Johannes
Johannes
To check that all newtypes (`SecretKey`s, `Poly1305`, etc.) implement the correct traits, new testing functions are needed. For example `fn test_traits_secret_key() {}` could be used to check that a secret...
We'd like orion to support this by utilizing https://github.com/mit-plv/fiat-crypto. fiat-crypto is able to generate formally verified code which, in other words, means the field arithmetic from fiat-crypto has had its...
Portable SIMD has landed in nightly Rust [`core::simd`](https://doc.rust-lang.org/nightly/core/simd/index.html)[1]. We should investigate if using SIMD in Orion is a viable option. For example, ChaCha20 can be vectorized[2], which could provide quite...
Since the introduction of `serde` support, most newtypes implement `TryFrom` which simply delegates to `from_slice()`. This seems a bit redundant, especially if/when moving to Rust 2021 Edition, where `TryFrom`/`TryInto` are...
Rust 2021 Edition has been released and we should probably switch to this. Will bump MSRV to 1.56.0 and should be considered a breaking change.
Some time back I asked Guido Vranken, the author of [`cryptofuzz`](https://github.com/guidovranken/cryptofuzz), whether a module for Orion could be added, which was no problem. I started some minimal work, but unfortunately...
I was recently asked whether Orion had plans to support Argon2id. We've never been opposed to this variant in general, but the last time this was investigated was when Argon2i...
Ways to use [Pin](https://doc.rust-lang.org/nightly/std/pin/index.html) for types that hold secret data need to be explored, to avoid copies being left around. The ideal scenario is implementing `Pin` with all types that...
See issues regarding the dalek-cryptography organization: - https://github.com/dalek-cryptography/curve25519-dalek/issues/345 - https://github.com/dalek-cryptography/curve25519-dalek/pull/338#issuecomment-774885500 I'm not sure I'm comfortable continuing to rely on the `subtle` crate. The above seem to be somewhat opposing statements...
Before a stable version of orion is released, an audit should be done. Preferably of the whole library, though it may end up only being partly. This depends on the...