From 9413ceefbe612eab04febae61f5c728496f4bb76 Mon Sep 17 00:00:00 2001 From: pqwy Date: Tue, 2 Apr 2019 16:37:57 +0100 Subject: [PATCH] dune'd --- .gitignore | 4 ++ .merlin | 8 --- .ocamlinit | 17 +++--- .travis.yml | 2 +- README.md | 18 +++--- _tags | 26 -------- bench/dune | 4 ++ bench/speed.ml | 2 +- build | 9 --- config/cfg.ml | 26 ++++++++ config/dune | 3 + doc/api.odocl | 4 -- dune-project | 3 + lwt/dune | 7 +++ lwt/nocrypto_entropy_lwt.ml | 30 +++++----- lwt/nocrypto_lwt.mllib | 1 - mirage/dune | 6 ++ mirage/nocrypto_mirage.mllib | 1 - myocamlbuild.ml | 5 -- nocrypto.opam | 29 +++++++++ opam | 46 -------------- pkg/META | 43 ------------- pkg/pkg.ml | 53 ---------------- src/dune | 21 +++++++ src/libnocrypto_stubs.clib | 11 ---- src/no_cipher_block.ml | 2 - src/no_gcm.ml | 113 ----------------------------------- src/no_rsa.ml | 2 +- src/nocrypto.mllib | 15 ----- tests/dune | 4 ++ tests/hmac_tests.ml | 2 - unix/dune | 6 ++ unix/nocrypto_unix.mllib | 1 - 33 files changed, 148 insertions(+), 376 deletions(-) delete mode 100644 .merlin delete mode 100644 _tags create mode 100644 bench/dune delete mode 100755 build create mode 100644 config/cfg.ml create mode 100644 config/dune delete mode 100644 doc/api.odocl create mode 100644 dune-project create mode 100644 lwt/dune delete mode 100644 lwt/nocrypto_lwt.mllib create mode 100644 mirage/dune delete mode 100644 mirage/nocrypto_mirage.mllib delete mode 100644 myocamlbuild.ml create mode 100644 nocrypto.opam delete mode 100644 opam delete mode 100644 pkg/META delete mode 100755 pkg/pkg.ml create mode 100644 src/dune delete mode 100644 src/libnocrypto_stubs.clib delete mode 100644 src/no_gcm.ml delete mode 100644 src/nocrypto.mllib create mode 100644 tests/dune create mode 100644 unix/dune delete mode 100644 unix/nocrypto_unix.mllib diff --git a/.gitignore b/.gitignore index 25199aa..c9f65f1 100644 --- a/.gitignore +++ b/.gitignore @@ -2,11 +2,15 @@ _build *.install *.native *.byte +.merlin *~ \.\#* \#*# gmon.out +.gdb_history *.prof +perf.data* +*.json rondom diff --git a/.merlin b/.merlin deleted file mode 100644 index 3416488..0000000 --- a/.merlin +++ /dev/null @@ -1,8 +0,0 @@ -S src -S unix -S lwt -S xen - -B _build/** - -PKG cstruct zarith sexplib diff --git a/.ocamlinit b/.ocamlinit index d396b11..93cef5e 100644 --- a/.ocamlinit +++ b/.ocamlinit @@ -1,13 +1,14 @@ -#require "cstruct, zarith, sexplib" -#directory "_build/src" -#load "nocrypto.cma" - -(* #require "oUnit" *) -(* #directory "_build/tests" *) -(* #load "testlib.cma" *) +#directory "_build/default/src" +#directory "_build/default/src/.nocrypto.objs/byte" +#directory "_build/default/unix" +#directory "_build/default/unix/.nocrypto_entropy_unix.objs/byte" +#directory "_build/default/lwt" +#directory "_build/default/lwt/.nocrypto_entropy_lwt.objs/byte" -#directory "_build/unix" +#require "cstruct, ocplib-endian, zarith" +#load "nocrypto.cma" #load "nocrypto_entropy_unix.cmo" +#load "nocrypto_entropy_lwt.cmo" open Nocrypto let _ = Nocrypto_entropy_unix.initialize () diff --git a/.travis.yml b/.travis.yml index 5a2f703..b5b49f5 100644 --- a/.travis.yml +++ b/.travis.yml @@ -7,7 +7,6 @@ env: - UPDATE_GCC_BINUTILS=1 - TESTS=true matrix: - - OCAML_VERSION=4.02 - OCAML_VERSION=4.03 - OCAML_VERSION=4.04 - OCAML_VERSION=4.05 @@ -17,5 +16,6 @@ env: - OCAML_VERSION=4.06 DEPOPTS="lwt cstruct-lwt" - OCAML_VERSION=4.04 DEPOPTS="mirage-xen" - OCAML_VERSION=4.06 DEPOPTS="mirage-solo5 mirage-entropy" + - OCAML_VERSION=4.07 notifications: email: false diff --git a/README.md b/README.md index d2ff720..42e4fc9 100644 --- a/README.md +++ b/README.md @@ -20,13 +20,8 @@ delegating to AES-NI. ## Build ```bash -./pkg/pkg.ml build - --with-unix BOOL - --with-lwt BOOL - --xen BOOL - --freestanding BOOL - -./pkg/pkg.ml test +dune build +dune runtest ``` ## FAQ @@ -59,11 +54,12 @@ Program terminated with signal SIGILL, Illegal instruction. autodetection yet. You compiled the library with acceleration, but you are using it on a machine that does not support it. -`pkg/pkg.ml build --accelerate false` force-disables non-portable code. +The environment variable `NOCRYPTO_ACCELERATE` can be used to override +detection: -`pkg/pkg.ml build --accelerate true` force-enables non-portable code. +- `NOCRYPTO_ACCELERATE=false dune build` force-disables non-portable code. +- `NOCRYPTO_ACCELERATE=true dune build` force-enables non-portable code. +- Otherwise, it matches the capabilities of the build machine. -The flag can also be set via the `NOCRYPTO_ACCELERATE` environment variable. -When unset, it maches the capabilities of the build machine. [![Build Status](https://travis-ci.org/mirleft/ocaml-nocrypto.svg?branch=master)](https://travis-ci.org/mirleft/ocaml-nocrypto) diff --git a/_tags b/_tags deleted file mode 100644 index 834a277..0000000 --- a/_tags +++ /dev/null @@ -1,26 +0,0 @@ -true: color(always) -true: bin_annot, safe_string -true: warn(A-4-29-33-40-41-42-43-34-44-48) -true: package(bytes ocplib-endian cstruct) - -: include -: package(zarith) - and not : for-pack(Nocrypto) -: link_stubs(src/libnocrypto_stubs) - -: include -: package(unix) - -: include -: package(lwt.unix cstruct.lwt) - -: include -: package(lwt mirage-entropy) - -<**/*.c>: ccopt(-D_DEFAULT_SOURCE --std=c99 -Wall -Wextra -O3) -<**/aes_aesni.c>: ccopt(-Wno-implicit-fallthrough) - -: use_nocrypto, package(zarith) -: use_nocrypto, package(zarith oUnit) - -: -traverse diff --git a/bench/dune b/bench/dune new file mode 100644 index 0000000..e0b6afb --- /dev/null +++ b/bench/dune @@ -0,0 +1,4 @@ +(executables + (names speed) + (modules speed) + (libraries nocrypto)) diff --git a/bench/speed.ml b/bench/speed.ml index 3686bf9..52a27e4 100644 --- a/bench/speed.ml +++ b/bench/speed.ml @@ -50,7 +50,7 @@ let throughput title f = sizes |> List.iter @@ fun size -> Gc.full_major () ; let (iters, time, bw) = burn f size in - Printf.printf " % 5d: %04.f MB/s (%d iters in %.03f s)\n%!" + Printf.printf " % 5d: %04f MB/s (%d iters in %.03f s)\n%!" size (bw /. mb) iters time let bm name f = (name, fun () -> f name) diff --git a/build b/build deleted file mode 100755 index d948c29..0000000 --- a/build +++ /dev/null @@ -1,9 +0,0 @@ -#!/usr/bin/env bash - -function has { opam config var "${1}:installed"; } - -topkg build -- \ - --with-lwt $(has 'lwt') \ - --xen $(has 'mirage-xen') \ - --freestanding $(has 'ocaml-freestanding') \ - $@ diff --git a/config/cfg.ml b/config/cfg.ml new file mode 100644 index 0000000..a69f160 --- /dev/null +++ b/config/cfg.ml @@ -0,0 +1,26 @@ + +let flags = [ + "--std=c99"; "-Wall"; "-Wextra"; "-O3"; + "-D_DEFAULT_SOURCE"; + "-Wno-implicit-fallthrough"; +] + +let accelenv = "NOCRYPTO_ACCELERATE" +let accelflags = ["-DACCELERATE"; "-mssse3"; "-maes"; "-mpclmul"] +let accelneeds = [`SSSE3; `AES; `PCLMULQDQ] + +let accel = + let auto = match Cpuid.supports accelneeds with + Ok true -> accelflags | _ -> [] in + match Sys.getenv accelenv with + "true" -> Format.printf "Forcing acceleration ON.\n"; accelflags + | "false" -> Format.printf "Forcing acceleration OFF.\n"; [] + | _ -> auto + | exception Not_found -> auto + +module C = Configurator.V1 + +let output = ref "" +let args = ["-file", Arg.Set_string output, " FILE to dump flags"] +let () = C.main ~name:"name" ~args @@ fun _ -> + C.Flags.write_sexp !output (flags @ accel) diff --git a/config/dune b/config/dune new file mode 100644 index 0000000..1f05c58 --- /dev/null +++ b/config/dune @@ -0,0 +1,3 @@ +(executables + (names cfg) + (libraries dune.configurator result cpuid)) diff --git a/doc/api.odocl b/doc/api.odocl deleted file mode 100644 index 6049499..0000000 --- a/doc/api.odocl +++ /dev/null @@ -1,4 +0,0 @@ -src/Nocrypto -unix/Nocrypto_entropy_unix -lwt/Nocrypto_entropy_lwt -mirage/Nocrypto_entropy_mirage diff --git a/dune-project b/dune-project new file mode 100644 index 0000000..a00f957 --- /dev/null +++ b/dune-project @@ -0,0 +1,3 @@ +(lang dune 1.7) +(name nocrypto) +(version %%VERSION_NUM%%) diff --git a/lwt/dune b/lwt/dune new file mode 100644 index 0000000..5253e44 --- /dev/null +++ b/lwt/dune @@ -0,0 +1,7 @@ +(library + (name nocrypto_entropy_lwt) + (public_name nocrypto.lwt) + (synopsis "Unix+Lwt entropy seeding") + (libraries nocrypto nocrypto.unix lwt.unix) + (optional)) + diff --git a/lwt/nocrypto_entropy_lwt.ml b/lwt/nocrypto_entropy_lwt.ml index e848cdf..3461671 100644 --- a/lwt/nocrypto_entropy_lwt.ml +++ b/lwt/nocrypto_entropy_lwt.ml @@ -1,18 +1,18 @@ -open Lwt +open Lwt.Infix open Nocrypto let chunk = 32 and period = 30 and device = Nocrypto_entropy_unix.sys_rng - let mvar_map v f = Lwt_mvar.take v >>= fun x -> - catch (fun () -> f x >>= Lwt_mvar.put v) - (fun exn -> Lwt_mvar.put v x >>= fun () -> fail exn) + Lwt.catch (fun () -> f x >>= Lwt_mvar.put v) + (fun exn -> Lwt_mvar.put v x >>= fun () -> Lwt.fail exn) let some x = Some x +[@@@ocaml.warning "-3"] type t = { fd : Lwt_unix.file_descr ; @@ -25,27 +25,29 @@ let background ~period f = and live = ref false and period = float period in fun () -> - let t1 = !last - and t2 = Unix.gettimeofday () in - if (not !live) && (t2 -. t1 >= period) then begin - last := t2 ; + let t = Unix.gettimeofday () in + if (not !live) && (t -. !last >= period) then begin + last := t ; live := true ; - async @@ fun () -> f () >|= fun () -> live := false + Lwt.async @@ fun () -> f () >|= fun () -> live := false end +let rec read_cs fd cs = + Lwt_bytes.read fd cs.Cstruct.buffer cs.Cstruct.off cs.Cstruct.len >>= + function 0 -> Lwt.return_unit | n -> read_cs fd (Cstruct.shift cs n) + let attach ~period ?(device = device) g = Lwt_unix.(openfile device [O_RDONLY] 0) >|= fun fd -> let buf = Cstruct.create chunk in - let seed () = - Lwt_cstruct.(complete (read fd) buf) >|= fun () -> Rng.reseed ~g buf in + let seed () = read_cs fd buf >|= fun () -> Rng.reseed ~g buf in let remove = Lwt_sequence.add_r (background ~period seed) Lwt_main.enter_iter_hooks in { g ; fd ; remove } let stop t = Lwt_sequence.remove t.remove ; - catch (fun () -> Lwt_unix.close t.fd) - Unix.(function Unix_error (EBADF, _, _) -> return_unit | exn -> fail exn) + Lwt.(catch (fun () -> Lwt_unix.close t.fd) + Unix.(function Unix_error (EBADF, _, _) -> return_unit | exn -> fail exn)) let active = Lwt_mvar.create None @@ -53,6 +55,6 @@ let initialize () = Nocrypto_entropy_unix.initialize () ; let g = !Rng.generator in mvar_map active @@ function - | Some t when t.g == g -> return (Some t) + | Some t when t.g == g -> Lwt.return_some t | Some t -> stop t >>= fun () -> attach ~period g >|= some | None -> attach ~period g >|= some diff --git a/lwt/nocrypto_lwt.mllib b/lwt/nocrypto_lwt.mllib deleted file mode 100644 index 174e71c..0000000 --- a/lwt/nocrypto_lwt.mllib +++ /dev/null @@ -1 +0,0 @@ -Nocrypto_entropy_lwt diff --git a/mirage/dune b/mirage/dune new file mode 100644 index 0000000..8d41b28 --- /dev/null +++ b/mirage/dune @@ -0,0 +1,6 @@ +(library + (name nocrypto_entropy_mirage) + (public_name nocrypto.mirage) + (synopsis "Mirage entropy seeding") + (libraries nocrypto lwt mirage-entropy) + (optional)) diff --git a/mirage/nocrypto_mirage.mllib b/mirage/nocrypto_mirage.mllib deleted file mode 100644 index f081191..0000000 --- a/mirage/nocrypto_mirage.mllib +++ /dev/null @@ -1 +0,0 @@ -Nocrypto_entropy_mirage diff --git a/myocamlbuild.ml b/myocamlbuild.ml deleted file mode 100644 index 8fcbe33..0000000 --- a/myocamlbuild.ml +++ /dev/null @@ -1,5 +0,0 @@ -open Ocamlbuild_plugin - -let () = dispatch Ocb_stubblr.( - init & ccopt ~tags:["accelerate"] "-DACCELERATE -mssse3 -maes -mpclmul" -) diff --git a/nocrypto.opam b/nocrypto.opam new file mode 100644 index 0000000..bff5b29 --- /dev/null +++ b/nocrypto.opam @@ -0,0 +1,29 @@ +opam-version: "2.0" +homepage: "https://github.com/mirleft/ocaml-nocrypto" +dev-repo: "git+https://github.com/mirleft/ocaml-nocrypto.git" +bug-reports: "https://github.com/mirleft/ocaml-nocrypto/issues" +doc: "https://mirleft.github.io/ocaml-nocrypto/doc" +authors: ["David Kaloper "] +maintainer: "David Kaloper " +license: "ISC" +synopsis: "Simple crypto for the modern age" + +build: [ ["dune" "subst"] {pinned} + ["dune" "build" "-p" name "-j" jobs ] + ["dune" "runtest"] {with-test} ] + +depends: [ + "ocaml" {>= "4.03.0"} + "dune" {build & >= "1.7"} + "cpuid" {build} + "ounit" {with-test} + "cstruct" {>="3.0.0"} + "ocplib-endian" + "zarith" + ("mirage-no-xen" | ("mirage-xen" & "zarith-xen")) + ("mirage-no-solo5" | ("mirage-solo5" & "zarith-freestanding")) +] + +depopts: [ "unix" "lwt" "mirage-entropy" ] + +conflicts: [ "mirage-xen" {< "2.2.0"} ] diff --git a/opam b/opam deleted file mode 100644 index f81eedb..0000000 --- a/opam +++ /dev/null @@ -1,46 +0,0 @@ -opam-version: "1.2" -homepage: "https://github.com/mirleft/ocaml-nocrypto" -dev-repo: "https://github.com/mirleft/ocaml-nocrypto.git" -bug-reports: "https://github.com/mirleft/ocaml-nocrypto/issues" -doc: "https://mirleft.github.io/ocaml-nocrypto/doc" -authors: ["David Kaloper "] -maintainer: "David Kaloper " -license: "ISC" -tags: [ "org:mirage" ] -available: [ ocaml-version >= "4.02.0" ] - -build: ["ocaml" "pkg/pkg.ml" "build" "--pinned" "%{pinned}%" "--tests" "false" - "--with-lwt" "%{lwt+cstruct-lwt:installed}%" - "--xen" "%{mirage-xen:installed}%" - "--mirage" "%{mirage-entropy+lwt:installed}%" - "--freestanding" "%{mirage-solo5:installed}%"] - -build-test: [[ "ocaml" "pkg/pkg.ml" "build" "--pinned" "%{pinned}%" "--tests" "true" ] - [ "ocaml" "pkg/pkg.ml" "test"]] - - -depends: [ - "ocamlfind" {build} - "ocamlbuild" {build} - "topkg" {build} - "cpuid" {build} - "ocb-stubblr" {build} - "ounit" {test} - "cstruct" {>="3.0.0" & <"3.4.0"} - "ocplib-endian" - "zarith" - ("mirage-no-xen" | ("mirage-xen" & "zarith-xen")) - ("mirage-no-solo5" | ("mirage-solo5" & "zarith-freestanding")) -] - -depopts: [ - "mirage-entropy" - "cstruct-lwt" - "lwt" -] - -conflicts: [ - "topkg" {<"0.8.0"} - "ocb-stubblr" {<"0.1.0"} - "mirage-xen" {<"2.2.0"} -] diff --git a/pkg/META b/pkg/META deleted file mode 100644 index df93d6d..0000000 --- a/pkg/META +++ /dev/null @@ -1,43 +0,0 @@ -version = "%%VERSION_NUM%%" -description = "Simple crypto for the modern age" -requires = "cstruct zarith ocplib-endian" -archive(byte) = "nocrypto.cma" -archive(native) = "nocrypto.cmxa" -plugin(byte) = "nocrypto.cma" -plugin(native) = "nocrypto.cmxs" -xen_linkopts = "-lnocrypto_stubs+mirage-xen" -freestanding_linkopts = "-lnocrypto_stubs+mirage-freestanding" -exists_if = "nocrypto.cma" - -package "unix" ( - version = "%%VERSION_NUM%%" - description = "Simple crypto for the modern age" - requires = "nocrypto unix bytes" - archive(byte) = "nocrypto_unix.cma" - archive(native) = "nocrypto_unix.cmxa" - plugin(byte) = "nocrypto_unix.cma" - plugin(native) = "nocrypto_unix.cmxs" - exists_if = "nocrypto_unix.cma" -) - -package "lwt" ( - version = "%%VERSION_NUM%%" - description = "Simple crypto for the modern age" - requires = "nocrypto nocrypto.unix lwt.unix cstruct-lwt" - archive(byte) = "nocrypto_lwt.cma" - archive(native) = "nocrypto_lwt.cmxa" - plugin(byte) = "nocrypto_lwt.cma" - plugin(native) = "nocrypto_lwt.cmxs" - exists_if = "nocrypto_lwt.cma" -) - -package "mirage" ( - version = "%%VERSION_NUM%%" - description = "Simple crypto for the modern age" - requires = "nocrypto lwt mirage-entropy" - archive(byte) = "nocrypto_mirage.cma" - archive(native) = "nocrypto_mirage.cmxa" - plugin(byte) = "nocrypto_mirage.cma" - plugin(native) = "nocrypto_mirage.cmxs" - exists_if = "nocrypto_mirage.cma" -) diff --git a/pkg/pkg.ml b/pkg/pkg.ml deleted file mode 100755 index a263a4b..0000000 --- a/pkg/pkg.ml +++ /dev/null @@ -1,53 +0,0 @@ -#!/usr/bin/env ocaml -#use "topfind" -#require "topkg" -#require "cpuid" -#require "ocb-stubblr.topkg" -open Topkg -open Ocb_stubblr_topkg - -let cpuflags = [`SSSE3; `AES; `PCLMULQDQ] - -let unix = Conf.with_pkg ~default:true "unix" -let lwt = Conf.with_pkg ~default:false "lwt" -let xen = Conf.(key "xen" bool ~absent:false - ~doc:"Build Mirage/Xen support.") -let fs = Conf.(key "freestanding" bool ~absent:false - ~doc:"Build Mirage/Solo5 support.") -let mir = Conf.(key "mirage" bool ~absent:false - ~doc:"Build Mirage support.") -let accelerate = Conf.(discovered_key "accelerate" bool - ~absent:(fun () -> match Cpuid.supports cpuflags with - | Ok r -> Ok r | Error _ -> Ok false) - ~env:"NOCRYPTO_ACCELERATE" - ~doc:"Enable the use of extended CPU features (SSE3, AES-NI). \ - If unspecified, matches build machine's capabilities.") - -let tags = [(accelerate, "accelerate")] - -let opams = - let build = ["ocb-stubblr"; "cpuid"] - and hacks = [ "zarith-xen"; "mirage-xen"; "mirage-no-xen"; - "zarith-freestanding"; "mirage-solo5"; "mirage-no-solo5" ] - in [Pkg.opam_file "opam" ~lint_deps_excluding:(Some (build @ hacks))] - -let cmd c os files = - OS.Cmd.run Cmd.(build_cmd c os %% Pkg.ocb_bool_tags c tags %% of_list files) - -let build = Pkg.build ~cmd () - -let () = - Pkg.describe "nocrypto" ~build ~opams @@ fun c -> - let unix = Conf.value c unix in - let lwt = Conf.value c lwt && unix - and xen = Conf.value c xen - and fs = Conf.value c fs in - let mir = Conf.value c mir in - Ok [ Pkg.clib "src/libnocrypto_stubs.clib"; - Pkg.mllib "src/nocrypto.mllib" ~api:["Nocrypto"]; - Pkg.mllib ~cond:unix "unix/nocrypto_unix.mllib"; - Pkg.mllib ~cond:lwt "lwt/nocrypto_lwt.mllib"; - Pkg.mllib ~cond:mir "mirage/nocrypto_mirage.mllib"; - Pkg.test "tests/testrunner"; - Pkg.test ~run:false "bench/speed"; - mirage ~xen ~fs "src/libnocrypto_stubs.clib"; ] diff --git a/src/dune b/src/dune new file mode 100644 index 0000000..bbc3ead --- /dev/null +++ b/src/dune @@ -0,0 +1,21 @@ +(library + (public_name nocrypto) + (synopsis "Simple crypto for the modern age") + (libraries cstruct zarith ocplib-endian) + (wrapped false) + (private_modules no_base64 no_ccm no_cipher_block no_cipher_stream no_dh + no_dsa no_fortuna no_hash no_hmac_drgb no_native no_numeric + no_rng no_rsa no_uncommon) + (c_names misc + md5 sha1 sha256 sha512 stubs + aes_generic aes_aesni ghash_generic ghash_pclmul + des_generic) + (c_flags (:include c_flags.sexp))) + +(include_subdirs unqualified) + +(rule + (targets c_flags.sexp) + (deps (:discover ../config/cfg.exe)) + (action (run %{discover} -file c_flags.sexp))) + diff --git a/src/libnocrypto_stubs.clib b/src/libnocrypto_stubs.clib deleted file mode 100644 index ca9a58c..0000000 --- a/src/libnocrypto_stubs.clib +++ /dev/null @@ -1,11 +0,0 @@ -native/misc.o -native/hash/stubs.o -native/hash/md5.o -native/hash/sha1.o -native/hash/sha256.o -native/hash/sha512.o -native/aes/aes_generic.o -native/aes/aes_aesni.o -native/des/des_generic.o -native/ghash/ghash_pclmul.o -native/ghash/ghash_generic.o diff --git a/src/no_cipher_block.ml b/src/no_cipher_block.ml index f9ad800..cedc0ba 100644 --- a/src/no_cipher_block.ml +++ b/src/no_cipher_block.ml @@ -366,8 +366,6 @@ module Modes2 = struct end -open Bigarray - module AES = struct module Core : S.Core = struct diff --git a/src/no_gcm.ml b/src/no_gcm.ml deleted file mode 100644 index 2394e5f..0000000 --- a/src/no_gcm.ml +++ /dev/null @@ -1,113 +0,0 @@ -(* - * A fully functional GHASH model implementation, currently not used. - * - * Based mostly on NIST 800-38D. - *) -open Uncommon - -module I128 = struct - - open Int64 - - module I64 = Numeric.Int64 - - type t = int64 * int64 - - let of_cstruct cs : t = - Cstruct.BE.(get_uint64 cs 0, get_uint64 cs 8) - - let to_cstruct ((a, b) : t) = - let cs = Cstruct.create 16 in - Cstruct.BE.( (set_uint64 cs 0 a ; set_uint64 cs 8 b) ); - cs - - let xor (a1, b1) (a2, b2) = I64.(a1 lxor a2, b1 lxor b2) - - let lsr1 (a, b) = - let open I64 in - let a' = a lsr 1 and b' = b lsr 1 in - match a land 1L with - | 0L -> (a', b') - | _ -> (a', b' lor 0x8000000000000000L) - - let bit (a, b) i = - let x = if i < 64 then I64.(lsr) a (63 - i) else I64.(lsr) b (127 - i) - in I64.(x land 1L = 1L) - - let byte (a, b) i = - let x = - if i < 8 then I64.(lsr) a (8 * (7 - i)) - else I64.(lsr) b (8 * (15 - i)) - in I64.(to_int (x land 0xffL)) - - let of_byte x i = - let x = I64.of_int (x land 0xff) in - if i < 8 then (I64.(lsl) x (8 * (7 - i)), 0L) - else (0L, I64.(lsl) x (8 * (15 - i))) - - (* XXX *) - let rnd () = Random.(Int64.(int64 max_int, int64 max_int)) - -end - -module GF128 = struct - - type t = I128.t - - let r = (0xe100000000000000L, 0L) (* 11100001 || 0^120 *) - and zero = (0L, 0L) - and one = (0x8000000000000000L, 0L) - and a1 = (0x4000000000000000L, 0L) - - let of_cstruct = I128.of_cstruct - and to_cstruct = I128.to_cstruct - - let mul x y = - let open I128 in - let rec loop z v = function - | 128 -> z - | i -> loop (if bit x i then xor z v else z) - (if bit v 127 then xor (lsr1 v) r else lsr1 v) - (succ i) - in loop zero y 0 - - and ( + ) = I128.xor - let ( * ) = mul - - let pow x n = - let rec loop acc b = function - | 0 -> acc - | e when e mod 2 = 1 -> loop (acc * b) b (pred e) - | e -> loop acc (b * b) (e / 2) in - loop one x n - - let a8 = pow a1 8 - - type hkey = t array array - - let mtab h : hkey = - Array.init 16 @@ fun i -> - let ph = h * pow a8 i in - Array.init 256 (fun x -> I128.(of_byte x 0) * ph) - - let ( @* ) (t : hkey) x = - let rec loop acc = function - | 16 -> acc - | i -> loop (t.(i).(I128.byte x i) + acc) (succ i) in - loop zero 0 - -end - -open Cstruct - -let hkey h = GF128.(mtab (of_cstruct h)) - -let ghash ~h cs = - let rec loop acc cs = - match len cs with - | 0 -> GF128.to_cstruct acc - | _ -> - let x = GF128.of_cstruct cs in - loop GF128.(h @* (x + acc)) (shift cs 16) - in - loop GF128.zero cs diff --git a/src/no_rsa.ml b/src/no_rsa.ml index f522bce..e6ae207 100644 --- a/src/no_rsa.ml +++ b/src/no_rsa.ml @@ -118,7 +118,7 @@ module PKCS1 = struct (* XXX Generalize this into `Rng.samplev` or something. *) let generate_with ?g ~f n = let cs = create n - and k = let b = Rng.block g in Rng.(n // b * b) in + and k = let b = Rng.block g in (n // b * b) in let rec go nonce i j = if i = n then cs else if j = k then go Rng.(generate ?g k) i 0 else diff --git a/src/nocrypto.mllib b/src/nocrypto.mllib deleted file mode 100644 index 54af07b..0000000 --- a/src/nocrypto.mllib +++ /dev/null @@ -1,15 +0,0 @@ -No_uncommon -No_base64 -No_hash -No_cipher_stream -No_cipher_block -No_numeric -No_rng -No_rsa -No_dsa -No_dh -No_native -No_fortuna -No_hmac_drgb -No_ccm -Nocrypto diff --git a/tests/dune b/tests/dune new file mode 100644 index 0000000..e61c6d1 --- /dev/null +++ b/tests/dune @@ -0,0 +1,4 @@ +(test + (name testrunner) + (libraries nocrypto nocrypto.unix oUnit)) + diff --git a/tests/hmac_tests.ml b/tests/hmac_tests.ml index a6e77a0..884c1fc 100644 --- a/tests/hmac_tests.ml +++ b/tests/hmac_tests.ml @@ -5,8 +5,6 @@ open Notest open Nocrypto open Nocrypto.Uncommon -open Nocrypto.Hash - (* This is from RFC 2022 (MD5/SHA1) and 4231 (SHA2) *) let hex = Cs.of_hex diff --git a/unix/dune b/unix/dune new file mode 100644 index 0000000..6b08cf8 --- /dev/null +++ b/unix/dune @@ -0,0 +1,6 @@ +(library + (name nocrypto_entropy_unix) + (public_name nocrypto.unix) + (synopsis "Unix-based entropy seeding") + (libraries nocrypto unix) + (optional)) diff --git a/unix/nocrypto_unix.mllib b/unix/nocrypto_unix.mllib deleted file mode 100644 index b8afed3..0000000 --- a/unix/nocrypto_unix.mllib +++ /dev/null @@ -1 +0,0 @@ -Nocrypto_entropy_unix