libcrux_secrets/lib.rs
1//! # Libcrux Secrets
2//!
3//! This crate implements classification and declassification operations over
4//! machine integers and arrays/slices of machine integers
5//!
6//! To check your code for secret independence, you first identify all the secret
7//! values in your code and swap their types to use secret integers:
8//! - u8 -> U8, i16 -> I16 etc.
9//! - [u8] -> U8, [i16; N] -> [I16; N], etc
10//! You should be able to run your code as before with no performance impact
11//!
12//! Then you can turn on the feature `check-secret-independence` to check
13//! whether your code obeys the secret independent coding discipline:
14//! - does it branch on comparisons over secret values?
15//! - does it access arrays on secret indices?
16//! - does it use non-constant-time operations like division or modulus?
17//!
18//! To convince the typechecker, you will need to convert some public values to secret
19//! using `.classify()` operations.
20//!
21//! In some cases, you may decide that a certain declassification of secret values to
22//! public values is safe, and in this case you may use a `.declassify()` operation.
23//! However, note that every use of `.declassify()` is at the responsibility of the
24//! programmer and represents a potential side-channel leak
25//!
26#![no_std]
27
28mod traits;
29pub use traits::*;
30mod int;
31pub use int::*;