mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1826304: Switch to SHA3 based PRG. r=emilio,supply-chain-reviewers 

Depends on D175099

Differential Revision: https://phabricator.services.mozilla.com/D175375
This commit is contained in:
Simon Friedberger 2023-06-22 09:28:45 +00:00
Родитель b1df5e55c3
Коммит f321008c6b
63 изменённых файлов: 3269 добавлений и 1765 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

24
Cargo.lock сгенерированный
Просмотреть файл

@ -2800,6 +2800,15 @@ dependencies = [
"smoosh",
]
[[package]]
name = "keccak"
version = "0.1.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3afef3b6eff9ce9d8ff9b3601125eec7f0c8cbac7abd14f355d053fa56c98768"
dependencies = [
"cpufeatures",
]
[[package]]
name = "khronos-egl"
version = "4.1.0"
@ -4156,14 +4165,15 @@ version = "0.0.1"
[[package]]
name = "prio"
version = "0.12.0"
version = "0.12.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9c2aa1f9faa3fab6f02b54025f411d6f4fcd31765765600db339280e3678ae20"
checksum = "3675d093a7713f2b861f77b16c3c33fadd6de0a69bf7203014d938b9d5daa6f7"
dependencies = [
"base64 0.21.0",
"byteorder",
"getrandom",
"serde",
"sha3",
"static_assertions",
"subtle",
"thiserror",
@ -4806,6 +4816,16 @@ dependencies = [
"digest",
]
[[package]]
name = "sha3"
version = "0.10.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "54c2bb1a323307527314a36bfb73f24febb08ce2b8a554bf4ffd6f51ad15198c"
dependencies = [
"digest",
"keccak",
]
[[package]]
name = "shlex"
version = "1.1.0"

10
supply-chain/audits.toml
Просмотреть файл

@ -1720,6 +1720,11 @@ who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.1.24 -> 0.1.25"
[[audits.keccak]]
who = "Simon Friedberger <simon@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.1.2 -> 0.1.3"
[[audits.libc]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
@ -2703,6 +2708,11 @@ who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.10.2 -> 0.10.6"
[[audits.sha3]]
who = "Simon Friedberger <simon@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.10.6 -> 0.10.7"
[[audits.slab]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"

14
supply-chain/imports.lock
Просмотреть файл

@ -338,8 +338,8 @@ user-login = "dtolnay"
user-name = "David Tolnay"
[[publisher.prio]]
version = "0.12.0"
when = "2023-03-22"
version = "0.12.1"
when = "2023-04-13"
user-id = 101233
user-login = "le-automaton"
@ -1008,11 +1008,21 @@ who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
version = "0.9.0"
[[audits.isrg.audits.keccak]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
version = "0.1.2"
[[audits.isrg.audits.rayon-core]]
who = "Brandon Pitman <bran@bran.land>"
criteria = "safe-to-deploy"
delta = "1.10.2 -> 1.11.0"
[[audits.isrg.audits.sha3]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
version = "0.10.6"
[[audits.mozilla.wildcard-audits.zeitstempel]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"

1
third_party/rust/keccak/.cargo-checksum.json поставляемый Normal file
Просмотреть файл

@ -0,0 +1 @@
{"files":{"CHANGELOG.md":"519077d8febda22a58dea37dd8727ce1d43f80b0e7e0ce8c41f975d35447036a","Cargo.toml":"865b8fa2b24d9e0fd7df61b164e5085468014a0064c51076da5bca42e45fda00","LICENSE":"a2010f343487d3f7618affe54f789f5487602331c0a8d03f49e9a7c547cf0499","LICENSE-APACHE":"a9040321c3712d8fd0b09cf52b17445de04a23a10165049ae187cd39e5c86be5","LICENSE-MIT":"bdebaf9156a298f8fdab56dd26cb5144673de522d80f4c0d88e0039145f147f9","README.md":"d5019a3041489cdff1e85336ad6670bb58f3506b84f183ffd7e63c3ad7edacb5","benches/mod.rs":"365ea169882f866e5834eba3afed44e8f9a884938acaf08abc794e67d3dcd726","src/armv8.rs":"a9147cb9785c4e45b03e96771f43350593275e063c167a7a5b9d9ac789a12d30","src/lib.rs":"f7e8d6e9eb62ba47d69dc705a9b9c7dbb0a07d6d5fc97c6f3e58a4f2db952c7f","src/unroll.rs":"f3bf47bf6e9ab58fe4975723528957cee03c37d3eec80ca8592ca7ea7b5a7855"},"package":"3afef3b6eff9ce9d8ff9b3601125eec7f0c8cbac7abd14f355d053fa56c98768"}

29
third_party/rust/keccak/CHANGELOG.md поставляемый Normal file
Просмотреть файл

@ -0,0 +1,29 @@
# Changelog
All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## 0.1.3 (2022-11-14)
### Added
- ARMv8 SHA3 ASM intrinsics implementation for `keccak_f1600` ([#23])
[#23]: https://github.com/RustCrypto/sponges/pull/23
## 0.1.2 (2022-05-24)
### Changed
- Implement `simd` feature with `portable_simd` instead of deprecated `packed_simd` ([#16])
[#16]: https://github.com/RustCrypto/sponges/pull/16
## 0.1.1 (2022-05-24)
### Added
- Generic keccak-p and keccak-f {200, 400, 800} ([#7])
- f1600x{2, 4, 8} ([#8])
[#7]: https://github.com/RustCrypto/sponges/pull/7
[#8]: https://github.com/RustCrypto/sponges/pull/8
## 0.1.0 (2018-03-27)
- Initial release

42
third_party/rust/keccak/Cargo.toml поставляемый Normal file
Просмотреть файл

@ -0,0 +1,42 @@
# THIS FILE IS AUTOMATICALLY GENERATED BY CARGO
#
# When uploading crates to the registry Cargo will automatically
# "normalize" Cargo.toml files for maximal compatibility
# with all versions of Cargo and also rewrite `path` dependencies
# to registry (e.g., crates.io) dependencies.
#
# If you are reading this file be aware that the original Cargo.toml
# will likely look very different (and much more reasonable).
# See Cargo.toml.orig for the original contents.
[package]
name = "keccak"
version = "0.1.3"
authors = ["RustCrypto Developers"]
description = """
Pure Rust implementation of the Keccak sponge function including the keccak-f
and keccak-p variants
"""
documentation = "https://docs.rs/keccak"
readme = "README.md"
keywords = [
"crypto",
"sponge",
"keccak",
"keccak-f",
"keccak-p",
]
categories = [
"cryptography",
"no-std",
]
license = "Apache-2.0 OR MIT"
repository = "https://github.com/RustCrypto/sponges/tree/master/keccak"
[features]
asm = []
no_unroll = []
simd = []
[target."cfg(target_arch = \"aarch64\")".dependencies.cpufeatures]
version = "0.2"

121
third_party/rust/keccak/LICENSE поставляемый Normal file
Просмотреть файл

@ -0,0 +1,121 @@
Creative Commons Legal Code
CC0 1.0 Universal
CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE
LEGAL SERVICES. DISTRIBUTION OF THIS DOCUMENT DOES NOT CREATE AN
ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS
INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES
REGARDING THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS
PROVIDED HEREUNDER, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM
THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS PROVIDED
HEREUNDER.
Statement of Purpose
The laws of most jurisdictions throughout the world automatically confer
exclusive Copyright and Related Rights (defined below) upon the creator
and subsequent owner(s) (each and all, an "owner") of an original work of
authorship and/or a database (each, a "Work").
Certain owners wish to permanently relinquish those rights to a Work for
the purpose of contributing to a commons of creative, cultural and
scientific works ("Commons") that the public can reliably and without fear
of later claims of infringement build upon, modify, incorporate in other
works, reuse and redistribute as freely as possible in any form whatsoever
and for any purposes, including without limitation commercial purposes.
These owners may contribute to the Commons to promote the ideal of a free
culture and the further production of creative, cultural and scientific
works, or to gain reputation or greater distribution for their Work in
part through the use and efforts of others.
For these and/or other purposes and motivations, and without any
expectation of additional consideration or compensation, the person
associating CC0 with a Work (the "Affirmer"), to the extent that he or she
is an owner of Copyright and Related Rights in the Work, voluntarily
elects to apply CC0 to the Work and publicly distribute the Work under its
terms, with knowledge of his or her Copyright and Related Rights in the
Work and the meaning and intended legal effect of CC0 on those rights.
1. Copyright and Related Rights. A Work made available under CC0 may be
protected by copyright and related or neighboring rights ("Copyright and
Related Rights"). Copyright and Related Rights include, but are not
limited to, the following:
i. the right to reproduce, adapt, distribute, perform, display,
communicate, and translate a Work;
ii. moral rights retained by the original author(s) and/or performer(s);
iii. publicity and privacy rights pertaining to a person's image or
likeness depicted in a Work;
iv. rights protecting against unfair competition in regards to a Work,
subject to the limitations in paragraph 4(a), below;
v. rights protecting the extraction, dissemination, use and reuse of data
in a Work;
vi. database rights (such as those arising under Directive 96/9/EC of the
European Parliament and of the Council of 11 March 1996 on the legal
protection of databases, and under any national implementation
thereof, including any amended or successor version of such
directive); and
vii. other similar, equivalent or corresponding rights throughout the
world based on applicable law or treaty, and any national
implementations thereof.
2. Waiver. To the greatest extent permitted by, but not in contravention
of, applicable law, Affirmer hereby overtly, fully, permanently,
irrevocably and unconditionally waives, abandons, and surrenders all of
Affirmer's Copyright and Related Rights and associated claims and causes
of action, whether now known or unknown (including existing as well as
future claims and causes of action), in the Work (i) in all territories
worldwide, (ii) for the maximum duration provided by applicable law or
treaty (including future time extensions), (iii) in any current or future
medium and for any number of copies, and (iv) for any purpose whatsoever,
including without limitation commercial, advertising or promotional
purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each
member of the public at large and to the detriment of Affirmer's heirs and
successors, fully intending that such Waiver shall not be subject to
revocation, rescission, cancellation, termination, or any other legal or
equitable action to disrupt the quiet enjoyment of the Work by the public
as contemplated by Affirmer's express Statement of Purpose.
3. Public License Fallback. Should any part of the Waiver for any reason
be judged legally invalid or ineffective under applicable law, then the
Waiver shall be preserved to the maximum extent permitted taking into
account Affirmer's express Statement of Purpose. In addition, to the
extent the Waiver is so judged Affirmer hereby grants to each affected
person a royalty-free, non transferable, non sublicensable, non exclusive,
irrevocable and unconditional license to exercise Affirmer's Copyright and
Related Rights in the Work (i) in all territories worldwide, (ii) for the
maximum duration provided by applicable law or treaty (including future
time extensions), (iii) in any current or future medium and for any number
of copies, and (iv) for any purpose whatsoever, including without
limitation commercial, advertising or promotional purposes (the
"License"). The License shall be deemed effective as of the date CC0 was
applied by Affirmer to the Work. Should any part of the License for any
reason be judged legally invalid or ineffective under applicable law, such
partial invalidity or ineffectiveness shall not invalidate the remainder
of the License, and in such case Affirmer hereby affirms that he or she
will not (i) exercise any of his or her remaining Copyright and Related
Rights in the Work or (ii) assert any associated claims and causes of
action with respect to the Work, in either case contrary to Affirmer's
express Statement of Purpose.
4. Limitations and Disclaimers.
a. No trademark or patent rights held by Affirmer are waived, abandoned,
surrendered, licensed or otherwise affected by this document.
b. Affirmer offers the Work as-is and makes no representations or
warranties of any kind concerning the Work, express, implied,
statutory or otherwise, including without limitation warranties of
title, merchantability, fitness for a particular purpose, non
infringement, or the absence of latent or other defects, accuracy, or
the present or absence of errors, whether or not discoverable, all to
the greatest extent permissible under applicable law.
c. Affirmer disclaims responsibility for clearing rights of other persons
that may apply to the Work or any use thereof, including without
limitation any person's Copyright and Related Rights in the Work.
Further, Affirmer disclaims responsibility for obtaining any necessary
consents, permissions or other rights required for any use of the
Work.
d. Affirmer understands and acknowledges that Creative Commons is not a
party to this document and has no duty or obligation with respect to
this CC0 or use of the Work.

201
third_party/rust/keccak/LICENSE-APACHE поставляемый Normal file
Просмотреть файл

@ -0,0 +1,201 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

25
third_party/rust/keccak/LICENSE-MIT поставляемый Normal file
Просмотреть файл

@ -0,0 +1,25 @@
Copyright (c) 2018-2022 RustCrypto Developers
Permission is hereby granted, free of charge, to any
person obtaining a copy of this software and associated
documentation files (the "Software"), to deal in the
Software without restriction, including without
limitation the rights to use, copy, modify, merge,
publish, distribute, sublicense, and/or sell copies of
the Software, and to permit persons to whom the Software
is furnished to do so, subject to the following
conditions:
The above copyright notice and this permission notice
shall be included in all copies or substantial portions
of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF
ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED
TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT
SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR
IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
DEALINGS IN THE SOFTWARE.

66
third_party/rust/keccak/README.md поставляемый Normal file
Просмотреть файл

@ -0,0 +1,66 @@
# RustCrypto: Keccak Sponge Function
[![crate][crate-image]][crate-link]
[![Docs][docs-image]][docs-link]
[![Build Status][build-image]][build-link]
![Apache2/MIT licensed][license-image]
![Rust Version][rustc-image]
[![Project Chat][chat-image]][chat-link]
Pure Rust implementation of the [Keccak Sponge Function][1] including the keccak-f
and keccak-p variants.
[Documentation][docs-link]
## About
This crate implements the core Keccak sponge function, upon which many other
cryptographic functions are built.
For the SHA-3 family including the SHAKE XOFs, see the [`sha3`] crate, which
is built on this crate.
## Minimum Supported Rust Version
Rust **1.41** or higher by default, or **1.59** with the `asm` feature enabled.
Minimum supported Rust version can be changed in the future, but it will be
done with a minor version bump.
## SemVer Policy
- All on-by-default features of this library are covered by SemVer
- MSRV is considered exempt from SemVer as noted above
## License
Licensed under either of:
* [Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0)
* [MIT license](http://opensource.org/licenses/MIT)
at your option.
### Contribution
Unless you explicitly state otherwise, any contribution intentionally submitted
for inclusion in the work by you, as defined in the Apache-2.0 license, shall be
dual licensed as above, without any additional terms or conditions.
[//]: # (badges)
[crate-image]: https://img.shields.io/crates/v/keccak.svg
[crate-link]: https://crates.io/crates/keccak
[docs-image]: https://docs.rs/keccak/badge.svg
[docs-link]: https://docs.rs/keccak/
[license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg
[rustc-image]: https://img.shields.io/badge/rustc-1.41+-blue.svg
[chat-image]: https://img.shields.io/badge/zulip-join_chat-blue.svg
[chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/260041-hashes
[build-image]: https://github.com/RustCrypto/sponges/actions/workflows/keccak.yml/badge.svg
[build-link]: https://github.com/RustCrypto/sponges/actions/workflows/keccak.yml
[//]: # (general links)
[1]: https://keccak.team/keccak.html
[`sha3`]: https://github.com/RustCrypto/hashes/tree/master/sha3

31
third_party/rust/keccak/benches/mod.rs поставляемый Normal file
Просмотреть файл

@ -0,0 +1,31 @@
#![feature(test)]
#![cfg_attr(feature = "simd", feature(portable_simd))]
extern crate keccak;
extern crate test;
use keccak::{f1600, f200, f400, f800};
macro_rules! impl_bench {
($name:ident, $fn:ident, $type:expr) => {
#[bench]
fn $name(b: &mut test::Bencher) {
let mut data = [$type; 25];
b.iter(|| $fn(&mut data));
}
};
}
impl_bench!(b_f200, f200, 0u8);
impl_bench!(b_f400, f400, 0u16);
impl_bench!(b_f800, f800, 0u32);
impl_bench!(b_f1600, f1600, 0u64);
#[cfg(feature = "simd")]
mod simd {
use keccak::simd::{f1600x2, f1600x4, f1600x8, u64x2, u64x4, u64x8};
impl_bench!(b_f1600x2, f1600x2, u64x2::splat(0));
impl_bench!(b_f1600x4, f1600x4, u64x4::splat(0));
impl_bench!(b_f1600x8, f1600x8, u64x8::splat(0));
}

193
third_party/rust/keccak/src/armv8.rs поставляемый Normal file
Просмотреть файл

@ -0,0 +1,193 @@
/// Keccak-f1600 on ARMv8.4-A with FEAT_SHA3.
///
/// See p. K12.2.2 p. 11,749 of the ARM Reference manual.
/// Adapted from the Keccak-f1600 implementation in the XKCP/K12.
/// see <https://github.com/XKCP/K12/blob/df6a21e6d1f34c1aa36e8d702540899c97dba5a0/lib/ARMv8Asha3/KeccakP-1600-ARMv8Asha3.S#L69>
#[target_feature(enable = "sha3")]
pub unsafe fn f1600_armv8_sha3_asm(state: &mut [u64; 25]) {
core::arch::asm!("
// Read state
ld1.1d {{ v0- v3}}, [x0], #32
ld1.1d {{ v4- v7}}, [x0], #32
ld1.1d {{ v8-v11}}, [x0], #32
ld1.1d {{v12-v15}}, [x0], #32
ld1.1d {{v16-v19}}, [x0], #32
ld1.1d {{v20-v23}}, [x0], #32
ld1.1d {{v24}}, [x0]
sub x0, x0, #192
// Loop 24 rounds
// NOTE: This loop actually computes two f1600 functions in
// parallel, in both the lower and the upper 64-bit of the
// 128-bit registers v0-v24.
mov x8, #24
0: sub x8, x8, #1
// Theta Calculations
eor3.16b v25, v20, v15, v10
eor3.16b v26, v21, v16, v11
eor3.16b v27, v22, v17, v12
eor3.16b v28, v23, v18, v13
eor3.16b v29, v24, v19, v14
eor3.16b v25, v25, v5, v0
eor3.16b v26, v26, v6, v1
eor3.16b v27, v27, v7, v2
eor3.16b v28, v28, v8, v3
eor3.16b v29, v29, v9, v4
rax1.2d v30, v25, v27
rax1.2d v31, v26, v28
rax1.2d v27, v27, v29
rax1.2d v28, v28, v25
rax1.2d v29, v29, v26
// Rho and Phi
eor.16b v0, v0, v29
xar.2d v25, v1, v30, #64 - 1
xar.2d v1, v6, v30, #64 - 44
xar.2d v6, v9, v28, #64 - 20
xar.2d v9, v22, v31, #64 - 61
xar.2d v22, v14, v28, #64 - 39
xar.2d v14, v20, v29, #64 - 18
xar.2d v26, v2, v31, #64 - 62
xar.2d v2, v12, v31, #64 - 43
xar.2d v12, v13, v27, #64 - 25
xar.2d v13, v19, v28, #64 - 8
xar.2d v19, v23, v27, #64 - 56
xar.2d v23, v15, v29, #64 - 41
xar.2d v15, v4, v28, #64 - 27
xar.2d v28, v24, v28, #64 - 14
xar.2d v24, v21, v30, #64 - 2
xar.2d v8, v8, v27, #64 - 55
xar.2d v4, v16, v30, #64 - 45
xar.2d v16, v5, v29, #64 - 36
xar.2d v5, v3, v27, #64 - 28
xar.2d v27, v18, v27, #64 - 21
xar.2d v3, v17, v31, #64 - 15
xar.2d v30, v11, v30, #64 - 10
xar.2d v31, v7, v31, #64 - 6
xar.2d v29, v10, v29, #64 - 3
// Chi and Iota
bcax.16b v20, v26, v22, v8
bcax.16b v21, v8, v23, v22
bcax.16b v22, v22, v24, v23
bcax.16b v23, v23, v26, v24
bcax.16b v24, v24, v8, v26
ld1r.2d {{v26}}, [x1], #8
bcax.16b v17, v30, v19, v3
bcax.16b v18, v3, v15, v19
bcax.16b v19, v19, v16, v15
bcax.16b v15, v15, v30, v16
bcax.16b v16, v16, v3, v30
bcax.16b v10, v25, v12, v31
bcax.16b v11, v31, v13, v12
bcax.16b v12, v12, v14, v13
bcax.16b v13, v13, v25, v14
bcax.16b v14, v14, v31, v25
bcax.16b v7, v29, v9, v4
bcax.16b v8, v4, v5, v9
bcax.16b v9, v9, v6, v5
bcax.16b v5, v5, v29, v6
bcax.16b v6, v6, v4, v29
bcax.16b v3, v27, v0, v28
bcax.16b v4, v28, v1, v0
bcax.16b v0, v0, v2, v1
bcax.16b v1, v1, v27, v2
bcax.16b v2, v2, v28, v27
eor.16b v0,v0,v26
// Rounds loop
cbnz w8, 0b
// Write state
st1.1d {{ v0- v3}}, [x0], #32
st1.1d {{ v4- v7}}, [x0], #32
st1.1d {{ v8-v11}}, [x0], #32
st1.1d {{v12-v15}}, [x0], #32
st1.1d {{v16-v19}}, [x0], #32
st1.1d {{v20-v23}}, [x0], #32
st1.1d {{v24}}, [x0]
",
in("x0") state.as_mut_ptr(),
in("x1") crate::RC.as_ptr(),
clobber_abi("C"),
options(nostack)
);
}
#[cfg(all(test, target_feature = "sha3"))]
mod tests {
use super::*;
#[test]
fn test_keccak_f1600() {
// Test vectors are copied from XKCP (eXtended Keccak Code Package)
// https://github.com/XKCP/XKCP/blob/master/tests/TestVectors/KeccakF-1600-IntermediateValues.txt
let state_first = [
0xF1258F7940E1DDE7,
0x84D5CCF933C0478A,
0xD598261EA65AA9EE,
0xBD1547306F80494D,
0x8B284E056253D057,
0xFF97A42D7F8E6FD4,
0x90FEE5A0A44647C4,
0x8C5BDA0CD6192E76,
0xAD30A6F71B19059C,
0x30935AB7D08FFC64,
0xEB5AA93F2317D635,
0xA9A6E6260D712103,
0x81A57C16DBCF555F,
0x43B831CD0347C826,
0x01F22F1A11A5569F,
0x05E5635A21D9AE61,
0x64BEFEF28CC970F2,
0x613670957BC46611,
0xB87C5A554FD00ECB,
0x8C3EE88A1CCF32C8,
0x940C7922AE3A2614,
0x1841F924A2C509E4,
0x16F53526E70465C2,
0x75F644E97F30A13B,
0xEAF1FF7B5CECA249,
];
let state_second = [
0x2D5C954DF96ECB3C,
0x6A332CD07057B56D,
0x093D8D1270D76B6C,
0x8A20D9B25569D094,
0x4F9C4F99E5E7F156,
0xF957B9A2DA65FB38,
0x85773DAE1275AF0D,
0xFAF4F247C3D810F7,
0x1F1B9EE6F79A8759,
0xE4FECC0FEE98B425,
0x68CE61B6B9CE68A1,
0xDEEA66C4BA8F974F,
0x33C43D836EAFB1F5,
0xE00654042719DBD9,
0x7CF8A9F009831265,
0xFD5449A6BF174743,
0x97DDAD33D8994B40,
0x48EAD5FC5D0BE774,
0xE3B8C8EE55B7B03C,
0x91A0226E649E42E9,
0x900E3129E7BADD7B,
0x202A9EC5FAA3CCE8,
0x5B3402464E1C3DB6,
0x609F4E62A44C1059,
0x20D06CD26A8FBF5C,
];
let mut state = [0u64; 25];
unsafe { keccak_f1600(&mut state) };
assert_eq!(state, state_first);
unsafe { keccak_f1600(&mut state) };
assert_eq!(state, state_second);
}
}

460
third_party/rust/keccak/src/lib.rs поставляемый Normal file
Просмотреть файл

@ -0,0 +1,460 @@
//! Keccak [sponge function](https://en.wikipedia.org/wiki/Sponge_function).
//!
//! If you are looking for SHA-3 hash functions take a look at [`sha3`][1] and
//! [`tiny-keccak`][2] crates.
//!
//! To disable loop unrolling (e.g. for constraint targets) use `no_unroll`
//! feature.
//!
//! ```
//! // Test vectors are from KeccakCodePackage
//! let mut data = [0u64; 25];
//!
//! keccak::f1600(&mut data);
//! assert_eq!(data, [
//! 0xF1258F7940E1DDE7, 0x84D5CCF933C0478A, 0xD598261EA65AA9EE, 0xBD1547306F80494D,
//! 0x8B284E056253D057, 0xFF97A42D7F8E6FD4, 0x90FEE5A0A44647C4, 0x8C5BDA0CD6192E76,
//! 0xAD30A6F71B19059C, 0x30935AB7D08FFC64, 0xEB5AA93F2317D635, 0xA9A6E6260D712103,
//! 0x81A57C16DBCF555F, 0x43B831CD0347C826, 0x01F22F1A11A5569F, 0x05E5635A21D9AE61,
//! 0x64BEFEF28CC970F2, 0x613670957BC46611, 0xB87C5A554FD00ECB, 0x8C3EE88A1CCF32C8,
//! 0x940C7922AE3A2614, 0x1841F924A2C509E4, 0x16F53526E70465C2, 0x75F644E97F30A13B,
//! 0xEAF1FF7B5CECA249,
//! ]);
//!
//! keccak::f1600(&mut data);
//! assert_eq!(data, [
//! 0x2D5C954DF96ECB3C, 0x6A332CD07057B56D, 0x093D8D1270D76B6C, 0x8A20D9B25569D094,
//! 0x4F9C4F99E5E7F156, 0xF957B9A2DA65FB38, 0x85773DAE1275AF0D, 0xFAF4F247C3D810F7,
//! 0x1F1B9EE6F79A8759, 0xE4FECC0FEE98B425, 0x68CE61B6B9CE68A1, 0xDEEA66C4BA8F974F,
//! 0x33C43D836EAFB1F5, 0xE00654042719DBD9, 0x7CF8A9F009831265, 0xFD5449A6BF174743,
//! 0x97DDAD33D8994B40, 0x48EAD5FC5D0BE774, 0xE3B8C8EE55B7B03C, 0x91A0226E649E42E9,
//! 0x900E3129E7BADD7B, 0x202A9EC5FAA3CCE8, 0x5B3402464E1C3DB6, 0x609F4E62A44C1059,
//! 0x20D06CD26A8FBF5C,
//! ]);
//! ```
//!
//! [1]: https://docs.rs/sha3
//! [2]: https://docs.rs/tiny-keccak
#![no_std]
#![allow(non_upper_case_globals)]
#![cfg_attr(feature = "simd", feature(portable_simd))]
use core::{
convert::TryInto,
fmt::Debug,
mem::size_of,
ops::{BitAnd, BitAndAssign, BitXor, BitXorAssign, Not},
};
#[rustfmt::skip]
mod unroll;
#[cfg(all(target_arch = "aarch64", feature = "asm"))]
mod armv8;
#[cfg(all(target_arch = "aarch64", feature = "asm"))]
cpufeatures::new!(armv8_sha3_intrinsics, "sha3");
const PLEN: usize = 25;
const RHO: [u32; 24] = [
1, 3, 6, 10, 15, 21, 28, 36, 45, 55, 2, 14, 27, 41, 56, 8, 25, 43, 62, 18, 39, 61, 20, 44,
];
const PI: [usize; 24] = [
10, 7, 11, 17, 18, 3, 5, 16, 8, 21, 24, 4, 15, 23, 19, 13, 12, 2, 20, 14, 22, 9, 6, 1,
];
const RC: [u64; 24] = [
0x0000000000000001,
0x0000000000008082,
0x800000000000808a,
0x8000000080008000,
0x000000000000808b,
0x0000000080000001,
0x8000000080008081,
0x8000000000008009,
0x000000000000008a,
0x0000000000000088,
0x0000000080008009,
0x000000008000000a,
0x000000008000808b,
0x800000000000008b,
0x8000000000008089,
0x8000000000008003,
0x8000000000008002,
0x8000000000000080,
0x000000000000800a,
0x800000008000000a,
0x8000000080008081,
0x8000000000008080,
0x0000000080000001,
0x8000000080008008,
];
pub trait LaneSize:
Copy
+ Clone
+ Debug
+ Default
+ PartialEq
+ BitAndAssign
+ BitAnd<Output = Self>
+ BitXorAssign
+ BitXor<Output = Self>
+ Not<Output = Self>
{
const KECCAK_F_ROUND_COUNT: usize;
fn truncate_rc(rc: u64) -> Self;
fn rotate_left(self, n: u32) -> Self;
}
macro_rules! impl_lanesize {
($type:ty, $round:expr, $truncate:expr) => {
impl LaneSize for $type {
const KECCAK_F_ROUND_COUNT: usize = $round;
fn truncate_rc(rc: u64) -> Self {
$truncate(rc)
}
fn rotate_left(self, n: u32) -> Self {
self.rotate_left(n)
}
}
};
}
impl_lanesize!(u8, 18, |rc: u64| { rc.to_le_bytes()[0] });
impl_lanesize!(u16, 20, |rc: u64| {
let tmp = rc.to_le_bytes();
Self::from_le_bytes(tmp[..size_of::<Self>()].try_into().unwrap())
});
impl_lanesize!(u32, 22, |rc: u64| {
let tmp = rc.to_le_bytes();
Self::from_le_bytes(tmp[..size_of::<Self>()].try_into().unwrap())
});
impl_lanesize!(u64, 24, |rc: u64| { rc });
macro_rules! impl_keccak {
($name:ident, $type:ty) => {
/// Keccak-f sponge function
pub fn $name(state: &mut [$type; PLEN]) {
keccak_p(state, <$type>::KECCAK_F_ROUND_COUNT);
}
};
}
impl_keccak!(f200, u8);
impl_keccak!(f400, u16);
impl_keccak!(f800, u32);
#[cfg(not(all(target_arch = "aarch64", feature = "asm")))]
impl_keccak!(f1600, u64);
#[cfg(all(target_arch = "aarch64", feature = "asm"))]
pub fn f1600(state: &mut [u64; PLEN]) {
if armv8_sha3_intrinsics::get() {
unsafe { armv8::f1600_armv8_sha3_asm(state) }
} else {
keccak_p(state, u64::KECCAK_F_ROUND_COUNT);
}
}
#[cfg(feature = "simd")]
/// SIMD implementations for Keccak-f1600 sponge function
pub mod simd {
pub use core::simd::{u64x2, u64x4, u64x8};
use {keccak_p, LaneSize, PLEN};
macro_rules! impl_lanesize_simd_u64xn {
($type:ty) => {
impl LaneSize for $type {
const KECCAK_F_ROUND_COUNT: usize = 24;
fn truncate_rc(rc: u64) -> Self {
Self::splat(rc)
}
fn rotate_left(self, n: u32) -> Self {
self << Self::splat(n.into()) | self >> Self::splat((64 - n).into())
}
}
};
}
impl_lanesize_simd_u64xn!(u64x2);
impl_lanesize_simd_u64xn!(u64x4);
impl_lanesize_simd_u64xn!(u64x8);
impl_keccak!(f1600x2, u64x2);
impl_keccak!(f1600x4, u64x4);
impl_keccak!(f1600x8, u64x8);
}
#[allow(unused_assignments)]
/// Generic Keccak-p sponge function
pub fn keccak_p<L: LaneSize>(state: &mut [L; PLEN], round_count: usize) {
if round_count > L::KECCAK_F_ROUND_COUNT {
panic!("A round_count greater than KECCAK_F_ROUND_COUNT is not supported!");
}
// https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf#page=25
// "the rounds of KECCAK-p[b, nr] match the last rounds of KECCAK-f[b]"
let round_consts = &RC[(L::KECCAK_F_ROUND_COUNT - round_count)..L::KECCAK_F_ROUND_COUNT];
// not unrolling this loop results in a much smaller function, plus
// it positively influences performance due to the smaller load on I-cache
for &rc in round_consts {
let mut array = [L::default(); 5];
// Theta
unroll5!(x, {
unroll5!(y, {
array[x] ^= state[5 * y + x];
});
});
unroll5!(x, {
unroll5!(y, {
let t1 = array[(x + 4) % 5];
let t2 = array[(x + 1) % 5].rotate_left(1);
state[5 * y + x] ^= t1 ^ t2;
});
});
// Rho and pi
let mut last = state[1];
unroll24!(x, {
array[0] = state[PI[x]];
state[PI[x]] = last.rotate_left(RHO[x]);
last = array[0];
});
// Chi
unroll5!(y_step, {
let y = 5 * y_step;
unroll5!(x, {
array[x] = state[y + x];
});
unroll5!(x, {
let t1 = !array[(x + 1) % 5];
let t2 = array[(x + 2) % 5];
state[y + x] = array[x] ^ (t1 & t2);
});
});
// Iota
state[0] ^= L::truncate_rc(rc);
}
}
#[cfg(test)]
mod tests {
use {keccak_p, LaneSize, PLEN};
fn keccak_f<L: LaneSize>(state_first: [L; PLEN], state_second: [L; PLEN]) {
let mut state = [L::default(); PLEN];
keccak_p(&mut state, L::KECCAK_F_ROUND_COUNT);
assert_eq!(state, state_first);
keccak_p(&mut state, L::KECCAK_F_ROUND_COUNT);
assert_eq!(state, state_second);
}
#[test]
fn keccak_f200() {
// Test vectors are copied from XKCP (eXtended Keccak Code Package)
// https://github.com/XKCP/XKCP/blob/master/tests/TestVectors/KeccakF-200-IntermediateValues.txt
let state_first = [
0x3C, 0x28, 0x26, 0x84, 0x1C, 0xB3, 0x5C, 0x17, 0x1E, 0xAA, 0xE9, 0xB8, 0x11, 0x13,
0x4C, 0xEA, 0xA3, 0x85, 0x2C, 0x69, 0xD2, 0xC5, 0xAB, 0xAF, 0xEA,
];
let state_second = [
0x1B, 0xEF, 0x68, 0x94, 0x92, 0xA8, 0xA5, 0x43, 0xA5, 0x99, 0x9F, 0xDB, 0x83, 0x4E,
0x31, 0x66, 0xA1, 0x4B, 0xE8, 0x27, 0xD9, 0x50, 0x40, 0x47, 0x9E,
];
keccak_f::<u8>(state_first, state_second);
}
#[test]
fn keccak_f400() {
// Test vectors are copied from XKCP (eXtended Keccak Code Package)
// https://github.com/XKCP/XKCP/blob/master/tests/TestVectors/KeccakF-400-IntermediateValues.txt
let state_first = [
0x09F5, 0x40AC, 0x0FA9, 0x14F5, 0xE89F, 0xECA0, 0x5BD1, 0x7870, 0xEFF0, 0xBF8F, 0x0337,
0x6052, 0xDC75, 0x0EC9, 0xE776, 0x5246, 0x59A1, 0x5D81, 0x6D95, 0x6E14, 0x633E, 0x58EE,
0x71FF, 0x714C, 0xB38E,
];
let state_second = [
0xE537, 0xD5D6, 0xDBE7, 0xAAF3, 0x9BC7, 0xCA7D, 0x86B2, 0xFDEC, 0x692C, 0x4E5B, 0x67B1,
0x15AD, 0xA7F7, 0xA66F, 0x67FF, 0x3F8A, 0x2F99, 0xE2C2, 0x656B, 0x5F31, 0x5BA6, 0xCA29,
0xC224, 0xB85C, 0x097C,
];
keccak_f::<u16>(state_first, state_second);
}
#[test]
fn keccak_f800() {
// Test vectors are copied from XKCP (eXtended Keccak Code Package)
// https://github.com/XKCP/XKCP/blob/master/tests/TestVectors/KeccakF-800-IntermediateValues.txt
let state_first = [
0xE531D45D, 0xF404C6FB, 0x23A0BF99, 0xF1F8452F, 0x51FFD042, 0xE539F578, 0xF00B80A7,
0xAF973664, 0xBF5AF34C, 0x227A2424, 0x88172715, 0x9F685884, 0xB15CD054, 0x1BF4FC0E,
0x6166FA91, 0x1A9E599A, 0xA3970A1F, 0xAB659687, 0xAFAB8D68, 0xE74B1015, 0x34001A98,
0x4119EFF3, 0x930A0E76, 0x87B28070, 0x11EFE996,
];
let state_second = [
0x75BF2D0D, 0x9B610E89, 0xC826AF40, 0x64CD84AB, 0xF905BDD6, 0xBC832835, 0x5F8001B9,
0x15662CCE, 0x8E38C95E, 0x701FE543, 0x1B544380, 0x89ACDEFF, 0x51EDB5DE, 0x0E9702D9,
0x6C19AA16, 0xA2913EEE, 0x60754E9A, 0x9819063C, 0xF4709254, 0xD09F9084, 0x772DA259,
0x1DB35DF7, 0x5AA60162, 0x358825D5, 0xB3783BAB,
];
keccak_f::<u32>(state_first, state_second);
}
#[test]
fn keccak_f1600() {
// Test vectors are copied from XKCP (eXtended Keccak Code Package)
// https://github.com/XKCP/XKCP/blob/master/tests/TestVectors/KeccakF-1600-IntermediateValues.txt
let state_first = [
0xF1258F7940E1DDE7,
0x84D5CCF933C0478A,
0xD598261EA65AA9EE,
0xBD1547306F80494D,
0x8B284E056253D057,
0xFF97A42D7F8E6FD4,
0x90FEE5A0A44647C4,
0x8C5BDA0CD6192E76,
0xAD30A6F71B19059C,
0x30935AB7D08FFC64,
0xEB5AA93F2317D635,
0xA9A6E6260D712103,
0x81A57C16DBCF555F,
0x43B831CD0347C826,
0x01F22F1A11A5569F,
0x05E5635A21D9AE61,
0x64BEFEF28CC970F2,
0x613670957BC46611,
0xB87C5A554FD00ECB,
0x8C3EE88A1CCF32C8,
0x940C7922AE3A2614,
0x1841F924A2C509E4,
0x16F53526E70465C2,
0x75F644E97F30A13B,
0xEAF1FF7B5CECA249,
];
let state_second = [
0x2D5C954DF96ECB3C,
0x6A332CD07057B56D,
0x093D8D1270D76B6C,
0x8A20D9B25569D094,
0x4F9C4F99E5E7F156,
0xF957B9A2DA65FB38,
0x85773DAE1275AF0D,
0xFAF4F247C3D810F7,
0x1F1B9EE6F79A8759,
0xE4FECC0FEE98B425,
0x68CE61B6B9CE68A1,
0xDEEA66C4BA8F974F,
0x33C43D836EAFB1F5,
0xE00654042719DBD9,
0x7CF8A9F009831265,
0xFD5449A6BF174743,
0x97DDAD33D8994B40,
0x48EAD5FC5D0BE774,
0xE3B8C8EE55B7B03C,
0x91A0226E649E42E9,
0x900E3129E7BADD7B,
0x202A9EC5FAA3CCE8,
0x5B3402464E1C3DB6,
0x609F4E62A44C1059,
0x20D06CD26A8FBF5C,
];
keccak_f::<u64>(state_first, state_second);
}
#[cfg(feature = "simd")]
mod simd {
use simd::{u64x2, u64x4, u64x8};
use tests::keccak_f;
macro_rules! impl_keccak_f1600xn {
($name:ident, $type:ty) => {
#[test]
fn $name() {
// Test vectors are copied from XKCP (eXtended Keccak Code Package)
// https://github.com/XKCP/XKCP/blob/master/tests/TestVectors/KeccakF-1600-IntermediateValues.txt
let state_first = [
<$type>::splat(0xF1258F7940E1DDE7),
<$type>::splat(0x84D5CCF933C0478A),
<$type>::splat(0xD598261EA65AA9EE),
<$type>::splat(0xBD1547306F80494D),
<$type>::splat(0x8B284E056253D057),
<$type>::splat(0xFF97A42D7F8E6FD4),
<$type>::splat(0x90FEE5A0A44647C4),
<$type>::splat(0x8C5BDA0CD6192E76),
<$type>::splat(0xAD30A6F71B19059C),
<$type>::splat(0x30935AB7D08FFC64),
<$type>::splat(0xEB5AA93F2317D635),
<$type>::splat(0xA9A6E6260D712103),
<$type>::splat(0x81A57C16DBCF555F),
<$type>::splat(0x43B831CD0347C826),
<$type>::splat(0x01F22F1A11A5569F),
<$type>::splat(0x05E5635A21D9AE61),
<$type>::splat(0x64BEFEF28CC970F2),
<$type>::splat(0x613670957BC46611),
<$type>::splat(0xB87C5A554FD00ECB),
<$type>::splat(0x8C3EE88A1CCF32C8),
<$type>::splat(0x940C7922AE3A2614),
<$type>::splat(0x1841F924A2C509E4),
<$type>::splat(0x16F53526E70465C2),
<$type>::splat(0x75F644E97F30A13B),
<$type>::splat(0xEAF1FF7B5CECA249),
];
let state_second = [
<$type>::splat(0x2D5C954DF96ECB3C),
<$type>::splat(0x6A332CD07057B56D),
<$type>::splat(0x093D8D1270D76B6C),
<$type>::splat(0x8A20D9B25569D094),
<$type>::splat(0x4F9C4F99E5E7F156),
<$type>::splat(0xF957B9A2DA65FB38),
<$type>::splat(0x85773DAE1275AF0D),
<$type>::splat(0xFAF4F247C3D810F7),
<$type>::splat(0x1F1B9EE6F79A8759),
<$type>::splat(0xE4FECC0FEE98B425),
<$type>::splat(0x68CE61B6B9CE68A1),
<$type>::splat(0xDEEA66C4BA8F974F),
<$type>::splat(0x33C43D836EAFB1F5),
<$type>::splat(0xE00654042719DBD9),
<$type>::splat(0x7CF8A9F009831265),
<$type>::splat(0xFD5449A6BF174743),
<$type>::splat(0x97DDAD33D8994B40),
<$type>::splat(0x48EAD5FC5D0BE774),
<$type>::splat(0xE3B8C8EE55B7B03C),
<$type>::splat(0x91A0226E649E42E9),
<$type>::splat(0x900E3129E7BADD7B),
<$type>::splat(0x202A9EC5FAA3CCE8),
<$type>::splat(0x5B3402464E1C3DB6),
<$type>::splat(0x609F4E62A44C1059),
<$type>::splat(0x20D06CD26A8FBF5C),
];
keccak_f::<$type>(state_first, state_second);
}
};
}
impl_keccak_f1600xn!(keccak_f1600x2, u64x2);
impl_keccak_f1600xn!(keccak_f1600x4, u64x4);
impl_keccak_f1600xn!(keccak_f1600x8, u64x8);
}
}

58
third_party/rust/keccak/src/unroll.rs поставляемый Normal file
Просмотреть файл

@ -0,0 +1,58 @@
#[cfg(not(feature = "no_unroll"))]
#[macro_export]
macro_rules! unroll5 {
($var:ident, $body:block) => {
{ const $var: usize = 0; $body; }
{ const $var: usize = 1; $body; }
{ const $var: usize = 2; $body; }
{ const $var: usize = 3; $body; }
{ const $var: usize = 4; $body; }
};
}
#[cfg(feature = "no_unroll")]
#[macro_export]
macro_rules! unroll5 {
($var:ident, $body:block) => {
for $var in 0..5 $body
}
}
#[cfg(not(feature = "no_unroll"))]
#[macro_export]
macro_rules! unroll24 {
($var: ident, $body: block) => {
{ const $var: usize = 0; $body; }
{ const $var: usize = 1; $body; }
{ const $var: usize = 2; $body; }
{ const $var: usize = 3; $body; }
{ const $var: usize = 4; $body; }
{ const $var: usize = 5; $body; }
{ const $var: usize = 6; $body; }
{ const $var: usize = 7; $body; }
{ const $var: usize = 8; $body; }
{ const $var: usize = 9; $body; }
{ const $var: usize = 10; $body; }
{ const $var: usize = 11; $body; }
{ const $var: usize = 12; $body; }
{ const $var: usize = 13; $body; }
{ const $var: usize = 14; $body; }
{ const $var: usize = 15; $body; }
{ const $var: usize = 16; $body; }
{ const $var: usize = 17; $body; }
{ const $var: usize = 18; $body; }
{ const $var: usize = 19; $body; }
{ const $var: usize = 20; $body; }
{ const $var: usize = 21; $body; }
{ const $var: usize = 22; $body; }
{ const $var: usize = 23; $body; }
};
}
#[cfg(feature = "no_unroll")]
#[macro_export]
macro_rules! unroll24 {
($var:ident, $body:block) => {
for $var in 0..24 $body
}
}

2
third_party/rust/prio/.cargo-checksum.json поставляемый
Просмотреть файл

@ -1 +1 @@
{"files":{"Cargo.lock":"af94ff6b7e383cc332be7e4967003b66a61067eb0af757cf9b128450ab3a493a","Cargo.toml":"d07e69645ee06eee17eadeff6b20d530ba82ecf1ff3285f46e0beafb07d6d0fc","LICENSE":"5f5a5db8d4baa0eea0ff2d32a5a86c7a899a3343f1496f4477f42e2d651cc6dc","README.md":"c3da151141cb5c79257fd464acf94e6cb83b7dd04e9f3c247be70c29553c2017","benches/cycle_counts.rs":"c6fed86760889b3e482314328bc05ba1a2611c5ee409ad8e966ad1950adce06d","benches/speed_tests.rs":"6bf53985dcbca8dd855e880862b5ba263296c1884f3de9b6efd124510d2d7095","documentation/releases.md":"14cfe917c88b69d557badc683b887c734254810402c7e19c9a45d815637480a9","examples/sum.rs":"9983ff6ce74c102733a1c4ec402d6c8c6d95bf48c516765d6bccf46534849737","src/benchmarked.rs":"6dc91f0397e0391bea50162d39d1d5d7d9b2bbe5020fd0665f548564a0ea574c","src/client.rs":"cd8987868e09039619dfcc6c1fcba0e850bdec5e22ffffeeb2e5e0d19e60b4af","src/codec.rs":"2f5763612d19659c7f3f806b94795276c032da7a8e0b41687b355e32b99929da","src/encrypt.rs":"552cc0c2fc6db3e4e9bb48d8731c1d89c3f66a289a946dfebc1af40e1c0673b7","src/fft.rs":"3206101febf6702dc4df20f2d1f0059bb6d444679cb376d04f9ca4a058958a37","src/field.rs":"ffbd63d3511cad4cca442cf89f1c00f374ae790a4d5611d3950fcf1f5ae4905a","src/field/field255.rs":"d68cb3e7a91e7fe488f80e50c1d10c1893ee4abbe47ec5bb6483cc31801f6c3a","src/flp.rs":"7186d32ec13db392665daafbd85ff1c8d256ecb0793a541b0963513d1d79908d","src/flp/gadgets.rs":"13c66e63e921a6b43664718c5c0cf84a654ee393564b966a4d79c65e6f2c2e8b","src/flp/types.rs":"f3981c02013d67d464bcdc3783c1d04b04970c13c859e2fbd0db98324446c680","src/flp/types/fixedpoint_l2.rs":"23fa31050495eaa4d52dfef1eb858158a66b7d4a547e8ba6f096258e058b219c","src/flp/types/fixedpoint_l2/compatible_float.rs":"83a78d7b8605ebd72790c55d9cc807bb3d583152705a54a06cbbc9465f6f5dca","src/fp.rs":"0f9ebf1a557c429868c80de3cbe27c8b5620f53883aec5860226be71e8bbec74","src/idpf.rs":"b81ca99a9a69b4cc9b2add74677341e97e68b4562072eba01de3e27ae4303bd3","src/lib.rs":"807c713239c470574ef880f60d43fcba01139cb54d46cb92325a34d1cf222c21","src/polynomial.rs":"1293fd029dc57d8265f66777b60abf054784e0c77c4dbb08e2d3338d2c59701f","src/prng.rs":"073cf386216dfcc606df40d544b214a0d5dc28e185fbbe5a1c252d8e922fe86b","src/server.rs":"249df8605317760ce2014f2d8ddcd432fb244e8659d75a520cf4ee131ea46312","src/test_vector.rs":"b0cc9970f19e1258be3fc4baffae27f1c1f9e358d5fe8813967fb05aa4edb9f7","src/util.rs":"d41d9e1d87c58c704e1beb52094e371d9ed75d6d989f436f00a34812c2ea68b3","src/vdaf.rs":"1a6c9299337e9942b0c9e1cb7e6c879defdbfe9fc51514244d1193ed1cc16d03","src/vdaf/poplar1.rs":"646510d368875726fb290df77438e6dd0f56f0d10560c03be4c1cb0a4bbb8715","src/vdaf/prg.rs":"25df7c6c0111987874b1e6ca7a4164e29f35db0dae077db503a65b6e713b6474","src/vdaf/prio2.rs":"9642a6638680b795f56d8a9c13e22d4a303b45e50cd0f44f4e4fa92464ce4d3e","src/vdaf/prio3.rs":"f6be8ad56e5ba1c2aabfbab2e02d7612d2bd9f41f8197538471f861f884e566d","src/vdaf/prio3_test.rs":"aa1ffb79864f0421af1e284915903c13bbd11aa557b400d8537436db104a29bc","src/vdaf/test_vec/05/IdpfPoplar_0.json":"26fa4d2ea8a052633a8c81515604b802b8f1a520b29caa8cb4020e42bbfffae6","src/vdaf/test_vec/05/Poplar1_0.json":"2d4e7bab011e06aa1adbe7d34d7e534a2253e74c34d9cc71f119d93da966eb05","src/vdaf/test_vec/05/Poplar1_1.json":"c75471b5a0a8acffff9750613872beb481ee9fc9333e7864fe20dcdb12bf145b","src/vdaf/test_vec/05/Poplar1_2.json":"565d790868909cc4d12c51ae3c642edd799f40b24d51fe3a463cbdb3a3207a98","src/vdaf/test_vec/05/Poplar1_3.json":"0128819284656b8f2199e1ae4476a7da237acf9ec8aea01a5697a8e13811a56e","src/vdaf/test_vec/05/PrgAes128.json":"2fb07c7bbfd0530a2b714fed8012dc9c41e480a92d81dbb0b71134a35808e6b6","src/vdaf/test_vec/05/PrgFixedKeyAes128.json":"65c34dde9f89f250eaee374fdd66eb62aa5b0eaca0b552ea647327239136e8c7","src/vdaf/test_vec/05/PrgSha3.json":"39db22a6c59879014fc6264bf57173724b7c1edcadc24329774dbd5d07e52bc7","src/vdaf/test_vec/05/Prio3Count_0.json":"047c469f74572a78fd9bdf250a00b6fee06600773701125881a5a16ee2d33733","src/vdaf/test_vec/05/Prio3Histogram_0.json":"8b9706acfe1d0c61d01bdea33111baa2bd252a25b9a5c0e22728455ce63fcb74","src/vdaf/test_vec/05/Prio3Sum_0.json":"81fb427703c90fcf9f7be61238f78e4f1d5d51cd5a79344019b70e9e0f1e6e1d","supply-chain/audits.toml":"fee8e7c2bc21faa9461a28d6b18634e55ef14e69de0c1193cb0fdec8d6579e90","supply-chain/config.toml":"ee0b444435741dfe4a56c25b1c71983c2e16ca8889147c245e987c32a1d858f6","supply-chain/imports.lock":"a69a71d10ddc14f0bfffbfb45c18f9f911f7399432cb3104d072436c23b2745c","tests/backward_compatibility.rs":"56faee44ff85cad8b0f5b93a47d44fbb5ea5c1275cfa7b4309257aee73497234","tests/test_vectors/fieldpriov2.json":"4955819c163d86c1e417789981444499fc02133a9a51742af25b189ce910e4c4"},"package":"9c2aa1f9faa3fab6f02b54025f411d6f4fcd31765765600db339280e3678ae20"}
{"files":{"Cargo.lock":"2de4bc8d6a1fa8d4cbc4c9eeff77c96a251a6e26fa61e35a848f77d8a60babe7","Cargo.toml":"086bf48b750c18475db9ba19e54e3f7411191f97eb6034f4570e669d78f4d187","LICENSE":"5f5a5db8d4baa0eea0ff2d32a5a86c7a899a3343f1496f4477f42e2d651cc6dc","README.md":"747744d3fe280469d1ed47d94490c19f25c28b1b368726dbf475f6a84f82e595","benches/cycle_counts.rs":"c6fed86760889b3e482314328bc05ba1a2611c5ee409ad8e966ad1950adce06d","benches/speed_tests.rs":"6bf53985dcbca8dd855e880862b5ba263296c1884f3de9b6efd124510d2d7095","documentation/releases.md":"14cfe917c88b69d557badc683b887c734254810402c7e19c9a45d815637480a9","examples/sum.rs":"9983ff6ce74c102733a1c4ec402d6c8c6d95bf48c516765d6bccf46534849737","src/benchmarked.rs":"6dc91f0397e0391bea50162d39d1d5d7d9b2bbe5020fd0665f548564a0ea574c","src/client.rs":"cd8987868e09039619dfcc6c1fcba0e850bdec5e22ffffeeb2e5e0d19e60b4af","src/codec.rs":"2f5763612d19659c7f3f806b94795276c032da7a8e0b41687b355e32b99929da","src/encrypt.rs":"552cc0c2fc6db3e4e9bb48d8731c1d89c3f66a289a946dfebc1af40e1c0673b7","src/fft.rs":"3206101febf6702dc4df20f2d1f0059bb6d444679cb376d04f9ca4a058958a37","src/field.rs":"35e3a691e1f9d1e5de36653e0f87a07c9731179b308164612914d058077740dd","src/field/field255.rs":"177e0702baf66e613fee1401d924da78b34cdd6e09b8db97f8485091e2676dfe","src/flp.rs":"7186d32ec13db392665daafbd85ff1c8d256ecb0793a541b0963513d1d79908d","src/flp/gadgets.rs":"13c66e63e921a6b43664718c5c0cf84a654ee393564b966a4d79c65e6f2c2e8b","src/flp/types.rs":"f3981c02013d67d464bcdc3783c1d04b04970c13c859e2fbd0db98324446c680","src/flp/types/fixedpoint_l2.rs":"23fa31050495eaa4d52dfef1eb858158a66b7d4a547e8ba6f096258e058b219c","src/flp/types/fixedpoint_l2/compatible_float.rs":"83a78d7b8605ebd72790c55d9cc807bb3d583152705a54a06cbbc9465f6f5dca","src/fp.rs":"0f9ebf1a557c429868c80de3cbe27c8b5620f53883aec5860226be71e8bbec74","src/idpf.rs":"b81ca99a9a69b4cc9b2add74677341e97e68b4562072eba01de3e27ae4303bd3","src/lib.rs":"9eea3bc90ff0ecb058fee1a659e881983e12fb8c3a682417431992d95a9f23b1","src/polynomial.rs":"1293fd029dc57d8265f66777b60abf054784e0c77c4dbb08e2d3338d2c59701f","src/prng.rs":"ebcc44f341044cd2c41bc5d510c8d7fabf9a84da28ba7c830a8516f014b501ee","src/server.rs":"249df8605317760ce2014f2d8ddcd432fb244e8659d75a520cf4ee131ea46312","src/test_vector.rs":"b0cc9970f19e1258be3fc4baffae27f1c1f9e358d5fe8813967fb05aa4edb9f7","src/util.rs":"d41d9e1d87c58c704e1beb52094e371d9ed75d6d989f436f00a34812c2ea68b3","src/vdaf.rs":"7f141876270e23e3f298265ee0fa72b05429f71fd9c2fa3c6fa5e576f9142800","src/vdaf/poplar1.rs":"c9df1d76f03e38fa3170fc72c2147a4a91a91d674ec3495afcd1243260f2af26","src/vdaf/prg.rs":"bca395ff5d1be938c6843b08a2d490f8eb2b47984aba50289e4690fc8d103b5e","src/vdaf/prio2.rs":"9642a6638680b795f56d8a9c13e22d4a303b45e50cd0f44f4e4fa92464ce4d3e","src/vdaf/prio3.rs":"ae37b01674028fd91272aebef776ce96f571ea6e8db5d4c30b472118f8a21759","src/vdaf/prio3_test.rs":"aa1ffb79864f0421af1e284915903c13bbd11aa557b400d8537436db104a29bc","src/vdaf/test_vec/05/IdpfPoplar_0.json":"26fa4d2ea8a052633a8c81515604b802b8f1a520b29caa8cb4020e42bbfffae6","src/vdaf/test_vec/05/Poplar1_0.json":"2d4e7bab011e06aa1adbe7d34d7e534a2253e74c34d9cc71f119d93da966eb05","src/vdaf/test_vec/05/Poplar1_1.json":"c75471b5a0a8acffff9750613872beb481ee9fc9333e7864fe20dcdb12bf145b","src/vdaf/test_vec/05/Poplar1_2.json":"565d790868909cc4d12c51ae3c642edd799f40b24d51fe3a463cbdb3a3207a98","src/vdaf/test_vec/05/Poplar1_3.json":"0128819284656b8f2199e1ae4476a7da237acf9ec8aea01a5697a8e13811a56e","src/vdaf/test_vec/05/PrgAes128.json":"2fb07c7bbfd0530a2b714fed8012dc9c41e480a92d81dbb0b71134a35808e6b6","src/vdaf/test_vec/05/PrgFixedKeyAes128.json":"65c34dde9f89f250eaee374fdd66eb62aa5b0eaca0b552ea647327239136e8c7","src/vdaf/test_vec/05/PrgSha3.json":"39db22a6c59879014fc6264bf57173724b7c1edcadc24329774dbd5d07e52bc7","src/vdaf/test_vec/05/Prio3Count_0.json":"047c469f74572a78fd9bdf250a00b6fee06600773701125881a5a16ee2d33733","src/vdaf/test_vec/05/Prio3Histogram_0.json":"8b9706acfe1d0c61d01bdea33111baa2bd252a25b9a5c0e22728455ce63fcb74","src/vdaf/test_vec/05/Prio3Sum_0.json":"81fb427703c90fcf9f7be61238f78e4f1d5d51cd5a79344019b70e9e0f1e6e1d","tests/backward_compatibility.rs":"56faee44ff85cad8b0f5b93a47d44fbb5ea5c1275cfa7b4309257aee73497234","tests/test_vectors/fieldpriov2.json":"4955819c163d86c1e417789981444499fc02133a9a51742af25b189ce910e4c4"},"package":"3675d093a7713f2b861f77b16c3c33fadd6de0a69bf7203014d938b9d5daa6f7"}

77
third_party/rust/prio/Cargo.lock сгенерированный поставляемый
Просмотреть файл

@ -180,9 +180,9 @@ dependencies = [
[[package]]
name = "clap"
version = "3.2.21"
version = "3.2.22"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1ed5341b2301a26ab80be5cbdced622e80ed808483c52e45e3310a877d3b37d7"
checksum = "86447ad904c7fb335a790c9d7fe3d0d971dc523b8ccd1561a520de9a85302750"
dependencies = [
"bitflags",
"clap_lex",
@ -201,9 +201,9 @@ dependencies = [
[[package]]
name = "cmac"
version = "0.7.1"
version = "0.7.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "606383658416244b8dc4b36f864ec1f86cb922b95c41a908fd07aeb01cad06fa"
checksum = "8543454e3c3f5126effff9cd44d562af4e31fb8ce1cc0d3dcd8f084515dbc1aa"
dependencies = [
"cipher",
"dbl",
@ -354,15 +354,15 @@ checksum = "90e5c1c8368803113bf0c9584fc495a58b86dc8a29edbf8fe877d21d9507e797"
[[package]]
name = "fiat-crypto"
version = "0.1.19"
version = "0.1.20"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "93ace6ec7cc19c8ed33a32eaa9ea692d7faea05006b5356b9e2b668ec4bc3955"
checksum = "e825f6987101665dea6ec934c09ec6d721de7bc1bf92248e1d5810c8cd636b77"
[[package]]
name = "fixed"
version = "1.23.0"
version = "1.23.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "55f3be4cf4fc227d3a63bb77512a2b7d364200b2a715f389155785c4d3345495"
checksum = "79386fdcec5e0fde91b1a6a5bcd89677d1f9304f7f986b154a1b9109038854d9"
dependencies = [
"az",
"bytemuck",
@ -392,7 +392,7 @@ dependencies = [
"proc-macro-error",
"proc-macro2",
"quote",
"syn",
"syn 1.0.104",
]
[[package]]
@ -483,9 +483,9 @@ dependencies = [
[[package]]
name = "hex-literal"
version = "0.3.4"
version = "0.4.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7ebdb29d2ea9ed0083cd8cece49bbd968021bd99b0849edb4a9a7ee0fdf6a4e0"
checksum = "6fe2267d4ed49bc07b63801559be28c718ea06c4738b7a03c94df7386d2cde46"
[[package]]
name = "iai"
@ -699,7 +699,7 @@ checksum = "eb9f9e6e233e5c4a35559a617bf40a4ec447db2e84c20b55a6f83167b7e57872"
[[package]]
name = "prio"
version = "0.12.0"
version = "0.12.1"
dependencies = [
"aes",
"aes-gcm",
@ -743,7 +743,7 @@ dependencies = [
"proc-macro-error-attr",
"proc-macro2",
"quote",
"syn",
"syn 1.0.104",
"version_check",
]
@ -760,18 +760,18 @@ dependencies = [
[[package]]
name = "proc-macro2"
version = "1.0.47"
version = "1.0.54"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5ea3d908b0e36316caf9e9e2c4625cdde190a7e6f440d794667ed17a1855e725"
checksum = "e472a104799c74b514a57226160104aa483546de37e839ec50e3c2e41dd87534"
dependencies = [
"unicode-ident",
]
[[package]]
name = "quote"
version = "1.0.21"
version = "1.0.26"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bbe448f377a7d6961e30f5955f9b8d106c3f5e449d493ee1b125c1d43c2b5179"
checksum = "4424af4bf778aae2051a77b60283332f386554255d722233d09fbfc7e30da2fc"
dependencies = [
"proc-macro2",
]
@ -887,29 +887,29 @@ checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd"
[[package]]
name = "serde"
version = "1.0.155"
version = "1.0.159"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "71f2b4817415c6d4210bfe1c7bfcf4801b2d904cb4d0e1a8fdb651013c9e86b8"
checksum = "3c04e8343c3daeec41f58990b9d77068df31209f2af111e059e9fe9646693065"
dependencies = [
"serde_derive",
]
[[package]]
name = "serde_derive"
version = "1.0.155"
version = "1.0.159"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d071a94a3fac4aff69d023a7f411e33f40f3483f8c5190b1953822b6b76d7630"
checksum = "4c614d17805b093df4b147b51339e7e44bf05ef59fba1e45d83500bcfb4d8585"
dependencies = [
"proc-macro2",
"quote",
"syn",
"syn 2.0.11",
]
[[package]]
name = "serde_json"
version = "1.0.94"
version = "1.0.95"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1c533a59c9d8a93a09c6ab31f0fd5e5f4dd1b8fc9434804029839884765d04ea"
checksum = "d721eca97ac802aa7777b701877c8004d950fc142651367300d21c1cc0194744"
dependencies = [
"itoa",
"ryu",
@ -955,6 +955,17 @@ dependencies = [
"unicode-ident",
]
[[package]]
name = "syn"
version = "2.0.11"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "21e3787bb71465627110e7d87ed4faaa36c1f61042ee67badb9e2ef173accc40"
dependencies = [
"proc-macro2",
"quote",
"unicode-ident",
]
[[package]]
name = "tap"
version = "1.0.1"
@ -963,28 +974,28 @@ checksum = "55937e1799185b12863d447f42597ed69d9928686b8d88a1df17376a097d8369"
[[package]]
name = "textwrap"
version = "0.15.0"
version = "0.15.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b1141d4d61095b28419e22cb0bbf02755f5e54e0526f97f1e3d1d160e60885fb"
checksum = "b7b3e525a49ec206798b40326a44121291b530c963cfb01018f63e135bac543d"
[[package]]
name = "thiserror"
version = "1.0.39"
version = "1.0.40"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a5ab016db510546d856297882807df8da66a16fb8c4101cb8b30054b0d5b2d9c"
checksum = "978c9a314bd8dc99be594bc3c175faaa9794be04a5a5e153caba6915336cebac"
dependencies = [
"thiserror-impl",
]
[[package]]
name = "thiserror-impl"
version = "1.0.39"
version = "1.0.40"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5420d42e90af0c38c3290abcca25b9b3bdf379fc9f55c528f53a269d9c9a267e"
checksum = "f9456a42c5b0d803c8cd86e73dd7cc9edd429499f37a3550d286d5e86720569f"
dependencies = [
"proc-macro2",
"quote",
"syn",
"syn 2.0.11",
]
[[package]]
@ -1069,7 +1080,7 @@ dependencies = [
"once_cell",
"proc-macro2",
"quote",
"syn",
"syn 1.0.104",
"wasm-bindgen-shared",
]
@ -1091,7 +1102,7 @@ checksum = "07bc0c051dc5f23e307b13285f9d75df86bfdf816c5721e573dec1f9b8aa193c"
dependencies = [
"proc-macro2",
"quote",
"syn",
"syn 1.0.104",
"wasm-bindgen-backend",
"wasm-bindgen-shared",
]

15
third_party/rust/prio/Cargo.toml поставляемый
Просмотреть файл

@ -13,13 +13,14 @@
edition = "2021"
rust-version = "1.61"
name = "prio"
version = "0.12.0"
version = "0.12.1"
authors = [
"Josh Aas <jaas@kflag.net>",
"Tim Geoghegan <timg@letsencrypt.org>",
"Christopher Patton <cpatton@cloudflare.com",
"Karl Tarbe <tarbe@apple.com>",
]
exclude = ["/supply-chain"]
description = "Implementation of the Prio aggregation system core: https://crypto.stanford.edu/prio/"
readme = "README.md"
license = "MPL-2.0"
@ -33,6 +34,9 @@ rustdoc-args = [
"docsrs",
]
[package.metadata.cargo-all-features]
skip_optional_dependencies = true
[[example]]
name = "sum"
required-features = ["prio2"]
@ -69,7 +73,7 @@ optional = true
version = "1.4.3"
[dependencies.cmac]
version = "0.7.1"
version = "0.7.2"
optional = true
[dependencies.ctr]
@ -77,7 +81,7 @@ version = "0.9.2"
optional = true
[dependencies.fiat-crypto]
version = "0.1.19"
version = "0.1.20"
optional = true
[dependencies.fixed]
@ -110,7 +114,6 @@ optional = true
[dependencies.sha3]
version = "0.10.6"
optional = true
[dependencies.static_assertions]
version = "1.1.0"
@ -138,7 +141,7 @@ version = "0.4.3"
features = ["serde"]
[dev-dependencies.hex-literal]
version = "0.3.4"
version = "0.4.1"
[dev-dependencies.iai]
version = "0.1"
@ -166,7 +169,6 @@ crypto-dependencies = [
"aes",
"ctr",
"cmac",
"sha3",
]
default = ["crypto-dependencies"]
experimental = [
@ -176,6 +178,7 @@ experimental = [
]
multithreaded = ["rayon"]
prio2 = [
"crypto-dependencies",
"aes-gcm",
"ring",
]

2
third_party/rust/prio/README.md поставляемый
Просмотреть файл

@ -35,7 +35,7 @@ increases (e.g., 0.10 to 0.11).
| Crate version | Git branch | VDAF draft version | DAP draft version | Conforms to specification? | Status |
| ----- | ---------- | ------------- | ------------- | --------------------- | ------ |
| 0.8 | `release/0.8` | [`draft-irtf-cfrg-vdaf-01`][vdaf-01] | [`draft-ietf-ppm-dap-01`][dap-01] | Yes | Supported |
| 0.8 | `release/0.8` | [`draft-irtf-cfrg-vdaf-01`][vdaf-01] | [`draft-ietf-ppm-dap-01`][dap-01] | Yes | Unmaintained as of March 28, 2023 |
| 0.9 | `release/0.9` | [`draft-irtf-cfrg-vdaf-03`][vdaf-03] | [`draft-ietf-ppm-dap-02`][dap-02] and [`draft-ietf-ppm-dap-03`][dap-03] | Yes | Unmaintained as of September 22, 2022 |
| 0.10 | `release/0.10` | [`draft-irtf-cfrg-vdaf-03`][vdaf-03] | [`draft-ietf-ppm-dap-02`][dap-02] and [`draft-ietf-ppm-dap-03`][dap-03] | Yes | Supported |
| 0.11 | `release/0.11` | [`draft-irtf-cfrg-vdaf-04`][vdaf-04] | N/A | Yes | Unmaintained |

1
third_party/rust/prio/src/field.rs поставляемый
Просмотреть файл

@ -806,6 +806,7 @@ pub(crate) fn split_vector<F: FieldElement>(
/// Generate a vector of uniformly distributed random field elements.
#[cfg(feature = "crypto-dependencies")]
#[cfg_attr(docsrs, doc(cfg(feature = "crypto-dependencies")))]
pub fn random_vector<F: FieldElement>(len: usize) -> Result<Vec<F>, PrngError> {
Ok(Prng::new()?.take(len).collect())
}

1
third_party/rust/prio/src/field/field255.rs поставляемый
Просмотреть файл

@ -32,6 +32,7 @@ const MODULUS_LITTLE_ENDIAN: [u8; 32] = [
/// `GF(2^255 - 19)`, a 255-bit field.
#[derive(Clone, Copy)]
#[cfg_attr(docsrs, doc(cfg(feature = "experimental")))]
pub struct Field255(fiat_25519_tight_field_element);
impl Field255 {

11
third_party/rust/prio/src/lib.rs поставляемый
Просмотреть файл

@ -20,10 +20,13 @@
pub mod benchmarked;
#[cfg(feature = "prio2")]
#[cfg_attr(docsrs, doc(cfg(feature = "prio2")))]
pub mod client;
#[cfg(feature = "prio2")]
#[cfg_attr(docsrs, doc(cfg(feature = "prio2")))]
pub mod encrypt;
#[cfg(feature = "prio2")]
#[cfg_attr(docsrs, doc(cfg(feature = "prio2")))]
pub mod server;
pub mod codec;
@ -31,14 +34,20 @@ mod fft;
pub mod field;
pub mod flp;
mod fp;
#[cfg(feature = "experimental")]
#[cfg(all(feature = "crypto-dependencies", feature = "experimental"))]
#[cfg_attr(
docsrs,
doc(cfg(all(feature = "crypto-dependencies", feature = "experimental")))
)]
pub mod idpf;
mod polynomial;
mod prng;
// Module test_vector depends on crate `rand` so we make it an optional feature
// to spare most clients the extra dependency.
#[cfg(all(any(feature = "test-util", test), feature = "prio2"))]
#[doc(hidden)]
pub mod test_vector;
#[cfg(feature = "prio2")]
#[cfg_attr(docsrs, doc(cfg(feature = "prio2")))]
pub mod util;
pub mod vdaf;

2
third_party/rust/prio/src/prng.rs поставляемый
Просмотреть файл

@ -109,7 +109,7 @@ where
//
// If we don't end up making this spec change, then add tests to ensure that changing field
// types is done correctly.
#[cfg(feature = "experimental")]
#[cfg(all(feature = "crypto-dependencies", feature = "experimental"))]
pub(crate) fn into_new_field<F1: FieldElement>(self) -> Prng<F1, S> {
Prng {
phantom: PhantomData,

10
third_party/rust/prio/src/vdaf.rs поставляемый
Просмотреть файл

@ -5,7 +5,7 @@
//!
//! [draft-irtf-cfrg-vdaf-05]: https://datatracker.ietf.org/doc/draft-irtf-cfrg-vdaf/05/
#[cfg(feature = "experimental")]
#[cfg(all(feature = "crypto-dependencies", feature = "experimental"))]
use crate::idpf::IdpfError;
use crate::{
codec::{CodecError, Decode, Encode, ParameterizedDecode},
@ -49,7 +49,7 @@ pub enum VdafError {
GetRandom(#[from] getrandom::Error),
/// IDPF error.
#[cfg(feature = "experimental")]
#[cfg(all(feature = "crypto-dependencies", feature = "experimental"))]
#[error("idpf error: {0}")]
Idpf(#[from] IdpfError),
}
@ -532,10 +532,14 @@ where
}
#[cfg(all(feature = "crypto-dependencies", feature = "experimental"))]
#[cfg_attr(docsrs, doc(cfg(feature = "experimental")))]
#[cfg_attr(
docsrs,
doc(cfg(all(feature = "crypto-dependencies", feature = "experimental")))
)]
pub mod poplar1;
pub mod prg;
#[cfg(feature = "prio2")]
#[cfg_attr(docsrs, doc(cfg(feature = "prio2")))]
pub mod prio2;
pub mod prio3;
#[cfg(test)]

286
third_party/rust/prio/src/vdaf/poplar1.rs поставляемый
Просмотреть файл

@ -19,7 +19,9 @@ use std::{
convert::TryFrom,
fmt::Debug,
io::{Cursor, Read},
iter,
marker::PhantomData,
num::TryFromIntError,
ops::{Add, AddAssign, Sub},
};
use subtle::{Choice, ConditionallyNegatable, ConditionallySelectable, ConstantTimeEq};
@ -172,22 +174,130 @@ impl<'a, P, const SEED_SIZE: usize> ParameterizedDecode<(&'a Poplar1<P, SEED_SIZ
}
/// Poplar1 preparation state.
#[derive(Clone, Debug)]
#[derive(Clone, Debug, PartialEq, Eq)]
pub struct Poplar1PrepareState(PrepareStateVariant);
#[derive(Clone, Debug)]
impl Encode for Poplar1PrepareState {
fn encode(&self, bytes: &mut Vec<u8>) {
self.0.encode(bytes)
}
fn encoded_len(&self) -> Option<usize> {
self.0.encoded_len()
}
}
impl<'a, P, const SEED_SIZE: usize> ParameterizedDecode<(&'a Poplar1<P, SEED_SIZE>, usize)>
for Poplar1PrepareState
{
fn decode_with_param(
decoding_parameter: &(&'a Poplar1<P, SEED_SIZE>, usize),
bytes: &mut Cursor<&[u8]>,
) -> Result<Self, CodecError> {
Ok(Self(PrepareStateVariant::decode_with_param(
decoding_parameter,
bytes,
)?))
}
}
#[derive(Clone, Debug, PartialEq, Eq)]
enum PrepareStateVariant {
Inner(PrepareState<Field64>),
Leaf(PrepareState<Field255>),
}
#[derive(Clone, Debug)]
impl Encode for PrepareStateVariant {
fn encode(&self, bytes: &mut Vec<u8>) {
match self {
PrepareStateVariant::Inner(prep_state) => {
0u8.encode(bytes);
prep_state.encode(bytes);
}
PrepareStateVariant::Leaf(prep_state) => {
1u8.encode(bytes);
prep_state.encode(bytes);
}
}
}
fn encoded_len(&self) -> Option<usize> {
Some(
1 + match self {
PrepareStateVariant::Inner(prep_state) => prep_state.encoded_len()?,
PrepareStateVariant::Leaf(prep_state) => prep_state.encoded_len()?,
},
)
}
}
impl<'a, P, const SEED_SIZE: usize> ParameterizedDecode<(&'a Poplar1<P, SEED_SIZE>, usize)>
for PrepareStateVariant
{
fn decode_with_param(
decoding_parameter: &(&'a Poplar1<P, SEED_SIZE>, usize),
bytes: &mut Cursor<&[u8]>,
) -> Result<Self, CodecError> {
match u8::decode(bytes)? {
0 => {
let prep_state = PrepareState::decode_with_param(decoding_parameter, bytes)?;
Ok(Self::Inner(prep_state))
}
1 => {
let prep_state = PrepareState::decode_with_param(decoding_parameter, bytes)?;
Ok(Self::Leaf(prep_state))
}
_ => Err(CodecError::UnexpectedValue),
}
}
}
#[derive(Clone, Debug, PartialEq, Eq)]
struct PrepareState<F> {
sketch: SketchState<F>,
output_share: Vec<F>,
}
#[derive(Clone, Debug)]
impl<F: FieldElement> Encode for PrepareState<F> {
fn encode(&self, bytes: &mut Vec<u8>) {
self.sketch.encode(bytes);
// `expect` safety: output_share's length is the same as the number of prefixes; the number
// of prefixes is capped at 2^32-1.
u32::try_from(self.output_share.len())
.expect("Couldn't convert output_share length to u32")
.encode(bytes);
for elem in &self.output_share {
elem.encode(bytes);
}
}
fn encoded_len(&self) -> Option<usize> {
Some(self.sketch.encoded_len()? + 4 + self.output_share.len() * F::ENCODED_SIZE)
}
}
impl<'a, P, F: FieldElement, const SEED_SIZE: usize>
ParameterizedDecode<(&'a Poplar1<P, SEED_SIZE>, usize)> for PrepareState<F>
{
fn decode_with_param(
decoding_parameter: &(&'a Poplar1<P, SEED_SIZE>, usize),
bytes: &mut Cursor<&[u8]>,
) -> Result<Self, CodecError> {
let sketch = SketchState::<F>::decode_with_param(decoding_parameter, bytes)?;
let output_share_len = u32::decode(bytes)?
.try_into()
.map_err(|err: TryFromIntError| CodecError::Other(err.into()))?;
let output_share = iter::repeat_with(|| F::decode(bytes))
.take(output_share_len)
.collect::<Result<_, _>>()?;
Ok(Self {
sketch,
output_share,
})
}
}
#[derive(Clone, Debug, PartialEq, Eq)]
enum SketchState<F> {
#[allow(non_snake_case)]
RoundOne {
@ -198,6 +308,55 @@ enum SketchState<F> {
RoundTwo,
}
impl<F: FieldElement> Encode for SketchState<F> {
fn encode(&self, bytes: &mut Vec<u8>) {
match self {
SketchState::RoundOne {
A_share, B_share, ..
} => {
0u8.encode(bytes);
A_share.encode(bytes);
B_share.encode(bytes);
}
SketchState::RoundTwo => 1u8.encode(bytes),
}
}
fn encoded_len(&self) -> Option<usize> {
Some(
1 + match self {
SketchState::RoundOne { .. } => 2 * F::ENCODED_SIZE,
SketchState::RoundTwo => 0,
},
)
}
}
impl<'a, P, F: FieldElement, const SEED_SIZE: usize>
ParameterizedDecode<(&'a Poplar1<P, SEED_SIZE>, usize)> for SketchState<F>
{
#[allow(non_snake_case)]
fn decode_with_param(
(_, agg_id): &(&'a Poplar1<P, SEED_SIZE>, usize),
bytes: &mut Cursor<&[u8]>,
) -> Result<Self, CodecError> {
match u8::decode(bytes)? {
0 => {
let A_share = F::decode(bytes)?;
let B_share = F::decode(bytes)?;
let is_leader = agg_id == &0;
Ok(Self::RoundOne {
A_share,
B_share,
is_leader,
})
}
1 => Ok(Self::RoundTwo),
_ => Err(CodecError::UnexpectedValue),
}
}
}
impl<F: FieldElement> SketchState<F> {
fn decode_sketch_share(&self, bytes: &mut Cursor<&[u8]>) -> Result<Vec<F>, CodecError> {
match self {
@ -407,8 +566,10 @@ impl Poplar1AggregationParam {
///
/// * The list of prefixes is empty.
/// * The prefixes have different lengths (they must all be the same).
/// * The prefixes are longer than 2^16 bits.
/// * The prefixes have length 0, or length longer than 2^16 bits.
/// * There are more than 2^32 - 1 prefixes.
/// * The prefixes are not unique.
/// * The prefixes are not in lexicographic order.
pub fn try_from_prefixes(prefixes: Vec<IdpfInput>) -> Result<Self, VdafError> {
if prefixes.is_empty() {
return Err(VdafError::Uncategorized(
@ -443,7 +604,10 @@ impl Poplar1AggregationParam {
last_prefix = Some(prefix);
}
let level = u16::try_from(len - 1)
let level = len
.checked_sub(1)
.ok_or_else(|| VdafError::Uncategorized("prefixes are too short".into()))?;
let level = u16::try_from(level)
.map_err(|_| VdafError::Uncategorized("prefixes are too long".into()))?;
Ok(Self { level, prefixes })
@ -1477,6 +1641,116 @@ mod tests {
);
}
#[test]
fn round_trip_prepare_state() {
let vdaf = Poplar1::new_sha3(1);
for (agg_id, prep_state) in [
(
0,
Poplar1PrepareState(PrepareStateVariant::Inner(PrepareState {
sketch: SketchState::RoundOne {
A_share: Field64::from(0),
B_share: Field64::from(1),
is_leader: true,
},
output_share: Vec::from([Field64::from(2), Field64::from(3), Field64::from(4)]),
})),
),
(
1,
Poplar1PrepareState(PrepareStateVariant::Inner(PrepareState {
sketch: SketchState::RoundOne {
A_share: Field64::from(5),
B_share: Field64::from(6),
is_leader: false,
},
output_share: Vec::from([Field64::from(7), Field64::from(8), Field64::from(9)]),
})),
),
(
0,
Poplar1PrepareState(PrepareStateVariant::Inner(PrepareState {
sketch: SketchState::RoundTwo,
output_share: Vec::from([
Field64::from(10),
Field64::from(11),
Field64::from(12),
]),
})),
),
(
1,
Poplar1PrepareState(PrepareStateVariant::Inner(PrepareState {
sketch: SketchState::RoundTwo,
output_share: Vec::from([
Field64::from(13),
Field64::from(14),
Field64::from(15),
]),
})),
),
(
0,
Poplar1PrepareState(PrepareStateVariant::Leaf(PrepareState {
sketch: SketchState::RoundOne {
A_share: Field255::from(16),
B_share: Field255::from(17),
is_leader: true,
},
output_share: Vec::from([
Field255::from(18),
Field255::from(19),
Field255::from(20),
]),
})),
),
(
1,
Poplar1PrepareState(PrepareStateVariant::Leaf(PrepareState {
sketch: SketchState::RoundOne {
A_share: Field255::from(21),
B_share: Field255::from(22),
is_leader: false,
},
output_share: Vec::from([
Field255::from(23),
Field255::from(24),
Field255::from(25),
]),
})),
),
(
0,
Poplar1PrepareState(PrepareStateVariant::Leaf(PrepareState {
sketch: SketchState::RoundTwo,
output_share: Vec::from([
Field255::from(26),
Field255::from(27),
Field255::from(28),
]),
})),
),
(
1,
Poplar1PrepareState(PrepareStateVariant::Leaf(PrepareState {
sketch: SketchState::RoundTwo,
output_share: Vec::from([
Field255::from(29),
Field255::from(30),
Field255::from(31),
]),
})),
),
] {
let encoded_prep_state = prep_state.get_encoded();
assert_eq!(prep_state.encoded_len(), Some(encoded_prep_state.len()));
let decoded_prep_state =
Poplar1PrepareState::get_decoded_with_param(&(&vdaf, agg_id), &encoded_prep_state)
.unwrap();
assert_eq!(prep_state, decoded_prep_state);
}
}
#[test]
fn round_trip_agg_param() {
// These test cases were generated using the reference Sage implementation.

36
third_party/rust/prio/src/vdaf/prg.rs поставляемый
Просмотреть файл

@ -5,7 +5,7 @@
//! [draft-irtf-cfrg-vdaf-05]: https://datatracker.ietf.org/doc/draft-irtf-cfrg-vdaf/05/
use crate::vdaf::{CodecError, Decode, Encode};
#[cfg(feature = "experimental")]
#[cfg(all(feature = "crypto-dependencies", feature = "experimental"))]
use aes::{
cipher::{generic_array::GenericArray, BlockEncrypt, KeyInit},
Block,
@ -19,7 +19,6 @@ use aes::{
use cmac::{Cmac, Mac};
#[cfg(feature = "crypto-dependencies")]
use ctr::Ctr64BE;
#[cfg(feature = "crypto-dependencies")]
use sha3::{
digest::{ExtendableOutput, Update, XofReader},
CShake128, CShake128Core, CShake128Reader,
@ -133,6 +132,7 @@ pub trait Prg<const SEED_SIZE: usize>: Clone + Debug {
/// [draft-irtf-cfrg-vdaf-04]: https://datatracker.ietf.org/doc/draft-irtf-cfrg-vdaf/04/
#[derive(Clone, Debug)]
#[cfg(feature = "crypto-dependencies")]
#[cfg_attr(docsrs, doc(cfg(feature = "crypto-dependencies")))]
#[deprecated(since = "0.11.0", note = "Superseded by PrgSha3")]
pub struct PrgAes128(Cmac<Aes128>);
@ -161,6 +161,7 @@ impl Prg<16> for PrgAes128 {
/// The key stream produced by AES128 in CTR-mode.
#[cfg(feature = "crypto-dependencies")]
#[cfg_attr(docsrs, doc(cfg(feature = "crypto-dependencies")))]
pub struct SeedStreamAes128(Ctr64BE<Aes128>);
#[cfg(feature = "crypto-dependencies")]
@ -194,10 +195,8 @@ impl Debug for SeedStreamAes128 {
///
/// [draft-irtf-cfrg-vdaf-05]: https://datatracker.ietf.org/doc/draft-irtf-cfrg-vdaf/05/
#[derive(Clone, Debug)]
#[cfg(feature = "crypto-dependencies")]
pub struct PrgSha3(CShake128);
#[cfg(feature = "crypto-dependencies")]
impl Prg<16> for PrgSha3 {
type SeedStream = SeedStreamSha3;
@ -217,17 +216,14 @@ impl Prg<16> for PrgSha3 {
}
/// The key stream produced by the cSHAKE128 XOF.
#[cfg(feature = "crypto-dependencies")]
pub struct SeedStreamSha3(CShake128Reader);
#[cfg(feature = "crypto-dependencies")]
impl SeedStreamSha3 {
pub(crate) fn new(reader: CShake128Reader) -> Self {
Self(reader)
}
}
#[cfg(feature = "crypto-dependencies")]
impl SeedStream for SeedStreamSha3 {
fn fill(&mut self, buf: &mut [u8]) {
XofReader::read(&mut self.0, buf);
@ -236,12 +232,16 @@ impl SeedStream for SeedStreamSha3 {
/// Factory to produce multiple [`PrgFixedKeyAes128`] instances with the same fixed key and
/// different seeds.
#[cfg(feature = "experimental")]
#[cfg(all(feature = "crypto-dependencies", feature = "experimental"))]
#[cfg_attr(
docsrs,
doc(cfg(all(feature = "crypto-dependencies", feature = "experimental")))
)]
pub struct PrgFixedKeyAes128Key {
cipher: Aes128,
}
#[cfg(feature = "experimental")]
#[cfg(all(feature = "crypto-dependencies", feature = "experimental"))]
impl PrgFixedKeyAes128Key {
/// Derive a fixed key from the customization string and binder string.
pub fn new(custom: &[u8], binder: &[u8]) -> Self {
@ -274,13 +274,17 @@ impl PrgFixedKeyAes128Key {
///
/// [draft-irtf-cfrg-vdaf-05]: https://datatracker.ietf.org/doc/draft-irtf-cfrg-vdaf/05/
#[derive(Clone, Debug)]
#[cfg(feature = "experimental")]
#[cfg(all(feature = "crypto-dependencies", feature = "experimental"))]
#[cfg_attr(
docsrs,
doc(cfg(all(feature = "crypto-dependencies", feature = "experimental")))
)]
pub struct PrgFixedKeyAes128 {
fixed_key_deriver: CShake128,
base_block: Block,
}
#[cfg(feature = "experimental")]
#[cfg(all(feature = "crypto-dependencies", feature = "experimental"))]
impl Prg<16> for PrgFixedKeyAes128 {
type SeedStream = SeedStreamFixedKeyAes128;
@ -307,14 +311,18 @@ impl Prg<16> for PrgFixedKeyAes128 {
}
/// Seed stream for [`PrgFixedKeyAes128`].
#[cfg(feature = "experimental")]
#[cfg(all(feature = "crypto-dependencies", feature = "experimental"))]
#[cfg_attr(
docsrs,
doc(cfg(all(feature = "crypto-dependencies", feature = "experimental")))
)]
pub struct SeedStreamFixedKeyAes128 {
cipher: Aes128,
base_block: Block,
length_consumed: u64,
}
#[cfg(feature = "experimental")]
#[cfg(all(feature = "crypto-dependencies", feature = "experimental"))]
impl SeedStream for SeedStreamFixedKeyAes128 {
fn fill(&mut self, buf: &mut [u8]) {
let next_length_consumed = self.length_consumed + u64::try_from(buf.len()).unwrap();
@ -340,7 +348,7 @@ impl SeedStream for SeedStreamFixedKeyAes128 {
}
}
#[cfg(feature = "experimental")]
#[cfg(all(feature = "crypto-dependencies", feature = "experimental"))]
impl SeedStreamFixedKeyAes128 {
fn hash_block(&self, block: &mut Block) {
let sigma = Block::from([

49
third_party/rust/prio/src/vdaf/prio3.rs поставляемый
Просмотреть файл

@ -27,23 +27,19 @@
//! [DPRS23]: https://ia.cr/2023/130
//! [draft-irtf-cfrg-vdaf-05]: https://datatracker.ietf.org/doc/draft-irtf-cfrg-vdaf/05/
#[cfg(feature = "crypto-dependencies")]
use super::prg::PrgSha3;
use crate::codec::{CodecError, Decode, Encode, ParameterizedDecode};
use crate::field::{decode_fieldvec, FftFriendlyFieldElement, FieldElement};
#[cfg(feature = "crypto-dependencies")]
use crate::field::{Field128, Field64};
#[cfg(feature = "multithreaded")]
use crate::flp::gadgets::ParallelSumMultithreaded;
#[cfg(all(feature = "crypto-dependencies", feature = "experimental"))]
#[cfg(feature = "experimental")]
use crate::flp::gadgets::PolyEval;
#[cfg(feature = "crypto-dependencies")]
use crate::flp::gadgets::{BlindPolyEval, ParallelSum};
#[cfg(all(feature = "crypto-dependencies", feature = "experimental"))]
#[cfg(feature = "experimental")]
use crate::flp::types::fixedpoint_l2::{
compatible_float::CompatibleFloat, FixedPointBoundedL2VecSum,
};
#[cfg(feature = "crypto-dependencies")]
use crate::flp::types::{Average, Count, Histogram, Sum, SumVec};
use crate::flp::Type;
use crate::prng::Prng;
@ -52,7 +48,7 @@ use crate::vdaf::{
Aggregatable, AggregateShare, Aggregator, Client, Collector, OutputShare, PrepareTransition,
Share, ShareDecodingParameter, Vdaf, VdafError,
};
#[cfg(all(feature = "crypto-dependencies", feature = "experimental"))]
#[cfg(feature = "experimental")]
use fixed::traits::Fixed;
use std::convert::TryFrom;
use std::fmt::Debug;
@ -69,10 +65,8 @@ const DST_JOINT_RAND_SEED: u16 = 6;
const DST_JOINT_RAND_PART: u16 = 7;
/// The count type. Each measurement is an integer in `[0,2)` and the aggregate result is the sum.
#[cfg(feature = "crypto-dependencies")]
pub type Prio3Count = Prio3<Count<Field64>, PrgSha3, 16>;
#[cfg(feature = "crypto-dependencies")]
impl Prio3Count {
/// Construct an instance of Prio3Count with the given number of aggregators.
pub fn new_count(num_aggregators: u8) -> Result<Self, VdafError> {
@ -82,11 +76,9 @@ impl Prio3Count {
/// The count-vector type. Each measurement is a vector of integers in `[0,2^bits)` and the
/// aggregate is the element-wise sum.
#[cfg(feature = "crypto-dependencies")]
pub type Prio3SumVec =
Prio3<SumVec<Field128, ParallelSum<Field128, BlindPolyEval<Field128>>>, PrgSha3, 16>;
#[cfg(feature = "crypto-dependencies")]
impl Prio3SumVec {
/// Construct an instance of Prio3SumVec with the given number of aggregators. `bits` defines
/// the bit width of each summand of the measurement; `len` defines the length of the
@ -100,7 +92,6 @@ impl Prio3SumVec {
/// time. Note that the improvement is only noticeable for very large input lengths, e.g., 201 and
/// up. (Your system's mileage may vary.)
#[cfg(feature = "multithreaded")]
#[cfg(feature = "crypto-dependencies")]
#[cfg_attr(docsrs, doc(cfg(feature = "multithreaded")))]
pub type Prio3SumVecMultithreaded = Prio3<
SumVec<Field128, ParallelSumMultithreaded<Field128, BlindPolyEval<Field128>>>,
@ -109,8 +100,6 @@ pub type Prio3SumVecMultithreaded = Prio3<
>;
#[cfg(feature = "multithreaded")]
#[cfg(feature = "crypto-dependencies")]
#[cfg_attr(docsrs, doc(cfg(feature = "multithreaded")))]
impl Prio3SumVecMultithreaded {
/// Construct an instance of Prio3SumVecMultithreaded with the given number of
/// aggregators. `bits` defines the bit width of each summand of the measurement; `len` defines
@ -126,10 +115,8 @@ impl Prio3SumVecMultithreaded {
/// The sum type. Each measurement is an integer in `[0,2^bits)` for some `0 < bits < 64` and the
/// aggregate is the sum.
#[cfg(feature = "crypto-dependencies")]
pub type Prio3Sum = Prio3<Sum<Field128>, PrgSha3, 16>;
#[cfg(feature = "crypto-dependencies")]
impl Prio3Sum {
/// Construct an instance of Prio3Sum with the given number of aggregators and required bit
/// length. The bit length must not exceed 64.
@ -156,7 +143,7 @@ impl Prio3Sum {
/// allows an easy conversion to the integer type used in internal computation, while leaving
/// conversion to the client. The model itself will have floating point parameters, so the output
/// sum has that type as well.
#[cfg(all(feature = "crypto-dependencies", feature = "experimental"))]
#[cfg(feature = "experimental")]
#[cfg_attr(docsrs, doc(cfg(feature = "experimental")))]
pub type Prio3FixedPointBoundedL2VecSum<Fx> = Prio3<
FixedPointBoundedL2VecSum<
@ -169,8 +156,7 @@ pub type Prio3FixedPointBoundedL2VecSum<Fx> = Prio3<
16,
>;
#[cfg(all(feature = "crypto-dependencies", feature = "experimental"))]
#[cfg_attr(docsrs, doc(cfg(feature = "experimental")))]
#[cfg(feature = "experimental")]
impl<Fx: Fixed + CompatibleFloat<Field128>> Prio3FixedPointBoundedL2VecSum<Fx> {
/// Construct an instance of this VDAF with the given number of aggregators and number of
/// vector entries.
@ -186,13 +172,11 @@ impl<Fx: Fixed + CompatibleFloat<Field128>> Prio3FixedPointBoundedL2VecSum<Fx> {
/// The fixed point vector sum type. Each measurement is a vector of fixed point numbers
/// and the aggregate is the sum represented as 64-bit floats. The verification function
/// ensures the L2 norm of the input vector is < 1.
#[cfg(all(
feature = "crypto-dependencies",
feature = "experimental",
feature = "multithreaded"
))]
#[cfg_attr(docsrs, doc(cfg(feature = "experimental")))]
#[cfg_attr(docsrs, doc(cfg(feature = "multithreaded")))]
#[cfg(all(feature = "experimental", feature = "multithreaded"))]
#[cfg_attr(
docsrs,
doc(cfg(all(feature = "experimental", feature = "multithreaded")))
)]
pub type Prio3FixedPointBoundedL2VecSumMultithreaded<Fx> = Prio3<
FixedPointBoundedL2VecSum<
Fx,
@ -204,13 +188,7 @@ pub type Prio3FixedPointBoundedL2VecSumMultithreaded<Fx> = Prio3<
16,
>;
#[cfg(all(
feature = "crypto-dependencies",
feature = "experimental",
feature = "multithreaded"
))]
#[cfg_attr(docsrs, doc(cfg(feature = "experimental")))]
#[cfg_attr(docsrs, doc(cfg(feature = "multithreaded")))]
#[cfg(all(feature = "experimental", feature = "multithreaded"))]
impl<Fx: Fixed + CompatibleFloat<Field128>> Prio3FixedPointBoundedL2VecSumMultithreaded<Fx> {
/// Construct an instance of this VDAF with the given number of aggregators and number of
/// vector entries.
@ -225,10 +203,8 @@ impl<Fx: Fixed + CompatibleFloat<Field128>> Prio3FixedPointBoundedL2VecSumMultit
/// The histogram type. Each measurement is an unsigned integer and the result is a histogram
/// representation of the distribution. The bucket boundaries are fixed in advance.
#[cfg(feature = "crypto-dependencies")]
pub type Prio3Histogram = Prio3<Histogram<Field128>, PrgSha3, 16>;
#[cfg(feature = "crypto-dependencies")]
impl Prio3Histogram {
/// Constructs an instance of Prio3Histogram with the given number of aggregators and
/// desired histogram bucket boundaries.
@ -241,10 +217,8 @@ impl Prio3Histogram {
/// The average type. Each measurement is an integer in `[0,2^bits)` for some `0 < bits < 64` and
/// the aggregate is the arithmetic average.
#[cfg(feature = "crypto-dependencies")]
pub type Prio3Average = Prio3<Average<Field128>, PrgSha3, 16>;
#[cfg(feature = "crypto-dependencies")]
impl Prio3Average {
/// Construct an instance of Prio3Average with the given number of aggregators and required bit
/// length. The bit length must not exceed 64.
@ -559,6 +533,7 @@ where
/// Shard measurement with constant randomness of repeated bytes.
/// This method is not secure. It is used for running test vectors for Prio3.
#[cfg(feature = "test-util")]
#[doc(hidden)]
#[allow(clippy::type_complexity)]
pub fn test_vec_shard<const N: usize>(
&self,

252
third_party/rust/prio/supply-chain/audits.toml поставляемый
Просмотреть файл

@ -1,252 +0,0 @@
# cargo-vet audits file
[[audits.assert_matches]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-run"
version = "1.5.0"
[[audits.base64]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
delta = "0.20.0 -> 0.21.0"
[[audits.block-buffer]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
version = "0.9.0"
[[audits.ciborium-io]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-run"
version = "0.2.0"
[[audits.cmac]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
version = "0.7.1"
[[audits.crunchy]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
version = "0.2.2"
[[audits.dbl]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
version = "0.3.2"
[[audits.either]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
version = "1.6.1"
[[audits.fiat-crypto]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
version = "0.1.17"
notes = """
This crate does not contain any unsafe code, and does not use any items from
the standard library or other crates, aside from operations backed by
`std::ops`. All paths with array indexing use integer literals for indexes, so
there are no panics due to indexes out of bounds (as rustc would catch an
out-of-bounds literal index). I did not check whether arithmetic overflows
could cause a panic, and I am relying on the Coq code having satisfied the
necessary preconditions to ensure panics due to overflows are unreachable.
"""
[[audits.fiat-crypto]]
who = "Brandon Pitman <bran@bran.land>"
criteria = "safe-to-deploy"
delta = "0.1.17 -> 0.1.18"
[[audits.fiat-crypto]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
delta = "0.1.18 -> 0.1.19"
notes = """
This release renames many items and adds a new module. The code in the new
module is entirely composed of arithmetic and array accesses.
"""
[[audits.fixed]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
delta = "1.20.0 -> 1.21.0"
[[audits.fixed]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
delta = "1.21.0 -> 1.22.1"
[[audits.fixed]]
who = "Brandon Pitman <bran@bran.land>"
criteria = "safe-to-deploy"
delta = "1.22.1 -> 1.23.0"
[[audits.fixed-macro]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-run"
version = "1.2.0"
[[audits.fixed-macro-impl]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-run"
version = "1.2.0"
[[audits.ghash]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
version = "0.5.0"
[[audits.hex-literal]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-run"
version = "0.3.4"
[[audits.keccak]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
version = "0.1.2"
[[audits.modinverse]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-run"
version = "0.1.1"
[[audits.once_cell]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
delta = "1.14.0 -> 1.15.0"
[[audits.once_cell]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
delta = "1.15.0 -> 1.16.0"
notes = """
Changes to unsafe code in src/lib.rs, src/impl_std.rs, and src/imp_pl.rs are
functionally equivalent, and call unwrap_unchecked() on already-initialized
Options. The new implementation based on critical_section appears to be sound.
"""
[[audits.once_cell]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
delta = "1.16.0 -> 1.17.0"
[[audits.opaque-debug]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
version = "0.3.0"
[[audits.proc-macro-error-attr]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-run"
version = "1.0.4"
[[audits.proc-macro2]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
delta = "1.0.49 -> 1.0.47"
[[audits.rayon]]
who = "Brandon Pitman <bran@bran.land>"
criteria = "safe-to-deploy"
delta = "1.6.1 -> 1.7.0"
[[audits.rayon-core]]
who = "Brandon Pitman <bran@bran.land>"
criteria = "safe-to-deploy"
delta = "1.10.2 -> 1.11.0"
[[audits.rayon-core]]
who = "Brandon Pitman <bran@bran.land>"
criteria = "safe-to-deploy"
delta = "1.10.2 -> 1.11.0"
[[audits.serde]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
delta = "1.0.152 -> 1.0.153"
[[audits.serde]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
delta = "1.0.153 -> 1.0.154"
[[audits.serde]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
delta = "1.0.154 -> 1.0.155"
[[audits.serde_derive]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
delta = "1.0.152 -> 1.0.153"
[[audits.serde_derive]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
delta = "1.0.153 -> 1.0.154"
[[audits.serde_derive]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
delta = "1.0.154 -> 1.0.155"
[[audits.serde_json]]
who = "Tim Geoghegan <timg@letsencrypt.org>"
criteria = "safe-to-deploy"
delta = "1.0.91 -> 1.0.92"
notes = "The only changes are to doccomments, a dev-dependency and the project's CI workflow, so there should be no risk to dependents."
[[audits.serde_json]]
who = "Brandon Pitman <bran@bran.land>"
criteria = "safe-to-deploy"
delta = "1.0.92 -> 1.0.93"
[[audits.serde_json]]
who = "Brandon Pitman <bran@bran.land>"
criteria = "safe-to-deploy"
delta = "1.0.93 -> 1.0.94"
[[audits.sha3]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
version = "0.10.6"
[[audits.thiserror]]
who = "Brandon Pitman <bran@bran.land>"
criteria = "safe-to-deploy"
delta = "1.0.38 -> 1.0.39"
[[audits.thiserror-impl]]
who = "Brandon Pitman <bran@bran.land>"
criteria = "safe-to-deploy"
delta = "1.0.38 -> 1.0.39"
[[audits.unicode-ident]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
delta = "1.0.2 -> 1.0.3"
[[audits.universal-hash]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
version = "0.4.1"
[[audits.untrusted]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
version = "0.7.1"
[[audits.wasm-bindgen-shared]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
version = "0.2.83"
[[audits.zipf]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-run"
version = "7.0.0"

503
third_party/rust/prio/supply-chain/config.toml поставляемый
Просмотреть файл

@ -1,503 +0,0 @@
# cargo-vet config file
[imports.bytecode-alliance]
url = "https://raw.githubusercontent.com/bytecodealliance/wasmtime/main/supply-chain/audits.toml"
[imports.embark-studios]
url = "https://raw.githubusercontent.com/EmbarkStudios/rust-ecosystem/main/audits.toml"
[imports.firefox]
url = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[imports.zcash]
url = "https://raw.githubusercontent.com/zcash/rust-ecosystem/main/supply-chain/audits.toml"
[policy.prio]
audit-as-crates-io = false
criteria = "safe-to-deploy"
[policy.prio-binaries]
criteria = "safe-to-run"
[[exemptions.addr2line]]
version = "0.17.0"
criteria = "safe-to-run"
[[exemptions.adler]]
version = "1.0.2"
criteria = "safe-to-run"
[[exemptions.aead]]
version = "0.5.1"
criteria = "safe-to-deploy"
notes = "This is only used when the \"prio2\" feature is enabled."
[[exemptions.aes]]
version = "0.8.2"
criteria = "safe-to-deploy"
notes = "This is only used when the \"crypto-dependencies\" feature is enabled."
[[exemptions.aes-gcm]]
version = "0.10.1"
criteria = "safe-to-deploy"
notes = "This is only used when the \"prio2\" feature is enabled."
[[exemptions.ansi_term]]
version = "0.12.1"
criteria = "safe-to-run"
[[exemptions.az]]
version = "1.2.1"
criteria = "safe-to-deploy"
[[exemptions.bitflags]]
version = "1.3.2"
criteria = "safe-to-run"
[[exemptions.bitvec]]
version = "1.0.1"
criteria = "safe-to-deploy"
[[exemptions.bytemuck]]
version = "1.12.1"
criteria = "safe-to-deploy"
[[exemptions.byteorder]]
version = "1.4.3"
criteria = "safe-to-deploy"
[[exemptions.cast]]
version = "0.3.0"
criteria = "safe-to-run"
[[exemptions.cipher]]
version = "0.4.3"
criteria = "safe-to-deploy"
notes = "This is only used when the \"crypto-dependencies\" or \"prio2\" features are enabled."
[[exemptions.clap]]
version = "2.34.0"
criteria = "safe-to-run"
[[exemptions.clap]]
version = "3.2.21"
criteria = "safe-to-run"
[[exemptions.clap_lex]]
version = "0.2.4"
criteria = "safe-to-run"
[[exemptions.color-eyre]]
version = "0.6.2"
criteria = "safe-to-run"
[[exemptions.color-spantrace]]
version = "0.2.0"
criteria = "safe-to-run"
[[exemptions.cpufeatures]]
version = "0.2.5"
criteria = "safe-to-deploy"
notes = "This is only used when the \"crypto-dependencies\" or \"prio2\" features are enabled."
[[exemptions.criterion]]
version = "0.4.0"
criteria = "safe-to-run"
[[exemptions.criterion-plot]]
version = "0.5.0"
criteria = "safe-to-run"
[[exemptions.crossbeam-channel]]
version = "0.5.6"
criteria = "safe-to-deploy"
notes = "This is only used when the \"multithreaded\" feature is enabled."
[[exemptions.crossbeam-deque]]
version = "0.8.2"
criteria = "safe-to-deploy"
notes = "This is only used when the \"multithreaded\" feature is enabled."
[[exemptions.crossbeam-epoch]]
version = "0.9.10"
criteria = "safe-to-deploy"
notes = "This is only used when the \"multithreaded\" feature is enabled."
[[exemptions.crossbeam-utils]]
version = "0.8.11"
criteria = "safe-to-deploy"
notes = "This is only used when the \"multithreaded\" feature is enabled."
[[exemptions.ctr]]
version = "0.9.2"
criteria = "safe-to-deploy"
notes = "This is only used when the \"crypto-dependencies\" feature is enabled."
[[exemptions.digest]]
version = "0.10.3"
criteria = "safe-to-deploy"
notes = "This is only used when the \"crypto-dependencies\" feature is enabled."
[[exemptions.eyre]]
version = "0.6.8"
criteria = "safe-to-run"
[[exemptions.fixed]]
version = "1.20.0"
criteria = "safe-to-deploy"
[[exemptions.fixed-macro-types]]
version = "1.2.0"
criteria = "safe-to-run"
[[exemptions.funty]]
version = "2.0.0"
criteria = "safe-to-deploy"
[[exemptions.generic-array]]
version = "0.14.6"
criteria = "safe-to-deploy"
notes = "This is only used when the \"crypto-dependencies\" or \"prio2\" features are enabled."
[[exemptions.getrandom]]
version = "0.2.8"
criteria = "safe-to-deploy"
[[exemptions.gimli]]
version = "0.26.2"
criteria = "safe-to-run"
[[exemptions.half]]
version = "2.1.0"
criteria = "safe-to-deploy"
[[exemptions.heck]]
version = "0.3.3"
criteria = "safe-to-run"
[[exemptions.hermit-abi]]
version = "0.1.19"
criteria = "safe-to-deploy"
[[exemptions.iai]]
version = "0.1.1"
criteria = "safe-to-run"
[[exemptions.indenter]]
version = "0.3.3"
criteria = "safe-to-run"
[[exemptions.indexmap]]
version = "1.9.1"
criteria = "safe-to-run"
[[exemptions.itertools]]
version = "0.10.5"
criteria = "safe-to-run"
[[exemptions.itoa]]
version = "1.0.3"
criteria = "safe-to-deploy"
notes = "This is only used when the \"test-util\" feature is enabled."
[[exemptions.js-sys]]
version = "0.3.60"
criteria = "safe-to-deploy"
notes = "This is only used when the \"prio2\" feature is enabled, and only on WASM targets."
[[exemptions.lazy_static]]
version = "1.4.0"
criteria = "safe-to-run"
[[exemptions.libc]]
version = "0.2.132"
criteria = "safe-to-deploy"
[[exemptions.memchr]]
version = "2.5.0"
criteria = "safe-to-run"
[[exemptions.memoffset]]
version = "0.6.5"
criteria = "safe-to-deploy"
notes = "This is only used when the \"multithreaded\" feature is enabled."
[[exemptions.miniz_oxide]]
version = "0.5.4"
criteria = "safe-to-run"
[[exemptions.num_cpus]]
version = "1.13.1"
criteria = "safe-to-deploy"
notes = "This is only used when the \"multithreaded\" feature is enabled."
[[exemptions.object]]
version = "0.29.0"
criteria = "safe-to-run"
[[exemptions.once_cell]]
version = "1.14.0"
criteria = "safe-to-deploy"
[[exemptions.oorandom]]
version = "11.1.3"
criteria = "safe-to-run"
[[exemptions.os_str_bytes]]
version = "6.3.0"
criteria = "safe-to-run"
[[exemptions.owo-colors]]
version = "3.5.0"
criteria = "safe-to-run"
[[exemptions.paste]]
version = "1.0.9"
criteria = "safe-to-run"
[[exemptions.pin-project-lite]]
version = "0.2.9"
criteria = "safe-to-run"
[[exemptions.plotters]]
version = "0.3.4"
criteria = "safe-to-run"
[[exemptions.plotters-backend]]
version = "0.3.4"
criteria = "safe-to-run"
[[exemptions.plotters-svg]]
version = "0.3.3"
criteria = "safe-to-run"
[[exemptions.polyval]]
version = "0.6.0"
criteria = "safe-to-deploy"
notes = "This is only used when the \"prio2\" feature is enabled."
[[exemptions.ppv-lite86]]
version = "0.2.16"
criteria = "safe-to-deploy"
notes = "This is only used when the \"test-util\" feature is enabled."
[[exemptions.proc-macro-error]]
version = "1.0.4"
criteria = "safe-to-run"
[[exemptions.radium]]
version = "0.7.0"
criteria = "safe-to-deploy"
[[exemptions.rand]]
version = "0.8.5"
criteria = "safe-to-deploy"
notes = "This is only used when the \"test-util\" feature is enabled."
[[exemptions.rand_chacha]]
version = "0.3.1"
criteria = "safe-to-deploy"
notes = "This is only used when the \"test-util\" feature is enabled."
[[exemptions.rand_core]]
version = "0.6.3"
criteria = "safe-to-deploy"
notes = "This is only used when the \"test-util\" feature is enabled."
[[exemptions.regex]]
version = "1.6.0"
criteria = "safe-to-run"
[[exemptions.regex-syntax]]
version = "0.6.27"
criteria = "safe-to-run"
[[exemptions.ring]]
version = "0.16.20"
criteria = "safe-to-deploy"
notes = "This is only used when the \"prio2\" feature is enabled."
[[exemptions.ryu]]
version = "1.0.11"
criteria = "safe-to-deploy"
notes = "This is only used when the \"test-util\" feature is enabled."
[[exemptions.same-file]]
version = "1.0.6"
criteria = "safe-to-run"
[[exemptions.scopeguard]]
version = "1.1.0"
criteria = "safe-to-deploy"
notes = "This is only used when the \"multithreaded\" feature is enabled."
[[exemptions.serde]]
version = "1.0.151"
criteria = "safe-to-deploy"
[[exemptions.serde_derive]]
version = "1.0.151"
criteria = "safe-to-deploy"
[[exemptions.serde_json]]
version = "1.0.91"
criteria = "safe-to-deploy"
notes = "This is only used when the \"test-util\" feature is enabled."
[[exemptions.sharded-slab]]
version = "0.1.4"
criteria = "safe-to-run"
[[exemptions.spin]]
version = "0.5.2"
criteria = "safe-to-deploy"
notes = "This is only used when the \"prio2\" feature is enabled."
[[exemptions.static_assertions]]
version = "1.1.0"
criteria = "safe-to-deploy"
[[exemptions.strsim]]
version = "0.8.0"
criteria = "safe-to-run"
[[exemptions.structopt]]
version = "0.3.26"
criteria = "safe-to-run"
[[exemptions.structopt-derive]]
version = "0.4.18"
criteria = "safe-to-run"
[[exemptions.subtle]]
version = "2.4.1"
criteria = "safe-to-deploy"
notes = "This is only used when the \"crypto-dependencies\" or \"prio2\" features are enabled."
[[exemptions.syn]]
version = "1.0.104"
criteria = "safe-to-deploy"
[[exemptions.tap]]
version = "1.0.1"
criteria = "safe-to-deploy"
[[exemptions.textwrap]]
version = "0.11.0"
criteria = "safe-to-run"
[[exemptions.textwrap]]
version = "0.15.0"
criteria = "safe-to-run"
[[exemptions.thiserror]]
version = "1.0.38"
criteria = "safe-to-deploy"
[[exemptions.thiserror-impl]]
version = "1.0.38"
criteria = "safe-to-deploy"
[[exemptions.thread_local]]
version = "1.1.4"
criteria = "safe-to-run"
[[exemptions.tinytemplate]]
version = "1.2.1"
criteria = "safe-to-run"
[[exemptions.tracing]]
version = "0.1.36"
criteria = "safe-to-run"
[[exemptions.tracing-core]]
version = "0.1.29"
criteria = "safe-to-run"
[[exemptions.tracing-error]]
version = "0.2.0"
criteria = "safe-to-run"
[[exemptions.tracing-subscriber]]
version = "0.3.15"
criteria = "safe-to-run"
[[exemptions.typenum]]
version = "1.15.0"
criteria = "safe-to-deploy"
[[exemptions.unicode-segmentation]]
version = "1.9.0"
criteria = "safe-to-run"
[[exemptions.unicode-width]]
version = "0.1.9"
criteria = "safe-to-run"
[[exemptions.valuable]]
version = "0.1.0"
criteria = "safe-to-run"
[[exemptions.vec_map]]
version = "0.8.2"
criteria = "safe-to-run"
[[exemptions.version_check]]
version = "0.9.4"
criteria = "safe-to-deploy"
[[exemptions.walkdir]]
version = "2.3.2"
criteria = "safe-to-run"
[[exemptions.wasi]]
version = "0.11.0+wasi-snapshot-preview1"
criteria = "safe-to-deploy"
notes = "This is only used when the target OS is WASI."
[[exemptions.wasm-bindgen]]
version = "0.2.83"
criteria = "safe-to-deploy"
notes = "This is only used when the \"prio2\" feature is enabled, and only on WASM targets."
[[exemptions.wasm-bindgen-backend]]
version = "0.2.83"
criteria = "safe-to-deploy"
notes = "This is only used when the \"prio2\" feature is enabled, and only on WASM targets."
[[exemptions.wasm-bindgen-macro]]
version = "0.2.83"
criteria = "safe-to-deploy"
notes = "This is only used when the \"prio2\" feature is enabled, and only on WASM targets."
[[exemptions.wasm-bindgen-macro-support]]
version = "0.2.83"
criteria = "safe-to-deploy"
notes = "This is only used when the \"prio2\" feature is enabled, and only on WASM targets."
[[exemptions.web-sys]]
version = "0.3.60"
criteria = "safe-to-deploy"
notes = "This is only used when the \"prio2\" feature is enabled, and only on WASM targets."
[[exemptions.winapi]]
version = "0.3.9"
criteria = "safe-to-deploy"
[[exemptions.winapi-i686-pc-windows-gnu]]
version = "0.4.0"
criteria = "safe-to-deploy"
[[exemptions.winapi-util]]
version = "0.1.5"
criteria = "safe-to-run"
[[exemptions.winapi-x86_64-pc-windows-gnu]]
version = "0.4.0"
criteria = "safe-to-deploy"
[[exemptions.wyz]]
version = "0.5.1"
criteria = "safe-to-deploy"

684
third_party/rust/prio/supply-chain/imports.lock поставляемый
Просмотреть файл

@ -1,684 +0,0 @@
# cargo-vet imports lock
[[audits.bytecode-alliance.audits.anes]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.1.6"
notes = "Contains no unsafe code, no IO, no build.rs."
[[audits.bytecode-alliance.audits.atty]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.2.14"
notes = """
Contains only unsafe code for what this crate's purpose is and only accesses
the environment's terminal information when asked. Does its stated purpose and
no more.
"""
[[audits.bytecode-alliance.audits.backtrace]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.3.66"
notes = "I am the author of this crate."
[[audits.bytecode-alliance.audits.base64]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.21.0"
notes = "This crate has no dependencies, no build.rs, and contains no unsafe code."
[[audits.bytecode-alliance.audits.base64]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-run"
version = "0.21.0"
notes = "This crate has no dependencies, no build.rs, and contains no unsafe code."
[[audits.bytecode-alliance.audits.block-buffer]]
who = "Benjamin Bouvier <public@benj.me>"
criteria = "safe-to-deploy"
delta = "0.9.0 -> 0.10.2"
[[audits.bytecode-alliance.audits.bumpalo]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
version = "3.9.1"
notes = "I am the author of this crate."
[[audits.bytecode-alliance.audits.bumpalo]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
version = "3.11.1"
notes = "I am the author of this crate."
[[audits.bytecode-alliance.audits.cast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.2.7 -> 0.3.0"
notes = """
This release appears to have brought support for 128-bit integers and removed a
`transmute` around converting between float bits and the float itself.
Otherwise no major changes except what was presumably minor API breaking changes
due to the major version bump.
"""
[[audits.bytecode-alliance.audits.cc]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "1.0.73"
notes = "I am the author of this crate."
[[audits.bytecode-alliance.audits.cfg-if]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "1.0.0"
notes = "I am the author of this crate."
[[audits.bytecode-alliance.audits.ciborium]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.2.0"
[[audits.bytecode-alliance.audits.ciborium-ll]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.2.0"
[[audits.bytecode-alliance.audits.criterion]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.3.5 -> 0.3.6"
notes = """
There were no major changes to code in this update, mostly just stylistic and
updating some version dependency requirements.
"""
[[audits.bytecode-alliance.audits.criterion-plot]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.4.4 -> 0.4.5"
notes = """
No major changes in this update, it was almost entirely stylistic with what
appears to be a few clippy fixes here and there.
"""
[[audits.bytecode-alliance.audits.crypto-common]]
who = "Benjamin Bouvier <public@benj.me>"
criteria = "safe-to-deploy"
version = "0.1.3"
[[audits.bytecode-alliance.audits.digest]]
who = "Benjamin Bouvier <public@benj.me>"
criteria = "safe-to-deploy"
delta = "0.9.0 -> 0.10.3"
[[audits.bytecode-alliance.audits.heck]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.4.0"
notes = "Contains `forbid_unsafe` and only uses `std::fmt` from the standard library. Otherwise only contains string manipulation."
[[audits.bytecode-alliance.audits.once_cell]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
delta = "1.16.0 -> 1.17.0"
[[audits.bytecode-alliance.audits.rustc-demangle]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.1.21"
notes = "I am the author of this crate."
[[audits.bytecode-alliance.audits.spin]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
version = "0.9.4"
notes = """
I've verified the contents of this crate and that while they contain `unsafe`
it's exclusively around implementing atomic primitive where some `unsafe` is to
be expected. Otherwise this crate does not unduly access ambient capabilities
and does what it says on the tin, providing spin-based synchronization
primitives.
"""
[audits.embark-studios.audits]
[[audits.firefox.audits.autocfg]]
who = "Josh Stone <jistone@redhat.com>"
criteria = "safe-to-deploy"
version = "1.1.0"
notes = "All code written or reviewed by Josh Stone."
[[audits.firefox.audits.base64]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.13.0 -> 0.13.1"
[[audits.firefox.audits.block-buffer]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.10.2 -> 0.10.3"
[[audits.firefox.audits.bumpalo]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-run"
delta = "3.9.1 -> 3.10.0"
notes = """
Some nontrivial functional changes but certainly meets the no-malware bar of
safe-to-run. If we needed safe-to-deploy for this in m-c I'd ask Nick to re-
certify this version, but we don't, so this is fine for now.
"""
[[audits.firefox.audits.clap_lex]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.2.0 -> 0.2.2"
[[audits.firefox.audits.clap_lex]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.2.2 -> 0.2.4"
[[audits.firefox.audits.cpufeatures]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.2.2 -> 0.2.4"
[[audits.firefox.audits.cpufeatures]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.2.4 -> 0.2.5"
[[audits.firefox.audits.crossbeam-channel]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.5.4 -> 0.5.6"
[[audits.firefox.audits.crossbeam-deque]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.8.1 -> 0.8.2"
[[audits.firefox.audits.crossbeam-epoch]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.9.8 -> 0.9.10"
[[audits.firefox.audits.crossbeam-epoch]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.9.10 -> 0.9.13"
[[audits.firefox.audits.crossbeam-utils]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.8.8 -> 0.8.11"
[[audits.firefox.audits.crossbeam-utils]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.8.11 -> 0.8.14"
[[audits.firefox.audits.crypto-common]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.1.3 -> 0.1.6"
[[audits.firefox.audits.digest]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.10.3 -> 0.10.6"
[[audits.firefox.audits.either]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.6.1 -> 1.7.0"
[[audits.firefox.audits.either]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.7.0 -> 1.8.0"
[[audits.firefox.audits.generic-array]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.14.5 -> 0.14.6"
[[audits.firefox.audits.getrandom]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.2.6 -> 0.2.7"
[[audits.firefox.audits.half]]
who = "John M. Schanck <jschanck@mozilla.com>"
criteria = "safe-to-deploy"
version = "1.8.2"
notes = """
This crate contains unsafe code for bitwise casts to/from binary16 floating-point
format. I've reviewed these and found no issues. There are no uses of ambient
capabilities.
"""
[[audits.firefox.audits.hashbrown]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
version = "0.12.3"
notes = "This version is used in rust's libstd, so effectively we're already trusting it"
[[audits.firefox.audits.hex]]
who = "Simon Friedberger <simon@mozilla.com>"
criteria = "safe-to-deploy"
version = "0.4.3"
[[audits.firefox.audits.indexmap]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.8.2 -> 1.9.1"
[[audits.firefox.audits.itoa]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.2 -> 1.0.3"
[[audits.firefox.audits.libc]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.2.126 -> 0.2.132"
[[audits.firefox.audits.log]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
version = "0.4.17"
[[audits.firefox.audits.memoffset]]
who = "Gabriele Svelto <gsvelto@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.6.5 -> 0.7.1"
[[audits.firefox.audits.num-bigint]]
who = "Josh Stone <jistone@redhat.com>"
criteria = "safe-to-deploy"
version = "0.2.6"
notes = "All code written or reviewed by Josh Stone."
[[audits.firefox.audits.num-bigint]]
who = "Josh Stone <jistone@redhat.com>"
criteria = "safe-to-deploy"
version = "0.4.3"
notes = "All code written or reviewed by Josh Stone."
[[audits.firefox.audits.num-integer]]
who = "Josh Stone <jistone@redhat.com>"
criteria = "safe-to-deploy"
version = "0.1.45"
notes = "All code written or reviewed by Josh Stone."
[[audits.firefox.audits.num-traits]]
who = "Josh Stone <jistone@redhat.com>"
criteria = "safe-to-deploy"
version = "0.2.15"
notes = "All code written or reviewed by Josh Stone."
[[audits.firefox.audits.once_cell]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.12.0 -> 1.13.1"
[[audits.firefox.audits.once_cell]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.13.1 -> 1.16.0"
[[audits.firefox.audits.os_str_bytes]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "6.1.0 -> 6.3.0"
[[audits.firefox.audits.paste]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.7 -> 1.0.8"
[[audits.firefox.audits.prio]]
who = "Simon Friedberger <simon@mozilla.com>"
criteria = "safe-to-deploy"
version = "0.8.4"
notes = "The crate does not use any unsafe code or ambient capabilities and thus meets the criteria for safe-to-deploy. The cryptography itself should be considered experimental at this phase and is currently undergoing a thorough audit organized by Cloudflare."
[[audits.firefox.audits.prio]]
who = "Simon Friedberger <simon@mozilla.com>"
criteria = "safe-to-deploy"
version = "0.9.1"
[[audits.firefox.audits.proc-macro2]]
who = "Nika Layzell <nika@thelayzells.com>"
criteria = "safe-to-deploy"
version = "1.0.39"
notes = """
`proc-macro2` acts as either a thin(-ish) wrapper around the std-provided
`proc_macro` crate, or as a fallback implementation of the crate, depending on
where it is used.
If using this crate on older versions of rustc (1.56 and earlier), it will
temporarily replace the panic handler while initializing in order to detect if
it is running within a `proc_macro`, which could lead to surprising behaviour.
This should not be an issue for more recent compiler versions, which support
`proc_macro::is_available()`.
The `proc-macro2` crate's fallback behaviour is not identical to the complex
behaviour of the rustc compiler (e.g. it does not perform unicode normalization
for identifiers), however it behaves well enough for its intended use-case
(tests and scripts processing rust code).
`proc-macro2` does not use unsafe code, however exposes one `unsafe` API to
allow bypassing checks in the fallback implementation when constructing
`Literal` using `from_str_unchecked`. This was intended to only be used by the
`quote!` macro, however it has been removed
(https://github.com/dtolnay/quote/commit/f621fe64a8a501cae8e95ebd6848e637bbc79078),
and is likely completely unused. Even when used, this API shouldn't be able to
cause unsoundness.
"""
[[audits.firefox.audits.proc-macro2]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.39 -> 1.0.43"
[[audits.firefox.audits.proc-macro2]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.43 -> 1.0.49"
[[audits.firefox.audits.quote]]
who = "Nika Layzell <nika@thelayzells.com>"
criteria = "safe-to-deploy"
version = "1.0.18"
notes = """
`quote` is a utility crate used by proc-macros to generate TokenStreams
conveniently from source code. The bulk of the logic is some complex
interlocking `macro_rules!` macros which are used to parse and build the
`TokenStream` within the proc-macro.
This crate contains no unsafe code, and the internal logic, while difficult to
read, is generally straightforward. I have audited the the quote macros, ident
formatter, and runtime logic.
"""
[[audits.firefox.audits.quote]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.18 -> 1.0.21"
[[audits.firefox.audits.rayon]]
who = "Josh Stone <jistone@redhat.com>"
criteria = "safe-to-deploy"
version = "1.5.3"
notes = "All code written or reviewed by Josh Stone or Niko Matsakis."
[[audits.firefox.audits.rayon]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.5.3 -> 1.6.1"
[[audits.firefox.audits.rayon-core]]
who = "Josh Stone <jistone@redhat.com>"
criteria = "safe-to-deploy"
version = "1.9.3"
notes = "All code written or reviewed by Josh Stone or Niko Matsakis."
[[audits.firefox.audits.rayon-core]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.9.3 -> 1.10.1"
[[audits.firefox.audits.rayon-core]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.10.1 -> 1.10.2"
[[audits.firefox.audits.regex]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.5.6 -> 1.6.0"
[[audits.firefox.audits.regex-syntax]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.6.26 -> 0.6.27"
[[audits.firefox.audits.ryu]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.10 -> 1.0.11"
[[audits.firefox.audits.serde]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.137 -> 1.0.143"
[[audits.firefox.audits.serde]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.143 -> 1.0.144"
[[audits.firefox.audits.serde]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.144 -> 1.0.151"
[[audits.firefox.audits.serde]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.151 -> 1.0.152"
[[audits.firefox.audits.serde_derive]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.137 -> 1.0.143"
[[audits.firefox.audits.serde_derive]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.143 -> 1.0.144"
[[audits.firefox.audits.serde_derive]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.144 -> 1.0.151"
[[audits.firefox.audits.serde_derive]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.151 -> 1.0.152"
[[audits.firefox.audits.serde_json]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.81 -> 1.0.83"
[[audits.firefox.audits.serde_json]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.83 -> 1.0.85"
[[audits.firefox.audits.syn]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.96 -> 1.0.99"
[[audits.firefox.audits.thiserror]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.31 -> 1.0.32"
[[audits.firefox.audits.thiserror-impl]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.31 -> 1.0.32"
[[audits.firefox.audits.tracing]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-run"
delta = "0.1.35 -> 0.1.36"
[[audits.firefox.audits.tracing-core]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-run"
delta = "0.1.27 -> 0.1.29"
[[audits.firefox.audits.unicode-ident]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.0 -> 1.0.1"
[[audits.firefox.audits.unicode-ident]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.1 -> 1.0.3"
[audits.zcash.criteria.crypto-reviewed]
description = "The cryptographic code in this crate has been reviewed for correctness by a member of a designated set of cryptography experts within the project."
[audits.zcash.criteria.license-reviewed]
description = "The license of this crate has been reviewed for compatibility with its usage in this repository. If the crate is not available under the MIT license, `contrib/debian/copyright` has been updated with a corresponding copyright notice for files under `depends/*/vendored-sources/CRATE_NAME`."
[[audits.zcash.audits.aead]]
who = "Daira Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "0.4.3 -> 0.5.1"
notes = "Adds an AeadCore::generate_nonce function to generate random nonces, given a CryptoRng."
[[audits.zcash.audits.cipher]]
who = "Daira Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "0.3.0 -> 0.4.3"
notes = "Significant rework of (mainly RustCrypto-internal) APIs."
[[audits.zcash.audits.cpufeatures]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "0.2.2 -> 0.2.5"
notes = "Unsafe changes just introduce `#[inline(never)]` wrappers."
[[audits.zcash.audits.crypto-common]]
who = "Jack Grigg <jack@z.cash>"
criteria = ["crypto-reviewed", "safe-to-deploy"]
delta = "0.1.3 -> 0.1.6"
notes = "New trait and type alias look fine."
[[audits.zcash.audits.getrandom]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "0.2.6 -> 0.2.7"
notes = """
Checked that getrandom::wasi::getrandom_inner matches wasi::random_get.
Checked that getrandom::util_libc::Weak lock ordering matches std::sys::unix::weak::DlsymWeak.
"""
[[audits.zcash.audits.indexmap]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.8.1 -> 1.9.1"
notes = "I'm satisfied that the assertion guarding the new unsafe block is correct."
[[audits.zcash.audits.inout]]
who = "Daira Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
version = "0.1.3"
notes = "Reviewed in full."
[[audits.zcash.audits.itoa]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.0.1 -> 1.0.3"
notes = "Update makes no changes to code."
[[audits.zcash.audits.log]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "0.4.16 -> 0.4.17"
notes = "I confirmed that the unsafe transmutes are fine; NonZeroU128 and NonZeroI128 are `#[repr(transparent)]` wrappers around u128 and i128 respectively."
[[audits.zcash.audits.num-integer]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "0.1.44 -> 0.1.45"
notes = "Fixes some argument-handling panic bugs."
[[audits.zcash.audits.once_cell]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.17.0 -> 1.17.1"
notes = """
Small refactor that reduces the overall amount of `unsafe` code. The new strict provenance
approach looks reasonable.
"""
[[audits.zcash.audits.proc-macro2]]
who = "Daira Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "1.0.37 -> 1.0.41"
[[audits.zcash.audits.serde]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.0.136 -> 1.0.143"
notes = "Bumps serde-derive and adds some constructors."
[[audits.zcash.audits.serde]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.0.143 -> 1.0.145"
[[audits.zcash.audits.serde_derive]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.0.136 -> 1.0.143"
notes = "Bumps syn, inverts some build flags."
[[audits.zcash.audits.serde_derive]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.0.143 -> 1.0.145"
[[audits.zcash.audits.syn]]
who = "Daira Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "1.0.91 -> 1.0.98"
[[audits.zcash.audits.thiserror]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.0.30 -> 1.0.32"
notes = "Bumps thiserror-impl, no code changes."
[[audits.zcash.audits.thiserror]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.0.32 -> 1.0.37"
notes = "The new build script invokes rustc to determine whether it supports the Provider API. The only side-effect is it overwrites `$OUT_DIR/probe.rs`, which is fine because it is unique to the thiserror package."
[[audits.zcash.audits.thiserror-impl]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.0.30 -> 1.0.32"
notes = "Only change is to refine an error message."
[[audits.zcash.audits.thiserror-impl]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.0.32 -> 1.0.37"
notes = "Proc macro changes migrating to the Provider API look fine."
[[audits.zcash.audits.unicode-ident]]
who = "Daira Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
version = "1.0.2"
[[audits.zcash.audits.universal-hash]]
who = "Daira Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "0.4.1 -> 0.5.0"
notes = "I checked correctness of to_blocks which uses unsafe code in a safe function."

1
third_party/rust/sha3/.cargo-checksum.json поставляемый Normal file
Просмотреть файл

@ -0,0 +1 @@
{"files":{"CHANGELOG.md":"ca3c2b6908bbfd87fe8bfc607aa368c19303c5e0232e5ff4b0d39b8880b78680","Cargo.toml":"e9d06ee7ee2a1aa0cbc2bd35d0f08c7e6fa48e52435fc77c6755f1332c1ef208","LICENSE-APACHE":"a9040321c3712d8fd0b09cf52b17445de04a23a10165049ae187cd39e5c86be5","LICENSE-MIT":"f18f6229547ab07f0b7b3e1f83acad8bb436f5f4c95a8a98b44f876caa00f04e","README.md":"fcf7e481b90c8792222a69388c17c60710004eb1e21d8dfdf2a7fd66ac391e54","benches/mod.rs":"09ea0a3bf6630c8828ee190b7ee31abcc685cf4c1c11fd19d9d50620d82ed6b1","src/lib.rs":"a15b420a9f0d7197968beb2d01b30ff3fb8ac0359a789c4d0efe48712a6153ec","src/macros.rs":"f2eee02312aaeb4bede40666459d6d46a4c685c53bc3bfa69a9fb1ebfb934643","src/state.rs":"a597f32189d70d9a79be2a94e8809d96802865058686ec1111383d48fa2bb93b","tests/aliases.rs":"1267b02be0d6a0c8cd10159ff5930c168f50f82debc61bb8b38269ea67a40cfa","tests/cshake.rs":"4bef5076b88398fa2e370e21fb6710c1925665cb0872fa8be9779c8c0db3a2af","tests/data/cshake128.blb":"8e351e2e27c4a9650818ff7137f1aee0370d59c603cb83e23c8edceb78907709","tests/data/cshake256.blb":"9ff795a294dfe075e4d1b9d04897ab9dc7d20f625eab2dd10f5c2930d756dbf4","tests/data/keccak_224.blb":"d5c811df0e6b8a186c848c1e772abd61fb1fccca10f0c0aea8d870796b235316","tests/data/keccak_256.blb":"a0113d2d8097f2d6270483bd77a2e065d6eb3a738f18dbbdc84842bf9bc5600a","tests/data/keccak_256_full.blb":"39358fd8ae92d36154d71b31ca0027a3b6601ff49c05fd4d89839f1b99e1103d","tests/data/keccak_384.blb":"25a3844fae90137a7877a0eadafe400300071f26d7bdb7b2fc01967e3f2760fa","tests/data/keccak_512.blb":"ab9e7777c154f6045937ed8b4a372f56622883d6e9973288656a61a636a2c4c2","tests/data/sha3_224.blb":"9c6676da06e149cf2f71be4b4554d042f7c5fa6d5f43696a30ca8d6747c85a23","tests/data/sha3_256.blb":"00e7834e0abc16614b772a0c6245a29c16807e79c54aa153b008f11cd26268d6","tests/data/sha3_384.blb":"cd4d9c607c5518a0274415b89512ea4cb9be3fd25edf8269aef566d904b797e9","tests/data/sha3_512.blb":"f551f332df7fc50b313544aadad361ce3ce5fd91f21259b93c64b35157904be3","tests/data/shake128.blb":"5900de7f0e09bfd290bee04b183f69fef8407a022491f5f6018cad737de53e4a","tests/data/shake256.blb":"4b65535c6e28e34f840df71b6dd0d99f51bac13d191e3769861e8560bf9d2373","tests/data/turboshake128.blb":"ca66fd86b6d21bfc49da37a05e2a3c4cb4a08c2ef2cd8a66703099f8a8fc7235","tests/data/turboshake256.blb":"6c06855c1900bd2d281eed7b59d07ba25e40af395b4be5ca53776562c9b77865","tests/mod.rs":"891eb4032ff6e3fb516b9ad7b655d5ef048d432335b9da75b4af07c902a8f839","tests/turboshake.rs":"bb90605141d7d5bd84f8c1ed35c9e9e9a037438f315cca08ba1ce24e19962a7a"},"package":"54c2bb1a323307527314a36bfb73f24febb08ce2b8a554bf4ffd6f51ad15198c"}

112
third_party/rust/sha3/CHANGELOG.md поставляемый Normal file
Просмотреть файл

@ -0,0 +1,112 @@
# Changelog
All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## 0.10.7 (2023-04-11)
### Added
- `asm` feature ([#437])
- TurboSHAKE ([#458])
[#437]: https://github.com/RustCrypto/hashes/pull/437
[#458]: https://github.com/RustCrypto/hashes/pull/458
## 0.10.6 (2022-10-19)
### Fixed
- XOF reader type aliases ([#427])
[#427]: https://github.com/RustCrypto/hashes/pull/427
## 0.10.5 (2022-09-16)
### Added
- Feature-gated OID support ([#405])
[#405]: https://github.com/RustCrypto/hashes/pull/405
## 0.10.4 (2022-09-02)
### Fixed
- MSRV issue which was not resolved by v0.10.3 ([#401])
[#401]: https://github.com/RustCrypto/hashes/pull/401
## 0.10.3 (2022-09-02)
### Fixed
- MSRV issue caused by publishing v0.10.2 using a buggy Nightly toolchain ([#399])
[#399]: https://github.com/RustCrypto/hashes/pull/399
## 0.10.2 (2022-07-30)
### Added
- cSHAKE128 and cSHAKE256 implementations ([#355])
[#355]: https://github.com/RustCrypto/hashes/pull/355
## 0.10.1 (2022-02-17)
### Fixed
- Minimal versions build ([#363])
[#363]: https://github.com/RustCrypto/hashes/pull/363
## 0.10.0 (2021-12-07)
### Changed
- Update to `digest` v0.10 ([#217])
[#217]: https://github.com/RustCrypto/hashes/pull/217
## 0.9.1 (2020-06-28)
### Changed
- Update to `block-buffer` v0.9 ([#164])
- Update to `opaque-debug` v0.3 ([#168])
[#164]: https://github.com/RustCrypto/hashes/pull/164
[#168]: https://github.com/RustCrypto/hashes/pull/168
## 0.9.0 (2020-06-10)
### Changed
- Update to `digest` v0.9 release; MSRV 1.41+ ([#155])
- Use new `*Dirty` traits from the `digest` crate ([#153])
- Bump `block-buffer` to v0.8 release ([#151])
- Rename `*result*` to `finalize` ([#148])
- Upgrade to Rust 2018 edition ([#134])
[#155]: https://github.com/RustCrypto/hashes/pull/155
[#153]: https://github.com/RustCrypto/hashes/pull/153
[#151]: https://github.com/RustCrypto/hashes/pull/151
[#148]: https://github.com/RustCrypto/hashes/pull/148
[#134]: https://github.com/RustCrypto/hashes/pull/133
## 0.8.2 (2019-04-24)
## 0.8.1 (2018-11-14)
## 0.8.0 (2018-10-02)
## 0.7.3 (2018-03-27)
## 0.7.2 (2017-11-18)
## 0.7.1 (2017-11-17)
## 0.7.0 (2017-11-15)
## 0.6.0 (2017-06-12)
## 0.5.3 (2017-05-31)
## 0.5.2 (2017-05-30)
## 0.5.1 (2017-05-02)
## 0.5.0 (2017-04-06)
## 0.4.1 (2017-01-20)
## 0.4.0 (2016-12-25)
## 0.3.0 (2016-11-17)
## 0.2.0 (2016-10-14)
## 0.1.0 (2016-10-13)

56
third_party/rust/sha3/Cargo.toml поставляемый Normal file
Просмотреть файл

@ -0,0 +1,56 @@
# THIS FILE IS AUTOMATICALLY GENERATED BY CARGO
#
# When uploading crates to the registry Cargo will automatically
# "normalize" Cargo.toml files for maximal compatibility
# with all versions of Cargo and also rewrite `path` dependencies
# to registry (e.g., crates.io) dependencies.
#
# If you are reading this file be aware that the original Cargo.toml
# will likely look very different (and much more reasonable).
# See Cargo.toml.orig for the original contents.
[package]
edition = "2018"
name = "sha3"
version = "0.10.7"
authors = ["RustCrypto Developers"]
description = """
Pure Rust implementation of SHA-3, a family of Keccak-based hash functions
including the SHAKE family of eXtendable-Output Functions (XOFs), as well as
the accelerated variant TurboSHAKE
"""
documentation = "https://docs.rs/sha3"
readme = "README.md"
keywords = [
"crypto",
"sha3",
"keccak",
"hash",
"digest",
]
categories = [
"cryptography",
"no-std",
]
license = "MIT OR Apache-2.0"
repository = "https://github.com/RustCrypto/hashes"
[dependencies.digest]
version = "0.10.4"
[dependencies.keccak]
version = "0.1.3"
[dev-dependencies.digest]
version = "0.10.4"
features = ["dev"]
[dev-dependencies.hex-literal]
version = "0.2.2"
[features]
asm = ["keccak/asm"]
default = ["std"]
oid = ["digest/oid"]
reset = []
std = ["digest/std"]

201
third_party/rust/sha3/LICENSE-APACHE поставляемый Normal file
Просмотреть файл

@ -0,0 +1,201 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

28
third_party/rust/sha3/LICENSE-MIT поставляемый Normal file
Просмотреть файл

@ -0,0 +1,28 @@
Copyright (c) 2006-2009 Graydon Hoare
Copyright (c) 2009-2013 Mozilla Foundation
Copyright (c) 2014 Sébastien Martini
Copyright (c) 2016-2023 Artyom Pavlov, Marek Kotewicz
Permission is hereby granted, free of charge, to any
person obtaining a copy of this software and associated
documentation files (the "Software"), to deal in the
Software without restriction, including without
limitation the rights to use, copy, modify, merge,
publish, distribute, sublicense, and/or sell copies of
the Software, and to permit persons to whom the Software
is furnished to do so, subject to the following
conditions:
The above copyright notice and this permission notice
shall be included in all copies or substantial portions
of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF
ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED
TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT
SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR
IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
DEALINGS IN THE SOFTWARE.

56
third_party/rust/sha3/README.md поставляемый Normal file
Просмотреть файл

@ -0,0 +1,56 @@
# RustCrypto: SHA-3
[![crate][crate-image]][crate-link]
[![Docs][docs-image]][docs-link]
![Apache2/MIT licensed][license-image]
![Rust Version][rustc-image]
[![Project Chat][chat-image]][chat-link]
[![Build Status][build-image]][build-link]
Pure Rust implementation of the [SHA-3 (Keccak) hash function][1].
[Documentation][docs-link]
## Minimum Supported Rust Version
Rust **1.41** or higher.
Minimum supported Rust version can be changed in the future, but it will be
done with a minor version bump.
## SemVer Policy
- All on-by-default features of this library are covered by SemVer
- MSRV is considered exempt from SemVer as noted above
## License
Licensed under either of:
* [Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0)
* [MIT license](http://opensource.org/licenses/MIT)
at your option.
### Contribution
Unless you explicitly state otherwise, any contribution intentionally submitted
for inclusion in the work by you, as defined in the Apache-2.0 license, shall be
dual licensed as above, without any additional terms or conditions.
[//]: # (badges)
[crate-image]: https://img.shields.io/crates/v/sha3.svg
[crate-link]: https://crates.io/crates/sha3
[docs-image]: https://docs.rs/sha3/badge.svg
[docs-link]: https://docs.rs/sha3/
[license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg
[rustc-image]: https://img.shields.io/badge/rustc-1.41+-blue.svg
[chat-image]: https://img.shields.io/badge/zulip-join_chat-blue.svg
[chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/260041-hashes
[build-image]: https://github.com/RustCrypto/hashes/workflows/sha3/badge.svg?branch=master
[build-link]: https://github.com/RustCrypto/hashes/actions?query=workflow%3Asha3
[//]: # (general links)
[1]: https://en.wikipedia.org/wiki/SHA-3

54
third_party/rust/sha3/benches/mod.rs поставляемый Normal file
Просмотреть файл

@ -0,0 +1,54 @@
#![feature(test)]
extern crate test;
use digest::bench_update;
use sha3::{Sha3_224, Sha3_256, Sha3_384, Sha3_512, Shake128, Shake256};
use test::Bencher;
bench_update!(
Sha3_224::default();
sha3_224_10 10;
sha3_224_100 100;
sha3_224_1000 1000;
sha3_224_10000 10000;
);
bench_update!(
Sha3_256::default();
sha3_256_10 10;
sha3_265_100 100;
sha3_256_1000 1000;
sha3_256_10000 10000;
);
bench_update!(
Sha3_384::default();
sha3_384_10 10;
sha3_384_100 100;
sha3_384_1000 1000;
sha3_384_10000 10000;
);
bench_update!(
Sha3_512::default();
sha3_512_10 10;
sha3_512_100 100;
sha3_512_1000 1000;
sha3_512_10000 10000;
);
bench_update!(
Shake128::default();
shake128_10 10;
shake128_100 100;
shake128_1000 1000;
shake128_10000 10000;
);
bench_update!(
Shake256::default();
shake256_10 10;
shake256_100 100;
shake256_1000 1000;
shake256_10000 10000;
);

219
third_party/rust/sha3/src/lib.rs поставляемый Normal file
Просмотреть файл

@ -0,0 +1,219 @@
//! An implementation of the [SHA-3][1] cryptographic hash algorithms.
//!
//! There are 6 standard algorithms specified in the SHA-3 standard:
//!
//! * `SHA3-224`
//! * `SHA3-256`
//! * `SHA3-384`
//! * `SHA3-512`
//! * `SHAKE128`, an extendable output function (XOF)
//! * `SHAKE256`, an extendable output function (XOF)
//! * `Keccak224`, `Keccak256`, `Keccak384`, `Keccak512` (NIST submission
//! without padding changes)
//!
//! Additionally supports `TurboSHAKE`.
//!
//! # Examples
//!
//! Output size of SHA3-256 is fixed, so its functionality is usually
//! accessed via the `Digest` trait:
//!
//! ```
//! use hex_literal::hex;
//! use sha3::{Digest, Sha3_256};
//!
//! // create a SHA3-256 object
//! let mut hasher = Sha3_256::new();
//!
//! // write input message
//! hasher.update(b"abc");
//!
//! // read hash digest
//! let result = hasher.finalize();
//!
//! assert_eq!(result[..], hex!("
//! 3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532
//! ")[..]);
//! ```
//!
//! SHAKE functions have an extendable output, so finalization method returns
//! XOF reader from which results of arbitrary length can be read. Note that
//! these functions do not implement `Digest`, so lower-level traits have to
//! be imported:
//!
//! ```
//! use sha3::{Shake128, digest::{Update, ExtendableOutput, XofReader}};
//! use hex_literal::hex;
//!
//! let mut hasher = Shake128::default();
//! hasher.update(b"abc");
//! let mut reader = hasher.finalize_xof();
//! let mut res1 = [0u8; 10];
//! reader.read(&mut res1);
//! assert_eq!(res1, hex!("5881092dd818bf5cf8a3"));
//! ```
//!
//! Also see [RustCrypto/hashes][2] readme.
//!
//! [1]: https://en.wikipedia.org/wiki/SHA-3
//! [2]: https://github.com/RustCrypto/hashes
#![no_std]
#![doc(
html_logo_url = "https://raw.githubusercontent.com/RustCrypto/media/6ee8e381/logo.svg",
html_favicon_url = "https://raw.githubusercontent.com/RustCrypto/media/6ee8e381/logo.svg"
)]
#![forbid(unsafe_code)]
#![warn(missing_docs, rust_2018_idioms)]
pub use digest::{self, Digest};
use core::fmt;
#[cfg(feature = "oid")]
use digest::const_oid::{AssociatedOid, ObjectIdentifier};
use digest::{
block_buffer::Eager,
consts::{U104, U136, U144, U168, U200, U28, U32, U48, U64, U72},
core_api::{
AlgorithmName, Block, BlockSizeUser, Buffer, BufferKindUser, CoreWrapper,
ExtendableOutputCore, FixedOutputCore, OutputSizeUser, Reset, UpdateCore, XofReaderCore,
XofReaderCoreWrapper,
},
generic_array::typenum::Unsigned,
HashMarker, Output,
};
#[macro_use]
mod macros;
mod state;
use crate::state::Sha3State;
// Paddings
const KECCAK: u8 = 0x01;
const SHA3: u8 = 0x06;
const SHAKE: u8 = 0x1f;
const CSHAKE: u8 = 0x4;
// Round counts
const TURBO_SHAKE_ROUND_COUNT: usize = 12;
impl_sha3!(Keccak224Core, Keccak224, U28, U144, KECCAK, "Keccak-224");
impl_sha3!(Keccak256Core, Keccak256, U32, U136, KECCAK, "Keccak-256");
impl_sha3!(Keccak384Core, Keccak384, U48, U104, KECCAK, "Keccak-384");
impl_sha3!(Keccak512Core, Keccak512, U64, U72, KECCAK, "Keccak-512");
impl_sha3!(
Keccak256FullCore,
Keccak256Full,
U200,
U136,
KECCAK,
"SHA-3 CryptoNight variant",
);
impl_sha3!(
Sha3_224Core,
Sha3_224,
U28,
U144,
SHA3,
"SHA-3-224",
"2.16.840.1.101.3.4.2.7",
);
impl_sha3!(
Sha3_256Core,
Sha3_256,
U32,
U136,
SHA3,
"SHA-3-256",
"2.16.840.1.101.3.4.2.8",
);
impl_sha3!(
Sha3_384Core,
Sha3_384,
U48,
U104,
SHA3,
"SHA-3-384",
"2.16.840.1.101.3.4.2.9",
);
impl_sha3!(
Sha3_512Core,
Sha3_512,
U64,
U72,
SHA3,
"SHA-3-512",
"2.16.840.1.101.3.4.2.10",
);
impl_shake!(
Shake128Core,
Shake128,
Shake128ReaderCore,
Shake128Reader,
U168,
SHAKE,
"SHAKE128",
"2.16.840.1.101.3.4.2.11",
);
impl_shake!(
Shake256Core,
Shake256,
Shake256ReaderCore,
Shake256Reader,
U136,
SHAKE,
"SHAKE256",
"2.16.840.1.101.3.4.2.11",
);
impl_turbo_shake!(
TurboShake128Core,
TurboShake128,
TurboShake128ReaderCore,
TurboShake128Reader,
U168,
"TurboSHAKE128",
"",
);
impl_turbo_shake!(
TurboShake256Core,
TurboShake256,
TurboShake256ReaderCore,
TurboShake256Reader,
U136,
"TurboSHAKE256",
"",
);
impl_cshake!(
CShake128Core,
CShake128,
CShake128ReaderCore,
CShake128Reader,
U168,
SHAKE,
CSHAKE,
"CSHAKE128",
);
impl_cshake!(
CShake256Core,
CShake256,
CShake256ReaderCore,
CShake256Reader,
U136,
SHAKE,
CSHAKE,
"CSHAKE256",
);
#[inline(always)]
pub(crate) fn left_encode(val: u64, b: &mut [u8; 9]) -> &[u8] {
b[1..].copy_from_slice(&val.to_be_bytes());
let i = b[1..8].iter().take_while(|&&a| a == 0).count();
b[i] = (8 - i) as u8;
&b[i..]
}

529
third_party/rust/sha3/src/macros.rs поставляемый Normal file
Просмотреть файл

@ -0,0 +1,529 @@
macro_rules! impl_sha3 {
(
$name:ident, $full_name:ident, $output_size:ident,
$rate:ident, $pad:expr, $alg_name:expr $(,)?
) => {
#[doc = "Core "]
#[doc = $alg_name]
#[doc = " hasher state."]
#[derive(Clone)]
#[allow(non_camel_case_types)]
pub struct $name {
state: Sha3State,
}
impl HashMarker for $name {}
impl BlockSizeUser for $name {
type BlockSize = $rate;
}
impl BufferKindUser for $name {
type BufferKind = Eager;
}
impl OutputSizeUser for $name {
type OutputSize = $output_size;
}
impl UpdateCore for $name {
#[inline]
fn update_blocks(&mut self, blocks: &[Block<Self>]) {
for block in blocks {
self.state.absorb_block(block)
}
}
}
impl FixedOutputCore for $name {
#[inline]
fn finalize_fixed_core(&mut self, buffer: &mut Buffer<Self>, out: &mut Output<Self>) {
let pos = buffer.get_pos();
let block = buffer.pad_with_zeros();
block[pos] = $pad;
let n = block.len();
block[n - 1] |= 0x80;
self.state.absorb_block(block);
self.state.as_bytes(out);
}
}
impl Default for $name {
#[inline]
fn default() -> Self {
Self {
state: Default::default(),
}
}
}
impl Reset for $name {
#[inline]
fn reset(&mut self) {
*self = Default::default();
}
}
impl AlgorithmName for $name {
fn write_alg_name(f: &mut fmt::Formatter<'_>) -> fmt::Result {
f.write_str(stringify!($full_name))
}
}
impl fmt::Debug for $name {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
f.write_str(concat!(stringify!($name), " { ... }"))
}
}
#[doc = $alg_name]
#[doc = " hasher state."]
pub type $full_name = CoreWrapper<$name>;
};
(
$name:ident, $full_name:ident, $output_size:ident,
$rate:ident, $pad:expr, $alg_name:expr, $oid:literal $(,)?
) => {
impl_sha3!($name, $full_name, $output_size, $rate, $pad, $alg_name);
#[cfg(feature = "oid")]
#[cfg_attr(docsrs, doc(cfg(feature = "oid")))]
impl AssociatedOid for $name {
const OID: ObjectIdentifier = ObjectIdentifier::new_unwrap($oid);
}
};
}
macro_rules! impl_shake {
(
$name:ident, $full_name:ident, $reader:ident, $reader_full:ident,
$rate:ident, $pad:expr, $alg_name:expr $(,)?
) => {
#[doc = "Core "]
#[doc = $alg_name]
#[doc = " hasher state."]
#[derive(Clone)]
#[allow(non_camel_case_types)]
pub struct $name {
state: Sha3State,
}
impl HashMarker for $name {}
impl BlockSizeUser for $name {
type BlockSize = $rate;
}
impl BufferKindUser for $name {
type BufferKind = Eager;
}
impl UpdateCore for $name {
#[inline]
fn update_blocks(&mut self, blocks: &[Block<Self>]) {
for block in blocks {
self.state.absorb_block(block)
}
}
}
impl ExtendableOutputCore for $name {
type ReaderCore = $reader;
#[inline]
fn finalize_xof_core(&mut self, buffer: &mut Buffer<Self>) -> Self::ReaderCore {
let pos = buffer.get_pos();
let block = buffer.pad_with_zeros();
block[pos] = $pad;
let n = block.len();
block[n - 1] |= 0x80;
self.state.absorb_block(block);
$reader {
state: self.state.clone(),
}
}
}
impl Default for $name {
#[inline]
fn default() -> Self {
Self {
state: Default::default(),
}
}
}
impl Reset for $name {
#[inline]
fn reset(&mut self) {
*self = Default::default();
}
}
impl AlgorithmName for $name {
fn write_alg_name(f: &mut fmt::Formatter<'_>) -> fmt::Result {
f.write_str(stringify!($full_name))
}
}
impl fmt::Debug for $name {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
f.write_str(concat!(stringify!($name), " { ... }"))
}
}
#[doc = "Core "]
#[doc = $alg_name]
#[doc = " reader state."]
#[derive(Clone)]
#[allow(non_camel_case_types)]
pub struct $reader {
state: Sha3State,
}
impl BlockSizeUser for $reader {
type BlockSize = $rate;
}
impl XofReaderCore for $reader {
#[inline]
fn read_block(&mut self) -> Block<Self> {
let mut block = Block::<Self>::default();
self.state.as_bytes(&mut block);
self.state.permute();
block
}
}
#[doc = $alg_name]
#[doc = " hasher state."]
pub type $full_name = CoreWrapper<$name>;
#[doc = $alg_name]
#[doc = " reader state."]
pub type $reader_full = XofReaderCoreWrapper<$reader>;
};
(
$name:ident, $full_name:ident, $reader:ident, $reader_full:ident,
$rate:ident, $pad:expr, $alg_name:expr, $oid:literal $(,)?
) => {
impl_shake!(
$name,
$full_name,
$reader,
$reader_full,
$rate,
$pad,
$alg_name
);
#[cfg(feature = "oid")]
#[cfg_attr(docsrs, doc(cfg(feature = "oid")))]
impl AssociatedOid for $name {
const OID: ObjectIdentifier = ObjectIdentifier::new_unwrap($oid);
}
};
}
macro_rules! impl_turbo_shake {
(
$name:ident, $full_name:ident, $reader:ident, $reader_full:ident,
$rate:ident, $alg_name:expr $(,)?
) => {
#[doc = "Core "]
#[doc = $alg_name]
#[doc = " hasher state."]
#[derive(Clone)]
#[allow(non_camel_case_types)]
pub struct $name {
domain_separation: u8,
state: Sha3State,
}
impl $name {
/// Creates a new TurboSHAKE instance with the given domain separation.
/// Note that the domain separation needs to be a byte with a value in
/// the range [0x01, . . . , 0x7F]
pub fn new(domain_separation: u8) -> Self {
assert!((0x01..=0x7F).contains(&domain_separation));
Self {
domain_separation,
state: Sha3State::new(TURBO_SHAKE_ROUND_COUNT),
}
}
}
impl HashMarker for $name {}
impl BlockSizeUser for $name {
type BlockSize = $rate;
}
impl BufferKindUser for $name {
type BufferKind = Eager;
}
impl UpdateCore for $name {
#[inline]
fn update_blocks(&mut self, blocks: &[Block<Self>]) {
for block in blocks {
self.state.absorb_block(block)
}
}
}
impl ExtendableOutputCore for $name {
type ReaderCore = $reader;
#[inline]
fn finalize_xof_core(&mut self, buffer: &mut Buffer<Self>) -> Self::ReaderCore {
let pos = buffer.get_pos();
let block = buffer.pad_with_zeros();
block[pos] = self.domain_separation;
let n = block.len();
block[n - 1] |= 0x80;
self.state.absorb_block(block);
$reader {
state: self.state.clone(),
}
}
}
impl Reset for $name {
#[inline]
fn reset(&mut self) {
*self = Self::new(self.domain_separation);
}
}
impl AlgorithmName for $name {
fn write_alg_name(f: &mut fmt::Formatter<'_>) -> fmt::Result {
f.write_str(stringify!($full_name))
}
}
impl fmt::Debug for $name {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
f.write_str(concat!(stringify!($name), " { ... }"))
}
}
#[doc = "Core "]
#[doc = $alg_name]
#[doc = " reader state."]
#[derive(Clone)]
#[allow(non_camel_case_types)]
pub struct $reader {
state: Sha3State,
}
impl BlockSizeUser for $reader {
type BlockSize = $rate;
}
impl XofReaderCore for $reader {
#[inline]
fn read_block(&mut self) -> Block<Self> {
let mut block = Block::<Self>::default();
self.state.as_bytes(&mut block);
self.state.permute();
block
}
}
#[doc = $alg_name]
#[doc = " hasher state."]
pub type $full_name = CoreWrapper<$name>;
#[doc = $alg_name]
#[doc = " reader state."]
pub type $reader_full = XofReaderCoreWrapper<$reader>;
};
(
$name:ident, $full_name:ident, $reader:ident, $reader_full:ident,
$rate:ident, $alg_name:expr, $oid:literal $(,)?
) => {
impl_turbo_shake!($name, $full_name, $reader, $reader_full, $rate, $alg_name);
#[cfg(feature = "oid")]
#[cfg_attr(docsrs, doc(cfg(feature = "oid")))]
impl AssociatedOid for $name {
const OID: ObjectIdentifier = ObjectIdentifier::new_unwrap($oid);
}
};
}
macro_rules! impl_cshake {
(
$name:ident, $full_name:ident, $reader:ident, $reader_full:ident,
$rate:ident, $shake_pad:expr, $cshake_pad:expr, $alg_name:expr,
) => {
#[doc = "Core "]
#[doc = $alg_name]
#[doc = " hasher state."]
#[derive(Clone)]
#[allow(non_camel_case_types)]
pub struct $name {
padding: u8,
state: Sha3State,
#[cfg(feature = "reset")]
initial_state: Sha3State,
}
impl $name {
/// Creates a new CSHAKE instance with the given customization.
pub fn new(customization: &[u8]) -> Self {
Self::new_with_function_name(&[], customization)
}
/// Creates a new CSHAKE instance with the given function name and customization.
/// Note that the function name is intended for use by NIST and should only be set to
/// values defined by NIST. You probably don't need to use this function.
pub fn new_with_function_name(function_name: &[u8], customization: &[u8]) -> Self {
let mut state = Sha3State::default();
if function_name.is_empty() && customization.is_empty() {
return Self {
padding: $shake_pad,
state: state.clone(),
#[cfg(feature = "reset")]
initial_state: state,
};
}
let mut buffer = Buffer::<Self>::default();
let mut b = [0u8; 9];
buffer.digest_blocks(left_encode($rate::to_u64(), &mut b), |blocks| {
for block in blocks {
state.absorb_block(block);
}
});
buffer.digest_blocks(
left_encode((function_name.len() * 8) as u64, &mut b),
|blocks| {
for block in blocks {
state.absorb_block(block);
}
},
);
buffer.digest_blocks(function_name, |blocks| {
for block in blocks {
state.absorb_block(block);
}
});
buffer.digest_blocks(
left_encode((customization.len() * 8) as u64, &mut b),
|blocks| {
for block in blocks {
state.absorb_block(block);
}
},
);
buffer.digest_blocks(customization, |blocks| {
for block in blocks {
state.absorb_block(block);
}
});
state.absorb_block(buffer.pad_with_zeros());
Self {
padding: $cshake_pad,
state: state.clone(),
#[cfg(feature = "reset")]
initial_state: state,
}
}
}
impl HashMarker for $name {}
impl BlockSizeUser for $name {
type BlockSize = $rate;
}
impl BufferKindUser for $name {
type BufferKind = Eager;
}
impl UpdateCore for $name {
#[inline]
fn update_blocks(&mut self, blocks: &[Block<Self>]) {
for block in blocks {
self.state.absorb_block(block)
}
}
}
impl ExtendableOutputCore for $name {
type ReaderCore = $reader;
#[inline]
fn finalize_xof_core(&mut self, buffer: &mut Buffer<Self>) -> Self::ReaderCore {
let pos = buffer.get_pos();
let block = buffer.pad_with_zeros();
block[pos] = self.padding;
let n = block.len();
block[n - 1] |= 0x80;
self.state.absorb_block(block);
$reader {
state: self.state.clone(),
}
}
}
#[cfg(feature = "reset")]
impl Reset for $name {
#[inline]
fn reset(&mut self) {
self.state = self.initial_state.clone();
}
}
impl AlgorithmName for $name {
fn write_alg_name(f: &mut fmt::Formatter<'_>) -> fmt::Result {
f.write_str(stringify!($full_name))
}
}
impl fmt::Debug for $name {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
f.write_str(concat!(stringify!($name), " { ... }"))
}
}
#[doc = "Core "]
#[doc = $alg_name]
#[doc = " reader state."]
#[derive(Clone)]
#[allow(non_camel_case_types)]
pub struct $reader {
state: Sha3State,
}
impl BlockSizeUser for $reader {
type BlockSize = $rate;
}
impl XofReaderCore for $reader {
#[inline]
fn read_block(&mut self) -> Block<Self> {
let mut block = Block::<Self>::default();
self.state.as_bytes(&mut block);
self.state.permute();
block
}
}
#[doc = $alg_name]
#[doc = " hasher state."]
pub type $full_name = CoreWrapper<$name>;
#[doc = $alg_name]
#[doc = " reader state."]
pub type $reader_full = XofReaderCoreWrapper<$reader>;
};
}

51
third_party/rust/sha3/src/state.rs поставляемый Normal file
Просмотреть файл

@ -0,0 +1,51 @@
use core::convert::TryInto;
const PLEN: usize = 25;
const DEFAULT_ROUND_COUNT: usize = 24;
#[derive(Clone)]
pub(crate) struct Sha3State {
pub state: [u64; PLEN],
round_count: usize,
}
impl Default for Sha3State {
fn default() -> Self {
Self {
state: [0u64; PLEN],
round_count: DEFAULT_ROUND_COUNT,
}
}
}
impl Sha3State {
pub(crate) fn new(round_count: usize) -> Self {
Self {
state: [0u64; PLEN],
round_count,
}
}
#[inline(always)]
pub(crate) fn absorb_block(&mut self, block: &[u8]) {
debug_assert_eq!(block.len() % 8, 0);
for (b, s) in block.chunks_exact(8).zip(self.state.iter_mut()) {
*s ^= u64::from_le_bytes(b.try_into().unwrap());
}
keccak::keccak_p(&mut self.state, self.round_count);
}
#[inline(always)]
pub(crate) fn as_bytes(&self, out: &mut [u8]) {
for (o, s) in out.chunks_mut(8).zip(self.state.iter()) {
o.copy_from_slice(&s.to_le_bytes()[..o.len()]);
}
}
#[inline(always)]
pub(crate) fn permute(&mut self) {
keccak::keccak_p(&mut self.state, self.round_count);
}
}

19
third_party/rust/sha3/tests/aliases.rs поставляемый Normal file
Просмотреть файл

@ -0,0 +1,19 @@
//! Checks that we defined reader type aliases correctly
#![allow(dead_code)]
use sha3::digest::ExtendableOutput;
fn shake128(v: sha3::Shake128) -> sha3::Shake128Reader {
v.finalize_xof()
}
fn shake256(v: sha3::Shake256) -> sha3::Shake256Reader {
v.finalize_xof()
}
fn cshake128(v: sha3::CShake128) -> sha3::CShake128Reader {
v.finalize_xof()
}
fn cshake256(v: sha3::CShake256) -> sha3::CShake256Reader {
v.finalize_xof()
}

145
third_party/rust/sha3/tests/cshake.rs поставляемый Normal file
Просмотреть файл

@ -0,0 +1,145 @@
use core::fmt::Debug;
use digest::ExtendableOutput;
#[cfg(feature = "reset")]
use digest::ExtendableOutputReset;
#[cfg(feature = "reset")]
pub(crate) fn cshake_reset_test<D, F>(input: &[u8], output: &[u8], new: F) -> Option<&'static str>
where
D: ExtendableOutputReset + Debug + Clone,
F: Fn() -> D,
{
let mut hasher = new();
let mut buf = [0u8; 1024];
let buf = &mut buf[..output.len()];
// Test that it works when accepting the message all at once
hasher.update(input);
let mut hasher2 = hasher.clone();
hasher.finalize_xof_into(buf);
if buf != output {
return Some("whole message");
}
buf.iter_mut().for_each(|b| *b = 0);
// Test if reset works correctly
hasher2.reset();
hasher2.update(input);
hasher2.finalize_xof_reset_into(buf);
if buf != output {
return Some("whole message after reset");
}
buf.iter_mut().for_each(|b| *b = 0);
// Test that it works when accepting the message in chunks
for n in 1..core::cmp::min(17, input.len()) {
let mut hasher = new();
for chunk in input.chunks(n) {
hasher.update(chunk);
hasher2.update(chunk);
}
hasher.finalize_xof_into(buf);
if buf != output {
return Some("message in chunks");
}
buf.iter_mut().for_each(|b| *b = 0);
hasher2.finalize_xof_reset_into(buf);
if buf != output {
return Some("message in chunks");
}
buf.iter_mut().for_each(|b| *b = 0);
}
None
}
pub(crate) fn cshake_test<D, F>(input: &[u8], output: &[u8], new: F) -> Option<&'static str>
where
D: ExtendableOutput + Debug + Clone,
F: Fn() -> D,
{
let mut hasher = new();
let mut buf = [0u8; 1024];
let buf = &mut buf[..output.len()];
// Test that it works when accepting the message all at once
hasher.update(input);
let mut hasher2 = hasher.clone();
hasher.finalize_xof_into(buf);
if buf != output {
return Some("whole message");
}
buf.iter_mut().for_each(|b| *b = 0);
// Test that it works when accepting the message in chunks
for n in 1..core::cmp::min(17, input.len()) {
let mut hasher = new();
for chunk in input.chunks(n) {
hasher.update(chunk);
hasher2.update(chunk);
}
hasher.finalize_xof_into(buf);
if buf != output {
return Some("message in chunks");
}
buf.iter_mut().for_each(|b| *b = 0);
}
None
}
macro_rules! new_cshake_test {
($name:ident, $test_name:expr, $hasher:ty, $hasher_core:ty, $test_func:ident $(,)?) => {
#[test]
fn $name() {
use digest::dev::blobby::Blob3Iterator;
let data = include_bytes!(concat!("data/", $test_name, ".blb"));
for (i, row) in Blob3Iterator::new(data).unwrap().enumerate() {
let [customization, input, output] = row.unwrap();
if let Some(desc) = $test_func(input, output, || {
<$hasher>::from_core(<$hasher_core>::new(customization))
}) {
panic!(
"\n\
Failed test {}: {}\n\
input:\t{:?}\n\
output:\t{:?}\n",
i, desc, input, output,
);
}
}
}
};
}
#[cfg(feature = "reset")]
new_cshake_test!(
cshake128_reset,
"cshake128",
sha3::CShake128,
sha3::CShake128Core,
cshake_reset_test
);
#[cfg(feature = "reset")]
new_cshake_test!(
cshake256_reset,
"cshake256",
sha3::CShake256,
sha3::CShake256Core,
cshake_reset_test
);
new_cshake_test!(
cshake128,
"cshake128",
sha3::CShake128,
sha3::CShake128Core,
cshake_test
);
new_cshake_test!(
cshake256,
"cshake256",
sha3::CShake256,
sha3::CShake256Core,
cshake_test
);

Двоичные данные
third_party/rust/sha3/tests/data/cshake128.blb поставляемый Normal file
Просмотреть файл

Двоичный файл не отображается.

Двоичные данные
third_party/rust/sha3/tests/data/cshake256.blb поставляемый Normal file
Просмотреть файл

Двоичный файл не отображается.

Двоичные данные
third_party/rust/sha3/tests/data/keccak_224.blb поставляемый Normal file
Просмотреть файл

Двоичный файл не отображается.

Двоичные данные
third_party/rust/sha3/tests/data/keccak_256.blb поставляемый Normal file
Просмотреть файл

Двоичный файл не отображается.

Двоичные данные
third_party/rust/sha3/tests/data/keccak_256_full.blb поставляемый Normal file
Просмотреть файл

Двоичный файл не отображается.

Двоичные данные
third_party/rust/sha3/tests/data/keccak_384.blb поставляемый Normal file
Просмотреть файл

Двоичный файл не отображается.

Двоичные данные
third_party/rust/sha3/tests/data/keccak_512.blb поставляемый Normal file
Просмотреть файл

Двоичный файл не отображается.

Двоичные данные
third_party/rust/sha3/tests/data/sha3_224.blb поставляемый Normal file
Просмотреть файл

Двоичный файл не отображается.

Двоичные данные
third_party/rust/sha3/tests/data/sha3_256.blb поставляемый Normal file
Просмотреть файл

Двоичный файл не отображается.

Двоичные данные
third_party/rust/sha3/tests/data/sha3_384.blb поставляемый Normal file
Просмотреть файл

Двоичный файл не отображается.

Двоичные данные
third_party/rust/sha3/tests/data/sha3_512.blb поставляемый Normal file
Просмотреть файл

Двоичный файл не отображается.

Двоичные данные
third_party/rust/sha3/tests/data/shake128.blb поставляемый Normal file
Просмотреть файл

Двоичный файл не отображается.

Двоичные данные
third_party/rust/sha3/tests/data/shake256.blb поставляемый Normal file
Просмотреть файл

Двоичный файл не отображается.

Двоичные данные
third_party/rust/sha3/tests/data/turboshake128.blb поставляемый Normal file
Просмотреть файл

Двоичный файл не отображается.

Двоичные данные
third_party/rust/sha3/tests/data/turboshake256.blb поставляемый Normal file
Просмотреть файл

Двоичный файл не отображается.

24
third_party/rust/sha3/tests/mod.rs поставляемый Normal file
Просмотреть файл

@ -0,0 +1,24 @@
#![no_std]
use digest::dev::{fixed_reset_test, xof_reset_test};
use digest::new_test;
new_test!(keccak_224, "keccak_224", sha3::Keccak224, fixed_reset_test);
new_test!(keccak_256, "keccak_256", sha3::Keccak256, fixed_reset_test);
new_test!(keccak_384, "keccak_384", sha3::Keccak384, fixed_reset_test);
new_test!(keccak_512, "keccak_512", sha3::Keccak512, fixed_reset_test);
// tests are from https://github.com/kazcw/yellowsun/blob/test-keccak/src/lib.rs#L171
new_test!(
keccak_256_full,
"keccak_256_full",
sha3::Keccak256Full,
fixed_reset_test
);
new_test!(sha3_224, "sha3_224", sha3::Sha3_224, fixed_reset_test);
new_test!(sha3_256, "sha3_256", sha3::Sha3_256, fixed_reset_test);
new_test!(sha3_384, "sha3_384", sha3::Sha3_384, fixed_reset_test);
new_test!(sha3_512, "sha3_512", sha3::Sha3_512, fixed_reset_test);
new_test!(shake128, "shake128", sha3::Shake128, xof_reset_test);
new_test!(shake256, "shake256", sha3::Shake256, xof_reset_test);

108
third_party/rust/sha3/tests/turboshake.rs поставляемый Normal file
Просмотреть файл

@ -0,0 +1,108 @@
use core::{convert::TryInto, fmt::Debug};
use digest::ExtendableOutput;
pub(crate) fn turbo_shake_test<D, F>(
input: &[u8],
output: &[u8],
truncate_output: usize,
new: F,
) -> Option<&'static str>
where
D: ExtendableOutput + Debug + Clone,
F: Fn() -> D,
{
let mut hasher = new();
let mut buf = [0u8; 16 * 1024];
let buf = &mut buf[..truncate_output + output.len()];
// Test that it works when accepting the message all at once
hasher.update(input);
let mut hasher2 = hasher.clone();
hasher.finalize_xof_into(buf);
if &buf[truncate_output..] != output {
return Some("whole message");
}
buf.iter_mut().for_each(|b| *b = 0);
// Test that it works when accepting the message in chunks
for n in 1..core::cmp::min(17, input.len()) {
let mut hasher = new();
for chunk in input.chunks(n) {
hasher.update(chunk);
hasher2.update(chunk);
}
hasher.finalize_xof_into(buf);
if &buf[truncate_output..] != output {
return Some("message in chunks");
}
buf.iter_mut().for_each(|b| *b = 0);
}
None
}
macro_rules! new_turbo_shake_test {
($name:ident, $test_name:expr, $hasher:ty, $hasher_core:ty, $test_func:ident $(,)?) => {
#[test]
fn $name() {
use digest::dev::blobby::Blob5Iterator;
let data = include_bytes!(concat!("data/", $test_name, ".blb"));
for (i, row) in Blob5Iterator::new(data).unwrap().enumerate() {
let [domain_separation, input, input_pattern_length, output, truncate_output] =
row.unwrap();
let input = if (input_pattern_length.len() == 0) {
input.to_vec()
} else if (input.len() == 0) {
let pattern_length =
u64::from_be_bytes(input_pattern_length.try_into().unwrap());
let mut input = Vec::<u8>::new();
for value in 0..pattern_length {
input.push((value % 0xFB).try_into().unwrap());
}
input
} else {
panic!(
"\
failed to read tests data\n\
input:\t{:02X?}\n\
input_pattern_length:\t{:02X?}\n",
input, input_pattern_length,
);
};
if let Some(desc) = $test_func(
&input,
output,
u64::from_be_bytes(truncate_output.try_into().unwrap())
.try_into()
.unwrap(),
|| <$hasher>::from_core(<$hasher_core>::new(domain_separation[0])),
) {
panic!(
"\n\
Failed test {}: {}\n\
input:\t{:02X?}\n\
output:\t{:02X?}\n",
i, desc, &input, output,
);
}
}
}
};
}
new_turbo_shake_test!(
turboshake128,
"turboshake128",
sha3::TurboShake128,
sha3::TurboShake128Core,
turbo_shake_test,
);
new_turbo_shake_test!(
turboshake256,
"turboshake256",
sha3::TurboShake256,
sha3::TurboShake256Core,
turbo_shake_test,
);

100
toolkit/components/telemetry/dap/DAPTelemetry.cpp
Просмотреть файл

@ -98,106 +98,6 @@ HpkeContext* dapSetupHpkeContextInternal(
}
extern "C" {
/// If successful this returns a pointer to a PK11Context which must be
/// released using dapReleaseCmac.
void* dapStartCmac(uint8_t* aSeed) {
MOZ_RELEASE_ASSERT(EnsureNSSInitializedChromeOrContent(),
"Could not initialize NSS.");
UniquePK11SlotInfo slot(PK11_GetBestSlot(CKM_AES_CMAC, nullptr));
MOZ_RELEASE_ASSERT(slot, "DAPTelemetry: dapStartCmac(): Failed to get slot.");
SECItem keyItem = {siBuffer, toUcharPtr(aSeed), 16};
UniquePK11SymKey key(PK11_ImportSymKey(slot.get(), CKM_AES_CMAC,
PK11_OriginUnwrap, CKA_SIGN, &keyItem,
nullptr));
MOZ_RELEASE_ASSERT(key,
"DAPTelemetry: dapStartCmac(): Failed to import key.");
UniqueSECItem param(PK11_ParamFromIV(CKM_AES_CMAC, nullptr));
MOZ_RELEASE_ASSERT(
param, "DAPTelemetry: dapStartCmac(): Failed to create parameters.");
PK11Context* ctx = PK11_CreateContextBySymKey(CKM_AES_CMAC, CKA_SIGN,
key.get(), param.get());
MOZ_RELEASE_ASSERT(ctx,
"DAPTelemetry: dapStartCmac(): Failed to create context.");
return ctx;
}
void dapUpdateCmac(void* aContext, const uint8_t* aData, uint32_t aDataLen) {
SECStatus res =
PK11_DigestOp(static_cast<PK11Context*>(aContext), aData, aDataLen);
MOZ_RELEASE_ASSERT(
res == SECSuccess,
"DAPTelemetry: dapUpdateCmac(): Mac digest update failed.");
}
void dapFinalizeCmac(void* aContext, uint8_t* aMac) {
unsigned int maclen = 0;
SECStatus res =
PK11_DigestFinal(static_cast<PK11Context*>(aContext), aMac, &maclen, 16);
MOZ_RELEASE_ASSERT(
res == SECSuccess,
"DAPTelemetry: dapFinalizeCmac(): PK11_DigestFinal failed.");
MOZ_RELEASE_ASSERT(
maclen == 16,
"DAPTelemetry: dapFinalizeCmac(): PK11_DigestFinal returned "
"too few MAC bytes.");
}
void dapReleaseCmac(void* aContext) {
PK11_DestroyContext(static_cast<PK11Context*>(aContext), true);
}
/// If successful this returns a pointer to a PK11Context which must be
/// released using dapReleaseCtrCtx.
void* dapStartAesCtr(const uint8_t* aKey) {
MOZ_RELEASE_ASSERT(EnsureNSSInitializedChromeOrContent(),
"Could not initialize NSS.");
UniquePK11SlotInfo slot(PK11_GetBestSlot(CKM_AES_CTR, nullptr));
MOZ_RELEASE_ASSERT(aKey,
"DAPTelemetry: dapStartAesCtr(): Failed to get slot.");
SECItem ctrKeyItem = {siBuffer, toUcharPtr(aKey), 16};
UniquePK11SymKey ctrKey(PK11_ImportSymKey(slot.get(), CKM_AES_CTR,
PK11_OriginUnwrap, CKA_ENCRYPT,
&ctrKeyItem, nullptr));
MOZ_RELEASE_ASSERT(ctrKey,
"DAPTelemetry: dapStartAesCtr(): Failed to create key.");
SECItem ctrParam = {siBuffer, nullptr, 0};
CK_AES_CTR_PARAMS ctrParamInner;
ctrParamInner.ulCounterBits = 128;
memset(&ctrParamInner.cb, 0, 16);
ctrParam.type = siBuffer;
ctrParam.data = reinterpret_cast<unsigned char*>(&ctrParamInner);
ctrParam.len = static_cast<unsigned int>(sizeof(ctrParamInner));
PK11Context* ctrCtx = PK11_CreateContextBySymKey(CKM_AES_CTR, CKA_ENCRYPT,
ctrKey.get(), &ctrParam);
MOZ_RELEASE_ASSERT(
ctrCtx, "DAPTelemetry: dapStartAesCtr(): Failed to create context.");
return ctrCtx;
}
void dapCtrFillBuffer(void* aContext, uint8_t* aBuffer, int aBufferSize) {
int ctlen = 0;
memset(aBuffer, 0, aBufferSize);
SECStatus res = PK11_CipherOp(static_cast<PK11Context*>(aContext), aBuffer,
&ctlen, aBufferSize, aBuffer, aBufferSize);
MOZ_RELEASE_ASSERT(res == SECSuccess,
"DAPTelemetry: dapCtrFillBuffer(...): Encryption failed.");
}
void dapReleaseCtrCtx(void* aContext) {
PK11_DestroyContext(static_cast<PK11Context*>(aContext), true);
}
/// Takes additional ephemeral keys to make everything deterministic for test
/// vectors.
/// If successful this returns a pointer to a HpkeContext which must be

2
toolkit/components/telemetry/dap/ffi-gtest/Cargo.toml
Просмотреть файл

@ -11,7 +11,7 @@ edition = "2021"
[dependencies]
dap_ffi = { path = "../ffi" }
hex = { version = "0.4.3", features = ["serde"] }
prio = {version = "0.12.0", default-features = false }
prio = {version = "0.12.1", default-features = false }
serde = { version = "1.0", features = ["derive"] }
serde_json = { version = "1.0" }
thin-vec = { version = "0.2.1", features = ["gecko-ffi"] }

2
toolkit/components/telemetry/dap/ffi/Cargo.toml
Просмотреть файл

@ -8,6 +8,6 @@ authors = [
license = "MPL-2.0"
[dependencies]
prio = {version = "0.12.0", default-features = false }
prio = {version = "0.12.1", default-features = false }
thin-vec = { version = "0.2.1", features = ["gecko-ffi"] }
rand = "0.8"

15
toolkit/components/telemetry/dap/ffi/src/lib.rs
Просмотреть файл

@ -5,6 +5,8 @@
use std::error::Error;
use std::io::Cursor;
use prio::vdaf::prio3::Prio3Sum;
use prio::vdaf::prio3::Prio3SumVec;
use thin_vec::ThinVec;
pub mod types;
@ -14,13 +16,8 @@ use types::ReportID;
use types::ReportMetadata;
use types::Time;
pub mod prg;
use prg::PrgAes128Alt;
use prio::codec::Encode;
use prio::codec::{decode_u16_items, encode_u32_items};
use prio::field::Field128;
use prio::flp::gadgets::{BlindPolyEval, ParallelSum};
use prio::flp::types::{Sum, SumVec};
use prio::vdaf::prio3::Prio3;
use prio::vdaf::Client;
@ -28,10 +25,6 @@ use prio::vdaf::VdafError;
use crate::types::HpkeCiphertext;
type Prio3Aes128SumAlt = Prio3<Sum<Field128>, PrgAes128Alt, 16>;
type Prio3Aes128SumVecAlt =
Prio3<SumVec<Field128, ParallelSum<Field128, BlindPolyEval<Field128>>>, PrgAes128Alt, 16>;
extern "C" {
pub fn dapHpkeEncryptOneshot(
aKey: *const u8,
@ -47,7 +40,7 @@ extern "C" {
) -> bool;
}
pub fn new_prio_u8(num_aggregators: u8, bits: u32) -> Result<Prio3Aes128SumAlt, VdafError> {
pub fn new_prio_u8(num_aggregators: u8, bits: u32) -> Result<Prio3Sum, VdafError> {
if bits > 64 {
return Err(VdafError::Uncategorized(format!(
"bit length ({}) exceeds limit for aggregate type (64)",
@ -58,7 +51,7 @@ pub fn new_prio_u8(num_aggregators: u8, bits: u32) -> Result<Prio3Aes128SumAlt,
Prio3::new(num_aggregators, Sum::new(bits as usize)?)
}
pub fn new_prio_vecu16(num_aggregators: u8, len: usize) -> Result<Prio3Aes128SumVecAlt, VdafError> {
pub fn new_prio_vecu16(num_aggregators: u8, len: usize) -> Result<Prio3SumVec, VdafError> {
Prio3::new(num_aggregators, SumVec::new(1, len)?)
}

106
toolkit/components/telemetry/dap/ffi/src/prg.rs
Просмотреть файл

@ -1,106 +0,0 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at https://mozilla.org/MPL/2.0/. */
use std::ffi::c_void;
use prio::vdaf::prg::{Prg, SeedStream};
extern "C" {
pub fn dapStartCmac(aSeed: *mut u8) -> *mut c_void;
pub fn dapUpdateCmac(aContext: *mut c_void, aData: *const u8, aDataLen: u32);
pub fn dapFinalizeCmac(aContext: *mut c_void, aMacOutput: *mut u8);
pub fn dapReleaseCmac(aContext: *mut c_void);
pub fn dapStartAesCtr(aKey: *const u8) -> *mut c_void;
pub fn dapCtrFillBuffer(aContext: *mut c_void, aBuffer: *mut u8, aBufferSize: i32);
pub fn dapReleaseCtrCtx(aContext: *mut c_void);
}
#[derive(Clone, Debug)]
pub struct PrgAes128Alt {
nss_context: *mut c_void,
}
impl Prg<16> for PrgAes128Alt {
type SeedStream = SeedStreamAes128Alt;
fn init(seed_bytes: &[u8; 16], custom: &[u8]) -> Self {
let mut my_seed_bytes = *seed_bytes;
let ctx = unsafe { dapStartCmac(my_seed_bytes.as_mut_ptr()) };
assert!(!ctx.is_null());
// The customization string is used for domain separation. To prevent
// accidentally using the same random value in different parts of the
// protocol. It should never be called with a anything but a constant
// and the code should ensure that it is far from a length that would
// allow the .expect( here to fail.
let custom_len = u16::try_from(custom.len()).expect("customization string is too long");
let custom_len = custom_len.to_be_bytes();
unsafe {
dapUpdateCmac(ctx, custom_len.as_ptr(), 2);
}
unsafe {
dapUpdateCmac(ctx, custom.as_ptr(), custom.len() as u32);
}
Self { nss_context: ctx }
}
fn update(&mut self, data: &[u8]) {
unsafe {
dapUpdateCmac(
self.nss_context,
data.as_ptr(),
u32::try_from(data.len()).unwrap(),
);
}
}
fn into_seed_stream(self) -> Self::SeedStream {
// finish the MAC and create a new random data stream using the result as key and 0 as IV for AES-CTR
let mut key = [0u8; 16];
unsafe {
dapFinalizeCmac(self.nss_context, key.as_mut_ptr());
}
SeedStreamAes128Alt::new(&mut key, &[0; 16])
}
}
impl Drop for PrgAes128Alt {
fn drop(&mut self) {
unsafe {
dapReleaseCmac(self.nss_context);
}
}
}
pub struct SeedStreamAes128Alt {
nss_context: *mut c_void,
}
impl SeedStreamAes128Alt {
pub(crate) fn new(key: &mut [u8; 16], iv: &[u8; 16]) -> Self {
debug_assert_eq!(iv, &[0; 16]);
let ctx = unsafe { dapStartAesCtr(key.as_ptr()) };
Self { nss_context: ctx }
}
}
impl SeedStream for SeedStreamAes128Alt {
fn fill(&mut self, buf: &mut [u8]) {
unsafe {
dapCtrFillBuffer(
self.nss_context,
buf.as_mut_ptr(),
i32::try_from(buf.len()).unwrap(),
);
}
}
}
impl Drop for SeedStreamAes128Alt {
fn drop(&mut self) {
unsafe { dapReleaseCtrCtx(self.nss_context) };
}
}