https://github.com/project-everest/hacl-star
- HEAD
- refs/heads/_aead
- refs/heads/_afromher_blake
- refs/heads/_afromher_cpu
- refs/heads/_afromher_cpuid
- refs/heads/_afromher_dev
- refs/heads/_afromher_nicer_asm
- refs/heads/_afromher_test
- refs/heads/_aseem_1916
- refs/heads/_aseem_abstract
- refs/heads/_aseem_binders_attrs
- refs/heads/_aseem_cache_smt
- refs/heads/_aseem_checked_files
- refs/heads/_aseem_effect_combinators_cleanup
- refs/heads/_aseem_fstar_no_return
- refs/heads/_aseem_fstar_pat_exhaustiveness_as_strengthening
- refs/heads/_aseem_heap_patterns
- refs/heads/_aseem_layered_effects
- refs/heads/_aseem_makefile
- refs/heads/_aseem_merkle_tree
- refs/heads/_aseem_no_abstract
- refs/heads/_aseem_opaque_specs
- refs/heads/_aseem_opaque_specs2
- refs/heads/_aseem_ulib_patterns
- refs/heads/_blipp_hpke
- refs/heads/_bryan
- refs/heads/_ckh-fstar-master-makegen
- refs/heads/_dev
- refs/heads/_dev_aes256
- refs/heads/_dev_avx512
- refs/heads/_dev_chacha_core_alt
- refs/heads/_dev_ckh_aes
- refs/heads/_dev_combinators
- refs/heads/_dev_combinators_poly
- refs/heads/_dev_create_fill
- refs/heads/_dev_frodo
- refs/heads/_dev_guillaume
- refs/heads/_dev_map_blocks
- refs/heads/_dev_mls
- refs/heads/_dev_mpfr_extraction
- refs/heads/_dev_p256
- refs/heads/_dev_pcv
- refs/heads/_dev_pkcs11
- refs/heads/_dev_qtesla
- refs/heads/_dev_sha2_spec_fix
- refs/heads/_doc_link
- refs/heads/_fast_mul
- refs/heads/_fast_mul_interop
- refs/heads/_fstar_1750
- refs/heads/_interop_better_stack
- refs/heads/_interop_stack
- refs/heads/_jay-instr-reordering
- refs/heads/_jay-instr-reordering-tests
- refs/heads/_jay-location-liveanalysis-experiments
- refs/heads/_nik-fstar-master
- refs/heads/_nik_dep
- refs/heads/_nik_fsharp_extaction
- refs/heads/_nik_interop
- refs/heads/_nik_norm_smt
- refs/heads/_nik_private
- refs/heads/_nik_zeta_full_norm_cfg
- refs/heads/_protz_ctr
- refs/heads/_protz_naming
- refs/heads/_protz_norm_issue
- refs/heads/_protz_windows_ci
- refs/heads/_public_proc
- refs/heads/_qtesla
- refs/heads/_rsapss
- refs/heads/_sha256_vec512
- refs/heads/_sha3
- refs/heads/_signal
- refs/heads/_son_aesgcm2
- refs/heads/_son_blake
- refs/heads/_son_debug_vec
- refs/heads/_son_factor_blake
- refs/heads/_son_fix_vectors
- refs/heads/_son_ibm
- refs/heads/_son_ibm1
- refs/heads/_son_ibm1_debug
- refs/heads/_son_ibm_bench
- refs/heads/_son_ibm_ppc
- refs/heads/_son_ibmz
- refs/heads/_taramana_ci
- refs/heads/_taramana_mitls_dev_20200819
- refs/heads/_taramana_ubuntu_focal
- refs/heads/_transpose
- refs/heads/_ulib_theory_symbols_in_patterns
- refs/heads/_vale
- refs/heads/_vale_aes
- refs/heads/_vale_aesgcm_reorder
- refs/heads/_vale_gcm_big_iv
- refs/heads/_vale_generic
- refs/heads/_vale_hacl_make
- refs/heads/_vale_heap
- refs/heads/_vale_heap_record
- refs/heads/_vale_heap_record_aesgcm
- refs/heads/_vale_issue29
- refs/heads/_vale_issue32
- refs/heads/_vale_issue36
- refs/heads/_vale_leakage
- refs/heads/_vale_leakage_stack
- refs/heads/_vale_mem_transform
- refs/heads/_vale_mem_transform-update-transformers
- refs/heads/_vale_memory
- refs/heads/_vale_memory_transform
- refs/heads/_vale_opaque
- refs/heads/_vale_opaque_make
- refs/heads/_vale_opt_ghash
- refs/heads/_vale_poly1305
- refs/heads/_vale_poly1305_merge
- refs/heads/_vale_poly1305_merge_fstar_master
- refs/heads/_vale_poly1305_merge_fstar_master2
- refs/heads/_vale_poly1305_merge_fstar_master3
- refs/heads/_vale_reduce_tcb
- refs/heads/_vale_sha
- refs/heads/_vale_sha2
- refs/heads/_vale_stack_aes
- refs/heads/_vale_stack_model
- refs/heads/_vale_state_invariant
- refs/heads/_vale_syntax
- refs/heads/_vale_typecheck
- refs/heads/_vale_unstructured
- refs/heads/adl_benchmark
- refs/heads/adl_delete_corecrypto
- refs/heads/adl_evercrypt_quicprovider
- refs/heads/adl_hash_openssl
- refs/heads/adl_quiccrypto_init
- refs/heads/afromher_big_aesgcm
- refs/heads/afromher_blake
- refs/heads/afromher_blake2
- refs/heads/afromher_cpu
- refs/heads/afromher_cpuid
- refs/heads/afromher_curve
- refs/heads/afromher_dev
- refs/heads/afromher_doc
- refs/heads/afromher_ed
- refs/heads/afromher_hpke
- refs/heads/afromher_inline_asm
- refs/heads/afromher_inline_printer
- refs/heads/afromher_merge
- refs/heads/afromher_merge_dev
- refs/heads/afromher_meta_chachapoly
- refs/heads/afromher_meta_poly
- refs/heads/afromher_nicer_asm
- refs/heads/afromher_renaming
- refs/heads/afromher_vale_normalization
- refs/heads/anilam_ecdsa
- refs/heads/anilam_ecdsa0
- refs/heads/anilam_ecdsa_defensive
- refs/heads/anilam_ecdsa_offensive
- refs/heads/anilam_ecdsa_test
- refs/heads/anilam_ecdsa_tmp
- refs/heads/anilam_fun
- refs/heads/anilam_master
- refs/heads/aseem_2306
- refs/heads/aseem_buffer_functoriality
- refs/heads/aseem_chacha20_spec_equiv
- refs/heads/aseem_deprecate_two_phase_tc_option
- refs/heads/aseem_deps
- refs/heads/aseem_dev
- refs/heads/aseem_dynamic_regions
- refs/heads/aseem_dynamic_regions_cleanup
- refs/heads/aseem_fstar_boolean_branch_guard
- refs/heads/aseem_fstar_dependent_match
- refs/heads/aseem_fstar_fast_implicits
- refs/heads/aseem_hyperstack_cleanup
- refs/heads/aseem_misc
- refs/heads/aseem_pure_wp_monotonicity
- refs/heads/aseem_remove_extracted_interfaces
- refs/heads/aseem_tmp_enxor_dexor
- refs/heads/aseem_top_level_null_wp
- refs/heads/barrybo_uint128
- refs/heads/barrybo_x86build
- refs/heads/beurdouche_aes
- refs/heads/beurdouche_ascon
- refs/heads/beurdouche_bench
- refs/heads/beurdouche_dhpke
- refs/heads/beurdouche_gimli
- refs/heads/beurdouche_masking
- refs/heads/beurdouche_rs25519
- refs/heads/bryan.parno_test
- refs/heads/buffer_null
- refs/heads/bump_npm
- refs/heads/c_record_filetransfer
- refs/heads/ckh-fstar-master
- refs/heads/ckh-fstar-master-makegen
- refs/heads/ckh-fstar-master-makegen2
- refs/heads/ckh-fstar-master2
- refs/heads/ckh-master
- refs/heads/ckh-master2
- refs/heads/ckh_fstar_master_make
- refs/heads/ckh_instr-reordering-aesgcm-rebased
- refs/heads/ckh_vale
- refs/heads/cwinter-ed25519
- refs/heads/cwinter_aesni
- refs/heads/cwinter_bundle_issue
- refs/heads/cwinter_gnubsd_bzero
- refs/heads/cwinter_merkle_bench
- refs/heads/cwinter_merkle_fix
- refs/heads/cwinter_merkle_mem_safety
- refs/heads/cwinter_merkle_path_hash_sizes
- refs/heads/cwinter_merkle_paths
- refs/heads/cwinter_merkle_upgrades
- refs/heads/cwinter_missing_module
- refs/heads/daachi_setup_travis
- refs/heads/denismerigoux_wasm
- refs/heads/dev
- refs/heads/dev_fstar-master_merge
- refs/heads/dev_jk_snapshot
- refs/heads/dev_mpfr
- refs/heads/dev_p256
- refs/heads/dev_pnmadelaine
- refs/heads/dev_protz
- refs/heads/dev_signeddhae_example
- refs/heads/dev_taramana_ci_test
- refs/heads/dev_tezos
- refs/heads/dev_update
- refs/heads/dev_wasm
- refs/heads/dragonstar
- refs/heads/dragonstar_temp
- refs/heads/ecdsa_main
- refs/heads/ed25519
- refs/heads/evercrypt-v0.1+
- refs/heads/example_poly
- refs/heads/floriangru_sparkle
- refs/heads/fournet_dexor
- refs/heads/fournet_ghosts
- refs/heads/fournet_hash
- refs/heads/fournet_hkdf
- refs/heads/fournet_merkle_tree
- refs/heads/franziskus/dist-build-update
- refs/heads/franziskus/dist-ci
- refs/heads/franziskus/windows-c-builds
- refs/heads/frodo_aes_sn
- refs/heads/frodo_aesni
- refs/heads/fstar-master
- refs/heads/fstar-master-sha2-inttypes
- refs/heads/fstar-master_dev_merge
- refs/heads/fstar-master_dev_merge2
- refs/heads/fstar-master_z3-4.8.5
- refs/heads/fstar-steel
- refs/heads/fstar_feq
- refs/heads/fstar_monotonic_hyperstack
- refs/heads/fstar_remove_eta
- refs/heads/fstat
- refs/heads/gf128
- refs/heads/gugavaro-patch-1
- refs/heads/guido_dev
- refs/heads/guido_math2
- refs/heads/guido_meta_native
- refs/heads/guido_null
- refs/heads/guido_null2
- refs/heads/guido_null3
- refs/heads/guido_pneu
- refs/heads/guido_rlimit
- refs/heads/guido_seq
- refs/heads/haclxn
- refs/heads/icfp2017aec
- refs/heads/jay-instr-reordering
- refs/heads/jay_instr-reordering-aesgcm
- refs/heads/jay_instr-reordering-aesgcm-rebased
- refs/heads/jay_transform-movbe
- refs/heads/jay_unstructured_transform
- refs/heads/jk_interfaces
- refs/heads/jonathan-on-master
- refs/heads/joonwonc_merkle_tree
- refs/heads/joonwonc_merkle_tree_fix
- refs/heads/joonwonc_merkle_tree_fix_flush
- refs/heads/joonwonc_merkle_tree_stable
- refs/heads/karthik_aes_bs
- refs/heads/karthik_blake2
- refs/heads/karthik_sha2_vec
- refs/heads/karthik_stateful
- refs/heads/karthik_vec
- refs/heads/konrad_dev
- refs/heads/konrad_dev_box
- refs/heads/kyberdev
- refs/heads/low
- refs/heads/master
- refs/heads/migrating_sts_bis
- refs/heads/multiplex
- refs/heads/nik_1566
- refs/heads/nik_1815
- refs/heads/nik_erasable
- refs/heads/nik_fstar-master
- refs/heads/nik_fstar-master-staging
- refs/heads/nik_hash_incremental_retry
- refs/heads/nik_makefile
- refs/heads/nik_makefile2
- refs/heads/nik_nbe
- refs/heads/nik_private
- refs/heads/nik_tcb_docs
- refs/heads/nik_uint
- refs/heads/nik_vale_rlimit
- refs/heads/nik_validity_axioms
- refs/heads/nik_wf
- refs/heads/nik_zeta_full_norm_cfg
- refs/heads/oss-fuzz
- refs/heads/p256
- refs/heads/p256_dh_preconditions
- refs/heads/parno-patch-1
- refs/heads/pjy_dev
- refs/heads/pneutube-fix
- refs/heads/polubelova_bn_sqr
- refs/heads/polubelova_build_fix
- refs/heads/polubelova_ci
- refs/heads/polubelova_ed25519_fw
- refs/heads/polubelova_ed25519_modq
- refs/heads/polubelova_fw
- refs/heads/polubelova_null
- refs/heads/polubelova_rsa
- refs/heads/polubelova_rsa_benchmark
- refs/heads/polubelova_sha2mb
- refs/heads/poly-no128
- refs/heads/pqcrypto_lib
- refs/heads/production-nss
- refs/heads/protz_blake2s256
- refs/heads/protz_bundle
- refs/heads/protz_ccf
- refs/heads/protz_ci
- refs/heads/protz_const
- refs/heads/protz_crf
- refs/heads/protz_cross
- refs/heads/protz_election_guard
- refs/heads/protz_fix_ci
- refs/heads/protz_fix_hints
- refs/heads/protz_freebsd
- refs/heads/protz_makefile2_ckh
- refs/heads/protz_memzero
- refs/heads/protz_neon
- refs/heads/protz_noopenssl
- refs/heads/protz_nostruct_passing
- refs/heads/protz_null
- refs/heads/protz_pre
- refs/heads/protz_puzzled
- refs/heads/protz_remove_old
- refs/heads/protz_rename
- refs/heads/protz_streaming
- refs/heads/protz_streaming_n_blocks
- refs/heads/protz_test
- refs/heads/protz_tests_explosion
- refs/heads/protz_wasm
- refs/heads/protz_windows_ci
- refs/heads/public_proc
- refs/heads/qtesla
- refs/heads/quic
- refs/heads/quic_transport
- refs/heads/readme-patch-1
- refs/heads/rproust_no_promises
- refs/heads/s-zanella-patch-1
- refs/heads/santiago_hkdf
- refs/heads/santiago_hmac_drbg
- refs/heads/santiago_inttypes
- refs/heads/sgx_apps
- refs/heads/son_aes_gcm
- refs/heads/son_aesgcm2
- refs/heads/son_blake
- refs/heads/son_blake2s_256
- refs/heads/son_buffers
- refs/heads/son_dev
- refs/heads/son_factor_blake
- refs/heads/son_fix
- refs/heads/son_fix_leaks
- refs/heads/son_functor_blocks
- refs/heads/son_ibm
- refs/heads/son_ibm1
- refs/heads/son_ibm_ppc
- refs/heads/son_ibmz
- refs/heads/son_libhaclml
- refs/heads/son_random
- refs/heads/son_revert_blake2s
- refs/heads/son_store_load
- refs/heads/sparkle
- refs/heads/stable
- refs/heads/taramana_bounded_patterns
- refs/heads/taramana_chacha20_no_modifies
- refs/heads/taramana_dev_buffers
- refs/heads/taramana_dev_specs
- refs/heads/taramana_explicit_fstar_all
- refs/heads/taramana_folding_containers
- refs/heads/taramana_include_seq_low_level_crypto
- refs/heads/taramana_md5
- refs/heads/taramana_md5_test
- refs/heads/taramana_test_benchmark_20190716_before_jc
- refs/heads/taramana_test_benchmark_20190716_before_merge
- refs/heads/vale
- refs/heads/vale2
- refs/heads/vale3
- refs/heads/vale_aes
- refs/heads/vale_aes_temp
- refs/heads/vale_aes_temp2
- refs/heads/vale_aes_temp3
- refs/heads/vale_generic
- refs/heads/vale_heap
- refs/heads/vale_heap_record
- refs/heads/vale_instructions
- refs/heads/vale_instructions2
- refs/heads/vale_leakage
- refs/heads/vale_leakage2
- refs/heads/vale_opaque_make
- refs/heads/vale_opt_ghash
- refs/heads/vale_poly1305
- refs/heads/vale_poly1305_merge
- refs/heads/vale_poly1305_merge_fstar_master
- refs/heads/vale_poly1305_merge_fstar_master2
- refs/heads/vale_poly1305_merge_fstar_master3
- refs/heads/vale_poly1305b
- refs/heads/vale_syntax
- refs/heads/vale_temp_ci
- refs/heads/vale_typecheck
- refs/heads/vdum_bignum_ocaml
- refs/heads/vdum_ctypes_ecdsa
- refs/heads/vdum_dev_merge_tests
- refs/heads/vdum_js
- refs/heads/vdum_ocaml
- refs/heads/vdum_ocaml_doc
- refs/heads/vdum_p256_benchmarking
- refs/heads/vdum_wasm
- refs/heads/volhovm_he
- refs/heads/volhovm_he_only2
- refs/tags/evercrypt-v0.1alpha1
- refs/tags/v.0.2.0
- refs/tags/v0.2.1
- refs/tags/v0.3.0
Raw File 
Take a new snapshot of a software origin
If the archived software origin currently browsed is not synchronized with its upstream version (for instance when new commits have been issued), you can explicitly request Software Heritage to take a new snapshot of it.
Use the form below to proceed. Once a request has been submitted and accepted, it will be processed as soon as possible. You can then check its processing state by visiting this dedicated page. Processing "take a new snapshot" request ...
Permalinks
To reference or cite the objects present in the Software Heritage archive, permalinks based on SoftWare Hash IDentifiers (SWHIDs) must be used.
Select below a type of object currently browsed in order to display its associated SWHID and permalink.
Tip revision: a49bebc62e1e24bc6e8734a46b4f750277a8fbaa authored by Aseem Rastogi on 27 November 2019, 05:47:27 UTC
hints
hints
Tip revision: a49bebc
Hacl.Frodo.KEM.fst
module Hacl.Frodo.KEM
open FStar.HyperStack
open FStar.HyperStack.ST
open LowStar.Buffer
open Lib.IntTypes
open Lib.Buffer
open Hacl.Impl.Matrix
open Hacl.Impl.Frodo.Params
open Hacl.Impl.Frodo.KEM
open Hacl.Frodo.Random
module S = Spec.Frodo.KEM
#reset-options "--z3rlimit 50 --max_fuel 0 --max_ifuel 0 --using_facts_from '* -FStar.Seq'"
val crypto_kem_keypair:
pk:lbytes crypto_publickeybytes
-> sk:lbytes crypto_secretkeybytes
-> Stack uint32
(requires fun h ->
live h pk /\ live h sk /\
disjoint pk sk /\ disjoint state pk /\ disjoint state sk)
(ensures fun h0 r h1 ->
modifies (loc state |+| (loc pk |+| loc sk)) h0 h1 /\
(as_seq h1 pk, as_seq h1 sk) == S.crypto_kem_keypair (as_seq h0 state))
let crypto_kem_keypair pk sk =
Hacl.Impl.Frodo.KEM.KeyGen.crypto_kem_keypair pk sk
val crypto_kem_enc:
ct:lbytes crypto_ciphertextbytes
-> ss:lbytes crypto_bytes
-> pk:lbytes crypto_publickeybytes
-> Stack uint32
(requires fun h ->
live h ct /\ live h ss /\ live h pk /\
disjoint ct ss /\ disjoint ct pk /\ disjoint ss pk /\
disjoint state ct /\ disjoint state ss /\ disjoint state pk)
(ensures fun h0 _ h1 ->
modifies (loc state |+| (loc ct |+| loc ss)) h0 h1 /\
(as_seq h1 ct, as_seq h1 ss) == S.crypto_kem_enc (as_seq h0 state) (as_seq h0 pk))
let crypto_kem_enc ct ss pk =
Hacl.Impl.Frodo.KEM.Encaps.crypto_kem_enc ct ss pk
val crypto_kem_dec:
ss:lbytes crypto_bytes
-> ct:lbytes crypto_ciphertextbytes
-> sk:lbytes crypto_secretkeybytes
-> Stack uint32
(requires fun h ->
live h ss /\ live h ct /\ live h sk /\
disjoint ss ct /\ disjoint ss sk /\ disjoint ct sk)
(ensures fun h0 r h1 ->
modifies1 ss h0 h1 /\
as_seq h1 ss == S.crypto_kem_dec (as_seq h0 ct) (as_seq h0 sk))
let crypto_kem_dec ss ct sk =
Hacl.Impl.Frodo.KEM.Decaps.crypto_kem_dec ss ct sk
