Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Audit #3

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

Audit #3

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
030b81c
Created audit branch
valarauca Dec 10, 2016
99ff62c
Prevent equality function from being inlined. Fixed the issue with sl…
valarauca Dec 10, 2016
babc9dd
This fixed all my primary issues.
valarauca Dec 10, 2016
cf5ec3f
new audit cyle hype train starts now
valarauca Dec 10, 2016
980e110
update asm dump and macro expansion
valarauca Dec 10, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "consistenttime"
version = "0.1.0"
version = "0.2.0"
authors = ["William Cody Laeder <[email protected]>"]
repository = "https://github.com/valarauca/consistenttime.git"
homepage = "https://github.com/valarauca/consistenttime"
Expand Down
32 changes: 3 additions & 29 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,33 +1,7 @@
#constanttime

[Documentation](https://valarauca.github.io/consistenttime/consistenttime/index.html)
Welcome to the consistent time auditing branch.

A crate that supports _many_ constant time operations. The reference is [Go-Lang's crypto/subtile](https://golang.org/src/crypto/subtle/constant_time.go)
which implements the orginal form of these constant time operations. I took the library of extrapolating the `uint8` and `uint32` into _all_ Rust
integer types.
This branch exists to hold build scripts, and asm dumps to assist people in figuring out if this crate works as expected.

These operations are not designed to be _fast_. They are designed to take the same if they suceeded or fail. This is to prevent side channel attacks on cryptographic libraries and applications.

This crate is `core` only. So it does not require `std` therefore it can be
used without an operating system for OS and Embedded Development.

To use this crate include:

```
[dependencies]
constanttime = "0.0.1"
```

####Legal

This project can be considered licensed under Apache2.0 Software License.
A full copy can of this license can found [here](https://www.apache.org/licenses/LICENSE-2.0).

A large thank you goes to the Go-Lang standard library development team for
creating the `crypto/subtile/constant_time.go` library which was used for
reference.

No Go-Lang source code exists within this project.
Nonethless the orginal Go-Lang reference source is [here](https://golang.org/src/crypto/subtle/constant_time.go),
and is it's license is [here](https://golang.org/LICENSE). For future
reference purporses.
There are seperate audit files for different platforms. See the readme for more indepth contents.
8 changes: 8 additions & 0 deletions audit_CURRENT/build_script_x64_msvc.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
#!/bin/sh
rustc \
--emit obj \
--crate-type lib \
--codegen no-stack-check\
--codegen debuginfo=0 \
--codegen opt-level=3 \
lib.rs
Loading