Digestif is a toolbox which implements hashes:
- MD5
- SHA1
- SHA224
- SHA256
- SHA384
- SHA512
- WHIRLPOOL
- BLAKE2B
- BLAKE2S
- RIPEMD160
Digestif uses a trick about linking and let the end-user to choose which implementation he wants to use. We provide 2 implementations:
- C implementation with
digestif.c - OCaml implementation with
digestif.ocaml
Both are well-tested. However, OCaml implementation is slower than the C implementation.
Home page: http://din.osau.re/
Contact: Romain Calascibetta <romain.calascibet [email protected]>
For each hash, we implement the same API which is referentially transparent.
Then, on the top of these, we reflect functions (like digesti or hmaci) with
GADT - however, conversion from GADT to hash type is not possible (but you can
destruct GADT with to_raw_string).
We deciced to protect users to timing-attack. In this case, Digestif.equal (by
eqaf package) compares hashes in
constant-time.
However, we provide unsafe_compare function too which is not a constant
time function. In some contexts, like ocaml-git, we don't care about timing
attack and we use unsafe_compare - then, we need to make a wrap where we
rename unsafe_compare to compare to be able to use it in some functors like
Map.Make or Set.Make.
It's little annoying to do that but it forces the user to get the right question about security issues. So, please, don't ask to rename this function.
Of course, this package is available to be used on MirageOS (both
implementations). User is able to compile digestif.ocaml with js_of_ocaml
and this package is platform agnostic.
- OCaml >= 4.03.0 (may be less but need test)
base-bytesmeta-packagebase-bigarraymeta-packageduneto build the project
If you want to compile the test program, you need:
alcotest
Uses OBazl.
Caveat: currently only native builds are supported. Support for bytecode is in the works.
Test targets:
bazel run :ocaml_testbazel run :c_test
Libs. Two build strategies: batch passes all source files to one Bazel target, composite builds each source file as a separate Bazel target. See comments in BUILD.bazel for details, and the libraries doc for OBazl.
bazel build :ocaml_batchbazel build :ocaml_compositebazel build :c_batchbazel build :c_composite
You can build the parts. Again, two build strategies. A library is a collection of modules without an archive file (.cmxa, .a)
bazel build :common_archivebazel build :common_libbazel build :baijiu- ocaml implementation libbazel build :rakia- the c implementation lib; produces librakia.abazel build :rakia_archive- produces librakia.cmxabazel build :rakia_so- produces librakia.cmxs
This work is from the nocrypto library and the Vincent hanquez's work in ocaml-sha.
All credits appear in the begin of files and this library is motivated by two reasons:
- delete the dependancy with
nocryptoif you don't use the encryption (and common) part - aggregate all hashes functions in one library