Crate hacl_sys

Expand description

hacl-sys

Rust wrapper for hacl.

Platforms

Platform	Supported
MacOS	✅
MacOS Arm64	✅
iOS	✅
iOS Simulator x86_64	❌
Linux x64	✅
Linux x86	✅
Windows x64	❌
Arm64 Linux	✅
Arm32 Linux	✅

Building on Windows

Enabling builds on Windows is tracked in #78.

Structs

Constants

Functions

EverCrypt_AEAD_alg_of_state^⚠
Return the algorithm used in the AEAD state.
EverCrypt_AEAD_create_in^⚠
Create the required AEAD state for the algorithm.
EverCrypt_AEAD_decrypt^⚠
Verify the authenticity of ad || cipher and decrypt cipher into dst.
EverCrypt_AEAD_decrypt_expand^⚠
EverCrypt_AEAD_decrypt_expand_aes128_gcm^⚠
EverCrypt_AEAD_decrypt_expand_aes128_gcm_no_check^⚠
WARNING: this function doesn’t perform any dynamic hardware check. You MUST make sure your hardware supports the implementation of AESGCM. Besides, this function was not designed for cross-compilation: if you compile it on a system which doesn’t support Vale, it will compile it to a function which makes the program exit.
EverCrypt_AEAD_decrypt_expand_aes256_gcm^⚠
EverCrypt_AEAD_decrypt_expand_aes256_gcm_no_check^⚠
WARNING: this function doesn’t perform any dynamic hardware check. You MUST make sure your hardware supports the implementation of AESGCM. Besides, this function was not designed for cross-compilation: if you compile it on a system which doesn’t support Vale, it will compile it to a function which makes the program exit.
EverCrypt_AEAD_decrypt_expand_chacha20_poly1305^⚠
EverCrypt_AEAD_encrypt^⚠
Encrypt and authenticate a message (plain) with associated data (ad).
EverCrypt_AEAD_encrypt_expand^⚠
EverCrypt_AEAD_encrypt_expand_aes128_gcm^⚠
EverCrypt_AEAD_encrypt_expand_aes128_gcm_no_check^⚠
WARNING: this function doesn’t perform any dynamic hardware check. You MUST make sure your hardware supports the implementation of AESGCM. Besides, this function was not designed for cross-compilation: if you compile it on a system which doesn’t support Vale, it will compile it to a function which makes the program exit.
EverCrypt_AEAD_encrypt_expand_aes256_gcm^⚠
EverCrypt_AEAD_encrypt_expand_aes256_gcm_no_check^⚠
WARNING: this function doesn’t perform any dynamic hardware check. You MUST make sure your hardware supports the implementation of AESGCM. Besides, this function was not designed for cross-compilation: if you compile it on a system which doesn’t support Vale, it will compile it to a function which makes the program exit.
EverCrypt_AEAD_encrypt_expand_chacha20_poly1305^⚠
EverCrypt_AEAD_free^⚠
Cleanup and free the AEAD state.
EverCrypt_AEAD_uu___is_Ek^⚠
EverCrypt_AutoConfig2_disable_adx^⚠
EverCrypt_AutoConfig2_disable_aesni^⚠
EverCrypt_AutoConfig2_disable_avx^⚠
EverCrypt_AutoConfig2_disable_avx2^⚠
EverCrypt_AutoConfig2_disable_avx512^⚠
EverCrypt_AutoConfig2_disable_bmi2^⚠
EverCrypt_AutoConfig2_disable_movbe^⚠
EverCrypt_AutoConfig2_disable_pclmulqdq^⚠
EverCrypt_AutoConfig2_disable_rdrand^⚠
EverCrypt_AutoConfig2_disable_shaext^⚠
EverCrypt_AutoConfig2_disable_sse^⚠
EverCrypt_AutoConfig2_has_adx^⚠
EverCrypt_AutoConfig2_has_aesni^⚠
EverCrypt_AutoConfig2_has_avx^⚠
EverCrypt_AutoConfig2_has_avx2^⚠
EverCrypt_AutoConfig2_has_avx512^⚠
EverCrypt_AutoConfig2_has_bmi2^⚠
EverCrypt_AutoConfig2_has_movbe^⚠
EverCrypt_AutoConfig2_has_pclmulqdq^⚠
EverCrypt_AutoConfig2_has_rdrand^⚠
EverCrypt_AutoConfig2_has_shaext^⚠
EverCrypt_AutoConfig2_has_sse^⚠
EverCrypt_AutoConfig2_has_vec128^⚠
EverCrypt_AutoConfig2_has_vec256^⚠
EverCrypt_AutoConfig2_init^⚠
EverCrypt_AutoConfig2_recall^⚠
EverCrypt_Curve25519_ecdh^⚠
Execute the diffie-hellmann key exchange.
EverCrypt_Curve25519_scalarmult^⚠
Compute the scalar multiple of a point.
EverCrypt_Curve25519_secret_to_public^⚠
Calculate a public point from a secret/private key.
EverCrypt_Ed25519_expand_keys^⚠
EverCrypt_Ed25519_secret_to_public^⚠
EverCrypt_Ed25519_sign^⚠
EverCrypt_Ed25519_sign_expanded^⚠
EverCrypt_Ed25519_verify^⚠
EverCrypt_HKDF_expand^⚠
Expand pseudorandom key to desired length.
EverCrypt_HKDF_extract^⚠
Extract a fixed-length pseudorandom key from input keying material.
EverCrypt_HMAC_compute^⚠
EverCrypt_HMAC_is_supported_alg^⚠
EverCrypt_Hash_Incremental_alg_of_state^⚠
Perform a run-time test to determine which algorithm was chosen for the given piece of state.
EverCrypt_Hash_Incremental_create_in^⚠
Allocate initial state for the agile hash. The argument a stands for the choice of algorithm (see Hacl_Spec.h). This API will automatically pick the most efficient implementation, provided you have called EverCrypt_AutoConfig2_init() before. The state is to be freed by calling free.
EverCrypt_Hash_Incremental_finish^⚠
Write the resulting hash into dst, an array whose length is algorithm-specific. You can use the macros defined earlier in this file to allocate a destination buffer of the right length. The state remains valid after a call to finish, meaning the user may feed more data into the hash via update. (The finish function operates on an internal copy of the state and therefore does not invalidate the client-held state.)
EverCrypt_Hash_Incremental_free^⚠
Free a state previously allocated with create_in.
EverCrypt_Hash_Incremental_hash^⚠
Hash input, of len len, into dst, an array whose length is determined by your choice of algorithm a (see Hacl_Spec.h). You can use the macros defined earlier in this file to allocate a destination buffer of the right length. This API will automatically pick the most efficient implementation, provided you have called EverCrypt_AutoConfig2_init() before.
EverCrypt_Hash_Incremental_hash_len^⚠
EverCrypt_Hash_Incremental_init^⚠
Reset an existing state to the initial hash state with empty data.
EverCrypt_Hash_Incremental_update^⚠
Feed an arbitrary amount of data into the hash. This function returns EverCrypt_Error_Success for success, or EverCrypt_Error_MaximumLengthExceeded if the combined length of all of the data passed to update (since the last call to init) exceeds 2^61-1 bytes or 2^64-1 bytes, depending on the choice of algorithm. Both limits are unlikely to be attained in practice.
Hacl_Bignum64_add^⚠
Write a + b mod 2 ^ (64 * len) in res.
Hacl_Bignum64_add_mod^⚠
Write (a + b) mod n in res.
Hacl_Bignum64_bn_to_bytes_be^⚠
Serialize a bignum into big-endian memory.
Hacl_Bignum64_bn_to_bytes_le^⚠
Serialize a bignum into little-endian memory.
Hacl_Bignum64_eq_mask^⚠
Returns 2^64 - 1 if a = b, otherwise returns 0.
Hacl_Bignum64_lt_mask^⚠
Returns 2^64 - 1 if a < b, otherwise returns 0.
Hacl_Bignum64_mod^⚠
Write a mod n in res.
Hacl_Bignum64_mod_exp_consttime^⚠
Write a ^ b mod n in res.
Hacl_Bignum64_mod_exp_consttime_precomp^⚠
Write a ^ b mod n in res.
Hacl_Bignum64_mod_exp_vartime^⚠
Write a ^ b mod n in res.
Hacl_Bignum64_mod_exp_vartime_precomp^⚠
Write a ^ b mod n in res.
Hacl_Bignum64_mod_inv_prime_vartime^⚠
Write a ^ (-1) mod n in res.
Hacl_Bignum64_mod_inv_prime_vartime_precomp^⚠
Write a ^ (-1) mod n in res.
Hacl_Bignum64_mod_precomp^⚠
Write a mod n in res.
Hacl_Bignum64_mont_ctx_free^⚠
Deallocate the memory previously allocated by Hacl_Bignum64_mont_ctx_init.
Hacl_Bignum64_mont_ctx_init^⚠
Heap-allocate and initialize a montgomery context.
Hacl_Bignum64_mul^⚠
Write a * b in res.
Hacl_Bignum64_new_bn_from_bytes_be^⚠
Load a bid-endian bignum from memory.
Hacl_Bignum64_new_bn_from_bytes_le^⚠
Load a little-endian bignum from memory.
Hacl_Bignum64_sqr^⚠
Write a * a in res.
Hacl_Bignum64_sub^⚠
Write a - b mod 2 ^ (64 * len) in res.
Hacl_Bignum64_sub_mod^⚠
Write (a - b) mod n in res.
Hacl_Blake2b_32_blake2b^⚠
Write the BLAKE2b digest of message d using key k into output.
Hacl_Blake2b_32_blake2b_finish^⚠
Hacl_Blake2b_32_blake2b_init^⚠
Hacl_Blake2b_32_blake2b_malloc^⚠
Hacl_Blake2b_32_blake2b_update_key^⚠
Hacl_Blake2b_256_blake2b^⚠
Write the BLAKE2b digest of message d using key k into output.
Hacl_Blake2b_256_blake2b_finish^⚠
Hacl_Blake2b_256_blake2b_init^⚠
Hacl_Blake2b_256_blake2b_malloc^⚠
Hacl_Blake2b_256_blake2b_update_key^⚠
Hacl_Blake2b_256_load_state256b_from_state32^⚠
Hacl_Blake2b_256_store_state256b_to_state32^⚠
Hacl_Blake2s_32_blake2s^⚠
Write the BLAKE2s digest of message d using key k into output.
Hacl_Blake2s_32_blake2s_finish^⚠
Hacl_Blake2s_32_blake2s_init^⚠
Hacl_Blake2s_32_blake2s_malloc^⚠
Hacl_Blake2s_32_blake2s_update_key^⚠
Hacl_Blake2s_32_blake2s_update_last^⚠
Hacl_Blake2s_32_blake2s_update_multi^⚠
Hacl_Blake2s_128_blake2s^⚠
Write the BLAKE2s digest of message d using key k into output.
Hacl_Blake2s_128_blake2s_finish^⚠
Hacl_Blake2s_128_blake2s_init^⚠
Hacl_Blake2s_128_blake2s_malloc^⚠
Hacl_Blake2s_128_blake2s_update_key^⚠
Hacl_Blake2s_128_blake2s_update_last^⚠
Hacl_Blake2s_128_blake2s_update_multi^⚠
Hacl_Blake2s_128_load_state128s_from_state32^⚠
Hacl_Blake2s_128_store_state128s_to_state32^⚠
Hacl_Chacha20Poly1305_32_aead_decrypt^⚠
Decrypt a ciphertext cipher with key k.
Hacl_Chacha20Poly1305_32_aead_encrypt^⚠
Encrypt a message m with key k.
Hacl_Chacha20Poly1305_128_aead_decrypt^⚠
Decrypt a ciphertext cipher with key k.
Hacl_Chacha20Poly1305_128_aead_encrypt^⚠
Encrypt a message m with key k.
Hacl_Chacha20Poly1305_256_aead_decrypt^⚠
Decrypt a ciphertext cipher with key k.
Hacl_Chacha20Poly1305_256_aead_encrypt^⚠
Encrypt a message m with key k.
Hacl_Curve25519_51_ecdh^⚠
Execute the diffie-hellmann key exchange.
Hacl_Curve25519_51_scalarmult^⚠
Compute the scalar multiple of a point.
Hacl_Curve25519_51_secret_to_public^⚠
Calculate a public point from a secret/private key.
Hacl_Curve25519_64_ecdh^⚠
Execute the diffie-hellmann key exchange.
Hacl_Curve25519_64_scalarmult^⚠
Compute the scalar multiple of a point.
Hacl_Curve25519_64_secret_to_public^⚠
Calculate a public point from a secret/private key.
Hacl_Ed25519_expand_keys^⚠
Compute the expanded keys for an Ed25519 signature.
Hacl_Ed25519_secret_to_public^⚠
Compute the public key from the private key.
Hacl_Ed25519_sign^⚠
Create an Ed25519 signature.
Hacl_Ed25519_sign_expanded^⚠
Create an Ed25519 signature with the (precomputed) expanded keys.
Hacl_Ed25519_verify^⚠
Verify an Ed25519 signature.
Hacl_HKDF_expand_blake2b_32^⚠
Expand pseudorandom key to desired length.
Hacl_HKDF_expand_blake2s_32^⚠
Expand pseudorandom key to desired length.
Hacl_HKDF_expand_sha2_256^⚠
Expand pseudorandom key to desired length.
Hacl_HKDF_expand_sha2_384^⚠
Expand pseudorandom key to desired length.
Hacl_HKDF_expand_sha2_512^⚠
Expand pseudorandom key to desired length.
Hacl_HKDF_extract_blake2b_32^⚠
Extract a fixed-length pseudorandom key from input keying material.
Hacl_HKDF_extract_blake2s_32^⚠
Extract a fixed-length pseudorandom key from input keying material.
Hacl_HKDF_extract_sha2_256^⚠
Extract a fixed-length pseudorandom key from input keying material.
Hacl_HKDF_extract_sha2_384^⚠
Extract a fixed-length pseudorandom key from input keying material.
Hacl_HKDF_extract_sha2_512^⚠
Extract a fixed-length pseudorandom key from input keying material.
Hacl_HMAC_DRBG_create_in^⚠
Create a DRBG state.
Hacl_HMAC_DRBG_free^⚠
Hacl_HMAC_DRBG_generate^⚠
Generate output.
Hacl_HMAC_DRBG_instantiate^⚠
Instantiate the DRBG.
Hacl_HMAC_DRBG_min_length^⚠
Return the minimal entropy input length of the desired hash function.
Hacl_HMAC_DRBG_reseed^⚠
Reseed the DRBG.
Hacl_HMAC_DRBG_uu___is_State^⚠
Hacl_HMAC_compute_blake2b_32^⚠
Write the HMAC-BLAKE2b MAC of a message (data) by using a key (key) into dst.
Hacl_HMAC_compute_blake2s_32^⚠
Write the HMAC-BLAKE2s MAC of a message (data) by using a key (key) into dst.
Hacl_HMAC_compute_sha2_256^⚠
Write the HMAC-SHA-2-256 MAC of a message (data) by using a key (key) into dst.
Hacl_HMAC_compute_sha2_384^⚠
Write the HMAC-SHA-2-384 MAC of a message (data) by using a key (key) into dst.
Hacl_HMAC_compute_sha2_512^⚠
Write the HMAC-SHA-2-512 MAC of a message (data) by using a key (key) into dst.
Hacl_HMAC_legacy_compute_sha1^⚠
Write the HMAC-SHA-1 MAC of a message (data) by using a key (key) into dst.
Hacl_Hash_SHA2_hash_224^⚠
Hacl_Hash_SHA2_hash_256^⚠
Hacl_Hash_SHA2_hash_384^⚠
Hacl_Hash_SHA2_hash_512^⚠
Hacl_Hash_SHA2_update_last_224^⚠
Hacl_Hash_SHA2_update_last_256^⚠
Hacl_Hash_SHA2_update_multi_224^⚠
Hacl_Hash_SHA2_update_multi_256^⚠
Hacl_Hash_SHA2_update_multi_384^⚠
Hacl_Hash_SHA2_update_multi_512^⚠
Hacl_P256_compressed_to_raw^⚠
Convert 33-byte compressed to raw.
Hacl_P256_dh_initiator^⚠
Convert a private key into a raw public key.
Hacl_P256_dh_responder^⚠
ECDH key agreement.
Hacl_P256_ecdsa_sign_p256_sha2^⚠
Hash the message with SHA2-256, then sign the resulting digest with the P256 signature function.
Hacl_P256_ecdsa_sign_p256_sha384^⚠
Hash the message with SHA2-384, then sign the resulting digest with the P256 signature function.
Hacl_P256_ecdsa_sign_p256_sha512^⚠
Hash the message with SHA2-512, then sign the resulting digest with the P256 signature function.
Hacl_P256_ecdsa_sign_p256_without_hash^⚠
P256 signature WITHOUT hashing first.
Hacl_P256_ecdsa_verif_p256_sha2^⚠
The input of the function is considered to be public, thus this code is not secret independent with respect to the operations done over the input.
Hacl_P256_ecdsa_verif_p256_sha384^⚠
The input of the function is considered to be public, thus this code is not secret independent with respect to the operations done over the input.
Hacl_P256_ecdsa_verif_p256_sha512^⚠
The input of the function is considered to be public, thus this code is not secret independent with respect to the operations done over the input.
Hacl_P256_ecdsa_verif_without_hash^⚠
The input of the function is considered to be public, thus this code is not secret independent with respect to the operations done over the input.
Hacl_P256_raw_to_compressed^⚠
Convert raw to 33-byte compressed.
Hacl_P256_raw_to_uncompressed^⚠
Convert raw to 65-byte uncompressed.
Hacl_P256_uncompressed_to_raw^⚠
Convert 65-byte uncompressed to raw.
Hacl_P256_validate_private_key^⚠
Validate a private key, e.g. prior to signing.
Hacl_P256_validate_public_key^⚠
Validate a public key.
Hacl_RSAPSS_mgf_hash^⚠
The mask generation function defined in the Public Key Cryptography Standard #1 (https://www.ietf.org/rfc/rfc2437.txt Section 10.2.1)
Hacl_RSAPSS_new_rsapss_load_pkey^⚠
Load a public key from key parts.
Hacl_RSAPSS_new_rsapss_load_skey^⚠
Load a secret key from key parts.
Hacl_RSAPSS_rsapss_pkey_verify^⚠
Verify the signature sgnt of a message msg.
Hacl_RSAPSS_rsapss_sign^⚠
Sign a message msg and write the signature to sgnt.
Hacl_RSAPSS_rsapss_skey_sign^⚠
Sign a message msg and write the signature to sgnt.
Hacl_RSAPSS_rsapss_verify^⚠
Verify the signature sgnt of a message msg.
Hacl_SHA3_sha3_224^⚠
Hacl_SHA3_sha3_256^⚠
Hacl_SHA3_sha3_384^⚠
Hacl_SHA3_sha3_512^⚠
Hacl_SHA3_shake128_hacl^⚠
Hacl_SHA3_shake256_hacl^⚠
Hacl_Streaming_SHA2_copy_256^⚠
Copies the state passed as argument into a newly allocated state (deep copy). The state is to be freed by calling free_256. Cloning the state this way is useful, for instance, if your control-flow diverges and you need to feed more (different) data into the hash in each branch.
Hacl_Streaming_SHA2_copy_512^⚠
Copies the state passed as argument into a newly allocated state (deep copy). The state is to be freed by calling free_512. Cloning the state this way is useful, for instance, if your control-flow diverges and you need to feed more (different) data into the hash in each branch.
Hacl_Streaming_SHA2_create_in_224^⚠
Hacl_Streaming_SHA2_create_in_256^⚠
Allocate initial state for the SHA2_256 hash. The state is to be freed by calling free_256.
Hacl_Streaming_SHA2_create_in_384^⚠
Hacl_Streaming_SHA2_create_in_512^⚠
Hacl_Streaming_SHA2_finish_224^⚠
Write the resulting hash into dst, an array of 28 bytes. The state remains valid after a call to finish_224, meaning the user may feed more data into the hash via update_224.
Hacl_Streaming_SHA2_finish_256^⚠
Write the resulting hash into dst, an array of 32 bytes. The state remains valid after a call to finish_256, meaning the user may feed more data into the hash via update_256. (The finish_256 function operates on an internal copy of the state and therefore does not invalidate the client-held state p.)
Hacl_Streaming_SHA2_finish_384^⚠
Write the resulting hash into dst, an array of 48 bytes. The state remains valid after a call to finish_384, meaning the user may feed more data into the hash via update_384.
Hacl_Streaming_SHA2_finish_512^⚠
Write the resulting hash into dst, an array of 64 bytes. The state remains valid after a call to finish_512, meaning the user may feed more data into the hash via update_512. (The finish_512 function operates on an internal copy of the state and therefore does not invalidate the client-held state p.)
Hacl_Streaming_SHA2_free_224^⚠
Hacl_Streaming_SHA2_free_256^⚠
Free a state allocated with create_in_256.
Hacl_Streaming_SHA2_free_384^⚠
Hacl_Streaming_SHA2_free_512^⚠
Free a state allocated with create_in_512.
Hacl_Streaming_SHA2_init_224^⚠
Hacl_Streaming_SHA2_init_256^⚠
Reset an existing state to the initial hash state with empty data.
Hacl_Streaming_SHA2_init_384^⚠
Hacl_Streaming_SHA2_init_512^⚠
Hacl_Streaming_SHA2_sha224^⚠
Hash input, of len input_len, into dst, an array of 28 bytes.
Hacl_Streaming_SHA2_sha256^⚠
Hash input, of len input_len, into dst, an array of 32 bytes.
Hacl_Streaming_SHA2_sha384^⚠
Hash input, of len input_len, into dst, an array of 48 bytes.
Hacl_Streaming_SHA2_sha512^⚠
Hash input, of len input_len, into dst, an array of 64 bytes.
Hacl_Streaming_SHA2_update_224^⚠
Hacl_Streaming_SHA2_update_256^⚠
Feed an arbitrary amount of data into the hash. This function returns 0 for success, or 1 if the combined length of all of the data passed to update_256 (since the last call to init_256) exceeds 2^61-1 bytes.
Hacl_Streaming_SHA2_update_384^⚠
Hacl_Streaming_SHA2_update_512^⚠
Feed an arbitrary amount of data into the hash. This function returns 0 for success, or 1 if the combined length of all of the data passed to update_512 (since the last call to init_512) exceeds 2^125-1 bytes.
Hacl_Streaming_SHA3_copy_256^⚠
Hacl_Streaming_SHA3_create_in_256^⚠
Hacl_Streaming_SHA3_finish_256^⚠
Hacl_Streaming_SHA3_free_256^⚠
Hacl_Streaming_SHA3_init_256^⚠
Hacl_Streaming_SHA3_update_256^⚠
0 = success, 1 = max length exceeded. Due to internal limitations, there is currently an arbitrary limit of 2^64-1 bytes that can be hashed through this interface.