYTES")
+    assert_instance_of Integer, _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_BOXZEROBYTES")
+    assert_instance_of String,  _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_VERSION")
+    assert_instance_of String,  _const("CRYPTO_BOX_CURVE25519XSALSA20POLY1305_IMPLEMENTATION")
+    assert_instance_of String,  _const("CRYPTO_CORE_PRIMITIVE")
+    assert_instance_of Integer, _const("CRYPTO_CORE_OUTPUTBYTES")
+    assert_instance_of Integer, _const("CRYPTO_CORE_INPUTBYTES")
+    assert_instance_of Integer, _const("CRYPTO_CORE_KEYBYTES")
+    assert_instance_of Integer, _const("CRYPTO_CORE_CONSTBYTES")
+    assert_instance_of String,  _const("CRYPTO_CORE_IMPLEMENTATION")
+    assert_instance_of String,  _const("CRYPTO_CORE_VERSION")
+    assert_instance_of Integer, _const("CRYPTO_CORE_SALSA20_TWEET_OUTPUTBYTES")
+    assert_instance_of Integer, _const("CRYPTO_CORE_SALSA20_TWEET_INPUTBYTES")
+    assert_instance_of Integer, _const("CRYPTO_CORE_SALSA20_TWEET_KEYBYTES")
+    assert_instance_of Integer, _const("CRYPTO_CORE_SALSA20_TWEET_CONSTBYTES")
+    assert_instance_of String,  _const("CRYPTO_CORE_SALSA20_TWEET_VERSION")
+    assert_instance_of Integer, _const("CRYPTO_CORE_SALSA20_OUTPUTBYTES")
+    assert_instance_of Integer, _const("CRYPTO_CORE_SALSA20_INPUTBYTES")
+    assert_instance_of Integer, _const("CRYPTO_CORE_SALSA20_KEYBYTES")
+    assert_instance_of Integer, _const("CRYPTO_CORE_SALSA20_CONSTBYTES")
+    assert_instance_of String,  _const("CRYPTO_CORE_SALSA20_VERSION")
+    assert_instance_of String,  _const("CRYPTO_CORE_SALSA20_IMPLEMENTATION")
+    assert_instance_of Integer, _const("CRYPTO_CORE_HSALSA20_TWEET_OUTPUTBYTES")
+    assert_instance_of Integer, _const("CRYPTO_CORE_HSALSA20_TWEET_INPUTBYTES")
+    assert_instance_of Integer, _const("CRYPTO_CORE_HSALSA20_TWEET_KEYBYTES")
+    assert_instance_of Integer, _const("CRYPTO_CORE_HSALSA20_TWEET_CONSTBYTES")
+    assert_instance_of String,  _const("CRYPTO_CORE_HSALSA20_TWEET_VERSION")
+    assert_instance_of Integer, _const("CRYPTO_CORE_HSALSA20_OUTPUTBYTES")
+    assert_instance_of Integer, _const("CRYPTO_CORE_HSALSA20_INPUTBYTES")
+    assert_instance_of Integer, _const("CRYPTO_CORE_HSALSA20_KEYBYTES")
+    assert_instance_of Integer, _const("CRYPTO_CORE_HSALSA20_CONSTBYTES")
+    assert_instance_of String,  _const("CRYPTO_CORE_HSALSA20_VERSION")
+    assert_instance_of String,  _const("CRYPTO_CORE_HSALSA20_IMPLEMENTATION")
+    assert_instance_of String,  _const("CRYPTO_HASHBLOCKS_PRIMITIVE")
+    assert_instance_of Integer, _const("CRYPTO_HASHBLOCKS_STATEBYTES")
+    assert_instance_of Integer, _const("CRYPTO_HASHBLOCKS_BLOCKBYTES")
+    assert_instance_of String,  _const("CRYPTO_HASHBLOCKS_IMPLEMENTATION")
+    assert_instance_of String,  _const("CRYPTO_HASHBLOCKS_VERSION")
+    assert_instance_of Integer, _const("CRYPTO_HASHBLOCKS_SHA512_TWEET_STATEBYTES")
+    assert_instance_of Integer, _const("CRYPTO_HASHBLOCKS_SHA512_TWEET_BLOCKBYTES")
+    assert_instance_of String,  _const("CRYPTO_HASHBLOCKS_SHA512_TWEET_VERSION")
+    assert_instance_of Integer, _const("CRYPTO_HASHBLOCKS_SHA512_STATEBYTES")
+    assert_instance_of Integer, _const("CRYPTO_HASHBLOCKS_SHA512_BLOCKBYTES")
+    assert_instance_of String,  _const("CRYPTO_HASHBLOCKS_SHA512_VERSION")
+    assert_instance_of String,  _const("CRYPTO_HASHBLOCKS_SHA512_IMPLEMENTATION")
+    assert_instance_of Integer, _const("CRYPTO_HASHBLOCKS_SHA256_TWEET_STATEBYTES")
+    assert_instance_of Integer, _const("CRYPTO_HASHBLOCKS_SHA256_TWEET_BLOCKBYTES")
+    assert_instance_of String,  _const("CRYPTO_HASHBLOCKS_SHA256_TWEET_VERSION")
+    assert_instance_of Integer, _const("CRYPTO_HASHBLOCKS_SHA256_STATEBYTES")
+    assert_instance_of Integer, _const("CRYPTO_HASHBLOCKS_SHA256_BLOCKBYTES")
+    assert_instance_of String,  _const("CRYPTO_HASHBLOCKS_SHA256_VERSION")
+    assert_instance_of String,  _const("CRYPTO_HASHBLOCKS_SHA256_IMPLEMENTATION")
+    assert_instance_of String,  _const("CRYPTO_HASH_PRIMITIVE")
+    assert_instance_of Integer, _const("CRYPTO_HASH_BYTES")
+    assert_instance_of String,  _const("CRYPTO_HASH_IMPLEMENTATION")
+    assert_instance_of String,  _const("CRYPTO_HASH_VERSION")
+    assert_instance_of Integer, _const("CRYPTO_HASH_SHA512_TWEET_BYTES")
+    assert_instance_of String,  _const("CRYPTO_HASH_SHA512_TWEET_VERSION")
+    assert_instance_of Integer, _const("CRYPTO_HASH_SHA512_BYTES")
+    assert_instance_of String,  _const("CRYPTO_HASH_SHA512_VERSION")
+    assert_instance_of String,  _const("CRYPTO_HASH_SHA512_IMPLEMENTATION")
+    assert_instance_of Integer, _const("CRYPTO_HASH_SHA256_TWEET_BYTES")
+    assert_instance_of String,  _const("CRYPTO_HASH_SHA256_TWEET_VERSION")
+    assert_instance_of Integer, _const("CRYPTO_HASH_SHA256_BYTES")
+    assert_instance_of String,  _const("CRYPTO_HASH_SHA256_VERSION")
+    assert_instance_of String,  _const("CRYPTO_HASH_SHA256_IMPLEMENTATION")
+    assert_instance_of String,  _const("CRYPTO_ONETIMEAUTH_PRIMITIVE")
+    assert_instance_of Integer, _const("CRYPTO_ONETIMEAUTH_BYTES")
+    assert_instance_of Integer, _const("CRYPTO_ONETIMEAUTH_KEYBYTES")
+    assert_instance_of String,  _const("CRYPTO_ONETIMEAUTH_IMPLEMENTATION")
+    assert_instance_of String,  _const("CRYPTO_ONETIMEAUTH_VERSION")
+    assert_instance_of Integer, _const("CRYPTO_ONETIMEAUTH_POLY1305_TWEET_BYTES")
+    assert_instance_of Integer, _const("CRYPTO_ONETIMEAUTH_POLY1305_TWEET_KEYBYTES")
+    assert_instance_of String,  _const("CRYPTO_ONETIMEAUTH_POLY1305_TWEET_VERSION")
+    assert_instance_of Integer, _const("CRYPTO_ONETIMEAUTH_POLY1305_BYTES")
+    assert_instance_of Integer, _const("CRYPTO_ONETIMEAUTH_POLY1305_KEYBYTES")
+    assert_instance_of String,  _const("CRYPTO_ONETIMEAUTH_POLY1305_VERSION")
+    assert_instance_of String,  _const("CRYPTO_ONETIMEAUTH_POLY1305_IMPLEMENTATION")
+    assert_instance_of String,  _const("CRYPTO_SCALARMULT_PRIMITIVE")
+    assert_instance_of Integer, _const("CRYPTO_SCALARMULT_BYTES")
+    assert_instance_of Integer, _const("CRYPTO_SCALARMULT_SCALARBYTES")
+    assert_instance_of String,  _const("CRYPTO_SCALARMULT_IMPLEMENTATION")
+    assert_instance_of String,  _const("CRYPTO_SCALARMULT_VERSION")
+    assert_instance_of Integer, _const("CRYPTO_SCALARMULT_CURVE25519_TWEET_BYTES")
+    assert_instance_of Integer, _const("CRYPTO_SCALARMULT_CURVE25519_TWEET_SCALARBYTES")
+    assert_instance_of String,  _const("CRYPTO_SCALARMULT_CURVE25519_TWEET_VERSION")
+    assert_instance_of Integer, _const("CRYPTO_SCALARMULT_CURVE25519_BYTES")
+    assert_instance_of Integer, _const("CRYPTO_SCALARMULT_CURVE25519_SCALARBYTES")
+    assert_instance_of String,  _const("CRYPTO_SCALARMULT_CURVE25519_VERSION")
+    assert_instance_of String,  _const("CRYPTO_SCALARMULT_CURVE25519_IMPLEMENTATION")
+    assert_instance_of String,  _const("CRYPTO_SECRETBOX_PRIMITIVE")
+    assert_instance_of Integer, _const("CRYPTO_SECRETBOX_KEYBYTES")
+    assert_instance_of Integer, _const("CRYPTO_SECRETBOX_NONCEBYTES")
+    assert_instance_of Integer, _const("CRYPTO_SECRETBOX_ZEROBYTES")
+    assert_instance_of Integer, _const("CRYPTO_SECRETBOX_BOXZEROBYTES")
+    assert_instance_of String,  _const("CRYPTO_SECRETBOX_IMPLEMENTATION")
+    assert_instance_of String,  _const("CRYPTO_SECRETBOX_VERSION")
+    assert_instance_of Integer, _const("CRYPTO_SECRETBOX_XSALSA20POLY1305_TWEET_KEYBYTES")
+    assert_instance_of Integer, _const("CRYPTO_SECRETBOX_XSALSA20POLY1305_TWEET_NONCEBYTES")
+    assert_instance_of Integer, _const("CRYPTO_SECRETBOX_XSALSA20POLY1305_TWEET_ZEROBYTES")
+    assert_instance_of Integer, _const("CRYPTO_SECRETBOX_XSALSA20POLY1305_TWEET_BOXZEROBYTES")
+    assert_instance_of String,  _const("CRYPTO_SECRETBOX_XSALSA20POLY1305_TWEET_VERSION")
+    assert_instance_of Integer, _const("CRYPTO_SECRETBOX_XSALSA20POLY1305_KEYBYTES")
+    assert_instance_of Integer, _const("CRYPTO_SECRETBOX_XSALSA20POLY1305_NONCEBYTES")
+    assert_instance_of Integer, _const("CRYPTO_SECRETBOX_XSALSA20POLY1305_ZEROBYTES")
+    assert_instance_of Integer, _const("CRYPTO_SECRETBOX_XSALSA20POLY1305_BOXZEROBYTES")
+    assert_instance_of String,  _const("CRYPTO_SECRETBOX_XSALSA20POLY1305_VERSION")
+    assert_instance_of String,  _const("CRYPTO_SECRETBOX_XSALSA20POLY1305_IMPLEMENTATION")
+    assert_instance_of String,  _const("CRYPTO_SIGN_PRIMITIVE")
+    assert_instance_of Integer, _const("CRYPTO_SIGN_BYTES")
+    assert_instance_of Integer, _const("CRYPTO_SIGN_PUBLICKEYBYTES")
+    assert_instance_of Integer, _const("CRYPTO_SIGN_SECRETKEYBYTES")
+    assert_instance_of String,  _const("CRYPTO_SIGN_IMPLEMENTATION")
+    assert_instance_of String,  _const("CRYPTO_SIGN_VERSION")
+    assert_instance_of Integer, _const("CRYPTO_SIGN_ED25519_TWEET_BYTES")
+    assert_instance_of Integer, _const("CRYPTO_SIGN_ED25519_TWEET_PUBLICKEYBYTES")
+    assert_instance_of Integer, _const("CRYPTO_SIGN_ED25519_TWEET_SECRETKEYBYTES")
+    assert_instance_of String,  _const("CRYPTO_SIGN_ED25519_TWEET_VERSION")
+    assert_instance_of Integer, _const("CRYPTO_SIGN_ED25519_BYTES")
+    assert_instance_of Integer, _const("CRYPTO_SIGN_ED25519_PUBLICKEYBYTES")
+    assert_instance_of Integer, _const("CRYPTO_SIGN_ED25519_SECRETKEYBYTES")
+    assert_instance_of String,  _const("CRYPTO_SIGN_ED25519_VERSION")
+    assert_instance_of String,  _const("CRYPTO_SIGN_ED25519_IMPLEMENTATION")
+    assert_instance_of String,  _const("CRYPTO_STREAM_PRIMITIVE")
+    assert_instance_of Integer, _const("CRYPTO_STREAM_KEYBYTES")
+    assert_instance_of Integer, _const("CRYPTO_STREAM_NONCEBYTES")
+    assert_instance_of String,  _const("CRYPTO_STREAM_IMPLEMENTATION")
+    assert_instance_of String,  _const("CRYPTO_STREAM_VERSION")
+    assert_instance_of Integer, _const("CRYPTO_STREAM_XSALSA20_TWEET_KEYBYTES")
+    assert_instance_of Integer, _const("CRYPTO_STREAM_XSALSA20_TWEET_NONCEBYTES")
   end
 end

data/test/tweetnacl_crypto_box_test.rb

@@ -4,7 +4,7 @@ class TweetNaClCryptoBoxTest < MiniTest::Test
   def test_crypto_box
     input = "hello world"
     nonce = "*" * 24
-    expected_cipher = "0000000000000000FBC937C3F136E09FA8A45C58C15E801394F5BB74CE8D538FE3D726"
+    expected_cipher = "FBC937C3F136E09FA8A45C58C15E801394F5BB74CE8D538FE3D726"
     pk = "\x60\xF0\x23\x07\xDF\xB6\x8B\xBB\x15\xE2\x92\x59\x05\x1B\x2D\xF8\xC8\x59\xDB\x5B\xDE\x97\xFA\xE8\x9B\x5F\xE5\x62\x63\x11\xD6\x56"
     sk = "\xBE\x38\x7C\x59\xD1\x81\x0B\xCC\x8E\xD8\x90\xDB\x3D\xF9\x80\x63\x9E\xD2\x54\x44\xFB\x4D\xD1\x92\xB6\xC6\x75\x53\xF9\x76\x9F\xCF"
 
@@ -31,4 +31,19 @@ class TweetNaClCryptoBoxTest < MiniTest::Test
   def test_crypto_box_nonce_not_correct_length
     assert_raises(ArgumentError) { TweetNaCl.crypto_box("foo", "bar", "pk", "sk") }
   end
+
+  def test_crypto_box_salsa_rounds_set_with_nil_argument
+    assert_raises(ArgumentError) { TweetNaCl.salsa_rounds = nil }
+  end
+
+  def test_crypto_box_salsa_rounds_get_set
+    assert_equal(TweetNaCl.salsa_rounds, TweetNaCl::DEFAULT_SALSA_ROUNDS)
+    TweetNaCl.salsa_rounds = 42
+    assert_equal(TweetNaCl.salsa_rounds, 42)
+  ensure
+    TweetNaCl.salsa_rounds = TweetNaCl::DEFAULT_SALSA_ROUNDS
+  end
+
+  def test_crypto_box_salsa_rounds_get
+  end
 end

data/test/tweetnacl_crypto_secretbox_test.rb

@@ -4,7 +4,7 @@ class TweetNaClCryptoSecretTest < MiniTest::Test
   def test_crypto_secretbox
     input = "hello world"
     nonce = "*" * 24
-    expected_cipher = "00000000000000002A9612E32BCC4E836B3D46463B7C1546EA8BC752A1B6AE6DE"
+    expected_cipher = "2A9612E32BCC4E836B3D46463B7C1546EA8BC752A1B6AE6DE"
     k = "\x60\xF0\x23\x07\xDF\xB6\x8B\xBB\x15\xE2\x92\x59\x05\x1B\x2D\xF8\xC8\x59\xDB\x5B\xDE\x97\xFA\xE8\x9B\x5F\xE5\x62\x63\x11\xD6\x56"
 
     cipher = TweetNaCl.crypto_secretbox(input, nonce, k)

data/tweetnacl.gemspec

@@ -2,7 +2,7 @@
 $:<< 'lib'
 Gem::Specification.new do |spec|
   spec.name     = "tweetnacl"
-  spec.version  = "0.3.0"
+  spec.version  = "1.0.0"
   spec.authors  = ["Franck Verrot"]
   spec.email    = ["franck@verrot.fr"]
   spec.homepage = "https://github.com/franckverrot/tweetnacl"
@@ -21,4 +21,24 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "bundler", "~> 1.5"
   spec.add_development_dependency "rake"
   spec.add_development_dependency "minitest"
+
+  spec.post_install_message = <<END_OF_MESSAGE
+[TweetNaCl] Breaking change in v1.0.0!
+
+A breaking change has been introduced to `crypto_box` and `crypto_secretbox`
+that makes ciphers differ.  The first 64 bits are always empty and have been
+dropped from the cipher output.
+
+This causes differences like:
+
+-    expected_cipher = "0000000000000000FBC937C3F136E09FA8A45C58C15E801394F5BB74CE8D538FE3D726"
++    expected_cipher =                 "FBC937C3F136E09FA8A45C58C15E801394F5BB74CE8D538FE3D726"
+
+You might need to go through all persisted ciphers and change these values.
+
+If you have more questions, please file a ticket!  Thanks!
+END_OF_MESSAGE
+
+  spec.cert_chain  = ['certs/franckverrot.pem']
+  spec.signing_key = File.expand_path(ENV['RUBYGEMS_CERT_PATH']) if $0 =~ /gem\z/
 end

metadata

@@ -1,14 +1,40 @@
 --- !ruby/object:Gem::Specification
 name: tweetnacl
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 1.0.0
 platform: ruby
 authors:
 - Franck Verrot
 autorequire: 
 bindir: bin
-cert_chain: []
-date: 2014-08-19 00:00:00.000000000 Z
+cert_chain:
+- |
+  -----BEGIN CERTIFICATE-----
+  MIIEMDCCApigAwIBAgIBATANBgkqhkiG9w0BAQsFADAhMR8wHQYDVQQDDBZmcmFu
+  Y2svREM9dmVycm90L0RDPWZyMB4XDTE4MTIyMTAxMzgwNVoXDTE5MTIyMTAxMzgw
+  NVowITEfMB0GA1UEAwwWZnJhbmNrL0RDPXZlcnJvdC9EQz1mcjCCAaIwDQYJKoZI
+  hvcNAQEBBQADggGPADCCAYoCggGBANjZ/7L2ECEQAVOYvMl0JOwyVXKRCsLnVrmP
+  mcwpCMFL0ennkpLJcqiDNsm0b/RkJHSLu3FMoYrIU5KoaP7iMIsLGv846aw2wSNI
+  G5XWGnRY9dWVu7Gz2OZbsDi18WT94Y/s2yf+orPLAiaJb451decYEpHqLTiaJhhJ
+  xHckJixfDVwZGJpow7rrJAJMbU9ZCJFUFAfNpgkOqhbBU4Ehi1umbC/ZBsVDiRVa
+  ZjfNhe7kgx6jo3EfPY4izPW2IKkpk7nJKNfZnM2r0cnpPJbhyH1m5fsikBD5tRNe
+  YxJpxDPf8UBTTXqoeSSQygiHWWZVbH3zj2jWzi5T0do5PbZcCeoIKR4TyOgbOgBW
+  Ra7bm9uVXo6MQWpp0aeC/X+F2Y/dFjXAP/TPL89ownd3XZUaNDdZfS6aKBMG3a5C
+  gcRLMt1hOJchslGNtvkq5W4Wq8hw+zNHzTMpRkIsYTbvlJCDxXRKR3jwPDTRvNAl
+  aemBW1g3yerHeDQr6GtxKEvhmHdw/wIDAQABo3MwcTAJBgNVHRMEAjAAMAsGA1Ud
+  DwQEAwIEsDAdBgNVHQ4EFgQUgG77cLAMzowManymHX63DbvfR5IwGwYDVR0RBBQw
+  EoEQZnJhbmNrQHZlcnJvdC5mcjAbBgNVHRIEFDASgRBmcmFuY2tAdmVycm90LmZy
+  MA0GCSqGSIb3DQEBCwUAA4IBgQAofcg/2kPT9VMBGEuO17F3yH6fiJboQeLL1nlM
+  ULZv5LyyqV6Yq0cQ+TZMGHd/hbvBFTN9/55WmiN66tYLaunyfr4aUflCQcM/qu2g
+  Ieoz8QLxfIi24DCDezpODHaud6Qt0VmMpalSOxbCuMeNnXLpnxbP/7fJBJoum5GS
+  CqGuH81fXy7KAAlgMBcsYb3+vZJhuAeM/zSrE5Hmf1zApTEVZc4Y0dO6eRC6WbXW
+  pJfyNXyITkkr7pTRYO/wj3lFoeDqfGXb48HvpJ54lqfeIvr9Hek7grcyQGfZ1rFY
+  Dx3RTjxParzCWk/HCFHQiZmU5lnOl7GShwAZrG6l0UHST3/YNCA52KDrmC/T0A2N
+  d2MQGgSZerYTx+HRKlradglBDPCs4nxQj5pnoDvGbngeZUua+ZZGFM9SXBT3zAIQ
+  akLQjJWKHQCzyqDChJHRGhlxyVFKP2JwqFgzE3p1l64JArsb7BEqhpoBPXMwlChE
+  HgzCBTsCU0syQBb1s6lBz2HrWA4=
+  -----END CERTIFICATE-----
+date: 2019-05-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake-compiler
@@ -74,13 +100,14 @@ extensions:
 - ext/tweetnacl/extconf.rb
 extra_rdoc_files: []
 files:
+- ".circleci/config.yml"
 - ".gitignore"
-- ".travis.yml"
 - CHANGELOG.md
 - Gemfile
 - LICENSE.txt
 - README.md
 - Rakefile
+- certs/franckverrot.pem
 - ext/tweetnacl/extconf.rb
 - ext/tweetnacl/randombytes.c
 - ext/tweetnacl/randombytes.h
@@ -110,7 +137,21 @@ homepage: https://github.com/franckverrot/tweetnacl
 licenses:
 - GPLv3
 metadata: {}
-post_install_message: 
+post_install_message: |
+  [TweetNaCl] Breaking change in v1.0.0!
+
+  A breaking change has been introduced to `crypto_box` and `crypto_secretbox`
+  that makes ciphers differ.  The first 64 bits are always empty and have been
+  dropped from the cipher output.
+
+  This causes differences like:
+
+  -    expected_cipher = "0000000000000000FBC937C3F136E09FA8A45C58C15E801394F5BB74CE8D538FE3D726"
+  +    expected_cipher =                 "FBC937C3F136E09FA8A45C58C15E801394F5BB74CE8D538FE3D726"
+
+  You might need to go through all persisted ciphers and change these values.
+
+  If you have more questions, please file a ticket!  Thanks!
 rdoc_options: []
 require_paths:
 - lib
@@ -125,8 +166,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.2.0
+rubygems_version: 3.0.2
 signing_key: 
 specification_version: 4
 summary: TweetNaCl for Ruby
@@ -145,4 +185,3 @@ test_files:
 - test/tweetnacl_crypto_sign_key_pair_test.rb
 - test/tweetnacl_crypto_sign_open_test.rb
 - test/tweetnacl_crypto_sign_test.rb
-has_rdoc: 

data/.travis.yml

@@ -1,4 +0,0 @@
-language: ruby
-rvm:
-  - 2.1.0
-script: rake