Releases: mirage/mirage-crypto
Releases · mirage/mirage-crypto
0.11.3
CHANGES:
- mirage-crypto, mirage-crypto-rng{,lwt,mirage}: support CL.EXE compiler
(#137 @jonahbeckford) - mirage-crypto-pk not yet due to gmp dependency,
mirage-crypto-ec doesn't pass testsuite - mirage-crypto-ec: use simpler square root for ed25519 - saving 3
multiplications and 2 squarings, details
https://mailarchive.ietf.org/arch/msg/cfrg/qlKpMBqxXZYmDpXXIx6LO3Oznv4/
(#196 @hannesm) - mirage-crypto-ec: use sliding window method with pre-computed calues of
multiples of the generator point for NIST curves, speedup around 4x for P-256
sign (#191 @Firobe, review @palainp @hannesm) - mirage-crypto-ec: documentation: warn about power timing analysis on
k
in
Dsa.sign (#195 @hannesm, as proposed by @edwintorok) - mirage-crypto-ec: replace internal Cstruct.t by string (speedup up to 2.5x)
(#146 @dinosaure @hannesm @reynir, review @Firobe @palainp @hannesm @reynir) - bench/speed: add EC (ECDSA & EdDSA generate/sign/verify, ECDH secret/share)
operations (#192 @hannesm) - mirage-crypto-rng: use rdtime instead of rdcycle on RISC-V (rdcycle is
privileged since Linux kernel 6.6) (#194 @AdrianBunk, review by @edwintorok) - mirage-crypto-rng: support Loongarch (#190 @fangyaling, review @loongson-zn)
- mirage-crypto-rng: support NetBSD (#189 @drchrispinnock)
- mirage-crypto-rng: allocate less in Fortuna when feeding (#188 @hannesm,
reported by @palainp) - mirage-crypto-ec: avoid mirage-crypto-pk and asn1-combinators test dependency
(instead, craft our own asn.1 decoder -- #200 @hannesm)
Performance differences between v0.11.2 and v0.11.3 and OpenSSL
The overall result is promising: P-256 sign operation improved 9.4 times, but
is still a 4.9 times slower than OpenSSL.
Numbers in operations per second (apart from speedup, which is a factor
v0.11.3 / v0.11.2), gathered on a Intel i7-5600U CPU 2.60GHz using FreeBSD 14.0,
OCaml 4.14.1, and OpenSSL 3.0.12.
P224
op | v0.11.2 | v0.11.3 | speedup | OpenSSL |
---|---|---|---|---|
gen | 1160 | 20609 | 17.8 | |
sign | 931 | 8169 | 8.8 | 21319 |
verify | 328 | 1606 | 4.9 | 10719 |
dh-sec | 1011 | 12595 | 12.5 | |
dh-kex | 992 | 2021 | 2.0 | 16691 |
P256
op | v0.11.2 | v0.11.3 | speedup | OpenSSL |
---|---|---|---|---|
gen | 990 | 19365 | 19.6 | |
sign | 792 | 7436 | 9.4 | 36182 |
verify | 303 | 1488 | 4.9 | 13383 |
dh-sec | 875 | 11508 | 13.2 | |
dh-kex | 895 | 1861 | 2.1 | 17742 |
P384
op | v0.11.2 | v0.11.3 | speedup | OpenSSL |
---|---|---|---|---|
gen | 474 | 6703 | 14.1 | |
sign | 349 | 3061 | 8.8 | 900 |
verify | 147 | 544 | 3.7 | 1062 |
dh-sec | 378 | 4405 | 11.7 | |
dh-kex | 433 | 673 | 1.6 | 973 |
P521
op | v0.11.2 | v0.11.3 | speedup | OpenSSL |
---|---|---|---|---|
gen | 185 | 1996 | 10.8 | |
sign | 137 | 438 | 3.2 | 2737 |
verify | 66 | 211 | 3.2 | 1354 |
dh-sec | 180 | 1535 | 8.5 | |
dh-kex | 201 | 268 | 1.3 | 2207 |
25519
op | v0.11.2 | v0.11.3 | speedup | OpenSSL |
---|---|---|---|---|
gen | 23271 | 22345 | 1.0 | |
sign | 11228 | 10985 | 1.0 | 21794 |
verify | 8149 | 8029 | 1.0 | 7729 |
dh-sec | 14075 | 13968 | 1.0 | |
dh-kex | 13487 | 14079 | 1.0 | 24824 |
0.11.2
CHANGES:
- mirage-crypto-rng-eio: improve portability by using eio 0.7's monotonic clock
interface instead of mtime.clock.os. (#176 @TheLortex) - mirage-crypto-rng-eio: update to eio 0.12 (#182 @talex5)
- mirage-crypto-rng: fix typo in RNG setup (#179 @samueldurantes)
- macOS: on arm64 with clang 14.0.3, avoid instcombine (due to miscompilations)
reported by @samoht mit-plv/fiat-crypto#1606 (comment)
re-reported in ulrikstrid/ocaml-jose#63 and mirleft/ocaml-tls#478
(#185 @hannesm @kit-ty-kate) - avoid "stringop-overflow" warning on PPC64 and S390x (spurious warnings) when
in devel mode (#178 #184 @avsm @hannesm) - stricter C prototypes, unsigned/signed integers (#175 @MisterDA @haesbaert
@avsm @hannesm) - support DragonFlyBSD (#181 @movepointsolutions)
- support GNU/Hurd (#174 @pinotree)
0.11.1
0.11.0
CHANGES:
- BREAKING split mirage-crypto-rng-lwt away from mirage-crypto-rng (#168
@hannesm, reported by @bikallem #158)
This means, a "mirage-crypto-rng.lwt" should now be "mirage-crypto-rng-lwt"
in your dune file (or in META requires, or in _tags). - AEAD API improvements: provide tag_size, of_secret, and functions that deal
with the tag separately (#171 @hannesm, fixes #74 #144 @orbitz @anmonteiro)
Only CCM16 (with tag size 16) is now exposed, the former API does not exist
anymore (passing~maclen
toof_secret
), according to sherlocode the only
usage was CCM16 anyways
This means any "Mirage_crypto.AES.CCM" should now be "Mirage_crypto.AES.CCM16"
and any "CCM.of_secret ~maclen:16 key" should now be "CCM16.of_secret key"
Any occurrence of "Mirage_crypto.Cipher_block.S.CCM" should now be
"Mirage_crypto.Cipher_block.S.CCM16" - BREAKING unify RNG initialization (reported by @talex5 in #155, fixes #160,
PR #162 @hannesm)
This means:- "Mirage_crypto_rng_lwt.initialize ()" should now be
"Mirage_crypto_rng_lwt.initialize (module Mirage_crypto_rng.Fortuna)" - "Mirage_crypto_rng_unix.initialize ()" should now be
"Mirage_crypto_rng_unix.initialize (module Mirage_crypto_rng.Fortuna)"
- "Mirage_crypto_rng_lwt.initialize ()" should now be
- remove mirage 3 cross-compilation runes (#163 @hannesm)
- CI: mirage-crypto-rng-eio requires ocaml 5 and dune 2.7 (#170 @hannesm, fixes
#169 thanks to @bikallem @talex5) - CI: use miage 4 (#166 @hannesm)
0.10.7
CHANGES:
- mirage-crypto-rng-eio: new package for seeding and feeding entropy to the
rng with eio (#155 @bikallem, @talex5, @hannesm) - mirage-crypto-ec: expose Dsa.byte_length (#164 @hannesm)
- CI: various fixes (#154 #164 @hannesm)
- mirage-crypto-rng-mirage: use 'a generator type alias
- mirage-crypto-rng: improve setup_rng message (add async, revise lwt) (#161
@hannesm) - mirage-crypto-rng-mirage: always feed the default generator (as done in
a8c7bbd for the lwt feeding) (#161 @hannesm) - ec: update generated code to recent fiat-crypto (#156 @hannesm)
0.10.6
CHANGES:
- Use _WIN32 instead of WIN32, as proposed by @jonahbeckford in #137
- PKG_CONFIG_PATH via cygpath on Window (#150 @MisterDA)
- ocaml-solo5 (formerly ocaml-freestanding) defines ocaml_solo5, use this
in ifdef (arm only, #152 @hannesm) - mirag-crypto-rng-mirage test: require mirage-unix >= 5.0.0 (#151 @hannesm)
- use oUnit2 as dependency, instead of oUnit (#149 @MisterDA)
- support mipsel and mips64el compilation (#148 @glondu)
- bugfix: define _POSIX_C_SOURCE in entropy_cpu_stubs.c (otherwise clock_gettime
is not defined - at least on armhf) (#148 @glondu) - bugfix: compilation on kfreebsd-* (adding FreeBSD_kernel to ifdef)
(#148 @glondu)
0.10.5
0.10.4
CHANGES:
- hash: ensure alignment of data, fixes arm32 test cases (#143 @hannesm)
- drop sexplib and ppx_sexp_conv dependencies (#141 @hannesm)
- install LICENSE files of different opam packages
- require eqaf >= 0.8 to avoid bigarray-compat dependency (#139 by @hannesm)
- update to GH actions 2.1, fix windows action (#135 #139 @avsm @smorimoto)
- drop rresult dependency (#139 #141 by @hannesm @reynir)
- avoid deprecated Cstruct.len, use Cstruct.length instead (#134 by @hannesm)
- mirage-crypto-pk: adapt to mirage 4 (#141 @TheLortex @samoht)
v0.10.3
CHANGES:
- support for s390x (#129 by @edelsohn)
- mirage-crypto: add Hash.hmac_feed, analogous to Hash.feed (#130 by @reynir)
- use --std=c11 in C flags, as required by upcoming OCaml multicore (#133 by
@hannesm, review by @Engil) - update fiat-crypto generated code (now emitting inline attribute)
(#132 by @hannesm)
v0.10.2
CHANGES:
- mirage-crypto-ec: dune C stubs compilation rules: explicitely declare the
include directory instead of listing it as a flag, so that the dependency
is correctly tracked (#122 by @TheLortex) - mirage-crypto: compatibility with gcc11 (-Warray-parameters warning)
(reported in #124 by @TheLortex, fixed in #125 by @hannesm) - support for 64 bit RISC-V (#127 by @edwintorok)
- Fixed esy cross-compile CI (#126 by @EduardoRFS)