hare

The Hare programming language
git clone https://git.torresjrjr.com/hare.git
Log | Files | Refs | README | LICENSE

commit 531217132b53c440ddeea42d5243811c32fde099
parent 04e3fb1afd39d24700ea0d9311baa0b4a88b437a
Author: Armin Preiml <apreiml@strohwolke.at>
Date:   Sun, 26 Dec 2021 13:32:40 +0100

Implement Salsa20 and XSalsa20 in crypto::salsa

Signed-off-by: Armin Preiml <apreiml@strohwolke.at>
Signed-off-by: Drew DeVault <sir@cmpwn.com>

Diffstat:
Acrypto/salsa/+test.ha | 168+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Acrypto/salsa/README | 18++++++++++++++++++
Acrypto/salsa/salsa20.ha | 176+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Mscripts/gen-stdlib | 13+++++++++++++
Mstdlib.mk | 33+++++++++++++++++++++++++++++++++
5 files changed, 408 insertions(+), 0 deletions(-)

diff --git a/crypto/salsa/+test.ha b/crypto/salsa/+test.ha @@ -0,0 +1,168 @@ +use bytes; +use crypto::cipher; +use types; + +@test fn qr() void = { + let s: [4]u32 = [0xe7e8c006, 0xc4f9417d, 0x6479b4b2, 0x68c67137]; + qr(&s[0], &s[1], &s[2], &s[3]); + assert(s[0] == 0xe876d72b); + assert(s[1] == 0x9361dfd5); + assert(s[2] == 0xf1460244); + assert(s[3] == 0x948541a3); +}; + +@test fn xsalsa20() void = { + let key: [KEYSIZE]u8 = [ + 0x47, 0x85, 0x1a, 0xb8, 0xa0, 0xd4, 0x41, 0x20, 0xb7, 0x7b, + 0xf6, 0x16, 0x0d, 0xcb, 0xbf, 0xa6, 0x9f, 0xa9, 0xc5, 0xdd, + 0x2a, 0x0c, 0xb9, 0x8c, 0xeb, 0x72, 0xe7, 0x96, 0x57, 0x01, + 0xb5, 0x5a, + ]; + let nonce: [XNONCESIZE]u8 = [ + 0x1b, 0xcb, 0x13, 0xb8, 0xf5, 0x27, 0x53, 0x34, 0xa0, 0xb4, + 0x8e, 0xd2, 0xeb, 0x5b, 0xbc, 0x15, 0x44, 0x5b, 0x05, 0x09, + 0x56, 0xa8, 0x86, 0xa7, + ]; + let msg: [_]u8 = [ + 0xb4, 0x6d, 0x7c, 0xfd, 0x74, 0xe3, 0x91, 0xfa, 0x9a, 0xa2, + 0x14, 0x52, 0x53, 0xe1, 0xfb, 0x5c, 0xf3, 0x4a, 0x60, 0x17, + 0x2f, 0x46, 0x80, 0x07, 0x43, 0x43, 0xa1, 0x6c, 0x15, 0xf3, + 0xad, 0x9e, 0x83, 0x1e, 0x63, 0x0b, 0x10, 0x57, 0xf9, 0x19, + 0x3e, 0x0d, 0xc4, 0x14, 0xd0, 0x1c, 0xef, 0x46, 0x62, 0x94, + 0xdc, 0x43, 0xdd, 0xfa, 0x96, 0xa9, 0xa2, 0xd7, 0xc8, 0x53, + 0xea, 0xf8, 0x52, 0x1b, 0xce, 0xd0, 0x65, 0x5d, 0x63, 0xfa, + 0x23, 0x88, 0x86, 0x95, 0x11, 0x12, 0x00, 0xec, 0xa2, 0x52, + 0x1e, 0xac, 0x80, 0xd7, 0x07, 0xb4, 0x76, 0x38, 0x67, 0xcf, + 0xca, 0x67, 0x81, 0xca, 0xb6, 0xb2, 0x5a, 0xb8, 0x7d, 0xe7, + 0x6e, 0xed, 0x08, 0x82, 0x1f, 0x12, 0x94, 0x84, 0x08, 0xe4, + 0x94, 0x8f, 0xa7, 0x72, 0x09, 0x82, + ]; + let cipher: [_]u8 = [ + 0x17, 0x14, 0xa7, 0x77, 0xf1, 0xe0, 0xf7, 0xd7, 0x9a, 0x8f, + 0xe7, 0x16, 0xe7, 0x75, 0x13, 0x9c, 0xb8, 0x15, 0xb2, 0xcc, + 0x07, 0x97, 0x50, 0x66, 0xa4, 0xc2, 0xcd, 0x1c, 0x1b, 0x6e, + 0xea, 0x90, 0x59, 0xa9, 0x31, 0xb7, 0x24, 0x68, 0x4a, 0x64, + 0xf4, 0xc0, 0x00, 0xd0, 0xa5, 0x66, 0x55, 0x77, 0x2c, 0xbf, + 0x27, 0x0b, 0xc2, 0xab, 0xf6, 0x5f, 0x43, 0xe7, 0xf3, 0x49, + 0xb8, 0x7d, 0x34, 0xd5, 0x05, 0x65, 0xc8, 0x4b, 0x97, 0x90, + 0x56, 0xcb, 0xfa, 0x85, 0x17, 0x25, 0x8e, 0x6b, 0xc6, 0x32, + 0x88, 0xab, 0x85, 0x1a, 0x35, 0x12, 0xec, 0xdd, 0xb6, 0x7d, + 0x28, 0x33, 0xdb, 0xbd, 0x89, 0x9d, 0x89, 0xf0, 0x19, 0xcf, + 0xd5, 0x47, 0x8f, 0xcc, 0x66, 0x37, 0x7d, 0x59, 0xa4, 0x4b, + 0x2a, 0x61, 0x1f, 0x5b, 0x52, 0xf5, + ]; + + let result: [116]u8 = [0...]; + + let c = salsa20(); + xsalsa20_init(&c, &key, &nonce); + defer cipher::finish(&c); + + cipher::stream_xor(&c, result, msg); + assert(bytes::equal(cipher, result)); +}; + +@test fn xsalsa20_ctr_overflow_u32() void = { + let key: [KEYSIZE]u8 = [ + 0x7f, 0xa3, 0x4d, 0x21, 0x7c, 0xc3, 0x91, 0x99, 0x47, 0xef, + 0xa1, 0xde, 0x4b, 0xaa, 0x8d, 0xcb, 0x38, 0x4e, 0x7f, 0xf7, + 0xbe, 0xd6, 0xaf, 0x4c, 0x11, 0x97, 0x68, 0x39, 0xf1, 0xd9, + 0x0f, 0x92, + ]; + let nonce: [XNONCESIZE]u8 = [ + 0x42, 0x4a, 0xff, 0xdb, 0x30, 0xde, 0x7f, 0xaf, 0xe9, 0xd4, + 0xd5, 0xe5, 0x64, 0xfc, 0x3a, 0x87, 0xe1, 0x74, 0x9d, 0x3b, + 0xd5, 0x5f, 0x01, 0xec, + ]; + let msg: [_]u8 = [ + 0x64, 0xf8, 0xd2, 0x0d, 0xc5, 0x54, 0x27, 0x5d, 0xae, 0x74, + 0x23, 0xf8, 0xae, 0x43, 0xfb, 0xed, 0x35, 0xbf, 0xda, 0x89, + 0x4f, 0xb1, 0x0c, 0xcc, 0x06, 0x7b, 0xb9, 0x75, 0xcf, 0x3b, + 0x8e, 0x02, 0x3f, 0xc4, 0x96, 0xf2, 0xfd, 0xef, 0x68, 0xae, + 0x28, 0x30, 0x3a, 0x61, 0x1c, 0xcc, 0x3f, 0xa8, 0x9c, 0xec, + 0x3a, 0x10, 0x84, 0x6a, 0xae, 0x47, 0xf4, 0x35, 0xa3, 0x42, + 0xeb, 0x21, 0xb8, 0x30, 0x4c, 0x24, 0xf1, 0x00, 0x08, 0x9b, + 0x0b, 0x86, 0x9e, 0x42, 0x97, 0x29, 0x5e, 0x9d, 0x7c, 0xdb, + 0x7c, 0x16, 0x29, 0xac, 0x7c, 0xf8, 0xf5, 0xd8, 0xb3, 0xa8, + 0x0d, 0x5a, 0xdb, 0x46, 0x21, 0x52, 0x42, 0x85, 0xdf, 0x42, + 0xc9, 0x01, 0x66, 0xe3, 0x7b, 0x2a, 0xa5, 0xec, 0xee, 0x8c, + 0x3a, 0xa9, 0xac, 0xd6, 0x6a, 0xa4, + ]; + let cipher: [_]u8 = [ + 0xcc, 0x10, 0x8d, 0x36, 0xfd, 0x0c, 0x27, 0x88, 0x2f, 0x40, + 0xc8, 0x94, 0xf6, 0x8e, 0xda, 0x54, 0x66, 0x6b, 0x57, 0x54, + 0xd9, 0x2a, 0x2a, 0x77, 0xa5, 0x0e, 0x13, 0xdd, 0x37, 0x36, + 0xd7, 0x6d, 0x32, 0xf0, 0xe0, 0xcc, 0x1e, 0x96, 0x94, 0x0a, + 0xab, 0x96, 0x99, 0x70, 0x2b, 0xa5, 0x9b, 0xf1, 0x5a, 0x80, + 0x88, 0x51, 0x37, 0x1d, 0xa5, 0x46, 0x63, 0x43, 0x34, 0xd9, + 0x23, 0x36, 0x55, 0x5c, 0x3e, 0xcd, 0xf5, 0x18, 0xbe, 0x20, + 0x4b, 0x7f, 0x7f, 0xad, 0xe9, 0xc1, 0x73, 0xf9, 0x9a, 0x75, + 0xd3, 0x70, 0xbc, 0x92, 0x30, 0xf2, 0x03, 0x5a, 0x4e, 0x38, + 0x8a, 0xab, 0x0c, 0x8a, 0x07, 0x14, 0xe7, 0x3f, 0x92, 0x90, + 0xdd, 0x79, 0x7c, 0xa3, 0xa2, 0x3d, 0xda, 0xd5, 0x0f, 0xdf, + 0x85, 0x7b, 0xcb, 0x7c, 0x7b, 0x2f, + ]; + + let result: [116]u8 = [0...]; + + let c = salsa20(); + xsalsa20_init(&c, &key, &nonce); + setctr(&c, types::U32_MAX); + defer cipher::finish(&c); + + cipher::stream_xor(&c, result, msg); + assert(bytes::equal(cipher, result)); +}; + +@test fn xsalsa20_ctr_overflow_u64() void = { + let key: [KEYSIZE]u8 = [ + 0xe3, 0xe0, 0xa8, 0x09, 0x09, 0xd2, 0x8c, 0xb4, 0x13, 0xa6, + 0x8a, 0x33, 0xdf, 0x9c, 0xa2, 0x7f, 0x46, 0xd1, 0x9e, 0x32, + 0x14, 0x53, 0x66, 0x23, 0x36, 0x45, 0x58, 0xff, 0x68, 0x36, + 0x78, 0x69, + ]; + let nonce: [XNONCESIZE]u8 = [ + 0x8d, 0xe8, 0x84, 0xa0, 0x91, 0x0a, 0x26, 0xa3, 0xb4, 0x8a, + 0x05, 0x22, 0x41, 0x77, 0xd1, 0x14, 0xbd, 0x09, 0x35, 0x0e, + 0xbd, 0x73, 0xe5, 0xae, + ]; + let msg: [_]u8 = [ + 0xa8, 0xd2, 0x9f, 0x40, 0x9e, 0xe5, 0xc9, 0xd4, 0x3e, 0x5c, + 0x36, 0x1e, 0x9b, 0x75, 0x61, 0xf1, 0xe2, 0xfc, 0x57, 0xf6, + 0x54, 0x06, 0x69, 0x1f, 0xb4, 0xba, 0xf3, 0xa9, 0xcf, 0xff, + 0x02, 0x64, 0x06, 0x78, 0x2a, 0xce, 0x64, 0x38, 0xf5, 0x96, + 0x5d, 0xfa, 0x2f, 0xe0, 0x5a, 0x61, 0x10, 0xf3, 0x97, 0x17, + 0x68, 0xcc, 0xc2, 0x30, 0x02, 0x87, 0xc1, 0x58, 0xff, 0x9e, + 0xc7, 0x9f, 0x95, 0xe8, 0xe6, 0x87, 0xbe, 0xa6, 0xc1, 0x14, + 0x2a, 0x59, 0x44, 0x91, 0x95, 0x2d, 0x2f, 0xf7, 0xc3, 0xf7, + 0x8a, 0x45, 0x28, 0xb0, 0x97, 0x72, 0xa6, 0x1d, 0x7b, 0x74, + 0x71, 0x68, 0x2f, 0xe9, 0xbd, 0x5d, 0xf3, 0xd7, 0xd1, 0x4e, + 0x73, 0x1b, 0xbf, 0x29, 0xad, 0xa7, 0x08, 0xe8, 0x70, 0x5f, + 0x2b, 0x4d, 0x60, 0x3f, 0xf1, 0x09, + ]; + let cipher: [_]u8 = [ + 0x6b, 0x01, 0x72, 0xc3, 0x54, 0x65, 0x85, 0xd6, 0x63, 0xef, + 0x4b, 0x55, 0xbe, 0xd6, 0x32, 0x7c, 0x3a, 0x2e, 0x35, 0xac, + 0x1a, 0xa9, 0x73, 0x57, 0xb1, 0xe7, 0x97, 0x1d, 0x5c, 0xd3, + 0x9c, 0x9e, 0xee, 0x3d, 0x8e, 0xd7, 0x44, 0x4b, 0xee, 0xce, + 0x6e, 0x5d, 0x81, 0x7e, 0x9a, 0x8a, 0x58, 0x65, 0x53, 0x1d, + 0x8a, 0x7c, 0x6c, 0x4d, 0x18, 0x77, 0x8f, 0x65, 0x22, 0xd9, + 0x47, 0xb4, 0x80, 0x16, 0x07, 0x22, 0x88, 0x92, 0x8e, 0x66, + 0x5d, 0xac, 0xf4, 0x15, 0xf2, 0xd9, 0xe5, 0xc9, 0xdc, 0xeb, + 0x01, 0xc1, 0x94, 0x9a, 0xdd, 0x74, 0x70, 0xfd, 0xe1, 0x40, + 0x48, 0x72, 0xab, 0xbc, 0xe6, 0xec, 0x12, 0xdc, 0xf2, 0x57, + 0xc6, 0xcf, 0xd5, 0x2f, 0x12, 0x56, 0xed, 0xe2, 0x3c, 0x93, + 0x5a, 0xf6, 0x17, 0x63, 0xea, 0x41, + ]; + + + let result: [116]u8 = [0...]; + + let c = salsa20(); + xsalsa20_init(&c, &key, &nonce); + setctr(&c, types::U64_MAX); + defer cipher::finish(&c); + + cipher::stream_xor(&c, result, msg); + assert(bytes::equal(cipher, result)); +}; diff --git a/crypto/salsa/README b/crypto/salsa/README @@ -0,0 +1,18 @@ +crypto::salsa provides an implementation of the Salsa20 and XSalsa20 stream +ciphers, per "Salsa20 specification" by Daniel J. Bernstein. + +This is a low-level module which implements cryptographic primitives. Direct use +of cryptographic primitives is not recommended for non-experts, as incorrect use +of these primitives can easily lead to the introduction of security +vulnerabilities. Non-experts are advised to use the high-level operations +available in the top-level [[crypto]] module. + +Use [[salsa20]] to create a stream and either [[xsalsa20_init]] or +[[salsa20_init]] to set key and nonce of the appropriate size, [[NONCESIZE]] for +salsa20 or [[XNONCESIZE]] for XSalsa20. After calling the appropriate init +function, [[crypto::cipher::stream_xor]] may be used to encrypt blocks. The +stream must be finished with [[crypto::cipher::finish]] to wipe sensitive data +from memory. + +Writing blocks of length [[BLOCKSIZE]] is not required. However, seeking the key +stream with [[setctr]] only operates in units of [[BLOCKSIZE]]. diff --git a/crypto/salsa/salsa20.ha b/crypto/salsa/salsa20.ha @@ -0,0 +1,176 @@ +use bytes; +use crypto::cipher; +use crypto::math::{rotl32, xor}; +use endian; + +// Size of a Salsa key, in bytes. +export def KEYSIZE: size = 32; + +// Size of the XSalsa20 nonce, in bytes. +export def XNONCESIZE: size = 24; + +// Size of the Salsa20 nonce, in bytes. +export def NONCESIZE: size = 8; + +def ROUNDS: size = 20; + +// The block size of the Salsa cipher. +export def BLOCKSIZE: size = 64; + +const magic: [4]u32 = [0x61707865, 0x3320646e, 0x79622d32, 0x6b206574]; + +export type stream = struct { + cipher::stream, + state: [16]u32, + xorbuf: [BLOCKSIZE]u8, + xorused: size, + rounds: size, +}; + +// Create a Salsa20 or XSalsa20 stream. Needs to be initalized with either +// [[salsa20_init]] or [[xsalsa20_init]]. It must be finished with +// [[crypto::cipher::finish]]. +export fn salsa20() stream = { + return stream { + xor = &stream_xor, + finish = &finish, + xorused = BLOCKSIZE, + rounds = ROUNDS, + ... + }; +}; + +fn init( + state: *[16]u32, + key: *[KEYSIZE]u8, + nonce: *[8]u8, + ctr: *[8]u8 +) void = { + state[0] = magic[0]; + state[1] = endian::legetu32(key[0..4]); + state[2] = endian::legetu32(key[4..8]); + state[3] = endian::legetu32(key[8..12]); + state[4] = endian::legetu32(key[12..16]); + state[5] = magic[1]; + state[6] = endian::legetu32(nonce[0..4]); + state[7] = endian::legetu32(nonce[4..8]); + state[8] = endian::legetu32(ctr[0..4]); + state[9] = endian::legetu32(ctr[4..8]); + state[10] = magic[2]; + state[11] = endian::legetu32(key[16..20]); + state[12] = endian::legetu32(key[20..24]); + state[13] = endian::legetu32(key[24..28]); + state[14] = endian::legetu32(key[28..32]); + state[15] = magic[3]; +}; + +// Initialize a Salsa20 stream. +export fn salsa20_init( + s: *stream, + key: *[KEYSIZE]u8, + nonce: *[NONCESIZE]u8, +) void = { + let counter: [8]u8 = [0...]; + init(&s.state, key, nonce, &counter); + s.xorused = BLOCKSIZE; +}; + +// Initialize an XSalsa20 stream. XSalsa20 differs from Salsa20 via the use of a +// larger nonce parameter. +export fn xsalsa20_init( + s: *stream, + key: *[KEYSIZE]u8, + nonce: *[XNONCESIZE]u8 +) void = { + let state: [16]u32 = [0...]; + init(&state, key, nonce[0..8]: *[8]u8, nonce[8..16]: *[8]u8); + hblock(state[..], &state, 20); + + let dkey: [32]u8 = [0...]; + endian::leputu32(dkey[0..4], state[0]); + endian::leputu32(dkey[4..8], state[5]); + endian::leputu32(dkey[8..12], state[10]); + endian::leputu32(dkey[12..16], state[15]); + endian::leputu32(dkey[16..20], state[6]); + endian::leputu32(dkey[20..24], state[7]); + endian::leputu32(dkey[24..28], state[8]); + endian::leputu32(dkey[28..], state[9]); + + salsa20_init(s, &dkey, nonce[16..]: *[NONCESIZE]u8); +}; + +// Advances the key stream to "seek" to a future state by 'counter' times +// [[BLOCKSIZE]]. +export fn setctr(s: *stream, counter: u64) void = { + s.state[8] = (counter & 0xFFFFFFFF): u32; + s.state[9] = (counter >> 32): u32; + s.xorused = BLOCKSIZE; +}; + +fn stream_xor(cs: *cipher::stream, dest: []u8, src: []u8) void = { + assert(endian::host == &endian::little, "TODO big-endian"); + let s = cs: *stream; + + for (len(dest) > 0) { + if (s.xorused >= BLOCKSIZE) { + block((s.xorbuf[..]: *[*]u32)[..16], &s.state, s.rounds); + s.state[8] += 1; + if (s.state[8] == 0) { + s.state[9] += 1; + }; + s.xorused = 0; + }; + + const max = if (len(dest) > (BLOCKSIZE - s.xorused)) { + yield BLOCKSIZE - s.xorused; + } else { + yield len(dest); + }; + + xor(dest[..max], src[..max], + s.xorbuf[s.xorused..s.xorused + max]); + s.xorused += max; + + dest = dest[max..]; + src = src[max..]; + }; +}; + +fn block(dest: []u32, state: *[16]u32, rounds: size) void = { + hblock(dest, state, rounds); + + for (let i = 0z; i < 16; i += 1) { + dest[i] += state[i]; + }; +}; + +fn hblock(dest: []u32, state: *[16]u32, rounds: size) void = { + for (let i = 0z; i < 16; i += 1) { + dest[i] = state[i]; + }; + + for (let i = 0z; i < rounds; i += 2) { + qr(&dest[0], &dest[4], &dest[8], &dest[12]); + qr(&dest[5], &dest[9], &dest[13], &dest[1]); + qr(&dest[10], &dest[14], &dest[2], &dest[6]); + qr(&dest[15], &dest[3], &dest[7], &dest[11]); + + qr(&dest[0], &dest[1], &dest[2], &dest[3]); + qr(&dest[5], &dest[6], &dest[7], &dest[4]); + qr(&dest[10], &dest[11], &dest[8], &dest[9]); + qr(&dest[15], &dest[12], &dest[13], &dest[14]); + }; +}; + +fn qr(a: *u32, b: *u32, c: *u32, d: *u32) void = { + *b ^= rotl32(*a + *d, 7); + *c ^= rotl32(*b + *a, 9); + *d ^= rotl32(*c + *b, 13); + *a ^= rotl32(*d + *c, 18); +}; + +fn finish(cs: *cipher::stream) void = { + let s = cs: *stream; + bytes::zero((s.state[..]: *[*]u8)[..len(s.state) * size(u32)]); + bytes::zero(s.xorbuf); +}; diff --git a/scripts/gen-stdlib b/scripts/gen-stdlib @@ -276,6 +276,18 @@ crypto_random() { gen_ssa -pfreebsd crypto::random rt io errors } +crypto_salsa() { + if [ $testing -eq 0 ] + then + gen_srcs crypto::salsa salsa20.ha + gen_ssa crypto::salsa bytes crypto::cipher crypto::math endian + else + gen_srcs crypto::salsa salsa20.ha +test.ha + gen_ssa crypto::salsa bytes crypto::cipher crypto::math endian \ + types + fi +} + gensrcs_crypto_sha256() { gen_srcs crypto::sha256 \ sha256.ha \ @@ -1115,6 +1127,7 @@ crypto::hmac crypto::math crypto::random linux freebsd crypto::md5 +crypto::salsa crypto::sha1 crypto::sha256 crypto::sha512 diff --git a/stdlib.mk b/stdlib.mk @@ -194,6 +194,12 @@ stdlib_deps_any+=$(stdlib_crypto_md5_any) stdlib_crypto_md5_linux=$(stdlib_crypto_md5_any) stdlib_crypto_md5_freebsd=$(stdlib_crypto_md5_any) +# gen_lib crypto::salsa (any) +stdlib_crypto_salsa_any=$(HARECACHE)/crypto/salsa/crypto_salsa-any.o +stdlib_deps_any+=$(stdlib_crypto_salsa_any) +stdlib_crypto_salsa_linux=$(stdlib_crypto_salsa_any) +stdlib_crypto_salsa_freebsd=$(stdlib_crypto_salsa_any) + # gen_lib crypto::sha1 (any) stdlib_crypto_sha1_any=$(HARECACHE)/crypto/sha1/crypto_sha1-any.o stdlib_deps_any+=$(stdlib_crypto_sha1_any) @@ -755,6 +761,16 @@ $(HARECACHE)/crypto/md5/crypto_md5-any.ssa: $(stdlib_crypto_md5_any_srcs) $(stdl @HARECACHE=$(HARECACHE) $(HAREC) $(HAREFLAGS) -o $@ -Ncrypto::md5 \ -t$(HARECACHE)/crypto/md5/crypto_md5.td $(stdlib_crypto_md5_any_srcs) +# crypto::salsa (+any) +stdlib_crypto_salsa_any_srcs= \ + $(STDLIB)/crypto/salsa/salsa20.ha + +$(HARECACHE)/crypto/salsa/crypto_salsa-any.ssa: $(stdlib_crypto_salsa_any_srcs) $(stdlib_rt) $(stdlib_bytes_$(PLATFORM)) $(stdlib_crypto_cipher_$(PLATFORM)) $(stdlib_crypto_math_$(PLATFORM)) $(stdlib_endian_$(PLATFORM)) + @printf 'HAREC \t$@\n' + @mkdir -p $(HARECACHE)/crypto/salsa + @HARECACHE=$(HARECACHE) $(HAREC) $(HAREFLAGS) -o $@ -Ncrypto::salsa \ + -t$(HARECACHE)/crypto/salsa/crypto_salsa.td $(stdlib_crypto_salsa_any_srcs) + # crypto::sha1 (+any) stdlib_crypto_sha1_any_srcs= \ $(STDLIB)/crypto/sha1/sha1.ha @@ -1925,6 +1941,12 @@ testlib_deps_any+=$(testlib_crypto_md5_any) testlib_crypto_md5_linux=$(testlib_crypto_md5_any) testlib_crypto_md5_freebsd=$(testlib_crypto_md5_any) +# gen_lib crypto::salsa (any) +testlib_crypto_salsa_any=$(TESTCACHE)/crypto/salsa/crypto_salsa-any.o +testlib_deps_any+=$(testlib_crypto_salsa_any) +testlib_crypto_salsa_linux=$(testlib_crypto_salsa_any) +testlib_crypto_salsa_freebsd=$(testlib_crypto_salsa_any) + # gen_lib crypto::sha1 (any) testlib_crypto_sha1_any=$(TESTCACHE)/crypto/sha1/crypto_sha1-any.o testlib_deps_any+=$(testlib_crypto_sha1_any) @@ -2495,6 +2517,17 @@ $(TESTCACHE)/crypto/md5/crypto_md5-any.ssa: $(testlib_crypto_md5_any_srcs) $(tes @HARECACHE=$(TESTCACHE) $(HAREC) $(TESTHAREFLAGS) -o $@ -Ncrypto::md5 \ -t$(TESTCACHE)/crypto/md5/crypto_md5.td $(testlib_crypto_md5_any_srcs) +# crypto::salsa (+any) +testlib_crypto_salsa_any_srcs= \ + $(STDLIB)/crypto/salsa/salsa20.ha \ + $(STDLIB)/crypto/salsa/+test.ha + +$(TESTCACHE)/crypto/salsa/crypto_salsa-any.ssa: $(testlib_crypto_salsa_any_srcs) $(testlib_rt) $(testlib_bytes_$(PLATFORM)) $(testlib_crypto_cipher_$(PLATFORM)) $(testlib_crypto_math_$(PLATFORM)) $(testlib_endian_$(PLATFORM)) $(testlib_types_$(PLATFORM)) + @printf 'HAREC \t$@\n' + @mkdir -p $(TESTCACHE)/crypto/salsa + @HARECACHE=$(TESTCACHE) $(HAREC) $(TESTHAREFLAGS) -o $@ -Ncrypto::salsa \ + -t$(TESTCACHE)/crypto/salsa/crypto_salsa.td $(testlib_crypto_salsa_any_srcs) + # crypto::sha1 (+any) testlib_crypto_sha1_any_srcs= \ $(STDLIB)/crypto/sha1/sha1.ha \