Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Hi Release Team,
Please consider unblocking libsodium/1.0.1-1 despite being a new,
bugfix only upstream release. Its changelog[1] says:
-- cut --
* DLL_EXPORT was renamed SODIUM_DLL_EXPORT in order to avoid
collisions with similar macros defined by other libraries.
* sodium_bin2hex() is now constant-time.
* crypto_secretbox_detached() now supports overlapping input and
output regions.
* NaCl's donna_c64 implementation of curve25519 was reading an
extra byte past the end of the buffer containing the base point.
This has been fixed.
-- cut --
The first one is not to clash with Wine and others. Constant time
function prevents an attacker to get a closer idea what the input was in
a normal use call. Third is to prevent memory corruptions if input and
output regions overlap. The last one is clearly a buffer over-read
security fix.
As libsodium is a network communication cryptography and signaturing
library, I think these fixes are a should have for Jessie.
Source diff is attached.
Thanks,
Laszlo/GCS
unblock libsodium/1.0.1-1
[1] https://github.com/jedisct1/libsodium/releases/tag/1.0.1
diff -Nur libsodium-1.0.0/src/libsodium/crypto_generichash/blake2/ref/blake2.h libsodium-1.0.1/src/libsodium/crypto_generichash/blake2/ref/blake2.h
--- libsodium-1.0.0/src/libsodium/crypto_generichash/blake2/ref/blake2.h 2014-09-30 18:35:31.000000000 +0000
+++ libsodium-1.0.1/src/libsodium/crypto_generichash/blake2/ref/blake2.h 2014-10-11 02:22:04.000000000 +0000
@@ -11,8 +11,8 @@
this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
*/
-#ifndef __BLAKE2_H__
-#define __BLAKE2_H__
+#ifndef blake2_H
+#define blake2_H
#include <stddef.h>
#include <stdint.h>
@@ -58,7 +58,7 @@
};
#pragma pack(push, 1)
- typedef struct __blake2s_param
+ typedef struct blake2s_param_
{
uint8_t digest_length; // 1
uint8_t key_length; // 2
@@ -73,7 +73,7 @@
uint8_t personal[BLAKE2S_PERSONALBYTES]; // 32
} blake2s_param;
- ALIGN( 64 ) typedef struct __blake2s_state
+ ALIGN( 64 ) typedef struct blake2s_state_
{
uint32_t h[8];
uint32_t t[2];
@@ -83,7 +83,7 @@
uint8_t last_node;
} blake2s_state ;
- typedef struct __blake2b_param
+ typedef struct blake2b_param_
{
uint8_t digest_length; // 1
uint8_t key_length; // 2
@@ -101,7 +101,7 @@
#ifndef DEFINE_BLAKE2B_STATE
typedef crypto_generichash_blake2b_state blake2b_state;
#else
- ALIGN( 64 ) typedef struct __blake2b_state
+ ALIGN( 64 ) typedef struct blake2b_state_
{
uint64_t h[8];
uint64_t t[2];
@@ -112,7 +112,7 @@
} blake2b_state;
#endif
- typedef struct __blake2sp_state
+ typedef struct blake2sp_state_
{
blake2s_state S[8][1];
blake2s_state R[1];
@@ -120,7 +120,7 @@
size_t buflen;
} blake2sp_state;
- typedef struct __blake2bp_state
+ typedef struct blake2bp_state_
{
blake2b_state S[4][1];
blake2b_state R[1];
diff -Nur libsodium-1.0.0/src/libsodium/crypto_generichash/blake2/ref/blake2-impl.h libsodium-1.0.1/src/libsodium/crypto_generichash/blake2/ref/blake2-impl.h
--- libsodium-1.0.0/src/libsodium/crypto_generichash/blake2/ref/blake2-impl.h 2014-09-30 18:35:31.000000000 +0000
+++ libsodium-1.0.1/src/libsodium/crypto_generichash/blake2/ref/blake2-impl.h 2014-10-11 02:22:04.000000000 +0000
@@ -11,8 +11,8 @@
this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
*/
-#ifndef __BLAKE2_IMPL_H__
-#define __BLAKE2_IMPL_H__
+#ifndef blake2_impl_H
+#define blake2_impl_H
#include <stdint.h>
#include <string.h>
diff -Nur libsodium-1.0.0/src/libsodium/crypto_onetimeauth/poly1305/donna/auth_poly1305_donna.c libsodium-1.0.1/src/libsodium/crypto_onetimeauth/poly1305/donna/auth_poly1305_donna.c
--- libsodium-1.0.0/src/libsodium/crypto_onetimeauth/poly1305/donna/auth_poly1305_donna.c 2014-09-30 18:35:31.000000000 +0000
+++ libsodium-1.0.1/src/libsodium/crypto_onetimeauth/poly1305/donna/auth_poly1305_donna.c 2014-10-11 02:22:04.000000000 +0000
@@ -96,10 +96,10 @@
struct crypto_onetimeauth_poly1305_implementation
crypto_onetimeauth_poly1305_donna_implementation = {
- _SODIUM_C99(.implementation_name =) crypto_onetimeauth_poly1305_donna_implementation_name,
- _SODIUM_C99(.onetimeauth =) crypto_onetimeauth_poly1305_donna,
- _SODIUM_C99(.onetimeauth_verify =) crypto_onetimeauth_poly1305_donna_verify,
- _SODIUM_C99(.onetimeauth_init =) crypto_onetimeauth_poly1305_donna_init,
- _SODIUM_C99(.onetimeauth_update =) crypto_onetimeauth_poly1305_donna_update,
- _SODIUM_C99(.onetimeauth_final =) crypto_onetimeauth_poly1305_donna_final
+ SODIUM_C99(.implementation_name =) crypto_onetimeauth_poly1305_donna_implementation_name,
+ SODIUM_C99(.onetimeauth =) crypto_onetimeauth_poly1305_donna,
+ SODIUM_C99(.onetimeauth_verify =) crypto_onetimeauth_poly1305_donna_verify,
+ SODIUM_C99(.onetimeauth_init =) crypto_onetimeauth_poly1305_donna_init,
+ SODIUM_C99(.onetimeauth_update =) crypto_onetimeauth_poly1305_donna_update,
+ SODIUM_C99(.onetimeauth_final =) crypto_onetimeauth_poly1305_donna_final
};
diff -Nur libsodium-1.0.0/src/libsodium/crypto_onetimeauth/poly1305/donna/poly1305_donna.h libsodium-1.0.1/src/libsodium/crypto_onetimeauth/poly1305/donna/poly1305_donna.h
--- libsodium-1.0.0/src/libsodium/crypto_onetimeauth/poly1305/donna/poly1305_donna.h 2014-09-30 18:35:31.000000000 +0000
+++ libsodium-1.0.1/src/libsodium/crypto_onetimeauth/poly1305/donna/poly1305_donna.h 2014-10-11 02:22:04.000000000 +0000
@@ -1,5 +1,5 @@
-#ifndef __POLY1305_DONNA_H__
-#define __POLY1305_DONNA_H__
+#ifndef poly1305_donna_H
+#define poly1305_donna_H
#include <stddef.h>
diff -Nur libsodium-1.0.0/src/libsodium/crypto_pwhash/scryptsalsa208sha256/crypto_scrypt-common.c libsodium-1.0.1/src/libsodium/crypto_pwhash/scryptsalsa208sha256/crypto_scrypt-common.c
--- libsodium-1.0.0/src/libsodium/crypto_pwhash/scryptsalsa208sha256/crypto_scrypt-common.c 2014-09-30 18:35:31.000000000 +0000
+++ libsodium-1.0.1/src/libsodium/crypto_pwhash/scryptsalsa208sha256/crypto_scrypt-common.c 2014-10-29 15:38:00.000000000 +0000
@@ -75,7 +75,7 @@
const char *ptr = strchr(itoa64, src);
if (ptr) {
- *dst = ptr - itoa64;
+ *dst = (uint32_t) (ptr - itoa64);
return 0;
}
*dst = 0;
diff -Nur libsodium-1.0.0/src/libsodium/crypto_pwhash/scryptsalsa208sha256/crypto_scrypt.h libsodium-1.0.1/src/libsodium/crypto_pwhash/scryptsalsa208sha256/crypto_scrypt.h
--- libsodium-1.0.0/src/libsodium/crypto_pwhash/scryptsalsa208sha256/crypto_scrypt.h 2014-09-30 18:35:31.000000000 +0000
+++ libsodium-1.0.1/src/libsodium/crypto_pwhash/scryptsalsa208sha256/crypto_scrypt.h 2014-10-11 02:22:04.000000000 +0000
@@ -27,8 +27,8 @@
* This file was originally written by Colin Percival as part of the Tarsnap
* online backup system.
*/
-#ifndef _CRYPTO_SCRYPT_H_
-#define _CRYPTO_SCRYPT_H_
+#ifndef crypto_scrypt_H
+#define crypto_scrypt_H
#include <stdint.h>
diff -Nur libsodium-1.0.0/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pbkdf2-sha256.h libsodium-1.0.1/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pbkdf2-sha256.h
--- libsodium-1.0.0/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pbkdf2-sha256.h 2014-09-30 18:35:31.000000000 +0000
+++ libsodium-1.0.1/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pbkdf2-sha256.h 2014-10-11 02:22:04.000000000 +0000
@@ -25,8 +25,8 @@
*
*/
-#ifndef _SHA256_H_
-#define _SHA256_H_
+#ifndef pbkdf2_sha256_H
+#define pbkdf2_sha256_H
#include <sys/types.h>
diff -Nur libsodium-1.0.0/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pwhash_scryptsalsa208sha256.c libsodium-1.0.1/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pwhash_scryptsalsa208sha256.c
--- libsodium-1.0.0/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pwhash_scryptsalsa208sha256.c 2014-09-30 18:35:31.000000000 +0000
+++ libsodium-1.0.1/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pwhash_scryptsalsa208sha256.c 2014-11-20 21:24:16.000000000 +0000
@@ -34,7 +34,7 @@
}
}
} else {
- maxN = memlimit / (*r * 128);
+ maxN = memlimit / ((size_t) *r * 128);
for (*N_log2 = 1; *N_log2 < 63; *N_log2 += 1) {
if ((uint64_t) (1) << *N_log2 > maxN / 2) {
break;
diff -Nur libsodium-1.0.0/src/libsodium/crypto_pwhash/scryptsalsa208sha256/sse/pwhash_scryptsalsa208sha256_sse.c libsodium-1.0.1/src/libsodium/crypto_pwhash/scryptsalsa208sha256/sse/pwhash_scryptsalsa208sha256_sse.c
--- libsodium-1.0.0/src/libsodium/crypto_pwhash/scryptsalsa208sha256/sse/pwhash_scryptsalsa208sha256_sse.c 2014-09-30 18:35:31.000000000 +0000
+++ libsodium-1.0.1/src/libsodium/crypto_pwhash/scryptsalsa208sha256/sse/pwhash_scryptsalsa208sha256_sse.c 2014-10-29 15:38:00.000000000 +0000
@@ -379,7 +379,7 @@
/* 2: for i = 0 to p - 1 do */
for (i = 0; i < p; i++) {
/* 3: B_i <-- MF(B_i, N) */
- smix(&B[(size_t)128 * i * r], r, N, V, XY);
+ smix(&B[(size_t)128 * i * r], r, (uint32_t) N, V, XY);
}
/* 5: DK <-- PBKDF2(P, B, 1, dkLen) */
diff -Nur libsodium-1.0.0/src/libsodium/crypto_pwhash/scryptsalsa208sha256/sysendian.h libsodium-1.0.1/src/libsodium/crypto_pwhash/scryptsalsa208sha256/sysendian.h
--- libsodium-1.0.0/src/libsodium/crypto_pwhash/scryptsalsa208sha256/sysendian.h 2014-09-30 18:35:31.000000000 +0000
+++ libsodium-1.0.1/src/libsodium/crypto_pwhash/scryptsalsa208sha256/sysendian.h 2014-10-11 02:22:04.000000000 +0000
@@ -1,5 +1,5 @@
-#ifndef _SYSENDIAN_H_
-#define _SYSENDIAN_H_
+#ifndef sysendian_H
+#define sysendian_H
#include <stdint.h>
diff -Nur libsodium-1.0.0/src/libsodium/crypto_scalarmult/curve25519/donna_c64/smult_curve25519_donna_c64.c libsodium-1.0.1/src/libsodium/crypto_scalarmult/curve25519/donna_c64/smult_curve25519_donna_c64.c
--- libsodium-1.0.0/src/libsodium/crypto_scalarmult/curve25519/donna_c64/smult_curve25519_donna_c64.c 2014-09-30 18:35:31.000000000 +0000
+++ libsodium-1.0.1/src/libsodium/crypto_scalarmult/curve25519/donna_c64/smult_curve25519_donna_c64.c 2014-11-20 19:48:54.000000000 +0000
@@ -36,10 +36,10 @@
typedef unsigned uint128_t __attribute__((mode(TI)));
#undef force_inline
-#define force_inline inline __attribute__((always_inline))
+#define force_inline __attribute__((always_inline))
/* Sum two numbers: output += in */
-static force_inline void
+static inline void force_inline
fsum(limb *output, const limb *in) {
output[0] += in[0];
output[1] += in[1];
@@ -54,7 +54,7 @@
* Assumes that out[i] < 2**52
* On return, out[i] < 2**55
*/
-static force_inline void
+static inline void force_inline
fdifference_backwards(felem out, const felem in) {
/* 152 is 19 << 3 */
static const limb two54m152 = (((limb)1) << 54) - 152;
@@ -68,7 +68,7 @@
}
/* Multiply a number by a scalar: output = in * scalar */
-static force_inline void
+static inline void force_inline
fscalar_product(felem output, const felem in, const limb scalar) {
uint128_t a;
@@ -98,7 +98,7 @@
* Assumes that in[i] < 2**55 and likewise for in2.
* On return, output[i] < 2**52
*/
-static force_inline void
+static inline void force_inline
fmul(felem output, const felem in2, const felem in) {
uint128_t t[5];
limb r0,r1,r2,r3,r4,s0,s1,s2,s3,s4,c;
@@ -147,7 +147,7 @@
output[4] = r4;
}
-static force_inline void
+static inline void force_inline
fsquare_times(felem output, const felem in, limb count) {
uint128_t t[5];
limb r0,r1,r2,r3,r4,c;
@@ -190,43 +190,43 @@
}
#if !defined(CPU_ALIGNED_ACCESS_REQUIRED) && defined(NATIVE_LITTLE_ENDIAN)
-# define U8TO64(p) (*((const uint64_t *) (p)))
-# define U64TO8(p, v) (*((uint64_t *) (p)) = (v))
+# define load_limb(p) (*((const limb *) (p)))
+# define store_limb(p, v) (*((limb *) (p)) = (v))
#else
-static force_inline uint64_t
-U8TO64(const unsigned char *p) {
- return
- (((uint64_t)(p[0] & 0xff) ) |
- ((uint64_t)(p[1] & 0xff) << 8) |
- ((uint64_t)(p[2] & 0xff) << 16) |
- ((uint64_t)(p[3] & 0xff) << 24) |
- ((uint64_t)(p[4] & 0xff) << 32) |
- ((uint64_t)(p[5] & 0xff) << 40) |
- ((uint64_t)(p[6] & 0xff) << 48) |
- ((uint64_t)(p[7] & 0xff) << 56));
-}
-
-static force_inline void
-U64TO8(unsigned char *p, uint64_t v) {
- p[0] = (v ) & 0xff;
- p[1] = (v >> 8) & 0xff;
- p[2] = (v >> 16) & 0xff;
- p[3] = (v >> 24) & 0xff;
- p[4] = (v >> 32) & 0xff;
- p[5] = (v >> 40) & 0xff;
- p[6] = (v >> 48) & 0xff;
- p[7] = (v >> 56) & 0xff;
+static inline limb force_inline
+load_limb(const u8 *in) {
+ return
+ ((limb)in[0]) |
+ (((limb)in[1]) << 8) |
+ (((limb)in[2]) << 16) |
+ (((limb)in[3]) << 24) |
+ (((limb)in[4]) << 32) |
+ (((limb)in[5]) << 40) |
+ (((limb)in[6]) << 48) |
+ (((limb)in[7]) << 56);
+}
+
+static inline void force_inline
+store_limb(u8 *out, limb in) {
+ out[0] = in & 0xff;
+ out[1] = (in >> 8) & 0xff;
+ out[2] = (in >> 16) & 0xff;
+ out[3] = (in >> 24) & 0xff;
+ out[4] = (in >> 32) & 0xff;
+ out[5] = (in >> 40) & 0xff;
+ out[6] = (in >> 48) & 0xff;
+ out[7] = (in >> 56) & 0xff;
}
#endif
/* Take a little-endian, 32-byte number and expand it into polynomial form */
static void
fexpand(limb *output, const u8 *in) {
- output[0] = U8TO64(in) & 0x7ffffffffffff;
- output[1] = (U8TO64(in+6) >> 3) & 0x7ffffffffffff;
- output[2] = (U8TO64(in+12) >> 6) & 0x7ffffffffffff;
- output[3] = (U8TO64(in+19) >> 1) & 0x7ffffffffffff;
- output[4] = (U8TO64(in+25) >> 4) & 0x7ffffffffffff;
+ output[0] = load_limb(in) & 0x7ffffffffffff;
+ output[1] = (load_limb(in+6) >> 3) & 0x7ffffffffffff;
+ output[2] = (load_limb(in+12) >> 6) & 0x7ffffffffffff;
+ output[3] = (load_limb(in+19) >> 1) & 0x7ffffffffffff;
+ output[4] = (load_limb(in+24) >> 12) & 0x7ffffffffffff;
}
/* Take a fully reduced polynomial form number and contract it into a
@@ -281,10 +281,10 @@
t[4] += t[3] >> 51; t[3] &= 0x7ffffffffffff;
t[4] &= 0x7ffffffffffff;
- U64TO8(output, t[0] | (t[1] << 51));
- U64TO8(output + 8, (t[1] >> 13) | (t[2] << 38));
- U64TO8(output + 16, (t[2] >> 26) | (t[3] << 25));
- U64TO8(output + 24, (t[3] >> 39) | (t[4] << 12));
+ store_limb(output, t[0] | (t[1] << 51));
+ store_limb(output + 8, (t[1] >> 13) | (t[2] << 38));
+ store_limb(output + 16, (t[2] >> 26) | (t[3] << 25));
+ store_limb(output + 24, (t[3] >> 39) | (t[4] << 12));
}
/* Input: Q, Q', Q-Q'
diff -Nur libsodium-1.0.0/src/libsodium/crypto_secretbox/crypto_secretbox_easy.c libsodium-1.0.1/src/libsodium/crypto_secretbox/crypto_secretbox_easy.c
--- libsodium-1.0.0/src/libsodium/crypto_secretbox/crypto_secretbox_easy.c 2014-09-30 18:35:31.000000000 +0000
+++ libsodium-1.0.1/src/libsodium/crypto_secretbox/crypto_secretbox_easy.c 2014-10-11 02:22:04.000000000 +0000
@@ -29,6 +29,10 @@
crypto_core_hsalsa20(subkey, n, k, sigma);
+ if (c - m < mlen || c - m > -mlen) {
+ memmove(c, m, mlen);
+ m = c;
+ }
memset(block0, 0U, crypto_secretbox_ZEROBYTES);
(void) sizeof(int[64U >= crypto_secretbox_ZEROBYTES ? 1 : -1]);
mlen0 = mlen;
@@ -91,6 +95,10 @@
sodium_memzero(subkey, sizeof subkey);
return -1;
}
+ if (m - c < clen || m - c > -clen) {
+ memmove(m, c, clen);
+ c = m;
+ }
mlen0 = clen;
if (mlen0 > 64U - crypto_secretbox_ZEROBYTES) {
mlen0 = 64U - crypto_secretbox_ZEROBYTES;
diff -Nur libsodium-1.0.0/src/libsodium/crypto_sign/ed25519/description libsodium-1.0.1/src/libsodium/crypto_sign/ed25519/description
--- libsodium-1.0.0/src/libsodium/crypto_sign/ed25519/description 2014-09-30 18:35:31.000000000 +0000
+++ libsodium-1.0.1/src/libsodium/crypto_sign/ed25519/description 1970-01-01 00:00:00.000000000 +0000
@@ -1 +0,0 @@
-EdDSA signatures using Curve25519
diff -Nur libsodium-1.0.0/src/libsodium/crypto_sign/ed25519/ref10/fe_frombytes.c libsodium-1.0.1/src/libsodium/crypto_sign/ed25519/ref10/fe_frombytes.c
--- libsodium-1.0.0/src/libsodium/crypto_sign/ed25519/ref10/fe_frombytes.c 2014-09-30 18:35:31.000000000 +0000
+++ libsodium-1.0.1/src/libsodium/crypto_sign/ed25519/ref10/fe_frombytes.c 2014-10-29 15:38:00.000000000 +0000
@@ -60,14 +60,14 @@
carry6 = (h6 + (crypto_int64) (1<<25)) >> 26; h7 += carry6; h6 -= carry6 << 26;
carry8 = (h8 + (crypto_int64) (1<<25)) >> 26; h9 += carry8; h8 -= carry8 << 26;
- h[0] = h0;
- h[1] = h1;
- h[2] = h2;
- h[3] = h3;
- h[4] = h4;
- h[5] = h5;
- h[6] = h6;
- h[7] = h7;
- h[8] = h8;
- h[9] = h9;
+ h[0] = (crypto_int32) h0;
+ h[1] = (crypto_int32) h1;
+ h[2] = (crypto_int32) h2;
+ h[3] = (crypto_int32) h3;
+ h[4] = (crypto_int32) h4;
+ h[5] = (crypto_int32) h5;
+ h[6] = (crypto_int32) h6;
+ h[7] = (crypto_int32) h7;
+ h[8] = (crypto_int32) h8;
+ h[9] = (crypto_int32) h9;
}
diff -Nur libsodium-1.0.0/src/libsodium/crypto_sign/ed25519/ref10/fe_mul.c libsodium-1.0.1/src/libsodium/crypto_sign/ed25519/ref10/fe_mul.c
--- libsodium-1.0.0/src/libsodium/crypto_sign/ed25519/ref10/fe_mul.c 2014-09-30 18:35:31.000000000 +0000
+++ libsodium-1.0.1/src/libsodium/crypto_sign/ed25519/ref10/fe_mul.c 2014-10-29 15:38:00.000000000 +0000
@@ -240,14 +240,14 @@
/* |h0| <= 2^25; from now on fits into int32 unchanged */
/* |h1| <= 1.01*2^24 */
- h[0] = h0;
- h[1] = h1;
- h[2] = h2;
- h[3] = h3;
- h[4] = h4;
- h[5] = h5;
- h[6] = h6;
- h[7] = h7;
- h[8] = h8;
- h[9] = h9;
+ h[0] = (crypto_int32) h0;
+ h[1] = (crypto_int32) h1;
+ h[2] = (crypto_int32) h2;
+ h[3] = (crypto_int32) h3;
+ h[4] = (crypto_int32) h4;
+ h[5] = (crypto_int32) h5;
+ h[6] = (crypto_int32) h6;
+ h[7] = (crypto_int32) h7;
+ h[8] = (crypto_int32) h8;
+ h[9] = (crypto_int32) h9;
}
diff -Nur libsodium-1.0.0/src/libsodium/crypto_sign/ed25519/ref10/fe_sq2.c libsodium-1.0.1/src/libsodium/crypto_sign/ed25519/ref10/fe_sq2.c
--- libsodium-1.0.0/src/libsodium/crypto_sign/ed25519/ref10/fe_sq2.c 2014-09-30 18:35:31.000000000 +0000
+++ libsodium-1.0.1/src/libsodium/crypto_sign/ed25519/ref10/fe_sq2.c 2014-10-29 15:38:00.000000000 +0000
@@ -147,14 +147,14 @@
carry0 = (h0 + (crypto_int64) (1<<25)) >> 26; h1 += carry0; h0 -= carry0 << 26;
- h[0] = h0;
- h[1] = h1;
- h[2] = h2;
- h[3] = h3;
- h[4] = h4;
- h[5] = h5;
- h[6] = h6;
- h[7] = h7;
- h[8] = h8;
- h[9] = h9;
+ h[0] = (crypto_int32) h0;
+ h[1] = (crypto_int32) h1;
+ h[2] = (crypto_int32) h2;
+ h[3] = (crypto_int32) h3;
+ h[4] = (crypto_int32) h4;
+ h[5] = (crypto_int32) h5;
+ h[6] = (crypto_int32) h6;
+ h[7] = (crypto_int32) h7;
+ h[8] = (crypto_int32) h8;
+ h[9] = (crypto_int32) h9;
}
diff -Nur libsodium-1.0.0/src/libsodium/crypto_sign/ed25519/ref10/fe_sq.c libsodium-1.0.1/src/libsodium/crypto_sign/ed25519/ref10/fe_sq.c
--- libsodium-1.0.0/src/libsodium/crypto_sign/ed25519/ref10/fe_sq.c 2014-09-30 18:35:31.000000000 +0000
+++ libsodium-1.0.1/src/libsodium/crypto_sign/ed25519/ref10/fe_sq.c 2014-10-29 15:38:00.000000000 +0000
@@ -136,14 +136,14 @@
carry0 = (h0 + (crypto_int64) (1<<25)) >> 26; h1 += carry0; h0 -= carry0 << 26;
- h[0] = h0;
- h[1] = h1;
- h[2] = h2;
- h[3] = h3;
- h[4] = h4;
- h[5] = h5;
- h[6] = h6;
- h[7] = h7;
- h[8] = h8;
- h[9] = h9;
+ h[0] = (crypto_int32) h0;
+ h[1] = (crypto_int32) h1;
+ h[2] = (crypto_int32) h2;
+ h[3] = (crypto_int32) h3;
+ h[4] = (crypto_int32) h4;
+ h[5] = (crypto_int32) h5;
+ h[6] = (crypto_int32) h6;
+ h[7] = (crypto_int32) h7;
+ h[8] = (crypto_int32) h8;
+ h[9] = (crypto_int32) h9;
}
diff -Nur libsodium-1.0.0/src/libsodium/include/sodium/core.h libsodium-1.0.1/src/libsodium/include/sodium/core.h
--- libsodium-1.0.0/src/libsodium/include/sodium/core.h 2014-09-30 18:35:31.000000000 +0000
+++ libsodium-1.0.1/src/libsodium/include/sodium/core.h 2014-10-11 02:22:04.000000000 +0000
@@ -1,6 +1,6 @@
-#ifndef __SODIUM_CORE_H__
-#define __SODIUM_CORE_H__
+#ifndef sodium_core_H
+#define sodium_core_H
#include "export.h"
diff -Nur libsodium-1.0.0/src/libsodium/include/sodium/export.h libsodium-1.0.1/src/libsodium/include/sodium/export.h
--- libsodium-1.0.0/src/libsodium/include/sodium/export.h 2014-09-30 18:35:31.000000000 +0000
+++ libsodium-1.0.1/src/libsodium/include/sodium/export.h 2014-10-13 19:34:35.000000000 +0000
@@ -1,6 +1,6 @@
-#ifndef __SODIUM_EXPORT_H__
-#define __SODIUM_EXPORT_H__
+#ifndef sodium_export_H
+#define sodium_export_H
#ifndef __GNUC__
# ifdef __attribute__
@@ -13,7 +13,7 @@
# define SODIUM_EXPORT
#else
# if defined(_MSC_VER)
-# ifdef DLL_EXPORT
+# ifdef SODIUM_DLL_EXPORT
# define SODIUM_EXPORT __declspec(dllexport)
# else
# define SODIUM_EXPORT __declspec(dllimport)
diff -Nur libsodium-1.0.0/src/libsodium/include/sodium/runtime.h libsodium-1.0.1/src/libsodium/include/sodium/runtime.h
--- libsodium-1.0.0/src/libsodium/include/sodium/runtime.h 2014-09-30 18:35:31.000000000 +0000
+++ libsodium-1.0.1/src/libsodium/include/sodium/runtime.h 2014-10-11 02:22:04.000000000 +0000
@@ -1,6 +1,6 @@
-#ifndef __SODIUM_RUNTIME_H__
-#define __SODIUM_RUNTIME_H__ 1
+#ifndef sodium_runtime_H
+#define sodium_runtime_H
#include "export.h"
diff -Nur libsodium-1.0.0/src/libsodium/include/sodium/utils.h libsodium-1.0.1/src/libsodium/include/sodium/utils.h
--- libsodium-1.0.0/src/libsodium/include/sodium/utils.h 2014-09-30 18:35:31.000000000 +0000
+++ libsodium-1.0.1/src/libsodium/include/sodium/utils.h 2014-10-11 02:22:04.000000000 +0000
@@ -1,6 +1,6 @@
-#ifndef __SODIUM_UTILS_H__
-#define __SODIUM_UTILS_H__
+#ifndef sodium_utils_H
+#define sodium_utils_H
#include <stddef.h>
@@ -11,9 +11,9 @@
#endif
#if defined(__cplusplus) || !defined(__STDC_VERSION__) || __STDC_VERSION__ < 199901L
-# define _SODIUM_C99(X)
+# define SODIUM_C99(X)
#else
-# define _SODIUM_C99(X) X
+# define SODIUM_C99(X) X
#endif
SODIUM_EXPORT
diff -Nur libsodium-1.0.0/src/libsodium/include/sodium/version.h.in libsodium-1.0.1/src/libsodium/include/sodium/version.h.in
--- libsodium-1.0.0/src/libsodium/include/sodium/version.h.in 2014-09-30 18:35:31.000000000 +0000
+++ libsodium-1.0.1/src/libsodium/include/sodium/version.h.in 2014-10-11 02:22:04.000000000 +0000
@@ -1,6 +1,6 @@
-#ifndef __SODIUM_VERSION_H__
-#define __SODIUM_VERSION_H__
+#ifndef sodium_version_H
+#define sodium_version_H
#include "export.h"
diff -Nur libsodium-1.0.0/src/libsodium/include/sodium.h libsodium-1.0.1/src/libsodium/include/sodium.h
--- libsodium-1.0.0/src/libsodium/include/sodium.h 2014-09-30 18:35:31.000000000 +0000
+++ libsodium-1.0.1/src/libsodium/include/sodium.h 2014-10-11 02:22:04.000000000 +0000
@@ -1,6 +1,6 @@
-#ifndef __SODIUM_H__
-#define __SODIUM_H__
+#ifndef sodium_H
+#define sodium_H
#include <sodium/core.h>
#include <sodium/crypto_aead_chacha20poly1305.h>
diff -Nur libsodium-1.0.0/src/libsodium/randombytes/salsa20/randombytes_salsa20_random.c libsodium-1.0.1/src/libsodium/randombytes/salsa20/randombytes_salsa20_random.c
--- libsodium-1.0.0/src/libsodium/randombytes/salsa20/randombytes_salsa20_random.c 2014-09-30 18:35:31.000000000 +0000
+++ libsodium-1.0.1/src/libsodium/randombytes/salsa20/randombytes_salsa20_random.c 2014-10-11 02:22:04.000000000 +0000
@@ -52,9 +52,9 @@
} Salsa20Random;
static Salsa20Random stream = {
- _SODIUM_C99(.random_data_source_fd =) -1,
- _SODIUM_C99(.rnd32_outleft =) (size_t) 0U,
- _SODIUM_C99(.initialized =) 0
+ SODIUM_C99(.random_data_source_fd =) -1,
+ SODIUM_C99(.rnd32_outleft =) (size_t) 0U,
+ SODIUM_C99(.initialized =) 0
};
static uint64_t
@@ -335,10 +335,10 @@
}
struct randombytes_implementation randombytes_salsa20_implementation = {
- _SODIUM_C99(.implementation_name =) randombytes_salsa20_implementation_name,
- _SODIUM_C99(.random =) randombytes_salsa20_random,
- _SODIUM_C99(.stir =) randombytes_salsa20_random_stir,
- _SODIUM_C99(.uniform =) randombytes_salsa20_random_uniform,
- _SODIUM_C99(.buf =) randombytes_salsa20_random_buf,
- _SODIUM_C99(.close =) randombytes_salsa20_random_close
+ SODIUM_C99(.implementation_name =) randombytes_salsa20_implementation_name,
+ SODIUM_C99(.random =) randombytes_salsa20_random,
+ SODIUM_C99(.stir =) randombytes_salsa20_random_stir,
+ SODIUM_C99(.uniform =) randombytes_salsa20_random_uniform,
+ SODIUM_C99(.buf =) randombytes_salsa20_random_buf,
+ SODIUM_C99(.close =) randombytes_salsa20_random_close
};
diff -Nur libsodium-1.0.0/src/libsodium/randombytes/sysrandom/randombytes_sysrandom.c libsodium-1.0.1/src/libsodium/randombytes/sysrandom/randombytes_sysrandom.c
--- libsodium-1.0.0/src/libsodium/randombytes/sysrandom/randombytes_sysrandom.c 2014-09-30 18:35:31.000000000 +0000
+++ libsodium-1.0.1/src/libsodium/randombytes/sysrandom/randombytes_sysrandom.c 2014-11-20 21:22:45.000000000 +0000
@@ -69,8 +69,8 @@
} SysRandom;
static SysRandom stream = {
- _SODIUM_C99(.random_data_source_fd =) -1,
- _SODIUM_C99(.initialized =) 0
+ SODIUM_C99(.random_data_source_fd =) -1,
+ SODIUM_C99(.initialized =) 0
};
#ifndef _WIN32
@@ -208,7 +208,7 @@
abort(); /* LCOV_EXCL_LINE */
}
#else
- if (size > 0xffffffff) {
+ if (size > (size_t) 0xffffffff) {
abort(); /* LCOV_EXCL_LINE */
}
if (! RtlGenRandom((PVOID) buf, (ULONG) size)) {
@@ -250,10 +250,10 @@
}
struct randombytes_implementation randombytes_sysrandom_implementation = {
- _SODIUM_C99(.implementation_name =) randombytes_sysrandom_implementation_name,
- _SODIUM_C99(.random =) randombytes_sysrandom,
- _SODIUM_C99(.stir =) randombytes_sysrandom_stir,
- _SODIUM_C99(.uniform =) randombytes_sysrandom_uniform,
- _SODIUM_C99(.buf =) randombytes_sysrandom_buf,
- _SODIUM_C99(.close =) randombytes_sysrandom_close
+ SODIUM_C99(.implementation_name =) randombytes_sysrandom_implementation_name,
+ SODIUM_C99(.random =) randombytes_sysrandom,
+ SODIUM_C99(.stir =) randombytes_sysrandom_stir,
+ SODIUM_C99(.uniform =) randombytes_sysrandom_uniform,
+ SODIUM_C99(.buf =) randombytes_sysrandom_buf,
+ SODIUM_C99(.close =) randombytes_sysrandom_close
};
diff -Nur libsodium-1.0.0/src/libsodium/sodium/utils.c libsodium-1.0.1/src/libsodium/sodium/utils.c
--- libsodium-1.0.0/src/libsodium/sodium/utils.c 2014-09-30 18:35:31.000000000 +0000
+++ libsodium-1.0.1/src/libsodium/sodium/utils.c 2014-11-20 21:22:17.000000000 +0000
@@ -47,7 +47,7 @@
#ifdef HAVE_WEAK_SYMBOLS
__attribute__((weak)) void
-__sodium_dummy_symbol_to_prevent_lto(void * const pnt, const size_t len)
+_sodium_dummy_symbol_to_prevent_lto(void * const pnt, const size_t len)
{
(void) pnt;
(void) len;
@@ -67,7 +67,7 @@
explicit_bzero(pnt, len);
#elif HAVE_WEAK_SYMBOLS
memset(pnt, 0, len);
- __sodium_dummy_symbol_to_prevent_lto(pnt, len);
+ _sodium_dummy_symbol_to_prevent_lto(pnt, len);
#else
volatile unsigned char *pnt_ = (volatile unsigned char *) pnt;
size_t i = (size_t) 0U;
@@ -92,26 +92,30 @@
return (int) ((1 & ((d - 1) >> 8)) - 1);
}
+/* Derived from original code by CodesInChaos */
char *
sodium_bin2hex(char * const hex, const size_t hex_maxlen,
const unsigned char * const bin, const size_t bin_len)
{
- static const char hexdigits[16] = {
- '0', '1', '2', '3', '4', '5', '6', '7',
- '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'
- };
- size_t i = (size_t) 0U;
- size_t j = (size_t) 0U;
+ size_t i = (size_t) 0U;
+ unsigned int x;
+ int b;
+ int c;
if (bin_len >= SIZE_MAX / 2 || hex_maxlen < bin_len * 2U) {
abort(); /* LCOV_EXCL_LINE */
}
while (i < bin_len) {
- hex[j++] = hexdigits[bin[i] >> 4];
- hex[j++] = hexdigits[bin[i] & 0xf];
+ c = bin[i] & 0xf;
+ b = bin[i] >> 4;
+ x = (unsigned char) (87 + c + (((c - 10) >> 31) & -39)) << 8 |
+ (unsigned char) (87 + b + (((b - 10) >> 31) & -39));
+ hex[i * 2U] = (char) x;
+ x >>= 8;
+ hex[i * 2U + 1U] = (char) x;
i++;
}
- hex[j] = 0;
+ hex[i * 2U] = 0;
return hex;
}
@@ -350,12 +354,11 @@
unsigned char *base_ptr;
unsigned char *canary_ptr;
unsigned char *unprotected_ptr;
- size_t page_mask;
size_t size_with_canary;
size_t total_size;
size_t unprotected_size;
- if (size >= SIZE_MAX - page_size * 4U) {
+ if (size >= (size_t) SIZE_MAX - page_size * 4U) {
errno = ENOMEM;
return NULL;
}
@@ -375,7 +378,6 @@
#endif
_mprotect_noaccess(unprotected_ptr + unprotected_size, page_size);
sodium_mlock(unprotected_ptr, unprotected_size);
- page_mask = page_size - 1U;
canary_ptr = unprotected_ptr + _page_round(size_with_canary) -
size_with_canary;
user_ptr = canary_ptr + sizeof canary;
@@ -405,7 +407,7 @@
{
size_t total_size;
- if (size >= SIZE_MAX / count) {
+ if (size >= (size_t) SIZE_MAX / count) {
errno = ENOMEM;
return NULL;
}
Attachment:
signature.asc
Description: This is a digitally signed message part