Lucas
/
lilcrypto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
79 Commits 1 Branch 0 Tags 463 KiB
Commit Graph

79 Commits

Author SHA1 Message Date
Lucas Gabriel Vuotto 2f31fe73e5 impl/poly1305: add a comment 
Explain why it's fine to skip clamping while doing t4 t3 t2 t1 t0 + 5.
 2024-06-30 14:10:46 +00:00
Lucas Gabriel Vuotto 35258f2b67 impl/poly1305: it's enough to overflow 2^130 
Going for 2^136 doesn't give anything extra, and is one additional
addition.
 2024-06-30 14:05:28 +00:00
Lucas Gabriel Vuotto 91f9176279 ct/cmp: make it generic by taking void pointers 2024-06-28 17:08:23 +00:00
Lucas Gabriel Vuotto 546649da1d Shuffle headers 
Make whitespace, sections and layouts consistent. Increase entropy.
 2024-06-27 12:29:39 +00:00
Lucas Gabriel Vuotto ac13dbe9cf Shuffle LC_SRCS around 
Increases the entropy of the RNG.
 2024-06-26 22:49:26 +00:00
Lucas Gabriel Vuotto f62f07aee6 ct: add mask32 2024-06-26 22:42:04 +00:00
Lucas Gabriel Vuotto dbf81b49d5 wycheproof_aead: adapt to the new api 2024-06-20 15:53:57 +00:00
Lucas Gabriel Vuotto 5c1325ed11 aead: rewrite api 
Decouple the authentication tag from the ciphertext and add streaming
interfaces.

Tests will be fixed in the next commit.
 2024-06-20 15:52:58 +00:00
Lucas Gabriel Vuotto 91842048d6 kdf/hkdf: scrub the pseudorandom key 2024-06-19 14:07:57 +00:00
Lucas Gabriel Vuotto 8766827b49 auth/hmac: save lc_hash_ctx for scrub 2024-06-19 14:07:36 +00:00
Lucas Gabriel Vuotto 9da7685779 aead/{,x}chacha20-poly1305: simplify 
Use one-pass interfaces for encryption and decryption and rename the
Poly1305 key setup to the more correct poly1305_keysetup.
 2024-06-19 14:02:54 +00:00
Lucas Gabriel Vuotto e39f46a9f9 internal: wrap overlong lines 2024-06-19 13:25:23 +00:00
Lucas Gabriel Vuotto 3c5e296178 Use a single zero buffer 2024-06-19 13:18:25 +00:00
Lucas Gabriel Vuotto 8fd513540f Write "Wycheproof" correctly 2024-06-18 14:35:22 +00:00
Lucas Gabriel Vuotto 9cc4c6863e Move aead_impl_*chacha20_poly1305 into their returning function 
Missed in 24ef318572 .
 2024-06-18 14:32:35 +00:00
Lucas Gabriel Vuotto 5eb28b420d Add KDF interface and HKDF implementation 2024-06-18 14:30:06 +00:00
Lucas Gabriel Vuotto cef67c9f09 Merge most of internal headers into internal.h 
Fix the includes accordingly and get rid of some unused ones.
 2024-06-17 21:52:07 +00:00
Lucas Gabriel Vuotto 9177e021ab README: add hexdump to utils 2024-06-17 14:41:38 +00:00
Lucas Gabriel Vuotto 9ba30dbe41 hash/sha512: add SHA-512/224 and SHA-512/256 variants 2024-06-17 14:41:20 +00:00
Lucas Gabriel Vuotto d66daa8938 hash/sha512: use sha384_sha512_update directly 2024-06-17 14:27:39 +00:00
Lucas Gabriel Vuotto 818c1a016f impl/sha512: fix indentation 2024-06-16 02:08:03 +00:00
Lucas Gabriel Vuotto 24ef318572 Move *_impl to their returning functions 2024-06-16 01:51:00 +00:00
Lucas Gabriel Vuotto 21251045f4 Rename the state block buffers from m{,len} to b{,len} 2024-06-15 21:22:12 +00:00
Lucas Gabriel Vuotto 230dedac16 Rename all algorithm-specific ctx to state 2024-06-15 21:13:31 +00:00
Lucas Gabriel Vuotto 2b76f3df5b cipher/xchacha20: add one-pass implementation 
Fix the function pointers while at it.
 2024-06-11 03:07:53 +00:00
Lucas Gabriel Vuotto fb2139eeee ct/cmp: save the final shift by switching the direction of shifts 2024-06-11 02:29:00 +00:00
Lucas Gabriel Vuotto d90236bfb9 Zap dangling whitespaces 2024-06-10 17:44:20 +00:00
Lucas Gabriel Vuotto 6677c6cab3 Remove ctx_new and ctx_free function pointers 
Now that HMAC isn't special anymore, and with the help of init params,
this isn't needed anymore as we only allocate memory for the state.

This effectively reverts e9bcc64e62 .
 2024-06-10 17:44:05 +00:00
Lucas Gabriel Vuotto 666b833b98 auth/hmac: complete overhaul 
Now that there are dedicated struct for initial parameters, make the
HMAC params provide a lc_hash_ctx to be used internally. This makes HMAC
less special and allows it to work with any hash, instead of needing
dedicated inits and ctx_news. As an upside, now it's possible to have a
one-pass HMAC.
 2024-06-10 17:29:29 +00:00
Lucas Gabriel Vuotto f6bddfcd70 fold 2024-06-10 17:23:48 +00:00
Lucas Gabriel Vuotto 2ebe3467f8 hash: make blocklen and hashlen part of the implementation 2024-06-10 13:45:57 +00:00
Lucas Gabriel Vuotto 2b3e390bbf Make params struct non-const 
Upcoming changes will push lc_*_ctx into the params struct for higher
order constructions like HMAC or HKDF.
 2024-06-09 15:09:15 +00:00
Lucas Gabriel Vuotto af3fe8a67a lilcrypto.h: group all struct defintions together 2024-06-09 14:55:34 +00:00
Lucas Gabriel Vuotto c2f630ceea impl: only include lilcrypto.h 2024-06-09 14:26:31 +00:00
Lucas Gabriel Vuotto 8f1b773e5f auth/hmac: rename BLOCKSZ to BLOCKLEN 2024-06-09 14:25:05 +00:00
Lucas Gabriel Vuotto f1c4ceea84 Make the block lengths part of the public interface 2024-06-09 14:16:18 +00:00
Lucas Gabriel Vuotto 06e9c5ec67 Rename *_CHUNK* to *_BLOCKLEN* 2024-06-09 14:05:52 +00:00
Lucas Gabriel Vuotto 62eb1ea6f8 aead/chacha20-poly1305: reflect that the keysetup is only for {,X}ChaCha20 2024-06-09 02:21:06 +00:00
Lucas Gabriel Vuotto d2817487e8 aead/chacha20-poly1305: inline anycrypt 
Also use decrypt for the decryption path instead of relying on ChaCha20
using the same stream for encryption and decryption.
 2024-06-09 02:19:51 +00:00
Lucas Gabriel Vuotto fdcba8bcf7 aead: rename argparams to initparams for consistency 2024-06-09 02:05:10 +00:00
Lucas Gabriel Vuotto df532c57f4 wycheproof: make failfast mode the default 
Add -C for "Continue running after failure".
 2024-06-08 13:44:18 +00:00
Lucas Gabriel Vuotto 9c76a90301 cipher/chacha20: rename _common to _anycrypt 2024-06-08 13:39:49 +00:00
Lucas Gabriel Vuotto 2a24aa4f70 hash/sha2: remove unused headers 2024-06-08 02:27:14 +00:00
Lucas Gabriel Vuotto c54ac8289b Shuffle code around in Wycheproof tests 
Group struct, put utility functions before main, put runners after main
and rename kwimpl to kwrunner.
 2024-06-08 00:45:45 +00:00
Lucas Gabriel Vuotto 61d9652b2e Fix Wycheproof tests for params 2024-06-08 00:35:49 +00:00
Lucas Gabriel Vuotto a6208487e4 aead: replace init args with implementation-specific params struct 
This unbreaks {,X}ChaCha20-Poly1305. Thanks to the use of params, the
{,X}ChaCha20-Poly1305 doesn't need to reach into the guts of ChaCha20
state. Move {en,de}cryption and key setup into its own functions.

This breaks the tests, which will be fixed in the following commit.
 2024-06-07 23:29:29 +00:00
Lucas Gabriel Vuotto 79ce4400dd params struct member shouldn't be const 2024-06-07 21:09:26 +00:00
Lucas Gabriel Vuotto 623dd16dc2 cipher: replace init args with a implementation-specific params struct 
This allows for more flexibility in the future. While at it, do note
that the RFC and draft implementations are followed. In particular, in
XChaCha20, hardcode the high word of the counter to 0.

This commit breaks ChaCha20-Poly1305. It'll be fixed in a subsequent
commit.
stash
 2024-06-07 18:52:46 +00:00
Lucas Gabriel Vuotto b26a9c7274 auth: replace init args with a implementation-specific params struct 
This allows for more flexibility in the future.

This commit breaks ChaCha20-Poly1305. It'll be fixed in a subsequent
commit.
 2024-06-07 18:40:14 +00:00
Lucas Gabriel Vuotto ccc2836fa8 Introduce params structs 
This will allow for greater flexibility in the future and a big refactor
in ChaCha20-Poly1305.
 2024-06-07 18:40:14 +00:00