rust-bitcoin / rust-bitcoin / 11374739111
83%

DEFAULT BRANCH: master
Ran
Jobs 1
Files 106
Run time 1min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 82.623% (+0.2%) from 82.466%
11374739111

push

github

apoelstra 
Merge rust-bitcoin/rust-bitcoin#2960: Add the ChaCha20Poly1305 AEAD algorithm

a5f5c795f Add the ChaCha20Poly1305 AEAD crate (Nick Johnson)

Pull request description:

  Hopefully this isn't a little too (or grossly) ambitious, but figured I'd open a PR for feedback and guidance.

  BIP324 depends on the ChaCha20 stream cipher and the Poly1305 authenticator. We coded these up for our [BIP324 library](https://github.com/rust-bitcoin/bip324/tree/main/protocol/src/chacha20poly1305) (this is mostly copy/paste from there), but I believe we want these lower-level protocols to live in rust-bitcoin. This follows with how Core has its implementation and also lets others in the ecosystem depend on it. For example, the Payjoin project is looking to specifically use this AEAD algorithm.

  While I don't believe this is a case of "rolling your own crypto" since the intention was to match the RFCs, and all test vectors are coded up and passing, I'll admit to being a bit naive on next steps. I tossed this into `hashes` just going with the momentum following the HKDF code that went in first.

  ## SIMD

  This patch was originally just a copy/pasta from our BIP324 library, but modifications have been made to give compilers the best shot at leveraging SIMD instructions. This includes the new `U32x4` type and updates to the cipher's `chacha_block` and `quarter_round` functions to make them easier on the compiler to vector-ize.

  Analyzing the assembly produced with the `opt-level=3` and `target-cpu=native` flags shows that the code is about as good as the LDK version, but extensive benchmarks have not been run. With a recent `rustc` version the quarter_round function is fully vector-ized. The project's MSRV `1.63.0` version is also able to vector-ize some parts of the cipher, but not as well as the tested `1.80.1` version.

  More of the digging and raw asm output can be found in this [report](https://hackmd.io/@yonson/B1Ot7P0j0).

ACKs ... (continued)

486 of 544 new or added lines in 3 files covered. (89.34%)

19604 of 23727 relevant lines covered (82.62%)

18271.76 hits per line

Jobs
ID Job ID Ran Files Coverage
1 11374739111.1 0
82.62
 GitHub Action Run
Source Files on build 11374739111
Detailed source file information is not available for this build.