[zeromq-dev] Defaulting to tweetnacl?

frank soundart at gmx.net
Mon Mar 7 11:07:41 CET 2016


Hi Peter,

I have now edit rights(frankzmq), but page creation is denied (only
admin and selected...message).

If you could add two sub-pages:

- Cross-Compiling-For-PowerPC
- Notes-On-Building-With-Encryption

or similar, this would get me started.
First one is for cleanup, second one is for this topic

kind regards
  Frank


On 03/07/2016 10:02 AM, Pieter Hintjens wrote:
> This looks great. See if you can create a page on the wiki... I'm not
> sure whether you get edit rights immediately.
>
> On Mon, Mar 7, 2016 at 10:18 AM, frank <soundart at gmx.net> wrote:
>>
>> On 03/02/2016 04:57 PM, frank wrote:
>>> Hi,
>>>
>>> :)
>>>
>>> I could try/start at least, could you point me to a good place in the wiki?
>>> This place http://zeromq.org/build:_start looks promising?
>>>
>> Hi,
>>
>> I have now done a first attempt.
>> Hopefully this is not too long and helps.
>>
>> kind regards
>>   Frank
>>
>>
>> ---------------------------------------------------------------------------------------
>> # Overview
>>
>> The ZeroMQ library uses a slightly modified CURVE protocoll in order
>> to secure your messages against manipulation and eaves-dropping.
>>
>> See https://curvecp.org/ and http://hintjens.com/blog:48 for detailed
>> background.
>>
>> # Building ZeroMQ with encryption support
>>
>> The code in ZeroMQ implementing the CURVE protocol utilizes crypto
>> primitives from the NaCL library, see https://nacl.cr.yp.to/ for
>> detailed background.
>>
>> However ZeroMQ does not use NaCL itself currently. The reason for this
>> is that the build system of NaCL assumes that the machine building the
>> code will be the machine running the code. NaCL targets for maximal
>> performance at the cost of portability of the binary code.
>>
>> Luckily there exist two libraries providing an API compatible to
>> NaCL(at least for the subset ZeroMQ uses):
>>
>> - libsodium: see https://libsodium.org/ by Frank Denis(and others)
>> - tweetnacl: see https://tweetnacl.cr.yp.to/ by the authors of NaCL:
>>   DJB, Lange, Schwab(and others)
>>
>> ZeroMQ supports building with each of these two libraries. By
>> default(*) it will uses tweetnacl, a copy of the required sources is
>> embedded in the git repo.
>>
>> (*) this might currently not be true for all build systems, but this
>> behaviour is the intention.  Please submit PRs and pull requests for
>> the non-behaving ones.
>>
>> If you enable libsodium the embedded files will not be used and
>> instead the resulting library of ZeroMQ will be linked against
>> the shared libsodium library.
>>
>> ## Choosing between libsodium and tweetnacl
>>
>> So now you have the choice between two implementation, here is a
>> recommendation how to choose, based on a single critria:
>>
>> If you plan to distribute your code in binary form: Use libsodium.
>>
>> Motivation: It is easier to provide security updates if the security
>> library is separated from other libraries.
>>
>> The embedded copy of tweetnacl is provided in order to support for
>> minimum hassle prototyping and to provide security by default if you
>> build from source.
>>
>> ## howto enable building with libsodium
>>
>> ### autoconf
>>
>> - add the --with-libsodium switch to the configure script
>>
>> ### cmake
>>
>> - add the -DWITH_LIBSODIUM=ON switch to the cmake call.
>>
>> ### builds/msvc/configure.bat
>>
>> Place libsodium at this location ..\..\..\libsodium and run
>> configure.bat
>>
>> ### others
>>
>> ...
>>
>>
>>
>> _______________________________________________
>> zeromq-dev mailing list
>> zeromq-dev at lists.zeromq.org
>> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev




More information about the zeromq-dev mailing list