Cryptographic functions for Cloud JIT

[jaredly]

Context:

For the first release of Unison Cloud JIT, we need to implement primitives for cryptographic hash functions in chez scheme.
Which ones?

• sha1
• sha2(256/512)
• sha3(256/512)
• blake2b(256/512)
• blake2s(512)

Existing implementations

Scheme

There exist pure scheme implementations of sha1 and sha2¹², and some C bindings to sha1³⁴ and sha2⁵⁶. There's a set of C bindings for OpenSSL as well⁷, which would provide all of the hashing functions we need.

Other languages

The haskell-based unison runtime is using the library cryptonite, which has the hash functions implemented in C⁸

Nodejs, on the other hand, links to openssl for its hashing functions.

Recommendation

Given the anemic nature of the scheme community, I don't think it wise to depend on a pure scheme implementation for something as critical as cryptographic hashing, unless it were to be vetted by a security expert.

This leaves us with C FFI, and I see two options:

1. link to openssl, which would give us all of the hashing we need, as well as x509 certificates & TLS stuff, which we'll need for the Cloud JIT anyway
2. copy over the C implementations from cryptonite

Option 1 has the benefit of giving us TLS support & certificates and such, but it's obviously a much bigger library to include. Give the ubiquity of openssl, it's likely to be available on any cloud infrastructure we're running.
Option 2 is much leaner, and there's something nice about having the exact same C backing the haskell runtime and the cloud jit runtime, but then we'd have to figure out something else for TLS & x509 certificates.

Footnotes

1. https://gitlab.com/weinholt/hashing has sha1 and sha2 (256/512) ↩

2. https://github.com/gambit/gambit/blob/3d38da6d0aba85fc97c7e00ab7ad9163f6f301cb/lib/_digest/_digest.scm has sha1 and sha2 (256 but not 512) ↩

3. https://code.call-cc.org/svn/chicken-eggs/release/5/sha1/trunk/ ↩

4. https://code.call-cc.org/svn/chicken-eggs/release/5/simple-sha1/trunk/ ↩

5. https://code.call-cc.org/svn/chicken-eggs/release/5/sha2/trunk/ ↩

6. https://snow-fort.org/s/gmail.com/alexshinn/chibi/crypto/sha2/0.9.0/index.html ↩

7. https://wiki.call-cc.org/eggref/5/openssl ↩

8. see cryptonite_sha3.c for sha3, for example. it also includes the reference implementation of blake2, in C. ↩

[pchiusano]

@jaredly Okay, this is great research, thanks. Let's go with binding to OpenSSL for all the things. It's obviously a very mature library and if we need to depend on it anyway for TLS, seems like may as well use it for the hashing and other primitives (I'd check that it can do HMAC as well).

We can figure out how best to package and deploy it later, but it seems doable.