urbit/pkg/urcrypt
2020-10-12 11:58:09 -07:00
..
argon2 use convenience libraries for independent cflags etc 2020-10-05 08:24:27 -07:00
build-aux/m4 mid-autoconfiscation of urcrypt 2020-10-03 15:15:14 -07:00
ed25519 Merge commit '9ccdead8d8cdd30d2229bd11ed8d4a40861b4c96' as 'pkg/urcrypt/ed25519' 2020-10-02 15:41:21 -07:00
ge-additions obliterate ge-additions package, move to urcrypt 2020-10-02 09:08:56 -07:00
scrypt Merge commit 'a06fc1416581772e8eddfa20001d131dea5bed64' as 'pkg/urcrypt/scrypt' 2020-10-10 13:23:46 -07:00
urcrypt add a versioning scheme to urcrypt 2020-10-12 11:58:09 -07:00
autogen.sh add autogen.sh 2020-10-05 11:01:22 -07:00
configure.ac add a versioning scheme to urcrypt 2020-10-12 11:58:09 -07:00
liburcrypt.pc.in pkg-config support for urcrypt, update urbit build 2020-10-09 13:40:31 -07:00
Makefile.am add a versioning scheme to urcrypt 2020-10-12 11:58:09 -07:00
README.md require shared ssl when building a shared urcrypt 2020-10-06 14:23:22 -07:00

What is urcrypt?

urcrypt is a library of cryptography routines used by urbit jets.

Why is urcrypt?

Urbit's C runtime (long the only urbit runtime) has accumulated a collection of cryptography dependencies, some with custom additions or patches. These libraries have different conventions and have been managed by u3 in an ad-hoc manner. Reproducing that arrangement in other runtimes is tricky and error-prone. The (sometimes inconsistent) logic must be reproduced and suitable cryptography primitives must be found (or worse, written) for the new environment.

To ease these burdens, urcrypt isolates the quirks behind a consistent calling convention. Everything is a little-endian byte array, and each jetted operation has a corresponding function in the library. Jets simply unpack their nouns, call urcrypt, and pack the results.

What is a cryptography routine?

This is more of a subjective question than it might appear. Any of the following conditions are sufficient, but not necessary, for a function to be included in urcrypt:

  • The routine is sensitive to side-channel attacks (encryption, etc)
  • Some property of the routine is cryptographically useful (SHA, RIPE, etc)
  • The routine typically lives in a crypto library, for whatever reason.

A word on OpenSSL

Urcrypt depends on OpenSSL's libcrypto, which has global state. In order to avoid dealing with this state, urcrypt refuses to build with an internal libcrypto. Either build statically (pass --disable-shared to ./configure) or provide a shared libcrypto for urcrypt to link against. It is the library user's responsibility to initialize openssl, set custom memory functions, etc.