forked from sigil/sigil-crypto
Cryptographic functions for Sigil (SHA, HMAC, base64, random).
- C 100%
|
David Wilson
7abcd4fcbf
v0.15.1: add ECDSA P-256, ECDH P-256, AES-128-GCM, HKDF, base64url
New native bindings (mbedTLS-backed; all primitives already enabled in sigil_mbedtls_config.h, just unexposed): - ecdsa-p256-generate-keypair: returns (cons priv-32 pub-65) - ecdsa-p256-sign: SHA-256 + ECDSA, JOSE format (r||s, 64 bytes) - ecdsa-p256-verify: JOSE format, with on-curve pubkey validation - ecdh-p256-shared-secret: 32-byte X coord, on-curve validation - aes-128-gcm-encrypt: 12-byte IV, 16-byte tag, returns (ct . tag) - aes-128-gcm-decrypt: returns plaintext or #f on auth fail Pure-Sigil additions: - base64url-encode / base64url-decode (RFC 4648 § 5) - hkdf-sha256-extract / hkdf-sha256-expand / hkdf-sha256 (RFC 5869) These are the primitives required for IRCv3 WEBPUSH per RFC 8291 (Web Push payload encryption) and RFC 8292 (VAPID). Tests use known-answer vectors: - HKDF-SHA256: RFC 5869 §A.2 + §A.3 - ECDH P-256: RFC 5903 §8.1 (initiator + responder views) - AES-128-GCM: NIST SP 800-38D KAT (zero/zero, zero-PT) - ECDSA P-256: round-trip + tampered-sig/msg/pub fail tests (RFC 6979 deterministic-k vectors not used: MBEDTLS_ECDSA_DETERMINISTIC not enabled in our mbedtls config; sign uses random k via CTR-DRBG) - RFC 8291 § 5 end-to-end: ECDH → HKDF → AES-128-GCM round-trip Validation invariants enforced: - Pubkey-on-curve via mbedtls_ecp_check_pubkey before any DH/verify - Privkey scalar in [1, n-1] before any sign/DH - Stack copies of private material wiped before unwind |
||
|---|---|---|
| native | v0.15.1: add ECDSA P-256, ECDH P-256, AES-128-GCM, HKDF, base64url | |
| src/sigil | v0.15.1: add ECDSA P-256, ECDH P-256, AES-128-GCM, HKDF, base64url | |
| test | v0.15.1: add ECDSA P-256, ECDH P-256, AES-128-GCM, HKDF, base64url | |
| vendor/mbedtls | feat: Add HMAC-SHA1, PBKDF2-SHA1, and make-bytevector fill parameter | |
| .gitignore | Extract sigil-crypto from sigil monorepo | |
| .woodpecker.yml | Bump CI pin to sigil v0.14.3 | |
| dev-redirects.sgl | Extract sigil-crypto from sigil monorepo | |
| manifest.scm | Extract sigil-crypto from sigil monorepo | |
| package.sgl | v0.15.1: add ECDSA P-256, ECDH P-256, AES-128-GCM, HKDF, base64url | |
| README.md | Extract sigil-crypto from sigil monorepo | |
| sigil.lock | Add Woodpecker CI; drop CHANGELOG.md | |
sigil-crypto
Cryptographic primitives for Sigil.
Hashing, message authentication, key derivation, base64 encoding, and cryptographically secure random bytes. Built on a vendored mbedTLS and usable independently of TLS.
Modules
| Module | Purpose |
|---|---|
(sigil crypto) |
SHA/HMAC/PBKDF2 hashes, base64, random bytes |
API summary
| Procedure | Purpose |
|---|---|
sha1 |
SHA-1 hex digest of a string or bytevector |
sha256 |
SHA-256 hex digest of a string or bytevector |
sha256-bytes |
SHA-256 digest as a bytevector |
hmac-sha256 |
HMAC-SHA256 hex digest (key + message) |
hmac-sha1 |
HMAC-SHA1 hex digest (key + message) |
pbkdf2-sha1 |
PBKDF2-SHA1 key derivation (hex digest) |
base64-encode |
Base64 encoding of a string or bytevector |
base64-decode |
Base64 decoding to a string |
random-bytes |
Cryptographically secure random bytevector |
timing-safe-equal? |
Constant-time string comparison |
System prerequisites
None beyond a working C toolchain. mbedTLS is vendored under
vendor/mbedtls/ and compiled in-tree with a minimal
sigil_mbedtls_config.h (TLS 1.2 primitives only — TLS 1.3 and the PSA
crypto machinery are compiled out).
Dependencies
- sigil-stdlib
Build
sigil deps install
sigil build
sigil test --report
The first build compiles ~108 mbedTLS translation units plus
native/crypto.c. Subsequent builds hit the cache.
Usage
(import (sigil crypto))
(sha256 "hello") ; => hex string
(sha256-bytes "hello") ; => 32-byte bytevector
(hmac-sha256 "secret-key" "message") ; => hex string
(pbkdf2-sha1 "password" "salt" 4096 20) ; => hex string
(base64-encode "hello") ; => "aGVsbG8="
(base64-decode "aGVsbG8=") ; => "hello"
(random-bytes 16) ; => #u8(...)
(timing-safe-equal? "abc" "abc") ; => #t
License
BSD-3-Clause.
Vendored mbedTLS (under vendor/mbedtls/) is distributed under
Apache-2.0 OR GPL-2.0-or-later. sigil-crypto's own sources are
BSD-3-Clause. See vendor/mbedtls/LICENSE for the mbedTLS terms.