commit 172c086ac9519af61b9ca87b4a8789bbbbdb0f38
parent 01917a647ba57a5f3c5f992443c4561a6af3376a
Author: Jared Tobin <jared@jtobin.io>
Date: Tue, 11 Mar 2025 10:33:59 +0400
meta: wycheproof note
Diffstat:
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/README.md b/README.md
@@ -58,7 +58,11 @@ This library aims at the maximum security achievable in a
garbage-collected language under an optimizing compiler such as GHC, in
which strict constant-timeness can be [challenging to achieve][const].
-The ChaCha20 cipher within passes all test vectors from RFC8439.
+The ChaCha20 cipher within passes all test vectors from RFC8439,
+and the downstream AEAD-ChaCha20-Poly1305 implementation in
+[ppad-aead](https://github.com/ppad-tech/aead) passes all the [Project
+Wycheproof vectors][wyche].
+
If you discover any vulnerabilities, please disclose them via
security@ppad.tech.
@@ -85,3 +89,4 @@ to get a REPL for the main library.
[flake]: https://nixos.org/manual/nix/unstable/command-ref/new-cli/nix3-flake.html
[hadoc]: https://docs.ppad.tech/chacha
[const]: https://www.chosenplaintext.ca/articles/beginners-guide-constant-time-cryptography.html
+[wyche]: https://github.com/C2SP/wycheproof