Merge branch 'master' into update_hashes

Cargo.toml

@@ -27,6 +27,7 @@ coveralls = { repository = "sodiumoxide/sodiumoxide" }
 libc = { version = "^0.2.41" , default-features = false }
 libsodium-sys = { version = "0.2.1", path = "libsodium-sys" }
 serde = { version = "^1.0.59", default-features = false, optional = true }
+ctor = "0.1.7"
 
 [dev-dependencies]
 serde = "^1.0.59"

src/crypto/aead/aead_macros.rs

@@ -40,21 +40,13 @@ new_type! {
 }
 
 /// `gen_key()` randomly generates a secret key
-///
-/// THREAD SAFETY: `gen_key()` is thread-safe provided that you have
-/// called `sodiumoxide::init()` once before using any other function
-/// from sodiumoxide.
 pub fn gen_key() -> Key {
     let mut k = Key([0u8; KEYBYTES]);
     randombytes_into(&mut k.0);
     k
 }
 
 /// `gen_nonce()` randomly generates a nonce
-///
-/// THREAD SAFETY: `gen_key()` is thread-safe provided that you have
-/// called `sodiumoxide::init()` once before using any other function
-/// from sodiumoxide.
 pub fn gen_nonce() -> Nonce {
     let mut n = Nonce([0u8; NONCEBYTES]);
     randombytes_into(&mut n.0);

src/crypto/auth/auth_macros.rs

@@ -29,10 +29,6 @@ new_type! {
 }
 
 /// `gen_key()` randomly generates a key for authentication
-///
-/// THREAD SAFETY: `gen_key()` is thread-safe provided that you have
-/// called `sodiumoxide::init()` once before using any other function
-/// from sodiumoxide.
 pub fn gen_key() -> Key {
     let mut k = [0; KEYBYTES];
     randombytes_into(&mut k);

src/crypto/auth/auth_state_macros.rs

@@ -84,7 +84,7 @@ mod test_s {
             let k = gen_key();
             let m = randombytes(i);
             let tag = authenticate(&m, &k);
-            let mut state = State::init(&k[..]);
+            let mut state = State::init(k.as_ref());
             state.update(&m);
             let tag2 = state.finalize();
             assert_eq!(tag, tag2);
@@ -98,7 +98,7 @@ mod test_s {
             let k = gen_key();
             let m = randombytes(i);
             let tag = authenticate(&m, &k);
-            let mut state = State::init(&k[..]);
+            let mut state = State::init(k.as_ref());
             for c in m.chunks(1) {
                 state.update(c);
             }

src/crypto/box_/curve25519xsalsa20poly1305.rs

@@ -81,10 +81,6 @@ new_type! {
 }
 
 /// `gen_keypair()` randomly generates a secret key and a corresponding public key.
-///
-/// THREAD SAFETY: `gen_keypair()` is thread-safe provided that you have
-/// called `sodiumoxide::init()` once before using any other function
-/// from sodiumoxide.
 pub fn gen_keypair() -> (PublicKey, SecretKey) {
     unsafe {
         let mut pk = PublicKey([0u8; PUBLICKEYBYTES]);
@@ -95,10 +91,6 @@ pub fn gen_keypair() -> (PublicKey, SecretKey) {
 }
 
 /// `key_pair_from_seed()` deterministically derives a key pair from a single key seed (crypto_box_SEEDBYTES bytes).
-///
-/// THREAD SAFETY: `key_pair_from_seed()` is thread-safe provided that you have
-/// called `sodiumoxide::init()` once before using any other function
-/// from sodiumoxide.
 pub fn keypair_from_seed(seed: &Seed) -> (PublicKey, SecretKey) {
     unsafe {
         let mut pk = PublicKey([0u8; PUBLICKEYBYTES]);
@@ -113,10 +105,6 @@ pub fn keypair_from_seed(seed: &Seed) -> (PublicKey, SecretKey) {
 }
 
 /// `gen_nonce()` randomly generates a nonce
-///
-/// THREAD SAFETY: `gen_nonce()` is thread-safe provided that you have
-/// called `sodiumoxide::init()` once before using any other function
-/// from sodiumoxide.
 pub fn gen_nonce() -> Nonce {
     let mut n = [0; NONCEBYTES];
     randombytes_into(&mut n);

src/crypto/kx/x25519blake2b.rs

@@ -44,10 +44,6 @@ new_type! {
 
 /// `gen_keypair()` randomly generates a secret key and a corresponding public
 /// key.
-///
-/// THREAD SAFETY: `gen_keypair()` is thread-safe provided that you have
-/// called `sodiumoxide::init()` once before using any other function
-/// from sodiumoxide.
 pub fn gen_keypair() -> (PublicKey, SecretKey) {
     unsafe {
         let mut pk = PublicKey([0u8; PUBLICKEYBYTES]);

src/crypto/pwhash/argon2_macros.rs

@@ -76,9 +76,6 @@ new_type! {
 }
 
 /// `gen_salt()` randomly generates a new `Salt` for key derivation
-///
-/// THREAD SAFETY: `gen_salt()` is thread-safe provided that you have called
-/// `sodiumoxide::init()` once before using any other function from sodiumoxide.
 pub fn gen_salt() -> Salt {
     let mut salt = Salt([0; SALTBYTES]);
     randombytes_into(&mut salt.0);

src/crypto/pwhash/mod.rs

@@ -47,7 +47,7 @@
 //! let pwh = pwhash::pwhash(passwd,
 //!                          pwhash::OPSLIMIT_INTERACTIVE,
 //!                          pwhash::MEMLIMIT_INTERACTIVE).unwrap();
-//! let pwh_bytes = &pwh[..];
+//! let pwh_bytes = pwh.as_ref();
 //! //store pwh_bytes somewhere
 //! ```
 //!

src/crypto/pwhash/scryptsalsa208sha256.rs

@@ -61,9 +61,6 @@ new_type! {
 }
 
 /// `gen_salt()` randombly generates a new `Salt` for key derivation
-///
-/// THREAD SAFETY: `gen_salt()` is thread-safe provided that you have called
-/// `sodiumoxide::init()` once before using any other function from sodiumoxide.
 pub fn gen_salt() -> Salt {
     let mut salt = Salt([0; SALTBYTES]);
     randombytes_into(&mut salt.0);

src/crypto/secretbox/xsalsa20poly1305.rs

@@ -42,21 +42,13 @@ new_type! {
 pub const MACBYTES: usize = ffi::crypto_secretbox_xsalsa20poly1305_MACBYTES as usize;
 
 /// `gen_key()` randomly generates a secret key
-///
-/// THREAD SAFETY: `gen_key()` is thread-safe provided that you have
-/// called `sodiumoxide::init()` once before using any other function
-/// from sodiumoxide.
 pub fn gen_key() -> Key {
     let mut key = [0; KEYBYTES];
     randombytes_into(&mut key);
     Key(key)
 }
 
 /// `gen_nonce()` randomly generates a nonce
-///
-/// THREAD SAFETY: `gen_key()` is thread-safe provided that you have
-/// called `sodiumoxide::init()` once before using any other function
-/// from sodiumoxide.
 pub fn gen_nonce() -> Nonce {
     let mut nonce = [0; NONCEBYTES];
     randombytes_into(&mut nonce);

src/crypto/secretstream/secretstream_macros.rs

@@ -113,10 +113,6 @@ new_type! {
 }
 
 /// `gen_key()` randomly generates a secret key
-///
-/// THREAD SAFETY: `gen_key()` is thread-safe provided that you have
-/// called `sodiumoxide::init()` once before using any other function
-/// from sodiumoxide.
 pub fn gen_key() -> Key {
     let mut key = [0; KEYBYTES];
     randombytes_into(&mut key);

src/crypto/shorthash/siphash24.rs

@@ -23,10 +23,6 @@ new_type! {
 }
 
 /// `gen_key()` randomly generates a key for shorthash
-///
-/// THREAD SAFETY: `gen_key()` is thread-safe provided that you have
-/// called `sodiumoxide::init()` once before using any other function
-/// from sodiumoxide.
 pub fn gen_key() -> Key {
     let mut k = [0; KEYBYTES];
     randombytes_into(&mut k);

src/crypto/sign/ed25519.rs

@@ -53,10 +53,6 @@ new_type! {
 
 /// `gen_keypair()` randomly generates a secret key and a corresponding public
 /// key.
-///
-/// THREAD SAFETY: `gen_keypair()` is thread-safe provided that you have
-/// called `sodiumoxide::init()` once before using any other function
-/// from sodiumoxide.
 pub fn gen_keypair() -> (PublicKey, SecretKey) {
     let mut pk = PublicKey([0u8; PUBLICKEYBYTES]);
     let mut sk = SecretKey([0u8; SECRETKEYBYTES]);
@@ -338,7 +334,7 @@ mod test {
             let m = x2.from_hex().unwrap();
             let sm = sign(&m, &sk);
             verify(&sm, &pk).unwrap();
-            assert!(x1 == pk[..].to_hex());
+            assert!(x1 == pk.as_ref().to_hex());
             assert!(x3 == sm.to_hex());
         }
     }
@@ -369,8 +365,8 @@ mod test {
             let m = x2.from_hex().unwrap();
             let sig = sign_detached(&m, &sk);
             assert!(verify_detached(&sig, &m, &pk));
-            assert!(x1 == pk[..].to_hex());
-            let sm = sig[..].to_hex() + x2; // x2 is m hex encoded
+            assert!(x1 == pk.as_ref().to_hex());
+            let sm = sig.as_ref().to_hex() + x2; // x2 is m hex encoded
             assert!(x3 == sm);
         }
     }
@@ -448,7 +444,7 @@ mod test {
 
             assert!(validator_state.verify(&sig, &pk));
 
-            assert_eq!(x1, pk[..].to_hex());
+            assert_eq!(x1, pk.as_ref().to_hex());
         }
     }
 

src/crypto/stream/stream_macros.rs

@@ -28,10 +28,6 @@ new_type! {
 }
 
 /// `gen_key()` randomly generates a key for symmetric encryption
-///
-/// THREAD SAFETY: `gen_key()` is thread-safe provided that you have
-/// called `sodiumoxide::init()` once before using any other function
-/// from sodiumoxide.
 pub fn gen_key() -> Key {
     let mut key = [0; KEYBYTES];
     randombytes_into(&mut key);
@@ -40,10 +36,6 @@ pub fn gen_key() -> Key {
 
 /// `gen_nonce()` randomly generates a nonce for symmetric encryption
 ///
-/// THREAD SAFETY: `gen_nonce()` is thread-safe provided that you have
-/// called `sodiumoxide::init()` once before using any other function
-/// from sodiumoxide.
-///
 /// NOTE: When using primitives with short nonces (e.g. salsa20, salsa208, salsa2012)
 /// do not use random nonces since the probability of nonce-collision is not negligible
 pub fn gen_nonce() -> Nonce {

src/lib.rs

@@ -61,6 +61,8 @@
 
 extern crate libsodium_sys as ffi;
 
+#[macro_use]
+extern crate ctor;
 extern crate libc;
 #[cfg(test)]
 extern crate rustc_serialize;
@@ -89,6 +91,10 @@ mod prelude {
 /// thread-safe
 ///
 /// `init()` returns `Ok` if initialization succeeded and `Err` if it failed.
+#[deprecated(
+    since = "0.2.2",
+    note = "libsodium is automatically initialized by sodiumoxide now."
+)]
 pub fn init() -> Result<(), ()> {
     if unsafe { ffi::sodium_init() } >= 0 {
         Ok(())
@@ -97,6 +103,13 @@ pub fn init() -> Result<(), ()> {
     }
 }
 
+#[ctor]
+fn init_real() {
+    unsafe {
+        ffi::sodium_init();
+    }
+}
+
 #[macro_use]
 mod newtype_macros;
 pub mod randombytes;

src/newtype_macros.rs

@@ -39,7 +39,7 @@ macro_rules! newtype_traits (($newtype:ident, $len:expr) => (
         fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
             where S: ::serde::Serializer
         {
-            serializer.serialize_bytes(&self[..])
+            serializer.serialize_bytes(&self.as_ref())
         }
     }
 
@@ -75,12 +75,20 @@ macro_rules! newtype_traits (($newtype:ident, $len:expr) => (
         }
     }
 
+    impl AsRef<[u8]> for $newtype {
+        #[inline]
+        fn as_ref(&self) -> &[u8] {
+            &self.0
+        }
+    }
+
     /// Allows a user to access the byte contents of an object as a slice.
     ///
     /// WARNING: it might be tempting to do comparisons on objects
     /// by using `x[a..b] == y[a..b]`. This will open up for timing attacks
     /// when comparing for example authenticator tags. Because of this only
     /// use the comparison functions exposed by the sodiumoxide API.
+    #[deprecated(since="0.2.2", note="Use the `AsRef` or `AsMut` implementation instead")]
     impl ::std::ops::Index<::std::ops::Range<usize>> for $newtype {
         type Output = [u8];
         fn index(&self, _index: ::std::ops::Range<usize>) -> &[u8] {
@@ -93,6 +101,7 @@ macro_rules! newtype_traits (($newtype:ident, $len:expr) => (
     /// by using `x[..b] == y[..b]`. This will open up for timing attacks
     /// when comparing for example authenticator tags. Because of this only
     /// use the comparison functions exposed by the sodiumoxide API.
+    #[deprecated(since="0.2.2", note="Use the `AsRef` or `AsMut` implementation instead")]
     impl ::std::ops::Index<::std::ops::RangeTo<usize>> for $newtype {
         type Output = [u8];
         fn index(&self, _index: ::std::ops::RangeTo<usize>) -> &[u8] {
@@ -105,6 +114,7 @@ macro_rules! newtype_traits (($newtype:ident, $len:expr) => (
     /// by using `x[a..] == y[a..]`. This will open up for timing attacks
     /// when comparing for example authenticator tags. Because of this only
     /// use the comparison functions exposed by the sodiumoxide API.
+    #[deprecated(since="0.2.2", note="Use the `AsRef` or `AsMut` implementation instead")]
     impl ::std::ops::Index<::std::ops::RangeFrom<usize>> for $newtype {
         type Output = [u8];
         fn index(&self, _index: ::std::ops::RangeFrom<usize>) -> &[u8] {
@@ -117,6 +127,7 @@ macro_rules! newtype_traits (($newtype:ident, $len:expr) => (
     /// by using `x[] == y[]`. This will open up for timing attacks
     /// when comparing for example authenticator tags. Because of this only
     /// use the comparison functions exposed by the sodiumoxide API.
+    #[deprecated(since="0.2.2", note="Use the `AsRef` or `AsMut` implementation instead")]
     impl ::std::ops::Index<::std::ops::RangeFull> for $newtype {
         type Output = [u8];
         fn index(&self, _index: ::std::ops::RangeFull) -> &[u8] {
@@ -126,12 +137,6 @@ macro_rules! newtype_traits (($newtype:ident, $len:expr) => (
     ));
 
 macro_rules! public_newtype_traits (($newtype:ident) => (
-    impl AsRef<[u8]> for $newtype {
-        #[inline]
-        fn as_ref(&self) -> &[u8] {
-            &self[..]
-        }
-    }
     impl ::std::cmp::PartialOrd for $newtype {
         #[inline]
         fn partial_cmp(&self,
@@ -240,7 +245,7 @@ macro_rules! new_type {
         impl ::std::fmt::Debug for $name {
             fn fmt(&self,
                    formatter: &mut ::std::fmt::Formatter) -> ::std::fmt::Result {
-                write!(formatter, "{}({:?})", stringify!($name), &self[..])
+                write!(formatter, "{}({:?})", stringify!($name), self.as_ref())
             }
         }
         );
@@ -286,7 +291,7 @@ macro_rules! new_type {
         impl ::std::fmt::Debug for $name {
             fn fmt(&self,
                    formatter: &mut ::std::fmt::Formatter) -> ::std::fmt::Result {
-                write!(formatter, "{}({:?})", stringify!($name), &self[..])
+                write!(formatter, "{}({:?})", stringify!($name), self.as_ref())
             }
         }
         );