Crate libcrux_hacl
source ·Expand description
HACL Sys
Bindings to HACL C code
Structs
Constants
Functions
- Return the algorithm used in the AEAD state.
- Create the required AEAD state for the algorithm.
- Verify the authenticity of
ad
||cipher
and decryptcipher
intodst
. - WARNING: this function doesn’t perform any dynamic hardware check. You MUST make sure your hardware supports the implementation of AESGCM. Besides, this function was not designed for cross-compilation: if you compile it on a system which doesn’t support Vale, it will compile it to a function which makes the program exit.
- WARNING: this function doesn’t perform any dynamic hardware check. You MUST make sure your hardware supports the implementation of AESGCM. Besides, this function was not designed for cross-compilation: if you compile it on a system which doesn’t support Vale, it will compile it to a function which makes the program exit.
- Encrypt and authenticate a message (
plain
) with associated data (ad
). - WARNING: this function doesn’t perform any dynamic hardware check. You MUST make sure your hardware supports the implementation of AESGCM. Besides, this function was not designed for cross-compilation: if you compile it on a system which doesn’t support Vale, it will compile it to a function which makes the program exit.
- WARNING: this function doesn’t perform any dynamic hardware check. You MUST make sure your hardware supports the implementation of AESGCM. Besides, this function was not designed for cross-compilation: if you compile it on a system which doesn’t support Vale, it will compile it to a function which makes the program exit.
- Cleanup and free the AEAD state.
- Both encryption and decryption require a state that holds the key. The state may be reused as many times as desired.
- Decrypt a ciphertext
input
with keykey
. - Encrypt a message
input
with keykey
. - Decrypt a ciphertext
input
with keykey
. - Encrypt a message
input
with keykey
. - Decrypt a ciphertext
input
with keykey
. - Encrypt a message
input
with keykey
. - Execute the diffie-hellmann key exchange.
- Compute the scalar multiple of a point.
- Calculate a public point from a secret/private key.
- Execute the diffie-hellmann key exchange.
- Compute the scalar multiple of a point.
- Calculate a public point from a secret/private key.
- Compute the expanded keys for an Ed25519 signature.
- Compute the public key from the private key.
- Create an Ed25519 signature.
- Create an Ed25519 signature with the (precomputed) expanded keys.
- Verify an Ed25519 signature.
- Expand pseudorandom key to desired length.
- Expand pseudorandom key to desired length.
- Expand pseudorandom key to desired length.
- Expand pseudorandom key to desired length.
- Expand pseudorandom key to desired length.
- Extract a fixed-length pseudorandom key from input keying material.
- Extract a fixed-length pseudorandom key from input keying material.
- Extract a fixed-length pseudorandom key from input keying material.
- Extract a fixed-length pseudorandom key from input keying material.
- Extract a fixed-length pseudorandom key from input keying material.
- Create a DRBG state.
- Generate output.
- Instantiate the DRBG.
- Return the minimal entropy input length of the desired hash function.
- Reseed the DRBG.
- Write the HMAC-BLAKE2b MAC of a message (
data
) by using a key (key
) intodst
. - Write the HMAC-BLAKE2s MAC of a message (
data
) by using a key (key
) intodst
. - Write the HMAC-SHA-1 MAC of a message (
data
) by using a key (key
) intodst
. - Write the HMAC-SHA-2-256 MAC of a message (
data
) by using a key (key
) intodst
. - Write the HMAC-SHA-2-384 MAC of a message (
data
) by using a key (key
) intodst
. - Write the HMAC-SHA-2-512 MAC of a message (
data
) by using a key (key
) intodst
. - Finish function when there is no key
- Free state function when there is no key
- Write the BLAKE2b digest of message
input
using keykey
intooutput
. - State allocation function when there is no key
- Re-initialization function when there is no key
- Update function when there is no key; 0 = success, 1 = max length exceeded
- Finish function when there is no key
- Free state function when there is no key
- Write the BLAKE2b digest of message
input
using keykey
intooutput
. - State allocation function when there is no key
- Re-initialization function when there is no key
- Update function when there is no key; 0 = success, 1 = max length exceeded
- Finish function when there is no key
- Free state function when there is no key
- Write the BLAKE2s digest of message
input
using keykey
intooutput
. - State allocation function when there is no key
- Re-initialization function when there is no key
- Update function when there is no key; 0 = success, 1 = max length exceeded
- Finish function when there is no key
- Free state function when there is no key
- Write the BLAKE2s digest of message
input
using keykey
intooutput
. - State allocation function when there is no key
- Re-initialization function when there is no key
- Update function when there is no key; 0 = success, 1 = max length exceeded
- 0 = success, 1 = max length exceeded
- Copies the state passed as argument into a newly allocated state (deep copy). The state is to be freed by calling
free_256
. Cloning the state this way is useful, for instance, if your control-flow diverges and you need to feed more (different) data into the hash in each branch. - Copies the state passed as argument into a newly allocated state (deep copy). The state is to be freed by calling
free_512
. Cloning the state this way is useful, for instance, if your control-flow diverges and you need to feed more (different) data into the hash in each branch. - Write the resulting hash into
output
, an array of 28 bytes. The state remains valid after a call todigest_224
, meaning the user may feed more data into the hash viaupdate_224
. - Write the resulting hash into
output
, an array of 32 bytes. The state remains valid after a call todigest_256
, meaning the user may feed more data into the hash viaupdate_256
. (The digest_256 function operates on an internal copy of the state and therefore does not invalidate the client-held statep
.) - Write the resulting hash into
output
, an array of 48 bytes. The state remains valid after a call todigest_384
, meaning the user may feed more data into the hash viaupdate_384
. - Write the resulting hash into
output
, an array of 64 bytes. The state remains valid after a call todigest_512
, meaning the user may feed more data into the hash viaupdate_512
. (The digest_512 function operates on an internal copy of the state and therefore does not invalidate the client-held statep
.) - Free a state allocated with
malloc_256
. - Free a state allocated with
malloc_512
. - Hash
input
, of leninput_len
, intooutput
, an array of 28 bytes. - Hash
input
, of leninput_len
, intooutput
, an array of 32 bytes. - Hash
input
, of leninput_len
, intooutput
, an array of 48 bytes. - Hash
input
, of leninput_len
, intooutput
, an array of 64 bytes. - Allocate initial state for the SHA2_256 hash. The state is to be freed by calling
free_256
. - Reset an existing state to the initial hash state with empty data.
- Feed an arbitrary amount of data into the hash. This function returns 0 for success, or 1 if the combined length of all of the data passed to
update_256
(since the last call toreset_256
) exceeds 2^61-1 bytes. - Feed an arbitrary amount of data into the hash. This function returns 0 for success, or 1 if the combined length of all of the data passed to
update_512
(since the last call toreset_512
) exceeds 2^125-1 bytes. - Convert a public key from compressed to its raw form.
- Compute the public key from the private key.
- Execute the diffie-hellmann key exchange.
- Create an ECDSA signature using SHA2-256.
- Create an ECDSA signature using SHA2-384.
- Create an ECDSA signature using SHA2-512.
- Create an ECDSA signature WITHOUT hashing first.
- Verify an ECDSA signature using SHA2-256.
- Verify an ECDSA signature using SHA2-384.
- Verify an ECDSA signature using SHA2-512.
- Verify an ECDSA signature WITHOUT hashing first.
- Convert a public key from raw to its compressed form.
- Convert a public key from raw to its uncompressed form.
- Convert a public key from uncompressed to its raw form.
- Private key validation.
- Public key validation.
- The mask generation function defined in the Public Key Cryptography Standard #1 (https://www.ietf.org/rfc/rfc2437.txt Section 10.2.1)
- Load a public key from key parts.
- Load a secret key from key parts.
- Verify the signature
sgnt
of a messagemsg
. - Sign a message
msg
and write the signature tosgnt
. - Sign a message
msg
and write the signature tosgnt
. - Verify the signature
sgnt
of a messagemsg
.