f1c4ceea84
Make the block lengths part of the public interface
2024-06-09 14:16:18 +00:00
06e9c5ec67
Rename *_CHUNK* to *_BLOCKLEN*
2024-06-09 14:05:52 +00:00
62eb1ea6f8
aead/chacha20-poly1305: reflect that the keysetup is only for {,X}ChaCha20
2024-06-09 02:21:06 +00:00
d2817487e8
aead/chacha20-poly1305: inline anycrypt
...
Also use decrypt for the decryption path instead of relying on ChaCha20
using the same stream for encryption and decryption.
2024-06-09 02:19:51 +00:00
fdcba8bcf7
aead: rename argparams to initparams for consistency
2024-06-09 02:05:10 +00:00
df532c57f4
wycheproof: make failfast mode the default
...
Add -C for "Continue running after failure".
2024-06-08 13:44:18 +00:00
9c76a90301
cipher/chacha20: rename _common to _anycrypt
2024-06-08 13:39:49 +00:00
2a24aa4f70
hash/sha2: remove unused headers
2024-06-08 02:27:14 +00:00
c54ac8289b
Shuffle code around in Wycheproof tests
...
Group struct, put utility functions before main, put runners after main
and rename kwimpl to kwrunner.
2024-06-08 00:45:45 +00:00
61d9652b2e
Fix Wycheproof tests for params
2024-06-08 00:35:49 +00:00
a6208487e4
aead: replace init args with implementation-specific params struct
...
This unbreaks {,X}ChaCha20-Poly1305. Thanks to the use of params, the
{,X}ChaCha20-Poly1305 doesn't need to reach into the guts of ChaCha20
state. Move {en,de}cryption and key setup into its own functions.
This breaks the tests, which will be fixed in the following commit.
2024-06-07 23:29:29 +00:00
79ce4400dd
params struct member shouldn't be const
2024-06-07 21:09:26 +00:00
623dd16dc2
cipher: replace init args with a implementation-specific params struct
...
This allows for more flexibility in the future. While at it, do note
that the RFC and draft implementations are followed. In particular, in
XChaCha20, hardcode the high word of the counter to 0.
This commit breaks ChaCha20-Poly1305. It'll be fixed in a subsequent
commit.
stash
2024-06-07 18:52:46 +00:00
b26a9c7274
auth: replace init args with a implementation-specific params struct
...
This allows for more flexibility in the future.
This commit breaks ChaCha20-Poly1305. It'll be fixed in a subsequent
commit.
2024-06-07 18:40:14 +00:00
ccc2836fa8
Introduce params structs
...
This will allow for greater flexibility in the future and a big refactor
in ChaCha20-Poly1305.
2024-06-07 18:40:14 +00:00
23735c2902
cipher/chacha20: rename *_IVLEN to *_NONCELEN
2024-06-07 18:40:14 +00:00
67d4de1657
Move all inout parameters to the front of the arguments list
2024-06-07 17:47:42 +00:00
7b539ccdcd
cipher/chacha20: logical AND is &&
2024-06-07 17:34:03 +00:00
1a8f813442
hash: implement SHA-{224,256}
...
Add the HMAC and Wycheproof bits for HMAC while at it.
2024-06-07 03:14:21 +00:00
0605d10bb3
Implement XChaCha20 and XChaCha20-Poly1305
2024-06-07 02:18:50 +00:00
06f835e27c
cipher/chacha20: treat the counter as part of the nonce
2024-06-07 00:29:25 +00:00
b793cb5b69
cipher/chacha20: rename chacha20_x to chacha20_common
2024-06-07 00:29:25 +00:00
e5215ac18e
cipher/chacha20: buffer the full input block
...
The final implementation is simpler, at the cost of doing work in
chacha20_x_final.
2024-06-07 00:29:17 +00:00
5bd46fffa6
aead/chacha20-poly1305: use chacha20_x_final instead of reaching into chacha20_ctx guts
2024-06-07 00:29:17 +00:00
11b86db9db
auth/hmac: 0-pad the hashed key in longer-than-blocksize case
2024-06-06 17:14:30 +00:00
d6235df66f
wycheproof: add a failfast mode
2024-06-06 17:12:41 +00:00
52ab9ca179
ct/lc_ct_cmp: improve interface
...
Return 0xffffffff if arguments compare equal, 0 otherwise. Change all
consumers accordingly.
2024-06-06 13:49:25 +00:00
ad42d99e0b
auth: add HMAC implementation
...
This allows for checking the SHA-512 implementation against Wycheproof
via the HMAC tests.
2024-06-06 12:41:44 +00:00
216ef8f940
Add hash interface and SHA-{384,512} implementations
2024-06-06 12:40:38 +00:00
f511cddf0d
Fix *_ctx_new and *_ctx_free implementations
...
They both will only alloc and free the internal *_ctx structs. Get rid
of the void * argument for new and only pass arg to *_free instead of
the whole lc_*_ctx struct.
2024-06-06 11:45:30 +00:00
0a47025c19
util/hexdump_line: fix space padding
2024-06-06 00:56:20 +00:00
6ac9d9b325
util/lc_hexdump_fp: advance pointer
2024-06-05 23:36:48 +00:00
dd94f1e75d
Makefile.inc: organize LC_SRCS and use WARNINGS instead of defining our own
2024-06-05 23:10:04 +00:00
e9bcc64e62
Make all *_impl provide ctx_new and ctx_free functions
2024-06-05 22:05:37 +00:00
fa489d2b4b
Update README to reflect completion of aead_open for ChaCha20-Poly1305
...
Missed in 217145edc0
.
2024-05-31 22:03:52 +00:00
f0b5d01017
util: add hexdump function
2024-05-31 21:54:10 +00:00
f3667cfe05
util: make lc_scrub public
2024-05-31 21:51:37 +00:00
afc2e4b721
wycheproof: hide debug output behind -v flag
2024-05-31 16:53:05 +00:00
e62534925b
wycheproof: depend on the static lib
2024-05-31 16:47:18 +00:00
6f0fdd23f6
wycheproof_aead: test against lc_aead_open
2024-05-31 16:46:54 +00:00
217145edc0
aead: implement ChaCha20-Poly1305 open
2024-05-31 16:46:05 +00:00
8f8924bfdf
Make .gitignore ignore all the obj/ directories
2024-05-31 11:48:43 +00:00
eedaa46831
wycheproof_aead: divide by 8 at parse time
2024-05-31 11:47:42 +00:00
7bc527c769
initial import
2024-05-31 10:59:58 +00:00