Skip to content

Commit

Permalink
Merge pull request mirage#213 from hannesm/no-hash
Browse files Browse the repository at this point in the history
remove Hash
  • Loading branch information
hannesm authored Mar 11, 2024
2 parents ccdccbb + 5e5f38c commit fff44e5
Show file tree
Hide file tree
Showing 23 changed files with 12 additions and 1,909 deletions.
5 changes: 3 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,9 @@

mirage-crypto is a small cryptographic library that puts emphasis on the
applicative style and ease of use. It includes basic ciphers (AES, 3DES, RC4,
ChaCha20/Poly1305), hashes (MD5, SHA1, SHA2 family), AEAD primitives (AES-GCM,
AES-CCM), public-key primitives (RSA, DSA, DH) and a strong RNG (Fortuna).
ChaCha20/Poly1305), AEAD primitives (AES-GCM, AES-CCM, ChaCha20/Poly1305),
public-key primitives (RSA, DSA, DH), elliptic curves (NIST P-256, P-384, P-521,
and curve 25519), and a strong RNG (Fortuna).

RSA timing attacks are countered by blinding. AES timing attacks are avoided by
delegating to AES-NI.
Expand Down
6 changes: 0 additions & 6 deletions bench/speed.ml
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
open Mirage_crypto

open Cipher_block
open Hash

module Time = struct

Expand Down Expand Up @@ -414,11 +413,6 @@ let benchmarks = [
reseed ~g "abcd" ;
throughput name (fun cs ->
generate_into ~g big_b ~off:0 (Cstruct.length cs))) ;

bm "md5" (fun name -> throughput name MD5.digest) ;
bm "sha1" (fun name -> throughput name SHA1.digest) ;
bm "sha256" (fun name -> throughput name SHA256.digest) ;
bm "sha512" (fun name -> throughput name SHA512.digest) ;
]

let help () =
Expand Down
3 changes: 1 addition & 2 deletions mirage-crypto.opam
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,5 @@ conflicts: [
"result" {< "1.5"}
]
description: """
Mirage-crypto provides symmetric ciphers (DES, AES, RC4, ChaCha20/Poly1305), and
hashes (MD5, SHA-1, SHA-2).
Mirage-crypto provides symmetric ciphers (DES, AES, RC4, ChaCha20/Poly1305).
"""
10 changes: 0 additions & 10 deletions mirage/unikernel.ml
Original file line number Diff line number Diff line change
Expand Up @@ -5,16 +5,6 @@ module Main (R : Mirage_random.S) = struct
(Mirage_crypto_rng.Entropy.sources ())) ;
Logs.info (fun m -> m "64 byte random:@ %a" Cstruct.hexdump_pp
(R.generate 64)) ;
Logs.info (fun m -> m "MD5 of the empty string %a" Cstruct.hexdump_pp
(Mirage_crypto.Hash.MD5.digest Cstruct.empty));
Logs.info (fun m -> m "SHA1 of the empty string %a" Cstruct.hexdump_pp
(Mirage_crypto.Hash.SHA1.digest Cstruct.empty));
Logs.info (fun m -> m "SHA256 of the empty string %a" Cstruct.hexdump_pp
(Mirage_crypto.Hash.SHA256.digest Cstruct.empty));
Logs.info (fun m -> m "SHA384 of the empty string %a" Cstruct.hexdump_pp
(Mirage_crypto.Hash.SHA384.digest Cstruct.empty));
Logs.info (fun m -> m "SHA512 of the empty string %a" Cstruct.hexdump_pp
(Mirage_crypto.Hash.SHA512.digest Cstruct.empty));
let n = Cstruct.create 32 in
let key = Mirage_crypto.Chacha20.of_secret n
and nonce = Cstruct.create 12
Expand Down
8 changes: 4 additions & 4 deletions src/dune
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,13 @@
(name mirage_crypto)
(public_name mirage-crypto)
(libraries cstruct eqaf.cstruct)
(private_modules aead chacha20 ccm cipher_block cipher_stream hash native
(private_modules aead chacha20 ccm cipher_block cipher_stream native
poly1305 uncommon)
(foreign_stubs
(language c)
(names detect_cpu_features misc misc_sse md5 sha1 sha256 sha512 hash_stubs
aes_generic aes_aesni ghash_generic ghash_pclmul ghash_ctmul des_generic
chacha poly1305-donna entropy_cpu_stubs)
(names detect_cpu_features misc misc_sse aes_generic aes_aesni ghash_generic
ghash_pclmul ghash_ctmul des_generic chacha poly1305-donna
entropy_cpu_stubs)
(flags
(:standard)
(:include cflags_optimized.sexp)))
Expand Down
174 changes: 0 additions & 174 deletions src/hash.ml

This file was deleted.

1 change: 0 additions & 1 deletion src/mirage_crypto.ml
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
module Uncommon = Uncommon
module Hash = Hash
module Poly1305 = Poly1305.It
module type AEAD = Aead.AEAD
module Cipher_block = Cipher_block
Expand Down
136 changes: 0 additions & 136 deletions src/mirage_crypto.mli
Original file line number Diff line number Diff line change
Expand Up @@ -63,142 +63,6 @@ end

(**/**)

(** {1 Hashing} *)

(** Hashes.
Each algorithm is contained in its own {{!Hash.S}module}, with
high-level operations accessible through functions that
dispatch on {{!Hash.hash}code} value. *)
module Hash : sig

type digest = Cstruct.t

type 'a iter = ('a -> unit) -> unit
(** A general (inner) iterator. It applies the provided function to a
collection of elements.
For instance:
{ul
{- [let iter_k : 'a -> 'a iter = fun x f -> f x]}
{- [let iter_pair : 'a * 'a -> 'a iter = fun (x, y) f = f x; f y]}
{- [let iter_list : 'a list -> 'a iter = fun xs f -> List.iter f xs]}} *)

(** {1 Hashing algorithms} *)

(** A single hash algorithm. *)
module type S = sig

val digest_size : int
(** Size of digests (in bytes). *)

(** {1 Core operations} *)

type t
(** Represents a running hash computation in a way suitable for appending
inputs. *)

val empty : t
(** [empty] is the hash of the empty string. *)

val feed : t -> Cstruct.t -> t
(** [feed t msg] adds the information in [msg] to [t].
[feed] is analogous to appending:
[feed (feed t msg1) msg2 = feed t (Cstruct.append msg1 msg2)]. *)

val get : t -> digest
(** [get t] is the digest corresponding to [t]. *)

(** {1 HMAC operations} *)

type hmac
(** Represents a running hmac computation in a way suitable for appending
inputs. *)

val hmac_empty : key:Cstruct.t -> hmac
(** [hmac ~key] is the hmac of the empty string using key [key]. *)

val hmac_feed : hmac -> Cstruct.t -> hmac
(** [feed hmac msg] is analogous to [feed]. *)

val hmac_get : hmac -> digest
(** [hmac_get hmac] is the hmac corresponding to [hmac]. *)

(** {1 All-in-one}
Functions that operate on data stored in a single chunk. *)

val digest : Cstruct.t -> digest
(** [digest msg] is the digest of [msg].
[digest msg = get (feed empty msg)] *)

val hmac : key:Cstruct.t -> Cstruct.t -> digest
(** [hmac ~key bytes] is the authentication code for [bytes] under the
secret [key], generated using the standard HMAC construction over this
hash algorithm. *)

(** {1 Functions over iterators}
Functions that operate on arbitrary {{!iter}iterators}. They can serve
as a basis for other, more specialized aggregate hashing operations.
These functions are a little faster than using {{!feed}[feed]} directly. *)

val feedi : t -> Cstruct.t iter -> t
(** [feedi t iter =
(let r = ref t in iter (fun msg -> r := feed !r msg); !r)] *)

val digesti : Cstruct.t iter -> digest
(** [digesti iter = feedi empty iter |> get] *)

val hmaci : key:Cstruct.t -> Cstruct.t iter -> digest
(** See {{!val-hmac}[hmac]}. *)
end

module MD5 : S
module SHA1 : S
module SHA224 : S
module SHA256 : S
module SHA384 : S
module SHA512 : S

(** {1 Codes-based interface} *)

type hash = [ `MD5 | `SHA1 | `SHA224 | `SHA256 | `SHA384 | `SHA512 ]
(** Algorithm codes. *)

val hashes : hash list
(** [hashes] is a list of all implemented hash algorithms. *)

val module_of : [< hash ] -> (module S)
(** [module_of hash] is the (first-class) module corresponding to the code
[hash].
This is the most convenient way to go from a code to a module. *)

(** {1 Hash functions} *)

val digest : [< hash ] -> Cstruct.t -> digest
(** [digest algorithm bytes] is [algorithm] applied to [bytes]. *)

val digesti : [< hash ] -> Cstruct.t iter -> digest
(** [digesti algorithm iter] is [algorithm] applied to [iter]. *)

val mac : [< hash ] -> key:Cstruct.t -> Cstruct.t -> digest
(** [mac algorithm ~key bytes] is the mac [algorithm] applied to [bytes]
under [key]. *)

val maci : [< hash ] -> key:Cstruct.t -> Cstruct.t iter -> digest
(** [maci algorithm ~key iter] is the mac [algorithm] applied to [iter] under
[key]. *)

val digest_size : [< hash ] -> int
(** [digest_size algorithm] is the size of the [algorithm] in bytes. *)
end

(** The poly1305 message authentication code *)
module Poly1305 : sig
type mac = string
Expand Down
Loading

0 comments on commit fff44e5

Please sign in to comment.