Medium severity4.5OSV Advisory· Published Dec 31, 2025· Updated Apr 15, 2026
CVE-2025-69277
CVE-2025-69277
Description
libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to crypto_core_ed25519_is_valid_point, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
paragonie/sodium_compatPackagist | >= 2, < 2.5.0 | 2.5.0 |
paragonie/sodium_compatPackagist | < 1.24.0 | 1.24.0 |
PyNaClPyPI | < 1.6.2 | 1.6.2 |
hdwalletPyPI | < 3.6.1 | 3.6.1 |
Affected products
1Patches
5ecf41f55a3d8changelog and version bump for 1.6.2 (#923)
3 files changed · +7 −2
CHANGELOG.rst+5 −0 modified@@ -1,6 +1,11 @@ Changelog ========= +1.6.2 (2026-01-01) +------------------ +* Updated ``libsodium`` to 1.0.20-stable (2025-12-31 build) to resolve + ``CVE-2025-69277``. + 1.6.1 (2025-11-10) ------------------ * The ``MAKE`` environment variable can now be used to specify the ``make``
pyproject.toml+1 −1 modified@@ -13,7 +13,7 @@ dynamic = ["readme"] name = "PyNaCl" # Must be kept in sync with `src/nacl/__init__.py` -version = "1.6.1" +version = "1.6.2" authors = [ {name = "The PyNaCl developers", email = "cryptography-dev@python.org"} ]
src/nacl/__init__.py+1 −1 modified@@ -22,4 +22,4 @@ __uri__ = "https://github.com/pyca/pynacl/" # Must be kept in sync with `pyproject.toml` -__version__ = "1.6.1" +__version__ = "1.6.2"
96314884d88dBump libsodium to the latest 1.0.20 (#922)
54 files changed · +519 −540
src/libsodium-1.0.20-stable-msvc.zip+0 −0 modifiedsrc/libsodium/aclocal.m4+0 −17 modified@@ -418,23 +418,6 @@ AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS], [test x"$AMDEP_TRUE" != x"" || _AM_OUTPUT_DEPENDENCY_COMMANDS], [AMDEP_TRUE="$AMDEP_TRUE" MAKE="${MAKE-make}"])]) -# AM_EXTRA_RECURSIVE_TARGETS -*- Autoconf -*- - -# Copyright (C) 2012-2025 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# AM_EXTRA_RECURSIVE_TARGETS -# -------------------------- -# Define the list of user recursive targets. This macro exists only to -# be traced by Automake, which will ensure that a proper definition of -# user-defined recursive targets (and associated rules) is propagated -# into all the generated Makefiles. -# TODO: We should really reject non-literal arguments here... -AC_DEFUN([AM_EXTRA_RECURSIVE_TARGETS], []) - # Do all the work for Automake. -*- Autoconf -*- # Copyright (C) 1996-2025 Free Software Foundation, Inc.
src/libsodium/appveyor.yml+1 −1 modified@@ -1,6 +1,6 @@ version: 1.0.20.{build} -os: Visual Studio 2017 +os: Visual Studio 2022 environment: matrix:
src/libsodium/azure-pipelines.yml+21 −2 modified@@ -6,6 +6,25 @@ pr: none jobs: - job: "windows" + pool: + vmImage: "windows-latest" + steps: + - powershell: | + cd builds\msvc\build + & .\buildbase.bat ..\vs2026\libsodium.sln 18 + displayName: Compile it all + - powershell: | + mkdir bin\include\sodium + Copy-Item "src\libsodium\include\sodium\*.h" -Destination "bin\include\sodium" -Recurse + Copy-Item "src\libsodium\include\*.h" -Destination "bin\include\" + displayName: Copy header files + - task: PublishBuildArtifacts@1 + condition: not(canceled()) + inputs: + pathToPublish: bin + artifactName: libsodium + + - job: "windows_2022" pool: vmImage: "windows-2022" steps: @@ -48,7 +67,7 @@ jobs: vmImage: "windows-2019" steps: - powershell: | - (New-Object Net.WebClient).DownloadFile("https://github.com/msys2/msys2-installer/releases/download/2025-02-21/msys2-base-x86_64-20250221.sfx.exe", "sfx.exe") + (New-Object Net.WebClient).DownloadFile("https://github.com/msys2/msys2-installer/releases/download/2025-08-30/msys2-base-x86_64-20250830.sfx.exe", "sfx.exe") .\sfx.exe -y -o\ del sfx.exe displayName: Install MSYS2 @@ -87,7 +106,7 @@ jobs: vmImage: "windows-2019" steps: - powershell: | - (New-Object Net.WebClient).DownloadFile("https://github.com/msys2/msys2-installer/releases/download/2025-02-21/msys2-base-x86_64-20250221.sfx.exe", "sfx.exe") + (New-Object Net.WebClient).DownloadFile("https://github.com/msys2/msys2-installer/releases/download/2025-08-30/msys2-base-x86_64-20250830.sfx.exe", "sfx.exe") .\sfx.exe -y -o\ del sfx.exe displayName: Install MSYS2
src/libsodium/builds/Makefile.am+8 −2 modified@@ -71,11 +71,17 @@ EXTRA_DIST = \ msvc/vs2019/libsodium.import.props \ msvc/vs2019/libsodium.import.xml \ msvc/vs2019/libsodium.sln \ - msvc/vs2022/libsodium.sln \ msvc/vs2022/libsodium/libsodium.props \ msvc/vs2022/libsodium/libsodium.vcxproj \ msvc/vs2022/libsodium/libsodium.vcxproj.filters \ msvc/vs2022/libsodium/libsodium.xml \ msvc/vs2022/libsodium.import.props \ msvc/vs2022/libsodium.import.xml \ - msvc/vs2022/libsodium.sln + msvc/vs2022/libsodium.sln \ + msvc/vs2026/libsodium/libsodium.props \ + msvc/vs2026/libsodium/libsodium.vcxproj \ + msvc/vs2026/libsodium/libsodium.vcxproj.filters \ + msvc/vs2026/libsodium/libsodium.xml \ + msvc/vs2026/libsodium.import.props \ + msvc/vs2026/libsodium.import.xml \ + msvc/vs2026/libsodium.sln
src/libsodium/builds/Makefile.in+9 −37 modified@@ -129,10 +129,6 @@ am__can_run_installinfo = \ n|no|NO) false;; \ *) (install-info --version) >/dev/null 2>&1;; \ esac -am__extra_recursive_targets = check-valgrind-recursive \ - check-valgrind-memcheck-recursive \ - check-valgrind-helgrind-recursive check-valgrind-drd-recursive \ - check-valgrind-sgcheck-recursive am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) am__DIST_COMMON = $(srcdir)/Makefile.in DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) @@ -380,14 +376,20 @@ EXTRA_DIST = \ msvc/vs2019/libsodium.import.props \ msvc/vs2019/libsodium.import.xml \ msvc/vs2019/libsodium.sln \ - msvc/vs2022/libsodium.sln \ msvc/vs2022/libsodium/libsodium.props \ msvc/vs2022/libsodium/libsodium.vcxproj \ msvc/vs2022/libsodium/libsodium.vcxproj.filters \ msvc/vs2022/libsodium/libsodium.xml \ msvc/vs2022/libsodium.import.props \ msvc/vs2022/libsodium.import.xml \ - msvc/vs2022/libsodium.sln + msvc/vs2022/libsodium.sln \ + msvc/vs2026/libsodium/libsodium.props \ + msvc/vs2026/libsodium/libsodium.vcxproj \ + msvc/vs2026/libsodium/libsodium.vcxproj.filters \ + msvc/vs2026/libsodium/libsodium.xml \ + msvc/vs2026/libsodium.import.props \ + msvc/vs2026/libsodium.import.xml \ + msvc/vs2026/libsodium.sln all: all-am @@ -427,11 +429,6 @@ mostlyclean-libtool: clean-libtool: -rm -rf .libs _libs -check-valgrind-local: -check-valgrind-memcheck-local: -check-valgrind-helgrind-local: -check-valgrind-drd-local: -check-valgrind-sgcheck-local: tags TAGS: ctags CTAGS: @@ -506,26 +503,6 @@ distclean-generic: maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -check-valgrind: check-valgrind-am - -check-valgrind-am: check-valgrind-local - -check-valgrind-drd: check-valgrind-drd-am - -check-valgrind-drd-am: check-valgrind-drd-local - -check-valgrind-helgrind: check-valgrind-helgrind-am - -check-valgrind-helgrind-am: check-valgrind-helgrind-local - -check-valgrind-memcheck: check-valgrind-memcheck-am - -check-valgrind-memcheck-am: check-valgrind-memcheck-local - -check-valgrind-sgcheck: check-valgrind-sgcheck-am - -check-valgrind-sgcheck-am: check-valgrind-sgcheck-local - clean: clean-am clean-am: clean-generic clean-libtool mostlyclean-am @@ -594,12 +571,7 @@ uninstall-am: .MAKE: install-am install-strip -.PHONY: all all-am check check-am check-valgrind-am \ - check-valgrind-drd-am check-valgrind-drd-local \ - check-valgrind-helgrind-am check-valgrind-helgrind-local \ - check-valgrind-local check-valgrind-memcheck-am \ - check-valgrind-memcheck-local check-valgrind-sgcheck-am \ - check-valgrind-sgcheck-local clean clean-generic clean-libtool \ +.PHONY: all all-am check check-am clean clean-generic clean-libtool \ cscopelist-am ctags-am distclean distclean-generic \ distclean-libtool distdir dvi dvi-am html html-am info info-am \ install install-am install-data install-data-am install-dvi \
src/libsodium/builds/msvc/build/buildall.bat+2 −0 modified@@ -1,5 +1,7 @@ @ECHO OFF +CALL buildbase.bat ..\vs2026\libsodium.sln 18 +ECHO. CALL buildbase.bat ..\vs2022\libsodium.sln 17 ECHO. CALL buildbase.bat ..\vs2019\libsodium.sln 16
src/libsodium/builds/msvc/build/buildbase.bat+25 −4 modified@@ -1,5 +1,5 @@ @ECHO OFF -REM Usage: [buildbase.bat ..\vs2019\mysolution.sln 16] +REM Usage: [buildbase.bat ..\vs2026\mysolution.sln 18] SETLOCAL enabledelayedexpansion @@ -8,6 +8,17 @@ SET version=%2 SET log=build_%version%.log SET tools=Microsoft Visual Studio %version%.0\VC\vcvarsall.bat +IF %version% == 18 ( + SET tools=Microsoft Visual Studio\2026\Enterprise\VC\Auxiliary\Build\vcvarsall.bat + SET environment="%programfiles%\!tools!" + IF NOT EXIST !environment! ( + SET environment="%programfiles(x86)%\!tools!" + IF NOT EXIST !environment! ( + SET tools=Microsoft Visual Studio\2026\Community\VC\Auxiliary\Build\vcvarsall.bat + ) + ) +) + IF %version% == 17 ( SET tools=Microsoft Visual Studio\2022\Enterprise\VC\Auxiliary\Build\vcvarsall.bat SET environment="%programfiles%\!tools!" @@ -49,7 +60,7 @@ IF NOT EXIST !environment! GOTO no_tools ECHO Building: %solution% -CALL !environment! x86 > nul +CALL !environment! x86 > nul 2>&1 ECHO Platform=x86 ECHO Configuration=DynDebug @@ -71,7 +82,10 @@ ECHO Configuration=StaticRelease msbuild /m /v:n /p:Configuration=StaticRelease /p:Platform=Win32 %solution% >> %log% IF errorlevel 1 GOTO error -CALL !environment! x86_amd64 > nul +ENDLOCAL & SET solution=%solution% & SET version=%version% & SET log=%log% & SET tools=%tools% & SET environment=%environment% +SETLOCAL enabledelayedexpansion + +CALL !environment! x86_amd64 > nul 2>&1 ECHO Platform=x64 ECHO Configuration=DynDebug @@ -95,7 +109,10 @@ IF errorlevel 1 GOTO error @REM Build ARM64 packages only for Visual studio 2019 and later IF %version% GEQ 16 ( - CALL !environment! ARM64 > nul + ENDLOCAL & SET solution=%solution% & SET version=%version% & SET log=%log% & SET tools=%tools% & SET environment=%environment% + SETLOCAL enabledelayedexpansion + + CALL !environment! ARM64 > nul 2>&1 ECHO Platform=ARM64 ECHO Configuration=DynDebug @@ -123,6 +140,10 @@ GOTO end :error ECHO *** ERROR, build terminated early, see: %log% +ECHO. +ECHO === Last errors from %log% === +findstr /i /c:"error " /c:"error:" /c:"fatal error" %log% +ECHO. GOTO end :no_tools
src/libsodium/builds/msvc/properties/Common.props+6 −0 modified@@ -18,4 +18,10 @@ </ClCompile> </ItemDefinitionGroup> + <ItemDefinitionGroup Condition="'$(PlatformToolsetVersion)' >= '143'"> + <ClCompile> + <AdditionalOptions>/UndefIntOverflow- %(AdditionalOptions)</AdditionalOptions> + </ClCompile> + </ItemDefinitionGroup> + </Project> \ No newline at end of file
src/libsodium/build.zig+66 −24 modified@@ -1,14 +1,19 @@ const std = @import("std"); const fmt = std.fmt; -const fs = std.fs; const heap = std.heap; const mem = std.mem; const Compile = std.Build.Step.Compile; const Target = std.Target; +// Zig 0.16+ uses std.Io.Dir, 0.15 uses std.fs +const is_zig_16 = @hasDecl(std, "Io") and @hasDecl(std.Io, "Dir"); +const Dir = if (is_zig_16) std.Io.Dir else std.fs.Dir; +const Io = if (is_zig_16) std.Io else void; + fn initLibConfig(b: *std.Build, target: std.Build.ResolvedTarget, lib: *Compile) void { - lib.linkLibC(); - lib.addIncludePath(b.path("src/libsodium/include/sodium")); + lib.root_module.link_libc = true; + lib.lto = null; + lib.root_module.addIncludePath(b.path("src/libsodium/include/sodium")); lib.root_module.addCMacro("_GNU_SOURCE", "1"); lib.root_module.addCMacro("CONFIGURED", "1"); lib.root_module.addCMacro("DEV_MODE", "1"); @@ -20,7 +25,6 @@ fn initLibConfig(b: *std.Build, target: std.Build.ResolvedTarget, lib: *Compile) lib.root_module.addCMacro("HAVE_INTTYPES_H", "1"); lib.root_module.addCMacro("HAVE_STDINT_H", "1"); lib.root_module.addCMacro("HAVE_TI_MODE", "1"); - lib.want_lto = false; const endian = target.result.cpu.arch.endian(); switch (endian) { @@ -140,12 +144,16 @@ fn initLibConfig(b: *std.Build, target: std.Build.ResolvedTarget, lib: *Compile) } pub fn build(b: *std.Build) !void { - const root_path = b.pathFromRoot("."); - var cwd = try fs.openDirAbsolute(root_path, .{}); - defer cwd.close(); + const io: Io = if (is_zig_16) b.graph.io else {}; + const cwd = if (is_zig_16) Dir.cwd() else std.fs.cwd(); const src_path = "src/libsodium"; - const src_dir = try fs.Dir.openDir(cwd, src_path, .{ .iterate = true, .no_follow = true }); + const src_dir = if (is_zig_16) + try cwd.openDir(io, src_path, .{ .iterate = true }) + else if (@hasField(Dir.OpenOptions, "follow_symlinks")) + try cwd.openDir(src_path, .{ .iterate = true, .follow_symlinks = false }) + else + try cwd.openDir(src_path, .{ .iterate = true, .no_follow = true }); var target = b.standardTargetOptions(.{}); const optimize = b.standardOptimizeOption(.{}); @@ -182,6 +190,7 @@ pub fn build(b: *std.Build) !void { .optimize = optimize, }), }); + static_lib.pie = true; const shared_lib = b.addLibrary(.{ .name = if (target.result.isMinGW()) "libsodium" else "sodium", .linkage = .dynamic, @@ -205,8 +214,18 @@ pub fn build(b: *std.Build) !void { const prebuilt_version_file_path = "builds/msvc/version.h"; const version_file_path = "include/sodium/version.h"; - if (src_dir.access(version_file_path, .{ .mode = .read_only })) {} else |_| { - try cwd.copyFile(prebuilt_version_file_path, src_dir, version_file_path, .{}); + if (is_zig_16) { + src_dir.access(io, version_file_path, .{}) catch { + try Dir.copyFile(cwd, prebuilt_version_file_path, src_dir, version_file_path, io, .{}); + }; + } else if (@hasField(Dir.OpenOptions, "follow_symlinks")) { + src_dir.access(version_file_path, .{ .read = true }) catch { + try cwd.copyFile(prebuilt_version_file_path, src_dir, version_file_path, .{}); + }; + } else { + src_dir.access(version_file_path, .{ .mode = .read_only }) catch { + try cwd.copyFile(prebuilt_version_file_path, src_dir, version_file_path, .{}); + }; } for (libs.items) |lib| { @@ -228,35 +247,58 @@ pub fn build(b: *std.Build) !void { const allocator = heap.page_allocator; var walker = try src_dir.walk(allocator); - while (try walker.next()) |entry| { + while (if (is_zig_16) try walker.next(io) else try walker.next()) |entry| { const name = entry.basename; if (mem.endsWith(u8, name, ".c")) { const full_path = try fmt.allocPrint(allocator, "{s}/{s}", .{ src_path, entry.path }); - lib.addCSourceFiles(.{ + lib.root_module.addCSourceFiles(.{ .files = &.{full_path}, .flags = flags, }); } else if (mem.endsWith(u8, name, ".S")) { const full_path = try fmt.allocPrint(allocator, "{s}/{s}", .{ src_path, entry.path }); - lib.addAssemblyFile(b.path(full_path)); + lib.root_module.addAssemblyFile(b.path(full_path)); } } } const test_path = "test/default"; const out_bin_path = "zig-out/bin"; - const test_dir = try fs.Dir.openDir(cwd, test_path, .{ .iterate = true, .no_follow = true }); - fs.Dir.makePath(cwd, out_bin_path) catch {}; - const out_bin_dir = try fs.Dir.openDir(cwd, out_bin_path, .{}); - try test_dir.copyFile("run.sh", out_bin_dir, "run.sh", .{}); + const test_dir = if (is_zig_16) + try cwd.openDir(io, test_path, .{ .iterate = true }) + else if (@hasField(Dir.OpenOptions, "follow_symlinks")) + try cwd.openDir(test_path, .{ .iterate = true, .follow_symlinks = false }) + else + try cwd.openDir(test_path, .{ .iterate = true, .no_follow = true }); + + if (is_zig_16) { + cwd.createDirPath(io, out_bin_path) catch {}; + } else { + cwd.makePath(out_bin_path) catch {}; + } + const out_bin_dir = if (is_zig_16) + try cwd.openDir(io, out_bin_path, .{}) + else + try cwd.openDir(out_bin_path, .{}); + + if (is_zig_16) { + try Dir.copyFile(test_dir, "run.sh", out_bin_dir, "run.sh", io, .{}); + } else { + try test_dir.copyFile("run.sh", out_bin_dir, "run.sh", .{}); + } + const allocator = heap.page_allocator; var walker = try test_dir.walk(allocator); if (build_tests) { - while (try walker.next()) |entry| { + while (if (is_zig_16) try walker.next(io) else try walker.next()) |entry| { const name = entry.basename; if (mem.endsWith(u8, name, ".exp")) { - try test_dir.copyFile(name, out_bin_dir, name, .{}); + if (is_zig_16) { + try Dir.copyFile(test_dir, name, out_bin_dir, name, io, .{}); + } else { + try test_dir.copyFile(name, out_bin_dir, name, .{}); + } continue; } if (!mem.endsWith(u8, name, ".c")) { @@ -269,14 +311,14 @@ pub fn build(b: *std.Build) !void { .target = target, .optimize = optimize, .strip = true, + .link_libc = true, }), }); - exe.linkLibC(); - exe.linkLibrary(static_lib); - exe.addIncludePath(b.path("src/libsodium/include")); - exe.addIncludePath(b.path("test/quirks")); + exe.root_module.linkLibrary(static_lib); + exe.root_module.addIncludePath(b.path("src/libsodium/include")); + exe.root_module.addIncludePath(b.path("test/quirks")); const full_path = try fmt.allocPrint(allocator, "{s}/{s}", .{ test_path, entry.path }); - exe.addCSourceFiles(.{ .files = &.{full_path} }); + exe.root_module.addCSourceFiles(.{ .files = &.{full_path} }); if (enable_benchmarks) { exe.root_module.addCMacro("BENCHMARKS", "1"); var buf: [16]u8 = undefined;
src/libsodium/ChangeLog+21 −3 modified@@ -1,21 +1,39 @@ * Version 1.0.20-stable - - Performance of AES256-GCM and AEGIS on ARM has been improved. + - The Fil-C compiler is supported out of the box + - MSVC 2026 (Visual Studio 2026) is now supported + - Performance of AES256-GCM and AEGIS on ARM has been improved +with some compilers - Android binaries have been added to the NuGet package - Windows ARM binaries have been added to the NuGet package - The Android build script has been improved. The base SDK is -now 27c, and the default platform is 21 - - The library can now be compiled with Zig 0.14+ +now 27c, and the default platform is 21, supporting 16 KB page sizes. + - The library can now be compiled with Zig 0.15 and Zig 0.16 + - Zig builds now generate position-independent static libraries by +default on targets that support PIC - arm64e builds have been added to the XCFramework packages - XCFramework packages are now full builds instead of minimal builds - MSVC builds have been enabled for ARM64 + - iOS 32-bit (armv7/armv7s) support has been removed from the +XCFramework build script + - Security: optblockers have been introduced in critical code paths +to prevent compilers from introducing unwanted side channels via +conditional jumps. This was observed on RISC-V targets with specific +compilers and options. + - Security: `crypto_core_ed25519_is_valid_point()` now properly +rejects small-order points that are not in the main subgroup + - `((nonnull))` attributes have been relaxed on some `crypto_stream*` +functions to allow NULL output buffers when the output length is zero - A cross-compilation issue with old clang versions has been fixed - 16K page sizes are now supported on Android - JavaScript: support for Cloudflare Workers has been added + - JavaScript: WASM_BIGINT is forcibly disabled to retain +compatibility with older runtimes - A compilation issue with old toolchains on Solaris has been fixed - `crypto_aead_aes256gcm_is_available` is exported to JavaScript + - libsodium is now compatible with Emscripten 4.x * Version 1.0.20 This point release includes all the changes from 1.0.19-stable,
src/libsodium/configure+51 −12 modified@@ -1548,6 +1548,7 @@ Optional Features: --enable-opt Optimize for the native CPU - The resulting library will be faster but not portable --enable-valgrind Whether to enable Valgrind on the unit tests + (requires GNU make) --disable-valgrind-memcheck Whether to skip memcheck during the Valgrind tests --disable-valgrind-helgrind @@ -5765,6 +5766,37 @@ fi fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if we are using FilC" >&5 +printf %s "checking if we are using FilC... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#ifndef __FILC__ +# error __FILC__ is not defined +#endif + +int +main (void) +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + enable_asm="no" + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: compiling with FilC - asm implementations disabled" >&5 +printf "%s\n" "$as_me: WARNING: compiling with FilC - asm implementations disabled" >&2;} +else case e in #( + e) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } ;; +esac +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext + # Check whether --enable-pie was given. if test ${enable_pie+y} then : @@ -7509,15 +7541,12 @@ fi - - - # Check whether --enable-valgrind was given. if test ${enable_valgrind+y} then : enableval=$enable_valgrind; enable_valgrind=$enableval else case e in #( - e) enable_valgrind= ;; + e) enable_valgrind=no ;; esac fi @@ -7916,7 +7945,7 @@ valgrind_quiet_ = $(valgrind_quiet_$(AM_DEFAULT_VERBOSITY)) valgrind_quiet_0 = --quiet valgrind_v_use = $(valgrind_v_use_$(V)) valgrind_v_use_ = $(valgrind_v_use_$(AM_DEFAULT_VERBOSITY)) -valgrind_v_use_0 = @echo " USE " $(patsubst check-valgrind-%-local,%,$''@):; +valgrind_v_use_0 = @echo " USE " $(patsubst check-valgrind-%,%,$''@):; # Support running with and without libtool. ifneq ($(LIBTOOL),) @@ -7926,12 +7955,12 @@ valgrind_lt = endif # Use recursive makes in order to ignore errors during check -check-valgrind-local: +check-valgrind: ifeq ($(VALGRIND_ENABLED),yes) $(A''M_V_at)$(MAKE) $(AM_MAKEFLAGS) -k \ $(foreach tool, $(valgrind_enabled_tools), check-valgrind-$(tool)) else - @echo "Need to reconfigure with --enable-valgrind" + @echo "Need to use GNU make and reconfigure with --enable-valgrind" endif # Valgrind running @@ -7945,16 +7974,14 @@ VALGRIND_LOG_COMPILER = \ $(valgrind_lt) \ $(VALGRIND) $(VALGRIND_SUPPRESSIONS) --error-exitcode=1 $(VALGRIND_FLAGS) -define valgrind_tool_rule -check-valgrind-$(1)-local: +define valgrind_tool_rule = +check-valgrind-$(1): ifeq ($$(VALGRIND_ENABLED)-$$(ENABLE_VALGRIND_$(1)),yes-yes) -ifneq ($$(TESTS),) $$(valgrind_v_use)$$(MAKE) check-TESTS \ TESTS_ENVIRONMENT="$$(VALGRIND_TESTS_ENVIRONMENT)" \ LOG_COMPILER="$$(VALGRIND_LOG_COMPILER)" \ LOG_FLAGS="$$(valgrind_$(1)_flags)" \ TEST_SUITE_LOG=test-suite-$(1).log -endif else ifeq ($$(VALGRIND_ENABLED),yes) @echo "Need to reconfigure with --enable-valgrind-$(1)" else @@ -7970,9 +7997,18 @@ A''M_DISTCHECK_CONFIGURE_FLAGS += --disable-valgrind MOSTLYCLEANFILES ?= MOSTLYCLEANFILES += $(valgrind_log_files) -.PHONY: check-valgrind $(addprefix check-valgrind-,$(valgrind_tools)) +.PHONY: check-valgrind $(add-prefix check-valgrind-,$(valgrind_tools)) ' + if test "$enable_valgrind" != "yes" +then : + + VALGRIND_CHECK_RULES=' +check-valgrind: + @echo "Need to use GNU make and reconfigure with --enable-valgrind"' + +fi + @@ -21842,6 +21878,9 @@ printf %s "checking whether we can use inline asm code... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ +#ifdef __FILC__ +# error inline assembly is not supported with FilC +#endif int main (void)
src/libsodium/configure.ac+14 −0 modified@@ -97,6 +97,17 @@ AS_IF([test "x$EMSCRIPTEN" != "x"], [ ]) ]) +AC_MSG_CHECKING([if we are using FilC]) +AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ +#ifndef __FILC__ +# error __FILC__ is not defined +#endif +]], [[]])], + [AC_MSG_RESULT(yes) + enable_asm="no" + AC_MSG_WARN([compiling with FilC - asm implementations disabled])], + [AC_MSG_RESULT(no)]) + AC_ARG_ENABLE(pie, [AS_HELP_STRING(--disable-pie,Do not produce position independent executables)], enable_pie=$enableval, enable_pie="maybe") @@ -696,6 +707,9 @@ AC_LINK_IFELSE([AC_LANG_PROGRAM([[ AC_MSG_CHECKING(whether we can use inline asm code) AC_LINK_IFELSE([AC_LANG_PROGRAM([[ +#ifdef __FILC__ +# error inline assembly is not supported with FilC +#endif ]], [[ int a = 42; int *pnt = &a;
src/libsodium/contrib/Makefile.in+1 −35 modified@@ -129,10 +129,6 @@ am__can_run_installinfo = \ n|no|NO) false;; \ *) (install-info --version) >/dev/null 2>&1;; \ esac -am__extra_recursive_targets = check-valgrind-recursive \ - check-valgrind-memcheck-recursive \ - check-valgrind-helgrind-recursive check-valgrind-drd-recursive \ - check-valgrind-sgcheck-recursive am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) am__DIST_COMMON = $(srcdir)/Makefile.in DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) @@ -348,11 +344,6 @@ mostlyclean-libtool: clean-libtool: -rm -rf .libs _libs -check-valgrind-local: -check-valgrind-memcheck-local: -check-valgrind-helgrind-local: -check-valgrind-drd-local: -check-valgrind-sgcheck-local: tags TAGS: ctags CTAGS: @@ -427,26 +418,6 @@ distclean-generic: maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -check-valgrind: check-valgrind-am - -check-valgrind-am: check-valgrind-local - -check-valgrind-drd: check-valgrind-drd-am - -check-valgrind-drd-am: check-valgrind-drd-local - -check-valgrind-helgrind: check-valgrind-helgrind-am - -check-valgrind-helgrind-am: check-valgrind-helgrind-local - -check-valgrind-memcheck: check-valgrind-memcheck-am - -check-valgrind-memcheck-am: check-valgrind-memcheck-local - -check-valgrind-sgcheck: check-valgrind-sgcheck-am - -check-valgrind-sgcheck-am: check-valgrind-sgcheck-local - clean: clean-am clean-am: clean-generic clean-libtool mostlyclean-am @@ -515,12 +486,7 @@ uninstall-am: .MAKE: install-am install-strip -.PHONY: all all-am check check-am check-valgrind-am \ - check-valgrind-drd-am check-valgrind-drd-local \ - check-valgrind-helgrind-am check-valgrind-helgrind-local \ - check-valgrind-local check-valgrind-memcheck-am \ - check-valgrind-memcheck-local check-valgrind-sgcheck-am \ - check-valgrind-sgcheck-local clean clean-generic clean-libtool \ +.PHONY: all all-am check check-am clean clean-generic clean-libtool \ cscopelist-am ctags-am distclean distclean-generic \ distclean-libtool distdir dvi dvi-am html html-am info info-am \ install install-am install-data install-data-am install-dvi \
src/libsodium/dist-build/android-aar.sh+1 −1 modified@@ -4,7 +4,7 @@ # # To simplify linking, library variants have distinct names: sodium, sodium-static, sodium-minimal and sodium-minimal-static. -SODIUM_VERSION="1.0.20.0" +SODIUM_VERSION="1.0.20.2" if [ -z "$ANDROID_NDK_HOME" ]; then echo "ANDROID_NDK_HOME must be set to the directory containing the Android NDK."
src/libsodium/dist-build/apple-xcframework.sh+5 −1 modified@@ -60,7 +60,11 @@ else fi I386_SIMULATOR_SUPPORTED=false -[ "$(echo "$IOS_SIMULATOR_VERSION_MIN" | cut -d'.' -f1)" -lt "11" ] && I386_SIMULATOR_SUPPORTED=true +if [ "$(echo "$IOS_SIMULATOR_VERSION_MIN" | cut -d'.' -f1)" -lt "11" ]; then + if echo 'int main(void){return 0;}' | xcrun -sdk iphonesimulator clang -arch i386 -x c - -o /dev/null 2>/dev/null; then + I386_SIMULATOR_SUPPORTED=true + fi +fi VISIONOS_SUPPORTED=false [ -d "${XCODEDIR}/Platforms/XROS.platform" ] && VISIONOS_SUPPORTED=true
src/libsodium/dist-build/emscripten.sh+72 −21 modified@@ -1,22 +1,23 @@ #! /bin/sh export MAKE_FLAGS='-j4' -export EXPORTED_FUNCTIONS_STANDARD='["_malloc","_free","_crypto_aead_aegis128l_abytes","_crypto_aead_aegis128l_decrypt","_crypto_aead_aegis128l_decrypt_detached","_crypto_aead_aegis128l_encrypt","_crypto_aead_aegis128l_encrypt_detached","_crypto_aead_aegis128l_keybytes","_crypto_aead_aegis128l_keygen","_crypto_aead_aegis128l_messagebytes_max","_crypto_aead_aegis128l_npubbytes","_crypto_aead_aegis128l_nsecbytes","_crypto_aead_aegis256_abytes","_crypto_aead_aegis256_decrypt","_crypto_aead_aegis256_decrypt_detached","_crypto_aead_aegis256_encrypt","_crypto_aead_aegis256_encrypt_detached","_crypto_aead_aegis256_keybytes","_crypto_aead_aegis256_keygen","_crypto_aead_aegis256_messagebytes_max","_crypto_aead_aegis256_npubbytes","_crypto_aead_aegis256_nsecbytes","_crypto_aead_aes256gcm_is_available","_crypto_aead_chacha20poly1305_abytes","_crypto_aead_chacha20poly1305_decrypt","_crypto_aead_chacha20poly1305_decrypt_detached","_crypto_aead_chacha20poly1305_encrypt","_crypto_aead_chacha20poly1305_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_abytes","_crypto_aead_chacha20poly1305_ietf_decrypt","_crypto_aead_chacha20poly1305_ietf_decrypt_detached","_crypto_aead_chacha20poly1305_ietf_encrypt","_crypto_aead_chacha20poly1305_ietf_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_keybytes","_crypto_aead_chacha20poly1305_ietf_keygen","_crypto_aead_chacha20poly1305_ietf_messagebytes_max","_crypto_aead_chacha20poly1305_ietf_npubbytes","_crypto_aead_chacha20poly1305_ietf_nsecbytes","_crypto_aead_chacha20poly1305_keybytes","_crypto_aead_chacha20poly1305_keygen","_crypto_aead_chacha20poly1305_messagebytes_max","_crypto_aead_chacha20poly1305_npubbytes","_crypto_aead_chacha20poly1305_nsecbytes","_crypto_aead_xchacha20poly1305_ietf_abytes","_crypto_aead_xchacha20poly1305_ietf_decrypt","_crypto_aead_xchacha20poly1305_ietf_decrypt_detached","_crypto_aead_xchacha20poly1305_ietf_encrypt","_crypto_aead_xchacha20poly1305_ietf_encrypt_detached","_crypto_aead_xchacha20poly1305_ietf_keybytes","_crypto_aead_xchacha20poly1305_ietf_keygen","_crypto_aead_xchacha20poly1305_ietf_messagebytes_max","_crypto_aead_xchacha20poly1305_ietf_npubbytes","_crypto_aead_xchacha20poly1305_ietf_nsecbytes","_crypto_auth","_crypto_auth_bytes","_crypto_auth_keybytes","_crypto_auth_keygen","_crypto_auth_verify","_crypto_box_beforenm","_crypto_box_beforenmbytes","_crypto_box_detached","_crypto_box_detached_afternm","_crypto_box_easy","_crypto_box_easy_afternm","_crypto_box_keypair","_crypto_box_macbytes","_crypto_box_messagebytes_max","_crypto_box_noncebytes","_crypto_box_open_detached","_crypto_box_open_detached_afternm","_crypto_box_open_easy","_crypto_box_open_easy_afternm","_crypto_box_publickeybytes","_crypto_box_seal","_crypto_box_seal_open","_crypto_box_sealbytes","_crypto_box_secretkeybytes","_crypto_box_seed_keypair","_crypto_box_seedbytes","_crypto_generichash","_crypto_generichash_bytes","_crypto_generichash_bytes_max","_crypto_generichash_bytes_min","_crypto_generichash_final","_crypto_generichash_init","_crypto_generichash_keybytes","_crypto_generichash_keybytes_max","_crypto_generichash_keybytes_min","_crypto_generichash_keygen","_crypto_generichash_statebytes","_crypto_generichash_update","_crypto_hash","_crypto_hash_bytes","_crypto_kdf_bytes_max","_crypto_kdf_bytes_min","_crypto_kdf_contextbytes","_crypto_kdf_derive_from_key","_crypto_kdf_hkdf_sha256_bytes_max","_crypto_kdf_hkdf_sha256_bytes_min","_crypto_kdf_hkdf_sha256_expand","_crypto_kdf_hkdf_sha256_extract","_crypto_kdf_hkdf_sha256_extract_final","_crypto_kdf_hkdf_sha256_extract_init","_crypto_kdf_hkdf_sha256_extract_update","_crypto_kdf_hkdf_sha256_keybytes","_crypto_kdf_hkdf_sha256_keygen","_crypto_kdf_hkdf_sha256_statebytes","_crypto_kdf_hkdf_sha512_bytes_max","_crypto_kdf_hkdf_sha512_bytes_min","_crypto_kdf_hkdf_sha512_expand","_crypto_kdf_hkdf_sha512_extract","_crypto_kdf_hkdf_sha512_extract_final","_crypto_kdf_hkdf_sha512_extract_init","_crypto_kdf_hkdf_sha512_extract_update","_crypto_kdf_hkdf_sha512_keybytes","_crypto_kdf_hkdf_sha512_keygen","_crypto_kdf_hkdf_sha512_statebytes","_crypto_kdf_keybytes","_crypto_kdf_keygen","_crypto_kx_client_session_keys","_crypto_kx_keypair","_crypto_kx_publickeybytes","_crypto_kx_secretkeybytes","_crypto_kx_seed_keypair","_crypto_kx_seedbytes","_crypto_kx_server_session_keys","_crypto_kx_sessionkeybytes","_crypto_scalarmult","_crypto_scalarmult_base","_crypto_scalarmult_bytes","_crypto_scalarmult_scalarbytes","_crypto_secretbox_detached","_crypto_secretbox_easy","_crypto_secretbox_keybytes","_crypto_secretbox_keygen","_crypto_secretbox_macbytes","_crypto_secretbox_messagebytes_max","_crypto_secretbox_noncebytes","_crypto_secretbox_open_detached","_crypto_secretbox_open_easy","_crypto_secretstream_xchacha20poly1305_abytes","_crypto_secretstream_xchacha20poly1305_headerbytes","_crypto_secretstream_xchacha20poly1305_init_pull","_crypto_secretstream_xchacha20poly1305_init_push","_crypto_secretstream_xchacha20poly1305_keybytes","_crypto_secretstream_xchacha20poly1305_keygen","_crypto_secretstream_xchacha20poly1305_messagebytes_max","_crypto_secretstream_xchacha20poly1305_pull","_crypto_secretstream_xchacha20poly1305_push","_crypto_secretstream_xchacha20poly1305_rekey","_crypto_secretstream_xchacha20poly1305_statebytes","_crypto_secretstream_xchacha20poly1305_tag_final","_crypto_secretstream_xchacha20poly1305_tag_message","_crypto_secretstream_xchacha20poly1305_tag_push","_crypto_secretstream_xchacha20poly1305_tag_rekey","_crypto_shorthash","_crypto_shorthash_bytes","_crypto_shorthash_keybytes","_crypto_shorthash_keygen","_crypto_sign","_crypto_sign_bytes","_crypto_sign_detached","_crypto_sign_ed25519_pk_to_curve25519","_crypto_sign_ed25519_sk_to_curve25519","_crypto_sign_final_create","_crypto_sign_final_verify","_crypto_sign_init","_crypto_sign_keypair","_crypto_sign_messagebytes_max","_crypto_sign_open","_crypto_sign_publickeybytes","_crypto_sign_secretkeybytes","_crypto_sign_seed_keypair","_crypto_sign_seedbytes","_crypto_sign_statebytes","_crypto_sign_update","_crypto_sign_verify_detached","_randombytes","_randombytes_buf","_randombytes_buf_deterministic","_randombytes_close","_randombytes_random","_randombytes_seedbytes","_randombytes_stir","_randombytes_uniform","_sodium_base642bin","_sodium_base64_encoded_len","_sodium_bin2base64","_sodium_bin2hex","_sodium_hex2bin","_sodium_init","_sodium_library_minimal","_sodium_library_version_major","_sodium_library_version_minor","_sodium_pad","_sodium_unpad","_sodium_version_string"]' -export EXPORTED_FUNCTIONS_SUMO='["_malloc","_free","_crypto_aead_aegis128l_abytes","_crypto_aead_aegis128l_decrypt","_crypto_aead_aegis128l_decrypt_detached","_crypto_aead_aegis128l_encrypt","_crypto_aead_aegis128l_encrypt_detached","_crypto_aead_aegis128l_keybytes","_crypto_aead_aegis128l_keygen","_crypto_aead_aegis128l_messagebytes_max","_crypto_aead_aegis128l_npubbytes","_crypto_aead_aegis128l_nsecbytes","_crypto_aead_aegis256_abytes","_crypto_aead_aegis256_decrypt","_crypto_aead_aegis256_decrypt_detached","_crypto_aead_aegis256_encrypt","_crypto_aead_aegis256_encrypt_detached","_crypto_aead_aegis256_keybytes","_crypto_aead_aegis256_keygen","_crypto_aead_aegis256_messagebytes_max","_crypto_aead_aegis256_npubbytes","_crypto_aead_aegis256_nsecbytes","_crypto_aead_aes256gcm_is_available","_crypto_aead_chacha20poly1305_abytes","_crypto_aead_chacha20poly1305_decrypt","_crypto_aead_chacha20poly1305_decrypt_detached","_crypto_aead_chacha20poly1305_encrypt","_crypto_aead_chacha20poly1305_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_abytes","_crypto_aead_chacha20poly1305_ietf_decrypt","_crypto_aead_chacha20poly1305_ietf_decrypt_detached","_crypto_aead_chacha20poly1305_ietf_encrypt","_crypto_aead_chacha20poly1305_ietf_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_keybytes","_crypto_aead_chacha20poly1305_ietf_keygen","_crypto_aead_chacha20poly1305_ietf_messagebytes_max","_crypto_aead_chacha20poly1305_ietf_npubbytes","_crypto_aead_chacha20poly1305_ietf_nsecbytes","_crypto_aead_chacha20poly1305_keybytes","_crypto_aead_chacha20poly1305_keygen","_crypto_aead_chacha20poly1305_messagebytes_max","_crypto_aead_chacha20poly1305_npubbytes","_crypto_aead_chacha20poly1305_nsecbytes","_crypto_aead_xchacha20poly1305_ietf_abytes","_crypto_aead_xchacha20poly1305_ietf_decrypt","_crypto_aead_xchacha20poly1305_ietf_decrypt_detached","_crypto_aead_xchacha20poly1305_ietf_encrypt","_crypto_aead_xchacha20poly1305_ietf_encrypt_detached","_crypto_aead_xchacha20poly1305_ietf_keybytes","_crypto_aead_xchacha20poly1305_ietf_keygen","_crypto_aead_xchacha20poly1305_ietf_messagebytes_max","_crypto_aead_xchacha20poly1305_ietf_npubbytes","_crypto_aead_xchacha20poly1305_ietf_nsecbytes","_crypto_auth","_crypto_auth_bytes","_crypto_auth_hmacsha256","_crypto_auth_hmacsha256_bytes","_crypto_auth_hmacsha256_final","_crypto_auth_hmacsha256_init","_crypto_auth_hmacsha256_keybytes","_crypto_auth_hmacsha256_keygen","_crypto_auth_hmacsha256_statebytes","_crypto_auth_hmacsha256_update","_crypto_auth_hmacsha256_verify","_crypto_auth_hmacsha512","_crypto_auth_hmacsha512256","_crypto_auth_hmacsha512256_bytes","_crypto_auth_hmacsha512256_final","_crypto_auth_hmacsha512256_init","_crypto_auth_hmacsha512256_keybytes","_crypto_auth_hmacsha512256_keygen","_crypto_auth_hmacsha512256_statebytes","_crypto_auth_hmacsha512256_update","_crypto_auth_hmacsha512256_verify","_crypto_auth_hmacsha512_bytes","_crypto_auth_hmacsha512_final","_crypto_auth_hmacsha512_init","_crypto_auth_hmacsha512_keybytes","_crypto_auth_hmacsha512_keygen","_crypto_auth_hmacsha512_statebytes","_crypto_auth_hmacsha512_update","_crypto_auth_hmacsha512_verify","_crypto_auth_keybytes","_crypto_auth_keygen","_crypto_auth_primitive","_crypto_auth_verify","_crypto_box","_crypto_box_afternm","_crypto_box_beforenm","_crypto_box_beforenmbytes","_crypto_box_boxzerobytes","_crypto_box_curve25519xchacha20poly1305_beforenm","_crypto_box_curve25519xchacha20poly1305_beforenmbytes","_crypto_box_curve25519xchacha20poly1305_detached","_crypto_box_curve25519xchacha20poly1305_detached_afternm","_crypto_box_curve25519xchacha20poly1305_easy","_crypto_box_curve25519xchacha20poly1305_easy_afternm","_crypto_box_curve25519xchacha20poly1305_keypair","_crypto_box_curve25519xchacha20poly1305_macbytes","_crypto_box_curve25519xchacha20poly1305_messagebytes_max","_crypto_box_curve25519xchacha20poly1305_noncebytes","_crypto_box_curve25519xchacha20poly1305_open_detached","_crypto_box_curve25519xchacha20poly1305_open_detached_afternm","_crypto_box_curve25519xchacha20poly1305_open_easy","_crypto_box_curve25519xchacha20poly1305_open_easy_afternm","_crypto_box_curve25519xchacha20poly1305_publickeybytes","_crypto_box_curve25519xchacha20poly1305_seal","_crypto_box_curve25519xchacha20poly1305_seal_open","_crypto_box_curve25519xchacha20poly1305_sealbytes","_crypto_box_curve25519xchacha20poly1305_secretkeybytes","_crypto_box_curve25519xchacha20poly1305_seed_keypair","_crypto_box_curve25519xchacha20poly1305_seedbytes","_crypto_box_curve25519xsalsa20poly1305","_crypto_box_curve25519xsalsa20poly1305_afternm","_crypto_box_curve25519xsalsa20poly1305_beforenm","_crypto_box_curve25519xsalsa20poly1305_beforenmbytes","_crypto_box_curve25519xsalsa20poly1305_boxzerobytes","_crypto_box_curve25519xsalsa20poly1305_keypair","_crypto_box_curve25519xsalsa20poly1305_macbytes","_crypto_box_curve25519xsalsa20poly1305_messagebytes_max","_crypto_box_curve25519xsalsa20poly1305_noncebytes","_crypto_box_curve25519xsalsa20poly1305_open","_crypto_box_curve25519xsalsa20poly1305_open_afternm","_crypto_box_curve25519xsalsa20poly1305_publickeybytes","_crypto_box_curve25519xsalsa20poly1305_secretkeybytes","_crypto_box_curve25519xsalsa20poly1305_seed_keypair","_crypto_box_curve25519xsalsa20poly1305_seedbytes","_crypto_box_curve25519xsalsa20poly1305_zerobytes","_crypto_box_detached","_crypto_box_detached_afternm","_crypto_box_easy","_crypto_box_easy_afternm","_crypto_box_keypair","_crypto_box_macbytes","_crypto_box_messagebytes_max","_crypto_box_noncebytes","_crypto_box_open","_crypto_box_open_afternm","_crypto_box_open_detached","_crypto_box_open_detached_afternm","_crypto_box_open_easy","_crypto_box_open_easy_afternm","_crypto_box_primitive","_crypto_box_publickeybytes","_crypto_box_seal","_crypto_box_seal_open","_crypto_box_sealbytes","_crypto_box_secretkeybytes","_crypto_box_seed_keypair","_crypto_box_seedbytes","_crypto_box_zerobytes","_crypto_core_ed25519_add","_crypto_core_ed25519_bytes","_crypto_core_ed25519_from_uniform","_crypto_core_ed25519_hashbytes","_crypto_core_ed25519_is_valid_point","_crypto_core_ed25519_nonreducedscalarbytes","_crypto_core_ed25519_random","_crypto_core_ed25519_scalar_add","_crypto_core_ed25519_scalar_complement","_crypto_core_ed25519_scalar_invert","_crypto_core_ed25519_scalar_mul","_crypto_core_ed25519_scalar_negate","_crypto_core_ed25519_scalar_random","_crypto_core_ed25519_scalar_reduce","_crypto_core_ed25519_scalar_sub","_crypto_core_ed25519_scalarbytes","_crypto_core_ed25519_sub","_crypto_core_ed25519_uniformbytes","_crypto_core_hchacha20","_crypto_core_hchacha20_constbytes","_crypto_core_hchacha20_inputbytes","_crypto_core_hchacha20_keybytes","_crypto_core_hchacha20_outputbytes","_crypto_core_hsalsa20","_crypto_core_hsalsa20_constbytes","_crypto_core_hsalsa20_inputbytes","_crypto_core_hsalsa20_keybytes","_crypto_core_hsalsa20_outputbytes","_crypto_core_ristretto255_add","_crypto_core_ristretto255_bytes","_crypto_core_ristretto255_from_hash","_crypto_core_ristretto255_hashbytes","_crypto_core_ristretto255_is_valid_point","_crypto_core_ristretto255_nonreducedscalarbytes","_crypto_core_ristretto255_random","_crypto_core_ristretto255_scalar_add","_crypto_core_ristretto255_scalar_complement","_crypto_core_ristretto255_scalar_invert","_crypto_core_ristretto255_scalar_mul","_crypto_core_ristretto255_scalar_negate","_crypto_core_ristretto255_scalar_random","_crypto_core_ristretto255_scalar_reduce","_crypto_core_ristretto255_scalar_sub","_crypto_core_ristretto255_scalarbytes","_crypto_core_ristretto255_sub","_crypto_core_salsa20","_crypto_core_salsa2012","_crypto_core_salsa2012_constbytes","_crypto_core_salsa2012_inputbytes","_crypto_core_salsa2012_keybytes","_crypto_core_salsa2012_outputbytes","_crypto_core_salsa208","_crypto_core_salsa208_constbytes","_crypto_core_salsa208_inputbytes","_crypto_core_salsa208_keybytes","_crypto_core_salsa208_outputbytes","_crypto_core_salsa20_constbytes","_crypto_core_salsa20_inputbytes","_crypto_core_salsa20_keybytes","_crypto_core_salsa20_outputbytes","_crypto_generichash","_crypto_generichash_blake2b","_crypto_generichash_blake2b_bytes","_crypto_generichash_blake2b_bytes_max","_crypto_generichash_blake2b_bytes_min","_crypto_generichash_blake2b_final","_crypto_generichash_blake2b_init","_crypto_generichash_blake2b_init_salt_personal","_crypto_generichash_blake2b_keybytes","_crypto_generichash_blake2b_keybytes_max","_crypto_generichash_blake2b_keybytes_min","_crypto_generichash_blake2b_keygen","_crypto_generichash_blake2b_personalbytes","_crypto_generichash_blake2b_salt_personal","_crypto_generichash_blake2b_saltbytes","_crypto_generichash_blake2b_statebytes","_crypto_generichash_blake2b_update","_crypto_generichash_bytes","_crypto_generichash_bytes_max","_crypto_generichash_bytes_min","_crypto_generichash_final","_crypto_generichash_init","_crypto_generichash_keybytes","_crypto_generichash_keybytes_max","_crypto_generichash_keybytes_min","_crypto_generichash_keygen","_crypto_generichash_primitive","_crypto_generichash_statebytes","_crypto_generichash_update","_crypto_hash","_crypto_hash_bytes","_crypto_hash_primitive","_crypto_hash_sha256","_crypto_hash_sha256_bytes","_crypto_hash_sha256_final","_crypto_hash_sha256_init","_crypto_hash_sha256_statebytes","_crypto_hash_sha256_update","_crypto_hash_sha512","_crypto_hash_sha512_bytes","_crypto_hash_sha512_final","_crypto_hash_sha512_init","_crypto_hash_sha512_statebytes","_crypto_hash_sha512_update","_crypto_kdf_blake2b_bytes_max","_crypto_kdf_blake2b_bytes_min","_crypto_kdf_blake2b_contextbytes","_crypto_kdf_blake2b_derive_from_key","_crypto_kdf_blake2b_keybytes","_crypto_kdf_bytes_max","_crypto_kdf_bytes_min","_crypto_kdf_contextbytes","_crypto_kdf_derive_from_key","_crypto_kdf_hkdf_sha256_bytes_max","_crypto_kdf_hkdf_sha256_bytes_min","_crypto_kdf_hkdf_sha256_expand","_crypto_kdf_hkdf_sha256_extract","_crypto_kdf_hkdf_sha256_extract_final","_crypto_kdf_hkdf_sha256_extract_init","_crypto_kdf_hkdf_sha256_extract_update","_crypto_kdf_hkdf_sha256_keybytes","_crypto_kdf_hkdf_sha256_keygen","_crypto_kdf_hkdf_sha256_statebytes","_crypto_kdf_hkdf_sha512_bytes_max","_crypto_kdf_hkdf_sha512_bytes_min","_crypto_kdf_hkdf_sha512_expand","_crypto_kdf_hkdf_sha512_extract","_crypto_kdf_hkdf_sha512_extract_final","_crypto_kdf_hkdf_sha512_extract_init","_crypto_kdf_hkdf_sha512_extract_update","_crypto_kdf_hkdf_sha512_keybytes","_crypto_kdf_hkdf_sha512_keygen","_crypto_kdf_hkdf_sha512_statebytes","_crypto_kdf_keybytes","_crypto_kdf_keygen","_crypto_kdf_primitive","_crypto_kx_client_session_keys","_crypto_kx_keypair","_crypto_kx_primitive","_crypto_kx_publickeybytes","_crypto_kx_secretkeybytes","_crypto_kx_seed_keypair","_crypto_kx_seedbytes","_crypto_kx_server_session_keys","_crypto_kx_sessionkeybytes","_crypto_onetimeauth","_crypto_onetimeauth_bytes","_crypto_onetimeauth_final","_crypto_onetimeauth_init","_crypto_onetimeauth_keybytes","_crypto_onetimeauth_keygen","_crypto_onetimeauth_poly1305","_crypto_onetimeauth_poly1305_bytes","_crypto_onetimeauth_poly1305_final","_crypto_onetimeauth_poly1305_init","_crypto_onetimeauth_poly1305_keybytes","_crypto_onetimeauth_poly1305_keygen","_crypto_onetimeauth_poly1305_statebytes","_crypto_onetimeauth_poly1305_update","_crypto_onetimeauth_poly1305_verify","_crypto_onetimeauth_primitive","_crypto_onetimeauth_statebytes","_crypto_onetimeauth_update","_crypto_onetimeauth_verify","_crypto_pwhash","_crypto_pwhash_alg_argon2i13","_crypto_pwhash_alg_argon2id13","_crypto_pwhash_alg_default","_crypto_pwhash_argon2i","_crypto_pwhash_argon2i_alg_argon2i13","_crypto_pwhash_argon2i_bytes_max","_crypto_pwhash_argon2i_bytes_min","_crypto_pwhash_argon2i_memlimit_interactive","_crypto_pwhash_argon2i_memlimit_max","_crypto_pwhash_argon2i_memlimit_min","_crypto_pwhash_argon2i_memlimit_moderate","_crypto_pwhash_argon2i_memlimit_sensitive","_crypto_pwhash_argon2i_opslimit_interactive","_crypto_pwhash_argon2i_opslimit_max","_crypto_pwhash_argon2i_opslimit_min","_crypto_pwhash_argon2i_opslimit_moderate","_crypto_pwhash_argon2i_opslimit_sensitive","_crypto_pwhash_argon2i_passwd_max","_crypto_pwhash_argon2i_passwd_min","_crypto_pwhash_argon2i_saltbytes","_crypto_pwhash_argon2i_str","_crypto_pwhash_argon2i_str_needs_rehash","_crypto_pwhash_argon2i_str_verify","_crypto_pwhash_argon2i_strbytes","_crypto_pwhash_argon2i_strprefix","_crypto_pwhash_argon2id","_crypto_pwhash_argon2id_alg_argon2id13","_crypto_pwhash_argon2id_bytes_max","_crypto_pwhash_argon2id_bytes_min","_crypto_pwhash_argon2id_memlimit_interactive","_crypto_pwhash_argon2id_memlimit_max","_crypto_pwhash_argon2id_memlimit_min","_crypto_pwhash_argon2id_memlimit_moderate","_crypto_pwhash_argon2id_memlimit_sensitive","_crypto_pwhash_argon2id_opslimit_interactive","_crypto_pwhash_argon2id_opslimit_max","_crypto_pwhash_argon2id_opslimit_min","_crypto_pwhash_argon2id_opslimit_moderate","_crypto_pwhash_argon2id_opslimit_sensitive","_crypto_pwhash_argon2id_passwd_max","_crypto_pwhash_argon2id_passwd_min","_crypto_pwhash_argon2id_saltbytes","_crypto_pwhash_argon2id_str","_crypto_pwhash_argon2id_str_needs_rehash","_crypto_pwhash_argon2id_str_verify","_crypto_pwhash_argon2id_strbytes","_crypto_pwhash_argon2id_strprefix","_crypto_pwhash_bytes_max","_crypto_pwhash_bytes_min","_crypto_pwhash_memlimit_interactive","_crypto_pwhash_memlimit_max","_crypto_pwhash_memlimit_min","_crypto_pwhash_memlimit_moderate","_crypto_pwhash_memlimit_sensitive","_crypto_pwhash_opslimit_interactive","_crypto_pwhash_opslimit_max","_crypto_pwhash_opslimit_min","_crypto_pwhash_opslimit_moderate","_crypto_pwhash_opslimit_sensitive","_crypto_pwhash_passwd_max","_crypto_pwhash_passwd_min","_crypto_pwhash_primitive","_crypto_pwhash_saltbytes","_crypto_pwhash_scryptsalsa208sha256","_crypto_pwhash_scryptsalsa208sha256_bytes_max","_crypto_pwhash_scryptsalsa208sha256_bytes_min","_crypto_pwhash_scryptsalsa208sha256_ll","_crypto_pwhash_scryptsalsa208sha256_memlimit_interactive","_crypto_pwhash_scryptsalsa208sha256_memlimit_max","_crypto_pwhash_scryptsalsa208sha256_memlimit_min","_crypto_pwhash_scryptsalsa208sha256_memlimit_sensitive","_crypto_pwhash_scryptsalsa208sha256_opslimit_interactive","_crypto_pwhash_scryptsalsa208sha256_opslimit_max","_crypto_pwhash_scryptsalsa208sha256_opslimit_min","_crypto_pwhash_scryptsalsa208sha256_opslimit_sensitive","_crypto_pwhash_scryptsalsa208sha256_passwd_max","_crypto_pwhash_scryptsalsa208sha256_passwd_min","_crypto_pwhash_scryptsalsa208sha256_saltbytes","_crypto_pwhash_scryptsalsa208sha256_str","_crypto_pwhash_scryptsalsa208sha256_str_needs_rehash","_crypto_pwhash_scryptsalsa208sha256_str_verify","_crypto_pwhash_scryptsalsa208sha256_strbytes","_crypto_pwhash_scryptsalsa208sha256_strprefix","_crypto_pwhash_str","_crypto_pwhash_str_alg","_crypto_pwhash_str_needs_rehash","_crypto_pwhash_str_verify","_crypto_pwhash_strbytes","_crypto_pwhash_strprefix","_crypto_scalarmult","_crypto_scalarmult_base","_crypto_scalarmult_bytes","_crypto_scalarmult_curve25519","_crypto_scalarmult_curve25519_base","_crypto_scalarmult_curve25519_bytes","_crypto_scalarmult_curve25519_scalarbytes","_crypto_scalarmult_ed25519","_crypto_scalarmult_ed25519_base","_crypto_scalarmult_ed25519_base_noclamp","_crypto_scalarmult_ed25519_bytes","_crypto_scalarmult_ed25519_noclamp","_crypto_scalarmult_ed25519_scalarbytes","_crypto_scalarmult_primitive","_crypto_scalarmult_ristretto255","_crypto_scalarmult_ristretto255_base","_crypto_scalarmult_ristretto255_bytes","_crypto_scalarmult_ristretto255_scalarbytes","_crypto_scalarmult_scalarbytes","_crypto_secretbox","_crypto_secretbox_boxzerobytes","_crypto_secretbox_detached","_crypto_secretbox_easy","_crypto_secretbox_keybytes","_crypto_secretbox_keygen","_crypto_secretbox_macbytes","_crypto_secretbox_messagebytes_max","_crypto_secretbox_noncebytes","_crypto_secretbox_open","_crypto_secretbox_open_detached","_crypto_secretbox_open_easy","_crypto_secretbox_primitive","_crypto_secretbox_xchacha20poly1305_detached","_crypto_secretbox_xchacha20poly1305_easy","_crypto_secretbox_xchacha20poly1305_keybytes","_crypto_secretbox_xchacha20poly1305_macbytes","_crypto_secretbox_xchacha20poly1305_messagebytes_max","_crypto_secretbox_xchacha20poly1305_noncebytes","_crypto_secretbox_xchacha20poly1305_open_detached","_crypto_secretbox_xchacha20poly1305_open_easy","_crypto_secretbox_xsalsa20poly1305","_crypto_secretbox_xsalsa20poly1305_boxzerobytes","_crypto_secretbox_xsalsa20poly1305_keybytes","_crypto_secretbox_xsalsa20poly1305_keygen","_crypto_secretbox_xsalsa20poly1305_macbytes","_crypto_secretbox_xsalsa20poly1305_messagebytes_max","_crypto_secretbox_xsalsa20poly1305_noncebytes","_crypto_secretbox_xsalsa20poly1305_open","_crypto_secretbox_xsalsa20poly1305_zerobytes","_crypto_secretbox_zerobytes","_crypto_secretstream_xchacha20poly1305_abytes","_crypto_secretstream_xchacha20poly1305_headerbytes","_crypto_secretstream_xchacha20poly1305_init_pull","_crypto_secretstream_xchacha20poly1305_init_push","_crypto_secretstream_xchacha20poly1305_keybytes","_crypto_secretstream_xchacha20poly1305_keygen","_crypto_secretstream_xchacha20poly1305_messagebytes_max","_crypto_secretstream_xchacha20poly1305_pull","_crypto_secretstream_xchacha20poly1305_push","_crypto_secretstream_xchacha20poly1305_rekey","_crypto_secretstream_xchacha20poly1305_statebytes","_crypto_secretstream_xchacha20poly1305_tag_final","_crypto_secretstream_xchacha20poly1305_tag_message","_crypto_secretstream_xchacha20poly1305_tag_push","_crypto_secretstream_xchacha20poly1305_tag_rekey","_crypto_shorthash","_crypto_shorthash_bytes","_crypto_shorthash_keybytes","_crypto_shorthash_keygen","_crypto_shorthash_primitive","_crypto_shorthash_siphash24","_crypto_shorthash_siphash24_bytes","_crypto_shorthash_siphash24_keybytes","_crypto_shorthash_siphashx24","_crypto_shorthash_siphashx24_bytes","_crypto_shorthash_siphashx24_keybytes","_crypto_sign","_crypto_sign_bytes","_crypto_sign_detached","_crypto_sign_ed25519","_crypto_sign_ed25519_bytes","_crypto_sign_ed25519_detached","_crypto_sign_ed25519_keypair","_crypto_sign_ed25519_messagebytes_max","_crypto_sign_ed25519_open","_crypto_sign_ed25519_pk_to_curve25519","_crypto_sign_ed25519_publickeybytes","_crypto_sign_ed25519_secretkeybytes","_crypto_sign_ed25519_seed_keypair","_crypto_sign_ed25519_seedbytes","_crypto_sign_ed25519_sk_to_curve25519","_crypto_sign_ed25519_sk_to_pk","_crypto_sign_ed25519_sk_to_seed","_crypto_sign_ed25519_verify_detached","_crypto_sign_ed25519ph_final_create","_crypto_sign_ed25519ph_final_verify","_crypto_sign_ed25519ph_init","_crypto_sign_ed25519ph_statebytes","_crypto_sign_ed25519ph_update","_crypto_sign_final_create","_crypto_sign_final_verify","_crypto_sign_init","_crypto_sign_keypair","_crypto_sign_messagebytes_max","_crypto_sign_open","_crypto_sign_primitive","_crypto_sign_publickeybytes","_crypto_sign_secretkeybytes","_crypto_sign_seed_keypair","_crypto_sign_seedbytes","_crypto_sign_statebytes","_crypto_sign_update","_crypto_sign_verify_detached","_crypto_stream","_crypto_stream_chacha20","_crypto_stream_chacha20_ietf","_crypto_stream_chacha20_ietf_keybytes","_crypto_stream_chacha20_ietf_keygen","_crypto_stream_chacha20_ietf_messagebytes_max","_crypto_stream_chacha20_ietf_noncebytes","_crypto_stream_chacha20_ietf_xor","_crypto_stream_chacha20_ietf_xor_ic","_crypto_stream_chacha20_keybytes","_crypto_stream_chacha20_keygen","_crypto_stream_chacha20_messagebytes_max","_crypto_stream_chacha20_noncebytes","_crypto_stream_chacha20_xor","_crypto_stream_chacha20_xor_ic","_crypto_stream_keybytes","_crypto_stream_keygen","_crypto_stream_messagebytes_max","_crypto_stream_noncebytes","_crypto_stream_primitive","_crypto_stream_salsa20","_crypto_stream_salsa2012","_crypto_stream_salsa2012_keybytes","_crypto_stream_salsa2012_keygen","_crypto_stream_salsa2012_messagebytes_max","_crypto_stream_salsa2012_noncebytes","_crypto_stream_salsa2012_xor","_crypto_stream_salsa208","_crypto_stream_salsa208_keybytes","_crypto_stream_salsa208_keygen","_crypto_stream_salsa208_messagebytes_max","_crypto_stream_salsa208_noncebytes","_crypto_stream_salsa208_xor","_crypto_stream_salsa20_keybytes","_crypto_stream_salsa20_keygen","_crypto_stream_salsa20_messagebytes_max","_crypto_stream_salsa20_noncebytes","_crypto_stream_salsa20_xor","_crypto_stream_salsa20_xor_ic","_crypto_stream_xchacha20","_crypto_stream_xchacha20_keybytes","_crypto_stream_xchacha20_keygen","_crypto_stream_xchacha20_messagebytes_max","_crypto_stream_xchacha20_noncebytes","_crypto_stream_xchacha20_xor","_crypto_stream_xchacha20_xor_ic","_crypto_stream_xor","_crypto_stream_xsalsa20","_crypto_stream_xsalsa20_keybytes","_crypto_stream_xsalsa20_keygen","_crypto_stream_xsalsa20_messagebytes_max","_crypto_stream_xsalsa20_noncebytes","_crypto_stream_xsalsa20_xor","_crypto_stream_xsalsa20_xor_ic","_crypto_verify_16","_crypto_verify_16_bytes","_crypto_verify_32","_crypto_verify_32_bytes","_crypto_verify_64","_crypto_verify_64_bytes","_randombytes","_randombytes_buf","_randombytes_buf_deterministic","_randombytes_close","_randombytes_implementation_name","_randombytes_random","_randombytes_seedbytes","_randombytes_stir","_randombytes_uniform","_sodium_base642bin","_sodium_base64_encoded_len","_sodium_bin2base64","_sodium_bin2hex","_sodium_hex2bin","_sodium_init","_sodium_library_minimal","_sodium_library_version_major","_sodium_library_version_minor","_sodium_pad","_sodium_unpad","_sodium_version_string"]' -export EXPORTED_RUNTIME_METHODS='["UTF8ToString","getValue","setValue"]' +export EXPORTED_FUNCTIONS_STANDARD='["_malloc","_free","_crypto_aead_aegis128l_abytes","_crypto_aead_aegis128l_decrypt","_crypto_aead_aegis128l_decrypt_detached","_crypto_aead_aegis128l_encrypt","_crypto_aead_aegis128l_encrypt_detached","_crypto_aead_aegis128l_keybytes","_crypto_aead_aegis128l_keygen","_crypto_aead_aegis128l_messagebytes_max","_crypto_aead_aegis128l_npubbytes","_crypto_aead_aegis128l_nsecbytes","_crypto_aead_aegis256_abytes","_crypto_aead_aegis256_decrypt","_crypto_aead_aegis256_decrypt_detached","_crypto_aead_aegis256_encrypt","_crypto_aead_aegis256_encrypt_detached","_crypto_aead_aegis256_keybytes","_crypto_aead_aegis256_keygen","_crypto_aead_aegis256_messagebytes_max","_crypto_aead_aegis256_npubbytes","_crypto_aead_aegis256_nsecbytes","_crypto_aead_aes256gcm_is_available","_crypto_aead_chacha20poly1305_abytes","_crypto_aead_chacha20poly1305_decrypt","_crypto_aead_chacha20poly1305_decrypt_detached","_crypto_aead_chacha20poly1305_encrypt","_crypto_aead_chacha20poly1305_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_abytes","_crypto_aead_chacha20poly1305_ietf_decrypt","_crypto_aead_chacha20poly1305_ietf_decrypt_detached","_crypto_aead_chacha20poly1305_ietf_encrypt","_crypto_aead_chacha20poly1305_ietf_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_keybytes","_crypto_aead_chacha20poly1305_ietf_keygen","_crypto_aead_chacha20poly1305_ietf_messagebytes_max","_crypto_aead_chacha20poly1305_ietf_npubbytes","_crypto_aead_chacha20poly1305_ietf_nsecbytes","_crypto_aead_chacha20poly1305_keybytes","_crypto_aead_chacha20poly1305_keygen","_crypto_aead_chacha20poly1305_messagebytes_max","_crypto_aead_chacha20poly1305_npubbytes","_crypto_aead_chacha20poly1305_nsecbytes","_crypto_aead_xchacha20poly1305_ietf_abytes","_crypto_aead_xchacha20poly1305_ietf_decrypt","_crypto_aead_xchacha20poly1305_ietf_decrypt_detached","_crypto_aead_xchacha20poly1305_ietf_encrypt","_crypto_aead_xchacha20poly1305_ietf_encrypt_detached","_crypto_aead_xchacha20poly1305_ietf_keybytes","_crypto_aead_xchacha20poly1305_ietf_keygen","_crypto_aead_xchacha20poly1305_ietf_messagebytes_max","_crypto_aead_xchacha20poly1305_ietf_npubbytes","_crypto_aead_xchacha20poly1305_ietf_nsecbytes","_crypto_auth","_crypto_auth_bytes","_crypto_auth_keybytes","_crypto_auth_keygen","_crypto_auth_verify","_crypto_box_beforenm","_crypto_box_beforenmbytes","_crypto_box_detached","_crypto_box_detached_afternm","_crypto_box_easy","_crypto_box_easy_afternm","_crypto_box_keypair","_crypto_box_macbytes","_crypto_box_messagebytes_max","_crypto_box_noncebytes","_crypto_box_open_detached","_crypto_box_open_detached_afternm","_crypto_box_open_easy","_crypto_box_open_easy_afternm","_crypto_box_publickeybytes","_crypto_box_seal","_crypto_box_seal_open","_crypto_box_sealbytes","_crypto_box_secretkeybytes","_crypto_box_seed_keypair","_crypto_box_seedbytes","_crypto_generichash","_crypto_generichash_bytes","_crypto_generichash_bytes_max","_crypto_generichash_bytes_min","_crypto_generichash_final","_crypto_generichash_init","_crypto_generichash_keybytes","_crypto_generichash_keybytes_max","_crypto_generichash_keybytes_min","_crypto_generichash_keygen","_crypto_generichash_statebytes","_crypto_generichash_update","_crypto_hash","_crypto_hash_bytes","_crypto_kdf_bytes_max","_crypto_kdf_bytes_min","_crypto_kdf_contextbytes","_crypto_kdf_derive_from_key","_crypto_kdf_hkdf_sha256_bytes_max","_crypto_kdf_hkdf_sha256_bytes_min","_crypto_kdf_hkdf_sha256_expand","_crypto_kdf_hkdf_sha256_extract","_crypto_kdf_hkdf_sha256_extract_final","_crypto_kdf_hkdf_sha256_extract_init","_crypto_kdf_hkdf_sha256_extract_update","_crypto_kdf_hkdf_sha256_keybytes","_crypto_kdf_hkdf_sha256_keygen","_crypto_kdf_hkdf_sha256_statebytes","_crypto_kdf_hkdf_sha512_bytes_max","_crypto_kdf_hkdf_sha512_bytes_min","_crypto_kdf_hkdf_sha512_expand","_crypto_kdf_hkdf_sha512_extract","_crypto_kdf_hkdf_sha512_extract_final","_crypto_kdf_hkdf_sha512_extract_init","_crypto_kdf_hkdf_sha512_extract_update","_crypto_kdf_hkdf_sha512_keybytes","_crypto_kdf_hkdf_sha512_keygen","_crypto_kdf_hkdf_sha512_statebytes","_crypto_kdf_keybytes","_crypto_kdf_keygen","_crypto_kx_client_session_keys","_crypto_kx_keypair","_crypto_kx_publickeybytes","_crypto_kx_secretkeybytes","_crypto_kx_seed_keypair","_crypto_kx_seedbytes","_crypto_kx_server_session_keys","_crypto_kx_sessionkeybytes","_crypto_scalarmult","_crypto_scalarmult_base","_crypto_scalarmult_bytes","_crypto_scalarmult_scalarbytes","_crypto_secretbox_detached","_crypto_secretbox_easy","_crypto_secretbox_keybytes","_crypto_secretbox_keygen","_crypto_secretbox_macbytes","_crypto_secretbox_messagebytes_max","_crypto_secretbox_noncebytes","_crypto_secretbox_open_detached","_crypto_secretbox_open_easy","_crypto_secretstream_xchacha20poly1305_abytes","_crypto_secretstream_xchacha20poly1305_headerbytes","_crypto_secretstream_xchacha20poly1305_init_pull","_crypto_secretstream_xchacha20poly1305_init_push","_crypto_secretstream_xchacha20poly1305_keybytes","_crypto_secretstream_xchacha20poly1305_keygen","_crypto_secretstream_xchacha20poly1305_messagebytes_max","_crypto_secretstream_xchacha20poly1305_pull","_crypto_secretstream_xchacha20poly1305_push","_crypto_secretstream_xchacha20poly1305_rekey","_crypto_secretstream_xchacha20poly1305_statebytes","_crypto_secretstream_xchacha20poly1305_tag_final","_crypto_secretstream_xchacha20poly1305_tag_message","_crypto_secretstream_xchacha20poly1305_tag_push","_crypto_secretstream_xchacha20poly1305_tag_rekey","_crypto_shorthash","_crypto_shorthash_bytes","_crypto_shorthash_keybytes","_crypto_shorthash_keygen","_crypto_sign","_crypto_sign_bytes","_crypto_sign_detached","_crypto_sign_ed25519_pk_to_curve25519","_crypto_sign_ed25519_sk_to_curve25519","_crypto_sign_final_create","_crypto_sign_final_verify","_crypto_sign_init","_crypto_sign_keypair","_crypto_sign_messagebytes_max","_crypto_sign_open","_crypto_sign_publickeybytes","_crypto_sign_secretkeybytes","_crypto_sign_seed_keypair","_crypto_sign_seedbytes","_crypto_sign_statebytes","_crypto_sign_update","_crypto_sign_verify_detached","_randombytes","_randombytes_buf","_randombytes_buf_deterministic","_randombytes_close","_randombytes_random","_randombytes_seedbytes","_randombytes_stir","_randombytes_uniform","_sodium_base64_encoded_len","_sodium_base642bin","_sodium_bin2base64","_sodium_bin2hex","_sodium_hex2bin","_sodium_init","_sodium_library_minimal","_sodium_library_version_major","_sodium_library_version_minor","_sodium_pad","_sodium_unpad","_sodium_version_string"]' +export EXPORTED_FUNCTIONS_SUMO='["_malloc","_free","_crypto_aead_aegis128l_abytes","_crypto_aead_aegis128l_decrypt","_crypto_aead_aegis128l_decrypt_detached","_crypto_aead_aegis128l_encrypt","_crypto_aead_aegis128l_encrypt_detached","_crypto_aead_aegis128l_keybytes","_crypto_aead_aegis128l_keygen","_crypto_aead_aegis128l_messagebytes_max","_crypto_aead_aegis128l_npubbytes","_crypto_aead_aegis128l_nsecbytes","_crypto_aead_aegis256_abytes","_crypto_aead_aegis256_decrypt","_crypto_aead_aegis256_decrypt_detached","_crypto_aead_aegis256_encrypt","_crypto_aead_aegis256_encrypt_detached","_crypto_aead_aegis256_keybytes","_crypto_aead_aegis256_keygen","_crypto_aead_aegis256_messagebytes_max","_crypto_aead_aegis256_npubbytes","_crypto_aead_aegis256_nsecbytes","_crypto_aead_aes256gcm_is_available","_crypto_aead_chacha20poly1305_abytes","_crypto_aead_chacha20poly1305_decrypt","_crypto_aead_chacha20poly1305_decrypt_detached","_crypto_aead_chacha20poly1305_encrypt","_crypto_aead_chacha20poly1305_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_abytes","_crypto_aead_chacha20poly1305_ietf_decrypt","_crypto_aead_chacha20poly1305_ietf_decrypt_detached","_crypto_aead_chacha20poly1305_ietf_encrypt","_crypto_aead_chacha20poly1305_ietf_encrypt_detached","_crypto_aead_chacha20poly1305_ietf_keybytes","_crypto_aead_chacha20poly1305_ietf_keygen","_crypto_aead_chacha20poly1305_ietf_messagebytes_max","_crypto_aead_chacha20poly1305_ietf_npubbytes","_crypto_aead_chacha20poly1305_ietf_nsecbytes","_crypto_aead_chacha20poly1305_keybytes","_crypto_aead_chacha20poly1305_keygen","_crypto_aead_chacha20poly1305_messagebytes_max","_crypto_aead_chacha20poly1305_npubbytes","_crypto_aead_chacha20poly1305_nsecbytes","_crypto_aead_xchacha20poly1305_ietf_abytes","_crypto_aead_xchacha20poly1305_ietf_decrypt","_crypto_aead_xchacha20poly1305_ietf_decrypt_detached","_crypto_aead_xchacha20poly1305_ietf_encrypt","_crypto_aead_xchacha20poly1305_ietf_encrypt_detached","_crypto_aead_xchacha20poly1305_ietf_keybytes","_crypto_aead_xchacha20poly1305_ietf_keygen","_crypto_aead_xchacha20poly1305_ietf_messagebytes_max","_crypto_aead_xchacha20poly1305_ietf_npubbytes","_crypto_aead_xchacha20poly1305_ietf_nsecbytes","_crypto_auth","_crypto_auth_bytes","_crypto_auth_hmacsha256","_crypto_auth_hmacsha256_bytes","_crypto_auth_hmacsha256_final","_crypto_auth_hmacsha256_init","_crypto_auth_hmacsha256_keybytes","_crypto_auth_hmacsha256_keygen","_crypto_auth_hmacsha256_statebytes","_crypto_auth_hmacsha256_update","_crypto_auth_hmacsha256_verify","_crypto_auth_hmacsha512","_crypto_auth_hmacsha512_bytes","_crypto_auth_hmacsha512_final","_crypto_auth_hmacsha512_init","_crypto_auth_hmacsha512_keybytes","_crypto_auth_hmacsha512_keygen","_crypto_auth_hmacsha512_statebytes","_crypto_auth_hmacsha512_update","_crypto_auth_hmacsha512_verify","_crypto_auth_hmacsha512256","_crypto_auth_hmacsha512256_bytes","_crypto_auth_hmacsha512256_final","_crypto_auth_hmacsha512256_init","_crypto_auth_hmacsha512256_keybytes","_crypto_auth_hmacsha512256_keygen","_crypto_auth_hmacsha512256_statebytes","_crypto_auth_hmacsha512256_update","_crypto_auth_hmacsha512256_verify","_crypto_auth_keybytes","_crypto_auth_keygen","_crypto_auth_primitive","_crypto_auth_verify","_crypto_box","_crypto_box_afternm","_crypto_box_beforenm","_crypto_box_beforenmbytes","_crypto_box_boxzerobytes","_crypto_box_curve25519xchacha20poly1305_beforenm","_crypto_box_curve25519xchacha20poly1305_beforenmbytes","_crypto_box_curve25519xchacha20poly1305_detached","_crypto_box_curve25519xchacha20poly1305_detached_afternm","_crypto_box_curve25519xchacha20poly1305_easy","_crypto_box_curve25519xchacha20poly1305_easy_afternm","_crypto_box_curve25519xchacha20poly1305_keypair","_crypto_box_curve25519xchacha20poly1305_macbytes","_crypto_box_curve25519xchacha20poly1305_messagebytes_max","_crypto_box_curve25519xchacha20poly1305_noncebytes","_crypto_box_curve25519xchacha20poly1305_open_detached","_crypto_box_curve25519xchacha20poly1305_open_detached_afternm","_crypto_box_curve25519xchacha20poly1305_open_easy","_crypto_box_curve25519xchacha20poly1305_open_easy_afternm","_crypto_box_curve25519xchacha20poly1305_publickeybytes","_crypto_box_curve25519xchacha20poly1305_seal","_crypto_box_curve25519xchacha20poly1305_seal_open","_crypto_box_curve25519xchacha20poly1305_sealbytes","_crypto_box_curve25519xchacha20poly1305_secretkeybytes","_crypto_box_curve25519xchacha20poly1305_seed_keypair","_crypto_box_curve25519xchacha20poly1305_seedbytes","_crypto_box_curve25519xsalsa20poly1305","_crypto_box_curve25519xsalsa20poly1305_afternm","_crypto_box_curve25519xsalsa20poly1305_beforenm","_crypto_box_curve25519xsalsa20poly1305_beforenmbytes","_crypto_box_curve25519xsalsa20poly1305_boxzerobytes","_crypto_box_curve25519xsalsa20poly1305_keypair","_crypto_box_curve25519xsalsa20poly1305_macbytes","_crypto_box_curve25519xsalsa20poly1305_messagebytes_max","_crypto_box_curve25519xsalsa20poly1305_noncebytes","_crypto_box_curve25519xsalsa20poly1305_open","_crypto_box_curve25519xsalsa20poly1305_open_afternm","_crypto_box_curve25519xsalsa20poly1305_publickeybytes","_crypto_box_curve25519xsalsa20poly1305_secretkeybytes","_crypto_box_curve25519xsalsa20poly1305_seed_keypair","_crypto_box_curve25519xsalsa20poly1305_seedbytes","_crypto_box_curve25519xsalsa20poly1305_zerobytes","_crypto_box_detached","_crypto_box_detached_afternm","_crypto_box_easy","_crypto_box_easy_afternm","_crypto_box_keypair","_crypto_box_macbytes","_crypto_box_messagebytes_max","_crypto_box_noncebytes","_crypto_box_open","_crypto_box_open_afternm","_crypto_box_open_detached","_crypto_box_open_detached_afternm","_crypto_box_open_easy","_crypto_box_open_easy_afternm","_crypto_box_primitive","_crypto_box_publickeybytes","_crypto_box_seal","_crypto_box_seal_open","_crypto_box_sealbytes","_crypto_box_secretkeybytes","_crypto_box_seed_keypair","_crypto_box_seedbytes","_crypto_box_zerobytes","_crypto_core_ed25519_add","_crypto_core_ed25519_bytes","_crypto_core_ed25519_from_uniform","_crypto_core_ed25519_hashbytes","_crypto_core_ed25519_is_valid_point","_crypto_core_ed25519_nonreducedscalarbytes","_crypto_core_ed25519_random","_crypto_core_ed25519_scalar_add","_crypto_core_ed25519_scalar_complement","_crypto_core_ed25519_scalar_invert","_crypto_core_ed25519_scalar_mul","_crypto_core_ed25519_scalar_negate","_crypto_core_ed25519_scalar_random","_crypto_core_ed25519_scalar_reduce","_crypto_core_ed25519_scalar_sub","_crypto_core_ed25519_scalarbytes","_crypto_core_ed25519_sub","_crypto_core_ed25519_uniformbytes","_crypto_core_hchacha20","_crypto_core_hchacha20_constbytes","_crypto_core_hchacha20_inputbytes","_crypto_core_hchacha20_keybytes","_crypto_core_hchacha20_outputbytes","_crypto_core_hsalsa20","_crypto_core_hsalsa20_constbytes","_crypto_core_hsalsa20_inputbytes","_crypto_core_hsalsa20_keybytes","_crypto_core_hsalsa20_outputbytes","_crypto_core_ristretto255_add","_crypto_core_ristretto255_bytes","_crypto_core_ristretto255_from_hash","_crypto_core_ristretto255_hashbytes","_crypto_core_ristretto255_is_valid_point","_crypto_core_ristretto255_nonreducedscalarbytes","_crypto_core_ristretto255_random","_crypto_core_ristretto255_scalar_add","_crypto_core_ristretto255_scalar_complement","_crypto_core_ristretto255_scalar_invert","_crypto_core_ristretto255_scalar_mul","_crypto_core_ristretto255_scalar_negate","_crypto_core_ristretto255_scalar_random","_crypto_core_ristretto255_scalar_reduce","_crypto_core_ristretto255_scalar_sub","_crypto_core_ristretto255_scalarbytes","_crypto_core_ristretto255_sub","_crypto_core_salsa20","_crypto_core_salsa20_constbytes","_crypto_core_salsa20_inputbytes","_crypto_core_salsa20_keybytes","_crypto_core_salsa20_outputbytes","_crypto_core_salsa2012","_crypto_core_salsa2012_constbytes","_crypto_core_salsa2012_inputbytes","_crypto_core_salsa2012_keybytes","_crypto_core_salsa2012_outputbytes","_crypto_core_salsa208","_crypto_core_salsa208_constbytes","_crypto_core_salsa208_inputbytes","_crypto_core_salsa208_keybytes","_crypto_core_salsa208_outputbytes","_crypto_generichash","_crypto_generichash_blake2b","_crypto_generichash_blake2b_bytes","_crypto_generichash_blake2b_bytes_max","_crypto_generichash_blake2b_bytes_min","_crypto_generichash_blake2b_final","_crypto_generichash_blake2b_init","_crypto_generichash_blake2b_init_salt_personal","_crypto_generichash_blake2b_keybytes","_crypto_generichash_blake2b_keybytes_max","_crypto_generichash_blake2b_keybytes_min","_crypto_generichash_blake2b_keygen","_crypto_generichash_blake2b_personalbytes","_crypto_generichash_blake2b_salt_personal","_crypto_generichash_blake2b_saltbytes","_crypto_generichash_blake2b_statebytes","_crypto_generichash_blake2b_update","_crypto_generichash_bytes","_crypto_generichash_bytes_max","_crypto_generichash_bytes_min","_crypto_generichash_final","_crypto_generichash_init","_crypto_generichash_keybytes","_crypto_generichash_keybytes_max","_crypto_generichash_keybytes_min","_crypto_generichash_keygen","_crypto_generichash_primitive","_crypto_generichash_statebytes","_crypto_generichash_update","_crypto_hash","_crypto_hash_bytes","_crypto_hash_primitive","_crypto_hash_sha256","_crypto_hash_sha256_bytes","_crypto_hash_sha256_final","_crypto_hash_sha256_init","_crypto_hash_sha256_statebytes","_crypto_hash_sha256_update","_crypto_hash_sha512","_crypto_hash_sha512_bytes","_crypto_hash_sha512_final","_crypto_hash_sha512_init","_crypto_hash_sha512_statebytes","_crypto_hash_sha512_update","_crypto_kdf_blake2b_bytes_max","_crypto_kdf_blake2b_bytes_min","_crypto_kdf_blake2b_contextbytes","_crypto_kdf_blake2b_derive_from_key","_crypto_kdf_blake2b_keybytes","_crypto_kdf_bytes_max","_crypto_kdf_bytes_min","_crypto_kdf_contextbytes","_crypto_kdf_derive_from_key","_crypto_kdf_hkdf_sha256_bytes_max","_crypto_kdf_hkdf_sha256_bytes_min","_crypto_kdf_hkdf_sha256_expand","_crypto_kdf_hkdf_sha256_extract","_crypto_kdf_hkdf_sha256_extract_final","_crypto_kdf_hkdf_sha256_extract_init","_crypto_kdf_hkdf_sha256_extract_update","_crypto_kdf_hkdf_sha256_keybytes","_crypto_kdf_hkdf_sha256_keygen","_crypto_kdf_hkdf_sha256_statebytes","_crypto_kdf_hkdf_sha512_bytes_max","_crypto_kdf_hkdf_sha512_bytes_min","_crypto_kdf_hkdf_sha512_expand","_crypto_kdf_hkdf_sha512_extract","_crypto_kdf_hkdf_sha512_extract_final","_crypto_kdf_hkdf_sha512_extract_init","_crypto_kdf_hkdf_sha512_extract_update","_crypto_kdf_hkdf_sha512_keybytes","_crypto_kdf_hkdf_sha512_keygen","_crypto_kdf_hkdf_sha512_statebytes","_crypto_kdf_keybytes","_crypto_kdf_keygen","_crypto_kdf_primitive","_crypto_kx_client_session_keys","_crypto_kx_keypair","_crypto_kx_primitive","_crypto_kx_publickeybytes","_crypto_kx_secretkeybytes","_crypto_kx_seed_keypair","_crypto_kx_seedbytes","_crypto_kx_server_session_keys","_crypto_kx_sessionkeybytes","_crypto_onetimeauth","_crypto_onetimeauth_bytes","_crypto_onetimeauth_final","_crypto_onetimeauth_init","_crypto_onetimeauth_keybytes","_crypto_onetimeauth_keygen","_crypto_onetimeauth_poly1305","_crypto_onetimeauth_poly1305_bytes","_crypto_onetimeauth_poly1305_final","_crypto_onetimeauth_poly1305_init","_crypto_onetimeauth_poly1305_keybytes","_crypto_onetimeauth_poly1305_keygen","_crypto_onetimeauth_poly1305_statebytes","_crypto_onetimeauth_poly1305_update","_crypto_onetimeauth_poly1305_verify","_crypto_onetimeauth_primitive","_crypto_onetimeauth_statebytes","_crypto_onetimeauth_update","_crypto_onetimeauth_verify","_crypto_pwhash","_crypto_pwhash_alg_argon2i13","_crypto_pwhash_alg_argon2id13","_crypto_pwhash_alg_default","_crypto_pwhash_argon2i","_crypto_pwhash_argon2i_alg_argon2i13","_crypto_pwhash_argon2i_bytes_max","_crypto_pwhash_argon2i_bytes_min","_crypto_pwhash_argon2i_memlimit_interactive","_crypto_pwhash_argon2i_memlimit_max","_crypto_pwhash_argon2i_memlimit_min","_crypto_pwhash_argon2i_memlimit_moderate","_crypto_pwhash_argon2i_memlimit_sensitive","_crypto_pwhash_argon2i_opslimit_interactive","_crypto_pwhash_argon2i_opslimit_max","_crypto_pwhash_argon2i_opslimit_min","_crypto_pwhash_argon2i_opslimit_moderate","_crypto_pwhash_argon2i_opslimit_sensitive","_crypto_pwhash_argon2i_passwd_max","_crypto_pwhash_argon2i_passwd_min","_crypto_pwhash_argon2i_saltbytes","_crypto_pwhash_argon2i_str","_crypto_pwhash_argon2i_str_needs_rehash","_crypto_pwhash_argon2i_str_verify","_crypto_pwhash_argon2i_strbytes","_crypto_pwhash_argon2i_strprefix","_crypto_pwhash_argon2id","_crypto_pwhash_argon2id_alg_argon2id13","_crypto_pwhash_argon2id_bytes_max","_crypto_pwhash_argon2id_bytes_min","_crypto_pwhash_argon2id_memlimit_interactive","_crypto_pwhash_argon2id_memlimit_max","_crypto_pwhash_argon2id_memlimit_min","_crypto_pwhash_argon2id_memlimit_moderate","_crypto_pwhash_argon2id_memlimit_sensitive","_crypto_pwhash_argon2id_opslimit_interactive","_crypto_pwhash_argon2id_opslimit_max","_crypto_pwhash_argon2id_opslimit_min","_crypto_pwhash_argon2id_opslimit_moderate","_crypto_pwhash_argon2id_opslimit_sensitive","_crypto_pwhash_argon2id_passwd_max","_crypto_pwhash_argon2id_passwd_min","_crypto_pwhash_argon2id_saltbytes","_crypto_pwhash_argon2id_str","_crypto_pwhash_argon2id_str_needs_rehash","_crypto_pwhash_argon2id_str_verify","_crypto_pwhash_argon2id_strbytes","_crypto_pwhash_argon2id_strprefix","_crypto_pwhash_bytes_max","_crypto_pwhash_bytes_min","_crypto_pwhash_memlimit_interactive","_crypto_pwhash_memlimit_max","_crypto_pwhash_memlimit_min","_crypto_pwhash_memlimit_moderate","_crypto_pwhash_memlimit_sensitive","_crypto_pwhash_opslimit_interactive","_crypto_pwhash_opslimit_max","_crypto_pwhash_opslimit_min","_crypto_pwhash_opslimit_moderate","_crypto_pwhash_opslimit_sensitive","_crypto_pwhash_passwd_max","_crypto_pwhash_passwd_min","_crypto_pwhash_primitive","_crypto_pwhash_saltbytes","_crypto_pwhash_scryptsalsa208sha256","_crypto_pwhash_scryptsalsa208sha256_bytes_max","_crypto_pwhash_scryptsalsa208sha256_bytes_min","_crypto_pwhash_scryptsalsa208sha256_ll","_crypto_pwhash_scryptsalsa208sha256_memlimit_interactive","_crypto_pwhash_scryptsalsa208sha256_memlimit_max","_crypto_pwhash_scryptsalsa208sha256_memlimit_min","_crypto_pwhash_scryptsalsa208sha256_memlimit_sensitive","_crypto_pwhash_scryptsalsa208sha256_opslimit_interactive","_crypto_pwhash_scryptsalsa208sha256_opslimit_max","_crypto_pwhash_scryptsalsa208sha256_opslimit_min","_crypto_pwhash_scryptsalsa208sha256_opslimit_sensitive","_crypto_pwhash_scryptsalsa208sha256_passwd_max","_crypto_pwhash_scryptsalsa208sha256_passwd_min","_crypto_pwhash_scryptsalsa208sha256_saltbytes","_crypto_pwhash_scryptsalsa208sha256_str","_crypto_pwhash_scryptsalsa208sha256_str_needs_rehash","_crypto_pwhash_scryptsalsa208sha256_str_verify","_crypto_pwhash_scryptsalsa208sha256_strbytes","_crypto_pwhash_scryptsalsa208sha256_strprefix","_crypto_pwhash_str","_crypto_pwhash_str_alg","_crypto_pwhash_str_needs_rehash","_crypto_pwhash_str_verify","_crypto_pwhash_strbytes","_crypto_pwhash_strprefix","_crypto_scalarmult","_crypto_scalarmult_base","_crypto_scalarmult_bytes","_crypto_scalarmult_curve25519","_crypto_scalarmult_curve25519_base","_crypto_scalarmult_curve25519_bytes","_crypto_scalarmult_curve25519_scalarbytes","_crypto_scalarmult_ed25519","_crypto_scalarmult_ed25519_base","_crypto_scalarmult_ed25519_base_noclamp","_crypto_scalarmult_ed25519_bytes","_crypto_scalarmult_ed25519_noclamp","_crypto_scalarmult_ed25519_scalarbytes","_crypto_scalarmult_primitive","_crypto_scalarmult_ristretto255","_crypto_scalarmult_ristretto255_base","_crypto_scalarmult_ristretto255_bytes","_crypto_scalarmult_ristretto255_scalarbytes","_crypto_scalarmult_scalarbytes","_crypto_secretbox","_crypto_secretbox_boxzerobytes","_crypto_secretbox_detached","_crypto_secretbox_easy","_crypto_secretbox_keybytes","_crypto_secretbox_keygen","_crypto_secretbox_macbytes","_crypto_secretbox_messagebytes_max","_crypto_secretbox_noncebytes","_crypto_secretbox_open","_crypto_secretbox_open_detached","_crypto_secretbox_open_easy","_crypto_secretbox_primitive","_crypto_secretbox_xchacha20poly1305_detached","_crypto_secretbox_xchacha20poly1305_easy","_crypto_secretbox_xchacha20poly1305_keybytes","_crypto_secretbox_xchacha20poly1305_macbytes","_crypto_secretbox_xchacha20poly1305_messagebytes_max","_crypto_secretbox_xchacha20poly1305_noncebytes","_crypto_secretbox_xchacha20poly1305_open_detached","_crypto_secretbox_xchacha20poly1305_open_easy","_crypto_secretbox_xsalsa20poly1305","_crypto_secretbox_xsalsa20poly1305_boxzerobytes","_crypto_secretbox_xsalsa20poly1305_keybytes","_crypto_secretbox_xsalsa20poly1305_keygen","_crypto_secretbox_xsalsa20poly1305_macbytes","_crypto_secretbox_xsalsa20poly1305_messagebytes_max","_crypto_secretbox_xsalsa20poly1305_noncebytes","_crypto_secretbox_xsalsa20poly1305_open","_crypto_secretbox_xsalsa20poly1305_zerobytes","_crypto_secretbox_zerobytes","_crypto_secretstream_xchacha20poly1305_abytes","_crypto_secretstream_xchacha20poly1305_headerbytes","_crypto_secretstream_xchacha20poly1305_init_pull","_crypto_secretstream_xchacha20poly1305_init_push","_crypto_secretstream_xchacha20poly1305_keybytes","_crypto_secretstream_xchacha20poly1305_keygen","_crypto_secretstream_xchacha20poly1305_messagebytes_max","_crypto_secretstream_xchacha20poly1305_pull","_crypto_secretstream_xchacha20poly1305_push","_crypto_secretstream_xchacha20poly1305_rekey","_crypto_secretstream_xchacha20poly1305_statebytes","_crypto_secretstream_xchacha20poly1305_tag_final","_crypto_secretstream_xchacha20poly1305_tag_message","_crypto_secretstream_xchacha20poly1305_tag_push","_crypto_secretstream_xchacha20poly1305_tag_rekey","_crypto_shorthash","_crypto_shorthash_bytes","_crypto_shorthash_keybytes","_crypto_shorthash_keygen","_crypto_shorthash_primitive","_crypto_shorthash_siphash24","_crypto_shorthash_siphash24_bytes","_crypto_shorthash_siphash24_keybytes","_crypto_shorthash_siphashx24","_crypto_shorthash_siphashx24_bytes","_crypto_shorthash_siphashx24_keybytes","_crypto_sign","_crypto_sign_bytes","_crypto_sign_detached","_crypto_sign_ed25519","_crypto_sign_ed25519_bytes","_crypto_sign_ed25519_detached","_crypto_sign_ed25519_keypair","_crypto_sign_ed25519_messagebytes_max","_crypto_sign_ed25519_open","_crypto_sign_ed25519_pk_to_curve25519","_crypto_sign_ed25519_publickeybytes","_crypto_sign_ed25519_secretkeybytes","_crypto_sign_ed25519_seed_keypair","_crypto_sign_ed25519_seedbytes","_crypto_sign_ed25519_sk_to_curve25519","_crypto_sign_ed25519_sk_to_pk","_crypto_sign_ed25519_sk_to_seed","_crypto_sign_ed25519_verify_detached","_crypto_sign_ed25519ph_final_create","_crypto_sign_ed25519ph_final_verify","_crypto_sign_ed25519ph_init","_crypto_sign_ed25519ph_statebytes","_crypto_sign_ed25519ph_update","_crypto_sign_final_create","_crypto_sign_final_verify","_crypto_sign_init","_crypto_sign_keypair","_crypto_sign_messagebytes_max","_crypto_sign_open","_crypto_sign_primitive","_crypto_sign_publickeybytes","_crypto_sign_secretkeybytes","_crypto_sign_seed_keypair","_crypto_sign_seedbytes","_crypto_sign_statebytes","_crypto_sign_update","_crypto_sign_verify_detached","_crypto_stream","_crypto_stream_chacha20","_crypto_stream_chacha20_ietf","_crypto_stream_chacha20_ietf_keybytes","_crypto_stream_chacha20_ietf_keygen","_crypto_stream_chacha20_ietf_messagebytes_max","_crypto_stream_chacha20_ietf_noncebytes","_crypto_stream_chacha20_ietf_xor","_crypto_stream_chacha20_ietf_xor_ic","_crypto_stream_chacha20_keybytes","_crypto_stream_chacha20_keygen","_crypto_stream_chacha20_messagebytes_max","_crypto_stream_chacha20_noncebytes","_crypto_stream_chacha20_xor","_crypto_stream_chacha20_xor_ic","_crypto_stream_keybytes","_crypto_stream_keygen","_crypto_stream_messagebytes_max","_crypto_stream_noncebytes","_crypto_stream_primitive","_crypto_stream_salsa20","_crypto_stream_salsa20_keybytes","_crypto_stream_salsa20_keygen","_crypto_stream_salsa20_messagebytes_max","_crypto_stream_salsa20_noncebytes","_crypto_stream_salsa20_xor","_crypto_stream_salsa20_xor_ic","_crypto_stream_salsa2012","_crypto_stream_salsa2012_keybytes","_crypto_stream_salsa2012_keygen","_crypto_stream_salsa2012_messagebytes_max","_crypto_stream_salsa2012_noncebytes","_crypto_stream_salsa2012_xor","_crypto_stream_salsa208","_crypto_stream_salsa208_keybytes","_crypto_stream_salsa208_keygen","_crypto_stream_salsa208_messagebytes_max","_crypto_stream_salsa208_noncebytes","_crypto_stream_salsa208_xor","_crypto_stream_xchacha20","_crypto_stream_xchacha20_keybytes","_crypto_stream_xchacha20_keygen","_crypto_stream_xchacha20_messagebytes_max","_crypto_stream_xchacha20_noncebytes","_crypto_stream_xchacha20_xor","_crypto_stream_xchacha20_xor_ic","_crypto_stream_xor","_crypto_stream_xsalsa20","_crypto_stream_xsalsa20_keybytes","_crypto_stream_xsalsa20_keygen","_crypto_stream_xsalsa20_messagebytes_max","_crypto_stream_xsalsa20_noncebytes","_crypto_stream_xsalsa20_xor","_crypto_stream_xsalsa20_xor_ic","_crypto_verify_16","_crypto_verify_16_bytes","_crypto_verify_32","_crypto_verify_32_bytes","_crypto_verify_64","_crypto_verify_64_bytes","_randombytes","_randombytes_buf","_randombytes_buf_deterministic","_randombytes_close","_randombytes_implementation_name","_randombytes_random","_randombytes_seedbytes","_randombytes_stir","_randombytes_uniform","_sodium_base64_encoded_len","_sodium_base642bin","_sodium_bin2base64","_sodium_bin2hex","_sodium_hex2bin","_sodium_init","_sodium_library_minimal","_sodium_library_version_major","_sodium_library_version_minor","_sodium_pad","_sodium_unpad","_sodium_version_string"]' +export EXPORTED_RUNTIME_METHODS='["UTF8ToString","getValue","setValue","HEAPU8"]' export JS_RESERVED_MEMORY_STANDARD=16MB export JS_RESERVED_MEMORY_SUMO=48MB export JS_RESERVED_MEMORY_TESTS=16MB export WASM_INITIAL_MEMORY=4MB export LDFLAGS="-s RESERVED_FUNCTION_POINTERS=8" export LDFLAGS="${LDFLAGS} -s ALLOW_MEMORY_GROWTH=1" -export LDFLAGS="${LDFLAGS} -s SINGLE_FILE=1" +export LDFLAGS="${LDFLAGS} -s SINGLE_FILE=1 -s SINGLE_FILE_BINARY_ENCODE=0" export LDFLAGS="${LDFLAGS} -s ASSERTIONS=0" export LDFLAGS="${LDFLAGS} -s AGGRESSIVE_VARIABLE_ELIMINATION=1 -s ALIASING_FUNCTION_POINTERS=1" export LDFLAGS="${LDFLAGS} -s DISABLE_EXCEPTION_CATCHING=1" export LDFLAGS="${LDFLAGS} -s ELIMINATE_DUPLICATE_FUNCTIONS=1" export LDFLAGS="${LDFLAGS} -s NODEJS_CATCH_EXIT=0" export LDFLAGS="${LDFLAGS} -s NODEJS_CATCH_REJECTION=0" +export LDFLAGS="${LDFLAGS} -s WASM_BIGINT=0" echo if [ "$1" = "--standard" ]; then @@ -85,7 +86,17 @@ if [ "$DIST" = yes ]; then emccLibsodium "${PREFIX}/lib/libsodium.asm.tmp.js" -Oz -s WASM=0 $LDFLAGS_JS emccLibsodium "${PREFIX}/lib/libsodium.wasm.tmp.js" -O3 -s WASM=1 -s EVAL_CTORS=1 -s INITIAL_MEMORY=${WASM_INITIAL_MEMORY} - cat >"${PREFIX}/lib/libsodium.js" <<-EOM + # Build the output file by concatenating parts to preserve null bytes + # (command substitution in heredoc strips null bytes from WASM binary) + # + # Structure: + # 1. pre.tmp.js - module header, opens useBackupModule function + # 2. asm.tmp.js - asm.js backup code (INSIDE useBackupModule) + # 3. mid.tmp.js - closes useBackupModule, starts outer scope for WASM + # 4. wasm.tmp.js - real WASM code (OUTSIDE useBackupModule, at Module.ready level) + # 5. end.tmp.js - closes Module.ready promise with fallback + + cat >"${PREFIX}/lib/libsodium.pre.tmp.js" <<'PREJS' var Module; if (typeof Module === 'undefined') { Module = {}; @@ -98,6 +109,31 @@ if [ "$DIST" = yes ]; then root = window; } } + if (typeof Module.getRandomValue === 'undefined') { + try { + var window_ = 'object' === typeof window ? window : self; + var crypto_ = typeof window_.crypto !== 'undefined' ? window_.crypto : window_.msCrypto; + var randomValuesStandard = function() { + var buf = new Uint32Array(1); + crypto_.getRandomValues(buf); + return buf[0] >>> 0; + }; + randomValuesStandard(); + Module.getRandomValue = randomValuesStandard; + } catch (e) { + try { + var crypto = require('crypto'); + var randomValueNodeJS = function() { + var buf = crypto['randomBytes'](4); + return (buf[0] << 24 | buf[1] << 16 | buf[2] << 8 | buf[3]) >>> 0; + }; + randomValueNodeJS(); + Module.getRandomValue = randomValueNodeJS; + } catch (e) { + throw 'No secure random number generator found'; + } + } + } var _Module = Module; Module.ready = new Promise(function(resolve, reject) { var Module = _Module; @@ -121,6 +157,7 @@ if [ "$DIST" = yes ]; then return new Promise(function(resolve, reject) { var Module = {}; Module.onAbort = reject; + Module.getRandomValue = _Module.getRandomValue; Module.onRuntimeInitialized = function() { Object.keys(_Module).forEach(function(k) { @@ -134,41 +171,55 @@ if [ "$DIST" = yes ]; then resolve(); }; - $(sed "s|use asm||g" "${PREFIX}/lib/libsodium.asm.tmp.js") +PREJS + + cat >"${PREFIX}/lib/libsodium.mid.tmp.js" <<'MIDJS' }); }; - $(cat "${PREFIX}/lib/libsodium.wasm.tmp.js") +MIDJS + + cat >"${PREFIX}/lib/libsodium.end.tmp.js" <<'ENDJS' }).catch(function() { return _Module.useBackupModule(); }); -EOM +ENDJS + + # Concatenate all parts, preserving binary content + # Note: asm.js goes inside useBackupModule, wasm.js goes outside at Module.ready level + cat "${PREFIX}/lib/libsodium.pre.tmp.js" > "${PREFIX}/lib/libsodium.js" + sed "s|use asm||g" "${PREFIX}/lib/libsodium.asm.tmp.js" >> "${PREFIX}/lib/libsodium.js" + cat "${PREFIX}/lib/libsodium.mid.tmp.js" >> "${PREFIX}/lib/libsodium.js" + cat "${PREFIX}/lib/libsodium.wasm.tmp.js" >> "${PREFIX}/lib/libsodium.js" + cat "${PREFIX}/lib/libsodium.end.tmp.js" >> "${PREFIX}/lib/libsodium.js" - rm "${PREFIX}/lib/libsodium.asm.tmp.js" "${PREFIX}/lib/libsodium.wasm.tmp.js" + rm "${PREFIX}/lib/libsodium.pre.tmp.js" "${PREFIX}/lib/libsodium.mid.tmp.js" "${PREFIX}/lib/libsodium.end.tmp.js" + + #KEEP rm "${PREFIX}/lib/libsodium.asm.tmp.js" "${PREFIX}/lib/libsodium.wasm.tmp.js" touch -r "${PREFIX}/lib/libsodium.js" "$DONE_FILE" ls -l "${PREFIX}/lib/libsodium.js" exit 0 fi -if test "$NODE" = ""; then +if test "$JS_RUNTIME" = ""; then for candidate in bun nodejs node /usr/local/bin/bun /usr/local/bin/nodejs /usr/local/bin/node; do - case $($candidate --version 2>&1) in #( - v*) - NODE=$candidate + if command -v $candidate >/dev/null; then + JS_RUNTIME=$candidate break - ;; - esac + fi done fi +find test/default -type f -name '*.js' -exec rm -f {} \; + if [ "x$BROWSER_TESTS" != "x" ]; then echo 'Compiling the test suite for web browsers...' && emmake make $MAKE_FLAGS CPPFLAGS="$CPPFLAGS -DBROWSER_TESTS=1" check >/dev/null 2>&1 else - if test "$NODE" = ""; then - echo 'node.js not found - test suite skipped' >&2 + if test "$JS_RUNTIME" = ""; then + echo 'Javascript runtime not found - test suite skipped' >&2 exit 1 fi - echo "Using [${NODE}] as a Javascript runtime" + echo "Using [${JS_RUNTIME}] as a Javascript runtime" echo 'Compiling the test suite...' && emmake make $MAKE_FLAGS check >/dev/null 2>&1 fi @@ -180,7 +231,7 @@ if [ "x$BROWSER_TESTS" != "x" ]; then mkdir -p browser && rm -f browser/tests.txt && for file in *.js; do - grep -Fv "#! /usr/bin/env ${NODE}" "$file" >"browser/${file}" + cp "$file" "browser/${file}" tname=$(echo "$file" | sed 's/.js$//') cp -f "${tname}.exp" "browser/${tname}.exp" sed "s/{{tname}}/${tname}/" index.html.tpl >"browser/${tname}.html" @@ -193,8 +244,8 @@ else ( cd test/default && for file in *.js; do - echo "#! /usr/bin/env ${NODE}" >"${file}.tmp" - grep -Fv "#! /usr/bin/env ${NODE}" "$file" >>"${file}.tmp" + echo "#! /usr/bin/env ${JS_RUNTIME}" >"${file}.tmp" + cat "$file" >> "${file}.tmp" chmod +x "${file}.tmp" mv -f "${file}.tmp" "$file" done
src/libsodium/dist-build/emscripten-symbols.def+21 −24 modified@@ -77,6 +77,14 @@ _crypto_auth_hmacsha256_statebytes 0 1 _crypto_auth_hmacsha256_update 0 1 _crypto_auth_hmacsha256_verify 0 1 _crypto_auth_hmacsha512 0 1 +_crypto_auth_hmacsha512_bytes 0 1 +_crypto_auth_hmacsha512_final 0 1 +_crypto_auth_hmacsha512_init 0 1 +_crypto_auth_hmacsha512_keybytes 0 1 +_crypto_auth_hmacsha512_keygen 0 1 +_crypto_auth_hmacsha512_statebytes 0 1 +_crypto_auth_hmacsha512_update 0 1 +_crypto_auth_hmacsha512_verify 0 1 _crypto_auth_hmacsha512256 0 1 _crypto_auth_hmacsha512256_bytes 0 1 _crypto_auth_hmacsha512256_final 0 1 @@ -86,14 +94,6 @@ _crypto_auth_hmacsha512256_keygen 0 1 _crypto_auth_hmacsha512256_statebytes 0 1 _crypto_auth_hmacsha512256_update 0 1 _crypto_auth_hmacsha512256_verify 0 1 -_crypto_auth_hmacsha512_bytes 0 1 -_crypto_auth_hmacsha512_final 0 1 -_crypto_auth_hmacsha512_init 0 1 -_crypto_auth_hmacsha512_keybytes 0 1 -_crypto_auth_hmacsha512_keygen 0 1 -_crypto_auth_hmacsha512_statebytes 0 1 -_crypto_auth_hmacsha512_update 0 1 -_crypto_auth_hmacsha512_verify 0 1 _crypto_auth_keybytes 1 1 _crypto_auth_keygen 1 1 _crypto_auth_primitive 0 1 @@ -174,7 +174,6 @@ _crypto_core_ed25519_random 0 1 _crypto_core_ed25519_scalar_add 0 1 _crypto_core_ed25519_scalar_complement 0 1 _crypto_core_ed25519_scalar_invert 0 1 -_crypto_core_ed25519_scalar_is_canonical 0 1 _crypto_core_ed25519_scalar_mul 0 1 _crypto_core_ed25519_scalar_negate 0 1 _crypto_core_ed25519_scalar_random 0 1 @@ -203,16 +202,18 @@ _crypto_core_ristretto255_random 0 1 _crypto_core_ristretto255_scalar_add 0 1 _crypto_core_ristretto255_scalar_complement 0 1 _crypto_core_ristretto255_scalar_invert 0 1 -_crypto_core_ristretto255_scalar_is_canonical 0 1 _crypto_core_ristretto255_scalar_mul 0 1 _crypto_core_ristretto255_scalar_negate 0 1 _crypto_core_ristretto255_scalar_random 0 1 _crypto_core_ristretto255_scalar_reduce 0 1 _crypto_core_ristretto255_scalar_sub 0 1 _crypto_core_ristretto255_scalarbytes 0 1 _crypto_core_ristretto255_sub 0 1 -_crypto_core_ristretto255_uniformbytes 0 1 _crypto_core_salsa20 0 1 +_crypto_core_salsa20_constbytes 0 1 +_crypto_core_salsa20_inputbytes 0 1 +_crypto_core_salsa20_keybytes 0 1 +_crypto_core_salsa20_outputbytes 0 1 _crypto_core_salsa2012 0 1 _crypto_core_salsa2012_constbytes 0 1 _crypto_core_salsa2012_inputbytes 0 1 @@ -223,10 +224,6 @@ _crypto_core_salsa208_constbytes 0 1 _crypto_core_salsa208_inputbytes 0 1 _crypto_core_salsa208_keybytes 0 1 _crypto_core_salsa208_outputbytes 0 1 -_crypto_core_salsa20_constbytes 0 1 -_crypto_core_salsa20_inputbytes 0 1 -_crypto_core_salsa20_keybytes 0 1 -_crypto_core_salsa20_outputbytes 0 1 _crypto_generichash 1 1 _crypto_generichash_blake2b 0 1 _crypto_generichash_blake2b_bytes 0 1 @@ -286,20 +283,20 @@ _crypto_kdf_hkdf_sha256_expand 1 1 _crypto_kdf_hkdf_sha256_extract 1 1 _crypto_kdf_hkdf_sha256_extract_final 1 1 _crypto_kdf_hkdf_sha256_extract_init 1 1 -_crypto_kdf_hkdf_sha256_statebytes 1 1 _crypto_kdf_hkdf_sha256_extract_update 1 1 _crypto_kdf_hkdf_sha256_keybytes 1 1 _crypto_kdf_hkdf_sha256_keygen 1 1 +_crypto_kdf_hkdf_sha256_statebytes 1 1 _crypto_kdf_hkdf_sha512_bytes_max 1 1 _crypto_kdf_hkdf_sha512_bytes_min 1 1 _crypto_kdf_hkdf_sha512_expand 1 1 _crypto_kdf_hkdf_sha512_extract 1 1 _crypto_kdf_hkdf_sha512_extract_final 1 1 _crypto_kdf_hkdf_sha512_extract_init 1 1 -_crypto_kdf_hkdf_sha512_statebytes 1 1 _crypto_kdf_hkdf_sha512_extract_update 1 1 _crypto_kdf_hkdf_sha512_keybytes 1 1 _crypto_kdf_hkdf_sha512_keygen 1 1 +_crypto_kdf_hkdf_sha512_statebytes 1 1 _crypto_kdf_keybytes 1 1 _crypto_kdf_keygen 1 1 _crypto_kdf_primitive 0 1 @@ -558,6 +555,12 @@ _crypto_stream_messagebytes_max 0 1 _crypto_stream_noncebytes 0 1 _crypto_stream_primitive 0 1 _crypto_stream_salsa20 0 1 +_crypto_stream_salsa20_keybytes 0 1 +_crypto_stream_salsa20_keygen 0 1 +_crypto_stream_salsa20_messagebytes_max 0 1 +_crypto_stream_salsa20_noncebytes 0 1 +_crypto_stream_salsa20_xor 0 1 +_crypto_stream_salsa20_xor_ic 0 1 _crypto_stream_salsa2012 0 1 _crypto_stream_salsa2012_keybytes 0 1 _crypto_stream_salsa2012_keygen 0 1 @@ -570,12 +573,6 @@ _crypto_stream_salsa208_keygen 0 1 _crypto_stream_salsa208_messagebytes_max 0 1 _crypto_stream_salsa208_noncebytes 0 1 _crypto_stream_salsa208_xor 0 1 -_crypto_stream_salsa20_keybytes 0 1 -_crypto_stream_salsa20_keygen 0 1 -_crypto_stream_salsa20_messagebytes_max 0 1 -_crypto_stream_salsa20_noncebytes 0 1 -_crypto_stream_salsa20_xor 0 1 -_crypto_stream_salsa20_xor_ic 0 1 _crypto_stream_xchacha20 0 1 _crypto_stream_xchacha20_keybytes 0 1 _crypto_stream_xchacha20_keygen 0 1 @@ -609,8 +606,8 @@ _randombytes_stir 1 1 _randombytes_uniform 1 1 _sodium_add 0 0 _sodium_allocarray 0 0 -_sodium_base642bin 1 1 _sodium_base64_encoded_len 1 1 +_sodium_base642bin 1 1 _sodium_bin2base64 1 1 _sodium_bin2hex 1 1 _sodium_compare 0 0
src/libsodium/dist-build/Makefile.in+1 −35 modified@@ -129,10 +129,6 @@ am__can_run_installinfo = \ n|no|NO) false;; \ *) (install-info --version) >/dev/null 2>&1;; \ esac -am__extra_recursive_targets = check-valgrind-recursive \ - check-valgrind-memcheck-recursive \ - check-valgrind-helgrind-recursive check-valgrind-drd-recursive \ - check-valgrind-sgcheck-recursive am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) am__DIST_COMMON = $(srcdir)/Makefile.in DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) @@ -359,11 +355,6 @@ mostlyclean-libtool: clean-libtool: -rm -rf .libs _libs -check-valgrind-local: -check-valgrind-memcheck-local: -check-valgrind-helgrind-local: -check-valgrind-drd-local: -check-valgrind-sgcheck-local: tags TAGS: ctags CTAGS: @@ -438,26 +429,6 @@ distclean-generic: maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -check-valgrind: check-valgrind-am - -check-valgrind-am: check-valgrind-local - -check-valgrind-drd: check-valgrind-drd-am - -check-valgrind-drd-am: check-valgrind-drd-local - -check-valgrind-helgrind: check-valgrind-helgrind-am - -check-valgrind-helgrind-am: check-valgrind-helgrind-local - -check-valgrind-memcheck: check-valgrind-memcheck-am - -check-valgrind-memcheck-am: check-valgrind-memcheck-local - -check-valgrind-sgcheck: check-valgrind-sgcheck-am - -check-valgrind-sgcheck-am: check-valgrind-sgcheck-local - clean: clean-am clean-am: clean-generic clean-libtool mostlyclean-am @@ -526,12 +497,7 @@ uninstall-am: .MAKE: install-am install-strip -.PHONY: all all-am check check-am check-valgrind-am \ - check-valgrind-drd-am check-valgrind-drd-local \ - check-valgrind-helgrind-am check-valgrind-helgrind-local \ - check-valgrind-local check-valgrind-memcheck-am \ - check-valgrind-memcheck-local check-valgrind-sgcheck-am \ - check-valgrind-sgcheck-local clean clean-generic clean-libtool \ +.PHONY: all all-am check check-am clean clean-generic clean-libtool \ cscopelist-am ctags-am distclean distclean-generic \ distclean-libtool distdir dvi dvi-am html html-am info info-am \ install install-am install-data install-data-am install-dvi \
src/libsodium/.github/workflows/ci.yml+32 −2 modified@@ -43,7 +43,7 @@ jobs: - name: Install Zig uses: mlugg/setup-zig@v2 with: - version: 0.15.1 + version: 0.15.2 - name: Autogen run: ./autogen.sh -s @@ -155,6 +155,36 @@ jobs: make -j $(nproc) make clean > /dev/null + wasi: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v6 + + - name: Install Zig + uses: mlugg/setup-zig@v2 + with: + version: master + + - name: Install Wasmer + uses: wasmerio/setup-wasmer@v3.1 + + - name: Build for wasi-core + run: zig build -Dtarget=wasm32-wasi -Doptimize=ReleaseSafe + + - name: Run tests with Wasmer + run: | + cd zig-out/bin + failed=0 + for wasm in *.wasm; do + name="${wasm%.wasm}" + echo "[$name]" + if ! wasmer run "$wasm" --mapdir=./:. 2>&1; then + echo "*** [$name] FAILED" >&2 + failed=1 + fi + done + exit $failed + android: runs-on: ubuntu-latest steps: @@ -172,7 +202,7 @@ jobs: - name: Install Android NDK run: | mkdir /tmp/android && cd /tmp/android - curl -o ndk.zip -L https://dl.google.com/android/repository/android-ndk-r27c-linux.zip + curl -o ndk.zip -L https://dl.google.com/android/repository/android-ndk-r29-linux.zip unzip ndk.zip && rm -f *.zip && mv android-ndk* ndk - name: Android compilation
src/libsodium/.gitignore+24 −22 modified@@ -1,6 +1,13 @@ +!build +.deps +.dirstamp +.done +.DS_Store +.libs +.zig-cache *.bc -*.dSYM *.done +*.dSYM *.final *.gcda *.gcno @@ -16,33 +23,26 @@ *.sdf *.status *.tar.* +*.vs/ *.wasm *.wast *~ -.DS_Store -.deps -.dirstamp -.done -.libs /bin/ /obj/ -Build -INSTALL -Makefile -Makefile.in -Vagrantfile aclocal.m4 android-toolchain android-toolchain-* autom4te.cache build +Build compile confdefs.h config.* configure configure.lineno coverage.info depcomp +INSTALL install-sh libsodium-*.tar.bz2 libsodium-*.tar.gz @@ -66,10 +66,12 @@ libtool ltmain.sh m4/argz.m4 m4/libtool.m4 +m4/lt~obsolete.m4 m4/ltoptions.m4 m4/ltsugar.m4 m4/ltversion.m4 -m4/lt~obsolete.m4 +Makefile +Makefile.in man/*.html man/Makefile.in missing @@ -94,24 +96,24 @@ test/default/auth5 test/default/auth6 test/default/auth7 test/default/box -test/default/box2 -test/default/box7 -test/default/box8 test/default/box_easy test/default/box_easy2 test/default/box_seal test/default/box_seed +test/default/box2 +test/default/box7 +test/default/box8 test/default/browser test/default/chacha20 test/default/codecs +test/default/core_ed25519 +test/default/core_ristretto255 test/default/core1 test/default/core2 test/default/core3 test/default/core4 test/default/core5 test/default/core6 -test/default/core_ed25519 -test/default/core_ristretto255 test/default/ed25519_convert test/default/generichash test/default/generichash2 @@ -133,19 +135,19 @@ test/default/pwhash_scrypt test/default/pwhash_scrypt_ll test/default/randombytes test/default/scalarmult +test/default/scalarmult_ed25519 +test/default/scalarmult_ristretto255 test/default/scalarmult2 test/default/scalarmult5 test/default/scalarmult6 test/default/scalarmult7 test/default/scalarmult8 -test/default/scalarmult_ed25519 -test/default/scalarmult_ristretto255 test/default/secretbox +test/default/secretbox_easy +test/default/secretbox_easy2 test/default/secretbox2 test/default/secretbox7 test/default/secretbox8 -test/default/secretbox_easy -test/default/secretbox_easy2 test/default/secretstream_xchacha20poly1305 test/default/shorthash test/default/sign @@ -163,6 +165,6 @@ test/default/verify1 test/default/xchacha20 test/js.done testing -.zig-cache +Vagrantfile zig-cache zig-out
src/libsodium/LICENSE+1 −1 modified@@ -1,7 +1,7 @@ /* * ISC License * - * Copyright (c) 2013-2025 + * Copyright (c) 2013-2026 * Frank Denis <j at pureftpd dot org> * * Permission to use, copy, modify, and/or distribute this software for any
src/libsodium/m4/ax_valgrind_check.m4+25 −23 modified@@ -36,19 +36,21 @@ # AX_VALGRIND_DFLT([sgcheck], [off]) # AX_VALGRIND_CHECK # -# in each Makefile.am with tests: +# Makefile.am: # # @VALGRIND_CHECK_RULES@ # VALGRIND_SUPPRESSIONS_FILES = my-project.supp # EXTRA_DIST = my-project.supp # -# This results in a "check-valgrind" rule being added. Running `make -# check-valgrind` in that directory will recursively run the module's test -# suite (`make check`) once for each of the available Valgrind tools (out -# of memcheck, helgrind and drd) while the sgcheck will be skipped unless -# enabled again on the commandline with --enable-valgrind-sgcheck. The -# results for each check will be output to test-suite-$toolname.log. The -# target will succeed if there are zero errors and fail otherwise. +# This results in a "check-valgrind" rule being added to any Makefile.am +# which includes "@VALGRIND_CHECK_RULES@" (assuming the module has been +# configured with --enable-valgrind). Running `make check-valgrind` in +# that directory will run the module's test suite (`make check`) once for +# each of the available Valgrind tools (out of memcheck, helgrind and drd) +# while the sgcheck will be skipped unless enabled again on the +# commandline with --enable-valgrind-sgcheck. The results for each check +# will be output to test-suite-$toolname.log. The target will succeed if +# there are zero errors and fail otherwise. # # Alternatively, a "check-valgrind-$TOOL" rule will be added, for $TOOL in # memcheck, helgrind, drd and sgcheck. These are useful because often only @@ -65,7 +67,7 @@ # and this notice are preserved. This file is offered as-is, without any # warranty. -#serial 23 +#serial 15 dnl Configured tools m4_define([valgrind_tool_list], [[memcheck], [helgrind], [drd], [sgcheck]]) @@ -78,14 +80,10 @@ AC_DEFUN([AX_VALGRIND_DFLT],[ ])dnl AC_DEFUN([AX_VALGRIND_CHECK],[ - AM_EXTRA_RECURSIVE_TARGETS([check-valgrind]) - m4_foreach([vgtool], [valgrind_tool_list], - [AM_EXTRA_RECURSIVE_TARGETS([check-valgrind-]vgtool)]) - dnl Check for --enable-valgrind AC_ARG_ENABLE([valgrind], - [AS_HELP_STRING([--enable-valgrind], [Whether to enable Valgrind on the unit tests])], - [enable_valgrind=$enableval],[enable_valgrind=]) + [AS_HELP_STRING([--enable-valgrind], [Whether to enable Valgrind on the unit tests (requires GNU make)])], + [enable_valgrind=$enableval],[enable_valgrind=no]) AS_IF([test "$enable_valgrind" != "no"],[ # Check for Valgrind. @@ -177,7 +175,7 @@ valgrind_quiet_ = $(valgrind_quiet_$(AM_DEFAULT_VERBOSITY)) valgrind_quiet_0 = --quiet valgrind_v_use = $(valgrind_v_use_$(V)) valgrind_v_use_ = $(valgrind_v_use_$(AM_DEFAULT_VERBOSITY)) -valgrind_v_use_0 = @echo " USE " $(patsubst check-valgrind-%-local,%,$''@):; +valgrind_v_use_0 = @echo " USE " $(patsubst check-valgrind-%,%,$''@):; # Support running with and without libtool. ifneq ($(LIBTOOL),) @@ -187,12 +185,12 @@ valgrind_lt = endif # Use recursive makes in order to ignore errors during check -check-valgrind-local: +check-valgrind: ifeq ($(VALGRIND_ENABLED),yes) $(A''M_V_at)$(MAKE) $(AM_MAKEFLAGS) -k \ $(foreach tool, $(valgrind_enabled_tools), check-valgrind-$(tool)) else - @echo "Need to reconfigure with --enable-valgrind" + @echo "Need to use GNU make and reconfigure with --enable-valgrind" endif # Valgrind running @@ -206,16 +204,14 @@ VALGRIND_LOG_COMPILER = \ $(valgrind_lt) \ $(VALGRIND) $(VALGRIND_SUPPRESSIONS) --error-exitcode=1 $(VALGRIND_FLAGS) -define valgrind_tool_rule -check-valgrind-$(1)-local: +define valgrind_tool_rule = +check-valgrind-$(1): ifeq ($$(VALGRIND_ENABLED)-$$(ENABLE_VALGRIND_$(1)),yes-yes) -ifneq ($$(TESTS),) $$(valgrind_v_use)$$(MAKE) check-TESTS \ TESTS_ENVIRONMENT="$$(VALGRIND_TESTS_ENVIRONMENT)" \ LOG_COMPILER="$$(VALGRIND_LOG_COMPILER)" \ LOG_FLAGS="$$(valgrind_$(1)_flags)" \ TEST_SUITE_LOG=test-suite-$(1).log -endif else ifeq ($$(VALGRIND_ENABLED),yes) @echo "Need to reconfigure with --enable-valgrind-$(1)" else @@ -231,9 +227,15 @@ A''M_DISTCHECK_CONFIGURE_FLAGS += --disable-valgrind MOSTLYCLEANFILES ?= MOSTLYCLEANFILES += $(valgrind_log_files) -.PHONY: check-valgrind $(addprefix check-valgrind-,$(valgrind_tools)) +.PHONY: check-valgrind $(add-prefix check-valgrind-,$(valgrind_tools)) '] + AS_IF([test "$enable_valgrind" != "yes"], [ + VALGRIND_CHECK_RULES=' +check-valgrind: + @echo "Need to use GNU make and reconfigure with --enable-valgrind"' + ]) + AC_SUBST([VALGRIND_CHECK_RULES]) m4_ifdef([_AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE([VALGRIND_CHECK_RULES])]) ])
src/libsodium/Makefile.in+1 −35 modified@@ -178,10 +178,6 @@ am__recursive_targets = \ $(am__extra_recursive_targets) AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \ cscope distdir distdir-am dist dist-all distcheck -am__extra_recursive_targets = check-valgrind-recursive \ - check-valgrind-memcheck-recursive \ - check-valgrind-helgrind-recursive check-valgrind-drd-recursive \ - check-valgrind-sgcheck-recursive am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) # Read a list of newline-separated strings from the standard input, # and print each of them once, without duplicates. Input order is @@ -555,11 +551,6 @@ $(am__recursive_targets): if test "$$dot_seen" = "no"; then \ $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ fi; test -z "$$fail" -check-valgrind-local: -check-valgrind-memcheck-local: -check-valgrind-helgrind-local: -check-valgrind-drd-local: -check-valgrind-sgcheck-local: ID: $(am__tagged_files) $(am__define_uniq_tagged_files); mkid -fID $$unique @@ -874,26 +865,6 @@ distclean-generic: maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -check-valgrind: check-valgrind-recursive - -check-valgrind-am: check-valgrind-local - -check-valgrind-drd: check-valgrind-drd-recursive - -check-valgrind-drd-am: check-valgrind-drd-local - -check-valgrind-helgrind: check-valgrind-helgrind-recursive - -check-valgrind-helgrind-am: check-valgrind-helgrind-local - -check-valgrind-memcheck: check-valgrind-memcheck-recursive - -check-valgrind-memcheck-am: check-valgrind-memcheck-local - -check-valgrind-sgcheck: check-valgrind-sgcheck-recursive - -check-valgrind-sgcheck-am: check-valgrind-sgcheck-local - clean: clean-recursive clean-am: clean-generic clean-libtool mostlyclean-am @@ -967,12 +938,7 @@ uninstall-am: uninstall-pkgconfigDATA .MAKE: $(am__recursive_targets) install-am install-strip .PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am \ - am--refresh check check-am check-valgrind-am \ - check-valgrind-drd-am check-valgrind-drd-local \ - check-valgrind-helgrind-am check-valgrind-helgrind-local \ - check-valgrind-local check-valgrind-memcheck-am \ - check-valgrind-memcheck-local check-valgrind-sgcheck-am \ - check-valgrind-sgcheck-local clean clean-cscope clean-generic \ + am--refresh check check-am clean clean-cscope clean-generic \ clean-libtool cscope cscopelist-am ctags ctags-am dist \ dist-all dist-bzip2 dist-bzip3 dist-gzip dist-lzip dist-shar \ dist-tarZ dist-xz dist-zip dist-zstd distcheck distclean \
src/libsodium/packaging/dotnet-core/libsodium.pkgproj+1 −1 modified@@ -9,7 +9,7 @@ <PropertyGroup> <PackageId>libsodium</PackageId> - <Version>1.0.20.1</Version> + <Version>1.0.20.2</Version> <Authors>Frank Denis</Authors> <Description>Internal implementation package not meant for direct consumption. Please do not reference directly.</Description> <Copyright>© $([System.DateTime]::UtcNow.ToString(yyyy)) Frank Denis</Copyright>
src/libsodium/packaging/nuget/package.config+1 −1 modified@@ -1,4 +1,4 @@ <?xml version="1.0" encoding="utf-8"?> <!-- These values are populated into the package.gsl templates by package.bat. --> <!-- The target attribute controls path and file name only, id controls package naming. --> -<package id="libsodium_vc120" target="libsodium" version = "1.0.20.1" pathversion="1_0_20_1" platformtoolset="v120" /> +<package id="libsodium_vc120" target="libsodium" version = "1.0.20.2" pathversion="1_0_20_2" platformtoolset="v120" />
src/libsodium/README.markdown+12 −8 modified@@ -1,5 +1,4 @@ [](https://github.com/jedisct1/libsodium/actions) -[](https://ci.appveyor.com/project/jedisct1/libsodium) [](https://scan.coverity.com/projects/2397) [](https://jedisct1.visualstudio.com/Libsodium/_build/latest?definitionId=3&branchName=stable) [](https://github.com/jedisct1/libsodium/actions) @@ -16,24 +15,29 @@ It is a portable, cross-compilable, installable, and packageable fork of [NaCl]( - **Encryption & Decryption:** Securely encrypt and decrypt data with modern algorithms. - **Digital Signatures:** Create and verify signatures to ensure data authenticity. -- **Cross-Platform Compatibility:** Supported on Windows (MinGW and Visual Studio, both x86 and x64), iOS, Android, JavaScript, and WebAssembly. +- **Cross-Platform Compatibility:** Supported on Windows (MinGW and Visual Studio, x86, x64 and arm64), iOS, Android, JavaScript, and WebAssembly. - **User-Friendly API:** Designed to provide all core cryptographic operations while remaining easy to integrate into your projects. --- ## Documentation -Detailed documentation is available online. It is generated from the [libsodium-doc](https://github.com/jedisct1/libsodium-doc) repository and requires JavaScript for full functionality: - -- [libsodium Documentation](https://doc.libsodium.org) +- [Installation](https://doc.libsodium.org/installation) +- [Quickstart](https://doc.libsodium.org/quickstart) +- [Full Documentation](https://doc.libsodium.org) +- [Releases](https://download.libsodium.org/libsodium/releases/) +- [Integrity Checking](https://doc.libsodium.org/installation#integrity-checking) --- -## Integrity Checking +## Versioning + +libsodium uses a two-tier release system: -For security and authenticity, please review the integrity checking instructions. These include the signing keys and methods to verify your installation: +- **Point releases** (e.g., 1.0.19, 1.0.20, 1.0.21) are tagged when new features are added or significant changes are made. +- **Stable releases** are frequent maintainance updates between point releases. They fix minor issues while remaining fully compatible with their parent point release. No new features, no breaking changes. -- [Integrity Checking Instructions](https://download.libsodium.org/doc/installation#integrity-checking) +If your application depends on a specific point release, stable updates are safe to apply. Security fixes go to the `stable` branch immediately, with a new point release tagged shortly after. ---
src/libsodium/regen-msvc/regen-msvc.py+14 −1 modified@@ -88,7 +88,7 @@ def get_project_configurations(vs_version): "ReleaseLTCG", ] platforms = ["Win32", "x64"] - # add arm64 platform only for v142+ toolchain + # add arm64 platform only for v142+ toolchain (VS2019+) if vs_version >= 142: platforms.append("ARM64") for config in configs: @@ -147,6 +147,11 @@ def apply_template(tplfile, outfile, sbox): sbox.update({"configurations": get_project_configurations(140)}) apply_template(sd + "/tl_libsodium.vcxproj.tpl", "ci/appveyor/libsodium.vcxproj", sbox) +apply_template( + sd + "/libsodium.vcxproj.filters.tpl", + "builds/msvc/vs2026/libsodium/libsodium.vcxproj.filters", + sbox, +) apply_template( sd + "/libsodium.vcxproj.filters.tpl", "builds/msvc/vs2022/libsodium/libsodium.vcxproj.filters", @@ -183,6 +188,14 @@ def apply_template(tplfile, outfile, sbox): sbox, ) +sbox.update({"platform": "v145"}) +sbox.update({"configurations": get_project_configurations(145)}) +apply_template( + sd + "/libsodium.vcxproj.tpl", + "builds/msvc/vs2026/libsodium/libsodium.vcxproj", + sbox, +) + sbox.update({"platform": "v143"}) sbox.update({"configurations": get_project_configurations(143)}) apply_template(
src/libsodium/src/libsodium/crypto_aead/aegis128l/aead_aegis128l.c+2 −0 modified@@ -109,6 +109,7 @@ crypto_aead_aegis128l_encrypt_detached(unsigned char *c, unsigned char *mac, { const size_t maclen = crypto_aead_aegis128l_ABYTES; + (void) nsec; if (maclen_p != NULL) { *maclen_p = maclen; } @@ -129,6 +130,7 @@ crypto_aead_aegis128l_decrypt_detached(unsigned char *m, unsigned char *nsec, { const size_t maclen = crypto_aead_aegis128l_ABYTES; + (void) nsec; if (clen > crypto_aead_aegis128l_MESSAGEBYTES_MAX || adlen > crypto_aead_aegis128l_MESSAGEBYTES_MAX) { return -1;
src/libsodium/src/libsodium/crypto_aead/aegis256/aead_aegis256.c+2 −0 modified@@ -109,6 +109,7 @@ crypto_aead_aegis256_encrypt_detached(unsigned char *c, unsigned char *mac, { const size_t maclen = crypto_aead_aegis256_ABYTES; + (void) nsec; if (maclen_p != NULL) { *maclen_p = maclen; } @@ -128,6 +129,7 @@ crypto_aead_aegis256_decrypt_detached(unsigned char *m, unsigned char *nsec, con { const size_t maclen = crypto_aead_aegis256_ABYTES; + (void) nsec; if (clen > crypto_aead_aegis256_MESSAGEBYTES_MAX || adlen > crypto_aead_aegis256_MESSAGEBYTES_MAX) { return -1;
src/libsodium/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c+5 −2 modified@@ -39,7 +39,7 @@ load_4(const unsigned char *in) * and 10*25.5 bit limbs elsewhere. * * Functions used elsewhere that are candidates for inlining are defined - * via "private/curve25519_ref10.h". + * via "private/ed25519_ref10.h". */ #ifdef HAVE_TI_MODE @@ -1044,10 +1044,13 @@ int ge25519_is_on_main_subgroup(const ge25519_p3 *p) { ge25519_p3 pl; + fe25519 t; ge25519_mul_l(&pl, p); - return fe25519_iszero(pl.X); + fe25519_sub(t, pl.Y, pl.Z); + + return fe25519_iszero(pl.X) & fe25519_iszero(t); } int
src/libsodium/src/libsodium/crypto_pwhash/argon2/argon2-fill-block-ref.c+2 −2 modified@@ -29,7 +29,7 @@ fill_block(const block *prev_block, const block *ref_block, block *next_block) copy_block(&blockR, ref_block); xor_block(&blockR, prev_block); copy_block(&block_tmp, &blockR); - /* Now blockR = ref_block + prev_block and bloc_tmp = ref_block + prev_block + /* Now blockR = ref_block + prev_block and block_tmp = ref_block + prev_block Apply Blake2 on columns of 64-bit words: (0,1,...,15), then (16,17,..31)... finally (112,113,...127) */ for (i = 0; i < 8; ++i) { @@ -70,7 +70,7 @@ fill_block_with_xor(const block *prev_block, const block *ref_block, copy_block(&block_tmp, &blockR); xor_block(&block_tmp, next_block); /* Saving the next block contents for XOR over */ - /* Now blockR = ref_block + prev_block and bloc_tmp = ref_block + prev_block + /* Now blockR = ref_block + prev_block and block_tmp = ref_block + prev_block * + next_block */ /* Apply Blake2 on columns of 64-bit words: (0,1,...,15) , then (16,17,..31)... finally (112,113,...127) */
src/libsodium/src/libsodium/crypto_pwhash/argon2/argon2.h+4 −4 modified@@ -151,11 +151,11 @@ typedef enum Argon2_ErrorCodes { ***** * Simplest situation: you have output array out[8], password is stored in * pwd[32], salt is stored in salt[16], you do not have keys nor associated - *data. + * data. * You need to spend 1 GB of RAM and you run 5 passes of Argon2 with 4 parallel - *lanes. + * lanes. * You want to erase the password, but you're OK with last pass not being - *erased. + * erased. * You want to use the default memory allocator. * Then you initialize: * Argon2_Context(out,8,pwd,32,salt,16,NULL,0,NULL,0,5,1<<20,4,4,NULL,NULL,true,false,false,false). @@ -190,7 +190,7 @@ typedef enum Argon2_type { Argon2_i = 1, Argon2_id = 2 } argon2_type; /* * Function that performs memory-hard hashing with certain degree of parallelism * @param context Pointer to the Argon2 internal structure - * @return Error code if smth is wrong, ARGON2_OK otherwise + * @return Error code if something is wrong, ARGON2_OK otherwise */ int argon2_ctx(argon2_context *context, argon2_type type);
src/libsodium/src/libsodium/crypto_scalarmult/curve25519/sandy2x/curve25519_sandy2x.c+2 −2 modified@@ -1,8 +1,8 @@ /* This file is adapted from ref10/scalarmult.c: - The code for Mongomery ladder is replace by the ladder assembly function; + The code for Montgomery ladder is replaced by the ladder assembly function; Inversion is done in the same way as amd64-51/. - (fe is first converted into fe51 after Mongomery ladder) + (fe is first converted into fe51 after Montgomery ladder) */ #include <stddef.h>
src/libsodium/src/libsodium/crypto_scalarmult/curve25519/scalarmult_curve25519.h+2 −2 modified@@ -1,6 +1,6 @@ -#ifndef scalarmult_poly1305_H -#define scalarmult_poly1305_H +#ifndef scalarmult_curve25519_H +#define scalarmult_curve25519_H typedef struct crypto_scalarmult_curve25519_implementation { int (*mult)(unsigned char *q, const unsigned char *n,
src/libsodium/src/libsodium/include/Makefile.in+8 −41 modified@@ -159,10 +159,6 @@ am__uninstall_files_from_dir = { \ } am__installdirs = "$(DESTDIR)$(includedir)" "$(DESTDIR)$(includedir)" HEADERS = $(nobase_include_HEADERS) $(nobase_nodist_include_HEADERS) -am__extra_recursive_targets = check-valgrind-recursive \ - check-valgrind-memcheck-recursive \ - check-valgrind-helgrind-recursive check-valgrind-drd-recursive \ - check-valgrind-sgcheck-recursive am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) # Read a list of newline-separated strings from the standard input, # and print each of them once, without duplicates. Input order is @@ -514,11 +510,6 @@ uninstall-nobase_nodist_includeHEADERS: @list='$(nobase_nodist_include_HEADERS)'; test -n "$(includedir)" || list=; \ $(am__nobase_strip_setup); files=`$(am__nobase_strip)`; \ dir='$(DESTDIR)$(includedir)'; $(am__uninstall_files_from_dir) -check-valgrind-local: -check-valgrind-memcheck-local: -check-valgrind-helgrind-local: -check-valgrind-drd-local: -check-valgrind-sgcheck-local: ID: $(am__tagged_files) $(am__define_uniq_tagged_files); mkid -fID $$unique @@ -642,26 +633,6 @@ distclean-generic: maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -check-valgrind: check-valgrind-am - -check-valgrind-am: check-valgrind-local - -check-valgrind-drd: check-valgrind-drd-am - -check-valgrind-drd-am: check-valgrind-drd-local - -check-valgrind-helgrind: check-valgrind-helgrind-am - -check-valgrind-helgrind-am: check-valgrind-helgrind-local - -check-valgrind-memcheck: check-valgrind-memcheck-am - -check-valgrind-memcheck-am: check-valgrind-memcheck-local - -check-valgrind-sgcheck: check-valgrind-sgcheck-am - -check-valgrind-sgcheck-am: check-valgrind-sgcheck-local - clean: clean-am clean-am: clean-generic clean-libtool mostlyclean-am @@ -732,18 +703,14 @@ uninstall-am: uninstall-nobase_includeHEADERS \ .MAKE: install-am install-strip -.PHONY: CTAGS GTAGS TAGS all all-am check check-am check-valgrind-am \ - check-valgrind-drd-am check-valgrind-drd-local \ - check-valgrind-helgrind-am check-valgrind-helgrind-local \ - check-valgrind-local check-valgrind-memcheck-am \ - check-valgrind-memcheck-local check-valgrind-sgcheck-am \ - check-valgrind-sgcheck-local clean clean-generic clean-libtool \ - cscopelist-am ctags ctags-am distclean distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-dvi install-dvi-am install-exec \ - install-exec-am install-html install-html-am install-info \ - install-info-am install-man install-nobase_includeHEADERS \ +.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \ + clean-libtool cscopelist-am ctags ctags-am distclean \ + distclean-generic distclean-libtool distclean-tags distdir dvi \ + dvi-am html html-am info info-am install install-am \ + install-data install-data-am install-dvi install-dvi-am \ + install-exec install-exec-am install-html install-html-am \ + install-info install-info-am install-man \ + install-nobase_includeHEADERS \ install-nobase_nodist_includeHEADERS install-pdf \ install-pdf-am install-ps install-ps-am install-strip \ installcheck installcheck-am installdirs maintainer-clean \
src/libsodium/src/libsodium/include/sodium/crypto_core_ed25519.h+4 −0 modified@@ -42,6 +42,10 @@ int crypto_core_ed25519_sub(unsigned char *r, const unsigned char *p, const unsigned char *q) __attribute__ ((nonnull)); +/* + * Removal notice: this function is undocumented and has been marked as + * deprecated since 2019. It will be removed. Bindings should not refer to it. + */ SODIUM_EXPORT int crypto_core_ed25519_from_uniform(unsigned char *p, const unsigned char *r) __attribute__ ((nonnull));
src/libsodium/src/libsodium/include/sodium/crypto_hash_sha256.h+1 −1 modified@@ -2,7 +2,7 @@ #define crypto_hash_sha256_H /* - * WARNING: Unless you absolutely need to use SHA256 for interoperability, + * WARNING: Unless you absolutely need to use SHA256 for interoperability * purposes, you might want to consider crypto_generichash() instead. * Unlike SHA256, crypto_generichash() is not vulnerable to length * extension attacks.
src/libsodium/src/libsodium/include/sodium/crypto_hash_sha512.h+1 −1 modified@@ -2,7 +2,7 @@ #define crypto_hash_sha512_H /* - * WARNING: Unless you absolutely need to use SHA512 for interoperability, + * WARNING: Unless you absolutely need to use SHA512 for interoperability * purposes, you might want to consider crypto_generichash() instead. * Unlike SHA512, crypto_generichash() is not vulnerable to length * extension attacks.
src/libsodium/src/libsodium/include/sodium/crypto_stream_chacha20.h+4 −4 modified@@ -43,14 +43,14 @@ SODIUM_EXPORT int crypto_stream_chacha20_xor(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, const unsigned char *k) - __attribute__ ((nonnull)); + __attribute__ ((nonnull(1, 4, 5))); SODIUM_EXPORT int crypto_stream_chacha20_xor_ic(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, uint64_t ic, const unsigned char *k) - __attribute__ ((nonnull)); + __attribute__ ((nonnull(1, 4, 6))); SODIUM_EXPORT void crypto_stream_chacha20_keygen(unsigned char k[crypto_stream_chacha20_KEYBYTES]) @@ -80,14 +80,14 @@ SODIUM_EXPORT int crypto_stream_chacha20_ietf_xor(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, const unsigned char *k) - __attribute__ ((nonnull)); + __attribute__ ((nonnull(1, 4, 5))); SODIUM_EXPORT int crypto_stream_chacha20_ietf_xor_ic(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, uint32_t ic, const unsigned char *k) - __attribute__ ((nonnull)); + __attribute__ ((nonnull(1, 4, 6))); SODIUM_EXPORT void crypto_stream_chacha20_ietf_keygen(unsigned char k[crypto_stream_chacha20_ietf_KEYBYTES])
src/libsodium/src/libsodium/include/sodium/crypto_stream.h+1 −1 modified@@ -46,7 +46,7 @@ SODIUM_EXPORT int crypto_stream_xor(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, const unsigned char *k) - __attribute__ ((nonnull)); + __attribute__ ((nonnull(1, 4, 5))); SODIUM_EXPORT void crypto_stream_keygen(unsigned char k[crypto_stream_KEYBYTES])
src/libsodium/src/libsodium/include/sodium/crypto_stream_salsa2012.h+1 −1 modified@@ -40,7 +40,7 @@ SODIUM_EXPORT int crypto_stream_salsa2012_xor(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, const unsigned char *k) - __attribute__ ((nonnull)); + __attribute__ ((nonnull(1, 4, 5))); SODIUM_EXPORT void crypto_stream_salsa2012_keygen(unsigned char k[crypto_stream_salsa2012_KEYBYTES])
src/libsodium/src/libsodium/include/sodium/crypto_stream_salsa208.h+1 −1 modified@@ -43,7 +43,7 @@ SODIUM_EXPORT int crypto_stream_salsa208_xor(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, const unsigned char *k) - __attribute__ ((deprecated)) __attribute__ ((nonnull)); + __attribute__ ((deprecated)) __attribute__ ((nonnull(1, 4, 5))); SODIUM_EXPORT void crypto_stream_salsa208_keygen(unsigned char k[crypto_stream_salsa208_KEYBYTES])
src/libsodium/src/libsodium/include/sodium/crypto_stream_salsa20.h+2 −2 modified@@ -41,14 +41,14 @@ SODIUM_EXPORT int crypto_stream_salsa20_xor(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, const unsigned char *k) - __attribute__ ((nonnull)); + __attribute__ ((nonnull(1, 4, 5))); SODIUM_EXPORT int crypto_stream_salsa20_xor_ic(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, uint64_t ic, const unsigned char *k) - __attribute__ ((nonnull)); + __attribute__ ((nonnull(1, 4, 6))); SODIUM_EXPORT void crypto_stream_salsa20_keygen(unsigned char k[crypto_stream_salsa20_KEYBYTES])
src/libsodium/src/libsodium/include/sodium/crypto_stream_xchacha20.h+2 −2 modified@@ -41,14 +41,14 @@ SODIUM_EXPORT int crypto_stream_xchacha20_xor(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, const unsigned char *k) - __attribute__ ((nonnull)); + __attribute__ ((nonnull(1, 4, 5))); SODIUM_EXPORT int crypto_stream_xchacha20_xor_ic(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, uint64_t ic, const unsigned char *k) - __attribute__ ((nonnull)); + __attribute__ ((nonnull(1, 4, 6))); SODIUM_EXPORT void crypto_stream_xchacha20_keygen(unsigned char k[crypto_stream_xchacha20_KEYBYTES])
src/libsodium/src/libsodium/include/sodium/crypto_stream_xsalsa20.h+2 −2 modified@@ -41,14 +41,14 @@ SODIUM_EXPORT int crypto_stream_xsalsa20_xor(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, const unsigned char *k) - __attribute__ ((nonnull)); + __attribute__ ((nonnull(1, 4, 5))); SODIUM_EXPORT int crypto_stream_xsalsa20_xor_ic(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, uint64_t ic, const unsigned char *k) - __attribute__ ((nonnull)); + __attribute__ ((nonnull(1, 4, 6))); SODIUM_EXPORT void crypto_stream_xsalsa20_keygen(unsigned char k[crypto_stream_xsalsa20_KEYBYTES])
src/libsodium/src/libsodium/Makefile.in+1 −35 modified@@ -752,10 +752,6 @@ am__recursive_targets = \ $(am__extra_recursive_targets) AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \ distdir distdir-am -am__extra_recursive_targets = check-valgrind-recursive \ - check-valgrind-memcheck-recursive \ - check-valgrind-helgrind-recursive check-valgrind-drd-recursive \ - check-valgrind-sgcheck-recursive am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) # Read a list of newline-separated strings from the standard input, # and print each of them once, without duplicates. Input order is @@ -3423,11 +3419,6 @@ $(am__recursive_targets): if test "$$dot_seen" = "no"; then \ $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ fi; test -z "$$fail" -check-valgrind-local: -check-valgrind-memcheck-local: -check-valgrind-helgrind-local: -check-valgrind-drd-local: -check-valgrind-sgcheck-local: ID: $(am__tagged_files) $(am__define_uniq_tagged_files); mkid -fID $$unique @@ -3745,26 +3736,6 @@ distclean-generic: maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -check-valgrind: check-valgrind-recursive - -check-valgrind-am: check-valgrind-local - -check-valgrind-drd: check-valgrind-drd-recursive - -check-valgrind-drd-am: check-valgrind-drd-local - -check-valgrind-helgrind: check-valgrind-helgrind-recursive - -check-valgrind-helgrind-am: check-valgrind-helgrind-local - -check-valgrind-memcheck: check-valgrind-memcheck-recursive - -check-valgrind-memcheck-am: check-valgrind-memcheck-local - -check-valgrind-sgcheck: check-valgrind-sgcheck-recursive - -check-valgrind-sgcheck-am: check-valgrind-sgcheck-local - clean: clean-recursive clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \ @@ -4079,12 +4050,7 @@ uninstall-am: uninstall-defexecDATA uninstall-libLTLIBRARIES .MAKE: $(am__recursive_targets) install-am install-strip .PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am \ - am--depfiles check check-am check-valgrind-am \ - check-valgrind-drd-am check-valgrind-drd-local \ - check-valgrind-helgrind-am check-valgrind-helgrind-local \ - check-valgrind-local check-valgrind-memcheck-am \ - check-valgrind-memcheck-local check-valgrind-sgcheck-am \ - check-valgrind-sgcheck-local clean clean-generic \ + am--depfiles check check-am clean clean-generic \ clean-libLTLIBRARIES clean-libtool clean-noinstLTLIBRARIES \ cscopelist-am ctags ctags-am distclean distclean-compile \ distclean-generic distclean-libtool distclean-tags distdir dvi \
src/libsodium/src/Makefile.in+4 −38 modified@@ -145,10 +145,6 @@ am__recursive_targets = \ $(am__extra_recursive_targets) AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \ distdir distdir-am -am__extra_recursive_targets = check-valgrind-recursive \ - check-valgrind-memcheck-recursive \ - check-valgrind-helgrind-recursive check-valgrind-drd-recursive \ - check-valgrind-sgcheck-recursive am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) # Read a list of newline-separated strings from the standard input, # and print each of them once, without duplicates. Input order is @@ -440,11 +436,6 @@ $(am__recursive_targets): if test "$$dot_seen" = "no"; then \ $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ fi; test -z "$$fail" -check-valgrind-local: -check-valgrind-memcheck-local: -check-valgrind-helgrind-local: -check-valgrind-drd-local: -check-valgrind-sgcheck-local: ID: $(am__tagged_files) $(am__define_uniq_tagged_files); mkid -fID $$unique @@ -604,26 +595,6 @@ distclean-generic: maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -check-valgrind: check-valgrind-recursive - -check-valgrind-am: check-valgrind-local - -check-valgrind-drd: check-valgrind-drd-recursive - -check-valgrind-drd-am: check-valgrind-drd-local - -check-valgrind-helgrind: check-valgrind-helgrind-recursive - -check-valgrind-helgrind-am: check-valgrind-helgrind-local - -check-valgrind-memcheck: check-valgrind-memcheck-recursive - -check-valgrind-memcheck-am: check-valgrind-memcheck-local - -check-valgrind-sgcheck: check-valgrind-sgcheck-recursive - -check-valgrind-sgcheck-am: check-valgrind-sgcheck-local - clean: clean-recursive clean-am: clean-generic clean-libtool mostlyclean-am @@ -693,15 +664,10 @@ uninstall-am: .MAKE: $(am__recursive_targets) install-am install-strip .PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am check \ - check-am check-valgrind-am check-valgrind-drd-am \ - check-valgrind-drd-local check-valgrind-helgrind-am \ - check-valgrind-helgrind-local check-valgrind-local \ - check-valgrind-memcheck-am check-valgrind-memcheck-local \ - check-valgrind-sgcheck-am check-valgrind-sgcheck-local clean \ - clean-generic clean-libtool cscopelist-am ctags ctags-am \ - distclean distclean-generic distclean-libtool distclean-tags \ - distdir dvi dvi-am html html-am info info-am install \ - install-am install-data install-data-am install-dvi \ + check-am clean clean-generic clean-libtool cscopelist-am ctags \ + ctags-am distclean distclean-generic distclean-libtool \ + distclean-tags distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am install-dvi \ install-dvi-am install-exec install-exec-am install-html \ install-html-am install-info install-info-am install-man \ install-pdf install-pdf-am install-ps install-ps-am \
src/libsodium/test/constcheck.sh+3 −3 modified@@ -14,9 +14,9 @@ done echo "return 0; }" >> "$CT" CPPFLAGS="${CPPFLAGS} -Wno-deprecated-declarations" -CPPFLAGS="${CPPFLAGS} -I/opt/homebrew/include" -LDFLAGS="${LDFLAGS} -L/opt/homebrew/lib" +CPPFLAGS="${CPPFLAGS} -Isrc/libsodium/include" +LDFLAGS="${LDFLAGS} -Lsrc/libsodium/.libs" ${CC:-cc} "$CT" $CPPFLAGS $CFLAGS $LDFLAGS -lsodium || exit 1 -./a.out || exit 1 +DYLD_LIBRARY_PATH=src/libsodium/.libs:$DYLD_LIBRARY_PATH ./a.out || exit 1 rm -f a.out "$CT"
src/libsodium/test/default/core_ed25519.c+6 −1 modified@@ -13,6 +13,10 @@ static const unsigned char max_canonical_p[32] = { 0xe4, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f }; +static const unsigned char not_main_subgroup_p[32] = { + 0x95, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, + 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99 +}; static const unsigned char L_p1[32] = { 0xee, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10 @@ -142,11 +146,12 @@ main(void) assert(crypto_core_ed25519_is_valid_point(p) == 0); p[0] = 9; - assert(crypto_core_ed25519_is_valid_point(p) == 1); + assert(crypto_core_ed25519_is_valid_point(p) == 0); assert(crypto_core_ed25519_is_valid_point(max_canonical_p) == 1); assert(crypto_core_ed25519_is_valid_point(non_canonical_invalid_p) == 0); assert(crypto_core_ed25519_is_valid_point(non_canonical_p) == 0); + assert(crypto_core_ed25519_is_valid_point(not_main_subgroup_p) == 0); memcpy(p2, p, crypto_core_ed25519_BYTES); add_P(p2);
src/libsodium/test/default/kdf_hkdf.c+0 −1 modified@@ -19,7 +19,6 @@ tv_kdf_hkdf(void) size_t out_len = 99; char hex[99 * 2 + 1]; size_t i; - int ret; master_key = (unsigned char *) sodium_malloc(master_key_len); prk256 = (unsigned char *) sodium_malloc(prk256_len);
src/libsodium/test/default/Makefile.in+9 −43 modified@@ -525,10 +525,6 @@ am__can_run_installinfo = \ n|no|NO) false;; \ *) (install-info --version) >/dev/null 2>&1;; \ esac -am__extra_recursive_targets = check-valgrind-recursive \ - check-valgrind-memcheck-recursive \ - check-valgrind-helgrind-recursive check-valgrind-drd-recursive \ - check-valgrind-sgcheck-recursive am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) # Read a list of newline-separated strings from the standard input, # and print each of them once, without duplicates. Input order is @@ -1767,11 +1763,6 @@ mostlyclean-libtool: clean-libtool: -rm -rf .libs _libs -check-valgrind-local: -check-valgrind-memcheck-local: -check-valgrind-helgrind-local: -check-valgrind-drd-local: -check-valgrind-sgcheck-local: ID: $(am__tagged_files) $(am__define_uniq_tagged_files); mkid -fID $$unique @@ -2639,26 +2630,6 @@ distclean-generic: maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -check-valgrind: check-valgrind-am - -check-valgrind-am: check-valgrind-local - -check-valgrind-drd: check-valgrind-drd-am - -check-valgrind-drd-am: check-valgrind-drd-local - -check-valgrind-helgrind: check-valgrind-helgrind-am - -check-valgrind-helgrind-am: check-valgrind-helgrind-local - -check-valgrind-memcheck: check-valgrind-memcheck-am - -check-valgrind-memcheck-am: check-valgrind-memcheck-local - -check-valgrind-sgcheck: check-valgrind-sgcheck-am - -check-valgrind-sgcheck-am: check-valgrind-sgcheck-local - clean: clean-am clean-am: clean-checkPROGRAMS clean-generic clean-libtool \ @@ -2891,20 +2862,15 @@ uninstall-am: .MAKE: check-am install-am install-strip .PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-TESTS \ - check-am check-valgrind-am check-valgrind-drd-am \ - check-valgrind-drd-local check-valgrind-helgrind-am \ - check-valgrind-helgrind-local check-valgrind-local \ - check-valgrind-memcheck-am check-valgrind-memcheck-local \ - check-valgrind-sgcheck-am check-valgrind-sgcheck-local clean \ - clean-checkPROGRAMS clean-generic clean-libtool cscopelist-am \ - ctags ctags-am distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-dvi install-dvi-am install-exec \ - install-exec-am install-html install-html-am install-info \ - install-info-am install-man install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ + check-am clean clean-checkPROGRAMS clean-generic clean-libtool \ + cscopelist-am ctags ctags-am distclean distclean-compile \ + distclean-generic distclean-libtool distclean-tags distdir dvi \ + dvi-am html html-am info info-am install install-am \ + install-data install-data-am install-dvi install-dvi-am \ + install-exec install-exec-am install-html install-html-am \ + install-info install-info-am install-man install-pdf \ + install-pdf-am install-ps install-ps-am install-strip \ + installcheck installcheck-am installdirs maintainer-clean \ maintainer-clean-generic mostlyclean mostlyclean-compile \ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ recheck tags tags-am uninstall uninstall-am
src/libsodium/test/default/scalarmult_ed25519.c+10 −0 modified@@ -13,6 +13,10 @@ static const unsigned char max_canonical_p[32] = { 0xe4, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f }; +static const unsigned char not_main_subgroup_p[32] = { + 0x95, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, + 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99 +}; static const unsigned char B[32] = { 0x58, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, @@ -69,9 +73,15 @@ main(void) if (crypto_scalarmult_ed25519(q, n, non_canonical_invalid_p) != -1) { printf("crypto_scalarmult_ed25519() didn't fail\n"); } + if (crypto_scalarmult_ed25519(q, n, not_main_subgroup_p) != -1) { + printf("crypto_scalarmult_ed25519() didn't fail (non-subgroup)\n"); + } if (crypto_scalarmult_ed25519(q, n, max_canonical_p) != 0) { printf("crypto_scalarmult_ed25519() failed\n"); } + if (crypto_scalarmult_ed25519_noclamp(q, n, not_main_subgroup_p) != -1) { + printf("crypto_scalarmult_ed25519_noclamp() didn't fail (non-subgroup)\n"); + } n[0] = 9; if (crypto_scalarmult_ed25519(q, n, p) != 0) {
src/libsodium/test/Makefile.in+4 −38 modified@@ -145,10 +145,6 @@ am__recursive_targets = \ $(am__extra_recursive_targets) AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \ distdir distdir-am -am__extra_recursive_targets = check-valgrind-recursive \ - check-valgrind-memcheck-recursive \ - check-valgrind-helgrind-recursive check-valgrind-drd-recursive \ - check-valgrind-sgcheck-recursive am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) # Read a list of newline-separated strings from the standard input, # and print each of them once, without duplicates. Input order is @@ -443,11 +439,6 @@ $(am__recursive_targets): if test "$$dot_seen" = "no"; then \ $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ fi; test -z "$$fail" -check-valgrind-local: -check-valgrind-memcheck-local: -check-valgrind-helgrind-local: -check-valgrind-drd-local: -check-valgrind-sgcheck-local: ID: $(am__tagged_files) $(am__define_uniq_tagged_files); mkid -fID $$unique @@ -607,26 +598,6 @@ distclean-generic: maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -check-valgrind: check-valgrind-recursive - -check-valgrind-am: check-valgrind-local - -check-valgrind-drd: check-valgrind-drd-recursive - -check-valgrind-drd-am: check-valgrind-drd-local - -check-valgrind-helgrind: check-valgrind-helgrind-recursive - -check-valgrind-helgrind-am: check-valgrind-helgrind-local - -check-valgrind-memcheck: check-valgrind-memcheck-recursive - -check-valgrind-memcheck-am: check-valgrind-memcheck-local - -check-valgrind-sgcheck: check-valgrind-sgcheck-recursive - -check-valgrind-sgcheck-am: check-valgrind-sgcheck-local - clean: clean-recursive clean-am: clean-generic clean-libtool mostlyclean-am @@ -696,15 +667,10 @@ uninstall-am: .MAKE: $(am__recursive_targets) install-am install-strip .PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am check \ - check-am check-valgrind-am check-valgrind-drd-am \ - check-valgrind-drd-local check-valgrind-helgrind-am \ - check-valgrind-helgrind-local check-valgrind-local \ - check-valgrind-memcheck-am check-valgrind-memcheck-local \ - check-valgrind-sgcheck-am check-valgrind-sgcheck-local clean \ - clean-generic clean-libtool cscopelist-am ctags ctags-am \ - distclean distclean-generic distclean-libtool distclean-tags \ - distdir dvi dvi-am html html-am info info-am install \ - install-am install-data install-data-am install-dvi \ + check-am clean clean-generic clean-libtool cscopelist-am ctags \ + ctags-am distclean distclean-generic distclean-libtool \ + distclean-tags distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am install-dvi \ install-dvi-am install-exec install-exec-am install-html \ install-html-am install-info install-info-am install-man \ install-pdf install-pdf-am install-ps install-ps-am \
2cb48f261309Ensure public key is on the prime order subgroup
2 files changed · +28 −4
src/Core/Ed25519.php+22 −4 modified@@ -106,6 +106,22 @@ public static function publickey_from_secretkey($sk) return self::sk_to_pk($sk); } + /** + * Returns TRUE if $A represents a point on the order of the Edwards25519 prime order subgroup. + * Returns FALSE if $A is on a different subgroup. + * + * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $A + * @return bool + * + * @throws SodiumException + */ + public static function is_on_main_subgroup(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $A) + { + $p1 = self::ge_mul_l($A); + $t = self::fe_sub($p1->Y, $p1->Z); + return self::fe_isnonzero($p1->X) && self::fe_isnonzero($t); + } + /** * @param string $pk * @return string @@ -118,9 +134,8 @@ public static function pk_to_curve25519($pk) throw new SodiumException('Public key is on a small order'); } $A = self::ge_frombytes_negate_vartime(self::substr($pk, 0, 32)); - $p1 = self::ge_mul_l($A); - if (!self::fe_isnonzero($p1->X)) { - throw new SodiumException('Unexpected zero result'); + if (!self::is_on_main_subgroup($A)) { + throw new SodiumException('Public key is not on a member of the main subgroup'); } # fe_1(one_minus_y); @@ -287,7 +302,7 @@ public static function verify_detached($sig, $message, $pk) throw new SodiumException('Argument 3 must be CRYPTO_SIGN_PUBLICKEYBYTES long'); } if ((self::chrToInt($sig[63]) & 240) && self::check_S_lt_L(self::substr($sig, 32, 32))) { - throw new SodiumException('S < L - Invalid signature'); + throw new SodiumException('S >= L - Invalid signature'); } if (self::small_order($sig)) { throw new SodiumException('Signature is on too small of an order'); @@ -311,6 +326,9 @@ public static function verify_detached($sig, $message, $pk) /** @var ParagonIE_Sodium_Core_Curve25519_Ge_P3 $A */ $A = self::ge_frombytes_negate_vartime($pk); + if (!self::is_on_main_subgroup($A)) { + throw new SodiumException('Public key is not on a member of the main subgroup'); + } /** @var string $hDigest */ $hDigest = hash(
src/File.php+6 −0 modified@@ -786,8 +786,14 @@ public static function verify( // Set ParagonIE_Sodium_Compat::$fastMult to true to speed up verification. ParagonIE_Sodium_Compat::$fastMult = true; + if (ParagonIE_Sodium_Core_Ed25519::small_order($publicKey)) { + throw new SodiumException('Public key has small order'); + } /** @var ParagonIE_Sodium_Core_Curve25519_Ge_P3 $A */ $A = ParagonIE_Sodium_Core_Ed25519::ge_frombytes_negate_vartime($publicKey); + if (!ParagonIE_Sodium_Core_Ed25519::is_on_main_subgroup($A)) { + throw new SodiumException('Public key is not on a member of the main subgroup'); + } $hs = hash_init('sha512'); self::hash_update($hs, self::substr($sig, 0, 32));
4714da6efdc7Ensure public key is on the prime order subgroup
2 files changed · +27 −4
src/Core/Ed25519.php+21 −4 modified@@ -115,6 +115,20 @@ public static function publickey_from_secretkey( return self::sk_to_pk($sk); } + /** + * Returns TRUE if $A represents a point on the order of the Edwards25519 prime order subgroup. + * Returns FALSE if $A is on a different subgroup. + * + * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $A + * @return bool + */ + public static function is_on_main_subgroup(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $A): bool + { + $p1 = self::ge_mul_l($A); + $t = self::fe_sub($p1->Y, $p1->Z); + return self::fe_isnonzero($p1->X) && self::fe_isnonzero($t); + } + /** * @param string $pk * @return string @@ -131,9 +145,9 @@ public static function pk_to_curve25519( throw new SodiumException('Public key is on a small order'); } $A = self::ge_frombytes_negate_vartime(self::substr($pk, 0, 32)); - $p1 = self::ge_mul_l($A); - if (!self::fe_isnonzero($p1->X)) { - throw new SodiumException('Unexpected zero result'); + // check that A * L == identity point + if (!self::is_on_main_subgroup($A)) { + throw new SodiumException('Public key is not on a member of the main subgroup'); } $one_minux_y = self::fe_invert( self::fe_sub( @@ -283,7 +297,7 @@ public static function verify_detached( throw new SodiumException('Argument 3 must be CRYPTO_SIGN_PUBLICKEYBYTES long'); } if ((self::chrToInt($sig[63]) & 240) && self::check_S_lt_L(self::substr($sig, 32, 32))) { - throw new SodiumException('S < L - Invalid signature'); + throw new SodiumException('S >= L - Invalid signature'); } if (self::small_order($sig)) { throw new SodiumException('Signature is on too small of an order'); @@ -306,6 +320,9 @@ public static function verify_detached( ParagonIE_Sodium_Compat::$fastMult = true; $A = self::ge_frombytes_negate_vartime($pk); + if (!self::is_on_main_subgroup($A)) { + throw new SodiumException('Public key is not on main subgroup'); + } $hDigest = hash( 'sha512',
src/File.php+6 −0 modified@@ -630,6 +630,12 @@ public static function verify(string $sig, string $filePath, string $publicKey): ParagonIE_Sodium_Compat::$fastMult = true; $A = ParagonIE_Sodium_Core_Ed25519::ge_frombytes_negate_vartime($publicKey); + if (ParagonIE_Sodium_Core_Ed25519::small_order($publicKey)) { + throw new SodiumException('Public key has small order'); + } + if (!ParagonIE_Sodium_Core_Ed25519::is_on_main_subgroup($A)) { + throw new SodiumException('Public key is not on main subgroup'); + } $hs = hash_init('sha512'); hash_update($hs, self::substr($sig, 0, 32));
ad3004ec8731core_ed25519_is_valid_point: check Y==Z in addition to X==0
2 files changed · +10 −2
src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c+4 −1 modified@@ -1141,10 +1141,13 @@ int ge25519_is_on_main_subgroup(const ge25519_p3 *p) { ge25519_p3 pl; + fe25519 t; ge25519_mul_l(&pl, p); - return fe25519_iszero(pl.X); + fe25519_sub(t, pl.Y, pl.Z); + + return fe25519_iszero(pl.X) & fe25519_iszero(t); } int
test/default/core_ed25519.c+6 −1 modified@@ -13,6 +13,10 @@ static const unsigned char max_canonical_p[32] = { 0xe4, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f }; +static const unsigned char not_main_subgroup_p[32] = { + 0x95, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, + 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99 +}; static const unsigned char L_p1[32] = { 0xee, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10 @@ -133,11 +137,12 @@ main(void) assert(crypto_core_ed25519_is_valid_point(p) == 0); p[0] = 9; - assert(crypto_core_ed25519_is_valid_point(p) == 1); + assert(crypto_core_ed25519_is_valid_point(p) == 0); assert(crypto_core_ed25519_is_valid_point(max_canonical_p) == 1); assert(crypto_core_ed25519_is_valid_point(non_canonical_invalid_p) == 0); assert(crypto_core_ed25519_is_valid_point(non_canonical_p) == 0); + assert(crypto_core_ed25519_is_valid_point(not_main_subgroup_p) == 0); memcpy(p2, p, crypto_core_ed25519_BYTES); add_P(p2);
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
15- github.com/advisories/GHSA-mrfv-m5wm-5w6wghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-69277ghsaADVISORY
- 00f.net/2025/12/30/libsodium-vulnerabilityghsaWEB
- github.com/FriendsOfPHP/security-advisories/blob/master/paragonie/sodium_compat/2025-12-30.yamlghsaWEB
- github.com/hdwallet-io/python-hdwallet/pull/124ghsaWEB
- github.com/jedisct1/libsodium/commit/ad3004ec8731730e93fcfbbc824e67eadc1c1baenvdWEB
- github.com/paragonie/sodium_compat/commit/2cb48f26130919f92f30650bdcc30e6f4ebe45acghsaWEB
- github.com/paragonie/sodium_compat/commit/4714da6efdc782c06690bc72ce34fae7941c2d9fghsaWEB
- github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7nvdWEB
- github.com/pyca/pynacl/commit/ecf41f55a3d8f1e10ce89c61c4b4d67f3f4467cfnvdWEB
- github.com/pyca/pynacl/issues/920nvdWEB
- ianix.com/pub/ed25519-deployment.htmlnvdWEB
- lists.debian.org/debian-lts-announce/2026/01/msg00004.htmlnvdWEB
- news.ycombinator.com/itemnvdWEB
- 00f.net/2025/12/30/libsodium-vulnerability/nvd
News mentions
0No linked articles in our index yet.