From 961109635b25d212a2a6708108399c6af169999d Mon Sep 17 00:00:00 2001 From: Cory McWilliams Date: Sun, 19 Feb 2023 23:23:53 +0000 Subject: [PATCH] Latest libsodium-1.0.18-stable.tar.gz. git-svn-id: https://www.unprompted.com/svn/projects/tildefriends/trunk@4193 ed5197a5-7fde-0310-b194-c3ffbd925b24 --- deps/libsodium/.github/workflows/ci.yml | 68 +- .../.github/workflows/codeql-analysis.yml | 6 +- .../.github/workflows/dotnet-core.yml | 322 +-- deps/libsodium/AUTHORS | 3 +- deps/libsodium/LICENSE | 2 +- deps/libsodium/azure-pipelines.yml | 23 +- deps/libsodium/build-aux/config.sub | 35 +- deps/libsodium/build.zig | 172 +- .../builds/msvc/properties/DebugLIB.props | 4 +- .../builds/msvc/properties/Release.props | 4 +- deps/libsodium/configure | 399 +++- deps/libsodium/configure.ac | 29 +- deps/libsodium/dist-build/android-aar.sh | 144 ++ deps/libsodium/dist-build/android-armv7-a.sh | 2 +- deps/libsodium/dist-build/android-armv8-a.sh | 2 +- deps/libsodium/dist-build/android-build.sh | 64 +- .../libsodium/dist-build/apple-xcframework.sh | 211 +- .../dist-build/emscripten-symbols.def | 50 +- deps/libsodium/dist-build/emscripten.sh | 107 +- .../dist-build/generate-emscripten-symbols.sh | 8 +- deps/libsodium/dist-build/wasm32-wasi.sh | 6 +- deps/libsodium/m4/ax_check_catchable_segv.m4 | 2 + .../packaging/dotnet-core/libsodium.pkgproj | 6 +- deps/libsodium/packaging/nuget/package.config | 2 +- .../aes256gcm/aesni/aead_aes256gcm_aesni.c | 1755 +++++++++-------- .../libsodium/crypto_pwhash/argon2/argon2.c | 5 + .../crypto_scrypt-common.c | 5 + .../curve25519/ref10/x25519_ref10.c | 4 +- .../curve25519/sandy2x/curve25519_sandy2x.c | 56 +- .../curve25519/sandy2x/fe_frombytes_sandy2x.c | 102 +- .../crypto_stream/salsa20/xmm6int/u0.h | 2 +- deps/libsodium/src/libsodium/sodium/utils.c | 8 +- deps/libsodium/test/default/Makefile.am | 1 + deps/libsodium/test/default/Makefile.in | 1 + deps/libsodium/test/default/aead_aes256gcm.c | 70 + deps/libsodium/test/default/cmptest.h | 17 +- deps/libsodium/test/default/misuse.c | 33 +- deps/libsodium/test/default/pwhash_argon2i.c | 22 +- deps/libsodium/test/default/pwhash_argon2id.c | 22 +- deps/libsodium/test/default/run.sh | 9 + deps/libsodium/test/default/sodium_core.c | 6 +- deps/libsodium/test/default/sodium_utils2.c | 5 +- deps/libsodium/test/default/sodium_utils3.c | 5 +- .../test/default/wasi-test-wrapper.sh | 104 +- 44 files changed, 2426 insertions(+), 1477 deletions(-) create mode 100755 deps/libsodium/dist-build/android-aar.sh create mode 100755 deps/libsodium/test/default/run.sh diff --git a/deps/libsodium/.github/workflows/ci.yml b/deps/libsodium/.github/workflows/ci.yml index 2cf808f7..f79c9c95 100644 --- a/deps/libsodium/.github/workflows/ci.yml +++ b/deps/libsodium/.github/workflows/ci.yml @@ -12,13 +12,14 @@ jobs: tcc: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Update packages list run: sudo apt-get update - name: Install dependencies - run: sudo apt-get install -y build-essential libtool autoconf automake tcc + run: | + sudo apt-get install -y build-essential libtool autoconf automake tcc - name: Autogen run: ./autogen.sh -s @@ -31,10 +32,40 @@ jobs: make uninstall make distclean + zig: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + + - name: Update packages list + run: sudo apt-get update + + - name: Install dependencies + run: | + curl -sL -o - https://ziglang.org/download/0.10.1/zig-linux-x86_64-0.10.1.tar.xz | tar xJ -f - -C /opt/ + sudo mv /opt/zig-* /opt/zig + + - name: Autogen + run: ./autogen.sh -s + + - name: Compilation with zig + run: | + export PATH=/opt/zig:$PATH + zig build + zig build -Dtarget=x86_64-linux + zig build -Dtarget=aarch64-linux + zig build -Dtarget=x86_64-windows + zig build -Dtarget=aarch64-windows + zig build -Dtarget=x86_64-macos + zig build -Dtarget=aarch64-macos + zig build -Dtarget=wasm32-wasi + zig build -Drelease-fast + rm -fr zig-cache zig-out + regular: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Update packages list run: sudo apt-get update @@ -63,7 +94,7 @@ jobs: check-globals: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Update packages list run: sudo apt-get update @@ -81,7 +112,7 @@ jobs: other-comp: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Update packages list run: sudo apt-get update @@ -107,7 +138,7 @@ jobs: other-arch: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Update packages list run: sudo apt-get update @@ -123,3 +154,28 @@ jobs: env CPPFLAGS="-DDEV_MODE=1" ./configure --disable-dependency-tracking --host=powerpc-linux-gnu make -j $(nproc) make clean > /dev/null + + android: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + + - name: Update packages list + run: sudo apt-get update + + - name: Install base dependencies + run: sudo apt-get install -y libtool autoconf automake unzip + + - name: Autogen + run: ./autogen.sh -s + + - name: Install Android NDK + run: | + mkdir /tmp/android && cd /tmp/android + curl -o ndk.zip -L https://dl.google.com/android/repository/android-ndk-r25b-linux.zip + unzip ndk.zip && rm -f *.zip && mv android-ndk* ndk + + - name: Android compilation + run: | + env ANDROID_NDK_HOME=/tmp/android/ndk ./dist-build/android-x86.sh + env ANDROID_NDK_HOME=/tmp/android/ndk ./dist-build/android-armv8-a.sh diff --git a/deps/libsodium/.github/workflows/codeql-analysis.yml b/deps/libsodium/.github/workflows/codeql-analysis.yml index a3e482a6..86b84fb7 100644 --- a/deps/libsodium/.github/workflows/codeql-analysis.yml +++ b/deps/libsodium/.github/workflows/codeql-analysis.yml @@ -12,12 +12,12 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: fetch-depth: 2 - name: Initialize CodeQL - uses: github/codeql-action/init@v1 + uses: github/codeql-action/init@v2 with: languages: cpp @@ -27,4 +27,4 @@ jobs: make -j $(nproc) check - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 + uses: github/codeql-action/analyze@v2 diff --git a/deps/libsodium/.github/workflows/dotnet-core.yml b/deps/libsodium/.github/workflows/dotnet-core.yml index 2082aaeb..0ab2ff98 100644 --- a/deps/libsodium/.github/workflows/dotnet-core.yml +++ b/deps/libsodium/.github/workflows/dotnet-core.yml @@ -10,187 +10,182 @@ jobs: build-windows: runs-on: windows-latest steps: - - uses: actions/checkout@v1 + - uses: actions/checkout@v3 - name: buildbase.bat run: buildbase.bat ..\vs2022\libsodium.sln 17 working-directory: builds/msvc/build/ shell: cmd - - uses: actions/upload-artifact@v2 + - uses: actions/upload-artifact@v3 with: name: build-win-x64 path: bin/x64/Release/v143/dynamic/libsodium.dll - - uses: actions/upload-artifact@v2 + - uses: actions/upload-artifact@v3 with: name: build-win-x86 path: bin/Win32/Release/v143/dynamic/libsodium.dll build-linux-glibc: runs-on: ubuntu-latest - container: - image: ubuntu:16.04 steps: - - name: Set up build environment + - name: Install Zig + uses: goto-bus-stop/setup-zig@869a4299cf8ac7db4ebffaec36ad82a682f88acb + with: + version: 0.10.1 + - uses: actions/checkout@v3 + - name: build run: | - apt-get update && apt-get install -y build-essential - - uses: actions/checkout@v1 - - name: configure - run: ./configure --disable-dependency-tracking --prefix=$PWD/.libsodium-build - - name: make - run: make - - name: make check - run: make check - - name: make install - run: make install - - name: strip - run: strip --strip-all .libsodium-build/lib/libsodium.so - - uses: actions/upload-artifact@v2 + zig build -Drelease-fast -Dtarget=x86_64-linux-gnu.2.17 + - name: tests + run: cd zig-out/bin && ./run.sh + - uses: actions/upload-artifact@v3 with: name: build-linux-x64 - path: .libsodium-build/lib/libsodium.so + path: zig-out/lib/libsodium.so + + build-linux-glibc-arm: + runs-on: ubuntu-latest + steps: + - name: Install Zig + uses: goto-bus-stop/setup-zig@869a4299cf8ac7db4ebffaec36ad82a682f88acb + with: + version: 0.10.1 + - name: Fix ARM support + run: | + curl -L https://raw.githubusercontent.com/ziglang/zig/master/lib/libc/glibc/sysdeps/arm/arm-features.h | sudo tee /opt/hostedtoolcache/zig/zig-linux-x86_64-*/x64/lib/libc/glibc/sysdeps/arm/sysdep.h >/dev/null + - name: Set up emulation environment + run: | + export DEBIAN_FRONTEND=noninteractive + sudo apt-get update + sudo apt-get install -y build-essential qemu binfmt-support qemu-user-static qemu-system-arm gcc-arm-linux-gnueabihf libc6-armhf-cross + sudo dpkg --add-architecture armhf + sudo update-binfmts --enable qemu-arm + sudo update-binfmts --display + sudo ln -s /usr/arm-linux-gnueabihf/lib/ld-linux-armhf.so.* /lib + - uses: actions/checkout@v3 + - name: build + run: | + zig build -Drelease-fast -Dtarget=arm-linux-gnueabihf.2.23 + - name: tests + run: | + cd zig-out/bin && env LD_LIBRARY_PATH=/usr/arm-linux-gnueabihf/lib ./run.sh + - uses: actions/upload-artifact@v3 + with: + name: build-linux-arm + path: zig-out/lib/libsodium.so build-linux-glibc-arm64: runs-on: ubuntu-latest - container: - image: ubuntu:16.04 steps: - - name: Set up build environment + - name: Install Zig + uses: goto-bus-stop/setup-zig@869a4299cf8ac7db4ebffaec36ad82a682f88acb + with: + version: 0.10.1 + - name: Set up emulation environment run: | export DEBIAN_FRONTEND=noninteractive - - cat <<-EOF | tee /etc/apt/sources.list.d/arm64.list >/dev/null - deb [arch=arm64] http://ports.ubuntu.com/ xenial main restricted - deb [arch=arm64] http://ports.ubuntu.com/ xenial-updates main restricted - deb [arch=arm64] http://ports.ubuntu.com/ xenial universe - deb [arch=arm64] http://ports.ubuntu.com/ xenial-updates universe - deb [arch=arm64] http://ports.ubuntu.com/ xenial multiverse - deb [arch=arm64] http://ports.ubuntu.com/ xenial-updates multiverse - deb [arch=arm64] http://ports.ubuntu.com/ xenial-backports main restricted universe multiverse - EOF - - sed -i 's/deb h/deb [arch=amd64] h/g' /etc/apt/sources.list - - dpkg --add-architecture arm64 - - apt-get update && apt-get install -y build-essential qemu-user qemu-user-static gcc-aarch64-linux-gnu g++-aarch64-linux-gnu libstdc++6:arm64 - - - uses: actions/checkout@v1 - - name: configure - run: ./configure --disable-dependency-tracking --prefix=$PWD/.libsodium-build --host=aarch64-linux-gnu - - name: make - run: make -j $(nproc) - - - name: make check - # Disable make check on this platform - if: ${{ false }} + sudo apt-get update + sudo apt-get install -y qemu binfmt-support qemu-user-static qemu-system-arm gcc-aarch64-linux-gnu libc6-arm64-cross + sudo dpkg --add-architecture arm64 + sudo update-binfmts --enable qemu-aarch64 + sudo update-binfmts --display + sudo ln -s /usr/aarch64-linux-gnu/lib/ld-linux-aarch64.so.* /lib + - uses: actions/checkout@v3 + - name: build run: | - make check - - - name: make install - run: make install - - - name: strip - run: aarch64-linux-gnu-strip --strip-all .libsodium-build/lib/libsodium.so - - uses: actions/upload-artifact@v2 + zig build -Drelease-fast -Dtarget=aarch64-linux-gnu.2.23 + - name: tests + run: | + cd zig-out/bin && env LD_LIBRARY_PATH=/usr/aarch64-linux-gnu/lib ./run.sh + - uses: actions/upload-artifact@v3 with: name: build-linux-arm64 - path: .libsodium-build/lib/libsodium.so - - build-linux-glibc-arm: - runs-on: ubuntu-20.04 - steps: - - name: Set up build environment - run: | - export DEBIAN_FRONTEND=noninteractive - - cat <<-EOF | sudo tee /etc/apt/sources.list.d/armhf.list >/dev/null - deb [arch=armhf] http://ports.ubuntu.com/ focal main restricted - deb [arch=armhf] http://ports.ubuntu.com/ focal-updates main restricted - deb [arch=armhf] http://ports.ubuntu.com/ focal universe - deb [arch=armhf] http://ports.ubuntu.com/ focal-updates universe - deb [arch=armhf] http://ports.ubuntu.com/ focal multiverse - deb [arch=armhf] http://ports.ubuntu.com/ focal-updates multiverse - deb [arch=armhf] http://ports.ubuntu.com/ focal-backports main restricted universe multiverse - EOF - - sudo sed -i 's/deb h/deb [arch=amd64] h/g' /etc/apt/sources.list - - sudo dpkg --add-architecture armhf - - sudo apt-get update && sudo apt-get install -y build-essential qemu-user qemu-user-static gcc-arm-linux-gnueabihf g++-arm-linux-gnueabihf libstdc++6:armhf - - - uses: actions/checkout@v1 - - name: configure - run: ./configure --disable-dependency-tracking --prefix=$PWD/.libsodium-build --host=arm-linux-gnueabihf - - name: make - run: make -j $(nproc) - - - name: make check - run: | - make check - - - name: make install - run: make install - - - name: strip - run: arm-linux-gnueabihf-strip --strip-all .libsodium-build/lib/libsodium.so - - uses: actions/upload-artifact@v2 - with: - name: build-linux-arm - path: .libsodium-build/lib/libsodium.so + path: zig-out/lib/libsodium.so build-linux-musl: runs-on: ubuntu-latest container: - image: alpine:3.15 + image: alpine:3.13 steps: - name: Set up build environment run: | apk update - apk add alpine-sdk ca-certificates - - uses: actions/checkout@v1 - - name: configure - run: ./configure --disable-dependency-tracking --prefix=$PWD/.libsodium-build - - name: make - run: make - - name: make check - run: make check - - name: make install - run: make install - - name: strip - run: strip --strip-all .libsodium-build/lib/libsodium.so - - uses: actions/upload-artifact@v2 + apk add alpine-sdk ca-certificates xz + - name: Install Zig + uses: goto-bus-stop/setup-zig@869a4299cf8ac7db4ebffaec36ad82a682f88acb + with: + version: 0.10.1 + - uses: actions/checkout@v3 + - name: build + run: | + zig build -Drelease-fast -Dtarget=x86_64-linux-musl + - name: tests + run: | + cd zig-out/bin && ./run.sh + - uses: actions/upload-artifact@v3 with: name: build-linux-musl-x64 - path: .libsodium-build/lib/libsodium.so + path: zig-out/lib/libsodium.so + + build-linux-musl-arm: + runs-on: ubuntu-latest + steps: + - name: Install Zig + uses: goto-bus-stop/setup-zig@869a4299cf8ac7db4ebffaec36ad82a682f88acb + with: + version: 0.10.1 + - uses: actions/checkout@v3 + - name: build + run: | + zig build -Drelease-fast -Dtarget=arm-linux-musleabihf + - uses: actions/upload-artifact@v3 + with: + name: build-linux-musl-arm + path: zig-out/lib/libsodium.so + + build-linux-musl-arm64: + runs-on: ubuntu-latest + steps: + - name: Install Zig + uses: goto-bus-stop/setup-zig@869a4299cf8ac7db4ebffaec36ad82a682f88acb + with: + version: 0.10.1 + - uses: actions/checkout@v3 + - name: build + run: | + zig build -Drelease-fast -Dtarget=aarch64-linux-musl + - uses: actions/upload-artifact@v3 + with: + name: build-linux-musl-arm64 + path: zig-out/lib/libsodium.so build-macos-x64: - runs-on: macos-11 + runs-on: macos-latest steps: - - uses: actions/checkout@v1 + - uses: actions/checkout@v3 - name: configure - run: env CFLAGS="-O2 -arch x86_64 -mmacosx-version-min=10.10" LDFLAGS="-arch x86_64 -mmacosx-version-min=10.10" ./configure --host=arm-apple-darwin20 --prefix=$PWD/.libsodium-build + run: env CFLAGS="-Ofast -arch x86_64 -mmacosx-version-min=10.15" LDFLAGS="-arch x86_64 -mmacosx-version-min=10.15" ./configure --host=arm-apple-darwin20 --prefix=$PWD/.libsodium-build - name: make run: make - name: make check run: make check - name: make install run: make install - - uses: actions/upload-artifact@v2 + - uses: actions/upload-artifact@v3 with: name: build-osx-x64 path: .libsodium-build/lib/libsodium.dylib build-macos-arm64: - runs-on: macos-11 + runs-on: macos-latest steps: - - uses: actions/checkout@v1 + - uses: actions/checkout@v3 - name: configure - run: env CFLAGS="-O2 -arch arm64 -mmacosx-version-min=10.10" LDFLAGS="-arch arm64 -mmacosx-version-min=10.10" ./configure --host=arm-apple-darwin20 --prefix=$PWD/.libsodium-build + run: env CFLAGS="-Ofast -arch arm64 -mmacosx-version-min=10.15" LDFLAGS="-arch arm64 -mmacosx-version-min=10.15" ./configure --host=arm-apple-darwin20 --prefix=$PWD/.libsodium-build - name: make run: make - name: make install run: make install - - uses: actions/upload-artifact@v2 + - uses: actions/upload-artifact@v3 with: name: build-osx-arm64 path: .libsodium-build/lib/libsodium.dylib @@ -203,6 +198,8 @@ jobs: - build-linux-glibc-arm - build-linux-glibc-arm64 - build-linux-musl + - build-linux-musl-arm + - build-linux-musl-arm64 - build-macos-x64 - build-macos-arm64 container: @@ -212,36 +209,44 @@ jobs: DOTNET_SKIP_FIRST_TIME_EXPERIENCE: 1 DOTNET_SYSTEM_GLOBALIZATION_INVARIANT: 1 steps: - - uses: actions/checkout@v1 - - uses: actions/download-artifact@v2 + - uses: actions/checkout@v3 + - uses: actions/download-artifact@v3 with: name: build-win-x64 path: .libsodium-pack/runtimes/win-x64/native/ - - uses: actions/download-artifact@v2 + - uses: actions/download-artifact@v3 with: name: build-win-x86 path: .libsodium-pack/runtimes/win-x86/native/ - - uses: actions/download-artifact@v2 + - uses: actions/download-artifact@v3 with: name: build-linux-x64 path: .libsodium-pack/runtimes/linux-x64/native/ - - uses: actions/download-artifact@v2 + - uses: actions/download-artifact@v3 with: name: build-linux-arm64 path: .libsodium-pack/runtimes/linux-arm64/native/ - - uses: actions/download-artifact@v2 + - uses: actions/download-artifact@v3 with: name: build-linux-arm path: .libsodium-pack/runtimes/linux-arm/native/ - - uses: actions/download-artifact@v2 + - uses: actions/download-artifact@v3 with: name: build-linux-musl-x64 path: .libsodium-pack/runtimes/linux-musl-x64/native/ - - uses: actions/download-artifact@v2 + - uses: actions/download-artifact@v3 + with: + name: build-linux-musl-arm + path: .libsodium-pack/runtimes/linux-musl-arm/native/ + - uses: actions/download-artifact@v3 + with: + name: build-linux-musl-arm64 + path: .libsodium-pack/runtimes/linux-musl-arm64/native/ + - uses: actions/download-artifact@v3 with: name: build-osx-x64 path: .libsodium-pack/runtimes/osx-x64/native/ - - uses: actions/download-artifact@v2 + - uses: actions/download-artifact@v3 with: name: build-osx-arm64 path: .libsodium-pack/runtimes/osx-arm64/native/ @@ -249,7 +254,7 @@ jobs: run: cp AUTHORS ChangeLog LICENSE packaging/dotnet-core/libsodium.pkgproj .libsodium-pack/ - name: Create NuGet package run: dotnet pack -c Release .libsodium-pack/libsodium.pkgproj - - uses: actions/upload-artifact@v2 + - uses: actions/upload-artifact@v3 with: name: nuget-package path: .libsodium-pack/bin/Release/*.nupkg @@ -265,8 +270,8 @@ jobs: DOTNET_SKIP_FIRST_TIME_EXPERIENCE: 1 DOTNET_SYSTEM_GLOBALIZATION_INVARIANT: 1 steps: - - uses: actions/checkout@v1 - - uses: actions/download-artifact@v2 + - uses: actions/checkout@v3 + - uses: actions/download-artifact@v3 with: name: nuget-package path: .libsodium-pack/ @@ -291,7 +296,7 @@ jobs: mv .libsodium-test/bin/Release/net6.0/linux-arm/publish .libsodium-builds/linux-arm mv .libsodium-test/bin/Release/net6.0/linux-arm64/publish .libsodium-builds/linux-arm64 mv .libsodium-test/bin/Release/net6.0/linux-x64/publish .libsodium-builds/linux-x64 - - uses: actions/upload-artifact@v2 + - uses: actions/upload-artifact@v3 with: name: test-builds path: .libsodium-builds/* @@ -302,14 +307,14 @@ jobs: - build-test-binaries strategy: matrix: - # CentOS 7 and Debian 9 use an older GCC version; make sure we can run on those platforms. - arch: [ 'centos:7', 'debian:9' ] + # CentOS 7 and Debian 10 use an older GCC version; make sure we can run on those platforms. + arch: [ 'centos:7', 'debian:10' ] container: image: ${{ matrix.arch }} env: DOTNET_SYSTEM_GLOBALIZATION_INVARIANT: 1 steps: - - uses: actions/download-artifact@v2 + - uses: actions/download-artifact@v3 with: name: test-builds path: .libsodium-builds/ @@ -319,37 +324,42 @@ jobs: .libsodium-builds/linux-x64/Tests run-test-binaries-cross-plat: - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 needs: - build-test-binaries env: DOTNET_SYSTEM_GLOBALIZATION_INVARIANT: 1 strategy: matrix: + include: + - arch: x64 + libs: /usr/lib + - arch: arm + libs: /usr/arm-linux-gnueabihf/lib + - arch: arm64 + libs: /usr/aarch64-linux-gnu/lib arch: [x64, arm, arm64] steps: - name: Set up build environment run: | export DEBIAN_FRONTEND=noninteractive - cat <<-EOF | sudo tee /etc/apt/sources.list.d/multiarch.list >/dev/null - deb [arch=armhf,arm64] http://ports.ubuntu.com/ focal main restricted - deb [arch=armhf,arm64] http://ports.ubuntu.com/ focal-updates main restricted - deb [arch=armhf,arm64] http://ports.ubuntu.com/ focal universe - deb [arch=armhf,arm64] http://ports.ubuntu.com/ focal-updates universe - deb [arch=armhf,arm64] http://ports.ubuntu.com/ focal multiverse - deb [arch=armhf,arm64] http://ports.ubuntu.com/ focal-updates multiverse - deb [arch=armhf,arm64] http://ports.ubuntu.com/ focal-backports main restricted universe multiverse - EOF - - sudo sed -i 's/deb h/deb [arch=amd64] h/g' /etc/apt/sources.list + # On virtualization systems such as the one used by WSL2, the ARM crypto extensions + # don't work as expected. As a result, installing on Ubuntu fails during integrity + # checks. As a workaround, the following command disables hardware acceleration for + # gcrypt, which the apt-get command relies on. + sudo mkdir -p /etc/gcrypt && echo all | sudo tee /etc/gcrypt/hwf.deny + sudo apt-get update && sudo apt-get install -y qemu binfmt-support qemu-user-static qemu-system-arm gcc-arm-linux-gnueabihf gcc-aarch64-linux-gnu libc6-armhf-cross libc6-arm64-cross sudo dpkg --add-architecture armhf sudo dpkg --add-architecture arm64 + sudo update-binfmts --enable qemu-aarch64 + sudo update-binfmts --enable qemu-arm + sudo update-binfmts --display + sudo ln -s /usr/aarch64-linux-gnu/lib/ld-linux-aarch64.so.* /lib + sudo ln -s /usr/arm-linux-gnueabihf/lib/ld-linux-armhf.so.* /lib - sudo apt-get update && sudo apt-get install -y qemu-user qemu-user-static libstdc++6:armhf libstdc++6:arm64 - - - uses: actions/download-artifact@v2 + - uses: actions/download-artifact@v3 with: name: test-builds path: .libsodium-builds/ @@ -357,4 +367,4 @@ jobs: - name: Run ${{ matrix.arch }} run: | chmod +x .libsodium-builds/linux-${{ matrix.arch }}/Tests - .libsodium-builds/linux-${{ matrix.arch }}/Tests + env LD_LIBRARY_PATH=${{ matrix.libs }} .libsodium-builds/linux-${{ matrix.arch }}/Tests diff --git a/deps/libsodium/AUTHORS b/deps/libsodium/AUTHORS index f4a4b9d8..597b2c6d 100644 --- a/deps/libsodium/AUTHORS +++ b/deps/libsodium/AUTHORS @@ -45,8 +45,7 @@ siphash Jean-Philippe Aumasson Implementors ============ -crypto_aead/aes256gcm/aesni Romain Dolbeau - Frank Denis +crypto_aead/aes256gcm/aesni Frank Denis crypto_aead/chacha20poly1305 Frank Denis diff --git a/deps/libsodium/LICENSE b/deps/libsodium/LICENSE index 324bde66..17397208 100644 --- a/deps/libsodium/LICENSE +++ b/deps/libsodium/LICENSE @@ -1,7 +1,7 @@ /* * ISC License * - * Copyright (c) 2013-2022 + * Copyright (c) 2013-2023 * Frank Denis * * Permission to use, copy, modify, and/or distribute this software for any diff --git a/deps/libsodium/azure-pipelines.yml b/deps/libsodium/azure-pipelines.yml index 65ad92bc..63083510 100644 --- a/deps/libsodium/azure-pipelines.yml +++ b/deps/libsodium/azure-pipelines.yml @@ -16,12 +16,13 @@ jobs: curl https://get.wasmer.io -sSfL | sh displayName: Install wasmer - script: | - curl -sL -o - https://ziglang.org/download/0.8.1/zig-linux-x86_64-0.8.1.tar.xz | tar xJ -f - -C /opt/ + curl -sL -o - https://ziglang.org/download/0.10.1/zig-linux-x86_64-0.10.1.tar.xz | tar xJ -f - -C /opt/ sudo mv /opt/zig-* /opt/zig - env PATH=/opt/zig/bin:/opt/zig:$PATH + export PATH=/opt/zig/bin:/opt/zig:$PATH displayName: Install the Zig SDK - script: | - env WASMER_DIR=${HOME}/.wasmer PATH=${HOME}/.wasmer/bin:${HOME}/.cargo/bin:$PATH dist-build/wasm32-wasi.sh + . ~/.wasmer/wasmer.sh + dist-build/wasm32-wasi.sh displayName: Compile libsodium - task: PublishBuildArtifacts@1 condition: not(canceled()) @@ -67,26 +68,12 @@ jobs: pathToPublish: bin artifactName: libsodium - - job: "windows_old" - pool: - vmImage: "vs2017-win2016" - steps: - - powershell: | - cd builds\msvc\build - & .\buildbase.bat ..\vs2017\libsodium.sln 15 - displayName: Compile it all - - task: PublishBuildArtifacts@1 - condition: not(canceled()) - inputs: - pathToPublish: bin - artifactName: libsodium - - job: mingw64 pool: vmImage: "windows-2019" steps: - powershell: | - (New-Object Net.WebClient).DownloadFile("https://github.com/msys2/msys2-installer/releases/download/2021-07-25/msys2-base-x86_64-20210725.sfx.exe", "sfx.exe") + (New-Object Net.WebClient).DownloadFile("https://github.com/msys2/msys2-installer/releases/download/2022-12-16/msys2-base-x86_64-20221216.sfx.exe", "sfx.exe") .\sfx.exe -y -o\ del sfx.exe displayName: Install MSYS2 diff --git a/deps/libsodium/build-aux/config.sub b/deps/libsodium/build-aux/config.sub index dba16e84..de4259e4 100644 --- a/deps/libsodium/build-aux/config.sub +++ b/deps/libsodium/build-aux/config.sub @@ -1,10 +1,10 @@ #! /bin/sh # Configuration validation subroutine script. -# Copyright 1992-2022 Free Software Foundation, Inc. +# Copyright 1992-2023 Free Software Foundation, Inc. # shellcheck disable=SC2006,SC2268 # see below for rationale -timestamp='2022-01-03' +timestamp='2023-01-21' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by @@ -76,7 +76,7 @@ Report bugs and patches to ." version="\ GNU config.sub ($timestamp) -Copyright 1992-2022 Free Software Foundation, Inc. +Copyright 1992-2023 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." @@ -145,7 +145,7 @@ case $1 in nto-qnx* | linux-* | uclinux-uclibc* \ | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* \ | netbsd*-eabi* | kopensolaris*-gnu* | cloudabi*-eabi* \ - | storm-chaos* | os2-emx* | rtmk-nova*) + | storm-chaos* | os2-emx* | rtmk-nova* | managarm-*) basic_machine=$field1 basic_os=$maybe_os ;; @@ -1075,7 +1075,7 @@ case $cpu-$vendor in pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*) cpu=i586 ;; - pentiumpro-* | p6-* | 6x86-* | athlon-* | athalon_*-*) + pentiumpro-* | p6-* | 6x86-* | athlon-* | athlon_*-*) cpu=i686 ;; pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*) @@ -1207,7 +1207,7 @@ case $cpu-$vendor in | k1om \ | le32 | le64 \ | lm32 \ - | loongarch32 | loongarch64 | loongarchx32 \ + | loongarch32 | loongarch64 \ | m32c | m32r | m32rle \ | m5200 | m68000 | m680[012346]0 | m68360 | m683?2 | m68k \ | m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x \ @@ -1341,6 +1341,10 @@ EOF kernel=linux os=`echo "$basic_os" | sed -e 's|linux|gnu|'` ;; + managarm*) + kernel=managarm + os=`echo "$basic_os" | sed -e 's|managarm|mlibc|'` + ;; *) kernel= os=$basic_os @@ -1754,7 +1758,7 @@ case $os in | onefs* | tirtos* | phoenix* | fuchsia* | redox* | bme* \ | midnightbsd* | amdhsa* | unleashed* | emscripten* | wasi* \ | nsk* | powerunix* | genode* | zvmoe* | qnx* | emx* | zephyr* \ - | fiwix* ) + | fiwix* | mlibc* ) ;; # This one is extra strict with allowed versions sco3.2v2 | sco3.2v[4-9]* | sco5v6*) @@ -1762,6 +1766,9 @@ case $os in ;; none) ;; + kernel* ) + # Restricted further below + ;; *) echo Invalid configuration \`"$1"\': OS \`"$os"\' not recognized 1>&2 exit 1 @@ -1772,16 +1779,26 @@ esac # (given a valid OS), if there is a kernel. case $kernel-$os in linux-gnu* | linux-dietlibc* | linux-android* | linux-newlib* \ - | linux-musl* | linux-relibc* | linux-uclibc* ) + | linux-musl* | linux-relibc* | linux-uclibc* | linux-mlibc* ) ;; uclinux-uclibc* ) ;; - -dietlibc* | -newlib* | -musl* | -relibc* | -uclibc* ) + managarm-mlibc* | managarm-kernel* ) + ;; + -dietlibc* | -newlib* | -musl* | -relibc* | -uclibc* | -mlibc* ) # These are just libc implementations, not actual OSes, and thus # require a kernel. echo "Invalid configuration \`$1': libc \`$os' needs explicit kernel." 1>&2 exit 1 ;; + -kernel* ) + echo "Invalid configuration \`$1': \`$os' needs explicit kernel." 1>&2 + exit 1 + ;; + *-kernel* ) + echo "Invalid configuration \`$1': \`$kernel' does not support \`$os'." 1>&2 + exit 1 + ;; kfreebsd*-gnu* | kopensolaris*-gnu*) ;; vxworks-simlinux | vxworks-simwindows | vxworks-spe) diff --git a/deps/libsodium/build.zig b/deps/libsodium/build.zig index 244770d2..55d47354 100644 --- a/deps/libsodium/build.zig +++ b/deps/libsodium/build.zig @@ -1,30 +1,38 @@ const std = @import("std"); -const builtin = @import("builtin"); const fmt = std.fmt; const fs = std.fs; const heap = std.heap; const mem = std.mem; const LibExeObjStep = std.build.LibExeObjStep; +const Target = std.Target; pub fn build(b: *std.build.Builder) !void { const src_path = "src/libsodium"; - const src_dir = try fs.Dir.openDir(fs.cwd(), src_path, .{ .iterate = true, .no_follow = true }); + const src_dir = try fs.Dir.openIterableDir(fs.cwd(), src_path, .{ .no_follow = true }); - var target = b.standardTargetOptions(.{}); - var mode = b.standardReleaseOptions(); + const target = b.standardTargetOptions(.{}); + const mode = b.standardReleaseOptions(); + const enable_benchmarks = b.option(bool, "enable_benchmarks", "Whether tests should be benchmarks.") orelse false; + const benchmarks_iterations = b.option(u32, "iterations", "Number of iterations for benchmarks.") orelse 200; + + const shared = b.addSharedLibrary( + if (target.isWindows()) "sodium_shared" else "sodium", + null, + .unversioned, + ); const static = b.addStaticLibrary("sodium", null); - const shared = b.addSharedLibrary("sodium", null, .unversioned); shared.strip = true; static.strip = true; - const libs = [_]*LibExeObjStep{ static, shared }; + const libs_ = [_]*LibExeObjStep{ shared, static }; + const libs = if (target.getOsTag() == .wasi) libs_[1..] else libs_[0..]; const prebuilt_version_file_path = "builds/msvc/version.h"; const version_file_path = "include/sodium/version.h"; - if (src_dir.access(version_file_path, .{ .mode = .read_only })) {} else |_| { - try fs.cwd().copyFile(prebuilt_version_file_path, src_dir, version_file_path, .{}); + if (src_dir.dir.access(version_file_path, .{ .mode = .read_only })) {} else |_| { + try fs.cwd().copyFile(prebuilt_version_file_path, src_dir.dir, version_file_path, .{}); } for (libs) |lib| { @@ -36,13 +44,95 @@ pub fn build(b: *std.build.Builder) !void { } lib.linkLibC(); - lib.addIncludeDir("src/libsodium/include/sodium"); + lib.addIncludePath("src/libsodium/include/sodium"); + lib.defineCMacro("_GNU_SOURCE", "1"); lib.defineCMacro("CONFIGURED", "1"); lib.defineCMacro("DEV_MODE", "1"); - lib.defineCMacro("_GNU_SOURCE", "1"); - lib.defineCMacro("HAVE_INLINE_ASM", "1"); - lib.defineCMacro("HAVE_TI_MODE", "1"); lib.defineCMacro("HAVE_ATOMIC_OPS", "1"); + lib.defineCMacro("HAVE_C11_MEMORY_FENCES", "1"); + lib.defineCMacro("HAVE_GCC_MEMORY_FENCES", "1"); + lib.defineCMacro("HAVE_INLINE_ASM", "1"); + lib.defineCMacro("HAVE_INTTYPES_H", "1"); + lib.defineCMacro("HAVE_STDINT_H", "1"); + lib.defineCMacro("HAVE_TI_MODE", "1"); + + if (target.cpu_arch) |arch| { + switch (arch.endian()) { + .Big => lib.defineCMacro("NATIVE_BIG_ENDIAN", "1"), + .Little => lib.defineCMacro("NATIVE_LITTLE_ENDIAN", "1"), + } + } + + switch (target.getOsTag()) { + .linux => { + lib.defineCMacro("ASM_HIDE_SYMBOL", ".hidden"); + lib.defineCMacro("TLS", "_Thread_local"); + + lib.defineCMacro("HAVE_CATCHABLE_ABRT", "1"); + lib.defineCMacro("HAVE_CATCHABLE_SEGV", "1"); + lib.defineCMacro("HAVE_CLOCK_GETTIME", "1"); + lib.defineCMacro("HAVE_GETPID", "1"); + lib.defineCMacro("HAVE_INLINE_ASM", "1"); + lib.defineCMacro("HAVE_MADVISE", "1"); + lib.defineCMacro("HAVE_MLOCK", "1"); + lib.defineCMacro("HAVE_MMAP", "1"); + lib.defineCMacro("HAVE_MPROTECT", "1"); + lib.defineCMacro("HAVE_NANOSLEEP", "1"); + lib.defineCMacro("HAVE_POSIX_MEMALIGN", "1"); + lib.defineCMacro("HAVE_PTHREAD_PRIO_INHERIT", "1"); + lib.defineCMacro("HAVE_PTHREAD", "1"); + lib.defineCMacro("HAVE_RAISE", "1"); + lib.defineCMacro("HAVE_SYSCONF", "1"); + lib.defineCMacro("HAVE_SYS_AUXV_H", "1"); + lib.defineCMacro("HAVE_SYS_MMAN_H", "1"); + lib.defineCMacro("HAVE_SYS_PARAM_H", "1"); + lib.defineCMacro("HAVE_SYS_RANDOM_H", "1"); + lib.defineCMacro("HAVE_WEAK_SYMBOLS", "1"); + }, + .windows => { + lib.defineCMacro("HAVE_RAISE", "1"); + lib.defineCMacro("HAVE_SYS_PARAM_H", "1"); + }, + .macos => { + lib.defineCMacro("ASM_HIDE_SYMBOL", ".private_extern"); + lib.defineCMacro("TLS", "_Thread_local"); + + lib.defineCMacro("HAVE_ARC4RANDOM", "1"); + lib.defineCMacro("HAVE_ARC4RANDOM_BUF", "1"); + lib.defineCMacro("HAVE_CATCHABLE_ABRT", "1"); + lib.defineCMacro("HAVE_CATCHABLE_SEGV", "1"); + lib.defineCMacro("HAVE_CLOCK_GETTIME", "1"); + lib.defineCMacro("HAVE_GETENTROPY", "1"); + lib.defineCMacro("HAVE_GETPID", "1"); + lib.defineCMacro("HAVE_MADVISE", "1"); + lib.defineCMacro("HAVE_MEMSET_S", "1"); + lib.defineCMacro("HAVE_MLOCK", "1"); + lib.defineCMacro("HAVE_MMAP", "1"); + lib.defineCMacro("HAVE_MPROTECT", "1"); + lib.defineCMacro("HAVE_NANOSLEEP", "1"); + lib.defineCMacro("HAVE_POSIX_MEMALIGN", "1"); + lib.defineCMacro("HAVE_PTHREAD", "1"); + lib.defineCMacro("HAVE_PTHREAD_PRIO_INHERIT", "1"); + lib.defineCMacro("HAVE_RAISE", "1"); + lib.defineCMacro("HAVE_SYSCONF", "1"); + lib.defineCMacro("HAVE_SYS_MMAN_H", "1"); + lib.defineCMacro("HAVE_SYS_PARAM_H", "1"); + lib.defineCMacro("HAVE_SYS_RANDOM_H", "1"); + lib.defineCMacro("HAVE_WEAK_SYMBOLS", "1"); + }, + .wasi => { + lib.defineCMacro("HAVE_ARC4RANDOM", "1"); + lib.defineCMacro("HAVE_ARC4RANDOM_BUF", "1"); + lib.defineCMacro("HAVE_CLOCK_GETTIME", "1"); + lib.defineCMacro("HAVE_GETENTROPY", "1"); + lib.defineCMacro("HAVE_NANOSLEEP", "1"); + lib.defineCMacro("HAVE_POSIX_MEMALIGN", "1"); + lib.defineCMacro("HAVE_SYS_AUXV_H", "1"); + lib.defineCMacro("HAVE_SYS_PARAM_H", "1"); + lib.defineCMacro("HAVE_SYS_RANDOM_H", "1"); + }, + else => {}, + } switch (target.getCpuArch()) { .x86_64 => { @@ -52,9 +142,17 @@ pub fn build(b: *std.build.Builder) !void { lib.defineCMacro("HAVE_MMINTRIN_H", "1"); lib.defineCMacro("HAVE_EMMINTRIN_H", "1"); lib.defineCMacro("HAVE_PMMINTRIN_H", "1"); + lib.defineCMacro("HAVE_SMMINTRIN_H", "1"); + lib.defineCMacro("HAVE_TMMINTRIN_H", "1"); + lib.defineCMacro("HAVE_WMMINTRIN_H", "1"); }, .aarch64, .aarch64_be => { - lib.defineCMacro("HAVE_ARMCRYTO", "1"); + const cpu_features = target.getCpuFeatures(); + const has_neon = cpu_features.isEnabled(@enumToInt(Target.aarch64.Feature.neon)); + const has_crypto = cpu_features.isEnabled(@enumToInt(Target.aarch64.Feature.crypto)); + if (has_neon and has_crypto) { + lib.defineCMacro("HAVE_ARMCRYPTO", "1"); + } }, .wasm32, .wasm64 => { lib.defineCMacro("__wasm__", "1"); @@ -69,6 +167,15 @@ pub fn build(b: *std.build.Builder) !void { else => {}, } + switch (target.getCpuArch()) { + .x86_64 => { + lib.target.cpu_features_add.addFeature(@enumToInt(Target.x86.Feature.sse4_1)); + lib.target.cpu_features_add.addFeature(@enumToInt(Target.x86.Feature.aes)); + lib.target.cpu_features_add.addFeature(@enumToInt(Target.x86.Feature.pclmul)); + }, + else => {}, + } + var allocator = heap.page_allocator; var walker = try src_dir.walk(allocator); while (try walker.next()) |entry| { @@ -88,4 +195,43 @@ pub fn build(b: *std.build.Builder) !void { } } } + + const test_path = "test/default"; + const out_bin_path = "zig-out/bin"; + const test_dir = try fs.Dir.openIterableDir(fs.cwd(), test_path, .{ .no_follow = true }); + fs.Dir.makePath(fs.cwd(), out_bin_path) catch {}; + const out_bin_dir = try fs.Dir.openDir(fs.cwd(), out_bin_path, .{}); + try test_dir.dir.copyFile("run.sh", out_bin_dir, "run.sh", .{}); + var allocator = heap.page_allocator; + var walker = try test_dir.walk(allocator); + while (try walker.next()) |entry| { + const name = entry.basename; + if (mem.endsWith(u8, name, ".exp")) { + try test_dir.dir.copyFile(name, out_bin_dir, name, .{}); + continue; + } + if (!mem.endsWith(u8, name, ".c")) { + continue; + } + const exe_name = name[0 .. name.len - 2]; + var exe = b.addExecutable(exe_name, null); + exe.setTarget(target); + exe.setBuildMode(mode); + exe.linkLibC(); + exe.want_lto = false; + exe.strip = true; + exe.linkLibrary(static); + exe.addIncludePath("src/libsodium/include"); + exe.addIncludePath("test/quirks"); + const full_path = try fmt.allocPrint(allocator, "{s}/{s}", .{ test_path, entry.path }); + exe.addCSourceFiles(&.{full_path}, &.{}); + + if (enable_benchmarks) { + exe.defineCMacro("BENCHMARKS", "1"); + var buf: [16]u8 = undefined; + exe.defineCMacro("ITERATIONS", std.fmt.bufPrintIntToSlice(&buf, benchmarks_iterations, 10, .lower, .{})); + } + + exe.install(); + } } diff --git a/deps/libsodium/builds/msvc/properties/DebugLIB.props b/deps/libsodium/builds/msvc/properties/DebugLIB.props index c5f10128..86eb0449 100644 --- a/deps/libsodium/builds/msvc/properties/DebugLIB.props +++ b/deps/libsodium/builds/msvc/properties/DebugLIB.props @@ -12,10 +12,10 @@ - OldStyle + ProgramDatabase MultiThreadedDebug true - \ No newline at end of file + diff --git a/deps/libsodium/builds/msvc/properties/Release.props b/deps/libsodium/builds/msvc/properties/Release.props index 1c5415bc..1f754ca5 100644 --- a/deps/libsodium/builds/msvc/properties/Release.props +++ b/deps/libsodium/builds/msvc/properties/Release.props @@ -14,7 +14,7 @@ /Oy- %(AdditionalOptions) - + ProgramDatabase true true OnlyExplicitInline @@ -38,4 +38,4 @@ - \ No newline at end of file + diff --git a/deps/libsodium/configure b/deps/libsodium/configure index 23f38270..7b5b8803 100755 --- a/deps/libsodium/configure +++ b/deps/libsodium/configure @@ -1596,7 +1596,7 @@ Some influential environment variables: CPP C preprocessor SAFECODE_HOME set to the safecode base directory - CWFLAGS define to compilation flags for generating extra warnings + CWFLAGS compilation flags for generating extra warnings LT_SYS_LIBRARY_PATH User-defined run-time library search path. AR path to the ar utility @@ -3753,6 +3753,9 @@ then : fi +sodium_CFLAGS=${CFLAGS+set} +: ${CFLAGS=""} + @@ -5289,6 +5292,206 @@ fi +if test "$sodium_CFLAGS" != "set" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -Ofast" >&5 +printf %s "checking whether C compiler accepts -Ofast... " >&6; } +if test ${ax_cv_check_cflags___Ofast+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS -Ofast" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main (void) +{ +time_t x; int fodder = 0; if (fodder > -1000 && time(&x)) return (int) x + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ax_cv_check_cflags___Ofast=yes +else $as_nop + ax_cv_check_cflags___Ofast=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___Ofast" >&5 +printf "%s\n" "$ax_cv_check_cflags___Ofast" >&6; } +if test "x$ax_cv_check_cflags___Ofast" = xyes +then : + CFLAGS="$CFLAGS -Ofast" +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -O3" >&5 +printf %s "checking whether C compiler accepts -O3... " >&6; } +if test ${ax_cv_check_cflags___O3+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS -O3" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main (void) +{ +time_t x; int fodder = 0; if (fodder > -1000 && time(&x)) return (int) x + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ax_cv_check_cflags___O3=yes +else $as_nop + ax_cv_check_cflags___O3=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___O3" >&5 +printf "%s\n" "$ax_cv_check_cflags___O3" >&6; } +if test "x$ax_cv_check_cflags___O3" = xyes +then : + CFLAGS="$CFLAGS -O3" +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -O2" >&5 +printf %s "checking whether C compiler accepts -O2... " >&6; } +if test ${ax_cv_check_cflags___O2+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS -O2" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main (void) +{ +time_t x; int fodder = 0; if (fodder > -1000 && time(&x)) return (int) x + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ax_cv_check_cflags___O2=yes +else $as_nop + ax_cv_check_cflags___O2=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___O2" >&5 +printf "%s\n" "$ax_cv_check_cflags___O2" >&6; } +if test "x$ax_cv_check_cflags___O2" = xyes +then : + CFLAGS="$CFLAGS -O2" +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -O1" >&5 +printf %s "checking whether C compiler accepts -O1... " >&6; } +if test ${ax_cv_check_cflags___O1+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS -O1" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main (void) +{ +time_t x; int fodder = 0; if (fodder > -1000 && time(&x)) return (int) x + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ax_cv_check_cflags___O1=yes +else $as_nop + ax_cv_check_cflags___O1=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___O1" >&5 +printf "%s\n" "$ax_cv_check_cflags___O1" >&6; } +if test "x$ax_cv_check_cflags___O1" = xyes +then : + CFLAGS="$CFLAGS -O1" +else $as_nop + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -O" >&5 +printf %s "checking whether C compiler accepts -O... " >&6; } +if test ${ax_cv_check_cflags___O+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS -O" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main (void) +{ +time_t x; int fodder = 0; if (fodder > -1000 && time(&x)) return (int) x + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ax_cv_check_cflags___O=yes +else $as_nop + ax_cv_check_cflags___O=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___O" >&5 +printf "%s\n" "$ax_cv_check_cflags___O" >&6; } +if test "x$ax_cv_check_cflags___O" = xyes +then : + CFLAGS="$CFLAGS -O" +else $as_nop + : +fi + +fi + +fi + +fi + +fi + +fi + + # Check whether --enable-ssp was given. if test ${enable_ssp+y} then : @@ -6869,46 +7072,6 @@ then : if test "x$enableval" = "xyes" then : - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -Ofast" >&5 -printf %s "checking whether C compiler accepts -Ofast... " >&6; } -if test ${ax_cv_check_cflags___Ofast+y} -then : - printf %s "(cached) " >&6 -else $as_nop - - ax_check_save_flags=$CFLAGS - CFLAGS="$CFLAGS -Ofast" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -int -main (void) -{ -time_t x; int fodder = 0; if (fodder > -1000 && time(&x)) return (int) x - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO" -then : - ax_cv_check_cflags___Ofast=yes -else $as_nop - ax_cv_check_cflags___Ofast=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.beam \ - conftest$ac_exeext conftest.$ac_ext - CFLAGS=$ax_check_save_flags -fi -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___Ofast" >&5 -printf "%s\n" "$ax_cv_check_cflags___Ofast" >&6; } -if test "x$ax_cv_check_cflags___Ofast" = xyes -then : - CFLAGS="$CFLAGS -Ofast" -else $as_nop - : -fi - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -ftree-vectorize" >&5 printf %s "checking whether C compiler accepts -ftree-vectorize... " >&6; } if test ${ax_cv_check_cflags___ftree_vectorize+y} @@ -7069,6 +7232,46 @@ else $as_nop : fi + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -mtune=native" >&5 +printf %s "checking whether C compiler accepts -mtune=native... " >&6; } +if test ${ax_cv_check_cflags___mtune_native+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS -mtune=native" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main (void) +{ +time_t x; int fodder = 0; if (fodder > -1000 && time(&x)) return (int) x + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ax_cv_check_cflags___mtune_native=yes +else $as_nop + ax_cv_check_cflags___mtune_native=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___mtune_native" >&5 +printf "%s\n" "$ax_cv_check_cflags___mtune_native" >&6; } +if test "x$ax_cv_check_cflags___mtune_native" = xyes +then : + CFLAGS="$CFLAGS -mtune=native" +else $as_nop + : +fi + fi @@ -8458,8 +8661,6 @@ esac fi - - as_CACHEVAR=`printf "%s\n" "ax_cv_check_cflags__$CFLAGS -Wall" | $as_tr_sh` { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $CFLAGS -Wall" >&5 printf %s "checking whether C compiler accepts $CFLAGS -Wall... " >&6; } @@ -8502,16 +8703,16 @@ else $as_nop : fi -as_CACHEVAR=`printf "%s\n" "ax_cv_check_cflags__$CFLAGS -Wextra" | $as_tr_sh` -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $CFLAGS -Wextra" >&5 -printf %s "checking whether C compiler accepts $CFLAGS -Wextra... " >&6; } +as_CACHEVAR=`printf "%s\n" "ax_cv_check_cflags__$CFLAGS -Wno-unknown-pragmas" | $as_tr_sh` +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $CFLAGS -Wno-unknown-pragmas" >&5 +printf %s "checking whether C compiler accepts $CFLAGS -Wno-unknown-pragmas... " >&6; } if eval test \${$as_CACHEVAR+y} then : printf %s "(cached) " >&6 else $as_nop ax_check_save_flags=$CFLAGS - CFLAGS="$CFLAGS $CFLAGS -Wextra" + CFLAGS="$CFLAGS $CFLAGS -Wno-unknown-pragmas" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -8539,12 +8740,14 @@ eval ac_res=\$$as_CACHEVAR printf "%s\n" "$ac_res" >&6; } if eval test \"x\$"$as_CACHEVAR"\" = x"yes" then : - CWFLAGS="$CFLAGS -Wextra" + CFLAGS="$CFLAGS -Wno-unknown-pragmas" else $as_nop : fi + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for clang" >&5 printf %s "checking for clang... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -8555,7 +8758,7 @@ main (void) { #ifndef __clang__ -#error Not clang +#error Not clang nor zig cc #endif ; @@ -8616,6 +8819,90 @@ printf "%s\n" "no" >&6; } fi rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +as_CACHEVAR=`printf "%s\n" "ax_cv_check_cflags__$CWFLAGS -Wextra" | $as_tr_sh` +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $CWFLAGS -Wextra" >&5 +printf %s "checking whether C compiler accepts $CWFLAGS -Wextra... " >&6; } +if eval test \${$as_CACHEVAR+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $CWFLAGS -Wextra" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main (void) +{ +time_t x; int fodder = 0; if (fodder > -1000 && time(&x)) return (int) x + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + eval "$as_CACHEVAR=yes" +else $as_nop + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +if eval test \"x\$"$as_CACHEVAR"\" = x"yes" +then : + CWFLAGS="$WCFLAGS -Wextra" +else $as_nop + : +fi + +as_CACHEVAR=`printf "%s\n" "ax_cv_check_cflags__$CWFLAGS -Warray-bounds" | $as_tr_sh` +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $CWFLAGS -Warray-bounds" >&5 +printf %s "checking whether C compiler accepts $CWFLAGS -Warray-bounds... " >&6; } +if eval test \${$as_CACHEVAR+y} +then : + printf %s "(cached) " >&6 +else $as_nop + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $CWFLAGS -Warray-bounds" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main (void) +{ +time_t x; int fodder = 0; if (fodder > -1000 && time(&x)) return (int) x + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + eval "$as_CACHEVAR=yes" +else $as_nop + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } +if eval test \"x\$"$as_CACHEVAR"\" = x"yes" +then : + CWFLAGS="$CWFLAGS -Warray-bounds" +else $as_nop + : +fi + as_CACHEVAR=`printf "%s\n" "ax_cv_check_cflags__$CWFLAGS -Wbad-function-cast" | $as_tr_sh` { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $CWFLAGS -Wbad-function-cast" >&5 printf %s "checking whether C compiler accepts $CWFLAGS -Wbad-function-cast... " >&6; } @@ -9905,6 +10192,8 @@ size_t i; signal(SIGSEGV, sig); signal(SIGBUS, sig); #if !defined(__SANITIZE_ADDRESS__) && !defined(__EMSCRIPTEN__) +*((volatile unsigned char *) -1) = 0xd0; +*((volatile unsigned char *) 1) = 0xd0; for (i = 0; i < 10000000; i += 1024) { x[-i] = x[i] = (unsigned char) i; } #endif free((void *) x); @@ -20630,6 +20919,12 @@ then : printf "%s\n" "#define HAVE_NANOSLEEP 1" >>confdefs.h fi +ac_fn_c_check_func "$LINENO" "clock_gettime" "ac_cv_func_clock_gettime" +if test "x$ac_cv_func_clock_gettime" = xyes +then : + printf "%s\n" "#define HAVE_CLOCK_GETTIME 1" >>confdefs.h + +fi if test "x$WASI" = "x" @@ -20646,6 +20941,12 @@ if test "x$ac_cv_func_explicit_bzero" = xyes then : printf "%s\n" "#define HAVE_EXPLICIT_BZERO 1" >>confdefs.h +fi +ac_fn_c_check_func "$LINENO" "memset_explicit" "ac_cv_func_memset_explicit" +if test "x$ac_cv_func_memset_explicit" = xyes +then : + printf "%s\n" "#define HAVE_MEMSET_EXPLICIT 1" >>confdefs.h + fi ac_fn_c_check_func "$LINENO" "explicit_memset" "ac_cv_func_explicit_memset" if test "x$ac_cv_func_explicit_memset" = xyes diff --git a/deps/libsodium/configure.ac b/deps/libsodium/configure.ac index a739b797..51ad0f7b 100644 --- a/deps/libsodium/configure.ac +++ b/deps/libsodium/configure.ac @@ -42,10 +42,23 @@ AS_IF([pwd | fgrep ' ' > /dev/null 2>&1], [AC_MSG_ERROR([The build directory contains whitespaces - This can cause tests/installation to fail due to limitations of some libtool versions])] ) +sodium_CFLAGS=${CFLAGS+set} +: ${CFLAGS=""} + AC_PROG_CC AM_PROG_AS AC_USE_SYSTEM_EXTENSIONS +dnl Default optimization flags + +if test "$sodium_CFLAGS" != "set" ; then + AX_CHECK_COMPILE_FLAG([-Ofast], [CFLAGS="$CFLAGS -Ofast"], + [AX_CHECK_COMPILE_FLAG([-O3], [CFLAGS="$CFLAGS -O3"], + [AX_CHECK_COMPILE_FLAG([-O2], [CFLAGS="$CFLAGS -O2"], + [AX_CHECK_COMPILE_FLAG([-O1], [CFLAGS="$CFLAGS -O1"], + [AX_CHECK_COMPILE_FLAG([-O], [CFLAGS="$CFLAGS -O"])])])])]) +fi + dnl Switches AC_ARG_ENABLE(ssp, @@ -197,11 +210,11 @@ AC_ARG_ENABLE(opt, [AS_HELP_STRING(--enable-opt,Optimize for the native CPU - The resulting library will be faster but not portable)], [ AS_IF([test "x$enableval" = "xyes"], [ - AX_CHECK_COMPILE_FLAG([-Ofast], [CFLAGS="$CFLAGS -Ofast"]) AX_CHECK_COMPILE_FLAG([-ftree-vectorize], [CFLAGS="$CFLAGS -ftree-vectorize"]) AX_CHECK_COMPILE_FLAG([-ftree-slp-vectorize], [CFLAGS="$CFLAGS -ftree-slp-vectorize"]) AX_CHECK_COMPILE_FLAG([-fomit-frame-pointer], [CFLAGS="$CFLAGS -fomit-frame-pointer"]) AX_CHECK_COMPILE_FLAG([-march=native], [CFLAGS="$CFLAGS -march=native"]) + AX_CHECK_COMPILE_FLAG([-mtune=native], [CFLAGS="$CFLAGS -mtune=native"]) ]) ]) @@ -310,15 +323,15 @@ AS_CASE([$host_os], ]) ]) -AC_ARG_VAR([CWFLAGS], [define to compilation flags for generating extra warnings]) - AX_CHECK_COMPILE_FLAG([$CFLAGS -Wall], [CWFLAGS="$CFLAGS -Wall"]) -AX_CHECK_COMPILE_FLAG([$CFLAGS -Wextra], [CWFLAGS="$CFLAGS -Wextra"]) +AX_CHECK_COMPILE_FLAG([$CFLAGS -Wno-unknown-pragmas], [CFLAGS="$CFLAGS -Wno-unknown-pragmas"]) + +AC_ARG_VAR([CWFLAGS], [compilation flags for generating extra warnings]) AC_MSG_CHECKING(for clang) AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], [[ #ifndef __clang__ -#error Not clang +#error Not clang nor zig cc #endif ]])], [AC_MSG_RESULT(yes) @@ -328,6 +341,8 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], [[ [AC_MSG_RESULT(no) ]) +AX_CHECK_COMPILE_FLAG([$CWFLAGS -Wextra], [CWFLAGS="$WCFLAGS -Wextra"]) +AX_CHECK_COMPILE_FLAG([$CWFLAGS -Warray-bounds], [CWFLAGS="$CWFLAGS -Warray-bounds"]) AX_CHECK_COMPILE_FLAG([$CWFLAGS -Wbad-function-cast], [CWFLAGS="$CWFLAGS -Wbad-function-cast"]) AX_CHECK_COMPILE_FLAG([$CWFLAGS -Wcast-qual], [CWFLAGS="$CWFLAGS -Wcast-qual"]) AX_CHECK_COMPILE_FLAG([$CWFLAGS -Wdiv-by-zero], [CWFLAGS="$CWFLAGS -Wdiv-by-zero"]) @@ -866,10 +881,10 @@ AS_IF([test "x$WASI" = "x"],[ AC_CHECK_FUNCS([getauxva elf_aux_info]) ]) -AC_CHECK_FUNCS([posix_memalign nanosleep]) +AC_CHECK_FUNCS([posix_memalign nanosleep clock_gettime]) AS_IF([test "x$WASI" = "x"],[ - AC_CHECK_FUNCS([memset_s explicit_bzero explicit_memset]) + AC_CHECK_FUNCS([memset_s explicit_bzero memset_explicit explicit_memset]) ]) AC_SUBST([LIBTOOL_EXTRA_FLAGS]) diff --git a/deps/libsodium/dist-build/android-aar.sh b/deps/libsodium/dist-build/android-aar.sh new file mode 100755 index 00000000..af223993 --- /dev/null +++ b/deps/libsodium/dist-build/android-aar.sh @@ -0,0 +1,144 @@ +#! /bin/sh + +# Create an AAR with libsodium in all combinations of static | shared | minimal | full. +# +# The x86 static library will not work due to text relocation rules, so static x86 versions are limited to shared libraries. +# To simplify linking, library variants have distinct names: sodium, sodium-static, sodium-minimal and sodium-minimal-static. + +SODIUM_VERSION="1.0.18.0" +NDK_VERSION=$(grep "Pkg.Revision = " <"${ANDROID_NDK_HOME}/source.properties" | cut -f 2 -d '=' | cut -f 2 -d' ' | cut -f 1 -d'.') +DEST_PATH=$(mktemp -d) + +cd "$(dirname "$0")/../" || exit + +make_abi_json() { + echo "{\"abi\":\"${NDK_ARCH}\",\"api\":${SDK_VERSION},\"ndk\":${NDK_VERSION},\"stl\":\"none\"}" >"$1/abi.json" +} + +make_prefab_json() { + echo "{\"name\":\"sodium\",\"schema_version\":1,\"dependencies\":[],\"version\":\"$SODIUM_VERSION\"}" >"$1/prefab.json" +} + +make_manifest() { + echo " + +" >"${1}/AndroidManifest.xml" +} + +make_prefab_structure() { + mkdir "$DEST_PATH" + + for variant_dirs in "prefab" "prefab/modules" "META-INF"; do + mkdir "${DEST_PATH}/${variant_dirs}" + done + + make_prefab_json "${DEST_PATH}/prefab" + make_manifest "${DEST_PATH}" + cp "LICENSE" "${DEST_PATH}/META-INF" + + for variant in \ + "prefab/modules/sodium" "prefab/modules/sodium-static" \ + "prefab/modules/sodium-minimal" "prefab/modules/sodium-minimal-static"; do + mkdir "${DEST_PATH}/${variant}" + + if [ "$variant" = "prefab/modules/sodium-minimal" ]; then + echo "{\"library_name\":\"libsodium\"}" >"${DEST_PATH}/${variant}/module.json" + else + echo "{}" >"${DEST_PATH}/${variant}/module.json" + fi + + mkdir "${DEST_PATH}/${variant}/libs" + + for arch in "arm64-v8a" "armeabi-v7a" "x86" "x86_64"; do + mkdir "$DEST_PATH/${variant}/libs/android.${arch}" + mkdir "$DEST_PATH/${variant}/libs/android.${arch}/include" + NDK_ARCH="$arch" + if [ $arch = "arm64-v8a" ] || [ $arch = "x86_64" ]; then + SDK_VERSION="21" + else + SDK_VERSION="19" + fi + + make_abi_json "$DEST_PATH/${variant}/libs/android.${arch}" + done + done +} + +copy_libs() { + SRC_DIR="libsodium-android-${1}" + + SHARED_DEST_DIR="${DEST_PATH}/prefab/modules/sodium${3}/libs/android.${2}" + STATIC_DEST_DIR="${DEST_PATH}/prefab/modules/sodium${3}-static/libs/android.${2}" + + cp -r "${SRC_DIR}/include" "$SHARED_DEST_DIR" + cp -r "${SRC_DIR}/include" "$STATIC_DEST_DIR" + cp "${SRC_DIR}/lib/libsodium.so" "${SHARED_DEST_DIR}/libsodium.so" + cp "${SRC_DIR}/lib/libsodium.a" "${STATIC_DEST_DIR}/libsodium${3}-static.a" + + rm -r "$SRC_DIR" +} + +build_all() { + dist-build/android-armv7-a.sh + dist-build/android-armv8-a.sh + dist-build/android-x86_64.sh + dist-build/android-x86.sh +} + +make_prefab_structure + +build_all + +copy_libs "armv7-a" "armeabi-v7a" "-minimal" +copy_libs "armv8-a+crypto" "arm64-v8a" "-minimal" +copy_libs "i686" "x86" "-minimal" +copy_libs "westmere" "x86_64" "-minimal" + +LIBSODIUM_FULL_BUILD="Y" +export LIBSODIUM_FULL_BUILD + +build_all + +copy_libs "armv7-a" "armeabi-v7a" +copy_libs "armv8-a+crypto" "arm64-v8a" +copy_libs "i686" "x86" +copy_libs "westmere" "x86_64" + +AAR_PATH="$(pwd)/libsodium-${SODIUM_VERSION}.aar" +cd "$DEST_PATH" || exit +rm "$AAR_PATH" +zip -9 -r "$AAR_PATH" META-INF prefab AndroidManifest.xml +cd .. || exit +rm -r "$DEST_PATH" + +echo +echo "Congrats you have built an AAR containing libsodium! To use it with +gradle or cmake (as set by default for Android Studio projects): + +- Edit the app/build.gradle file to add: + + android { + buildFeatures { + prefab true + } + } + + and + + dependencies { + implementation fileTree(dir:'path/to/aar/',include:['libsodium-$SODIUM_VERSION.aar']) + } + + Optionally, store multiple AAR files in the same folder and include '*.aar' + +- Edit your module's CMakeLists.txt file to add: + + find_package(sodium REQUIRED CONFIG) + +- Then, specify 'sodium::x' as an item in the relevant 'target_link_libraries' statement. + The first part is the AAR name and should be 'sodium'. + The second part ('x', to be replaced) should be set to: + - 'sodium' for the full shared library, + - 'sodium-static' for the full static library + - 'sodium-minimal' for the minimal shared library, or + - 'sodium-minimal-static' for the minimal static library." diff --git a/deps/libsodium/dist-build/android-armv7-a.sh b/deps/libsodium/dist-build/android-armv7-a.sh index a8725082..6cfa80ae 100755 --- a/deps/libsodium/dist-build/android-armv7-a.sh +++ b/deps/libsodium/dist-build/android-armv7-a.sh @@ -1,4 +1,4 @@ #!/bin/sh export TARGET_ARCH=armv7-a export CFLAGS="-Os -mfloat-abi=softfp -mfpu=vfpv3-d16 -mthumb -marm -march=${TARGET_ARCH}" -ARCH=arm HOST_COMPILER=arm-linux-androideabi "$(dirname "$0")/android-build.sh" +ARCH=arm HOST_COMPILER=armv7a-linux-androideabi "$(dirname "$0")/android-build.sh" diff --git a/deps/libsodium/dist-build/android-armv8-a.sh b/deps/libsodium/dist-build/android-armv8-a.sh index 1bf13ae8..16299828 100755 --- a/deps/libsodium/dist-build/android-armv8-a.sh +++ b/deps/libsodium/dist-build/android-armv8-a.sh @@ -1,4 +1,4 @@ #!/bin/sh -export TARGET_ARCH=armv8-a +export TARGET_ARCH=armv8-a+crypto export CFLAGS="-Os -march=${TARGET_ARCH}" NDK_PLATFORM=android-21 ARCH=arm64 HOST_COMPILER=aarch64-linux-android "$(dirname "$0")/android-build.sh" diff --git a/deps/libsodium/dist-build/android-build.sh b/deps/libsodium/dist-build/android-build.sh index ece1d01d..e8d65b23 100755 --- a/deps/libsodium/dist-build/android-build.sh +++ b/deps/libsodium/dist-build/android-build.sh @@ -1,11 +1,11 @@ #! /bin/sh if [ -z "$NDK_PLATFORM" ]; then - export NDK_PLATFORM="android-16" + export NDK_PLATFORM="android-19" fi export NDK_PLATFORM_COMPAT="${NDK_PLATFORM_COMPAT:-${NDK_PLATFORM}}" -export NDK_API_VERSION=$(echo "$NDK_PLATFORM" | sed 's/^android-//') -export NDK_API_VERSION_COMPAT=$(echo "$NDK_PLATFORM_COMPAT" | sed 's/^android-//') +export NDK_API_VERSION="$(echo "$NDK_PLATFORM" | sed 's/^android-//')" +export NDK_API_VERSION_COMPAT="$(echo "$NDK_PLATFORM_COMPAT" | sed 's/^android-//')" if [ -z "$ANDROID_NDK_HOME" ]; then echo "You should probably set ANDROID_NDK_HOME to the directory containing" @@ -18,20 +18,19 @@ if [ ! -f ./configure ]; then exit 1 fi -if [ "x$TARGET_ARCH" = 'x' ] || [ "x$ARCH" = 'x' ] || [ "x$HOST_COMPILER" = 'x' ]; then +if [ -z "$TARGET_ARCH" ] || [ -z "$ARCH" ] || [ -z "$HOST_COMPILER" ]; then echo "You shouldn't use android-build.sh directly, use android-[arch].sh instead" >&2 exit 1 fi -export MAKE_TOOLCHAIN="${ANDROID_NDK_HOME}/build/tools/make_standalone_toolchain.py" - export PREFIX="$(pwd)/libsodium-android-${TARGET_ARCH}" -export TOOLCHAIN_DIR="$(pwd)/android-toolchain-${TARGET_ARCH}" +export TOOLCHAIN_OS_DIR="$(uname | tr '[:upper:]' '[:lower:]')-x86_64/" +export TOOLCHAIN_DIR="$ANDROID_NDK_HOME/toolchains/llvm/prebuilt/${TOOLCHAIN_OS_DIR}" +echo "$ANDROID_NDK_HOME/toolchains/llvm/prebuilt/${TOOLCHAIN_OS_DIR}/${HOST_COMPILER}" + export PATH="${PATH}:${TOOLCHAIN_DIR}/bin" - -export CC=${CC:-"${HOST_COMPILER}-clang"} - -rm -rf "${TOOLCHAIN_DIR}" "${PREFIX}" +SDK_VERSION_NUM=$(echo $NDK_PLATFORM | cut -d'-' -f2) +export CC=${CC:-"${HOST_COMPILER}${SDK_VERSION_NUM}-clang"} echo echo "Warnings related to headers being present but not usable are due to functions" @@ -47,9 +46,6 @@ else fi echo -env - PATH="$PATH" \ - "$MAKE_TOOLCHAIN" --force --api="$NDK_API_VERSION_COMPAT" \ - --arch="$ARCH" --install-dir="$TOOLCHAIN_DIR" || exit 1 if [ -z "$LIBSODIUM_FULL_BUILD" ]; then export LIBSODIUM_ENABLE_MINIMAL_FLAG="--enable-minimal" @@ -58,29 +54,28 @@ else fi ./configure \ + --disable-soname-versions \ + --disable-pie \ + ${LIBSODIUM_ENABLE_MINIMAL_FLAG} \ + --host="${HOST_COMPILER}" \ + --prefix="${PREFIX}" \ + --with-sysroot="${TOOLCHAIN_DIR}/sysroot" || exit 1 + +if [ "$NDK_PLATFORM" != "$NDK_PLATFORM_COMPAT" ]; then + egrep '^#define ' config.log | sort -u >config-def-compat.log + echo + echo "Configuring again for platform [${NDK_PLATFORM}]" + echo + + ./configure \ --disable-soname-versions \ + --disable-pie \ ${LIBSODIUM_ENABLE_MINIMAL_FLAG} \ --host="${HOST_COMPILER}" \ --prefix="${PREFIX}" \ --with-sysroot="${TOOLCHAIN_DIR}/sysroot" || exit 1 -if [ "$NDK_PLATFORM" != "$NDK_PLATFORM_COMPAT" ]; then - egrep '^#define ' config.log | sort -u > config-def-compat.log - echo - echo "Configuring again for platform [${NDK_PLATFORM}]" - echo - env - PATH="$PATH" \ - "$MAKE_TOOLCHAIN" --force --api="$NDK_API_VERSION" \ - --arch="$ARCH" --install-dir="$TOOLCHAIN_DIR" || exit 1 - - ./configure \ - --disable-soname-versions \ - ${LIBSODIUM_ENABLE_MINIMAL_FLAG} \ - --host="${HOST_COMPILER}" \ - --prefix="${PREFIX}" \ - --with-sysroot="${TOOLCHAIN_DIR}/sysroot" || exit 1 - - egrep '^#define ' config.log | sort -u > config-def.log + grep -E '^#define ' config.log | sort -u >config-def.log if ! cmp config-def.log config-def-compat.log; then echo "Platform [${NDK_PLATFORM}] is not backwards-compatible with [${NDK_PLATFORM_COMPAT}]" >&2 diff -u config-def.log config-def-compat.log >&2 @@ -89,10 +84,9 @@ if [ "$NDK_PLATFORM" != "$NDK_PLATFORM_COMPAT" ]; then rm -f config-def.log config-def-compat.log fi - NPROCESSORS=$(getconf NPROCESSORS_ONLN 2>/dev/null || getconf _NPROCESSORS_ONLN 2>/dev/null) PROCESSORS=${NPROCESSORS:-3} -make clean && \ -make -j${PROCESSORS} install && \ -echo "libsodium has been installed into ${PREFIX}" +make clean && + make -j${PROCESSORS} install && + echo "libsodium has been installed into ${PREFIX}" diff --git a/deps/libsodium/dist-build/apple-xcframework.sh b/deps/libsodium/dist-build/apple-xcframework.sh index 12516e13..66419da3 100755 --- a/deps/libsodium/dist-build/apple-xcframework.sh +++ b/deps/libsodium/dist-build/apple-xcframework.sh @@ -11,6 +11,7 @@ export IOS_SIMULATOR_I386_PREFIX="${PREFIX}/tmp/ios-simulator-i386" export IOS_SIMULATOR_X86_64_PREFIX="${PREFIX}/tmp/ios-simulator-x86_64" export WATCHOS32_PREFIX="${PREFIX}/tmp/watchos32" export WATCHOS64_32_PREFIX="${PREFIX}/tmp/watchos64_32" +export WATCHOS64_PREFIX="${PREFIX}/tmp/watchos64" export WATCHOS_SIMULATOR_ARM64_PREFIX="${PREFIX}/tmp/watchos-simulator-arm64" export WATCHOS_SIMULATOR_I386_PREFIX="${PREFIX}/tmp/watchos-simulator-i386" export WATCHOS_SIMULATOR_X86_64_PREFIX="${PREFIX}/tmp/watchos-simulator-x86_64" @@ -35,6 +36,12 @@ echo "Warnings related to headers being present but not usable are due to functi echo "that didn't exist in the specified minimum iOS version level." echo "They can be safely ignored." echo +echo "Define the LIBSODIUM_FULL_BUILD environment variable to build the full" +echo "library (including all deprecated/undocumented/low-level functions)." +echo +echo "Define the LIBSODIUM_SKIP_SIMULATORS environment variable to skip building" +echo "the simulators libraries (iOS, watchOS, tvOS simulators)." +echo if [ -z "$LIBSODIUM_FULL_BUILD" ]; then export LIBSODIUM_ENABLE_MINIMAL_FLAG="--enable-minimal" @@ -87,8 +94,8 @@ build_ios() { export SDK="${BASEDIR}/SDKs/iPhoneOS.sdk" ## 32-bit iOS - export CFLAGS="-fembed-bitcode -O2 -mthumb -arch armv7 -isysroot ${SDK} -mios-version-min=${IOS_VERSION_MIN}" - export LDFLAGS="-fembed-bitcode -mthumb -arch armv7 -isysroot ${SDK} -mios-version-min=${IOS_VERSION_MIN}" + export CFLAGS="-O2 -mthumb -arch armv7 -isysroot ${SDK} -mios-version-min=${IOS_VERSION_MIN}" + export LDFLAGS="-mthumb -arch armv7 -isysroot ${SDK} -mios-version-min=${IOS_VERSION_MIN}" make distclean >/dev/null 2>&1 ./configure --host=arm-apple-darwin10 --prefix="$IOS32_PREFIX" \ @@ -96,8 +103,8 @@ build_ios() { make -j${PROCESSORS} install || exit 1 ## 32-bit armv7s iOS - export CFLAGS="-fembed-bitcode -O2 -mthumb -arch armv7s -isysroot ${SDK} -mios-version-min=${IOS_VERSION_MIN}" - export LDFLAGS="-fembed-bitcode -mthumb -arch armv7s -isysroot ${SDK} -mios-version-min=${IOS_VERSION_MIN}" + export CFLAGS="-O2 -mthumb -arch armv7s -isysroot ${SDK} -mios-version-min=${IOS_VERSION_MIN}" + export LDFLAGS="-mthumb -arch armv7s -isysroot ${SDK} -mios-version-min=${IOS_VERSION_MIN}" make distclean >/dev/null 2>&1 ./configure --host=arm-apple-darwin10 --prefix="$IOS32s_PREFIX" \ @@ -105,8 +112,8 @@ build_ios() { make -j${PROCESSORS} install || exit 1 ## 64-bit iOS - export CFLAGS="-fembed-bitcode -O2 -arch arm64 -isysroot ${SDK} -mios-version-min=${IOS_VERSION_MIN}" - export LDFLAGS="-fembed-bitcode -arch arm64 -isysroot ${SDK} -mios-version-min=${IOS_VERSION_MIN}" + export CFLAGS="-O2 -arch arm64 -isysroot ${SDK} -mios-version-min=${IOS_VERSION_MIN}" + export LDFLAGS="-arch arm64 -isysroot ${SDK} -mios-version-min=${IOS_VERSION_MIN}" make distclean >/dev/null 2>&1 ./configure --host=arm-apple-darwin10 --prefix="$IOS64_PREFIX" \ @@ -121,8 +128,8 @@ build_ios_simulator() { ## arm64 simulator if [ "$APPLE_SILICON_SUPPORTED" = "true" ]; then - export CFLAGS="-fembed-bitcode -O2 -arch arm64 -isysroot ${SDK} -mios-simulator-version-min=${IOS_SIMULATOR_VERSION_MIN}" - export LDFLAGS="-fembed-bitcode -arch arm64 -isysroot ${SDK} -mios-simulator-version-min=${IOS_SIMULATOR_VERSION_MIN}" + export CFLAGS="-O2 -arch arm64 -isysroot ${SDK} -mios-simulator-version-min=${IOS_SIMULATOR_VERSION_MIN}" + export LDFLAGS="-arch arm64 -isysroot ${SDK} -mios-simulator-version-min=${IOS_SIMULATOR_VERSION_MIN}" make distclean >/dev/null 2>&1 ./configure --host=arm-apple-darwin20 --prefix="$IOS_SIMULATOR_ARM64_PREFIX" \ @@ -131,8 +138,8 @@ build_ios_simulator() { fi ## i386 simulator - export CFLAGS="-fembed-bitcode -O2 -arch i386 -isysroot ${SDK} -mios-simulator-version-min=${IOS_SIMULATOR_VERSION_MIN}" - export LDFLAGS="-fembed-bitcode -arch i386 -isysroot ${SDK} -mios-simulator-version-min=${IOS_SIMULATOR_VERSION_MIN}" + export CFLAGS="-O2 -arch i386 -isysroot ${SDK} -mios-simulator-version-min=${IOS_SIMULATOR_VERSION_MIN}" + export LDFLAGS="-arch i386 -isysroot ${SDK} -mios-simulator-version-min=${IOS_SIMULATOR_VERSION_MIN}" make distclean >/dev/null 2>&1 ./configure --host=i686-apple-darwin10 --prefix="$IOS_SIMULATOR_I386_PREFIX" \ @@ -140,8 +147,8 @@ build_ios_simulator() { make -j${PROCESSORS} install || exit 1 ## x86_64 simulator - export CFLAGS="-fembed-bitcode -O2 -arch x86_64 -isysroot ${SDK} -mios-simulator-version-min=${IOS_SIMULATOR_VERSION_MIN}" - export LDFLAGS="-fembed-bitcode -arch x86_64 -isysroot ${SDK} -mios-simulator-version-min=${IOS_SIMULATOR_VERSION_MIN}" + export CFLAGS="-O2 -arch x86_64 -isysroot ${SDK} -mios-simulator-version-min=${IOS_SIMULATOR_VERSION_MIN}" + export LDFLAGS="-arch x86_64 -isysroot ${SDK} -mios-simulator-version-min=${IOS_SIMULATOR_VERSION_MIN}" make distclean >/dev/null 2>&1 ./configure --host=x86_64-apple-darwin10 --prefix="$IOS_SIMULATOR_X86_64_PREFIX" \ @@ -155,8 +162,8 @@ build_watchos() { export SDK="${BASEDIR}/SDKs/WatchOS.sdk" # 32-bit watchOS - export CFLAGS="-fembed-bitcode -O2 -mthumb -arch armv7k -isysroot ${SDK} -mwatchos-version-min=${WATCHOS_VERSION_MIN}" - export LDFLAGS="-fembed-bitcode -mthumb -arch armv7k -isysroot ${SDK} -mwatchos-version-min=${WATCHOS_VERSION_MIN}" + export CFLAGS="-O2 -mthumb -arch armv7k -isysroot ${SDK} -mwatchos-version-min=${WATCHOS_VERSION_MIN}" + export LDFLAGS="-mthumb -arch armv7k -isysroot ${SDK} -mwatchos-version-min=${WATCHOS_VERSION_MIN}" make distclean >/dev/null 2>&1 ./configure --host=arm-apple-darwin10 --prefix="$WATCHOS32_PREFIX" \ @@ -164,13 +171,22 @@ build_watchos() { make -j${PROCESSORS} install || exit 1 ## 64-bit arm64_32 watchOS - export CFLAGS="-fembed-bitcode -O2 -mthumb -arch arm64_32 -isysroot ${SDK} -mwatchos-version-min=${WATCHOS_VERSION_MIN}" - export LDFLAGS="-fembed-bitcode -mthumb -arch arm64_32 -isysroot ${SDK} -mwatchos-version-min=${WATCHOS_VERSION_MIN}" + export CFLAGS="-O2 -mthumb -arch arm64_32 -isysroot ${SDK} -mwatchos-version-min=${WATCHOS_VERSION_MIN}" + export LDFLAGS="-mthumb -arch arm64_32 -isysroot ${SDK} -mwatchos-version-min=${WATCHOS_VERSION_MIN}" make distclean >/dev/null 2>&1 ./configure --host=arm-apple-darwin10 --prefix="$WATCHOS64_32_PREFIX" \ ${LIBSODIUM_ENABLE_MINIMAL_FLAG} || exit 1 make -j${PROCESSORS} install || exit 1 + + ## 64-bit arm64 watchOS + export CFLAGS="-O2 -mthumb -arch arm64 -isysroot ${SDK} -mwatchos-version-min=${WATCHOS_VERSION_MIN}" + export LDFLAGS="-mthumb -arch arm64 -isysroot ${SDK} -mwatchos-version-min=${WATCHOS_VERSION_MIN}" + + make distclean >/dev/null 2>&1 + ./configure --host=arm-apple-darwin10 --prefix="$WATCHOS64_PREFIX" \ + ${LIBSODIUM_ENABLE_MINIMAL_FLAG} || exit 1 + make -j${PROCESSORS} install || exit 1 } build_watchos_simulator() { @@ -180,8 +196,8 @@ build_watchos_simulator() { ## arm64 simulator if [ "$APPLE_SILICON_SUPPORTED" = "true" ]; then - export CFLAGS="-fembed-bitcode -O2 -arch arm64 -isysroot ${SDK} -mwatchos-simulator-version-min=${WATCHOS_SIMULATOR_VERSION_MIN}" - export LDFLAGS="-fembed-bitcode -arch arm64 -isysroot ${SDK} -mwatchos-simulator-version-min=${WATCHOS_SIMULATOR_VERSION_MIN}" + export CFLAGS="-O2 -arch arm64 -isysroot ${SDK} -mwatchos-simulator-version-min=${WATCHOS_SIMULATOR_VERSION_MIN}" + export LDFLAGS="-arch arm64 -isysroot ${SDK} -mwatchos-simulator-version-min=${WATCHOS_SIMULATOR_VERSION_MIN}" make distclean >/dev/null 2>&1 ./configure --host=arm-apple-darwin20 --prefix="$WATCHOS_SIMULATOR_ARM64_PREFIX" \ @@ -190,8 +206,8 @@ build_watchos_simulator() { fi ## i386 simulator - export CFLAGS="-fembed-bitcode -O2 -arch i386 -isysroot ${SDK} -mwatchos-simulator-version-min=${WATCHOS_SIMULATOR_VERSION_MIN}" - export LDFLAGS="-fembed-bitcode -arch i386 -isysroot ${SDK} -mwatchos-simulator-version-min=${WATCHOS_SIMULATOR_VERSION_MIN}" + export CFLAGS="-O2 -arch i386 -isysroot ${SDK} -mwatchos-simulator-version-min=${WATCHOS_SIMULATOR_VERSION_MIN}" + export LDFLAGS="-arch i386 -isysroot ${SDK} -mwatchos-simulator-version-min=${WATCHOS_SIMULATOR_VERSION_MIN}" make distclean >/dev/null 2>&1 ./configure --host=i686-apple-darwin10 --prefix="$WATCHOS_SIMULATOR_I386_PREFIX" \ @@ -199,8 +215,8 @@ build_watchos_simulator() { make -j${PROCESSORS} install || exit 1 ## x86_64 simulator - export CFLAGS="-fembed-bitcode -O2 -arch x86_64 -isysroot ${SDK} -mwatchos-simulator-version-min=${WATCHOS_SIMULATOR_VERSION_MIN}" - export LDFLAGS="-fembed-bitcode -arch x86_64 -isysroot ${SDK} -mwatchos-simulator-version-min=${WATCHOS_SIMULATOR_VERSION_MIN}" + export CFLAGS="-O2 -arch x86_64 -isysroot ${SDK} -mwatchos-simulator-version-min=${WATCHOS_SIMULATOR_VERSION_MIN}" + export LDFLAGS="-arch x86_64 -isysroot ${SDK} -mwatchos-simulator-version-min=${WATCHOS_SIMULATOR_VERSION_MIN}" make distclean >/dev/null 2>&1 ./configure --host=x86_64-apple-darwin10 --prefix="$WATCHOS_SIMULATOR_X86_64_PREFIX" \ @@ -214,8 +230,8 @@ build_tvos() { export SDK="${BASEDIR}/SDKs/AppleTVOS.sdk" ## 64-bit tvOS - export CFLAGS="-fembed-bitcode -O2 -arch arm64 -isysroot ${SDK} -mtvos-version-min=${TVOS_VERSION_MIN}" - export LDFLAGS="-fembed-bitcode -arch arm64 -isysroot ${SDK} -mtvos-version-min=${TVOS_VERSION_MIN}" + export CFLAGS="-O2 -arch arm64 -isysroot ${SDK} -mtvos-version-min=${TVOS_VERSION_MIN}" + export LDFLAGS="-arch arm64 -isysroot ${SDK} -mtvos-version-min=${TVOS_VERSION_MIN}" make distclean >/dev/null 2>&1 ./configure --host=arm-apple-darwin10 --prefix="$TVOS64_PREFIX" \ @@ -230,8 +246,8 @@ build_tvos_simulator() { ## arm64 simulator if [ "$APPLE_SILICON_SUPPORTED" = "true" ]; then - export CFLAGS="-fembed-bitcode -O2 -arch arm64 -isysroot ${SDK} -mtvos-simulator-version-min=${TVOS_SIMULATOR_VERSION_MIN}" - export LDFLAGS="-fembed-bitcode -arch arm64 -isysroot ${SDK} -mtvos-simulator-version-min=${TVOS_SIMULATOR_VERSION_MIN}" + export CFLAGS="-O2 -arch arm64 -isysroot ${SDK} -mtvos-simulator-version-min=${TVOS_SIMULATOR_VERSION_MIN}" + export LDFLAGS="-arch arm64 -isysroot ${SDK} -mtvos-simulator-version-min=${TVOS_SIMULATOR_VERSION_MIN}" make distclean >/dev/null 2>&1 ./configure --host=arm-apple-darwin20 --prefix="$TVOS_SIMULATOR_ARM64_PREFIX" \ @@ -240,8 +256,8 @@ build_tvos_simulator() { fi ## x86_64 simulator - export CFLAGS="-fembed-bitcode -O2 -arch x86_64 -isysroot ${SDK} -mtvos-simulator-version-min=${TVOS_SIMULATOR_VERSION_MIN}" - export LDFLAGS="-fembed-bitcode -arch x86_64 -isysroot ${SDK} -mtvos-simulator-version-min=${TVOS_SIMULATOR_VERSION_MIN}" + export CFLAGS="-O2 -arch x86_64 -isysroot ${SDK} -mtvos-simulator-version-min=${TVOS_SIMULATOR_VERSION_MIN}" + export LDFLAGS="-arch x86_64 -isysroot ${SDK} -mtvos-simulator-version-min=${TVOS_SIMULATOR_VERSION_MIN}" make distclean >/dev/null 2>&1 ./configure --host=x86_64-apple-darwin10 --prefix="$TVOS_SIMULATOR_X86_64_PREFIX" \ @@ -276,23 +292,29 @@ build_catalyst() { } mkdir -p "${PREFIX}/tmp" + echo "Building for macOS..." build_macos >"$LOG_FILE" 2>&1 || exit 1 echo "Building for iOS..." build_ios >"$LOG_FILE" 2>&1 || exit 1 -echo "Building for the iOS simulator..." -build_ios_simulator >"$LOG_FILE" 2>&1 || exit 1 echo "Building for watchOS..." build_watchos >"$LOG_FILE" 2>&1 || exit 1 -echo "Building for the watchOS simulator..." -build_watchos_simulator >"$LOG_FILE" 2>&1 || exit 1 echo "Building for tvOS..." build_tvos >"$LOG_FILE" 2>&1 || exit 1 -echo "Building for the tvOS simulator..." -build_tvos_simulator >"$LOG_FILE" 2>&1 || exit 1 echo "Building for Catalyst..." build_catalyst >"$LOG_FILE" 2>&1 || exit 1 +if [ -z "$LIBSODIUM_SKIP_SIMULATORS" ]; then + echo "Building for the iOS simulator..." + build_ios_simulator >"$LOG_FILE" 2>&1 || exit 1 + echo "Building for the watchOS simulator..." + build_watchos_simulator >"$LOG_FILE" 2>&1 || exit 1 + echo "Building for the tvOS simulator..." + build_tvos_simulator >"$LOG_FILE" 2>&1 || exit 1 + else + echo "[Skipping the simulators]" +fi + echo "Adding the Clibsodium module map for Swift..." find "$PREFIX" -name "include" -type d -print | while read -r f; do @@ -328,25 +350,6 @@ for ext in a dylib; do -output "$PREFIX/ios/lib/libsodium.${ext}" done -echo "Bundling iOS simulators..." - -mkdir -p "${PREFIX}/ios-simulators/lib" -cp -a "${IOS_SIMULATOR_X86_64_PREFIX}/include" "${PREFIX}/ios-simulators/" -for ext in a dylib; do - if [ "$APPLE_SILICON_SUPPORTED" = "true" ]; then - lipo -create \ - "${IOS_SIMULATOR_ARM64_PREFIX}/lib/libsodium.${ext}" \ - "${IOS_SIMULATOR_I386_PREFIX}/lib/libsodium.${ext}" \ - "${IOS_SIMULATOR_X86_64_PREFIX}/lib/libsodium.${ext}" \ - -output "${PREFIX}/ios-simulators/lib/libsodium.${ext}" || exit 1 - else - lipo -create \ - "${IOS_SIMULATOR_I386_PREFIX}/lib/libsodium.${ext}" \ - "${IOS_SIMULATOR_X86_64_PREFIX}/lib/libsodium.${ext}" \ - -output "${PREFIX}/ios-simulators/lib/libsodium.${ext}" || exit 1 - fi -done - echo "Bundling watchOS targets..." mkdir -p "${PREFIX}/watchos/lib" @@ -355,28 +358,10 @@ for ext in a dylib; do lipo -create \ "${WATCHOS32_PREFIX}/lib/libsodium.${ext}" \ "${WATCHOS64_32_PREFIX}/lib/libsodium.${ext}" \ + "${WATCHOS64_PREFIX}/lib/libsodium.${ext}" \ -output "${PREFIX}/watchos/lib/libsodium.${ext}" done -echo "Bundling watchOS simulators..." - -mkdir -p "${PREFIX}/watchos-simulators/lib" -cp -a "${WATCHOS_SIMULATOR_X86_64_PREFIX}/include" "${PREFIX}/watchos-simulators/" -for ext in a dylib; do - if [ "$APPLE_SILICON_SUPPORTED" = "true" ]; then - lipo -create \ - "${WATCHOS_SIMULATOR_ARM64_PREFIX}/lib/libsodium.${ext}" \ - "${WATCHOS_SIMULATOR_I386_PREFIX}/lib/libsodium.${ext}" \ - "${WATCHOS_SIMULATOR_X86_64_PREFIX}/lib/libsodium.${ext}" \ - -output "${PREFIX}/watchos-simulators/lib/libsodium.${ext}" - else - lipo -create \ - "${WATCHOS_SIMULATOR_I386_PREFIX}/lib/libsodium.${ext}" \ - "${WATCHOS_SIMULATOR_X86_64_PREFIX}/lib/libsodium.${ext}" \ - -output "${PREFIX}/watchos-simulators/lib/libsodium.${ext}" - fi -done - echo "Bundling tvOS targets..." mkdir -p "${PREFIX}/tvos/lib" @@ -387,23 +372,6 @@ for ext in a dylib; do -output "$PREFIX/tvos/lib/libsodium.${ext}" done -echo "Bundling tvOS simulators..." - -mkdir -p "${PREFIX}/tvos-simulators/lib" -cp -a "${TVOS_SIMULATOR_X86_64_PREFIX}/include" "${PREFIX}/tvos-simulators/" -for ext in a dylib; do - if [ "$APPLE_SILICON_SUPPORTED" = "true" ]; then - lipo -create \ - "${TVOS_SIMULATOR_ARM64_PREFIX}/lib/libsodium.${ext}" \ - "${TVOS_SIMULATOR_X86_64_PREFIX}/lib/libsodium.${ext}" \ - -output "${PREFIX}/tvos-simulators/lib/libsodium.${ext}" || exit 1 - else - lipo -create \ - "${TVOS_SIMULATOR_X86_64_PREFIX}/lib/libsodium.${ext}" \ - -output "${PREFIX}/tvos-simulators/lib/libsodium.${ext}" || exit 1 - fi -done - echo "Bundling Catalyst targets..." mkdir -p "${PREFIX}/catalyst/lib" @@ -424,15 +392,78 @@ for ext in a dylib; do fi done +if [ -z "$LIBSODIUM_SKIP_SIMULATORS" ]; then + echo "Bundling iOS simulators..." + + mkdir -p "${PREFIX}/ios-simulators/lib" + cp -a "${IOS_SIMULATOR_X86_64_PREFIX}/include" "${PREFIX}/ios-simulators/" + for ext in a dylib; do + if [ "$APPLE_SILICON_SUPPORTED" = "true" ]; then + lipo -create \ + "${IOS_SIMULATOR_ARM64_PREFIX}/lib/libsodium.${ext}" \ + "${IOS_SIMULATOR_I386_PREFIX}/lib/libsodium.${ext}" \ + "${IOS_SIMULATOR_X86_64_PREFIX}/lib/libsodium.${ext}" \ + -output "${PREFIX}/ios-simulators/lib/libsodium.${ext}" || exit 1 + else + lipo -create \ + "${IOS_SIMULATOR_I386_PREFIX}/lib/libsodium.${ext}" \ + "${IOS_SIMULATOR_X86_64_PREFIX}/lib/libsodium.${ext}" \ + -output "${PREFIX}/ios-simulators/lib/libsodium.${ext}" || exit 1 + fi + done + + echo "Bundling watchOS simulators..." + + mkdir -p "${PREFIX}/watchos-simulators/lib" + cp -a "${WATCHOS_SIMULATOR_X86_64_PREFIX}/include" "${PREFIX}/watchos-simulators/" + for ext in a dylib; do + if [ "$APPLE_SILICON_SUPPORTED" = "true" ]; then + lipo -create \ + "${WATCHOS_SIMULATOR_ARM64_PREFIX}/lib/libsodium.${ext}" \ + "${WATCHOS_SIMULATOR_I386_PREFIX}/lib/libsodium.${ext}" \ + "${WATCHOS_SIMULATOR_X86_64_PREFIX}/lib/libsodium.${ext}" \ + -output "${PREFIX}/watchos-simulators/lib/libsodium.${ext}" + else + lipo -create \ + "${WATCHOS_SIMULATOR_I386_PREFIX}/lib/libsodium.${ext}" \ + "${WATCHOS_SIMULATOR_X86_64_PREFIX}/lib/libsodium.${ext}" \ + -output "${PREFIX}/watchos-simulators/lib/libsodium.${ext}" + fi + done + + echo "Bundling tvOS simulators..." + + mkdir -p "${PREFIX}/tvos-simulators/lib" + cp -a "${TVOS_SIMULATOR_X86_64_PREFIX}/include" "${PREFIX}/tvos-simulators/" + for ext in a dylib; do + if [ "$APPLE_SILICON_SUPPORTED" = "true" ]; then + lipo -create \ + "${TVOS_SIMULATOR_ARM64_PREFIX}/lib/libsodium.${ext}" \ + "${TVOS_SIMULATOR_X86_64_PREFIX}/lib/libsodium.${ext}" \ + -output "${PREFIX}/tvos-simulators/lib/libsodium.${ext}" || exit 1 + else + lipo -create \ + "${TVOS_SIMULATOR_X86_64_PREFIX}/lib/libsodium.${ext}" \ + -output "${PREFIX}/tvos-simulators/lib/libsodium.${ext}" || exit 1 + fi + done +fi + echo "Creating Clibsodium.xcframework..." rm -rf "${PREFIX}/Clibsodium.xcframework" XCFRAMEWORK_ARGS="" -for f in macos ios ios-simulators watchos watchos-simulators tvos tvos-simulators catalyst; do +for f in macos ios watchos tvos catalyst; do XCFRAMEWORK_ARGS="${XCFRAMEWORK_ARGS} -library ${PREFIX}/${f}/lib/libsodium.a" XCFRAMEWORK_ARGS="${XCFRAMEWORK_ARGS} -headers ${PREFIX}/${f}/include" done +if [ -z "$LIBSODIUM_SKIP_SIMULATORS" ]; then + for f in ios-simulators watchos-simulators tvos-simulators; do + XCFRAMEWORK_ARGS="${XCFRAMEWORK_ARGS} -library ${PREFIX}/${f}/lib/libsodium.a" + XCFRAMEWORK_ARGS="${XCFRAMEWORK_ARGS} -headers ${PREFIX}/${f}/include" + done +fi xcodebuild -create-xcframework \ ${XCFRAMEWORK_ARGS} \ -output "${PREFIX}/Clibsodium.xcframework" >/dev/null diff --git a/deps/libsodium/dist-build/emscripten-symbols.def b/deps/libsodium/dist-build/emscripten-symbols.def index b1761c5d..116ecc68 100644 --- a/deps/libsodium/dist-build/emscripten-symbols.def +++ b/deps/libsodium/dist-build/emscripten-symbols.def @@ -289,10 +289,10 @@ _crypto_onetimeauth_primitive 0 1 _crypto_onetimeauth_statebytes 0 1 _crypto_onetimeauth_update 0 1 _crypto_onetimeauth_verify 0 1 -_crypto_pwhash 1 1 -_crypto_pwhash_alg_argon2i13 1 1 -_crypto_pwhash_alg_argon2id13 1 1 -_crypto_pwhash_alg_default 1 1 +_crypto_pwhash 0 1 +_crypto_pwhash_alg_argon2i13 0 1 +_crypto_pwhash_alg_argon2id13 0 1 +_crypto_pwhash_alg_default 0 1 _crypto_pwhash_argon2i 0 1 _crypto_pwhash_argon2i_alg_argon2i13 0 1 _crypto_pwhash_argon2i_bytes_max 0 1 @@ -337,22 +337,22 @@ _crypto_pwhash_argon2id_str_needs_rehash 0 1 _crypto_pwhash_argon2id_str_verify 0 1 _crypto_pwhash_argon2id_strbytes 0 1 _crypto_pwhash_argon2id_strprefix 0 1 -_crypto_pwhash_bytes_max 1 1 -_crypto_pwhash_bytes_min 1 1 -_crypto_pwhash_memlimit_interactive 1 1 -_crypto_pwhash_memlimit_max 1 1 -_crypto_pwhash_memlimit_min 1 1 -_crypto_pwhash_memlimit_moderate 1 1 -_crypto_pwhash_memlimit_sensitive 1 1 -_crypto_pwhash_opslimit_interactive 1 1 -_crypto_pwhash_opslimit_max 1 1 -_crypto_pwhash_opslimit_min 1 1 -_crypto_pwhash_opslimit_moderate 1 1 -_crypto_pwhash_opslimit_sensitive 1 1 -_crypto_pwhash_passwd_max 1 1 -_crypto_pwhash_passwd_min 1 1 +_crypto_pwhash_bytes_max 0 1 +_crypto_pwhash_bytes_min 0 1 +_crypto_pwhash_memlimit_interactive 0 1 +_crypto_pwhash_memlimit_max 0 1 +_crypto_pwhash_memlimit_min 0 1 +_crypto_pwhash_memlimit_moderate 0 1 +_crypto_pwhash_memlimit_sensitive 0 1 +_crypto_pwhash_opslimit_interactive 0 1 +_crypto_pwhash_opslimit_max 0 1 +_crypto_pwhash_opslimit_min 0 1 +_crypto_pwhash_opslimit_moderate 0 1 +_crypto_pwhash_opslimit_sensitive 0 1 +_crypto_pwhash_passwd_max 0 1 +_crypto_pwhash_passwd_min 0 1 _crypto_pwhash_primitive 0 1 -_crypto_pwhash_saltbytes 1 1 +_crypto_pwhash_saltbytes 0 1 _crypto_pwhash_scryptsalsa208sha256 0 1 _crypto_pwhash_scryptsalsa208sha256_bytes_max 0 1 _crypto_pwhash_scryptsalsa208sha256_bytes_min 0 1 @@ -373,12 +373,12 @@ _crypto_pwhash_scryptsalsa208sha256_str_needs_rehash 0 1 _crypto_pwhash_scryptsalsa208sha256_str_verify 0 1 _crypto_pwhash_scryptsalsa208sha256_strbytes 0 1 _crypto_pwhash_scryptsalsa208sha256_strprefix 0 1 -_crypto_pwhash_str 1 1 -_crypto_pwhash_str_alg 1 1 -_crypto_pwhash_str_needs_rehash 1 1 -_crypto_pwhash_str_verify 1 1 -_crypto_pwhash_strbytes 1 1 -_crypto_pwhash_strprefix 1 1 +_crypto_pwhash_str 0 1 +_crypto_pwhash_str_alg 0 1 +_crypto_pwhash_str_needs_rehash 0 1 +_crypto_pwhash_str_verify 0 1 +_crypto_pwhash_strbytes 0 1 +_crypto_pwhash_strprefix 0 1 _crypto_scalarmult 1 1 _crypto_scalarmult_base 1 1 _crypto_scalarmult_bytes 1 1 diff --git a/deps/libsodium/dist-build/emscripten.sh b/deps/libsodium/dist-build/emscripten.sh index 3f5d8ded..569bb4de 100755 --- a/deps/libsodium/dist-build/emscripten.sh +++ b/deps/libsodium/dist-build/emscripten.sh @@ -1,12 +1,13 @@ #! /bin/sh export MAKE_FLAGS='-j4' -export EXPORTED_FUNCTIONS_STANDARD='["_malloc","_free","_crypto_aead_chacha20poly1305_abytes","_crypto_aead_chacha20poly1305_decrypt","_crypto_aead_chacha20poly1305_decrypt_detached","_crypto_aead_chacha20poly1305_encrypt","_crypto_aead_chacha20poly1305_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_abytes","_crypto_aead_chacha20poly1305_ietf_decrypt","_crypto_aead_chacha20poly1305_ietf_decrypt_detached","_crypto_aead_chacha20poly1305_ietf_encrypt","_crypto_aead_chacha20poly1305_ietf_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_keybytes","_crypto_aead_chacha20poly1305_ietf_keygen","_crypto_aead_chacha20poly1305_ietf_messagebytes_max","_crypto_aead_chacha20poly1305_ietf_npubbytes","_crypto_aead_chacha20poly1305_ietf_nsecbytes","_crypto_aead_chacha20poly1305_keybytes","_crypto_aead_chacha20poly1305_keygen","_crypto_aead_chacha20poly1305_messagebytes_max","_crypto_aead_chacha20poly1305_npubbytes","_crypto_aead_chacha20poly1305_nsecbytes","_crypto_aead_xchacha20poly1305_ietf_abytes","_crypto_aead_xchacha20poly1305_ietf_decrypt","_crypto_aead_xchacha20poly1305_ietf_decrypt_detached","_crypto_aead_xchacha20poly1305_ietf_encrypt","_crypto_aead_xchacha20poly1305_ietf_encrypt_detached","_crypto_aead_xchacha20poly1305_ietf_keybytes","_crypto_aead_xchacha20poly1305_ietf_keygen","_crypto_aead_xchacha20poly1305_ietf_messagebytes_max","_crypto_aead_xchacha20poly1305_ietf_npubbytes","_crypto_aead_xchacha20poly1305_ietf_nsecbytes","_crypto_auth","_crypto_auth_bytes","_crypto_auth_keybytes","_crypto_auth_keygen","_crypto_auth_verify","_crypto_box_beforenm","_crypto_box_beforenmbytes","_crypto_box_detached","_crypto_box_detached_afternm","_crypto_box_easy","_crypto_box_easy_afternm","_crypto_box_keypair","_crypto_box_macbytes","_crypto_box_messagebytes_max","_crypto_box_noncebytes","_crypto_box_open_detached","_crypto_box_open_detached_afternm","_crypto_box_open_easy","_crypto_box_open_easy_afternm","_crypto_box_publickeybytes","_crypto_box_seal","_crypto_box_seal_open","_crypto_box_sealbytes","_crypto_box_secretkeybytes","_crypto_box_seed_keypair","_crypto_box_seedbytes","_crypto_generichash","_crypto_generichash_bytes","_crypto_generichash_bytes_max","_crypto_generichash_bytes_min","_crypto_generichash_final","_crypto_generichash_init","_crypto_generichash_keybytes","_crypto_generichash_keybytes_max","_crypto_generichash_keybytes_min","_crypto_generichash_keygen","_crypto_generichash_statebytes","_crypto_generichash_update","_crypto_hash","_crypto_hash_bytes","_crypto_kdf_bytes_max","_crypto_kdf_bytes_min","_crypto_kdf_contextbytes","_crypto_kdf_derive_from_key","_crypto_kdf_keybytes","_crypto_kdf_keygen","_crypto_kx_client_session_keys","_crypto_kx_keypair","_crypto_kx_publickeybytes","_crypto_kx_secretkeybytes","_crypto_kx_seed_keypair","_crypto_kx_seedbytes","_crypto_kx_server_session_keys","_crypto_kx_sessionkeybytes","_crypto_pwhash","_crypto_pwhash_alg_argon2i13","_crypto_pwhash_alg_argon2id13","_crypto_pwhash_alg_default","_crypto_pwhash_bytes_max","_crypto_pwhash_bytes_min","_crypto_pwhash_memlimit_interactive","_crypto_pwhash_memlimit_max","_crypto_pwhash_memlimit_min","_crypto_pwhash_memlimit_moderate","_crypto_pwhash_memlimit_sensitive","_crypto_pwhash_opslimit_interactive","_crypto_pwhash_opslimit_max","_crypto_pwhash_opslimit_min","_crypto_pwhash_opslimit_moderate","_crypto_pwhash_opslimit_sensitive","_crypto_pwhash_passwd_max","_crypto_pwhash_passwd_min","_crypto_pwhash_saltbytes","_crypto_pwhash_str","_crypto_pwhash_str_alg","_crypto_pwhash_str_needs_rehash","_crypto_pwhash_str_verify","_crypto_pwhash_strbytes","_crypto_pwhash_strprefix","_crypto_scalarmult","_crypto_scalarmult_base","_crypto_scalarmult_bytes","_crypto_scalarmult_scalarbytes","_crypto_secretbox_detached","_crypto_secretbox_easy","_crypto_secretbox_keybytes","_crypto_secretbox_keygen","_crypto_secretbox_macbytes","_crypto_secretbox_messagebytes_max","_crypto_secretbox_noncebytes","_crypto_secretbox_open_detached","_crypto_secretbox_open_easy","_crypto_secretstream_xchacha20poly1305_abytes","_crypto_secretstream_xchacha20poly1305_headerbytes","_crypto_secretstream_xchacha20poly1305_init_pull","_crypto_secretstream_xchacha20poly1305_init_push","_crypto_secretstream_xchacha20poly1305_keybytes","_crypto_secretstream_xchacha20poly1305_keygen","_crypto_secretstream_xchacha20poly1305_messagebytes_max","_crypto_secretstream_xchacha20poly1305_pull","_crypto_secretstream_xchacha20poly1305_push","_crypto_secretstream_xchacha20poly1305_rekey","_crypto_secretstream_xchacha20poly1305_statebytes","_crypto_secretstream_xchacha20poly1305_tag_final","_crypto_secretstream_xchacha20poly1305_tag_message","_crypto_secretstream_xchacha20poly1305_tag_push","_crypto_secretstream_xchacha20poly1305_tag_rekey","_crypto_shorthash","_crypto_shorthash_bytes","_crypto_shorthash_keybytes","_crypto_shorthash_keygen","_crypto_sign","_crypto_sign_bytes","_crypto_sign_detached","_crypto_sign_ed25519_pk_to_curve25519","_crypto_sign_ed25519_sk_to_curve25519","_crypto_sign_final_create","_crypto_sign_final_verify","_crypto_sign_init","_crypto_sign_keypair","_crypto_sign_messagebytes_max","_crypto_sign_open","_crypto_sign_publickeybytes","_crypto_sign_secretkeybytes","_crypto_sign_seed_keypair","_crypto_sign_seedbytes","_crypto_sign_statebytes","_crypto_sign_update","_crypto_sign_verify_detached","_randombytes","_randombytes_buf","_randombytes_buf_deterministic","_randombytes_close","_randombytes_random","_randombytes_seedbytes","_randombytes_stir","_randombytes_uniform","_sodium_base642bin","_sodium_base64_encoded_len","_sodium_bin2base64","_sodium_bin2hex","_sodium_hex2bin","_sodium_init","_sodium_library_minimal","_sodium_library_version_major","_sodium_library_version_minor","_sodium_pad","_sodium_unpad","_sodium_version_string"]' +export EXPORTED_FUNCTIONS_STANDARD='["_malloc","_free","_crypto_aead_chacha20poly1305_abytes","_crypto_aead_chacha20poly1305_decrypt","_crypto_aead_chacha20poly1305_decrypt_detached","_crypto_aead_chacha20poly1305_encrypt","_crypto_aead_chacha20poly1305_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_abytes","_crypto_aead_chacha20poly1305_ietf_decrypt","_crypto_aead_chacha20poly1305_ietf_decrypt_detached","_crypto_aead_chacha20poly1305_ietf_encrypt","_crypto_aead_chacha20poly1305_ietf_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_keybytes","_crypto_aead_chacha20poly1305_ietf_keygen","_crypto_aead_chacha20poly1305_ietf_messagebytes_max","_crypto_aead_chacha20poly1305_ietf_npubbytes","_crypto_aead_chacha20poly1305_ietf_nsecbytes","_crypto_aead_chacha20poly1305_keybytes","_crypto_aead_chacha20poly1305_keygen","_crypto_aead_chacha20poly1305_messagebytes_max","_crypto_aead_chacha20poly1305_npubbytes","_crypto_aead_chacha20poly1305_nsecbytes","_crypto_aead_xchacha20poly1305_ietf_abytes","_crypto_aead_xchacha20poly1305_ietf_decrypt","_crypto_aead_xchacha20poly1305_ietf_decrypt_detached","_crypto_aead_xchacha20poly1305_ietf_encrypt","_crypto_aead_xchacha20poly1305_ietf_encrypt_detached","_crypto_aead_xchacha20poly1305_ietf_keybytes","_crypto_aead_xchacha20poly1305_ietf_keygen","_crypto_aead_xchacha20poly1305_ietf_messagebytes_max","_crypto_aead_xchacha20poly1305_ietf_npubbytes","_crypto_aead_xchacha20poly1305_ietf_nsecbytes","_crypto_auth","_crypto_auth_bytes","_crypto_auth_keybytes","_crypto_auth_keygen","_crypto_auth_verify","_crypto_box_beforenm","_crypto_box_beforenmbytes","_crypto_box_detached","_crypto_box_detached_afternm","_crypto_box_easy","_crypto_box_easy_afternm","_crypto_box_keypair","_crypto_box_macbytes","_crypto_box_messagebytes_max","_crypto_box_noncebytes","_crypto_box_open_detached","_crypto_box_open_detached_afternm","_crypto_box_open_easy","_crypto_box_open_easy_afternm","_crypto_box_publickeybytes","_crypto_box_seal","_crypto_box_seal_open","_crypto_box_sealbytes","_crypto_box_secretkeybytes","_crypto_box_seed_keypair","_crypto_box_seedbytes","_crypto_generichash","_crypto_generichash_bytes","_crypto_generichash_bytes_max","_crypto_generichash_bytes_min","_crypto_generichash_final","_crypto_generichash_init","_crypto_generichash_keybytes","_crypto_generichash_keybytes_max","_crypto_generichash_keybytes_min","_crypto_generichash_keygen","_crypto_generichash_statebytes","_crypto_generichash_update","_crypto_hash","_crypto_hash_bytes","_crypto_kdf_bytes_max","_crypto_kdf_bytes_min","_crypto_kdf_contextbytes","_crypto_kdf_derive_from_key","_crypto_kdf_keybytes","_crypto_kdf_keygen","_crypto_kx_client_session_keys","_crypto_kx_keypair","_crypto_kx_publickeybytes","_crypto_kx_secretkeybytes","_crypto_kx_seed_keypair","_crypto_kx_seedbytes","_crypto_kx_server_session_keys","_crypto_kx_sessionkeybytes","_crypto_scalarmult","_crypto_scalarmult_base","_crypto_scalarmult_bytes","_crypto_scalarmult_scalarbytes","_crypto_secretbox_detached","_crypto_secretbox_easy","_crypto_secretbox_keybytes","_crypto_secretbox_keygen","_crypto_secretbox_macbytes","_crypto_secretbox_messagebytes_max","_crypto_secretbox_noncebytes","_crypto_secretbox_open_detached","_crypto_secretbox_open_easy","_crypto_secretstream_xchacha20poly1305_abytes","_crypto_secretstream_xchacha20poly1305_headerbytes","_crypto_secretstream_xchacha20poly1305_init_pull","_crypto_secretstream_xchacha20poly1305_init_push","_crypto_secretstream_xchacha20poly1305_keybytes","_crypto_secretstream_xchacha20poly1305_keygen","_crypto_secretstream_xchacha20poly1305_messagebytes_max","_crypto_secretstream_xchacha20poly1305_pull","_crypto_secretstream_xchacha20poly1305_push","_crypto_secretstream_xchacha20poly1305_rekey","_crypto_secretstream_xchacha20poly1305_statebytes","_crypto_secretstream_xchacha20poly1305_tag_final","_crypto_secretstream_xchacha20poly1305_tag_message","_crypto_secretstream_xchacha20poly1305_tag_push","_crypto_secretstream_xchacha20poly1305_tag_rekey","_crypto_shorthash","_crypto_shorthash_bytes","_crypto_shorthash_keybytes","_crypto_shorthash_keygen","_crypto_sign","_crypto_sign_bytes","_crypto_sign_detached","_crypto_sign_ed25519_pk_to_curve25519","_crypto_sign_ed25519_sk_to_curve25519","_crypto_sign_final_create","_crypto_sign_final_verify","_crypto_sign_init","_crypto_sign_keypair","_crypto_sign_messagebytes_max","_crypto_sign_open","_crypto_sign_publickeybytes","_crypto_sign_secretkeybytes","_crypto_sign_seed_keypair","_crypto_sign_seedbytes","_crypto_sign_statebytes","_crypto_sign_update","_crypto_sign_verify_detached","_randombytes","_randombytes_buf","_randombytes_buf_deterministic","_randombytes_close","_randombytes_random","_randombytes_seedbytes","_randombytes_stir","_randombytes_uniform","_sodium_base642bin","_sodium_base64_encoded_len","_sodium_bin2base64","_sodium_bin2hex","_sodium_hex2bin","_sodium_init","_sodium_library_minimal","_sodium_library_version_major","_sodium_library_version_minor","_sodium_pad","_sodium_unpad","_sodium_version_string"]' export EXPORTED_FUNCTIONS_SUMO='["_malloc","_free","_crypto_aead_chacha20poly1305_abytes","_crypto_aead_chacha20poly1305_decrypt","_crypto_aead_chacha20poly1305_decrypt_detached","_crypto_aead_chacha20poly1305_encrypt","_crypto_aead_chacha20poly1305_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_abytes","_crypto_aead_chacha20poly1305_ietf_decrypt","_crypto_aead_chacha20poly1305_ietf_decrypt_detached","_crypto_aead_chacha20poly1305_ietf_encrypt","_crypto_aead_chacha20poly1305_ietf_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_keybytes","_crypto_aead_chacha20poly1305_ietf_keygen","_crypto_aead_chacha20poly1305_ietf_messagebytes_max","_crypto_aead_chacha20poly1305_ietf_npubbytes","_crypto_aead_chacha20poly1305_ietf_nsecbytes","_crypto_aead_chacha20poly1305_keybytes","_crypto_aead_chacha20poly1305_keygen","_crypto_aead_chacha20poly1305_messagebytes_max","_crypto_aead_chacha20poly1305_npubbytes","_crypto_aead_chacha20poly1305_nsecbytes","_crypto_aead_xchacha20poly1305_ietf_abytes","_crypto_aead_xchacha20poly1305_ietf_decrypt","_crypto_aead_xchacha20poly1305_ietf_decrypt_detached","_crypto_aead_xchacha20poly1305_ietf_encrypt","_crypto_aead_xchacha20poly1305_ietf_encrypt_detached","_crypto_aead_xchacha20poly1305_ietf_keybytes","_crypto_aead_xchacha20poly1305_ietf_keygen","_crypto_aead_xchacha20poly1305_ietf_messagebytes_max","_crypto_aead_xchacha20poly1305_ietf_npubbytes","_crypto_aead_xchacha20poly1305_ietf_nsecbytes","_crypto_auth","_crypto_auth_bytes","_crypto_auth_hmacsha256","_crypto_auth_hmacsha256_bytes","_crypto_auth_hmacsha256_final","_crypto_auth_hmacsha256_init","_crypto_auth_hmacsha256_keybytes","_crypto_auth_hmacsha256_keygen","_crypto_auth_hmacsha256_statebytes","_crypto_auth_hmacsha256_update","_crypto_auth_hmacsha256_verify","_crypto_auth_hmacsha512","_crypto_auth_hmacsha512256","_crypto_auth_hmacsha512256_bytes","_crypto_auth_hmacsha512256_final","_crypto_auth_hmacsha512256_init","_crypto_auth_hmacsha512256_keybytes","_crypto_auth_hmacsha512256_keygen","_crypto_auth_hmacsha512256_statebytes","_crypto_auth_hmacsha512256_update","_crypto_auth_hmacsha512256_verify","_crypto_auth_hmacsha512_bytes","_crypto_auth_hmacsha512_final","_crypto_auth_hmacsha512_init","_crypto_auth_hmacsha512_keybytes","_crypto_auth_hmacsha512_keygen","_crypto_auth_hmacsha512_statebytes","_crypto_auth_hmacsha512_update","_crypto_auth_hmacsha512_verify","_crypto_auth_keybytes","_crypto_auth_keygen","_crypto_auth_primitive","_crypto_auth_verify","_crypto_box","_crypto_box_afternm","_crypto_box_beforenm","_crypto_box_beforenmbytes","_crypto_box_boxzerobytes","_crypto_box_curve25519xchacha20poly1305_beforenm","_crypto_box_curve25519xchacha20poly1305_beforenmbytes","_crypto_box_curve25519xchacha20poly1305_detached","_crypto_box_curve25519xchacha20poly1305_detached_afternm","_crypto_box_curve25519xchacha20poly1305_easy","_crypto_box_curve25519xchacha20poly1305_easy_afternm","_crypto_box_curve25519xchacha20poly1305_keypair","_crypto_box_curve25519xchacha20poly1305_macbytes","_crypto_box_curve25519xchacha20poly1305_messagebytes_max","_crypto_box_curve25519xchacha20poly1305_noncebytes","_crypto_box_curve25519xchacha20poly1305_open_detached","_crypto_box_curve25519xchacha20poly1305_open_detached_afternm","_crypto_box_curve25519xchacha20poly1305_open_easy","_crypto_box_curve25519xchacha20poly1305_open_easy_afternm","_crypto_box_curve25519xchacha20poly1305_publickeybytes","_crypto_box_curve25519xchacha20poly1305_seal","_crypto_box_curve25519xchacha20poly1305_seal_open","_crypto_box_curve25519xchacha20poly1305_sealbytes","_crypto_box_curve25519xchacha20poly1305_secretkeybytes","_crypto_box_curve25519xchacha20poly1305_seed_keypair","_crypto_box_curve25519xchacha20poly1305_seedbytes","_crypto_box_curve25519xsalsa20poly1305","_crypto_box_curve25519xsalsa20poly1305_afternm","_crypto_box_curve25519xsalsa20poly1305_beforenm","_crypto_box_curve25519xsalsa20poly1305_beforenmbytes","_crypto_box_curve25519xsalsa20poly1305_boxzerobytes","_crypto_box_curve25519xsalsa20poly1305_keypair","_crypto_box_curve25519xsalsa20poly1305_macbytes","_crypto_box_curve25519xsalsa20poly1305_messagebytes_max","_crypto_box_curve25519xsalsa20poly1305_noncebytes","_crypto_box_curve25519xsalsa20poly1305_open","_crypto_box_curve25519xsalsa20poly1305_open_afternm","_crypto_box_curve25519xsalsa20poly1305_publickeybytes","_crypto_box_curve25519xsalsa20poly1305_secretkeybytes","_crypto_box_curve25519xsalsa20poly1305_seed_keypair","_crypto_box_curve25519xsalsa20poly1305_seedbytes","_crypto_box_curve25519xsalsa20poly1305_zerobytes","_crypto_box_detached","_crypto_box_detached_afternm","_crypto_box_easy","_crypto_box_easy_afternm","_crypto_box_keypair","_crypto_box_macbytes","_crypto_box_messagebytes_max","_crypto_box_noncebytes","_crypto_box_open","_crypto_box_open_afternm","_crypto_box_open_detached","_crypto_box_open_detached_afternm","_crypto_box_open_easy","_crypto_box_open_easy_afternm","_crypto_box_primitive","_crypto_box_publickeybytes","_crypto_box_seal","_crypto_box_seal_open","_crypto_box_sealbytes","_crypto_box_secretkeybytes","_crypto_box_seed_keypair","_crypto_box_seedbytes","_crypto_box_zerobytes","_crypto_core_ed25519_add","_crypto_core_ed25519_bytes","_crypto_core_ed25519_from_hash","_crypto_core_ed25519_from_uniform","_crypto_core_ed25519_hashbytes","_crypto_core_ed25519_is_valid_point","_crypto_core_ed25519_nonreducedscalarbytes","_crypto_core_ed25519_random","_crypto_core_ed25519_scalar_add","_crypto_core_ed25519_scalar_complement","_crypto_core_ed25519_scalar_invert","_crypto_core_ed25519_scalar_mul","_crypto_core_ed25519_scalar_negate","_crypto_core_ed25519_scalar_random","_crypto_core_ed25519_scalar_reduce","_crypto_core_ed25519_scalar_sub","_crypto_core_ed25519_scalarbytes","_crypto_core_ed25519_sub","_crypto_core_ed25519_uniformbytes","_crypto_core_hchacha20","_crypto_core_hchacha20_constbytes","_crypto_core_hchacha20_inputbytes","_crypto_core_hchacha20_keybytes","_crypto_core_hchacha20_outputbytes","_crypto_core_hsalsa20","_crypto_core_hsalsa20_constbytes","_crypto_core_hsalsa20_inputbytes","_crypto_core_hsalsa20_keybytes","_crypto_core_hsalsa20_outputbytes","_crypto_core_ristretto255_add","_crypto_core_ristretto255_bytes","_crypto_core_ristretto255_from_hash","_crypto_core_ristretto255_hashbytes","_crypto_core_ristretto255_is_valid_point","_crypto_core_ristretto255_nonreducedscalarbytes","_crypto_core_ristretto255_random","_crypto_core_ristretto255_scalar_add","_crypto_core_ristretto255_scalar_complement","_crypto_core_ristretto255_scalar_invert","_crypto_core_ristretto255_scalar_mul","_crypto_core_ristretto255_scalar_negate","_crypto_core_ristretto255_scalar_random","_crypto_core_ristretto255_scalar_reduce","_crypto_core_ristretto255_scalar_sub","_crypto_core_ristretto255_scalarbytes","_crypto_core_ristretto255_sub","_crypto_core_salsa20","_crypto_core_salsa2012","_crypto_core_salsa2012_constbytes","_crypto_core_salsa2012_inputbytes","_crypto_core_salsa2012_keybytes","_crypto_core_salsa2012_outputbytes","_crypto_core_salsa208","_crypto_core_salsa208_constbytes","_crypto_core_salsa208_inputbytes","_crypto_core_salsa208_keybytes","_crypto_core_salsa208_outputbytes","_crypto_core_salsa20_constbytes","_crypto_core_salsa20_inputbytes","_crypto_core_salsa20_keybytes","_crypto_core_salsa20_outputbytes","_crypto_generichash","_crypto_generichash_blake2b","_crypto_generichash_blake2b_bytes","_crypto_generichash_blake2b_bytes_max","_crypto_generichash_blake2b_bytes_min","_crypto_generichash_blake2b_final","_crypto_generichash_blake2b_init","_crypto_generichash_blake2b_init_salt_personal","_crypto_generichash_blake2b_keybytes","_crypto_generichash_blake2b_keybytes_max","_crypto_generichash_blake2b_keybytes_min","_crypto_generichash_blake2b_keygen","_crypto_generichash_blake2b_personalbytes","_crypto_generichash_blake2b_salt_personal","_crypto_generichash_blake2b_saltbytes","_crypto_generichash_blake2b_statebytes","_crypto_generichash_blake2b_update","_crypto_generichash_bytes","_crypto_generichash_bytes_max","_crypto_generichash_bytes_min","_crypto_generichash_final","_crypto_generichash_init","_crypto_generichash_keybytes","_crypto_generichash_keybytes_max","_crypto_generichash_keybytes_min","_crypto_generichash_keygen","_crypto_generichash_primitive","_crypto_generichash_statebytes","_crypto_generichash_update","_crypto_hash","_crypto_hash_bytes","_crypto_hash_primitive","_crypto_hash_sha256","_crypto_hash_sha256_bytes","_crypto_hash_sha256_final","_crypto_hash_sha256_init","_crypto_hash_sha256_statebytes","_crypto_hash_sha256_update","_crypto_hash_sha512","_crypto_hash_sha512_bytes","_crypto_hash_sha512_final","_crypto_hash_sha512_init","_crypto_hash_sha512_statebytes","_crypto_hash_sha512_update","_crypto_kdf_blake2b_bytes_max","_crypto_kdf_blake2b_bytes_min","_crypto_kdf_blake2b_contextbytes","_crypto_kdf_blake2b_derive_from_key","_crypto_kdf_blake2b_keybytes","_crypto_kdf_bytes_max","_crypto_kdf_bytes_min","_crypto_kdf_contextbytes","_crypto_kdf_derive_from_key","_crypto_kdf_keybytes","_crypto_kdf_keygen","_crypto_kdf_primitive","_crypto_kx_client_session_keys","_crypto_kx_keypair","_crypto_kx_primitive","_crypto_kx_publickeybytes","_crypto_kx_secretkeybytes","_crypto_kx_seed_keypair","_crypto_kx_seedbytes","_crypto_kx_server_session_keys","_crypto_kx_sessionkeybytes","_crypto_onetimeauth","_crypto_onetimeauth_bytes","_crypto_onetimeauth_final","_crypto_onetimeauth_init","_crypto_onetimeauth_keybytes","_crypto_onetimeauth_keygen","_crypto_onetimeauth_poly1305","_crypto_onetimeauth_poly1305_bytes","_crypto_onetimeauth_poly1305_final","_crypto_onetimeauth_poly1305_init","_crypto_onetimeauth_poly1305_keybytes","_crypto_onetimeauth_poly1305_keygen","_crypto_onetimeauth_poly1305_statebytes","_crypto_onetimeauth_poly1305_update","_crypto_onetimeauth_poly1305_verify","_crypto_onetimeauth_primitive","_crypto_onetimeauth_statebytes","_crypto_onetimeauth_update","_crypto_onetimeauth_verify","_crypto_pwhash","_crypto_pwhash_alg_argon2i13","_crypto_pwhash_alg_argon2id13","_crypto_pwhash_alg_default","_crypto_pwhash_argon2i","_crypto_pwhash_argon2i_alg_argon2i13","_crypto_pwhash_argon2i_bytes_max","_crypto_pwhash_argon2i_bytes_min","_crypto_pwhash_argon2i_memlimit_interactive","_crypto_pwhash_argon2i_memlimit_max","_crypto_pwhash_argon2i_memlimit_min","_crypto_pwhash_argon2i_memlimit_moderate","_crypto_pwhash_argon2i_memlimit_sensitive","_crypto_pwhash_argon2i_opslimit_interactive","_crypto_pwhash_argon2i_opslimit_max","_crypto_pwhash_argon2i_opslimit_min","_crypto_pwhash_argon2i_opslimit_moderate","_crypto_pwhash_argon2i_opslimit_sensitive","_crypto_pwhash_argon2i_passwd_max","_crypto_pwhash_argon2i_passwd_min","_crypto_pwhash_argon2i_saltbytes","_crypto_pwhash_argon2i_str","_crypto_pwhash_argon2i_str_needs_rehash","_crypto_pwhash_argon2i_str_verify","_crypto_pwhash_argon2i_strbytes","_crypto_pwhash_argon2i_strprefix","_crypto_pwhash_argon2id","_crypto_pwhash_argon2id_alg_argon2id13","_crypto_pwhash_argon2id_bytes_max","_crypto_pwhash_argon2id_bytes_min","_crypto_pwhash_argon2id_memlimit_interactive","_crypto_pwhash_argon2id_memlimit_max","_crypto_pwhash_argon2id_memlimit_min","_crypto_pwhash_argon2id_memlimit_moderate","_crypto_pwhash_argon2id_memlimit_sensitive","_crypto_pwhash_argon2id_opslimit_interactive","_crypto_pwhash_argon2id_opslimit_max","_crypto_pwhash_argon2id_opslimit_min","_crypto_pwhash_argon2id_opslimit_moderate","_crypto_pwhash_argon2id_opslimit_sensitive","_crypto_pwhash_argon2id_passwd_max","_crypto_pwhash_argon2id_passwd_min","_crypto_pwhash_argon2id_saltbytes","_crypto_pwhash_argon2id_str","_crypto_pwhash_argon2id_str_needs_rehash","_crypto_pwhash_argon2id_str_verify","_crypto_pwhash_argon2id_strbytes","_crypto_pwhash_argon2id_strprefix","_crypto_pwhash_bytes_max","_crypto_pwhash_bytes_min","_crypto_pwhash_memlimit_interactive","_crypto_pwhash_memlimit_max","_crypto_pwhash_memlimit_min","_crypto_pwhash_memlimit_moderate","_crypto_pwhash_memlimit_sensitive","_crypto_pwhash_opslimit_interactive","_crypto_pwhash_opslimit_max","_crypto_pwhash_opslimit_min","_crypto_pwhash_opslimit_moderate","_crypto_pwhash_opslimit_sensitive","_crypto_pwhash_passwd_max","_crypto_pwhash_passwd_min","_crypto_pwhash_primitive","_crypto_pwhash_saltbytes","_crypto_pwhash_scryptsalsa208sha256","_crypto_pwhash_scryptsalsa208sha256_bytes_max","_crypto_pwhash_scryptsalsa208sha256_bytes_min","_crypto_pwhash_scryptsalsa208sha256_ll","_crypto_pwhash_scryptsalsa208sha256_memlimit_interactive","_crypto_pwhash_scryptsalsa208sha256_memlimit_max","_crypto_pwhash_scryptsalsa208sha256_memlimit_min","_crypto_pwhash_scryptsalsa208sha256_memlimit_sensitive","_crypto_pwhash_scryptsalsa208sha256_opslimit_interactive","_crypto_pwhash_scryptsalsa208sha256_opslimit_max","_crypto_pwhash_scryptsalsa208sha256_opslimit_min","_crypto_pwhash_scryptsalsa208sha256_opslimit_sensitive","_crypto_pwhash_scryptsalsa208sha256_passwd_max","_crypto_pwhash_scryptsalsa208sha256_passwd_min","_crypto_pwhash_scryptsalsa208sha256_saltbytes","_crypto_pwhash_scryptsalsa208sha256_str","_crypto_pwhash_scryptsalsa208sha256_str_needs_rehash","_crypto_pwhash_scryptsalsa208sha256_str_verify","_crypto_pwhash_scryptsalsa208sha256_strbytes","_crypto_pwhash_scryptsalsa208sha256_strprefix","_crypto_pwhash_str","_crypto_pwhash_str_alg","_crypto_pwhash_str_needs_rehash","_crypto_pwhash_str_verify","_crypto_pwhash_strbytes","_crypto_pwhash_strprefix","_crypto_scalarmult","_crypto_scalarmult_base","_crypto_scalarmult_bytes","_crypto_scalarmult_curve25519","_crypto_scalarmult_curve25519_base","_crypto_scalarmult_curve25519_bytes","_crypto_scalarmult_curve25519_scalarbytes","_crypto_scalarmult_ed25519","_crypto_scalarmult_ed25519_base","_crypto_scalarmult_ed25519_base_noclamp","_crypto_scalarmult_ed25519_bytes","_crypto_scalarmult_ed25519_noclamp","_crypto_scalarmult_ed25519_scalarbytes","_crypto_scalarmult_primitive","_crypto_scalarmult_ristretto255","_crypto_scalarmult_ristretto255_base","_crypto_scalarmult_ristretto255_bytes","_crypto_scalarmult_ristretto255_scalarbytes","_crypto_scalarmult_scalarbytes","_crypto_secretbox","_crypto_secretbox_boxzerobytes","_crypto_secretbox_detached","_crypto_secretbox_easy","_crypto_secretbox_keybytes","_crypto_secretbox_keygen","_crypto_secretbox_macbytes","_crypto_secretbox_messagebytes_max","_crypto_secretbox_noncebytes","_crypto_secretbox_open","_crypto_secretbox_open_detached","_crypto_secretbox_open_easy","_crypto_secretbox_primitive","_crypto_secretbox_xchacha20poly1305_detached","_crypto_secretbox_xchacha20poly1305_easy","_crypto_secretbox_xchacha20poly1305_keybytes","_crypto_secretbox_xchacha20poly1305_macbytes","_crypto_secretbox_xchacha20poly1305_messagebytes_max","_crypto_secretbox_xchacha20poly1305_noncebytes","_crypto_secretbox_xchacha20poly1305_open_detached","_crypto_secretbox_xchacha20poly1305_open_easy","_crypto_secretbox_xsalsa20poly1305","_crypto_secretbox_xsalsa20poly1305_boxzerobytes","_crypto_secretbox_xsalsa20poly1305_keybytes","_crypto_secretbox_xsalsa20poly1305_keygen","_crypto_secretbox_xsalsa20poly1305_macbytes","_crypto_secretbox_xsalsa20poly1305_messagebytes_max","_crypto_secretbox_xsalsa20poly1305_noncebytes","_crypto_secretbox_xsalsa20poly1305_open","_crypto_secretbox_xsalsa20poly1305_zerobytes","_crypto_secretbox_zerobytes","_crypto_secretstream_xchacha20poly1305_abytes","_crypto_secretstream_xchacha20poly1305_headerbytes","_crypto_secretstream_xchacha20poly1305_init_pull","_crypto_secretstream_xchacha20poly1305_init_push","_crypto_secretstream_xchacha20poly1305_keybytes","_crypto_secretstream_xchacha20poly1305_keygen","_crypto_secretstream_xchacha20poly1305_messagebytes_max","_crypto_secretstream_xchacha20poly1305_pull","_crypto_secretstream_xchacha20poly1305_push","_crypto_secretstream_xchacha20poly1305_rekey","_crypto_secretstream_xchacha20poly1305_statebytes","_crypto_secretstream_xchacha20poly1305_tag_final","_crypto_secretstream_xchacha20poly1305_tag_message","_crypto_secretstream_xchacha20poly1305_tag_push","_crypto_secretstream_xchacha20poly1305_tag_rekey","_crypto_shorthash","_crypto_shorthash_bytes","_crypto_shorthash_keybytes","_crypto_shorthash_keygen","_crypto_shorthash_primitive","_crypto_shorthash_siphash24","_crypto_shorthash_siphash24_bytes","_crypto_shorthash_siphash24_keybytes","_crypto_shorthash_siphashx24","_crypto_shorthash_siphashx24_bytes","_crypto_shorthash_siphashx24_keybytes","_crypto_sign","_crypto_sign_bytes","_crypto_sign_detached","_crypto_sign_ed25519","_crypto_sign_ed25519_bytes","_crypto_sign_ed25519_detached","_crypto_sign_ed25519_keypair","_crypto_sign_ed25519_messagebytes_max","_crypto_sign_ed25519_open","_crypto_sign_ed25519_pk_to_curve25519","_crypto_sign_ed25519_publickeybytes","_crypto_sign_ed25519_secretkeybytes","_crypto_sign_ed25519_seed_keypair","_crypto_sign_ed25519_seedbytes","_crypto_sign_ed25519_sk_to_curve25519","_crypto_sign_ed25519_sk_to_pk","_crypto_sign_ed25519_sk_to_seed","_crypto_sign_ed25519_verify_detached","_crypto_sign_ed25519ph_final_create","_crypto_sign_ed25519ph_final_verify","_crypto_sign_ed25519ph_init","_crypto_sign_ed25519ph_statebytes","_crypto_sign_ed25519ph_update","_crypto_sign_final_create","_crypto_sign_final_verify","_crypto_sign_init","_crypto_sign_keypair","_crypto_sign_messagebytes_max","_crypto_sign_open","_crypto_sign_primitive","_crypto_sign_publickeybytes","_crypto_sign_secretkeybytes","_crypto_sign_seed_keypair","_crypto_sign_seedbytes","_crypto_sign_statebytes","_crypto_sign_update","_crypto_sign_verify_detached","_crypto_stream","_crypto_stream_chacha20","_crypto_stream_chacha20_ietf","_crypto_stream_chacha20_ietf_keybytes","_crypto_stream_chacha20_ietf_keygen","_crypto_stream_chacha20_ietf_messagebytes_max","_crypto_stream_chacha20_ietf_noncebytes","_crypto_stream_chacha20_ietf_xor","_crypto_stream_chacha20_ietf_xor_ic","_crypto_stream_chacha20_keybytes","_crypto_stream_chacha20_keygen","_crypto_stream_chacha20_messagebytes_max","_crypto_stream_chacha20_noncebytes","_crypto_stream_chacha20_xor","_crypto_stream_chacha20_xor_ic","_crypto_stream_keybytes","_crypto_stream_keygen","_crypto_stream_messagebytes_max","_crypto_stream_noncebytes","_crypto_stream_primitive","_crypto_stream_salsa20","_crypto_stream_salsa2012","_crypto_stream_salsa2012_keybytes","_crypto_stream_salsa2012_keygen","_crypto_stream_salsa2012_messagebytes_max","_crypto_stream_salsa2012_noncebytes","_crypto_stream_salsa2012_xor","_crypto_stream_salsa208","_crypto_stream_salsa208_keybytes","_crypto_stream_salsa208_keygen","_crypto_stream_salsa208_messagebytes_max","_crypto_stream_salsa208_noncebytes","_crypto_stream_salsa208_xor","_crypto_stream_salsa20_keybytes","_crypto_stream_salsa20_keygen","_crypto_stream_salsa20_messagebytes_max","_crypto_stream_salsa20_noncebytes","_crypto_stream_salsa20_xor","_crypto_stream_salsa20_xor_ic","_crypto_stream_xchacha20","_crypto_stream_xchacha20_keybytes","_crypto_stream_xchacha20_keygen","_crypto_stream_xchacha20_messagebytes_max","_crypto_stream_xchacha20_noncebytes","_crypto_stream_xchacha20_xor","_crypto_stream_xchacha20_xor_ic","_crypto_stream_xor","_crypto_stream_xsalsa20","_crypto_stream_xsalsa20_keybytes","_crypto_stream_xsalsa20_keygen","_crypto_stream_xsalsa20_messagebytes_max","_crypto_stream_xsalsa20_noncebytes","_crypto_stream_xsalsa20_xor","_crypto_stream_xsalsa20_xor_ic","_crypto_verify_16","_crypto_verify_16_bytes","_crypto_verify_32","_crypto_verify_32_bytes","_crypto_verify_64","_crypto_verify_64_bytes","_randombytes","_randombytes_buf","_randombytes_buf_deterministic","_randombytes_close","_randombytes_implementation_name","_randombytes_random","_randombytes_seedbytes","_randombytes_stir","_randombytes_uniform","_sodium_base642bin","_sodium_base64_encoded_len","_sodium_bin2base64","_sodium_bin2hex","_sodium_hex2bin","_sodium_init","_sodium_library_minimal","_sodium_library_version_major","_sodium_library_version_minor","_sodium_pad","_sodium_unpad","_sodium_version_string"]' export EXPORTED_RUNTIME_METHODS='["UTF8ToString","getValue","setValue"]' -export MAX_MEMORY=16777216 -export MAX_MEMORY_SUMO=16777216 -export MAX_MEMORY_TESTS=16777216 +export JS_RESERVED_MEMORY_STANDARD=16MB +export JS_RESERVED_MEMORY_SUMO=48MB +export JS_RESERVED_MEMORY_TESTS=16MB +export WASM_INITIAL_MEMORY=4MB export LDFLAGS="-s RESERVED_FUNCTION_POINTERS=8" export LDFLAGS="${LDFLAGS} -s ALLOW_MEMORY_GROWTH=1" export LDFLAGS="${LDFLAGS} -s SINGLE_FILE=1" @@ -16,38 +17,41 @@ export LDFLAGS="${LDFLAGS} -s DISABLE_EXCEPTION_CATCHING=1" export LDFLAGS="${LDFLAGS} -s ELIMINATE_DUPLICATE_FUNCTIONS=1" export LDFLAGS="${LDFLAGS} -s NODEJS_CATCH_EXIT=0" export LDFLAGS="${LDFLAGS} -s NODEJS_CATCH_REJECTION=0" -export CFLAGS="-Os" echo -if [ "x$1" = "x--standard" ]; then +if [ "$1" = "--standard" ]; then export EXPORTED_FUNCTIONS="$EXPORTED_FUNCTIONS_STANDARD" - export LDFLAGS="${LDFLAGS} ${LDFLAGS_DIST} -s TOTAL_MEMORY=${MAX_MEMORY}" + export LDFLAGS="${LDFLAGS} ${LDFLAGS_DIST}" + export LDFLAGS_JS="-s TOTAL_MEMORY=${JS_RESERVED_MEMORY_STANDARD}" export PREFIX="$(pwd)/libsodium-js" export DONE_FILE="$(pwd)/js.done" export CONFIG_EXTRA="--enable-minimal" export DIST='yes' echo "Building a standard distribution in [${PREFIX}]" -elif [ "x$1" = "x--sumo" ]; then +elif [ "$1" = "--sumo" ]; then export EXPORTED_FUNCTIONS="$EXPORTED_FUNCTIONS_SUMO" - export LDFLAGS="${LDFLAGS} ${LDFLAGS_DIST} -s TOTAL_MEMORY=${MAX_MEMORY_SUMO}" + export LDFLAGS="${LDFLAGS} ${LDFLAGS_DIST}" + export LDFLAGS_JS="-s TOTAL_MEMORY=${JS_RESERVED_MEMORY_SUMO}" export PREFIX="$(pwd)/libsodium-js-sumo" export DONE_FILE="$(pwd)/js-sumo.done" export DIST='yes' echo "Building a sumo distribution in [${PREFIX}]" -elif [ "x$1" = "x--browser-tests" ]; then +elif [ "$1" = "--browser-tests" ]; then export EXPORTED_FUNCTIONS="$EXPORTED_FUNCTIONS_SUMO" export CPPFLAGS="${CPPFLAGS} -s FORCE_FILESYSTEM=1" - export LDFLAGS="${LDFLAGS} -s TOTAL_MEMORY=${MAX_MEMORY_TESTS}" + export LDFLAGS="${LDFLAGS}" + export LDFLAGS_JS="-s TOTAL_MEMORY=${JS_RESERVED_MEMORY_TESTS}" export PREFIX="$(pwd)/libsodium-js-tests" export DONE_FILE="$(pwd)/js-tests-browser.done" export BROWSER_TESTS='yes' export DIST='no' echo "Building tests for web browsers in [${PREFIX}]" -elif [ "x$1" = "x--tests" ]; then +elif [ "$1" = "--tests" ]; then echo "Building for testing" export EXPORTED_FUNCTIONS="$EXPORTED_FUNCTIONS_SUMO" export CPPFLAGS="${CPPFLAGS} -s FORCE_FILESYSTEM=1 -DBENCHMARKS -DITERATIONS=10" - export LDFLAGS="${LDFLAGS} -s TOTAL_MEMORY=${MAX_MEMORY_TESTS}" + export LDFLAGS="${LDFLAGS}" + export LDFLAGS_JS="-s TOTAL_MEMORY=${JS_RESERVED_MEMORY_TESTS}" export PREFIX="$(pwd)/libsodium-js-tests" export DONE_FILE="$(pwd)/js-tests.done" export DIST='no' @@ -58,31 +62,30 @@ else echo exit 1 fi -export JS_EXPORTS_FLAGS="-s EXPORTED_FUNCTIONS=${EXPORTED_FUNCTIONS} -s EXTRA_EXPORTED_RUNTIME_METHODS=${EXPORTED_RUNTIME_METHODS}" +export JS_EXPORTS_FLAGS="-s EXPORTED_FUNCTIONS=${EXPORTED_FUNCTIONS} -s EXPORTED_RUNTIME_METHODS=${EXPORTED_RUNTIME_METHODS}" rm -f "$DONE_FILE" echo emconfigure ./configure $CONFIG_EXTRA --disable-shared --prefix="$PREFIX" \ - --without-pthreads \ - --disable-ssp --disable-asm --disable-pie \ - CFLAGS="$CFLAGS" && \ -emmake make clean + --without-pthreads \ + --disable-ssp --disable-asm --disable-pie && + emmake make clean [ $? = 0 ] || exit 1 if [ "$DIST" = yes ]; then - emccLibsodium () { + emccLibsodium() { outFile="${1}" shift - emcc "$CFLAGS" --llvm-lto 1 $CPPFLAGS $LDFLAGS $JS_EXPORTS_FLAGS ${@} \ + emcc "$CFLAGS" --llvm-lto 1 $CPPFLAGS $LDFLAGS $JS_EXPORTS_FLAGS "${@}" \ "${PREFIX}/lib/libsodium.a" -o "${outFile}" || exit 1 } emmake make $MAKE_FLAGS install || exit 1 - emccLibsodium "${PREFIX}/lib/libsodium.asm.tmp.js" -Oz -s WASM=0 - emccLibsodium "${PREFIX}/lib/libsodium.wasm.tmp.js" -O3 -s WASM=1 + emccLibsodium "${PREFIX}/lib/libsodium.asm.tmp.js" -Oz -s WASM=0 $LDFLAGS_JS + emccLibsodium "${PREFIX}/lib/libsodium.wasm.tmp.js" -O3 -s WASM=1 -s EVAL_CTORS=1 -s INITIAL_MEMORY=${WASM_INITIAL_MEMORY} - cat > "${PREFIX}/lib/libsodium.js" <<- EOM + cat >"${PREFIX}/lib/libsodium.js" <<-EOM var Module; if (typeof Module === 'undefined') { Module = {}; @@ -95,9 +98,6 @@ if [ "$DIST" = yes ]; then root = window; } } - if (typeof root['sodium'] === 'object' && typeof root['sodium']['totalMemory'] === 'number') { - Module['TOTAL_MEMORY'] = root['sodium']['totalMemory']; - } var _Module = Module; Module.ready = new Promise(function(resolve, reject) { var Module = _Module; @@ -134,7 +134,7 @@ if [ "$DIST" = yes ]; then resolve(); }; - $(cat "${PREFIX}/lib/libsodium.asm.tmp.js" | sed 's|use asm||g') + $(sed "s|use asm||g" "${PREFIX}/lib/libsodium.asm.tmp.js") }); }; $(cat "${PREFIX}/lib/libsodium.wasm.tmp.js") @@ -149,54 +149,55 @@ EOM exit 0 fi -if test "x$NODE" = x; then +if test "$NODE" = ""; then for candidate in /usr/local/bin/node /usr/local/bin/nodejs /usr/bin/node /usr/bin/nodejs node nodejs; do case $($candidate --version 2>&1) in #( - v*) - NODE=$candidate - break ;; + v*) + NODE=$candidate + break + ;; esac done fi if [ "x$BROWSER_TESTS" != "x" ]; then - echo 'Compiling the test suite for web browsers...' && \ - emmake make $MAKE_FLAGS CPPFLAGS="$CPPFLAGS -DBROWSER_TESTS=1" check > /dev/null 2>&1 + echo 'Compiling the test suite for web browsers...' && + emmake make $MAKE_FLAGS CPPFLAGS="$CPPFLAGS -DBROWSER_TESTS=1" check >/dev/null 2>&1 else - if test "x$NODE" = x; then + if test "$NODE" = ""; then echo 'node.js not found - test suite skipped' >&2 exit 1 fi echo "Using [${NODE}] as a Javascript runtime" - echo 'Compiling the test suite...' && \ - emmake make $MAKE_FLAGS check > /dev/null 2>&1 + echo 'Compiling the test suite...' && + emmake make $MAKE_FLAGS check >/dev/null 2>&1 fi if [ "x$BROWSER_TESTS" != "x" ]; then echo 'Creating the test suite for web browsers' ( - cd test/default && \ - mkdir -p browser && \ - rm -f browser/tests.txt && \ - for file in *.js; do - fgrep -v "#! /usr/bin/env ${NODE}" "$file" > "browser/${file}" - tname=$(echo "$file" | sed 's/.js$//') - cp -f "${tname}.exp" "browser/${tname}.exp" - sed "s/{{tname}}/${tname}/" index.html.tpl > "browser/${tname}.html" - echo "${tname}.html" >> "browser/tests.txt" - done + cd test/default && + mkdir -p browser && + rm -f browser/tests.txt && + for file in *.js; do + grep -Fv "#! /usr/bin/env ${NODE}" "$file" >"browser/${file}" + tname=$(echo "$file" | sed 's/.js$//') + cp -f "${tname}.exp" "browser/${tname}.exp" + sed "s/{{tname}}/${tname}/" index.html.tpl >"browser/${tname}.html" + echo "${tname}.html" >>"browser/tests.txt" + done touch "$DONE_FILE" ) else echo 'Running the test suite' ( - cd test/default && \ - for file in *.js; do - echo "#! /usr/bin/env ${NODE}" > "${file}.tmp" - fgrep -v "#! /usr/bin/env ${NODE}" "$file" >> "${file}.tmp" - chmod +x "${file}.tmp" - mv -f "${file}.tmp" "$file" - done + cd test/default && + for file in *.js; do + echo "#! /usr/bin/env ${NODE}" >"${file}.tmp" + grep -Fv "#! /usr/bin/env ${NODE}" "$file" >>"${file}.tmp" + chmod +x "${file}.tmp" + mv -f "${file}.tmp" "$file" + done ) make $MAKE_FLAGS check || exit 1 touch "$DONE_FILE" diff --git a/deps/libsodium/dist-build/generate-emscripten-symbols.sh b/deps/libsodium/dist-build/generate-emscripten-symbols.sh index 873307d2..ec23d2e0 100755 --- a/deps/libsodium/dist-build/generate-emscripten-symbols.sh +++ b/deps/libsodium/dist-build/generate-emscripten-symbols.sh @@ -2,6 +2,8 @@ set -e +LIBSODIUM=${LIBSODIUM:-/tmp/sodium/lib/libsodium.23.dylib} + symbols() { { SUMO="$1" @@ -17,9 +19,9 @@ symbols() { fi done < emscripten-symbols.def - /usr/bin/nm /usr/local/lib/libsodium.23.dylib | \ - fgrep ' T _' | \ - cut -d' ' -f3 | { + /usr/bin/nm "$LIBSODIUM" | + fgrep ' T _' | + cut -d' ' -f3 | { while read symbol; do eval "found=\$defined_${symbol}" if [ "$found" = "yes" ]; then diff --git a/deps/libsodium/dist-build/wasm32-wasi.sh b/deps/libsodium/dist-build/wasm32-wasi.sh index 65b232ae..7b869d3b 100755 --- a/deps/libsodium/dist-build/wasm32-wasi.sh +++ b/deps/libsodium/dist-build/wasm32-wasi.sh @@ -7,8 +7,8 @@ export PREFIX="$(pwd)/libsodium-wasm32-wasi" mkdir -p $PREFIX || exit 1 export CC="zig cc" -export CFLAGS="--target=wasm32-wasi -O2" -export LDFLAGS="-s -Wl,--stack-first" +export CFLAGS="--target=wasm32-wasi -O3" +export LDFLAGS="-s" export AR="zig ar" export RANLIB="zig ranlib" @@ -16,7 +16,7 @@ make distclean >/dev/null if [ "x$1" = "x--bench" ]; then export BENCHMARKS=1 - export CPPFLAGS="-DBENCHMARKS -DITERATIONS=100" + export CPPFLAGS="-DBENCHMARKS -DITERATIONS=200" else export CPPFLAGS="-DED25519_NONDETERMINISTIC=1" fi diff --git a/deps/libsodium/m4/ax_check_catchable_segv.m4 b/deps/libsodium/m4/ax_check_catchable_segv.m4 index d8c7b683..d1f36d9e 100644 --- a/deps/libsodium/m4/ax_check_catchable_segv.m4 +++ b/deps/libsodium/m4/ax_check_catchable_segv.m4 @@ -24,6 +24,8 @@ size_t i; signal(SIGSEGV, sig); signal(SIGBUS, sig); #if !defined(__SANITIZE_ADDRESS__) && !defined(__EMSCRIPTEN__) +*((volatile unsigned char *) -1) = 0xd0; +*((volatile unsigned char *) 1) = 0xd0; for (i = 0; i < 10000000; i += 1024) { x[-i] = x[i] = (unsigned char) i; } #endif free((void *) x); diff --git a/deps/libsodium/packaging/dotnet-core/libsodium.pkgproj b/deps/libsodium/packaging/dotnet-core/libsodium.pkgproj index 0be9efb6..ecf00f11 100644 --- a/deps/libsodium/packaging/dotnet-core/libsodium.pkgproj +++ b/deps/libsodium/packaging/dotnet-core/libsodium.pkgproj @@ -9,7 +9,7 @@ libsodium - 1.0.18.2 + 1.0.18.4 Frank Denis Internal implementation package not meant for direct consumption. Please do not reference directly. © $([System.DateTime]::UtcNow.ToString(yyyy)) Frank Denis @@ -28,9 +28,11 @@ - + + + diff --git a/deps/libsodium/packaging/nuget/package.config b/deps/libsodium/packaging/nuget/package.config index 9a0f1603..24bb152c 100644 --- a/deps/libsodium/packaging/nuget/package.config +++ b/deps/libsodium/packaging/nuget/package.config @@ -1,4 +1,4 @@ - + diff --git a/deps/libsodium/src/libsodium/crypto_aead/aes256gcm/aesni/aead_aes256gcm_aesni.c b/deps/libsodium/src/libsodium/crypto_aead/aes256gcm/aesni/aead_aes256gcm_aesni.c index fbc66230..7faf0be0 100644 --- a/deps/libsodium/src/libsodium/crypto_aead/aes256gcm/aesni/aead_aes256gcm_aesni.c +++ b/deps/libsodium/src/libsodium/crypto_aead/aes256gcm/aesni/aead_aes256gcm_aesni.c @@ -1,19 +1,15 @@ - -/* - * AES256-GCM, based on the "Intel Carry-Less Multiplication Instruction and its Usage for Computing - * the GCM Mode" paper and reference code, using the aggregated reduction method. - * Originally adapted by Romain Dolbeau. - */ - #include +#include #include #include #include #include "core.h" #include "crypto_aead_aes256gcm.h" +#include "crypto_verify_16.h" #include "export.h" #include "private/common.h" +#include "private/sse2_64_32.h" #include "randombytes.h" #include "runtime.h" #include "utils.h" @@ -21,801 +17,935 @@ #if defined(HAVE_TMMINTRIN_H) && defined(HAVE_WMMINTRIN_H) #ifdef __GNUC__ -# pragma GCC target("ssse3") -# pragma GCC target("aes") -# pragma GCC target("pclmul") +#pragma GCC target("ssse3") +#pragma GCC target("aes") +#pragma GCC target("pclmul") +#endif + +#if !defined(_MSC_VER) || _MSC_VER < 1800 +#define __vectorcall #endif #include #include -#include "private/sse2_64_32.h" -#ifndef ENOSYS -# define ENOSYS ENXIO -#endif +#define ABYTES crypto_aead_aes256gcm_ABYTES +#define NPUBBYTES crypto_aead_aes256gcm_NPUBBYTES +#define KEYBYTES crypto_aead_aes256gcm_KEYBYTES -#if defined(__INTEL_COMPILER) || defined(_bswap64) -#elif defined(_MSC_VER) -# define _bswap64(a) _byteswap_uint64(a) -#elif defined(__GNUC__) && (__GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 2)) -# define _bswap64(a) __builtin_bswap64(a) -#else -static inline uint64_t -_bswap64(const uint64_t x) +#define PARALLEL_BLOCKS 7 +#undef USE_KARATSUBA_MULTIPLICATION + +typedef __m128i BlockVec; + +#define LOAD128(a) _mm_loadu_si128((const BlockVec *) (a)) +#define STORE128(a, b) _mm_storeu_si128((BlockVec *) (a), (b)) +#define AES_ENCRYPT(block_vec, rkey) _mm_aesenc_si128((block_vec), (rkey)) +#define AES_ENCRYPTLAST(block_vec, rkey) _mm_aesenclast_si128((block_vec), (rkey)) +#define AES_KEYGEN(block_vec, rc) _mm_aeskeygenassist_si128((block_vec), (rc)) +#define XOR128(a, b) _mm_xor_si128((a), (b)) +#define AND128(a, b) _mm_and_si128((a), (b)) +#define OR128(a, b) _mm_or_si128((a), (b)) +#define SET64x2(a, b) _mm_set_epi64x((uint64_t) (a), (uint64_t) (b)) +#define ZERO128 _mm_setzero_si128() +#define ONE128 SET64x2(0, 1) +#define ADD64x2(a, b) _mm_add_epi64((a), (b)) +#define SUB64x2(a, b) _mm_sub_epi64((a), (b)) +#define SHL64x2(a, b) _mm_slli_epi64((a), (b)) +#define SHR64x2(a, b) _mm_srli_epi64((a), (b)) +#define REV128(x) \ + _mm_shuffle_epi8((x), _mm_set_epi8(0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)) +#define SHUFFLE32x4(x, a, b, c, d) _mm_shuffle_epi32((x), _MM_SHUFFLE((d), (c), (b), (a))) +#define BYTESHL128(a, b) _mm_slli_si128(a, b) +#define BYTESHR128(a, b) _mm_srli_si128(a, b) +#define SHL128(a, b) OR128(SHL64x2((a), (b)), SHR64x2(BYTESHL128((a), 8), 64 - (b))) +#define CLMULLO128(a, b) _mm_clmulepi64_si128((a), (b), 0x00) +#define CLMULHI128(a, b) _mm_clmulepi64_si128((a), (b), 0x11) +#define CLMULLOHI128(a, b) _mm_clmulepi64_si128((a), (b), 0x10) +#define CLMULHILO128(a, b) _mm_clmulepi64_si128((a), (b), 0x01) +#define PREFETCH_READ(x) _mm_prefetch((x), _MM_HINT_T1) +#define PREFETCH_WRITE(x) _mm_prefetch((x), _MM_HINT_T1) + +#define ROUNDS 14 + +#define PC_COUNT (2 * PARALLEL_BLOCKS) + +typedef struct I256 { + BlockVec hi; + BlockVec lo; + BlockVec mid; +} I256; + +typedef BlockVec Precomp; + +typedef struct GHash { + BlockVec acc; +} GHash; + +typedef struct State { + BlockVec rkeys[ROUNDS + 1]; + Precomp hx[PC_COUNT]; +} State; + +static void __vectorcall expand256(const unsigned char key[KEYBYTES], BlockVec rkeys[1 + ROUNDS]) { - return - ((x << 56) & 0xFF00000000000000UL) | ((x << 40) & 0x00FF000000000000UL) | - ((x << 24) & 0x0000FF0000000000UL) | ((x << 8) & 0x000000FF00000000UL) | - ((x >> 8) & 0x00000000FF000000UL) | ((x >> 24) & 0x0000000000FF0000UL) | - ((x >> 40) & 0x000000000000FF00UL) | ((x >> 56) & 0x00000000000000FFUL); -} -#endif + BlockVec t1, t2, s; + size_t i = 0; -typedef struct aes256gcm_state { - __m128i rkeys[16]; - unsigned char H[16]; -} aes256gcm_state; +#define EXPAND_KEY_1(RC) \ + rkeys[i++] = t2; \ + s = AES_KEYGEN(t2, RC); \ + t1 = XOR128(t1, BYTESHL128(t1, 4)); \ + t1 = XOR128(t1, BYTESHL128(t1, 8)); \ + t1 = XOR128(t1, SHUFFLE32x4(s, 3, 3, 3, 3)); -static inline void -aesni_key256_expand(const unsigned char *key, __m128i * const rkeys) -{ - __m128i X0, X1, X2, X3; - int i = 0; +#define EXPAND_KEY_2(RC) \ + rkeys[i++] = t1; \ + s = AES_KEYGEN(t1, RC); \ + t2 = XOR128(t2, BYTESHL128(t2, 4)); \ + t2 = XOR128(t2, BYTESHL128(t2, 8)); \ + t2 = XOR128(t2, SHUFFLE32x4(s, 2, 2, 2, 2)); - X0 = _mm_loadu_si128((const __m128i *) &key[0]); - rkeys[i++] = X0; + t1 = LOAD128(&key[0]); + t2 = LOAD128(&key[16]); - X2 = _mm_loadu_si128((const __m128i *) &key[16]); - rkeys[i++] = X2; - -#define EXPAND_KEY_1(S) do { \ - X1 = _mm_shuffle_epi32(_mm_aeskeygenassist_si128(X2, (S)), 0xff); \ - X3 = _mm_castps_si128(_mm_shuffle_ps(_mm_castsi128_ps(X3), _mm_castsi128_ps(X0), 0x10)); \ - X0 = _mm_xor_si128(X0, X3); \ - X3 = _mm_castps_si128(_mm_shuffle_ps(_mm_castsi128_ps(X3), _mm_castsi128_ps(X0), 0x8c)); \ - X0 = _mm_xor_si128(_mm_xor_si128(X0, X3), X1); \ - rkeys[i++] = X0; \ -} while (0) - -#define EXPAND_KEY_2(S) do { \ - X1 = _mm_shuffle_epi32(_mm_aeskeygenassist_si128(X0, (S)), 0xaa); \ - X3 = _mm_castps_si128(_mm_shuffle_ps(_mm_castsi128_ps(X3), _mm_castsi128_ps(X2), 0x10)); \ - X2 = _mm_xor_si128(X2, X3); \ - X3 = _mm_castps_si128(_mm_shuffle_ps(_mm_castsi128_ps(X3), _mm_castsi128_ps(X2), 0x8c)); \ - X2 = _mm_xor_si128(_mm_xor_si128(X2, X3), X1); \ - rkeys[i++] = X2; \ -} while (0) - - X3 = _mm_setzero_si128(); - EXPAND_KEY_1(0x01); EXPAND_KEY_2(0x01); - EXPAND_KEY_1(0x02); EXPAND_KEY_2(0x02); - EXPAND_KEY_1(0x04); EXPAND_KEY_2(0x04); - EXPAND_KEY_1(0x08); EXPAND_KEY_2(0x08); - EXPAND_KEY_1(0x10); EXPAND_KEY_2(0x10); - EXPAND_KEY_1(0x20); EXPAND_KEY_2(0x20); + rkeys[i++] = t1; + EXPAND_KEY_1(0x01); + EXPAND_KEY_2(0x01); + EXPAND_KEY_1(0x02); + EXPAND_KEY_2(0x02); + EXPAND_KEY_1(0x04); + EXPAND_KEY_2(0x04); + EXPAND_KEY_1(0x08); + EXPAND_KEY_2(0x08); + EXPAND_KEY_1(0x10); + EXPAND_KEY_2(0x10); + EXPAND_KEY_1(0x20); + EXPAND_KEY_2(0x20); EXPAND_KEY_1(0x40); + rkeys[i++] = t1; } -/** single, by-the-book AES encryption with AES-NI */ +/* Encrypt a single AES block */ + static inline void -aesni_encrypt1(unsigned char *out, __m128i nv, const __m128i *rkeys) +encrypt(const State *st, unsigned char dst[16], const unsigned char src[16]) { - __m128i temp = _mm_xor_si128(nv, rkeys[0]); + BlockVec t; - temp = _mm_aesenc_si128(temp, rkeys[1]); - temp = _mm_aesenc_si128(temp, rkeys[2]); - temp = _mm_aesenc_si128(temp, rkeys[3]); - temp = _mm_aesenc_si128(temp, rkeys[4]); - temp = _mm_aesenc_si128(temp, rkeys[5]); - temp = _mm_aesenc_si128(temp, rkeys[6]); - temp = _mm_aesenc_si128(temp, rkeys[7]); - temp = _mm_aesenc_si128(temp, rkeys[8]); - temp = _mm_aesenc_si128(temp, rkeys[9]); - temp = _mm_aesenc_si128(temp, rkeys[10]); - temp = _mm_aesenc_si128(temp, rkeys[11]); - temp = _mm_aesenc_si128(temp, rkeys[12]); - temp = _mm_aesenc_si128(temp, rkeys[13]); + size_t i; - temp = _mm_aesenclast_si128(temp, rkeys[14]); - _mm_storeu_si128((__m128i *) out, temp); -} - -/** multiple-blocks-at-once AES encryption with AES-NI ; - on Haswell, aesenc has a latency of 7 and a throughput of 1 - so the sequence of aesenc should be bubble-free if you - have at least 8 blocks. Let's build an arbitratry-sized - function */ -/* Step 1 : loading the nonce */ -/* load & increment the n vector (non-vectorized, unused for now) */ -#define NVDECLx(a) \ - __m128i nv##a - -#define NVx(a) \ - nv##a = _mm_shuffle_epi8(_mm_load_si128((const __m128i *) n), pt); \ - n[3]++ - -/* Step 2 : define value in round one (xor with subkey #0, aka key) */ -#define TEMPDECLx(a) \ - __m128i temp##a - -#define TEMPx(a) \ - temp##a = _mm_xor_si128(nv##a, rkeys[0]) - -/* Step 3: one round of AES */ -#define AESENCx(a) \ - temp##a = _mm_aesenc_si128(temp##a, rkeys[roundctr]) - -/* Step 4: last round of AES */ -#define AESENCLASTx(a) \ - temp##a = _mm_aesenclast_si128(temp##a, rkeys[14]) - -/* Step 5: store result */ -#define STOREx(a) \ - _mm_storeu_si128((__m128i *) (out + (a * 16)), temp##a) - -/* all the MAKE* macros are for automatic explicit unrolling */ -#define MAKE4(X) \ - X(0); \ - X(1); \ - X(2); \ - X(3) - -#define MAKE8(X) \ - X(0); \ - X(1); \ - X(2); \ - X(3); \ - X(4); \ - X(5); \ - X(6); \ - X(7) - -#define COUNTER_INC2(N) (N)[3] += 2 - -/* create a function of unrolling N ; the MAKEN is the unrolling - macro, defined above. The N in MAKEN must match N, obviously. */ -#define FUNC(N, MAKEN) \ - static inline void aesni_encrypt##N(unsigned char *out, uint32_t *n, const __m128i *rkeys) \ - { \ - const __m128i pt = _mm_set_epi8(12, 13, 14, 15, 11, 10, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0); \ - int roundctr; \ - MAKEN(NVDECLx); \ - MAKEN(TEMPDECLx); \ - \ - MAKEN(NVx); \ - MAKEN(TEMPx); \ - for (roundctr = 1; roundctr < 14; roundctr++) { \ - MAKEN(AESENCx); \ - } \ - MAKEN(AESENCLASTx); \ - MAKEN(STOREx); \ + t = XOR128(LOAD128(src), st->rkeys[0]); + for (i = 1; i < ROUNDS; i++) { + t = AES_ENCRYPT(t, st->rkeys[i]); } + t = AES_ENCRYPTLAST(t, st->rkeys[ROUNDS]); + STORE128(dst, t); +} -FUNC(8, MAKE8) +/* Encrypt and add a single AES block */ -/* all GF(2^128) fnctions are by the book, meaning this one: - -*/ - -static inline void -addmul(unsigned char *c, const unsigned char *a, unsigned int xlen, const unsigned char *b) +static inline void __vectorcall encrypt_xor_block(const State *st, unsigned char dst[16], + const unsigned char src[16], + const BlockVec counter) { - const __m128i rev = _mm_set_epi8(0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15); - __m128i A, B, C; - __m128i tmp2, tmp3, tmp4, tmp5, tmp6, tmp7, tmp8, tmp9; - __m128i tmp10, tmp11, tmp12, tmp13, tmp14, tmp15, tmp16, tmp17, tmp18; - __m128i tmp19, tmp20, tmp21, tmp22, tmp23, tmp24, tmp25, tmp26, tmp27; - __m128i tmp28, tmp29, tmp30, tmp31, tmp32, tmp33, tmp34, tmp35, tmp36; + BlockVec ts; + size_t i; - if (xlen >= 16) { - A = _mm_loadu_si128((const __m128i *) a); - } else { - CRYPTO_ALIGN(16) unsigned char padded[16]; - unsigned int i; + ts = XOR128(counter, st->rkeys[0]); + for (i = 1; i < ROUNDS; i++) { + ts = AES_ENCRYPT(ts, st->rkeys[i]); + } + ts = AES_ENCRYPTLAST(ts, st->rkeys[i]); + ts = XOR128(ts, LOAD128(src)); + STORE128(dst, ts); +} - memset(padded, 0, 16); - for (i = 0; i < xlen; i++) { - padded[i] = a[i]; +/* Encrypt and add PARALLEL_BLOCKS AES blocks */ + +static inline void __vectorcall encrypt_xor_wide(const State *st, + unsigned char dst[16 * PARALLEL_BLOCKS], + const unsigned char src[16 * PARALLEL_BLOCKS], + const BlockVec counters[PARALLEL_BLOCKS]) +{ + BlockVec ts[PARALLEL_BLOCKS]; + size_t i, j; + + for (j = 0; j < PARALLEL_BLOCKS; j++) { + ts[j] = XOR128(counters[j], st->rkeys[0]); + } + for (i = 1; i < ROUNDS; i++) { + for (j = 0; j < PARALLEL_BLOCKS; j++) { + ts[j] = AES_ENCRYPT(ts[j], st->rkeys[i]); } - A = _mm_load_si128((const __m128i *) padded); } - A = _mm_shuffle_epi8(A, rev); - B = _mm_loadu_si128((const __m128i *) b); - C = _mm_loadu_si128((const __m128i *) c); - A = _mm_xor_si128(A, C); - tmp3 = _mm_clmulepi64_si128(A, B, 0x00); - tmp4 = _mm_clmulepi64_si128(A, B, 0x10); - tmp5 = _mm_clmulepi64_si128(A, B, 0x01); - tmp6 = _mm_clmulepi64_si128(A, B, 0x11); - tmp10 = _mm_xor_si128(tmp4, tmp5); - tmp13 = _mm_slli_si128(tmp10, 8); - tmp11 = _mm_srli_si128(tmp10, 8); - tmp15 = _mm_xor_si128(tmp3, tmp13); - tmp17 = _mm_xor_si128(tmp6, tmp11); - tmp7 = _mm_srli_epi32(tmp15, 31); - tmp8 = _mm_srli_epi32(tmp17, 31); - tmp16 = _mm_slli_epi32(tmp15, 1); - tmp18 = _mm_slli_epi32(tmp17, 1); - tmp9 = _mm_srli_si128(tmp7, 12); - tmp22 = _mm_slli_si128(tmp8, 4); - tmp25 = _mm_slli_si128(tmp7, 4); - tmp29 = _mm_or_si128(tmp16, tmp25); - tmp19 = _mm_or_si128(tmp18, tmp22); - tmp20 = _mm_or_si128(tmp19, tmp9); - tmp26 = _mm_slli_epi32(tmp29, 31); - tmp23 = _mm_slli_epi32(tmp29, 30); - tmp32 = _mm_slli_epi32(tmp29, 25); - tmp27 = _mm_xor_si128(tmp26, tmp23); - tmp28 = _mm_xor_si128(tmp27, tmp32); - tmp24 = _mm_srli_si128(tmp28, 4); - tmp33 = _mm_slli_si128(tmp28, 12); - tmp30 = _mm_xor_si128(tmp29, tmp33); - tmp2 = _mm_srli_epi32(tmp30, 1); - tmp12 = _mm_srli_epi32(tmp30, 2); - tmp14 = _mm_srli_epi32(tmp30, 7); - tmp34 = _mm_xor_si128(tmp2, tmp12); - tmp35 = _mm_xor_si128(tmp34, tmp14); - tmp36 = _mm_xor_si128(tmp35, tmp24); - tmp31 = _mm_xor_si128(tmp30, tmp36); - tmp21 = _mm_xor_si128(tmp20, tmp31); - _mm_storeu_si128((__m128i *) c, tmp21); + for (j = 0; j < PARALLEL_BLOCKS; j++) { + ts[j] = AES_ENCRYPTLAST(ts[j], st->rkeys[i]); + ts[j] = XOR128(ts[j], LOAD128(&src[16 * j])); + } + for (j = 0; j < PARALLEL_BLOCKS; j++) { + STORE128(&dst[16 * j], ts[j]); + } } -/* pure multiplication, for pre-computing powers of H */ -static inline __m128i -mulv(__m128i A, __m128i B) +/* Square a field element */ + +static inline I256 __vectorcall clsq128(const BlockVec x) { - __m128i tmp3 = _mm_clmulepi64_si128(A, B, 0x00); - __m128i tmp4 = _mm_clmulepi64_si128(A, B, 0x10); - __m128i tmp5 = _mm_clmulepi64_si128(A, B, 0x01); - __m128i tmp6 = _mm_clmulepi64_si128(A, B, 0x11); - __m128i tmp10 = _mm_xor_si128(tmp4, tmp5); - __m128i tmp13 = _mm_slli_si128(tmp10, 8); - __m128i tmp11 = _mm_srli_si128(tmp10, 8); - __m128i tmp15 = _mm_xor_si128(tmp3, tmp13); - __m128i tmp17 = _mm_xor_si128(tmp6, tmp11); - __m128i tmp7 = _mm_srli_epi32(tmp15, 31); - __m128i tmp8 = _mm_srli_epi32(tmp17, 31); - __m128i tmp16 = _mm_slli_epi32(tmp15, 1); - __m128i tmp18 = _mm_slli_epi32(tmp17, 1); - __m128i tmp9 = _mm_srli_si128(tmp7, 12); - __m128i tmp22 = _mm_slli_si128(tmp8, 4); - __m128i tmp25 = _mm_slli_si128(tmp7, 4); - __m128i tmp29 = _mm_or_si128(tmp16, tmp25); - __m128i tmp19 = _mm_or_si128(tmp18, tmp22); - __m128i tmp20 = _mm_or_si128(tmp19, tmp9); - __m128i tmp26 = _mm_slli_epi32(tmp29, 31); - __m128i tmp23 = _mm_slli_epi32(tmp29, 30); - __m128i tmp32 = _mm_slli_epi32(tmp29, 25); - __m128i tmp27 = _mm_xor_si128(tmp26, tmp23); - __m128i tmp28 = _mm_xor_si128(tmp27, tmp32); - __m128i tmp24 = _mm_srli_si128(tmp28, 4); - __m128i tmp33 = _mm_slli_si128(tmp28, 12); - __m128i tmp30 = _mm_xor_si128(tmp29, tmp33); - __m128i tmp2 = _mm_srli_epi32(tmp30, 1); - __m128i tmp12 = _mm_srli_epi32(tmp30, 2); - __m128i tmp14 = _mm_srli_epi32(tmp30, 7); - __m128i tmp34 = _mm_xor_si128(tmp2, tmp12); - __m128i tmp35 = _mm_xor_si128(tmp34, tmp14); - __m128i tmp36 = _mm_xor_si128(tmp35, tmp24); - __m128i tmp31 = _mm_xor_si128(tmp30, tmp36); - __m128i C = _mm_xor_si128(tmp20, tmp31); + const BlockVec r_lo = CLMULLO128(x, x); + const BlockVec r_hi = CLMULHI128(x, x); - return C; + return (I256) { + SODIUM_C99(.hi =) r_hi, + SODIUM_C99(.lo =) r_lo, + SODIUM_C99(.mid =) ZERO128, + }; } -/* 4 multiply-accumulate at once; again - - for the Aggregated Reduction Method & sample code. - Algorithm by Krzysztof Jankowski, Pierre Laurent - Intel */ +/* Multiply two field elements -- Textbook multiplication is faster than Karatsuba on some recent + * CPUs */ -#define RED_DECL(a) __m128i H##a##_X##a##_lo, H##a##_X##a##_hi, tmp##a, tmp##a##B -#define RED_SHUFFLE(a) X##a = _mm_shuffle_epi8(X##a, rev) -#define RED_MUL_LOW(a) H##a##_X##a##_lo = _mm_clmulepi64_si128(H##a, X##a, 0x00) -#define RED_MUL_HIGH(a) H##a##_X##a##_hi = _mm_clmulepi64_si128(H##a, X##a, 0x11) -#define RED_MUL_MID(a) \ - tmp##a = _mm_shuffle_epi32(H##a, 0x4e); \ - tmp##a##B = _mm_shuffle_epi32(X##a, 0x4e); \ - tmp##a = _mm_xor_si128(tmp##a, H##a); \ - tmp##a##B = _mm_xor_si128(tmp##a##B, X##a); \ - tmp##a = _mm_clmulepi64_si128(tmp##a, tmp##a##B, 0x00) +static inline I256 __vectorcall clmul128(const BlockVec x, const BlockVec y) +{ +#ifdef USE_KARATSUBA_MULTIPLICATION + const BlockVec x_hi = BYTESHR128(x, 8); + const BlockVec y_hi = BYTESHR128(y, 8); + const BlockVec r_lo = CLMULLO128(x, y); + const BlockVec r_hi = CLMULHI128(x, y); + const BlockVec r_mid = XOR128(CLMULLO128(XOR128(x, x_hi), XOR128(y, y_hi)), XOR128(r_lo, r_hi)); -#define MULREDUCE4(rev, H0_, H1_, H2_, H3_, X0_, X1_, X2_, X3_, accv) \ -do { \ - MAKE4(RED_DECL); \ - __m128i lo, hi; \ - __m128i tmp8, tmp9; \ - __m128i H0 = H0_; \ - __m128i H1 = H1_; \ - __m128i H2 = H2_; \ - __m128i H3 = H3_; \ - __m128i X0 = X0_; \ - __m128i X1 = X1_; \ - __m128i X2 = X2_; \ - __m128i X3 = X3_; \ -\ -/* byte-revert the inputs & xor the first one into the accumulator */ \ -\ - MAKE4(RED_SHUFFLE); \ - X3 = _mm_xor_si128(X3, accv); \ -\ -/* 4 low H*X (x0*h0) */ \ -\ - MAKE4(RED_MUL_LOW); \ - lo = _mm_xor_si128(H0_X0_lo, H1_X1_lo); \ - lo = _mm_xor_si128(lo, H2_X2_lo); \ - lo = _mm_xor_si128(lo, H3_X3_lo); \ -\ -/* 4 high H*X (x1*h1) */ \ -\ - MAKE4(RED_MUL_HIGH); \ - hi = _mm_xor_si128(H0_X0_hi, H1_X1_hi); \ - hi = _mm_xor_si128(hi, H2_X2_hi); \ - hi = _mm_xor_si128(hi, H3_X3_hi); \ -\ -/* 4 middle H*X, using Karatsuba, i.e. \ - x1*h0+x0*h1 =(x1+x0)*(h1+h0)-x1*h1-x0*h0 \ - we already have all x1y1 & x0y0 (accumulated in hi & lo) \ - (0 is low half and 1 is high half) \ - */ \ -/* permute the high and low 64 bits in H1 & X1, \ - so create (h0,h1) from (h1,h0) and (x0,x1) from (x1,x0), \ - then compute (h0+h1,h1+h0) and (x0+x1,x1+x0), \ - and finally multiply \ - */ \ - MAKE4(RED_MUL_MID); \ -\ - /* subtracts x1*h1 and x0*h0 */ \ - tmp0 = _mm_xor_si128(tmp0, lo); \ - tmp0 = _mm_xor_si128(tmp0, hi); \ - tmp0 = _mm_xor_si128(tmp1, tmp0); \ - tmp0 = _mm_xor_si128(tmp2, tmp0); \ - tmp0 = _mm_xor_si128(tmp3, tmp0);\ -\ - /* reduction */ \ - tmp0B = _mm_slli_si128(tmp0, 8); \ - tmp0 = _mm_srli_si128(tmp0, 8); \ - lo = _mm_xor_si128(tmp0B, lo); \ - hi = _mm_xor_si128(tmp0, hi); \ - tmp3 = lo; \ - tmp2B = hi; \ - tmp3B = _mm_srli_epi32(tmp3, 31); \ - tmp8 = _mm_srli_epi32(tmp2B, 31); \ - tmp3 = _mm_slli_epi32(tmp3, 1); \ - tmp2B = _mm_slli_epi32(tmp2B, 1); \ - tmp9 = _mm_srli_si128(tmp3B, 12); \ - tmp8 = _mm_slli_si128(tmp8, 4); \ - tmp3B = _mm_slli_si128(tmp3B, 4); \ - tmp3 = _mm_or_si128(tmp3, tmp3B); \ - tmp2B = _mm_or_si128(tmp2B, tmp8); \ - tmp2B = _mm_or_si128(tmp2B, tmp9); \ - tmp3B = _mm_slli_epi32(tmp3, 31); \ - tmp8 = _mm_slli_epi32(tmp3, 30); \ - tmp9 = _mm_slli_epi32(tmp3, 25); \ - tmp3B = _mm_xor_si128(tmp3B, tmp8); \ - tmp3B = _mm_xor_si128(tmp3B, tmp9); \ - tmp8 = _mm_srli_si128(tmp3B, 4); \ - tmp3B = _mm_slli_si128(tmp3B, 12); \ - tmp3 = _mm_xor_si128(tmp3, tmp3B); \ - tmp2 = _mm_srli_epi32(tmp3, 1); \ - tmp0B = _mm_srli_epi32(tmp3, 2); \ - tmp1B = _mm_srli_epi32(tmp3, 7); \ - tmp2 = _mm_xor_si128(tmp2, tmp0B); \ - tmp2 = _mm_xor_si128(tmp2, tmp1B); \ - tmp2 = _mm_xor_si128(tmp2, tmp8); \ - tmp3 = _mm_xor_si128(tmp3, tmp2); \ - tmp2B = _mm_xor_si128(tmp2B, tmp3); \ -\ - accv = tmp2B; \ -} while(0) + return (I256) { + SODIUM_C99(.hi =) r_hi, + SODIUM_C99(.lo =) r_lo, + SODIUM_C99(.mid =) r_mid, + }; +#else + const BlockVec r_hi = CLMULHI128(x, y); + const BlockVec r_lo = CLMULLO128(x, y); + const BlockVec r_mid = XOR128(CLMULHILO128(x, y), CLMULLOHI128(x, y)); -#define XORx(a) \ - temp##a = _mm_xor_si128(temp##a, \ - _mm_loadu_si128((const __m128i *) (in + a * 16))) + return (I256) { + SODIUM_C99(.hi =) r_hi, + SODIUM_C99(.lo =) r_lo, + SODIUM_C99(.mid =) r_mid, + }; +#endif +} -#define LOADx(a) \ - __m128i in##a = _mm_loadu_si128((const __m128i *) (in + a * 16)) +/* Merge the middle word and reduce a field element */ -/* full encrypt & checksum 8 blocks at once */ -#define aesni_encrypt8full(out_, n_, rkeys, in_, accum, hv_, h2v_, h3v_, h4v_, rev) \ -do { \ - unsigned char *out = out_; \ - uint32_t *n = n_; \ - const unsigned char *in = in_; \ - const __m128i hv = hv_; \ - const __m128i h2v = h2v_; \ - const __m128i h3v = h3v_; \ - const __m128i h4v = h4v_; \ - const __m128i pt = _mm_set_epi8(12, 13, 14, 15, 11, 10, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0); \ - __m128i accv_; \ - int roundctr; \ - \ - MAKE8(NVDECLx); \ - MAKE8(TEMPDECLx); \ - MAKE8(NVx); \ - MAKE8(TEMPx); \ - for (roundctr = 1; roundctr < 14; roundctr++) { \ - MAKE8(AESENCx); \ - } \ - MAKE8(AESENCLASTx); \ - MAKE8(XORx); \ - MAKE8(STOREx); \ - accv_ = _mm_load_si128((const __m128i *) accum); \ - MULREDUCE4(rev, hv, h2v, h3v, h4v, temp3, temp2, temp1, temp0, accv_); \ - MULREDUCE4(rev, hv, h2v, h3v, h4v, temp7, temp6, temp5, temp4, accv_); \ - _mm_store_si128((__m128i *) accum, accv_); \ -} while(0) +static inline BlockVec __vectorcall gcm_reduce(const I256 x) +{ + const BlockVec hi = XOR128(x.hi, BYTESHR128(x.mid, 8)); + const BlockVec lo = XOR128(x.lo, BYTESHL128(x.mid, 8)); -/* checksum 8 blocks at once */ -#define aesni_addmul8full(in_, accum, hv_, h2v_, h3v_, h4v_, rev) \ -do { \ - const unsigned char *in = in_; \ - const __m128i hv = hv_; \ - const __m128i h2v = h2v_; \ - const __m128i h3v = h3v_; \ - const __m128i h4v = h4v_; \ - __m128i accv_; \ - \ - MAKE8(LOADx); \ - accv_ = _mm_load_si128((const __m128i *) accum); \ - MULREDUCE4(rev, hv, h2v, h3v, h4v, in3, in2, in1, in0, accv_); \ - MULREDUCE4(rev, hv, h2v, h3v, h4v, in7, in6, in5, in4, accv_); \ - _mm_store_si128((__m128i *) accum, accv_); \ -} while(0) + const BlockVec p64 = SET64x2(0, 0xc200000000000000); + const BlockVec a = CLMULLO128(lo, p64); + const BlockVec b = XOR128(SHUFFLE32x4(lo, 2, 3, 0, 1), a); + const BlockVec c = CLMULLO128(b, p64); + const BlockVec d = XOR128(SHUFFLE32x4(b, 2, 3, 0, 1), c); -/* decrypt 8 blocks at once */ -#define aesni_decrypt8full(out_, n_, rkeys, in_) \ -do { \ - unsigned char *out = out_; \ - uint32_t *n = n_; \ - const unsigned char *in = in_; \ - const __m128i pt = _mm_set_epi8(12, 13, 14, 15, 11, 10, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0); \ - int roundctr; \ -\ - MAKE8(NVDECLx); \ - MAKE8(TEMPDECLx); \ - MAKE8(NVx); \ - MAKE8(TEMPx); \ - for (roundctr = 1; roundctr < 14; roundctr++) { \ - MAKE8(AESENCx); \ - } \ - MAKE8(AESENCLASTx); \ - MAKE8(XORx); \ - MAKE8(STOREx); \ -} while(0) + return XOR128(d, hi); +} + +/* Precompute powers of H from `from` to `to` */ + +static inline void __vectorcall precomp(Precomp hx[PC_COUNT], const size_t from, const size_t to) +{ + const Precomp h = hx[0]; + size_t i; + + for (i = from & ~1U; i < to; i += 2) { + hx[i] = gcm_reduce(clmul128(hx[i - 1], h)); + hx[i + 1] = gcm_reduce(clsq128(hx[i / 2])); + } +} + +/* Precompute powers of H given a key and a block count */ + +static void __vectorcall precomp_for_block_count(Precomp hx[PC_COUNT], + const unsigned char gh_key[16], + const size_t block_count) +{ + const BlockVec h0 = REV128(LOAD128(gh_key)); + BlockVec carry = SET64x2(0xc200000000000000, 1); + BlockVec mask = SUB64x2(ZERO128, SHR64x2(h0, 63)); + BlockVec h0_shifted; + BlockVec h; + + mask = SHUFFLE32x4(mask, 3, 3, 3, 3); + carry = AND128(carry, mask); + h0_shifted = SHL128(h0, 1); + h = XOR128(h0_shifted, carry); + + hx[0] = h; + hx[1] = gcm_reduce(clsq128(hx[0])); + + if (block_count >= PC_COUNT) { + precomp(hx, 2, PC_COUNT); + } else { + precomp(hx, 2, block_count); + } +} + +/* Initialize a GHash */ + +static inline void +gh_init(GHash *sth) +{ + sth->acc = ZERO128; +} + +static inline I256 __vectorcall gh_update0(const GHash *const sth, const unsigned char *const p, + const Precomp hn) +{ + const BlockVec m = REV128(LOAD128(p)); + return clmul128(XOR128(sth->acc, m), hn); +} + +static inline void __vectorcall gh_update(I256 *const u, const unsigned char *p, const Precomp hn) +{ + const BlockVec m = REV128(LOAD128(p)); + const I256 t = clmul128(m, hn); + *u = (I256) { SODIUM_C99(.hi =) XOR128(u->hi, t.hi), SODIUM_C99(.lo =) XOR128(u->lo, t.lo), + SODIUM_C99(.mid =) XOR128(u->mid, t.mid) }; +} + +/* Absorb ad_len bytes of associated data. There has to be no partial block. */ + +static inline void +gh_ad_blocks(const State *st, GHash *sth, const unsigned char *ad, size_t ad_len) +{ + size_t i; + + i = (size_t) 0U; + for (; i + PC_COUNT * 16 <= ad_len; i += PC_COUNT * 16) { + I256 u = gh_update0(sth, ad + i, st->hx[PC_COUNT - 1 - 0]); + size_t j; + + for (j = 1; j < PC_COUNT; j += 1) { + gh_update(&u, ad + i + j * 16, st->hx[PC_COUNT - 1 - j]); + } + sth->acc = gcm_reduce(u); + } + for (; i + PC_COUNT * 16 / 2 <= ad_len; i += PC_COUNT * 16 / 2) { + I256 u = gh_update0(sth, ad + i, st->hx[PC_COUNT / 2 - 1 - 0]); + size_t j; + + for (j = 1; j < PC_COUNT / 2; j += 1) { + gh_update(&u, ad + i + j * 16, st->hx[PC_COUNT / 2 - 1 - j]); + } + sth->acc = gcm_reduce(u); + } + for (; i + 4 * 16 <= ad_len; i += 4 * 16) { + size_t j; + I256 u = gh_update0(sth, ad + i, st->hx[4 - 1 - 0]); + + for (j = 1; j < 4; j += 1) { + gh_update(&u, ad + i + j * 16, st->hx[4 - 1 - j]); + } + sth->acc = gcm_reduce(u); + } + for (; i + 2 * 16 <= ad_len; i += 2 * 16) { + size_t j; + I256 u = gh_update0(sth, ad + i, st->hx[2 - 1 - 0]); + + for (j = 1; j < 2; j += 1) { + gh_update(&u, ad + i + j * 16, st->hx[2 - 1 - j]); + } + sth->acc = gcm_reduce(u); + } + if (i < ad_len) { + I256 u = gh_update0(sth, ad + i, st->hx[0]); + sth->acc = gcm_reduce(u); + } +} + +/* Increment counters */ + +static inline BlockVec __vectorcall incr_counters(BlockVec rev_counters[], BlockVec counter, + const size_t n) +{ + size_t i; + + const BlockVec one = ONE128; + for (i = 0; i < n; i++) { + rev_counters[i] = REV128(counter); + counter = ADD64x2(counter, one); + } + return counter; +} + +/* Compute the number of required blocks to encrypt and authenticate `ad_len` of associated data, + * and `m_len` of encrypted bytes. Return `0` if limits would be exceeded.*/ + +static inline size_t +required_blocks(const size_t ad_len, const size_t m_len) +{ + const size_t ad_blocks = (ad_len + 15) / 16; + const size_t m_blocks = (m_len + 15) / 16; + + if (ad_len > SIZE_MAX - 2 * PARALLEL_BLOCKS * 16 || + m_len > SIZE_MAX - 2 * PARALLEL_BLOCKS * 16 || ad_len < ad_blocks || m_len < m_blocks || + m_blocks >= (1ULL << 32) - 2) { + return 0; + } + return ad_blocks + m_blocks + 1; +} + +/* Generic AES-GCM encryption. "Generic" as it can handle arbitrary input sizes, +unlike a length-limited version that would precompute all the required powers of H */ + +static void +aes_gcm_encrypt_generic(const State *st, GHash *sth, unsigned char mac[ABYTES], unsigned char *dst, + const unsigned char *src, size_t src_len, const unsigned char *ad, + size_t ad_len, unsigned char counter_[16]) +{ + CRYPTO_ALIGN(32) I256 u; + CRYPTO_ALIGN(16) unsigned char last_blocks[2 * 16]; + const BlockVec one = ONE128; + BlockVec final_block; + BlockVec rev_counters[PARALLEL_BLOCKS]; + BlockVec counter; + size_t i; + size_t j; + size_t left; + size_t pi; + + COMPILER_ASSERT(PC_COUNT % PARALLEL_BLOCKS == 0); + + /* Associated data */ + + if (ad != NULL && ad_len != 0) { + gh_ad_blocks(st, sth, ad, ad_len & ~15); + left = ad_len & 15; + if (left != 0) { + unsigned char pad[16]; + + memset(pad, 0, sizeof pad); + memcpy(pad, ad + ad_len - left, left); + gh_ad_blocks(st, sth, pad, sizeof pad); + } + } + + /* Encrypted data */ + + counter = REV128(LOAD128(counter_)); + i = 0; + + /* 2*PARALLEL_BLOCKS aggregation */ + + if (src_len - i >= 2 * PARALLEL_BLOCKS * 16) { + counter = incr_counters(rev_counters, counter, PARALLEL_BLOCKS); + encrypt_xor_wide(st, dst + i, src + i, rev_counters); + i += PARALLEL_BLOCKS * 16; + + for (; i + 2 * PARALLEL_BLOCKS * 16 <= src_len; i += 2 * PARALLEL_BLOCKS * 16) { + counter = incr_counters(rev_counters, counter, PARALLEL_BLOCKS); + encrypt_xor_wide(st, dst + i, src + i, rev_counters); + + pi = i - PARALLEL_BLOCKS * 16; + u = gh_update0(sth, dst + pi, st->hx[2 * PARALLEL_BLOCKS - 1 - 0]); + for (j = 1; j < PARALLEL_BLOCKS; j += 1) { + gh_update(&u, dst + pi + j * 16, st->hx[2 * PARALLEL_BLOCKS - 1 - j]); + } + + counter = incr_counters(rev_counters, counter, PARALLEL_BLOCKS); + encrypt_xor_wide(st, dst + i + PARALLEL_BLOCKS * 16, src + i + PARALLEL_BLOCKS * 16, + rev_counters); + + pi = i; + for (j = 0; j < PARALLEL_BLOCKS; j += 1) { + gh_update(&u, dst + pi + j * 16, st->hx[PARALLEL_BLOCKS - 1 - j]); + } + sth->acc = gcm_reduce(u); + } + + pi = i - PARALLEL_BLOCKS * 16; + u = gh_update0(sth, dst + pi, st->hx[PARALLEL_BLOCKS - 1 - 0]); + for (j = 1; j < PARALLEL_BLOCKS; j += 1) { + gh_update(&u, dst + pi + j * 16, st->hx[PARALLEL_BLOCKS - 1 - j]); + } + sth->acc = gcm_reduce(u); + } + + /* PARALLEL_BLOCKS aggregation */ + + if (src_len - i >= PARALLEL_BLOCKS * 16) { + counter = incr_counters(rev_counters, counter, PARALLEL_BLOCKS); + encrypt_xor_wide(st, dst + i, src + i, rev_counters); + i += PARALLEL_BLOCKS * 16; + + for (; i + PARALLEL_BLOCKS * 16 <= src_len; i += PARALLEL_BLOCKS * 16) { + counter = incr_counters(rev_counters, counter, PARALLEL_BLOCKS); + encrypt_xor_wide(st, dst + i, src + i, rev_counters); + + pi = i - PARALLEL_BLOCKS * 16; + u = gh_update0(sth, dst + pi, st->hx[PARALLEL_BLOCKS - 1 - 0]); + for (j = 1; j < PARALLEL_BLOCKS; j += 1) { + gh_update(&u, dst + pi + j * 16, st->hx[PARALLEL_BLOCKS - 1 - j]); + } + sth->acc = gcm_reduce(u); + } + + pi = i - PARALLEL_BLOCKS * 16; + u = gh_update0(sth, dst + pi, st->hx[PARALLEL_BLOCKS - 1 - 0]); + for (j = 1; j < PARALLEL_BLOCKS; j += 1) { + gh_update(&u, dst + pi + j * 16, st->hx[PARALLEL_BLOCKS - 1 - j]); + } + sth->acc = gcm_reduce(u); + } + + /* 4-blocks aggregation */ + + for (; i + 4 * 16 <= src_len; i += 4 * 16) { + counter = incr_counters(rev_counters, counter, 4); + for (j = 0; j < 4; j++) { + encrypt_xor_block(st, dst + i + j * 16, src + i + j * 16, rev_counters[j]); + } + + u = gh_update0(sth, dst + i, st->hx[4 - 1 - 0]); + for (j = 1; j < 4; j += 1) { + gh_update(&u, dst + i + j * 16, st->hx[4 - 1 - j]); + } + sth->acc = gcm_reduce(u); + } + + /* 2-blocks aggregation */ + + for (; i + 2 * 16 <= src_len; i += 2 * 16) { + counter = incr_counters(rev_counters, counter, 2); + for (j = 0; j < 2; j++) { + encrypt_xor_block(st, dst + i + j * 16, src + i + j * 16, rev_counters[j]); + } + + u = gh_update0(sth, dst + i, st->hx[2 - 1 - 0]); + for (j = 1; j < 2; j += 1) { + gh_update(&u, dst + i + j * 16, st->hx[2 - 1 - j]); + } + sth->acc = gcm_reduce(u); + } + + /* Remaining *partial* blocks; if we have 16 bytes left, we want to keep the + full block authenticated along with the final block, hence < and not <= */ + + for (; i + 16 < src_len; i += 16) { + encrypt_xor_block(st, dst + i, src + i, REV128(counter)); + u = gh_update0(sth, dst + i, st->hx[1 - 1 - 0]); + sth->acc = gcm_reduce(u); + counter = ADD64x2(counter, one); + } + + /* Authenticate both the last block of the message and the final block */ + + final_block = REV128(SET64x2(ad_len * 8, src_len * 8)); + STORE32_BE(counter_ + NPUBBYTES, 1); + encrypt(st, mac, counter_); + left = src_len - i; + if (left != 0) { + for (j = 0; j < left; j++) { + last_blocks[j] = src[i + j]; + } + STORE128(last_blocks + 16, final_block); + encrypt_xor_block(st, last_blocks, last_blocks, REV128(counter)); + for (; j < 16; j++) { + last_blocks[j] = 0; + } + for (j = 0; j < left; j++) { + dst[i + j] = last_blocks[j]; + } + gh_ad_blocks(st, sth, last_blocks, 32); + } else { + STORE128(last_blocks, final_block); + gh_ad_blocks(st, sth, last_blocks, 16); + } + STORE128(mac, XOR128(LOAD128(mac), REV128(sth->acc))); +} + +/* Generic AES-GCM decryption. "Generic" as it can handle arbitrary input sizes, +unlike a length-limited version that would precompute all the required powers of H */ + +static void +aes_gcm_decrypt_generic(const State *st, GHash *sth, unsigned char mac[ABYTES], unsigned char *dst, + const unsigned char *src, size_t src_len, const unsigned char *ad, + size_t ad_len, unsigned char counter_[16]) +{ + CRYPTO_ALIGN(32) I256 u; + CRYPTO_ALIGN(16) unsigned char last_blocks[2 * 16]; + const BlockVec one = ONE128; + BlockVec final_block; + BlockVec rev_counters[PARALLEL_BLOCKS]; + BlockVec counter; + size_t i; + size_t j; + size_t left; + + COMPILER_ASSERT(PC_COUNT % PARALLEL_BLOCKS == 0); + + /* Associated data */ + + if (ad != NULL && ad_len != 0) { + gh_ad_blocks(st, sth, ad, ad_len & ~15); + left = ad_len & 15; + if (left != 0) { + unsigned char pad[16]; + + memset(pad, 0, sizeof pad); + memcpy(pad, ad + ad_len - left, left); + gh_ad_blocks(st, sth, pad, sizeof pad); + } + } + + /* Encrypted data */ + + counter = REV128(LOAD128(counter_)); + i = 0; + + /* 2*PARALLEL_BLOCKS aggregation */ + + while (i + 2 * PARALLEL_BLOCKS * 16 <= src_len) { + counter = incr_counters(rev_counters, counter, PARALLEL_BLOCKS); + + u = gh_update0(sth, src + i, st->hx[2 * PARALLEL_BLOCKS - 1 - 0]); + for (j = 1; j < PARALLEL_BLOCKS; j += 1) { + gh_update(&u, src + i + j * 16, st->hx[2 * PARALLEL_BLOCKS - 1 - j]); + } + + encrypt_xor_wide(st, dst + i, src + i, rev_counters); + + counter = incr_counters(rev_counters, counter, PARALLEL_BLOCKS); + + i += PARALLEL_BLOCKS * 16; + for (j = 0; j < PARALLEL_BLOCKS; j += 1) { + gh_update(&u, src + i + j * 16, st->hx[PARALLEL_BLOCKS - 1 - j]); + } + sth->acc = gcm_reduce(u); + + encrypt_xor_wide(st, dst + i, src + i, rev_counters); + i += PARALLEL_BLOCKS * 16; + } + + /* PARALLEL_BLOCKS aggregation */ + + for (; i + PARALLEL_BLOCKS * 16 <= src_len; i += PARALLEL_BLOCKS * 16) { + counter = incr_counters(rev_counters, counter, PARALLEL_BLOCKS); + + u = gh_update0(sth, src + i, st->hx[PARALLEL_BLOCKS - 1 - 0]); + for (j = 1; j < PARALLEL_BLOCKS; j += 1) { + gh_update(&u, src + i + j * 16, st->hx[PARALLEL_BLOCKS - 1 - j]); + } + sth->acc = gcm_reduce(u); + + encrypt_xor_wide(st, dst + i, src + i, rev_counters); + } + + /* 4-blocks aggregation */ + + for (; i + 4 * 16 <= src_len; i += 4 * 16) { + counter = incr_counters(rev_counters, counter, 4); + + u = gh_update0(sth, src + i, st->hx[4 - 1 - 0]); + for (j = 1; j < 4; j += 1) { + gh_update(&u, src + i + j * 16, st->hx[4 - 1 - j]); + } + sth->acc = gcm_reduce(u); + + for (j = 0; j < 4; j++) { + encrypt_xor_block(st, dst + i + j * 16, src + i + j * 16, rev_counters[j]); + } + } + + /* 2-blocks aggregation */ + + for (; i + 2 * 16 <= src_len; i += 2 * 16) { + counter = incr_counters(rev_counters, counter, 2); + + u = gh_update0(sth, src + i, st->hx[2 - 1 - 0]); + for (j = 1; j < 2; j += 1) { + gh_update(&u, src + i + j * 16, st->hx[2 - 1 - j]); + } + sth->acc = gcm_reduce(u); + + for (j = 0; j < 2; j++) { + encrypt_xor_block(st, dst + i + j * 16, src + i + j * 16, rev_counters[j]); + } + } + + /* Remaining *partial* blocks; if we have 16 bytes left, we want to keep the + full block authenticated along with the final block, hence < and not <= */ + + for (; i + 16 < src_len; i += 16) { + u = gh_update0(sth, src + i, st->hx[1 - 1 - 0]); + sth->acc = gcm_reduce(u); + encrypt_xor_block(st, dst + i, src + i, REV128(counter)); + counter = ADD64x2(counter, one); + } + + /* Authenticate both the last block of the message and the final block */ + + final_block = REV128(SET64x2(ad_len * 8, src_len * 8)); + STORE32_BE(counter_ + NPUBBYTES, 1); + encrypt(st, mac, counter_); + left = src_len - i; + if (left != 0) { + for (j = 0; j < left; j++) { + last_blocks[j] = src[i + j]; + } + for (; j < 16; j++) { + last_blocks[j] = 0; + } + STORE128(last_blocks + 16, final_block); + gh_ad_blocks(st, sth, last_blocks, 32); + encrypt_xor_block(st, last_blocks, last_blocks, REV128(counter)); + for (j = 0; j < left; j++) { + dst[i + j] = last_blocks[j]; + } + } else { + STORE128(last_blocks, final_block); + gh_ad_blocks(st, sth, last_blocks, 16); + } + STORE128(mac, XOR128(LOAD128(mac), REV128(sth->acc))); +} int -crypto_aead_aes256gcm_beforenm(crypto_aead_aes256gcm_state *ctx_, - const unsigned char *k) +crypto_aead_aes256gcm_beforenm(crypto_aead_aes256gcm_state *st_, const unsigned char *k) { - aes256gcm_state *ctx = (aes256gcm_state *) (void *) ctx_; - unsigned char *H = ctx->H; - __m128i *rkeys = ctx->rkeys; - __m128i zero = _mm_setzero_si128(); + State *st = (State *) (void *) st_; + CRYPTO_ALIGN(16) unsigned char h[16]; - COMPILER_ASSERT((sizeof *ctx_) >= (sizeof *ctx)); - aesni_key256_expand(k, rkeys); - aesni_encrypt1(H, zero, rkeys); + COMPILER_ASSERT(sizeof *st_ >= sizeof *st); + + expand256(k, st->rkeys); + memset(h, 0, sizeof h); + encrypt(st, h, h); + + precomp_for_block_count(st->hx, h, PC_COUNT); return 0; } int -crypto_aead_aes256gcm_encrypt_detached_afternm(unsigned char *c, - unsigned char *mac, unsigned long long *maclen_p, - const unsigned char *m, unsigned long long mlen, - const unsigned char *ad, unsigned long long adlen, - const unsigned char *nsec, - const unsigned char *npub, - const crypto_aead_aes256gcm_state *ctx_) +crypto_aead_aes256gcm_encrypt_detached_afternm(unsigned char *c, unsigned char *mac, + unsigned long long *maclen_p, const unsigned char *m, + unsigned long long m_len_, const unsigned char *ad, + unsigned long long ad_len_, + const unsigned char *nsec, const unsigned char *npub, + const crypto_aead_aes256gcm_state *st_) { - const __m128i rev = _mm_set_epi8(0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15); - const aes256gcm_state *ctx = (const aes256gcm_state *) (const void *) ctx_; - const __m128i *rkeys = ctx->rkeys; - __m128i Hv, H2v, H3v, H4v, accv; - unsigned long long i, j; - unsigned long long adlen_rnd64 = adlen & ~63ULL; - unsigned long long mlen_rnd128 = mlen & ~127ULL; - CRYPTO_ALIGN(16) uint32_t n2[4]; - CRYPTO_ALIGN(16) unsigned char H[16]; - CRYPTO_ALIGN(16) unsigned char T[16]; - CRYPTO_ALIGN(16) unsigned char accum[16]; - CRYPTO_ALIGN(16) unsigned char fb[16]; + const State *st = (const State *) (const void *) st_; + GHash sth; + CRYPTO_ALIGN(16) unsigned char j[16]; + size_t gh_required_blocks; + const size_t ad_len = (size_t) ad_len_; + const size_t m_len = (size_t) m_len_; (void) nsec; - memcpy(H, ctx->H, sizeof H); - if (mlen > crypto_aead_aes256gcm_MESSAGEBYTES_MAX) { - sodium_misuse(); /* LCOV_EXCL_LINE */ - } - memcpy(&n2[0], npub, 3 * 4); - n2[3] = 0x01000000; - aesni_encrypt1(T, _mm_load_si128((const __m128i *) n2), rkeys); - { - uint64_t x; - x = _bswap64((uint64_t) (8 * adlen)); - memcpy(&fb[0], &x, sizeof x); - x = _bswap64((uint64_t) (8 * mlen)); - memcpy(&fb[8], &x, sizeof x); - } - /* we store H (and it's power) byte-reverted once and for all */ - Hv = _mm_shuffle_epi8(_mm_load_si128((const __m128i *) H), rev); - _mm_store_si128((__m128i *) H, Hv); - H2v = mulv(Hv, Hv); - H3v = mulv(H2v, Hv); - H4v = mulv(H3v, Hv); - - accv = _mm_setzero_si128(); - /* unrolled by 4 GCM (by 8 doesn't improve using MULREDUCE4) */ - for (i = 0; i < adlen_rnd64; i += 64) { - __m128i X4_ = _mm_loadu_si128((const __m128i *) (ad + i + 0)); - __m128i X3_ = _mm_loadu_si128((const __m128i *) (ad + i + 16)); - __m128i X2_ = _mm_loadu_si128((const __m128i *) (ad + i + 32)); - __m128i X1_ = _mm_loadu_si128((const __m128i *) (ad + i + 48)); - MULREDUCE4(rev, Hv, H2v, H3v, H4v, X1_, X2_, X3_, X4_, accv); - } - _mm_store_si128((__m128i *) accum, accv); - - /* GCM remainder loop */ - for (i = adlen_rnd64; i < adlen; i += 16) { - unsigned int blocklen = 16; - - if (i + (unsigned long long) blocklen > adlen) { - blocklen = (unsigned int) (adlen - i); - } - addmul(accum, ad + i, blocklen, H); - } - -/* this only does 8 full blocks, so no fancy bounds checking is necessary*/ -#define LOOPRND128 \ - do { \ - const int iter = 8; \ - const int lb = iter * 16; \ - \ - for (i = 0; i < mlen_rnd128; i += lb) { \ - aesni_encrypt8full(c + i, n2, rkeys, m + i, accum, Hv, H2v, H3v, H4v, rev); \ - } \ - } while(0) - -/* remainder loop, with the slower GCM update to accommodate partial blocks */ -#define LOOPRMD128 \ - do { \ - const int iter = 8; \ - const int lb = iter * 16; \ - \ - for (i = mlen_rnd128; i < mlen; i += lb) { \ - CRYPTO_ALIGN(16) unsigned char outni[8 * 16]; \ - unsigned long long mj = lb; \ - \ - aesni_encrypt8(outni, n2, rkeys); \ - if ((i + mj) >= mlen) { \ - mj = mlen - i; \ - } \ - for (j = 0; j < mj; j++) { \ - c[i + j] = m[i + j] ^ outni[j]; \ - } \ - for (j = 0; j < mj; j += 16) { \ - unsigned int bl = 16; \ - \ - if (j + (unsigned long long) bl >= mj) { \ - bl = (unsigned int) (mj - j); \ - } \ - addmul(accum, c + i + j, bl, H); \ - } \ - } \ - } while(0) - - n2[3] &= 0x00ffffff; - COUNTER_INC2(n2); - LOOPRND128; - LOOPRMD128; - - addmul(accum, fb, 16, H); - - for (i = 0; i < 16; ++i) { - mac[i] = T[i] ^ accum[15 - i]; - } if (maclen_p != NULL) { - *maclen_p = 16; + *maclen_p = 0; + } + if (ad_len_ > SODIUM_SIZE_MAX || m_len_ > SODIUM_SIZE_MAX) { + sodium_misuse(); + } + gh_required_blocks = required_blocks(ad_len, m_len); + if (gh_required_blocks == 0) { + memset(mac, 0x00, ABYTES); + memset(c, 0, m_len); + return -1; + } + + gh_init(&sth); + + memcpy(j, npub, NPUBBYTES); + STORE32_BE(j + NPUBBYTES, 2); + + aes_gcm_encrypt_generic(st, &sth, mac, c, m, m_len, ad, ad_len, j); + + if (maclen_p != NULL) { + *maclen_p = ABYTES; } return 0; } +int +crypto_aead_aes256gcm_encrypt(unsigned char *c, unsigned long long *clen_p, const unsigned char *m, + unsigned long long m_len, const unsigned char *ad, + unsigned long long ad_len, const unsigned char *nsec, + const unsigned char *npub, const unsigned char *k) +{ + const int ret = crypto_aead_aes256gcm_encrypt_detached(c, c + m_len, NULL, m, m_len, ad, ad_len, + nsec, npub, k); + if (clen_p != NULL) { + if (ret == 0) { + *clen_p = m_len + crypto_aead_aes256gcm_ABYTES; + } else { + *clen_p = 0; + } + } + return ret; +} + +int +crypto_aead_aes256gcm_encrypt_detached(unsigned char *c, unsigned char *mac, + unsigned long long *maclen_p, const unsigned char *m, + unsigned long long m_len, const unsigned char *ad, + unsigned long long ad_len, const unsigned char *nsec, + const unsigned char *npub, const unsigned char *k) +{ + CRYPTO_ALIGN(16) crypto_aead_aes256gcm_state st; + int ret; + + PREFETCH_WRITE(c); + PREFETCH_READ(m); + PREFETCH_READ(ad); + + crypto_aead_aes256gcm_beforenm(&st, k); + ret = crypto_aead_aes256gcm_encrypt_detached_afternm(c, mac, maclen_p, m, m_len, ad, ad_len, + nsec, npub, &st); + sodium_memzero(&st, sizeof st); + + return ret; +} + int crypto_aead_aes256gcm_encrypt_afternm(unsigned char *c, unsigned long long *clen_p, const unsigned char *m, unsigned long long mlen, const unsigned char *ad, unsigned long long adlen, - const unsigned char *nsec, - const unsigned char *npub, - const crypto_aead_aes256gcm_state *ctx_) + const unsigned char *nsec, const unsigned char *npub, + const crypto_aead_aes256gcm_state *st_) { - int ret = crypto_aead_aes256gcm_encrypt_detached_afternm(c, - c + mlen, NULL, - m, mlen, - ad, adlen, - nsec, npub, ctx_); + int ret = crypto_aead_aes256gcm_encrypt_detached_afternm(c, c + mlen, NULL, m, mlen, ad, adlen, + nsec, npub, st_); if (clen_p != NULL) { *clen_p = mlen + crypto_aead_aes256gcm_ABYTES; } return ret; } -int -crypto_aead_aes256gcm_decrypt_detached_afternm(unsigned char *m, unsigned char *nsec, - const unsigned char *c, unsigned long long clen, - const unsigned char *mac, - const unsigned char *ad, unsigned long long adlen, - const unsigned char *npub, - const crypto_aead_aes256gcm_state *ctx_) +static int +crypto_aead_aes256gcm_verify_mac(unsigned char *nsec, const unsigned char *c, + unsigned long long c_len_, const unsigned char *mac, + const unsigned char *ad, unsigned long long ad_len_, + const unsigned char *npub, const crypto_aead_aes256gcm_state *st_) { - const __m128i rev = _mm_set_epi8(0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15); - const aes256gcm_state *ctx = (const aes256gcm_state *) (const void *) ctx_; - const __m128i *rkeys = ctx->rkeys; - __m128i Hv, H2v, H3v, H4v, accv; - unsigned long long i, j; - unsigned long long adlen_rnd64 = adlen & ~63ULL; - unsigned long long mlen; - unsigned long long mlen_rnd128; - CRYPTO_ALIGN(16) uint32_t n2[4]; - CRYPTO_ALIGN(16) unsigned char H[16]; - CRYPTO_ALIGN(16) unsigned char T[16]; - CRYPTO_ALIGN(16) unsigned char accum[16]; - CRYPTO_ALIGN(16) unsigned char fb[16]; + const State *st = (const State *) (const void *) st_; + GHash sth; + BlockVec final_block; + CRYPTO_ALIGN(16) unsigned char j[16]; + CRYPTO_ALIGN(16) unsigned char computed_mac[16]; + CRYPTO_ALIGN(16) unsigned char last_block[16]; + size_t gh_required_blocks; + size_t left; + const size_t ad_len = (size_t) ad_len_; + const size_t c_len = (size_t) c_len_; + int ret; (void) nsec; - if (clen > crypto_aead_aes256gcm_MESSAGEBYTES_MAX) { - sodium_misuse(); /* LCOV_EXCL_LINE */ + if (ad_len_ > SODIUM_SIZE_MAX || c_len_ > SODIUM_SIZE_MAX) { + sodium_misuse(); } - mlen = clen; - - memcpy(&n2[0], npub, 3 * 4); - n2[3] = 0x01000000; - aesni_encrypt1(T, _mm_load_si128((const __m128i *) n2), rkeys); - - { - uint64_t x; - x = _bswap64((uint64_t)(8 * adlen)); - memcpy(&fb[0], &x, sizeof x); - x = _bswap64((uint64_t)(8 * mlen)); - memcpy(&fb[8], &x, sizeof x); + gh_required_blocks = required_blocks(ad_len, c_len); + if (gh_required_blocks == 0) { + return -1; } - memcpy(H, ctx->H, sizeof H); - Hv = _mm_shuffle_epi8(_mm_load_si128((const __m128i *) H), rev); - _mm_store_si128((__m128i *) H, Hv); - H2v = mulv(Hv, Hv); - H3v = mulv(H2v, Hv); - H4v = mulv(H3v, Hv); + gh_init(&sth); - accv = _mm_setzero_si128(); - for (i = 0; i < adlen_rnd64; i += 64) { - __m128i X4_ = _mm_loadu_si128((const __m128i *) (ad + i + 0)); - __m128i X3_ = _mm_loadu_si128((const __m128i *) (ad + i + 16)); - __m128i X2_ = _mm_loadu_si128((const __m128i *) (ad + i + 32)); - __m128i X1_ = _mm_loadu_si128((const __m128i *) (ad + i + 48)); - MULREDUCE4(rev, Hv, H2v, H3v, H4v, X1_, X2_, X3_, X4_, accv); - } - _mm_store_si128((__m128i *) accum, accv); + memcpy(j, npub, NPUBBYTES); + STORE32_BE(j + NPUBBYTES, 2); - for (i = adlen_rnd64; i < adlen; i += 16) { - unsigned int blocklen = 16; - if (i + (unsigned long long) blocklen > adlen) { - blocklen = (unsigned int) (adlen - i); - } - addmul(accum, ad + i, blocklen, H); + gh_ad_blocks(st, &sth, ad, ad_len & ~15); + left = ad_len & 15; + if (left != 0) { + unsigned char pad[16]; + + memset(pad, 0, sizeof pad); + memcpy(pad, ad + ad_len - left, left); + gh_ad_blocks(st, &sth, pad, sizeof pad); } - mlen_rnd128 = mlen & ~127ULL; + gh_ad_blocks(st, &sth, c, c_len & ~15); + left = c_len & 15; + if (left != 0) { + unsigned char pad[16]; -#define LOOPACCUMDRND128 \ - do { \ - const int iter = 8; \ - const int lb = iter * 16; \ - for (i = 0; i < mlen_rnd128; i += lb) { \ - aesni_addmul8full(c + i, accum, Hv, H2v, H3v, H4v, rev); \ - } \ - } while(0) - -#define LOOPDRND128 \ - do { \ - const int iter = 8; \ - const int lb = iter * 16; \ - \ - for (i = 0; i < mlen_rnd128; i += lb) { \ - aesni_decrypt8full(m + i, n2, rkeys, c + i); \ - } \ - } while(0) - -#define LOOPACCUMDRMD128 \ - do { \ - const int iter = 8; \ - const int lb = iter * 16; \ - \ - for (i = mlen_rnd128; i < mlen; i += lb) { \ - unsigned long long mj = lb; \ - \ - if ((i + mj) >= mlen) { \ - mj = mlen - i; \ - } \ - for (j = 0; j < mj; j += 16) { \ - unsigned int bl = 16; \ - \ - if (j + (unsigned long long) bl >= mj) { \ - bl = (unsigned int) (mj - j); \ - } \ - addmul(accum, c + i + j, bl, H); \ - } \ - } \ - } while(0) - -#define LOOPDRMD128 \ - do { \ - const int iter = 8; \ - const int lb = iter * 16; \ - \ - for (i = mlen_rnd128; i < mlen; i += lb) { \ - CRYPTO_ALIGN(16) unsigned char outni[8 * 16]; \ - unsigned long long mj = lb; \ - \ - if ((i + mj) >= mlen) { \ - mj = mlen - i; \ - } \ - aesni_encrypt8(outni, n2, rkeys); \ - for (j = 0; j < mj; j++) { \ - m[i + j] = c[i + j] ^ outni[j]; \ - } \ - } \ - } while(0) - - n2[3] &= 0x00ffffff; - - COUNTER_INC2(n2); - LOOPACCUMDRND128; - LOOPACCUMDRMD128; - addmul(accum, fb, 16, H); - { - unsigned char d = 0; - - for (i = 0; i < 16; i++) { - d |= (mac[i] ^ (T[i] ^ accum[15 - i])); - } - if (d != 0) { - if (m != NULL) { - memset(m, 0, mlen); - } - return -1; - } - if (m == NULL) { - return 0; - } + memset(pad, 0, sizeof pad); + memcpy(pad, c + c_len - left, left); + gh_ad_blocks(st, &sth, pad, sizeof pad); } - n2[3] = 0U; - COUNTER_INC2(n2); - LOOPDRND128; - LOOPDRMD128; + final_block = REV128(SET64x2(ad_len * 8, c_len * 8)); + STORE32_BE(j + NPUBBYTES, 1); + encrypt(st, computed_mac, j); + STORE128(last_block, final_block); + gh_ad_blocks(st, &sth, last_block, 16); + STORE128(computed_mac, XOR128(LOAD128(computed_mac), REV128(sth.acc))); + ret = crypto_verify_16(mac, computed_mac); + sodium_memzero(computed_mac, sizeof computed_mac); + + return ret; +} + +int +crypto_aead_aes256gcm_decrypt_detached_afternm(unsigned char *m, unsigned char *nsec, + const unsigned char *c, unsigned long long c_len_, + const unsigned char *mac, const unsigned char *ad, + unsigned long long ad_len_, + const unsigned char *npub, + const crypto_aead_aes256gcm_state *st_) +{ + const State *st = (const State *) (const void *) st_; + GHash sth; + CRYPTO_ALIGN(16) unsigned char j[16]; + unsigned char computed_mac[16]; + size_t gh_required_blocks; + const size_t ad_len = (size_t) ad_len_; + const size_t c_len = (size_t) c_len_; + const size_t m_len = c_len; + + (void) nsec; + if (ad_len_ > SODIUM_SIZE_MAX || c_len_ > SODIUM_SIZE_MAX) { + sodium_misuse(); + } + if (m == NULL) { + return crypto_aead_aes256gcm_verify_mac(nsec, c, c_len, mac, ad, ad_len, npub, st_); + } + gh_required_blocks = required_blocks(ad_len, m_len); + if (gh_required_blocks == 0) { + return -1; + } + + gh_init(&sth); + + memcpy(j, npub, NPUBBYTES); + STORE32_BE(j + NPUBBYTES, 2); + + aes_gcm_decrypt_generic(st, &sth, computed_mac, m, c, m_len, ad, ad_len, j); + + if (crypto_verify_16(mac, computed_mac) != 0) { + sodium_memzero(computed_mac, sizeof computed_mac); + memset(m, 0x00, m_len); + return -1; + } return 0; } int crypto_aead_aes256gcm_decrypt_afternm(unsigned char *m, unsigned long long *mlen_p, - unsigned char *nsec, - const unsigned char *c, unsigned long long clen, - const unsigned char *ad, unsigned long long adlen, - const unsigned char *npub, - const crypto_aead_aes256gcm_state *ctx_) + unsigned char *nsec, const unsigned char *c, + unsigned long long clen, const unsigned char *ad, + unsigned long long adlen, const unsigned char *npub, + const crypto_aead_aes256gcm_state *st_) { unsigned long long mlen = 0ULL; - int ret = -1; + int ret = -1; - if (clen >= crypto_aead_aes256gcm_ABYTES) { - ret = crypto_aead_aes256gcm_decrypt_detached_afternm - (m, nsec, c, clen - crypto_aead_aes256gcm_ABYTES, - c + clen - crypto_aead_aes256gcm_ABYTES, - ad, adlen, npub, ctx_); + if (clen >= ABYTES) { + ret = crypto_aead_aes256gcm_decrypt_detached_afternm( + m, nsec, c, clen - ABYTES, c + clen - ABYTES, ad, adlen, npub, st_); } if (mlen_p != NULL) { if (ret == 0) { - mlen = clen - crypto_aead_aes256gcm_ABYTES; + mlen = clen - ABYTES; } *mlen_p = mlen; } @@ -823,90 +953,42 @@ crypto_aead_aes256gcm_decrypt_afternm(unsigned char *m, unsigned long long *mlen } int -crypto_aead_aes256gcm_encrypt_detached(unsigned char *c, - unsigned char *mac, - unsigned long long *maclen_p, - const unsigned char *m, - unsigned long long mlen, - const unsigned char *ad, - unsigned long long adlen, - const unsigned char *nsec, - const unsigned char *npub, +crypto_aead_aes256gcm_decrypt_detached(unsigned char *m, unsigned char *nsec, + const unsigned char *c, unsigned long long clen, + const unsigned char *mac, const unsigned char *ad, + unsigned long long adlen, const unsigned char *npub, const unsigned char *k) { - CRYPTO_ALIGN(16) crypto_aead_aes256gcm_state ctx; + CRYPTO_ALIGN(16) crypto_aead_aes256gcm_state st; - crypto_aead_aes256gcm_beforenm(&ctx, k); + PREFETCH_WRITE(m); + PREFETCH_READ(c); + PREFETCH_READ(ad); - return crypto_aead_aes256gcm_encrypt_detached_afternm - (c, mac, maclen_p, m, mlen, ad, adlen, nsec, npub, - (const crypto_aead_aes256gcm_state *) &ctx); + crypto_aead_aes256gcm_beforenm(&st, k); + + return crypto_aead_aes256gcm_decrypt_detached_afternm( + m, nsec, c, clen, mac, ad, adlen, npub, (const crypto_aead_aes256gcm_state *) &st); } int -crypto_aead_aes256gcm_encrypt(unsigned char *c, - unsigned long long *clen_p, - const unsigned char *m, - unsigned long long mlen, - const unsigned char *ad, - unsigned long long adlen, - const unsigned char *nsec, - const unsigned char *npub, - const unsigned char *k) +crypto_aead_aes256gcm_decrypt(unsigned char *m, unsigned long long *mlen_p, unsigned char *nsec, + const unsigned char *c, unsigned long long clen, + const unsigned char *ad, unsigned long long adlen, + const unsigned char *npub, const unsigned char *k) { - CRYPTO_ALIGN(16) crypto_aead_aes256gcm_state ctx; - int ret; + CRYPTO_ALIGN(16) crypto_aead_aes256gcm_state st; + int ret; - crypto_aead_aes256gcm_beforenm(&ctx, k); + PREFETCH_WRITE(m); + PREFETCH_READ(c); + PREFETCH_READ(ad); - ret = crypto_aead_aes256gcm_encrypt_afternm - (c, clen_p, m, mlen, ad, adlen, nsec, npub, - (const crypto_aead_aes256gcm_state *) &ctx); - sodium_memzero(&ctx, sizeof ctx); + crypto_aead_aes256gcm_beforenm(&st, k); - return ret; -} - -int -crypto_aead_aes256gcm_decrypt_detached(unsigned char *m, - unsigned char *nsec, - const unsigned char *c, - unsigned long long clen, - const unsigned char *mac, - const unsigned char *ad, - unsigned long long adlen, - const unsigned char *npub, - const unsigned char *k) -{ - CRYPTO_ALIGN(16) crypto_aead_aes256gcm_state ctx; - - crypto_aead_aes256gcm_beforenm(&ctx, k); - - return crypto_aead_aes256gcm_decrypt_detached_afternm - (m, nsec, c, clen, mac, ad, adlen, npub, - (const crypto_aead_aes256gcm_state *) &ctx); -} - -int -crypto_aead_aes256gcm_decrypt(unsigned char *m, - unsigned long long *mlen_p, - unsigned char *nsec, - const unsigned char *c, - unsigned long long clen, - const unsigned char *ad, - unsigned long long adlen, - const unsigned char *npub, - const unsigned char *k) -{ - CRYPTO_ALIGN(16) crypto_aead_aes256gcm_state ctx; - int ret; - - crypto_aead_aes256gcm_beforenm(&ctx, k); - - ret = crypto_aead_aes256gcm_decrypt_afternm - (m, mlen_p, nsec, c, clen, ad, adlen, npub, - (const crypto_aead_aes256gcm_state *) &ctx); - sodium_memzero(&ctx, sizeof ctx); + ret = crypto_aead_aes256gcm_decrypt_afternm(m, mlen_p, nsec, c, clen, ad, adlen, npub, + (const crypto_aead_aes256gcm_state *) &st); + sodium_memzero(&st, sizeof st); return ret; } @@ -919,16 +1001,36 @@ crypto_aead_aes256gcm_is_available(void) #else +#ifndef ENOSYS +#define ENOSYS ENXIO +#endif + int -crypto_aead_aes256gcm_encrypt_detached(unsigned char *c, - unsigned char *mac, - unsigned long long *maclen_p, - const unsigned char *m, - unsigned long long mlen, - const unsigned char *ad, - unsigned long long adlen, - const unsigned char *nsec, - const unsigned char *npub, +crypto_aead_aes256gcm_encrypt_detached(unsigned char *c, unsigned char *mac, + unsigned long long *maclen_p, const unsigned char *m, + unsigned long long mlen, const unsigned char *ad, + unsigned long long adlen, const unsigned char *nsec, + const unsigned char *npub, const unsigned char *k) +{ + errno = ENOSYS; + return -1; +} + +int +crypto_aead_aes256gcm_encrypt(unsigned char *c, unsigned long long *clen_p, const unsigned char *m, + unsigned long long mlen, const unsigned char *ad, + unsigned long long adlen, const unsigned char *nsec, + const unsigned char *npub, const unsigned char *k) +{ + errno = ENOSYS; + return -1; +} + +int +crypto_aead_aes256gcm_decrypt_detached(unsigned char *m, unsigned char *nsec, + const unsigned char *c, unsigned long long clen, + const unsigned char *mac, const unsigned char *ad, + unsigned long long adlen, const unsigned char *npub, const unsigned char *k) { errno = ENOSYS; @@ -936,58 +1038,29 @@ crypto_aead_aes256gcm_encrypt_detached(unsigned char *c, } int -crypto_aead_aes256gcm_encrypt(unsigned char *c, unsigned long long *clen_p, - const unsigned char *m, unsigned long long mlen, +crypto_aead_aes256gcm_decrypt(unsigned char *m, unsigned long long *mlen_p, unsigned char *nsec, + const unsigned char *c, unsigned long long clen, const unsigned char *ad, unsigned long long adlen, - const unsigned char *nsec, const unsigned char *npub, - const unsigned char *k) + const unsigned char *npub, const unsigned char *k) { errno = ENOSYS; return -1; } int -crypto_aead_aes256gcm_decrypt_detached(unsigned char *m, - unsigned char *nsec, - const unsigned char *c, - unsigned long long clen, - const unsigned char *mac, - const unsigned char *ad, - unsigned long long adlen, - const unsigned char *npub, - const unsigned char *k) +crypto_aead_aes256gcm_beforenm(crypto_aead_aes256gcm_state *st_, const unsigned char *k) { errno = ENOSYS; return -1; } int -crypto_aead_aes256gcm_decrypt(unsigned char *m, unsigned long long *mlen_p, - unsigned char *nsec, const unsigned char *c, - unsigned long long clen, const unsigned char *ad, - unsigned long long adlen, const unsigned char *npub, - const unsigned char *k) -{ - errno = ENOSYS; - return -1; -} - -int -crypto_aead_aes256gcm_beforenm(crypto_aead_aes256gcm_state *ctx_, - const unsigned char *k) -{ - errno = ENOSYS; - return -1; -} - -int -crypto_aead_aes256gcm_encrypt_detached_afternm(unsigned char *c, - unsigned char *mac, unsigned long long *maclen_p, - const unsigned char *m, unsigned long long mlen, - const unsigned char *ad, unsigned long long adlen, - const unsigned char *nsec, - const unsigned char *npub, - const crypto_aead_aes256gcm_state *ctx_) +crypto_aead_aes256gcm_encrypt_detached_afternm(unsigned char *c, unsigned char *mac, + unsigned long long *maclen_p, const unsigned char *m, + unsigned long long mlen, const unsigned char *ad, + unsigned long long adlen, const unsigned char *nsec, + const unsigned char *npub, + const crypto_aead_aes256gcm_state *st_) { errno = ENOSYS; return -1; @@ -998,7 +1071,7 @@ crypto_aead_aes256gcm_encrypt_afternm(unsigned char *c, unsigned long long *clen const unsigned char *m, unsigned long long mlen, const unsigned char *ad, unsigned long long adlen, const unsigned char *nsec, const unsigned char *npub, - const crypto_aead_aes256gcm_state *ctx_) + const crypto_aead_aes256gcm_state *st_) { errno = ENOSYS; return -1; @@ -1007,10 +1080,9 @@ crypto_aead_aes256gcm_encrypt_afternm(unsigned char *c, unsigned long long *clen int crypto_aead_aes256gcm_decrypt_detached_afternm(unsigned char *m, unsigned char *nsec, const unsigned char *c, unsigned long long clen, - const unsigned char *mac, - const unsigned char *ad, unsigned long long adlen, - const unsigned char *npub, - const crypto_aead_aes256gcm_state *ctx_) + const unsigned char *mac, const unsigned char *ad, + unsigned long long adlen, const unsigned char *npub, + const crypto_aead_aes256gcm_state *st_) { errno = ENOSYS; return -1; @@ -1018,11 +1090,10 @@ crypto_aead_aes256gcm_decrypt_detached_afternm(unsigned char *m, unsigned char * int crypto_aead_aes256gcm_decrypt_afternm(unsigned char *m, unsigned long long *mlen_p, - unsigned char *nsec, - const unsigned char *c, unsigned long long clen, - const unsigned char *ad, unsigned long long adlen, - const unsigned char *npub, - const crypto_aead_aes256gcm_state *ctx_) + unsigned char *nsec, const unsigned char *c, + unsigned long long clen, const unsigned char *ad, + unsigned long long adlen, const unsigned char *npub, + const crypto_aead_aes256gcm_state *st_) { errno = ENOSYS; return -1; diff --git a/deps/libsodium/src/libsodium/crypto_pwhash/argon2/argon2.c b/deps/libsodium/src/libsodium/crypto_pwhash/argon2/argon2.c index c6277fc8..5912f7fc 100644 --- a/deps/libsodium/src/libsodium/crypto_pwhash/argon2/argon2.c +++ b/deps/libsodium/src/libsodium/crypto_pwhash/argon2/argon2.c @@ -17,6 +17,7 @@ #include #include +#include "randombytes.h" #include "utils.h" #include "argon2-core.h" @@ -93,6 +94,10 @@ argon2_hash(const uint32_t t_cost, const uint32_t m_cost, int result; uint8_t *out; + if (hash != NULL) { + randombytes_buf(hash, hashlen); + } + if (pwdlen > ARGON2_MAX_PWD_LENGTH) { return ARGON2_PWD_TOO_LONG; } diff --git a/deps/libsodium/src/libsodium/crypto_pwhash/scryptsalsa208sha256/crypto_scrypt-common.c b/deps/libsodium/src/libsodium/crypto_pwhash/scryptsalsa208sha256/crypto_scrypt-common.c index c4dd46a2..65aebb11 100644 --- a/deps/libsodium/src/libsodium/crypto_pwhash/scryptsalsa208sha256/crypto_scrypt-common.c +++ b/deps/libsodium/src/libsodium/crypto_pwhash/scryptsalsa208sha256/crypto_scrypt-common.c @@ -24,6 +24,7 @@ #include "crypto_pwhash_scryptsalsa208sha256.h" #include "crypto_scrypt.h" #include "private/common.h" +#include "randombytes.h" #include "runtime.h" #include "utils.h" @@ -150,6 +151,10 @@ escrypt_r(escrypt_local_t *local, const uint8_t *passwd, size_t passwdlen, uint32_t r; uint32_t p; + if (buf != NULL) { + randombytes_buf(buf, buflen); + } + src = escrypt_parse_setting(setting, &N_log2, &r, &p); if (!src) { return NULL; diff --git a/deps/libsodium/src/libsodium/crypto_scalarmult/curve25519/ref10/x25519_ref10.c b/deps/libsodium/src/libsodium/crypto_scalarmult/curve25519/ref10/x25519_ref10.c index 9eaf0235..d2989228 100644 --- a/deps/libsodium/src/libsodium/crypto_scalarmult/curve25519/ref10/x25519_ref10.c +++ b/deps/libsodium/src/libsodium/crypto_scalarmult/curve25519/ref10/x25519_ref10.c @@ -74,7 +74,7 @@ crypto_scalarmult_curve25519_ref10(unsigned char *q, const unsigned char *n, const unsigned char *p) { - unsigned char *t = q; + unsigned char t[32]; unsigned int i; fe25519 x1; fe25519 x2; @@ -136,6 +136,8 @@ crypto_scalarmult_curve25519_ref10(unsigned char *q, fe25519_mul(x2, x2, z2); fe25519_tobytes(q, x2); + sodium_memzero(t, sizeof t); + return 0; } diff --git a/deps/libsodium/src/libsodium/crypto_scalarmult/curve25519/sandy2x/curve25519_sandy2x.c b/deps/libsodium/src/libsodium/crypto_scalarmult/curve25519/sandy2x/curve25519_sandy2x.c index 0f8f8b13..d653b21f 100644 --- a/deps/libsodium/src/libsodium/crypto_scalarmult/curve25519/sandy2x/curve25519_sandy2x.c +++ b/deps/libsodium/src/libsodium/crypto_scalarmult/curve25519/sandy2x/curve25519_sandy2x.c @@ -24,40 +24,42 @@ static int crypto_scalarmult_curve25519_sandy2x(unsigned char *q, const unsigned char *n, const unsigned char *p) { - unsigned char *t = q; - fe var[3]; - fe51 x_51; - fe51 z_51; - unsigned int i; + unsigned char t[32]; + fe var[3]; + fe51 x_51; + fe51 z_51; + unsigned int i; - for (i = 0; i < 32; i++) { - t[i] = n[i]; - } - t[0] &= 248; - t[31] &= 127; - t[31] |= 64; + for (i = 0; i < 32; i++) { + t[i] = n[i]; + } + t[0] &= 248; + t[31] &= 127; + t[31] |= 64; - fe_frombytes(x1, p); + fe_frombytes(x1, p); - ladder(var, t); + ladder(var, t); - z_51.v[0] = (z2[1] << 26) + z2[0]; - z_51.v[1] = (z2[3] << 26) + z2[2]; - z_51.v[2] = (z2[5] << 26) + z2[4]; - z_51.v[3] = (z2[7] << 26) + z2[6]; - z_51.v[4] = (z2[9] << 26) + z2[8]; + z_51.v[0] = (z2[1] << 26) + z2[0]; + z_51.v[1] = (z2[3] << 26) + z2[2]; + z_51.v[2] = (z2[5] << 26) + z2[4]; + z_51.v[3] = (z2[7] << 26) + z2[6]; + z_51.v[4] = (z2[9] << 26) + z2[8]; - x_51.v[0] = (x2[1] << 26) + x2[0]; - x_51.v[1] = (x2[3] << 26) + x2[2]; - x_51.v[2] = (x2[5] << 26) + x2[4]; - x_51.v[3] = (x2[7] << 26) + x2[6]; - x_51.v[4] = (x2[9] << 26) + x2[8]; + x_51.v[0] = (x2[1] << 26) + x2[0]; + x_51.v[1] = (x2[3] << 26) + x2[2]; + x_51.v[2] = (x2[5] << 26) + x2[4]; + x_51.v[3] = (x2[7] << 26) + x2[6]; + x_51.v[4] = (x2[9] << 26) + x2[8]; - fe51_invert(&z_51, &z_51); - fe51_mul(&x_51, &x_51, &z_51); - fe51_pack(q, &x_51); + fe51_invert(&z_51, &z_51); + fe51_mul(&x_51, &x_51, &z_51); + fe51_pack(q, &x_51); - return 0; + sodium_memzero(t, sizeof t); + + return 0; } struct crypto_scalarmult_curve25519_implementation diff --git a/deps/libsodium/src/libsodium/crypto_scalarmult/curve25519/sandy2x/fe_frombytes_sandy2x.c b/deps/libsodium/src/libsodium/crypto_scalarmult/curve25519/sandy2x/fe_frombytes_sandy2x.c index 2fe081ee..b6e687ea 100644 --- a/deps/libsodium/src/libsodium/crypto_scalarmult/curve25519/sandy2x/fe_frombytes_sandy2x.c +++ b/deps/libsodium/src/libsodium/crypto_scalarmult/curve25519/sandy2x/fe_frombytes_sandy2x.c @@ -9,70 +9,70 @@ static uint64_t load_3(const unsigned char *in) { - uint64_t result; - result = (uint64_t) in[0]; - result |= ((uint64_t) in[1]) << 8; - result |= ((uint64_t) in[2]) << 16; - return result; + uint64_t result; + result = (uint64_t) in[0]; + result |= ((uint64_t) in[1]) << 8; + result |= ((uint64_t) in[2]) << 16; + return result; } static uint64_t load_4(const unsigned char *in) { - uint64_t result; - result = (uint64_t) in[0]; - result |= ((uint64_t) in[1]) << 8; - result |= ((uint64_t) in[2]) << 16; - result |= ((uint64_t) in[3]) << 24; - return result; + uint64_t result; + result = (uint64_t) in[0]; + result |= ((uint64_t) in[1]) << 8; + result |= ((uint64_t) in[2]) << 16; + result |= ((uint64_t) in[3]) << 24; + return result; } void fe_frombytes(fe h, const unsigned char *s) { - uint64_t h0 = load_4(s); - uint64_t h1 = load_3(s + 4) << 6; - uint64_t h2 = load_3(s + 7) << 5; - uint64_t h3 = load_3(s + 10) << 3; - uint64_t h4 = load_3(s + 13) << 2; - uint64_t h5 = load_4(s + 16); - uint64_t h6 = load_3(s + 20) << 7; - uint64_t h7 = load_3(s + 23) << 5; - uint64_t h8 = load_3(s + 26) << 4; - uint64_t h9 = (load_3(s + 29) & 8388607) << 2; - uint64_t carry0; - uint64_t carry1; - uint64_t carry2; - uint64_t carry3; - uint64_t carry4; - uint64_t carry5; - uint64_t carry6; - uint64_t carry7; - uint64_t carry8; - uint64_t carry9; + uint64_t h0 = load_4(s); + uint64_t h1 = load_3(s + 4) << 6; + uint64_t h2 = load_3(s + 7) << 5; + uint64_t h3 = load_3(s + 10) << 3; + uint64_t h4 = load_3(s + 13) << 2; + uint64_t h5 = load_4(s + 16); + uint64_t h6 = load_3(s + 20) << 7; + uint64_t h7 = load_3(s + 23) << 5; + uint64_t h8 = load_3(s + 26) << 4; + uint64_t h9 = (load_3(s + 29) & 8388607) << 2; + uint64_t carry0; + uint64_t carry1; + uint64_t carry2; + uint64_t carry3; + uint64_t carry4; + uint64_t carry5; + uint64_t carry6; + uint64_t carry7; + uint64_t carry8; + uint64_t carry9; - carry9 = h9 >> 25; h0 += carry9 * 19; h9 &= 0x1FFFFFF; - carry1 = h1 >> 25; h2 += carry1; h1 &= 0x1FFFFFF; - carry3 = h3 >> 25; h4 += carry3; h3 &= 0x1FFFFFF; - carry5 = h5 >> 25; h6 += carry5; h5 &= 0x1FFFFFF; - carry7 = h7 >> 25; h8 += carry7; h7 &= 0x1FFFFFF; + carry9 = h9 >> 25; h0 += carry9 * 19; h9 &= 0x1FFFFFF; + carry1 = h1 >> 25; h2 += carry1; h1 &= 0x1FFFFFF; + carry3 = h3 >> 25; h4 += carry3; h3 &= 0x1FFFFFF; + carry5 = h5 >> 25; h6 += carry5; h5 &= 0x1FFFFFF; + carry7 = h7 >> 25; h8 += carry7; h7 &= 0x1FFFFFF; - carry0 = h0 >> 26; h1 += carry0; h0 &= 0x3FFFFFF; - carry2 = h2 >> 26; h3 += carry2; h2 &= 0x3FFFFFF; - carry4 = h4 >> 26; h5 += carry4; h4 &= 0x3FFFFFF; - carry6 = h6 >> 26; h7 += carry6; h6 &= 0x3FFFFFF; - carry8 = h8 >> 26; h9 += carry8; h8 &= 0x3FFFFFF; + carry0 = h0 >> 26; h1 += carry0; h0 &= 0x3FFFFFF; + carry2 = h2 >> 26; h3 += carry2; h2 &= 0x3FFFFFF; + carry4 = h4 >> 26; h5 += carry4; h4 &= 0x3FFFFFF; + carry6 = h6 >> 26; h7 += carry6; h6 &= 0x3FFFFFF; + carry8 = h8 >> 26; h9 += carry8; h8 &= 0x3FFFFFF; - h[0] = h0; - h[1] = h1; - h[2] = h2; - h[3] = h3; - h[4] = h4; - h[5] = h5; - h[6] = h6; - h[7] = h7; - h[8] = h8; - h[9] = h9; + h[0] = h0; + h[1] = h1; + h[2] = h2; + h[3] = h3; + h[4] = h4; + h[5] = h5; + h[6] = h6; + h[7] = h7; + h[8] = h8; + h[9] = h9; } #endif diff --git a/deps/libsodium/src/libsodium/crypto_stream/salsa20/xmm6int/u0.h b/deps/libsodium/src/libsodium/crypto_stream/salsa20/xmm6int/u0.h index 830f70e8..2bc527d0 100644 --- a/deps/libsodium/src/libsodium/crypto_stream/salsa20/xmm6int/u0.h +++ b/deps/libsodium/src/libsodium/crypto_stream/salsa20/xmm6int/u0.h @@ -5,7 +5,7 @@ if (bytes > 0) { __m128i diag3 = _mm_loadu_si128((const __m128i *) (x + 12)); __m128i a0, a1, a2, a3, a4, a5, a6, a7; __m128i b0, b1, b2, b3, b4, b5, b6, b7; - uint8_t partialblock[64]; + uint8_t partialblock[64] = { 0 }; unsigned int i; diff --git a/deps/libsodium/src/libsodium/sodium/utils.c b/deps/libsodium/src/libsodium/sodium/utils.c index 82005cbf..0fe77007 100644 --- a/deps/libsodium/src/libsodium/sodium/utils.c +++ b/deps/libsodium/src/libsodium/sodium/utils.c @@ -121,7 +121,7 @@ _sodium_dummy_symbol_to_prevent_memzero_lto(void *const pnt, void sodium_memzero(void * const pnt, const size_t len) { -#ifdef _WIN32 +#if defined(_WIN32) && !defined(__CRT_INLINE) SecureZeroMemory(pnt, len); #elif defined(HAVE_MEMSET_S) if (len > 0U && memset_s(pnt, (rsize_t) len, 0, (rsize_t) len) != 0) { @@ -129,6 +129,8 @@ sodium_memzero(void * const pnt, const size_t len) } #elif defined(HAVE_EXPLICIT_BZERO) explicit_bzero(pnt, len); +#elif defined(HAVE_MEMSET_EXPLICIT) + memset_explicit(pnt, 0, len); #elif defined(HAVE_EXPLICIT_MEMSET) explicit_memset(pnt, 0, len); #elif HAVE_WEAK_SYMBOLS @@ -614,7 +616,7 @@ _sodium_malloc(const size_t size) memcpy(unprotected_ptr + unprotected_size, canary, sizeof canary); # endif _mprotect_noaccess(unprotected_ptr + unprotected_size, page_size); - sodium_mlock(unprotected_ptr, unprotected_size); + (void) sodium_mlock(unprotected_ptr, unprotected_size); /* not a hard error in the context of sodium_malloc() */ canary_ptr = unprotected_ptr + _page_round(size_with_canary) - size_with_canary; user_ptr = canary_ptr + sizeof canary; @@ -684,7 +686,7 @@ sodium_free(void *ptr) _out_of_bounds(); } # endif - sodium_munlock(unprotected_ptr, unprotected_size); + (void) sodium_munlock(unprotected_ptr, unprotected_size); _free_aligned(base_ptr, total_size); } #endif /* HAVE_ALIGNED_MALLOC */ diff --git a/deps/libsodium/test/default/Makefile.am b/deps/libsodium/test/default/Makefile.am index 12aa7eb4..d319160d 100644 --- a/deps/libsodium/test/default/Makefile.am +++ b/deps/libsodium/test/default/Makefile.am @@ -1,5 +1,6 @@ EXTRA_DIST = \ + run.sh \ cmptest.h \ wasi-test-wrapper.sh \ wintest.bat \ diff --git a/deps/libsodium/test/default/Makefile.in b/deps/libsodium/test/default/Makefile.in index a3be3f37..c86f35dd 100644 --- a/deps/libsodium/test/default/Makefile.in +++ b/deps/libsodium/test/default/Makefile.in @@ -901,6 +901,7 @@ top_srcdir = @top_srcdir@ valgrind_enabled_tools = @valgrind_enabled_tools@ valgrind_tools = @valgrind_tools@ EXTRA_DIST = \ + run.sh \ cmptest.h \ wasi-test-wrapper.sh \ wintest.bat \ diff --git a/deps/libsodium/test/default/aead_aes256gcm.c b/deps/libsodium/test/default/aead_aes256gcm.c index 1f83fdc0..8165d531 100644 --- a/deps/libsodium/test/default/aead_aes256gcm.c +++ b/deps/libsodium/test/default/aead_aes256gcm.c @@ -3081,6 +3081,7 @@ tv(void) { unsigned char *ad; unsigned char *ciphertext; + unsigned char *ciphertext2; unsigned char *decrypted; unsigned char *detached_ciphertext; unsigned char *expected_ciphertext; @@ -3210,6 +3211,32 @@ tv(void) printf("Incorrect decryption of test vector #%u\n", (unsigned int) i); } + ciphertext2 = (unsigned char *) sodium_malloc(ciphertext_len); + crypto_aead_aes256gcm_encrypt(ciphertext, &found_ciphertext_len, message, + message_len, ad, ad_len, NULL, nonce, key); + assert(found_ciphertext_len == ciphertext_len); + memcpy(ciphertext2, message, message_len); + crypto_aead_aes256gcm_encrypt(ciphertext2, &found_ciphertext_len, + ciphertext2, message_len, ad, ad_len, NULL, + nonce, key); + assert(found_ciphertext_len == ciphertext_len); + assert(memcmp(ciphertext, ciphertext2, ciphertext_len) == 0); + if (crypto_aead_aes256gcm_decrypt(ciphertext2, &found_message_len, NULL, + ciphertext2, ciphertext_len, ad, ad_len, + nonce, key) != 0) { + printf("In-place decryption of vector #%u failed\n", (unsigned int) i); + } + assert(found_message_len == message_len); + assert(memcmp(ciphertext2, message, message_len) == 0); + if (crypto_aead_aes256gcm_decrypt(message, &found_message_len, NULL, + ciphertext, ciphertext_len, ad, ad_len, + nonce, key) != 0) { + printf("Decryption of vector #%u failed\n", (unsigned int) i); + } + assert(found_message_len == message_len); + assert(memcmp(ciphertext2, message, message_len) == 0); + + sodium_free(ciphertext2); sodium_free(message); sodium_free(ad); sodium_free(expected_ciphertext); @@ -3225,11 +3252,54 @@ tv(void) return 0; } +static int +tv2(void) +{ + unsigned char *ciphertext; + unsigned char *message; + unsigned char *message2; + unsigned char *nonce; + unsigned char *key; + size_t message_len; + size_t ciphertext_len; + int i; + + for (i = 0; i < 250; i++) { + message_len = randombytes_uniform(1000); + ciphertext_len = message_len + crypto_aead_aes256gcm_ABYTES; + message = (unsigned char *) sodium_malloc(message_len); + message2 = (unsigned char *) sodium_malloc(message_len); + ciphertext = (unsigned char *) sodium_malloc(ciphertext_len); + nonce = (unsigned char *) sodium_malloc(crypto_aead_aes256gcm_NPUBBYTES); + key = (unsigned char *) sodium_malloc(crypto_aead_aes256gcm_KEYBYTES); + + crypto_aead_aes256gcm_keygen(key); + randombytes_buf(nonce, crypto_aead_aes256gcm_NPUBBYTES); + randombytes_buf(message, message_len); + crypto_aead_aes256gcm_encrypt(ciphertext, NULL, message, message_len, + NULL, 0, NULL, nonce, key); + if (crypto_aead_aes256gcm_decrypt(message2, NULL, NULL, + ciphertext, ciphertext_len, + NULL, 0, nonce, key) != 0) { + printf("Decryption of random ciphertext failed"); + } + assert(message_len == 0 || memcmp(message, message2, message_len) == 0); + sodium_free(key); + sodium_free(nonce); + sodium_free(ciphertext); + sodium_free(message2); + sodium_free(message); + } + + return 0; +} + int main(void) { if (crypto_aead_aes256gcm_is_available()) { tv(); + tv2(); } assert(crypto_aead_aes256gcm_keybytes() == crypto_aead_aes256gcm_KEYBYTES); assert(crypto_aead_aes256gcm_nsecbytes() == crypto_aead_aes256gcm_NSECBYTES); diff --git a/deps/libsodium/test/default/cmptest.h b/deps/libsodium/test/default/cmptest.h index b1261bdb..54a02070 100644 --- a/deps/libsodium/test/default/cmptest.h +++ b/deps/libsodium/test/default/cmptest.h @@ -118,16 +118,23 @@ static int mempool_free_all(void) static unsigned long long now(void) { - struct timeval tp; - unsigned long long now; +#if defined(HAVE_CLOCK_GETTIME) && defined(CLOCK_MONOTONIC) + struct timespec tp; + + if (clock_gettime(CLOCK_MONOTONIC, &tp) != 0) { + abort(); + } + return (unsigned long long) tp.tv_sec * 1000000ULL + + (unsigned long long) tp.tv_nsec / 1000ULL; +#else + struct timeval tp; if (gettimeofday(&tp, NULL) != 0) { abort(); } - now = ((unsigned long long) tp.tv_sec * 1000000ULL) + + return (unsigned long long) tp.tv_sec * 1000000ULL + (unsigned long long) tp.tv_usec; - - return now; +#endif } int main(void) diff --git a/deps/libsodium/test/default/misuse.c b/deps/libsodium/test/default/misuse.c index 407d526f..93a6b0eb 100644 --- a/deps/libsodium/test/default/misuse.c +++ b/deps/libsodium/test/default/misuse.c @@ -4,12 +4,15 @@ #ifdef HAVE_CATCHABLE_ABRT # include +#ifndef _WIN32 +# include +#endif static void sigabrt_handler_15(int sig) { (void) sig; - exit(0); + _exit(0); } # ifndef SODIUM_LIBRARY_MINIMAL @@ -21,7 +24,7 @@ sigabrt_handler_14(int sig) assert(crypto_box_curve25519xchacha20poly1305_easy (guard_page, guard_page, crypto_stream_xchacha20_MESSAGEBYTES_MAX - 1, guard_page, guard_page, guard_page) == -1); - exit(1); + _exit(1); } static void @@ -32,7 +35,7 @@ sigabrt_handler_13(int sig) assert(crypto_box_curve25519xchacha20poly1305_easy_afternm (guard_page, guard_page, crypto_stream_xchacha20_MESSAGEBYTES_MAX - 1, guard_page, guard_page) == -1); - exit(1); + _exit(1); } # endif @@ -47,7 +50,7 @@ sigabrt_handler_12(int sig) # endif assert(crypto_pwhash_str_alg((char *) guard_page, "", 0U, 1U, 1U, -1) == -1); - exit(1); + _exit(1); } static void @@ -58,7 +61,7 @@ sigabrt_handler_11(int sig) assert(crypto_box_easy(guard_page, guard_page, crypto_stream_xsalsa20_MESSAGEBYTES_MAX, guard_page, guard_page, guard_page) == -1); - exit(1); + _exit(1); } static void @@ -69,7 +72,7 @@ sigabrt_handler_10(int sig) assert(crypto_box_easy_afternm(guard_page, guard_page, crypto_stream_xsalsa20_MESSAGEBYTES_MAX, guard_page, guard_page) == -1); - exit(1); + _exit(1); } static void @@ -79,7 +82,7 @@ sigabrt_handler_9(int sig) signal(SIGABRT, sigabrt_handler_10); assert(sodium_base642bin(guard_page, 1, (const char *) guard_page, 1, NULL, NULL, NULL, -1) == -1); - exit(1); + _exit(1); } static void @@ -89,7 +92,7 @@ sigabrt_handler_8(int sig) signal(SIGABRT, sigabrt_handler_9); assert(sodium_bin2base64((char *) guard_page, 1, guard_page, 1, sodium_base64_VARIANT_ORIGINAL) == NULL); - exit(1); + _exit(1); } static void @@ -99,7 +102,7 @@ sigabrt_handler_7(int sig) signal(SIGABRT, sigabrt_handler_8); assert(sodium_bin2base64((char *) guard_page, 1, guard_page, 1, -1) == NULL); - exit(1); + _exit(1); } static void @@ -108,7 +111,7 @@ sigabrt_handler_6(int sig) (void) sig; signal(SIGABRT, sigabrt_handler_7); assert(sodium_pad(NULL, guard_page, SIZE_MAX, 16, 1) == -1); - exit(1); + _exit(1); } static void @@ -119,7 +122,7 @@ sigabrt_handler_5(int sig) assert(crypto_aead_xchacha20poly1305_ietf_encrypt(guard_page, NULL, NULL, UINT64_MAX, NULL, 0, NULL, guard_page, guard_page) == -1); - exit(1); + _exit(1); } static void @@ -130,7 +133,7 @@ sigabrt_handler_4(int sig) assert(crypto_aead_chacha20poly1305_ietf_encrypt(guard_page, NULL, NULL, UINT64_MAX, NULL, 0, NULL, guard_page, guard_page) == -1); - exit(1); + _exit(1); } static void @@ -141,7 +144,7 @@ sigabrt_handler_3(int sig) assert(crypto_aead_chacha20poly1305_encrypt(guard_page, NULL, NULL, UINT64_MAX, NULL, 0, NULL, guard_page, guard_page) == -1); - exit(1); + _exit(1); } static void @@ -154,7 +157,7 @@ sigabrt_handler_2(int sig) #else abort(); #endif - exit(1); + _exit(1); } static void @@ -164,7 +167,7 @@ sigabrt_handler_1(int sig) signal(SIGABRT, sigabrt_handler_2); assert(crypto_kx_server_session_keys(NULL, NULL, guard_page, guard_page, guard_page) == -1); - exit(1); + _exit(1); } int diff --git a/deps/libsodium/test/default/pwhash_argon2i.c b/deps/libsodium/test/default/pwhash_argon2i.c index 3e1195e1..d3aaba13 100644 --- a/deps/libsodium/test/default/pwhash_argon2i.c +++ b/deps/libsodium/test/default/pwhash_argon2i.c @@ -290,10 +290,24 @@ str_tests(void) -1) { printf("pwhash_str() with a small opslimit should have failed\n"); } - if (crypto_pwhash_argon2i_str_verify("$argon2i$m=65536,t=2,p=1c29tZXNhbHQ" - "$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ", - "password", 0x100000000ULL) != -1) { - printf("pwhash_str_verify(invalid(0)) failure\n"); + { + const char *str_in_ = "$argon2i$m=65536,t=2,p=1c29tZXNhbHQ" + "$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ"; + char *str_in = (char *) sodium_malloc(strlen(str_in_) + 1U); + + const char *password_in_ = "password"; + char *password_in = (char *) sodium_malloc(strlen(password_in_) + 1U); + + memcpy(str_in, str_in_, strlen(str_in_) + 1U); + memcpy(password_in, password_in_, strlen(password_in_) + 1U); + + if (crypto_pwhash_argon2i_str_verify(str_in, password_in, + 0x100000000ULL) != -1) { + printf("pwhash_str_verify(invalid(0)) failure\n"); + } + + sodium_free(password_in); + sodium_free(str_in); } if (crypto_pwhash_argon2i_str_verify("$argon2i$m=65536,t=2,p=1c29tZXNhbHQ" "$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ", diff --git a/deps/libsodium/test/default/pwhash_argon2id.c b/deps/libsodium/test/default/pwhash_argon2id.c index 95463492..8e9db044 100644 --- a/deps/libsodium/test/default/pwhash_argon2id.c +++ b/deps/libsodium/test/default/pwhash_argon2id.c @@ -304,10 +304,24 @@ str_tests(void) if (crypto_pwhash_str(str_out2, passwd, strlen(passwd), 0, MEMLIMIT) != -1) { printf("pwhash_argon2id_str() with a null opslimit should have failed\n"); } - if (crypto_pwhash_str_verify("$argon2id$m=65536,t=2,p=1c29tZXNhbHQ" - "$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ", - "password", 0x100000000ULL) != -1) { - printf("pwhash_str_verify(invalid(0)) failure\n"); + { + const char *str_in_ ="$argon2id$m=65536,t=2,p=1c29tZXNhbHQ" + "$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ"; + char *str_in = (char *) sodium_malloc(strlen(str_in_) + 1U); + + const char *password_in_ = "password"; + char *password_in = (char *) sodium_malloc(strlen(password_in_) + 1U); + + memcpy(str_in, str_in_, strlen(str_in_) + 1U); + memcpy(password_in, password_in_, strlen(password_in_) + 1U); + + if (crypto_pwhash_argon2i_str_verify(str_in, password_in, + 0x100000000ULL) != -1) { + printf("pwhash_str_verify(invalid(0)) failure\n"); + } + + sodium_free(password_in); + sodium_free(str_in); } if (crypto_pwhash_str_verify("$argon2id$m=65536,t=2,p=1c29tZXNhbHQ" "$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ", diff --git a/deps/libsodium/test/default/run.sh b/deps/libsodium/test/default/run.sh new file mode 100755 index 00000000..91e43778 --- /dev/null +++ b/deps/libsodium/test/default/run.sh @@ -0,0 +1,9 @@ +#! /bin/sh + +find . -type f -perm -100 -print | grep -v run.sh | sort | while read -r x; do + echo "[$x]" + if ! "$x"; then + echo "*** [$x] FAILED" >&2 + exit 1 + fi +done diff --git a/deps/libsodium/test/default/sodium_core.c b/deps/libsodium/test/default/sodium_core.c index a3985b0e..c8eeb2ba 100644 --- a/deps/libsodium/test/default/sodium_core.c +++ b/deps/libsodium/test/default/sodium_core.c @@ -31,11 +31,11 @@ main(void) (void) sodium_runtime_has_rdrand(); sodium_set_misuse_handler(misuse_handler); -#ifndef __EMSCRIPTEN__ +#if defined(__EMSCRIPTEN__) || defined(__wasm__) || defined(BENCHMARKS) + printf("misuse_handler()\n"); +#else sodium_misuse(); printf("Misuse handler returned\n"); -#else - printf("misuse_handler()\n"); #endif return 0; diff --git a/deps/libsodium/test/default/sodium_utils2.c b/deps/libsodium/test/default/sodium_utils2.c index bd72f36c..2fef6cfe 100644 --- a/deps/libsodium/test/default/sodium_utils2.c +++ b/deps/libsodium/test/default/sodium_utils2.c @@ -6,6 +6,9 @@ #ifdef HAVE_CATCHABLE_SEGV # include #endif +#ifndef _WIN32 +# include +#endif #define TEST_NAME "sodium_utils2" #include "cmptest.h" @@ -36,7 +39,7 @@ segv_handler(int sig) signal(SIGABRT, SIG_DFL); # endif #endif - exit(0); + _exit(0); } int diff --git a/deps/libsodium/test/default/sodium_utils3.c b/deps/libsodium/test/default/sodium_utils3.c index 3bba037a..8eacc44d 100644 --- a/deps/libsodium/test/default/sodium_utils3.c +++ b/deps/libsodium/test/default/sodium_utils3.c @@ -6,6 +6,9 @@ #ifdef HAVE_CATCHABLE_SEGV # include #endif +#ifndef _WIN32 +# include +#endif #define TEST_NAME "sodium_utils3" #include "cmptest.h" @@ -32,7 +35,7 @@ segv_handler(int sig) signal(SIGABRT, SIG_DFL); # endif #endif - exit(0); + _exit(0); } int diff --git a/deps/libsodium/test/default/wasi-test-wrapper.sh b/deps/libsodium/test/default/wasi-test-wrapper.sh index 5b77967e..9835c75f 100755 --- a/deps/libsodium/test/default/wasi-test-wrapper.sh +++ b/deps/libsodium/test/default/wasi-test-wrapper.sh @@ -1,7 +1,5 @@ #! /bin/sh -MAX_MEMORY_TESTS="67108864" - unset LDFLAGS unset CFLAGS @@ -9,36 +7,6 @@ if command -v wasm-opt >/dev/null; then wasm-opt -O4 -o "${1}.tmp" "$1" && mv -f "${1}.tmp" "$1" fi -if [ -z "$WASI_RUNTIME" ] || [ "$WASI_RUNTIME" = "wavm" ]; then - if command -v wavm >/dev/null; then - wavm run --abi=wasi "$1" && exit 0 - fi -fi - -if [ -z "$WASI_RUNTIME" ] || [ "$WASI_RUNTIME" = "wasmtime" ]; then - if command -v wasmtime >/dev/null; then - wasmtime run --dir=. "$1" && exit 0 - fi -fi - -if [ -z "$WASI_RUNTIME" ] || [ "$WASI_RUNTIME" = "wasmer" ]; then - if command -v wasmer >/dev/null; then - wasmer run "$1" "--${WASMER_BACKEND:-cranelift}" --dir=. && exit 0 - fi -fi - -if [ -z "$WASI_RUNTIME" ] || [ "$WASI_RUNTIME" = "wasm3" ]; then - if command -v wasm3 >/dev/null; then - wasm3 "$1" && exit 0 - fi -fi - -if [ -z "$WASI_RUNTIME" ] || [ "$WASI_RUNTIME" = "iwasm" ]; then - if iwasm | grep -qi wasi >/dev/null 2>&1; then - iwasm "$1" && exit 0 - fi -fi - if [ -z "$WASI_RUNTIME" ] || [ "$WASI_RUNTIME" = "wasmedge" ]; then if command -v wasmedgec >/dev/null && command -v wasmedge >/dev/null; then wasmedgec "$1" "${1}.so" && @@ -48,22 +16,84 @@ if [ -z "$WASI_RUNTIME" ] || [ "$WASI_RUNTIME" = "wasmedge" ]; then fi fi +if [ -z "$WASI_RUNTIME" ] || [ "$WASI_RUNTIME" = "wasmer" ]; then + if command -v wasmer >/dev/null; then + wasmer run "$1" "--${WASMER_BACKEND:-cranelift}" --dir=. && exit 0 + fi +fi + +if [ -z "$WASI_RUNTIME" ] || [ "$WASI_RUNTIME" = "wasmtime" ]; then + if command -v wasmtime >/dev/null; then + wasmtime run --dir=. "$1" && exit 0 + fi +fi + +if [ -z "$WASI_RUNTIME" ] || [ "$WASI_RUNTIME" = "wavm" ]; then + if command -v wavm >/dev/null; then + wavm run --abi=wasi "$1" && exit 0 + fi +fi + +if [ -z "$WASI_RUNTIME" ] || [ "$WASI_RUNTIME" = "bun" ]; then + if echo | bun help >/dev/null 2>&1; then + { + echo "import fs from 'fs'; import { init, WASI } from '@wasmer/wasi';" + echo "await init();" + echo "const wasi = new WASI({args: process.argv, env: process.env, preopens: {'.':'/'}});" + echo "await (async function() {" + echo " const wasm = await WebAssembly.compile(fs.readFileSync('${1}'));" + echo " await wasi.instantiate(wasm, {});" + echo " wasi.start();" + echo " console.log(wasi.getStdoutString());" + echo "})().catch(e => { console.error(e); process.exit(1); });" + } >"${1}.mjs" + bun run "${1}.mjs" 2>/tmp/err && + rm -f "${1}.mjs" && exit 0 + fi +fi + if [ -z "$WASI_RUNTIME" ] || [ "$WASI_RUNTIME" = "node" ]; then if echo | node --experimental-wasi-unstable-preview1 >/dev/null 2>&1; then { echo "import fs from 'fs'; import { WASI } from 'wasi';" echo "const wasi = new WASI({args: process.argv, env: process.env, preopens: {'.':'.'}});" echo "const importObject = { wasi_snapshot_preview1: wasi.wasiImport };" - echo "const wasm = await WebAssembly.compile(fs.readFileSync('${1}'));" - echo "const instance = await WebAssembly.instantiate(wasm, importObject);" - echo "wasi.start(instance);" + echo "await (async function() {" + echo " const wasm = await WebAssembly.compile(fs.readFileSync('${1}'));" + echo " const instance = await WebAssembly.instantiate(wasm, importObject);" + echo " wasi.start(instance);" + echo "})().catch(e => { console.error(e); process.exit(1); });" } >"${1}.mjs" - cat "${1}.mjs" >/tmp/a - node --experimental-wasi-unstable-preview1 "${1}.mjs" 2>/tmp/err && + node --experimental-wasm-bigint --experimental-wasi-unstable-preview1 "${1}.mjs" 2>/tmp/err && rm -f "${1}.mjs" && exit 0 fi fi +if [ -z "$WASI_RUNTIME" ] || [ "$WASI_RUNTIME" = "wasm3" ]; then + if command -v wasm3 >/dev/null; then + wasm3 "$1" && exit 0 + fi +fi + +if [ -z "$WASI_RUNTIME" ] || [ "$WASI_RUNTIME" = "iwasm" ]; then + if command -v iwasm >/dev/null; then + if iwasm | grep -qi wasi >/dev/null 2>&1; then + if wamrc --version; then + wamrc -o "${1}.o" "$1" >/dev/null && + iwasm --dir=. "${1}.o" && exit 0 + else + iwasm --dir=. "$1" && exit 0 + fi + fi + fi +fi + +if [ -z "$WASI_RUNTIME" ] || [ "$WASI_RUNTIME" = "wazero" ]; then + if command -v wazero >/dev/null; then + wazero run -mount .:/ "$1" && exit 0 + fi +fi + if [ -z "$WASI_RUNTIME" ] || [ "$WASI_RUNTIME" = "wasmer-js" ]; then if command -v wasmer-js >/dev/null; then wasmer-js run "$1" --dir=. && exit 0