Add hazmat warnings (#199)

tarcieri · web-flow · commit ddbf70b174bf · 2024-03-03T11:28:39.000-07:00
Closes RustCrypto/traits#1327
diff --git a/README.md b/README.md
@@ -1,4 +1,4 @@
-# RustCrypto: Universal Hash Functions ![Rust Version][rustc-image] [![dependency status][deps-image]][deps-link]
+# RustCrypto: Universal Hash Functions ![Rust Version][rustc-image] [![dependency status][deps-image]][deps-link] [![HAZMAT][hazmat-image]][hazmat-link]
 
 Collection of [Universal Hash Functions][1] written in pure Rust.
 
@@ -10,18 +10,25 @@ Collection of [Universal Hash Functions][1] written in pure Rust.
 | [`poly1305`] | [![crates.io](https://img.shields.io/crates/v/poly1305.svg)](https://crates.io/crates/poly1305) | [![Documentation](https://docs.rs/poly1305/badge.svg)](https://docs.rs/poly1305) | ![build](https://github.com/RustCrypto/universal-hashes/workflows/poly1305/badge.svg?branch=master&event=push) |
 | [`polyval`]  | [![crates.io](https://img.shields.io/crates/v/polyval.svg)](https://crates.io/crates/polyval) | [![Documentation](https://docs.rs/polyval/badge.svg)](https://docs.rs/polyval) | ![build](https://github.com/RustCrypto/universal-hashes/workflows/polyval/badge.svg?branch=master&event=push) |
 
-### Minimum Supported Rust Version
+## ⚠️ Security Warning: [Hazmat!][hazmat-link]
 
-All crates in this repository support **Rust 1.56** or higher.
+Universal hash functions have subtle security properties and are primarily intended as a 
+building block for constructions like AEAD algorithms.
 
-In the future, we reserve the right to change the Minimum Supported Rust
-Version, but it will be done with the minor version bump.
+USE AT YOUR OWN RISK!
 
 ## Usage
 
 Crates functionality is expressed in terms of traits defined in the [`universal-hash`][2]
 crate.
 
+### Minimum Supported Rust Version
+
+All crates in this repository support **Rust 1.56** or higher.
+
+In the future, we reserve the right to change the Minimum Supported Rust
+Version, but it will be done with the minor version bump.
+
 ## License
 
 All crates licensed under either of
@@ -42,6 +49,8 @@ dual licensed as above, without any additional terms or conditions.
 [rustc-image]: https://img.shields.io/badge/rustc-1.56+-blue.svg
 [deps-image]: https://deps.rs/repo/github/RustCrypto/universal-hashes/status.svg
 [deps-link]: https://deps.rs/repo/github/RustCrypto/universal-hashes
+[hazmat-image]: https://img.shields.io/badge/crypto-hazmat%E2%9A%A0-red.svg
+[hazmat-link]: https://github.com/RustCrypto/meta/blob/master/HAZMAT.md
 
 [//]: # (crates)
 
diff --git a/ghash/README.md b/ghash/README.md
@@ -5,6 +5,7 @@
 ![Apache2/MIT licensed][license-image]
 ![Rust Version][rustc-image]
 [![Build Status][build-image]][build-link]
+[![HAZMAT][hazmat-image]][hazmat-link]
 
 [GHASH][1] is a [universal hash function][2] which operates over GF(2^128) and
 can be used for constructing a [Message Authentication Code (MAC)][3].
@@ -13,7 +14,17 @@ Its primary intended use is for implementing [AES-GCM][4].
 
 [Documentation][docs-link]
 
-## Security Notes
+## Security
+
+### ⚠️ Warning: [Hazmat!][hazmat-link]
+
+Universal hash functions have subtle security properties and using them
+correctly is difficult. See the [toplevel README.md](../README.md) for more
+information.
+
+USE AT YOUR OWN RISK!
+
+### Notes
 
 This crate has received one [security audit by NCC Group][5], with no significant
 findings. We would like to thank [MobileCoin][6] for funding the audit.
@@ -52,6 +63,8 @@ dual licensed as above, without any additional terms or conditions.
 [rustc-image]: https://img.shields.io/badge/rustc-1.56+-blue.svg
 [build-image]: https://github.com/RustCrypto/universal-hashes/workflows/ghash/badge.svg?branch=master&event=push
 [build-link]: https://github.com/RustCrypto/universal-hashes/actions?query=workflow%3Aghash
+[hazmat-image]: https://img.shields.io/badge/crypto-hazmat%E2%9A%A0-red.svg
+[hazmat-link]: https://github.com/RustCrypto/meta/blob/master/HAZMAT.md
 
 [//]: # (footnotes)
 
diff --git a/poly1305/README.md b/poly1305/README.md
@@ -5,6 +5,7 @@
 ![Apache2/MIT licensed][license-image]
 ![Rust Version][rustc-image]
 [![Build Status][build-image]][build-link]
+[![HAZMAT][hazmat-image]][hazmat-link]
 
 [Poly1305][1] is a [universal hash function][2] which, when combined with a cipher,
 can be used as a [Message Authentication Code (MAC)][3].
@@ -15,7 +16,17 @@ In practice, Poly1305 is primarily combined with ciphers from the
 
 [Documentation][docs-link]
 
-## Security Notes
+## Security
+
+### ⚠️ Warning: [Hazmat!][hazmat-link]
+
+Universal hash functions have subtle security properties and using them
+correctly is difficult. See the [toplevel README.md](../README.md) for more
+information.
+
+USE AT YOUR OWN RISK!
+
+### Notes
 
 This crate has received one [security audit by NCC Group][7], with no significant
 findings. We would like to thank [MobileCoin][8] for funding the audit.
@@ -56,6 +67,8 @@ dual licensed as above, without any additional terms or conditions.
 [rustc-image]: https://img.shields.io/badge/rustc-1.56+-blue.svg
 [build-image]: https://github.com/RustCrypto/universal-hashes/workflows/poly1305/badge.svg?branch=master&event=push
 [build-link]: https://github.com/RustCrypto/universal-hashes/actions?query=workflow%3Apoly1305
+[hazmat-image]: https://img.shields.io/badge/crypto-hazmat%E2%9A%A0-red.svg
+[hazmat-link]: https://github.com/RustCrypto/meta/blob/master/HAZMAT.md
 
 [//]: # (footnotes)
 
diff --git a/polyval/README.md b/polyval/README.md
@@ -5,6 +5,7 @@
 [![Build Status][build-image]][build-link]
 ![Apache2/MIT licensed][license-image]
 ![Rust Version][rustc-image]
+[![HAZMAT][hazmat-image]][hazmat-link]
 
 [POLYVAL][1] ([RFC 8452][2]) is a [universal hash function][3] which operates
 over GF(2^128) and can be used for constructing a
@@ -16,7 +17,17 @@ closely related to [GHASH][6] and therefore can also be used to implement
 
 [Documentation][docs-link]
 
-## Security Notes
+## Security
+
+### ⚠️ Warning: [Hazmat!][hazmat-link]
+
+Universal hash functions have subtle security properties and using them
+correctly is difficult. See the [toplevel README.md](../README.md) for more
+information.
+
+USE AT YOUR OWN RISK!
+
+### Notes
 
 This crate has received one [security audit by NCC Group][8], with no significant
 findings. We would like to thank [MobileCoin][9] for funding the audit.
@@ -55,6 +66,8 @@ dual licensed as above, without any additional terms or conditions.
 [build-link]: https://github.com/RustCrypto/universal-hashes/actions?query=workflow%3Apolyval
 [license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg
 [rustc-image]: https://img.shields.io/badge/rustc-1.56+-blue.svg
+[hazmat-image]: https://img.shields.io/badge/crypto-hazmat%E2%9A%A0-red.svg
+[hazmat-link]: https://github.com/RustCrypto/meta/blob/master/HAZMAT.md
 
 [//]: # (footnotes)
 
