comparison.md

FaCT/C Comparison

libsodium/

Implementation of crypto_secretbox and crypto_secretbox_open and underlying primitives from the libsodium library. Provides symmetric-key authenticated encryption and decryption, using primitives Poly1305 for authentication and XSalsa20 for encryption.

crypto_secretbox.fact

Definition	FaCT	C
_crypto_core_hsalsa20	crypto_secretbox.fact:4-69	crypto_core/hsalsa20/ref2/core_hsalsa20_ref2.c:16-95
_crypto_stream_xsalsa20	crypto_secretbox.fact:71-80	crypto_stream/xsalsa20/stream_xsalsa20.c:7-19
_crypto_stream_xsalsa20_xor_ic	crypto_secretbox.fact:82-94	crypto_stream/xsalsa20/stream_xsalsa20.c:21-34
_crypto_stream_xsalsa20_xor	crypto_secretbox.fact:96-102	crypto_stream/xsalsa20/stream_xsalsa20.c:36-42
_crypto_secretbox_xsalsa20poly1305	crypto_secretbox.fact:104-124	crypto_secretbox/xsalsa20poly1305/secretbox_xsalsa20poly1305.c:6-23
_crypto_secretbox_xsalsa20poly1305_open	crypto_secretbox.fact:126-149	crypto_secretbox/xsalsa20poly1305/secretbox_xsalsa20poly1305.c:25-47
_crypto_secretbox	crypto_secretbox.fact:151-157	crypto_secretbox/crypto_secretbox.c:47-53
_crypto_secretbox_open	crypto_secretbox.fact:159-165	crypto_secretbox/crypto_secretbox.c:55-61

salsa20.fact

Definition	FaCT	C
_crypto_core_salsa20	salsa20.fact:6-99	crypto_core/salsa/ref/core_salsa_ref.c:10-95
_crypto_stream_salsa20	salsa20.fact:101-137	crypto_stream/salsa20/ref/salsa20_ref.c:18-61
_crypto_stream_salsa20_xor_ic	salsa20.fact:139-187	crypto_stream/salsa20/ref/salsa20_ref.c:63-112

salsa20-avx2.fact

Definition	FaCT	C
_salsa_keysetup	salsa20-avx2.fact:1-17	crypto_stream/salsa20/xmm6int/salsa20_xmm6int-avx2.c:39-54
_salsa_ivsetup	salsa20-avx2.fact:19-27	crypto_stream/salsa20/xmm6int/salsa20_xmm6int-avx2.c:56-63
_salsa_ivsetup_null	salsa20-avx2.fact:29-36	crypto_stream/salsa20/xmm6int/salsa20_xmm6int-avx2.c:56-63
_salsa20_encrypt_bytes	salsa20-avx2.fact:38-43	crypto_stream/salsa20/xmm6int/salsa20_xmm6int-avx2.c:65-79
_crypto_stream_salsa20	salsa20-avx2.fact:46-63	crypto_stream/salsa20/xmm6int/salsa20_xmm6int-avx2.c:81-98
_crypto_stream_salsa20_xor_ic	salsa20-avx2.fact:66-86	crypto_stream/salsa20/xmm6int/salsa20_xmm6int-avx2.c:100-123

u0.fact

Definition	FaCT	C
_u1	u0.fact:2-270	crypto_stream/salsa20/xmm6int/u1.h
_u0	u0.fact:273-505	crypto_stream/salsa20/xmm6int/u0.h
u0	u0.fact:507-518	(no analogue)

crypto_poly1305.fact

Definition	FaCT	C
poly1305_state_internal_t	crypto_poly1305.fact:3-10	crypto_onetimeauth/poly1305/donna/poly1305_donna64.h:25-32
_poly1305_blocks	crypto_poly1305.fact:12-65	crypto_onetimeauth/poly1305/donna/poly1305_donna64.h:61-133
_poly1305_init	crypto_poly1305.fact:67-90	crypto_onetimeauth/poly1305/donna/poly1305_donna64.h:34-59
_poly1305_update	crypto_poly1305.fact:92-143	crypto_onetimeauth/poly1305/donna/poly1305_donna.c:14-56
_poly1305_finish	crypto_poly1305.fact:145-228	crypto_onetimeauth/poly1305/donna/poly1305_donna64.h:135-220
_crypto_onetimeauth_poly1305	crypto_poly1305.fact:230-247	crypto_onetimeauth/poly1305/donna/poly1305_donna.c:58-70
_crypto_onetimeauth_poly1305_verify	crypto_poly1305.fact:249-256	crypto_onetimeauth/poly1305/donna/poly1305_donna.c:102-113

stdlib.fact

Definition	FaCT	C
_crypto_verify_16	stdlib.fact:1-8	crypto_verify/sodium/verify.c:63-78

donna/

Implementation of Langley's curve25519-donna library, which provides the Curve25519 ECDH primitive.

curve25519-c64.fact

Definition	FaCT	C
(full implementation)	curve25519-c64.fact	curve25519-donna-c64.c

openssl-ssl3/

Implementation of ssl3_cbc_digest_record from OpenSSL, which computes the MAC of a padded message from a decrypted SSL3 packet, without revealing the padding length.

s3_cbc.fact

Definition	FaCT	C
(full implementation)	s3_cbc.fact	ssl/s3_cbc.c:276-482

openssl-mee/

Implementation of aesni_cbc_hmac_sha1_cipher from OpenSSL, which verifies MAC and padding of an encrypted TLS message, without revealing the padding length.

20170717_latest.fact

Definition	FaCT	C
(full implementation)	20170717_latest.fact	crypto/evp/e_aes_cbc_hmac_sha1.c:499-748