I reckon https://github.com/RustCrypto is an effort in this space.

conradludgate · 2023-08-26T20:44:59

FWIW, RustCrypto is neither written in safe rust or only rust. It uses inline assembly, unsafe byte manipulation, and unsafe intrinsics

Grimburger · 2023-08-27T00:49:50

> unsafe intrinsics

You mean like AESENC which you should always be using if available?

The rust fanclub obsession with calling things like that unsafe simply because it has the same keyword in front of it is fairly ridiculous.

> inline assembly

Sometimes it's the only way to get some sort of constant time guarantees.

conradludgate · 2023-08-27T06:21:37

> You mean like AESENC which you should always be using if available?

Yes. And make it not unsafe

> Sometimes it's the only way to get some sort of constant time guarantees

I don't think you understood the article then. Brian wants the constant time guarantees as an intrinsic in the std library, guaranteed by the compiler, and exposed as safe rust.

> The rust fanclub obsession with calling things like that unsafe simply because it has the same keyword in front of it is fairly ridiculous.

If you have to use the unsafe keyword, you're creating the possibility of memory safety vulnerability. It would be amazing if you could immediately see that all code in a library does not use unsafe and know an entire class of vulnerabilities does not exist

Grimburger · 2023-09-01T11:35:00

> Yes. And make it not unsafe

That's simply not possible, all intrinsics are unsafe by definition, the rust compiler can't check them for the same guarantees.

snickerbockers · 2023-08-26T20:53:42

You're not going to get good performance any other way.

abiro · 2023-08-26T19:10:31

I thought it weird that the post didn’t mention RustCrypto. It’s legit.

baby · 2023-08-26T19:28:10

Agree. The problem with rustcrypto at the moment (or by design) is that there’s no TLS