GaloisInc/cryptol
1
1
Fork 0
mirror of https://github.com/GaloisInc/cryptol.git synced 2024-12-17 13:01:31 +03:00
Code Issues Projects Releases Wiki Activity
1,477 Commits 68 Branches 28 Tags 95 MiB
acacd0b53d
Commit Graph

102 Commits

Author SHA1 Message Date
Iavor S. Diatchki
7dc7be45bb Merge remote-tracking branch 'origin/master' into abstract-types 
# Conflicts:
#	src/Cryptol/REPL/Monad.hs
 2017-10-13 10:45:35 -07:00
Brian Huffman
a5a7a393be Add definitions of SHAKE128 and SHAKE256 to keccak.cry 2017-10-04 10:39:10 -07:00
brianhuffman
73de3f787f Merge pull request #453 from GaloisInc/blocks-padding 
Implement `blocks` and `padding` operators for numeric types.
 2017-10-04 07:11:19 -07:00
Brian Huffman
9773782ba4 Tweak correctness property to match keccak documentation. 2017-10-04 07:02:55 -07:00
Brian Huffman
16e949b0d7 Fix bugs/warnings in keccak.cry, and add test vectors and other properties. 
The switch to Cryptol 2 introduced some endianness bugs.
Also, the original version omitted the 0b01 "suffix" that is
specified by SHA3.
 2017-10-03 18:06:52 -07:00
robdockins
fc4fe4dc1e Merge pull request #309 from clinty/cast5 
CAST5 example
 2017-10-03 15:27:30 -07:00
Iavor Diatchki
1d4ada07c7 Merge branch 'master' into abstract-types 2017-10-03 14:10:29 -07:00
Brian Huffman
7802747a1e Simplify keccak.cry using new type operators for padding. 2017-10-03 13:57:16 -07:00
Brian Huffman
3b03545552 Merge branch 'master' into blocks-padding 2017-10-03 13:44:32 -07:00
Brian Huffman
96bff5c4a8 Update keccak.cry example to work with Cryptol 2.x 
Fixes #458.
 2017-10-03 13:41:07 -07:00
Iavor Diatchki
2ef0a67d9b Merge branch 'master' into abstract-types 2017-10-03 13:35:57 -07:00
Brian Huffman
b107e606a2 Update example cryptol code to use infix syntax. 2017-10-03 12:31:37 -07:00
Rob Dockins
b1c6ae22c7 Add MD5 example 2017-10-03 11:27:15 -07:00
Rob Dockins
f1161dd282 Add a Karatsuba multiplier to the examples 2017-10-03 11:27:15 -07:00
Brian Huffman
7e34c25e4d Switch to infix syntax for blocks and padding operators. 
"x /^ y" is x/y rounded up, i.e. the least n such that x <= y*n.
"x %^ y" is the least k such that x+k is a multiple of y.

For comparison,
"x / y" is x/y rounded down, i.e. the greatest n such that x >= y*n.
"x % y" is the least k such that x-k is a multiple of y.

The new syntax is much more suggestive of the relation to "/" and "%".
 2017-09-28 10:26:31 -07:00
Brian Huffman
f04908a551 Adapt example code to use new blocks and padding operators. 2017-09-27 13:55:55 -07:00
Iavor Diatchki
920cb58ad0 Some cleanup and doubt that I've enconded the algorithm correctly 2017-09-27 09:50:47 -07:00
Iavor Diatchki
b8707033d7 Add module parameters as extra vars---prints nicer error messages. 2017-09-26 15:29:23 -07:00
Iavor Diatchki
83d0132e50 Add module-level constraints to assumptions when proving implications. 2017-09-26 15:21:40 -07:00
Iavor Diatchki
ccc4b828c2 Represent type parameters as just type variables. 2017-09-25 11:41:00 -07:00
Iavor S. Diatchki
d1abac0cec Update design; handle numeric type parameters in type checking SMT 2017-09-21 14:57:53 -07:00
Iavor Diatchki
f7e1a941e2 checkpoint 2017-09-21 09:28:01 -07:00
Iavor Diatchki
9f2a2ac3a4 Incomplete example of using 'abstract' types. 2017-09-19 14:28:08 -07:00
Iavor S. Diatchki
ca2136fab9 Merge pull request #440 from sliverdragon37/master 
Adds the :ast and :extract-coq commands for printing out a parseable AST
 2017-08-15 10:25:08 -07:00
Aaron Tomb
e40b15cc5d Fix type signatures in MiniLock SCrypt example 2017-08-07 08:37:20 -07:00
Robert Dockins
dcc143e3f4 Back out workaround for issue #375. 2017-08-01 15:08:04 -07:00
Eric Mullen
50c6454482 more example 2017-07-13 10:55:44 -07:00
Eric Mullen
3eab3eb6cb lots of running examples 2017-07-06 16:51:25 -07:00
Eric Mullen
f80d791c97 HMAC example now loads into cryptol 2017-06-27 14:00:45 -07:00
Eric Mullen
3dfb3e147e adding some examples 2017-06-26 15:27:36 -07:00
Aaron Tomb
49e847387e Simplify some type signatures in examples 
These examples weren't type checking, and now do, with type constraints
that are no more awkward, and arguably less awkward, than before.
 2017-06-22 10:09:13 -07:00
Trevor Elliott
5a43c1d1fe More precise definition of chunks 
Use `padding` directly in the definition of `chunks`, giving an aligned
value to the division.
 2017-03-27 16:37:55 -07:00
Trevor Elliott
b93f84cf78 Remove unnecessary constraint that was preventing malicious_SHA1.cry from loading 
Cryptol could not prove that subtracting `65 + padding` from `512 * chunks`
in the constraint `msgLen == 512 * chunks - (65 + padding)` was well
defined, and rejected the function. This constraint was redundant, so
removing it allowed the function to typecheck.
 2017-03-27 16:36:09 -07:00
Trevor Elliott
4dc5eda23a Expand the width table, and fix a bug in CryptoBox (Thanks @tommd) 
The width table in CryptolTC.z3 wasn't large enough to solve constraints
about the width of 64-bit words. This change is a bit of a band-aid, as
larger words will expose the same problem. Longer-term, we should try to
solve these constraints after the SMT-based phase, using some other
approach.

The constraints in CryptoBox were too permissive, and when adjusted to
represent the true intent (that values fit within 64-bits), and the
width table was updated, the example will type-check again.

Thanks to @tommd for tracking both of these down.
 2017-03-27 13:45:50 -07:00
Robert Dockins
14af3690c6 Update the SIV example to avoid issue #375. 2016-08-23 14:08:15 -07:00
Robert Dockins
cd9ffed00b Update examples to use (/\) instead of (&&) where appropriate, 
and to squash other warnings related to the upcomming precedence change.
 2016-08-22 18:14:44 -07:00
Iavor S. Diatchki
8c36992904 Merge pull request #344 from adrianherrera/enhancement/MISTY1 
Crytol spec for MISTY1 cipher
 2016-07-18 11:19:53 -07:00
Adam C. Foltzer
2c428804bc remove splitBy and update documentation 
Closes #291
 2016-07-05 09:58:49 -07:00
Adrian Herrera
bedeeb0883 Crytol spec for MISTY1 cipher (as described in RFC 2994) 2016-06-07 22:42:16 +10:00
Brian Huffman
df27f577a4 Fix typo in comment, whitespace 2016-05-24 08:21:55 -07:00
Thomas M. DuBuisson
8b577828f6 Simplify constraints of Minilock prims. 
Cryptol 2.3-alpha couldn't math, but thanks to @yav's hard work, Cryptol 2.3 and
later can math!  So with our new found powers comes great simplification.  Not
all is perfect, much like Dori-Mic's situation, but things are much better.
See the width constraints in SCrypt.cry for areas that could be improved with
some semi-obvious statements (forall x. 1 + width x >= width (x - 1)).
 2016-04-12 15:53:12 -07:00
Brian Huffman
5e5184d5ee Add alternative implementations of bivium and trivium ciphers 2016-02-19 14:24:07 -08:00
Brian Huffman
ab82097033 Fix bug/typo in Trivium example implementation 
See also the Trivium specification:
http://www.ecrypt.eu.org/stream/ciphers/trivium/trivium.pdf
 2016-02-19 14:04:52 -08:00
Brian Huffman
1322156d28 Remove trailing whitespace 2016-02-19 10:08:20 -08:00
Aaron Tomb
9809e176eb Add examples from Alexander Semenov 
A new Cryptol user! Alexander Semenov from the Russian Academy of
Sciences is the developer of the Transalg tool, which can also translate
cryptographic algorithms (written in imperative form) into SAT problems.
He recently started experimenting with Cryptol, and wrote up
implementations of several stream ciphers, included in this commit.
 2016-02-18 15:08:17 -08:00
Clint Adams
07088eddef CAST5 example 2016-02-05 15:26:25 -05:00
Thomas M. DuBuisson
9b8d153692 Import ::Extras in minilock modules. 2016-01-20 09:45:13 -08:00
Adam C. Foltzer
bf294a60b8 integrate MiniLock example 2016-01-19 18:19:35 -08:00
Thomas M. DuBuisson
a4e42b8429 Example: miniLock in Cryptol 2016-01-19 18:19:35 -08:00
Adam C. Foltzer
58a605e8ff update examples and documentation 2016-01-19 18:19:35 -08:00