I've been trying to keep an eye on what's been brewing in the Rust crypto-world. There's a lot of parts that people have been working on that I'd really love to see brought together in a coherent manner, perhaps in the form of an (out-of-tree) common crypto library for Rust. Here are a few highlights:
- common.rs <https://github.com/seb-m/common.rs>: a cool library with a terrible name! This library implements SBufs <https://github.com/seb-m/common.rs/blob/master/src/sbuf.rs>: secure buffers with guard pages, suitable for storing keying material. I would still love to see this extended to do RAII-style memory protection that sets PROT_NONE on buffer pages when they're not in use - rust-constanttime <https://gist.github.com/lifthrasiir/56cdcf404edce0a8f256>: [ WARNING: BROKEN DO NOT USE ] a library similar to Go's crypto/subtle <http://golang.org/pkg/crypto/subtle/>: data types that try to ensure constant-time operations, unfortunately LLVM is really smart and likes to performance optimize by adding branches even when you really don't want it to. If someone knew of a way to make it actually verifiably constant time, that would be amazing. - suruga <https://github.com/klutzy/suruga>: a Rust implementation of TLS 1.2. Wouldn't it be great if a Servo-powered browser didn't have to use OpenSSL? ;) This seems like it could benefit from SBufs and rust-constanttime, if they were fully baked. Right now it does no memory protections around keying material or internal cipher state. -- Tony Arcieri
_______________________________________________ Rust-dev mailing list Rust-dev@mozilla.org https://mail.mozilla.org/listinfo/rust-dev
