RustCrypto · Demindiro · Jan 23, 2025 · Jan 23, 2025 · Jan 24, 2025 · Jan 24, 2025
diff --git a/.github/workflows/benches.yml b/.github/workflows/benches.yml
@@ -23,7 +23,7 @@ jobs:
     strategy:
       matrix:
         rust:
-          - 1.81.0 # MSRV
+          - 1.84.0 # MSRV
           - stable
     steps:
       - uses: actions/checkout@v4

diff --git a/.github/workflows/hs1-siv.yml b/.github/workflows/hs1-siv.yml
@@ -0,0 +1,68 @@
+name: hs1-siv
+
+on:
+  pull_request:
+    paths:
+      - ".github/workflows/hs1-siv.yml"
+      - "hs1-siv/**"
+      - "Cargo.*"
+  push:
+    branches: master
+
+defaults:
+  run:
+    working-directory: hs1-siv
+
+env:
+  CARGO_INCREMENTAL: 0
+  RUSTFLAGS: "-Dwarnings"
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        rust:
+          - 1.84.0 # MSRV
+          - stable
+        target:
+          - armv7a-none-eabi
+          - thumbv7em-none-eabi
+          - wasm32-unknown-unknown
+    steps:
+      - uses: actions/checkout@v4
+      - uses: dtolnay/rust-toolchain@master
+        with:
+          toolchain: ${{ matrix.rust }}
+          targets: ${{ matrix.target }}
+      - run: cargo build --no-default-features --release --target ${{ matrix.target }}
+
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        include:
+          # 32-bit Linux
+          - target: i686-unknown-linux-gnu
+            rust: 1.84.0 # MSRV
+            deps: sudo apt update && sudo apt install gcc-multilib
+          - target: i686-unknown-linux-gnu
+            rust: stable
+            deps: sudo apt update && sudo apt install gcc-multilib
+
+          # 64-bit Linux
+          - target: x86_64-unknown-linux-gnu
+            rust: 1.84.0 # MSRV
+          - target: x86_64-unknown-linux-gnu
+            rust: stable
+    steps:
+      - uses: actions/checkout@v4
+      - uses: dtolnay/rust-toolchain@master
+        with:
+          toolchain: ${{ matrix.rust }}
+          targets: ${{ matrix.target }}
+      - run: ${{ matrix.deps }}
+      - run: cargo test --target ${{ matrix.target }} --release --no-default-features
+      - run: cargo test --target ${{ matrix.target }} --release
+      - run: cargo test --target ${{ matrix.target }} --release --all-features
+      - run: cargo build --target ${{ matrix.target }} --benches
diff --git a/.github/workflows/workspace.yml b/.github/workflows/workspace.yml
@@ -28,6 +28,6 @@ jobs:
       - uses: actions/checkout@v4
       - uses: dtolnay/rust-toolchain@master
         with:
-          toolchain: 1.81.0
+          toolchain: 1.84.0
           components: clippy
       - run: cargo clippy --all --all-features -- -D warnings
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -9,6 +9,7 @@ members = [
     "chacha20poly1305",
     "deoxys",
     "eax",
+    "hs1-siv",
     "ocb3",
     "xaes-256-gcm",
 ]

diff --git a/README.md b/README.md
@@ -28,6 +28,7 @@ crate.
 | [`deoxys`]           | [Deoxys-I/II]                | [![crates.io](https://img.shields.io/crates/v/deoxys.svg)](https://crates.io/crates/deoxys) | [![Documentation](https://docs.rs/deoxys/badge.svg)](https://docs.rs/deoxys) | 1.81 |
 | [`eax`]              | [EAX]                        | [![crates.io](https://img.shields.io/crates/v/eax.svg)](https://crates.io/crates/eax) | [![Documentation](https://docs.rs/eax/badge.svg)](https://docs.rs/eax) | 1.81 |
 | [`mgm`]              | [MGM]                        | [![crates.io](https://img.shields.io/crates/v/mgm.svg)](https://crates.io/crates/mgm) | [![Documentation](https://docs.rs/mgm/badge.svg)](https://docs.rs/mgm) | 1.81 |
+| [`hs1_siv`]          | [HS1-SIV]                    | [![crates.io](https://img.shields.io/crates/v/hs1-siv.svg)](https://crates.io/crates/hs1-siv) | [![Documentation](https://docs.rs/hs1_siv/badge.svg)](https://docs.rs/hs1_siv) | 1.84 |
 
 ## MSRV Policy
 
@@ -88,3 +89,4 @@ dual licensed as above, without any additional terms or conditions.
 [EAX]: https://en.wikipedia.org/wiki/EAX_mode
 [MGM]: https://eprint.iacr.org/2019/123.pdf
 [(X)ChaCha20Poly1305]: https://tools.ietf.org/html/rfc8439
+[HS1-SIV]: https://krovetz.net/csus/papers/hs1-siv_v2.2.pdf
diff --git a/benches/Cargo.toml b/benches/Cargo.toml
@@ -20,6 +20,7 @@ ascon-aead = { path = "../ascon-aead/" }
 chacha20poly1305 = { path = "../chacha20poly1305/" }
 deoxys = { path = "../deoxys/" }
 eax = { path = "../eax/" }
+hs1-siv = { path = "../hs1-siv/" }
 
 [target.'cfg(any(target_arch = "x86_64", target_arch = "x86"))'.dependencies]
 criterion-cycles-per-byte = "0.4.0"
@@ -53,3 +54,8 @@ harness = false
 name = "eax"
 path = "src/eax.rs"
 harness = false
+
+[[bench]]
+name = "hs1-siv"
+path = "src/hs1-siv.rs"
+harness = false
diff --git a/benches/src/hs1-siv.rs b/benches/src/hs1-siv.rs
@@ -0,0 +1,66 @@
+use criterion::{criterion_group, criterion_main, BenchmarkId, Criterion, Throughput};
+
+use hs1_siv::aead::{Aead, KeyInit};
+use hs1_siv::{Hs1SivLo, Hs1SivMe, Hs1SivHi};
+
+const KB: usize = 1024;
+
+#[cfg(not(any(target_arch = "x86_64", target_arch = "x86")))]
+type Benchmarker = Criterion;
+#[cfg(any(target_arch = "x86_64", target_arch = "x86"))]
+type Benchmarker = Criterion<criterion_cycles_per_byte::CyclesPerByte>;
+
+fn bench(c: &mut Benchmarker) {
+    let mut group = c.benchmark_group("hs1-siv");
+
+    for size in &[KB, 2 * KB, 4 * KB, 8 * KB, 16 * KB] {
+        let buf = vec![0u8; *size];
+
+        group.throughput(Throughput::Bytes(*size as u64));
+
+        group.bench_function(BenchmarkId::new("encrypt-lo", size), |b| {
+            let cipher = Hs1SivLo::new(&Default::default());
+            b.iter(|| cipher.encrypt(&Default::default(), &*buf))
+        });
+        group.bench_function(BenchmarkId::new("decrypt-lo", size), |b| {
+            let cipher = Hs1SivLo::new(&Default::default());
+            b.iter(|| cipher.decrypt(&Default::default(), &*buf))
+        });
+
+        group.bench_function(BenchmarkId::new("encrypt-me", size), |b| {
+            let cipher = Hs1SivMe::new(&Default::default());
+            b.iter(|| cipher.encrypt(&Default::default(), &*buf))
+        });
+        group.bench_function(BenchmarkId::new("decrypt-me", size), |b| {
+            let cipher = Hs1SivMe::new(&Default::default());
+            b.iter(|| cipher.decrypt(&Default::default(), &*buf))
+        });
+
+        group.bench_function(BenchmarkId::new("encrypt-hi", size), |b| {
+            let cipher = Hs1SivHi::new(&Default::default());
+            b.iter(|| cipher.encrypt(&Default::default(), &*buf))
+        });
+        group.bench_function(BenchmarkId::new("decrypt-hi", size), |b| {
+            let cipher = Hs1SivHi::new(&Default::default());
+            b.iter(|| cipher.decrypt(&Default::default(), &*buf))
+        });
+    }
+
+    group.finish();
+}
+
+#[cfg(not(any(target_arch = "x86_64", target_arch = "x86")))]
+criterion_group!(
+    name = benches;
+    config = Criterion::default();
+    targets = bench
+);
+
+#[cfg(any(target_arch = "x86_64", target_arch = "x86"))]
+criterion_group!(
+    name = benches;
+    config = Criterion::default().with_measurement(criterion_cycles_per_byte::CyclesPerByte);
+    targets = bench
+);
+
+criterion_main!(benches);
diff --git a/hs1-siv/Cargo.toml b/hs1-siv/Cargo.toml
@@ -0,0 +1,24 @@
+[package]
+name = "hs1-siv"
+version = "0.2.0-pre.1"
+edition = "2021"
+description = """
+Pure Rust implementation of the HS1-SIV Authenticated Encryption
+with Additional Data Cipher. Based on ChaCha.
+"""
+authors = ["David Hoppenbrouwers"]
+license = "Apache-2.0 OR MIT"
+readme = "README.md"
+documentation = "https://docs.rs/hs1-siv"
+homepage = "https://github.com/RustCrypto/AEADs/tree/master/hs1-siv"
+repository = "https://github.com/RustCrypto/AEADs/hs1-siv"
+keywords = ["aead", "hs1-siv", "hs1", "siv"]
+categories = ["cryptography", "no-std"]
+rust-version = "1.81"
+
+[dependencies]
+aead = { version = "0.6.0-rc.0", default-features = false }
+chacha20 = { version = "=0.10.0-pre.2" }
+
+[dev-dependencies]
+aead = { version = "0.6.0-rc.0", features = ["alloc"] }