aboutsummaryrefslogtreecommitdiff
path: root/src/test/fuzz/i2p.cpp
diff options
context:
space:
mode:
authorAndrew Chow <github@achow101.com>2023-07-17 18:20:37 -0400
committerAndrew Chow <github@achow101.com>2023-07-17 18:30:39 -0400
commit306157ae92f47b36a7ad438cf76969a1ab6ef401 (patch)
treecd0c63e3301272feb6445332e4adfdcf75cd13f9 /src/test/fuzz/i2p.cpp
parentd09c8bc730d8d412ddc9b040cbeeb49dff3104de (diff)
parent4e5c933f6a40c07d1c68115f7979b89a5b2ba580 (diff)
Merge bitcoin/bitcoin#27993: Make poly1305 support incremental computation + modernize
4e5c933f6a40c07d1c68115f7979b89a5b2ba580 Switch all callers from poly1305_auth to Poly1305 class (Pieter Wuille) 8871f7d1ae096839abcbf25a548319185acc01a2 tests: add more Poly1305 test vectors (Pieter Wuille) 40e6c5b9fce92ffe64e91c2aba38bb2ed57bfbfb crypto: add Poly1305 class with std::byte Span interface (Pieter Wuille) 50269b391fa18556bad72dc8c2fb4e2493a6a054 crypto: switch poly1305 to incremental implementation (Pieter Wuille) Pull request description: Our current Poly1305 code (src/crypto/poly1305.*) only supports computing the entire tag in one go (the `poly1305_auth` function takes a key and message, and outputs the tag). However, the RFC8439 authenticated encryption (as used in BIP324, see #27634) scheme makes use of Poly1305 in a way where the message consists of 3 different pieces: * The additionally authenticated data (AAD), padded to 16 bytes. * The ciphertext, padded to 16 bytes. * The length of the AAD and the length of the ciphertext, together another 16 bytes. Implementing RFC8439 using the existing `poly1305_auth` function requires creating a temporary copy with all these pieces of data concatenated just for the purpose of computing the tag (the approach used in #25361). This PR replaces the poly1305 code with new code from https://github.com/floodyberry/poly1305-donna (with minor adjustments to make it match our coding style and use our utility functions, documented in the commit) which supports incremental operation, and then adds a C++ wrapper interface using std::byte Spans around it, and adds tests that incremental and all-at-once computation match. ACKs for top commit: achow101: ACK 4e5c933f6a40c07d1c68115f7979b89a5b2ba580 theStack: ACK 4e5c933f6a40c07d1c68115f7979b89a5b2ba580 stratospher: tested ACK 4e5c933. Tree-SHA512: df6e9a2a4a38a480f9e4360d3e3def5311673a727a4a85b008a084cf6843b260dc82cec7c73e1cecaaccbf10f3521a0ae7dba388b65d0b086770f7fbc5223e2a
Diffstat (limited to 'src/test/fuzz/i2p.cpp')
0 files changed, 0 insertions, 0 deletions