7#include <botan/sodium.h>
8#include <botan/internal/chacha.h>
9#include <botan/mem_ops.h>
10#include <botan/system_rng.h>
11#include <botan/internal/os_utils.h>
12#include <botan/internal/ct_utils.h>
13#include <botan/internal/loadstor.h>
31 return x % upper_bound;
36 const unsigned char nonce[12] = {
37 'L',
'i',
'b',
's',
'o',
'd',
'i',
'u',
'm',
'D',
'R',
'G'
42 chacha.
set_iv(nonce,
sizeof(nonce));
68 const bool same =
constant_time_compare(
static_cast<const uint8_t*
>(x),
static_cast<const uint8_t*
>(y), len);
74 const uint8_t LT =
static_cast<uint8_t
>(-1);
80 for(
size_t i = 0; i != len; ++i)
84 result = is_eq.select(result, is_lt.select(LT, GT));
87 return static_cast<int8_t
>(result);
93 for(
size_t i = 0; i != len; ++i)
101 for(
size_t i = 0; i != len; ++i)
111 for(
size_t i = 0; i != len; ++i)
120 const uint64_t len = size;
122 if(size +
sizeof(len) < size)
125 uint8_t* p =
static_cast<uint8_t*
>(std::calloc(size +
sizeof(len), 1));
135 uint8_t* p =
static_cast<uint8_t*
>(ptr) - 8;
143 const size_t bytes = count * size;
144 if(bytes < count || bytes < size)
static Mask< T > is_equal(T x, T y)
static Mask< T > expand(T v)
static Mask< T > is_lt(T x, T y)
void set_iv(const uint8_t iv[], size_t iv_len) override
void write_keystream(uint8_t out[], size_t len) override
virtual void randomize(uint8_t output[], size_t length)=0
void set_key(const SymmetricKey &key)
void page_allow_access(void *page)
void page_prohibit_access(void *page)
int crypto_verify_32(const uint8_t x[32], const uint8_t y[32])
int crypto_verify_16(const uint8_t x[16], const uint8_t y[16])
void * sodium_allocarray(size_t count, size_t size)
int sodium_memcmp(const void *x, const void *y, size_t len)
int crypto_verify_64(const uint8_t x[64], const uint8_t y[64])
void sodium_add(uint8_t a[], const uint8_t b[], size_t len)
void * sodium_malloc(size_t size)
void sodium_increment(uint8_t n[], size_t nlen)
int sodium_compare(const uint8_t x[], const uint8_t y[], size_t len)
int sodium_mprotect_noaccess(void *ptr)
void randombytes_buf_deterministic(void *buf, size_t size, const uint8_t seed[randombytes_SEEDBYTES])
int sodium_is_zero(const uint8_t nonce[], size_t nlen)
void sodium_free(void *ptr)
uint32_t randombytes_uniform(uint32_t upper_bound)
int sodium_mprotect_readwrite(void *ptr)
void sodium_memzero(void *ptr, size_t len)
void randombytes_buf(void *buf, size_t size)
constexpr void store_le(uint16_t in, uint8_t out[2])
RandomNumberGenerator & system_rng()
void carry(int64_t &h0, int64_t &h1)
void secure_scrub_memory(void *ptr, size_t n)
bool constant_time_compare(const uint8_t x[], const uint8_t y[], size_t len)
bool same_mem(const T *p1, const T *p2, size_t n)
constexpr uint64_t load_le< uint64_t >(const uint8_t in[], size_t off)