1 2 #ifndef sodium_utils_H 3 #define sodium_utils_H 4 5 #include <stddef.h> 6 7 #include "export.h" 8 9 #ifdef __cplusplus 10 extern "C" { 11 #endif 12 13 #ifndef SODIUM_C99 14 # if defined(__cplusplus) || !defined(__STDC_VERSION__) || __STDC_VERSION__ < 199901L 15 # define SODIUM_C99(X) 16 # else 17 # define SODIUM_C99(X) X 18 # endif 19 #endif 20 21 SODIUM_EXPORT 22 void sodium_memzero(void * const pnt, const size_t len); 23 24 SODIUM_EXPORT 25 void sodium_stackzero(const size_t len); 26 27 /* 28 * WARNING: sodium_memcmp() must be used to verify if two secret keys 29 * are equal, in constant time. 30 * It returns 0 if the keys are equal, and -1 if they differ. 31 * This function is not designed for lexicographical comparisons. 32 */ 33 SODIUM_EXPORT 34 int sodium_memcmp(const void * const b1_, const void * const b2_, size_t len) 35 __attribute__ ((warn_unused_result)); 36 37 /* 38 * sodium_compare() returns -1 if b1_ < b2_, 1 if b1_ > b2_ and 0 if b1_ == b2_ 39 * It is suitable for lexicographical comparisons, or to compare nonces 40 * and counters stored in little-endian format. 41 * However, it is slower than sodium_memcmp(). 42 */ 43 SODIUM_EXPORT 44 int sodium_compare(const unsigned char *b1_, const unsigned char *b2_, 45 size_t len) __attribute__ ((warn_unused_result)); 46 47 SODIUM_EXPORT 48 int sodium_is_zero(const unsigned char *n, const size_t nlen); 49 50 SODIUM_EXPORT 51 void sodium_increment(unsigned char *n, const size_t nlen); 52 53 SODIUM_EXPORT 54 void sodium_add(unsigned char *a, const unsigned char *b, const size_t len); 55 56 SODIUM_EXPORT 57 void sodium_sub(unsigned char *a, const unsigned char *b, const size_t len); 58 59 SODIUM_EXPORT 60 char *sodium_bin2hex(char * const hex, const size_t hex_maxlen, 61 const unsigned char * const bin, const size_t bin_len) 62 __attribute__ ((nonnull(1))); 63 64 SODIUM_EXPORT 65 int sodium_hex2bin(unsigned char * const bin, const size_t bin_maxlen, 66 const char * const hex, const size_t hex_len, 67 const char * const ignore, size_t * const bin_len, 68 const char ** const hex_end) 69 __attribute__ ((nonnull(1))); 70 71 #define sodium_base64_VARIANT_ORIGINAL 1 72 #define sodium_base64_VARIANT_ORIGINAL_NO_PADDING 3 73 #define sodium_base64_VARIANT_URLSAFE 5 74 #define sodium_base64_VARIANT_URLSAFE_NO_PADDING 7 75 76 /* 77 * Computes the required length to encode BIN_LEN bytes as a base64 string 78 * using the given variant. The computed length includes a trailing \0. 79 */ 80 #define sodium_base64_ENCODED_LEN(BIN_LEN, VARIANT) \ 81 (((BIN_LEN) / 3U) * 4U + \ 82 ((((BIN_LEN) - ((BIN_LEN) / 3U) * 3U) | (((BIN_LEN) - ((BIN_LEN) / 3U) * 3U) >> 1)) & 1U) * \ 83 (4U - (~((((VARIANT) & 2U) >> 1) - 1U) & (3U - ((BIN_LEN) - ((BIN_LEN) / 3U) * 3U)))) + 1U) 84 85 SODIUM_EXPORT 86 size_t sodium_base64_encoded_len(const size_t bin_len, const int variant); 87 88 SODIUM_EXPORT 89 char *sodium_bin2base64(char * const b64, const size_t b64_maxlen, 90 const unsigned char * const bin, const size_t bin_len, 91 const int variant) __attribute__ ((nonnull(1))); 92 93 SODIUM_EXPORT 94 int sodium_base642bin(unsigned char * const bin, const size_t bin_maxlen, 95 const char * const b64, const size_t b64_len, 96 const char * const ignore, size_t * const bin_len, 97 const char ** const b64_end, const int variant) 98 __attribute__ ((nonnull(1))); 99 100 SODIUM_EXPORT 101 int sodium_mlock(void * const addr, const size_t len) 102 __attribute__ ((nonnull)); 103 104 SODIUM_EXPORT 105 int sodium_munlock(void * const addr, const size_t len) 106 __attribute__ ((nonnull)); 107 108 /* WARNING: sodium_malloc() and sodium_allocarray() are not general-purpose 109 * allocation functions. 110 * 111 * They return a pointer to a region filled with 0xd0 bytes, immediately 112 * followed by a guard page. 113 * As a result, accessing a single byte after the requested allocation size 114 * will intentionally trigger a segmentation fault. 115 * 116 * A canary and an additional guard page placed before the beginning of the 117 * region may also kill the process if a buffer underflow is detected. 118 * 119 * The memory layout is: 120 * [unprotected region size (read only)][guard page (no access)][unprotected pages (read/write)][guard page (no access)] 121 * With the layout of the unprotected pages being: 122 * [optional padding][16-bytes canary][user region] 123 * 124 * However: 125 * - These functions are significantly slower than standard functions 126 * - Each allocation requires 3 or 4 additional pages 127 * - The returned address will not be aligned if the allocation size is not 128 * a multiple of the required alignment. For this reason, these functions 129 * are designed to store data, such as secret keys and messages. 130 * 131 * sodium_malloc() can be used to allocate any libsodium data structure. 132 * 133 * The crypto_generichash_state structure is packed and its length is 134 * either 357 or 361 bytes. For this reason, when using sodium_malloc() to 135 * allocate a crypto_generichash_state structure, padding must be added in 136 * order to ensure proper alignment. crypto_generichash_statebytes() 137 * returns the rounded up structure size, and should be prefered to sizeof(): 138 * state = sodium_malloc(crypto_generichash_statebytes()); 139 */ 140 141 SODIUM_EXPORT 142 void *sodium_malloc(const size_t size) 143 __attribute__ ((malloc)); 144 145 SODIUM_EXPORT 146 void *sodium_allocarray(size_t count, size_t size) 147 __attribute__ ((malloc)); 148 149 SODIUM_EXPORT 150 void sodium_free(void *ptr); 151 152 SODIUM_EXPORT 153 int sodium_mprotect_noaccess(void *ptr) __attribute__ ((nonnull)); 154 155 SODIUM_EXPORT 156 int sodium_mprotect_readonly(void *ptr) __attribute__ ((nonnull)); 157 158 SODIUM_EXPORT 159 int sodium_mprotect_readwrite(void *ptr) __attribute__ ((nonnull)); 160 161 SODIUM_EXPORT 162 int sodium_pad(size_t *padded_buflen_p, unsigned char *buf, 163 size_t unpadded_buflen, size_t blocksize, size_t max_buflen) 164 __attribute__ ((nonnull(2))); 165 166 SODIUM_EXPORT 167 int sodium_unpad(size_t *unpadded_buflen_p, const unsigned char *buf, 168 size_t padded_buflen, size_t blocksize) 169 __attribute__ ((nonnull(2))); 170 171 /* -------- */ 172 173 int _sodium_alloc_init(void); 174 175 #ifdef __cplusplus 176 } 177 #endif 178 179 #endif 180