pub const Spec_Hash_Definitions_SHA2_224: u32 = 0;
pub const Spec_Hash_Definitions_SHA2_256: u32 = 1;
pub const Spec_Hash_Definitions_SHA2_384: u32 = 2;
pub const Spec_Hash_Definitions_SHA2_512: u32 = 3;
pub const Spec_Hash_Definitions_SHA1: u32 = 4;
pub const Spec_Hash_Definitions_MD5: u32 = 5;
pub const Spec_Hash_Definitions_Blake2S: u32 = 6;
pub const Spec_Hash_Definitions_Blake2B: u32 = 7;
pub const Spec_Hash_Definitions_SHA3_256: u32 = 8;
pub const Spec_Hash_Definitions_SHA3_224: u32 = 9;
pub const Spec_Hash_Definitions_SHA3_384: u32 = 10;
pub const Spec_Hash_Definitions_SHA3_512: u32 = 11;
pub const Spec_Hash_Definitions_Shake128: u32 = 12;
pub const Spec_Hash_Definitions_Shake256: u32 = 13;
pub const Hacl_Streaming_Types_Success: u32 = 0;
pub const Hacl_Streaming_Types_InvalidAlgorithm: u32 = 1;
pub const Hacl_Streaming_Types_InvalidLength: u32 = 2;
pub const Hacl_Streaming_Types_MaximumLengthExceeded: u32 = 3;
pub const Spec_FFDHE_FFDHE2048: u32 = 0;
pub const Spec_FFDHE_FFDHE3072: u32 = 1;
pub const Spec_FFDHE_FFDHE4096: u32 = 2;
pub const Spec_FFDHE_FFDHE6144: u32 = 3;
pub const Spec_FFDHE_FFDHE8192: u32 = 4;
pub const Spec_Agile_AEAD_AES128_GCM: u32 = 0;
pub const Spec_Agile_AEAD_AES256_GCM: u32 = 1;
pub const Spec_Agile_AEAD_CHACHA20_POLY1305: u32 = 2;
pub const Spec_Agile_AEAD_AES128_CCM: u32 = 3;
pub const Spec_Agile_AEAD_AES256_CCM: u32 = 4;
pub const Spec_Agile_AEAD_AES128_CCM8: u32 = 5;
pub const Spec_Agile_AEAD_AES256_CCM8: u32 = 6;
extern "C" {
#[doc = "Compute the scalar multiple of a point.\n\n@param out Pointer to 32 bytes of memory, allocated by the caller, where the resulting point is written to.\n@param priv Pointer to 32 bytes of memory where the secret/private key is read from.\n@param pub Pointer to 32 bytes of memory where the public point is read from."]
pub fn Hacl_Curve25519_64_scalarmult(out: *mut u8, priv_: *mut u8, pub_: *mut u8);
}
extern "C" {
#[doc = "Calculate a public point from a secret/private key.\n\nThis computes a scalar multiplication of the secret/private key with the curve's basepoint.\n\n@param pub Pointer to 32 bytes of memory, allocated by the caller, where the resulting point is written to.\n@param priv Pointer to 32 bytes of memory where the secret/private key is read from."]
pub fn Hacl_Curve25519_64_secret_to_public(pub_: *mut u8, priv_: *mut u8);
}
extern "C" {
#[doc = "Execute the diffie-hellmann key exchange.\n\n@param out Pointer to 32 bytes of memory, allocated by the caller, where the resulting point is written to.\n@param priv Pointer to 32 bytes of memory where **our** secret/private key is read from.\n@param pub Pointer to 32 bytes of memory where **their** public point is read from."]
pub fn Hacl_Curve25519_64_ecdh(out: *mut u8, priv_: *mut u8, pub_: *mut u8) -> bool;
}
extern "C" {
#[doc = "Encrypt a message `input` with key `key`.\n\nThe arguments `key`, `nonce`, `data`, and `data_len` are same in encryption/decryption.\nNote: Encryption and decryption can be executed in-place, i.e., `input` and `output` can point to the same memory.\n\n@param output Pointer to `input_len` bytes of memory where the ciphertext is written to.\n@param tag Pointer to 16 bytes of memory where the mac is written to.\n@param input Pointer to `input_len` bytes of memory where the message is read from.\n@param input_len Length of the message.\n@param data Pointer to `data_len` bytes of memory where the associated data is read from.\n@param data_len Length of the associated data.\n@param key Pointer to 32 bytes of memory where the AEAD key is read from.\n@param nonce Pointer to 12 bytes of memory where the AEAD nonce is read from."]
pub fn Hacl_AEAD_Chacha20Poly1305_encrypt(
output: *mut u8,
tag: *mut u8,
input: *mut u8,
input_len: u32,
data: *mut u8,
data_len: u32,
key: *mut u8,
nonce: *mut u8,
);
}
extern "C" {
#[doc = "Decrypt a ciphertext `input` with key `key`.\n\nThe arguments `key`, `nonce`, `data`, and `data_len` are same in encryption/decryption.\nNote: Encryption and decryption can be executed in-place, i.e., `output` and `input` can point to the same memory.\n\nIf decryption succeeds, the resulting plaintext is stored in `output` and the function returns the success code 0.\nIf decryption fails, the array `output` remains unchanged and the function returns the error code 1.\n\n@param output Pointer to `input_len` bytes of memory where the message is written to.\n@param input Pointer to `input_len` bytes of memory where the ciphertext is read from.\n@param input_len Length of the ciphertext.\n@param data Pointer to `data_len` bytes of memory where the associated data is read from.\n@param data_len Length of the associated data.\n@param key Pointer to 32 bytes of memory where the AEAD key is read from.\n@param nonce Pointer to 12 bytes of memory where the AEAD nonce is read from.\n@param tag Pointer to 16 bytes of memory where the mac is read from.\n\n@returns 0 on succeess; 1 on failure."]
pub fn Hacl_AEAD_Chacha20Poly1305_decrypt(
output: *mut u8,
input: *mut u8,
input_len: u32,
data: *mut u8,
data_len: u32,
key: *mut u8,
nonce: *mut u8,
tag: *mut u8,
) -> u32;
}
extern "C" {
#[doc = "Compute the scalar multiple of a point.\n\n@param out Pointer to 32 bytes of memory, allocated by the caller, where the resulting point is written to.\n@param priv Pointer to 32 bytes of memory where the secret/private key is read from.\n@param pub Pointer to 32 bytes of memory where the public point is read from."]
pub fn Hacl_Curve25519_51_scalarmult(out: *mut u8, priv_: *mut u8, pub_: *mut u8);
}
extern "C" {
#[doc = "Calculate a public point from a secret/private key.\n\nThis computes a scalar multiplication of the secret/private key with the curve's basepoint.\n\n@param pub Pointer to 32 bytes of memory, allocated by the caller, where the resulting point is written to.\n@param priv Pointer to 32 bytes of memory where the secret/private key is read from."]
pub fn Hacl_Curve25519_51_secret_to_public(pub_: *mut u8, priv_: *mut u8);
}
extern "C" {
#[doc = "Execute the diffie-hellmann key exchange.\n\n@param out Pointer to 32 bytes of memory, allocated by the caller, where the resulting point is written to.\n@param priv Pointer to 32 bytes of memory where **our** secret/private key is read from.\n@param pub Pointer to 32 bytes of memory where **their** public point is read from."]
pub fn Hacl_Curve25519_51_ecdh(out: *mut u8, priv_: *mut u8, pub_: *mut u8) -> bool;
}
pub type Spec_Hash_Definitions_hash_alg = u8;
pub type Hacl_Streaming_Types_error_code = u8;
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct Hacl_Streaming_MD_state_32_s {
pub block_state: *mut u32,
pub buf: *mut u8,
pub total_len: u64,
}
pub type Hacl_Streaming_MD_state_32 = Hacl_Streaming_MD_state_32_s;
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct Hacl_Streaming_MD_state_64_s {
pub block_state: *mut u64,
pub buf: *mut u8,
pub total_len: u64,
}
pub type Hacl_Streaming_MD_state_64 = Hacl_Streaming_MD_state_64_s;
pub type Hacl_Hash_SHA1_state_t = Hacl_Streaming_MD_state_32;
extern "C" {
pub fn Hacl_Hash_SHA1_malloc() -> *mut Hacl_Streaming_MD_state_32;
}
extern "C" {
pub fn Hacl_Hash_SHA1_reset(state: *mut Hacl_Streaming_MD_state_32);
}
extern "C" {
#[doc = "0 = success, 1 = max length exceeded"]
pub fn Hacl_Hash_SHA1_update(
state: *mut Hacl_Streaming_MD_state_32,
chunk: *mut u8,
chunk_len: u32,
) -> Hacl_Streaming_Types_error_code;
}
extern "C" {
pub fn Hacl_Hash_SHA1_digest(state: *mut Hacl_Streaming_MD_state_32, output: *mut u8);
}
extern "C" {
pub fn Hacl_Hash_SHA1_free(state: *mut Hacl_Streaming_MD_state_32);
}
extern "C" {
pub fn Hacl_Hash_SHA1_copy(
state: *mut Hacl_Streaming_MD_state_32,
) -> *mut Hacl_Streaming_MD_state_32;
}
extern "C" {
pub fn Hacl_Hash_SHA1_hash(output: *mut u8, input: *mut u8, input_len: u32);
}
pub type Hacl_Hash_SHA2_state_t_224 = Hacl_Streaming_MD_state_32;
pub type Hacl_Hash_SHA2_state_t_256 = Hacl_Streaming_MD_state_32;
pub type Hacl_Hash_SHA2_state_t_384 = Hacl_Streaming_MD_state_64;
pub type Hacl_Hash_SHA2_state_t_512 = Hacl_Streaming_MD_state_64;
extern "C" {
#[doc = "Allocate initial state for the SHA2_256 hash. The state is to be freed by\ncalling `free_256`."]
pub fn Hacl_Hash_SHA2_malloc_256() -> *mut Hacl_Streaming_MD_state_32;
}
extern "C" {
#[doc = "Copies the state passed as argument into a newly allocated state (deep copy).\nThe state is to be freed by calling `free_256`. Cloning the state this way is\nuseful, for instance, if your control-flow diverges and you need to feed\nmore (different) data into the hash in each branch."]
pub fn Hacl_Hash_SHA2_copy_256(
state: *mut Hacl_Streaming_MD_state_32,
) -> *mut Hacl_Streaming_MD_state_32;
}
extern "C" {
#[doc = "Reset an existing state to the initial hash state with empty data."]
pub fn Hacl_Hash_SHA2_reset_256(state: *mut Hacl_Streaming_MD_state_32);
}
extern "C" {
#[doc = "Feed an arbitrary amount of data into the hash. This function returns 0 for\nsuccess, or 1 if the combined length of all of the data passed to `update_256`\n(since the last call to `reset_256`) exceeds 2^61-1 bytes.\n\nThis function is identical to the update function for SHA2_224."]
pub fn Hacl_Hash_SHA2_update_256(
state: *mut Hacl_Streaming_MD_state_32,
input: *mut u8,
input_len: u32,
) -> Hacl_Streaming_Types_error_code;
}
extern "C" {
#[doc = "Write the resulting hash into `output`, an array of 32 bytes. The state remains\nvalid after a call to `digest_256`, meaning the user may feed more data into\nthe hash via `update_256`. (The digest_256 function operates on an internal copy of\nthe state and therefore does not invalidate the client-held state `p`.)"]
pub fn Hacl_Hash_SHA2_digest_256(state: *mut Hacl_Streaming_MD_state_32, output: *mut u8);
}
extern "C" {
#[doc = "Free a state allocated with `malloc_256`.\n\nThis function is identical to the free function for SHA2_224."]
pub fn Hacl_Hash_SHA2_free_256(state: *mut Hacl_Streaming_MD_state_32);
}
extern "C" {
#[doc = "Hash `input`, of len `input_len`, into `output`, an array of 32 bytes."]
pub fn Hacl_Hash_SHA2_hash_256(output: *mut u8, input: *mut u8, input_len: u32);
}
extern "C" {
pub fn Hacl_Hash_SHA2_malloc_224() -> *mut Hacl_Streaming_MD_state_32;
}
extern "C" {
pub fn Hacl_Hash_SHA2_reset_224(state: *mut Hacl_Streaming_MD_state_32);
}
extern "C" {
pub fn Hacl_Hash_SHA2_update_224(
state: *mut Hacl_Streaming_MD_state_32,
input: *mut u8,
input_len: u32,
) -> Hacl_Streaming_Types_error_code;
}
extern "C" {
#[doc = "Write the resulting hash into `output`, an array of 28 bytes. The state remains\nvalid after a call to `digest_224`, meaning the user may feed more data into\nthe hash via `update_224`."]
pub fn Hacl_Hash_SHA2_digest_224(state: *mut Hacl_Streaming_MD_state_32, output: *mut u8);
}
extern "C" {
pub fn Hacl_Hash_SHA2_free_224(state: *mut Hacl_Streaming_MD_state_32);
}
extern "C" {
#[doc = "Hash `input`, of len `input_len`, into `output`, an array of 28 bytes."]
pub fn Hacl_Hash_SHA2_hash_224(output: *mut u8, input: *mut u8, input_len: u32);
}
extern "C" {
pub fn Hacl_Hash_SHA2_malloc_512() -> *mut Hacl_Streaming_MD_state_64;
}
extern "C" {
#[doc = "Copies the state passed as argument into a newly allocated state (deep copy).\nThe state is to be freed by calling `free_512`. Cloning the state this way is\nuseful, for instance, if your control-flow diverges and you need to feed\nmore (different) data into the hash in each branch."]
pub fn Hacl_Hash_SHA2_copy_512(
state: *mut Hacl_Streaming_MD_state_64,
) -> *mut Hacl_Streaming_MD_state_64;
}
extern "C" {
pub fn Hacl_Hash_SHA2_reset_512(state: *mut Hacl_Streaming_MD_state_64);
}
extern "C" {
#[doc = "Feed an arbitrary amount of data into the hash. This function returns 0 for\nsuccess, or 1 if the combined length of all of the data passed to `update_512`\n(since the last call to `reset_512`) exceeds 2^125-1 bytes.\n\nThis function is identical to the update function for SHA2_384."]
pub fn Hacl_Hash_SHA2_update_512(
state: *mut Hacl_Streaming_MD_state_64,
input: *mut u8,
input_len: u32,
) -> Hacl_Streaming_Types_error_code;
}
extern "C" {
#[doc = "Write the resulting hash into `output`, an array of 64 bytes. The state remains\nvalid after a call to `digest_512`, meaning the user may feed more data into\nthe hash via `update_512`. (The digest_512 function operates on an internal copy of\nthe state and therefore does not invalidate the client-held state `p`.)"]
pub fn Hacl_Hash_SHA2_digest_512(state: *mut Hacl_Streaming_MD_state_64, output: *mut u8);
}
extern "C" {
#[doc = "Free a state allocated with `malloc_512`.\n\nThis function is identical to the free function for SHA2_384."]
pub fn Hacl_Hash_SHA2_free_512(state: *mut Hacl_Streaming_MD_state_64);
}
extern "C" {
#[doc = "Hash `input`, of len `input_len`, into `output`, an array of 64 bytes."]
pub fn Hacl_Hash_SHA2_hash_512(output: *mut u8, input: *mut u8, input_len: u32);
}
extern "C" {
pub fn Hacl_Hash_SHA2_malloc_384() -> *mut Hacl_Streaming_MD_state_64;
}
extern "C" {
pub fn Hacl_Hash_SHA2_reset_384(state: *mut Hacl_Streaming_MD_state_64);
}
extern "C" {
pub fn Hacl_Hash_SHA2_update_384(
state: *mut Hacl_Streaming_MD_state_64,
input: *mut u8,
input_len: u32,
) -> Hacl_Streaming_Types_error_code;
}
extern "C" {
#[doc = "Write the resulting hash into `output`, an array of 48 bytes. The state remains\nvalid after a call to `digest_384`, meaning the user may feed more data into\nthe hash via `update_384`."]
pub fn Hacl_Hash_SHA2_digest_384(state: *mut Hacl_Streaming_MD_state_64, output: *mut u8);
}
extern "C" {
pub fn Hacl_Hash_SHA2_free_384(state: *mut Hacl_Streaming_MD_state_64);
}
extern "C" {
#[doc = "Hash `input`, of len `input_len`, into `output`, an array of 48 bytes."]
pub fn Hacl_Hash_SHA2_hash_384(output: *mut u8, input: *mut u8, input_len: u32);
}
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct Hacl_Hash_SHA3_hash_buf_s {
pub fst: Spec_Hash_Definitions_hash_alg,
pub snd: *mut u64,
}
pub type Hacl_Hash_SHA3_hash_buf = Hacl_Hash_SHA3_hash_buf_s;
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct Hacl_Hash_SHA3_state_t_s {
pub block_state: Hacl_Hash_SHA3_hash_buf,
pub buf: *mut u8,
pub total_len: u64,
}
pub type Hacl_Hash_SHA3_state_t = Hacl_Hash_SHA3_state_t_s;
extern "C" {
pub fn Hacl_Hash_SHA3_get_alg(s: *mut Hacl_Hash_SHA3_state_t)
-> Spec_Hash_Definitions_hash_alg;
}
extern "C" {
pub fn Hacl_Hash_SHA3_malloc(a: Spec_Hash_Definitions_hash_alg) -> *mut Hacl_Hash_SHA3_state_t;
}
extern "C" {
pub fn Hacl_Hash_SHA3_free(state: *mut Hacl_Hash_SHA3_state_t);
}
extern "C" {
pub fn Hacl_Hash_SHA3_copy(state: *mut Hacl_Hash_SHA3_state_t) -> *mut Hacl_Hash_SHA3_state_t;
}
extern "C" {
pub fn Hacl_Hash_SHA3_reset(state: *mut Hacl_Hash_SHA3_state_t);
}
extern "C" {
pub fn Hacl_Hash_SHA3_update(
state: *mut Hacl_Hash_SHA3_state_t,
chunk: *mut u8,
chunk_len: u32,
) -> Hacl_Streaming_Types_error_code;
}
extern "C" {
pub fn Hacl_Hash_SHA3_digest(
state: *mut Hacl_Hash_SHA3_state_t,
output: *mut u8,
) -> Hacl_Streaming_Types_error_code;
}
extern "C" {
pub fn Hacl_Hash_SHA3_squeeze(
s: *mut Hacl_Hash_SHA3_state_t,
dst: *mut u8,
l: u32,
) -> Hacl_Streaming_Types_error_code;
}
extern "C" {
pub fn Hacl_Hash_SHA3_block_len(s: *mut Hacl_Hash_SHA3_state_t) -> u32;
}
extern "C" {
pub fn Hacl_Hash_SHA3_hash_len(s: *mut Hacl_Hash_SHA3_state_t) -> u32;
}
extern "C" {
pub fn Hacl_Hash_SHA3_is_shake(s: *mut Hacl_Hash_SHA3_state_t) -> bool;
}
extern "C" {
pub fn Hacl_Hash_SHA3_shake128_hacl(
inputByteLen: u32,
input: *mut u8,
outputByteLen: u32,
output: *mut u8,
);
}
extern "C" {
pub fn Hacl_Hash_SHA3_shake256_hacl(
inputByteLen: u32,
input: *mut u8,
outputByteLen: u32,
output: *mut u8,
);
}
extern "C" {
pub fn Hacl_Hash_SHA3_sha3_224(output: *mut u8, input: *mut u8, input_len: u32);
}
extern "C" {
pub fn Hacl_Hash_SHA3_sha3_256(output: *mut u8, input: *mut u8, input_len: u32);
}
extern "C" {
pub fn Hacl_Hash_SHA3_sha3_384(output: *mut u8, input: *mut u8, input_len: u32);
}
extern "C" {
pub fn Hacl_Hash_SHA3_sha3_512(output: *mut u8, input: *mut u8, input_len: u32);
}
extern "C" {
pub fn Hacl_Hash_SHA3_absorb_inner(rateInBytes: u32, block: *mut u8, s: *mut u64);
}
extern "C" {
pub fn Hacl_Hash_SHA3_squeeze0(
s: *mut u64,
rateInBytes: u32,
outputByteLen: u32,
output: *mut u8,
);
}
extern "C" {
pub fn Hacl_Hash_SHA3_keccak(
rate: u32,
capacity: u32,
inputByteLen: u32,
input: *mut u8,
delimitedSuffix: u8,
outputByteLen: u32,
output: *mut u8,
);
}
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct Hacl_Hash_Blake2b_block_state_t_s {
pub fst: *mut u64,
pub snd: *mut u64,
}
pub type Hacl_Hash_Blake2b_block_state_t = Hacl_Hash_Blake2b_block_state_t_s;
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct Hacl_Hash_Blake2b_state_t_s {
pub block_state: Hacl_Hash_Blake2b_block_state_t,
pub buf: *mut u8,
pub total_len: u64,
}
pub type Hacl_Hash_Blake2b_state_t = Hacl_Hash_Blake2b_state_t_s;
extern "C" {
#[doc = "State allocation function when there is no key"]
pub fn Hacl_Hash_Blake2b_malloc() -> *mut Hacl_Hash_Blake2b_state_t;
}
extern "C" {
#[doc = "Re-initialization function when there is no key"]
pub fn Hacl_Hash_Blake2b_reset(state: *mut Hacl_Hash_Blake2b_state_t);
}
extern "C" {
#[doc = "Update function when there is no key; 0 = success, 1 = max length exceeded"]
pub fn Hacl_Hash_Blake2b_update(
state: *mut Hacl_Hash_Blake2b_state_t,
chunk: *mut u8,
chunk_len: u32,
) -> Hacl_Streaming_Types_error_code;
}
extern "C" {
#[doc = "Finish function when there is no key"]
pub fn Hacl_Hash_Blake2b_digest(state: *mut Hacl_Hash_Blake2b_state_t, output: *mut u8);
}
extern "C" {
#[doc = "Free state function when there is no key"]
pub fn Hacl_Hash_Blake2b_free(state: *mut Hacl_Hash_Blake2b_state_t);
}
extern "C" {
#[doc = "Write the BLAKE2b digest of message `input` using key `key` into `output`.\n\n@param output Pointer to `output_len` bytes of memory where the digest is written to.\n@param output_len Length of the to-be-generated digest with 1 <= `output_len` <= 64.\n@param input Pointer to `input_len` bytes of memory where the input message is read from.\n@param input_len Length of the input message.\n@param key Pointer to `key_len` bytes of memory where the key is read from.\n@param key_len Length of the key. Can be 0."]
pub fn Hacl_Hash_Blake2b_hash_with_key(
output: *mut u8,
output_len: u32,
input: *mut u8,
input_len: u32,
key: *mut u8,
key_len: u32,
);
}
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct Hacl_Hash_Blake2s_block_state_t_s {
pub fst: *mut u32,
pub snd: *mut u32,
}
pub type Hacl_Hash_Blake2s_block_state_t = Hacl_Hash_Blake2s_block_state_t_s;
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct Hacl_Hash_Blake2s_state_t_s {
pub block_state: Hacl_Hash_Blake2s_block_state_t,
pub buf: *mut u8,
pub total_len: u64,
}
pub type Hacl_Hash_Blake2s_state_t = Hacl_Hash_Blake2s_state_t_s;
extern "C" {
#[doc = "State allocation function when there is no key"]
pub fn Hacl_Hash_Blake2s_malloc() -> *mut Hacl_Hash_Blake2s_state_t;
}
extern "C" {
#[doc = "Re-initialization function when there is no key"]
pub fn Hacl_Hash_Blake2s_reset(state: *mut Hacl_Hash_Blake2s_state_t);
}
extern "C" {
#[doc = "Update function when there is no key; 0 = success, 1 = max length exceeded"]
pub fn Hacl_Hash_Blake2s_update(
state: *mut Hacl_Hash_Blake2s_state_t,
chunk: *mut u8,
chunk_len: u32,
) -> Hacl_Streaming_Types_error_code;
}
extern "C" {
#[doc = "Finish function when there is no key"]
pub fn Hacl_Hash_Blake2s_digest(state: *mut Hacl_Hash_Blake2s_state_t, output: *mut u8);
}
extern "C" {
#[doc = "Free state function when there is no key"]
pub fn Hacl_Hash_Blake2s_free(state: *mut Hacl_Hash_Blake2s_state_t);
}
extern "C" {
#[doc = "Write the BLAKE2s digest of message `input` using key `key` into `output`.\n\n@param output Pointer to `output_len` bytes of memory where the digest is written to.\n@param output_len Length of the to-be-generated digest with 1 <= `output_len` <= 32.\n@param input Pointer to `input_len` bytes of memory where the input message is read from.\n@param input_len Length of the input message.\n@param key Pointer to `key_len` bytes of memory where the key is read from.\n@param key_len Length of the key. Can be 0."]
pub fn Hacl_Hash_Blake2s_hash_with_key(
output: *mut u8,
output_len: u32,
input: *mut u8,
input_len: u32,
key: *mut u8,
key_len: u32,
);
}
extern "C" {
#[doc = "Write the HMAC-SHA-1 MAC of a message (`data`) by using a key (`key`) into `dst`.\n\nThe key can be any length and will be hashed if it is longer and padded if it is shorter than 64 byte.\n`dst` must point to 20 bytes of memory."]
pub fn Hacl_HMAC_compute_sha1(
dst: *mut u8,
key: *mut u8,
key_len: u32,
data: *mut u8,
data_len: u32,
);
}
extern "C" {
#[doc = "Write the HMAC-SHA-2-256 MAC of a message (`data`) by using a key (`key`) into `dst`.\n\nThe key can be any length and will be hashed if it is longer and padded if it is shorter than 64 bytes.\n`dst` must point to 32 bytes of memory."]
pub fn Hacl_HMAC_compute_sha2_256(
dst: *mut u8,
key: *mut u8,
key_len: u32,
data: *mut u8,
data_len: u32,
);
}
extern "C" {
#[doc = "Write the HMAC-SHA-2-384 MAC of a message (`data`) by using a key (`key`) into `dst`.\n\nThe key can be any length and will be hashed if it is longer and padded if it is shorter than 128 bytes.\n`dst` must point to 48 bytes of memory."]
pub fn Hacl_HMAC_compute_sha2_384(
dst: *mut u8,
key: *mut u8,
key_len: u32,
data: *mut u8,
data_len: u32,
);
}
extern "C" {
#[doc = "Write the HMAC-SHA-2-512 MAC of a message (`data`) by using a key (`key`) into `dst`.\n\nThe key can be any length and will be hashed if it is longer and padded if it is shorter than 128 bytes.\n`dst` must point to 64 bytes of memory."]
pub fn Hacl_HMAC_compute_sha2_512(
dst: *mut u8,
key: *mut u8,
key_len: u32,
data: *mut u8,
data_len: u32,
);
}
extern "C" {
#[doc = "Write the HMAC-BLAKE2s MAC of a message (`data`) by using a key (`key`) into `dst`.\n\nThe key can be any length and will be hashed if it is longer and padded if it is shorter than 64 bytes.\n`dst` must point to 32 bytes of memory."]
pub fn Hacl_HMAC_compute_blake2s_32(
dst: *mut u8,
key: *mut u8,
key_len: u32,
data: *mut u8,
data_len: u32,
);
}
extern "C" {
#[doc = "Write the HMAC-BLAKE2b MAC of a message (`data`) by using a key (`key`) into `dst`.\n\nThe key can be any length and will be hashed if it is longer and padded if it is shorter than 128 bytes.\n`dst` must point to 64 bytes of memory."]
pub fn Hacl_HMAC_compute_blake2b_32(
dst: *mut u8,
key: *mut u8,
key_len: u32,
data: *mut u8,
data_len: u32,
);
}
pub type Hacl_HMAC_DRBG_supported_alg = Spec_Hash_Definitions_hash_alg;
extern "C" {
#[doc = "Return the minimal entropy input length of the desired hash function.\n\n@param a Hash algorithm to use."]
pub fn Hacl_HMAC_DRBG_min_length(a: Spec_Hash_Definitions_hash_alg) -> u32;
}
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct Hacl_HMAC_DRBG_state_s {
pub k: *mut u8,
pub v: *mut u8,
pub reseed_counter: *mut u32,
}
pub type Hacl_HMAC_DRBG_state = Hacl_HMAC_DRBG_state_s;
extern "C" {
pub fn Hacl_HMAC_DRBG_uu___is_State(
a: Spec_Hash_Definitions_hash_alg,
projectee: Hacl_HMAC_DRBG_state,
) -> bool;
}
extern "C" {
#[doc = "Create a DRBG state.\n\n@param a Hash algorithm to use. The possible instantiations are ...\n `Spec_Hash_Definitions_SHA2_256`,\n `Spec_Hash_Definitions_SHA2_384`,\n `Spec_Hash_Definitions_SHA2_512`, and\n `Spec_Hash_Definitions_SHA1`."]
pub fn Hacl_HMAC_DRBG_create_in(a: Spec_Hash_Definitions_hash_alg) -> Hacl_HMAC_DRBG_state;
}
extern "C" {
#[doc = "Instantiate the DRBG.\n\n@param a Hash algorithm to use. (Value must match the value used in `Hacl_HMAC_DRBG_create_in`.)\n@param st Pointer to DRBG state.\n@param entropy_input_len Length of entropy input.\n@param entropy_input Pointer to `entropy_input_len` bytes of memory where entropy input is read from.\n@param nonce_len Length of nonce.\n@param nonce Pointer to `nonce_len` bytes of memory where nonce is read from.\n@param personalization_string_len length of personalization string.\n@param personalization_string Pointer to `personalization_string_len` bytes of memory where personalization string is read from."]
pub fn Hacl_HMAC_DRBG_instantiate(
a: Spec_Hash_Definitions_hash_alg,
st: Hacl_HMAC_DRBG_state,
entropy_input_len: u32,
entropy_input: *mut u8,
nonce_len: u32,
nonce: *mut u8,
personalization_string_len: u32,
personalization_string: *mut u8,
);
}
extern "C" {
#[doc = "Reseed the DRBG.\n\n@param a Hash algorithm to use. (Value must match the value used in `Hacl_HMAC_DRBG_create_in`.)\n@param st Pointer to DRBG state.\n@param entropy_input_len Length of entropy input.\n@param entropy_input Pointer to `entropy_input_len` bytes of memory where entropy input is read from.\n@param additional_input_input_len Length of additional input.\n@param additional_input_input Pointer to `additional_input_input_len` bytes of memory where additional input is read from."]
pub fn Hacl_HMAC_DRBG_reseed(
a: Spec_Hash_Definitions_hash_alg,
st: Hacl_HMAC_DRBG_state,
entropy_input_len: u32,
entropy_input: *mut u8,
additional_input_input_len: u32,
additional_input_input: *mut u8,
);
}
extern "C" {
#[doc = "Generate output.\n\n@param a Hash algorithm to use. (Value must match the value used in `create_in`.)\n@param output Pointer to `n` bytes of memory where random output is written to.\n@param st Pointer to DRBG state.\n@param n Length of desired output.\n@param additional_input_input_len Length of additional input.\n@param additional_input_input Pointer to `additional_input_input_len` bytes of memory where additional input is read from."]
pub fn Hacl_HMAC_DRBG_generate(
a: Spec_Hash_Definitions_hash_alg,
output: *mut u8,
st: Hacl_HMAC_DRBG_state,
n: u32,
additional_input_len: u32,
additional_input: *mut u8,
) -> bool;
}
extern "C" {
pub fn Hacl_HMAC_DRBG_free(uu___: Spec_Hash_Definitions_hash_alg, s: Hacl_HMAC_DRBG_state);
}
extern "C" {
#[doc = "Compute the public key from the private key.\n\nThe outparam `public_key` points to 32 bytes of valid memory, i.e., uint8_t[32].\nThe argument `private_key` points to 32 bytes of valid memory, i.e., uint8_t[32]."]
pub fn Hacl_Ed25519_secret_to_public(public_key: *mut u8, private_key: *mut u8);
}
extern "C" {
#[doc = "Compute the expanded keys for an Ed25519 signature.\n\nThe outparam `expanded_keys` points to 96 bytes of valid memory, i.e., uint8_t[96].\nThe argument `private_key` points to 32 bytes of valid memory, i.e., uint8_t[32].\n\nIf one needs to sign several messages under the same private key, it is more efficient\nto call `expand_keys` only once and `sign_expanded` multiple times, for each message."]
pub fn Hacl_Ed25519_expand_keys(expanded_keys: *mut u8, private_key: *mut u8);
}
extern "C" {
#[doc = "Create an Ed25519 signature with the (precomputed) expanded keys.\n\nThe outparam `signature` points to 64 bytes of valid memory, i.e., uint8_t[64].\nThe argument `expanded_keys` points to 96 bytes of valid memory, i.e., uint8_t[96].\nThe argument `msg` points to `msg_len` bytes of valid memory, i.e., uint8_t[msg_len].\n\nThe argument `expanded_keys` is obtained through `expand_keys`.\n\nIf one needs to sign several messages under the same private key, it is more efficient\nto call `expand_keys` only once and `sign_expanded` multiple times, for each message."]
pub fn Hacl_Ed25519_sign_expanded(
signature: *mut u8,
expanded_keys: *mut u8,
msg_len: u32,
msg: *mut u8,
);
}
extern "C" {
#[doc = "Create an Ed25519 signature.\n\nThe outparam `signature` points to 64 bytes of valid memory, i.e., uint8_t[64].\nThe argument `private_key` points to 32 bytes of valid memory, i.e., uint8_t[32].\nThe argument `msg` points to `msg_len` bytes of valid memory, i.e., uint8_t[msg_len].\n\nThe function first calls `expand_keys` and then invokes `sign_expanded`.\n\nIf one needs to sign several messages under the same private key, it is more efficient\nto call `expand_keys` only once and `sign_expanded` multiple times, for each message."]
pub fn Hacl_Ed25519_sign(signature: *mut u8, private_key: *mut u8, msg_len: u32, msg: *mut u8);
}
extern "C" {
#[doc = "Verify an Ed25519 signature.\n\nThe function returns `true` if the signature is valid and `false` otherwise.\n\nThe argument `public_key` points to 32 bytes of valid memory, i.e., uint8_t[32].\nThe argument `msg` points to `msg_len` bytes of valid memory, i.e., uint8_t[msg_len].\nThe argument `signature` points to 64 bytes of valid memory, i.e., uint8_t[64]."]
pub fn Hacl_Ed25519_verify(
public_key: *mut u8,
msg_len: u32,
msg: *mut u8,
signature: *mut u8,
) -> bool;
}
extern "C" {
#[doc = "Expand pseudorandom key to desired length.\n\n@param okm Pointer to `len` bytes of memory where output keying material is written to.\n@param prk Pointer to at least `HashLen` bytes of memory where pseudorandom key is read from. Usually, this points to the output from the extract step.\n@param prklen Length of pseudorandom key.\n@param info Pointer to `infolen` bytes of memory where context and application specific information is read from. Can be a zero-length string.\n@param infolen Length of context and application specific information.\n@param len Length of output keying material."]
pub fn Hacl_HKDF_expand_sha2_256(
okm: *mut u8,
prk: *mut u8,
prklen: u32,
info: *mut u8,
infolen: u32,
len: u32,
);
}
extern "C" {
#[doc = "Extract a fixed-length pseudorandom key from input keying material.\n\n@param prk Pointer to `HashLen` bytes of memory where pseudorandom key is written to.\n@param salt Pointer to `saltlen` bytes of memory where salt value is read from.\n@param saltlen Length of salt value.\n@param ikm Pointer to `ikmlen` bytes of memory where input keying material is read from.\n@param ikmlen Length of input keying material."]
pub fn Hacl_HKDF_extract_sha2_256(
prk: *mut u8,
salt: *mut u8,
saltlen: u32,
ikm: *mut u8,
ikmlen: u32,
);
}
extern "C" {
#[doc = "Expand pseudorandom key to desired length.\n\n@param okm Pointer to `len` bytes of memory where output keying material is written to.\n@param prk Pointer to at least `HashLen` bytes of memory where pseudorandom key is read from. Usually, this points to the output from the extract step.\n@param prklen Length of pseudorandom key.\n@param info Pointer to `infolen` bytes of memory where context and application specific information is read from. Can be a zero-length string.\n@param infolen Length of context and application specific information.\n@param len Length of output keying material."]
pub fn Hacl_HKDF_expand_sha2_384(
okm: *mut u8,
prk: *mut u8,
prklen: u32,
info: *mut u8,
infolen: u32,
len: u32,
);
}
extern "C" {
#[doc = "Extract a fixed-length pseudorandom key from input keying material.\n\n@param prk Pointer to `HashLen` bytes of memory where pseudorandom key is written to.\n@param salt Pointer to `saltlen` bytes of memory where salt value is read from.\n@param saltlen Length of salt value.\n@param ikm Pointer to `ikmlen` bytes of memory where input keying material is read from.\n@param ikmlen Length of input keying material."]
pub fn Hacl_HKDF_extract_sha2_384(
prk: *mut u8,
salt: *mut u8,
saltlen: u32,
ikm: *mut u8,
ikmlen: u32,
);
}
extern "C" {
#[doc = "Expand pseudorandom key to desired length.\n\n@param okm Pointer to `len` bytes of memory where output keying material is written to.\n@param prk Pointer to at least `HashLen` bytes of memory where pseudorandom key is read from. Usually, this points to the output from the extract step.\n@param prklen Length of pseudorandom key.\n@param info Pointer to `infolen` bytes of memory where context and application specific information is read from. Can be a zero-length string.\n@param infolen Length of context and application specific information.\n@param len Length of output keying material."]
pub fn Hacl_HKDF_expand_sha2_512(
okm: *mut u8,
prk: *mut u8,
prklen: u32,
info: *mut u8,
infolen: u32,
len: u32,
);
}
extern "C" {
#[doc = "Extract a fixed-length pseudorandom key from input keying material.\n\n@param prk Pointer to `HashLen` bytes of memory where pseudorandom key is written to.\n@param salt Pointer to `saltlen` bytes of memory where salt value is read from.\n@param saltlen Length of salt value.\n@param ikm Pointer to `ikmlen` bytes of memory where input keying material is read from.\n@param ikmlen Length of input keying material."]
pub fn Hacl_HKDF_extract_sha2_512(
prk: *mut u8,
salt: *mut u8,
saltlen: u32,
ikm: *mut u8,
ikmlen: u32,
);
}
extern "C" {
#[doc = "Expand pseudorandom key to desired length.\n\n@param okm Pointer to `len` bytes of memory where output keying material is written to.\n@param prk Pointer to at least `HashLen` bytes of memory where pseudorandom key is read from. Usually, this points to the output from the extract step.\n@param prklen Length of pseudorandom key.\n@param info Pointer to `infolen` bytes of memory where context and application specific information is read from. Can be a zero-length string.\n@param infolen Length of context and application specific information.\n@param len Length of output keying material."]
pub fn Hacl_HKDF_expand_blake2s_32(
okm: *mut u8,
prk: *mut u8,
prklen: u32,
info: *mut u8,
infolen: u32,
len: u32,
);
}
extern "C" {
#[doc = "Extract a fixed-length pseudorandom key from input keying material.\n\n@param prk Pointer to `HashLen` bytes of memory where pseudorandom key is written to.\n@param salt Pointer to `saltlen` bytes of memory where salt value is read from.\n@param saltlen Length of salt value.\n@param ikm Pointer to `ikmlen` bytes of memory where input keying material is read from.\n@param ikmlen Length of input keying material."]
pub fn Hacl_HKDF_extract_blake2s_32(
prk: *mut u8,
salt: *mut u8,
saltlen: u32,
ikm: *mut u8,
ikmlen: u32,
);
}
extern "C" {
#[doc = "Expand pseudorandom key to desired length.\n\n@param okm Pointer to `len` bytes of memory where output keying material is written to.\n@param prk Pointer to at least `HashLen` bytes of memory where pseudorandom key is read from. Usually, this points to the output from the extract step.\n@param prklen Length of pseudorandom key.\n@param info Pointer to `infolen` bytes of memory where context and application specific information is read from. Can be a zero-length string.\n@param infolen Length of context and application specific information.\n@param len Length of output keying material."]
pub fn Hacl_HKDF_expand_blake2b_32(
okm: *mut u8,
prk: *mut u8,
prklen: u32,
info: *mut u8,
infolen: u32,
len: u32,
);
}
extern "C" {
#[doc = "Extract a fixed-length pseudorandom key from input keying material.\n\n@param prk Pointer to `HashLen` bytes of memory where pseudorandom key is written to.\n@param salt Pointer to `saltlen` bytes of memory where salt value is read from.\n@param saltlen Length of salt value.\n@param ikm Pointer to `ikmlen` bytes of memory where input keying material is read from.\n@param ikmlen Length of input keying material."]
pub fn Hacl_HKDF_extract_blake2b_32(
prk: *mut u8,
salt: *mut u8,
saltlen: u32,
ikm: *mut u8,
ikmlen: u32,
);
}
extern "C" {
#[doc = "Create an ECDSA signature using SHA2-256.\n\nThe function returns `true` for successful creation of an ECDSA signature and `false` otherwise.\n\nThe outparam `signature` (R || S) points to 64 bytes of valid memory, i.e., uint8_t[64].\nThe argument `msg` points to `msg_len` bytes of valid memory, i.e., uint8_t[msg_len].\nThe arguments `private_key` and `nonce` point to 32 bytes of valid memory, i.e., uint8_t[32].\n\nThe function also checks whether `private_key` and `nonce` are valid:\n• 0 < `private_key` < the order of the curve\n• 0 < `nonce` < the order of the curve"]
pub fn Hacl_P256_ecdsa_sign_p256_sha2(
signature: *mut u8,
msg_len: u32,
msg: *mut u8,
private_key: *mut u8,
nonce: *mut u8,
) -> bool;
}
extern "C" {
#[doc = "Create an ECDSA signature using SHA2-384.\n\nThe function returns `true` for successful creation of an ECDSA signature and `false` otherwise.\n\nThe outparam `signature` (R || S) points to 64 bytes of valid memory, i.e., uint8_t[64].\nThe argument `msg` points to `msg_len` bytes of valid memory, i.e., uint8_t[msg_len].\nThe arguments `private_key` and `nonce` point to 32 bytes of valid memory, i.e., uint8_t[32].\n\nThe function also checks whether `private_key` and `nonce` are valid:\n• 0 < `private_key` < the order of the curve\n• 0 < `nonce` < the order of the curve"]
pub fn Hacl_P256_ecdsa_sign_p256_sha384(
signature: *mut u8,
msg_len: u32,
msg: *mut u8,
private_key: *mut u8,
nonce: *mut u8,
) -> bool;
}
extern "C" {
#[doc = "Create an ECDSA signature using SHA2-512.\n\nThe function returns `true` for successful creation of an ECDSA signature and `false` otherwise.\n\nThe outparam `signature` (R || S) points to 64 bytes of valid memory, i.e., uint8_t[64].\nThe argument `msg` points to `msg_len` bytes of valid memory, i.e., uint8_t[msg_len].\nThe arguments `private_key` and `nonce` point to 32 bytes of valid memory, i.e., uint8_t[32].\n\nThe function also checks whether `private_key` and `nonce` are valid:\n• 0 < `private_key` < the order of the curve\n• 0 < `nonce` < the order of the curve"]
pub fn Hacl_P256_ecdsa_sign_p256_sha512(
signature: *mut u8,
msg_len: u32,
msg: *mut u8,
private_key: *mut u8,
nonce: *mut u8,
) -> bool;
}
extern "C" {
#[doc = "Create an ECDSA signature WITHOUT hashing first.\n\nThis function is intended to receive a hash of the input.\nFor convenience, we recommend using one of the hash-and-sign combined functions above.\n\nThe argument `msg` MUST be at least 32 bytes (i.e. `msg_len >= 32`).\n\nNOTE: The equivalent functions in OpenSSL and Fiat-Crypto both accept inputs\nsmaller than 32 bytes. These libraries left-pad the input with enough zeroes to\nreach the minimum 32 byte size. Clients who need behavior identical to OpenSSL\nneed to perform the left-padding themselves.\n\nThe function returns `true` for successful creation of an ECDSA signature and `false` otherwise.\n\nThe outparam `signature` (R || S) points to 64 bytes of valid memory, i.e., uint8_t[64].\nThe argument `msg` points to `msg_len` bytes of valid memory, i.e., uint8_t[msg_len].\nThe arguments `private_key` and `nonce` point to 32 bytes of valid memory, i.e., uint8_t[32].\n\nThe function also checks whether `private_key` and `nonce` are valid values:\n• 0 < `private_key` < the order of the curve\n• 0 < `nonce` < the order of the curve"]
pub fn Hacl_P256_ecdsa_sign_p256_without_hash(
signature: *mut u8,
msg_len: u32,
msg: *mut u8,
private_key: *mut u8,
nonce: *mut u8,
) -> bool;
}
extern "C" {
#[doc = "Verify an ECDSA signature using SHA2-256.\n\nThe function returns `true` if the signature is valid and `false` otherwise.\n\nThe argument `msg` points to `msg_len` bytes of valid memory, i.e., uint8_t[msg_len].\nThe argument `public_key` (x || y) points to 64 bytes of valid memory, i.e., uint8_t[64].\nThe arguments `signature_r` and `signature_s` point to 32 bytes of valid memory, i.e., uint8_t[32].\n\nThe function also checks whether `public_key` is valid"]
pub fn Hacl_P256_ecdsa_verif_p256_sha2(
msg_len: u32,
msg: *mut u8,
public_key: *mut u8,
signature_r: *mut u8,
signature_s: *mut u8,
) -> bool;
}
extern "C" {
#[doc = "Verify an ECDSA signature using SHA2-384.\n\nThe function returns `true` if the signature is valid and `false` otherwise.\n\nThe argument `msg` points to `msg_len` bytes of valid memory, i.e., uint8_t[msg_len].\nThe argument `public_key` (x || y) points to 64 bytes of valid memory, i.e., uint8_t[64].\nThe arguments `signature_r` and `signature_s` point to 32 bytes of valid memory, i.e., uint8_t[32].\n\nThe function also checks whether `public_key` is valid"]
pub fn Hacl_P256_ecdsa_verif_p256_sha384(
msg_len: u32,
msg: *mut u8,
public_key: *mut u8,
signature_r: *mut u8,
signature_s: *mut u8,
) -> bool;
}
extern "C" {
#[doc = "Verify an ECDSA signature using SHA2-512.\n\nThe function returns `true` if the signature is valid and `false` otherwise.\n\nThe argument `msg` points to `msg_len` bytes of valid memory, i.e., uint8_t[msg_len].\nThe argument `public_key` (x || y) points to 64 bytes of valid memory, i.e., uint8_t[64].\nThe arguments `signature_r` and `signature_s` point to 32 bytes of valid memory, i.e., uint8_t[32].\n\nThe function also checks whether `public_key` is valid"]
pub fn Hacl_P256_ecdsa_verif_p256_sha512(
msg_len: u32,
msg: *mut u8,
public_key: *mut u8,
signature_r: *mut u8,
signature_s: *mut u8,
) -> bool;
}
extern "C" {
#[doc = "Verify an ECDSA signature WITHOUT hashing first.\n\nThis function is intended to receive a hash of the input.\nFor convenience, we recommend using one of the hash-and-verify combined functions above.\n\nThe argument `msg` MUST be at least 32 bytes (i.e. `msg_len >= 32`).\n\nThe function returns `true` if the signature is valid and `false` otherwise.\n\nThe argument `msg` points to `msg_len` bytes of valid memory, i.e., uint8_t[msg_len].\nThe argument `public_key` (x || y) points to 64 bytes of valid memory, i.e., uint8_t[64].\nThe arguments `signature_r` and `signature_s` point to 32 bytes of valid memory, i.e., uint8_t[32].\n\nThe function also checks whether `public_key` is valid"]
pub fn Hacl_P256_ecdsa_verif_without_hash(
msg_len: u32,
msg: *mut u8,
public_key: *mut u8,
signature_r: *mut u8,
signature_s: *mut u8,
) -> bool;
}
extern "C" {
#[doc = "Public key validation.\n\nThe function returns `true` if a public key is valid and `false` otherwise.\n\nThe argument `public_key` points to 64 bytes of valid memory, i.e., uint8_t[64].\n\nThe public key (x || y) is valid (with respect to SP 800-56A):\n• the public key is not the “point at infinity”, represented as O.\n• the affine x and y coordinates of the point represented by the public key are\nin the range [0, p – 1] where p is the prime defining the finite field.\n• y^2 = x^3 + ax + b where a and b are the coefficients of the curve equation.\nThe last extract is taken from: https://neilmadden.blog/2017/05/17/so-how-do-you-validate-nist-ecdh-public-keys/"]
pub fn Hacl_P256_validate_public_key(public_key: *mut u8) -> bool;
}
extern "C" {
#[doc = "Private key validation.\n\nThe function returns `true` if a private key is valid and `false` otherwise.\n\nThe argument `private_key` points to 32 bytes of valid memory, i.e., uint8_t[32].\n\nThe private key is valid:\n• 0 < `private_key` < the order of the curve"]
pub fn Hacl_P256_validate_private_key(private_key: *mut u8) -> bool;
}
extern "C" {
#[doc = "Convert a public key from uncompressed to its raw form.\n\nThe function returns `true` for successful conversion of a public key and `false` otherwise.\n\nThe outparam `pk_raw` points to 64 bytes of valid memory, i.e., uint8_t[64].\nThe argument `pk` points to 65 bytes of valid memory, i.e., uint8_t[65].\n\nThe function DOESN'T check whether (x, y) is a valid point."]
pub fn Hacl_P256_uncompressed_to_raw(pk: *mut u8, pk_raw: *mut u8) -> bool;
}
extern "C" {
#[doc = "Convert a public key from compressed to its raw form.\n\nThe function returns `true` for successful conversion of a public key and `false` otherwise.\n\nThe outparam `pk_raw` points to 64 bytes of valid memory, i.e., uint8_t[64].\nThe argument `pk` points to 33 bytes of valid memory, i.e., uint8_t[33].\n\nThe function also checks whether (x, y) is a valid point."]
pub fn Hacl_P256_compressed_to_raw(pk: *mut u8, pk_raw: *mut u8) -> bool;
}
extern "C" {
#[doc = "Convert a public key from raw to its uncompressed form.\n\nThe outparam `pk` points to 65 bytes of valid memory, i.e., uint8_t[65].\nThe argument `pk_raw` points to 64 bytes of valid memory, i.e., uint8_t[64].\n\nThe function DOESN'T check whether (x, y) is a valid point."]
pub fn Hacl_P256_raw_to_uncompressed(pk_raw: *mut u8, pk: *mut u8);
}
extern "C" {
#[doc = "Convert a public key from raw to its compressed form.\n\nThe outparam `pk` points to 33 bytes of valid memory, i.e., uint8_t[33].\nThe argument `pk_raw` points to 64 bytes of valid memory, i.e., uint8_t[64].\n\nThe function DOESN'T check whether (x, y) is a valid point."]
pub fn Hacl_P256_raw_to_compressed(pk_raw: *mut u8, pk: *mut u8);
}
extern "C" {
#[doc = "Compute the public key from the private key.\n\nThe function returns `true` if a private key is valid and `false` otherwise.\n\nThe outparam `public_key` points to 64 bytes of valid memory, i.e., uint8_t[64].\nThe argument `private_key` points to 32 bytes of valid memory, i.e., uint8_t[32].\n\nThe private key is valid:\n• 0 < `private_key` < the order of the curve."]
pub fn Hacl_P256_dh_initiator(public_key: *mut u8, private_key: *mut u8) -> bool;
}
extern "C" {
#[doc = "Execute the diffie-hellmann key exchange.\n\nThe function returns `true` for successful creation of an ECDH shared secret and\n`false` otherwise.\n\nThe outparam `shared_secret` points to 64 bytes of valid memory, i.e., uint8_t[64].\nThe argument `their_pubkey` points to 64 bytes of valid memory, i.e., uint8_t[64].\nThe argument `private_key` points to 32 bytes of valid memory, i.e., uint8_t[32].\n\nThe function also checks whether `private_key` and `their_pubkey` are valid."]
pub fn Hacl_P256_dh_responder(
shared_secret: *mut u8,
their_pubkey: *mut u8,
private_key: *mut u8,
) -> bool;
}
extern "C" {
#[doc = "Sign a message `msg` and write the signature to `sgnt`.\n\n@param a Hash algorithm to use. Allowed values for `a` are ...\n- Spec_Hash_Definitions_SHA2_256,\n- Spec_Hash_Definitions_SHA2_384, and\n- Spec_Hash_Definitions_SHA2_512.\n@param modBits Count of bits in the modulus (`n`).\n@param eBits Count of bits in `e` value.\n@param dBits Count of bits in `d` value.\n@param skey Pointer to secret key created by `Hacl_RSAPSS_new_rsapss_load_skey`.\n@param saltLen Length of salt.\n@param salt Pointer to `saltLen` bytes where the salt is read from.\n@param msgLen Length of message.\n@param msg Pointer to `msgLen` bytes where the message is read from.\n@param sgnt Pointer to `ceil(modBits / 8)` bytes where the signature is written to.\n\n@return Returns true if and only if signing was successful."]
pub fn Hacl_RSAPSS_rsapss_sign(
a: Spec_Hash_Definitions_hash_alg,
modBits: u32,
eBits: u32,
dBits: u32,
skey: *mut u64,
saltLen: u32,
salt: *mut u8,
msgLen: u32,
msg: *mut u8,
sgnt: *mut u8,
) -> bool;
}
extern "C" {
#[doc = "Verify the signature `sgnt` of a message `msg`.\n\n@param a Hash algorithm to use. Allowed values for `a` are ...\n- Spec_Hash_Definitions_SHA2_256,\n- Spec_Hash_Definitions_SHA2_384, and\n- Spec_Hash_Definitions_SHA2_512.\n@param modBits Count of bits in the modulus (`n`).\n@param eBits Count of bits in `e` value.\n@param pkey Pointer to public key created by `Hacl_RSAPSS_new_rsapss_load_pkey`.\n@param saltLen Length of salt.\n@param sgntLen Length of signature.\n@param sgnt Pointer to `sgntLen` bytes where the signature is read from.\n@param msgLen Length of message.\n@param msg Pointer to `msgLen` bytes where the message is read from.\n\n@return Returns true if and only if the signature is valid."]
pub fn Hacl_RSAPSS_rsapss_verify(
a: Spec_Hash_Definitions_hash_alg,
modBits: u32,
eBits: u32,
pkey: *mut u64,
saltLen: u32,
sgntLen: u32,
sgnt: *mut u8,
msgLen: u32,
msg: *mut u8,
) -> bool;
}
extern "C" {
#[doc = "Load a public key from key parts.\n\n@param modBits Count of bits in modulus (`n`).\n@param eBits Count of bits in `e` value.\n@param nb Pointer to `ceil(modBits / 8)` bytes where the modulus (`n`), in big-endian byte order, is read from.\n@param eb Pointer to `ceil(modBits / 8)` bytes where the `e` value, in big-endian byte order, is read from.\n\n@return Returns an allocated public key upon success, otherwise, `NULL` if key part arguments are invalid or memory allocation fails. Note: caller must take care to `free()` the created key."]
pub fn Hacl_RSAPSS_new_rsapss_load_pkey(
modBits: u32,
eBits: u32,
nb: *mut u8,
eb: *mut u8,
) -> *mut u64;
}
extern "C" {
#[doc = "Load a secret key from key parts.\n\n@param modBits Count of bits in modulus (`n`).\n@param eBits Count of bits in `e` value.\n@param dBits Count of bits in `d` value.\n@param nb Pointer to `ceil(modBits / 8)` bytes where the modulus (`n`), in big-endian byte order, is read from.\n@param eb Pointer to `ceil(modBits / 8)` bytes where the `e` value, in big-endian byte order, is read from.\n@param db Pointer to `ceil(modBits / 8)` bytes where the `d` value, in big-endian byte order, is read from.\n\n@return Returns an allocated secret key upon success, otherwise, `NULL` if key part arguments are invalid or memory allocation fails. Note: caller must take care to `free()` the created key."]
pub fn Hacl_RSAPSS_new_rsapss_load_skey(
modBits: u32,
eBits: u32,
dBits: u32,
nb: *mut u8,
eb: *mut u8,
db: *mut u8,
) -> *mut u64;
}
extern "C" {
#[doc = "Sign a message `msg` and write the signature to `sgnt`.\n\n@param a Hash algorithm to use. Allowed values for `a` are ...\n- Spec_Hash_Definitions_SHA2_256,\n- Spec_Hash_Definitions_SHA2_384, and\n- Spec_Hash_Definitions_SHA2_512.\n@param modBits Count of bits in the modulus (`n`).\n@param eBits Count of bits in `e` value.\n@param dBits Count of bits in `d` value.\n@param nb Pointer to `ceil(modBits / 8)` bytes where the modulus (`n`), in big-endian byte order, is read from.\n@param eb Pointer to `ceil(modBits / 8)` bytes where the `e` value, in big-endian byte order, is read from.\n@param db Pointer to `ceil(modBits / 8)` bytes where the `d` value, in big-endian byte order, is read from.\n@param saltLen Length of salt.\n@param salt Pointer to `saltLen` bytes where the salt is read from.\n@param msgLen Length of message.\n@param msg Pointer to `msgLen` bytes where the message is read from.\n@param sgnt Pointer to `ceil(modBits / 8)` bytes where the signature is written to.\n\n@return Returns true if and only if signing was successful."]
pub fn Hacl_RSAPSS_rsapss_skey_sign(
a: Spec_Hash_Definitions_hash_alg,
modBits: u32,
eBits: u32,
dBits: u32,
nb: *mut u8,
eb: *mut u8,
db: *mut u8,
saltLen: u32,
salt: *mut u8,
msgLen: u32,
msg: *mut u8,
sgnt: *mut u8,
) -> bool;
}
extern "C" {
#[doc = "Verify the signature `sgnt` of a message `msg`.\n\n@param a Hash algorithm to use. Allowed values for `a` are ...\n- Spec_Hash_Definitions_SHA2_256,\n- Spec_Hash_Definitions_SHA2_384, and\n- Spec_Hash_Definitions_SHA2_512.\n@param modBits Count of bits in the modulus (`n`).\n@param eBits Count of bits in `e` value.\n@param nb Pointer to `ceil(modBits / 8)` bytes where the modulus (`n`), in big-endian byte order, is read from.\n@param eb Pointer to `ceil(modBits / 8)` bytes where the `e` value, in big-endian byte order, is read from.\n@param saltLen Length of salt.\n@param sgntLen Length of signature.\n@param sgnt Pointer to `sgntLen` bytes where the signature is read from.\n@param msgLen Length of message.\n@param msg Pointer to `msgLen` bytes where the message is read from.\n\n@return Returns true if and only if the signature is valid."]
pub fn Hacl_RSAPSS_rsapss_pkey_verify(
a: Spec_Hash_Definitions_hash_alg,
modBits: u32,
eBits: u32,
nb: *mut u8,
eb: *mut u8,
saltLen: u32,
sgntLen: u32,
sgnt: *mut u8,
msgLen: u32,
msg: *mut u8,
) -> bool;
}
extern "C" {
#[doc = "The mask generation function defined in the Public Key Cryptography Standard #1\n(https://www.ietf.org/rfc/rfc2437.txt Section 10.2.1)"]
pub fn Hacl_RSAPSS_mgf_hash(
a: Spec_Hash_Definitions_hash_alg,
len: u32,
mgfseed: *mut u8,
maskLen: u32,
res: *mut u8,
);
}
extern "C" {
pub fn hacl_free(ptr: *mut ::core::ffi::c_void);
}
extern "C" {
#[doc = "Encrypt a message `input` with key `key`.\n\nThe arguments `key`, `nonce`, `data`, and `data_len` are same in encryption/decryption.\nNote: Encryption and decryption can be executed in-place, i.e., `input` and `output` can point to the same memory.\n\n@param output Pointer to `input_len` bytes of memory where the ciphertext is written to.\n@param tag Pointer to 16 bytes of memory where the mac is written to.\n@param input Pointer to `input_len` bytes of memory where the message is read from.\n@param input_len Length of the message.\n@param data Pointer to `data_len` bytes of memory where the associated data is read from.\n@param data_len Length of the associated data.\n@param key Pointer to 32 bytes of memory where the AEAD key is read from.\n@param nonce Pointer to 12 bytes of memory where the AEAD nonce is read from."]
pub fn Hacl_AEAD_Chacha20Poly1305_Simd128_encrypt(
output: *mut u8,
tag: *mut u8,
input: *mut u8,
input_len: u32,
data: *mut u8,
data_len: u32,
key: *mut u8,
nonce: *mut u8,
);
}
extern "C" {
#[doc = "Decrypt a ciphertext `input` with key `key`.\n\nThe arguments `key`, `nonce`, `data`, and `data_len` are same in encryption/decryption.\nNote: Encryption and decryption can be executed in-place, i.e., `input` and `output` can point to the same memory.\n\nIf decryption succeeds, the resulting plaintext is stored in `output` and the function returns the success code 0.\nIf decryption fails, the array `output` remains unchanged and the function returns the error code 1.\n\n@param output Pointer to `input_len` bytes of memory where the message is written to.\n@param input Pointer to `input_len` bytes of memory where the ciphertext is read from.\n@param input_len Length of the ciphertext.\n@param data Pointer to `data_len` bytes of memory where the associated data is read from.\n@param data_len Length of the associated data.\n@param key Pointer to 32 bytes of memory where the AEAD key is read from.\n@param nonce Pointer to 12 bytes of memory where the AEAD nonce is read from.\n@param tag Pointer to 16 bytes of memory where the mac is read from.\n\n@returns 0 on succeess; 1 on failure."]
pub fn Hacl_AEAD_Chacha20Poly1305_Simd128_decrypt(
output: *mut u8,
input: *mut u8,
input_len: u32,
data: *mut u8,
data_len: u32,
key: *mut u8,
nonce: *mut u8,
tag: *mut u8,
) -> u32;
}
pub type __m128i = [::core::ffi::c_longlong; 2usize];
pub type Lib_IntVector_Intrinsics_vec128 = __m128i;
pub type __m256i = [::core::ffi::c_longlong; 4usize];
pub type Lib_IntVector_Intrinsics_vec256 = __m256i;
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct Hacl_Hash_Blake2s_Simd128_block_state_t_s {
pub fst: *mut Lib_IntVector_Intrinsics_vec128,
pub snd: *mut Lib_IntVector_Intrinsics_vec128,
}
pub type Hacl_Hash_Blake2s_Simd128_block_state_t = Hacl_Hash_Blake2s_Simd128_block_state_t_s;
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct Hacl_Hash_Blake2s_Simd128_state_t_s {
pub block_state: Hacl_Hash_Blake2s_Simd128_block_state_t,
pub buf: *mut u8,
pub total_len: u64,
}
pub type Hacl_Hash_Blake2s_Simd128_state_t = Hacl_Hash_Blake2s_Simd128_state_t_s;
extern "C" {
#[doc = "State allocation function when there is no key"]
pub fn Hacl_Hash_Blake2s_Simd128_malloc() -> *mut Hacl_Hash_Blake2s_Simd128_state_t;
}
extern "C" {
#[doc = "Re-initialization function when there is no key"]
pub fn Hacl_Hash_Blake2s_Simd128_reset(state: *mut Hacl_Hash_Blake2s_Simd128_state_t);
}
extern "C" {
#[doc = "Update function when there is no key; 0 = success, 1 = max length exceeded"]
pub fn Hacl_Hash_Blake2s_Simd128_update(
state: *mut Hacl_Hash_Blake2s_Simd128_state_t,
chunk: *mut u8,
chunk_len: u32,
) -> Hacl_Streaming_Types_error_code;
}
extern "C" {
#[doc = "Finish function when there is no key"]
pub fn Hacl_Hash_Blake2s_Simd128_digest(
state: *mut Hacl_Hash_Blake2s_Simd128_state_t,
output: *mut u8,
);
}
extern "C" {
#[doc = "Free state function when there is no key"]
pub fn Hacl_Hash_Blake2s_Simd128_free(state: *mut Hacl_Hash_Blake2s_Simd128_state_t);
}
extern "C" {
#[doc = "Write the BLAKE2s digest of message `input` using key `key` into `output`.\n\n@param output Pointer to `output_len` bytes of memory where the digest is written to.\n@param output_len Length of the to-be-generated digest with 1 <= `output_len` <= 32.\n@param input Pointer to `input_len` bytes of memory where the input message is read from.\n@param input_len Length of the input message.\n@param key Pointer to `key_len` bytes of memory where the key is read from.\n@param key_len Length of the key. Can be 0."]
pub fn Hacl_Hash_Blake2s_Simd128_hash_with_key(
output: *mut u8,
output_len: u32,
input: *mut u8,
input_len: u32,
key: *mut u8,
key_len: u32,
);
}
extern "C" {
#[doc = "Encrypt a message `input` with key `key`.\n\nThe arguments `key`, `nonce`, `data`, and `data_len` are same in encryption/decryption.\nNote: Encryption and decryption can be executed in-place, i.e., `input` and `output` can point to the same memory.\n\n@param output Pointer to `input_len` bytes of memory where the ciphertext is written to.\n@param tag Pointer to 16 bytes of memory where the mac is written to.\n@param input Pointer to `input_len` bytes of memory where the message is read from.\n@param input_len Length of the message.\n@param data Pointer to `data_len` bytes of memory where the associated data is read from.\n@param data_len Length of the associated data.\n@param key Pointer to 32 bytes of memory where the AEAD key is read from.\n@param nonce Pointer to 12 bytes of memory where the AEAD nonce is read from."]
pub fn Hacl_AEAD_Chacha20Poly1305_Simd256_encrypt(
output: *mut u8,
tag: *mut u8,
input: *mut u8,
input_len: u32,
data: *mut u8,
data_len: u32,
key: *mut u8,
nonce: *mut u8,
);
}
extern "C" {
#[doc = "Decrypt a ciphertext `input` with key `key`.\n\nThe arguments `key`, `nonce`, `data`, and `data_len` are same in encryption/decryption.\nNote: Encryption and decryption can be executed in-place, i.e., `input` and `output` can point to the same memory.\n\nIf decryption succeeds, the resulting plaintext is stored in `output` and the function returns the success code 0.\nIf decryption fails, the array `output` remains unchanged and the function returns the error code 1.\n\n@param output Pointer to `input_len` bytes of memory where the message is written to.\n@param input Pointer to `input_len` bytes of memory where the ciphertext is read from.\n@param input_len Length of the ciphertext.\n@param data Pointer to `data_len` bytes of memory where the associated data is read from.\n@param data_len Length of the associated data.\n@param key Pointer to 32 bytes of memory where the AEAD key is read from.\n@param nonce Pointer to 12 bytes of memory where the AEAD nonce is read from.\n@param tag Pointer to 16 bytes of memory where the mac is read from.\n\n@returns 0 on succeess; 1 on failure."]
pub fn Hacl_AEAD_Chacha20Poly1305_Simd256_decrypt(
output: *mut u8,
input: *mut u8,
input_len: u32,
data: *mut u8,
data_len: u32,
key: *mut u8,
nonce: *mut u8,
tag: *mut u8,
) -> u32;
}
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct Hacl_Hash_Blake2b_Simd256_block_state_t_s {
pub fst: *mut Lib_IntVector_Intrinsics_vec256,
pub snd: *mut Lib_IntVector_Intrinsics_vec256,
}
pub type Hacl_Hash_Blake2b_Simd256_block_state_t = Hacl_Hash_Blake2b_Simd256_block_state_t_s;
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct Hacl_Hash_Blake2b_Simd256_state_t_s {
pub block_state: Hacl_Hash_Blake2b_Simd256_block_state_t,
pub buf: *mut u8,
pub total_len: u64,
}
pub type Hacl_Hash_Blake2b_Simd256_state_t = Hacl_Hash_Blake2b_Simd256_state_t_s;
extern "C" {
#[doc = "State allocation function when there is no key"]
pub fn Hacl_Hash_Blake2b_Simd256_malloc() -> *mut Hacl_Hash_Blake2b_Simd256_state_t;
}
extern "C" {
#[doc = "Re-initialization function when there is no key"]
pub fn Hacl_Hash_Blake2b_Simd256_reset(state: *mut Hacl_Hash_Blake2b_Simd256_state_t);
}
extern "C" {
#[doc = "Update function when there is no key; 0 = success, 1 = max length exceeded"]
pub fn Hacl_Hash_Blake2b_Simd256_update(
state: *mut Hacl_Hash_Blake2b_Simd256_state_t,
chunk: *mut u8,
chunk_len: u32,
) -> Hacl_Streaming_Types_error_code;
}
extern "C" {
#[doc = "Finish function when there is no key"]
pub fn Hacl_Hash_Blake2b_Simd256_digest(
state: *mut Hacl_Hash_Blake2b_Simd256_state_t,
output: *mut u8,
);
}
extern "C" {
#[doc = "Free state function when there is no key"]
pub fn Hacl_Hash_Blake2b_Simd256_free(state: *mut Hacl_Hash_Blake2b_Simd256_state_t);
}
extern "C" {
#[doc = "Write the BLAKE2b digest of message `input` using key `key` into `output`.\n\n@param output Pointer to `output_len` bytes of memory where the digest is written to.\n@param output_len Length of the to-be-generated digest with 1 <= `output_len` <= 64.\n@param input Pointer to `input_len` bytes of memory where the input message is read from.\n@param input_len Length of the input message.\n@param key Pointer to `key_len` bytes of memory where the key is read from.\n@param key_len Length of the key. Can be 0."]
pub fn Hacl_Hash_Blake2b_Simd256_hash_with_key(
output: *mut u8,
output_len: u32,
input: *mut u8,
input_len: u32,
key: *mut u8,
key_len: u32,
);
}
extern "C" {
pub fn EverCrypt_AutoConfig2_has_shaext() -> bool;
}
extern "C" {
pub fn EverCrypt_AutoConfig2_has_aesni() -> bool;
}
extern "C" {
pub fn EverCrypt_AutoConfig2_has_pclmulqdq() -> bool;
}
extern "C" {
pub fn EverCrypt_AutoConfig2_has_avx2() -> bool;
}
extern "C" {
pub fn EverCrypt_AutoConfig2_has_avx() -> bool;
}
extern "C" {
pub fn EverCrypt_AutoConfig2_has_bmi2() -> bool;
}
extern "C" {
pub fn EverCrypt_AutoConfig2_has_adx() -> bool;
}
extern "C" {
pub fn EverCrypt_AutoConfig2_has_sse() -> bool;
}
extern "C" {
pub fn EverCrypt_AutoConfig2_has_movbe() -> bool;
}
extern "C" {
pub fn EverCrypt_AutoConfig2_has_rdrand() -> bool;
}
extern "C" {
pub fn EverCrypt_AutoConfig2_has_avx512() -> bool;
}
extern "C" {
pub fn EverCrypt_AutoConfig2_recall();
}
extern "C" {
pub fn EverCrypt_AutoConfig2_init();
}
extern "C" {
pub fn EverCrypt_AutoConfig2_disable_avx2();
}
extern "C" {
pub fn EverCrypt_AutoConfig2_disable_avx();
}
extern "C" {
pub fn EverCrypt_AutoConfig2_disable_bmi2();
}
extern "C" {
pub fn EverCrypt_AutoConfig2_disable_adx();
}
extern "C" {
pub fn EverCrypt_AutoConfig2_disable_shaext();
}
extern "C" {
pub fn EverCrypt_AutoConfig2_disable_aesni();
}
extern "C" {
pub fn EverCrypt_AutoConfig2_disable_pclmulqdq();
}
extern "C" {
pub fn EverCrypt_AutoConfig2_disable_sse();
}
extern "C" {
pub fn EverCrypt_AutoConfig2_disable_movbe();
}
extern "C" {
pub fn EverCrypt_AutoConfig2_disable_rdrand();
}
extern "C" {
pub fn EverCrypt_AutoConfig2_disable_avx512();
}
extern "C" {
pub fn EverCrypt_AutoConfig2_has_vec128() -> bool;
}
extern "C" {
pub fn EverCrypt_AutoConfig2_has_vec256() -> bool;
}
pub type Spec_FFDHE_ffdhe_alg = u8;
pub type Spec_Agile_AEAD_alg = u8;
pub type EverCrypt_Error_error_code = u8;
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct EverCrypt_AEAD_state_s_s {
_unused: [u8; 0],
}
pub type EverCrypt_AEAD_state_s = EverCrypt_AEAD_state_s_s;
extern "C" {
#[doc = "Both encryption and decryption require a state that holds the key.\nThe state may be reused as many times as desired."]
pub fn EverCrypt_AEAD_uu___is_Ek(
a: Spec_Agile_AEAD_alg,
projectee: EverCrypt_AEAD_state_s,
) -> bool;
}
extern "C" {
#[doc = "Return the algorithm used in the AEAD state.\n\n@param s State of the AEAD algorithm.\n\n@return Algorithm used in the AEAD state."]
pub fn EverCrypt_AEAD_alg_of_state(s: *mut EverCrypt_AEAD_state_s) -> Spec_Agile_AEAD_alg;
}
extern "C" {
#[doc = "Create the required AEAD state for the algorithm.\n\nNote: The caller must free the AEAD state by calling `EverCrypt_AEAD_free`.\n\n@param a The argument `a` must be either of:\n `Spec_Agile_AEAD_AES128_GCM` (KEY_LEN=16),\n `Spec_Agile_AEAD_AES256_GCM` (KEY_LEN=32), or\n `Spec_Agile_AEAD_CHACHA20_POLY1305` (KEY_LEN=32).\n@param dst Pointer to a pointer where the address of the allocated AEAD state will be written to.\n@param k Pointer to `KEY_LEN` bytes of memory where the key is read from. The size depends on the used algorithm, see above.\n\n@return The function returns `EverCrypt_Error_Success` on success or\n`EverCrypt_Error_UnsupportedAlgorithm` in case of a bad algorithm identifier.\n(See `EverCrypt_Error.h`.)"]
pub fn EverCrypt_AEAD_create_in(
a: Spec_Agile_AEAD_alg,
dst: *mut *mut EverCrypt_AEAD_state_s,
k: *mut u8,
) -> EverCrypt_Error_error_code;
}
extern "C" {
#[doc = "Encrypt and authenticate a message (`plain`) with associated data (`ad`).\n\n@param s Pointer to the The AEAD state created by `EverCrypt_AEAD_create_in`. It already contains the encryption key.\n@param iv Pointer to `iv_len` bytes of memory where the nonce is read from.\n@param iv_len Length of the nonce. Note: ChaCha20Poly1305 requires a 12 byte nonce.\n@param ad Pointer to `ad_len` bytes of memory where the associated data is read from.\n@param ad_len Length of the associated data.\n@param plain Pointer to `plain_len` bytes of memory where the to-be-encrypted plaintext is read from.\n@param plain_len Length of the to-be-encrypted plaintext.\n@param cipher Pointer to `plain_len` bytes of memory where the ciphertext is written to.\n@param tag Pointer to `TAG_LEN` bytes of memory where the tag is written to.\nThe length of the `tag` must be of a suitable length for the chosen algorithm:\n `Spec_Agile_AEAD_AES128_GCM` (TAG_LEN=16)\n `Spec_Agile_AEAD_AES256_GCM` (TAG_LEN=16)\n `Spec_Agile_AEAD_CHACHA20_POLY1305` (TAG_LEN=16)\n\n@return `EverCrypt_AEAD_encrypt` may return either `EverCrypt_Error_Success` or `EverCrypt_Error_InvalidKey` (`EverCrypt_error.h`). The latter is returned if and only if the `s` parameter is `NULL`."]
pub fn EverCrypt_AEAD_encrypt(
s: *mut EverCrypt_AEAD_state_s,
iv: *mut u8,
iv_len: u32,
ad: *mut u8,
ad_len: u32,
plain: *mut u8,
plain_len: u32,
cipher: *mut u8,
tag: *mut u8,
) -> EverCrypt_Error_error_code;
}
extern "C" {
#[doc = "WARNING: this function doesn't perform any dynamic\nhardware check. You MUST make sure your hardware supports the\nimplementation of AESGCM. Besides, this function was not designed\nfor cross-compilation: if you compile it on a system which doesn't\nsupport Vale, it will compile it to a function which makes the\nprogram exit."]
pub fn EverCrypt_AEAD_encrypt_expand_aes128_gcm_no_check(
k: *mut u8,
iv: *mut u8,
iv_len: u32,
ad: *mut u8,
ad_len: u32,
plain: *mut u8,
plain_len: u32,
cipher: *mut u8,
tag: *mut u8,
) -> EverCrypt_Error_error_code;
}
extern "C" {
#[doc = "WARNING: this function doesn't perform any dynamic\nhardware check. You MUST make sure your hardware supports the\nimplementation of AESGCM. Besides, this function was not designed\nfor cross-compilation: if you compile it on a system which doesn't\nsupport Vale, it will compile it to a function which makes the\nprogram exit."]
pub fn EverCrypt_AEAD_encrypt_expand_aes256_gcm_no_check(
k: *mut u8,
iv: *mut u8,
iv_len: u32,
ad: *mut u8,
ad_len: u32,
plain: *mut u8,
plain_len: u32,
cipher: *mut u8,
tag: *mut u8,
) -> EverCrypt_Error_error_code;
}
extern "C" {
pub fn EverCrypt_AEAD_encrypt_expand_aes128_gcm(
k: *mut u8,
iv: *mut u8,
iv_len: u32,
ad: *mut u8,
ad_len: u32,
plain: *mut u8,
plain_len: u32,
cipher: *mut u8,
tag: *mut u8,
) -> EverCrypt_Error_error_code;
}
extern "C" {
pub fn EverCrypt_AEAD_encrypt_expand_aes256_gcm(
k: *mut u8,
iv: *mut u8,
iv_len: u32,
ad: *mut u8,
ad_len: u32,
plain: *mut u8,
plain_len: u32,
cipher: *mut u8,
tag: *mut u8,
) -> EverCrypt_Error_error_code;
}
extern "C" {
pub fn EverCrypt_AEAD_encrypt_expand_chacha20_poly1305(
k: *mut u8,
iv: *mut u8,
iv_len: u32,
ad: *mut u8,
ad_len: u32,
plain: *mut u8,
plain_len: u32,
cipher: *mut u8,
tag: *mut u8,
) -> EverCrypt_Error_error_code;
}
extern "C" {
pub fn EverCrypt_AEAD_encrypt_expand(
a: Spec_Agile_AEAD_alg,
k: *mut u8,
iv: *mut u8,
iv_len: u32,
ad: *mut u8,
ad_len: u32,
plain: *mut u8,
plain_len: u32,
cipher: *mut u8,
tag: *mut u8,
) -> EverCrypt_Error_error_code;
}
extern "C" {
#[doc = "Verify the authenticity of `ad` || `cipher` and decrypt `cipher` into `dst`.\n\n@param s Pointer to the The AEAD state created by `EverCrypt_AEAD_create_in`. It already contains the encryption key.\n@param iv Pointer to `iv_len` bytes of memory where the nonce is read from.\n@param iv_len Length of the nonce. Note: ChaCha20Poly1305 requires a 12 byte nonce.\n@param ad Pointer to `ad_len` bytes of memory where the associated data is read from.\n@param ad_len Length of the associated data.\n@param cipher Pointer to `cipher_len` bytes of memory where the ciphertext is read from.\n@param cipher_len Length of the ciphertext.\n@param tag Pointer to `TAG_LEN` bytes of memory where the tag is read from.\nThe length of the `tag` must be of a suitable length for the chosen algorithm:\n `Spec_Agile_AEAD_AES128_GCM` (TAG_LEN=16)\n `Spec_Agile_AEAD_AES256_GCM` (TAG_LEN=16)\n `Spec_Agile_AEAD_CHACHA20_POLY1305` (TAG_LEN=16)\n@param dst Pointer to `cipher_len` bytes of memory where the decrypted plaintext will be written to.\n\n@return `EverCrypt_AEAD_decrypt` returns ...\n\n `EverCrypt_Error_Success`\n\n... on success and either of ...\n\n `EverCrypt_Error_InvalidKey` (returned if and only if the `s` parameter is `NULL`),\n `EverCrypt_Error_InvalidIVLength` (see note about requirements on IV size above), or\n `EverCrypt_Error_AuthenticationFailure` (in case the ciphertext could not be authenticated, e.g., due to modifications)\n\n... on failure (`EverCrypt_error.h`).\n\nUpon success, the plaintext will be written into `dst`."]
pub fn EverCrypt_AEAD_decrypt(
s: *mut EverCrypt_AEAD_state_s,
iv: *mut u8,
iv_len: u32,
ad: *mut u8,
ad_len: u32,
cipher: *mut u8,
cipher_len: u32,
tag: *mut u8,
dst: *mut u8,
) -> EverCrypt_Error_error_code;
}
extern "C" {
#[doc = "WARNING: this function doesn't perform any dynamic\nhardware check. You MUST make sure your hardware supports the\nimplementation of AESGCM. Besides, this function was not designed\nfor cross-compilation: if you compile it on a system which doesn't\nsupport Vale, it will compile it to a function which makes the\nprogram exit."]
pub fn EverCrypt_AEAD_decrypt_expand_aes128_gcm_no_check(
k: *mut u8,
iv: *mut u8,
iv_len: u32,
ad: *mut u8,
ad_len: u32,
cipher: *mut u8,
cipher_len: u32,
tag: *mut u8,
dst: *mut u8,
) -> EverCrypt_Error_error_code;
}
extern "C" {
#[doc = "WARNING: this function doesn't perform any dynamic\nhardware check. You MUST make sure your hardware supports the\nimplementation of AESGCM. Besides, this function was not designed\nfor cross-compilation: if you compile it on a system which doesn't\nsupport Vale, it will compile it to a function which makes the\nprogram exit."]
pub fn EverCrypt_AEAD_decrypt_expand_aes256_gcm_no_check(
k: *mut u8,
iv: *mut u8,
iv_len: u32,
ad: *mut u8,
ad_len: u32,
cipher: *mut u8,
cipher_len: u32,
tag: *mut u8,
dst: *mut u8,
) -> EverCrypt_Error_error_code;
}
extern "C" {
pub fn EverCrypt_AEAD_decrypt_expand_aes128_gcm(
k: *mut u8,
iv: *mut u8,
iv_len: u32,
ad: *mut u8,
ad_len: u32,
cipher: *mut u8,
cipher_len: u32,
tag: *mut u8,
dst: *mut u8,
) -> EverCrypt_Error_error_code;
}
extern "C" {
pub fn EverCrypt_AEAD_decrypt_expand_aes256_gcm(
k: *mut u8,
iv: *mut u8,
iv_len: u32,
ad: *mut u8,
ad_len: u32,
cipher: *mut u8,
cipher_len: u32,
tag: *mut u8,
dst: *mut u8,
) -> EverCrypt_Error_error_code;
}
extern "C" {
pub fn EverCrypt_AEAD_decrypt_expand_chacha20_poly1305(
k: *mut u8,
iv: *mut u8,
iv_len: u32,
ad: *mut u8,
ad_len: u32,
cipher: *mut u8,
cipher_len: u32,
tag: *mut u8,
dst: *mut u8,
) -> EverCrypt_Error_error_code;
}
extern "C" {
pub fn EverCrypt_AEAD_decrypt_expand(
a: Spec_Agile_AEAD_alg,
k: *mut u8,
iv: *mut u8,
iv_len: u32,
ad: *mut u8,
ad_len: u32,
cipher: *mut u8,
cipher_len: u32,
tag: *mut u8,
dst: *mut u8,
) -> EverCrypt_Error_error_code;
}
extern "C" {
#[doc = "Cleanup and free the AEAD state.\n\n@param s State of the AEAD algorithm."]
pub fn EverCrypt_AEAD_free(s: *mut EverCrypt_AEAD_state_s);
}