haskell/cryptonite
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,202 Commits 15 Branches 30 Tags 2.5 MiB
71a630edaf
Commit Graph

156 Commits

Author SHA1 Message Date
Gregor Kleen
71a630edaf resumable hashing 2021-06-23 12:29:34 +02:00
Olivier Chéron
72544ea9aa Removed extra semicolon 2020-07-02 19:35:06 +02:00
Olivier Chéron
caec601cd1 Add finalize_prefix functions 2020-06-26 07:16:30 +02:00
Olivier Chéron
0cf0d076ab Add flag use_target_attributes 2020-03-14 08:44:44 +01:00
Olivier Chéron
f5706959a4 AES-NI and PCLMUL with per-function target compiler options 2020-03-14 08:43:44 +01:00
Olivier Chéron
dae01d056d AES-NI with per-file target compiler options 2020-03-14 08:09:12 +01:00
Olivier Chéron
86470d5563 Use conventional declaration order 2020-02-10 06:43:26 +01:00
Olivier Chéron
2579d1e7aa Use smaller value in felem_diff 2020-01-14 21:11:51 +01:00
Olivier Chéron
44a1651d26 Remove NULL checks in inner loop 2020-01-12 18:33:32 +01:00
Olivier Chéron
b08ce5e3ae Add 64-bit implementation for p256 2020-01-12 18:33:32 +01:00
Olivier Chéron
f9a6a35ce3 Prepare 64-bit implementation for p256 2020-01-12 18:33:32 +01:00
Olivier Chéron
f291bd08ef Move p256 felem code 2020-01-12 18:33:32 +01:00
Olivier Chéron
7ac3060873 Better P256.pointMul performance 
Use dedicated function to avoid multiplying the basepoint with 0.
 2020-01-06 18:49:12 +01:00
Olivier Chéron
18c6e37ef1 Merge pull request #300 from ocheron/tc-ecdsa 
ECDSA with a type class
 2019-12-01 08:47:33 +01:00
Brian Wignall
78684bc62b Fix typos 2019-11-30 18:22:26 -05:00
Olivier Chéron
8f75165f8b Time-constant P256 scalar inversion 2019-11-11 17:46:16 +01:00
Olivier Chéron
096e2ec0bd Add XSalsa.derive and example 
This function adds one more HSalsa key derivation to an XSalsa context
that has previously been initialized.  It allows multi-level cascades
like the 2-level done by NaCl crypto_box.
 2019-09-09 19:32:24 +02:00
Olivier Chéron
908f979d44 Add AES-GCM-SIV 2019-08-25 16:38:01 +02:00
Olivier Chéron
0075b57f90 Add internal AES CTR variant with 32-bit counter 
This variant of CTR mode is used by AES-GCM-SIV.  The counter is in
little-endian format and uses the first four bytes of the IV only.
 2019-08-25 08:55:49 +02:00
Olivier Chéron
262252a5c4 Merge pull request #291 from ocheron/p256-point-add 
Faster P256.pointAdd
 2019-08-25 08:51:58 +02:00
Olivier Chéron
4ca77b8cf5 Faster P256.pointAdd 
Convert to projective coordinates without expansive calls to function
'scalar_mult'.
 2019-08-21 09:32:53 +02:00
Olivier Chéron
fc07a8b931 Fix counter wrapping in AES GCM 
The generic and AESNI implementations used different conventions
regarding counter wrapping in GCM.  The generic code was based on
function block128_inc_be, for which the counter is a 128-bit value.
Whereas the AESNI code used intrinsic function _mm_add_epi64, and
therefore wrapping at 2^64.

In NIST.SP.800-38d the GCM specification mandates to use incrementing
function inc32, wrapping after 2^32 blocks.  This commit changes both
generic and AESNI implementations to align to the specification and
adds a test vector specially crafted to start encryption with IV block
0xfffffffffffffffffffffffffffffffe.
 2019-08-20 10:34:40 +02:00
Olivier Chéron
0d32f9b833 Remove unused variables 2019-08-12 21:11:01 +02:00
Olivier Chéron
91c87deae1 Add Crypto.System.CPU 2019-06-15 09:28:02 +02:00
Olivier Chéron
2cf3b75636 AES CCM: use AESNI in CBC-MAC computation when possible 2019-06-06 06:48:22 +02:00
Olivier Chéron
4df2a95276 AES GCM: use Shoup's method with 4-bit table 2019-06-06 06:48:16 +02:00
Olivier Chéron
5b39ae3e48 Add missing void and const 2019-05-26 11:50:07 +02:00
Olivier Chéron
c8a4e48e0c Remove unused variables 2019-05-26 11:50:07 +02:00
Olivier Chéron
d25e44ea61 Add GHASH implementation with PCLMULQDQ 2019-05-19 11:18:40 +02:00
Olivier Chéron
cddbc2cef9 Remove unopt_gf_mul 2019-05-19 11:16:34 +02:00
Olivier Chéron
1551436111 Add KMAC 2019-04-28 09:14:25 +02:00
Olivier Chéron
47123ed97a Better P256 scalar primitives 
Allows scalars in full range [ 0 .. 2^256-1 ].  Modular reduction is
added a few more operations with conditional selection.
 2019-03-24 08:31:45 +01:00
Olivier Chéron
3253501166 Time-constant P256.scalarAdd and P256.scalarSub 2019-03-21 07:04:01 +01:00
Sibi Prabakaran
af9f9548d6
Update reference blake2 implementation with upstream 2019-02-21 17:16:00 +05:30
Olivier Chéron
1490f080a5 Use aligned block128 functions 
Applies similar changes to what was done in #175.
 2018-02-04 14:36:03 +01:00
Olivier Chéron
4926cbb143 Improve types and indentation, fix typo 2018-02-03 19:05:20 +01:00
Baojun Wang
d5f8348a4b use nonce_len for memcpy 2018-02-03 09:34:57 +01:00
Baojun Wang
e01ef4386e Add AESCCM test vectors for testing 2018-02-03 09:34:57 +01:00
Baojun Wang
035693240d fix wrong condition check in cryptonite_aes_ccm_aad 2018-02-03 09:34:57 +01:00
Baojun Wang
fefe5d75e3 flavor condition checks instead of asserts 2018-02-03 09:34:57 +01:00
Baojun Wang
48770bf79f fix aes ccm decryption cbcmac mis-match 2018-02-03 09:34:57 +01:00
Baojun Wang
55bf620365 add aes ccm support 2018-02-03 09:31:36 +01:00
Olivier Chéron
3217038a1a Add pointMulByCofactor and pointHasPrimeOrder 2017-12-17 11:56:33 +01:00
Olivier Chéron
251f164f47 Apply bugfix to Edwards25519.pointsMulVarTime 2017-12-17 09:46:42 +01:00
Olivier Chéron
8d7e0d236c Add P256.pointNegate 2017-11-20 19:28:17 +01:00
Olivier Chéron
6b3bf37eea Use only fixed-window implementation 2017-11-20 19:28:16 +01:00
Olivier Chéron
d497040ddd Avoid direct indexed access in precomputed table 2017-11-20 19:28:16 +01:00
Olivier Chéron
123e22ec08 Ed25519 scalar multiplication with 4-bit fixed window 2017-11-20 19:28:16 +01:00
Olivier Chéron
5778909761 Add Ed25519.pointsMulVarTime 2017-11-20 19:28:16 +01:00
Olivier Chéron
35f1d20b79 Ed25519 scalar add & multiply 2017-11-20 19:28:15 +01:00