Lucas Gabriel Vuotto
21251045f4
Rename the state block buffers from m{,len} to b{,len}
2024-06-15 21:22:12 +00:00
Lucas Gabriel Vuotto
230dedac16
Rename all algorithm-specific ctx to state
2024-06-15 21:13:31 +00:00
Lucas Gabriel Vuotto
2b76f3df5b
cipher/xchacha20: add one-pass implementation
...
Fix the function pointers while at it.
2024-06-11 03:07:53 +00:00
Lucas Gabriel Vuotto
fb2139eeee
ct/cmp: save the final shift by switching the direction of shifts
2024-06-11 02:29:00 +00:00
Lucas Gabriel Vuotto
d90236bfb9
Zap dangling whitespaces
2024-06-10 17:44:20 +00:00
Lucas Gabriel Vuotto
6677c6cab3
Remove ctx_new and ctx_free function pointers
...
Now that HMAC isn't special anymore, and with the help of init params,
this isn't needed anymore as we only allocate memory for the state.
This effectively reverts e9bcc64e62
.
2024-06-10 17:44:05 +00:00
Lucas Gabriel Vuotto
666b833b98
auth/hmac: complete overhaul
...
Now that there are dedicated struct for initial parameters, make the
HMAC params provide a lc_hash_ctx to be used internally. This makes HMAC
less special and allows it to work with any hash, instead of needing
dedicated inits and ctx_news. As an upside, now it's possible to have a
one-pass HMAC.
2024-06-10 17:29:29 +00:00
Lucas Gabriel Vuotto
f6bddfcd70
fold
2024-06-10 17:23:48 +00:00
Lucas Gabriel Vuotto
2ebe3467f8
hash: make blocklen and hashlen part of the implementation
2024-06-10 13:45:57 +00:00
Lucas Gabriel Vuotto
2b3e390bbf
Make params struct non-const
...
Upcoming changes will push lc_*_ctx into the params struct for higher
order constructions like HMAC or HKDF.
2024-06-09 15:09:15 +00:00
Lucas Gabriel Vuotto
af3fe8a67a
lilcrypto.h: group all struct defintions together
2024-06-09 14:55:34 +00:00
Lucas Gabriel Vuotto
c2f630ceea
impl: only include lilcrypto.h
2024-06-09 14:26:31 +00:00
Lucas Gabriel Vuotto
8f1b773e5f
auth/hmac: rename BLOCKSZ to BLOCKLEN
2024-06-09 14:25:05 +00:00
Lucas Gabriel Vuotto
f1c4ceea84
Make the block lengths part of the public interface
2024-06-09 14:16:18 +00:00
Lucas Gabriel Vuotto
06e9c5ec67
Rename *_CHUNK* to *_BLOCKLEN*
2024-06-09 14:05:52 +00:00
Lucas Gabriel Vuotto
62eb1ea6f8
aead/chacha20-poly1305: reflect that the keysetup is only for {,X}ChaCha20
2024-06-09 02:21:06 +00:00
Lucas Gabriel Vuotto
d2817487e8
aead/chacha20-poly1305: inline anycrypt
...
Also use decrypt for the decryption path instead of relying on ChaCha20
using the same stream for encryption and decryption.
2024-06-09 02:19:51 +00:00
Lucas Gabriel Vuotto
fdcba8bcf7
aead: rename argparams to initparams for consistency
2024-06-09 02:05:10 +00:00
Lucas Gabriel Vuotto
df532c57f4
wycheproof: make failfast mode the default
...
Add -C for "Continue running after failure".
2024-06-08 13:44:18 +00:00
Lucas Gabriel Vuotto
9c76a90301
cipher/chacha20: rename _common to _anycrypt
2024-06-08 13:39:49 +00:00
Lucas Gabriel Vuotto
2a24aa4f70
hash/sha2: remove unused headers
2024-06-08 02:27:14 +00:00
Lucas Gabriel Vuotto
c54ac8289b
Shuffle code around in Wycheproof tests
...
Group struct, put utility functions before main, put runners after main
and rename kwimpl to kwrunner.
2024-06-08 00:45:45 +00:00
Lucas Gabriel Vuotto
61d9652b2e
Fix Wycheproof tests for params
2024-06-08 00:35:49 +00:00
Lucas Gabriel Vuotto
a6208487e4
aead: replace init args with implementation-specific params struct
...
This unbreaks {,X}ChaCha20-Poly1305. Thanks to the use of params, the
{,X}ChaCha20-Poly1305 doesn't need to reach into the guts of ChaCha20
state. Move {en,de}cryption and key setup into its own functions.
This breaks the tests, which will be fixed in the following commit.
2024-06-07 23:29:29 +00:00
Lucas Gabriel Vuotto
79ce4400dd
params struct member shouldn't be const
2024-06-07 21:09:26 +00:00
Lucas Gabriel Vuotto
623dd16dc2
cipher: replace init args with a implementation-specific params struct
...
This allows for more flexibility in the future. While at it, do note
that the RFC and draft implementations are followed. In particular, in
XChaCha20, hardcode the high word of the counter to 0.
This commit breaks ChaCha20-Poly1305. It'll be fixed in a subsequent
commit.
stash
2024-06-07 18:52:46 +00:00
Lucas Gabriel Vuotto
b26a9c7274
auth: replace init args with a implementation-specific params struct
...
This allows for more flexibility in the future.
This commit breaks ChaCha20-Poly1305. It'll be fixed in a subsequent
commit.
2024-06-07 18:40:14 +00:00
Lucas Gabriel Vuotto
ccc2836fa8
Introduce params structs
...
This will allow for greater flexibility in the future and a big refactor
in ChaCha20-Poly1305.
2024-06-07 18:40:14 +00:00
Lucas Gabriel Vuotto
23735c2902
cipher/chacha20: rename *_IVLEN to *_NONCELEN
2024-06-07 18:40:14 +00:00
Lucas Gabriel Vuotto
67d4de1657
Move all inout parameters to the front of the arguments list
2024-06-07 17:47:42 +00:00
Lucas Gabriel Vuotto
7b539ccdcd
cipher/chacha20: logical AND is &&
2024-06-07 17:34:03 +00:00
Lucas Gabriel Vuotto
1a8f813442
hash: implement SHA-{224,256}
...
Add the HMAC and Wycheproof bits for HMAC while at it.
2024-06-07 03:14:21 +00:00
Lucas Gabriel Vuotto
0605d10bb3
Implement XChaCha20 and XChaCha20-Poly1305
2024-06-07 02:18:50 +00:00
Lucas Gabriel Vuotto
06f835e27c
cipher/chacha20: treat the counter as part of the nonce
2024-06-07 00:29:25 +00:00
Lucas Gabriel Vuotto
b793cb5b69
cipher/chacha20: rename chacha20_x to chacha20_common
2024-06-07 00:29:25 +00:00
Lucas Gabriel Vuotto
e5215ac18e
cipher/chacha20: buffer the full input block
...
The final implementation is simpler, at the cost of doing work in
chacha20_x_final.
2024-06-07 00:29:17 +00:00
Lucas Gabriel Vuotto
5bd46fffa6
aead/chacha20-poly1305: use chacha20_x_final instead of reaching into chacha20_ctx guts
2024-06-07 00:29:17 +00:00
Lucas Gabriel Vuotto
11b86db9db
auth/hmac: 0-pad the hashed key in longer-than-blocksize case
2024-06-06 17:14:30 +00:00
Lucas Gabriel Vuotto
d6235df66f
wycheproof: add a failfast mode
2024-06-06 17:12:41 +00:00
Lucas Gabriel Vuotto
52ab9ca179
ct/lc_ct_cmp: improve interface
...
Return 0xffffffff if arguments compare equal, 0 otherwise. Change all
consumers accordingly.
2024-06-06 13:49:25 +00:00
Lucas Gabriel Vuotto
ad42d99e0b
auth: add HMAC implementation
...
This allows for checking the SHA-512 implementation against Wycheproof
via the HMAC tests.
2024-06-06 12:41:44 +00:00
Lucas Gabriel Vuotto
216ef8f940
Add hash interface and SHA-{384,512} implementations
2024-06-06 12:40:38 +00:00
Lucas Gabriel Vuotto
f511cddf0d
Fix *_ctx_new and *_ctx_free implementations
...
They both will only alloc and free the internal *_ctx structs. Get rid
of the void * argument for new and only pass arg to *_free instead of
the whole lc_*_ctx struct.
2024-06-06 11:45:30 +00:00
Lucas Gabriel Vuotto
0a47025c19
util/hexdump_line: fix space padding
2024-06-06 00:56:20 +00:00
Lucas Gabriel Vuotto
6ac9d9b325
util/lc_hexdump_fp: advance pointer
2024-06-05 23:36:48 +00:00
Lucas Gabriel Vuotto
dd94f1e75d
Makefile.inc: organize LC_SRCS and use WARNINGS instead of defining our own
2024-06-05 23:10:04 +00:00
Lucas Gabriel Vuotto
e9bcc64e62
Make all *_impl provide ctx_new and ctx_free functions
2024-06-05 22:05:37 +00:00
Lucas Gabriel Vuotto
fa489d2b4b
Update README to reflect completion of aead_open for ChaCha20-Poly1305
...
Missed in 217145edc0
.
2024-05-31 22:03:52 +00:00
Lucas Gabriel Vuotto
f0b5d01017
util: add hexdump function
2024-05-31 21:54:10 +00:00
Lucas Gabriel Vuotto
f3667cfe05
util: make lc_scrub public
2024-05-31 21:51:37 +00:00