| Age | Commit message (Collapse) | Author |
|---|
|
* SHA-3/SHAKE use little endian for certain things, so byteswap as
needed.
* The code was written under the assumption that unaligned access to
quadwords is allowed, which isn't true particularly on non-Intel.
|
|
Yes, we could cast to unsigned char first, but it's probably safest
to just use our own (in test_util), or remove bad-idea features that
we don't use (in readpassphrase.c).
Fixes 18728.
|
|
|
|
|
|
|
|
|
|
This is where things get tor specific. It's just replacing stdint.h
and memset_s with the tor compat code so going back is trivial...
|
|
The digest routines use init/update/sum, where sum will automatically
copy the internal state to support calculating running digests.
The XOF routines use init/absorb/squeeze, which behave exactly as stated
on the tin.
|
|
As of commit: 64b6647514212b76ae7bca0dea9b7b197d1d8186
|
|
This patch was generated using;
sed -i -e "s/\bINLINE\b/inline/" src/*/*.[ch] src/*/*/*.[ch]
|
|
|
|
(before using it for anything besides feeding the PRNG)
Part of #17694
|
|
always null terminates and returns -1 if result is truncated.
|
|
Code cribbed from Andrew Moon's Public Domain SipHash-2-4
implementation (which IMO is also cleaner).
Fixes bug 17544.
|
|
This removes a comment presumably introduced for debugging that was left
in accidentally. Bug not in any released version of Tor. Fixes bug
17092.
|
|
Apparently this only happens with clang (or with some particular
clang versions), and only on i386.
Fixes 16970; bug not in any released Tor.
Found by Teor; fix from Yawning.
|
|
|
|
|
|
This should fix the x86 build, since variables that require 16 byte
alignment will now actually be 16 byte aligned.
|
|
This probably requires the user to manually set CFLAGS, but should
result in a net gain on 32 bit x86. Enabling SSE2 support would be
possible on x86_64, but will result in slower performance.
Implements feature #16535.
|
|
The code was always in our Ed25519 wrappers, so enable it when using
the ed25519-donna backend, and deal with the mocking related
crypto_rand silliness.
Implements feature 16533.
|
|
The only reason 16 byte alignment is required is for SSE2 load and
store operations, so only align datastructures to 16 byte boundaries
when building with SSE2 support.
This fixes builds with GCC SSP on platforms that don't have special
case code to do dynamic stack re-alignment (everything not x86/x86_64).
Fixes bug #16666.
|
|
|
|
|
|
|
|
|
|
This was causing a false positive on our arm builders.
|
|
|
|
This needs to be done to allow for the possibility of removing the
ref10 code at a later date, though it is not performance critical.
When integrated by kludging it into tor, it passes unit tests, and is
twice as fast.
|
|
Integrating it the "wrong" way into common/crypto_ed25519.c passes
`make check`, and there appear to be some known answer tests for this,
so I assume I got it right.
Blinding a public key goes from 139.10 usec to 70.78 usec using
ed25519-donna (NB: Turboboost/phase of moon), though the code isn't
critical path, so supporting it is mostly done for completeness.
|
|
Integrate ed25519-donna into the build process, and provide an
interface that matches the `ref10` code. Apart from the blinding and
Curve25519 key conversion, this functions as a drop-in replacement for
ref10 (verified by modifying crypto_ed25519.c).
Tests pass, and the benchmarks claim it is quite a bit faster, however
actually using the code requires additional integration work.
|
|
This is a clean copy of ed25519-donna as of commit:
8757bd4cd209cb032853ece0ce413f122eef212c
https://github.com/floodyberry/ed25519-donna
|
|
|
|
|
|
This way glibc users don't have to fall back to getpass.
Windows users are still out of luck
|
|
This is taken verbatim from openssh 6.8p1, which appears to have
lightly tweaked it from the openbsd version.
|
|
This gets the minor change in trunnel 1.4.1, which should avoid
deadcode warnings from Coverity.
|
|
|
|
|
|
The compiler is allowed to assume that a "uint64_t *" is aligned
correctly, and will inline a version of memcpy that acts as such.
Use "uint8_t *", so the compiler does the right thing.
|
|
The paths are already in the directory search path of the compiler therefore no
need to include them in the source code.
|
|
CID 1064418
|
|
(patch from sysrqb)
|
|
|
|
|
|
Part of fix for 13172
|
|
This is meant to prevent memory corruption bugs from doing
unspeakable infinite-loop-like things to the hashtables. Addresses
ticket 11737. We should disable these if they turn out to be
expensive.
|
|
|
|
Silence clang warnings under --enable-expensive-hardening, including:
+ implicit truncation of 64 bit values to 32 bit;
+ const char assignment to self;
+ tautological compare; and
+ additional parentheses around equality tests. (gcc uses these to
silence assignment, so clang warns when they're present in an
equality test. But we need to use extra parentheses in macros to
isolate them from other code).
|
|
Because in 95 years, we or our successors will surely care about
enforcing the BSD license terms on this code. Right?
|
