| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
| |
Support RC4. Future commits will add support for more modern algorithms.
|
| |
|
|
|
| |
Eliminate the possibility of a null pointer dereference by converting
short names to `Maybe String`.
|
| |
|
|
| |
It’s getting messy, so switch to a parameters datatype pattern.
|
| | |
|
| |
|
|
|
|
| |
Replace tables of tuples with simple function calls, and normalize
argument order to have outputs to the right of inputs. Also factor out
some common patterns.
|
| |
|
|
|
| |
We’re already using it in tests, so eliminate some hand-rolled
hexification code.
|
| | |
|
| | |
|
| |
|
|
|
| |
It’s not clear what equality between errors should mean, so don’t
support it.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Replace most invocations of `call` with `fun`. There’s a lot of explicit
`id`-marshalling going on; future commits will remove it.
|
| |
|
|
|
|
|
| |
Use unsigned char buffers more pervasively throughout the code. This
removes most calls to `asCUCharBuf`, isolating `unsafeCoerce` further.
By making some type signatures slightly more flexible, also eliminate
most explicit integer conversions.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Many functions in BoringSSL accept a buffer and a pointer to size, write
data into the buffer, and mutate the size. Create a function
representing this pattern that also loads the result into a ByteString
for convenience.
|
| |
|
|
|
|
| |
Move Data.Digest.Internal’s functions and types into more appropriate
modules. There’s now a single BTLS hierarchy that contains all internal
modules for the project.
|
| |
|
|
|
| |
It’s a direct wrapper around a BoringSSL function, so it really belongs
there.
|
| | |
|
| |
|
|
|
|
| |
Clarify the division between internal and external modules in the source
by consolidating all internal modules except Data.Digest.Internal into a
flatter BTLS directory.
|
| | |
|
| | |
|
| |
|
|
| |
Implement the `extract` phase of HKDF.
|
| |
|
|
|
|
|
|
|
|
| |
Instead of using `-Weverything` and turning warnings off as they become
problematic, enable `-Werror` and turn on a specific set of warnings
judged to have high signal-to-noise ratio. Fix up all instances of those
warnings in the code.
These warnings are all available in GHC 8.0.1, which is the default in
the current Debian (Debian 9).
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
I don’t always like the output hindent gives, so reformat the project
to be a bit closer to what you see in published Haskell books and the
like.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
It’s clear at this point that this system is going to get large enough
that a two-layer implementation is warranted. `Internal` will contain
low-level bindings to BoringSSL; other modules will export an idiomatic
interface on top of them.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Let the computer figure out its own types for most foreign imports.
Continue using the vanilla FFI for finalizers, though, as that’s the
easiest way to deal with function pointers.
Reuse the build hook from gtk2hs-buildtools to work around Cabal’s
inability to topologically sort .chs dependencies
(https://github.com/haskell/cabal/issues/1906).
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Eliminate the functional interface for hashing. Hashing now occurs
exclusively through the `hash` function, which accepts a
`Data.Digest.Algorithm`. This makes btls somewhat less extensible, but
it’s the most elegant way to support HMACs.
|
| |
|
|
|
|
|
| |
Use the finalizer techniques demonstrated in
4e56c79b907da4a4654e5278bdcf94b08480a426 to safely allocate `EVP_MD_CTX`
on the Haskell heap. This allows us to return to the high-level EVP API,
eliminating much boilerplate code.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Switch SHA-2 API to use lazy ByteStrings rather than strict. Lazy
ByteStrings make the hash function compatible with streaming I/O
patterns; users no longer need to preload all the data they wish to hash
into RAM.
|
| |
|
|
|
|
| |
Implement a wrapper for `OPENSSL_cleanse` and use it to securely erase
hash buffers. This matches the behavior of BoringSSL’s all-in-one hash
functions (`SHA256`, `SHA512`, etc.) and memory allocation subsystem.
|
| |
|
|
|
|
|
|
|
| |
Rework the SHA-2 implementation to use the low-level sha.h interface
rather than the higher-level evp.h. This allows us to preallocate all
the data structures, eliminating BoringSSL cleanup functions. As a
result, we can implement hashing under `unsafeLocalState` (a.k.a.
`unsafeDupablePerformIO`) instead of `unsafePerformIO`, which should
improve performance in multithreaded programs.
|
|
|
So far, btls provides SHA-224, SHA-256, SHA-384, and SHA-512 algorithms.
To do that, I
- vendor BoringSSL and create a custom `Setup.hs` to build it,
- wrap a number of functions and values from BoringSSL's EVP
subsystem, and
- implement the four SHA-2 algorithms using the wrapped routines.
I provide conformance tests incorporating the official NIST example
vectors and the vectors used in the Go SHA-2 test suite. The tests also
use SmallCheck to compare btls’s SHA-2 implementations with those
provided by the system’s Coreutils and openssl(1) installations.
|
Benjamin Barenblat