Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/urbit/urcrypt

Last synced: about 2 months ago
JSON representation

Host: GitHub
URL: https://github.com/urbit/urcrypt
Owner: urbit
License: mit
Created: 2023-09-25T20:16:02.000Z (12 months ago)
Default Branch: master
Last Pushed: 2024-05-21T04:13:36.000Z (4 months ago)
Last Synced: 2024-07-05T14:47:54.168Z (3 months ago)
Language: Assembly
Size: 1.82 MB
Stars: 1
Watchers: 8
Forks: 1
Open Issues: 8
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: .github/CODEOWNERS

Awesome Lists containing this project

awesome-urbit - urcrypt

README

        What is urcrypt?

----------------

urcrypt is a library of cryptography routines used by urbit jets.

Why is urcrypt?

---------------

Urbit's C runtime (long the only urbit runtime) has accumulated a collection of

cryptography dependencies, some with custom additions or patches. These

libraries have different conventions and have been managed by u3 in an ad-hoc

manner. Reproducing that arrangement in other runtimes is tricky and

error-prone. The (sometimes inconsistent) logic must be reproduced and suitable

cryptography primitives must be found (or worse, written) for the new

environment.

To ease these burdens, urcrypt isolates the quirks behind a consistent calling

convention. Everything is a little-endian byte array, and each jetted operation

has a corresponding function in the library. Jets simply unpack their nouns,

call urcrypt, and pack the results.

What is a cryptography routine?

-------------------------------

This is more of a subjective question than it might appear. Any of the following

conditions are sufficient, but not necessary, for a function to be included in

urcrypt:

  * The routine is sensitive to side-channel attacks (encryption, etc)

  * Some property of the routine is cryptographically useful (SHA, RIPE, etc)

  * The routine typically lives in a crypto library, for whatever reason.

A word on OpenSSL

-----------------

Urcrypt depends on OpenSSL's libcrypto, which has global state. In order

to avoid dealing with this state, urcrypt refuses to build with an internal

libcrypto. Either build statically (pass `--disable-shared` to `./configure`)

or provide a shared libcrypto for urcrypt to link against. It is the library

user's responsibility to initialize openssl, set custom memory functions, etc.

Installation

------------

Note that, in addition to standard `autotools` packages, `urcrypt` requires

`autoconf-archive` in order to use a macro it provides.