Back out NaCl since the old one with xmm6 salsa2012 does not support multi-block use and the new one is slower.

ext/bin/cnacl-osx-amd64/README.md

@@ -1,53 +0,0 @@
-# cNaCl
-
-    If you would like to be confusing, you could pronounce it sea-salt
-
-This is a fork NaCl by Daniel J. Bernstein and Tanja Lange.
-The build has been ported to cmake so it can be cross compiled and build output is reliable.
-Since it uses cmake, it could theoretically be built on windows but this has not been tested.
-It does compile using mingw32.
-
-## How do I make this thing work?
-
-    mkdir cbuild
-    cd cbuild
-    cmake ..
-    make
-
-## Ok now how about cross compiling?
-
-    mkdir cbuildw32
-    cd cbuildw32
-    cmake -DCMAKE_TOOLCHAIN_FILE=../CMakeWindows.txt ..
-    make
-
-## Why fork?
-
-NaCl builds using a shell script called `./do`. This script does compiling, testing, measuring
-and selection of the best implementation of each algorithm for the given machine. It also generates
-the header files which will be used.
-
-The problems with `./do` are it's slow, it tries compiling with multiple different compiler
-profiles, it's very platform independent but it doesn't run on Windows and most importantly, with
-compiling, testing and measuring so tightly bound, it is impossible to cross compile for a
-different operating system.
-
-
-## How it works
-
-The first time you build for a new ABI, it will trigger the traditional nacl `./do` script.
-What cNaCl does is parse the resulting headers from the `./do` build and create a plan so that it
-can repeat roughly the same build.
-
-If there is already a plan for the given ABI, the build uses this plan and the build is very fast.
-
-Plans are stored in `./cmake/plans/` and I will be adding plans as I find new ones.
-
-
-## What else is new?
-
-There is a problem with the `./do` build which prevents it from running on some ARM based machines,
-this was fixed by adding a more lax method for measuring CPU speed as a fall back.
-
-
-`#EOF#`

ext/bin/cnacl-osx-amd64/include/sodium/crypto_auth_hmacsha256.h

@@ -1,27 +0,0 @@
-#ifndef crypto_auth_hmacsha256_H
-#define crypto_auth_hmacsha256_H
-
-#define crypto_auth_hmacsha256_ref_BYTES 32
-#define crypto_auth_hmacsha256_ref_KEYBYTES 32
-#ifdef __cplusplus
-#include <string>
-extern std::string crypto_auth_hmacsha256_ref(const std::string &,const std::string &);
-extern void crypto_auth_hmacsha256_ref_verify(const std::string &,const std::string &,const std::string &);
-extern "C" {
-#endif
-extern int crypto_auth_hmacsha256_ref(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *);
-extern int crypto_auth_hmacsha256_ref_verify(const unsigned char *,const unsigned char *,unsigned long long,const unsigned char *);
-#ifdef __cplusplus
-}
-#endif
-#define crypto_auth_hmacsha256 crypto_auth_hmacsha256_ref
-#define crypto_auth_hmacsha256_verify crypto_auth_hmacsha256_ref_verify
-#define crypto_auth_hmacsha256_BYTES crypto_auth_hmacsha256_ref_BYTES
-#define crypto_auth_hmacsha256_KEYBYTES crypto_auth_hmacsha256_ref_KEYBYTES
-#define crypto_auth_hmacsha256_IMPLEMENTATION "crypto_auth/hmacsha256/ref"
-#ifndef crypto_auth_hmacsha256_ref_VERSION
-#define crypto_auth_hmacsha256_ref_VERSION "-"
-#endif
-#define crypto_auth_hmacsha256_VERSION crypto_auth_hmacsha256_ref_VERSION
-
-#endif

ext/bin/cnacl-osx-amd64/include/sodium/crypto_auth_hmacsha512256.h

@@ -1,27 +0,0 @@
-#ifndef crypto_auth_hmacsha512256_H
-#define crypto_auth_hmacsha512256_H
-
-#define crypto_auth_hmacsha512256_ref_BYTES 32
-#define crypto_auth_hmacsha512256_ref_KEYBYTES 32
-#ifdef __cplusplus
-#include <string>
-extern std::string crypto_auth_hmacsha512256_ref(const std::string &,const std::string &);
-extern void crypto_auth_hmacsha512256_ref_verify(const std::string &,const std::string &,const std::string &);
-extern "C" {
-#endif
-extern int crypto_auth_hmacsha512256_ref(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *);
-extern int crypto_auth_hmacsha512256_ref_verify(const unsigned char *,const unsigned char *,unsigned long long,const unsigned char *);
-#ifdef __cplusplus
-}
-#endif
-#define crypto_auth_hmacsha512256 crypto_auth_hmacsha512256_ref
-#define crypto_auth_hmacsha512256_verify crypto_auth_hmacsha512256_ref_verify
-#define crypto_auth_hmacsha512256_BYTES crypto_auth_hmacsha512256_ref_BYTES
-#define crypto_auth_hmacsha512256_KEYBYTES crypto_auth_hmacsha512256_ref_KEYBYTES
-#define crypto_auth_hmacsha512256_IMPLEMENTATION "crypto_auth/hmacsha512256/ref"
-#ifndef crypto_auth_hmacsha512256_ref_VERSION
-#define crypto_auth_hmacsha512256_ref_VERSION "-"
-#endif
-#define crypto_auth_hmacsha512256_VERSION crypto_auth_hmacsha512256_ref_VERSION
-
-#endif

ext/bin/cnacl-osx-amd64/include/sodium/crypto_box_curve25519xsalsa20poly1305.h

@@ -1,44 +0,0 @@
-#ifndef crypto_box_curve25519xsalsa20poly1305_H
-#define crypto_box_curve25519xsalsa20poly1305_H
-
-#define crypto_box_curve25519xsalsa20poly1305_ref_PUBLICKEYBYTES 32
-#define crypto_box_curve25519xsalsa20poly1305_ref_SECRETKEYBYTES 32
-#define crypto_box_curve25519xsalsa20poly1305_ref_BEFORENMBYTES 32
-#define crypto_box_curve25519xsalsa20poly1305_ref_NONCEBYTES 24
-#define crypto_box_curve25519xsalsa20poly1305_ref_ZEROBYTES 32
-#define crypto_box_curve25519xsalsa20poly1305_ref_BOXZEROBYTES 16
-#ifdef __cplusplus
-#include <string>
-extern std::string crypto_box_curve25519xsalsa20poly1305_ref(const std::string &,const std::string &,const std::string &,const std::string &);
-extern std::string crypto_box_curve25519xsalsa20poly1305_ref_open(const std::string &,const std::string &,const std::string &,const std::string &);
-extern std::string crypto_box_curve25519xsalsa20poly1305_ref_keypair(std::string *);
-extern "C" {
-#endif
-extern int crypto_box_curve25519xsalsa20poly1305_ref(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *,const unsigned char *);
-extern int crypto_box_curve25519xsalsa20poly1305_ref_open(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *,const unsigned char *);
-extern int crypto_box_curve25519xsalsa20poly1305_ref_keypair(unsigned char *,unsigned char *);
-extern int crypto_box_curve25519xsalsa20poly1305_ref_beforenm(unsigned char *,const unsigned char *,const unsigned char *);
-extern int crypto_box_curve25519xsalsa20poly1305_ref_afternm(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
-extern int crypto_box_curve25519xsalsa20poly1305_ref_open_afternm(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
-#ifdef __cplusplus
-}
-#endif
-#define crypto_box_curve25519xsalsa20poly1305 crypto_box_curve25519xsalsa20poly1305_ref
-#define crypto_box_curve25519xsalsa20poly1305_open crypto_box_curve25519xsalsa20poly1305_ref_open
-#define crypto_box_curve25519xsalsa20poly1305_keypair crypto_box_curve25519xsalsa20poly1305_ref_keypair
-#define crypto_box_curve25519xsalsa20poly1305_beforenm crypto_box_curve25519xsalsa20poly1305_ref_beforenm
-#define crypto_box_curve25519xsalsa20poly1305_afternm crypto_box_curve25519xsalsa20poly1305_ref_afternm
-#define crypto_box_curve25519xsalsa20poly1305_open_afternm crypto_box_curve25519xsalsa20poly1305_ref_open_afternm
-#define crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES crypto_box_curve25519xsalsa20poly1305_ref_PUBLICKEYBYTES
-#define crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES crypto_box_curve25519xsalsa20poly1305_ref_SECRETKEYBYTES
-#define crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES crypto_box_curve25519xsalsa20poly1305_ref_BEFORENMBYTES
-#define crypto_box_curve25519xsalsa20poly1305_NONCEBYTES crypto_box_curve25519xsalsa20poly1305_ref_NONCEBYTES
-#define crypto_box_curve25519xsalsa20poly1305_ZEROBYTES crypto_box_curve25519xsalsa20poly1305_ref_ZEROBYTES
-#define crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES crypto_box_curve25519xsalsa20poly1305_ref_BOXZEROBYTES
-#define crypto_box_curve25519xsalsa20poly1305_IMPLEMENTATION "crypto_box/curve25519xsalsa20poly1305/ref"
-#ifndef crypto_box_curve25519xsalsa20poly1305_ref_VERSION
-#define crypto_box_curve25519xsalsa20poly1305_ref_VERSION "-"
-#endif
-#define crypto_box_curve25519xsalsa20poly1305_VERSION crypto_box_curve25519xsalsa20poly1305_ref_VERSION
-
-#endif

ext/bin/cnacl-osx-amd64/include/sodium/crypto_core_hsalsa20.h

@@ -1,27 +0,0 @@
-#ifndef crypto_core_hsalsa20_H
-#define crypto_core_hsalsa20_H
-
-#define crypto_core_hsalsa20_ref_OUTPUTBYTES 32
-#define crypto_core_hsalsa20_ref_INPUTBYTES 16
-#define crypto_core_hsalsa20_ref_KEYBYTES 32
-#define crypto_core_hsalsa20_ref_CONSTBYTES 16
-#ifdef __cplusplus
-#include <string>
-extern "C" {
-#endif
-extern int crypto_core_hsalsa20_ref(unsigned char *,const unsigned char *,const unsigned char *,const unsigned char *);
-#ifdef __cplusplus
-}
-#endif
-#define crypto_core_hsalsa20 crypto_core_hsalsa20_ref
-#define crypto_core_hsalsa20_OUTPUTBYTES crypto_core_hsalsa20_ref_OUTPUTBYTES
-#define crypto_core_hsalsa20_INPUTBYTES crypto_core_hsalsa20_ref_INPUTBYTES
-#define crypto_core_hsalsa20_KEYBYTES crypto_core_hsalsa20_ref_KEYBYTES
-#define crypto_core_hsalsa20_CONSTBYTES crypto_core_hsalsa20_ref_CONSTBYTES
-#define crypto_core_hsalsa20_IMPLEMENTATION "crypto_core/hsalsa20/ref"
-#ifndef crypto_core_hsalsa20_ref_VERSION
-#define crypto_core_hsalsa20_ref_VERSION "-"
-#endif
-#define crypto_core_hsalsa20_VERSION crypto_core_hsalsa20_ref_VERSION
-
-#endif

ext/bin/cnacl-osx-amd64/include/sodium/crypto_core_salsa20.h

@@ -1,27 +0,0 @@
-#ifndef crypto_core_salsa20_H
-#define crypto_core_salsa20_H
-
-#define crypto_core_salsa20_ref_OUTPUTBYTES 64
-#define crypto_core_salsa20_ref_INPUTBYTES 16
-#define crypto_core_salsa20_ref_KEYBYTES 32
-#define crypto_core_salsa20_ref_CONSTBYTES 16
-#ifdef __cplusplus
-#include <string>
-extern "C" {
-#endif
-extern int crypto_core_salsa20_ref(unsigned char *,const unsigned char *,const unsigned char *,const unsigned char *);
-#ifdef __cplusplus
-}
-#endif
-#define crypto_core_salsa20 crypto_core_salsa20_ref
-#define crypto_core_salsa20_OUTPUTBYTES crypto_core_salsa20_ref_OUTPUTBYTES
-#define crypto_core_salsa20_INPUTBYTES crypto_core_salsa20_ref_INPUTBYTES
-#define crypto_core_salsa20_KEYBYTES crypto_core_salsa20_ref_KEYBYTES
-#define crypto_core_salsa20_CONSTBYTES crypto_core_salsa20_ref_CONSTBYTES
-#define crypto_core_salsa20_IMPLEMENTATION "crypto_core/salsa20/ref"
-#ifndef crypto_core_salsa20_ref_VERSION
-#define crypto_core_salsa20_ref_VERSION "-"
-#endif
-#define crypto_core_salsa20_VERSION crypto_core_salsa20_ref_VERSION
-
-#endif

ext/bin/cnacl-osx-amd64/include/sodium/crypto_core_salsa2012.h

@@ -1,27 +0,0 @@
-#ifndef crypto_core_salsa2012_H
-#define crypto_core_salsa2012_H
-
-#define crypto_core_salsa2012_ref_OUTPUTBYTES 64
-#define crypto_core_salsa2012_ref_INPUTBYTES 16
-#define crypto_core_salsa2012_ref_KEYBYTES 32
-#define crypto_core_salsa2012_ref_CONSTBYTES 16
-#ifdef __cplusplus
-#include <string>
-extern "C" {
-#endif
-extern int crypto_core_salsa2012_ref(unsigned char *,const unsigned char *,const unsigned char *,const unsigned char *);
-#ifdef __cplusplus
-}
-#endif
-#define crypto_core_salsa2012 crypto_core_salsa2012_ref
-#define crypto_core_salsa2012_OUTPUTBYTES crypto_core_salsa2012_ref_OUTPUTBYTES
-#define crypto_core_salsa2012_INPUTBYTES crypto_core_salsa2012_ref_INPUTBYTES
-#define crypto_core_salsa2012_KEYBYTES crypto_core_salsa2012_ref_KEYBYTES
-#define crypto_core_salsa2012_CONSTBYTES crypto_core_salsa2012_ref_CONSTBYTES
-#define crypto_core_salsa2012_IMPLEMENTATION "crypto_core/salsa2012/ref"
-#ifndef crypto_core_salsa2012_ref_VERSION
-#define crypto_core_salsa2012_ref_VERSION "-"
-#endif
-#define crypto_core_salsa2012_VERSION crypto_core_salsa2012_ref_VERSION
-
-#endif

ext/bin/cnacl-osx-amd64/include/sodium/crypto_core_salsa208.h

@@ -1,27 +0,0 @@
-#ifndef crypto_core_salsa208_H
-#define crypto_core_salsa208_H
-
-#define crypto_core_salsa208_ref_OUTPUTBYTES 64
-#define crypto_core_salsa208_ref_INPUTBYTES 16
-#define crypto_core_salsa208_ref_KEYBYTES 32
-#define crypto_core_salsa208_ref_CONSTBYTES 16
-#ifdef __cplusplus
-#include <string>
-extern "C" {
-#endif
-extern int crypto_core_salsa208_ref(unsigned char *,const unsigned char *,const unsigned char *,const unsigned char *);
-#ifdef __cplusplus
-}
-#endif
-#define crypto_core_salsa208 crypto_core_salsa208_ref
-#define crypto_core_salsa208_OUTPUTBYTES crypto_core_salsa208_ref_OUTPUTBYTES
-#define crypto_core_salsa208_INPUTBYTES crypto_core_salsa208_ref_INPUTBYTES
-#define crypto_core_salsa208_KEYBYTES crypto_core_salsa208_ref_KEYBYTES
-#define crypto_core_salsa208_CONSTBYTES crypto_core_salsa208_ref_CONSTBYTES
-#define crypto_core_salsa208_IMPLEMENTATION "crypto_core/salsa208/ref"
-#ifndef crypto_core_salsa208_ref_VERSION
-#define crypto_core_salsa208_ref_VERSION "-"
-#endif
-#define crypto_core_salsa208_VERSION crypto_core_salsa208_ref_VERSION
-
-#endif

ext/bin/cnacl-osx-amd64/include/sodium/crypto_hash_sha256.h

@@ -1,22 +0,0 @@
-#ifndef crypto_hash_sha256_H
-#define crypto_hash_sha256_H
-
-#define crypto_hash_sha256_ref_BYTES 32
-#ifdef __cplusplus
-#include <string>
-extern std::string crypto_hash_sha256_ref(const std::string &);
-extern "C" {
-#endif
-extern int crypto_hash_sha256_ref(unsigned char *,const unsigned char *,unsigned long long);
-#ifdef __cplusplus
-}
-#endif
-#define crypto_hash_sha256 crypto_hash_sha256_ref
-#define crypto_hash_sha256_BYTES crypto_hash_sha256_ref_BYTES
-#define crypto_hash_sha256_IMPLEMENTATION "crypto_hash/sha256/ref"
-#ifndef crypto_hash_sha256_ref_VERSION
-#define crypto_hash_sha256_ref_VERSION "-"
-#endif
-#define crypto_hash_sha256_VERSION crypto_hash_sha256_ref_VERSION
-
-#endif

ext/bin/cnacl-osx-amd64/include/sodium/crypto_hash_sha512.h

@@ -1,22 +0,0 @@
-#ifndef crypto_hash_sha512_H
-#define crypto_hash_sha512_H
-
-#define crypto_hash_sha512_ref_BYTES 64
-#ifdef __cplusplus
-#include <string>
-extern std::string crypto_hash_sha512_ref(const std::string &);
-extern "C" {
-#endif
-extern int crypto_hash_sha512_ref(unsigned char *,const unsigned char *,unsigned long long);
-#ifdef __cplusplus
-}
-#endif
-#define crypto_hash_sha512 crypto_hash_sha512_ref
-#define crypto_hash_sha512_BYTES crypto_hash_sha512_ref_BYTES
-#define crypto_hash_sha512_IMPLEMENTATION "crypto_hash/sha512/ref"
-#ifndef crypto_hash_sha512_ref_VERSION
-#define crypto_hash_sha512_ref_VERSION "-"
-#endif
-#define crypto_hash_sha512_VERSION crypto_hash_sha512_ref_VERSION
-
-#endif

ext/bin/cnacl-osx-amd64/include/sodium/crypto_hashblocks_sha256.h

@@ -1,23 +0,0 @@
-#ifndef crypto_hashblocks_sha256_H
-#define crypto_hashblocks_sha256_H
-
-#define crypto_hashblocks_sha256_inplace_STATEBYTES 32
-#define crypto_hashblocks_sha256_inplace_BLOCKBYTES 64
-#ifdef __cplusplus
-#include <string>
-extern "C" {
-#endif
-extern int crypto_hashblocks_sha256_inplace(unsigned char *,const unsigned char *,unsigned long long);
-#ifdef __cplusplus
-}
-#endif
-#define crypto_hashblocks_sha256 crypto_hashblocks_sha256_inplace
-#define crypto_hashblocks_sha256_STATEBYTES crypto_hashblocks_sha256_inplace_STATEBYTES
-#define crypto_hashblocks_sha256_BLOCKBYTES crypto_hashblocks_sha256_inplace_BLOCKBYTES
-#define crypto_hashblocks_sha256_IMPLEMENTATION "crypto_hashblocks/sha256/inplace"
-#ifndef crypto_hashblocks_sha256_inplace_VERSION
-#define crypto_hashblocks_sha256_inplace_VERSION "-"
-#endif
-#define crypto_hashblocks_sha256_VERSION crypto_hashblocks_sha256_inplace_VERSION
-
-#endif

ext/bin/cnacl-osx-amd64/include/sodium/crypto_hashblocks_sha512.h

@@ -1,23 +0,0 @@
-#ifndef crypto_hashblocks_sha512_H
-#define crypto_hashblocks_sha512_H
-
-#define crypto_hashblocks_sha512_ref_STATEBYTES 64
-#define crypto_hashblocks_sha512_ref_BLOCKBYTES 128
-#ifdef __cplusplus
-#include <string>
-extern "C" {
-#endif
-extern int crypto_hashblocks_sha512_ref(unsigned char *,const unsigned char *,unsigned long long);
-#ifdef __cplusplus
-}
-#endif
-#define crypto_hashblocks_sha512 crypto_hashblocks_sha512_ref
-#define crypto_hashblocks_sha512_STATEBYTES crypto_hashblocks_sha512_ref_STATEBYTES
-#define crypto_hashblocks_sha512_BLOCKBYTES crypto_hashblocks_sha512_ref_BLOCKBYTES
-#define crypto_hashblocks_sha512_IMPLEMENTATION "crypto_hashblocks/sha512/ref"
-#ifndef crypto_hashblocks_sha512_ref_VERSION
-#define crypto_hashblocks_sha512_ref_VERSION "-"
-#endif
-#define crypto_hashblocks_sha512_VERSION crypto_hashblocks_sha512_ref_VERSION
-
-#endif

ext/bin/cnacl-osx-amd64/include/sodium/crypto_onetimeauth_poly1305.h

@@ -1,27 +0,0 @@
-#ifndef crypto_onetimeauth_poly1305_H
-#define crypto_onetimeauth_poly1305_H
-
-#define crypto_onetimeauth_poly1305_53_BYTES 16
-#define crypto_onetimeauth_poly1305_53_KEYBYTES 32
-#ifdef __cplusplus
-#include <string>
-extern std::string crypto_onetimeauth_poly1305_53(const std::string &,const std::string &);
-extern void crypto_onetimeauth_poly1305_53_verify(const std::string &,const std::string &,const std::string &);
-extern "C" {
-#endif
-extern int crypto_onetimeauth_poly1305_53(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *);
-extern int crypto_onetimeauth_poly1305_53_verify(const unsigned char *,const unsigned char *,unsigned long long,const unsigned char *);
-#ifdef __cplusplus
-}
-#endif
-#define crypto_onetimeauth_poly1305 crypto_onetimeauth_poly1305_53
-#define crypto_onetimeauth_poly1305_verify crypto_onetimeauth_poly1305_53_verify
-#define crypto_onetimeauth_poly1305_BYTES crypto_onetimeauth_poly1305_53_BYTES
-#define crypto_onetimeauth_poly1305_KEYBYTES crypto_onetimeauth_poly1305_53_KEYBYTES
-#define crypto_onetimeauth_poly1305_IMPLEMENTATION "crypto_onetimeauth/poly1305/53"
-#ifndef crypto_onetimeauth_poly1305_53_VERSION
-#define crypto_onetimeauth_poly1305_53_VERSION "-"
-#endif
-#define crypto_onetimeauth_poly1305_VERSION crypto_onetimeauth_poly1305_53_VERSION
-
-#endif

ext/bin/cnacl-osx-amd64/include/sodium/crypto_scalarmult_curve25519.h

@@ -1,27 +0,0 @@
-#ifndef crypto_scalarmult_curve25519_H
-#define crypto_scalarmult_curve25519_H
-
-#define crypto_scalarmult_curve25519_donna_c64_BYTES 32
-#define crypto_scalarmult_curve25519_donna_c64_SCALARBYTES 32
-#ifdef __cplusplus
-#include <string>
-extern std::string crypto_scalarmult_curve25519_donna_c64(const std::string &,const std::string &);
-extern std::string crypto_scalarmult_curve25519_donna_c64_base(const std::string &);
-extern "C" {
-#endif
-extern int crypto_scalarmult_curve25519_donna_c64(unsigned char *,const unsigned char *,const unsigned char *);
-extern int crypto_scalarmult_curve25519_donna_c64_base(unsigned char *,const unsigned char *);
-#ifdef __cplusplus
-}
-#endif
-#define crypto_scalarmult_curve25519 crypto_scalarmult_curve25519_donna_c64
-#define crypto_scalarmult_curve25519_base crypto_scalarmult_curve25519_donna_c64_base
-#define crypto_scalarmult_curve25519_BYTES crypto_scalarmult_curve25519_donna_c64_BYTES
-#define crypto_scalarmult_curve25519_SCALARBYTES crypto_scalarmult_curve25519_donna_c64_SCALARBYTES
-#define crypto_scalarmult_curve25519_IMPLEMENTATION "crypto_scalarmult/curve25519/donna_c64"
-#ifndef crypto_scalarmult_curve25519_donna_c64_VERSION
-#define crypto_scalarmult_curve25519_donna_c64_VERSION "-"
-#endif
-#define crypto_scalarmult_curve25519_VERSION crypto_scalarmult_curve25519_donna_c64_VERSION
-
-#endif

ext/bin/cnacl-osx-amd64/include/sodium/crypto_secretbox_xsalsa20poly1305.h

@@ -1,31 +0,0 @@
-#ifndef crypto_secretbox_xsalsa20poly1305_H
-#define crypto_secretbox_xsalsa20poly1305_H
-
-#define crypto_secretbox_xsalsa20poly1305_ref_KEYBYTES 32
-#define crypto_secretbox_xsalsa20poly1305_ref_NONCEBYTES 24
-#define crypto_secretbox_xsalsa20poly1305_ref_ZEROBYTES 32
-#define crypto_secretbox_xsalsa20poly1305_ref_BOXZEROBYTES 16
-#ifdef __cplusplus
-#include <string>
-extern std::string crypto_secretbox_xsalsa20poly1305_ref(const std::string &,const std::string &,const std::string &);
-extern std::string crypto_secretbox_xsalsa20poly1305_ref_open(const std::string &,const std::string &,const std::string &);
-extern "C" {
-#endif
-extern int crypto_secretbox_xsalsa20poly1305_ref(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
-extern int crypto_secretbox_xsalsa20poly1305_ref_open(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
-#ifdef __cplusplus
-}
-#endif
-#define crypto_secretbox_xsalsa20poly1305 crypto_secretbox_xsalsa20poly1305_ref
-#define crypto_secretbox_xsalsa20poly1305_open crypto_secretbox_xsalsa20poly1305_ref_open
-#define crypto_secretbox_xsalsa20poly1305_KEYBYTES crypto_secretbox_xsalsa20poly1305_ref_KEYBYTES
-#define crypto_secretbox_xsalsa20poly1305_NONCEBYTES crypto_secretbox_xsalsa20poly1305_ref_NONCEBYTES
-#define crypto_secretbox_xsalsa20poly1305_ZEROBYTES crypto_secretbox_xsalsa20poly1305_ref_ZEROBYTES
-#define crypto_secretbox_xsalsa20poly1305_BOXZEROBYTES crypto_secretbox_xsalsa20poly1305_ref_BOXZEROBYTES
-#define crypto_secretbox_xsalsa20poly1305_IMPLEMENTATION "crypto_secretbox/xsalsa20poly1305/ref"
-#ifndef crypto_secretbox_xsalsa20poly1305_ref_VERSION
-#define crypto_secretbox_xsalsa20poly1305_ref_VERSION "-"
-#endif
-#define crypto_secretbox_xsalsa20poly1305_VERSION crypto_secretbox_xsalsa20poly1305_ref_VERSION
-
-#endif

ext/bin/cnacl-osx-amd64/include/sodium/crypto_sign_edwards25519sha512batch.h

@@ -1,32 +0,0 @@
-#ifndef crypto_sign_edwards25519sha512batch_H
-#define crypto_sign_edwards25519sha512batch_H
-
-#define crypto_sign_edwards25519sha512batch_ref_SECRETKEYBYTES 64
-#define crypto_sign_edwards25519sha512batch_ref_PUBLICKEYBYTES 32
-#define crypto_sign_edwards25519sha512batch_ref_BYTES 64
-#ifdef __cplusplus
-#include <string>
-extern std::string crypto_sign_edwards25519sha512batch_ref(const std::string &,const std::string &);
-extern std::string crypto_sign_edwards25519sha512batch_ref_open(const std::string &,const std::string &);
-extern std::string crypto_sign_edwards25519sha512batch_ref_keypair(std::string *);
-extern "C" {
-#endif
-extern int crypto_sign_edwards25519sha512batch_ref(unsigned char *,unsigned long long *,const unsigned char *,unsigned long long,const unsigned char *);
-extern int crypto_sign_edwards25519sha512batch_ref_open(unsigned char *,unsigned long long *,const unsigned char *,unsigned long long,const unsigned char *);
-extern int crypto_sign_edwards25519sha512batch_ref_keypair(unsigned char *,unsigned char *);
-#ifdef __cplusplus
-}
-#endif
-#define crypto_sign_edwards25519sha512batch crypto_sign_edwards25519sha512batch_ref
-#define crypto_sign_edwards25519sha512batch_open crypto_sign_edwards25519sha512batch_ref_open
-#define crypto_sign_edwards25519sha512batch_keypair crypto_sign_edwards25519sha512batch_ref_keypair
-#define crypto_sign_edwards25519sha512batch_BYTES crypto_sign_edwards25519sha512batch_ref_BYTES
-#define crypto_sign_edwards25519sha512batch_PUBLICKEYBYTES crypto_sign_edwards25519sha512batch_ref_PUBLICKEYBYTES
-#define crypto_sign_edwards25519sha512batch_SECRETKEYBYTES crypto_sign_edwards25519sha512batch_ref_SECRETKEYBYTES
-#define crypto_sign_edwards25519sha512batch_IMPLEMENTATION "crypto_sign/edwards25519sha512batch/ref"
-#ifndef crypto_sign_edwards25519sha512batch_ref_VERSION
-#define crypto_sign_edwards25519sha512batch_ref_VERSION "-"
-#endif
-#define crypto_sign_edwards25519sha512batch_VERSION crypto_sign_edwards25519sha512batch_ref_VERSION
-
-#endif

ext/bin/cnacl-osx-amd64/include/sodium/crypto_stream_aes128ctr.h

@@ -1,35 +0,0 @@
-#ifndef crypto_stream_aes128ctr_H
-#define crypto_stream_aes128ctr_H
-
-#define crypto_stream_aes128ctr_portable_KEYBYTES 16
-#define crypto_stream_aes128ctr_portable_NONCEBYTES 16
-#define crypto_stream_aes128ctr_portable_BEFORENMBYTES 1408
-#ifdef __cplusplus
-#include <string>
-extern std::string crypto_stream_aes128ctr_portable(size_t,const std::string &,const std::string &);
-extern std::string crypto_stream_aes128ctr_portable_xor(const std::string &,const std::string &,const std::string &);
-extern "C" {
-#endif
-extern int crypto_stream_aes128ctr_portable(unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
-extern int crypto_stream_aes128ctr_portable_xor(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
-extern int crypto_stream_aes128ctr_portable_beforenm(unsigned char *,const unsigned char *);
-extern int crypto_stream_aes128ctr_portable_afternm(unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
-extern int crypto_stream_aes128ctr_portable_xor_afternm(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
-#ifdef __cplusplus
-}
-#endif
-#define crypto_stream_aes128ctr crypto_stream_aes128ctr_portable
-#define crypto_stream_aes128ctr_xor crypto_stream_aes128ctr_portable_xor
-#define crypto_stream_aes128ctr_beforenm crypto_stream_aes128ctr_portable_beforenm
-#define crypto_stream_aes128ctr_afternm crypto_stream_aes128ctr_portable_afternm
-#define crypto_stream_aes128ctr_xor_afternm crypto_stream_aes128ctr_portable_xor_afternm
-#define crypto_stream_aes128ctr_KEYBYTES crypto_stream_aes128ctr_portable_KEYBYTES
-#define crypto_stream_aes128ctr_NONCEBYTES crypto_stream_aes128ctr_portable_NONCEBYTES
-#define crypto_stream_aes128ctr_BEFORENMBYTES crypto_stream_aes128ctr_portable_BEFORENMBYTES
-#define crypto_stream_aes128ctr_IMPLEMENTATION "crypto_stream/aes128ctr/portable"
-#ifndef crypto_stream_aes128ctr_portable_VERSION
-#define crypto_stream_aes128ctr_portable_VERSION "-"
-#endif
-#define crypto_stream_aes128ctr_VERSION crypto_stream_aes128ctr_portable_VERSION
-
-#endif

ext/bin/cnacl-osx-amd64/include/sodium/crypto_stream_salsa20.h

@@ -1,34 +0,0 @@
-#ifndef crypto_stream_salsa20_H
-#define crypto_stream_salsa20_H
-
-#define crypto_stream_salsa20_amd64_xmm6_KEYBYTES 32
-#define crypto_stream_salsa20_amd64_xmm6_NONCEBYTES 8
-#ifdef __cplusplus
-#include <string>
-extern std::string crypto_stream_salsa20_amd64_xmm6(size_t,const std::string &,const std::string &);
-extern std::string crypto_stream_salsa20_amd64_xmm6_xor(const std::string &,const std::string &,const std::string &);
-extern "C" {
-#endif
-extern int crypto_stream_salsa20_amd64_xmm6(unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
-extern int crypto_stream_salsa20_amd64_xmm6_xor(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
-extern int crypto_stream_salsa20_amd64_xmm6_beforenm(unsigned char *,const unsigned char *);
-extern int crypto_stream_salsa20_amd64_xmm6_afternm(unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
-extern int crypto_stream_salsa20_amd64_xmm6_xor_afternm(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
-#ifdef __cplusplus
-}
-#endif
-#define crypto_stream_salsa20 crypto_stream_salsa20_amd64_xmm6
-#define crypto_stream_salsa20_xor crypto_stream_salsa20_amd64_xmm6_xor
-#define crypto_stream_salsa20_beforenm crypto_stream_salsa20_amd64_xmm6_beforenm
-#define crypto_stream_salsa20_afternm crypto_stream_salsa20_amd64_xmm6_afternm
-#define crypto_stream_salsa20_xor_afternm crypto_stream_salsa20_amd64_xmm6_xor_afternm
-#define crypto_stream_salsa20_KEYBYTES crypto_stream_salsa20_amd64_xmm6_KEYBYTES
-#define crypto_stream_salsa20_NONCEBYTES crypto_stream_salsa20_amd64_xmm6_NONCEBYTES
-#define crypto_stream_salsa20_BEFORENMBYTES crypto_stream_salsa20_amd64_xmm6_BEFORENMBYTES
-#define crypto_stream_salsa20_IMPLEMENTATION "crypto_stream/salsa20/amd64_xmm6"
-#ifndef crypto_stream_salsa20_amd64_xmm6_VERSION
-#define crypto_stream_salsa20_amd64_xmm6_VERSION "-"
-#endif
-#define crypto_stream_salsa20_VERSION crypto_stream_salsa20_amd64_xmm6_VERSION
-
-#endif

ext/bin/cnacl-osx-amd64/include/sodium/crypto_stream_salsa2012.h

@@ -1,34 +0,0 @@
-#ifndef crypto_stream_salsa2012_H
-#define crypto_stream_salsa2012_H
-
-#define crypto_stream_salsa2012_amd64_xmm6_KEYBYTES 32
-#define crypto_stream_salsa2012_amd64_xmm6_NONCEBYTES 8
-#ifdef __cplusplus
-#include <string>
-extern std::string crypto_stream_salsa2012_amd64_xmm6(size_t,const std::string &,const std::string &);
-extern std::string crypto_stream_salsa2012_amd64_xmm6_xor(const std::string &,const std::string &,const std::string &);
-extern "C" {
-#endif
-extern int crypto_stream_salsa2012_amd64_xmm6(unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
-extern int crypto_stream_salsa2012_amd64_xmm6_xor(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
-extern int crypto_stream_salsa2012_amd64_xmm6_beforenm(unsigned char *,const unsigned char *);
-extern int crypto_stream_salsa2012_amd64_xmm6_afternm(unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
-extern int crypto_stream_salsa2012_amd64_xmm6_xor_afternm(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
-#ifdef __cplusplus
-}
-#endif
-#define crypto_stream_salsa2012 crypto_stream_salsa2012_amd64_xmm6
-#define crypto_stream_salsa2012_xor crypto_stream_salsa2012_amd64_xmm6_xor
-#define crypto_stream_salsa2012_beforenm crypto_stream_salsa2012_amd64_xmm6_beforenm
-#define crypto_stream_salsa2012_afternm crypto_stream_salsa2012_amd64_xmm6_afternm
-#define crypto_stream_salsa2012_xor_afternm crypto_stream_salsa2012_amd64_xmm6_xor_afternm
-#define crypto_stream_salsa2012_KEYBYTES crypto_stream_salsa2012_amd64_xmm6_KEYBYTES
-#define crypto_stream_salsa2012_NONCEBYTES crypto_stream_salsa2012_amd64_xmm6_NONCEBYTES
-#define crypto_stream_salsa2012_BEFORENMBYTES crypto_stream_salsa2012_amd64_xmm6_BEFORENMBYTES
-#define crypto_stream_salsa2012_IMPLEMENTATION "crypto_stream/salsa2012/amd64_xmm6"
-#ifndef crypto_stream_salsa2012_amd64_xmm6_VERSION
-#define crypto_stream_salsa2012_amd64_xmm6_VERSION "-"
-#endif
-#define crypto_stream_salsa2012_VERSION crypto_stream_salsa2012_amd64_xmm6_VERSION
-
-#endif

ext/bin/cnacl-osx-amd64/include/sodium/crypto_stream_salsa208.h

@@ -1,34 +0,0 @@
-#ifndef crypto_stream_salsa208_H
-#define crypto_stream_salsa208_H
-
-#define crypto_stream_salsa208_amd64_xmm6_KEYBYTES 32
-#define crypto_stream_salsa208_amd64_xmm6_NONCEBYTES 8
-#ifdef __cplusplus
-#include <string>
-extern std::string crypto_stream_salsa208_amd64_xmm6(size_t,const std::string &,const std::string &);
-extern std::string crypto_stream_salsa208_amd64_xmm6_xor(const std::string &,const std::string &,const std::string &);
-extern "C" {
-#endif
-extern int crypto_stream_salsa208_amd64_xmm6(unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
-extern int crypto_stream_salsa208_amd64_xmm6_xor(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
-extern int crypto_stream_salsa208_amd64_xmm6_beforenm(unsigned char *,const unsigned char *);
-extern int crypto_stream_salsa208_amd64_xmm6_afternm(unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
-extern int crypto_stream_salsa208_amd64_xmm6_xor_afternm(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
-#ifdef __cplusplus
-}
-#endif
-#define crypto_stream_salsa208 crypto_stream_salsa208_amd64_xmm6
-#define crypto_stream_salsa208_xor crypto_stream_salsa208_amd64_xmm6_xor
-#define crypto_stream_salsa208_beforenm crypto_stream_salsa208_amd64_xmm6_beforenm
-#define crypto_stream_salsa208_afternm crypto_stream_salsa208_amd64_xmm6_afternm
-#define crypto_stream_salsa208_xor_afternm crypto_stream_salsa208_amd64_xmm6_xor_afternm
-#define crypto_stream_salsa208_KEYBYTES crypto_stream_salsa208_amd64_xmm6_KEYBYTES
-#define crypto_stream_salsa208_NONCEBYTES crypto_stream_salsa208_amd64_xmm6_NONCEBYTES
-#define crypto_stream_salsa208_BEFORENMBYTES crypto_stream_salsa208_amd64_xmm6_BEFORENMBYTES
-#define crypto_stream_salsa208_IMPLEMENTATION "crypto_stream/salsa208/amd64_xmm6"
-#ifndef crypto_stream_salsa208_amd64_xmm6_VERSION
-#define crypto_stream_salsa208_amd64_xmm6_VERSION "-"
-#endif
-#define crypto_stream_salsa208_VERSION crypto_stream_salsa208_amd64_xmm6_VERSION
-
-#endif

ext/bin/cnacl-osx-amd64/include/sodium/crypto_stream_xsalsa20.h

@@ -1,34 +0,0 @@
-#ifndef crypto_stream_xsalsa20_H
-#define crypto_stream_xsalsa20_H
-
-#define crypto_stream_xsalsa20_ref_KEYBYTES 32
-#define crypto_stream_xsalsa20_ref_NONCEBYTES 24
-#ifdef __cplusplus
-#include <string>
-extern std::string crypto_stream_xsalsa20_ref(size_t,const std::string &,const std::string &);
-extern std::string crypto_stream_xsalsa20_ref_xor(const std::string &,const std::string &,const std::string &);
-extern "C" {
-#endif
-extern int crypto_stream_xsalsa20_ref(unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
-extern int crypto_stream_xsalsa20_ref_xor(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
-extern int crypto_stream_xsalsa20_ref_beforenm(unsigned char *,const unsigned char *);
-extern int crypto_stream_xsalsa20_ref_afternm(unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
-extern int crypto_stream_xsalsa20_ref_xor_afternm(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
-#ifdef __cplusplus
-}
-#endif
-#define crypto_stream_xsalsa20 crypto_stream_xsalsa20_ref
-#define crypto_stream_xsalsa20_xor crypto_stream_xsalsa20_ref_xor
-#define crypto_stream_xsalsa20_beforenm crypto_stream_xsalsa20_ref_beforenm
-#define crypto_stream_xsalsa20_afternm crypto_stream_xsalsa20_ref_afternm
-#define crypto_stream_xsalsa20_xor_afternm crypto_stream_xsalsa20_ref_xor_afternm
-#define crypto_stream_xsalsa20_KEYBYTES crypto_stream_xsalsa20_ref_KEYBYTES
-#define crypto_stream_xsalsa20_NONCEBYTES crypto_stream_xsalsa20_ref_NONCEBYTES
-#define crypto_stream_xsalsa20_BEFORENMBYTES crypto_stream_xsalsa20_ref_BEFORENMBYTES
-#define crypto_stream_xsalsa20_IMPLEMENTATION "crypto_stream/xsalsa20/ref"
-#ifndef crypto_stream_xsalsa20_ref_VERSION
-#define crypto_stream_xsalsa20_ref_VERSION "-"
-#endif
-#define crypto_stream_xsalsa20_VERSION crypto_stream_xsalsa20_ref_VERSION
-
-#endif

ext/bin/cnacl-osx-amd64/include/sodium/crypto_types.h

@@ -1,11 +0,0 @@
-#ifndef crypto_types_h
-#define crypto_types_h
-typedef short crypto_int16;
-typedef int crypto_int32;
-typedef long long crypto_int64;
-typedef signed char crypto_int8;
-typedef unsigned short crypto_uint16;
-typedef unsigned int crypto_uint32;
-typedef unsigned long long crypto_uint64;
-typedef unsigned char crypto_uint8;
-#endif

ext/bin/cnacl-osx-amd64/include/sodium/crypto_verify_16.h

@@ -1,21 +0,0 @@
-#ifndef crypto_verify_16_H
-#define crypto_verify_16_H
-
-#define crypto_verify_16_ref_BYTES 16
-#ifdef __cplusplus
-#include <string>
-extern "C" {
-#endif
-extern int crypto_verify_16_ref(const unsigned char *,const unsigned char *);
-#ifdef __cplusplus
-}
-#endif
-#define crypto_verify_16 crypto_verify_16_ref
-#define crypto_verify_16_BYTES crypto_verify_16_ref_BYTES
-#define crypto_verify_16_IMPLEMENTATION "crypto_verify/16/ref"
-#ifndef crypto_verify_16_ref_VERSION
-#define crypto_verify_16_ref_VERSION "-"
-#endif
-#define crypto_verify_16_VERSION crypto_verify_16_ref_VERSION
-
-#endif

ext/bin/cnacl-osx-amd64/include/sodium/crypto_verify_32.h

@@ -1,21 +0,0 @@
-#ifndef crypto_verify_32_H
-#define crypto_verify_32_H
-
-#define crypto_verify_32_ref_BYTES 32
-#ifdef __cplusplus
-#include <string>
-extern "C" {
-#endif
-extern int crypto_verify_32_ref(const unsigned char *,const unsigned char *);
-#ifdef __cplusplus
-}
-#endif
-#define crypto_verify_32 crypto_verify_32_ref
-#define crypto_verify_32_BYTES crypto_verify_32_ref_BYTES
-#define crypto_verify_32_IMPLEMENTATION "crypto_verify/32/ref"
-#ifndef crypto_verify_32_ref_VERSION
-#define crypto_verify_32_ref_VERSION "-"
-#endif
-#define crypto_verify_32_VERSION crypto_verify_32_ref_VERSION
-
-#endif

make-mac.mk

@@ -33,12 +33,6 @@ else
 	DEFS+=-DZT_SOFTWARE_UPDATE_DEFAULT="\"download\""
 endif
 
-# Use precompiled extremely fast Salsa20/12 from "cnacl" included in ext/bin
-# See https://github.com/cjdelisle/cnacl
-DEFS+=-DZT_USE_LIBSODIUM
-CFLAGS+=-Iext/bin/cnacl-osx-amd64/include
-LIBS+=ext/bin/cnacl-osx-amd64/libnacl.a
-
 ifeq ($(ZT_ENABLE_CLUSTER),1)
 	DEFS+=-DZT_ENABLE_CLUSTER
 endif

node/Node.cpp

@@ -50,7 +50,6 @@ Node::Node(void *uptr,void *tptr,const struct ZT_Node_Callbacks *callbacks,uint6
 	_RR(this),
 	RR(&_RR),
 	_uPtr(uptr),
-	_prngStreamPtr(0),
 	_now(now),
 	_lastPingCheck(0),
 	_lastHousekeepingRun(0)
@@ -59,19 +58,14 @@ Node::Node(void *uptr,void *tptr,const struct ZT_Node_Callbacks *callbacks,uint6
 		throw std::runtime_error("callbacks struct version mismatch");
 	memcpy(&_cb,callbacks,sizeof(ZT_Node_Callbacks));
 
+	Utils::getSecureRandom((void *)_prngState,sizeof(_prngState));
+
 	_online = false;
 
 	memset(_expectingRepliesToBucketPtr,0,sizeof(_expectingRepliesToBucketPtr));
 	memset(_expectingRepliesTo,0,sizeof(_expectingRepliesTo));
 	memset(_lastIdentityVerification,0,sizeof(_lastIdentityVerification));
 
-	// Use Salsa20 alone as a high-quality non-crypto PRNG
-	char foo[64];
-	Utils::getSecureRandom(foo,64);
-	_prng.init(foo,foo + 32);
-	memset(_prngStream,0,sizeof(_prngStream));
-	_prng.crypt12(_prngStream,_prngStream,sizeof(_prngStream));
-
 	std::string idtmp(dataStoreGet(tptr,"identity.secret"));
 	if ((!idtmp.length())||(!RR->identity.fromString(idtmp))||(!RR->identity.hasPrivate())) {
 		TRACE("identity.secret not found, generating...");
@@ -701,10 +695,14 @@ void Node::postTrace(const char *module,unsigned int line,const char *fmt,...)
 
 uint64_t Node::prng()
 {
-	unsigned int p = (++_prngStreamPtr % ZT_NODE_PRNG_BUF_SIZE);
-	if (!p)
-		_prng.crypt12(_prngStream,_prngStream,sizeof(_prngStream));
-	return _prngStream[p];
+	// https://en.wikipedia.org/wiki/Xorshift#xorshift.2B
+	uint64_t x = _prngState[0];
+	const uint64_t y = _prngState[1];
+	_prngState[0] = y;
+	x ^= x << 23;
+	const uint64_t z = x ^ y ^ (x >> 17) ^ (y >> 26);
+	_prngState[1] = z;
+	return z + y;
 }
 
 void Node::postCircuitTestReport(const ZT_CircuitTestReport *report)

node/Node.hpp

@@ -50,9 +50,6 @@
 #define ZT_EXPECTING_REPLIES_BUCKET_MASK1 255
 #define ZT_EXPECTING_REPLIES_BUCKET_MASK2 31
 
-// Size of PRNG stream buffer
-#define ZT_NODE_PRNG_BUF_SIZE 64
-
 namespace ZeroTier {
 
 class World;
@@ -312,13 +309,10 @@ private:
 
 	Mutex _backgroundTasksLock;
 
-	unsigned int _prngStreamPtr;
-	Salsa20 _prng;
-	uint64_t _prngStream[ZT_NODE_PRNG_BUF_SIZE]; // repeatedly encrypted with _prng to yield a high-quality non-crypto PRNG stream
-
 	uint64_t _now;
 	uint64_t _lastPingCheck;
 	uint64_t _lastHousekeepingRun;
+	volatile uint64_t _prngState[2];
 	bool _online;
 };
 

node/Salsa20.cpp

@@ -10,8 +10,6 @@
 #include "Constants.hpp"
 #include "Salsa20.hpp"
 
-#ifndef ZT_USE_LIBSODIUM
-
 #define ROTATE(v,c) (((v) << (c)) | ((v) >> (32 - (c))))
 #define XOR(v,w) ((v) ^ (w))
 #define PLUS(v,w) ((uint32_t)((v) + (w)))
@@ -1345,5 +1343,3 @@ void Salsa20::crypt20(const void *in,void *out,unsigned int bytes)
 }
 
 } // namespace ZeroTier
-
-#endif // !ZT_USE_LIBSODIUM

node/Salsa20.hpp

@@ -15,77 +15,6 @@
 #include "Constants.hpp"
 #include "Utils.hpp"
 
-#ifdef ZT_USE_LIBSODIUM
-
-#include <sodium/crypto_stream_salsa20.h>
-#include <sodium/crypto_stream_salsa2012.h>
-
-namespace ZeroTier {
-
-/**
- * Salsa20 stream cipher
- */
-class Salsa20
-{
-public:
-	Salsa20() {}
-	~Salsa20() { Utils::burn(_k,sizeof(_k)); }
-
-	/**
-	 * @param key 256-bit (32 byte) key
-	 * @param iv 64-bit initialization vector
-	 */
-	Salsa20(const void *key,const void *iv)
-	{
-		memcpy(_k,key,32);
-		memcpy(&_iv,iv,8);
-	}
-
-	/**
-	 * Initialize cipher
-	 *
-	 * @param key Key bits
-	 * @param iv 64-bit initialization vector
-	 */
-	inline void init(const void *key,const void *iv)
-	{
-		memcpy(_k,key,32);
-		memcpy(&_iv,iv,8);
-	}
-
-	/**
-	 * Encrypt/decrypt data using Salsa20/12
-	 *
-	 * @param in Input data
-	 * @param out Output buffer
-	 * @param bytes Length of data
-	 */
-	inline void crypt12(const void *in,void *out,unsigned int bytes)
-	{
-		crypto_stream_salsa2012_xor(reinterpret_cast<unsigned char *>(out),reinterpret_cast<const unsigned char *>(in),bytes,reinterpret_cast<const unsigned char *>(&_iv),reinterpret_cast<const unsigned char *>(_k));
-	}
-
-	/**
-	 * Encrypt/decrypt data using Salsa20/20
-	 *
-	 * @param in Input data
-	 * @param out Output buffer
-	 * @param bytes Length of data
-	 */
-	inline void crypt20(const void *in,void *out,unsigned int bytes)
-	{
-		crypto_stream_salsa20_xor(reinterpret_cast<unsigned char *>(out),reinterpret_cast<const unsigned char *>(in),bytes,reinterpret_cast<const unsigned char *>(&_iv),reinterpret_cast<const unsigned char *>(_k));
-	}
-
-private:
-	uint64_t _k[4];
-	uint64_t _iv;
-};
-
-} // namespace ZeroTier
-
-#else // !ZT_USE_LIBSODIUM
-
 #if (!defined(ZT_SALSA20_SSE)) && (defined(__SSE2__) || defined(__WINDOWS__))
 #define ZT_SALSA20_SSE 1
 #endif
@@ -105,6 +34,11 @@ public:
 	Salsa20() {}
 	~Salsa20() { Utils::burn(&_state,sizeof(_state)); }
 
+	/**
+	 * If this returns true, crypt can only be done once
+	 */
+	static inline bool singleUseOnly() { return false; }
+
 	/**
 	 * @param key 256-bit (32 byte) key
 	 * @param iv 64-bit initialization vector
@@ -151,6 +85,4 @@ private:
 
 } // namespace ZeroTier
 
-#endif // ZT_USE_LIBSODIUM
-
 #endif

node/Utils.cpp

@@ -177,6 +177,7 @@ void Utils::getSecureRandom(void *buf,unsigned int bytes)
 			}
 			randomPtr = 0;
 			s20.crypt12(randomBuf,randomBuf,sizeof(randomBuf));
+			s20.init(randomBuf,randomBuf);
 		}
 		((uint8_t *)buf)[i] = randomBuf[randomPtr++];
 	}
@@ -209,6 +210,7 @@ void Utils::getSecureRandom(void *buf,unsigned int bytes)
 			}
 			randomPtr = 0;
 			s20.crypt12(randomBuf,randomBuf,sizeof(randomBuf));
+			s20.init(randomBuf,randomBuf);
 		}
 		((uint8_t *)buf)[i] = randomBuf[randomPtr++];
 	}