Optimize crypto module performance with local caching

CLAUDE.md

@@ -90,20 +90,22 @@ src/noiseprotocol/
 ├── crypto/                     # Cryptographic primitives
 │   ├── init.lua               # Crypto module aggregator
 │   ├── x25519.lua / x448.lua  # Diffie-Hellman functions
-│   ├── chacha20*.lua          # Stream cipher and AEAD
+│   ├── chacha20.lua           # Stream cipher
+│   ├── chacha20_poly1305.lua  # ChaCha20-Poly1305 AEAD
 │   ├── aes_gcm.lua            # AES-GCM AEAD
 │   ├── poly1305.lua           # Poly1305 MAC
-│   ├── sha*.lua / blake2.lua  # Hash functions
+│   ├── sha256.lua / sha512.lua / blake2.lua  # Hash functions
 ├── utils/                      # Utility modules
-│   ├── bit32.lua / bit64.lua  # Bitwise operations
 │   ├── bytes.lua              # Byte manipulation utilities
 │   └── benchmark.lua          # Performance measurement tools
 └── openssl_wrapper.lua        # Optional OpenSSL acceleration
+vendor/
+└── bitn.lua                    # Unified bitwise operations for all Lua versions
 ```
 
 ### Key Classes and APIs
 
-**NoiseConnection** (`src/noiseprotocol/init.lua:1551`)
+**NoiseConnection** (`src/noiseprotocol/init.lua:1563`)
 - Main API for establishing secure connections
 - Handles handshake patterns (XX, IK, NK, etc.) and PSK variants
 - Manages transport phase encryption/decryption
@@ -143,6 +145,7 @@ Supports all standard patterns from the Noise specification:
 - LuaJIT significantly outperforms standard Lua interpreters
 - Benchmarks should be run with LuaJIT for realistic performance data
 - X448 is notably slower than X25519 in pure Lua
+- Crypto modules use pre-allocated arrays for performance; not thread-safe for concurrent coroutines
 
 ### Compatibility
 - Supports Lua 5.1, 5.2, 5.3, 5.4, and LuaJIT

Makefile

@@ -1,3 +1,9 @@
+# Luarocks path for amalg and other tools
+LUAROCKS_PATH := $(shell luarocks path --lr-path 2>/dev/null)
+
+# Lua path for local modules (src, vendor)
+LUA_PATH_LOCAL := ./?.lua;./?/init.lua;./src/?.lua;./src/?/init.lua;./vendor/?.lua;$(LUAROCKS_PATH)
+
 # Default target
 .PHONY: all
 all: format lint test build
@@ -37,7 +43,7 @@ build/amalg.cache: src/noiseprotocol/init.lua
 	@echo "Generating amalgamation cache..."
 	@mkdir -p build
 	@if command -v amalg.lua >/dev/null 2>&1; then \
-		LUA_PATH="./src/?.lua;./src/?/init.lua;$(LUA_PATH)" lua -lamalg src/noiseprotocol/init.lua && mv amalg.cache build || exit 1; \
+		LUA_PATH="$(LUA_PATH_LOCAL)" lua -lamalg src/noiseprotocol/init.lua && mv amalg.cache build || exit 1; \
 		echo "Generated amalg.cache"; \
 	else \
 		echo "Error: amalg not found."; \
@@ -51,9 +57,9 @@ build/amalg.cache: src/noiseprotocol/init.lua
 build: build/amalg.cache
 	@echo "Building single-file distribution..."
 	@if command -v amalg.lua >/dev/null 2>&1; then \
-		LUA_PATH="./src/?.lua;./src/?/init.lua;$(LUA_PATH)" amalg.lua -o build/noiseprotocol.lua -C ./build/amalg.cache || exit 1;\
+		LUA_PATH="$(LUA_PATH_LOCAL)" amalg.lua -o build/noiseprotocol.lua -C ./build/amalg.cache || exit 1; \
 		echo "Built build/noiseprotocol.lua"; \
-		LUA_PATH="./src/?.lua;./src/?/init.lua;$(LUA_PATH)" amalg.lua -o build/noiseprotocol-core.lua -C ./build/amalg.cache -i "vendor%." || exit 1;\
+		LUA_PATH="$(LUA_PATH_LOCAL)" amalg.lua -o build/noiseprotocol-core.lua -C ./build/amalg.cache -i "bitn" || exit 1; \
 		echo "Built build/noiseprotocol-core.lua (no vendor dependencies)"; \
 		VERSION=$$(git describe --exact-match --tags 2>/dev/null || echo "dev"); \
 		if [ "$$VERSION" != "dev" ]; then \
@@ -120,7 +126,7 @@ format:
 .PHONY: format-check
 format-check:
 	@if command -v stylua >/dev/null 2>&1; then \
-  		echo "Running stylua check..."; \
+		echo "Running stylua check..."; \
 		stylua --check --indent-type Spaces --column-width 120 --line-endings Unix \
 			--indent-width 2 --quote-style AutoPreferDouble \
 			src/ tests/; \
@@ -155,24 +161,26 @@ help:
 	@echo "Noise Protocol Framework - Makefile targets"
 	@echo ""
 	@echo "Testing:"
-	@echo "  make test              - Run all tests"
-	@echo "  make test-<name>       - Run specific test (e.g., make test-x25519)"
-	@echo "  make test-matrix       - Run test matrix across Lua versions"
+	@echo "  make test               - Run all tests"
+	@echo "  make test-<name>        - Run specific test (e.g., make test-x25519)"
+	@echo "  make test-matrix        - Run tests across all Lua versions"
+	@echo "  make test-matrix-<name> - Run specific test across all Lua versions"
 	@echo ""
 	@echo "Benchmarking:"
-	@echo "  make bench             - Run all benchmarks"
-	@echo "  make bench-<name>      - Run specific benchmark (e.g., make bench-x25519)"
+	@echo "  make bench              - Run all benchmarks"
+	@echo "  make bench-<name>       - Run specific benchmark (e.g., make bench-x25519)"
 	@echo ""
 	@echo "Building:"
-	@echo "  make build             - Build single-file distribution"
+	@echo "  make build              - Build single-file distributions"
 	@echo ""
 	@echo "Code Quality:"
-	@echo "  make format            - Format all code (Lua)"
-	@echo "  make format-check      - Check code formatting"
-	@echo "  make lint              - Lint code with luacheck"
+	@echo "  make check              - Run format-check and lint"
+	@echo "  make format             - Format code with stylua"
+	@echo "  make format-check       - Check code formatting"
+	@echo "  make lint               - Lint code with luacheck"
 	@echo ""
 	@echo "Setup:"
-	@echo "  make install-deps      - Install all development dependencies"
-	@echo "  make clean             - Remove generated files"
+	@echo "  make install-deps       - Install development dependencies"
+	@echo "  make clean              - Remove generated files"
 	@echo ""
-	@echo "  make help              - Show this help"
+	@echo "  make help               - Show this help"

README.md

@@ -24,7 +24,7 @@ Download a pre-built single-file module from the
 
 - **`noiseprotocol.lua`** - Complete bundle with all dependencies included (zero
   external dependencies)
-- **`noiseprotocol-core.lua`** - Core library only, requires `vendor.bitn` to be
+- **`noiseprotocol-core.lua`** - Core library only, requires `bitn` to be
   installed separately
 
 ### Option 2: From Source
@@ -92,7 +92,7 @@ print("Handshake complete!")
 -- Print first 16 bytes of handshake hash as hex
 local utils = require("noiseprotocol.utils")
 local hash = alice:get_handshake_hash()
-print("Alice handshake hash:", bytes.to_hex(hash):sub(1, 32)) -- 32 hex chars = 16 bytes
+print("Alice handshake hash:", utils.bytes.to_hex(hash):sub(1, 32)) -- 32 hex chars = 16 bytes
 
 -- Transport phase - send encrypted messages
 local ciphertext1 = alice:send_message("Hello Bob!")
@@ -119,33 +119,66 @@ All one-way and interactive patterns from the Noise specification are supported:
 - **AEAD**: ChaChaPoly, AESGCM
 - **Hash**: SHA256, SHA512, BLAKE2s, BLAKE2b
 
-## Testing
+## Development
 
-Run the test suite:
+### Setup
 
 ```bash
-# Run all tests with default Lua interpreter
-./run_tests.sh
+# Install development dependencies (stylua, luacheck, amalg)
+make install-deps
+```
+
+### Testing
+
+```bash
+make test                # Run all tests
+make test-chacha20       # Run specific module tests
+make test-matrix         # Run tests across all Lua versions
+make test-matrix-x25519  # Run specific module across all Lua versions
 
-# Run with specific Lua version
+# Or use scripts directly with custom Lua binary
 LUA_BINARY=lua5.1 ./run_tests.sh
+```
 
-# Run specific modules
-./run_tests.sh chacha20 poly1305
+### Benchmarking
 
-# Run test matrix across all Lua versions
-./run_tests_matrix.sh
+```bash
+make bench               # Run all benchmarks
+make bench-x25519        # Run specific module benchmark
+
+# Or use scripts directly with custom Lua binary
+LUA_BINARY=luajit ./run_benchmarks.sh
+```
+
+### Code Quality
+
+```bash
+make check               # Run format check and lint
+make format              # Format code with stylua
+make format-check        # Check formatting without modifying
+make lint                # Run luacheck
+```
+
+### Building
+
+```bash
+make build               # Build single-file distributions (build/noiseprotocol.lua, build/noiseprotocol-core.lua)
+make clean               # Remove generated files
+```
+
+### Help
+
+```bash
+make help                # Show all available targets
 ```
 
 ## Current Limitations
 
 - Pure Lua performance is slower than native implementations
 - No constant-time guarantees (not suitable for production use without
   additional hardening)
-
-## Future Plans
-
-- Performance optimizations for the pure Lua implementation
+- Not thread-safe for concurrent coroutines (uses pre-allocated arrays for
+  performance)
 
 ## Security Warning
 
@@ -162,7 +195,7 @@ native cryptographic libraries.
 
 ## License
 
-GNU Affero General Public License v3.0 - see LICENSE file for details
+GNU Affero General Public License v3.0 - see LICENSE file for details.
 
 ## Contributing
 

run_benchmarks.sh

@@ -42,7 +42,7 @@ echo
 script_dir=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)
 
 # Add repository root to Lua's package path
-lua_path="$script_dir/?.lua;$script_dir/?/init.lua;$script_dir/src/?.lua;$script_dir/src/?/init.lua;$LUA_PATH"
+lua_path="$script_dir/?.lua;$script_dir/?/init.lua;$script_dir/src/?.lua;$script_dir/src/?/init.lua;$script_dir/vendor/?.lua;$LUA_PATH"
 
 # Parse command line arguments to determine which modules to run
 default_modules=("aes_gcm" "blake2" "chacha20" "chacha20_poly1305" "poly1305" "sha256" "sha512" "x448" "x25519")