From 46e387458d438b81a3485e26bf6bb44595e52073 Mon Sep 17 00:00:00 2001 From: Rolfe Schmidt <141083381+rolfe-signal@users.noreply.github.com> Date: Thu, 4 Dec 2025 12:53:53 -0700 Subject: [PATCH] Upgrade to libcrux 0.0.4, spqr version to 1.3.0. Co-authored-by: Graeme Connell --- Cargo.lock | 50 +++++++++++++++++++++----------------------------- Cargo.toml | 7 +++---- src/kdf.rs | 22 +++++++--------------- 3 files changed, 31 insertions(+), 48 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 8e75610..06bb8ba 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -61,9 +61,9 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" [[package]] name = "core-models" -version = "0.0.3" +version = "0.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "94950e87ea550d6d68f1993f3e7bebc8cb7235157bff84337d46195c3aa0b3f0" +checksum = "0940496e5c83c54f3b753d5317daec82e8edac71c33aaa1f666d76f518de2444" dependencies = [ "hax-lib", "pastey", @@ -320,28 +320,18 @@ checksum = "d750af042f7ef4f724306de029d18836c26c1765a54a6a3f094cbd23a7267ffa" [[package]] name = "libcrux-hacl-rs" -version = "0.0.3" +version = "0.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1134af11da3f24ae8d1a7e2b60ee871c9e3ffd3d8857deaeebab8088b005addd" +checksum = "2637dc87d158e1f1b550fd9b226443e84153fded4de69028d897b534d16d22e6" dependencies = [ "libcrux-macros", ] -[[package]] -name = "libcrux-hkdf" -version = "0.0.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ed7a54a1b453200e8a18205ffbecbb0fee0cce9ec8d0bd635898b7eb2879ac06" -dependencies = [ - "libcrux-hacl-rs", - "libcrux-hmac", -] - [[package]] name = "libcrux-hmac" -version = "0.0.3" +version = "0.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "743cdf6149a46b2cd5f62bea237a7c57011e85055486fc031513e1261cc6692e" +checksum = "9f0e8011bfcdb6059127e673ec0e1fc7b2a3705c683ade9d708875ed4c26cd8d" dependencies = [ "libcrux-hacl-rs", "libcrux-macros", @@ -350,9 +340,9 @@ dependencies = [ [[package]] name = "libcrux-intrinsics" -version = "0.0.3" +version = "0.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5d3b41dcbc21a5fb7efbbb5af7405b2e79c4bfe443924e90b13afc0080318d31" +checksum = "bc9ee7ef66569dd7516454fe26de4e401c0c62073929803486b96744594b9632" dependencies = [ "core-models", "hax-lib", @@ -370,15 +360,16 @@ dependencies = [ [[package]] name = "libcrux-ml-kem" -version = "0.0.3" +version = "0.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5d368d3e8d6a74e277178d54921eca112a1e6b7837d7d8bc555091acb5d817f5" +checksum = "4bb6a88086bf11bd2ec90926c749c4a427f2e59841437dbdede8cde8a96334ab" dependencies = [ "hax-lib", "libcrux-intrinsics", "libcrux-platform", "libcrux-secrets", "libcrux-sha3", + "libcrux-traits", ] [[package]] @@ -392,18 +383,18 @@ dependencies = [ [[package]] name = "libcrux-secrets" -version = "0.0.3" +version = "0.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "332737e629fe6ba7547f5c0f90559eac865d5dbecf98138ffae8f16ab8cbe33f" +checksum = "6e4dbbf6bc9f2bc0f20dc3bea3e5c99adff3bdccf6d2a40488963da69e2ec307" dependencies = [ "hax-lib", ] [[package]] name = "libcrux-sha2" -version = "0.0.3" +version = "0.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "91eed3bb0ae073f46ae03c83318013fba6e3302bf3292639417b68e908fec4bf" +checksum = "649d9401e6e1954f58531b8eb13b12c800f85bbadc93362871b63a1f8a8d6d32" dependencies = [ "libcrux-hacl-rs", "libcrux-macros", @@ -412,21 +403,23 @@ dependencies = [ [[package]] name = "libcrux-sha3" -version = "0.0.3" +version = "0.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "29d95de4257eafdfaf3bffecadb615219b0ca920c553722b3646d32dde76c797" +checksum = "2400bec764d1c75b8a496d5747cffe32f1fb864a12577f0aca2f55a92021c962" dependencies = [ "hax-lib", "libcrux-intrinsics", "libcrux-platform", + "libcrux-traits", ] [[package]] name = "libcrux-traits" -version = "0.0.3" +version = "0.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0cdbf9591a39f04d6da6b9bad51ac58378604a80708c2173dadf92029891b9e2" +checksum = "9adfd58e79d860f6b9e40e35127bfae9e5bd3ade33201d1347459011a2add034" dependencies = [ + "libcrux-secrets", "rand 0.9.1", ] @@ -878,7 +871,6 @@ dependencies = [ "hax-lib", "hkdf", "hmac", - "libcrux-hkdf", "libcrux-hmac", "libcrux-ml-kem", "log", diff --git a/Cargo.toml b/Cargo.toml index cb4f642..04309b6 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "spqr" -version = "1.2.0" +version = "1.3.0" edition = "2021" license = "AGPL-3.0-only" rust-version = "1.83.0" @@ -12,9 +12,8 @@ curve25519-dalek = { version = "4.1.3", features = ["rand_core"] } displaydoc = "0.2" hax-lib = "0.3.5" hkdf = "0.12" -libcrux-hkdf = "0.0.3" -libcrux-hmac = "0.0.3" -libcrux-ml-kem = { version = "0.0.3", default-features = false, features = ["incremental", "mlkem768"] } +libcrux-hmac = "0.0.4" +libcrux-ml-kem = { version = "0.0.4", default-features = false, features = ["incremental", "mlkem768"] } log = "0.4.21" num_enum = "0.7.3" prost = "0.14.1" diff --git a/src/kdf.rs b/src/kdf.rs index 2f3592c..9d3d729 100644 --- a/src/kdf.rs +++ b/src/kdf.rs @@ -4,24 +4,16 @@ #[hax_lib::opaque] #[hax_lib::ensures(|res| res.len() >= okm_len)] pub fn hkdf_to_vec(salt: &[u8], ikm: &[u8], info: &[u8], okm_len: usize) -> Vec { - if cfg!(feature = "proof") { - libcrux_hkdf::hkdf(libcrux_hkdf::Algorithm::Sha256, salt, ikm, info, okm_len) - .expect("all lengths should work for SHA256") - } else { - let mut out = vec![0u8; okm_len]; - hkdf_to_slice(salt, ikm, info, &mut out); - out - } + let mut out = vec![0u8; okm_len]; + hkdf_to_slice(salt, ikm, info, &mut out); + out } #[hax_lib::opaque] #[hax_lib::ensures(|_| future(okm).len() == okm.len())] pub fn hkdf_to_slice(salt: &[u8], ikm: &[u8], info: &[u8], okm: &mut [u8]) { - if cfg!(feature = "proof") { - okm.copy_from_slice(&hkdf_to_vec(salt, ikm, info, okm.len())); - } else { - hkdf::Hkdf::::new(Some(salt), ikm) - .expand(info, okm) - .expect("all lengths should work for SHA256"); - } + hkdf::Hkdf::::new(Some(salt), ikm) + .expand(info, okm) + .expect("all lengths should work for SHA256"); + }