[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Fwd: Cryptokit port to Numerix

I am forwarding to this list the first email I sent to Sven about Cryptokit 
and Numerix packages, which in turn contains the email I sent Xavier 
requesting his review of my work on Cryptokit.  The more eyes the merrier, 
especially on crypto code.  I would particularly like Sylvain's review, since 
he is already familiar with the Cryptokit code.

You can find my current packaging work at http://www-static.sane.net/ 
(.dsc, .diff.gz, and .orig.tar.gz files) as well as cryptokit.ml by itself.  
The files are not currently signed, as I plan to do this right and generate a 
fresh primary key on a permanently non-networked machine before seeking key 
signatures, etc.  Real candidates for upload will be signed.

Thanks in advance,
- Michael
--- Begin Message ---
Sven -

Fabio suggested that I contact you for help with packaging the Numerix and 
Cryptokit OCaml libraries.  (He and Peter are packaging the SKS OpenPGP 
keyserver, which uses these libraries, and I wound up packaging the libraries 
in the course of getting an SKS instance up.)  I have attached the e-mail I 
sent to Xavier Leroy (the Cryptokit upstream) offering him my changes to 
Cryptokit to replace its use of the non-free Nat bignum library with Numerix.

Preliminary numerix and cryptokit source packages are on http://
www-static.sane.net/.  I originally cribbed debian/rules, etc. from extlib, 
but am now rewriting them based on your pcre-ocaml source package.  (It seems 
best to use ocaml-findlibs, and hopefully the weirdness I am having with 
bytecode compilation of the ported cryptokit will go away.)  Up until a 
couple of days ago I had never used OCaml, so I could definitely use 
packaging pointers.

IANADD, so I will also need an upload sponsor if these packages are to go into 
the archive.  Peter and Fabio have both expressed willingness, but Fabio 
thought it would be good to have a sponsor who uses OCaml.  I would 
appreciate it very much if you would consider sponsoring.  (My changes to 
Cryptokit will obviously need some review before they are uploaded; the 
upstream cryptokit can't go into main because it depends on non-free parts 
that have been removed from ocaml, and it would be nice if cryptokit and sks 
made it into sarge main.)

Thanks in advance,
- Michael
--- Begin Message ---
M. Leroy -

I have been experimenting recently with the SKS OpenPGP keyserver, which uses 
both Cryptokit and the Numerix bignum library.  In light of recent licensing 
issues with the Nat bignum library bundled into the OCaml distribution, I 
decided to port Cryptokit's implementation of RSA and Diffie-Hellman 
algorithms to Numerix.  Feel free to merge the revised version back into your 
package.  It may currently be found at http://www-static.sane.net/

I have also built Numerix and Cryptokit packages for Debian GNU/Linux, which 
are likely to be incorporated into the next stable release along with an SKS 
package that uses them.  Candidate packages are on the same server, and I 
have copied my prospective upload sponsor (Peter Palfrader, 
weasel@debian.org) on this e-mail.

The only change required to the Cryptokit makefile is to replace nums.
{cma,cmxa} with numerix.{cma,cmxa}.  I have had some problems with bytecodes 
built this way ("unknown C primitive `unix_dup'"), perhaps related to a bug 
in the Debian ocaml packaging; however, building optimized binaries for both 
test and speedtest results in clean test runs.  The Numerix.Slong 
implementation performs RSA operations 10-30% faster than the original on my 
Pentium IV.  (As in the original, intermediate results are systematically 
wiped rather than allowing them to be garbage collected while still 
containing data.)

Thanks for writing Cryptokit, and I hope you will approve of my derivative 
work.  Comments and critiques are welcome; I am new to OCaml, so my style is 
probably poor (although "wiping" considerations force some deviations from 
functional style anyway).

- Michael

--- End Message ---

--- End Message ---

Reply to: