Add homepage content to the documentation

Add some basic content about the package and how it should be used to
the documentation's homepage. Run doctests alongside unit tests.

Author: kernelmethod

README.md

@@ -5,16 +5,15 @@
 [![Build Status](https://github.com/kernelmethod/ChaChaCiphers.jl/actions/workflows/CI.yml/badge.svg?branch=main)](https://github.com/kernelmethod/ChaChaCiphers.jl/actions/workflows/CI.yml?query=branch%3Amain)
 [![Coverage](https://codecov.io/gh/kernelmethod/ChaChaCiphers.jl/branch/main/graph/badge.svg)](https://codecov.io/gh/kernelmethod/ChaChaCiphers.jl)
 
-`ChaChaCiphers` is a Julia package that provides a CUDA-compatible
-implementation of the ChaCha stream cipher family, and implements the
-`Random.AbstractDevice` interface to use ChaCha for cryptographically secure
-random number generation (CRNG).
-
-This package seeks to accomplish the following goals:
-
-- Provide performant and reproducible CRNG for CPU and GPU computations
-- Implement basic cryptographic primitives that can be used as a building block
-  in higher-level cryptographic code (e.g. for building ChaCha20-Poly1305).
+[ChaChaCiphers](https://github.com/kernelmethod/ChaChaCiphers.jl) is a
+CUDA-compatible, pure-Julia implementation of the ChaCha family of stream
+ciphers. This package provides:
+
+- fast, cryptographically-secure, and reproducible random number generators
+  implementing Julia's `AbstractRNG` interface for both CPU and GPU, and
+- implementations of ChaCha stream ciphers such as ChaCha20 that can be used as
+  building blocks for other cryptographic primitives, such as the
+  ChaCha20-Poly1305 AEAD algorithm.
 
 ## Usage
 

docs/make.jl

@@ -15,6 +15,7 @@ makedocs(;
     ),
     pages=[
         "Home" => "index.md",
+        "API" => "api.md",
     ],
 )
 

docs/src/api.md

@@ -0,0 +1,12 @@
+# API
+
+```@index
+```
+
+```@meta
+CurrentModule = ChaChaCiphers
+```
+
+```@autodocs
+Modules = [ChaChaCiphers]
+```

docs/src/index.md

@@ -1,14 +1,132 @@
+# ChaChaCiphers
+
+[ChaChaCiphers](https://github.com/kernelmethod/ChaChaCiphers.jl) is a
+CUDA-compatible, pure-Julia implementation of the ChaCha family of stream
+ciphers. This package provides:
+
+- fast, cryptographically-secure, and reproducible random number generators
+  implementing Julia's `AbstractRNG` interface for both CPU and GPU, and
+- implementations of ChaCha stream ciphers such as ChaCha20 that can be used as
+  building blocks for other cryptographic primitives, such as ChaCha20-Poly1305.
+
+!!! warning
+    ChaCha is not sufficient by itself for encrypting data, and misuse can
+    compromise application security. Please review [the warnings
+    section](#warnings-and-disclaimers) for more details.
+
+## Basic usage
+
 ```@meta
-CurrentModule = ChaChaCiphers
+DocTestSetup = quote
+  using ChaChaCiphers
+  key = UInt32.([
+    0xe2e39848, 0x70bb974d, 0x845f88b4, 0xb30725e4,
+    0x15c309dc, 0x72d545bb, 0x466e99e3, 0x6a759f91
+  ]);
+  nonce = UInt64(0);
+  rng = ChaCha20Stream(key, nonce);
+end
 ```
 
-# ChaChaCiphers
+To start generating random numbers with ChaChaCiphers, create a new keystream
+with a function like [`ChaCha20Stream`](@ref) or [`ChaCha12Stream`](@ref):
+
+```jldoctest
+julia> using ChaChaCiphers
 
-Documentation for [ChaChaCiphers](https://github.com/kernelmethod/ChaChaCiphers.jl).
+julia> rng = ChaCha20Stream();
+```
+
+This will generate a keystream using a key sampled from the operating system's
+random stream. Alternatively,  you can explicitly specify a `key` and `nonce` as
+follows:
+
+```jldoctest
+julia> key = UInt32.([
+          0xe2e39848, 0x70bb974d, 0x845f88b4, 0xb30725e4,
+          0x15c309dc, 0x72d545bb, 0x466e99e3, 0x6a759f91
+       ]);
+
+julia> nonce = UInt64(0);
 
-```@index
+julia> rng = ChaCha20Stream(key, nonce);
 ```
 
-```@autodocs
-Modules = [ChaChaCiphers]
+After generating a keystream, you can supply it as the `rng` parameter to
+`Random` functions like `rand` and `randn`:
+
+```jldoctest
+julia> using Random
+
+julia> rand(rng, 1:10)
+3
+
+julia> randn(rng, Float32, 3)
+3-element Vector{Float32}:
+ -0.50947624
+ -0.9306026
+ -0.084067896
 ```
+
+Review the API documentation for more details.
+
+## About ChaCha
+
+ChaCha was first introduced as a variant of the Salsa20 stream cipher by Daniel
+Bernstein in 2008[^Bernstein08]. ChaCha produces a stream of 512-bit blocks that
+act as a CRNG seeded with a key and nonce.
+
+ChaCha is used as the basis for the Linux kernel's CRNG[^LWN16]. It is one of
+the two major components of the ChaCha20-Poly1305 Authenticated Encryption with
+Associated Data (AEAD) algorithm specified by IETF RFC 8439[^RFC8439], which in
+turn is used by [TLS](https://datatracker.ietf.org/doc/html/rfc7905),
+[OpenSSH](http://bxr.su/OpenBSD/usr.bin/ssh/PROTOCOL.chacha20poly1305),
+[Wireguard](https://www.wireguard.com/protocol/), and more.
+
+ChaCha makes it easy to seek to any given portion of the keystream, which allows
+extremely efficient parallel computation on CPU and GPU. It can also be computed
+in constant time very efficiently in software, whereas comparable symmetric
+ciphers (e.g. AES-CTR) require hardware support to achieve the same performance.
+
+[^Bernstein08]:
+    "ChaCha, a variant of Salsa20":
+    [https://cr.yp.to/chacha/chacha-20080128.pdf](https://cr.yp.to/chacha/chacha-20080128.pdf)
+
+[^LWN16]:
+    "Replacing /dev/urandom":
+    [https://lwn.net/Articles/686033/](https://lwn.net/Articles/686033/)
+
+[^RFC8439]:
+    [IETF RFC 8439](https://datatracker.ietf.org/doc/html/rfc8439)
+
+## Warnings and disclaimers
+
+### Security
+
+ChaCha is not by itself sufficient to keep your data secure. In particular, it
+doesn't provide any guarantees of data integrity or authenticity, and the
+ciphertexts it produces are
+[malleable](https://en.wikipedia.org/wiki/Malleability_%28cryptography%29_).
+
+Most likely, if you are looking for an algorithm to encrypt your data, you'll
+want an [AEAD algorithm](https://en.wikipedia.org/wiki/Authenticated_encryption)
+such as [ChaCha20-Poly1305](https://datatracker.ietf.org/doc/html/rfc8439) or
+[AES-GCM](https://datatracker.ietf.org/doc/html/rfc8452).
+
+This package has not received a formal security analysis from an external party.
+Please use with caution.
+
+### Alternatives
+
+If you don't strictly need a cryptographically secure random number generator,
+you should consider using [Julia's built-in
+RNG](https://docs.julialang.org/en/v1/stdlib/Random/), which as of v1.7 uses
+[Xoshiro256++](https://prng.di.unimi.it/) and can easily beat ChaCha by an order
+of magnitude or more in speed.
+
+Alternatively, if you need a CRNG but don't care about reproducibility, you may
+wish to consider using
+[`RandomDevice`](https://docs.julialang.org/en/v1/stdlib/Random/#Random.RandomDevice)
+from Julia's standard library, which pulls from the operating system's random
+stream. In practice however [`ChaChaStream`](@ref) may be much faster than using
+`RandomDevice`.

test/Manifest.toml

@@ -3,6 +3,11 @@
 julia_version = "1.7.2"
 manifest_format = "2.0"
 
+[[deps.ANSIColoredPrinters]]
+git-tree-sha1 = "574baf8110975760d391c710b6341da1afa48d8c"
+uuid = "a4c015fc-c6ff-483c-b24f-f7ea428134e9"
+version = "0.0.1"
+
 [[deps.AbstractFFTs]]
 deps = ["ChainRulesCore", "LinearAlgebra"]
 git-tree-sha1 = "6f1d9bc1c08f9f4a8fa92e3ea3cb50153a1b40d4"
@@ -87,6 +92,12 @@ git-tree-sha1 = "b19534d1895d702889b219c382a6e18010797f0b"
 uuid = "ffbed154-4ef7-542d-bbb7-c09d3a79fcae"
 version = "0.8.6"
 
+[[deps.Documenter]]
+deps = ["ANSIColoredPrinters", "Base64", "Dates", "DocStringExtensions", "IOCapture", "InteractiveUtils", "JSON", "LibGit2", "Logging", "Markdown", "REPL", "Test", "Unicode"]
+git-tree-sha1 = "122d031e8dcb2d3e767ed434bc4d1ae1788b5a7f"
+uuid = "e30172f5-a6a5-5a46-863b-614d45cd2de4"
+version = "0.27.17"
+
 [[deps.Downloads]]
 deps = ["ArgTools", "LibCURL", "NetworkOptions"]
 uuid = "f43a241f-c20a-4ad4-852c-f6b1247861c6"
@@ -108,6 +119,12 @@ git-tree-sha1 = "556190e1e0ea3e37d83059fc9aa576f1e2104375"
 uuid = "61eb1bfa-7361-4325-ad38-22787b887f55"
 version = "0.14.1"
 
+[[deps.IOCapture]]
+deps = ["Logging", "Random"]
+git-tree-sha1 = "f7be53659ab06ddc986428d3a9dcc95f6fa6705a"
+uuid = "b5f81e59-6552-4d32-b1f0-c071b021bf89"
+version = "0.2.2"
+
 [[deps.InteractiveUtils]]
 deps = ["Markdown"]
 uuid = "b77e0a4c-d291-57a0-90e8-8db25a27a240"

test/Project.toml

@@ -1,6 +1,7 @@
 [deps]
 BenchmarkTools = "6e4b80f9-dd63-53aa-95a3-0cdb28fa8baf"
 CUDA = "052768ef-5323-5732-b1bb-66c8b64840ba"
+Documenter = "e30172f5-a6a5-5a46-863b-614d45cd2de4"
 Random = "9a3f8284-a2c9-5f02-9a11-845980a1fd5c"
 StaticArrays = "90137ffa-7385-5640-81b9-e52037218182"
 Statistics = "10745b16-79ce-11e8-11f9-7d13ad32a3b2"

test/runtests.jl

@@ -1,3 +1,9 @@
+using ChaChaCiphers, Documenter, Test
+
 include("test_core.jl")
 include("test_chacha.jl")
 include("test_keystream.jl")
+
+@testset "Package doctests" begin
+    doctest(ChaChaCiphers; manual=false)
+end