https://github.com/google/mundane/blob/master/DESIGN.md
In particular, their use of the type system to expose opaque types that only allow meaningful operations on them is something that I've seen used to great effect in other statically typed languages, like Haskell.
"If an error requires particularly subtle error-handling, prefer panicking or aborting the process. When cryptographic operations fail in a way that would require reporting an error to the user (in other words, there's no valid non-error interpretation like in the case of signature verification), and handling that failure is particularly error-prone, it may be justified to make the function's API infallible, and instead panic or abort the process on error. BoringSSL famously does this when failing to read randomness (e.g., from /dev/urandom), as this has historically been a source of vulnerabilities."
It is almost never okay for a library to abort the process. The only exception I can think of is when discovering e.g. memory corruption or other UB, or when continuing would result in the above.
Using Joe Duffy's distinction [1], bugs aren't recoverable errors. Error handling admits the necessity of error recovery, but you generally don't have such a fine-grained policy for bugs. A dual-use of exceptions as a means to signal bug conditions is unfortunate, and I believe Mundane's policy is clearly following this distinction.
Also, panicking in Rust can be caught in the same thread [2]. So it is actually much more flexible than process abort---if you need a general, umbrella protection against bugs, here you have a way.
[1] http://joeduffyblog.com/2016/02/07/the-error-model/
[2] https://doc.rust-lang.org/stable/std/panic/fn.catch_unwind.h...
For a library with a design principle to be as hard to misuse as possible it seems like the right decision, and the "exception to the rule".
Infinitely better to crash than to potentially let the process/library run in some kind of degraded state.
If you are aware of this behaviour and are savvy/experiences enough you'll either 1) Catch the panic and perform an appropriate library 2) Use a different library.
The base Rust experience is so nice that it ends up spoiling you :).
Day-to-day ring development happens on Windows and it was designed to "just work" on Windows (as well as Linux, macOS, Android, iOS, and other supported target operating systems). We did a huge amount of work to make the build system fully automatic to enable this, and we have a pretty extensive CI mechanism to make sure everything "just works" as much as we can.
As for WebAssembly, I'm looking forward to something like https://pdfs.semanticscholar.org/3887/6d86e5e7851181efc9ed3b....
However, you should probably use the WebCrypto API in a web app if at all possible, instead of a wasm crypto library. Unfortunately the WebCrypto API is 100% asynchronous whereas almost every other crypto API is 100% synchronous so that's easier said than done. Really browsers should add a synchronous WebCrypto API; then crypto libraries can transparently delegate to it when targetting wasm.
Yes definitely. Crypto libs are so critical that building on something like BoringSSL is still good win. There were attempts made to build pure rust crypto libs, some of them are not maintained and some are a bit granular. I think pure rust lib similar to BoringSSL is going to be quite an effort
- CMake 2.8.11 or later
- Perl 5.6.1 or later.
- Either Make or Ninja.
- A C compiler
- Go 1.11 or later
- To build the x86 and x86_64 assembly, your assembler must support AVX2 instructions and MOVBE.
It's time for a pure Rust replacement for OpenSSL. This is a shim to call a Google fork of OpenSSL.
IIRC most notable the ASM files are generated via Perl.
Update: Here is a link to some Perl BoringSSL stuff: https://boringssl.googlesource.com/boringssl/+/master/crypto...
