Skip to content

Instantly share code, notes, and snippets.

View jedisct1's full-sized avatar

Frank Denis jedisct1

View GitHub Profile
@jedisct1
jedisct1 / b.rs
Last active September 17, 2024 14:48
// Cargo.toml:
// [dependencies]
// boring = { package = "superboring", version = "0.1.2" }
fn main() -> Result<(), Box<dyn std::error::Error>> {
// Ciphertext
let ciphertext = include_bytes!("signed_message.bin");
// Unencrypted RSA private key in PEM format
let rsa_pem = include_str!("sessionprivatekey.pem");
@jedisct1
jedisct1 / a.rs
Created September 17, 2024 14:45
// Cargo.toml:
// [dependencies]
// rsa = "0.9.6"
// rand = "0.8.5"
fn main() -> Result<(), Box<dyn std::error::Error>> {
use rsa::pkcs8::DecodePrivateKey as _;
// Ciphertext
let ciphertext = include_bytes!("signed_message.bin");
@jedisct1
jedisct1 / compiling-c-to-webassembly-and-rust.md
Last active September 19, 2023 22:09
Compiling C code to WebAssembly and Rust

How to embed C/C++ code in a Rust project targeting WebAssembly

When targeting WebAssembly, C/C++ code can be compiled as a library, and then get statically linked to a Rust project.

Step 1

Install the Zig toolchain in order to compile C and C++ code to WebAssembly.

zig cc is available for many platforms including Windows, and makes it easy to switch back and forth between native and wasm targets. WebAssembly is a Tier-1 target, and it was successfully used to port libraries such as ffmpeg, zlib, openssl, boringssl and libsodium.

use flate2::Compression;
use std::io::prelude::*;
use benchmark_simple::*;
fn memusage() -> usize {
#[cfg(target_arch = "wasm32")]
let z = core::arch::wasm32::memory_grow(0, 0);
#[cfg(not(target_arch = "wasm32"))]
package main
import (
"crypto/aes"
"net"
)
func EncryptIp(key []byte, ip net.IP) net.IP {
cipher, err := aes.NewCipher(key)
if err != nil {

std.crypto changes

New features

  • Salsa20: round-reduced variants can now be used.
  • The POLYVAL universal hash function was added.
  • AEGIS: support for 256-bit tags was added.
  • A MAC API was added to AEGIS (std.crypto.auth.aegis) - AEGIS can be used as a high-performance MAC on systems with hardware AES support. Note that this is not a hash function; a secret key is absolutely required in order to authenticate untrusted messages.
  • Edwards25519: a rejectLowOrder() function was added to quickly reject low-order points.
  • HKDF: with extractInit(), a PRK can now be initialized with only a salt, the keying material being added later, possibly as multiple chunks.
diff --git a/lib/std/crypto/ecdsa.zig b/lib/std/crypto/ecdsa.zig
index 1a5335b07..b78cf6f6e 100644
--- a/lib/std/crypto/ecdsa.zig
+++ b/lib/std/crypto/ecdsa.zig
@@ -196,8 +196,11 @@ pub fn Ecdsa(comptime Curve: type, comptime Hash: type) type {
self.h.update(data);
}
- /// Compute a signature over the entire message.
- pub fn finalize(self: *Signer) (IdentityElementError || NonCanonicalError)!Signature {
use aegis::aegis128l::Aegis128L;
const ENCRYPTED_MESSAGE_PREFIX: &[u8] = b"E:aegis128l:";
pub fn encrypt_message(data: &[u8], key: &[u8; 16]) -> Result<Vec<u8>, getrandom::Error> {
let mut nonce = [0; 16];
getrandom::getrandom(&mut nonce)?;
let cipher = Aegis128L::<32>::new(key, &nonce);
let (encrypted, tag) = cipher.encrypt(data, &[]);
const std = @import("std");
const HmacSha256 = std.crypto.auth.hmac.sha2.HmacSha256;
pub fn main() !void {
var out: [HmacSha256.mac_length]u8 = undefined;
HmacSha256.create(&out, "The quick brown fox jumps over the lazy dog", "key");
std.debug.print("{s}\n", .{std.fmt.bytesToHex(&out, .lower)});
}
diff --git a/Cargo.toml b/Cargo.toml
index 5f580b6..d0f55d0 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,7 +1,12 @@
[package]
name = "prio"
version = "0.12.2"
-authors = ["Josh Aas <[email protected]>", "Tim Geoghegan <[email protected]>", "Christopher Patton <[email protected]", "Karl Tarbe <[email protected]>"]
+authors = [