packages feed

nettle 0.1.0 → 0.1.1

raw patch · 10 files changed

+159/−23 lines, 10 files

Files

README.md view
@@ -1,6 +1,6 @@ # haskell-nettle -This is the source repository for the "nettle" cabal package, which is a safe binding to the [nettle](http://www.lysator.liu.se/~nisse/nettle/nettle.html) library.+This is the source repository for the "nettle" cabal package, which is a safe binding to the [nettle](http://www.lysator.liu.se/~nisse/nettle/nettle.html) library (tested with 2.7.1, might work with 2.5, does NOT WORK with 3.0).  The binding supports all hash functions, cipher functions, cipher modes and keyed hash functions included in nettle (additionally the AEAD-CCM cipher mode is implemented in pure haskell). 
nettle.cabal view
@@ -1,8 +1,9 @@ Name:                nettle-Version:             0.1.0+Version:             0.1.1 Synopsis:            safe nettle binding Description:   safe binding for the nettle (<http://www.lysator.liu.se/~nisse/nettle/nettle.html>) library.+  Tested with nettle-2.7.1, might work with 2.5, does NOT WORK with 3.0. License:             MIT License-file:        COPYING Copyright:           Stefan Bühler <stbuehler@web.de>@@ -17,6 +18,7 @@                    , src/nettle-ciphers.h                    , src/nettle-hash.h                    , src/Tests/*.hs+                   , src/Tests/KAT/*.hs  Flag UsePkgConfig   Description: Use pkg-config to check for library dependences@@ -56,6 +58,7 @@   Build-depends:     base >= 4 && < 5                    , bytestring                    , QuickCheck >= 2+                   , array                    , test-framework >= 0.3.3                    , test-framework-quickcheck2 >= 0.2.9                    , crypto-cipher-types
src/Tests/Ciphers.hs view
@@ -13,6 +13,8 @@ import Data.Maybe (fromJust) import Control.Monad (liftM) +import KAT.AES+ fromRight :: Either a b -> b fromRight (Right x) = x fromRight _ = error "expected Right"@@ -129,11 +131,11 @@ 	return $ arctwoInitGutmann k  main = defaultMain--- KATs ?-	[ testBlockCipher defaultKATs (undefined :: AES)-	, testBlockCipher defaultKATs (undefined :: AES128)-	, testBlockCipher defaultKATs (undefined :: AES192)-	, testBlockCipher defaultKATs (undefined :: AES256)+-- own KATs + generated tests (from crypto-cipher-tests)+	[ testBlockCipher katAES      (undefined :: AES)+	, testBlockCipher katAES128   (undefined :: AES128)+	, testBlockCipher katAES192   (undefined :: AES192)+	, testBlockCipher katAES256   (undefined :: AES256) 	, testBlockCipher defaultKATs (undefined :: ARCTWO) 	, testBlockCipher defaultKATs (undefined :: BLOWFISH) 	, testBlockCipher defaultKATs (undefined :: Camellia)@@ -149,7 +151,7 @@ 	, testStreamCipher defaultStreamKATs (undefined :: SALSA20) 	, testStreamCipher defaultStreamKATs (undefined :: ESTREAM_SALSA20) --- these checks just make sure the api isn't broken horribly+-- more generated tests: these checks just make sure the api isn't broken horribly 	, genBlockTest (undefined :: AES) 	, genBlockTest (undefined :: AES128) 	, genBlockTest (undefined :: AES192)
src/Tests/Hash.hs view
@@ -1,4 +1,4 @@-{-# LANGUAGe OverloadedStrings #-}+{-# LANGUAGE OverloadedStrings #-}   import TestUtils
+ src/Tests/KAT/AES.hs view
@@ -0,0 +1,118 @@++module KAT.AES+	( katAES+	, katAES128+	, katAES192+	, katAES256+	) where++import KAT.Utils+import HexUtils++katAES, katAES128, katAES192, katAES256 :: KATs+katAES = concatKATs+	[ katAES128+	, katAES192+	, katAES256+	]+katAES128 = concatKATs+	[ katAES128Nettle+	, katAES128NIST+	]+katAES192 = concatKATs+	[ katAES192Nettle+	, katAES192NIST+	]+katAES256 = concatKATs+	[ katAES256Nettle+	, katAES256NIST+	]++-- source: nettle tests+katAES128Nettle, katAES192Nettle, katAES256Nettle :: KATs+katAES128Nettle = defaultKATs+	{ kat_ECB =+		[ KAT_ECB+			(hs "0001020305060708 0A0B0C0D0F101112")+			(hs "506812A45F08C889 B97F5980038B8359")+			(hs "D8F532538289EF7D 06B506A4FD5BE9C9")+		, KAT_ECB+			(hs "14151617191A1B1C 1E1F202123242526")+			(hs "5C6D71CA30DE8B8B 00549984D2EC7D4B")+			(hs "59AB30F4D4EE6E4F F9907EF65B1FB68C")+		, KAT_ECB+			(hs "28292A2B2D2E2F30 323334353738393A")+			(hs "53F3F4C64F8616E4 E7C56199F48F21F6")+			(hs "BF1ED2FCB2AF3FD4 1443B56D85025CB1")+		, KAT_ECB+			(hs "A0A1A2A3A5A6A7A8 AAABACADAFB0B1B2")+			(hs "F5F4F7F684878689 A6A7A0A1D2CDCCCF")+			(hs "CE52AF650D088CA5 59425223F4D32694")+-- nettle "test_invert"+		, KAT_ECB+			(hs "0001020305060708 0A0B0C0D0F101112")+			(hs "506812A45F08C889 B97F5980038B8359")+			(hs "D8F532538289EF7D 06B506A4FD5BE9C9")+		]+	}+katAES192Nettle = defaultKATs+	{ kat_ECB =+		[ KAT_ECB+			(hs "0001020305060708 0A0B0C0D0F101112 14151617191A1B1C")+			(hs "2D33EEF2C0430A8A 9EBF45E809C40BB6")+			(hs "DFF4945E0336DF4C 1C56BC700EFF837F")+-- nettle "test_invert"+		, KAT_ECB+			(hs "0001020305060708 0A0B0C0D0F101112 14151617191A1B1C")+			(hs "2D33EEF2C0430A8A 9EBF45E809C40BB6")+			(hs "DFF4945E0336DF4C 1C56BC700EFF837F")+		]+	}+katAES256Nettle = defaultKATs+	{ kat_ECB =+		[ KAT_ECB+			(hs "0001020305060708 0A0B0C0D0F101112 14151617191A1B1C 1E1F202123242526")+			(hs "834EADFCCAC7E1B30664B1ABA44815AB")+			(hs "1946DABF6A03A2A2 C3D0B05080AED6FC")+		, KAT_ECB+			(hs "8d ae 93 ff fc 78 c9 44 2a bd 0c 1e 68 bc a6 c7 05 c7 84 e3 5a a9 11 8b d3 16 aa 54 9b 44 08 9e")+			(hs "a5 ce 55 d4 21 15 a1 c6 4a a4 0c b2 ca a6 d1 37")+			(hs "1f 94 fc 85 f2 36 21 06 4a ea e3 c9 cc 38 01 0e")+-- nettle "test_invert"+		, KAT_ECB+			(hs "0001020305060708 0A0B0C0D0F101112 14151617191A1B1C 1E1F202123242526")+			(hs "834EADFCCAC7E1B30664B1ABA44815AB")+			(hs "1946DABF6A03A2A2 C3D0B05080AED6FC")+		]+	}++-- From draft NIST spec on AES modes.+-- F.1 ECB Example Vectors+katAES128NIST, katAES192NIST, katAES256NIST :: KATs+-- F.1.1 ECB-AES128-Encrypt+katAES128NIST = defaultKATs+	{ kat_ECB =+		[ KAT_ECB+			(hs "2b7e151628aed2a6abf7158809cf4f3c")+			(hs "6bc1bee22e409f96e93d7e117393172a ae2d8a571e03ac9c9eb76fac45af8e51 30c81c46a35ce411e5fbc1191a0a52ef f69f2445df4f9b17ad2b417be66c3710")+			(hs "3ad77bb40d7a3660a89ecaf32466ef97 f5d3d58503b9699de785895a96fdbaaf 43b1cd7f598ece23881b00e3ed030688 7b0c785e27e8ad3f8223207104725dd4")+		]+	}+-- F.1.3 ECB-AES192-Encrypt+katAES192NIST = defaultKATs+	{ kat_ECB =+		[ KAT_ECB+			(hs "8e73b0f7da0e6452c810f32b809079e5 62f8ead2522c6b7b")+			(hs "6bc1bee22e409f96e93d7e117393172a ae2d8a571e03ac9c9eb76fac45af8e51 30c81c46a35ce411e5fbc1191a0a52ef f69f2445df4f9b17ad2b417be66c3710")+			(hs "bd334f1d6e45f25ff712a214571fa5cc 974104846d0ad3ad7734ecb3ecee4eef ef7afd2270e2e60adce0ba2face6444e 9a4b41ba738d6c72fb16691603c18e0e")+		]+	}+-- F.1.5 ECB-AES256-Encrypt+katAES256NIST = defaultKATs+	{ kat_ECB =+		[ KAT_ECB+			(hs "603deb1015ca71be2b73aef0857d7781 1f352c073b6108d72d9810a30914dff4")+			(hs "6bc1bee22e409f96e93d7e117393172a ae2d8a571e03ac9c9eb76fac45af8e51 30c81c46a35ce411e5fbc1191a0a52ef f69f2445df4f9b17ad2b417be66c3710")+			(hs "f3eed1bdb5d2a03c064b5a7e3db181f8 591ccb10d410ed26dc5ba74a31362870 b6ed21b99ca6f4f9f153e7b1beafed1d 23304b7a39f9f3ff067d8d8f9e24ecc7")+		]+	}
+ src/Tests/KAT/Utils.hs view
@@ -0,0 +1,13 @@++module KAT.Utils+	( module Crypto.Cipher.Tests+	, concatKATs+	) where++import Crypto.Cipher.Tests++concatKATs :: [KATs] -> KATs+concatKATs l = KATs (m kat_ECB) (m kat_CBC) (m kat_CFB) (m kat_CTR) (m kat_XTS) (m kat_AEAD)+	where+	m :: (KATs -> [x]) -> [x]+	m sel = concat $ map sel l
src/Tests/UMAC.hs view
@@ -14,7 +14,7 @@ executeRound u [s] = umacFinalize $ umacUpdate u s executeRound u s   = umacFinalize $ umacUpdateLazy u $ L.fromChunks s -assertUMAC :: (B.ByteString, Maybe B.ByteString, [B.ByteString], [(String, String, String)]) -> Assertion+assertUMAC :: (B.ByteString, Maybe B.ByteString, Int -> [B.ByteString], [(String, String, String)]) -> Assertion assertUMAC (key, nonce, msg, hashes) = let 		umac32  = uinit :: UMAC32 		umac64  = uinit :: UMAC64@@ -28,10 +28,10 @@ 		rounds _ _ [] = return () 		rounds n (umac32, umac64, umac96, umac128) ((h32,h64,h128):xs) = let 			txt = "round " ++ show n-			(h32', umac32') = executeRound umac32 msg-			(h64', umac64') = executeRound umac64 msg-			(h96', umac96') = executeRound umac96 msg-			(h128', umac128') = executeRound umac128 msg+			(h32', umac32') = executeRound umac32 (msg $ 4*n + 0)+			(h64', umac64') = executeRound umac64 (msg $ 4*n + 1)+			(h96', umac96') = executeRound umac96 (msg $ 4*n + 2)+			(h128', umac128') = executeRound umac128 (msg $ 4*n + 3) 			in do 				assertEqualHex (txt ++ " UMAC32") (hs h32) h32' 				assertEqualHex (txt ++ " UMAC64") (hs h64) h64'
src/Tests/VectorsHMAC.hs view
@@ -1,4 +1,4 @@-{-# LANGUAGe OverloadedStrings, Safe #-}+{-# LANGUAGE OverloadedStrings, Safe #-}  module VectorsHMAC 	( hmacTestVectors
src/Tests/VectorsHash.hs view
@@ -1,4 +1,4 @@-{-# LANGUAGe OverloadedStrings, Safe #-}+{-# LANGUAGE OverloadedStrings, Safe #-}  module VectorsHash 	( hashTestVectors
src/Tests/VectorsUMAC.hs view
@@ -1,4 +1,4 @@-{-# LANGUAGe OverloadedStrings, Safe #-}+{-# LANGUAGE OverloadedStrings, Safe #-}  module VectorsUMAC 	( umacTestVectors@@ -8,12 +8,12 @@ import qualified Data.ByteString as B  -- repeat chunks of s until filled length bytes-repString :: Int -> B.ByteString -> [B.ByteString]-repString len s = if len > B.length s then s:let l' = len - B.length s in l' `seq` repString l' s else [B.take len s]+repString :: Int -> B.ByteString -> Int -> [B.ByteString]+repString len s n = if len > B.length s then s:let l' = len - B.length s in l' `seq` repString l' s n else [B.take len s]  -- [(key, nonce, message-chunks, [(umac32, umac64, umac128)])] -- umac96 is truncated umac128-umacTestVectors :: [(B.ByteString, Maybe B.ByteString, [B.ByteString], [(String, String, String)])]+umacTestVectors :: [(B.ByteString, Maybe B.ByteString, Int -> [B.ByteString], [(String, String, String)])] umacTestVectors = --  /* From RFC 4418 (except that it lacks the last 32 bits of 128-bit tags) */ 	[ ("abcdefghijklmnop", Just "bcdefghi", repString 0 "",@@ -42,7 +42,7 @@ 	, ("abcdefghijklmnop", Just "bcdefghi", repString 1500 "abc", 		[ ("ABEB3C8B", "D4CF26DDEFD5C01A", "8824a260c53c66a36c9260a62cb83aa1") 		])-	, ("abcdefghijklmnop", Nothing, ["zero"],+	, ("abcdefghijklmnop", Nothing, const ["zero"], 		[ ("a0e94011", "a0e940111c9c2cd5", "a0e940111c9c2cd5fa59090e3ac2061f") 		, ("8c6fea51", "6d8971434be8ee41", "cbbf18b799fd0f4afb9216e52a89f247") 		, ("6d897143", "c9c9aef87e2be502", "c9c9aef87e2be50237716af8e24f8959")@@ -50,14 +50,14 @@ 		, ("a75e23b7", "a75e23b7d419e03a", "a75e23b7d419e03a02d55ebf1ba62824") 		, ("44ea26be", "950526f26a8cc07a", "2e63031d182a59b84f148d9a91de70a3") 		])-	, ("abcdefghijklmnop", Just "a", ["nonce-a"],+	, ("abcdefghijklmnop", Just "a", const ["nonce-a"], 		[ ("81b4ac24", "b7e8aad0da6e7f99", "d7604bffb5e368da5fe564da0068d2cc") 		, ("b7e8aad0", "138814c6a03bdadf", "138814c6a03bdadff7f1666e1bd881aa") 		, ("f70246fe", "fb77dd1cd4c7074f", "86a016d9e67957c8ab5ebb78a673e4e9") 		, ("0595f0bf", "0595f0bf8585c7e2", "0595f0bf8585c7e28dfab00598d4e612") 		, ("a8e9fe85", "817c0b7757cb60f7", "3266ec16a9d85b4f0dc74ec8272238a9") 		])-	, ("abcdefghijklmnop", Just $ hs "beafcafe", ["nonce-beaf-cafe"],+	, ("abcdefghijklmnop", Just $ hs "beafcafe", const ["nonce-beaf-cafe"], 		[ ("f19d9dc1", "9e878413aa079032", "9e878413aa0790329604f3b6ae980e58") 		, ("4604a56a", "9cfd7af0bb107748", "f2b2dd5dab08bb3bc5e9a83e1b4ab2e7") 		, ("4ba9420e", "4ba9420e55b6ba13", "4ba9420e55b6ba137d03443f6ee01734")