Fast cryptographic networking for Haskell
NaCl (pronounced "salt") is a safe, high-speed, easy to use cryptographic library by none other than djb; the project was initiated by CACE. From their own homepage:
NaCl (pronounced "salt") is a new easy-to-use high-speed software library for network communication, encryption, decryption, signatures, etc. NaCl's goal is to provide all of the core operations needed to build higher-level cryptographic tools.
Of course, other libraries already exist for these core operations. NaCl advances the state of the art by improving security, by improving usability, and by improving speed.
This package aims to provide a complete, type-safe, and efficient Haskell binding that's just as easy to use.
Check out the features page to learn more about the design.
Want to learn how NaCl really stacks up to the crypto-competition? Check out the authors' paper, "The security impact of a new cryptographic library" (PDF.)
In the future, there are plans to provide a complete CurveCP implementation as well, built on top of this basic work. It's also eventually planned to include the NaCl reference source code with the package itself, for easier distribution and testing, but at the moment you must build the optimized library (see 'Install' below.)
Unix-ish OSs only (that's all NaCl supports.)
Currently tested on:
Almost all the code is Haskell-2010 compliant, and should be relatively portable. There are no direct dependencies outside of the libraries that ship with GHC.
Just build in one step with cabal install
!
$ cabal update && cabal install salt
This will build the source code for NaCl - included in the source - and
install it under a directory under $HOME/.haskell.salt
. This process
will take quite a while the first time, and will only be necessary when the
underlying NaCl version changes. Don't remove this directory!
This step is needed because NaCl has a build process that benchmarks many implementations of itself and selects the fastest primitives. Many optimized implementations are raw machine-generated assembly code.
Currently, you must build by linking against the optimized versions of the various encryption routines. The slower, reference versions of the encryption routines written in C are not available for usage at this time. Future work will hopefully alleviate this issue, making the library more portable for some, at the expense of a lot of speed.
Dynamic linking (GHC's -dynamic
) is currently
unsupported at the moment, as the CPU-optimized NaCl assembly code is
provided in a non-relocatable form, and thus totally unsuitable for
shared libraries. There is nothing I can do about this that will still
preserve the high-speed CPU-optimized versions, short of hacking on NaCl
itself. This will be possible to support using the slower, reference
implementations written in C, however.
Be sure to check out the examples
folder on GitHub:
https://github.com/thoughtpolice/salt/tree/master/examples
File bugs in the GitHub issue tracker.
Master git repository:
There's also a BitBucket mirror:
MIT. See LICENSE.txt for terms of copyright and redistribution.
You can submit an issue at the GitHub repository here.
Other inquiries can be sent to me via email.