diff --git a/Cargo.lock b/Cargo.lock index 1b499e2..11face3 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -11,7 +11,7 @@ dependencies = [ [[package]] name = "bash-f" -version = "0.1.0-rc.0" +version = "0.1.0" [[package]] name = "cpufeatures" @@ -31,12 +31,12 @@ dependencies = [ [[package]] name = "libc" -version = "0.2.169" +version = "0.2.177" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b5aba8db14291edd000dfcc4d620c7ebfb122c613afb886ca8803fa4e128a20a" +checksum = "2874a2af47a2325c2001a6e6fad9b16a53b802102b528163885171cf92b15976" [[package]] name = "zeroize" -version = "1.8.1" +version = "1.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ced3678a2879b30306d323f4542626697a464a97c0a07c9aebf7ebca65cd4dde" +checksum = "b97154e67e32c85465826e8bcc1c59429aaaf107c1e4a9e53c8d8ccd5eff88d0" diff --git a/README.md b/README.md index 74eb327..27f35dc 100644 --- a/README.md +++ b/README.md @@ -6,10 +6,11 @@ Collection of [sponge functions] written in pure Rust. ## Supported Algorithms -| Crate | Algorithm | Crates.io | Documentation | -|------------|------------|-----------|---------------| -| [`ascon`] | [Ascon] | [![crates.io](https://img.shields.io/crates/v/ascon.svg)](https://crates.io/crates/ascon) | [![Documentation](https://docs.rs/ascon/badge.svg)](https://docs.rs/ascon) | -| [`keccak`] | [Keccak] | [![crates.io](https://img.shields.io/crates/v/keccak.svg)](https://crates.io/crates/keccak) | [![Documentation](https://docs.rs/keccak/badge.svg)](https://docs.rs/keccak) | +| Crate | Algorithm | Crates.io | Documentation | +|------------|-----------------|-----------|---------------| +| [`ascon`] | [Ascon] | [![crates.io](https://img.shields.io/crates/v/ascon.svg)](https://crates.io/crates/ascon) | [![Documentation](https://docs.rs/ascon/badge.svg)](https://docs.rs/ascon) | +| [`bash-f`] | [`bash-f`][STB] | [![crates.io](https://img.shields.io/crates/v/bash-f.svg)](https://crates.io/crates/bash-f) | [![Documentation](https://docs.rs/bash-f/badge.svg)](https://docs.rs/bash-f) | +| [`keccak`] | [Keccak] | [![crates.io](https://img.shields.io/crates/v/keccak.svg)](https://crates.io/crates/keccak) | [![Documentation](https://docs.rs/keccak/badge.svg)](https://docs.rs/keccak) | ## License @@ -35,10 +36,12 @@ Unless you explicitly state otherwise, any contribution intentionally submitted [//]: # (crates) [`ascon`]: ./ascon +[`bash-f`]: ./bash-f [`keccak`]: ./keccak [//]: # (algorithms) [sponge functions]: https://en.wikipedia.org/wiki/Sponge_function [Ascon]: https://ascon.iaik.tugraz.at/ +[STB]: https://apmi.bsu.by/assets/files/std/bash-spec241.pdf [Keccak]: https://keccak.team/keccak.html diff --git a/bash-f/CHANGELOG.md b/bash-f/CHANGELOG.md index 7c2ac0d..14fad35 100644 --- a/bash-f/CHANGELOG.md +++ b/bash-f/CHANGELOG.md @@ -5,7 +5,7 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). -## 0.1.0 (UNRELEASED) +## 0.1.0 (2025-10-23) - Initial release ([#92]) [#92]: (https://github.com/RustCrypto/sponges/pull/92) \ No newline at end of file diff --git a/bash-f/Cargo.toml b/bash-f/Cargo.toml index 1d105aa..99ba9f9 100644 --- a/bash-f/Cargo.toml +++ b/bash-f/Cargo.toml @@ -1,13 +1,13 @@ [package] name = "bash-f" -version = "0.1.0-rc.0" +version = "0.1.0" description = "Pure Rust implementation of the bash-f sponge function defined in STB 34.101.77-2020" license = "Apache-2.0 OR MIT" authors = ["RustCrypto Developers"] documentation = "https://docs.rs/bash" homepage = "https://github.com/RustCrypto/sponges/tree/master/bash" repository = "https://github.com/RustCrypto/sponges" -keywords = ["bash", "belt", "permutation"] +keywords = ["bash", "sponge", "belt", "permutation"] categories = ["cryptography", "no-std"] readme = "README.md" edition = "2024" diff --git a/bash-f/README.md b/bash-f/README.md index 8c8b510..427d249 100644 --- a/bash-f/README.md +++ b/bash-f/README.md @@ -2,27 +2,15 @@ [![crate][crate-image]][crate-link] [![Docs][docs-image]][docs-link] +[![Build Status][build-image]][build-link] ![Apache2/MIT licensed][license-image] ![Rust Version][rustc-image] [![Project Chat][chat-image]][chat-link] -[![Build Status][build-image]][build-link] - -# BelHash - [STB 34.101.77-2020] Sponge-Based Cryptographic Algorithms - -This module implements the cryptographic algorithms defined in the Belarusian -state standard STB 34.101.77-2020 "Sponge-based cryptographic algorithms". - -## Overview -The standard defines a family of cryptographic algorithms built on a sponge -construction with the `bash-f` sponge function at its core. The sponge function -operates on 1536-bit (192-byte) states. +Pure Rust implementation of the `bash-f` sponge function defined in the Belarusian +state standard [STB 34.101.77-2020] "Sponge-based cryptographic algorithms". -## Security Notes - -No security audits of this crate have ever been performed, and it has not been thoroughly assessed to ensure its operation is constant-time on common CPU architectures. - -USE AT YOUR OWN RISK! +[STB 34.101.77-2020]: https://apmi.bsu.by/assets/files/std/bash-spec241.pdf ## License @@ -41,18 +29,13 @@ dual licensed as above, without any additional terms or conditions. [//]: # (badges) -[crate-image]: https://buildstats.info/crate/bash-f +[crate-image]: https://img.shields.io/crates/v/bash-f.svg [crate-link]: https://crates.io/crates/bash-f [docs-image]: https://docs.rs/bash-f/badge.svg [docs-link]: https://docs.rs/bash-f/ +[build-image]: https://github.com/RustCrypto/sponges/actions/workflows/bash-f.yml/badge.svg +[build-link]: https://github.com/RustCrypto/sponges/actions/workflows/bash-f.yml [license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg [rustc-image]: https://img.shields.io/badge/rustc-1.85+-blue.svg [chat-image]: https://img.shields.io/badge/zulip-join_chat-blue.svg -[chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/260038-AEADs -[downloads-image]: https://img.shields.io/crates/d/chacha20poly1305.svg -[build-image]: https://github.com/RustCrypto/AEADs/workflows/bash-f/badge.svg?branch=master&event=push -[build-link]: https://github.com/RustCrypto/AEADs/actions - -[//]: # (general links) - -[STB 34.101.77-2020]: https://apmi.bsu.by/assets/files/std/bash-spec241.pdf \ No newline at end of file +[chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/369879-sponges diff --git a/bash-f/src/lib.rs b/bash-f/src/lib.rs index cb578db..038d1ff 100644 --- a/bash-f/src/lib.rs +++ b/bash-f/src/lib.rs @@ -7,13 +7,10 @@ #![cfg_attr(docsrs, feature(doc_cfg))] #![warn(missing_docs)] -/// Number of 64-bit words in the state +/// Number of 64-bit words in the [`bash-f`][bash_f] state. pub const STATE_WORDS: usize = 24; -/// `bash-s` transformation. -/// -/// Implements the S-box transformation defined in Section 6.1 of STB 34.101.77-2020. -/// This is the core non-linear transformation used in the `bash-f` sponge function. +/// `bash-s` transformation defined in Section 6.1 of STB 34.101.77-2020. fn bash_s( mut w0: u64, mut w1: u64, @@ -63,14 +60,7 @@ fn bash_s( (w0, w1, w2) } -/// `bash-f` sponge permutation. -/// -/// Implements the core sponge function defined in Section 6.2 of STB 34.101.77-2020. -/// This is a cryptographic permutation that operates on 1536-bit states. -/// -/// # Parameters -/// -/// - `state`: Mutable reference to 24 × 64-bit words (1536 bits total) +/// `bash-f` sponge permutation defined in Section 6.2 of STB 34.101.77-2020. pub fn bash_f(state: &mut [u64; STATE_WORDS]) { // 1. Split S into words (S0, S1, ..., S23) @@ -120,24 +110,17 @@ pub fn bash_f(state: &mut [u64; STATE_WORDS]) { // 4. Return S - state is modified in place } -#[cfg(test)] -mod tests { - use super::*; - - /// Test vector from Table A.1 of STB 34.101.77-2020. - #[test] - fn test_bash_s_table_a1() { - // Constants in the spec are given using LE order - // For example, in spec when they write B194BAC80A08F53B, they do not mean 0xB194BAC80A08F53B, but 0x3BF5080AC8BA94B1. - // https://github.com/RustCrypto/sponges/pull/92#issuecomment-3433315011 - let w0 = 0xB194BAC80A08F53Bu64.swap_bytes(); - let w1 = 0xE12BDC1AE28257ECu64.swap_bytes(); - let w2 = 0xE9DEE72C8F0C0FA6u64.swap_bytes(); - - let (w0_out, w1_out, w2_out) = bash_s(w0, w1, w2, 8, 53, 14, 1); - - assert_eq!(w0_out, 0x479E76129979DC5Fu64.swap_bytes()); - assert_eq!(w1_out, 0x0F2B2C93ED128EDDu64.swap_bytes()); - assert_eq!(w2_out, 0x41009B1B112DFEF3u64.swap_bytes()); - } +/// Test vector from Table A.1 of STB 34.101.77-2020. +#[test] +fn test_bash_s() { + // Note that constants in the spec are provided using the LE order (see Section 4.2.2). + let w0 = 0xB194BAC80A08F53Bu64.swap_bytes(); + let w1 = 0xE12BDC1AE28257ECu64.swap_bytes(); + let w2 = 0xE9DEE72C8F0C0FA6u64.swap_bytes(); + + let (w0_out, w1_out, w2_out) = bash_s(w0, w1, w2, 8, 53, 14, 1); + + assert_eq!(w0_out, 0x479E76129979DC5Fu64.swap_bytes()); + assert_eq!(w1_out, 0x0F2B2C93ED128EDDu64.swap_bytes()); + assert_eq!(w2_out, 0x41009B1B112DFEF3u64.swap_bytes()); } diff --git a/bash-f/tests/bash.rs b/bash-f/tests/bash.rs index 95ad5df..2df9772 100644 --- a/bash-f/tests/bash.rs +++ b/bash-f/tests/bash.rs @@ -1,8 +1,9 @@ -use bash_f::bash_f; - /// Test vector from Table A.2 of STB 34.101.77-2020. #[test] fn test_bash_f_table_a2() { + // Note that constants in the spec are provided using the LE order (see Section 4.2.2). + // In other words, B194BAC80A08F53B denotes not 0xB194BAC80A08F53B, but 0x3BF5080AC8BA94B1. + // To make comparison easier, we use the constants as-is and apply `swap_bytes` later. let input: [u64; 24] = [ 0xB194BAC80A08F53B, 0x366D008E584A5DE4, @@ -57,14 +58,10 @@ fn test_bash_f_table_a2() { 0x7CED8E3F8B6E058E, ]; - // Constants in the spec are given using LE order - // For example, in spec when they write B194BAC80A08F53B, they do not mean 0xB194BAC80A08F53B, but 0x3BF5080AC8BA94B1. - // https://github.com/RustCrypto/sponges/pull/92#issuecomment-3433315011 let mut state = input.map(|x| x.swap_bytes()); + let expected = expected.map(|x| x.swap_bytes()); - bash_f(&mut state); - - let output = state.map(|x| x.swap_bytes()); + bash_f::bash_f(&mut state); - assert_eq!(output, expected); + assert_eq!(state, expected); }