On Sat, 7 Jun 2014, John-Mark Gurney wrote: > Hello, > > I've been doing some work recently on crypto code, and noticed that > there aren't many/any good clean implementations of performant crypto > code out there (or maybe I just don't know of them). Both OpenSSL's > and NSS's code has issues w/ portability and/or cleanliness.
There are a few places that tend to have good clean (and generally portable) implementations: http://www.literatecode.com/aes256 https://github.com/floodyberry?tab=repositories http://cr.yp.to/chacha.html One of the biggest issues is that performant code tends to counter cleanliness, since the optimisations required usually result in less readable and maintainable code. That said, it also depends on what architecture you are optimising for. > But, I prefer to reuse code so that hopefully, when one bug is found, > derivatives can be fixed. > > Is there any interest in collaberation? > > My current interest is in AES-GCM and AES-XTS. OpenBSD has AES-GCM and AES-XTS in the kernel crypto code (built around the cryptodev API) and there is also a standalone version of AES-XTS in libsa since it is used by our boot loader: http://www.openbsd.org/cgi-bin/cvsweb/src/sys/lib/libsa/aes_xts.c http://www.openbsd.org/cgi-bin/cvsweb/src/sys/lib/libsa/rijndael.c http://www.openbsd.org/cgi-bin/cvsweb/src/sys/crypto/xform.c http://www.openbsd.org/cgi-bin/cvsweb/src/sys/crypto/rijndael.c There is also the AES-NI implementations of AES-XTS and AES-GCM, for hardware has AES-NI support: http://www.openbsd.org/cgi-bin/cvsweb/src/sys/arch/amd64/amd64/aesni.c http://www.openbsd.org/cgi-bin/cvsweb/src/sys/arch/amd64/amd64/aes_intel.S Not sure if any of these align with your interests. > I'm looking at taking a version of the AES-GCM code from NSS (heavily > modified as it is unportable) for import into FreeBSD. > > Thanks. -- "Action without study is fatal. Study without action is futile." -- Mary Ritter Beard
