hacspec
A specification language for crypto primitives in Rust.
This is the successor of https://github.com/HACS-workshop/hacspec.
Crates
Name | Crates.io | Docs | CI |
---|---|---|---|
hacspec | |||
hacspec-lib | |||
hacspec-provider |
Usage
Writing hacspec
hacspec is always valid Rust code such that starting to write hacspec is as simple as writing Rust code that is compliant with the language specification. However, this is very tedious. It is recommended to use the hacspec standard library to write hacspec. In order to ensure that the code is a hacspec one can use the typecheker.
Typechecking
Make sure you have at least rustup 1.23.0
.
The rust-toolchain
automatically picks the correct Rust nightly version and components.
The compiler version is currently pinned to nightly-2021-03-11
.
First ensure that Rust nightly is installed and the typechecker is installed.
rustup toolchain install nightly-2021-03-11
rustup component add --toolchain nightly-2021-03-11 rustc-dev
cargo +nightly-2021-03-11 install hacspec
Depending on your system you might also need llvm-tools-preview
rustup component add --toolchain nightly-2021-03-11 llvm-tools-preview
In a hacspec crate or workspace directory typechecking can be done as follows now:
cargo +nightly-2021-03-11 hacspec <crate-name>
Note that the crate needs to be compiled before it can be typechecked.
cargo +nightly-2021-03-11 build
If typechecking succeeds, it should show
> Successfully typechecked.
Generating code
To generate F* or EasyCrypt code from hacspec the typechecker (see above) is required.
cargo +nightly-2021-03-11 hacspec -o <fst-name>.fst <crate-name>
cargo +nightly-2021-03-11 hacspec -o <ec-name>.ec <crate-name>
Repository Structure
This is a cargo workspace consisting of three main crates:
-
hacspec: the compiler, typechecker and language infrastructure for the hacspec subset of Rust
- Note that the language infrastructure is excluded from the main workspace of crates, so it won't be build when you launch
cargo build
from the root of the repository.
- Note that the language infrastructure is excluded from the main workspace of crates, so it won't be build when you launch
- hacspec-lib: the standard library of hacspec programs
-
hacspec-provider: a cryptography provider with a set of cryptographic primitives written in hacspec
- This combines the individual crates from the examples directory and implements the RustCrypto API on top to use them from regular Rust code.
The three main crates make use of a set of additional crates:
-
abstract-integers: wrapper around
BigInt
for modular natural integers - secret-integers: wrapper around integer types for constant-timedness
- unsafe-hacspec-examples: cryptographic specs written in hacspec but not formally typechecked yet(hence the unsafety) as hacspec is a work in progress
- examples: cryptographic primitives that have passed the hacspec typechecking
- hacspec-attributes: helper for the hacspec library
- hacspec-dev: utilities that are not part of the language
Compiled code:
- fstar: contains F* translations of the cryptographic specs, produced by the hacspec compiler
- easycrypt: contains EasyCrypt translations of the cryptographic specs, produced by the hacspec compiler
Contributing
Before starting any work please join the Zulip chat, start a discussion on Github, or file an issue to discuss your contribution.
The main entry points for contributions and some general work items are
- the language if you want to work on the hacspec language itself
- improve the typechecker
- improve the existing compiler backends (F* and EasyCrypt)
- add a new compiler backend
- hacspec implementations
- implementing new cryptographic primitives in hacspec
- improve the provider
- the standard library
- enhance numeric implementations
- enhance vector arithmetic
Examples
There's a set of example specs, divided between the safe and unsafe. To run all examples one can use cargo test
.