The cryptl template library evolved out of snarkfront, a domain specific language for zero knowledge proofs. In snarkfront, cryptographic algorithms appear in two contexts: unmanaged and managed.
The first context, unmanaged, is immediate evaluation. This is the usual sense of application code. Algorithms "eagerly" calculate an answer.
The second context, managed, is "lazy" for domain specific languages. This is the usual way a dynamic language works. Algorithms build up structures for deferred evaluation by a runtime.
I am not aware of other cryptographic libraries that address this situation. That is, templated implementations parameterized in such a way to be used for both unmanaged and managed code. It is not a typical applications programming use case.
Another motivation were growing dependencies between other projects and these templates. It made sense to package them together as a distinct library to avoid duplication.
[TOC]
- FIPS PUB 180-4: SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256
- FIPS PUB 197: AES-128, AES-192, AES-256
- Ed25519: keypair, sign, open
There is nothing to build in the library itself. It is entirely C++ templates. Applications only need to include the header files.
To install the library:
$ make install PREFIX=/usr/local
The header files are copied to directory $(PREFIX)/include/cryptl .
Download the example AES Known Answer Test (KAT) Vectors from NIST:
$ mkdir AESAVS_testdata
$ cd AESAVS_testdata
$ wget http://csrc.nist.gov/groups/STM/cavp/documents/aes/KAT_AES.zip
$ unzip KAT_AES.zip
$ cd ..
Build the AESAVS binary:
$ make AESAVS
Run the validation tests:
$ ./AESAVS.sh AESAVS_testdata
Download the example Test Vectors for Hashing Byte-Oriented Messages from NIST:
$ mkdir SHAVS_testdata
$ cd SHAVS_testdata
$ wget http://csrc.nist.gov/groups/STM/cavp/documents/shs/shabytetestvectors.zip
$ unzip shabytetestvectors.zip
$ cd ..
Build the SHAVS binary:
$ make SHAVS
Run the validation tests:
$ ./SHAVS.sh SHAVS_testdata
Ed25519 test vectors
Download the test vectors:
$ wget http://ed25519.cr.yp.to/python/sign.input
Build the ED25519_test binary:
$ make ED25519_test
Run the validation tests:
$ ./ED25519_test.sh sign.input