Frank Denis
adf3d00e87
Remove explicit comptime
2020-08-20 23:02:10 +02:00
Frank Denis
446597bd3c
Remove the reset() function from hash functions
...
Justification:
- reset() is unnecessary; states that have to be reused can be copied
- reset() is error-prone. Copying a previous state prevents forgetting
struct members.
- reset() forces implementation to store sensitive data (key, initial state)
in memory even when they are not needed.
- reset() is confusing as it has a different meaning elsewhere in Zig.
2020-08-20 23:02:10 +02:00
Frank Denis
f92a5d7944
Repair crypto/benchmark; add BLAKE2b256
...
Some MACs have a 64-bit output
2020-08-20 23:02:10 +02:00
Frank Denis
3bed749b1c
Add truncated SHA512 variants
2020-08-20 23:02:10 +02:00
Frank Denis
6f9ea9eaef
Breaking: sort std/crypto functions into categories
...
Instead of having all primitives and constructions share the same namespace,
they are now organized by category and function family.
Types within the same category are expected to share the exact same API.
2020-08-20 23:02:05 +02:00
Andrew Kelley
4a69b11e74
add license header to all std lib files
...
add SPDX license identifier
copyright ownership is zig contributors
2020-08-20 16:07:04 -04:00
Frank Denis
8d60047697
ristretto255: add uniform string->element map & fast equivalence check
2020-08-18 00:31:02 -04:00
Frank Denis
cd591a9b25
No need for an explicit deref
2020-08-17 13:54:01 -07:00
Frank Denis
795033c35f
std/crypto: XChaCha20, detached modes and standard AEAD API
...
* Factor redundant code in std/crypto/chacha20
* Add support for XChaCha20, and the XChaCha20-Poly1305 construction.
XChaCha20 is a 24-byte version of ChaCha20, is widely implemented
and is on the standards track:
https://tools.ietf.org/html/draft-irtf-cfrg-xchacha-03
* Add support for encryption/decryption with the authentication tag
detached from the ciphertext
* Add wrappers with an API similar to the Gimli AEAD type, so that
we can use and benchmark AEADs with a common API.
2020-08-17 13:54:01 -07:00
Frank Denis
7f9a227abf
deinline edwards25519.{add,dbl}
2020-08-16 22:35:28 -07:00
Frank Denis
37ae246405
Inline Fe.{sub,mul,sq} for a performance boost in release-safe mode
2020-08-16 22:35:28 -07:00
Frank Denis
ab6ffa8a3c
Work around sqrtRatioM1() issue in release-safe mode
2020-08-16 22:35:28 -07:00
Frank Denis
08dfbee961
Benchmark signatures
2020-08-16 22:35:27 -07:00
Frank Denis
5ab69633b7
Constify the ladder
2020-08-16 22:35:27 -07:00
Frank Denis
d86cde5752
Add comment, use @truncate
2020-08-16 22:35:27 -07:00
Frank Denis
bcef123d90
Address more review issues
2020-08-16 22:35:27 -07:00
Frank Denis
263c444738
Move loop decrements into continuations
...
Suggested by @daurnimator
2020-08-16 22:35:27 -07:00
Frank Denis
ed558bfbaa
Address @daurnimator feedback
2020-08-16 22:35:27 -07:00
Frank Denis
dd8f7b396c
Rename the field and scalar modules
...
Suggested by @kubkon
2020-08-16 22:35:27 -07:00
Frank Denis
c483bf4f97
Update lib/std/crypto/25519/ristretto255.zig
...
Co-authored-by: Jakub Konka <kubkon@jakubkonka.com>
2020-08-16 22:35:27 -07:00
Frank Denis
739b68938c
Update lib/std/crypto/25519/field25519.zig
...
Co-authored-by: Jakub Konka <kubkon@jakubkonka.com>
2020-08-16 22:35:27 -07:00
Frank Denis
6af9bc8c68
Initialize structures directly
...
Suggested by @kubkon, thanks!
2020-08-16 22:35:27 -07:00
Frank Denis
5f9953f41f
Remove mem.timingSafeEqual() for now
...
This requires assembly implementations, and is not needed for
signature verification.
Thanks @daurnimator
2020-08-16 22:35:27 -07:00
Frank Denis
3f0d80f25e
Improve curve25519-based crypto
...
This is a rewrite of the x25519 code, that generalizes support for
common primitives based on the same finite field.
- Low-level operations can now be performed over the curve25519 and
edwards25519 curves, as well as the ristretto255 group.
- Ed25519 signatures have been implemented.
- X25519 is now about twice as fast.
- mem.timingSafeEqual() has been added for constant-time comparison.
Domains have been clearly separated, making it easier to later add
platform-specific implementations.
2020-08-16 22:35:27 -07:00
Frank Denis
f46e375bbe
std/crypto: gimli.Aead.decrypt()'s ad should be const
2020-08-17 07:16:06 +02:00
Mantas Jonytis
1df33936d6
remove unnecessary operations
2020-08-01 17:15:53 +03:00
Mantas Jonytis
8286cc77f8
implement keyed blake2
2020-08-01 16:56:11 +03:00
Mantas Jonytis
36ed4623a8
make blake2 public
2020-08-01 16:05:20 +03:00
Mantas Jonytis
42dd737c9e
compute blake2 at compile time
2020-08-01 16:00:22 +03:00
Mantas Jonytis
1ae40146e6
blake2b: off-by-one on update
2020-08-01 15:31:46 +03:00
Mantas Jonytis
eee9abe1b4
add more blake2b test cases
2020-08-01 15:31:36 +03:00
Mantas Jonytis
b1cf0196df
blake2s: off-by-one on update
2020-08-01 15:15:45 +03:00
Mantas Jonytis
fad87bef9a
add more blake2s tests
2020-08-01 15:15:04 +03:00
Vexu
e85fe13e44
run zig fmt on std lib and self hosted
2020-07-11 20:41:19 +03:00
data-man
77bb2dc094
Use writer in benchmarks
2020-06-25 19:07:25 -04:00
Vexu
e2a0f5741d
Merge pull request #5189 from zigazeljko/patch-1
...
Split AES struct into AESEncrypt and AESDecrypt
2020-05-16 13:20:14 +03:00
Vexu
85fd484f07
std: fix blake3 assignment to constant
2020-05-04 14:45:36 +03:00
Žiga Željko
130435a17a
Split AES struct into AESEncrypt and AESDecrypt
2020-04-28 04:52:42 +08:00
Timon Kruiper
c829f2f7b7
Add mips support to standard library
2020-04-24 15:28:55 -04:00
Jay Petacat
0dbf8aaab8
crypto: fix benchmark compile error ( #4919 )
2020-04-02 23:46:46 -04:00
Andrew Kelley
9e7ae06249
std lib API deprecations for the upcoming 0.6.0 release
...
See #3811
2020-03-30 14:23:22 -04:00
Andrew Kelley
f614d94faa
update std lib to take advantage of slicing with comptime indexes
2020-03-19 14:48:47 -04:00
Andrew Kelley
1d7861a36e
fix incorrect sentinel check
2020-03-19 13:18:14 -04:00
xackus
00be934569
short std.builtin enum literals in std lib
2020-03-01 13:57:41 -05:00
Andrew Kelley
1d06c82c3b
Merge pull request #4516 from xackus/remove-bytes-to-slice
...
remove @bytesToSlice, @sliceToBytes from the language
2020-02-24 13:51:47 -05:00
J.W
5275b01202
hashing algorithms: fix logic and index out of bounds
2020-02-24 13:43:54 -05:00
xackus
783e8ad031
remove @bytesToSlice, @sliceToBytes from std lib
2020-02-21 19:46:53 +01:00
daurnimator
ef4ecaa462
std: add AEAD modes for gimli
2020-02-06 00:21:26 +11:00
daurnimator
b495512175
add gimli to crypto hash benchmark
2020-02-06 00:16:00 +11:00
Jay Petacat
cb2c14e03f
blake3: Workaround issue #4373 with named types
2020-02-02 18:44:50 -05:00