Merge branch 'release/0.10' into develop

.circleci/config.yml

@@ -45,6 +45,8 @@ references:
         deb-src http://apt.llvm.org/trusty/ llvm-toolchain-trusty-6.0 main
         deb http://apt.llvm.org/trusty/ llvm-toolchain-trusty-7 main
         deb-src http://apt.llvm.org/trusty/ llvm-toolchain-trusty-7 main
+        deb http://apt.llvm.org/trusty/ llvm-toolchain-trusty-8 main
+        deb-src http://apt.llvm.org/trusty/ llvm-toolchain-trusty-8 main
         EOF
         sudo chmod o-w /etc/apt/sources.list.d/clang.list
 
@@ -57,8 +59,8 @@ references:
           # They aren't set automatically unfortunately
           sudo ln -s /usr/bin/$CC /usr/bin/clang
           sudo ln -s /usr/bin/$CXX /usr/bin/clang++
-          sudo ln -s /usr/bin/clang-tidy-7 /usr/bin/clang-tidy
+          sudo ln -s /usr/bin/clang-tidy-8 /usr/bin/clang-tidy
-          sudo ln -s /usr/bin/run-clang-tidy-7.py /usr/bin/run-clang-tidy.py
+          sudo ln -s /usr/bin/run-clang-tidy-8.py /usr/bin/run-clang-tidy.py
 
           # Need a c++14 compliant STL for clang
           sudo apt-get install -y g++-5
@@ -299,6 +301,30 @@ jobs:
       GTEST_ARGS: ""
       CMAKE_FLAGS: ""
       RUN_TESTS: true
+  gcc_9_debug:
+    <<: *job_definition
+    environment:
+      CC: gcc-9
+      CXX: g++-9
+      BUILD_TOOLSET: gcc
+      APT_COMPILER_PACKAGE: "g++-9"
+      CXXFLAGS: ""
+      BUILD_TYPE: "Debug"
+      GTEST_ARGS: ""
+      CMAKE_FLAGS: ""
+      RUN_TESTS: true
+  gcc_9_release:
+    <<: *job_definition
+    environment:
+      CC: gcc-9
+      CXX: g++-9
+      BUILD_TOOLSET: gcc
+      APT_COMPILER_PACKAGE: "g++-9"
+      CXXFLAGS: ""
+      BUILD_TYPE: "Release"
+      GTEST_ARGS: ""
+      CMAKE_FLAGS: ""
+      RUN_TESTS: true
   clang_4_debug:
     <<: *job_definition
     environment:
@@ -395,13 +421,37 @@ jobs:
       GTEST_ARGS: ""
       CMAKE_FLAGS: ""
       RUN_TESTS: true
+  clang_8_debug:
+    <<: *job_definition
+    environment:
+      CC: clang-8
+      CXX: clang++-8
+      BUILD_TOOLSET: clang
+      APT_COMPILER_PACKAGE: clang-8
+      CXXFLAGS: ""
+      BUILD_TYPE: "Debug"
+      GTEST_ARGS: ""
+      CMAKE_FLAGS: ""
+      RUN_TESTS: true
+  clang_8_release:
+    <<: *job_definition
+    environment:
+      CC: clang-8
+      CXX: clang++-8
+      BUILD_TOOLSET: clang
+      APT_COMPILER_PACKAGE: clang-8
+      CXXFLAGS: ""
+      BUILD_TYPE: "Release"
+      GTEST_ARGS: ""
+      CMAKE_FLAGS: ""
+      RUN_TESTS: true
   clang_werror:
     <<: *job_definition
     environment:
-      CC: clang-7
+      CC: clang-8
-      CXX: clang++-7
+      CXX: clang++-8
       BUILD_TOOLSET: clang
-      APT_COMPILER_PACKAGE: clang-7
+      APT_COMPILER_PACKAGE: clang-8
       CXXFLAGS: ""
       BUILD_TYPE: "Release"
       GTEST_ARGS: ""
@@ -410,10 +460,10 @@ jobs:
   gcc_werror:
     <<: *job_definition
     environment:
-      CC: gcc-8
+      CC: gcc-9
-      CXX: g++-8
+      CXX: g++-9
       BUILD_TOOLSET: gcc
-      APT_COMPILER_PACKAGE: "g++-8"
+      APT_COMPILER_PACKAGE: "g++-9"
       CXXFLAGS: ""
       BUILD_TYPE: "Release"
       GTEST_ARGS: ""
@@ -422,10 +472,10 @@ jobs:
   no_compatibility:
     <<: *job_definition
     environment:
-      CC: clang-7
+      CC: clang-8
-      CXX: clang++-7
+      CXX: clang++-8
       BUILD_TOOLSET: clang
-      APT_COMPILER_PACKAGE: clang-7
+      APT_COMPILER_PACKAGE: clang-8
       CXXFLAGS: "-DCRYFS_NO_COMPATIBILITY"
       BUILD_TYPE: "Debug"
       GTEST_ARGS: ""
@@ -434,10 +484,10 @@ jobs:
   address_sanitizer:
     <<: *job_definition
     environment:
-      CC: clang-7
+      CC: clang-8
-      CXX: clang++-7
+      CXX: clang++-8
       BUILD_TOOLSET: clang
-      APT_COMPILER_PACKAGE: clang-7
+      APT_COMPILER_PACKAGE: clang-8
       CXXFLAGS: "-O2 -fsanitize=address -fno-omit-frame-pointer -fno-common -fsanitize-address-use-after-scope"
       BUILD_TYPE: "Debug"
       ASAN_OPTIONS: "detect_leaks=1 check_initialization_order=1 detect_stack_use_after_return=1 detect_invalid_pointer_pairs=1 atexit=1"
@@ -448,10 +498,10 @@ jobs:
   ub_sanitizer:
     <<: *job_definition
     environment:
-      CC: clang-7
+      CC: clang-8
-      CXX: clang++-7
+      CXX: clang++-8
       BUILD_TOOLSET: clang
-      APT_COMPILER_PACKAGE: clang-7
+      APT_COMPILER_PACKAGE: clang-8
       CXXFLAGS: "-O2 -fno-sanitize-recover=undefined,nullability,implicit-conversion,unsigned-integer-overflow -fno-omit-frame-pointer -fno-common"
       BUILD_TYPE: "Debug"
       GTEST_ARGS: ""
@@ -460,10 +510,10 @@ jobs:
   thread_sanitizer:
     <<: *job_definition
     environment:
-      CC: clang-7
+      CC: clang-8
-      CXX: clang++-7
+      CXX: clang++-8
       BUILD_TOOLSET: clang
-      APT_COMPILER_PACKAGE: clang-7
+      APT_COMPILER_PACKAGE: clang-8
       OMP_NUM_THREADS: "1"
       CXXFLAGS: "-O2 -fsanitize=thread -fno-omit-frame-pointer"
       BUILD_TYPE: "Debug"
@@ -496,10 +546,10 @@ jobs:
     - store_artifacts:
         path: /tmp/clang-tidy-fixes
     environment:
-      CC: clang-7
+      CC: clang-8
-      CXX: clang++-7
+      CXX: clang++-8
       BUILD_TOOLSET: clang
-      APT_COMPILER_PACKAGE: "clang-7 clang-tidy-7"
+      APT_COMPILER_PACKAGE: "clang-8 clang-tidy-8"
 
 workflows:
   version: 2
@@ -522,6 +572,10 @@ workflows:
         <<: *enable_for_tags
     - gcc_8_release:
         <<: *enable_for_tags
+    - gcc_9_debug:
+        <<: *enable_for_tags
+    - gcc_9_release:
+        <<: *enable_for_tags
     - clang_4_debug:
         <<: *enable_for_tags
     - clang_4_release:
@@ -538,6 +592,10 @@ workflows:
         <<: *enable_for_tags
     - clang_7_release:
         <<: *enable_for_tags
+    - clang_8_debug:
+        <<: *enable_for_tags
+    - clang_8_release:
+        <<: *enable_for_tags
     - clang_werror:
         <<: *enable_for_tags
     - gcc_werror:

.clang-tidy

@@ -25,8 +25,13 @@ Checks: |
   -cppcoreguidelines-pro-bounds-array-to-pointer-decay,
   -cppcoreguidelines-pro-type-vararg,
   -cppcoreguidelines-avoid-goto,
+  -cppcoreguidelines-avoid-magic-numbers,
+  -cppcoreguidelines-macro-usage,
+  -cppcoreguidelines-non-private-member-variables-in-classes,
   -clang-analyzer-optin.cplusplus.VirtualCall,
+  -clang-analyzer-cplusplus.NewDeleteLeaks,
   -misc-macro-parentheses,
+  -misc-non-private-member-variables-in-classes,
   -misc-unused-raii
 WarningsAsErrors: '*'
 HeaderFilterRegex: '/src/|/test/'

CMakeSettings.json

@@ -7,7 +7,7 @@
       "inheritEnvironments": [ "msvc_x86" ],
       "buildRoot": "${env.USERPROFILE}\\CMakeBuilds\\${workspaceHash}\\build\\${name}",
       "installRoot": "${env.USERPROFILE}\\CMakeBuilds\\${workspaceHash}\\install\\${name}",
-      "cmakeCommandArgs": "-DBUILD_TESTING=on -DBOOST_ROOT=C:\\local\\boost_1_68_0 -DDOKAN_PATH=\"C:\\Program Files\\Dokan\\DokanLibrary-1.1.0\"",
+      "cmakeCommandArgs": "-DBUILD_TESTING=on -DBOOST_ROOT=C:\\local\\boost_1_68_0 -DDOKAN_PATH=\"C:\\Program Files\\Dokan\\Dokan Library-1.2.2\"",
       "buildCommandArgs": "-v",
       "ctestCommandArgs": ""
     },
@@ -18,7 +18,7 @@
       "inheritEnvironments": [ "msvc_x86" ],
       "buildRoot": "${env.USERPROFILE}\\CMakeBuilds\\${workspaceHash}\\build\\${name}",
       "installRoot": "${env.USERPROFILE}\\CMakeBuilds\\${workspaceHash}\\install\\${name}",
-      "cmakeCommandArgs": "-DBUILD_TESTING=on -DBOOST_ROOT=C:\\local\\boost_1_68_0 -DDOKAN_PATH=\"C:\\Program Files\\Dokan\\DokanLibrary-1.1.0\"",
+      "cmakeCommandArgs": "-DBUILD_TESTING=on -DBOOST_ROOT=C:\\local\\boost_1_68_0 -DDOKAN_PATH=\"C:\\Program Files\\Dokan\\Dokan Library-1.2.2\"",
       "buildCommandArgs": "-v",
       "ctestCommandArgs": ""
     },
@@ -29,7 +29,7 @@
       "inheritEnvironments": [ "msvc_x64_x64" ],
       "buildRoot": "${env.USERPROFILE}\\CMakeBuilds\\${workspaceHash}\\build\\${name}",
       "installRoot": "${env.USERPROFILE}\\CMakeBuilds\\${workspaceHash}\\install\\${name}",
-      "cmakeCommandArgs": "-DBUILD_TESTING=on -DBOOST_ROOT=C:\\local\\boost_1_68_0 -DDOKAN_PATH=\"C:\\Program Files\\Dokan\\DokanLibrary-1.1.0\"",
+      "cmakeCommandArgs": "-DBUILD_TESTING=on -DBOOST_ROOT=C:\\local\\boost_1_68_0 -DDOKAN_PATH=\"C:\\Program Files\\Dokan\\Dokan Library-1.2.2\"",
       "buildCommandArgs": "-v",
       "ctestCommandArgs": ""
     },
@@ -40,7 +40,7 @@
       "inheritEnvironments": [ "msvc_x64_x64" ],
       "buildRoot": "${env.USERPROFILE}\\CMakeBuilds\\${workspaceHash}\\build\\${name}",
       "installRoot": "${env.USERPROFILE}\\CMakeBuilds\\${workspaceHash}\\install\\${name}",
-      "cmakeCommandArgs": "-DBUILD_TESTING=on -DBOOST_ROOT=C:\\local\\boost_1_68_0 -DDOKAN_PATH=\"C:\\Program Files\\Dokan\\DokanLibrary-1.1.0\"",
+      "cmakeCommandArgs": "-DBUILD_TESTING=on -DBOOST_ROOT=C:\\local\\boost_1_68_0 -DDOKAN_PATH=\"C:\\Program Files\\Dokan\\Dokan Library-1.2.2\"",
       "buildCommandArgs": "-v",
       "ctestCommandArgs": ""
     }

ChangeLog.txt

@@ -1,4 +1,4 @@
-Version 0.10.2 (unreleased)
+Version 0.10.2
 ---------------
 Fixed bugs:
 * Fix occasional crash in mkdir() on Windows
@@ -7,6 +7,9 @@ Fixed bugs:
 Improvements:
 * Better logging when local state can't be loaded
 
+Other:
+* Updated to crypto++ 8.2
+
 
 Version 0.10.1
 ---------------

src/blobstore/implementations/onblocks/datatreestore/impl/LeafTraverser.cpp

@@ -215,7 +215,7 @@ namespace blobstore {
                 if (endIndex > beginIndex) {
                     onBacktrackFromSubtree(newNode.get());
                 }
-                return std::move(newNode);
+                return newNode;
             }
 
             uint32_t LeafTraverser::_maxLeavesForTreeDepth(uint8_t depth) const {

src/blockstore/implementations/caching/cache/QueueMap.h

@@ -48,7 +48,7 @@ public:
     _removeFromQueue(found->second);
     auto value = found->second.release();
     _entries.erase(found);
-    return std::move(value);
+    return value;
   }
 
   boost::optional<Value> pop() {
@@ -83,7 +83,7 @@ private:
     }
     void init(const Key *key_, Value value_) {
       key = key_;
-      new(__value) Value(std::move(value_));
+      new(__value.data()) Value(std::move(value_));
     }
     Value release() {
       Value value = std::move(*_value());
@@ -98,9 +98,9 @@ private:
     const Key *key;
   private:
     Value *_value() {
-      return reinterpret_cast<Value*>(__value);
+      return reinterpret_cast<Value*>(__value.data());
     }
-    alignas(Value) char __value[sizeof(Value)];
+    alignas(Value) std::array<char, sizeof(Value)> __value;
     DISALLOW_COPY_AND_ASSIGN(Entry);
   };
 

src/cpp-utils/crypto/RandomPadding.cpp

@@ -29,6 +29,6 @@ namespace cpputils {
         };
         Data result(size);
         std::memcpy(result.data(), data.dataOffset(sizeof(size)), size);
-        return std::move(result);
+        return result;
     }
 }

src/cpp-utils/crypto/symmetric/CFB_Cipher.h

@@ -70,7 +70,7 @@ boost::optional<Data> CFB_Cipher<BlockCipher, KeySize>::decrypt(const CryptoPP::
 	  // TODO Shouldn't we pass in ciphertextSize instead of plaintext.size() here as last argument (and also in the if above)?
 	  decryption.ProcessData(static_cast<CryptoPP::byte*>(plaintext.data()), ciphertextData, plaintext.size());
   }
-  return std::move(plaintext);
+  return plaintext;
 }
 
 }

src/cpp-utils/crypto/symmetric/GCM_Cipher.h

@@ -80,7 +80,7 @@ boost::optional<Data> GCM_Cipher<BlockCipher, KeySize>::decrypt(const CryptoPP::
           CryptoPP::AuthenticatedDecryptionFilter::DEFAULT_FLAGS, TAG_SIZE
         )
       );
-      return std::move(plaintext);
+      return plaintext;
     } catch (const CryptoPP::HashVerificationFilter::HashVerificationFailed &e) {
       return boost::none;
     }

src/cpp-utils/crypto/symmetric/testutils/FakeAuthenticatedCipher.h

@@ -91,7 +91,7 @@ namespace cpputils {
           Data result(plaintextSize(ciphertextSize));
           _xor(static_cast<CryptoPP::byte *>(result.data()), ciphertext + sizeof(uint64_t), plaintextSize(ciphertextSize), encKey.value ^ iv);
 
-          return std::move(result);
+          return result;
         }
 
         static constexpr const char *NAME = "FakeAuthenticatedCipher";
@@ -100,7 +100,7 @@ namespace cpputils {
         static uint64_t _checksum(const CryptoPP::byte *data, FakeKey encKey, std::size_t size) {
           uint64_t checksum = 34343435 * encKey.value; // some init value
 
-          for (unsigned int i = 0; i < size; ++i) {
+          for (size_t i = 0; i < size; ++i) {
             checksum ^= (static_cast<uint64_t>(data[i]) << (56 - 8 * (i%8)));
           }
 

src/cpp-utils/data/FixedSizeData.h

@@ -37,7 +37,7 @@ private:
   FixedSizeData(): _data() {}
   template<size_t _SIZE> friend class FixedSizeData;
 
-  unsigned char _data[BINARY_LENGTH];
+  std::array<unsigned char, BINARY_LENGTH> _data;
 };
 
 template<size_t SIZE> bool operator==(const FixedSizeData<SIZE> &lhs, const FixedSizeData<SIZE> &rhs);
@@ -51,7 +51,7 @@ template<size_t SIZE> constexpr size_t FixedSizeData<SIZE>::STRING_LENGTH;
 template<size_t SIZE>
 FixedSizeData<SIZE> FixedSizeData<SIZE>::Null() {
   FixedSizeData<SIZE> result;
-  std::memset(result._data, 0, BINARY_LENGTH);
+  std::memset(result._data.data(), 0, BINARY_LENGTH);
   return result;
 }
 
@@ -62,7 +62,7 @@ FixedSizeData<SIZE> FixedSizeData<SIZE>::FromString(const std::string &data) {
   {
     CryptoPP::StringSource _1(data, true,
       new CryptoPP::HexDecoder(
-        new CryptoPP::ArraySink(result._data, BINARY_LENGTH)
+        new CryptoPP::ArraySink(result._data.data(), BINARY_LENGTH)
       )
     );
   }
@@ -72,7 +72,7 @@ FixedSizeData<SIZE> FixedSizeData<SIZE>::FromString(const std::string &data) {
 template<size_t SIZE>
 std::string FixedSizeData<SIZE>::ToString() const {
   std::string result;
-  CryptoPP::ArraySource(_data, BINARY_LENGTH, true,
+  CryptoPP::ArraySource(_data.data(), BINARY_LENGTH, true,
     new CryptoPP::HexEncoder(
       new CryptoPP::StringSink(result)
     )
@@ -83,7 +83,7 @@ std::string FixedSizeData<SIZE>::ToString() const {
 
 template<size_t SIZE>
 const unsigned char *FixedSizeData<SIZE>::data() const {
-  return _data;
+  return _data.data();
 }
 
 template<size_t SIZE>
@@ -93,13 +93,13 @@ unsigned char *FixedSizeData<SIZE>::data() {
 
 template<size_t SIZE>
 void FixedSizeData<SIZE>::ToBinary(void *target) const {
-  std::memcpy(target, _data, BINARY_LENGTH);
+  std::memcpy(target, _data.data(), BINARY_LENGTH);
 }
 
 template<size_t SIZE>
 FixedSizeData<SIZE> FixedSizeData<SIZE>::FromBinary(const void *source) {
   FixedSizeData<SIZE> result;
-  std::memcpy(result._data, source, BINARY_LENGTH);
+  std::memcpy(result._data.data(), source, BINARY_LENGTH);
   return result;
 }
 
@@ -107,7 +107,7 @@ template<size_t SIZE> template<size_t size>
 FixedSizeData<size> FixedSizeData<SIZE>::take() const {
   static_assert(size <= SIZE, "Out of bounds");
   FixedSizeData<size> result;
-  std::memcpy(result._data, _data, size);
+  std::memcpy(result._data.data(), _data.data(), size);
   return result;
 }
 
@@ -115,7 +115,7 @@ template<size_t SIZE> template<size_t size>
 FixedSizeData<SIZE-size> FixedSizeData<SIZE>::drop() const {
   static_assert(size <= SIZE, "Out of bounds");
   FixedSizeData<SIZE-size> result;
-  std::memcpy(result._data, _data+size, SIZE-size);
+  std::memcpy(result._data.data(), _data.data()+size, SIZE-size);
   return result;
 }
 

src/cpp-utils/io/IOStreamConsole.cpp

@@ -67,7 +67,7 @@ unsigned int IOStreamConsole::ask(const string &question, const vector<string> &
         throw std::invalid_argument("options should have at least one entry");
     }
     _output << question << "\n";
-    for (unsigned int i = 0; i < options.size(); ++i) {
+    for (size_t i = 0; i < options.size(); ++i) {
         _output << " [" << (i+1) << "] " << options[i] << "\n";
     }
     int choice = _askForChoice("Your choice [1-" + std::to_string(options.size()) + "]: ", _parseUIntWithMinMax(1, options.size()));

src/cpp-utils/process/subprocess.cpp

@@ -2,6 +2,7 @@
 #include <cstdio>
 #include <stdexcept>
 #include <cerrno>
+#include <array>
 
 #if defined(__APPLE__)
 
@@ -44,9 +45,9 @@ namespace cpputils {
 
 		string getOutput() {
 			string output;
-			char buffer[1024];
+			std::array<char, 1024> buffer{};
-			while (fgets(buffer, sizeof(buffer), _subprocess) != nullptr) {
+			while (fgets(buffer.data(), buffer.size(), _subprocess) != nullptr) {
-				output += buffer;
+				output += buffer.data();
 			}
 			return output;
 		}

src/cpp-utils/system/filetime_nonwindows.cpp

@@ -5,15 +5,16 @@
 #include <sys/time.h>
 #include <sys/stat.h>
 #include <errno.h>
+#include <array>
 #include <cpp-utils/system/stat.h>
 
 namespace cpputils {
 
 int set_filetime(const char *filepath, timespec lastAccessTime, timespec lastModificationTime) {
-	struct timeval casted_times[2];
+	std::array<struct timeval, 2> casted_times{};
 	TIMESPEC_TO_TIMEVAL(&casted_times[0], &lastAccessTime);
 	TIMESPEC_TO_TIMEVAL(&casted_times[1], &lastModificationTime);
-	int retval = ::utimes(filepath, casted_times);
+	int retval = ::utimes(filepath, casted_times.data());
 	if (0 == retval) {
 		return 0;
 	} else {

src/cpp-utils/thread/debugging_nonwindows.cpp

@@ -71,11 +71,11 @@ int pthread_getname_np_gcompat(pthread_t thread, char *name, size_t len) {
 #endif
 
 std::string get_thread_name(pthread_t thread) {
-  char name[MAX_NAME_LEN];
+  std::array<char, MAX_NAME_LEN> name{};
 #if defined(__GLIBC__) || defined(__APPLE__)
-  int result = pthread_getname_np(thread, name, MAX_NAME_LEN);
+  int result = pthread_getname_np(thread, name.data(), MAX_NAME_LEN);
 #else
-  int result = pthread_getname_np_gcompat(thread, name, MAX_NAME_LEN);
+  int result = pthread_getname_np_gcompat(thread, name.data(), MAX_NAME_LEN);
 #endif
   if (0 != result) {
     throw std::runtime_error("Error getting thread name with pthread_getname_np. Code: " + std::to_string(result));
@@ -83,7 +83,7 @@ std::string get_thread_name(pthread_t thread) {
   // pthread_getname_np returns a null terminated string with maximum 16 bytes.
   // but just to be safe against a buggy implementation, let's set the last byte to zero.
   name[MAX_NAME_LEN - 1] = '\0';
-  return name;
+  return name.data();
 }
 
 }

src/cryfs-cli/Cli.cpp

@@ -404,7 +404,7 @@ namespace cryfs_cli {
         return false;
     }
 
-    int Cli::main(int argc, const char *argv[], unique_ref<HttpClient> httpClient, std::function<void()> onMounted) {
+    int Cli::main(int argc, const char **argv, unique_ref<HttpClient> httpClient, std::function<void()> onMounted) {
         cpputils::showBacktraceOnCrash();
         cpputils::set_thread_name("cryfs");
 

src/cryfs-cli/Cli.h

@@ -18,7 +18,7 @@ namespace cryfs_cli {
     class Cli final {
     public:
         Cli(cpputils::RandomGenerator &keyGenerator, const cpputils::SCryptSettings& scryptSettings, std::shared_ptr<cpputils::Console> console);
-        int main(int argc, const char *argv[], cpputils::unique_ref<cpputils::HttpClient> httpClient, std::function<void()> onMounted);
+        int main(int argc, const char **argv, cpputils::unique_ref<cpputils::HttpClient> httpClient, std::function<void()> onMounted);
 
     private:
         void _checkForUpdates(cpputils::unique_ref<cpputils::HttpClient> httpClient);

src/cryfs-cli/program_options/Parser.cpp

@@ -20,11 +20,11 @@ using boost::optional;
 using boost::none;
 using namespace cpputils::logging;
 
-Parser::Parser(int argc, const char *argv[])
+Parser::Parser(int argc, const char **argv)
         :_options(_argsToVector(argc, argv)) {
 }
 
-vector<string> Parser::_argsToVector(int argc, const char *argv[]) {
+vector<string> Parser::_argsToVector(int argc, const char **argv) {
     vector<string> result;
     for(int i = 0; i < argc; ++i) {
         result.push_back(argv[i]);

src/cryfs-cli/program_options/Parser.h

@@ -10,12 +10,12 @@ namespace cryfs_cli {
     namespace program_options {
         class Parser final {
         public:
-            Parser(int argc, const char *argv[]);
+            Parser(int argc, const char **argv);
 
             ProgramOptions parse(const std::vector<std::string> &supportedCiphers) const;
 
         private:
-            static std::vector<std::string> _argsToVector(int argc, const char *argv[]);
+            static std::vector<std::string> _argsToVector(int argc, const char **argv);
             static std::vector<const char*> _to_const_char_vector(const std::vector<std::string> &options);
             static void _addAllowedOptions(boost::program_options::options_description *desc);
             static void _addPositionalOptionForBaseDir(boost::program_options::options_description *desc,

src/cryfs-unmount/Cli.cpp

@@ -18,7 +18,7 @@ void _showVersion() {
 }
 }
 
-void Cli::main(int argc, const char* argv[]) {
+void Cli::main(int argc, const char **argv) {
     _showVersion();
     ProgramOptions options = Parser(argc, argv).parse();
 

src/cryfs-unmount/Cli.h

@@ -6,7 +6,7 @@ namespace cryfs_unmount {
 
 class Cli final {
 public:
-    void main(int argc, const char* argv[]);
+    void main(int argc, const char **argv);
 };
 
 }

src/cryfs-unmount/program_options/Parser.cpp

@@ -17,11 +17,11 @@ using std::endl;
 using std::string;
 using namespace cpputils::logging;
 
-Parser::Parser(int argc, const char *argv[])
+Parser::Parser(int argc, const char **argv)
 	:_options(_argsToVector(argc, argv)) {
 }
 
-vector<string> Parser::_argsToVector(int argc, const char *argv[]) {
+vector<string> Parser::_argsToVector(int argc, const char **argv) {
 	vector<string> result;
 	for (int i = 0; i < argc; ++i) {
 		result.push_back(argv[i]);

src/cryfs-unmount/program_options/Parser.h

@@ -10,12 +10,12 @@ namespace cryfs_unmount {
 	namespace program_options {
 		class Parser final {
 		public:
-			Parser(int argc, const char *argv[]);
+			Parser(int argc, const char **argv);
 
 			ProgramOptions parse() const;
 
 		private:
-			static std::vector<std::string> _argsToVector(int argc, const char *argv[]);
+			static std::vector<std::string> _argsToVector(int argc, const char **argv);
 			static std::vector<const char*> _to_const_char_vector(const std::vector<std::string> &options);
 			static void _addAllowedOptions(boost::program_options::options_description *desc);
 			static void _addPositionalOptionForBaseDir(boost::program_options::options_description *desc,

src/cryfs/impl/config/CryConfigConsole.cpp

@@ -29,7 +29,7 @@ namespace cryfs {
         bool askAgain = true;
         while(askAgain) {
             _console->print("\n");
-            int cipherIndex = _console->ask("Which block cipher do you want to use?", ciphers);
+            unsigned int cipherIndex = _console->ask("Which block cipher do you want to use?", ciphers);
             cipherName = ciphers[cipherIndex];
             askAgain = !_showWarningForCipherAndReturnIfOk(cipherName);
         };
@@ -54,7 +54,7 @@ namespace cryfs {
 
     uint32_t CryConfigConsole::_askBlocksizeBytes() const {
         vector<string> sizes = {"4KB", "8KB", "16KB", "32KB", "64KB", "512KB", "1MB", "4MB"};
-        int index = _console->ask("Which block size do you want to use?", sizes);
+        unsigned int index = _console->ask("Which block size do you want to use?", sizes);
         switch(index) {
             case 0: return 4*1024;
             case 1: return 8*1024;

src/cryfs/impl/config/CryConfigFile.cpp

@@ -49,7 +49,7 @@ either<CryConfigFile::LoadError, unique_ref<CryConfigFile>> CryConfigFile::load(
         configFile->save();
     }
     //TODO For newer compilers, this works without std::move
-    return std::move(configFile);
+    return configFile;
 }
 
 unique_ref<CryConfigFile> CryConfigFile::create(bf::path path, CryConfig config, CryKeyProvider* keyProvider) {

src/cryfs/impl/filesystem/fsblobstore/SymlinkBlob.cpp

@@ -28,6 +28,7 @@ unique_ref<SymlinkBlob> SymlinkBlob::InitializeSymlink(unique_ref<Blob> blob, co
 }
 
 bf::path SymlinkBlob::_readTargetFromBlob(const FsBlobView &blob) {
+  // NOLINTNEXTLINE(cppcoreguidelines-avoid-c-arrays)
   auto targetStr = std::make_unique<char[]>(blob.size() + 1); // +1 because of the nullbyte
   blob.read(targetStr.get(), 0, blob.size());
   targetStr[blob.size()] = '\0';

src/cryfs/impl/filesystem/fsblobstore/utils/DirEntryList.cpp

@@ -175,7 +175,7 @@ vector<DirEntry>::iterator DirEntryList::_findFirst(const BlockId &hint, std::fu
         return _entries.end();
     }
     double startpos_percent = static_cast<double>(*static_cast<const unsigned char*>(hint.data().data())) / std::numeric_limits<unsigned char>::max();
-    auto iter = _entries.begin() + static_cast<int>(startpos_percent * (_entries.size()-1));
+    auto iter = _entries.begin() + static_cast<int>(startpos_percent * static_cast<double>(_entries.size()-1));
     ASSERT(iter >= _entries.begin() && iter < _entries.end(), "Startpos out of range");
     while(iter != _entries.begin() && pred(*iter)) {
         --iter;

src/fspp/fstest/FsppOpenFileTest_Timestamps.h

@@ -72,8 +72,8 @@ TYPED_TEST_P(FsppOpenFileTest_Timestamps, truncate_nonempty_to_nonempty_grow) {
 TYPED_TEST_P(FsppOpenFileTest_Timestamps, read_inbounds) {
     auto openFile = this->CreateAndOpenFileWithSize("/myfile", fspp::num_bytes_t(10));
     auto operation = [&openFile] () {
-        char buffer[5];
+        std::array<char, 5> buffer{};
-        openFile->read(buffer, fspp::num_bytes_t(5), fspp::num_bytes_t(0));
+        openFile->read(buffer.data(), fspp::num_bytes_t(5), fspp::num_bytes_t(0));
     };
     this->EXPECT_OPERATION_UPDATES_TIMESTAMPS_AS(*openFile, operation, {this->ExpectUpdatesAccessTimestamp, this->ExpectDoesntUpdateModificationTimestamp, this->ExpectDoesntUpdateMetadataTimestamp});
 }
@@ -81,8 +81,8 @@ TYPED_TEST_P(FsppOpenFileTest_Timestamps, read_inbounds) {
 TYPED_TEST_P(FsppOpenFileTest_Timestamps, read_outofbounds) {
     auto openFile = this->CreateAndOpenFileWithSize("/myfile", fspp::num_bytes_t(0));
     auto operation = [&openFile] () {
-        char buffer[5];
+        std::array<char, 5> buffer{};
-        openFile->read(buffer, fspp::num_bytes_t(5), fspp::num_bytes_t(2));
+        openFile->read(buffer.data(), fspp::num_bytes_t(5), fspp::num_bytes_t(2));
     };
     this->EXPECT_OPERATION_UPDATES_TIMESTAMPS_AS(*openFile, operation, {this->ExpectUpdatesAccessTimestamp, this->ExpectDoesntUpdateModificationTimestamp, this->ExpectDoesntUpdateMetadataTimestamp});
 }

src/fspp/fuse/Fuse.cpp

@@ -113,8 +113,8 @@ int fusepp_ftruncate(const char *path, int64_t size, fuse_file_info *fileinfo) {
   return FUSE_OBJ->ftruncate(bf::path(path), size, fileinfo);
 }
 
-int fusepp_utimens(const char *path, const timespec times[2]) {
+int fusepp_utimens(const char *path, const timespec times[2]) {  // NOLINT(cppcoreguidelines-avoid-c-arrays)
-  return FUSE_OBJ->utimens(bf::path(path), times);
+  return FUSE_OBJ->utimens(bf::path(path), {times[0], times[1]});
 }
 
 int fusepp_open(const char *path, fuse_file_info *fileinfo) {
@@ -540,7 +540,6 @@ int Fuse::unlink(const bf::path &path) {
   try {
     ASSERT(is_valid_fspp_path(path), "has to be an absolute path");
     _fs->unlink(path);
-      ThreadNameForDebugging _threadName("unlink");
 #ifdef FSPP_LOG
     LOG(DEBUG, "unlink({}): success", path);
 #endif
@@ -778,7 +777,7 @@ int Fuse::ftruncate(const bf::path &path, int64_t size, fuse_file_info *fileinfo
   }
 }
 
-int Fuse::utimens(const bf::path &path, const timespec times[2]) {
+int Fuse::utimens(const bf::path &path, const std::array<timespec, 2> times) {
   ThreadNameForDebugging _threadName("utimens");
 #ifdef FSPP_LOG
   LOG(DEBUG, "utimens({}, _)", path);

src/fspp/fuse/Fuse.h

@@ -45,7 +45,7 @@ public:
   int chown(const boost::filesystem::path &path, ::uid_t uid, ::gid_t gid);
   int truncate(const boost::filesystem::path &path, int64_t size);
   int ftruncate(const boost::filesystem::path &path, int64_t size, fuse_file_info *fileinfo);
-  int utimens(const boost::filesystem::path &path, const timespec times[2]);
+  int utimens(const boost::filesystem::path &path, const std::array<timespec, 2> times);
   int open(const boost::filesystem::path &path, fuse_file_info *fileinfo);
   int release(const boost::filesystem::path &path, fuse_file_info *fileinfo);
   int read(const boost::filesystem::path &path, char *buf, size_t size, int64_t offset, fuse_file_info *fileinfo);

src/parallelaccessstore/ParallelAccessStore.h

@@ -165,7 +165,7 @@ cpputils::unique_ref<ResourceRef> ParallelAccessStore<Resource, ResourceRef, Key
         auto resourceRef = createResourceRef(found->second.getReference());
         resourceRef->init(this, key);
         onExists(resourceRef.get());
-        return std::move(resourceRef);
+        return resourceRef;
     }
 };
 
@@ -190,7 +190,7 @@ boost::optional<cpputils::unique_ref<ResourceRef>> ParallelAccessStore<Resource,
   } else {
     auto resourceRef = createResourceRef(found->second.getReference());
     resourceRef->init(this, key);
-    return std::move(resourceRef);
+    return resourceRef;
   }
 }
 

test/blobstore/implementations/onblocks/datatreestore/DataTreeTest_ResizeByTraversing.cpp

@@ -222,7 +222,7 @@ TEST_P(DataTreeTest_ResizeByTraversing_P, DataStaysIntact) {
   if (traversalBeginIndex < oldNumberOfLeaves) {
       // Traversal wrote over part of the pre-existing data, we can only check the data before it.
       if (traversalBeginIndex != 0) {
-          data.EXPECT_DATA_CORRECT(nodeStore->load(blockId).get().get(), traversalBeginIndex - 1);
+          data.EXPECT_DATA_CORRECT(nodeStore->load(blockId).get().get(), static_cast<int>(traversalBeginIndex - 1));
       }
   } else {
       // Here, traversal was entirely outside the preexisting data, we can check all preexisting data.

test/blobstore/implementations/onblocks/datatreestore/testutils/TwoLevelDataFixture.h

@@ -67,7 +67,7 @@ private:
     case SizePolicy::Full:
       return _dataNodeStore->layout().maxBytesPerLeaf();
     case SizePolicy::Random:
-      return mod(_dataNodeStore->layout().maxBytesPerLeaf() - childIndex, _dataNodeStore->layout().maxBytesPerLeaf());
+      return mod(static_cast<int>(_dataNodeStore->layout().maxBytesPerLeaf() - childIndex), static_cast<int>(_dataNodeStore->layout().maxBytesPerLeaf()));
     case SizePolicy::Unchanged:
       return leaf->numBytes();
     default:

test/blockstore/implementations/caching/cache/CacheTest_PushAndPop.cpp

@@ -21,7 +21,7 @@ TEST_F(CacheTest_PushAndPop, PopNonExistingEntry_NonEmptyCache) {
 
 TEST_F(CacheTest_PushAndPop, PopNonExistingEntry_FullCache) {
   //Add a lot of even numbered keys
-  for (unsigned int i = 0; i < MAX_ENTRIES; ++i) {
+  for (int i = 0; i < static_cast<int>(MAX_ENTRIES); ++i) {
     push(2*i, 2*i);
   }
   //Request an odd numbered key
@@ -43,35 +43,35 @@ TEST_F(CacheTest_PushAndPop, MultipleEntries) {
 }
 
 TEST_F(CacheTest_PushAndPop, FullCache) {
-  for(unsigned int i = 0; i < MAX_ENTRIES; ++i) {
+  for(int i = 0; i < static_cast<int>(MAX_ENTRIES); ++i) {
     push(i, 2*i);
   }
-  for(unsigned int i = 0; i < MAX_ENTRIES; ++i) {
+  for(int i = 0; i < static_cast<int>(MAX_ENTRIES); ++i) {
-    EXPECT_EQ(static_cast<signed int>(2*i), pop(i).value());
+    EXPECT_EQ(2*i, pop(i).value());
   }
 }
 
 TEST_F(CacheTest_PushAndPop, FullCache_PushNonOrdered_PopOrdered) {
-  for(unsigned int i = 1; i < MAX_ENTRIES; i += 2) {
+  for(int i = 1; i < static_cast<int>(MAX_ENTRIES); i += 2) {
     push(i, 2*i);
   }
-  for(unsigned int i = 0; i < MAX_ENTRIES; i += 2) {
+  for(int i = 0; i < static_cast<int>(MAX_ENTRIES); i += 2) {
     push(i, 2*i);
   }
-  for(unsigned int i = 0; i < MAX_ENTRIES; ++i) {
+  for(int i = 0; i < static_cast<int>(MAX_ENTRIES); ++i) {
-    EXPECT_EQ(static_cast<signed int>(2*i), pop(i).value());
+    EXPECT_EQ(2*i, pop(i).value());
   }
 }
 
 TEST_F(CacheTest_PushAndPop, FullCache_PushOrdered_PopNonOrdered) {
-  for(unsigned int i = 0; i < MAX_ENTRIES; ++i) {
+  for(int i = 0; i < static_cast<int>(MAX_ENTRIES); ++i) {
     push(i, 2*i);
   }
-  for(unsigned int i = 1; i < MAX_ENTRIES; i += 2) {
+  for(int i = 1; i < static_cast<int>(MAX_ENTRIES); i += 2) {
-    EXPECT_EQ(static_cast<signed int>(2*i), pop(i).value());
+    EXPECT_EQ(2*i, pop(i).value());
   }
-  for(unsigned int i = 0; i < MAX_ENTRIES; i += 2) {
+  for(int i = 0; i < static_cast<int>(MAX_ENTRIES); i += 2) {
-    EXPECT_EQ(static_cast<signed int>(2*i), pop(i).value());
+    EXPECT_EQ(2*i, pop(i).value());
   }
 }
 
@@ -95,27 +95,27 @@ TEST_F(CacheTest_PushAndPop, FullCache_PushNonOrdered_PopNonOrdered) {
   for(int i = roundDownToEven(MAX_ENTRIES - 1); i >= 0; i -= 2) {
     push(i, 2*i);
   }
-  for(unsigned int i = 1; i < MAX_ENTRIES; i += 2) {
+  for(int i = 1; i < static_cast<int>(MAX_ENTRIES); i += 2) {
     push(i, 2*i);
   }
   for(int i = roundDownToOdd(MAX_ENTRIES-1); i >= 0; i -= 2) {
-    EXPECT_EQ(static_cast<signed int>(2*i), pop(i).value());
+    EXPECT_EQ(2*i, pop(i).value());
   }
-  for(unsigned int i = 0; i < MAX_ENTRIES; i += 2) {
+  for(int i = 0; i < static_cast<int>(MAX_ENTRIES); i += 2) {
-    EXPECT_EQ(static_cast<signed int>(2*i), pop(i).value());
+    EXPECT_EQ(2*i, pop(i).value());
   }
 }
 
 TEST_F(CacheTest_PushAndPop, MoreThanFullCache) {
-  for(unsigned int i = 0; i < MAX_ENTRIES + 2; ++i) {
+  for(int i = 0; i < static_cast<int>(MAX_ENTRIES + 2); ++i) {
     push(i, 2*i);
   }
   //Check that the oldest two elements got deleted automatically
   EXPECT_EQ(boost::none, pop(0));
   EXPECT_EQ(boost::none, pop(1));
   //Check the other elements are still there
-  for(unsigned int i = 2; i < MAX_ENTRIES + 2; ++i) {
+  for(int i = 2; i < static_cast<int>(MAX_ENTRIES + 2); ++i) {
-    EXPECT_EQ(static_cast<signed int>(2*i), pop(i).value());
+    EXPECT_EQ(2*i, pop(i).value());
   }
 }
 

test/cpp-utils/assert/exit_signal.cpp

@@ -6,7 +6,7 @@
 #include <Windows.h>
 #endif
 
-void handle_exit_signal(char* argv[]) {
+void handle_exit_signal(char **argv) {
 	const std::string kind = argv[1];
 	if (kind == "exception") {
 		throw std::logic_error(argv[2]);
@@ -18,7 +18,7 @@ void handle_exit_signal(char* argv[]) {
 		DWORD code = std::atoll(argv[2]);
 		::RaiseException(code, EXCEPTION_NONCONTINUABLE, 0, NULL);
 #else
-		int code = std::strtol(argv[2], nullptr, 10);
+		int code = static_cast<int>(std::strtol(argv[2], nullptr, 10));
 		::raise(code);
 #endif
 	}

test/cpp-utils/process/exit_status.cpp

@@ -11,6 +11,6 @@ int main(int argc, char* argv[]) {
 
 	std::cout << argv[1];
 
-	int exit_status = std::strtol(argv[2], nullptr, 10);
+	int exit_status = static_cast<int>(std::strtol(argv[2], nullptr, 10));
 	return exit_status;
 }

test/cryfs-cli/program_options/testutils/ProgramOptionsTestBase.h

@@ -10,7 +10,7 @@ public:
     void EXPECT_VECTOR_EQ(std::initializer_list<std::string> expected, const std::vector<std::string> &actual) {
         std::vector<std::string> expectedVec(expected);
         ASSERT_EQ(expectedVec.size(), actual.size());
-        for(unsigned int i = 0; i < expectedVec.size(); ++i) {
+        for(size_t i = 0; i < expectedVec.size(); ++i) {
             EXPECT_EQ(expectedVec[i], actual[i]);
         }
     }

test/cryfs-cli/testutils/CliTest.h

@@ -40,7 +40,7 @@ public:
     cpputils::unique_ref<cpputils::HttpClient> _httpClient() {
         cpputils::unique_ref<cpputils::FakeHttpClient> httpClient = cpputils::make_unique_ref<cpputils::FakeHttpClient>();
         httpClient->addWebsite("https://www.cryfs.org/version_info.json", "{\"version_info\":{\"current\":\"0.8.5\"}}");
-        return std::move(httpClient);
+        return httpClient;
     }
 
     int run(const std::vector<std::string>& args, std::function<void()> onMounted) {

test/fspp/fuse/read/FuseReadFileDescriptorTest.cpp

@@ -20,6 +20,6 @@ TEST_P(FuseReadFileDescriptorTest, FileDescriptorIsCorrect) {
   EXPECT_CALL(*fsimpl, read(Eq(GetParam()), _, _, _))
     .Times(1).WillOnce(ReturnSuccessfulRead);
 
-  char buf[1];
+  std::array<char, 1> buf{};
-  ReadFile(FILENAME, buf, fspp::num_bytes_t(1), fspp::num_bytes_t(0));
+  ReadFile(FILENAME, buf.data(), fspp::num_bytes_t(1), fspp::num_bytes_t(0));
 }

test/fspp/fuse/read/FuseReadOverflowTest.cpp

@@ -26,13 +26,13 @@ constexpr fspp::num_bytes_t FuseReadOverflowTest::OFFSET;
 
 
 TEST_F(FuseReadOverflowTest, ReadMoreThanFileSizeFromBeginning) {
-  char buf[READSIZE.value()];
+  std::array<char, READSIZE.value()> buf{};
-  auto retval = ReadFileReturnError(FILENAME, buf, READSIZE, fspp::num_bytes_t(0));
+  auto retval = ReadFileReturnError(FILENAME, buf.data(), READSIZE, fspp::num_bytes_t(0));
   EXPECT_EQ(FILESIZE, retval.read_bytes);
 }
 
 TEST_F(FuseReadOverflowTest, ReadMoreThanFileSizeFromMiddle) {
-  char buf[READSIZE.value()];
+  std::array<char, READSIZE.value()> buf{};
-  auto retval = ReadFileReturnError(FILENAME, buf, READSIZE, OFFSET);
+  auto retval = ReadFileReturnError(FILENAME, buf.data(), READSIZE, OFFSET);
   EXPECT_EQ(FILESIZE-OFFSET, retval.read_bytes);
 }

test/fspp/fuse/readDir/testutils/FuseReadDirTest.cpp

@@ -80,7 +80,7 @@ void FuseReadDirTest::closeDir(DIR *dir) {
 
 Action<vector<fspp::Dir::Entry>*(const char*)> FuseReadDirTest::ReturnDirEntries(vector<std::string> entries) {
   vector<fspp::Dir::Entry> *direntries = new vector<fspp::Dir::Entry>(entries.size(), fspp::Dir::Entry(fspp::Dir::EntryType::FILE, ""));
-  for(unsigned int i = 0; i < entries.size(); ++i) {
+  for(size_t i = 0; i < entries.size(); ++i) {
     (*direntries)[i].name = entries[i];
   }
   return Return(direntries);

test/fspp/fuse/utimens/FuseUtimensTimeParameterTest.cpp

@@ -5,18 +5,18 @@ using ::testing::Return;
 using ::testing::WithParamInterface;
 using ::testing::Values;
 
-class FuseUtimensTimeParameterTest: public FuseUtimensTest, public WithParamInterface<const timespec*> {
+class FuseUtimensTimeParameterTest: public FuseUtimensTest, public WithParamInterface<std::array<timespec, 2>> {
 };
-const timespec TIMEVAL1[2] = {FuseUtimensTest::makeTimespec(0,0), FuseUtimensTest::makeTimespec(0,0)};
+const std::array<timespec, 2> TIMEVAL1 = {FuseUtimensTest::makeTimespec(0,0), FuseUtimensTest::makeTimespec(0,0)};
-const timespec TIMEVAL2[2] = {FuseUtimensTest::makeTimespec(1000,0), FuseUtimensTest::makeTimespec(0,0)};
+const std::array<timespec, 2> TIMEVAL2 = {FuseUtimensTest::makeTimespec(1000,0), FuseUtimensTest::makeTimespec(0,0)};
-const timespec TIMEVAL3[2] = {FuseUtimensTest::makeTimespec(0,1000), FuseUtimensTest::makeTimespec(0,0)};
+const std::array<timespec, 2> TIMEVAL3 = {FuseUtimensTest::makeTimespec(0,1000), FuseUtimensTest::makeTimespec(0,0)};
-const timespec TIMEVAL4[2] = {FuseUtimensTest::makeTimespec(1000,1000), FuseUtimensTest::makeTimespec(0,0)};
+const std::array<timespec, 2> TIMEVAL4 = {FuseUtimensTest::makeTimespec(1000,1000), FuseUtimensTest::makeTimespec(0,0)};
-const timespec TIMEVAL5[2] = {FuseUtimensTest::makeTimespec(0,0), FuseUtimensTest::makeTimespec(0,0)};
+const std::array<timespec, 2> TIMEVAL5 = {FuseUtimensTest::makeTimespec(0,0), FuseUtimensTest::makeTimespec(0,0)};
-const timespec TIMEVAL6[2] = {FuseUtimensTest::makeTimespec(0,0), FuseUtimensTest::makeTimespec(1000,0)};
+const std::array<timespec, 2> TIMEVAL6 = {FuseUtimensTest::makeTimespec(0,0), FuseUtimensTest::makeTimespec(1000,0)};
-const timespec TIMEVAL7[2] = {FuseUtimensTest::makeTimespec(0,0), FuseUtimensTest::makeTimespec(0,1000)};
+const std::array<timespec, 2> TIMEVAL7 = {FuseUtimensTest::makeTimespec(0,0), FuseUtimensTest::makeTimespec(0,1000)};
-const timespec TIMEVAL8[2] = {FuseUtimensTest::makeTimespec(0,0), FuseUtimensTest::makeTimespec(1000,1000)};
+const std::array<timespec, 2> TIMEVAL8 = {FuseUtimensTest::makeTimespec(0,0), FuseUtimensTest::makeTimespec(1000,1000)};
-const timespec TIMEVAL9[2] = {FuseUtimensTest::makeTimespec(1417196126,123000), FuseUtimensTest::makeTimespec(1417109713,321000)}; // current timestamp and the day before as of writing this test case
+const std::array<timespec, 2> TIMEVAL9 = {FuseUtimensTest::makeTimespec(1417196126,123000), FuseUtimensTest::makeTimespec(1417109713,321000)}; // current timestamp and the day before as of writing this test case
-const timespec TIMEVAL10[2] = {FuseUtimensTest::makeTimespec(UINT64_C(1024)*1024*1024*1024,999000), FuseUtimensTest::makeTimespec(UINT64_C(2*1024)*1024*1024*1024,321000)}; // needs 64bit for timestamp representation
+const std::array<timespec, 2> TIMEVAL10 = {FuseUtimensTest::makeTimespec(UINT64_C(1024)*1024*1024*1024,999000), FuseUtimensTest::makeTimespec(UINT64_C(2*1024)*1024*1024*1024,321000)}; // needs 64bit for timestamp representation
 INSTANTIATE_TEST_CASE_P(FuseUtimensTimeParameterTest, FuseUtimensTimeParameterTest,
     Values(TIMEVAL1, TIMEVAL2, TIMEVAL3, TIMEVAL4, TIMEVAL5, TIMEVAL6, TIMEVAL7, TIMEVAL8, TIMEVAL9, TIMEVAL10));
 

test/fspp/fuse/write/FuseWriteFileDescriptorTest.cpp

@@ -21,6 +21,6 @@ TEST_P(FuseWriteFileDescriptorTest, FileDescriptorIsCorrect) {
   EXPECT_CALL(*fsimpl, write(Eq(GetParam()), _, _, _))
     .Times(1).WillOnce(Return());
 
-  char buf[1];
+  std::array<char, 1> buf{};
-  WriteFile(FILENAME, buf, fspp::num_bytes_t(1), fspp::num_bytes_t(0));
+  WriteFile(FILENAME, buf.data(), fspp::num_bytes_t(1), fspp::num_bytes_t(0));
 }

vendor/README

@@ -1,6 +1,6 @@
 This directory contains external projects, taken from the following locations:
 googletest: https://github.com/google/googletest/tree/release-1.8.1
 spdlog: https://github.com/gabime/spdlog/tree/v1.3.1/include/spdlog
-cryptopp: https://github.com/weidai11/cryptopp/tree/CRYPTOPP_8_1_0
+cryptopp: https://github.com/weidai11/cryptopp/tree/CRYPTOPP_8_2_0
- - changed: added CMakeLists.txt and cryptopp-config.cmake from https://github.com/noloader/cryptopp-cmake/tree/07a064d57d97477cb055f994a498f45425df0c1d
+ - changed: added CMakeLists.txt and cryptopp-config.cmake from https://github.com/noloader/cryptopp-cmake/tree/CRYPTOPP_8_2_0
  - changed: commented out line including winapifamily.h in CMakeLists.txt

vendor/cryptopp/vendor_cryptopp/Doxyfile

@@ -41,7 +41,7 @@ PROJECT_NAME           = Crypto++
 # could be handy for archiving the generated documentation or if some version
 # control system is used.
 
-PROJECT_NUMBER         = 8.1
+PROJECT_NUMBER         = 8.2
 
 # Using the PROJECT_BRIEF tag one can provide an optional one line description
 # for a project that appears at the top of each page and should give viewer a

vendor/cryptopp/vendor_cryptopp/Filelist.txt

@@ -542,6 +542,7 @@ TestVectors/shacal2.txt
 TestVectors/simeck.txt
 TestVectors/simon.txt
 TestVectors/siphash.txt
+TestVectors/skipjack.txt
 TestVectors/sm3.txt
 TestVectors/sm4.txt
 TestVectors/sosemanuk.txt

vendor/cryptopp/vendor_cryptopp/GNUmakefile

@@ -10,8 +10,6 @@ SHELL = /bin/sh
 
 # If needed
 TMPDIR ?= /tmp
-# Used for ARMv7 and NEON.
-FP_ABI ?= hard
 # Used for feature tests
 TOUT ?= a.out
 TOUT := $(strip $(TOUT))
@@ -53,8 +51,6 @@ IS_SPARC64 := $(shell echo "$(HOSTX)" | $(GREP) -i -c -E 'sun|sparc64')
 IS_ARM32 := $(shell echo "$(HOSTX)" | $(GREP) -i -c -E 'arm|armhf|arm7l|eabihf')
 IS_ARMV8 := $(shell echo "$(HOSTX)" | $(GREP) -i -c -E 'aarch32|aarch64|arm64|armv8')
 
-IS_NEON := $(shell $(CXX) $(CXXFLAGS) -dumpmachine 2>/dev/null | $(GREP) -i -c -E 'armv7|armhf|arm7l|eabihf|armv8|aarch32|aarch64')
-
 # Attempt to determine platform
 SYSTEMX := $(shell $(CXX) $(CXXFLAGS) -dumpmachine 2>/dev/null)
 ifeq ($(SYSTEMX),)
@@ -439,37 +435,37 @@ endif
 #####            ARM A-32, Aach64 and NEON            #####
 ###########################################################
 
-ifneq ($(IS_ARM32)$(IS_ARMV8)$(IS_NEON),000)
+ifneq ($(IS_ARM32)$(IS_ARMV8),00)
 ifeq ($(DETECT_FEATURES),1)
 
-ifeq ($(IS_ARM32)$(IS_NEON),11)
+ifneq ($(IS_ARM32),0)
 
   TPROG = TestPrograms/test_arm_neon.cxx
-  TOPT = -march=armv7-a -mfloat-abi=$(FP_ABI) -mfpu=neon
+  TOPT = -march=armv7-a -mfpu=neon
   HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
   ifeq ($(strip $(HAVE_OPT)),0)
-    NEON_FLAG = -march=armv7-a -mfloat-abi=$(FP_ABI) -mfpu=neon
+    NEON_FLAG = -march=armv7-a -mfpu=neon
-    ARIA_FLAG = -march=armv7-a -mfloat-abi=$(FP_ABI) -mfpu=neon
+    ARIA_FLAG = -march=armv7-a -mfpu=neon
-    AES_FLAG = -march=armv7-a -mfloat-abi=$(FP_ABI) -mfpu=neon
+    AES_FLAG = -march=armv7-a -mfpu=neon
-    CRC_FLAG = -march=armv7-a -mfloat-abi=$(FP_ABI) -mfpu=neon
+    CRC_FLAG = -march=armv7-a -mfpu=neon
-    GCM_FLAG = -march=armv7-a -mfloat-abi=$(FP_ABI) -mfpu=neon
+    GCM_FLAG = -march=armv7-a -mfpu=neon
-    BLAKE2B_FLAG = -march=armv7-a -mfloat-abi=$(FP_ABI) -mfpu=neon
+    BLAKE2B_FLAG = -march=armv7-a -mfpu=neon
-    BLAKE2S_FLAG = -march=armv7-a -mfloat-abi=$(FP_ABI) -mfpu=neon
+    BLAKE2S_FLAG = -march=armv7-a -mfpu=neon
-    CHACHA_FLAG = -march=armv7-a -mfloat-abi=$(FP_ABI) -mfpu=neon
+    CHACHA_FLAG = -march=armv7-a -mfpu=neon
-    CHAM_FLAG = -march=armv7-a -mfloat-abi=$(FP_ABI) -mfpu=neon
+    CHAM_FLAG = -march=armv7-a -mfpu=neon
-    LEA_FLAG = -march=armv7-a -mfloat-abi=$(FP_ABI) -mfpu=neon
+    LEA_FLAG = -march=armv7-a -mfpu=neon
-    SHA_FLAG = -march=armv7-a -mfloat-abi=$(FP_ABI) -mfpu=neon
+    SHA_FLAG = -march=armv7-a -mfpu=neon
-    SIMECK_FLAG = -march=armv7-a -mfloat-abi=$(FP_ABI) -mfpu=neon
+    SIMECK_FLAG = -march=armv7-a -mfpu=neon
-    SIMON64_FLAG = -march=armv7-a -mfloat-abi=$(FP_ABI) -mfpu=neon
+    SIMON64_FLAG = -march=armv7-a -mfpu=neon
-    SIMON128_FLAG = -march=armv7-a -mfloat-abi=$(FP_ABI) -mfpu=neon
+    SIMON128_FLAG = -march=armv7-a -mfpu=neon
-    SPECK64_FLAG = -march=armv7-a -mfloat-abi=$(FP_ABI) -mfpu=neon
+    SPECK64_FLAG = -march=armv7-a -mfpu=neon
-    SPECK128_FLAG = -march=armv7-a -mfloat-abi=$(FP_ABI) -mfpu=neon
+    SPECK128_FLAG = -march=armv7-a -mfpu=neon
-    SM4_FLAG = -march=armv7-a -mfloat-abi=$(FP_ABI) -mfpu=neon
+    SM4_FLAG = -march=armv7-a -mfpu=neon
   else
     CXXFLAGS += -DCRYPTOPP_DISABLE_ASM
   endif
 
-# IS_NEON
+# IS_ARM32
 endif
 
 ifeq ($(IS_ARMV8),1)
@@ -485,7 +481,7 @@ ifeq ($(IS_ARMV8),1)
 
   TPROG = TestPrograms/test_arm_asimd.cxx
   TOPT = -march=armv8-a
-  HAVE_OPT = $(shell $(CXX) $(CXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
+  HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
   ifeq ($(strip $(HAVE_OPT)),0)
     ASIMD_FLAG = -march=armv8-a
     ARIA_FLAG = -march=armv8-a
@@ -508,7 +504,7 @@ ifeq ($(IS_ARMV8),1)
   ifneq ($(ASIMD_FLAG),)
     TPROG = TestPrograms/test_arm_crc.cxx
     TOPT = -march=armv8-a+crc
-    HAVE_OPT = $(shell $(CXX) $(CXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
+    HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
     ifeq ($(strip $(HAVE_OPT)),0)
       CRC_FLAG = -march=armv8-a+crc
     else
@@ -517,7 +513,7 @@ ifeq ($(IS_ARMV8),1)
 
     TPROG = TestPrograms/test_arm_aes.cxx
     TOPT = -march=armv8-a+crypto
-    HAVE_OPT = $(shell $(CXX) $(CXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
+    HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
     ifeq ($(strip $(HAVE_OPT)),0)
       AES_FLAG = -march=armv8-a+crypto
     else
@@ -526,7 +522,7 @@ ifeq ($(IS_ARMV8),1)
 
     TPROG = TestPrograms/test_arm_pmull.cxx
     TOPT = -march=armv8-a+crypto
-    HAVE_OPT = $(shell $(CXX) $(CXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
+    HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
     ifeq ($(strip $(HAVE_OPT)),0)
       GCM_FLAG = -march=armv8-a+crypto
       GF2N_FLAG = -march=armv8-a+crypto
@@ -536,7 +532,7 @@ ifeq ($(IS_ARMV8),1)
 
     TPROG = TestPrograms/test_arm_sha.cxx
     TOPT = -march=armv8-a+crypto
-    HAVE_OPT = $(shell $(CXX) $(CXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
+    HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
     ifeq ($(strip $(HAVE_OPT)),0)
       SHA_FLAG = -march=armv8-a+crypto
     else
@@ -545,7 +541,7 @@ ifeq ($(IS_ARMV8),1)
 
     TPROG = TestPrograms/test_arm_sm3.cxx
     TOPT = -march=armv8.4-a+crypto
-    HAVE_OPT = $(shell $(CXX) $(CXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
+    HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
     ifeq ($(strip $(HAVE_OPT)),0)
       SM3_FLAG = -march=armv8.4-a+crypto
       SM4_FLAG = -march=armv8.4-a+crypto
@@ -553,7 +549,7 @@ ifeq ($(IS_ARMV8),1)
 
     TPROG = TestPrograms/test_arm_sha3.cxx
     TOPT = -march=armv8.4-a+crypto
-    HAVE_OPT = $(shell $(CXX) $(CXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
+    HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
     ifeq ($(strip $(HAVE_OPT)),0)
       SHA3_FLAG = -march=armv8.4-a+crypto
     endif
@@ -567,7 +563,7 @@ endif
 # DETECT_FEATURES
 endif
 
-# IS_ARM32, IS_ARMV8, IS_NEON
+# IS_ARM32, IS_ARMV8
 endif
 
 ###########################################################
@@ -622,13 +618,21 @@ ifeq ($(DETECT_FEATURES),1)
   TOPT = $(POWER8_FLAG)
   HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
   ifeq ($(strip $(HAVE_OPT)),0)
+    AES_FLAG = $(POWER8_FLAG)
+    ARIA_FLAG = $(POWER8_FLAG)
     BLAKE2B_FLAG = $(POWER8_FLAG)
+    BLAKE2S_FLAG = $(POWER8_FLAG)
+    CHACHA_FLAG = $(POWER8_FLAG)
+    CHAM_FLAG = $(POWER8_FLAG)
     CRC_FLAG = $(POWER8_FLAG)
     GCM_FLAG = $(POWER8_FLAG)
     GF2N_FLAG = $(POWER8_FLAG)
-    AES_FLAG = $(POWER8_FLAG)
+    LEA_FLAG = $(POWER8_FLAG)
     SHA_FLAG = $(POWER8_FLAG)
     SHACAL2_FLAG = $(POWER8_FLAG)
+    SIMECK_FLAG = $(POWER8_FLAG)
+    SIMON64_FLAG = $(POWER8_FLAG)
+    SPECK64_FLAG = $(POWER8_FLAG)
     SIMON128_FLAG = $(POWER8_FLAG)
     SPECK128_FLAG = $(POWER8_FLAG)
   else
@@ -641,16 +645,7 @@ ifeq ($(DETECT_FEATURES),1)
   TPROG = TestPrograms/test_ppc_power7.cxx
   TOPT = $(POWER7_FLAG)
   HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
-  ifeq ($(strip $(HAVE_OPT)),0)
+  ifneq ($(strip $(HAVE_OPT)),0)
-    ARIA_FLAG = $(POWER7_FLAG)
-    BLAKE2S_FLAG = $(POWER7_FLAG)
-    CHACHA_FLAG = $(POWER7_FLAG)
-    CHAM_FLAG = $(POWER7_FLAG)
-    LEA_FLAG = $(POWER7_FLAG)
-    SIMECK_FLAG = $(POWER7_FLAG)
-    SIMON64_FLAG = $(POWER7_FLAG)
-    SPECK64_FLAG = $(POWER7_FLAG)
-  else
     POWER7_FLAG =
   endif
 
@@ -693,18 +688,12 @@ ifeq ($(DETECT_FEATURES),1)
   #####################################################################
   # Fixups for algorithms that can drop to a lower ISA, if needed
 
-  # Drop to Power7 if Power8 is not available.
+  # Drop to Power4 if Power8 not available
   ifeq ($(POWER8_FLAG),)
-    ifneq ($(POWER7_FLAG),)
-      GCM_FLAG = $(POWER7_FLAG)
-    endif
-  endif
-
-  # Drop to Power4 if Power7 not available
-  ifeq ($(POWER7_FLAG),)
     ifneq ($(ALTIVEC_FLAG),)
       BLAKE2S_FLAG = $(ALTIVEC_FLAG)
       CHACHA_FLAG = $(ALTIVEC_FLAG)
+      GCM_FLAG = $(ALTIVEC_FLAG)
       SIMON64_FLAG = $(ALTIVEC_FLAG)
       SPECK64_FLAG = $(ALTIVEC_FLAG)
     endif
@@ -1349,7 +1338,7 @@ libcryptopp.pc:
 	@echo '' >> libcryptopp.pc
 	@echo 'Name: Crypto++' >> libcryptopp.pc
 	@echo 'Description: Crypto++ cryptographic library' >> libcryptopp.pc
-	@echo 'Version: 8.1' >> libcryptopp.pc
+	@echo 'Version: 8.2' >> libcryptopp.pc
 	@echo 'URL: https://cryptopp.com/' >> libcryptopp.pc
 	@echo '' >> libcryptopp.pc
 	@echo 'Cflags: -I$${includedir}' >> libcryptopp.pc
@@ -1430,7 +1419,7 @@ endif # Dependencies
 
 # Cryptogams ARM asm implementation.
 aes_armv4.o : aes_armv4.S
-	$(CC) $(strip $(CXXFLAGS) $(CRYPTOGAMS_AES_FLAG) -mfloat-abi=$(FP_ABI) -c) $<
+	$(CC) $(strip $(CXXFLAGS) $(CRYPTOGAMS_AES_FLAG) -c) $<
 
 # SSSE3 or NEON available
 aria_simd.o : aria_simd.cpp

vendor/cryptopp/vendor_cryptopp/GNUmakefile-cross

@@ -384,10 +384,10 @@ ifeq ($(IS_ARM32),1)
     SM4_FLAG = $(NEON_FLAG)
   else
     NEON_FLAG =
-    CXXFLAGS += -DCRYPTOPP_DISABLE_NEON
+    CXXFLAGS += -DCRYPTOPP_DISABLE_ASM
   endif
 
-# IS_NEON
+# IS_ARM32
 endif
 
 ifeq ($(IS_ARMV8),1)
@@ -417,7 +417,7 @@ ifeq ($(IS_ARMV8),1)
 
   TPROG = TestPrograms/test_arm_asimd.cxx
   TOPT = $(ASIMD_FLAG)
-  HAVE_OPT = $(shell $(CXX) $(CXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
+  HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
   ifeq ($(strip $(HAVE_OPT)),0)
     ARIA_FLAG = $(ASIMD_FLAG)
     BLAKE2B_FLAG = $(ASIMD_FLAG)
@@ -439,7 +439,7 @@ ifeq ($(IS_ARMV8),1)
 
     TPROG = TestPrograms/test_arm_crc.cxx
     TOPT = $(CRC_FLAG)
-    HAVE_OPT = $(shell $(CXX) $(CXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
+    HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
     ifneq ($(strip $(HAVE_OPT)),0)
       CRC_FLAG =
       CXXFLAGS += -DCRYPTOPP_ARM_CRC32_AVAILABLE=0
@@ -447,7 +447,7 @@ ifeq ($(IS_ARMV8),1)
 
     TPROG = TestPrograms/test_arm_aes.cxx
     TOPT = $(AES_FLAG)
-    HAVE_OPT = $(shell $(CXX) $(CXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
+    HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
     ifneq ($(strip $(HAVE_OPT)),0)
       AES_FLAG =
       CXXFLAGS += -DCRYPTOPP_ARM_AES_AVAILABLE=0
@@ -455,7 +455,7 @@ ifeq ($(IS_ARMV8),1)
 
     TPROG = TestPrograms/test_arm_pmull.cxx
     TOPT = $(PMULL_FLAG)
-    HAVE_OPT = $(shell $(CXX) $(CXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
+    HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
     ifneq ($(strip $(HAVE_OPT)),0)
       PMULL_FLAG =
       CXXFLAGS += -DCRYPTOPP_ARM_PMULL_AVAILABLE=0
@@ -463,7 +463,7 @@ ifeq ($(IS_ARMV8),1)
 
     TPROG = TestPrograms/test_arm_sha.cxx
     TOPT = $(SHA_FLAG)
-    HAVE_OPT = $(shell $(CXX) $(CXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
+    HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
     ifneq ($(strip $(HAVE_OPT)),0)
       SHA_FLAG =
       CXXFLAGS += -DCRYPTOPP_ARM_SHA_AVAILABLE=0
@@ -471,7 +471,7 @@ ifeq ($(IS_ARMV8),1)
 
     TPROG = TestPrograms/test_arm_sm3.cxx
     TOPT = -march=armv8.4-a+crypto
-    HAVE_OPT = $(shell $(CXX) $(CXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
+    HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
     ifeq ($(strip $(HAVE_OPT)),0)
       SM3_FLAG = -march=armv8.4-a+crypto
       SM4_FLAG = -march=armv8.4-a+crypto
@@ -479,7 +479,7 @@ ifeq ($(IS_ARMV8),1)
 
     TPROG = TestPrograms/test_arm_sha3.cxx
     TOPT = -march=armv8.4-a+crypto
-    HAVE_OPT = $(shell $(CXX) $(CXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
+    HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
     ifeq ($(strip $(HAVE_OPT)),0)
       SHA3_FLAG = -march=armv8.4-a+crypto
       SHA512_FLAG = -march=armv8.4-a+crypto

vendor/cryptopp/vendor_cryptopp/History.txt

@@ -455,10 +455,10 @@ last several releases.
 8.1.0 - February 22, 2019
       - minor release, no recompile of programs required
       - expanded community input and support
-        56 unique contributors as of this release
+        * 56 unique contributors as of this release
       - fix OS X PowerPC builds with Clang
       - add Microsoft ARM64 support
-      - fix iPhone Simulator build due to missign symbols
+      - fix iPhone Simulator build due to missing symbols
       - add CRYPTOPP_BUGGY_SIMD_LOAD_AND_STORE
       - add carryless multiplies for NIST b233 and k233 curves
       - fix OpenMP build due to use of OpenMP 4 with down-level compilers
@@ -467,3 +467,16 @@ last several releases.
       - add SHAKE-128 and SHAKE-256
       - fix AVX2 build due to _mm256_broadcastsi128_si256
       - add IETF ChaCha, XChaCha, ChaChaPoly1305 and XChaChaPoly1305
+
+8.2.0 - April 28, 2019
+      - minor release, no recompile of programs required
+      - expanded community input and support
+        * 56 unique contributors as of this release
+      - use PowerPC unaligned loads and stores with Power8
+      - add SKIPJACK test vectors
+      - fix SHAKE-128 and SHAKE-256 compile
+      - removed IS_NEON from Makefile
+      - fix Aarch64 build on Fedora 29
+      - fix missing GF2NT_233_Multiply_Reduce_CLMUL in FIPS DLL
+      - add missing BLAKE2 constructors
+      - fix missing BlockSize() in BLAKE2 classes

vendor/cryptopp/vendor_cryptopp/Readme.txt

@@ -1,5 +1,5 @@
 Crypto++: free C++ Class Library of Cryptographic Schemes
-Version 8.0 - DEC/28/2018
+Version 8.2 - APR/28/2019
 
 Crypto++ Library is a free C++ class library of cryptographic schemes.
 Currently the library contains the following algorithms:
@@ -290,8 +290,36 @@ documentation is one of the highest returns on investment.
 The items in this section comprise the most recent history. Please see History.txt
 for the record back to Crypto++ 1.0.
 
-8.0.0 - December 28, 2018
+8.2.0 - April 28, 2019
+      - minor release, no recompile of programs required
+      - expanded community input and support
+        * 56 unique contributors as of this release
+      - use PowerPC unaligned loads and stores with Power8
+      - add SKIPJACK test vectors
+      - fix SHAKE-128 and SHAKE-256 compile
+      - removed IS_NEON from Makefile
+      - fix Aarch64 build on Fedora 29
+      - fix missing GF2NT_233_Multiply_Reduce_CLMUL in FIPS DLL
+      - add missing BLAKE2 constructors
+      - fix missing BlockSize() in BLAKE2 classes
 
+8.1.0 - February 22, 2019
+      - minor release, no recompile of programs required
+      - expanded community input and support
+        * 56 unique contributors as of this release
+      - fix OS X PowerPC builds with Clang
+      - add Microsoft ARM64 support
+      - fix iPhone Simulator build due to missing symbols
+      - add CRYPTOPP_BUGGY_SIMD_LOAD_AND_STORE
+      - add carryless multiplies for NIST b233 and k233 curves
+      - fix OpenMP build due to use of OpenMP 4 with down-level compilers
+      - add SignStream and VerifyStream for ed25519 and large files
+      - fix missing AlgorithmProvider in PanamaHash
+      - add SHAKE-128 and SHAKE-256
+      - fix AVX2 build due to _mm256_broadcastsi128_si256
+      - add IETF ChaCha, XChaCha, ChaChaPoly1305 and XChaChaPoly1305
+
+8.0.0 - December 28, 2018
       - major release, recompile of programs required
       - expanded community input and support
          * 54 unique contributors as of this release

vendor/cryptopp/vendor_cryptopp/TestScripts/change-version.sh

@@ -4,11 +4,14 @@
 # building the docs. Before running the script, copy it to the root
 # directory. After running this script, you can 'make docs'
 
-sed 's|Library 8.1 API|Library 8.0 API|g' cryptlib.h > cryptlib.h.new
+sed 's|Library 8.2 API|Library 8.1 API|g' cryptlib.h > cryptlib.h.new
 mv cryptlib.h.new cryptlib.h
 
-sed 's|= 8.1|= 8.0|g' Doxyfile > Doxyfile.new
+sed 's|= 8.2|= 8.1|g' Doxyfile > Doxyfile.new
 mv Doxyfile.new Doxyfile
 
-sed 's|CRYPTOPP_VERSION 810|CRYPTOPP_VERSION 800|g' config.h > config.h.new
+sed 's|CRYPTOPP_MINOR 2|CRYPTOPP_MINOR 1|g' config.h > config.h.new
+mv config.h.new config.h
+
+sed 's|CRYPTOPP_VERSION 820|CRYPTOPP_VERSION 810|g' config.h > config.h.new
 mv config.h.new config.h

vendor/cryptopp/vendor_cryptopp/TestScripts/cryptest-symbols.sh

@@ -26,7 +26,7 @@ trap cleanup EXIT
 ############################################
 # Tags to test
 
-OLD_VERSION_TAG=CRYPTOPP_8_0_0
+OLD_VERSION_TAG=CRYPTOPP_8_1_0
 NEW_VERSION_TAG=master
 
 ############################################

vendor/cryptopp/vendor_cryptopp/TestVectors/all.txt

@@ -49,6 +49,7 @@ Test: TestVectors/sha.txt
 Test: TestVectors/simeck.txt
 Test: TestVectors/simon.txt
 Test: TestVectors/siphash.txt
+Test: TestVectors/skipjack.txt
 Test: TestVectors/sm3.txt
 Test: TestVectors/sm4.txt
 Test: TestVectors/sosemanuk.txt

vendor/cryptopp/vendor_cryptopp/blake2.cpp

@@ -38,8 +38,8 @@
 // https://github.com/weidai11/cryptopp/issues/743
 #if defined(__xlC__) && (__xlC__ < 0x0d01)
 # define CRYPTOPP_DISABLE_ALTIVEC 1
-# define CRYPTOPP_POWER7_ALTIVEC 1
 # undef CRYPTOPP_POWER7_AVAILABLE
+# undef CRYPTOPP_POWER8_AVAILABLE
 # undef CRYPTOPP_ALTIVEC_AVAILABLE
 #endif
 
@@ -171,8 +171,8 @@ extern void BLAKE2_Compress32_NEON(const byte* input, BLAKE2s_State& state);
 extern void BLAKE2_Compress64_NEON(const byte* input, BLAKE2b_State& state);
 #endif
 
-#if CRYPTOPP_POWER7_AVAILABLE
+#if CRYPTOPP_POWER8_AVAILABLE
-extern void BLAKE2_Compress32_POWER7(const byte* input, BLAKE2s_State& state);
+extern void BLAKE2_Compress32_POWER8(const byte* input, BLAKE2s_State& state);
 #elif CRYPTOPP_ALTIVEC_AVAILABLE
 extern void BLAKE2_Compress32_ALTIVEC(const byte* input, BLAKE2s_State& state);
 #endif
@@ -233,8 +233,8 @@ unsigned int BLAKE2s::OptimalDataAlignment() const
         return 4;
     else
 #endif
-#if (CRYPTOPP_POWER7_AVAILABLE)
+#if (CRYPTOPP_POWER8_AVAILABLE)
-    if (HasPower7())
+    if (HasPower8())
         return 16;
     else
 #elif (CRYPTOPP_ALTIVEC_AVAILABLE)
@@ -257,9 +257,9 @@ std::string BLAKE2s::AlgorithmProvider() const
         return "NEON";
     else
 #endif
-#if (CRYPTOPP_POWER7_AVAILABLE)
+#if (CRYPTOPP_POWER8_AVAILABLE)
-    if (HasPower7())
+    if (HasPower8())
-        return "Power7";
+        return "Power8";
     else
 #elif (CRYPTOPP_ALTIVEC_AVAILABLE)
     if (HasAltivec())
@@ -343,6 +343,26 @@ BLAKE2b::BLAKE2b(bool treeMode, unsigned int digestSize)
         (Name::TreeMode(), treeMode));
 }
 
+BLAKE2s::BLAKE2s(unsigned int digestSize)
+    : m_digestSize(digestSize), m_keyLength(0), m_treeMode(false)
+{
+    CRYPTOPP_ASSERT(digestSize <= DIGESTSIZE);
+
+    UncheckedSetKey(NULLPTR, 0, MakeParameters
+        (Name::DigestSize(), (int)digestSize)
+        (Name::TreeMode(), false));
+}
+
+BLAKE2b::BLAKE2b(unsigned int digestSize)
+    : m_digestSize(digestSize), m_keyLength(0), m_treeMode(false)
+{
+    CRYPTOPP_ASSERT(digestSize <= DIGESTSIZE);
+
+    UncheckedSetKey(NULLPTR, 0, MakeParameters
+        (Name::DigestSize(), (int)digestSize)
+        (Name::TreeMode(), false));
+}
+
 BLAKE2s::BLAKE2s(const byte *key, size_t keyLength, const byte* salt, size_t saltLength,
     const byte* personalization, size_t personalizationLength, bool treeMode, unsigned int digestSize)
     : m_digestSize(digestSize), m_keyLength(static_cast<unsigned int>(keyLength)), m_treeMode(treeMode)
@@ -670,10 +690,10 @@ void BLAKE2s::Compress(const byte *input)
         return BLAKE2_Compress32_NEON(input, m_state);
     }
 #endif
-#if CRYPTOPP_POWER7_AVAILABLE
+#if CRYPTOPP_POWER8_AVAILABLE
-    if(HasPower7())
+    if(HasPower8())
     {
-        return BLAKE2_Compress32_POWER7(input, m_state);
+        return BLAKE2_Compress32_POWER8(input, m_state);
     }
 #elif CRYPTOPP_ALTIVEC_AVAILABLE
     if(HasAltivec())

vendor/cryptopp/vendor_cryptopp/blake2.h

@@ -256,17 +256,25 @@ public:
     /// \brief Construct a BLAKE2s hash
     /// \param digestSize the digest size, in bytes
     /// \param treeMode flag indicating tree mode
+    /// \since Crypto++ 5.6.4
     BLAKE2s(bool treeMode=false, unsigned int digestSize = DIGESTSIZE);
 
+    /// \brief Construct a BLAKE2s hash
+    /// \param digestSize the digest size, in bytes
+    /// \details treeMode flag is set to false
+    /// \since Crypto++ 8.2
+    BLAKE2s(unsigned int digestSize);
+
     /// \brief Construct a BLAKE2s hash
     /// \param key a byte array used to key the cipher
     /// \param keyLength the size of the byte array
     /// \param salt a byte array used as salt
     /// \param saltLength the size of the byte array
-    /// \param personalization a byte array used as prsonalization string
+    /// \param personalization a byte array used as personalization string
     /// \param personalizationLength the size of the byte array
     /// \param treeMode flag indicating tree mode
     /// \param digestSize the digest size, in bytes
+    /// \since Crypto++ 5.6.4
     BLAKE2s(const byte *key, size_t keyLength, const byte* salt = NULLPTR, size_t saltLength = 0,
         const byte* personalization = NULLPTR, size_t personalizationLength = 0,
         bool treeMode=false, unsigned int digestSize = DIGESTSIZE);
@@ -278,6 +286,7 @@ public:
     /// Message Authentication Code (MAC)</A>. For example, "BLAKE2b-512" and "BLAKE2s-256".
     std::string AlgorithmName() const {return std::string(BLAKE2s_Info::StaticAlgorithmName()) + "-" + IntToString(DigestSize()*8);}
 
+    unsigned int BlockSize() const {return BLOCKSIZE;}
     unsigned int DigestSize() const {return m_digestSize;}
     unsigned int OptimalDataAlignment() const;
 
@@ -354,17 +363,25 @@ public:
     /// \brief Construct a BLAKE2b hash
     /// \param digestSize the digest size, in bytes
     /// \param treeMode flag indicating tree mode
+    /// \since Crypto++ 5.6.4
     BLAKE2b(bool treeMode=false, unsigned int digestSize = DIGESTSIZE);
 
+    /// \brief Construct a BLAKE2s hash
+    /// \param digestSize the digest size, in bytes
+    /// \details treeMode flag is set to false
+    /// \since Crypto++ 8.2
+    BLAKE2b(unsigned int digestSize);
+
     /// \brief Construct a BLAKE2b hash
     /// \param key a byte array used to key the cipher
     /// \param keyLength the size of the byte array
     /// \param salt a byte array used as salt
     /// \param saltLength the size of the byte array
-    /// \param personalization a byte array used as prsonalization string
+    /// \param personalization a byte array used as personalization string
     /// \param personalizationLength the size of the byte array
     /// \param treeMode flag indicating tree mode
     /// \param digestSize the digest size, in bytes
+    /// \since Crypto++ 5.6.4
     BLAKE2b(const byte *key, size_t keyLength, const byte* salt = NULLPTR, size_t saltLength = 0,
         const byte* personalization = NULLPTR, size_t personalizationLength = 0,
         bool treeMode=false, unsigned int digestSize = DIGESTSIZE);
@@ -376,6 +393,7 @@ public:
     /// Message Authentication Code (MAC)</A>. For example, "BLAKE2b-512" and "BLAKE2s-256".
     std::string AlgorithmName() const {return std::string(BLAKE2b_Info::StaticAlgorithmName()) + "-" + IntToString(DigestSize()*8);}
 
+    unsigned int BlockSize() const {return BLOCKSIZE;}
     unsigned int DigestSize() const {return m_digestSize;}
     unsigned int OptimalDataAlignment() const;
 

vendor/cryptopp/vendor_cryptopp/blake2b_simd.cpp

@@ -29,6 +29,7 @@
 #if defined(__xlC__) && (__xlC__ < 0x0d01)
 # define CRYPTOPP_DISABLE_ALTIVEC 1
 # undef CRYPTOPP_POWER7_AVAILABLE
+# undef CRYPTOPP_POWER8_AVAILABLE
 # undef CRYPTOPP_ALTIVEC_AVAILABLE
 #endif
 

vendor/cryptopp/vendor_cryptopp/blake2s_simd.cpp

@@ -38,8 +38,8 @@
 // https://github.com/weidai11/cryptopp/issues/743
 #if defined(__xlC__) && (__xlC__ < 0x0d01)
 # define CRYPTOPP_DISABLE_ALTIVEC 1
-# define CRYPTOPP_POWER7_ALTIVEC 1
 # undef CRYPTOPP_POWER7_AVAILABLE
+# undef CRYPTOPP_POWER8_AVAILABLE
 # undef CRYPTOPP_ALTIVEC_AVAILABLE
 #endif
 
@@ -692,7 +692,7 @@ void BLAKE2_Compress32_NEON(const byte* input, BLAKE2s_State& state)
 }
 #endif  // CRYPTOPP_ARM_NEON_AVAILABLE
 
-#if (CRYPTOPP_POWER7_AVAILABLE || CRYPTOPP_ALTIVEC_AVAILABLE)
+#if (CRYPTOPP_POWER8_AVAILABLE || CRYPTOPP_ALTIVEC_AVAILABLE)
 
 inline uint32x4_p VecLoad32(const void* p)
 {
@@ -838,7 +838,7 @@ inline uint32x4_p VectorSet32(const uint32x4_p a, const uint32x4_p b,
     const uint32x4_p t0 = VectorSet32<W,X>(a, b);
     const uint32x4_p t1 = VectorSet32<Y,Z>(c, d);
 
-    // Power7 follows SSE2's implementation, and this is _mm_set_epi32.
+    // PowerPC follows SSE2's implementation, and this is _mm_set_epi32.
     const uint8x16_p mask = {20,21,22,23, 16,17,18,19, 4,5,6,7, 0,1,2,3};
     return VecPermute(t0, t1, mask);
 }
@@ -1015,11 +1015,11 @@ void BLAKE2_Compress32_CORE(const byte* input, BLAKE2s_State& state)
     VecStore32LE(state.h()+0, VecXor(ff0, VecXor(row1, row3)));
     VecStore32LE(state.h()+4, VecXor(ff1, VecXor(row2, row4)));
 }
-#endif  // CRYPTOPP_POWER7_AVAILABLE || CRYPTOPP_ALTIVEC_AVAILABLE
+#endif  // CRYPTOPP_POWER8_AVAILABLE || CRYPTOPP_ALTIVEC_AVAILABLE
 
-#if (CRYPTOPP_POWER7_AVAILABLE)
+#if (CRYPTOPP_POWER8_AVAILABLE)
 
-void BLAKE2_Compress32_POWER7(const byte* input, BLAKE2s_State& state)
+void BLAKE2_Compress32_POWER8(const byte* input, BLAKE2s_State& state)
 {
     BLAKE2_Compress32_CORE(input, state);
 }

vendor/cryptopp/vendor_cryptopp/chacha.cpp

@@ -28,8 +28,8 @@ extern void ChaCha_OperateKeystream_AVX2(const word32 *state, const byte* input,
 extern void ChaCha_OperateKeystream_SSE2(const word32 *state, const byte* input, byte *output, unsigned int rounds);
 #endif
 
-#if (CRYPTOPP_POWER7_AVAILABLE)
+#if (CRYPTOPP_POWER8_AVAILABLE)
-extern void ChaCha_OperateKeystream_POWER7(const word32 *state, const byte* input, byte *output, unsigned int rounds);
+extern void ChaCha_OperateKeystream_POWER8(const word32 *state, const byte* input, byte *output, unsigned int rounds);
 #elif (CRYPTOPP_ALTIVEC_AVAILABLE)
 extern void ChaCha_OperateKeystream_ALTIVEC(const word32 *state, const byte* input, byte *output, unsigned int rounds);
 #endif
@@ -153,13 +153,13 @@ void ChaCha_OperateKeystream(KeystreamOperation operation,
         }
 #endif
 
-#if (CRYPTOPP_POWER7_AVAILABLE)
+#if (CRYPTOPP_POWER8_AVAILABLE)
-        if (HasPower7())
+        if (HasPower8())
         {
             while (iterationCount >= 4 && MultiBlockSafe(state[12], 4))
             {
                 const bool xorInput = (operation & INPUT_NULL) != INPUT_NULL;
-                ChaCha_OperateKeystream_POWER7(state, xorInput ? input : NULLPTR, output, rounds);
+                ChaCha_OperateKeystream_POWER8(state, xorInput ? input : NULLPTR, output, rounds);
 
                 // MultiBlockSafe avoids overflow on the counter words
                 state[12] += 4;
@@ -267,9 +267,9 @@ std::string ChaCha_AlgorithmProvider()
         return "NEON";
     else
 #endif
-#if (CRYPTOPP_POWER7_AVAILABLE)
+#if (CRYPTOPP_POWER8_AVAILABLE)
-    if (HasPower7())
+    if (HasPower8())
-        return "Power7";
+        return "Power8";
     else
 #elif (CRYPTOPP_ALTIVEC_AVAILABLE)
     if (HasAltivec())

vendor/cryptopp/vendor_cryptopp/chacha_simd.cpp

@@ -209,7 +209,7 @@ inline __m128i RotateLeft<16>(const __m128i val)
 
 #if (CRYPTOPP_ALTIVEC_AVAILABLE)
 
-// ChaCha_OperateKeystream_POWER7 is optimized for POWER7. However, Altivec
+// ChaCha_OperateKeystream_POWER8 is optimized for POWER7. However, Altivec
 // is supported by using vec_ld and vec_st, and using a composite VecAdd
 // that supports 64-bit element adds. vec_ld and vec_st add significant
 // overhead when memory is not aligned. Despite the drawbacks Altivec
@@ -827,7 +827,7 @@ void ChaCha_OperateKeystream_SSE2(const word32 *state, const byte* input, byte *
 
 #endif  // CRYPTOPP_SSE2_INTRIN_AVAILABLE
 
-#if (CRYPTOPP_POWER7_AVAILABLE || CRYPTOPP_ALTIVEC_AVAILABLE)
+#if (CRYPTOPP_POWER8_AVAILABLE || CRYPTOPP_ALTIVEC_AVAILABLE)
 
 // ChaCha_OperateKeystream_CORE will use either POWER7 or ALTIVEC,
 // depending on the flags used to compile this source file. The
@@ -1096,11 +1096,11 @@ inline void ChaCha_OperateKeystream_CORE(const word32 *state, const byte* input,
     VecStore32LE(output + 15*16, r3_3);
 }
 
-#endif  // CRYPTOPP_POWER7_AVAILABLE || CRYPTOPP_ALTIVEC_AVAILABLE
+#endif  // CRYPTOPP_POWER8_AVAILABLE || CRYPTOPP_ALTIVEC_AVAILABLE
 
-#if (CRYPTOPP_POWER7_AVAILABLE)
+#if (CRYPTOPP_POWER8_AVAILABLE)
 
-void ChaCha_OperateKeystream_POWER7(const word32 *state, const byte* input, byte *output, unsigned int rounds)
+void ChaCha_OperateKeystream_POWER8(const word32 *state, const byte* input, byte *output, unsigned int rounds)
 {
     ChaCha_OperateKeystream_CORE(state, input, output, rounds);
 }

vendor/cryptopp/vendor_cryptopp/config.h

@@ -74,24 +74,6 @@
 // Also see https://bugs.llvm.org/show_bug.cgi?id=39895 .
 // #define CRYPTOPP_DISABLE_MIXED_ASM 1
 
-// Several compilers discard SIMD code that loads unaligned data. The symptom
-// is often self test failures and UBsan findings for unaligned loads. For
-// example, Power7 can load unaligned data using vec_vsx_ld but some versions
-// of GCC and Clang require 16-byte aligned data when using the builtin.
-// It is not limited to SSE and PowerPC code. Define this to disable
-// Crypto++ code that uses potentially problematic builtins or intrinsics.
-// Also see https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88234 and
-// https://bugs.llvm.org/show_bug.cgi?id=39704
-// #define CRYPTOPP_BUGGY_SIMD_LOAD_AND_STORE 1
-
-// This list will probably grow over time as more compilers are identified.
-#if defined(CRYPTOPP_BUGGY_SIMD_LOAD_AND_STORE)
-# define CRYPTOPP_DISABLE_LEA_SIMD 1
-# define CRYPTOPP_DISABLE_SIMON_SIMD 1
-# define CRYPTOPP_DISABLE_SPECK_SIMD 1
-# define CRYPTOPP_DISABLE_SM4_SIMD 1
-#endif
-
 // Define CRYPTOPP_NO_CXX11 to avoid C++11 related features shown at the
 // end of this file. Some compilers and standard C++ headers advertise C++11
 // but they are really just C++03 with some additional C++11 headers and
@@ -116,7 +98,10 @@
 //   the version of the library the headers came from. It is not
 //   necessarily the version of the library built as a shared object if
 //   versions are inadvertently mixed and matched.
-#define CRYPTOPP_VERSION 810
+#define CRYPTOPP_MAJOR 8
+#define CRYPTOPP_MINOR 2
+#define CRYPTOPP_REVISION 0
+#define CRYPTOPP_VERSION 820
 
 // Define this if you want to set a prefix for TestData/ and TestVectors/
 //   Be sure to add the trailing slash since its simple concatenation.

vendor/cryptopp/vendor_cryptopp/cpu.cpp

@@ -341,8 +341,8 @@ void DetectX86Features()
 		word64 xcr0 = a | static_cast<word64>(d) << 32;
 		g_hasAVX = (xcr0 & YMM_FLAG) == YMM_FLAG;
 
-// Visual Studio 2008 and below lack xgetbv
+// Visual Studio 2010 and below lack xgetbv
-#elif defined(_MSC_VER) && _MSC_VER <= 1500 && defined(_M_IX86)
+#elif defined(_MSC_VER) && _MSC_VER <= 1600 && defined(_M_IX86)
 		word32 a=0, d=0;
 		__asm {
 			push eax

vendor/cryptopp/vendor_cryptopp/cryptdll.vcxproj

@@ -212,6 +212,7 @@
     <ClCompile Include="gcm.cpp" />
     <ClCompile Include="gcm_simd.cpp" />
     <ClCompile Include="gf2n.cpp" />
+    <ClCompile Include="gf2n_simd.cpp" />
     <ClCompile Include="gfpcrypt.cpp" />
     <ClCompile Include="hex.cpp" />
     <ClCompile Include="hmac.cpp" />

vendor/cryptopp/vendor_cryptopp/cryptdll.vcxproj.filters

@@ -98,6 +98,9 @@
     <ClCompile Include="gf2n.cpp">
       <Filter>Source Files</Filter>
     </ClCompile>
+    <ClCompile Include="gf2n_simd.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
     <ClCompile Include="gfpcrypt.cpp">
       <Filter>Source Files</Filter>
     </ClCompile>

vendor/cryptopp/vendor_cryptopp/cryptest.nmake

@@ -69,21 +69,22 @@ LIB_SRCS = \
     gcm_simd.cpp gf256.cpp gf2_32.cpp gf2n.cpp gf2n_simd.cpp gfpcrypt.cpp \
     gost.cpp gzip.cpp hc128.cpp hc256.cpp hex.cpp hight.cpp hmac.cpp \
     hrtimer.cpp ida.cpp idea.cpp iterhash.cpp kalyna.cpp kalynatab.cpp \
-    keccak.cpp keccakc.cpp lea.cpp lea_simd.cpp luc.cpp mars.cpp marss.cpp \
+    keccak.cpp keccak_core.cpp keccak_simd.cpp lea.cpp lea_simd.cpp luc.cpp \
-    md2.cpp md4.cpp md5.cpp misc.cpp modes.cpp mqueue.cpp mqv.cpp \
+    mars.cpp marss.cpp md2.cpp md4.cpp md5.cpp misc.cpp modes.cpp mqueue.cpp \
-    nbtheory.cpp neon_simd.cpp oaep.cpp osrng.cpp padlkrng.cpp panama.cpp \
+    mqv.cpp nbtheory.cpp neon_simd.cpp oaep.cpp osrng.cpp padlkrng.cpp \
-    pkcspad.cpp poly1305.cpp polynomi.cpp ppc_power7.cpp ppc_power8.cpp \
+    panama.cpp pkcspad.cpp poly1305.cpp polynomi.cpp ppc_power7.cpp \
-    ppc_power9.cpp ppc_simd.cpp pssr.cpp pubkey.cpp queue.cpp rabbit.cpp \
+    ppc_power8.cpp ppc_power9.cpp ppc_simd.cpp pssr.cpp pubkey.cpp queue.cpp \
-    rabin.cpp randpool.cpp rc2.cpp rc5.cpp rc6.cpp rdrand.cpp rdtables.cpp \
+    rabbit.cpp rabin.cpp randpool.cpp rc2.cpp rc5.cpp rc6.cpp rdrand.cpp \
-    rijndael.cpp rijndael_simd.cpp ripemd.cpp rng.cpp rsa.cpp rw.cpp \
+    rdtables.cpp rijndael.cpp rijndael_simd.cpp ripemd.cpp rng.cpp rsa.cpp \
-    safer.cpp salsa.cpp scrypt.cpp seal.cpp seed.cpp serpent.cpp sha.cpp \
+    rw.cpp safer.cpp salsa.cpp scrypt.cpp seal.cpp seed.cpp serpent.cpp \
-    sha3.cpp sha_simd.cpp shacal2.cpp shacal2_simd.cpp shark.cpp sharkbox.cpp \
+    sha.cpp sha3.cpp sha_simd.cpp shacal2.cpp shacal2_simd.cpp shake.cpp \
-    simeck.cpp simeck_simd.cpp simon.cpp simon128_simd.cpp simon64_simd.cpp \
+    shark.cpp sharkbox.cpp simeck.cpp simeck_simd.cpp simon.cpp \
-    skipjack.cpp sm3.cpp sm4.cpp sm4_simd.cpp sosemanuk.cpp speck.cpp \
+    simon128_simd.cpp simon64_simd.cpp skipjack.cpp sm3.cpp sm4.cpp \
-    speck128_simd.cpp speck64_simd.cpp square.cpp squaretb.cpp sse_simd.cpp \
+    sm4_simd.cpp sosemanuk.cpp speck.cpp speck128_simd.cpp speck64_simd.cpp \
-    strciphr.cpp tea.cpp tftables.cpp threefish.cpp tiger.cpp tigertab.cpp \
+    square.cpp squaretb.cpp sse_simd.cpp strciphr.cpp tea.cpp tftables.cpp \
-    ttmac.cpp tweetnacl.cpp twofish.cpp vmac.cpp wake.cpp whrlpool.cpp \
+    threefish.cpp tiger.cpp tigertab.cpp ttmac.cpp tweetnacl.cpp twofish.cpp \
-    xed25519.cpp xtr.cpp xtrcrypt.cpp zdeflate.cpp zinflate.cpp zlib.cpp
+    vmac.cpp wake.cpp whrlpool.cpp xed25519.cpp xtr.cpp xtrcrypt.cpp \
+    zdeflate.cpp zinflate.cpp zlib.cpp
 
 LIB_OBJS = \
     cryptlib.obj cpu.obj integer.obj 3way.obj adler32.obj algebra.obj \
@@ -99,21 +100,22 @@ LIB_OBJS = \
     gcm_simd.obj gf256.obj gf2_32.obj gf2n.obj gf2n_simd.obj gfpcrypt.obj \
     gost.obj gzip.obj hc128.obj hc256.obj hex.obj hight.obj hmac.obj \
     hrtimer.obj ida.obj idea.obj iterhash.obj kalyna.obj kalynatab.obj \
-    keccak.obj keccakc.obj lea.obj lea_simd.obj luc.obj mars.obj marss.obj \
+    keccak.obj keccak_core.obj keccak_simd.obj lea.obj lea_simd.obj luc.obj \
-    md2.obj md4.obj md5.obj misc.obj modes.obj mqueue.obj mqv.obj \
+    mars.obj marss.obj md2.obj md4.obj md5.obj misc.obj modes.obj mqueue.obj \
-    nbtheory.obj neon_simd.obj oaep.obj osrng.obj padlkrng.obj panama.obj \
+    mqv.obj nbtheory.obj neon_simd.obj oaep.obj osrng.obj padlkrng.obj \
-    pkcspad.obj poly1305.obj polynomi.obj ppc_power7.obj ppc_power8.obj \
+    panama.obj pkcspad.obj poly1305.obj polynomi.obj ppc_power7.obj \
-    ppc_power9.obj ppc_simd.obj pssr.obj pubkey.obj queue.obj rabbit.obj \
+    ppc_power8.obj ppc_power9.obj ppc_simd.obj pssr.obj pubkey.obj queue.obj \
-    rabin.obj randpool.obj rc2.obj rc5.obj rc6.obj rdrand.obj rdtables.obj \
+    rabbit.obj rabin.obj randpool.obj rc2.obj rc5.obj rc6.obj rdrand.obj \
-    rijndael.obj rijndael_simd.obj ripemd.obj rng.obj rsa.obj rw.obj \
+    rdtables.obj rijndael.obj rijndael_simd.obj ripemd.obj rng.obj rsa.obj \
-    safer.obj salsa.obj scrypt.obj seal.obj seed.obj serpent.obj sha.obj \
+    rw.obj safer.obj salsa.obj scrypt.obj seal.obj seed.obj serpent.obj \
-    sha3.obj sha_simd.obj shacal2.obj shacal2_simd.obj shark.obj sharkbox.obj \
+    sha.obj sha3.obj sha_simd.obj shacal2.obj shacal2_simd.obj shake.obj \
-    simeck.obj simeck_simd.obj simon.obj simon128_simd.obj simon64_simd.obj \
+    shark.obj sharkbox.obj simeck.obj simeck_simd.obj simon.obj \
-    skipjack.obj sm3.obj sm4.obj sm4_simd.obj sosemanuk.obj speck.obj \
+    simon128_simd.obj simon64_simd.obj skipjack.obj sm3.obj sm4.obj \
-    speck128_simd.obj speck64_simd.obj square.obj squaretb.obj sse_simd.obj \
+    sm4_simd.obj sosemanuk.obj speck.obj speck128_simd.obj speck64_simd.obj \
-    strciphr.obj tea.obj tftables.obj threefish.obj tiger.obj tigertab.obj \
+    square.obj squaretb.obj sse_simd.obj strciphr.obj tea.obj tftables.obj \
-    ttmac.obj tweetnacl.obj twofish.obj vmac.obj wake.obj whrlpool.obj \
+    threefish.obj tiger.obj tigertab.obj ttmac.obj tweetnacl.obj twofish.obj \
-    xed25519.obj xtr.obj xtrcrypt.obj zdeflate.obj zinflate.obj zlib.obj
+    vmac.obj wake.obj whrlpool.obj xed25519.obj xtr.obj xtrcrypt.obj \
+    zdeflate.obj zinflate.obj zlib.obj
 
 ASM_OBJS = \
     rdrand-x86.obj rdrand-x64.obj x64masm.obj x64dll.obj

vendor/cryptopp/vendor_cryptopp/cryptlib.h

@@ -3,7 +3,7 @@
 /// \file cryptlib.h
 /// \brief Abstract base classes that provide a uniform interface to this library.
 
-/*!	\mainpage Crypto++ Library 8.1 API Reference
+/*!	\mainpage Crypto++ Library 8.2 API Reference
 <dl>
 <dt>Abstract Base Classes<dd>
 	cryptlib.h

vendor/cryptopp/vendor_cryptopp/cryptopp-config.cmake

@@ -1 +1 @@
-include("${CMAKE_CURRENT_LIST_DIR}/cryptopp-targets.cmake")
+include("${CMAKE_CURRENT_LIST_DIR}/cryptopp-targets.cmake")

vendor/cryptopp/vendor_cryptopp/cryptopp.rc

@@ -27,8 +27,8 @@ LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
 //
 
 VS_VERSION_INFO VERSIONINFO
- FILEVERSION 8,1,0,0
+ FILEVERSION 8,2,0,0
- PRODUCTVERSION 8,1,0,0
+ PRODUCTVERSION 8,2,0,0
  FILEFLAGSMASK 0x3fL
 #ifdef _DEBUG
  FILEFLAGS 0x1L
@@ -46,13 +46,13 @@ BEGIN
             VALUE "Comments", "Free crypto library, more information available at www.cryptopp.com"
             VALUE "CompanyName", "Wei Dai"
             VALUE "FileDescription", "Crypto++® Library DLL"
-            VALUE "FileVersion", "8, 1, 0, 0"
+            VALUE "FileVersion", "8, 2, 0, 0"
             VALUE "InternalName", "cryptopp"
-            VALUE "LegalCopyright", "Copyright© 1995-2018 by Wei Dai"
+            VALUE "LegalCopyright", "Copyright© 1995-2019 by Wei Dai"
             VALUE "LegalTrademarks", "Crypto++®"
             VALUE "OriginalFilename", "cryptopp.dll"
             VALUE "ProductName", "Crypto++® Library"
-            VALUE "ProductVersion", "8, 1, 0, 0"
+            VALUE "ProductVersion", "8, 2, 0, 0"
         END
     END
     BLOCK "VarFileInfo"

vendor/cryptopp/vendor_cryptopp/datatest.cpp

@@ -8,7 +8,6 @@
 #include "factory.h"
 #include "integer.h"
 #include "filters.h"
-#include "hex.h"
 #include "randpool.h"
 #include "files.h"
 #include "trunhash.h"
@@ -16,6 +15,8 @@
 #include "smartptr.h"
 #include "validate.h"
 #include "stdcpp.h"
+#include "misc.h"
+#include "hex.h"
 #include "trap.h"
 
 #include <iostream>
@@ -208,7 +209,7 @@ void PutDecodedDatumInto(const TestData &data, const char *name, BufferedTransfo
 
 		while (repeat--)
 		{
-			q.Put(reinterpret_cast<const byte*>(&s2[0]), s2.size());
+			q.Put(ConstBytePtr(s2), BytePtrSize(s2));
 			RandomizedTransfer(q, target, false);
 		}
 	}
@@ -265,10 +266,11 @@ public:
 			*reinterpret_cast<int *>(pValue) = atoi(value.c_str());
 		else if (valueType == typeid(word64))
 		{
-			std::string x(value); errno = 0;
+			std::string x(value.empty() ? "0" : value);
 			const char* beg = &x[0];
 			char* end = &x[0] + value.size();
 
+			errno = 0;
 			*reinterpret_cast<word64*>(pValue) = STRTOUL64(beg, &end, 0);
 			if (errno != 0)
 				return false;
@@ -279,7 +281,7 @@ public:
 		{
 			m_temp.clear();
 			PutDecodedDatumInto(m_data, name, StringSink(m_temp).Ref());
-			reinterpret_cast<ConstByteArrayParameter *>(pValue)->Assign(reinterpret_cast<const byte *>(&m_temp[0]), m_temp.size(), false);
+			reinterpret_cast<ConstByteArrayParameter *>(pValue)->Assign(BytePtr(m_temp), BytePtrSize(m_temp), false);
 		}
 		else
 			throw ValueTypeMismatch(name, typeid(std::string), valueType);
@@ -496,8 +498,8 @@ void TestSymmetricCipher(TestData &v, const NameValuePairs &overrideParameters)
 		}
 		else
 		{
-			encryptor->SetKey(reinterpret_cast<const byte*>(&key[0]), key.size(), pairs);
+			encryptor->SetKey(ConstBytePtr(key), BytePtrSize(key), pairs);
-			decryptor->SetKey(reinterpret_cast<const byte*>(&key[0]), key.size(), pairs);
+			decryptor->SetKey(ConstBytePtr(key), BytePtrSize(key), pairs);
 		}
 
 		word64 seek64 = pairs.GetWord64ValueWithDefault("Seek64", 0);
@@ -547,13 +549,13 @@ void TestSymmetricCipher(TestData &v, const NameValuePairs &overrideParameters)
 				encrypted.reserve(10000 * plaintext.size());
 				for (int j=0; j<10000; j++)
 				{
-					cipher->ProcessString(reinterpret_cast<byte*>(&buf[0]), buf.size());
+					cipher->ProcessString(BytePtr(buf), BytePtrSize(buf));
 					encrypted.append(buf.begin(), buf.end());
 				}
 
 				encrypted.erase(0, encrypted.size() - keybuf.size());
-				xorbuf(reinterpret_cast<byte*>(&keybuf[0]), reinterpret_cast<const byte*>(&encrypted[0]), keybuf.size());
+				xorbuf(BytePtr(keybuf), BytePtr(encrypted), BytePtrSize(keybuf));
-				cipher->SetKey(reinterpret_cast<const byte*>(&keybuf[0]), keybuf.size());
+				cipher->SetKey(BytePtr(keybuf), BytePtrSize(keybuf));
 			}
 
 			encrypted.assign(buf.begin(), buf.end());
@@ -641,8 +643,8 @@ void TestAuthenticatedSymmetricCipher(TestData &v, const NameValuePairs &overrid
 		member_ptr<AuthenticatedSymmetricCipher> encryptor, decryptor;
 		encryptor.reset(ObjectFactoryRegistry<AuthenticatedSymmetricCipher, ENCRYPTION>::Registry().CreateObject(name.c_str()));
 		decryptor.reset(ObjectFactoryRegistry<AuthenticatedSymmetricCipher, DECRYPTION>::Registry().CreateObject(name.c_str()));
-		encryptor->SetKey(reinterpret_cast<const byte*>(&key[0]), key.size(), pairs);
+		encryptor->SetKey(ConstBytePtr(key), BytePtrSize(key), pairs);
-		decryptor->SetKey(reinterpret_cast<const byte*>(&key[0]), key.size(), pairs);
+		decryptor->SetKey(ConstBytePtr(key), BytePtrSize(key), pairs);
 
 		// Code coverage
 		(void)encryptor->AlgorithmName();
@@ -736,7 +738,7 @@ void TestDigestOrMAC(TestData &v, bool testDigest)
 		mac.reset(ObjectFactoryRegistry<MessageAuthenticationCode>::Registry().CreateObject(name.c_str()));
 		pHash = mac.get();
 		std::string key = GetDecodedDatum(v, "Key");
-		mac->SetKey(reinterpret_cast<const byte *>(&key[0]), key.size(), pairs);
+		mac->SetKey(ConstBytePtr(key), BytePtrSize(key), pairs);
 
 		// Code coverage
 		(void)mac->AlgorithmName();
@@ -779,8 +781,7 @@ void TestKeyDerivationFunction(TestData &v)
 	kdf.reset(ObjectFactoryRegistry<KeyDerivationFunction>::Registry().CreateObject(name.c_str()));
 
 	std::string calculated; calculated.resize(expected.size());
-	kdf->DeriveKey(reinterpret_cast<byte*>(&calculated[0]), calculated.size(),
+	kdf->DeriveKey(BytePtr(calculated), BytePtrSize(calculated), BytePtr(secret), BytePtrSize(secret), pairs);
-		reinterpret_cast<const byte*>(&secret[0]), secret.size(), pairs);
 
 	if(calculated != expected)
 	{

vendor/cryptopp/vendor_cryptopp/filters.h

@@ -474,7 +474,7 @@ struct BlockPaddingSchemeDef
 		/// \brief 0's padding added to a block
 		/// \since Crypto++ 5.0
 		ZEROS_PADDING,
-		/// \brief PKCS #5 padding added to a block
+		/// \brief PKCS padding added to a block
 		/// \since Crypto++ 5.0
 		PKCS_PADDING,
 		/// \brief 1 and 0's padding added to a block

vendor/cryptopp/vendor_cryptopp/gcm.cpp

@@ -75,8 +75,8 @@ extern void GCM_Xor16_SSE2(byte *a, const byte *b, const byte *c);
 extern void GCM_Xor16_NEON(byte *a, const byte *b, const byte *c);
 #endif
 
-#if CRYPTOPP_POWER7_AVAILABLE
+#if CRYPTOPP_POWER8_AVAILABLE
-extern void GCM_Xor16_POWER7(byte *a, const byte *b, const byte *c);
+extern void GCM_Xor16_POWER8(byte *a, const byte *b, const byte *c);
 #endif
 
 #if CRYPTOPP_CLMUL_AVAILABLE
@@ -213,11 +213,11 @@ void GCM_Base::SetKeyWithoutResync(const byte *userKey, size_t keylength, const
                     for (k=1; k<j; k++)
                         GCM_Xor16_NEON(mulTable+i*256*16+(j+k)*16, mulTable+i*256*16+j*16, mulTable+i*256*16+k*16);
             else
-#elif CRYPTOPP_POWER7_AVAILABLE
+#elif CRYPTOPP_POWER8_AVAILABLE
-            if (HasPower7())
+            if (HasPower8())
                 for (j=2; j<=0x80; j*=2)
                     for (k=1; k<j; k++)
-                        GCM_Xor16_POWER7(mulTable+i*256*16+(j+k)*16, mulTable+i*256*16+j*16, mulTable+i*256*16+k*16);
+                        GCM_Xor16_POWER8(mulTable+i*256*16+(j+k)*16, mulTable+i*256*16+j*16, mulTable+i*256*16+k*16);
             else
 #endif
                 for (j=2; j<=0x80; j*=2)
@@ -277,13 +277,13 @@ void GCM_Base::SetKeyWithoutResync(const byte *userKey, size_t keylength, const
                         GCM_Xor16_NEON(mulTable+1024+i*256+(j+k)*16, mulTable+1024+i*256+j*16, mulTable+1024+i*256+k*16);
                     }
             else
-#elif CRYPTOPP_POWER7_AVAILABLE
+#elif CRYPTOPP_POWER8_AVAILABLE
-            if (HasPower7())
+            if (HasPower8())
                 for (j=2; j<=8; j*=2)
                     for (k=1; k<j; k++)
                     {
-                        GCM_Xor16_POWER7(mulTable+i*256+(j+k)*16, mulTable+i*256+j*16, mulTable+i*256+k*16);
+                        GCM_Xor16_POWER8(mulTable+i*256+(j+k)*16, mulTable+i*256+j*16, mulTable+i*256+k*16);
-                        GCM_Xor16_POWER7(mulTable+1024+i*256+(j+k)*16, mulTable+1024+i*256+j*16, mulTable+1024+i*256+k*16);
+                        GCM_Xor16_POWER8(mulTable+1024+i*256+(j+k)*16, mulTable+1024+i*256+j*16, mulTable+1024+i*256+k*16);
                     }
             else
 #endif
@@ -369,8 +369,8 @@ unsigned int GCM_Base::OptimalDataAlignment() const
         HasSSE2() ? 16 :
 #elif CRYPTOPP_ARM_NEON_AVAILABLE
         HasNEON() ? 4 :
-#elif CRYPTOPP_POWER7_AVAILABLE
+#elif CRYPTOPP_POWER8_AVAILABLE
-        HasPower7() ? 16 :
+        HasPower8() ? 16 :
 #endif
         GetBlockCipher().OptimalDataAlignment();
 }

vendor/cryptopp/vendor_cryptopp/gcm_simd.cpp

@@ -569,12 +569,12 @@ void GCM_ReverseHashBufferIfNeeded_CLMUL(byte *hashBuffer)
 
 // ***************************** POWER8 ***************************** //
 
-#if CRYPTOPP_POWER7_AVAILABLE
+#if CRYPTOPP_POWER8_AVAILABLE
-void GCM_Xor16_POWER7(byte *a, const byte *b, const byte *c)
+void GCM_Xor16_POWER8(byte *a, const byte *b, const byte *c)
 {
     VecStore(VecXor(VecLoad(b), VecLoad(c)), a);
 }
-#endif  // CRYPTOPP_POWER7_AVAILABLE
+#endif  // CRYPTOPP_POWER8_AVAILABLE
 
 #if CRYPTOPP_POWER8_VMULL_AVAILABLE
 

vendor/cryptopp/vendor_cryptopp/gf2n_simd.cpp

@@ -21,6 +21,8 @@
 #include "pch.h"
 #include "config.h"
 
+#ifndef CRYPTOPP_IMPORTS
+
 #include "gf2n.h"
 
 #if (CRYPTOPP_CLMUL_AVAILABLE)
@@ -608,3 +610,5 @@ GF2NT_233_Square_Reduce_POWER8(const word* pA, word* pC)
 #endif
 
 NAMESPACE_END
+
+#endif  // CRYPTOPP_IMPORTS

vendor/cryptopp/vendor_cryptopp/integer.cpp

@@ -3537,9 +3537,9 @@ class KDF2_RNG : public RandomNumberGenerator
 {
 public:
 	KDF2_RNG(const byte *seed, size_t seedSize)
-		: m_counter(0), m_counterAndSeed(seedSize + 4)
+		: m_counter(0), m_counterAndSeed(ClampSize(seedSize) + 4)
 	{
-		memcpy(m_counterAndSeed + 4, seed, seedSize);
+		memcpy(m_counterAndSeed + 4, seed, ClampSize(seedSize));
 	}
 
 	void GenerateBlock(byte *output, size_t size)
@@ -3550,6 +3550,15 @@ public:
 		P1363_KDF2<SHA1>::DeriveKey(output, size, m_counterAndSeed, m_counterAndSeed.size(), NULLPTR, 0);
 	}
 
+	// UBsan finding, -Wstringop-overflow
+	inline size_t ClampSize(size_t req) const
+	{
+		// Clamp at 16 MB
+		if (req > 16U*1024*1024)
+			return 16U*1024*1024;
+		return req;
+	}
+
 private:
 	word32 m_counter;
 	SecByteBlock m_counterAndSeed;

vendor/cryptopp/vendor_cryptopp/keccak_simd.cpp

@@ -12,8 +12,8 @@
 // KeccakF1600x2_SSE is ParallelHash128. The SSE2 ParallelHash128
 // implementation was extracted from XKCP using the following command.
 //
-// gcc -I lib/common -I lib/low/KeccakP-1600/Optimized \
+// gcc -I lib/common -I lib/low/KeccakP-1600/Optimized
-//   -I lib/low/KeccakP-1600-times2/SIMD128/SSE2ufull \
+//   -I lib/low/KeccakP-1600-times2/SIMD128/SSE2ufull
 //   lib/low/KeccakP-1600-times2/SIMD128/KeccakP-1600-times2-SIMD128.c -E
 
 #include "pch.h"
@@ -23,7 +23,7 @@
 
 #if (CRYPTOPP_SSSE3_AVAILABLE)
 # include <emmintrin.h>
-# include <immintrin.h>
+# include <tmmintrin.h>
 #endif
 
 // Squash MS LNK4221 and libtool warnings
@@ -39,8 +39,8 @@ extern void KeccakF1600x2_SSE(word64 *state);
 // The F1600 round constants
 extern const word64 KeccakF1600Constants[24];
 
-const word64 rho8[2] = {0x0605040302010007, 0x0E0D0C0B0A09080F};
+const word64 rho8[2] = {W64LIT(0x0605040302010007), W64LIT(0x0E0D0C0B0A09080F)};
-const word64 rho56[2] = {0x0007060504030201, 0x080F0E0D0C0B0A09};
+const word64 rho56[2] = {W64LIT(0x0007060504030201), W64LIT(0x080F0E0D0C0B0A09)};
 
 #define V128 __m128i
 #define CV128 const __m128i

vendor/cryptopp/vendor_cryptopp/misc.h

@@ -388,6 +388,38 @@ inline size_t PtrByteDiff(const PTR pointer1, const PTR pointer2)
 	return (size_t)(reinterpret_cast<uintptr_t>(pointer1) - reinterpret_cast<uintptr_t>(pointer2));
 }
 
+/// \brief Pointer to the first element of a string
+/// \param str std::string
+/// \details BytePtr returns NULL pointer for an empty string.
+/// \return Pointer to the first element of a string
+inline byte* BytePtr(std::string& str)
+{
+	// Caller wants a writeable pointer
+	CRYPTOPP_ASSERT(str.empty() == false);
+
+	if (str.empty())
+		return NULLPTR;
+	return reinterpret_cast<byte*>(&str[0]);
+}
+
+/// \brief Const pointer to the first element of a string
+/// \param str std::string
+/// \details ConstBytePtr returns non-NULL pointer for an empty string.
+/// \return Pointer to the first element of a string
+inline const byte* ConstBytePtr(const std::string& str)
+{
+	// Use c_str() so a pointer is always available
+	return reinterpret_cast<const byte*>(str.c_str());
+}
+
+/// \brief Size of a string
+/// \param str std::string
+/// \return size of a string
+inline size_t BytePtrSize(const std::string& str)
+{
+	return str.size();
+}
+
 #if (!__STDC_WANT_SECURE_LIB__ && !defined(_MEMORY_S_DEFINED)) || defined(CRYPTOPP_WANT_SECURE_LIB)
 
 /// \brief Bounds checking replacement for memcpy()

vendor/cryptopp/vendor_cryptopp/ppc_simd.h

@@ -57,7 +57,7 @@
 //
 //   inline uint32x4_p VecLoad(const byte src[16])
 //   {
-//   #if defined(_ARCH_PWR7)
+//   #if defined(_ARCH_PWR8)
 //       return (uint32x4_p) *(uint8x16_p*)((byte*)src);
 //   #else
 //       return VecLoad_ALTIVEC(src);
@@ -128,7 +128,7 @@ typedef __vector unsigned short  uint16x8_p;
 /// \since Crypto++ 6.0
 typedef __vector unsigned int    uint32x4_p;
 
-#if defined(_ARCH_PWR7) || defined(CRYPTOPP_DOXYGEN_PROCESSING)
+#if defined(_ARCH_PWR8) || defined(CRYPTOPP_DOXYGEN_PROCESSING)
 /// \brief Vector of 64-bit elements
 /// \details uint64x2_p is available on POWER7 and above. Some supporting
 ///   functions, like 64-bit <tt>vec_add</tt> (<tt>vaddudm</tt>), did not
@@ -137,7 +137,7 @@ typedef __vector unsigned int    uint32x4_p;
 ///   __vector unsigned long long
 /// \since Crypto++ 6.0
 typedef __vector unsigned long long uint64x2_p;
-#endif  // _ARCH_PWR7
+#endif  // _ARCH_PWR8
 
 /// \brief The 0 vector
 /// \returns a 32-bit vector of 0's
@@ -252,7 +252,7 @@ inline uint32x4_p VecLoad_ALTIVEC(int off, const byte src[16])
 /// \since Crypto++ 6.0
 inline uint32x4_p VecLoad(const byte src[16])
 {
-#if defined(_ARCH_PWR7)
+#if defined(_ARCH_PWR8)
 #  if defined(__early_xlc__) || defined(__early_xlC__)
     return (uint32x4_p)vec_xlw4(0, (byte*)src);
 #  elif defined(__xlc__) || defined(__xlC__) || defined(__clang__)
@@ -280,7 +280,7 @@ inline uint32x4_p VecLoad(const byte src[16])
 /// \since Crypto++ 6.0
 inline uint32x4_p VecLoad(int off, const byte src[16])
 {
-#if defined(_ARCH_PWR7)
+#if defined(_ARCH_PWR8)
 #  if defined(__early_xlc__) || defined(__early_xlC__)
     return (uint32x4_p)vec_xlw4(off, (byte*)src);
 #  elif defined(__xlc__) || defined(__xlC__) || defined(__clang__)
@@ -328,7 +328,7 @@ inline uint32x4_p VecLoad(int off, const word32 src[4])
     return VecLoad(off, (const byte*)src);
 }
 
-#if defined(_ARCH_PWR7) || defined(CRYPTOPP_DOXYGEN_PROCESSING)
+#if defined(_ARCH_PWR8) || defined(CRYPTOPP_DOXYGEN_PROCESSING)
 
 /// \brief Loads a vector from a word array
 /// \param src the word array
@@ -367,7 +367,7 @@ inline uint64x2_p VecLoad(int off, const word64 src[2])
     return (uint64x2_p)VecLoad(off, (const byte*)src);
 }
 
-#endif  // _ARCH_PWR7
+#endif  // _ARCH_PWR8
 
 /// \brief Loads a vector from an aligned byte array
 /// \param src the byte array
@@ -382,7 +382,7 @@ inline uint64x2_p VecLoad(int off, const word64 src[2])
 /// \since Crypto++ 8.0
 inline uint32x4_p VecLoadAligned(const byte src[16])
 {
-#if defined(_ARCH_PWR7)
+#if defined(_ARCH_PWR8)
 #  if defined(__early_xlc__) || defined(__early_xlC__)
     return (uint32x4_p)vec_xlw4(0, (byte*)src);
 #  elif defined(__xlc__) || defined(__xlC__) || defined(__clang__)
@@ -390,10 +390,10 @@ inline uint32x4_p VecLoadAligned(const byte src[16])
 #  else
     return (uint32x4_p)vec_vsx_ld(0, (byte*)src);
 #  endif
-#else  // _ARCH_PWR7
+#else  // _ARCH_PWR8
     CRYPTOPP_ASSERT(((uintptr_t)src) % 16 == 0);
     return (uint32x4_p)vec_ld(0, (byte*)src);
-#endif  // _ARCH_PWR7
+#endif  // _ARCH_PWR8
 }
 
 /// \brief Loads a vector from an aligned byte array
@@ -410,7 +410,7 @@ inline uint32x4_p VecLoadAligned(const byte src[16])
 /// \since Crypto++ 8.0
 inline uint32x4_p VecLoadAligned(int off, const byte src[16])
 {
-#if defined(_ARCH_PWR7)
+#if defined(_ARCH_PWR8)
 #  if defined(__early_xlc__) || defined(__early_xlC__)
     return (uint32x4_p)vec_xlw4(off, (byte*)src);
 #  elif defined(__xlc__) || defined(__xlC__) || defined(__clang__)
@@ -418,10 +418,10 @@ inline uint32x4_p VecLoadAligned(int off, const byte src[16])
 #  else
     return (uint32x4_p)vec_vsx_ld(off, (byte*)src);
 #  endif
-#else  // _ARCH_PWR7
+#else  // _ARCH_PWR8
     CRYPTOPP_ASSERT((((uintptr_t)src)+off) % 16 == 0);
     return (uint32x4_p)vec_ld(off, (byte*)src);
-#endif  // _ARCH_PWR7
+#endif  // _ARCH_PWR8
 }
 
 /// \brief Loads a vector from a byte array
@@ -439,7 +439,7 @@ inline uint32x4_p VecLoadAligned(int off, const byte src[16])
 /// \since Crypto++ 6.0
 inline uint32x4_p VecLoadBE(const byte src[16])
 {
-#if defined(_ARCH_PWR7)
+#if defined(_ARCH_PWR8)
 #  if defined(__early_xlc__) || defined(__early_xlC__)
 #    if (CRYPTOPP_BIG_ENDIAN)
        return (uint32x4_p)vec_xlw4(0, (byte*)src);
@@ -455,13 +455,13 @@ inline uint32x4_p VecLoadBE(const byte src[16])
        return (uint32x4_p)VecReverse(vec_vsx_ld(0, (byte*)src));
 #    endif
 #  endif
-#else  // _ARCH_PWR7
+#else  // _ARCH_PWR8
 #  if (CRYPTOPP_BIG_ENDIAN)
      return (uint32x4_p)VecLoad((const byte*)src);
 #  else
      return (uint32x4_p)VecReverse(VecLoad((const byte*)src));
 #  endif
-#endif  // _ARCH_PWR7
+#endif  // _ARCH_PWR8
 }
 
 /// \brief Loads a vector from a byte array
@@ -480,7 +480,7 @@ inline uint32x4_p VecLoadBE(const byte src[16])
 /// \since Crypto++ 6.0
 inline uint32x4_p VecLoadBE(int off, const byte src[16])
 {
-#if defined(_ARCH_PWR7)
+#if defined(_ARCH_PWR8)
 #  if defined(__early_xlc__) || defined(__early_xlC__)
 #    if (CRYPTOPP_BIG_ENDIAN)
        return (uint32x4_p)vec_xlw4(off, (byte*)src);
@@ -496,13 +496,13 @@ inline uint32x4_p VecLoadBE(int off, const byte src[16])
        return (uint32x4_p)VecReverse(vec_vsx_ld(off, (byte*)src));
 #    endif
 #  endif
-#else  // _ARCH_PWR7
+#else  // _ARCH_PWR8
 #  if (CRYPTOPP_BIG_ENDIAN)
      return (uint32x4_p)VecLoad(off, (const byte*)src);
 #  else
      return (uint32x4_p)VecReverse(VecLoad(off, (const byte*)src));
 #  endif
-#endif  // _ARCH_PWR7
+#endif  // _ARCH_PWR8
 }
 
 //@}
@@ -604,7 +604,7 @@ inline void VecStore_ALTIVEC(const T data, int off, byte dest[16])
 template<class T>
 inline void VecStore(const T data, byte dest[16])
 {
-#if defined(_ARCH_PWR7)
+#if defined(_ARCH_PWR8)
 #  if defined(__early_xlc__) || defined(__early_xlC__)
     vec_xstw4((uint8x16_p)data, 0, (byte*)dest);
 #  elif defined(__xlc__) || defined(__xlC__) || defined(__clang__)
@@ -635,7 +635,7 @@ inline void VecStore(const T data, byte dest[16])
 template<class T>
 inline void VecStore(const T data, int off, byte dest[16])
 {
-#if defined(_ARCH_PWR7)
+#if defined(_ARCH_PWR8)
 #  if defined(__early_xlc__) || defined(__early_xlC__)
     vec_xstw4((uint8x16_p)data, off, (byte*)dest);
 #  elif defined(__xlc__) || defined(__xlC__) || defined(__clang__)
@@ -750,7 +750,7 @@ inline void VecStore(const T data, int off, word64 dest[2])
 template <class T>
 inline void VecStoreBE(const T data, byte dest[16])
 {
-#if defined(_ARCH_PWR7)
+#if defined(_ARCH_PWR8)
 #  if defined(__early_xlc__) || defined(__early_xlC__)
 #    if (CRYPTOPP_BIG_ENDIAN)
        vec_xstw4((uint8x16_p)data, 0, (byte*)dest);
@@ -766,13 +766,13 @@ inline void VecStoreBE(const T data, byte dest[16])
        vec_vsx_st((uint8x16_p)VecReverse(data), 0, (byte*)dest);
 #    endif
 #  endif
-#else  // _ARCH_PWR7
+#else  // _ARCH_PWR8
 #  if (CRYPTOPP_BIG_ENDIAN)
      VecStore_ALTIVEC((uint8x16_p)data, 0, (byte*)dest);
 #  else
      VecStore_ALTIVEC((uint8x16_p)VecReverse(data), 0, (byte*)dest);
 #  endif
-#endif  // _ARCH_PWR7
+#endif  // _ARCH_PWR8
 }
 
 /// \brief Stores a vector to a byte array
@@ -794,7 +794,7 @@ inline void VecStoreBE(const T data, byte dest[16])
 template <class T>
 inline void VecStoreBE(const T data, int off, byte dest[16])
 {
-#if defined(_ARCH_PWR7)
+#if defined(_ARCH_PWR8)
 #  if defined(__early_xlc__) || defined(__early_xlC__)
 #    if (CRYPTOPP_BIG_ENDIAN)
        vec_xstw4((uint8x16_p)data, off, (byte*)dest);
@@ -810,13 +810,13 @@ inline void VecStoreBE(const T data, int off, byte dest[16])
        vec_vsx_st((uint8x16_p)VecReverse(data), off, (byte*)dest);
 #    endif
 #  endif
-#else  // _ARCH_PWR7
+#else  // _ARCH_PWR8
 #  if (CRYPTOPP_BIG_ENDIAN)
      VecStore_ALTIVEC((uint8x16_p)data, off, (byte*)dest);
 #  else
      VecStore_ALTIVEC((uint8x16_p)VecReverse(data), off, (byte*)dest);
 #  endif
-#endif  // _ARCH_PWR7
+#endif  // _ARCH_PWR8
 }
 
 /// \brief Stores a vector to a word array

vendor/cryptopp/vendor_cryptopp/regtest3.cpp

@@ -92,7 +92,9 @@ void RegisterFactories4()
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<TEA> >();
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<XTEA> >();
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<CAST128> >();
+	RegisterSymmetricCipherDefaultFactories<ECB_Mode<SKIPJACK> >();
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<SKIPJACK> >();
+	RegisterSymmetricCipherDefaultFactories<CBC_Mode<SKIPJACK> >();
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<Blowfish> >();
 	RegisterSymmetricCipherDefaultFactories<ECB_Mode<SEED> >();
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<SEED> >();

vendor/cryptopp/vendor_cryptopp/seckey.h

@@ -14,7 +14,7 @@
 
 #if CRYPTOPP_MSC_VERSION
 # pragma warning(push)
-# pragma warning(disable: 4189)
+# pragma warning(disable: 4189 4296)
 #endif
 
 // Issue 340

vendor/cryptopp/vendor_cryptopp/shake.h

@@ -125,7 +125,7 @@ public:
     ///   requires the output size in advance because the algoirthm uses
     ///   output size as a parameter to the hash function.
     /// \since Crypto++ 8.1
-    SHAKE128(unsigned int outputSize) : SHAKE_Final(outputSize) {}
+    SHAKE128(unsigned int outputSize) : SHAKE_Final<128>(outputSize) {}
 };
 
 /// \brief SHAKE256 message digest
@@ -155,7 +155,7 @@ public:
     ///   requires the output size in advance because the algoirthm uses
     ///   output size as a parameter to the hash function.
     /// \since Crypto++ 8.1
-    SHAKE256(unsigned int outputSize) : SHAKE_Final(outputSize) {}
+    SHAKE256(unsigned int outputSize) : SHAKE_Final<256>(outputSize) {}
 };
 
 NAMESPACE_END

vendor/cryptopp/vendor_cryptopp/simon.cpp

@@ -255,9 +255,9 @@ std::string SIMON64::Base::AlgorithmProvider() const
     if (HasNEON())
         return "NEON";
 # endif
-# if (CRYPTOPP_POWER7_AVAILABLE)
+# if (CRYPTOPP_POWER8_AVAILABLE)
-    if (HasPower7())
+    if (HasPower8())
-        return "Power7";
+        return "Power8";
 # endif
 # if (CRYPTOPP_ALTIVEC_AVAILABLE)
     if (HasAltivec())

vendor/cryptopp/vendor_cryptopp/simon128_simd.cpp

@@ -44,7 +44,7 @@
 # include <arm_acle.h>
 #endif
 
-#if defined(CRYPTOPP_POWER7_AVAILABLE)
+#if defined(CRYPTOPP_POWER8_AVAILABLE)
 # include "adv_simd.h"
 # include "ppc_simd.h"
 #endif
@@ -108,13 +108,8 @@ inline uint64x2_t RotateRight64(const uint64x2_t& val)
 template <>
 inline uint64x2_t RotateLeft64<8>(const uint64x2_t& val)
 {
-#if (CRYPTOPP_BIG_ENDIAN)
-    const uint8_t maskb[16] = { 14,13,12,11, 10,9,8,15, 6,5,4,3, 2,1,0,7 };
-    const uint8x16_t mask = vld1q_u8(maskb);
-#else
     const uint8_t maskb[16] = { 7,0,1,2, 3,4,5,6, 15,8,9,10, 11,12,13,14 };
     const uint8x16_t mask = vld1q_u8(maskb);
-#endif
 
     return vreinterpretq_u64_u8(
         vqtbl1q_u8(vreinterpretq_u8_u64(val), mask));
@@ -124,13 +119,8 @@ inline uint64x2_t RotateLeft64<8>(const uint64x2_t& val)
 template <>
 inline uint64x2_t RotateRight64<8>(const uint64x2_t& val)
 {
-#if (CRYPTOPP_BIG_ENDIAN)
-    const uint8_t maskb[16] = { 8,15,14,13, 12,11,10,9, 0,7,6,5, 4,3,2,1 };
-    const uint8x16_t mask = vld1q_u8(maskb);
-#else
     const uint8_t maskb[16] = { 1,2,3,4, 5,6,7,0, 9,10,11,12, 13,14,15,8 };
     const uint8x16_t mask = vld1q_u8(maskb);
-#endif
 
     return vreinterpretq_u64_u8(
         vqtbl1q_u8(vreinterpretq_u8_u64(val), mask));

vendor/cryptopp/vendor_cryptopp/simon64_simd.cpp

@@ -106,13 +106,8 @@ inline uint32x4_t RotateRight32(const uint32x4_t& val)
 template <>
 inline uint32x4_t RotateLeft32<8>(const uint32x4_t& val)
 {
-#if (CRYPTOPP_BIG_ENDIAN)
-    const uint8_t maskb[16] = { 14,13,12,15, 10,9,8,11, 6,5,4,7, 2,1,0,3 };
-    const uint8x16_t mask = vld1q_u8(maskb);
-#else
     const uint8_t maskb[16] = { 3,0,1,2, 7,4,5,6, 11,8,9,10, 15,12,13,14 };
     const uint8x16_t mask = vld1q_u8(maskb);
-#endif
 
     return vreinterpretq_u32_u8(
         vqtbl1q_u8(vreinterpretq_u8_u32(val), mask));
@@ -122,13 +117,8 @@ inline uint32x4_t RotateLeft32<8>(const uint32x4_t& val)
 template <>
 inline uint32x4_t RotateRight32<8>(const uint32x4_t& val)
 {
-#if (CRYPTOPP_BIG_ENDIAN)
-    const uint8_t maskb[16] = { 12,15,14,13, 8,11,10,9, 4,7,6,5, 0,3,2,1 };
-    const uint8x16_t mask = vld1q_u8(maskb);
-#else
     const uint8_t maskb[16] = { 1,2,3,0, 5,6,7,4, 9,10,11,8, 13,14,14,12 };
     const uint8x16_t mask = vld1q_u8(maskb);
-#endif
 
     return vreinterpretq_u32_u8(
         vqtbl1q_u8(vreinterpretq_u8_u32(val), mask));
@@ -576,7 +566,7 @@ inline void SIMON64_Enc_Block(uint32x4_p &block0, uint32x4_p &block1,
 
     for (int i = 0; i < static_cast<int>(rounds & ~1)-1; i += 2)
     {
-#if CRYPTOPP_POWER7_AVAILABLE
+#if CRYPTOPP_POWER8_AVAILABLE
         const uint32x4_p rk1 = vec_splats(subkeys[i]);
         const uint32x4_p rk2 = vec_splats(subkeys[i+1]);
 #else
@@ -592,7 +582,7 @@ inline void SIMON64_Enc_Block(uint32x4_p &block0, uint32x4_p &block1,
 
     if (rounds & 1)
     {
-#if CRYPTOPP_POWER7_AVAILABLE
+#if CRYPTOPP_POWER8_AVAILABLE
         const uint32x4_p rk = vec_splats(subkeys[rounds-1]);
 #else
         const uint8x16_p m = {0,1,2,3, 0,1,2,3, 0,1,2,3, 0,1,2,3};
@@ -634,7 +624,7 @@ inline void SIMON64_Dec_Block(uint32x4_p &block0, uint32x4_p &block1,
     if (rounds & 1)
     {
         std::swap(x1, y1);
-#if CRYPTOPP_POWER7_AVAILABLE
+#if CRYPTOPP_POWER8_AVAILABLE
         const uint32x4_p rk = vec_splats(subkeys[rounds-1]);
 #else
         const uint8x16_p m = {0,1,2,3, 0,1,2,3, 0,1,2,3, 0,1,2,3};
@@ -647,7 +637,7 @@ inline void SIMON64_Dec_Block(uint32x4_p &block0, uint32x4_p &block1,
 
     for (int i = static_cast<int>(rounds-2); i >= 0; i -= 2)
     {
-#if CRYPTOPP_POWER7_AVAILABLE
+#if CRYPTOPP_POWER8_AVAILABLE
         const uint32x4_p rk1 = vec_splats(subkeys[i+1]);
         const uint32x4_p rk2 = vec_splats(subkeys[i]);
 #else
@@ -696,7 +686,7 @@ inline void SIMON64_Enc_6_Blocks(uint32x4_p &block0, uint32x4_p &block1,
 
     for (int i = 0; i < static_cast<int>(rounds & ~1)-1; i += 2)
     {
-#if CRYPTOPP_POWER7_AVAILABLE
+#if CRYPTOPP_POWER8_AVAILABLE
         const uint32x4_p rk1 = vec_splats(subkeys[i]);
         const uint32x4_p rk2 = vec_splats(subkeys[i+1]);
 #else
@@ -717,7 +707,7 @@ inline void SIMON64_Enc_6_Blocks(uint32x4_p &block0, uint32x4_p &block1,
 
     if (rounds & 1)
     {
-#if CRYPTOPP_POWER7_AVAILABLE
+#if CRYPTOPP_POWER8_AVAILABLE
         const uint32x4_p rk = vec_splats(subkeys[rounds-1]);
 #else
         const uint8x16_p m = {0,1,2,3, 0,1,2,3, 0,1,2,3, 0,1,2,3};
@@ -771,7 +761,7 @@ inline void SIMON64_Dec_6_Blocks(uint32x4_p &block0, uint32x4_p &block1,
     {
         std::swap(x1, y1); std::swap(x2, y2); std::swap(x3, y3);
 
-#if CRYPTOPP_POWER7_AVAILABLE
+#if CRYPTOPP_POWER8_AVAILABLE
         const uint32x4_p rk = vec_splats(subkeys[rounds-1]);
 #else
         const uint8x16_p m = {0,1,2,3, 0,1,2,3, 0,1,2,3, 0,1,2,3};
@@ -786,7 +776,7 @@ inline void SIMON64_Dec_6_Blocks(uint32x4_p &block0, uint32x4_p &block1,
 
     for (int i = static_cast<int>(rounds-2); i >= 0; i -= 2)
     {
-#if CRYPTOPP_POWER7_AVAILABLE
+#if CRYPTOPP_POWER8_AVAILABLE
         const uint32x4_p rk1 = vec_splats(subkeys[i+1]);
         const uint32x4_p rk2 = vec_splats(subkeys[i]);
 #else

vendor/cryptopp/vendor_cryptopp/skipjack.h

@@ -2,6 +2,12 @@
 
 /// \file skipjack.h
 /// \brief Classes for the SKIPJACK block cipher
+/// \details The Crypto++ implementation conforms to SKIPJACK and KEA
+///  Algorithm Specifications published by NIST in May 1998. The library passes
+///  known answer tests available in NIST SP800-17, Table 6, pp. 140-42.
+/// \sa <a href ="http://csrc.nist.gov/encryption/skipjack/skipjack.pdf">SKIPJACK
+///  and KEA Algorithm Specifications</a> (May 1998), <a
+///  href="http://www.cryptopp.com/wiki/SKIPJACK">SKIPJACK</a> on the Crypto++ wiki
 
 #ifndef CRYPTOPP_SKIPJACK_H
 #define CRYPTOPP_SKIPJACK_H
@@ -18,7 +24,12 @@ struct SKIPJACK_Info : public FixedBlockSize<8>, public FixedKeyLength<10>
 };
 
 /// \brief SKIPJACK block cipher
-/// \sa <a href="http://www.cryptopp.com/wiki/SKIPJACK">SKIPJACK</a>
+/// \details The Crypto++ implementation conforms to SKIPJACK and KEA
+///  Algorithm Specifications published by NIST in May 1998. The library passes
+///  known answer tests available in NIST SP800-17, Table 6, pp. 140-42.
+/// \sa <a href ="http://csrc.nist.gov/encryption/skipjack/skipjack.pdf">SKIPJACK
+///  and KEA Algorithm Specifications</a> (May 1998), <a
+///  href="http://www.cryptopp.com/wiki/SKIPJACK">SKIPJACK</a> on the Crypto++ wiki
 class SKIPJACK : public SKIPJACK_Info, public BlockCipherDocumentation
 {
 	/// \brief SKIPJACK block cipher default operation

vendor/cryptopp/vendor_cryptopp/speck.cpp

@@ -235,9 +235,9 @@ std::string SPECK64::Base::AlgorithmProvider() const
     if (HasNEON())
         return "NEON";
 # endif
-# if (CRYPTOPP_POWER7_AVAILABLE)
+# if (CRYPTOPP_POWER8_AVAILABLE)
-    if (HasPower7())
+    if (HasPower8())
-        return "Power7";
+        return "Power8";
 # endif
 # if (CRYPTOPP_ALTIVEC_AVAILABLE)
     if (HasAltivec())

vendor/cryptopp/vendor_cryptopp/speck128_simd.cpp

@@ -107,13 +107,8 @@ inline uint64x2_t RotateRight64(const uint64x2_t& val)
 template <>
 inline uint64x2_t RotateLeft64<8>(const uint64x2_t& val)
 {
-#if (CRYPTOPP_BIG_ENDIAN)
-    const uint8_t maskb[16] = { 14,13,12,11, 10,9,8,15, 6,5,4,3, 2,1,0,7 };
-    const uint8x16_t mask = vld1q_u8(maskb);
-#else
     const uint8_t maskb[16] = { 7,0,1,2, 3,4,5,6, 15,8,9,10, 11,12,13,14 };
     const uint8x16_t mask = vld1q_u8(maskb);
-#endif
 
     return vreinterpretq_u64_u8(
         vqtbl1q_u8(vreinterpretq_u8_u64(val), mask));
@@ -123,13 +118,8 @@ inline uint64x2_t RotateLeft64<8>(const uint64x2_t& val)
 template <>
 inline uint64x2_t RotateRight64<8>(const uint64x2_t& val)
 {
-#if (CRYPTOPP_BIG_ENDIAN)
-    const uint8_t maskb[16] = { 8,15,14,13, 12,11,10,9, 0,7,6,5, 4,3,2,1 };
-    const uint8x16_t mask = vld1q_u8(maskb);
-#else
     const uint8_t maskb[16] = { 1,2,3,4, 5,6,7,0, 9,10,11,12, 13,14,15,8 };
     const uint8x16_t mask = vld1q_u8(maskb);
-#endif
 
     return vreinterpretq_u64_u8(
         vqtbl1q_u8(vreinterpretq_u8_u64(val), mask));

vendor/cryptopp/vendor_cryptopp/speck64_simd.cpp

@@ -105,13 +105,8 @@ inline uint32x4_t RotateRight32(const uint32x4_t& val)
 template <>
 inline uint32x4_t RotateLeft32<8>(const uint32x4_t& val)
 {
-#if (CRYPTOPP_BIG_ENDIAN)
-    const uint8_t maskb[16] = { 14,13,12,15, 10,9,8,11, 6,5,4,7, 2,1,0,3 };
-    const uint8x16_t mask = vld1q_u8(maskb);
-#else
     const uint8_t maskb[16] = { 3,0,1,2, 7,4,5,6, 11,8,9,10, 15,12,13,14 };
     const uint8x16_t mask = vld1q_u8(maskb);
-#endif
 
     return vreinterpretq_u32_u8(
         vqtbl1q_u8(vreinterpretq_u8_u32(val), mask));
@@ -121,13 +116,8 @@ inline uint32x4_t RotateLeft32<8>(const uint32x4_t& val)
 template <>
 inline uint32x4_t RotateRight32<8>(const uint32x4_t& val)
 {
-#if (CRYPTOPP_BIG_ENDIAN)
-    const uint8_t maskb[16] = { 12,15,14,13, 8,11,10,9, 4,7,6,5, 0,3,2,1 };
-    const uint8x16_t mask = vld1q_u8(maskb);
-#else
     const uint8_t maskb[16] = { 1,2,3,0, 5,6,7,4, 9,10,11,8, 13,14,15,12 };
     const uint8x16_t mask = vld1q_u8(maskb);
-#endif
 
     return vreinterpretq_u32_u8(
         vqtbl1q_u8(vreinterpretq_u8_u32(val), mask));
@@ -517,7 +507,7 @@ void SPECK64_Enc_Block(uint32x4_p &block0, uint32x4_p &block1,
 
     for (int i=0; i < static_cast<int>(rounds); ++i)
     {
-#if CRYPTOPP_POWER7_AVAILABLE
+#if CRYPTOPP_POWER8_AVAILABLE
         const uint32x4_p rk = vec_splats(subkeys[i]);
 #else
         // subkeys has extra elements so memory backs the last subkey
@@ -564,7 +554,7 @@ void SPECK64_Dec_Block(uint32x4_p &block0, uint32x4_p &block1,
 
     for (int i = static_cast<int>(rounds-1); i >= 0; --i)
     {
-#if CRYPTOPP_POWER7_AVAILABLE
+#if CRYPTOPP_POWER8_AVAILABLE
         const uint32x4_p rk = vec_splats(subkeys[i]);
 #else
         // subkeys has extra elements so memory backs the last subkey
@@ -616,7 +606,7 @@ void SPECK64_Enc_6_Blocks(uint32x4_p &block0, uint32x4_p &block1,
 
     for (int i=0; i < static_cast<int>(rounds); ++i)
     {
-#if CRYPTOPP_POWER7_AVAILABLE
+#if CRYPTOPP_POWER8_AVAILABLE
         const uint32x4_p rk = vec_splats(subkeys[i]);
 #else
         // subkeys has extra elements so memory backs the last subkey
@@ -685,7 +675,7 @@ void SPECK64_Dec_6_Blocks(uint32x4_p &block0, uint32x4_p &block1,
 
     for (int i = static_cast<int>(rounds-1); i >= 0; --i)
     {
-#if CRYPTOPP_POWER7_AVAILABLE
+#if CRYPTOPP_POWER8_AVAILABLE
         const uint32x4_p rk = vec_splats(subkeys[i]);
 #else
         // subkeys has extra elements so memory backs the last subkey

vendor/cryptopp/vendor_cryptopp/validat5.cpp

@@ -265,13 +265,13 @@ bool ValidateSHAKE_XOF()
 
 		StringSource(msg, true, new HexDecoder(new StringSink(m)));
 		StringSource(out, true, new HexDecoder(new StringSink(o)));
-		r.reserve(o.size());
+		r.resize(o.size());
 
-		SHAKE128 hash((unsigned int)r.size());
+		SHAKE128 hash((unsigned int)o.size());
-		hash.Update((const byte*)&m[0], m.size());
+		hash.Update(ConstBytePtr(m), BytePtrSize(m));
-		hash.TruncatedFinal((byte*)&o[0], o.size());
+		hash.TruncatedFinal(BytePtr(r), BytePtrSize(r));
 
-		fail = (std::memcmp(r.data(), r.data(), o.size()) != 0);
+		fail = (std::memcmp(r.data(), o.data(), o.size()) != 0);
 		pass = pass & !fail;
 
 		if (fail)
@@ -292,13 +292,13 @@ bool ValidateSHAKE_XOF()
 
 		StringSource(msg, true, new HexDecoder(new StringSink(m)));
 		StringSource(out, true, new HexDecoder(new StringSink(o)));
-		r.reserve(o.size());
+		r.resize(o.size());
 
-		SHAKE128 hash((unsigned int)r.size());
+		SHAKE128 hash((unsigned int)o.size());
-		hash.Update((const byte*)&m[0], m.size());
+		hash.Update(ConstBytePtr(m), BytePtrSize(m));
-		hash.TruncatedFinal((byte*)&o[0], o.size());
+		hash.TruncatedFinal(BytePtr(r), BytePtrSize(r));
 
-		fail = (std::memcmp(r.data(), r.data(), o.size()) != 0);
+		fail = (std::memcmp(r.data(), o.data(), o.size()) != 0);
 		pass = pass & !fail;
 
 		if (fail)
@@ -317,13 +317,13 @@ bool ValidateSHAKE_XOF()
 
 		StringSource(msg, true, new HexDecoder(new StringSink(m)));
 		StringSource(out, true, new HexDecoder(new StringSink(o)));
-		r.reserve(o.size());
+		r.resize(o.size());
 
-		SHAKE256 hash((unsigned int)r.size());
+		SHAKE256 hash((unsigned int)o.size());
-		hash.Update((const byte*)&m[0], m.size());
+		hash.Update(ConstBytePtr(m), BytePtrSize(m));
-		hash.TruncatedFinal((byte*)&o[0], o.size());
+		hash.TruncatedFinal(BytePtr(r), BytePtrSize(r));
 
-		fail = (std::memcmp(r.data(), r.data(), o.size()) != 0);
+		fail = (std::memcmp(r.data(), o.data(), o.size()) != 0);
 		pass = pass & !fail;
 
 		if (fail)
@@ -347,13 +347,13 @@ bool ValidateSHAKE_XOF()
 
 		StringSource(msg, true, new HexDecoder(new StringSink(m)));
 		StringSource(out, true, new HexDecoder(new StringSink(o)));
-		r.reserve(o.size());
+		r.resize(o.size());
 
-		SHAKE256 hash((unsigned int)r.size());
+		SHAKE256 hash((unsigned int)o.size());
-		hash.Update((const byte*)&m[0], m.size());
+		hash.Update(ConstBytePtr(m), BytePtrSize(m));
-		hash.TruncatedFinal((byte*)&o[0], o.size());
+		hash.TruncatedFinal(BytePtr(r), BytePtrSize(r));
 
-		fail = (std::memcmp(r.data(), r.data(), o.size()) != 0);
+		fail = (std::memcmp(r.data(), o.data(), o.size()) != 0);
 		pass = pass & !fail;
 
 		if (fail)
@@ -362,7 +362,7 @@ bool ValidateSHAKE_XOF()
 		pass = pass && !fail;
 	}
 
-	std::cout << (!pass ? "FAILED   " : "passed   ") << " SHAKE XOF message digests" << std::endl;
+	std::cout << (!pass ? "FAILED   " : "passed   ") << "SHAKE XOF message digests" << std::endl;
 
 	return pass;
 }
@@ -729,11 +729,11 @@ bool TestPBKDF(KeyDerivationFunction &pbkdf, const PBKDF_TestTuple *testSet, uns
 
 		double timeInSeconds = 0.0f;
 		AlgorithmParameters params = MakeParameters("Purpose", (int)tuple.purpose)
-		    (Name::Salt(), ConstByteArrayParameter((const byte*)&salt[0], salt.size()))
+		    (Name::Salt(), ConstByteArrayParameter(ConstBytePtr(salt), BytePtrSize(salt)))
 		    ("Iterations", (int)tuple.iterations)("TimeInSeconds", timeInSeconds);
 
 		SecByteBlock derived(derivedKey.size());
-		pbkdf.DeriveKey(derived, derived.size(), (const byte *)password.data(), password.size(), params);
+		pbkdf.DeriveKey(derived, derived.size(), ConstBytePtr(password), BytePtrSize(password), params);
 		bool fail = !!memcmp(derived, derivedKey.data(), derived.size()) != 0;
 		pass = pass && !fail;
 
@@ -815,13 +815,13 @@ bool TestHKDF(KeyDerivationFunction &kdf, const HKDF_TestTuple *testSet, unsigne
 
 		AlgorithmParameters params;
 		if (tuple.hexSalt)
-			params(Name::Salt(), ConstByteArrayParameter((const byte*)&salt[0], salt.size()));
+			params(Name::Salt(), ConstByteArrayParameter(ConstBytePtr(salt), BytePtrSize(salt)));
 		if (tuple.hexSalt)
-			params("Info", ConstByteArrayParameter((const byte*)&info[0], info.size()));
+			params("Info", ConstByteArrayParameter(ConstBytePtr(info), BytePtrSize(info)));
 
-		kdf.DeriveKey((byte*)&derived[0], derived.size(), (const byte*)&secret[0], secret.size(), params);
+		kdf.DeriveKey(derived, derived.size(), ConstBytePtr(secret), BytePtrSize(secret), params);
 
-		bool fail = !VerifyBufsEqual(derived, (const byte*)&expected[0], derived.size());
+		bool fail = !VerifyBufsEqual(derived, ConstBytePtr(expected), BytePtrSize(expected));
 		pass = pass && !fail;
 
 		HexEncoder enc(new FileSink(std::cout));
@@ -946,10 +946,10 @@ bool TestScrypt(KeyDerivationFunction &pbkdf, const Scrypt_TestTuple *testSet, u
 
 		AlgorithmParameters params = MakeParameters("Cost", (word64)tuple.n)
 			("BlockSize", (word64)tuple.r)("Parallelization", (word64)tuple.p)
-			(Name::Salt(), ConstByteArrayParameter((const byte*)&salt[0], salt.size()));
+			(Name::Salt(), ConstByteArrayParameter(ConstBytePtr(salt), BytePtrSize(salt)));
 
 		SecByteBlock derived(expect.size());
-		pbkdf.DeriveKey(derived, derived.size(), (const byte *)password.data(), password.size(), params);
+		pbkdf.DeriveKey(derived, derived.size(), ConstBytePtr(password), BytePtrSize(password), params);
 		bool fail = !!memcmp(derived, expect.data(), expect.size()) != 0;
 		pass = pass && !fail;
 

vendor/cryptopp/vendor_cryptopp/xed25519.h

@@ -66,6 +66,13 @@ public:
 
     virtual ~x25519() {}
 
+    /// \brief Create a x25519 object
+    /// \details This constructor creates an empty x25519 object. It is
+    ///   intended for use in loading existing parameters, like CryptoBox
+    ///   parameters. If you are perfoming key agreement you should use a
+    ///    constructor that generates random parameters on construction.
+    x25519() {}
+
     /// \brief Create a x25519 object
     /// \param y public key
     /// \param x private key