| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
| |
Eliminate the functional interface for hashing. Hashing now occurs
exclusively through the `hash` function, which accepts a
`Data.Digest.Algorithm`. This makes btls somewhat less extensible, but
it’s the most elegant way to support HMACs.
|
| |
|
|
|
|
|
| |
Use the finalizer techniques demonstrated in
4e56c79b907da4a4654e5278bdcf94b08480a426 to safely allocate `EVP_MD_CTX`
on the Haskell heap. This allows us to return to the high-level EVP API,
eliminating much boilerplate code.
|
| |
|
|
|
|
|
|
|
| |
Rework the SHA-2 implementation to use the low-level sha.h interface
rather than the higher-level evp.h. This allows us to preallocate all
the data structures, eliminating BoringSSL cleanup functions. As a
result, we can implement hashing under `unsafeLocalState` (a.k.a.
`unsafeDupablePerformIO`) instead of `unsafePerformIO`, which should
improve performance in multithreaded programs.
|
|
|
So far, btls provides SHA-224, SHA-256, SHA-384, and SHA-512 algorithms.
To do that, I
- vendor BoringSSL and create a custom `Setup.hs` to build it,
- wrap a number of functions and values from BoringSSL's EVP
subsystem, and
- implement the four SHA-2 algorithms using the wrapped routines.
I provide conformance tests incorporating the official NIST example
vectors and the vectors used in the Go SHA-2 test suite. The tests also
use SmallCheck to compare btls’s SHA-2 implementations with those
provided by the system’s Coreutils and openssl(1) installations.
|
Benjamin Barenblat