diff --git a/README.md b/README.md index f2b8f5b..713dddb 100644 --- a/README.md +++ b/README.md @@ -50,12 +50,15 @@ Crystal bindings for the [libsodium API](https://libsodium.gitbook.io/doc/) - [x] XChaCha20 - [x] ChaCha20 Ietf - [x] ChaCha20 + - [x] Easy to use methods available for use as a CSPRNG that are faster and safer than Crystal's. See `benchmarks/rand.out`. - [ ] [One time auth](https://libsodium.gitbook.io/doc/advanced/poly1305) - [ ] Padding - Library features - [x] Faster builds by requiring what you need (`require "sodium/secret_box"`) - [x] Nonce reuse detection. - [x] All SecretKey's held in libsodium guarded memory. + - [x] No heap allocations after #initialize when possible. + - [x] Fast. Benchmarks available in `benchmarks`. - [ ] Controlled memory wiping (by calling `.close`) ☑ Indicate specs are compared against test vectors from another source. @@ -76,7 +79,8 @@ Several features in libsodium are already provided by Crystal: | [`Sodium::CryptoBox::SecretKey`](https://didactic-drunk.github.io/sodium.cr/Sodium/CryptoBox/PublicKey.html) .encrypt | I want anonymously send encrypted data. (No signatures) | | [`Sodium::Sign::SecretKey`](https://didactic-drunk.github.io/sodium.cr/Sodium/Sign/SecretKey.html) | I want to sign or verify messages. (No encryption) | | [`Sodium::SecretBox`](https://didactic-drunk.github.io/sodium.cr/Sodium/SecretBox.html) | I have a shared key and want to encrypt + authenticate data. | -| [`Sodium::Cipher::SecretStream`](https://didactic-drunk.github.io/sodium.cr/Sodium/Cipher/SecretStream/XChaCha20Poly1305.html), AEAD | I have a shared key and want encrypt + authenticate streamed data. | +| [`Sodium::Cipher::Aead::XChaCha20Poly1305Ietf`](https://didactic-drunk.github.io/sodium.cr/Sodium/Cipher/Aead/XChaCha20Poly1305Ietf.html) | I have a shared key and want to encrypt + authenticate data and authentication additional plaintext data. | +| [`Sodium::Cipher::SecretStream`](https://didactic-drunk.github.io/sodium.cr/Sodium/Cipher/SecretStream/XChaCha20Poly1305.html) | I have a shared key and want encrypt + authenticate streamed data. | | [`Sodium::Digest::Blake2b`](https://didactic-drunk.github.io/sodium.cr/Sodium/Digest::Blake2b.html) | I want to hash data fast and securely. | | `Sodium::Digest::SipHash` | I want to hash data really fast and less securely. (Not implemented yet) | | [`Sodium::Pwhash`](https://didactic-drunk.github.io/sodium.cr/Sodium/Pwhash.html) | I want to hash a password and store it. | diff --git a/benchmarks/rand.cr b/benchmarks/rand.cr new file mode 100644 index 0000000..a9b6e26 --- /dev/null +++ b/benchmarks/rand.cr @@ -0,0 +1,36 @@ +require "benchmark" +require "random/pcg32" +require "random/isaac" +require "../src/sodium/cipher/chalsa" + +pcgrand = Random::PCG32.new 0 +isaacrand = Random::ISAAC.new Bytes.new(32) + +ciphers = {{ Sodium::Cipher::Chalsa.subclasses }}.map do |klass| + cipher = klass.new.tap do |c| + c.key = Bytes.new c.key_size + c.nonce = Bytes.new c.nonce_size + end + + # {short_name, cipher} + {klass.to_s.split("::").last, cipher} +end.to_a +# p ciphers + +buf = Bytes.new 1024 + +Benchmark.ips warmup: 0.5 do |bm| + bm.report "PCG32" do + pcgrand.random_bytes buf + end + + bm.report "ISAAC" do + isaacrand.random_bytes buf + end + + ciphers.each do |name, cipher| + bm.report "#{name}" do + cipher.random_bytes buf + end + end +end diff --git a/benchmarks/rand.txt b/benchmarks/rand.txt new file mode 100644 index 0000000..9b2eaa2 --- /dev/null +++ b/benchmarks/rand.txt @@ -0,0 +1,7 @@ + PCG32 606.78k ( 1.65µs) (± 1.07%) 0.0B/op 4.19× slower + ISAAC 373.63k ( 2.68µs) (± 1.95%) 0.0B/op 6.80× slower + XSalsa20 1.84M (544.61ns) (± 1.17%) 0.0B/op 1.38× slower + Salsa20 2.37M (421.53ns) (± 1.24%) 0.0B/op 1.07× slower + XChaCha20 1.88M (530.86ns) (± 1.46%) 0.0B/op 1.35× slower +ChaCha20Ietf 2.54M (393.65ns) (± 1.22%) 0.0B/op fastest + ChaCha20 2.51M (398.58ns) (± 1.73%) 0.0B/op 1.01× slower