urbit/pkg/urcrypt
2020-10-03 17:01:56 -07:00
..
argon2 more autoconfiscation 2020-10-03 17:01:56 -07:00
build-aux/m4 mid-autoconfiscation of urcrypt 2020-10-03 15:15:14 -07:00
ed25519 Merge commit '9ccdead8d8cdd30d2229bd11ed8d4a40861b4c96' as 'pkg/urcrypt/ed25519' 2020-10-02 15:41:21 -07:00
ge-additions obliterate ge-additions package, move to urcrypt 2020-10-02 09:08:56 -07:00
.gitignore more autoconfiscation 2020-10-03 17:01:56 -07:00
configure.ac more autoconfiscation 2020-10-03 17:01:56 -07:00
Makefile.am more autoconfiscation 2020-10-03 17:01:56 -07:00
Makefile.old mid-autoconfiscation of urcrypt 2020-10-03 15:15:14 -07:00
README.md stops trying to hide pointer shapes, cleans up secp api, updates secp dependency 2020-09-29 11:39:43 -07:00
shell.nix mid-autoconfiscation of urcrypt 2020-10-03 15:15:14 -07:00
urcrypt.c mid-autoconfiscation of urcrypt 2020-10-03 15:15:14 -07:00
urcrypt.h compiles and starts 2020-09-30 10:14:22 -07:00

What is urcrypt?

urcrypt is a library of cryptography routines used by urbit jets.

Why is urcrypt?

Urbit's C runtime (long the only urbit runtime) has accumulated a collection of cryptography dependencies, some with custom additions or patches. These libraries have different conventions and have been managed by u3 in an ad-hoc manner. Reproducing that arrangement in other runtimes is tricky and error-prone. The (sometimes inconsistent) logic must be reproduced and suitable cryptography primitives must be found (or worse, written) for the new environment.

To ease these burdens, urcrypt isolates the quirks behind a consistent calling convention. Everything is a little-endian byte array, and each jetted operation has a corresponding function in the library. Jets simply unpack their nouns, call urcrypt, and pack the results.

What is a cryptography routine?

This is more of a subjective question than it might appear. Any of the following conditions are sufficient, but not necessary, for a function to be included in urcrypt:

  • The routine is sensitive to side-channel attacks (encryption, etc)
  • Some property of the routine is cryptographically useful (SHA, RIPE, etc)
  • The routine typically lives in a crypto library, for whatever reason.

Shared or static?

Urcrypt has a number of dependencies, and there is something of a matrix of combinations of static and shared versions of those dependencies. To keep things simple, two modes are currently supported:

  • A static library archive (urcrypt.a)
  • A shared object with internal, statically linked dependencies (urcrypt.{so, dll, dylib, etc})

pkg-config can be used in the normal way to obtain the link parameters.

A word on OpenSSL

Urcrypt depends on OpenSSL's libcrypto, which has custom malloc functions. Urcrypt tries to avoid dealing with global/static state, and mostly succeeds, but users who need to control memory management will want to use CRYPTO_set_mem_functions from OpenSSL. This is no problem for a statically linked urcrypt, but the shared object doesn't expose that symbol to users. urcrypt_set_openssl_mem_functions is a trivial wrapper that is exposed, and can be used to configure shared urcrypt's internal libcrypto malloc. The function always fails in statically linked urcrypt.