dcrypt 0.14.0-beta.7

dcrypt is a pure Rust software-only cryptographic library for DePIN Network's Web4 infrastructure framework providing both traditional and post-quantum cryptography. Designed with emphasis on security, modularity, performance, and usability, dcrypt eliminates foreign function interfaces (FFI) ensuring memory safety and cross-platform compatibility.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127

# SHA-2 Hash Functions

This module provides a comprehensive suite of SHA-2 (Secure Hash Algorithm 2) hash functions as specified in **FIPS PUB 180-4**. The implementations prioritize security, correctness, and a consistent, ergonomic API, with a strong focus on resistance to side-channel attacks.

## Overview

The SHA-2 family consists of six hash functions with varying digest sizes. They are a fundamental component of modern cryptography, used in digital signatures, message authentication codes, and a wide range of other security protocols.

This implementation provides all standard SHA-2 variants and is designed for high-assurance applications where security is paramount.

## Features

-   **Complete SHA-2 Family:** All standard variants are available.
-   **Unified API:** All variants implement the `HashFunction` trait, providing a consistent interface for hashing and verification.
-   **Security-First Design:**
    -   **Secure Memory Handling:** Intermediate calculations, such as the message schedule (`W` array) and working variables (`a, b, c, ...`), are stored in secure, zeroizing buffers (`EphemeralSecret`, `ZeroizeGuard`) to prevent secret-dependent data from leaking through memory side-channels.
    -   **Automatic Zeroization:** All sensitive state is securely wiped from memory when the hasher object is dropped.
    -   **Side-Channel Resistance:** Memory barriers (`compiler_fence`) are used to prevent compiler reordering that could introduce timing vulnerabilities.
-   **Type Safety:** The use of a generic `Digest<N>` type for hash outputs ensures that digests of different sizes (e.g., from SHA-256 and SHA-384) cannot be accidentally interchanged at compile time.
-   **`no_std` Compatibility:** Fully usable in embedded and resource-constrained environments (requires `alloc`).

## Supported Variants

This module provides the following FIPS-compliant SHA-2 hash functions:

| Struct        | Output Size (bits) | Output Size (bytes) | Block Size (bytes) |
| :------------ | :----------------- | :------------------ | :----------------- |
| `Sha224`      | 224                | 28                  | 64                 |
| `Sha256`      | 256                | 32                  | 64                 |
| `Sha384`      | 384                | 48                  | 128                |
| `Sha512`      | 512                | 64                  | 128                |
| `Sha512_224`  | 224                | 28                  | 128                |
| `Sha512_256`  | 256                | 32                  | 128                |

## Core API: The `HashFunction` Trait

All SHA-2 structs implement the `HashFunction` trait from the parent `dcrypt::algorithms::hash` module, providing a consistent and ergonomic API for all hashing operations.

```rust
pub trait HashFunction {
    // Creates a new hasher instance.
    fn new() -> Self;

    // Updates the hash state with more data. Can be called multiple times.
    fn update(&mut self, data: &[u8]) -> Result<&mut Self>;

    // Finalizes the hash computation and returns the digest.
    fn finalize(&mut self) -> Result<Self::Output>;

    // Convenience method for one-shot hashing.
    fn digest(data: &[u8]) -> Result<Self::Output>;

    // Convenience method for verifying a hash against input data in constant time.
    fn verify(data: &[u8], expected: &Self::Output) -> Result<bool>;
}
```

## Usage Examples

### One-Shot Hashing (SHA-256)

For simple, single inputs, the `digest` method is the most straightforward.

```rust
use dcrypt::algorithms::hash::{Sha256, HashFunction};

let data = b"some important data";
let digest = Sha256::digest(data).unwrap();

println!("SHA-256: {}", digest.to_hex());
// Output: SHA-256: 1307990e6ba5ca145eb35e99182a9bec46531bc54ddf656a602c780fa0240dee
```

### Incremental (Streaming) Hashing (SHA-512)

For large files or network streams, the incremental API allows you to process data in chunks.

```rust
use dcrypt::algorithms::hash::{Sha512, HashFunction};

let mut hasher = Sha512::new();
hasher.update(b"this is the first part of a very long message, ")
      .unwrap()
      .update(b"and this is the second and final part.")
      .unwrap();

let digest = hasher.finalize().unwrap();

println!("SHA-512: {}", digest.to_hex());
```

### Hash Verification

The `verify` method provides a convenient and **constant-time** way to check if a digest matches a given message, preventing timing attacks.

```rust
use dcrypt::algorithms::hash::{Sha256, HashFunction};

let data = b"verify me";
let correct_digest = Sha256::digest(data).unwrap();
let incorrect_digest = Sha256::digest(b"wrong data").unwrap();

// Verification should succeed
assert!(Sha256::verify(data, &correct_digest).unwrap());

// Verification should fail for a different message
assert!(!Sha256::verify(b"wrong data", &correct_digest).unwrap());

// Verification should fail for a different digest
assert!(!Sha256::verify(data, &incorrect_digest).unwrap());
```

### Using a Different Variant (SHA-384)

The API remains the same across all SHA-2 variants, with the only difference being the struct name and the size of the output `Digest`.

```rust
use dcrypt::algorithms::hash::{Sha384, HashFunction};

let data = b"some other data";
let digest = Sha384::digest(data).unwrap();

// The Digest<N> type provides the correct size at compile time.
assert_eq!(digest.len(), 48); // SHA-384 produces a 48-byte digest

println!("SHA-384: {}", digest.to_hex());
```