https://github.com/project-everest/hacl-star
- HEAD
- refs/heads/_aead
- refs/heads/_afromher_blake
- refs/heads/_afromher_cpu
- refs/heads/_afromher_cpuid
- refs/heads/_afromher_dev
- refs/heads/_afromher_nicer_asm
- refs/heads/_afromher_test
- refs/heads/_aseem_1916
- refs/heads/_aseem_abstract
- refs/heads/_aseem_binders_attrs
- refs/heads/_aseem_cache_smt
- refs/heads/_aseem_checked_files
- refs/heads/_aseem_effect_combinators_cleanup
- refs/heads/_aseem_fstar_no_return
- refs/heads/_aseem_fstar_pat_exhaustiveness_as_strengthening
- refs/heads/_aseem_heap_patterns
- refs/heads/_aseem_layered_effects
- refs/heads/_aseem_makefile
- refs/heads/_aseem_merkle_tree
- refs/heads/_aseem_no_abstract
- refs/heads/_aseem_opaque_specs
- refs/heads/_aseem_opaque_specs2
- refs/heads/_aseem_ulib_patterns
- refs/heads/_blipp_hpke
- refs/heads/_bryan
- refs/heads/_ckh-fstar-master-makegen
- refs/heads/_dev
- refs/heads/_dev_aes256
- refs/heads/_dev_avx512
- refs/heads/_dev_chacha_core_alt
- refs/heads/_dev_ckh_aes
- refs/heads/_dev_combinators
- refs/heads/_dev_combinators_poly
- refs/heads/_dev_create_fill
- refs/heads/_dev_frodo
- refs/heads/_dev_guillaume
- refs/heads/_dev_map_blocks
- refs/heads/_dev_mls
- refs/heads/_dev_mpfr_extraction
- refs/heads/_dev_p256
- refs/heads/_dev_pcv
- refs/heads/_dev_pkcs11
- refs/heads/_dev_qtesla
- refs/heads/_dev_sha2_spec_fix
- refs/heads/_doc_link
- refs/heads/_fast_mul
- refs/heads/_fast_mul_interop
- refs/heads/_fstar_1750
- refs/heads/_interop_better_stack
- refs/heads/_interop_stack
- refs/heads/_jay-instr-reordering
- refs/heads/_jay-instr-reordering-tests
- refs/heads/_jay-location-liveanalysis-experiments
- refs/heads/_nik-fstar-master
- refs/heads/_nik_dep
- refs/heads/_nik_fsharp_extaction
- refs/heads/_nik_interop
- refs/heads/_nik_norm_smt
- refs/heads/_nik_private
- refs/heads/_nik_zeta_full_norm_cfg
- refs/heads/_protz_ctr
- refs/heads/_protz_naming
- refs/heads/_protz_norm_issue
- refs/heads/_protz_windows_ci
- refs/heads/_public_proc
- refs/heads/_qtesla
- refs/heads/_rsapss
- refs/heads/_sha256_vec512
- refs/heads/_sha3
- refs/heads/_signal
- refs/heads/_son_aesgcm2
- refs/heads/_son_blake
- refs/heads/_son_debug_vec
- refs/heads/_son_factor_blake
- refs/heads/_son_fix_vectors
- refs/heads/_son_ibm
- refs/heads/_son_ibm1
- refs/heads/_son_ibm1_debug
- refs/heads/_son_ibm_bench
- refs/heads/_son_ibm_ppc
- refs/heads/_son_ibmz
- refs/heads/_taramana_ci
- refs/heads/_taramana_mitls_dev_20200819
- refs/heads/_taramana_ubuntu_focal
- refs/heads/_transpose
- refs/heads/_ulib_theory_symbols_in_patterns
- refs/heads/_vale
- refs/heads/_vale_aes
- refs/heads/_vale_aesgcm_reorder
- refs/heads/_vale_gcm_big_iv
- refs/heads/_vale_generic
- refs/heads/_vale_hacl_make
- refs/heads/_vale_heap
- refs/heads/_vale_heap_record
- refs/heads/_vale_heap_record_aesgcm
- refs/heads/_vale_issue29
- refs/heads/_vale_issue32
- refs/heads/_vale_issue36
- refs/heads/_vale_leakage
- refs/heads/_vale_leakage_stack
- refs/heads/_vale_mem_transform
- refs/heads/_vale_mem_transform-update-transformers
- refs/heads/_vale_memory
- refs/heads/_vale_memory_transform
- refs/heads/_vale_opaque
- refs/heads/_vale_opaque_make
- refs/heads/_vale_opt_ghash
- refs/heads/_vale_poly1305
- refs/heads/_vale_poly1305_merge
- refs/heads/_vale_poly1305_merge_fstar_master
- refs/heads/_vale_poly1305_merge_fstar_master2
- refs/heads/_vale_poly1305_merge_fstar_master3
- refs/heads/_vale_reduce_tcb
- refs/heads/_vale_sha
- refs/heads/_vale_sha2
- refs/heads/_vale_stack_aes
- refs/heads/_vale_stack_model
- refs/heads/_vale_state_invariant
- refs/heads/_vale_syntax
- refs/heads/_vale_typecheck
- refs/heads/_vale_unstructured
- refs/heads/adl_benchmark
- refs/heads/adl_delete_corecrypto
- refs/heads/adl_evercrypt_quicprovider
- refs/heads/adl_hash_openssl
- refs/heads/adl_quiccrypto_init
- refs/heads/afromher_big_aesgcm
- refs/heads/afromher_blake
- refs/heads/afromher_blake2
- refs/heads/afromher_cpu
- refs/heads/afromher_cpuid
- refs/heads/afromher_curve
- refs/heads/afromher_dev
- refs/heads/afromher_doc
- refs/heads/afromher_ed
- refs/heads/afromher_hpke
- refs/heads/afromher_inline_asm
- refs/heads/afromher_inline_printer
- refs/heads/afromher_merge
- refs/heads/afromher_merge_dev
- refs/heads/afromher_meta_chachapoly
- refs/heads/afromher_meta_poly
- refs/heads/afromher_nicer_asm
- refs/heads/afromher_renaming
- refs/heads/afromher_vale_normalization
- refs/heads/anilam_ecdsa
- refs/heads/anilam_ecdsa0
- refs/heads/anilam_ecdsa_defensive
- refs/heads/anilam_ecdsa_offensive
- refs/heads/anilam_ecdsa_test
- refs/heads/anilam_ecdsa_tmp
- refs/heads/anilam_fun
- refs/heads/anilam_master
- refs/heads/aseem_2306
- refs/heads/aseem_buffer_functoriality
- refs/heads/aseem_chacha20_spec_equiv
- refs/heads/aseem_deprecate_two_phase_tc_option
- refs/heads/aseem_deps
- refs/heads/aseem_dev
- refs/heads/aseem_dynamic_regions
- refs/heads/aseem_dynamic_regions_cleanup
- refs/heads/aseem_fstar_boolean_branch_guard
- refs/heads/aseem_fstar_dependent_match
- refs/heads/aseem_fstar_fast_implicits
- refs/heads/aseem_hyperstack_cleanup
- refs/heads/aseem_misc
- refs/heads/aseem_pure_wp_monotonicity
- refs/heads/aseem_remove_extracted_interfaces
- refs/heads/aseem_tmp_enxor_dexor
- refs/heads/aseem_top_level_null_wp
- refs/heads/barrybo_uint128
- refs/heads/barrybo_x86build
- refs/heads/beurdouche_aes
- refs/heads/beurdouche_ascon
- refs/heads/beurdouche_bench
- refs/heads/beurdouche_dhpke
- refs/heads/beurdouche_gimli
- refs/heads/beurdouche_masking
- refs/heads/beurdouche_rs25519
- refs/heads/bryan.parno_test
- refs/heads/buffer_null
- refs/heads/bump_npm
- refs/heads/c_record_filetransfer
- refs/heads/ckh-fstar-master
- refs/heads/ckh-fstar-master-makegen
- refs/heads/ckh-fstar-master-makegen2
- refs/heads/ckh-fstar-master2
- refs/heads/ckh-master
- refs/heads/ckh-master2
- refs/heads/ckh_fstar_master_make
- refs/heads/ckh_instr-reordering-aesgcm-rebased
- refs/heads/ckh_vale
- refs/heads/cwinter-ed25519
- refs/heads/cwinter_aesni
- refs/heads/cwinter_bundle_issue
- refs/heads/cwinter_gnubsd_bzero
- refs/heads/cwinter_merkle_bench
- refs/heads/cwinter_merkle_fix
- refs/heads/cwinter_merkle_mem_safety
- refs/heads/cwinter_merkle_path_hash_sizes
- refs/heads/cwinter_merkle_paths
- refs/heads/cwinter_merkle_upgrades
- refs/heads/cwinter_missing_module
- refs/heads/daachi_setup_travis
- refs/heads/denismerigoux_wasm
- refs/heads/dev
- refs/heads/dev_fstar-master_merge
- refs/heads/dev_jk_snapshot
- refs/heads/dev_mpfr
- refs/heads/dev_p256
- refs/heads/dev_pnmadelaine
- refs/heads/dev_protz
- refs/heads/dev_signeddhae_example
- refs/heads/dev_taramana_ci_test
- refs/heads/dev_tezos
- refs/heads/dev_update
- refs/heads/dev_wasm
- refs/heads/dragonstar
- refs/heads/dragonstar_temp
- refs/heads/ecdsa_main
- refs/heads/ed25519
- refs/heads/evercrypt-v0.1+
- refs/heads/example_poly
- refs/heads/floriangru_sparkle
- refs/heads/fournet_dexor
- refs/heads/fournet_ghosts
- refs/heads/fournet_hash
- refs/heads/fournet_hkdf
- refs/heads/fournet_merkle_tree
- refs/heads/franziskus/dist-build-update
- refs/heads/franziskus/dist-ci
- refs/heads/franziskus/windows-c-builds
- refs/heads/frodo_aes_sn
- refs/heads/frodo_aesni
- refs/heads/fstar-master
- refs/heads/fstar-master-sha2-inttypes
- refs/heads/fstar-master_dev_merge
- refs/heads/fstar-master_dev_merge2
- refs/heads/fstar-master_z3-4.8.5
- refs/heads/fstar-steel
- refs/heads/fstar_feq
- refs/heads/fstar_monotonic_hyperstack
- refs/heads/fstar_remove_eta
- refs/heads/fstat
- refs/heads/gf128
- refs/heads/gugavaro-patch-1
- refs/heads/guido_dev
- refs/heads/guido_math2
- refs/heads/guido_meta_native
- refs/heads/guido_null
- refs/heads/guido_null2
- refs/heads/guido_null3
- refs/heads/guido_pneu
- refs/heads/guido_rlimit
- refs/heads/guido_seq
- refs/heads/haclxn
- refs/heads/icfp2017aec
- refs/heads/jay-instr-reordering
- refs/heads/jay_instr-reordering-aesgcm
- refs/heads/jay_instr-reordering-aesgcm-rebased
- refs/heads/jay_transform-movbe
- refs/heads/jay_unstructured_transform
- refs/heads/jk_interfaces
- refs/heads/jonathan-on-master
- refs/heads/joonwonc_merkle_tree
- refs/heads/joonwonc_merkle_tree_fix
- refs/heads/joonwonc_merkle_tree_fix_flush
- refs/heads/joonwonc_merkle_tree_stable
- refs/heads/karthik_aes_bs
- refs/heads/karthik_blake2
- refs/heads/karthik_sha2_vec
- refs/heads/karthik_stateful
- refs/heads/karthik_vec
- refs/heads/konrad_dev
- refs/heads/konrad_dev_box
- refs/heads/kyberdev
- refs/heads/low
- refs/heads/master
- refs/heads/migrating_sts_bis
- refs/heads/multiplex
- refs/heads/nik_1566
- refs/heads/nik_1815
- refs/heads/nik_erasable
- refs/heads/nik_fstar-master
- refs/heads/nik_fstar-master-staging
- refs/heads/nik_hash_incremental_retry
- refs/heads/nik_makefile
- refs/heads/nik_makefile2
- refs/heads/nik_nbe
- refs/heads/nik_private
- refs/heads/nik_tcb_docs
- refs/heads/nik_uint
- refs/heads/nik_vale_rlimit
- refs/heads/nik_validity_axioms
- refs/heads/nik_wf
- refs/heads/nik_zeta_full_norm_cfg
- refs/heads/oss-fuzz
- refs/heads/p256
- refs/heads/p256_dh_preconditions
- refs/heads/parno-patch-1
- refs/heads/pjy_dev
- refs/heads/pneutube-fix
- refs/heads/polubelova_bn_sqr
- refs/heads/polubelova_build_fix
- refs/heads/polubelova_ci
- refs/heads/polubelova_ed25519_fw
- refs/heads/polubelova_ed25519_modq
- refs/heads/polubelova_fw
- refs/heads/polubelova_null
- refs/heads/polubelova_rsa
- refs/heads/polubelova_rsa_benchmark
- refs/heads/polubelova_sha2mb
- refs/heads/poly-no128
- refs/heads/pqcrypto_lib
- refs/heads/production-nss
- refs/heads/protz_blake2s256
- refs/heads/protz_bundle
- refs/heads/protz_ccf
- refs/heads/protz_ci
- refs/heads/protz_const
- refs/heads/protz_crf
- refs/heads/protz_cross
- refs/heads/protz_election_guard
- refs/heads/protz_fix_ci
- refs/heads/protz_fix_hints
- refs/heads/protz_freebsd
- refs/heads/protz_makefile2_ckh
- refs/heads/protz_memzero
- refs/heads/protz_neon
- refs/heads/protz_noopenssl
- refs/heads/protz_nostruct_passing
- refs/heads/protz_null
- refs/heads/protz_pre
- refs/heads/protz_puzzled
- refs/heads/protz_remove_old
- refs/heads/protz_rename
- refs/heads/protz_streaming
- refs/heads/protz_streaming_n_blocks
- refs/heads/protz_test
- refs/heads/protz_tests_explosion
- refs/heads/protz_wasm
- refs/heads/protz_windows_ci
- refs/heads/public_proc
- refs/heads/qtesla
- refs/heads/quic
- refs/heads/quic_transport
- refs/heads/readme-patch-1
- refs/heads/rproust_no_promises
- refs/heads/s-zanella-patch-1
- refs/heads/santiago_hkdf
- refs/heads/santiago_hmac_drbg
- refs/heads/santiago_inttypes
- refs/heads/sgx_apps
- refs/heads/son_aes_gcm
- refs/heads/son_aesgcm2
- refs/heads/son_blake
- refs/heads/son_blake2s_256
- refs/heads/son_buffers
- refs/heads/son_dev
- refs/heads/son_factor_blake
- refs/heads/son_fix
- refs/heads/son_fix_leaks
- refs/heads/son_functor_blocks
- refs/heads/son_ibm
- refs/heads/son_ibm1
- refs/heads/son_ibm_ppc
- refs/heads/son_ibmz
- refs/heads/son_libhaclml
- refs/heads/son_random
- refs/heads/son_revert_blake2s
- refs/heads/son_store_load
- refs/heads/sparkle
- refs/heads/stable
- refs/heads/taramana_bounded_patterns
- refs/heads/taramana_chacha20_no_modifies
- refs/heads/taramana_dev_buffers
- refs/heads/taramana_dev_specs
- refs/heads/taramana_explicit_fstar_all
- refs/heads/taramana_folding_containers
- refs/heads/taramana_include_seq_low_level_crypto
- refs/heads/taramana_md5
- refs/heads/taramana_md5_test
- refs/heads/taramana_test_benchmark_20190716_before_jc
- refs/heads/taramana_test_benchmark_20190716_before_merge
- refs/heads/vale
- refs/heads/vale2
- refs/heads/vale3
- refs/heads/vale_aes
- refs/heads/vale_aes_temp
- refs/heads/vale_aes_temp2
- refs/heads/vale_aes_temp3
- refs/heads/vale_generic
- refs/heads/vale_heap
- refs/heads/vale_heap_record
- refs/heads/vale_instructions
- refs/heads/vale_instructions2
- refs/heads/vale_leakage
- refs/heads/vale_leakage2
- refs/heads/vale_opaque_make
- refs/heads/vale_opt_ghash
- refs/heads/vale_poly1305
- refs/heads/vale_poly1305_merge
- refs/heads/vale_poly1305_merge_fstar_master
- refs/heads/vale_poly1305_merge_fstar_master2
- refs/heads/vale_poly1305_merge_fstar_master3
- refs/heads/vale_poly1305b
- refs/heads/vale_syntax
- refs/heads/vale_temp_ci
- refs/heads/vale_typecheck
- refs/heads/vdum_bignum_ocaml
- refs/heads/vdum_ctypes_ecdsa
- refs/heads/vdum_dev_merge_tests
- refs/heads/vdum_js
- refs/heads/vdum_ocaml
- refs/heads/vdum_ocaml_doc
- refs/heads/vdum_p256_benchmarking
- refs/heads/vdum_wasm
- refs/heads/volhovm_he
- refs/heads/volhovm_he_only2
- refs/tags/evercrypt-v0.1alpha1
- refs/tags/v.0.2.0
- refs/tags/v0.2.1
- refs/tags/v0.3.0
Raw File
Take a new snapshot of a software origin
If the archived software origin currently browsed is not synchronized with its upstream version (for instance when new commits have been issued), you can explicitly request Software Heritage to take a new snapshot of it.
Use the form below to proceed. Once a request has been submitted and accepted, it will be processed as soon as possible. You can then check its processing state by visiting this dedicated page.Processing "take a new snapshot" request ...
Permalinks
To reference or cite the objects present in the Software Heritage archive, permalinks based on SoftWare Hash IDentifiers (SWHIDs) must be used.
Select below a type of object currently browsed in order to display its associated SWHID and permalink.
Tip revision: 3e1cef923ca4ebf27a22045c2fb22399b1c727b0 authored by Aseem Rastogi on 17 October 2018, 17:05:11 UTC
Style 3: an indirection, but no lemmas, and also less number of qualifiers
Style 3: an indirection, but no lemmas, and also less number of qualifiers
Tip revision: 3e1cef9
README.md
# HACL* cryptographic code
## Description
This directory contains verified F* code for several cryptographic primitives.
Currently unverified and partially-verified primitives are kept in the `experimental` directory.
They will be moved out of this directory to a subdirectory of `code` once their verification is complete.
## Structure
+ `salsa-family`: Code for Salsa20, HSalsa20, XSalsa20, and ChaCha20
+ `bignum`: Code for generic prime-field arithmetic
+ `poly1305`: Code for Poly1305 MAC (relies on bignum)
+ `curve25519`: Code for Curve25519 (relies on bignum)
+ `ed25519`: Code for Ed25519 signatures (relies on bignum)
+ `hash`: Code for SHA2, in particular versions 256, 384 and 512
+ `hmac`: Code for HMAC Message Authentication Code for SHA2-{256,384,512}
## Verification
Run `make verify` to run start the library verification.
All primitives are verified for memory safety, secret independence (a side-channel mitigation),
and functional correctness against the high-level specifications in `hacl-star/specs`.
## Extraction to C and execution
Run `make extract-c` to compile the F* code into C code for those primitives
and run it on a single test vector. If you do not have F* or KreMLin installed,
and you want to see the currently generated C code, look at the snapshot
checked into the `hacl-star/snapshots/hacl-c` directory.