aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/src/crypto/curve25519.h (unfollow)
Commit message (Collapse)AuthorFilesLines
2018-06-16queueing: remove useless spinlocks on scJason A. Donenfeld3-5/+1
Since these are the only consumers, there's no need for locking.
2018-06-14tools: getentropy requires 10.12Jason A. Donenfeld1-1/+7
2018-06-14chacha20poly1305: use slow crypto on -rt kernels on arm tooJason A. Donenfeld1-1/+1
2018-06-13version: bump snapshot0.0.20180613Jason A. Donenfeld2-2/+2
2018-06-13chacha20poly1305: use slow crypto on -rt kernelsJason A. Donenfeld1-1/+1
In rt kernels, spinlocks call schedule(), which means preemption can't be disabled. The FPU disables preemption. Hence, we can either restructure things to move the calls to kernel_fpu_begin/end to be really close to the actual crypto routines, or we can do the slower lazier solution of just not using the FPU at all on -rt kernels. This patch goes with the latter lazy solution. The reason why we don't place the calls to kernel_fpu_begin/end close to the crypto routines in the first place is that they're very expensive, as it usually involves a call to XSAVE. So on sane kernels, we benefit from only having to call it once.
2018-06-08tools: support getentropy(3)Jason A. Donenfeld1-0/+11
2018-06-06tools: encoding: add missing static array constraintsJason A. Donenfeld3-5/+5
2018-06-04wg-quick: android: change name of intentJason A. Donenfeld1-1/+1
2018-06-02chacha20: add missing include to headerJason A. Donenfeld1-0/+1
2018-05-31wg-quick: android: delay setting users until endJason A. Donenfeld1-1/+6
`ndc users add` eventually invokes SOCK_DESTROY on user sockets, causing them to reconnect. By delaying this until after routes are set, we ensure that the sockets reconnect using the tunnel, rather than the old route.
2018-05-31version: bump snapshot0.0.20180531Jason A. Donenfeld2-2/+2
2018-05-31qemu: bump default versionJason A. Donenfeld1-1/+1
2018-05-31tools: constanter time encodingJason A. Donenfeld2-22/+28
2018-05-31device: do not assume dst is always validJason A. Donenfeld1-1/+1
The new flow offloading feature at the moment does not set the dst. We have a patch pending to fix this upstream, but in the meantime, work around it here.
2018-05-31poly1305: mips: compute S on flyRené van Dorst1-31/+22
This reduces memory access and the total opaque size. Signed-off-by: René van Dorst <opensource@vdorst.com>
2018-05-31chacha20poly1305: test for authtag failureJason A. Donenfeld1-3/+21
2018-05-31chacha20poly1305: test scattergather functions tooJason A. Donenfeld1-2/+44
2018-05-31crypto: consistent constificationJason A. Donenfeld6-23/+23
2018-05-31wg-quick: darwin: set DNS servers after delay on route changeJason A. Donenfeld1-2/+6
This works around a race condition in macOS's network daemons, while also adding one in the form of possibly calling kill -ALRM on a stale PID; unfortunately bash can't wait from a trap.
2018-05-31chacha20poly1305: combine stack variables into unionJason A. Donenfeld2-62/+64
2018-05-31chacha20poly1305: split up into separate filesJason A. Donenfeld10-627/+740
2018-05-29curve25519: x86_64: make symbol staticJason A. Donenfeld1-2/+2
2018-05-29curve25519: x86_64: satisfy sparseJason A. Donenfeld1-260/+260
2018-05-27wg-quick: freebsd: configure as p2p linkJason A. Donenfeld1-3/+5
2018-05-27wg-quick: darwin: add multiple IP addressesJason A. Donenfeld1-2/+2
2018-05-27wg-quick: determine IPs when saving interfaceJason A. Donenfeld3-12/+14
2018-05-24compat: don't clash with get_random_u32 backportsJason A. Donenfeld1-3/+2
Our previous heuristic wasn't good enough, since CopperheadOS backported CANARY_MASK without backporting get_random_u32, as Qualcomm did, so now we just entirely rename all invocations of the function.
2018-05-24version: bump snapshot0.0.20180524Jason A. Donenfeld2-2/+2
2018-05-24wg-quick: freebsd: work around security vulnerabilities in bashJason A. Donenfeld1-7/+29
2018-05-23wg-quick: allow enumeration of socket filesJason A. Donenfeld2-2/+2
These OSes have an unpriv'd ifconfig, so this isn't an even larger info leak.
2018-05-23wg-quick: better bash completion for non-renaming OSesJason A. Donenfeld1-5/+14
2018-05-23wg-quick: support FreeBSD/Darwin search pathJason A. Donenfeld4-16/+39
2018-05-23tools: always pass -v as first argument to installJason A. Donenfeld1-7/+7
This lets crippled OSes sed out our -v more easily.