aboutsummaryrefslogtreecommitdiff
path: root/src/crypto (follow)
AgeCommit message (Collapse)AuthorFilesLines
2020-12-04crypto: fix non zero scalar being 0 after reducingmoneromooo-monero1-4/+8
2020-09-06Merge pull request #6111Riccardo Spagni1-4/+46
d20ff4f64 functional_tests: add a large (many randomx epochs) p2p reorg test (moneromooo-monero) 6a0b3b1f8 functional_tests: add randomx tests (moneromooo-monero) 9d42649d5 core: fix mining from a block that's not the current top (moneromooo-monero)
2020-08-27functional_tests: add randomx testsmoneromooo-monero1-4/+46
2020-08-27CLSAG signaturesSarang Noether2-0/+102
2020-08-16Merge pull request #6337Alexander Blair4-0/+152
a11ec4ac1 Support for supercop ASM in wallet, and benchmark for supercop (Lee Clagett)
2020-08-09Updates InProofV1, OutProofV1, and ReserveProofV1 to new V2 variants that ↵Sarang Noether2-9/+137
include all public proof parameters in Schnorr challenges, along with hash function domain separators. Includes new randomized unit tests.
2020-07-19Merge pull request #6538Alexander Blair1-10/+2
7178bb5c8 keccak: remove aligned check (moneromooo-monero)
2020-05-16keccak: remove aligned checkmoneromooo-monero1-10/+2
Some tools report the alignment check as UB, which seems a bit dubious, but since the performance difference between the two versions is minimal, I'll go with the safe version
2020-05-16Support for supercop ASM in wallet, and benchmark for supercopLee Clagett4-0/+152
2020-05-06Update copyright year to 2020SomaticFanatic33-33/+33
Update copyright year to 2020
2020-05-05Merge pull request #6441luigi11111-0/+6
613071f use memwipe on secret k/alpha values (moneromooo-monero)
2020-04-15use memwipe on secret k/alpha valuesmoneromooo-monero1-0/+6
Reported by UkoeHB_ and sarang
2020-03-31Merge pull request #6298luigi11111-0/+4
fe92fa1 [randomx] Add missing randomx_vm_set_cache() (cohcho)
2020-03-26Adding Dandelion++ support to public networks:Lee Clagett1-0/+70
- New flag in NOTIFY_NEW_TRANSACTION to indicate stem mode - Stem loops detected in tx_pool.cpp - Embargo timeout for a blackhole attack during stem phase
2020-02-28Merge pull request #6223Alexander Blair1-7/+14
c3613031 Silence miner debugmsg spam (Howard Chu)
2020-01-17[randomx] Add missing randomx_vm_set_cache()cohcho1-0/+4
2019-12-09Silence miner debugmsg spamHoward Chu1-7/+14
Don't try to allocate the dataset repeatedly if it has already failed.
2019-11-13Replace memset with memwipe.Bert Peters1-4/+5
2019-10-13RandomX: update to v1.1.4tevador1-76/+30
* Faster cache initialization with SSSE3/AVX2 * Automatic detection of CPU capabilities in RandomX * Fixed a possible out-of-bounds access in superscalar program generator * Use MONERO_RANDOMX_UMASK to manually disable RandomX flags in monerod
2019-10-07Fix for miners on reorgHoward Chu1-1/+4
Make sure dataset gets re-init'd if a reorg changes the epoch
2019-10-05Update to RandomX v1.1.3, simplifyHoward Chu1-19/+2
We don't need to detect if the cache has changed, just always call to set it on the VM. The call will be a no-op if the cache hasn't changed.
2019-10-03Fix randomx cache selection for RPCsHoward Chu1-12/+28
Was using the wrong cache slot, and returning invalid PoW hashes to RPC clients
2019-09-25RandomX integrationHoward Chu5-7/+446
Support RandomX PoW algorithm
2019-09-24Merge pull request #5877luigi11111-3/+2
2cd4fd8 Changed the use of boost:value_initialized for C++ list initializer (JesusRami) 4ad191f Removed unused boost/value_init header (whyamiroot) 928f4be Make null hash constants constexpr (whyamiroot)
2019-09-05Make null hash constants constexprLev Sizov1-2/+2
Simplify m_template initialization in miner
2019-09-04slow-hash: fix CNv2+ on big endianmoneromooo-monero1-3/+3
2019-09-02Removed unused boost/value_init headerLev Sizov1-1/+0
2019-09-02Changed the use of boost:value_initialized for C++ list initializerJesus Ramirez1-2/+2
2019-08-27Merge pull request #5609luigi11114-2/+30
1dc3b1a wallet: add --extra-entropy command line flag (moneromooo-monero)
2019-08-22wallet: add --extra-entropy command line flagmoneromooo-monero4-2/+30
It lets the user add custom entropy to the PRNG. It does this by hashing the new data and xoring the resulting hash with the PRNG state.
2019-08-21Merge pull request #5807luigi11111-2/+0
4b1df4e Fix for biased signature nonce (SarangNoether)
2019-08-21Merge pull request #5731luigi11111-3/+3
c393e82 CryptonightR_JIT: fix return value on error (selene-kovri)
2019-08-12Fix for biased signature nonceSarang Noether1-2/+0
2019-07-24Merge pull request #5624luigi11111-1/+0
6b41bd8 Delete more include string.h (wepeng)
2019-07-24Merge pull request #5502luigi11111-1/+0
25a7cfd add a few checks where it seems appropriate (moneromooo-monero) 1a66a86 remove unused code (moneromooo-monero)
2019-07-04keccak: guard against misaligned memory accesses on ARMmoneromooo-monero1-3/+6
The code generated is exactly the same as the direct access one on x86_64
2019-07-04CryptonightR_JIT: fix return value on errorselene1-3/+3
The value was positive rather than zero, but the caller only checks for negative errors
2019-06-14ensure no NULL is passed to memcpymoneromooo-monero1-1/+2
NULL is valid when size is 0, but memcpy uses nonnull attributes, so let's not poke the bear
2019-06-14tree-hash: allocate variable memory on heap, not stackmoneromooo-monero1-5/+7
Large amounts might run out of stack Reported by guidov
2019-06-11Delete more include string.hYour Name1-1/+0
2019-04-29remove unused codemoneromooo-monero1-1/+0
2019-04-04crypto: replace rand<T>()%N idiom with unbiased rand_idx(N)stoffu1-0/+27
2019-03-24Fix build on FreeBSDNathan Dorfman1-1/+1
2019-03-21Merge pull request #5252Riccardo Spagni1-27/+31
7ac33342 slow-hash: cache TLS references locally once at function start (moneromooo-monero)
2019-03-21Merge pull request #5251Riccardo Spagni2-9/+24
7632dede crypto: fix PaX issue on NetBSD with CNv4 JIT (moneromooo-monero) 89b1630e gtest: build fix for NetBSD (moneromooo-monero) fa43b547 tests: handle any cmake detected python interpreter (moneromooo-monero)
2019-03-21Merge pull request #5250Riccardo Spagni1-4/+4
a48e49aa aesb: avoid stomping on an existing define on NetBSD (moneromooo-monero)
2019-03-21Merge pull request #5213Riccardo Spagni1-1/+1
efb2bdd3 slow-hash: default to JIT on x86_64 (moneromooo-monero)
2019-03-21Merge pull request #5211Riccardo Spagni3-0/+142
c9b13fbb tests/trezor: HF9 and HF10 tests (Dusan Klinec) a1fd1d49 device/trezor: HF10 support added, wallet::API (Dusan Klinec) d74d26f2 crypto: hmac_keccak added (Dusan Klinec)
2019-03-21slow-hash: default to JIT on x86_64moneromooo-monero1-1/+1
2019-03-20crypto: hmac_keccak addedDusan Klinec3-0/+142
2019-03-17Merge pull request #5192Riccardo Spagni1-12/+2
d0e07b3d performance_tests: fix NetBSD build (moneromooo-monero) 7d88d8f2 discontinue use of alloca (moneromooo-monero)
2019-03-07slow-hash: cache TLS references locally once at function startmoneromooo-monero1-27/+31
2019-03-07crypto: fix PaX issue on NetBSD with CNv4 JITmoneromooo-monero2-9/+24
2019-03-07aesb: avoid stomping on an existing define on NetBSDmoneromooo-monero1-4/+4
2019-03-05Update 2019 copyrightbinaryFate31-31/+31
2019-03-05CryptonightR: define out i386/x86_64 specific code on other archsmoneromooo-monero2-0/+8
2019-03-05slow-hash: fix build on armmoneromooo-monero4-27/+42
2019-03-04tests: add a CNv4 JIT testmoneromooo-monero1-7/+8
2019-03-04crypto: plug CNv4 JIT into cn_slow_hashmoneromooo-monero2-3/+100
Enabled by setting the MONERO_USE_CNV4_JIT env var to 1
2019-03-04crypto: clear cache after generating random programmoneromooo-monero1-0/+3
2019-03-04CNv4 JIT compiler for x86-64 and testsSChernykh4-0/+2746
Minimalistic JIT code generator for random math sequence in CryptonightR. Usage: - Allocate writable and executable memory - Call v4_generate_JIT_code with "buf" pointed to memory allocated on the previous step - Call the generated code instead of "v4_random_math(code, r)", omit the "code" parameter
2019-02-25discontinue use of allocamoneromooo-monero1-12/+2
NetBSD emits: warning: Warning: reference to the libc supplied alloca(3); this most likely will not work. Please use the compiler provided version of alloca(3), by supplying the appropriate compiler flags (e.g. not -std=c89). and man 3 alloca says: Normally, gcc(1) translates calls to alloca() with inlined code. This is not done when either the -ansi, -std=c89, -std=c99, or the -std=c11 option is given and the header <alloca.h> is not included. Otherwise, (without an -ansi or -std=c* option) the glibc version of <stdlib.h> includes <alloca.h> and that contains the lines: #ifdef __GNUC__ #define alloca(size) __builtin_alloca (size) #endif It looks like alloca is a bad idea in modern C/C++, so we use VLAs for C and std::vector for C++.
2019-02-14Fixed path to int-util.hSChernykh1-1/+1
2019-02-14Adding cnv4-2 tweaksSChernykh2-39/+79
Co-Authored-By: Lee Clagett <vtnerd@users.noreply.github.com>
2019-02-14Cryptonight variant 4 aka CryptonightRSChernykh5-16/+507
It introduces random integer math into the main loop.
2018-12-04move int-util.h to epeemoneromooo-monero7-7/+7
2018-12-04Merge pull request #4854Riccardo Spagni2-4/+0
bd98e99c Removed a lot of unnecessary includes (Martijn Otto)
2018-11-16slow-hash: some more big endian fixesxiphon1-6/+6
2018-11-16slow-hash: fix for big endianmoneromooo-monero1-20/+21
2018-11-15Removed a lot of unnecessary includesMartijn Otto2-4/+0
2018-11-14Merge pull request #4757Riccardo Spagni1-0/+7
db24a2e5 hash: fix hash_permutation on big endian (moneromooo-monero)
2018-11-14Merge pull request #4755Riccardo Spagni1-2/+3
42d8d508 crypto: fix AES encryption on big endian (xiphon)
2018-11-06Merge pull request #4711Riccardo Spagni1-5/+2
c4fbfd78 Small function declaration cleanup in slow-hash.c (Pol Mauri)
2018-10-31crypto: fix AES encryption on big endianxiphon1-2/+3
2018-10-29hash: fix hash_permutation on big endianmoneromooo-monero1-0/+7
2018-10-25crypto: fixed groestl on big-endian platformsxiphon2-47/+91
2018-10-23Small function declaration cleanup in slow-hash.cPol Mauri1-5/+2
- These functions are declared twice in slow-hash.c. Remove one of the copies. - The declarations have the wrong return type, should be void, not int. Function definitions here: https://github.com/monero-project/monero/blob/1e74586ee99e4bd89626d2eb4d23883cd91f0f81/src/crypto/aesb.c#L151-L180 Test plan: make release-test
2018-10-22crypto: fixed incremental keccak API on big-endian platformsxiphon1-2/+3
2018-09-29Merge pull request #4449Riccardo Spagni1-2/+41
17142ec9 malloc scratchpad for all supported android archs (m2049r)
2018-09-22Merge pull request #4404Riccardo Spagni1-0/+20
f3cd51a1 cryptonote tweak v2.2 (Lee Clagett)
2018-09-22cryptonote tweak v2.2Lee Clagett1-0/+20
2018-09-21Merge pull request #4395Riccardo Spagni1-3/+8
9bf0105e Fixed Keccak implementation on big-endian platforms (Alexandro Sanchez)
2018-09-18Merge pull request #4357Riccardo Spagni1-1401/+3
8501b8df crypto_ops_builder: link to EdDSA/Ed25519 draft RFC (moneromooo-monero)
2018-09-17Fixed Keccak implementation on big-endian platformsAlexandro Sanchez1-3/+8
2018-09-14Merge pull request #4326Riccardo Spagni3-8/+10
bcda7adc NetBSD support (thomasvaughan)
2018-09-11NetBSD supportthomasvaughan3-8/+10
2018-09-11Merge pull request #4219Riccardo Spagni4-4/+35
9137ad2c blockchain: add a testnet v9 a day after v8 (moneromooo-monero) ac4f71c2 wallet2: bump testnet rollback to account for coming reorg (moneromooo-monero) 8f418a6d bulletproofs: #include <openssl/bn.h> (moneromooo-monero) 2bf63650 bulletproofs: speed up the latest changes a bit (moneromooo-monero) 044dff5a bulletproofs: scale points by 8 to ensure subgroup validity (moneromooo-monero) c83012c4 bulletproofs: match aggregated verification to sarang's latest prototype (moneromooo-monero) ce0c7432 performance_tests: add padded bulletproof construction (moneromooo-monero) 1224e53b core_tests: add a test for 4-aggregated BP verification (moneromooo-monero) 0e6ed559 fuzz_tests: add a bulletproof fuzz test (moneromooo-monero) 463434d1 more comprehensive test for ge_p3 comparison to identity/point at infinity (moneromooo-monero) d0a0565f unit_tests: add a few more multiexp unit tests (moneromooo-monero) 6526d87f core_tests: add a test for a tx with empty bulletproof (moneromooo-monero) a129bbd9 multiexp: fix maxscalar off by one (moneromooo-monero) 7ed496cc ringct: error out when hashToPoint* returns the point at infinity (moneromooo-monero) d1591853 cryptonote_basic: check output type before using it (moneromooo-monero) 61632dc1 ringct: prevent a potential very large allocation (moneromooo-monero) a4317e61 crypto: some paranoid checks in generate_signature/check_signature (moneromooo-monero) 7434df1c crypto: never return zero in random32_unbiased (moneromooo-monero) 0825e974 multiexp: fix wrong Bos-Coster result for 1 non trivial input (moneromooo-monero) a1359ad4 Check inputs to addKeys are in range (moneromooo-monero) fe0fa3b9 bulletproofs: reject x, y, z, or w[i] being zero (moneromooo-monero) 5ffb2ff9 v8: per byte fee, pad bulletproofs, fixed 11 ring size (moneromooo-monero) 869b3bf8 bulletproofs: a few fixes from the Kudelski review (moneromooo-monero) c4291762 bulletproofs: reject points not in the main subgroup (moneromooo-monero) 15697177 bulletproofs: speed up a few multiplies using existing Hi cache (moneromooo-monero) 0b05a0fa Add Pippenger cache and limit Straus cache size (moneromooo-monero) 51eb3bdc add pippenger unit tests (moneromooo-monero) b17b8db3 performance_tests: add stats and loop count multiplier options (moneromooo-monero) 7314d919 perf_timer: split timer class into a base one and a logging one (moneromooo-monero) d126a02b performance_tests: add aggregated bulletproof tx verification (moneromooo-monero) 263431c4 Pippenger multiexp (moneromooo-monero) 1ed0ed4d multiexp: cut down on memory allocations (moneromooo-monero) 1b867e7f precalc the ge_p3 representation of H (moneromooo-monero) ef56529f performance_tests: document the tested bulletproof layouts (moneromooo-monero) 30111780 unit_tests: a couple more bulletproof unit tests for gamma (moneromooo-monero) c444b1b2 require canonical multi output bulletproof layout (moneromooo-monero) 7e67c52f Add a define for the max number of bulletproof multi-outputs (moneromooo-monero) 2a8fcb42 Bulletproof aggregated verification and tests (moneromooo-monero) 126196b0 multiexp: some speedups (moneromooo-monero) 71d67bda aligned: aligned memory alloc/realloc/free (moneromooo-monero) cb9ecab1 performance_tests: add signature generation/verification (moneromooo-monero) bacf0a1e bulletproofs: add aggregated verification (moneromooo-monero) e895c3de make straus cached mode thread safe, and add tests for it (moneromooo-monero) 7f48bf05 multiexp: bos coster now works for just one point (moneromooo-monero) 9ce9f8ca bulletproofs: add multi output bulletproofs to rct (moneromooo-monero) f34e2e20 performance_tests: add tx checking tests with more than 2 outputs (moneromooo-monero) 0793184b performance_tests: add a --verbose flag, and default to terse (moneromooo-monero) 939bc223 add Straus multiexp (moneromooo-monero) 9ff6e6a0 ringct: add bos coster multiexp (moneromooo-monero) e9164bb3 bulletproofs: misc optimizations (moneromooo-monero) 112f32f0 performance_tests: add crypto ops (moneromooo-monero) f5d7b993 performance_tests: add bulletproofs (moneromooo-monero) 8f4ce989 performance_tests: add RingCT MLSAG gen/ver tests (moneromooo-monero) 1aa10c43 performance_tests: add (Borromean) range proofs (moneromooo-monero) aacfd6e3 bulletproofs: multi-output bulletproofs (moneromooo-monero) cb1cc757 performance_tests: don't override log level to 0 (moneromooo-monero)
2018-09-11more comprehensive test for ge_p3 comparison to identity/point at infinitymoneromooo-monero2-0/+15
Reported by QuarksLab.
2018-09-11crypto: some paranoid checks in generate_signature/check_signaturemoneromooo-monero1-1/+11
Reported by QuarksLab.
2018-09-11crypto: never return zero in random32_unbiasedmoneromooo-monero1-1/+1
This avoids problems when the caller can't deal with a zero walue, which happens often enough that it's worth nipping the problem in the bud.
2018-09-11bulletproofs: a few fixes from the Kudelski reviewmoneromooo-monero1-2/+1
- fix integer overflow in n_bulletproof_amounts - check input scalars are in range - remove use of environment variable to tweak straus performance - do not use implementation defined signed shift for signum
2018-09-11precalc the ge_p3 representation of Hmoneromooo-monero2-0/+7
2018-09-11Merge pull request #4218Riccardo Spagni2-54/+361
5fd83c13 Cryptonight variant 2 (SChernykh)
2018-09-09Cryptonight variant 2SChernykh2-54/+361
Contains two modifications to improve ASIC resistance: shuffle and integer math. Shuffle makes use of the whole 64-byte cache line instead of 16 bytes only, making Cryptonight 4 times more demanding for memory bandwidth. Integer math adds 64:32 bit integer division followed by 64 bit integer square root, adding large and unavoidable computational latency to the main loop. More details and performance numbers: https://github.com/SChernykh/xmr-stak-cpu/blob/master/README.md
2018-09-09crypto_ops_builder: link to EdDSA/Ed25519 draft RFCmoneromooo-monero1-1401/+3
instead of including the text, as it's not fully free to redistribute
2018-09-04Merge pull request #4259luigi11112-0/+88
4e08100 Incremental Keccak API added (pr4r05)
2018-08-23add and use constant time 32 byte equality functionmoneromooo-monero3-5/+26
2018-08-16crypto: make secret_key automatically mlockmoneromooo-monero2-6/+8
2018-08-15Merge pull request #4137luigi11112-3/+5
63e342b crypto: move null_pkey/null_skey to the cpp file (moneromooo-monero) 0496c7c crypto: do not use boost::value_initialized to init null skey/pkey (moneromooo-monero)
2018-08-15Incremental Keccak API addedDusan Klinec2-0/+88
- needed for TREZOR integration
2018-08-08wallet: allow adjusting number of rounds for the key derivation functionstoffu1-4/+8
2018-07-27Merge pull request #4097luigi11112-4/+25
61caab8 crypto: remove slight bias in key generation due to modulo (moneromooo-monero)
2018-07-20crypto: do not use boost::value_initialized to init null skey/pkeymoneromooo-monero2-3/+2
2018-07-19Merge pull request #4074luigi11111-6/+0
ef649f9 crypto: remove unused unsafe random scalar generator (moneromooo-monero)
2018-07-19Merge pull request #4045luigi11117-10/+10
7cdd147 Changed URLs to HTTPS (einsteinsfool)
2018-07-15crypto: move null_pkey/null_skey to the cpp filemoneromooo-monero2-2/+5
2018-07-05crypto: remove slight bias in key generation due to modulomoneromooo-monero2-4/+25
2018-06-28crypto: remove unused unsafe random scalar generatormoneromooo-monero1-6/+0
2018-06-23Changed URLs to HTTPSeinsteinsfool7-10/+10
2018-06-18crypto: add a README pointing to the SUPERCOP licencemoneromooo-monero1-0/+4
2018-05-31Merge pull request #3592luigi11112-10/+15
90a16b1 crypto: fix initialization order issue with random mutex (moneromooo-monero) 6a61f52 unit_tests: add ringdb unit tests (moneromooo-monero)
2018-05-13crypto: more places needing fixing for GCC 8.1moneroexamples1-10/+10
2018-05-13chacha: fix build with GCC 8.1moneromooo-monero1-2/+2
2018-04-24slow-hash: fix memory leak for Windows /karbowanec#41aivve1-1/+1
2018-04-10crypto: fix initialization order issue with random mutexmoneromooo-monero2-10/+15
2018-03-14chacha: call prehashed version explicitly as generate_chacha_key_prehashedstoffu4-16/+34
hash: add prehashed version cn_slow_hash_prehashed slow-hash: let cn_slow_hash take 4th parameter for deciding prehashed or not slow-hash: add support for prehashed version for the other 3 platforms
2018-03-14crypto: revert odd namespace changes made in #3303stoffu2-10/+1
2018-03-14device: untangle cyclic depenencystoffu3-89/+0
When #3303 was merged, a cyclic dependency chain was generated: libdevice <- libcncrypto <- libringct <- libdevice This was because libdevice needs access to a set of basic crypto operations implemented in libringct such as scalarmultBase(), while libringct also needs access to abstracted crypto operations implemented in libdevice such as ecdhEncode(). To untangle this cyclic dependency chain, this patch splits libringct into libringct_basic and libringct, where the basic crypto ops previously in libringct are moved into libringct_basic. The cyclic dependency is now resolved thanks to this separation: libcncrypto <- libringct_basic <- libdevice <- libcryptonote_basic <- libringct This eliminates the need for crypto_device.cpp and rctOps_device.cpp. Also, many abstracted interfaces of hw::device such as encrypt_payment_id() and get_subaddress_secret_key() were previously implemented in libcryptonote_basic (cryptonote_format_utils.cpp) and were then called from hw::core::device_default, which is odd because libdevice is supposed to be independent of libcryptonote_basic. Therefore, those functions were moved to device_default.cpp.
2018-03-14device: made function prototypes consistent with pre-#3303 codebasestoffu1-6/+2
2018-03-07slow-hash: fix uint64 type typomoneromooo-monero1-1/+1
2018-03-05tweaks to the monerov1 cryptonight algorithmLee Clagett1-16/+52
2018-03-05slow-hash: optimized versionSChernykh1-4/+4
2018-03-05Monero Cryptonight variants, and add one for v7moneromooo-monero4-12/+53
This is the first variant of many, with the intent to improve Monero's resistance to ASICs and encourage mining decentralization.
2018-03-05Correct spelling mistakes.Edward Betts1-1/+1
2018-03-04Code modifications to integrate Ledger HW device into monero-wallet-cli.cslashm7-6/+115
The basic approach it to delegate all sensitive data (master key, secret ephemeral key, key derivation, ....) and related operations to the device. As device has low memory, it does not keep itself the values (except for view/spend keys) but once computed there are encrypted (with AES are equivalent) and return back to monero-wallet-cli. When they need to be manipulated by the device, they are decrypted on receive. Moreover, using the client for storing the value in encrypted form limits the modification in the client code. Those values are transfered from one C-structure to another one as previously. The code modification has been done with the wishes to be open to any other hardware wallet. To achieve that a C++ class hw::Device has been introduced. Two initial implementations are provided: the "default", which remaps all calls to initial Monero code, and the "Ledger", which delegates all calls to Ledger device.
2018-02-16crypto: add missing include (WIN32)iDunk54001-0/+1
2018-02-16Merge pull request #3226Riccardo Spagni1-2/+3
e4646379 keccak: fix mdlen bounds sanity checking (moneromooo-monero) 2e3e90ac pass large parameters by const ref, not value (moneromooo-monero) 61defd89 blockchain: sanity check number of precomputed hash of hash blocks (moneromooo-monero) 9af6b2d1 ringct: fix infinite loop in unused h2b function (moneromooo-monero) 8cea8d0c simplewallet: double check a new multisig wallet is multisig (moneromooo-monero) 9b98a6ac threadpool: catch exceptions in dtor, to avoid terminate (moneromooo-monero) 24803ed9 blockchain_export: fix buffer overflow in exporter (moneromooo-monero) f3f7da62 perf_timer: rewrite to make it clear there is no division by zero (moneromooo-monero) c6ea3df0 performance_tests: remove add_arg call stray extra param (moneromooo-monero) fa6b4566 fuzz_tests: fix an uninitialized var in setup (moneromooo-monero) 03887f11 keccak: fix sanity check bounds test (moneromooo-monero) ad11db91 blockchain_db: initialize m_open in base class ctor (moneromooo-monero) bece67f9 miner: restore std::cout precision after modification (moneromooo-monero) 1aabd14c db_lmdb: check hard fork info drop succeeded (moneromooo-monero)
2018-02-16Merge pull request #3187Riccardo Spagni3-7/+33
851bd057 call _exit instead of abort in release mode (moneromooo-monero)
2018-02-16Merge pull request #3180Riccardo Spagni3-5/+15
1dfed567 Fixed #if instead of #ifdef (Matt Little) 7c442453 Support building cncrypto lib with msvc (Matt Little)
2018-02-07keccak: fix mdlen bounds sanity checkingmoneromooo-monero1-1/+2
found by h908714124
2018-02-02keccak: fix sanity check bounds testmoneromooo-monero1-1/+1
Nothing calls this with those inputs
2018-02-01call _exit instead of abort in release modemoneromooo-monero3-7/+33
Avoids cores being created, as they're nowadays often piped to some call home system
2018-01-27Merge pull request #3119Riccardo Spagni3-0/+157
c4f43779 crypto: add a ge_p3_identity constant (moneromooo-monero) 13b4c90e crypto: add scalar mult functions returning ge_p3 instead of ge_p2 (moneromooo-monero)
2018-01-26Update 2018 copyrightxmr-eric31-31/+31
2018-01-25Support building cncrypto lib with msvcMatt Little3-5/+15
2018-01-15crypto: add a ge_p3_identity constantmoneromooo-monero2-0/+2
2018-01-15crypto: add scalar mult functions returning ge_p3 instead of ge_p2moneromooo-monero2-0/+155
ge_scalarmult_p3 ge_double_scalarmult_precomp_vartime2_p3 ge_double_scalarmult_base_vartime_p3 This makes it possible to reuse the result without having to convert back to unsigned char[32] and back to ge types.
2018-01-10Merge pull request #2988Riccardo Spagni1-1/+1
8a4610c3 blake256: fix wrong hash when computed in parts (moneromooo-monero)
2018-01-10fix some link errors in debug mode for macosstoffu1-0/+1
2018-01-10move memwipe to epee to avoid common<->crypto circular dependenciesmoneromooo-monero2-2/+2
2017-12-25Add a chacha20 variant to go with chacha8moneromooo-monero3-17/+32
2017-12-22blake256: fix wrong hash when computed in partsmoneromooo-monero1-1/+1
This does not happen when used by the monero code
2017-12-16Scrub keys from memory just before scope end.moneromooo-monero2-17/+10
Partially implements #74. Securely erases keys from memory after they are no longer needed. Might have a performance impact, which I haven't measured (perf measurements aren't generally reliable on laptops). Thanks to @stoffu for the suggestion to specialize the pod_to_hex/hex_to_pod functions. Using overloads + SFINAE instead generalizes it so other types can be marked as scrubbed without adding more boilerplate.
2017-12-16Merge pull request #2860Riccardo Spagni1-2/+3
3dffe71b new wipeable_string class to replace std::string passphrases (moneromooo-monero) 7a2a5741 utils: initialize easylogging++ in on_startup (moneromooo-monero) 54950829 use memwipe in a few relevant places (moneromooo-monero) 000666ff add a memwipe function (moneromooo-monero)
2017-12-07add a version of ge_double_scalarmult_precomp_vartime with A precompmoneromooo-monero2-3/+9
2017-12-07sc_mul and sc_muladdluigi11112-0/+654
2017-11-27use memwipe in a few relevant placesmoneromooo-monero1-2/+3
2017-11-15Merge pull request #2771Riccardo Spagni2-4/+16
e3e838d0 kaccak: remove unused return value (moneromooo-monero) 4877aca2 keccak: some paranoid "can't happen" checks (moneromooo-monero)
2017-11-14make this build on SunOS/SolarisPavel Maryanov1-0/+5
2017-11-11kaccak: remove unused return valuemoneromooo-monero2-4/+2
2017-11-07keccak: some paranoid "can't happen" checksmoneromooo-monero1-0/+14
2017-10-15Merge pull request #2583Riccardo Spagni1-2/+2
27fdaaa4 Fix building with -DARCH=default -DNO_AES=ON (moneromooo-monero)
2017-10-07Subaddresseskenshi842-41/+111
2017-10-06Fix building with -DARCH=default -DNO_AES=ONmoneromooo-monero1-2/+2
2017-09-25move checkpoints in a separate librarymoneromooo-monero2-0/+35
2017-08-23crypto: use malloc instead of allocamoneromooo-monero1-10/+9
2017-06-22crypto: moved boost::lock_guard into a smaller scopestoffu1-4/+5
2017-06-22Signature proving payment to destination by only revealing key derivation, ↵stoffu2-0/+139
not the actual tx secret key
2017-06-08Fix #1991 asm multiply againHoward Chu1-16/+13
Tweak temp variables and constraints. Was working before if not inlined but newer gcc tends to inline it.
2017-05-23changed crypto to cncrypto so it generated libcncryptoGentian1-3/+3
fix a cmakelist
2017-04-12Clean up ARMv8-a aes_expand_key()hyc1-24/+16
The inline asm was lying about its parameters
2017-04-03IOS CMAKE build settingsJaquee1-1/+1
2017-03-25Silence warning about possibly uninitialized pointerGuillaume LE VAILLANT1-1/+1
2017-03-14Specify "524,288" iterations instead of "500,000"darentuzi1-5/+5
CryptoNight does exactly 524,288 iterations over the scratchpad as defined in CNS008, saying 500,000 could be confusing. I know its meant to give a rough idea (around 500k) to the reader but if you are reading the code, might as well know the exact number.
2017-02-21update copyright year, fix occasional lack of newline at line endRiccardo Spagni31-31/+31
2017-02-13Fix compiler error about nested externs in slow_hash.c by moving declarationsNanoAkron1-3/+3
2017-01-08Merge pull request #1510Riccardo Spagni3-4/+24
80abc3bc Build wallet with Android NDK (MoroccanMalinois)
2017-01-05Build wallet with Android NDKMoroccanMalinois3-4/+24
2016-12-22cleaner log calc algorithmfireice-uk1-20/+18
2016-12-15Preliminary support for DragonFly BSDAntonio Huete Jimenez4-4/+6
- It builds but no further testing has been done.
2016-12-10oaes_lib: fix a leak on OOM error pathmoneromooo-monero1-0/+3
found by coverity
2016-11-07wallet: fix output collision detection for view walletsmoneromooo-monero1-1/+1
View wallets do not have the spend secret key, and are thus unable to derive key images for incoming outputs. Moreover, a previous patch set key images to zero as a means to mark an output as having an unknown key image, so they could be filled in when importing key images at a later time. That later patch caused spurious collisions. We now use public keys to detect duplicate outputs. Public keys obtained from the blockchain are checked to be identical to the ones derived locally, so can't be spoofed.
2016-10-29Changed to ..._HASHBITS everywhere for consistencyNanoAkron1-2/+2
2016-09-26Dropped "bit" from bitmonero.Randi Joseph1-2/+2
2016-09-18cmake: transitive deps and remove deprecated LINK_*redfish1-0/+5
Keep the immediate direct deps at the library that depends on them, declare deps as PUBLIC so that targets that link against that library get the library's deps as transitive deps. Break dep cycle between blockchain_db <-> crytonote_core. No code refactoring, just hide cycle from cmake so that it doesn't complain (cycles are allowed only between static libs, not shared libs). This is in preparation for supproting BUILD_SHARED_LIBS cmake built-in option for building internal libs as shared.
2016-09-18crypto: armv7: slow-hash: remove redundant source includeredfish1-1/+0
aesb.c is already present in libcrypto as a standalone object. Tested: builds and runs fine on armv7, static and dynamic.
2016-09-16Add ARMv8-A AES supportHoward Chu1-42/+295
More than twice as fast as plain C code. Note that both ARMv7 and ARMv8 can be further improved with better use of NEON. Also tweak ARMv7 multiplier
2016-09-04crypto,cmake: enable ASM mul impl on ARM; add cmake optredfish2-3/+13
This was disabled earlier as part of diagnosing failing tests on ARM, which turned out to be due to aliasing, fixed by adding -fno-strict-aliasing. So, re-enabling it back.
2016-08-28rct amount key modified as per luigi1111's recommendationsmoneromooo-monero2-1/+6
This allows the key to be not the same for two outputs sent to the same address (eg, if you pay yourself, and also get change back). Also remove the key amounts lists and return parameters since we don't actually generate random ones, so we don't need to save them as we can recalculate them when needed if we have the correct keys.
2016-08-28crypto: error out where appropriatemoneromooo-monero1-2/+2
2016-08-28ringct: import of Shen Noether's ring confidential transactionsmoneromooo-monero5-13/+35
2016-06-19Merge pull request #846Riccardo Spagni3-13/+6
de030d9 fix: error: -Werror=misleading-indentation (moneroexample) c2d7300 contrib: epee: add exception spec to throwing destructors (redfish) 6898741 src: p2p: add exception spec to throwing destructors (redfish) 21dbc95 crypto: slow-hash: fix misleading indent (redfish) 70f3634 crypto: slow-hash: remove unused hash list for ARM (redfish) 1a7772f crypto: oaes_lib: remove unused _NR array (redfish) 6462a3a crypto: fix compile error: use named type in sizeof (redfish)
2016-05-25crypto: slow-hash: disable mul implemented in asm for ARMredfish1-2/+5
The implementation of mul in asm breaks 'slow-hash' test when built with GCC 6.1.1. Disable this implementation in favor of plain C until it is fixed.
2016-05-18crypto: slow-hash: fix misleading indentredfish1-1/+1
GCC warned about this one.
2016-05-18crypto: slow-hash: remove unused hash list for ARMredfish1-4/+0
This list is already defined within the function. The removed definition was shadowed.
2016-05-18crypto: oaes_lib: remove unused _NR arrayredfish1-4/+0
2016-05-18crypto: fix compile error: use named type in sizeofredfish1-4/+5
Btw, the warning 4200 remains disabled, but it did not get triggered (GCC 6.1.1, ARM). But, perhaps a better way than disabling the warning would be to do what is suggested here: http://stackoverflow.com/questions/3350852/how-to-correctly-fix-zero-sized-array-in-struct-union-warning-c4200-without%3E
2016-05-15crypto: make clear generate_random_bytes is not thread safemoneromooo-monero4-4/+11
And add a thread safe version to encourage proper use
2016-04-24random: call abort(3) instead of assert in must_succeed macromoneromooo-monero1-1/+1
Avoids silent use of bad RNG in release builds, in case those calls might actually fail. Reported by smooth.
2016-03-11minor tweaks, add readme for crypto_ops_builderRiccardo Spagni3-4/+25
2016-03-11Use boost::thread instead of std::threadHoward Chu2-10/+10
and all other associated IPC
2016-02-09crypto: only check MONERO_USE_SOFTWARE_AES oncemoneromooo-monero1-5/+15
2016-02-09crypto: use software AES based on the MONERO_USE_SOFTWARE_AES env varmoneromooo-monero1-1/+11
Setting to no or 0 also works. If set, any other value enables it. Useful for running with valgrind in cases where it fails at properly implementing AES-NI.
2016-01-21OpenBSD support for Monero.me0wmix4-9/+9
2016-01-11Fix arm asmHoward Chu1-24/+64
About 10% faster than plain C mul128 on raspi1B
2015-12-31updated copyright yearRiccardo Spagni30-30/+30
2015-12-15Replace tabs with two spaces for consistency with rest of codebasewarptangent2-162/+162
Remove trailing whitespace in same files.
2015-10-26renamed folderRiccardo Spagni174-4830/+0
2015-08-26Re-enable optimized slow-hash if someone is trying to compile w/MSVC ↵Javier Smooth1-1/+1
(disabling it was unintentional)
2015-08-24Merge pull request #385Riccardo Spagni174-0/+23117
0a4bc84 Added ref10 shen_ed25519_ref code, which includes code that can replace crypto-ops with a version straight from Bernstein's ref 10 (ShenNoether) 0d70fdc revert to 776b4fc91a821be152f0f23e6873aabb78a72029 (ShenNoether) b01f286 Added shen_ed25519_ref to crypto ops subfolder, the point is to directly have bitmonero's crypto code come from bernstein et al's ref 10 code (ShenNoether)