[zeromq-dev] Defaulting to tweetnacl?

Pieter Hintjens ph at imatix.com
Mon Mar 7 11:30:57 CET 2016


Frank,

I've made you moderator of the site. Go ahead and make the changes you like.

On Mon, Mar 7, 2016 at 12:07 PM, frank <soundart at gmx.net> wrote:
> Hi Peter,
>
> I have now edit rights(frankzmq), but page creation is denied (only
> admin and selected...message).
>
> If you could add two sub-pages:
>
> - Cross-Compiling-For-PowerPC
> - Notes-On-Building-With-Encryption
>
> or similar, this would get me started.
> First one is for cleanup, second one is for this topic
>
> kind regards
>   Frank
>
>
> On 03/07/2016 10:02 AM, Pieter Hintjens wrote:
>> This looks great. See if you can create a page on the wiki... I'm not
>> sure whether you get edit rights immediately.
>>
>> On Mon, Mar 7, 2016 at 10:18 AM, frank <soundart at gmx.net> wrote:
>>>
>>> On 03/02/2016 04:57 PM, frank wrote:
>>>> Hi,
>>>>
>>>> :)
>>>>
>>>> I could try/start at least, could you point me to a good place in the wiki?
>>>> This place http://zeromq.org/build:_start looks promising?
>>>>
>>> Hi,
>>>
>>> I have now done a first attempt.
>>> Hopefully this is not too long and helps.
>>>
>>> kind regards
>>>   Frank
>>>
>>>
>>> ---------------------------------------------------------------------------------------
>>> # Overview
>>>
>>> The ZeroMQ library uses a slightly modified CURVE protocoll in order
>>> to secure your messages against manipulation and eaves-dropping.
>>>
>>> See https://curvecp.org/ and http://hintjens.com/blog:48 for detailed
>>> background.
>>>
>>> # Building ZeroMQ with encryption support
>>>
>>> The code in ZeroMQ implementing the CURVE protocol utilizes crypto
>>> primitives from the NaCL library, see https://nacl.cr.yp.to/ for
>>> detailed background.
>>>
>>> However ZeroMQ does not use NaCL itself currently. The reason for this
>>> is that the build system of NaCL assumes that the machine building the
>>> code will be the machine running the code. NaCL targets for maximal
>>> performance at the cost of portability of the binary code.
>>>
>>> Luckily there exist two libraries providing an API compatible to
>>> NaCL(at least for the subset ZeroMQ uses):
>>>
>>> - libsodium: see https://libsodium.org/ by Frank Denis(and others)
>>> - tweetnacl: see https://tweetnacl.cr.yp.to/ by the authors of NaCL:
>>>   DJB, Lange, Schwab(and others)
>>>
>>> ZeroMQ supports building with each of these two libraries. By
>>> default(*) it will uses tweetnacl, a copy of the required sources is
>>> embedded in the git repo.
>>>
>>> (*) this might currently not be true for all build systems, but this
>>> behaviour is the intention.  Please submit PRs and pull requests for
>>> the non-behaving ones.
>>>
>>> If you enable libsodium the embedded files will not be used and
>>> instead the resulting library of ZeroMQ will be linked against
>>> the shared libsodium library.
>>>
>>> ## Choosing between libsodium and tweetnacl
>>>
>>> So now you have the choice between two implementation, here is a
>>> recommendation how to choose, based on a single critria:
>>>
>>> If you plan to distribute your code in binary form: Use libsodium.
>>>
>>> Motivation: It is easier to provide security updates if the security
>>> library is separated from other libraries.
>>>
>>> The embedded copy of tweetnacl is provided in order to support for
>>> minimum hassle prototyping and to provide security by default if you
>>> build from source.
>>>
>>> ## howto enable building with libsodium
>>>
>>> ### autoconf
>>>
>>> - add the --with-libsodium switch to the configure script
>>>
>>> ### cmake
>>>
>>> - add the -DWITH_LIBSODIUM=ON switch to the cmake call.
>>>
>>> ### builds/msvc/configure.bat
>>>
>>> Place libsodium at this location ..\..\..\libsodium and run
>>> configure.bat
>>>
>>> ### others
>>>
>>> ...
>>>
>>>
>>>
>>> _______________________________________________
>>> zeromq-dev mailing list
>>> zeromq-dev at lists.zeromq.org
>>> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>> _______________________________________________
>> zeromq-dev mailing list
>> zeromq-dev at lists.zeromq.org
>> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev



More information about the zeromq-dev mailing list