Hack to ensure Xcode doesn't incorrectly link libsodium.dylib instead of libsodium.a

Improved library check that doesn't depend on wording of error message.
Fixed a bug in PearlMutableStaticTableViewController.
2017-04-14 17:23:41 -04:00 · 2017-04-14 17:01:24 -04:00 · 2017-04-14 16:10:11 -04:00 · 2017-04-14 13:20:13 -04:00 · 2017-04-14 13:08:23 -04:00 · 2017-04-14 10:13:44 -04:00
37 changed files with 1342 additions and 945 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -40,6 +40,7 @@ core/c/lib/*/src
 core/c/lib/include
 platform-independent/cli-c/cli/*.o
 platform-independent/cli-c/mpw-*.tar.gz
+platform-independent/cli-c/mpw-*.tar.gz.sig
 platform-independent/cli-c/mpw
 platform-independent/cli-c/mpw-bench
 platform-independent/cli-c/mpw-tests
--- a/.gitmodules
+++ b/.gitmodules
@@ -19,3 +19,6 @@
 [submodule "MasterPassword/Web/js/mpw-js"]
 	path = platform-independent/web-js/js/mpw-js
 	url = https://github.com/tmthrgd/mpw-js.git
+[submodule "platform-darwin/External/libsodium"]
+	path = platform-darwin/External/libsodium
+	url = https://github.com/jedisct1/libsodium.git
--- a/.travis.yml
+++ b/.travis.yml
@@ -4,6 +4,7 @@ env: TERM=dumb SHLVL=0
 git:
  submodules: true
 script:
-  - "( cd ./platform-independent/cli-c && ./clean && ./build && ./mpw-tests )"
+  - "( brew install libsodium )"
+  - "( cd ./platform-independent/cli-c && ./clean && targets='mpw mpw-bench mpw-tests' ./build && ./mpw-tests )"
  - "( xcodebuild -workspace platform-darwin/MasterPassword.xcworkspace -configuration 'Test' -scheme 'MasterPassword iOS' -sdk iphonesimulator )"
  - "( xcodebuild -workspace platform-darwin/MasterPassword.xcworkspace -configuration 'Test' -scheme 'MasterPassword macOS' )"
--- a/README.md
+++ b/README.md
@@ -15,13 +15,23 @@ To skip the intro and go straight to the information on how to use the code, [cl

 Master Password is available for [📲 iOS](https://itunes.apple.com/app/id510296984), [🖥 macOS](https://ssl.masterpasswordapp.com/masterpassword-mac.zip), [📲 Android](https://ssl.masterpasswordapp.com/masterpassword-android.apk), [🖥 Desktop](https://ssl.masterpasswordapp.com/masterpassword-gui.jar), and [⌨ Console](https://ssl.masterpasswordapp.com/masterpassword-cli.tar.gz).

-Master Password is also available from the following package managers: [macOS: Homebrew](https://brew.sh/).  Get in touch if you are interested in adding Master Password to any other package managers.
+Master Password is also available from the following package managers: [macOS: Homebrew](https://brew.sh/) (`brew install mpw`).
+Get in touch if you are interested in adding Master Password to any other package managers.
+
+There are many reasons for using Master Password instead of an ordinary password manager, read below for the details, but if you want my personal favourites, they would be:
+
+ - I don't need to worry about keeping backups of my countless authentication credentials.
+ - I don't need to worry that when I travel, I might not have access to my passwords vault.
+ - I don't need to trust an external party, proprietary code or a service to be online and stay online.
+ - If I feel at risk of my device being stolen or confiscated, I can set a fake master password, delete my user or wipe it worry-free.
+
+We also have a [Frequently Asked Questions](#faq).



 ## What is a password?

-The "password".  Somehow, passwords have become the default solution to authentication across the web.  We've long since accepted this as the way things are, but let's stop to think for a moment about what passwords actually are:
+Ah, the "password".  Somehow, passwords have become the default solution to authentication across the web.  We've long since accepted this as the way things are, but let's stop to think for a moment about what passwords actually are:

 A password is a secret that is known only to the party providing a service and the party that should be allowed access to this service.

@@ -69,12 +79,12 @@ Master Password is *not* a password manager.  It does not store your website pas

 ## Benefits

- - You don't need to come up with a secure password every time you make a new account - Master Password gives you the key for it.
- - You don't need to try to remember a password you created two years ago for that one account - Master Password just gives you the key for it.
- - You don't need to that you can't get into that account you made at work when you come home because you don't have your work passwords with you - Master Password is always available.
- - You don't need to try to keep password lists in sync or stored somewhere easily accessible - Master Password is always available.
- - You don't need to worry what you'll do if your computer dies or you need to log into your bank while you're in the airport transit zone - Master Password is always available.
- - You don't need to worry about your password manager website getting hacked, your phone getting duplicated, somebody taking a picture of your passwords book - Master Password keeps no records.
+ - You don't need to think up a new strong password every time you make a new account - Master Password gives you the key for it.
+ - You don't need to try remembering a password you created two years ago for that one account - Master Password just gives you the key for it.
+ - You don't need to worry about getting into that account you made at work after you come home because you don't have your office passwords with you - Master Password is availale everywhere, even offline.
+ - You don't need to try to keep password lists in sync or stored somewhere easily accessible - Master Password keys can be created anywhere.
+ - You don't need to worry what you'll do if your computer dies or you need to log into your bank while you're in the airport transit zone - your Master Password keys are always available, even when starting empty.
+ - You don't need to worry about your password manager website getting hacked, your phone getting duplicated, somebody taking a picture of your passwords book - Master Password stores no secrets.



@@ -94,6 +104,35 @@ We standardize `user-name` as your full name, `site-name` as the domain name of



+## FAQ
+
+ 1. If I lose my master password and need to set a new one, will I need to change all of my site passwords?
+
+Yes.  If your master password is compromised, it is only sensible for you to change all of your site passwords.  Just like if you lose the keys in your pocket, you'll have to change all the locks they open.  Master Password effectively enforces this security practice.
+
+ 2. But what if I just forget my master password or I just want to change it to something else?
+
+Sorry, still yes.  Your master password is the secret component to your Master Password identity.  If it changes, your identity changes.  I wholly encourage you to think very carefully about what makes for a really memorable and good master password before just diving in with something lazy.  A short phrase works great, eg. `banana coloured duckling`.
+
+ 3. Doesn't this mean an attacker can reverse my master password from any of my site passwords?
+
+Technically, yes.  Practically, no.
+
+You could argue that site passwords are "breadcrumbs" of your master password, but the same argument would suggest encrypted messages are breadcrumbs to the encryption key.  Encryption works because it is computationally unfeasible to "guess" the encryption key that made the encrypted message, just like Master Password works because it is computationally unfeasible to "guess" your master password that made the site password.
+
+ 4. The second step is just a HMAC-SHA-256, doesn't that make the SCRYPT completely pointless?
+
+No.  They are used for different reasons and one is not weaker than the other.
+
+HMAC-SHA-256 is much faster to compute than SCRYPT, which leads some people to think "all an attacker needs to do is brute-force the SHA and ignore the SCRYPT".  The reality is that the HMAC-SHA-256 guards a 64-byte authentication key (the `master-key`) which makes the search space for brute-forcing the HMAC wildly too large to compute.
+The `master-password` on the other hand, is only a simple phrase, which means its search space is much smaller.  This is why it is guarded by a much tougher SCRYPT operation.
+
+ 5. I have another question.
+
+Please don't hesitate to [get in touch](#support), we're more than happy to answer all your Master Password questions.  Any problems or suggestions can be reported [as GitHub issues](https://github.com/Lyndir/MasterPassword/issues).
+
+
+

 # Source Code

@@ -146,6 +185,10 @@ Go into the `gradle` directory and run `./gradlew build`.  All Java components w
 - `platform-android/build/outputs/apk`:
   contains the Android application package.  Install it on your Android device.

+Note that in order to build the Android application, you will need to have the Android SDK installed and either have the environment variable `ANDROID_HOME` set to its location or a `gradle/local.properties` file with its location, eg. (for Homebrew users who installed the SDK using `brew install android-sdk`):
+
+    sdk.dir=/usr/local/opt/android-sdk
+

 ### Native CLI

@@ -158,34 +201,42 @@ For example:
    ./build && sudo ./install
    mpw -h

-The build has a few dependencies you should have installed before running it:
+Normally, this is all you need to do, however note that there are a few dependencies that need to be met, depending on which targets you are building (by default, only the `mpw` target is built):

- - `mpw`: `openssl-dev`, `ncurses-dev` (if `mpw_color=1`)
- - `mpw-bench`: `openssl-dev`
- - `mpw-tests`: `openssl-dev`, `libxml2`
+ - `mpw`

-There are a few different ways you can modify the build process:
+The C implementation depends either on `libsodium` or Tarsnap's `scrypt` and `openssl-dev`.

- - You can change the targets that should be built.  By default, all targets are built.  These are the available targets:
-    - `mpw`: This is the standard command-line `mpw` tool which implements all Master Password features.
-    - `mpw-tests`: This is a tool to perform the standard tests script on the `mpw` implementation.
-    - `mpw-bench`: This is a tool to run a benchmark on the `mpw` implementation, comparing it to the performance of other algorithms.
- - You can specify custom arguments to the compiler, pass them as arguments to the build script.
- - The build process involves some optionals, they can by toggled from their default setting by passing variables:
-    - `mpw_color`: [default: 1] Colorized Identicon, depends on 
+We recommend you install `libsodium`.  If `libsodium` is not installed when `./build` is executed, the script will try to download and statically link Tarsnap's `scrypt` instead.  Tarsnap's `scrypt` depends on you having `openssl-dev` installed.

-To change the targets to build, use:
+If you have `mpw_color` enabled (it is enabled by default), the build also depends on `ncurses-dev` to communicate with the terminal.

-    targets='mpw mpw-bench' ./build
+ - `mpw-bench`

-To add a library search path, use:
+This tool compares the performance of a few cryptographic algorithms, including bcrypt.  The `./build` script will try to automatically download and statically link `bcrypt`.
+
+ - `mpw-tests`
+
+This tool runs a suite of tests to ensure the correct passwords are being generated by the algorithm under various circumstances.  The test suite is declared in `mpw-tests.xml` which needs to exist in the current working directory when running the tool.  In addition, `libxml2` is used to parse the file, so this target depends on you having it installed when running `./build`.
+
+
+Finally, there are a few different ways you can modify the build process.
+
+To build additional targets, set the `targets` environment variable:
+
+    targets='mpw mpw-tests' ./build
+
+To pass additional compiler arguments, eg. add a library search path, pass them as arguments to the script:

    ./build -L/usr/local/lib

-Change an optional feature:
+There are a few toggleable features, to change them, pass them as environment variables:

    mpw_color=0 ./build

+Currently, there is only one toggleable feature:
+
+ - `mpw_color`: [default: 1] Colorized Identicon, depends on `ncurses-dev`.


 ## Support
--- a/core/c/lib/scrypt/.source
+++ b/core/c/lib/scrypt/.source
@@ -1,4 +1,4 @@
 home=http://www.tarsnap.com/scrypt.html
 git=https://github.com/Tarsnap/scrypt.git
-pkg=http://www.tarsnap.com/scrypt/scrypt-1.2.0.tgz
-pkg_sha256=1754bc89405277c8ac14220377a4c240ddc34b1ce70882aa92cd01bfdc8569d4
+pkg=https://www.tarsnap.com/scrypt/scrypt-1.2.1.tgz
+pkg_sha256=4621f5e7da2f802e20850436219370092e9fcda93bd598f6d4236cce33f4c577
--- a/core/c/mpw-util.c
+++ b/core/c/mpw-util.c
@@ -20,14 +20,22 @@
 #include <stdlib.h>
 #include <string.h>

-#ifdef COLOR
+#if COLOR
 #include <unistd.h>
 #include <curses.h>
 #include <term.h>
 #endif

-#include <scrypt/sha256.h>
+#if HAS_CPERCIVA
 #include <scrypt/crypto_scrypt.h>
+#include <scrypt/sha256.h>
+#elif HAS_SODIUM
+#include "sodium.h"
+#endif
+
+#ifndef trc
+int mpw_verbosity;
+#endif

 #include "mpw-util.h"

@@ -85,30 +93,62 @@ uint8_t const *mpw_scrypt(const size_t keySize, const char *secret, const uint8_
    if (!key)
        return NULL;

+#if HAS_CPERCIVA
    if (crypto_scrypt( (const uint8_t *)secret, strlen( secret ), salt, saltSize, N, r, p, key, keySize ) < 0) {
        mpw_free( key, keySize );
        return NULL;
    }
+#elif HAS_SODIUM
+    if (crypto_pwhash_scryptsalsa208sha256_ll( (const uint8_t *)secret, strlen( secret ), salt, saltSize, N, r, p, key, keySize) != 0 ) {
+        mpw_free( key, keySize );
+        return NULL;
+    }
+#endif

    return key;
 }

 uint8_t const *mpw_hmac_sha256(const uint8_t *key, const size_t keySize, const uint8_t *salt, const size_t saltSize) {

+#if HAS_CPERCIVA
    uint8_t *const buffer = malloc( 32 );
    if (!buffer)
        return NULL;

    HMAC_SHA256_Buf( key, keySize, salt, saltSize, buffer );
    return buffer;
+#elif HAS_SODIUM
+    uint8_t *const buffer = malloc( crypto_auth_hmacsha256_BYTES );
+    if (!buffer)
+        return NULL;
+
+    crypto_auth_hmacsha256_state state;
+    if (crypto_auth_hmacsha256_init( &state, key, keySize ) != 0 ||
+        crypto_auth_hmacsha256_update( &state, salt, saltSize ) != 0 ||
+        crypto_auth_hmacsha256_final( &state, buffer ) != 0) {
+        mpw_free( buffer, crypto_auth_hmacsha256_BYTES );
+        return NULL;
+    }
+
+    return buffer;
+#endif
+
+    return NULL;
 }

 const char *mpw_id_buf(const void *buf, size_t length) {

+#if HAS_CPERCIVA
    uint8_t hash[32];
    SHA256_Buf( buf, length, hash );

    return mpw_hex( hash, 32 );
+#elif HAS_SODIUM
+    uint8_t hash[crypto_hash_sha256_BYTES];
+    crypto_hash_sha256( hash, buf, length );
+
+    return mpw_hex( hash, crypto_hash_sha256_BYTES );
+#endif
 }

 static char **mpw_hex_buf = NULL;
@@ -144,10 +184,10 @@ static int initputvar() {
    if (!isatty(STDERR_FILENO))
        return 0;
    if (putvarc)
-        free(putvarc);
+        free( putvarc );
    if (!termsetup) {
        int status;
-        if (! (termsetup = (setupterm(NULL, STDERR_FILENO, &status) == OK && status == 1))) {
+        if (! (termsetup = (setupterm( NULL, STDERR_FILENO, &status ) == 0 && status == 1))) {
            wrn( "Terminal doesn't support color (setupterm errno %d).\n", status );
            return 0;
        }
@@ -174,8 +214,9 @@ const char *mpw_identicon(const char *fullName, const char *masterPassword) {
            "♨", "♩", "♪", "♫", "⚐", "⚑", "⚔", "⚖", "⚙", "⚠", "⌘", "⏎", "✄", "✆", "✈", "✉", "✌"
    };

-    uint8_t identiconSeed[32];
-    HMAC_SHA256_Buf( masterPassword, strlen( masterPassword ), fullName, strlen( fullName ), identiconSeed );
+    const uint8_t *identiconSeed = mpw_hmac_sha256( (const uint8_t *)masterPassword, strlen( masterPassword ), (const uint8_t *)fullName, strlen( fullName ) );
+    if (!identiconSeed)
+        return NULL;

    char *colorString, *resetString;
 #ifdef COLOR
@@ -203,6 +244,7 @@ const char *mpw_identicon(const char *fullName, const char *masterPassword) {
            accessory[identiconSeed[3] % (sizeof( accessory ) / sizeof( accessory[0] ))],
            resetString );

+    mpw_free( identiconSeed, 32 );
    free( colorString );
    free( resetString );
    return identicon;
--- a/core/c/mpw-util.h
+++ b/core/c/mpw-util.h
@@ -22,7 +22,7 @@
 //// Logging.

 #ifndef trc
-int mpw_verbosity;
+extern int mpw_verbosity;
    #define trc_level 3
    #define trc(...) \
        if (mpw_verbosity >= 3) \
--- a/platform-android/masterpassword.jks
+++ b/platform-android/masterpassword.jks
@@ -1 +0,0 @@
-/Users/lhunath/annex/secret/release-com.lyndir.masterpassword.jks
--- a/platform-darwin/External/Pearl
+++ b/platform-darwin/External/Pearl
--- a/platform-darwin/External/libsodium
+++ b/platform-darwin/External/libsodium
--- a/platform-darwin/MasterPassword-iOS.xcodeproj/project.pbxproj
+++ b/platform-darwin/MasterPassword-iOS.xcodeproj/project.pbxproj
@@ -12,6 +12,7 @@
 		93D3922A53E41A54832E90D9 /* PearlOverlay.m in Sources */ = {isa = PBXBuildFile; fileRef = 93D390FADEB325D8D54A957D /* PearlOverlay.m */; };
 		93D39262A8A97DB748213309 /* PearlEMail.m in Sources */ = {isa = PBXBuildFile; fileRef = 93D393BB973253D4BAAC84AA /* PearlEMail.m */; };
 		93D3928D629EA563F9EC4909 /* NSPersistentStore+PearlMigration.m in Sources */ = {isa = PBXBuildFile; fileRef = 93D399C2F3D48E57C4803BDC /* NSPersistentStore+PearlMigration.m */; };
+		93D392A33CCE85431E910C7B /* NSOrderedSetOrArray.m in Sources */ = {isa = PBXBuildFile; fileRef = 93D39789AAF49338F8AC8B02 /* NSOrderedSetOrArray.m */; };
 		93D392A8777DC30C11361647 /* UITextView+PearlAttributes.h in Headers */ = {isa = PBXBuildFile; fileRef = 93D39AA10CD00D05937671B1 /* UITextView+PearlAttributes.h */; };
 		93D392EC39DA43C46C692C12 /* NSDictionary+Indexing.h in Headers */ = {isa = PBXBuildFile; fileRef = 93D393B97158D7BE9332EA53 /* NSDictionary+Indexing.h */; };
 		93D392FD5E2052F7D7DB3774 /* NSString+MPMarkDown.m in Sources */ = {isa = PBXBuildFile; fileRef = 93D39C41A27AA42D044D68AE /* NSString+MPMarkDown.m */; };
@@ -41,6 +42,7 @@
 		93D399433EA75E50656040CB /* Twitter.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 93D394077F8FAB8167647187 /* Twitter.framework */; };
 		93D39943D01E70DAC3B0DF76 /* mpw-util.c in Sources */ = {isa = PBXBuildFile; fileRef = 93D396C311C3725870343EE0 /* mpw-util.c */; };
 		93D399D7E08A142776A74CB8 /* MPOverlayViewController.m in Sources */ = {isa = PBXBuildFile; fileRef = 93D395105935859D71679931 /* MPOverlayViewController.m */; };
+		93D399E4BC1E092A8C8B12AE /* NSOrderedSetOrArray.h in Headers */ = {isa = PBXBuildFile; fileRef = 93D39FBF8FCEB4C106272334 /* NSOrderedSetOrArray.h */; };
 		93D39A27F2506C6FEEF9C588 /* MPAlgorithmV2.m in Sources */ = {isa = PBXBuildFile; fileRef = 93D399A8E3181B442D347CD7 /* MPAlgorithmV2.m */; };
 		93D39A53D76CA70786423458 /* UICollectionView+PearlReloadFromArray.h in Headers */ = {isa = PBXBuildFile; fileRef = 93D39246FC21C6E63E35D615 /* UICollectionView+PearlReloadFromArray.h */; };
 		93D39A5FF670957C0AF8298D /* MPPasswordCell.m in Sources */ = {isa = PBXBuildFile; fileRef = 93D39DEA995041A13DC9CAF7 /* MPPasswordCell.m */; };
@@ -64,6 +66,7 @@
 		DA071BF3190187FE00179766 /* empty@2x.png in Resources */ = {isa = PBXBuildFile; fileRef = DA071BF1190187FE00179766 /* empty@2x.png */; };
 		DA071BF4190187FE00179766 /* empty.png in Resources */ = {isa = PBXBuildFile; fileRef = DA071BF2190187FE00179766 /* empty.png */; };
 		DA095E75172F4CD8001C948B /* MPLogsViewController.m in Sources */ = {isa = PBXBuildFile; fileRef = 93D3979190DACEBD1F6AE9F4 /* MPLogsViewController.m */; };
+		DA0979171E9A81EE00F0BFE8 /* libsodium.a in Frameworks */ = {isa = PBXBuildFile; fileRef = DA0979161E9A81EE00F0BFE8 /* libsodium.a */; };
 		DA24EBAE19DAD08900FF010B /* tip_basic_black_top.png in Resources */ = {isa = PBXBuildFile; fileRef = DABD38941711E29700CF925C /* tip_basic_black_top.png */; };
 		DA24EBAF19DAD08C00FF010B /* tip_basic_black_top@2x.png in Resources */ = {isa = PBXBuildFile; fileRef = DABD38951711E29700CF925C /* tip_basic_black_top@2x.png */; };
 		DA24EBE819DAD6DE00FF010B /* Icon-320.png in Resources */ = {isa = PBXBuildFile; fileRef = DA24EBE619DAD6DE00FF010B /* Icon-320.png */; };
@@ -71,8 +74,8 @@
 		DA24EBEA19DAD6EE00FF010B /* Icon-Small.png in Resources */ = {isa = PBXBuildFile; fileRef = DA24EBBA19DAD4D000FF010B /* Icon-Small.png */; };
 		DA24EBEB19DAD6EE00FF010B /* Icon-Small@2x.png in Resources */ = {isa = PBXBuildFile; fileRef = DA24EBBB19DAD4D000FF010B /* Icon-Small@2x.png */; };
 		DA24EBEC19DAD6EE00FF010B /* Icon-Small@3x.png in Resources */ = {isa = PBXBuildFile; fileRef = DA24EBBC19DAD4D000FF010B /* Icon-Small@3x.png */; };
-		DA250A17195665A100AC23F1 /* UITableView+PearlReloadFromArray.m in Sources */ = {isa = PBXBuildFile; fileRef = DA250A13195665A100AC23F1 /* UITableView+PearlReloadFromArray.m */; };
-		DA250A18195665A100AC23F1 /* UITableView+PearlReloadFromArray.h in Headers */ = {isa = PBXBuildFile; fileRef = DA250A14195665A100AC23F1 /* UITableView+PearlReloadFromArray.h */; };
+		DA250A17195665A100AC23F1 /* UITableView+PearlReloadItems.m in Sources */ = {isa = PBXBuildFile; fileRef = DA250A13195665A100AC23F1 /* UITableView+PearlReloadItems.m */; };
+		DA250A18195665A100AC23F1 /* UITableView+PearlReloadItems.h in Headers */ = {isa = PBXBuildFile; fileRef = DA250A14195665A100AC23F1 /* UITableView+PearlReloadItems.h */; };
 		DA250A19195665A100AC23F1 /* UICollectionReusableView+PearlDequeue.m in Sources */ = {isa = PBXBuildFile; fileRef = DA250A15195665A100AC23F1 /* UICollectionReusableView+PearlDequeue.m */; };
 		DA250A1A195665A100AC23F1 /* UICollectionReusableView+PearlDequeue.h in Headers */ = {isa = PBXBuildFile; fileRef = DA250A16195665A100AC23F1 /* UICollectionReusableView+PearlDequeue.h */; };
 		DA25C5F8197AFFB40046CDCF /* icon_tools.png in Resources */ = {isa = PBXBuildFile; fileRef = DABD384C1711E29700CF925C /* icon_tools.png */; };
@@ -86,7 +89,6 @@
 		DA25C600197DBF260046CDCF /* icon_trash.png in Resources */ = {isa = PBXBuildFile; fileRef = DABD38501711E29700CF925C /* icon_trash.png */; };
 		DA25C601197DBF260046CDCF /* icon_trash@2x.png in Resources */ = {isa = PBXBuildFile; fileRef = DABD38511711E29700CF925C /* icon_trash@2x.png */; };
 		DA25C6B41980D3C50046CDCF /* openssl in Headers */ = {isa = PBXBuildFile; fileRef = DA25C6B31980D3C10046CDCF /* openssl */; settings = {ATTRIBUTES = (Public, ); }; };
-		DA25C6B61980D3DF0046CDCF /* scrypt in Headers */ = {isa = PBXBuildFile; fileRef = DA25C6B51980D3DD0046CDCF /* scrypt */; settings = {ATTRIBUTES = (Public, ); }; };
 		DA29992F19C86F5700AF7DF1 /* thumb_generated_login@2x.png in Resources */ = {isa = PBXBuildFile; fileRef = DA29992D19C86F5700AF7DF1 /* thumb_generated_login@2x.png */; };
 		DA29993019C86F5700AF7DF1 /* thumb_generated_login.png in Resources */ = {isa = PBXBuildFile; fileRef = DA29992E19C86F5700AF7DF1 /* thumb_generated_login.png */; };
 		DA29993219C9132F00AF7DF1 /* thumb_generated_login@3x.png in Resources */ = {isa = PBXBuildFile; fileRef = DA29993119C9132F00AF7DF1 /* thumb_generated_login@3x.png */; };
@@ -391,8 +393,6 @@
 		DAFE4A3715039824003ABA7C /* PearlKeyChain.m in Sources */ = {isa = PBXBuildFile; fileRef = DAFE460115039823003ABA7C /* PearlKeyChain.m */; };
 		DAFE4A3815039824003ABA7C /* PearlRSAKey.h in Headers */ = {isa = PBXBuildFile; fileRef = DAFE460215039823003ABA7C /* PearlRSAKey.h */; };
 		DAFE4A3915039824003ABA7C /* PearlRSAKey.m in Sources */ = {isa = PBXBuildFile; fileRef = DAFE460315039823003ABA7C /* PearlRSAKey.m */; };
-		DAFE4A3A15039824003ABA7C /* PearlSCrypt.h in Headers */ = {isa = PBXBuildFile; fileRef = DAFE460415039823003ABA7C /* PearlSCrypt.h */; };
-		DAFE4A3B15039824003ABA7C /* PearlSCrypt.m in Sources */ = {isa = PBXBuildFile; fileRef = DAFE460515039823003ABA7C /* PearlSCrypt.m */; };
 		DAFE4A3C15039824003ABA7C /* Pearl-UIKit-Dependencies.h in Headers */ = {isa = PBXBuildFile; fileRef = DAFE460815039823003ABA7C /* Pearl-UIKit-Dependencies.h */; };
 		DAFE4A3D15039824003ABA7C /* Pearl-UIKit.h in Headers */ = {isa = PBXBuildFile; fileRef = DAFE460915039823003ABA7C /* Pearl-UIKit.h */; };
 		DAFE4A3E15039824003ABA7C /* PearlAlert.h in Headers */ = {isa = PBXBuildFile; fileRef = DAFE460A15039823003ABA7C /* PearlAlert.h */; };
@@ -495,6 +495,7 @@
 		93D3971FE104BB4052484151 /* MPUsersViewController.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = MPUsersViewController.h; sourceTree = "<group>"; };
 		93D39730673227EFF6DEFF19 /* MPSetupViewController.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = MPSetupViewController.h; sourceTree = "<group>"; };
 		93D3977321EB249981821AB0 /* UITextView+PearlAttributes.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = "UITextView+PearlAttributes.m"; sourceTree = "<group>"; };
+		93D39789AAF49338F8AC8B02 /* NSOrderedSetOrArray.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = NSOrderedSetOrArray.m; sourceTree = "<group>"; };
 		93D3979190DACEBD1F6AE9F4 /* MPLogsViewController.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = MPLogsViewController.m; sourceTree = "<group>"; };
 		93D397F4BAFFF7CF3F1B21A4 /* NSPersistentStore+PearlMigration.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "NSPersistentStore+PearlMigration.h"; sourceTree = "<group>"; };
 		93D398567FD02DB2647B8CF3 /* PearlNavigationController.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = PearlNavigationController.h; sourceTree = "<group>"; };
@@ -544,10 +545,70 @@
 		93D39F556F2F142740A65E59 /* MPWebViewController.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = MPWebViewController.h; sourceTree = "<group>"; };
 		93D39F7C9F47BF6387FBC5C3 /* PearlEMail.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = PearlEMail.h; sourceTree = "<group>"; };
 		93D39F9106F2CCFB94283188 /* NSError+PearlFullDescription.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = "NSError+PearlFullDescription.m"; sourceTree = "<group>"; };
+		93D39FBF8FCEB4C106272334 /* NSOrderedSetOrArray.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = NSOrderedSetOrArray.h; sourceTree = "<group>"; };
 		93D39FD9623E8D5571C0AEB3 /* MPAlgorithmV3.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = MPAlgorithmV3.m; sourceTree = "<group>"; };
 		DA04E33D14B1E70400ECA4F3 /* MobileCoreServices.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = MobileCoreServices.framework; path = System/Library/Frameworks/MobileCoreServices.framework; sourceTree = SDKROOT; };
 		DA071BF1190187FE00179766 /* empty@2x.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = "empty@2x.png"; sourceTree = "<group>"; };
 		DA071BF2190187FE00179766 /* empty.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = empty.png; sourceTree = "<group>"; };
+		DA0978DB1E9A81EE00F0BFE8 /* core.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = core.h; sourceTree = "<group>"; };
+		DA0978DC1E9A81EE00F0BFE8 /* crypto_aead_aes256gcm.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_aead_aes256gcm.h; sourceTree = "<group>"; };
+		DA0978DD1E9A81EE00F0BFE8 /* crypto_aead_chacha20poly1305.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_aead_chacha20poly1305.h; sourceTree = "<group>"; };
+		DA0978DE1E9A81EE00F0BFE8 /* crypto_aead_xchacha20poly1305.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_aead_xchacha20poly1305.h; sourceTree = "<group>"; };
+		DA0978DF1E9A81EE00F0BFE8 /* crypto_auth.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_auth.h; sourceTree = "<group>"; };
+		DA0978E01E9A81EE00F0BFE8 /* crypto_auth_hmacsha256.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_auth_hmacsha256.h; sourceTree = "<group>"; };
+		DA0978E11E9A81EE00F0BFE8 /* crypto_auth_hmacsha512.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_auth_hmacsha512.h; sourceTree = "<group>"; };
+		DA0978E21E9A81EE00F0BFE8 /* crypto_auth_hmacsha512256.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_auth_hmacsha512256.h; sourceTree = "<group>"; };
+		DA0978E31E9A81EE00F0BFE8 /* crypto_box.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_box.h; sourceTree = "<group>"; };
+		DA0978E41E9A81EE00F0BFE8 /* crypto_box_curve25519xchacha20poly1305.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_box_curve25519xchacha20poly1305.h; sourceTree = "<group>"; };
+		DA0978E51E9A81EE00F0BFE8 /* crypto_box_curve25519xsalsa20poly1305.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_box_curve25519xsalsa20poly1305.h; sourceTree = "<group>"; };
+		DA0978E61E9A81EE00F0BFE8 /* crypto_core_hchacha20.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_core_hchacha20.h; sourceTree = "<group>"; };
+		DA0978E71E9A81EE00F0BFE8 /* crypto_core_hsalsa20.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_core_hsalsa20.h; sourceTree = "<group>"; };
+		DA0978E81E9A81EE00F0BFE8 /* crypto_core_salsa20.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_core_salsa20.h; sourceTree = "<group>"; };
+		DA0978E91E9A81EE00F0BFE8 /* crypto_core_salsa2012.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_core_salsa2012.h; sourceTree = "<group>"; };
+		DA0978EA1E9A81EE00F0BFE8 /* crypto_core_salsa208.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_core_salsa208.h; sourceTree = "<group>"; };
+		DA0978EB1E9A81EE00F0BFE8 /* crypto_generichash.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_generichash.h; sourceTree = "<group>"; };
+		DA0978EC1E9A81EE00F0BFE8 /* crypto_generichash_blake2b.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_generichash_blake2b.h; sourceTree = "<group>"; };
+		DA0978ED1E9A81EE00F0BFE8 /* crypto_hash.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_hash.h; sourceTree = "<group>"; };
+		DA0978EE1E9A81EE00F0BFE8 /* crypto_hash_sha256.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_hash_sha256.h; sourceTree = "<group>"; };
+		DA0978EF1E9A81EE00F0BFE8 /* crypto_hash_sha512.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_hash_sha512.h; sourceTree = "<group>"; };
+		DA0978F01E9A81EE00F0BFE8 /* crypto_kdf.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_kdf.h; sourceTree = "<group>"; };
+		DA0978F11E9A81EE00F0BFE8 /* crypto_kdf_blake2b.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_kdf_blake2b.h; sourceTree = "<group>"; };
+		DA0978F21E9A81EE00F0BFE8 /* crypto_kx.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_kx.h; sourceTree = "<group>"; };
+		DA0978F31E9A81EE00F0BFE8 /* crypto_onetimeauth.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_onetimeauth.h; sourceTree = "<group>"; };
+		DA0978F41E9A81EE00F0BFE8 /* crypto_onetimeauth_poly1305.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_onetimeauth_poly1305.h; sourceTree = "<group>"; };
+		DA0978F51E9A81EE00F0BFE8 /* crypto_pwhash.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_pwhash.h; sourceTree = "<group>"; };
+		DA0978F61E9A81EE00F0BFE8 /* crypto_pwhash_argon2i.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_pwhash_argon2i.h; sourceTree = "<group>"; };
+		DA0978F71E9A81EE00F0BFE8 /* crypto_pwhash_scryptsalsa208sha256.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_pwhash_scryptsalsa208sha256.h; sourceTree = "<group>"; };
+		DA0978F81E9A81EE00F0BFE8 /* crypto_scalarmult.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_scalarmult.h; sourceTree = "<group>"; };
+		DA0978F91E9A81EE00F0BFE8 /* crypto_scalarmult_curve25519.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_scalarmult_curve25519.h; sourceTree = "<group>"; };
+		DA0978FA1E9A81EE00F0BFE8 /* crypto_secretbox.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_secretbox.h; sourceTree = "<group>"; };
+		DA0978FB1E9A81EE00F0BFE8 /* crypto_secretbox_xchacha20poly1305.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_secretbox_xchacha20poly1305.h; sourceTree = "<group>"; };
+		DA0978FC1E9A81EE00F0BFE8 /* crypto_secretbox_xsalsa20poly1305.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_secretbox_xsalsa20poly1305.h; sourceTree = "<group>"; };
+		DA0978FD1E9A81EE00F0BFE8 /* crypto_shorthash.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_shorthash.h; sourceTree = "<group>"; };
+		DA0978FE1E9A81EE00F0BFE8 /* crypto_shorthash_siphash24.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_shorthash_siphash24.h; sourceTree = "<group>"; };
+		DA0978FF1E9A81EE00F0BFE8 /* crypto_sign.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_sign.h; sourceTree = "<group>"; };
+		DA0979001E9A81EE00F0BFE8 /* crypto_sign_ed25519.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_sign_ed25519.h; sourceTree = "<group>"; };
+		DA0979011E9A81EE00F0BFE8 /* crypto_sign_edwards25519sha512batch.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_sign_edwards25519sha512batch.h; sourceTree = "<group>"; };
+		DA0979021E9A81EE00F0BFE8 /* crypto_stream.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_stream.h; sourceTree = "<group>"; };
+		DA0979031E9A81EE00F0BFE8 /* crypto_stream_aes128ctr.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_stream_aes128ctr.h; sourceTree = "<group>"; };
+		DA0979041E9A81EE00F0BFE8 /* crypto_stream_chacha20.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_stream_chacha20.h; sourceTree = "<group>"; };
+		DA0979051E9A81EE00F0BFE8 /* crypto_stream_salsa20.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_stream_salsa20.h; sourceTree = "<group>"; };
+		DA0979061E9A81EE00F0BFE8 /* crypto_stream_salsa2012.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_stream_salsa2012.h; sourceTree = "<group>"; };
+		DA0979071E9A81EE00F0BFE8 /* crypto_stream_salsa208.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_stream_salsa208.h; sourceTree = "<group>"; };
+		DA0979081E9A81EE00F0BFE8 /* crypto_stream_xchacha20.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_stream_xchacha20.h; sourceTree = "<group>"; };
+		DA0979091E9A81EE00F0BFE8 /* crypto_stream_xsalsa20.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_stream_xsalsa20.h; sourceTree = "<group>"; };
+		DA09790A1E9A81EE00F0BFE8 /* crypto_verify_16.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_verify_16.h; sourceTree = "<group>"; };
+		DA09790B1E9A81EE00F0BFE8 /* crypto_verify_32.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_verify_32.h; sourceTree = "<group>"; };
+		DA09790C1E9A81EE00F0BFE8 /* crypto_verify_64.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_verify_64.h; sourceTree = "<group>"; };
+		DA09790D1E9A81EE00F0BFE8 /* export.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = export.h; sourceTree = "<group>"; };
+		DA09790E1E9A81EE00F0BFE8 /* randombytes.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = randombytes.h; sourceTree = "<group>"; };
+		DA09790F1E9A81EE00F0BFE8 /* randombytes_salsa20_random.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = randombytes_salsa20_random.h; sourceTree = "<group>"; };
+		DA0979101E9A81EE00F0BFE8 /* randombytes_sysrandom.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = randombytes_sysrandom.h; sourceTree = "<group>"; };
+		DA0979111E9A81EE00F0BFE8 /* runtime.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = runtime.h; sourceTree = "<group>"; };
+		DA0979121E9A81EE00F0BFE8 /* utils.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = utils.h; sourceTree = "<group>"; };
+		DA0979131E9A81EE00F0BFE8 /* version.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = version.h; sourceTree = "<group>"; };
+		DA0979141E9A81EE00F0BFE8 /* sodium.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = sodium.h; sourceTree = "<group>"; };
+		DA0979161E9A81EE00F0BFE8 /* libsodium.a */ = {isa = PBXFileReference; lastKnownFileType = archive.ar; path = libsodium.a; sourceTree = "<group>"; };
 		DA24EBB219DAD4D000FF010B /* Icon-60.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = "Icon-60.png"; sourceTree = "<group>"; };
 		DA24EBB319DAD4D000FF010B /* Icon-60@2x.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = "Icon-60@2x.png"; sourceTree = "<group>"; };
 		DA24EBB419DAD4D000FF010B /* Icon-60@3x.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = "Icon-60@3x.png"; sourceTree = "<group>"; };
@@ -574,12 +635,11 @@
 		DA24EBCA19DAD4D000FF010B /* launch.sketch */ = {isa = PBXFileReference; lastKnownFileType = wrapper; path = launch.sketch; sourceTree = "<group>"; };
 		DA24EBE619DAD6DE00FF010B /* Icon-320.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = "Icon-320.png"; sourceTree = "<group>"; };
 		DA24EBE719DAD6DE00FF010B /* Icon-64.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = "Icon-64.png"; sourceTree = "<group>"; };
-		DA250A13195665A100AC23F1 /* UITableView+PearlReloadFromArray.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = "UITableView+PearlReloadFromArray.m"; sourceTree = "<group>"; };
-		DA250A14195665A100AC23F1 /* UITableView+PearlReloadFromArray.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "UITableView+PearlReloadFromArray.h"; sourceTree = "<group>"; };
+		DA250A13195665A100AC23F1 /* UITableView+PearlReloadItems.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = "UITableView+PearlReloadItems.m"; sourceTree = "<group>"; };
+		DA250A14195665A100AC23F1 /* UITableView+PearlReloadItems.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "UITableView+PearlReloadItems.h"; sourceTree = "<group>"; };
 		DA250A15195665A100AC23F1 /* UICollectionReusableView+PearlDequeue.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = "UICollectionReusableView+PearlDequeue.m"; sourceTree = "<group>"; };
 		DA250A16195665A100AC23F1 /* UICollectionReusableView+PearlDequeue.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "UICollectionReusableView+PearlDequeue.h"; sourceTree = "<group>"; };
 		DA25C6B31980D3C10046CDCF /* openssl */ = {isa = PBXFileReference; lastKnownFileType = folder; path = openssl; sourceTree = "<group>"; };
-		DA25C6B51980D3DD0046CDCF /* scrypt */ = {isa = PBXFileReference; lastKnownFileType = folder; path = scrypt; sourceTree = "<group>"; };
 		DA29992D19C86F5700AF7DF1 /* thumb_generated_login@2x.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = "thumb_generated_login@2x.png"; sourceTree = "<group>"; };
 		DA29992E19C86F5700AF7DF1 /* thumb_generated_login.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = thumb_generated_login.png; sourceTree = "<group>"; };
 		DA29993119C9132F00AF7DF1 /* thumb_generated_login@3x.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = "thumb_generated_login@3x.png"; sourceTree = "<group>"; };
@@ -649,7 +709,6 @@
 		DA70EC7F1811B13C00F65DB2 /* StoreKit.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = StoreKit.framework; path = System/Library/Frameworks/StoreKit.framework; sourceTree = SDKROOT; };
 		DA771FE41E6E1595004D7EDE /* MasterPassword-Prefix.pch */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "MasterPassword-Prefix.pch"; sourceTree = "<group>"; };
 		DA7F2C5E1C48B70D00404A26 /* libopensslcrypto-ios-sim.a */ = {isa = PBXFileReference; lastKnownFileType = archive.ar; path = "libopensslcrypto-ios-sim.a"; sourceTree = "<group>"; };
-		DA7F2C5F1C48B70D00404A26 /* libscryptenc-ios-sim.a */ = {isa = PBXFileReference; lastKnownFileType = archive.ar; path = "libscryptenc-ios-sim.a"; sourceTree = "<group>"; };
 		DA854C8118D4CFBF00106317 /* avatar-add@2x.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = "avatar-add@2x.png"; sourceTree = "<group>"; };
 		DA854C8218D4CFBF00106317 /* avatar-add.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = "avatar-add.png"; sourceTree = "<group>"; };
 		DA92614C1BE1A57500369DE5 /* MPAppDelegate_InApp.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = MPAppDelegate_InApp.h; sourceTree = "<group>"; };
@@ -1475,8 +1534,6 @@
 		DAFE460115039823003ABA7C /* PearlKeyChain.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = PearlKeyChain.m; sourceTree = "<group>"; };
 		DAFE460215039823003ABA7C /* PearlRSAKey.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = PearlRSAKey.h; sourceTree = "<group>"; };
 		DAFE460315039823003ABA7C /* PearlRSAKey.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = PearlRSAKey.m; sourceTree = "<group>"; };
-		DAFE460415039823003ABA7C /* PearlSCrypt.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = PearlSCrypt.h; sourceTree = "<group>"; };
-		DAFE460515039823003ABA7C /* PearlSCrypt.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = PearlSCrypt.m; sourceTree = "<group>"; };
 		DAFE460615039823003ABA7C /* README */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = README; sourceTree = "<group>"; };
 		DAFE460815039823003ABA7C /* Pearl-UIKit-Dependencies.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "Pearl-UIKit-Dependencies.h"; sourceTree = "<group>"; };
 		DAFE460915039823003ABA7C /* Pearl-UIKit.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "Pearl-UIKit.h"; sourceTree = "<group>"; };
@@ -1519,7 +1576,6 @@
 		DAFE4A63150399FF003ABA8F /* UIScrollView+PearlFlashingIndicators.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "UIScrollView+PearlFlashingIndicators.h"; sourceTree = "<group>"; };
 		DAFE4A63150399FF003ABA91 /* NSDateFormatter+RFC3339.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = "NSDateFormatter+RFC3339.m"; sourceTree = "<group>"; };
 		DAFE4A63150399FF003ABA93 /* NSDateFormatter+RFC3339.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "NSDateFormatter+RFC3339.h"; sourceTree = "<group>"; };
-		DAFFC63E17EDDA7C007BB020 /* libscryptenc-ios.a */ = {isa = PBXFileReference; lastKnownFileType = archive.ar; path = "libscryptenc-ios.a"; sourceTree = "<group>"; };
 /* End PBXFileReference section */

 /* Begin PBXFrameworksBuildPhase section */
@@ -1552,6 +1608,7 @@
 				DA48856019A5A82E000C2D79 /* Crashlytics.framework in Frameworks */,
 				DAC632891486D9690075AEA5 /* Security.framework in Frameworks */,
 				DA5BFA49147E415C00F98B1E /* UIKit.framework in Frameworks */,
+				DA0979171E9A81EE00F0BFE8 /* libsodium.a in Frameworks */,
 				DA5BFA4B147E415C00F98B1E /* Foundation.framework in Frameworks */,
 				DA5BFA4D147E415C00F98B1E /* CoreGraphics.framework in Frameworks */,
 				DA5BFA4F147E415C00F98B1E /* CoreData.framework in Frameworks */,
@@ -1622,6 +1679,97 @@
 			path = ../core/c;
 			sourceTree = "<group>";
 		};
+		DA0978D81E9A81EE00F0BFE8 /* libsodium-ios */ = {
+			isa = PBXGroup;
+			children = (
+				DA0978D91E9A81EE00F0BFE8 /* include */,
+				DA0979151E9A81EE00F0BFE8 /* lib */,
+			);
+			name = "libsodium-ios";
+			path = "libsodium/libsodium-ios";
+			sourceTree = "<group>";
+		};
+		DA0978D91E9A81EE00F0BFE8 /* include */ = {
+			isa = PBXGroup;
+			children = (
+				DA0978DA1E9A81EE00F0BFE8 /* sodium */,
+				DA0979141E9A81EE00F0BFE8 /* sodium.h */,
+			);
+			path = include;
+			sourceTree = "<group>";
+		};
+		DA0978DA1E9A81EE00F0BFE8 /* sodium */ = {
+			isa = PBXGroup;
+			children = (
+				DA0978DB1E9A81EE00F0BFE8 /* core.h */,
+				DA0978DC1E9A81EE00F0BFE8 /* crypto_aead_aes256gcm.h */,
+				DA0978DD1E9A81EE00F0BFE8 /* crypto_aead_chacha20poly1305.h */,
+				DA0978DE1E9A81EE00F0BFE8 /* crypto_aead_xchacha20poly1305.h */,
+				DA0978DF1E9A81EE00F0BFE8 /* crypto_auth.h */,
+				DA0978E01E9A81EE00F0BFE8 /* crypto_auth_hmacsha256.h */,
+				DA0978E11E9A81EE00F0BFE8 /* crypto_auth_hmacsha512.h */,
+				DA0978E21E9A81EE00F0BFE8 /* crypto_auth_hmacsha512256.h */,
+				DA0978E31E9A81EE00F0BFE8 /* crypto_box.h */,
+				DA0978E41E9A81EE00F0BFE8 /* crypto_box_curve25519xchacha20poly1305.h */,
+				DA0978E51E9A81EE00F0BFE8 /* crypto_box_curve25519xsalsa20poly1305.h */,
+				DA0978E61E9A81EE00F0BFE8 /* crypto_core_hchacha20.h */,
+				DA0978E71E9A81EE00F0BFE8 /* crypto_core_hsalsa20.h */,
+				DA0978E81E9A81EE00F0BFE8 /* crypto_core_salsa20.h */,
+				DA0978E91E9A81EE00F0BFE8 /* crypto_core_salsa2012.h */,
+				DA0978EA1E9A81EE00F0BFE8 /* crypto_core_salsa208.h */,
+				DA0978EB1E9A81EE00F0BFE8 /* crypto_generichash.h */,
+				DA0978EC1E9A81EE00F0BFE8 /* crypto_generichash_blake2b.h */,
+				DA0978ED1E9A81EE00F0BFE8 /* crypto_hash.h */,
+				DA0978EE1E9A81EE00F0BFE8 /* crypto_hash_sha256.h */,
+				DA0978EF1E9A81EE00F0BFE8 /* crypto_hash_sha512.h */,
+				DA0978F01E9A81EE00F0BFE8 /* crypto_kdf.h */,
+				DA0978F11E9A81EE00F0BFE8 /* crypto_kdf_blake2b.h */,
+				DA0978F21E9A81EE00F0BFE8 /* crypto_kx.h */,
+				DA0978F31E9A81EE00F0BFE8 /* crypto_onetimeauth.h */,
+				DA0978F41E9A81EE00F0BFE8 /* crypto_onetimeauth_poly1305.h */,
+				DA0978F51E9A81EE00F0BFE8 /* crypto_pwhash.h */,
+				DA0978F61E9A81EE00F0BFE8 /* crypto_pwhash_argon2i.h */,
+				DA0978F71E9A81EE00F0BFE8 /* crypto_pwhash_scryptsalsa208sha256.h */,
+				DA0978F81E9A81EE00F0BFE8 /* crypto_scalarmult.h */,
+				DA0978F91E9A81EE00F0BFE8 /* crypto_scalarmult_curve25519.h */,
+				DA0978FA1E9A81EE00F0BFE8 /* crypto_secretbox.h */,
+				DA0978FB1E9A81EE00F0BFE8 /* crypto_secretbox_xchacha20poly1305.h */,
+				DA0978FC1E9A81EE00F0BFE8 /* crypto_secretbox_xsalsa20poly1305.h */,
+				DA0978FD1E9A81EE00F0BFE8 /* crypto_shorthash.h */,
+				DA0978FE1E9A81EE00F0BFE8 /* crypto_shorthash_siphash24.h */,
+				DA0978FF1E9A81EE00F0BFE8 /* crypto_sign.h */,
+				DA0979001E9A81EE00F0BFE8 /* crypto_sign_ed25519.h */,
+				DA0979011E9A81EE00F0BFE8 /* crypto_sign_edwards25519sha512batch.h */,
+				DA0979021E9A81EE00F0BFE8 /* crypto_stream.h */,
+				DA0979031E9A81EE00F0BFE8 /* crypto_stream_aes128ctr.h */,
+				DA0979041E9A81EE00F0BFE8 /* crypto_stream_chacha20.h */,
+				DA0979051E9A81EE00F0BFE8 /* crypto_stream_salsa20.h */,
+				DA0979061E9A81EE00F0BFE8 /* crypto_stream_salsa2012.h */,
+				DA0979071E9A81EE00F0BFE8 /* crypto_stream_salsa208.h */,
+				DA0979081E9A81EE00F0BFE8 /* crypto_stream_xchacha20.h */,
+				DA0979091E9A81EE00F0BFE8 /* crypto_stream_xsalsa20.h */,
+				DA09790A1E9A81EE00F0BFE8 /* crypto_verify_16.h */,
+				DA09790B1E9A81EE00F0BFE8 /* crypto_verify_32.h */,
+				DA09790C1E9A81EE00F0BFE8 /* crypto_verify_64.h */,
+				DA09790D1E9A81EE00F0BFE8 /* export.h */,
+				DA09790E1E9A81EE00F0BFE8 /* randombytes.h */,
+				DA09790F1E9A81EE00F0BFE8 /* randombytes_salsa20_random.h */,
+				DA0979101E9A81EE00F0BFE8 /* randombytes_sysrandom.h */,
+				DA0979111E9A81EE00F0BFE8 /* runtime.h */,
+				DA0979121E9A81EE00F0BFE8 /* utils.h */,
+				DA0979131E9A81EE00F0BFE8 /* version.h */,
+			);
+			path = sodium;
+			sourceTree = "<group>";
+		};
+		DA0979151E9A81EE00F0BFE8 /* lib */ = {
+			isa = PBXGroup;
+			children = (
+				DA0979161E9A81EE00F0BFE8 /* libsodium.a */,
+			);
+			path = lib;
+			sourceTree = "<group>";
+		};
 		DA24EBB019DAD4D000FF010B /* ios */ = {
 			isa = PBXGroup;
 			children = (
@@ -1768,8 +1916,6 @@
 				DA5E5C6417248959003798D8 /* include */,
 				DA7F2C5E1C48B70D00404A26 /* libopensslcrypto-ios-sim.a */,
 				DAE8E65119867AB500416A0F /* libopensslcrypto-ios.a */,
-				DA7F2C5F1C48B70D00404A26 /* libscryptenc-ios-sim.a */,
-				DAFFC63E17EDDA7C007BB020 /* libscryptenc-ios.a */,
 			);
 			path = lib;
 			sourceTree = "<group>";
@@ -1778,7 +1924,6 @@
 			isa = PBXGroup;
 			children = (
 				DA25C6B31980D3C10046CDCF /* openssl */,
-				DA25C6B51980D3DD0046CDCF /* scrypt */,
 			);
 			path = include;
 			sourceTree = "<group>";
@@ -2657,6 +2802,7 @@
 		DACA22121705DDC5002C6C22 /* External */ = {
 			isa = PBXGroup;
 			children = (
+				DA0978D81E9A81EE00F0BFE8 /* libsodium-ios */,
 				DAA1759319D86C610044227B /* AttributedMarkdown */,
 				DAFC5662172C57EC00CB5CC5 /* InAppSettingsKit */,
 				DAA141181922FED80032B392 /* iOS */,
@@ -2841,6 +2987,8 @@
 				DAA1411C1922FF020032B392 /* PearlTween.m */,
 				DAFE45F815039823003ABA7C /* README */,
 				DAFE45F915039823003ABA7C /* Resources */,
+				93D39FBF8FCEB4C106272334 /* NSOrderedSetOrArray.h */,
+				93D39789AAF49338F8AC8B02 /* NSOrderedSetOrArray.m */,
 			);
 			path = Pearl;
 			sourceTree = "<group>";
@@ -2865,8 +3013,6 @@
 				DAFE460115039823003ABA7C /* PearlKeyChain.m */,
 				DAFE460215039823003ABA7C /* PearlRSAKey.h */,
 				DAFE460315039823003ABA7C /* PearlRSAKey.m */,
-				DAFE460415039823003ABA7C /* PearlSCrypt.h */,
-				DAFE460515039823003ABA7C /* PearlSCrypt.m */,
 				DAFE460615039823003ABA7C /* README */,
 			);
 			path = "Pearl-Crypto";
@@ -2940,8 +3086,8 @@
 				93D390FB3110DCCE68E600DC /* UIScrollView+PearlAdjustInsets.m */,
 				DAFE4A63150399FF003ABA8F /* UIScrollView+PearlFlashingIndicators.h */,
 				DAFE4A63150399FF003ABA8D /* UIScrollView+PearlFlashingIndicators.m */,
-				DA250A14195665A100AC23F1 /* UITableView+PearlReloadFromArray.h */,
-				DA250A13195665A100AC23F1 /* UITableView+PearlReloadFromArray.m */,
+				DA250A14195665A100AC23F1 /* UITableView+PearlReloadItems.h */,
+				DA250A13195665A100AC23F1 /* UITableView+PearlReloadItems.m */,
 				DAE2726219CE9CB3007C5262 /* UITableViewCell+PearlDeque.h */,
 				DAE2726119CE9CB3007C5262 /* UITableViewCell+PearlDeque.m */,
 				93D39AA10CD00D05937671B1 /* UITextView+PearlAttributes.h */,
@@ -2987,7 +3133,6 @@
 			isa = PBXHeadersBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
-				DA25C6B61980D3DF0046CDCF /* scrypt in Headers */,
 				DA25C6B41980D3C50046CDCF /* openssl in Headers */,
 				DAFE4A1315039824003ABA7C /* NSObject+PearlExport.h in Headers */,
 				DAFE4A1515039824003ABA7C /* NSString+PearlNSArrayFormat.h in Headers */,
@@ -3004,7 +3149,7 @@
 				DAFE4A2615039824003ABA7C /* PearlLogger.h in Headers */,
 				DAFE4A2815039824003ABA7C /* PearlMathUtils.h in Headers */,
 				DAFE4A2A15039824003ABA7C /* PearlObjectUtils.h in Headers */,
-				DA250A18195665A100AC23F1 /* UITableView+PearlReloadFromArray.h in Headers */,
+				DA250A18195665A100AC23F1 /* UITableView+PearlReloadItems.h in Headers */,
 				DAFE4A2C15039824003ABA7C /* PearlResettable.h in Headers */,
 				DAFE4A2D15039824003ABA7C /* PearlStrings.h in Headers */,
 				DAFE4A2F15039824003ABA7C /* PearlStringUtils.h in Headers */,
@@ -3014,7 +3159,6 @@
 				DAFE4A3615039824003ABA7C /* PearlKeyChain.h in Headers */,
 				DAFE4A3815039824003ABA7C /* PearlRSAKey.h in Headers */,
 				DAE2726419CE9CB3007C5262 /* UITableViewCell+PearlDeque.h in Headers */,
-				DAFE4A3A15039824003ABA7C /* PearlSCrypt.h in Headers */,
 				DACE2F6E19BA6A2A0010F92E /* UIView+FontScale.h in Headers */,
 				DA32D01B19D046E1004F3F0E /* PearlFixedTableView.h in Headers */,
 				DAFE4A3C15039824003ABA7C /* Pearl-UIKit-Dependencies.h in Headers */,
@@ -3061,6 +3205,7 @@
 				93D392A8777DC30C11361647 /* UITextView+PearlAttributes.h in Headers */,
 				93D39A53D76CA70786423458 /* UICollectionView+PearlReloadFromArray.h in Headers */,
 				93D39AA4A0BE66A872CCC02E /* NSPersistentStore+PearlMigration.h in Headers */,
+				93D399E4BC1E092A8C8B12AE /* NSOrderedSetOrArray.h in Headers */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
@@ -3089,6 +3234,7 @@
 			buildConfigurationList = DA5BFA6D147E415C00F98B1E /* Build configuration list for PBXNativeTarget "MasterPassword" */;
 			buildPhases = (
 				DA8D88E019DA412A00B189D0 /* Run Script: genassets */,
+				DA0E86A81E9BED2C00F4D60E /* Run Script: libsodium/dist-build/ios.sh */,
 				DA5BFA40147E415C00F98B1E /* Sources */,
 				DA5BFA41147E415C00F98B1E /* Frameworks */,
 				DA5BFA42147E415C00F98B1E /* Resources */,
@@ -3537,6 +3683,21 @@
 /* End PBXResourcesBuildPhase section */

 /* Begin PBXShellScriptBuildPhase section */
+		DA0E86A81E9BED2C00F4D60E /* Run Script: libsodium/dist-build/ios.sh */ = {
+			isa = PBXShellScriptBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+			);
+			inputPaths = (
+			);
+			name = "Run Script: libsodium/dist-build/ios.sh";
+			outputPaths = (
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+			shellPath = "/bin/sh -e";
+			shellScript = "cd External/libsodium\n[[ -d libsodium-ios ]] && exit\n\n# Xcode misinterpretes autogen.sh's stderr output as errors so we try to silence it.\n[[ -e configure ]] || { err=$(./autogen.sh 2>&1 >&3); } 3>&1 || { x=$?; echo >&2 \"$err\"; exit $x; }\n./dist-build/ios.sh";
+			showEnvVarsInLog = 0;
+		};
 		DA6556E314D55F3000841C99 /* Run Script: GIT version -> Info.plist */ = {
 			isa = PBXShellScriptBuildPhase;
 			buildActionMask = 2147483647;
@@ -3699,9 +3860,8 @@
 				DAFE4A3515039824003ABA7C /* PearlCryptUtils.m in Sources */,
 				DAFE4A3715039824003ABA7C /* PearlKeyChain.m in Sources */,
 				DA72BD7B19C1510C00E6ACFE /* UIView+FontScale.m in Sources */,
-				DA250A17195665A100AC23F1 /* UITableView+PearlReloadFromArray.m in Sources */,
+				DA250A17195665A100AC23F1 /* UITableView+PearlReloadItems.m in Sources */,
 				DAFE4A3915039824003ABA7C /* PearlRSAKey.m in Sources */,
-				DAFE4A3B15039824003ABA7C /* PearlSCrypt.m in Sources */,
 				DAFE4A3F15039824003ABA7C /* PearlAlert.m in Sources */,
 				DAFE4A4115039824003ABA7C /* PearlArrayTVC.m in Sources */,
 				DAFE4A4315039824003ABA7C /* PearlBoxView.m in Sources */,
@@ -3751,6 +3911,7 @@
 				93D39E34FD28D24FE3442C48 /* UITextView+PearlAttributes.m in Sources */,
 				93D39D47FC623E91FC39D20C /* UICollectionView+PearlReloadFromArray.m in Sources */,
 				93D3928D629EA563F9EC4909 /* NSPersistentStore+PearlMigration.m in Sources */,
+				93D392A33CCE85431E910C7B /* NSOrderedSetOrArray.m in Sources */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
@@ -3913,20 +4074,10 @@
 				INFOPLIST_FILE = "Source/iOS/MasterPassword-Info.plist";
 				IPHONEOS_DEPLOYMENT_TARGET = 8.0;
 				LIBRARY_SEARCH_PATHS = (
-					"\"$(SRCROOT)/External/Pearl/Pearl-Crypto/lib\"",
 					"$(inherited)",
+					"$(PROJECT_DIR)/External/libsodium/libsodium-ios/lib",
 				);
-				OTHER_LDFLAGS = "$(inherited)";
-				"OTHER_LDFLAGS[sdk=iphoneos*]" = (
-					"$(inherited)",
-					"-lscryptenc-ios",
-					"-lopensslcrypto-ios",
-				);
-				"OTHER_LDFLAGS[sdk=iphonesimulator*]" = (
-					"$(inherited)",
-					"-lscryptenc-ios-sim",
-					"-lopensslcrypto-ios-sim",
-				);
+				OTHER_CFLAGS = "-DHAS_SODIUM=1";
 				PRODUCT_BUNDLE_IDENTIFIER = com.lyndir.lhunath.MasterPassword;
 				SKIP_INSTALL = NO;
 				STRIP_INSTALLED_PRODUCT = YES;
@@ -4189,20 +4340,10 @@
 				INFOPLIST_FILE = "Source/iOS/MasterPassword-Info.plist";
 				IPHONEOS_DEPLOYMENT_TARGET = 8.0;
 				LIBRARY_SEARCH_PATHS = (
-					"\"$(SRCROOT)/External/Pearl/Pearl-Crypto/lib\"",
 					"$(inherited)",
+					"$(PROJECT_DIR)/External/libsodium/libsodium-ios/lib",
 				);
-				OTHER_LDFLAGS = "$(inherited)";
-				"OTHER_LDFLAGS[sdk=iphoneos*]" = (
-					"$(inherited)",
-					"-lscryptenc-ios",
-					"-lopensslcrypto-ios",
-				);
-				"OTHER_LDFLAGS[sdk=iphonesimulator*]" = (
-					"$(inherited)",
-					"-lscryptenc-ios-sim",
-					"-lopensslcrypto-ios-sim",
-				);
+				OTHER_CFLAGS = "-DHAS_SODIUM=1";
 				PRODUCT_BUNDLE_IDENTIFIER = com.lyndir.lhunath.MasterPassword;
 				SKIP_INSTALL = NO;
 				TARGETED_DEVICE_FAMILY = 1;
@@ -4227,20 +4368,10 @@
 				INFOPLIST_FILE = "Source/iOS/MasterPassword-Info.plist";
 				IPHONEOS_DEPLOYMENT_TARGET = 8.0;
 				LIBRARY_SEARCH_PATHS = (
-					"\"$(SRCROOT)/External/Pearl/Pearl-Crypto/lib\"",
 					"$(inherited)",
+					"$(PROJECT_DIR)/External/libsodium/libsodium-ios/lib",
 				);
-				OTHER_LDFLAGS = "$(inherited)";
-				"OTHER_LDFLAGS[sdk=iphoneos*]" = (
-					"$(inherited)",
-					"-lscryptenc-ios",
-					"-lopensslcrypto-ios",
-				);
-				"OTHER_LDFLAGS[sdk=iphonesimulator*]" = (
-					"$(inherited)",
-					"-lscryptenc-ios-sim",
-					"-lopensslcrypto-ios-sim",
-				);
+				OTHER_CFLAGS = "-DHAS_SODIUM=1";
 				PRODUCT_BUNDLE_IDENTIFIER = com.lyndir.lhunath.MasterPassword;
 				SKIP_INSTALL = NO;
 				STRIP_INSTALLED_PRODUCT = YES;
--- a/platform-darwin/MasterPassword-macOS.xcodeproj/project.pbxproj
+++ b/platform-darwin/MasterPassword-macOS.xcodeproj/project.pbxproj
@@ -23,7 +23,10 @@
 		93D39F833DEC1C89B2F795AC /* MPPasswordWindowController.m in Sources */ = {isa = PBXBuildFile; fileRef = 93D39A57A7823DE98A0FF83C /* MPPasswordWindowController.m */; };
 		DA0933CC1747AD2D00DE1CEF /* shot-laptop-leaning-iphone.png in Resources */ = {isa = PBXBuildFile; fileRef = DA0933CB1747AD2D00DE1CEF /* shot-laptop-leaning-iphone.png */; };
 		DA0933D01747B91B00DE1CEF /* appstore.png in Resources */ = {isa = PBXBuildFile; fileRef = DA0933CF1747B91B00DE1CEF /* appstore.png */; };
-		DA10007F1998A4C6002B873F /* scrypt in Headers */ = {isa = PBXBuildFile; fileRef = DAE8E65619867AF500416A0F /* scrypt */; settings = {ATTRIBUTES = (Public, ); }; };
+		DA09745A1E99582900F0BFE8 /* mpw-tests-util.c in Sources */ = {isa = PBXBuildFile; fileRef = DA0974561E99582200F0BFE8 /* mpw-tests-util.c */; };
+		DA09745B1E99582900F0BFE8 /* mpw-tests.c in Sources */ = {isa = PBXBuildFile; fileRef = DA0974571E99582200F0BFE8 /* mpw-tests.c */; };
+		DA09745E1E99586600F0BFE8 /* libxml2.tbd in Frameworks */ = {isa = PBXBuildFile; fileRef = DA09745D1E99586600F0BFE8 /* libxml2.tbd */; };
+		DA0979681E9A834C00F0BFE8 /* libsodium.a in Frameworks */ = {isa = PBXBuildFile; fileRef = DA0979571E9A824700F0BFE8 /* libsodium.a */; };
 		DA1000801998A4C6002B873F /* openssl in Headers */ = {isa = PBXBuildFile; fileRef = DAE8E65719867AF500416A0F /* openssl */; settings = {ATTRIBUTES = (Public, ); }; };
 		DA16B341170661DB000A0EAB /* Carbon.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = DA16B340170661DB000A0EAB /* Carbon.framework */; };
 		DA16B342170661E0000A0EAB /* Security.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = DAC632871486D95D0075AEA5 /* Security.framework */; };
@@ -60,7 +63,6 @@
 		DA4DAE951A7D8117003E5423 /* MPTypes.m in Sources */ = {isa = PBXBuildFile; fileRef = DA4DAE931A7D8117003E5423 /* MPTypes.m */; };
 		DA5180CA19FF2F9200A587E9 /* MPAlgorithmV2.m in Sources */ = {isa = PBXBuildFile; fileRef = DA5180C719FF2F9200A587E9 /* MPAlgorithmV2.m */; };
 		DA5180CE19FF307E00A587E9 /* MPAppDelegate_Store.m in Sources */ = {isa = PBXBuildFile; fileRef = DA5180CD19FF307E00A587E9 /* MPAppDelegate_Store.m */; };
-		DA5E5C9417248AA1003798D8 /* libscryptenc-osx.a in Frameworks */ = {isa = PBXBuildFile; fileRef = DA5E5C8717248AA1003798D8 /* libscryptenc-osx.a */; };
 		DA5E5CF61724A667003798D8 /* MPAlgorithm.m in Sources */ = {isa = PBXBuildFile; fileRef = DA5E5C981724A667003798D8 /* MPAlgorithm.m */; };
 		DA5E5CF71724A667003798D8 /* MPAlgorithmV0.m in Sources */ = {isa = PBXBuildFile; fileRef = DA5E5C9A1724A667003798D8 /* MPAlgorithmV0.m */; };
 		DA5E5CF81724A667003798D8 /* MPAlgorithmV1.m in Sources */ = {isa = PBXBuildFile; fileRef = DA5E5C9C1724A667003798D8 /* MPAlgorithmV1.m */; };
@@ -154,6 +156,7 @@
 		DACBFCDF1C59B22E007EF90F /* NSMutableSet+Pearl.m in Sources */ = {isa = PBXBuildFile; fileRef = DACBFCDC1C59B22E007EF90F /* NSMutableSet+Pearl.m */; };
 		DAD9B5F01762CAA4001835F9 /* ServiceManagement.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = DAD9B5EF1762CAA4001835F9 /* ServiceManagement.framework */; };
 		DAD9B5F11762CAB9001835F9 /* MasterPassword-Mac-LoginHelper.app in Copy LoginHelper */ = {isa = PBXBuildFile; fileRef = DAD9B5E6176299BA001835F9 /* MasterPassword-Mac-LoginHelper.app */; };
+		DADD5DFA1EA173B0005E7D96 /* libsodium.a in Frameworks */ = {isa = PBXBuildFile; fileRef = DA0979571E9A824700F0BFE8 /* libsodium.a */; };
 		DAEB942E18B47FB3000490CC /* MPInitialWindow.xib in Resources */ = {isa = PBXBuildFile; fileRef = DA0933C91747A56A00DE1CEF /* MPInitialWindow.xib */; };
 		DAF4EF56190A828100023C90 /* Exo2.0-Thin.otf in Resources */ = {isa = PBXBuildFile; fileRef = DAF4EF52190A828100023C90 /* Exo2.0-Thin.otf */; };
 		DAF4EF57190A828100023C90 /* Exo2.0-Regular.otf in Resources */ = {isa = PBXBuildFile; fileRef = DAF4EF53190A828100023C90 /* Exo2.0-Regular.otf */; };
@@ -194,8 +197,6 @@
 		DAFE4A3715039824003ABA7C /* PearlKeyChain.m in Sources */ = {isa = PBXBuildFile; fileRef = DAFE460115039823003ABA7C /* PearlKeyChain.m */; };
 		DAFE4A3815039824003ABA7C /* PearlRSAKey.h in Headers */ = {isa = PBXBuildFile; fileRef = DAFE460215039823003ABA7C /* PearlRSAKey.h */; };
 		DAFE4A3915039824003ABA7C /* PearlRSAKey.m in Sources */ = {isa = PBXBuildFile; fileRef = DAFE460315039823003ABA7C /* PearlRSAKey.m */; };
-		DAFE4A3A15039824003ABA7C /* PearlSCrypt.h in Headers */ = {isa = PBXBuildFile; fileRef = DAFE460415039823003ABA7C /* PearlSCrypt.h */; };
-		DAFE4A3B15039824003ABA7C /* PearlSCrypt.m in Sources */ = {isa = PBXBuildFile; fileRef = DAFE460515039823003ABA7C /* PearlSCrypt.m */; };
 		DAFE4A5A1503982E003ABA7C /* Pearl.strings in Resources */ = {isa = PBXBuildFile; fileRef = DAFE45FA15039823003ABA7C /* Pearl.strings */; };
 		DAFE4A63150399FF003ABA86 /* NSObject+PearlKVO.m in Sources */ = {isa = PBXBuildFile; fileRef = DAFE4A63150399FF003ABA85 /* NSObject+PearlKVO.m */; };
 		DAFE4A63150399FF003ABA88 /* NSObject+PearlKVO.h in Headers */ = {isa = PBXBuildFile; fileRef = DAFE4A63150399FF003ABA87 /* NSObject+PearlKVO.h */; };
@@ -285,6 +286,70 @@
 		DA0933C91747A56A00DE1CEF /* MPInitialWindow.xib */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = file.xib; path = MPInitialWindow.xib; sourceTree = "<group>"; };
 		DA0933CB1747AD2D00DE1CEF /* shot-laptop-leaning-iphone.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = "shot-laptop-leaning-iphone.png"; sourceTree = "<group>"; };
 		DA0933CF1747B91B00DE1CEF /* appstore.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = appstore.png; sourceTree = "<group>"; };
+		DA0974561E99582200F0BFE8 /* mpw-tests-util.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = "mpw-tests-util.c"; path = "../../platform-independent/cli-c/cli/mpw-tests-util.c"; sourceTree = "<group>"; };
+		DA0974571E99582200F0BFE8 /* mpw-tests.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = "mpw-tests.c"; path = "../../platform-independent/cli-c/cli/mpw-tests.c"; sourceTree = "<group>"; };
+		DA09745C1E99583B00F0BFE8 /* mpw-tests-util.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "mpw-tests-util.h"; path = "../../platform-independent/cli-c/cli/mpw-tests-util.h"; sourceTree = "<group>"; };
+		DA09745D1E99586600F0BFE8 /* libxml2.tbd */ = {isa = PBXFileReference; lastKnownFileType = "sourcecode.text-based-dylib-definition"; name = libxml2.tbd; path = usr/lib/libxml2.tbd; sourceTree = SDKROOT; };
+		DA09745F1E995EB500F0BFE8 /* mpw_tests.xml */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.xml; name = mpw_tests.xml; path = ../../core/java/tests/src/main/resources/mpw_tests.xml; sourceTree = "<group>"; };
+		DA09791B1E9A824700F0BFE8 /* core.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = core.h; sourceTree = "<group>"; };
+		DA09791C1E9A824700F0BFE8 /* crypto_aead_aes256gcm.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_aead_aes256gcm.h; sourceTree = "<group>"; };
+		DA09791D1E9A824700F0BFE8 /* crypto_aead_chacha20poly1305.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_aead_chacha20poly1305.h; sourceTree = "<group>"; };
+		DA09791E1E9A824700F0BFE8 /* crypto_aead_xchacha20poly1305.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_aead_xchacha20poly1305.h; sourceTree = "<group>"; };
+		DA09791F1E9A824700F0BFE8 /* crypto_auth.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_auth.h; sourceTree = "<group>"; };
+		DA0979201E9A824700F0BFE8 /* crypto_auth_hmacsha256.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_auth_hmacsha256.h; sourceTree = "<group>"; };
+		DA0979211E9A824700F0BFE8 /* crypto_auth_hmacsha512.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_auth_hmacsha512.h; sourceTree = "<group>"; };
+		DA0979221E9A824700F0BFE8 /* crypto_auth_hmacsha512256.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_auth_hmacsha512256.h; sourceTree = "<group>"; };
+		DA0979231E9A824700F0BFE8 /* crypto_box.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_box.h; sourceTree = "<group>"; };
+		DA0979241E9A824700F0BFE8 /* crypto_box_curve25519xchacha20poly1305.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_box_curve25519xchacha20poly1305.h; sourceTree = "<group>"; };
+		DA0979251E9A824700F0BFE8 /* crypto_box_curve25519xsalsa20poly1305.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_box_curve25519xsalsa20poly1305.h; sourceTree = "<group>"; };
+		DA0979261E9A824700F0BFE8 /* crypto_core_hchacha20.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_core_hchacha20.h; sourceTree = "<group>"; };
+		DA0979271E9A824700F0BFE8 /* crypto_core_hsalsa20.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_core_hsalsa20.h; sourceTree = "<group>"; };
+		DA0979281E9A824700F0BFE8 /* crypto_core_salsa20.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_core_salsa20.h; sourceTree = "<group>"; };
+		DA0979291E9A824700F0BFE8 /* crypto_core_salsa2012.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_core_salsa2012.h; sourceTree = "<group>"; };
+		DA09792A1E9A824700F0BFE8 /* crypto_core_salsa208.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_core_salsa208.h; sourceTree = "<group>"; };
+		DA09792B1E9A824700F0BFE8 /* crypto_generichash.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_generichash.h; sourceTree = "<group>"; };
+		DA09792C1E9A824700F0BFE8 /* crypto_generichash_blake2b.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_generichash_blake2b.h; sourceTree = "<group>"; };
+		DA09792D1E9A824700F0BFE8 /* crypto_hash.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_hash.h; sourceTree = "<group>"; };
+		DA09792E1E9A824700F0BFE8 /* crypto_hash_sha256.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_hash_sha256.h; sourceTree = "<group>"; };
+		DA09792F1E9A824700F0BFE8 /* crypto_hash_sha512.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_hash_sha512.h; sourceTree = "<group>"; };
+		DA0979301E9A824700F0BFE8 /* crypto_kdf.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_kdf.h; sourceTree = "<group>"; };
+		DA0979311E9A824700F0BFE8 /* crypto_kdf_blake2b.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_kdf_blake2b.h; sourceTree = "<group>"; };
+		DA0979321E9A824700F0BFE8 /* crypto_kx.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_kx.h; sourceTree = "<group>"; };
+		DA0979331E9A824700F0BFE8 /* crypto_onetimeauth.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_onetimeauth.h; sourceTree = "<group>"; };
+		DA0979341E9A824700F0BFE8 /* crypto_onetimeauth_poly1305.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_onetimeauth_poly1305.h; sourceTree = "<group>"; };
+		DA0979351E9A824700F0BFE8 /* crypto_pwhash.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_pwhash.h; sourceTree = "<group>"; };
+		DA0979361E9A824700F0BFE8 /* crypto_pwhash_argon2i.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_pwhash_argon2i.h; sourceTree = "<group>"; };
+		DA0979371E9A824700F0BFE8 /* crypto_pwhash_scryptsalsa208sha256.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_pwhash_scryptsalsa208sha256.h; sourceTree = "<group>"; };
+		DA0979381E9A824700F0BFE8 /* crypto_scalarmult.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_scalarmult.h; sourceTree = "<group>"; };
+		DA0979391E9A824700F0BFE8 /* crypto_scalarmult_curve25519.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_scalarmult_curve25519.h; sourceTree = "<group>"; };
+		DA09793A1E9A824700F0BFE8 /* crypto_secretbox.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_secretbox.h; sourceTree = "<group>"; };
+		DA09793B1E9A824700F0BFE8 /* crypto_secretbox_xchacha20poly1305.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_secretbox_xchacha20poly1305.h; sourceTree = "<group>"; };
+		DA09793C1E9A824700F0BFE8 /* crypto_secretbox_xsalsa20poly1305.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_secretbox_xsalsa20poly1305.h; sourceTree = "<group>"; };
+		DA09793D1E9A824700F0BFE8 /* crypto_shorthash.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_shorthash.h; sourceTree = "<group>"; };
+		DA09793E1E9A824700F0BFE8 /* crypto_shorthash_siphash24.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_shorthash_siphash24.h; sourceTree = "<group>"; };
+		DA09793F1E9A824700F0BFE8 /* crypto_sign.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_sign.h; sourceTree = "<group>"; };
+		DA0979401E9A824700F0BFE8 /* crypto_sign_ed25519.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_sign_ed25519.h; sourceTree = "<group>"; };
+		DA0979411E9A824700F0BFE8 /* crypto_sign_edwards25519sha512batch.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_sign_edwards25519sha512batch.h; sourceTree = "<group>"; };
+		DA0979421E9A824700F0BFE8 /* crypto_stream.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_stream.h; sourceTree = "<group>"; };
+		DA0979431E9A824700F0BFE8 /* crypto_stream_aes128ctr.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_stream_aes128ctr.h; sourceTree = "<group>"; };
+		DA0979441E9A824700F0BFE8 /* crypto_stream_chacha20.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_stream_chacha20.h; sourceTree = "<group>"; };
+		DA0979451E9A824700F0BFE8 /* crypto_stream_salsa20.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_stream_salsa20.h; sourceTree = "<group>"; };
+		DA0979461E9A824700F0BFE8 /* crypto_stream_salsa2012.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_stream_salsa2012.h; sourceTree = "<group>"; };
+		DA0979471E9A824700F0BFE8 /* crypto_stream_salsa208.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_stream_salsa208.h; sourceTree = "<group>"; };
+		DA0979481E9A824700F0BFE8 /* crypto_stream_xchacha20.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_stream_xchacha20.h; sourceTree = "<group>"; };
+		DA0979491E9A824700F0BFE8 /* crypto_stream_xsalsa20.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_stream_xsalsa20.h; sourceTree = "<group>"; };
+		DA09794A1E9A824700F0BFE8 /* crypto_verify_16.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_verify_16.h; sourceTree = "<group>"; };
+		DA09794B1E9A824700F0BFE8 /* crypto_verify_32.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_verify_32.h; sourceTree = "<group>"; };
+		DA09794C1E9A824700F0BFE8 /* crypto_verify_64.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_verify_64.h; sourceTree = "<group>"; };
+		DA09794D1E9A824700F0BFE8 /* export.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = export.h; sourceTree = "<group>"; };
+		DA09794E1E9A824700F0BFE8 /* randombytes.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = randombytes.h; sourceTree = "<group>"; };
+		DA09794F1E9A824700F0BFE8 /* randombytes_salsa20_random.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = randombytes_salsa20_random.h; sourceTree = "<group>"; };
+		DA0979501E9A824700F0BFE8 /* randombytes_sysrandom.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = randombytes_sysrandom.h; sourceTree = "<group>"; };
+		DA0979511E9A824700F0BFE8 /* runtime.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = runtime.h; sourceTree = "<group>"; };
+		DA0979521E9A824700F0BFE8 /* utils.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = utils.h; sourceTree = "<group>"; };
+		DA0979531E9A824700F0BFE8 /* version.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = version.h; sourceTree = "<group>"; };
+		DA0979541E9A824700F0BFE8 /* sodium.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = sodium.h; sourceTree = "<group>"; };
+		DA0979571E9A824700F0BFE8 /* libsodium.a */ = {isa = PBXFileReference; lastKnownFileType = archive.ar; path = libsodium.a; sourceTree = "<group>"; };
 		DA16B340170661DB000A0EAB /* Carbon.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Carbon.framework; path = System/Library/Frameworks/Carbon.framework; sourceTree = SDKROOT; };
 		DA16B343170661EE000A0EAB /* Cocoa.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Cocoa.framework; path = System/Library/Frameworks/Cocoa.framework; sourceTree = SDKROOT; };
 		DA2508F019511D3600AC23F1 /* MPPasswordWindowController.xib */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = file.xib; path = MPPasswordWindowController.xib; sourceTree = "<group>"; };
@@ -332,7 +397,6 @@
 		DA5BFA4A147E415C00F98B1E /* Foundation.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Foundation.framework; path = System/Library/Frameworks/Foundation.framework; sourceTree = SDKROOT; };
 		DA5BFA4C147E415C00F98B1E /* CoreGraphics.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = CoreGraphics.framework; path = System/Library/Frameworks/CoreGraphics.framework; sourceTree = SDKROOT; };
 		DA5BFA4E147E415C00F98B1E /* CoreData.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = CoreData.framework; path = System/Library/Frameworks/CoreData.framework; sourceTree = SDKROOT; };
-		DA5E5C8717248AA1003798D8 /* libscryptenc-osx.a */ = {isa = PBXFileReference; lastKnownFileType = archive.ar; path = "libscryptenc-osx.a"; sourceTree = "<group>"; };
 		DA5E5C971724A667003798D8 /* MPAlgorithm.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = MPAlgorithm.h; sourceTree = "<group>"; };
 		DA5E5C981724A667003798D8 /* MPAlgorithm.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = MPAlgorithm.m; sourceTree = "<group>"; };
 		DA5E5C991724A667003798D8 /* MPAlgorithmV0.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = MPAlgorithmV0.h; sourceTree = "<group>"; };
@@ -868,7 +932,6 @@
 		DAD9B5E1176299B9001835F9 /* MasterPassword-Mac-LoginHelper.xcodeproj */ = {isa = PBXFileReference; lastKnownFileType = "wrapper.pb-project"; name = "MasterPassword-Mac-LoginHelper.xcodeproj"; path = "MasterPassword-Mac-LoginHelper/MasterPassword-Mac-LoginHelper.xcodeproj"; sourceTree = "<group>"; };
 		DAD9B5EF1762CAA4001835F9 /* ServiceManagement.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = ServiceManagement.framework; path = System/Library/Frameworks/ServiceManagement.framework; sourceTree = SDKROOT; };
 		DAE8E65319867ADA00416A0F /* libopensslcrypto-osx.a */ = {isa = PBXFileReference; lastKnownFileType = archive.ar; path = "libopensslcrypto-osx.a"; sourceTree = "<group>"; };
-		DAE8E65619867AF500416A0F /* scrypt */ = {isa = PBXFileReference; lastKnownFileType = folder; path = scrypt; sourceTree = "<group>"; };
 		DAE8E65719867AF500416A0F /* openssl */ = {isa = PBXFileReference; lastKnownFileType = folder; path = openssl; sourceTree = "<group>"; };
 		DAEBC45214F6364500987BF6 /* QuartzCore.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = QuartzCore.framework; path = System/Library/Frameworks/QuartzCore.framework; sourceTree = SDKROOT; };
 		DAF4EF52190A828100023C90 /* Exo2.0-Thin.otf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "Exo2.0-Thin.otf"; sourceTree = "<group>"; };
@@ -912,8 +975,6 @@
 		DAFE460115039823003ABA7C /* PearlKeyChain.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = PearlKeyChain.m; sourceTree = "<group>"; };
 		DAFE460215039823003ABA7C /* PearlRSAKey.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = PearlRSAKey.h; sourceTree = "<group>"; };
 		DAFE460315039823003ABA7C /* PearlRSAKey.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = PearlRSAKey.m; sourceTree = "<group>"; };
-		DAFE460415039823003ABA7C /* PearlSCrypt.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = PearlSCrypt.h; sourceTree = "<group>"; };
-		DAFE460515039823003ABA7C /* PearlSCrypt.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = PearlSCrypt.m; sourceTree = "<group>"; };
 		DAFE460615039823003ABA7C /* README */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = README; sourceTree = "<group>"; };
 		DAFE4A63150399FF003ABA85 /* NSObject+PearlKVO.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = "NSObject+PearlKVO.m"; sourceTree = "<group>"; };
 		DAFE4A63150399FF003ABA87 /* NSObject+PearlKVO.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "NSObject+PearlKVO.h"; sourceTree = "<group>"; };
@@ -929,6 +990,7 @@
 				DA9261561BE1A89600369DE5 /* libz.tbd in Frameworks */,
 				DA9261541BE1A88900369DE5 /* libc++.tbd in Frameworks */,
 				DAADCC6A19FB00B500987B1D /* libKCOrderedAccessorFix.a in Frameworks */,
+				DADD5DFA1EA173B0005E7D96 /* libsodium.a in Frameworks */,
 				DA9261521BE1A86700369DE5 /* Fabric.framework in Frameworks */,
 				DA9261511BE1A86700369DE5 /* SystemConfiguration.framework in Frameworks */,
 				DA250925195148E200AC23F1 /* QuartzCore.framework in Frameworks */,
@@ -945,6 +1007,8 @@
 			isa = PBXFrameworksBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
+				DA0979681E9A834C00F0BFE8 /* libsodium.a in Frameworks */,
+				DA09745E1E99586600F0BFE8 /* libxml2.tbd in Frameworks */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
@@ -970,7 +1034,6 @@
 				DAADCC4B19FB000C00987B1D /* QuartzCore.framework in Frameworks */,
 				DA4DA1D91564471A00F6F596 /* libjrswizzle.a in Frameworks */,
 				DAC77CAE148291A600BCF976 /* Foundation.framework in Frameworks */,
-				DA5E5C9417248AA1003798D8 /* libscryptenc-osx.a in Frameworks */,
 				DA92614B1BE1A4EA00369DE5 /* libopensslcrypto-osx.a in Frameworks */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
@@ -978,6 +1041,97 @@
 /* End PBXFrameworksBuildPhase section */

 /* Begin PBXGroup section */
+		DA0979181E9A824700F0BFE8 /* libsodium-osx */ = {
+			isa = PBXGroup;
+			children = (
+				DA0979191E9A824700F0BFE8 /* include */,
+				DA0979551E9A824700F0BFE8 /* lib */,
+			);
+			name = "libsodium-osx";
+			path = "libsodium/libsodium-osx";
+			sourceTree = "<group>";
+		};
+		DA0979191E9A824700F0BFE8 /* include */ = {
+			isa = PBXGroup;
+			children = (
+				DA09791A1E9A824700F0BFE8 /* sodium */,
+				DA0979541E9A824700F0BFE8 /* sodium.h */,
+			);
+			path = include;
+			sourceTree = "<group>";
+		};
+		DA09791A1E9A824700F0BFE8 /* sodium */ = {
+			isa = PBXGroup;
+			children = (
+				DA09791B1E9A824700F0BFE8 /* core.h */,
+				DA09791C1E9A824700F0BFE8 /* crypto_aead_aes256gcm.h */,
+				DA09791D1E9A824700F0BFE8 /* crypto_aead_chacha20poly1305.h */,
+				DA09791E1E9A824700F0BFE8 /* crypto_aead_xchacha20poly1305.h */,
+				DA09791F1E9A824700F0BFE8 /* crypto_auth.h */,
+				DA0979201E9A824700F0BFE8 /* crypto_auth_hmacsha256.h */,
+				DA0979211E9A824700F0BFE8 /* crypto_auth_hmacsha512.h */,
+				DA0979221E9A824700F0BFE8 /* crypto_auth_hmacsha512256.h */,
+				DA0979231E9A824700F0BFE8 /* crypto_box.h */,
+				DA0979241E9A824700F0BFE8 /* crypto_box_curve25519xchacha20poly1305.h */,
+				DA0979251E9A824700F0BFE8 /* crypto_box_curve25519xsalsa20poly1305.h */,
+				DA0979261E9A824700F0BFE8 /* crypto_core_hchacha20.h */,
+				DA0979271E9A824700F0BFE8 /* crypto_core_hsalsa20.h */,
+				DA0979281E9A824700F0BFE8 /* crypto_core_salsa20.h */,
+				DA0979291E9A824700F0BFE8 /* crypto_core_salsa2012.h */,
+				DA09792A1E9A824700F0BFE8 /* crypto_core_salsa208.h */,
+				DA09792B1E9A824700F0BFE8 /* crypto_generichash.h */,
+				DA09792C1E9A824700F0BFE8 /* crypto_generichash_blake2b.h */,
+				DA09792D1E9A824700F0BFE8 /* crypto_hash.h */,
+				DA09792E1E9A824700F0BFE8 /* crypto_hash_sha256.h */,
+				DA09792F1E9A824700F0BFE8 /* crypto_hash_sha512.h */,
+				DA0979301E9A824700F0BFE8 /* crypto_kdf.h */,
+				DA0979311E9A824700F0BFE8 /* crypto_kdf_blake2b.h */,
+				DA0979321E9A824700F0BFE8 /* crypto_kx.h */,
+				DA0979331E9A824700F0BFE8 /* crypto_onetimeauth.h */,
+				DA0979341E9A824700F0BFE8 /* crypto_onetimeauth_poly1305.h */,
+				DA0979351E9A824700F0BFE8 /* crypto_pwhash.h */,
+				DA0979361E9A824700F0BFE8 /* crypto_pwhash_argon2i.h */,
+				DA0979371E9A824700F0BFE8 /* crypto_pwhash_scryptsalsa208sha256.h */,
+				DA0979381E9A824700F0BFE8 /* crypto_scalarmult.h */,
+				DA0979391E9A824700F0BFE8 /* crypto_scalarmult_curve25519.h */,
+				DA09793A1E9A824700F0BFE8 /* crypto_secretbox.h */,
+				DA09793B1E9A824700F0BFE8 /* crypto_secretbox_xchacha20poly1305.h */,
+				DA09793C1E9A824700F0BFE8 /* crypto_secretbox_xsalsa20poly1305.h */,
+				DA09793D1E9A824700F0BFE8 /* crypto_shorthash.h */,
+				DA09793E1E9A824700F0BFE8 /* crypto_shorthash_siphash24.h */,
+				DA09793F1E9A824700F0BFE8 /* crypto_sign.h */,
+				DA0979401E9A824700F0BFE8 /* crypto_sign_ed25519.h */,
+				DA0979411E9A824700F0BFE8 /* crypto_sign_edwards25519sha512batch.h */,
+				DA0979421E9A824700F0BFE8 /* crypto_stream.h */,
+				DA0979431E9A824700F0BFE8 /* crypto_stream_aes128ctr.h */,
+				DA0979441E9A824700F0BFE8 /* crypto_stream_chacha20.h */,
+				DA0979451E9A824700F0BFE8 /* crypto_stream_salsa20.h */,
+				DA0979461E9A824700F0BFE8 /* crypto_stream_salsa2012.h */,
+				DA0979471E9A824700F0BFE8 /* crypto_stream_salsa208.h */,
+				DA0979481E9A824700F0BFE8 /* crypto_stream_xchacha20.h */,
+				DA0979491E9A824700F0BFE8 /* crypto_stream_xsalsa20.h */,
+				DA09794A1E9A824700F0BFE8 /* crypto_verify_16.h */,
+				DA09794B1E9A824700F0BFE8 /* crypto_verify_32.h */,
+				DA09794C1E9A824700F0BFE8 /* crypto_verify_64.h */,
+				DA09794D1E9A824700F0BFE8 /* export.h */,
+				DA09794E1E9A824700F0BFE8 /* randombytes.h */,
+				DA09794F1E9A824700F0BFE8 /* randombytes_salsa20_random.h */,
+				DA0979501E9A824700F0BFE8 /* randombytes_sysrandom.h */,
+				DA0979511E9A824700F0BFE8 /* runtime.h */,
+				DA0979521E9A824700F0BFE8 /* utils.h */,
+				DA0979531E9A824700F0BFE8 /* version.h */,
+			);
+			path = sodium;
+			sourceTree = "<group>";
+		};
+		DA0979551E9A824700F0BFE8 /* lib */ = {
+			isa = PBXGroup;
+			children = (
+				DA0979571E9A824700F0BFE8 /* libsodium.a */,
+			);
+			path = lib;
+			sourceTree = "<group>";
+		};
 		DA2508F819513C1400AC23F1 /* Other Frameworks */ = {
 			isa = PBXGroup;
 			children = (
@@ -1025,6 +1179,7 @@
 		DA5BFA47147E415C00F98B1E /* Frameworks */ = {
 			isa = PBXGroup;
 			children = (
+				DA09745D1E99586600F0BFE8 /* libxml2.tbd */,
 				DA6701B716406A4100B61001 /* Accounts.framework */,
 				DA16B340170661DB000A0EAB /* Carbon.framework */,
 				DA16B343170661EE000A0EAB /* Cocoa.framework */,
@@ -1048,7 +1203,6 @@
 			children = (
 				DAEB938518AB0FFD000490CC /* include */,
 				DAE8E65319867ADA00416A0F /* libopensslcrypto-osx.a */,
-				DA5E5C8717248AA1003798D8 /* libscryptenc-osx.a */,
 			);
 			path = lib;
 			sourceTree = "<group>";
@@ -1552,6 +1706,9 @@
 				DA831A2A1A6E1146000AC234 /* mpw-algorithm_v3.c */,
 				DA6773BB1A4746AF004F356A /* mpw-algorithm.c */,
 				DA6773BC1A4746AF004F356A /* mpw-algorithm.h */,
+				DA0974561E99582200F0BFE8 /* mpw-tests-util.c */,
+				DA09745C1E99583B00F0BFE8 /* mpw-tests-util.h */,
+				DA0974571E99582200F0BFE8 /* mpw-tests.c */,
 				DA6773C21A4746AF004F356A /* mpw-types.c */,
 				DA6773C31A4746AF004F356A /* mpw-types.h */,
 				DA6773C51A4746AF004F356A /* mpw-util.c */,
@@ -1603,6 +1760,7 @@
 		DACA22121705DDC5002C6C22 /* External */ = {
 			isa = PBXGroup;
 			children = (
+				DA0979181E9A824700F0BFE8 /* libsodium-osx */,
 				DACA29751705E2BD002C6C22 /* jrswizzle */,
 				DAADCC6819FB007F00987B1D /* KCOrderedAccessorFix */,
 				DA3B8449190FC5A900246EEA /* Mac */,
@@ -1614,6 +1772,7 @@
 		DACA23B41705DF7D002C6C22 /* Resources */ = {
 			isa = PBXGroup;
 			children = (
+				DA09745F1E995EB500F0BFE8 /* mpw_tests.xml */,
 				DACA26991705DF81002C6C22 /* Crashlytics */,
 				DACA29701705E1A8002C6C22 /* Data */,
 				DACA23B51705DF7D002C6C22 /* Media */,
@@ -1761,7 +1920,6 @@
 			isa = PBXGroup;
 			children = (
 				DAE8E65719867AF500416A0F /* openssl */,
-				DAE8E65619867AF500416A0F /* scrypt */,
 			);
 			path = include;
 			sourceTree = "<group>";
@@ -1854,8 +2012,6 @@
 				DAFE460115039823003ABA7C /* PearlKeyChain.m */,
 				DAFE460215039823003ABA7C /* PearlRSAKey.h */,
 				DAFE460315039823003ABA7C /* PearlRSAKey.m */,
-				DAFE460415039823003ABA7C /* PearlSCrypt.h */,
-				DAFE460515039823003ABA7C /* PearlSCrypt.m */,
 				DAFE460615039823003ABA7C /* README */,
 			);
 			path = "Pearl-Crypto";
@@ -1876,7 +2032,6 @@
 			isa = PBXHeadersBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
-				DA10007F1998A4C6002B873F /* scrypt in Headers */,
 				DA89D4EC1A51EABD00AC64D7 /* Pearl-Cocoa.h in Headers */,
 				DA1000801998A4C6002B873F /* openssl in Headers */,
 				DA2CA4F218D323D3007798F8 /* NSTimer+PearlBlock.h in Headers */,
@@ -1903,7 +2058,6 @@
 				DAFE4A3415039824003ABA7C /* PearlCryptUtils.h in Headers */,
 				DAFE4A3615039824003ABA7C /* PearlKeyChain.h in Headers */,
 				DAFE4A3815039824003ABA7C /* PearlRSAKey.h in Headers */,
-				DAFE4A3A15039824003ABA7C /* PearlSCrypt.h in Headers */,
 				DA30E9D715723E6900A68B4C /* PearlLazy.h in Headers */,
 				DAADCC4719FAFFAD00987B1D /* NSNotificationCenter+PearlEasyCleanup.h in Headers */,
 				DAFE4A63150399FF003ABA88 /* NSObject+PearlKVO.h in Headers */,
@@ -1926,6 +2080,7 @@
 			buildConfigurationList = DA5BFA6D147E415C00F98B1E /* Build configuration list for PBXNativeTarget "MasterPassword" */;
 			buildPhases = (
 				DA4EF9CB19FD4B600032ECB5 /* Run Script: genassets */,
+				DA0E86A91E9BED9300F4D60E /* Run Script: libsodium/dist-build/osx.sh */,
 				DA5BFA40147E415C00F98B1E /* Sources */,
 				DA5BFA41147E415C00F98B1E /* Frameworks */,
 				DA5BFA42147E415C00F98B1E /* Resources */,
@@ -2160,6 +2315,21 @@
 /* End PBXResourcesBuildPhase section */

 /* Begin PBXShellScriptBuildPhase section */
+		DA0E86A91E9BED9300F4D60E /* Run Script: libsodium/dist-build/osx.sh */ = {
+			isa = PBXShellScriptBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+			);
+			inputPaths = (
+			);
+			name = "Run Script: libsodium/dist-build/osx.sh";
+			outputPaths = (
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+			shellPath = "/bin/sh -e";
+			shellScript = "cd External/libsodium\nif ! [[ -d libsodium-osx ]]; then\n    # Xcode misinterpretes autogen.sh's stderr output as errors so we try to silence it.\n    [[ -e configure ]] || { err=$(./autogen.sh 2>&1 >&3); } 3>&1 || { x=$?; echo >&2 \"$err\"; exit $x; }\n./dist-build/osx.sh\nfi\n\n# Xcode incorrectly links the dynamic libraries if they're present instead of linking the .a.\nrm -f libsodium-osx/lib/*.dylib";
+			showEnvVarsInLog = 0;
+		};
 		DA4EF9CB19FD4B600032ECB5 /* Run Script: genassets */ = {
 			isa = PBXShellScriptBuildPhase;
 			buildActionMask = 2147483647;
@@ -2252,6 +2422,8 @@
 			isa = PBXSourcesBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
+				DA09745B1E99582900F0BFE8 /* mpw-tests.c in Sources */,
+				DA09745A1E99582900F0BFE8 /* mpw-tests-util.c in Sources */,
 				DA6774451A474A3B004F356A /* mpw-types.c in Sources */,
 				DA6774461A474A3B004F356A /* mpw-util.c in Sources */,
 				DA6774431A474A3B004F356A /* mpw-algorithm.c in Sources */,
@@ -2298,7 +2470,6 @@
 				DA89D4ED1A51EABD00AC64D7 /* Pearl-Cocoa.m in Sources */,
 				DAFE4A3715039824003ABA7C /* PearlKeyChain.m in Sources */,
 				DAFE4A3915039824003ABA7C /* PearlRSAKey.m in Sources */,
-				DAFE4A3B15039824003ABA7C /* PearlSCrypt.m in Sources */,
 				DA8ED895192906920099B726 /* PearlTween.m in Sources */,
 				DA2CA4F118D323D3007798F8 /* NSTimer+PearlBlock.m in Sources */,
 				DA3B8452190FC86F00246EEA /* NSManagedObject+Pearl.m in Sources */,
@@ -2468,9 +2639,10 @@
 				INFOPLIST_FILE = "Source/Mac/MasterPassword-Info.plist";
 				LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/../Frameworks";
 				LIBRARY_SEARCH_PATHS = (
-					"\"$(SRCROOT)/External/Pearl/Pearl-Crypto/lib\"",
 					"$(inherited)",
+					"$(PROJECT_DIR)/External/libsodium/libsodium-osx/lib",
 				);
+				OTHER_CFLAGS = "-DHAS_SODIUM=1";
 				PRODUCT_BUNDLE_IDENTIFIER = com.lyndir.lhunath.MasterPassword.Mac;
 				SKIP_INSTALL = NO;
 				WRAPPER_NAME = "Master Password.${WRAPPER_EXTENSION}";
@@ -2517,8 +2689,21 @@
 				CLANG_WARN_DOCUMENTATION_COMMENTS = NO;
 				HEADER_SEARCH_PATHS = (
 					"$(inherited)",
-					/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/include,
 					/usr/include/libxml2,
+					/usr/local/include,
+				);
+				LIBRARY_SEARCH_PATHS = (
+					"$(SRCROOT)/External/Pearl/Pearl-Crypto/lib",
+					"$(inherited)",
+					"$(PROJECT_DIR)/External/Pearl/Pearl-Crypto/lib",
+					/usr/local/Cellar/libsodium/1.0.12/lib,
+					/usr/local/Cellar/libscrypt/1.21/lib,
+					"$(PROJECT_DIR)/External/libsodium/libsodium-ios/lib",
+					"$(PROJECT_DIR)/External/libsodium/libsodium-osx/lib",
+				);
+				OTHER_CFLAGS = (
+					"-DHAS_CPERCIVA=0",
+					"-DHAS_SODIUM=1",
 				);
 			};
 			name = Test;
@@ -2724,9 +2909,10 @@
 				INFOPLIST_FILE = "Source/Mac/MasterPassword-Info.plist";
 				LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/../Frameworks";
 				LIBRARY_SEARCH_PATHS = (
-					"\"$(SRCROOT)/External/Pearl/Pearl-Crypto/lib\"",
 					"$(inherited)",
+					"$(PROJECT_DIR)/External/libsodium/libsodium-osx/lib",
 				);
+				OTHER_CFLAGS = "-DHAS_SODIUM=1";
 				PRODUCT_BUNDLE_IDENTIFIER = com.lyndir.lhunath.MasterPassword.Mac;
 				SKIP_INSTALL = NO;
 				WRAPPER_NAME = "Master Password.${WRAPPER_EXTENSION}";
@@ -2751,9 +2937,10 @@
 				INFOPLIST_FILE = "Source/Mac/MasterPassword-Info.plist";
 				LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/../Frameworks";
 				LIBRARY_SEARCH_PATHS = (
-					"\"$(SRCROOT)/External/Pearl/Pearl-Crypto/lib\"",
 					"$(inherited)",
+					"$(PROJECT_DIR)/External/libsodium/libsodium-osx/lib",
 				);
+				OTHER_CFLAGS = "-DHAS_SODIUM=1";
 				PRODUCT_BUNDLE_IDENTIFIER = com.lyndir.lhunath.MasterPassword.Mac;
 				SKIP_INSTALL = NO;
 				WRAPPER_NAME = "Master Password.${WRAPPER_EXTENSION}";
@@ -2766,8 +2953,21 @@
 				CLANG_WARN_DOCUMENTATION_COMMENTS = NO;
 				HEADER_SEARCH_PATHS = (
 					"$(inherited)",
-					/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/include,
 					/usr/include/libxml2,
+					/usr/local/include,
+				);
+				LIBRARY_SEARCH_PATHS = (
+					"$(SRCROOT)/External/Pearl/Pearl-Crypto/lib",
+					"$(inherited)",
+					"$(PROJECT_DIR)/External/Pearl/Pearl-Crypto/lib",
+					/usr/local/Cellar/libsodium/1.0.12/lib,
+					/usr/local/Cellar/libscrypt/1.21/lib,
+					"$(PROJECT_DIR)/External/libsodium/libsodium-ios/lib",
+					"$(PROJECT_DIR)/External/libsodium/libsodium-osx/lib",
+				);
+				OTHER_CFLAGS = (
+					"-DHAS_CPERCIVA=0",
+					"-DHAS_SODIUM=1",
 				);
 			};
 			name = Debug;
@@ -2778,8 +2978,21 @@
 				CLANG_WARN_DOCUMENTATION_COMMENTS = NO;
 				HEADER_SEARCH_PATHS = (
 					"$(inherited)",
-					/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/include,
 					/usr/include/libxml2,
+					/usr/local/include,
+				);
+				LIBRARY_SEARCH_PATHS = (
+					"$(SRCROOT)/External/Pearl/Pearl-Crypto/lib",
+					"$(inherited)",
+					"$(PROJECT_DIR)/External/Pearl/Pearl-Crypto/lib",
+					/usr/local/Cellar/libsodium/1.0.12/lib,
+					/usr/local/Cellar/libscrypt/1.21/lib,
+					"$(PROJECT_DIR)/External/libsodium/libsodium-ios/lib",
+					"$(PROJECT_DIR)/External/libsodium/libsodium-osx/lib",
+				);
+				OTHER_CFLAGS = (
+					"-DHAS_CPERCIVA=0",
+					"-DHAS_SODIUM=1",
 				);
 			};
 			name = Release;
--- a/platform-darwin/MasterPassword-macOS.xcodeproj/xcshareddata/xcschemes/mpw-test.xcscheme
+++ b/platform-darwin/MasterPassword-macOS.xcodeproj/xcshareddata/xcschemes/mpw-test.xcscheme
@@ -46,7 +46,8 @@
      selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
      selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
      launchStyle = "0"
-      useCustomWorkingDirectory = "NO"
+      useCustomWorkingDirectory = "YES"
+      customWorkingDirectory = "/Users/lhunath/Documents/workspace/lyndir/MasterPassword/platform-independent/cli-c"
      ignoresPersistentStateOnLaunch = "NO"
      debugDocumentVersioning = "YES"
      debugServiceExtension = "internal"
--- a/platform-darwin/MasterPassword.xcworkspace/xcshareddata/MasterPassword.xcscmblueprint
+++ b/platform-darwin/MasterPassword.xcworkspace/xcshareddata/MasterPassword.xcscmblueprint
@@ -9,8 +9,9 @@
    "8A15A8EA0B3D0B497C4883425BC74DF995224BB3" : 9223372036854775807,
    "1712FC0BC3C9AABD8B7B5376E310E93FBDB3BCFA" : 9223372036854775807,
    "2FE140B36B7D26140DC8D5E5C639DC5900EFCF35" : 9223372036854775807,
-    "3ED8592497DB6A564366943C9AAD5A46341B5076" : 9223372036854775807,
    "4DDCFFD91B41F00326AD14553BD66CFD366ABD91" : 9223372036854775807,
+    "3ED8592497DB6A564366943C9AAD5A46341B5076" : 9223372036854775807,
+    "81A28796384A028E6C2D47C039DB8B3E5DD6D0FC" : 9223372036854775807,
    "F788B28042EDBEF29EFE34687DA79A778C2CC260" : 0
  },
  "DVTSourceControlWorkspaceBlueprintIdentifierKey" : "1DC75A27-0030-4493-ACE8-E1D49AB9A549",
@@ -20,8 +21,9 @@
    "8A15A8EA0B3D0B497C4883425BC74DF995224BB3" : "MasterPassword\/platform-darwin\/External\/jrswizzle\/",
    "1712FC0BC3C9AABD8B7B5376E310E93FBDB3BCFA" : "MasterPassword\/platform-darwin\/External\/InAppSettingsKit\/",
    "2FE140B36B7D26140DC8D5E5C639DC5900EFCF35" : "MasterPassword\/platform-darwin\/External\/uicolor-utilities\/",
-    "3ED8592497DB6A564366943C9AAD5A46341B5076" : "MasterPassword\/platform-darwin\/External\/AttributedMarkdown\/",
    "4DDCFFD91B41F00326AD14553BD66CFD366ABD91" : "MasterPassword\/platform-darwin\/External\/Pearl\/",
+    "3ED8592497DB6A564366943C9AAD5A46341B5076" : "MasterPassword\/platform-darwin\/External\/AttributedMarkdown\/",
+    "81A28796384A028E6C2D47C039DB8B3E5DD6D0FC" : "MasterPassword\/platform-darwin\/External\/libsodium\/",
    "F788B28042EDBEF29EFE34687DA79A778C2CC260" : "MasterPassword\/"
  },
  "DVTSourceControlWorkspaceBlueprintNameKey" : "MasterPassword",
@@ -58,6 +60,11 @@
      "DVTSourceControlWorkspaceBlueprintRemoteRepositorySystemKey" : "com.apple.dt.Xcode.sourcecontrol.Git",
      "DVTSourceControlWorkspaceBlueprintRemoteRepositoryIdentifierKey" : "4DDCFFD91B41F00326AD14553BD66CFD366ABD91"
    },
+    {
+      "DVTSourceControlWorkspaceBlueprintRemoteRepositoryURLKey" : "https:\/\/github.com\/jedisct1\/libsodium.git",
+      "DVTSourceControlWorkspaceBlueprintRemoteRepositorySystemKey" : "com.apple.dt.Xcode.sourcecontrol.Git",
+      "DVTSourceControlWorkspaceBlueprintRemoteRepositoryIdentifierKey" : "81A28796384A028E6C2D47C039DB8B3E5DD6D0FC"
+    },
    {
      "DVTSourceControlWorkspaceBlueprintRemoteRepositoryURLKey" : "git:\/\/github.com\/jonmarimba\/jrswizzle.git",
      "DVTSourceControlWorkspaceBlueprintRemoteRepositorySystemKey" : "com.apple.dt.Xcode.sourcecontrol.Git",
--- a/platform-darwin/Scripts/updatePlist
+++ b/platform-darwin/Scripts/updatePlist
@@ -35,11 +35,15 @@ setSettingWithTitle() {
    done
 }

-description=$(git describe --always --dirty --long --match '*-release')
-version=${description%-g*}
-release=${version%%-*} build=${version##*-}
-printf -v version '%s.%d' "$release" "$build"
-printf -v commit '%s' "${description##*-g}"
+case $PLATFORM_NAME in
+    macosx) platform=mac ;;
+    iphone*)    platform=ios ;;
+    *)      ftl 'ERROR: Unknown platform: %s.' "$PLATFORM_NAME"; exit 1 ;;
+esac
+
+description=$(git describe --always --dirty --long --match "*-$platform-*")
+version=${description%-g*} build=${version##*-} version=${version%-$build}
+version=${version//-*-/.} release=${version%%-*} commit=${description##*-g}

 addPlistWithKey GITDescription string "$description"
 setPlistWithKey CFBundleVersion "$(hr "${version%%.*}" 14).${version#*.}"
@@ -55,6 +59,8 @@ if [[ $DEPLOYMENT_LOCATION = YES ]]; then
    passed=1
    [[ $description != *-dirty ]] || \
        { passed=0; err 'ERROR: Cannot release a dirty version, first commit any changes.'; }
+    [[ $build == 0 ]] || \
+        { passed=0; err 'ERROR: Commit is not tagged for release, first tag accordingly.'; }
    [[ -r "$crashlyticsPlist" && $(PlistBuddy -c "Print :'API Key'" "$crashlyticsPlist" 2>/dev/null) ]] || \
        { passed=0; err 'ERROR: Cannot release: Crashlytics API key is missing.'; }
    (( passed )) || \
--- a/platform-darwin/Source/MPAlgorithmV0.m
+++ b/platform-darwin/Source/MPAlgorithmV0.m
@@ -24,8 +24,6 @@
 #import "MPAppDelegate_Shared.h"
 #import "MPAppDelegate_InApp.h"
 #import "mpw-util.h"
-#include <openssl/bn.h>
-#include <openssl/err.h>

 /* An AMD HD 7970 calculates 2495M SHA-1 hashes per second at a cost of ~350$ per GPU */
 #define CRACKING_PER_SECOND 2495000000UL
@@ -33,17 +31,13 @@

 NSOperationQueue *_mpwQueue = nil;

-@implementation MPAlgorithmV0 {
-    BN_CTX *_ctx;
-}
+@implementation MPAlgorithmV0

 - (id)init {

    if (!(self = [super init]))
        return nil;

-    _ctx = BN_CTX_new();
-
    static dispatch_once_t once = 0;
    dispatch_once( &once, ^{
        _mpwQueue = [NSOperationQueue new];
@@ -54,12 +48,6 @@ NSOperationQueue *_mpwQueue = nil;
    return self;
 }

- (void)dealloc {
-
-    BN_CTX_free( _ctx );
-    _ctx = NULL;
-}
-
 - (MPAlgorithmVersion)version {

    return MPAlgorithmVersion0;
@@ -427,9 +415,9 @@ NSOperationQueue *_mpwQueue = nil;
                [PearlKeyChain deleteItemForQuery:siteQuery];
            else
                [PearlKeyChain addOrUpdateItemForQuery:siteQuery withAttributes:@{
-                        (__bridge id)kSecValueData: encryptedContent,
+                        (__bridge id)kSecValueData     : encryptedContent,
 #if TARGET_OS_IPHONE
-                        (__bridge id)kSecAttrAccessible : (__bridge id)kSecAttrAccessibleWhenUnlockedThisDeviceOnly,
+                        (__bridge id)kSecAttrAccessible: (__bridge id)kSecAttrAccessibleWhenUnlockedThisDeviceOnly,
 #endif
                }];
            ((MPStoredSiteEntity *)site).contentObject = nil;
@@ -761,18 +749,17 @@ NSOperationQueue *_mpwQueue = nil;
    if (!templates)
        return NO;

-    BIGNUM *permutations = BN_new(), *templatePermutations = BN_new();
+    NSDecimalNumber *permutations = [NSDecimalNumber zero], *templatePermutations;
    for (size_t t = 0; t < count; ++t) {
        const char *template = templates[t];
-        BN_one( templatePermutations );
+        templatePermutations = [NSDecimalNumber one];

        for (NSUInteger c = 0; c < strlen( template ); ++c)
-            BN_mul_word( templatePermutations,
-                    (BN_ULONG)strlen( mpw_charactersInClass( template[c] ) ) );
+            templatePermutations = [templatePermutations decimalNumberByMultiplyingBy:
+                    (id)[[NSDecimalNumber alloc] initWithUnsignedLong:strlen( mpw_charactersInClass( template[c] ) )]];

-        BN_add( permutations, permutations, templatePermutations );
+        permutations = [permutations decimalNumberByAdding:templatePermutations];
    }
-    BN_free( templatePermutations );
    free( templates );

    return [self timeToCrack:timeToCrack permutations:permutations forAttacker:attacker];
@@ -780,114 +767,108 @@ NSOperationQueue *_mpwQueue = nil;

 - (BOOL)timeToCrack:(out TimeToCrack *)timeToCrack passwordString:(NSString *)password byAttacker:(MPAttacker)attacker {

-    BIGNUM *permutations = BN_new();
-    BN_one( permutations );
+    NSDecimalNumber *permutations = [NSDecimalNumber one];

    for (NSUInteger c = 0; c < [password length]; ++c) {
        const char passwordCharacter = [password substringWithRange:NSMakeRange( c, 1 )].UTF8String[0];

-        unsigned int characterEntropy = 0;
+        unsigned long characterEntropy = 0;
        for (NSString *characterClass in @[ @"v", @"c", @"a", @"x" ]) {
            char const *charactersForClass = mpw_charactersInClass( characterClass.UTF8String[0] );

            if (strchr( charactersForClass, passwordCharacter )) {
                // Found class for password character.
-                characterEntropy = (BN_ULONG)strlen( charactersForClass );
+                characterEntropy = strlen( charactersForClass );
                break;
            }
        }
        if (!characterEntropy)
            characterEntropy = 256 /* a byte */;

-        BN_mul_word( permutations, characterEntropy );
+        permutations = [permutations decimalNumberByMultiplyingBy:
+                (id)[[NSDecimalNumber alloc] initWithUnsignedLong:characterEntropy]];
    }

    return [self timeToCrack:timeToCrack permutations:permutations forAttacker:attacker];
 }

- (BOOL)timeToCrack:(out TimeToCrack *)timeToCrack permutations:(BIGNUM *)permutations forAttacker:(MPAttacker)attacker {
+- (BOOL)timeToCrack:(out TimeToCrack *)timeToCrack permutations:(NSDecimalNumber *)permutations forAttacker:(MPAttacker)attacker {

    // Determine base seconds needed to calculate the permutations.
-    BIGNUM *secondsToCrack = BN_dup( permutations );
-    BN_div_word( secondsToCrack, CRACKING_PER_SECOND );
+    NSDecimalNumber *secondsToCrack = [permutations decimalNumberByDividingBy:
+            (id)[[NSDecimalNumber alloc] initWithUnsignedLong:CRACKING_PER_SECOND]];

    // Modify seconds needed by applying our hardware budget.
    switch (attacker) {
        case MPAttacker1:
            break;
        case MPAttacker5K:
-            BN_mul_word( secondsToCrack, CRACKING_PRICE );
-            BN_div_word( secondsToCrack, 5000 );
+            secondsToCrack = [secondsToCrack decimalNumberByMultiplyingBy:
+                    (id)[[NSDecimalNumber alloc] initWithUnsignedLong:CRACKING_PRICE]];
+            secondsToCrack = [secondsToCrack decimalNumberByDividingBy:
+                    (id)[[NSDecimalNumber alloc] initWithUnsignedLong:5000]];
            break;
        case MPAttacker20M:
-            BN_mul_word( secondsToCrack, CRACKING_PRICE );
-            BN_div_word( secondsToCrack, 20000000 );
+            secondsToCrack = [secondsToCrack decimalNumberByMultiplyingBy:
+                    (id)[[NSDecimalNumber alloc] initWithUnsignedLong:CRACKING_PRICE]];
+            secondsToCrack = [secondsToCrack decimalNumberByDividingBy:
+                    (id)[[NSDecimalNumber alloc] initWithUnsignedLong:20000000]];
            break;
        case MPAttacker5B:
-            BN_mul_word( secondsToCrack, CRACKING_PRICE );
-            BN_div_word( secondsToCrack, 5000 );
-            BN_div_word( secondsToCrack, 1000000 );
+            secondsToCrack = [secondsToCrack decimalNumberByMultiplyingBy:
+                    (id)[[NSDecimalNumber alloc] initWithUnsignedLong:CRACKING_PRICE]];
+            secondsToCrack = [secondsToCrack decimalNumberByDividingBy:
+                    (id)[[NSDecimalNumber alloc] initWithUnsignedLong:5000]];
+            secondsToCrack = [secondsToCrack decimalNumberByDividingBy:
+                    (id)[[NSDecimalNumber alloc] initWithUnsignedLong:1000000]];
            break;
    }

-    BIGNUM *max = BN_new();
-    BN_set_word( max, (BN_ULONG)-1 );
+    NSDecimalNumber *ulong_max = (id)[[NSDecimalNumber alloc] initWithUnsignedLong:ULONG_MAX];

-    BIGNUM *hoursToCrack = BN_dup( secondsToCrack );
-    BN_div_word( hoursToCrack, 3600 );
-    if (BN_cmp( hoursToCrack, max ) < 0)
-        timeToCrack->hours = BN_get_word( hoursToCrack );
+    NSDecimalNumber *hoursToCrack = [secondsToCrack decimalNumberByDividingBy:
+            (id)[[NSDecimalNumber alloc] initWithUnsignedLong:3600L]];
+    if ([hoursToCrack compare:ulong_max] == NSOrderedAscending)
+        timeToCrack->hours = (unsigned long long)[hoursToCrack doubleValue];
    else
-        timeToCrack->hours = (BN_ULONG)-1;
+        timeToCrack->hours = ULONG_MAX;

-    BIGNUM *daysToCrack = BN_dup( hoursToCrack );
-    BN_div_word( daysToCrack, 24 );
-    if (BN_cmp( daysToCrack, max ) < 0)
-        timeToCrack->days = BN_get_word( daysToCrack );
+    NSDecimalNumber *daysToCrack = [hoursToCrack decimalNumberByDividingBy:
+            (id)[[NSDecimalNumber alloc] initWithUnsignedLong:24L]];
+    if ([daysToCrack compare:ulong_max] == NSOrderedAscending)
+        timeToCrack->days = (unsigned long long)[daysToCrack doubleValue];
    else
-        timeToCrack->days = (BN_ULONG)-1;
+        timeToCrack->days = ULONG_MAX;

-    BIGNUM *weeksToCrack = BN_dup( daysToCrack );
-    BN_div_word( weeksToCrack, 7 );
-    if (BN_cmp( weeksToCrack, max ) < 0)
-        timeToCrack->weeks = BN_get_word( weeksToCrack );
+    NSDecimalNumber *weeksToCrack = [daysToCrack decimalNumberByDividingBy:
+            (id)[[NSDecimalNumber alloc] initWithUnsignedLong:7L]];
+    if ([weeksToCrack compare:ulong_max] == NSOrderedAscending)
+        timeToCrack->weeks = (unsigned long long)[weeksToCrack doubleValue];
    else
-        timeToCrack->weeks = (BN_ULONG)-1;
+        timeToCrack->weeks = ULONG_MAX;

-    BIGNUM *monthsToCrack = BN_dup( daysToCrack );
-    BN_div_word( monthsToCrack, 31 );
-    if (BN_cmp( monthsToCrack, max ) < 0)
-        timeToCrack->months = BN_get_word( monthsToCrack );
+    NSDecimalNumber *monthsToCrack = [daysToCrack decimalNumberByDividingBy:
+            (id)[[NSDecimalNumber alloc] initWithUnsignedLong:31L]];
+    if ([monthsToCrack compare:ulong_max] == NSOrderedAscending)
+        timeToCrack->months = (unsigned long long)[monthsToCrack doubleValue];
    else
-        timeToCrack->months = (BN_ULONG)-1;
+        timeToCrack->months = ULONG_MAX;

-    BIGNUM *yearsToCrack = BN_dup( daysToCrack );
-    BN_div_word( yearsToCrack, 356 );
-    if (BN_cmp( yearsToCrack, max ) < 0)
-        timeToCrack->years = BN_get_word( yearsToCrack );
+    NSDecimalNumber *yearsToCrack = [daysToCrack decimalNumberByDividingBy:
+            (id)[[NSDecimalNumber alloc] initWithUnsignedLong:356L]];
+    if ([yearsToCrack compare:ulong_max] == NSOrderedAscending)
+        timeToCrack->years = (unsigned long long)[yearsToCrack doubleValue];
    else
-        timeToCrack->years = (BN_ULONG)-1;
+        timeToCrack->years = ULONG_MAX;

-    BIGNUM *universesToCrack = BN_dup( yearsToCrack );
-    BN_div_word( universesToCrack, 14000 );
-    BN_div_word( universesToCrack, 1000000 );
-    if (BN_cmp( universesToCrack, max ) < 0)
-        timeToCrack->universes = BN_get_word( universesToCrack );
+    NSDecimalNumber *universesToCrack = [yearsToCrack decimalNumberByDividingBy:
+            (id)[[NSDecimalNumber alloc] initWithUnsignedLong:14000L]];
+    universesToCrack = [universesToCrack decimalNumberByDividingBy:
+            (id)[[NSDecimalNumber alloc] initWithUnsignedLong:1000000L]];
+    if ([universesToCrack compare:ulong_max] == NSOrderedAscending)
+        timeToCrack->universes = (unsigned long long)[universesToCrack doubleValue];
    else
-        timeToCrack->universes = (BN_ULONG)-1;
-
-    for (unsigned long error = ERR_get_error(); error; error = ERR_get_error())
-        err( @"bignum error: %lu", error );
-
-    BN_free( max );
-    BN_free( permutations );
-    BN_free( secondsToCrack );
-    BN_free( hoursToCrack );
-    BN_free( daysToCrack );
-    BN_free( weeksToCrack );
-    BN_free( monthsToCrack );
-    BN_free( yearsToCrack );
-    BN_free( universesToCrack );
+        timeToCrack->universes = ULONG_MAX;

    return YES;
 }
--- a/platform-darwin/Source/Mac/MPMacAppDelegate.m
+++ b/platform-darwin/Source/Mac/MPMacAppDelegate.m
@@ -269,80 +269,80 @@ static OSStatus MPHotKeyHander(EventHandlerCallRef nextHandler, EventRef theEven
    NSURL *url = openPanel.URL;
    [openPanel close];

-    [[NSURLSession sharedSession]
-            dataTaskWithURL:url completionHandler:^(NSData *importedSitesData, NSURLResponse *response, NSError *error) {
-        if (error)
-            err( @"While reading imported sites from %@: %@", url, [error fullDescription] );
-        if (!importedSitesData)
-            return;
+    [[[NSURLSession sharedSession] dataTaskWithURL:url completionHandler:
+            ^(NSData *importedSitesData, NSURLResponse *response, NSError *error) {
+                if (error)
+                    err( @"While reading imported sites from %@: %@", url, [error fullDescription] );
+                if (!importedSitesData)
+                    return;

-        NSString *importedSitesString = [[NSString alloc] initWithData:importedSitesData encoding:NSUTF8StringEncoding];
-        MPImportResult result = [self importSites:importedSitesString askImportPassword:^NSString *(NSString *userName) {
-            __block NSString *masterPassword = nil;
+                NSString *importedSitesString = [[NSString alloc] initWithData:importedSitesData encoding:NSUTF8StringEncoding];
+                MPImportResult result = [self importSites:importedSitesString askImportPassword:^NSString *(NSString *userName) {
+                    __block NSString *masterPassword = nil;

-            PearlMainQueueWait( ^{
-                NSAlert *alert = [NSAlert new];
-                [alert addButtonWithTitle:@"Unlock"];
-                [alert addButtonWithTitle:@"Cancel"];
-                alert.messageText = @"Import File's Master Password";
-                alert.informativeText = strf( @"%@'s export was done using a different master password.\n"
-                        @"Enter that master password to unlock the exported data.", userName );
-                alert.accessoryView = [[NSSecureTextField alloc] initWithFrame:NSMakeRect( 0, 0, 200, 22 )];
-                [alert layout];
-                if ([alert runModal] == NSAlertFirstButtonReturn)
-                    masterPassword = ((NSTextField *)alert.accessoryView).stringValue;
-            } );
+                    PearlMainQueueWait( ^{
+                        NSAlert *alert = [NSAlert new];
+                        [alert addButtonWithTitle:@"Unlock"];
+                        [alert addButtonWithTitle:@"Cancel"];
+                        alert.messageText = @"Import File's Master Password";
+                        alert.informativeText = strf( @"%@'s export was done using a different master password.\n"
+                                @"Enter that master password to unlock the exported data.", userName );
+                        alert.accessoryView = [[NSSecureTextField alloc] initWithFrame:NSMakeRect( 0, 0, 200, 22 )];
+                        [alert layout];
+                        if ([alert runModal] == NSAlertFirstButtonReturn)
+                            masterPassword = ((NSTextField *)alert.accessoryView).stringValue;
+                    } );

-            return masterPassword;
-        }                         askUserPassword:^NSString *(NSString *userName, NSUInteger importCount, NSUInteger deleteCount) {
-            __block NSString *masterPassword = nil;
+                    return masterPassword;
+                }                         askUserPassword:^NSString *(NSString *userName, NSUInteger importCount, NSUInteger deleteCount) {
+                    __block NSString *masterPassword = nil;

-            PearlMainQueueWait( ^{
-                NSAlert *alert = [NSAlert new];
-                [alert addButtonWithTitle:@"Import"];
-                [alert addButtonWithTitle:@"Cancel"];
-                alert.messageText = strf( @"Master Password for\n%@", userName );
-                alert.informativeText = strf( @"Imports %lu sites, overwriting %lu.",
-                        (unsigned long)importCount, (unsigned long)deleteCount );
-                alert.accessoryView = [[NSSecureTextField alloc] initWithFrame:NSMakeRect( 0, 0, 200, 22 )];
-                [alert layout];
-                if ([alert runModal] == NSAlertFirstButtonReturn)
-                    masterPassword = ((NSTextField *)alert.accessoryView).stringValue;
-            } );
+                    PearlMainQueueWait( ^{
+                        NSAlert *alert = [NSAlert new];
+                        [alert addButtonWithTitle:@"Import"];
+                        [alert addButtonWithTitle:@"Cancel"];
+                        alert.messageText = strf( @"Master Password for\n%@", userName );
+                        alert.informativeText = strf( @"Imports %lu sites, overwriting %lu.",
+                                (unsigned long)importCount, (unsigned long)deleteCount );
+                        alert.accessoryView = [[NSSecureTextField alloc] initWithFrame:NSMakeRect( 0, 0, 200, 22 )];
+                        [alert layout];
+                        if ([alert runModal] == NSAlertFirstButtonReturn)
+                            masterPassword = ((NSTextField *)alert.accessoryView).stringValue;
+                    } );

-            return masterPassword;
-        }];
+                    return masterPassword;
+                }];

-        PearlMainQueue( ^{
-            switch (result) {
-                case MPImportResultSuccess: {
-                    [self updateUsers];
+                PearlMainQueue( ^{
+                    switch (result) {
+                        case MPImportResultSuccess: {
+                            [self updateUsers];

-                    NSAlert *alert = [NSAlert new];
-                    alert.messageText = @"Successfully imported sites.";
-                    [alert runModal];
-                    break;
-                }
-                case MPImportResultCancelled:
-                    break;
-                case MPImportResultInternalError:
-                    [[NSAlert alertWithError:[NSError errorWithDomain:MPErrorDomain code:0 userInfo:@{
-                            NSLocalizedDescriptionKey: @"Import failed because of an internal error."
-                    }]] runModal];
-                    break;
-                case MPImportResultMalformedInput:
-                    [[NSAlert alertWithError:[NSError errorWithDomain:MPErrorDomain code:0 userInfo:@{
-                            NSLocalizedDescriptionKey: @"The import doesn't look like a Master Password export."
-                    }]] runModal];
-                    break;
-                case MPImportResultInvalidPassword:
-                    [[NSAlert alertWithError:[NSError errorWithDomain:MPErrorDomain code:0 userInfo:@{
-                            NSLocalizedDescriptionKey: @"Incorrect master password for the import sites."
-                    }]] runModal];
-                    break;
-            }
-        } );
-    }];
+                            NSAlert *alert = [NSAlert new];
+                            alert.messageText = @"Successfully imported sites.";
+                            [alert runModal];
+                            break;
+                        }
+                        case MPImportResultCancelled:
+                            break;
+                        case MPImportResultInternalError:
+                            [[NSAlert alertWithError:[NSError errorWithDomain:MPErrorDomain code:0 userInfo:@{
+                                    NSLocalizedDescriptionKey: @"Import failed because of an internal error."
+                            }]] runModal];
+                            break;
+                        case MPImportResultMalformedInput:
+                            [[NSAlert alertWithError:[NSError errorWithDomain:MPErrorDomain code:0 userInfo:@{
+                                    NSLocalizedDescriptionKey: @"The import doesn't look like a Master Password export."
+                            }]] runModal];
+                            break;
+                        case MPImportResultInvalidPassword:
+                            [[NSAlert alertWithError:[NSError errorWithDomain:MPErrorDomain code:0 userInfo:@{
+                                    NSLocalizedDescriptionKey: @"Incorrect master password for the import sites."
+                            }]] runModal];
+                            break;
+                    }
+                } );
+            }] resume];
 }

 - (IBAction)togglePreference:(id)sender {
--- a/platform-darwin/Source/Mac/MPPasswordWindowController.m
+++ b/platform-darwin/Source/Mac/MPPasswordWindowController.m
@@ -67,12 +67,11 @@
                                                       queue:[NSOperationQueue mainQueue] usingBlock:^(NSNotification *note) {
                [self updateUser];
            }];
-    [self observeKeyPath:@"sitesController.selection"
-               withBlock:^(id from, id to, NSKeyValueChange cause, id _self) {
-                   prof_new( @"sitesController.selection" );
-                   [_self updateSelection];
-                   prof_finish( @"updateSelection" );
-               }];
+    [self observeKeyPath:@"sitesController.selection" withBlock:^(id from, id to, NSKeyValueChange cause, id _self) {
+        prof_new( @"sitesController.selection" );
+        [_self updateSelection];
+        prof_finish( @"updateSelection" );
+    }];
    prof_rewind( @"observers" );

    NSSearchFieldCell *siteFieldCell = (NSSearchFieldCell *)self.siteField.cell;
@@ -479,7 +478,7 @@

    // Performing action while content is available.  Copy it.
    [self copyContent:self.shiftPressed? selectedSite.answer: selectedSite.content];
-    [self.window close];
+    [NSApp hide:nil];

    NSUserNotification *notification = [NSUserNotification new];
    notification.title = @"Password Copied";
@@ -535,30 +534,33 @@
        fuzzyRE = [NSRegularExpression regularExpressionWithPattern:@"(.)" options:0 error:nil];
    } );

+    prof_new( @"updateSites" );
    NSString *queryString = self.siteField.stringValue;
-    NSString *queryPattern;
-    if ([queryString length] < 13)
-        queryPattern = [queryString stringByReplacingMatchesOfExpression:fuzzyRE withTemplate:@"*$1*"];
-    else
-        // If query is too long, a wildcard per character makes the CoreData fetch take excessively long.
-        queryPattern = strf( @"*%@*", queryString );
+    NSString *queryPattern = [[queryString stringByReplacingMatchesOfExpression:fuzzyRE withTemplate:@"*$1"] stringByAppendingString:@"*"];
+    prof_rewind( @"queryPattern" );
    NSMutableArray *fuzzyGroups = [NSMutableArray new];
    [fuzzyRE enumerateMatchesInString:queryString options:0 range:NSMakeRange( 0, queryString.length )
                           usingBlock:^(NSTextCheckingResult *result, NSMatchingFlags flags, BOOL *stop) {
                               [fuzzyGroups addObject:[queryString substringWithRange:result.range]];
                           }];
+    prof_rewind( @"fuzzyRE" );
    [MPMacAppDelegate managedObjectContextPerformBlock:^(NSManagedObjectContext *context) {
+        prof_rewind( @"moc" );
+
        NSFetchRequest *fetchRequest = [NSFetchRequest fetchRequestWithEntityName:NSStringFromClass( [MPSiteEntity class] )];
        fetchRequest.sortDescriptors = @[ [[NSSortDescriptor alloc] initWithKey:@"lastUsed" ascending:NO] ];
        fetchRequest.predicate = [NSPredicate predicateWithFormat:@"(%@ == '' OR name LIKE[cd] %@) AND user == %@",
                                                                  queryPattern, queryPattern, [MPMacAppDelegate get].activeUserOID];
+        prof_rewind( @"fetchRequest" );

        NSError *error = nil;
        NSArray *siteResults = [context executeFetchRequest:fetchRequest error:&error];
        if (!siteResults) {
+            prof_finish( @"executeFetchRequest: %@ // %@", fetchRequest.predicate, [error fullDescription] );
            err( @"While fetching sites for completion: %@", [error fullDescription] );
            return;
        }
+        prof_rewind( @"executeFetchRequest: %@", fetchRequest.predicate );

        BOOL exact = NO;
        NSMutableArray *newSites = [NSMutableArray arrayWithCapacity:[siteResults count]];
@@ -566,10 +568,12 @@
            [newSites addObject:[[MPSiteModel alloc] initWithEntity:site fuzzyGroups:fuzzyGroups]];
            exact |= [site.name isEqualToString:queryString];
        }
+        prof_rewind( @"newSites: %u, exact: %d", (uint)[siteResults count], exact );
        if (!exact && [queryString length]) {
            MPUserEntity *activeUser = [[MPAppDelegate_Shared get] activeUserInContext:context];
            [newSites addObject:[[MPSiteModel alloc] initWithName:queryString forUser:activeUser]];
        }
+        prof_finish( @"newSites: %@", newSites );

        dbg( @"newSites: %@", newSites );
        if (![newSites isEqualToArray:self.sites])
--- a/platform-darwin/Source/Mac/MPSiteModel.m
+++ b/platform-darwin/Source/Mac/MPSiteModel.m
@@ -80,7 +80,6 @@
    self.uses = entity.uses_;
    self.counter = [entity isKindOfClass:[MPGeneratedSiteEntity class]]? [(MPGeneratedSiteEntity *)entity counter]: 0;
    self.loginGenerated = entity.loginGenerated;
-    NSLog( @"%@: loginGenerated: %d", self.name, self.loginGenerated );

    // Find all password types and the index of the current type amongst them.
    [self updateContent:entity];
@@ -276,7 +275,6 @@

    PearlMainQueue( ^{
        self.loginName = loginName;
-        NSLog( @"%@: loginGenerated: %d, loginName: %@", self.name, self.loginGenerated, loginName );
    } );
 }

--- a/platform-darwin/Source/Pearl/Pearl-Prefix.pch
+++ b/platform-darwin/Source/Pearl/Pearl-Prefix.pch
@@ -5,24 +5,21 @@
 #ifdef __OBJC__
 #import <Foundation/Foundation.h>

-#define PEARL_WITH_SCRYPT
 #define PEARL_WITH_MESSAGEUI

 #define PEARL
 #define PEARL_CRYPTO
-#ifdef __IPHONE_OS_VERSION_MIN_REQUIRED
+#if TARGET_OS_IOS
 #define PEARL_UIKIT
-#endif
-#ifdef __MAC_OS_X_VERSION_MIN_REQUIRED
+#elif TARGET_OS_OSX
 #define PEARL_COCOA
 #endif

 #import "Pearl.h"
 #import "Pearl-Crypto.h"
-#ifdef __IPHONE_OS_VERSION_MIN_REQUIRED
+#if TARGET_OS_IOS
 #import "Pearl-UIKit.h"
-#endif
-#ifdef __MAC_OS_X_VERSION_MIN_REQUIRED
+#elif TARGET_OS_OSX
 #import "Pearl-Cocoa.h"
 #endif
 #endif
--- a/platform-darwin/Source/iOS/MPStoreViewController.m
+++ b/platform-darwin/Source/iOS/MPStoreViewController.m
@@ -245,7 +245,7 @@ PearlEnum( MPDevelopmentFuelConsumption,

    NSMutableArray *showCells = [NSMutableArray array];
    NSMutableArray *hideCells = [NSMutableArray array];
-    [hideCells addObjectsFromArray:self.allCellsBySection[0]];
+    [hideCells addObjectsFromArray:[self.allCellsBySection[0] array]];
    [hideCells addObject:self.loadingCell];

    for (SKProduct *product in self.products) {
--- a/platform-darwin/Source/iOS/Storyboard.storyboard
+++ b/platform-darwin/Source/iOS/Storyboard.storyboard
--- a/platform-independent/cli-c/CMakeLists.txt
+++ b/platform-independent/cli-c/CMakeLists.txt
@@ -0,0 +1,12 @@
+project(mpw)
+cmake_minimum_required(VERSION 3.0.2)
+
+set(CMAKE_BUILD_TYPE Release)
+set(CMAKE_C_FLAGS "-O3 -DHAS_SODIUM=1")
+
+include_directories(core cli)
+file(GLOB SOURCES "core/*.c" "cli/mpw-cli.c")
+add_executable(mpw ${SOURCES})
+
+find_library(libsodium REQUIRED)
+target_link_libraries(mpw sodium)
--- a/platform-independent/cli-c/build
+++ b/platform-independent/cli-c/build
@@ -32,21 +32,25 @@ else
    # Default targets.
    # Modify here or override using targets='mpw mpw-bench' ./build
    targets=(
-        mpw                         # C CLI version of Master Password.
-        mpw-bench                   # C CLI Master Password benchmark utility.
-        mpw-tests                   # C Master Password algorithm tester.
+        mpw                         # C CLI version of Master Password, requires libsodium or openssl-dev.
+        #mpw-bench                  # C CLI Master Password benchmark utility.
+        #mpw-tests                  # C Master Password algorithm test suite, requires libxml2.
    )
 fi

 # Optional features.
-mpw_color=${mpw_color:-1} # Colorized Identicon, requires libncurses-dev
+mpw_color=${mpw_color:-1} # Colorized Identicon, requires libncurses-dev.
+
+# Default build flags.
+export CFLAGS="-O3 $CFLAGS"
+export LDFLAGS="$LDFLAGS"

 # Distribution specific configuration.
-# Homebrew
+# Homebrew - openssl for scrypt
 if hash brew 2>/dev/null; then
    opensslPath=$(brew --prefix openssl)
-    export CFLAGS="$CFLAGS -I$opensslPath/include"
-    export LDFLAGS="$LDFLAGS -L$opensslPath/lib"
+    CFLAGS+="  -I$opensslPath/include"
+    LDFLAGS+=" -L$opensslPath/lib"
 fi

 ### DEPENDENCIES
@@ -208,26 +212,44 @@ depend() {
    popd
    popd
 }
+depend_scrypt() {
+    if haslib sodium; then
+        if [[ $CFLAGS != *HAS_SODIUM=1* ]]; then
+            CFLAGS+="  -DHAS_SODIUM=1"
+            LDFLAGS+=" -lsodium"
+        fi
+        return
+    fi
+
+    depend scrypt
+    if [[ $CFLAGS != *HAS_CPERCIVA=1* ]]; then
+        local objects=(
+            "lib/scrypt/src/libcperciva/"*/*.o
+            "lib/scrypt/src/lib/crypto/"*.o
+        )
+        CFLAGS+="  -DHAS_CPERCIVA=1"
+        LDFLAGS+=" -Llib/scrypt/src ${objects[*]}"
+    fi
+}


 ### MPW
 mpw() {
-    depend scrypt
+    depend_scrypt

    echo
    echo "Building target: $target..."
    local CFLAGS=(
+        $CFLAGS
+
        # library paths
        -I"lib/include"
        # mpw paths
        -I"core" -I"cli"
    )
    local LDFLAGS=(
-        # scrypt
-        "lib/scrypt/src/libcperciva/"*/*.o
-        "lib/scrypt/src/lib/crypto/"*.o
-        # library paths
-        -L"lib/scrypt/src"
+        $LDFLAGS
+
        # link libraries
        -l"crypto"
    )
@@ -245,28 +267,28 @@ mpw() {

 ### MPW-BENCH
 mpw-bench() {
-    depend scrypt
+    depend_scrypt
    depend bcrypt

    echo
    echo "Building target: $target..."
    local CFLAGS=(
+        $CFLAGS
+
        # library paths
        -I"lib/include"
        # mpw paths
        -I"core" -I"cli"
    )
    local LDFLAGS=(
-        # scrypt
-        "lib/scrypt/src/libcperciva/"*/*.o
-        "lib/scrypt/src/lib/crypto/"*.o
+        $LDFLAGS
+
        # bcrypt
        "lib/bcrypt/src/crypt_blowfish.o"
        "lib/bcrypt/src/crypt_gensalt.o"
        "lib/bcrypt/src/wrapper.o"
        "lib/bcrypt/src/x86.o"
        # library paths
-        -L"lib/scrypt/src"
        -L"lib/bcrypt/src"
        # link libraries
        -l"crypto"
@@ -283,11 +305,13 @@ mpw-bench() {

 ### MPW-TESTS
 mpw-tests() {
-    depend scrypt
+    depend_scrypt

    echo
    echo "Building target: $target..."
    local CFLAGS=(
+        $CFLAGS
+
        # library paths
        -I"lib/include"
        -I"/usr/include/libxml2"
@@ -296,11 +320,8 @@ mpw-tests() {
        -I"core" -I"cli"
    )
    local LDFLAGS=(
-        # scrypt
-        "lib/scrypt/src/libcperciva/"*/*.o
-        "lib/scrypt/src/lib/crypto/"*.o
-        # library paths
-        -L"lib/scrypt/src"
+        $LDFLAGS
+
        # link libraries
        -l"crypto" -l"xml2"
    )
@@ -318,7 +339,7 @@ mpw-tests() {
 ### TARGETS

 haslib() {
-    ! LC_ALL=C cc -l"$1" 2>&1 | grep -q 'library not found'
+    return cc -l"$1" -x c -o /dev/null - <<< 'int main() { return 0; }'
 }
 cc() {
    if hash llvm-gcc 2>/dev/null; then
--- a/platform-independent/cli-c/cli/mpw-bench.c
+++ b/platform-independent/cli-c/cli/mpw-bench.c
@@ -13,7 +13,6 @@
 #include <errno.h>
 #include <sys/time.h>

-#include <scrypt/sha256.h>
 #include <bcrypt/ow-crypt.h>

 #include "mpw-algorithm.h"
--- a/platform-independent/cli-c/cli/mpw-cli.c
+++ b/platform-independent/cli-c/cli/mpw-cli.c
@@ -213,8 +213,12 @@ int main(int argc, char *const argv[]) {

    // Summarize operation.
    const char *identicon = mpw_identicon( fullName, masterPassword );
-    fprintf( stderr, "%s's password for %s:\n[ %s ]: ", fullName, siteName, identicon );
-    mpw_free_string( identicon );
+    if (!identicon) {
+        err( "Couldn't determine identicon.\n" );
+    } else {
+        fprintf( stderr, "%s's password for %s:\n[ %s ]: ", fullName, siteName, identicon );
+        mpw_free_string( identicon );
+    }

    // Output the password.
    const uint8_t *masterKey = mpw_masterKeyForUser(
--- a/platform-independent/cli-c/cli/mpw-tests.c
+++ b/platform-independent/cli-c/cli/mpw-tests.c
@@ -15,6 +15,11 @@ int main(int argc, char *const argv[]) {
    int failedTests = 0;

    xmlNodePtr tests = xmlDocGetRootElement( xmlParseFile( "mpw_tests.xml" ) );
+    if (!tests) {
+        ftl( "Couldn't find test case: mpw_tests.xml\n" );
+        abort();
+    }
+
    for (xmlNodePtr testCase = tests->children; testCase; testCase = testCase->next) {
        if (testCase->type != XML_ELEMENT_NODE || xmlStrcmp( testCase->name, BAD_CAST "case" ) != 0)
            continue;
--- a/platform-independent/gui-java/masterpassword.keystore
+++ b/platform-independent/gui-java/masterpassword.keystore
@@ -0,0 +1 @@
+/Users/lhunath/annex/secret/masterpassword.keystore
--- a/platform-independent/gui-java/release.jks
+++ b/platform-independent/gui-java/release.jks
@@ -1 +0,0 @@
-/Users/lhunath/SpiderOak Hive/secret/release-com.lyndir.masterpassword.jks
--- a/public/site/2013-05/masterpassword-cli.tar.gz
+++ b/public/site/2013-05/masterpassword-cli.tar.gz
@@ -1 +1 @@
-mpw-2.1-cli4-0-gf6b2287.tar.gz
+mpw-2.5-cli-1-0-gb01e370f.tar.gz
--- a/public/site/2013-05/masterpassword-cli.tar.gz.sig
+++ b/public/site/2013-05/masterpassword-cli.tar.gz.sig
@@ -0,0 +1 @@
+mpw-2.5-cli-1-0-gb01e370f.tar.gz.sig
--- a/public/site/2013-05/mpw-2.1-cli1-0-g10f1001.tar.gz
+++ b/public/site/2013-05/mpw-2.1-cli1-0-g10f1001.tar.gz
@@ -1 +1 @@
-../../MasterPassword/C/mpw-2.1-cli1-0-g10f1001.tar.gz
+../../../platform-independent/cli-c/mpw-2.1-cli1-0-g10f1001.tar.gz
--- a/public/site/2013-05/mpw-2.1-cli2-2-g82c96dd.tar.gz
+++ b/public/site/2013-05/mpw-2.1-cli2-2-g82c96dd.tar.gz
@@ -1 +1 @@
-../../MasterPassword/C/mpw-2.1-cli2-2-g82c96dd.tar.gz
+../../../platform-independent/cli-c/mpw-2.1-cli2-2-g82c96dd.tar.gz
--- a/public/site/2013-05/mpw-2.1-cli3-0-g438daf2.tar.gz
+++ b/public/site/2013-05/mpw-2.1-cli3-0-g438daf2.tar.gz
@@ -1 +1 @@
-../../MasterPassword/C/mpw-2.1-cli3-0-g438daf2.tar.gz
+../../../platform-independent/cli-c/mpw-2.1-cli3-0-g438daf2.tar.gz
--- a/public/site/2013-05/mpw-2.1-cli4-0-gf6b2287.tar.gz
+++ b/public/site/2013-05/mpw-2.1-cli4-0-gf6b2287.tar.gz
@@ -1 +1 @@
-../../MasterPassword/C/mpw-2.1-cli4-0-gf6b2287.tar.gz
+../../../platform-independent/cli-c/mpw-2.1-cli4-0-gf6b2287.tar.gz
--- a/public/site/2013-05/mpw-2.5-cli-1-0-gb01e370f.tar.gz
+++ b/public/site/2013-05/mpw-2.5-cli-1-0-gb01e370f.tar.gz
@@ -0,0 +1 @@
+../../../platform-independent/cli-c/mpw-2.5-cli-1-0-gb01e370f.tar.gz
--- a/public/site/2013-05/mpw-2.5-cli-1-0-gb01e370f.tar.gz.sig
+++ b/public/site/2013-05/mpw-2.5-cli-1-0-gb01e370f.tar.gz.sig
@@ -0,0 +1 @@
+../../../platform-independent/cli-c/mpw-2.5-cli-1-0-gb01e370f.tar.gz.sig
Author	SHA1	Message	Date
Maarten Billemont	89f6e77f67	Hack to ensure Xcode doesn't incorrectly link libsodium.dylib instead of libsodium.a	2017-04-14 17:23:41 -04:00
Maarten Billemont	f2fb16a0b9	Improved library check that doesn't depend on wording of error message.	2017-04-14 17:01:24 -04:00
Maarten Billemont	e3edd42b88	Fixed a bug in PearlMutableStaticTableViewController.	2017-04-14 16:10:11 -04:00
Maarten Billemont	cc5d246d7d	Update Storyboard.	2017-04-14 13:20:13 -04:00
Maarten Billemont	ca320de6d9	Fix detection of ios platforms.	2017-04-14 13:08:23 -04:00
Maarten Billemont	ae979d7240	Fix up the benefits wording.	2017-04-14 10:13:44 -04:00
Maarten Billemont	eb1c443940	Small README tweaks.	2017-04-14 09:58:35 -04:00
Maarten Billemont	dadcefc9bf	FAQ.	2017-04-14 09:51:44 -04:00
Maarten Billemont	cdbaec9751	Explain configuration requirements for the Android SDK.	2017-04-14 09:13:31 -04:00
Maarten Billemont	f48d480c77	Compacted build instructions a bit.	2017-04-14 09:01:04 -04:00
Maarten Billemont	23aae490df	Update version calculation.	2017-04-14 00:43:34 -04:00
Maarten Billemont	3fcf1131ac	Need to -resume the task to start it, fixes issue with importing sites.	2017-04-14 00:24:34 -04:00
Maarten Billemont	2bdec415e9	Update Travis to ensure mpw-tests is built.	2017-04-13 14:07:02 -04:00
Maarten Billemont	4c12f4af56	Amend the build instructions to mention libsodium and default build only to mpw.	2017-04-13 11:51:05 -04:00
Maarten Billemont	d91140439a	Properly deactivate when copying password so previous app regains focus and signOut happens properly.	2017-04-13 11:33:03 -04:00
Maarten Billemont	a7912dd1b7	Small format update.	2017-04-13 00:06:46 -04:00
Maarten Billemont	05391d893e	Fix slow fuzzy queries.	2017-04-12 23:41:17 -04:00
Maarten Billemont	2047422b08	Generate libsodium's ios/osx libs first run.	2017-04-10 13:29:52 -04:00
Maarten Billemont	e3fffc1923	Migrate from Tarsnap's scrypt to libsodium.	2017-04-10 11:43:55 -04:00
Maarten Billemont	9bf50569cc	Fix some remaining references to libscrypt.	2017-04-09 08:32:34 -04:00
Maarten Billemont	9ef265d9de	Don't add scrypt objects in twice.	2017-04-08 16:48:20 -04:00
Maarten Billemont	385f347b33	We don't need libscrypt when linking against sodium.	2017-04-08 16:20:58 -04:00
Maarten Billemont	4058d33202	Support for dynamically linking libscrypt & libsodium as alternative to statically linking Tarsnap's scrypt.	2017-04-08 14:25:54 -04:00
Maarten Billemont	98c5ee3425	Update website for 2.5-CLI-1 release and symlinks.	2017-04-07 22:41:39 -04:00
				`@@ -1 +0,0 @@`
				`/Users/lhunath/annex/secret/release-com.lyndir.masterpassword.jks`
				`@@ -0,0 +1 @@`
				`/Users/lhunath/annex/secret/masterpassword.keystore`
				`@@ -1 +0,0 @@`
				`/Users/lhunath/SpiderOak Hive/secret/release-com.lyndir.masterpassword.jks`
				`@@ -0,0 +1 @@`
				`../../../platform-independent/cli-c/mpw-2.5-cli-1-0-gb01e370f.tar.gz`