package digestif

  1. Overview
  2. Docs
Hashes implementations (SHA*, RIPEMD160, BLAKE2* and MD5)

Install

Dune Dependency

github.com Readme Changelog MIT License Edit opam file Versions (24)

Authors

  1. E
    Eyyüb Sari <eyyub.sari@epitech.eu>
  2. R
    Romain Calascibetta <romain.calascibetta@gmail.com>

Maintainers

  1. E
    Eyyüb Sari <eyyub.sari@epitech.eu>
  2. R
    Romain Calascibetta <romain.calascibetta@gmail.com>

Sources

digestif-v1.1.0.tbz
sha256=654b195c668f2d1e35b8b06a8932d058fcc8f4d39e70be58eb2432fbf39afc05
sha512=229218b0a66c9e8809ff960b5bcfb4499bcbdc1da70ca6aff7f4676e51f60c5947516f510f2fe68cee380b0a2aab5a2c270d06da055ca0b583948abce2418845

Description

Digestif is a toolbox to provide hashes implementations in C and OCaml.

It uses the linking trick and user can decide at the end to use the C implementation or the OCaml implementation.

We provides implementation of:

  • MD5
  • SHA1
  • SHA224
  • SHA256
  • SHA384
  • SHA512
  • SHA3
  • Keccak-256
  • WHIRLPOOL
  • BLAKE2B
  • BLAKE2S
  • RIPEMD160

Published: 12 Oct 2021

README

Digestif - Hash algorithms in C and OCaml

Digestif is a toolbox which implements hashes:

  • MD5

  • SHA1

  • SHA2

  • SHA3

  • WHIRLPOOL

  • BLAKE2B

  • BLAKE2S

  • RIPEMD160

Digestif uses a trick about linking and let the end-user to choose which implementation he wants to use. We provide 2 implementations:

  • C implementation with digestif.c

  • OCaml implementation with digestif.ocaml

Both are well-tested. However, OCaml implementation is slower than the C implementation.

Note: The linking trick requires digestif.c or digestif.ocaml to be the first of your dependencies.

Documentation: https://mirage.github.io/digestif/

Contact: Romain Calascibetta <romain.calascibet ta@gmail.com>

API

For each hash, we implement the same API which is referentially transparent. Then, on the top of these, we reflect functions (like digesti or hmaci) with GADT - however, conversion from GADT to hash type is not possible (but you can destruct GADT with to_raw_string).

Equal/Compare function

We deciced to protect users to timing-attack. In this case, Digestif.equal (by eqaf package) compares hashes in constant-time.

However, we provide unsafe_compare function too which is not a constant time function. In some contexts, like ocaml-git, we don't care about timing attack and we use unsafe_compare - then, we need to make a wrap where we rename unsafe_compare to compare to be able to use it in some functors like Map.Make or Set.Make.

It's little annoying to do that but it forces the user to get the right question about security issues. So, please, don't ask to rename this function.

MirageOS

Of course, this package is available to be used on MirageOS (both implementations). User is able to compile digestif.ocaml with js_of_ocaml and this package is platform agnostic.

Build Requirements

  • OCaml >= 4.03.0 (may be less but need test)

  • base-bytes meta-package

  • base-bigarray meta-package

  • dune to build the project

If you want to compile the test program, you need:

  • alcotest

Credits

This work is from the nocrypto library and the Vincent hanquez's work in ocaml-sha.

All credits appear in the begin of files and this library is motivated by two reasons:

  • delete the dependancy with nocrypto if you don't use the encryption (and common) part

  • aggregate all hashes functions in one library

Dev Dependencies (7)

  1. ocamlfind with-test
  2. rresult with-test
  3. fpath with-test
  4. astring with-test
  5. bos with-test
  6. alcotest with-test
  7. fmt with-test

Used by (50)

  1. archetype < "1.2.2"
  2. aws >= "1.2"
  3. aws-s3 >= "4.2.0"
  4. carton < "0.4.4"
  5. carton-lwt < "0.4.4"
  6. chamelon
  7. dkim
  8. dkim-mirage >= "0.2.0"
  9. docfd >= "2.1.0"
  10. docteur
  11. docteur-solo5
  12. docteur-unix
  13. dream < "1.0.0~alpha3" | >= "1.0.0~alpha7"
  14. dream-httpaf
  15. esperanto-cosmopolitan >= "0.0.5"
  16. git >= "3.0.0" & < "3.9.1"
  17. git-unix >= "3.0.0" & < "3.9.1"
  18. graphql-cohttp >= "0.9.0"
  19. index-bench >= "1.5.0"
  20. irmin >= "2.0.0"
  21. irmin-cli
  22. irmin-git >= "2.0.0"
  23. irmin-http = "2.0.0" | >= "2.3.0"
  24. irmin-tezos
  25. irmin-unix >= "2.0.0"
  26. jupyter-kernel >= "0.4"
  27. jwto >= "0.4.0"
  28. learn-ocaml >= "0.12"
  29. learn-ocaml-client
  30. miou
  31. naboris >= "0.1.3"
  32. nocoiner
  33. noise >= "0.2.0"
  34. ocluster
  35. ocluster-worker
  36. octez-internal-libs
  37. ometrics >= "0.1.2"
  38. openstellina
  39. owi >= "0.2"
  40. soupault >= "4.4.0"
  41. spoke
  42. swhid
  43. swhid_compute
  44. tezos-base58
  45. tezos-context < "11.0" | >= "12.0" & < "16.0"
  46. tezos-context-hash
  47. tezos-storage
  48. tezos-store < "12.0"
  49. webauthn >= "0.2.0"
  50. zeit

Conflicts (2)

  1. ocaml-freestanding < "0.6.0"
  2. mirage-xen < "6.0.0"
OCaml

Innovation. Community. Security.

GitHub Discord Twitter Peertube RSS
About
Changelog Releases Industrial Users Academic Users Why OCaml
Ecosystem
Packages Community Events OCaml Planet Jobs
Resources
Install OCaml Get Started Platform Tools Language Manual Standard Library API Books Exercises Papers OCaml Playground Logo
Policies
Carbon Footprint Governance Privacy Code of Conduct