Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Panic freedom with F* #133

Draft
wants to merge 12 commits into
base: main
Choose a base branch
from
Draft

Panic freedom with F* #133

wants to merge 12 commits into from

Conversation

karthikbhargavan
Copy link
Collaborator

This PR addresses [...] described in issue #.

Type of change

  • [X ] New feature

Motivation and Context

This PR adds panic freedom proofs (and relevant annotations) to the core protocol code.

Changes

TODO

Checklist

  • I have linked an issue to this PR
  • I have described the changes
  • I have read and understood the code of conduct, contribution guidelines, and contributor license agreement
  • I have added tests for all changes
  • I have tested that all tests pass locally and all checks pass
  • I have updated documentation if necessary

Fixes #

Cargo.lock Outdated Show resolved Hide resolved
@@ -21,16 +21,14 @@ libcrux-kem = {version = "0.0.2-alpha.1", features = ["pre-verification", "kyber
libcrux = { version = "0.0.2-alpha.1", features = [
"rand",
]}
hax-lib-macros = { git = "https://github.com/hacspec/hax", optional = true }
hax-lib = { git = "https://github.com/hacspec/hax" }
hax-lib = { git = "https://github.com/hacspec/hax/", branch= "pq11-fstar-libs" }
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's remember to update this before merging.

src/tls13cert.rs Outdated
let mut u32word = [U8(0); 4];
u32word[0..len].copy_from_slice(&b[offset..offset + len]);
Ok(u32_from_be_bytes(u32word).declassify() as usize >> ((4 - len) * 8))
if b.len() >= offset + len {
Copy link
Member

@franziskuskiefer franziskuskiefer Jan 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure if this is how it's used. This requires the caller to pass in only the exact slice that's read. I don't think that's how this should be defined.

if b[offset].declassify() & 0x80u8 == 0u8 {
Ok((b[offset].declassify() & 0x7fu8) as usize)
} else {
if b.len() > offset {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since we can use early returns. We should that in checks like these.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants