Security Scol plugin
|
Crypto++ interface to TweetNaCl library (20140917) More...
Go to the source code of this file.
Macros | |
#define | CRYPTOPP_DISABLE_NACL 1 |
Crypto++ interface to TweetNaCl library (20140917)
TweetNaCl is a compact reimplementation of the NaCl library by Daniel J. Bernstein, Bernard van Gastel, Wesley Janssen, Tanja Lange, Peter Schwabe and Sjaak Smetsers. The library is less than 20 KB in size and provides 25 of the NaCl library functions.
The compact library uses curve25519, XSalsa20, Poly1305 and SHA-512 as default primitives, and includes both x25519 key exchange and ed25519 signatures. The complete list of functions can be found in TweetNaCl: A crypto library in 100 tweets (20140917), Table 1, page 5.
Crypto++ rejects small order elements using libsodium's blacklist. The TweetNaCl library allowed them but the library predated the attack. If you wish to allow small elements then use the "unchecked" versions of crypto_box_unchecked, crypto_box_open_unchecked and crypto_box_beforenm_unchecked.
TweetNaCl is well written but not well optimzed. It runs about 10x slower than optimized routines from libsodium. However, the library is still 2x to 4x faster than the algorithms NaCl was designed to replace and allows cross-checking results from an independent implementation.
The Crypto++ wrapper for TweetNaCl requires OS features. That is, NO_OS_DEPENDENCE
cannot be defined. It is due to TweetNaCl's internal function randombytes
. Crypto++ used DefaultAutoSeededRNG
within randombytes
, so OS integration must be enabled. You can use another generator like RDRAND
to avoid the restriction.
Definition in file naclite.h.