hacspec-attributes

hacspec attributes


Keywords
cryptography, formal-verification, specifications
Licenses
MIT/Apache-2.0

Documentation

hacspec hacspec chat

A specification language for crypto primitives in Rust.

This is the successor of https://github.com/HACS-workshop/hacspec.

Crates

Name Crates.io Docs CI
hacspec crates.io Docs Build & Test Status
hacspec-lib crates.io Docs Build & Test Status
hacspec-provider crates.io Docs Build & Test Status

Usage

Writing hacspec

hacspec is always valid Rust code such that starting to write hacspec is as simple as writing Rust code that is compliant with the language specification. However, this is very tedious. It is recommended to use the hacspec standard library to write hacspec. In order to ensure that the code is a hacspec one can use the typecheker.

Typechecking

Make sure you have at least rustup 1.23.0. The rust-toolchain automatically picks the correct Rust nightly version and components. The compiler version is currently pinned to nightly-2021-03-11.

First ensure that Rust nightly is installed and the typechecker is installed.

rustup toolchain install nightly-2021-03-11
rustup component add --toolchain nightly-2021-03-11 rustc-dev
cargo +nightly-2021-03-11 install hacspec

Depending on your system you might also need llvm-tools-preview

rustup component add --toolchain nightly-2021-03-11 llvm-tools-preview

In a hacspec crate or workspace directory typechecking can be done as follows now:

cargo +nightly-2021-03-11 hacspec <crate-name>

Note that the crate needs to be compiled before it can be typechecked.

cargo +nightly-2021-03-11 build

If typechecking succeeds, it should show

> Successfully typechecked.

Generating code

To generate F* or EasyCrypt code from hacspec the typechecker (see above) is required.

cargo +nightly-2021-03-11 hacspec -o <fst-name>.fst <crate-name>
cargo +nightly-2021-03-11 hacspec -o <ec-name>.ec <crate-name>

Repository Structure

This is a cargo workspace consisting of three main crates:

  • hacspec: the compiler, typechecker and language infrastructure for the hacspec subset of Rust
    • Note that the language infrastructure is excluded from the main workspace of crates, so it won't be build when you launch cargo build from the root of the repository.
  • hacspec-lib: the standard library of hacspec programs
  • hacspec-provider: a cryptography provider with a set of cryptographic primitives written in hacspec
    • This combines the individual crates from the examples directory and implements the RustCrypto API on top to use them from regular Rust code.

The three main crates make use of a set of additional crates:

  • abstract-integers: wrapper around BigInt for modular natural integers
  • secret-integers: wrapper around integer types for constant-timedness
  • unsafe-hacspec-examples: cryptographic specs written in hacspec but not formally typechecked yet(hence the unsafety) as hacspec is a work in progress
  • examples: cryptographic primitives that have passed the hacspec typechecking
  • hacspec-attributes: helper for the hacspec library
  • hacspec-dev: utilities that are not part of the language

Compiled code:

  • fstar: contains F* translations of the cryptographic specs, produced by the hacspec compiler
  • easycrypt: contains EasyCrypt translations of the cryptographic specs, produced by the hacspec compiler

Contributing

Before starting any work please join the Zulip chat, start a discussion on Github, or file an issue to discuss your contribution.

The main entry points for contributions and some general work items are

  • the language if you want to work on the hacspec language itself
    • improve the typechecker
    • improve the existing compiler backends (F* and EasyCrypt)
    • add a new compiler backend
  • hacspec implementations
    • implementing new cryptographic primitives in hacspec
    • improve the provider
  • the standard library
    • enhance numeric implementations
    • enhance vector arithmetic

Examples

There's a set of example specs, divided between the safe and unsafe. To run all examples one can use cargo test.

Examples

Unsafe examples