cryptonite

History

Olivier Chéron fc07a8b931 Fix counter wrapping in AES GCM The generic and AESNI implementations used different conventions regarding counter wrapping in GCM. The generic code was based on function block128_inc_be, for which the counter is a 128-bit value. Whereas the AESNI code used intrinsic function _mm_add_epi64, and therefore wrapping at 2^64. In NIST.SP.800-38d the GCM specification mandates to use incrementing function inc32, wrapping after 2^32 blocks. This commit changes both generic and AESNI implementations to align to the specification and adds a test vector specially crafted to start encryption with IV block 0xfffffffffffffffffffffffffffffffe.		2019-08-20 10:34:40 +02:00
..
ECC	Add pointMulByCofactor and pointHasPrimeOrder	2017-12-17 11:56:33 +01:00
KAT_AES	Fix counter wrapping in AES GCM	2019-08-20 10:34:40 +02:00
KAT_PubKey	Remove code duplication	2019-03-26 06:24:00 +01:00
Number	Tests for Crypto.Number.F2m	2016-07-24 10:58:50 +02:00
BCrypt.hs	Fix cost parsing for bcrypt	2018-04-17 13:51:04 +01:00
BCryptPBKDF.hs	Add implementation of bcrypt_pbkdf	2019-03-14 21:30:29 +01:00
BlockCipher.hs	Added some redundant constraints for documentation/consistency. Added an INLINABLE pragma to i2ospOf to hopefully increase specializations.	2019-02-24 17:04:10 -08:00
ChaCha.hs	[ChaCha] opaquify the state to be handled directly in the C level just like the hash function	2015-05-22 14:04:27 +01:00
ChaChaPoly1305.hs	Fix endianness of incrementNonce function for ChaChaPoly1305	2015-11-16 12:59:01 -05:00
ECC.hs	Remove unnecessary imports	2019-05-08 10:22:30 +02:00
Hash.hs	Implement SHAKE output not divisible by 8 bits	2018-10-23 06:59:07 +02:00
Imports.hs	fix warnings	2015-04-05 12:19:26 +01:00
KAT_AES.hs	Improve types and indentation, fix typo	2018-02-03 19:05:20 +01:00
KAT_AFIS.hs	[tests] more refactoring	2015-05-12 14:36:20 +01:00
KAT_Argon2.hs	Argon2: add working hash function	2017-02-24 13:37:40 +00:00
KAT_Blowfish.hs	fix some warnings	2015-04-08 22:30:01 +01:00
KAT_Camellia.hs	remove tabs	2015-04-08 22:44:28 +01:00
KAT_CAST5.hs	Fixed compiler warnings	2019-02-03 16:06:05 -08:00
KAT_CMAC.hs	[CMAC] drop the accessor in favor of just using the ByteArrayAccess constraint	2016-04-09 10:31:13 +01:00
KAT_Curve448.hs	Use new module name Crypto.PubKey.Curve448	2017-01-19 20:26:25 +01:00
KAT_Curve25519.hs	Test Curve25519.toPublic	2017-06-02 19:37:25 +02:00
KAT_DES.hs	fix DES tests	2015-04-08 20:43:31 +01:00
KAT_Ed448.hs	More EdDSA vectors from RFC 8032	2017-06-04 19:25:19 +02:00
KAT_Ed25519.hs	More EdDSA vectors from RFC 8032	2017-06-04 19:25:19 +02:00
KAT_HKDF.hs	Fixed compiler warnings	2019-02-03 16:06:05 -08:00
KAT_HMAC.hs	Avoid warning with tasty-quickcheck-0.9.2	2018-02-04 15:27:45 +01:00
KAT_KMAC.hs	Add KMAC	2019-04-28 09:14:25 +02:00
KAT_MiyaguchiPreneel.hs	Fixed compiler warnings	2019-02-03 16:06:05 -08:00
KAT_OTP.hs	Remove unnecessary imports	2019-05-08 10:22:30 +02:00
KAT_PBKDF2.hs	add tests for pbkdf2 sha512 for both haskell's and fast implementation	2017-02-11 14:08:28 +00:00
KAT_PubKey.hs	Merge branch 'master' of https://github.com/haskell-crypto/cryptonite	2018-11-03 20:23:25 +01:00
KAT_RC4.hs	add RC4	2014-07-21 10:58:42 +01:00
KAT_Scrypt.hs	[KDF] move PBKDF2 and Scrypt to not be pinned to ByteString	2015-05-22 15:19:42 +01:00
KAT_TripleDES.hs	add missing KAT file	2015-04-09 19:59:53 +01:00
KAT_Twofish.hs	Twofish 192 and 256 bit key support	2017-04-10 00:33:54 -04:00
Number.hs	Test LE serialization	2019-05-16 06:33:35 +02:00
Padding.hs	Fixed compiler warnings	2019-02-03 16:06:05 -08:00
Poly1305.hs	[Poly1305] make initialize explicitely failable	2015-07-29 09:49:49 +01:00
Salsa.hs	[Salsa] opaquify the state just like for hash functions	2015-05-22 14:04:54 +01:00
Tests.hs	Report info about runtime environment in the test suite	2019-06-15 09:28:02 +02:00
Utils.hs	Use vector/vectorOf from QuickCheck and simplify	2019-03-26 06:25:45 +01:00
XSalsa.hs	Implement the XSalsa20 stream cipher	2016-10-09 15:25:31 +02:00