-
Notifications
You must be signed in to change notification settings - Fork 50
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #8 from andrewwhitehead/more-keys
Merge 0.2 changes
- Loading branch information
Showing
101 changed files
with
12,388 additions
and
3,988 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,70 @@ | ||
[package] | ||
name = "askar-crypto" | ||
version = "0.2.0-pre.2" | ||
authors = ["Hyperledger Aries Contributors <aries@lists.hyperledger.org>"] | ||
edition = "2018" | ||
description = "Hyperledger Aries Askar cryptography" | ||
license = "MIT OR Apache-2.0" | ||
readme = "README.md" | ||
repository = "https://github.com/hyperledger/aries-askar/" | ||
categories = ["cryptography", "no-std"] | ||
keywords = ["hyperledger", "aries", "didcomm", "ssi"] | ||
|
||
[package.metadata.docs.rs] | ||
features = ["argon2", "std"] | ||
rustdoc-args = ["--cfg", "docsrs"] | ||
|
||
[features] | ||
default = ["alloc", "any_key", "all_keys", "crypto_box"] | ||
alloc = [] | ||
std = ["alloc"] | ||
all_keys = ["aes", "bls", "chacha", "ec_curves", "ed25519"] | ||
any_key = ["alloc"] | ||
aes = ["aes-core", "aes-gcm", "block-modes", "hmac"] | ||
bls = ["bls12_381", "hkdf"] | ||
chacha = ["chacha20poly1305"] | ||
crypto_box = ["alloc", "crypto_box_rs", "ed25519"] | ||
ec_curves = ["k256", "p256"] | ||
ed25519 = ["curve25519-dalek", "ed25519-dalek", "x25519-dalek"] | ||
|
||
[dev-dependencies] | ||
base64 = { version = "0.13", default-features = false, features = ["alloc"] } | ||
criterion = "0.3" | ||
hex-literal = "0.3" | ||
serde_cbor = "0.11" | ||
|
||
[[bench]] | ||
name = "enc" | ||
harness = false | ||
|
||
[[bench]] | ||
name = "kdf" | ||
harness = false | ||
|
||
[dependencies] | ||
aead = "0.3" | ||
aes-core = { package = "aes", version = "0.6", default-features = false, optional = true } | ||
aes-gcm = { version = "0.8", default-features = false, features = ["aes"], optional = true } | ||
argon2 = { version = "0.1", default-features = false, features = ["password-hash"], optional = true } | ||
base64 = { version = "0.13", default-features = false } | ||
blake2 = { version = "0.9", default-features = false } | ||
block-modes = { version = "0.7", default-features = false, optional = true } | ||
bls12_381 = { version = "0.4", default-features = false, features = ["groups"], optional = true } | ||
chacha20 = { version = "0.6" } # should match chacha20poly1305 | ||
chacha20poly1305 = { version = "0.7", default-features = false, features = ["chacha20", "xchacha20poly1305"], optional = true } | ||
crypto_box_rs = { package = "crypto_box", version = "0.5", default-features = false, features = ["u64_backend"], optional = true } | ||
curve25519-dalek = { version = "3.1", default-features = false, features = ["u64_backend"], optional = true } | ||
ed25519-dalek = { version = "1.0", default-features = false, features = ["u64_backend"], optional = true } | ||
digest = "0.9" | ||
group = "0.9" | ||
hkdf = { version = "0.11", optional = true } | ||
hmac = { version = "0.11", optional = true } | ||
k256 = { version = "0.8", default-features = false, features = ["arithmetic", "ecdsa", "ecdh", "sha256", "zeroize"], optional = true } | ||
p256 = { version = "0.8", default-features = false, features = ["arithmetic", "ecdsa", "ecdh", "zeroize"], optional = true } | ||
rand = { version = "0.8", default-features = false, features = ["getrandom"] } | ||
serde = { version = "1.0", default-features = false, features = ["derive"] } | ||
serde_json = { version = "1.0", default-features = false } | ||
subtle = "2.4" | ||
sha2 = { version = "0.9", default-features = false } | ||
x25519-dalek = { version = "1.1", default-features = false, features = ["u64_backend"], optional = true } | ||
zeroize = { version = "1.1.0", features = ["zeroize_derive"] } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
# askar-crypto | ||
|
||
[![Rust Crate](https://img.shields.io/crates/v/askar-crypto.svg)](https://crates.io/crates/askar-crypto) | ||
[![Rust Documentation](https://docs.rs/askar-crypto/badge.svg)](https://docs.rs/askar-crypto) | ||
|
||
The `askar-crypto` crate provides the basic key representations and cryptographic operations used by [`aries-askar`](https://github.com/hyperledger/aries-askar). | ||
|
||
## Supported Key Types | ||
|
||
| Key Type | Feature | Operations | Notes | | ||
| -------------------- | --------- | ------------------------------------------------------------------------------------------------------------------------------ | ------------------------------- | | ||
| AES-GCM | `aes` | AEAD encryption<br>JWK export | A128GCM and A256GCM | | ||
| AES-CBC-HMAC-SHA2 | `aes` | AEAD encryption<br>JWK export | A128CBC-HS256 and A256CBC-HS512 | | ||
| (X)ChaCha20-Poly1305 | `chacha` | AEAD encryption<br>JWK export | aka C20P, XC20P | | ||
| BLS12-381 | `bls` | [`bls-signature`](https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-04)-compatible key generation<br>JWK import/export | G1, G2, and G1G2 key types | | ||
| Ed25519 | `ed25519` | EdDSA signatures<br>JWK import/export | | | ||
| X25519 | `ed25519` | DH key exchange<br>JWK import/export | | | ||
| K-256 | `k256` | ECDSA signatures<br>DH key exchange<br>JWK import/export | aka secp256k1 | | ||
| P-256 | `p256` | ECDSA signatures<br>DH key exchange<br>JWK import/export | aka nist256p1, secp256r1 | | ||
|
||
## 'Any' Key support | ||
|
||
The `any_key` feature (which depends on `alloc`) provides a generic interface for creating and working with any supported key type. | ||
|
||
## JOSE Authenticated Encryption | ||
|
||
This crate provides implementations of the [ECDH-ES](https://tools.ietf.org/html/rfc7518#section-4.6) and [ECDH-1PU (draft 4)](https://tools.ietf.org/html/draft-madden-jose-ecdh-1pu-04) key agreement operations, for use in deriving the CEK or key wrapping key when producing or consuming JWE envelopes using these protection algorithms. | ||
|
||
## no-std | ||
|
||
This crate supports the optional `alloc` feature, gating types and operations that depend on a global allocator. The `std` feature depends on `alloc`, and adds support for `std::error::Error`. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
#[macro_use] | ||
extern crate criterion; | ||
|
||
#[macro_use] | ||
extern crate hex_literal; | ||
|
||
use askar_crypto::{ | ||
alg::{ | ||
chacha20::{Chacha20Key, C20P}, | ||
AnyKey, AnyKeyCreate, Chacha20Types, KeyAlg, | ||
}, | ||
buffer::{SecretBytes, WriteBuffer, Writer}, | ||
encrypt::{KeyAeadInPlace, KeyAeadMeta}, | ||
random::fill_random, | ||
repr::KeySecretBytes, | ||
}; | ||
|
||
use criterion::{black_box, Criterion}; | ||
|
||
fn criterion_benchmark(c: &mut Criterion) { | ||
{ | ||
let message = b"test message for encrypting"; | ||
|
||
let key = &hex!("451b5b8e8725321541954997781de51f4142e4a56bab68d24f6a6b92615de5ee"); | ||
|
||
c.bench_function(&format!("chacha20-poly1305 encrypt"), move |b| { | ||
b.iter(|| { | ||
let key = Chacha20Key::<C20P>::from_secret_bytes(&key[..]).unwrap(); | ||
let mut buffer = [0u8; 255]; | ||
buffer[0..message.len()].copy_from_slice(black_box(&message[..])); | ||
let nonce = Chacha20Key::<C20P>::random_nonce(); | ||
let mut writer = Writer::from_slice_position(&mut buffer, message.len()); | ||
key.encrypt_in_place(&mut writer, &nonce, &[]).unwrap(); | ||
}) | ||
}); | ||
c.bench_function(&format!("chacha20-poly1305 encrypt alloc"), move |b| { | ||
b.iter(|| { | ||
let key = Chacha20Key::<C20P>::from_secret_bytes(&key[..]).unwrap(); | ||
let mut buffer = SecretBytes::with_capacity(255); | ||
buffer.buffer_write(black_box(&message[..])).unwrap(); | ||
let nonce = Chacha20Key::<C20P>::random_nonce(); | ||
key.encrypt_in_place(&mut buffer, &nonce, &[]).unwrap(); | ||
}) | ||
}); | ||
c.bench_function(&format!("chacha20-poly1305 encrypt as any"), move |b| { | ||
b.iter(|| { | ||
let key = Box::<AnyKey>::from_secret_bytes( | ||
KeyAlg::Chacha20(Chacha20Types::C20P), | ||
&key[..], | ||
) | ||
.unwrap(); | ||
let mut buffer = [0u8; 255]; | ||
buffer[0..message.len()].copy_from_slice(black_box(&message[..])); | ||
let mut nonce = [0u8; 255]; | ||
let nonce_len = key.aead_params().nonce_length; | ||
fill_random(&mut nonce[..nonce_len]); | ||
let mut writer = Writer::from_slice_position(&mut buffer, message.len()); | ||
key.encrypt_in_place(&mut writer, &nonce[..nonce_len], &[]) | ||
.unwrap(); | ||
}) | ||
}); | ||
} | ||
} | ||
|
||
criterion_group!(benches, criterion_benchmark); | ||
criterion_main!(benches); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
#[macro_use] | ||
extern crate criterion; | ||
|
||
use askar_crypto::kdf::concat::{ConcatKDF, ConcatKDFParams}; | ||
use sha2::Sha256; | ||
|
||
use criterion::{black_box, Criterion}; | ||
|
||
fn criterion_benchmark(c: &mut Criterion) { | ||
{ | ||
let message = b"test message for encrypting"; | ||
|
||
let params = ConcatKDFParams { | ||
alg: b"A256GCM", | ||
apu: b"sender name", | ||
apv: b"recipient name", | ||
pub_info: &(256u32).to_be_bytes(), | ||
prv_info: &[], | ||
}; | ||
|
||
c.bench_function(&format!("concat kdf sha256"), move |b| { | ||
b.iter(|| { | ||
let mut output = [0u8; 32]; | ||
ConcatKDF::<Sha256>::derive_key(black_box(message), black_box(params), &mut output) | ||
.unwrap(); | ||
}) | ||
}); | ||
} | ||
} | ||
|
||
criterion_group!(benches, criterion_benchmark); | ||
criterion_main!(benches); |
Oops, something went wrong.