Provide list of ursa components used and code that calls ursa and other cryptographic libraries in preparation for an audit

[swcurran]

Please provide for aries-askar and ACA-Py:

• A list of Ursa subcomponents used in the two products.
• A list of any other cryptographic libraries called in the two products.
• A list of pointers into the code of aries-askar and ACA-Py where the components of the previous two lists are used.
  • Ideally, include a brief (one-liner) summary of what the code does, if needed.

Probably best to have the pointers to the code go to a commit, so that they stay stable.

This data will be used as input into an assessment of the cryptography of Ursa, ACA-Py and aries-askar.

[swcurran]

Andrew -- what we talked about the other day, but with the some additional information needed.

[andrewwhitehead]

aries-askar (from the new branch) does not depend on Ursa. It does make use of several other cryptography-related Rust crates, some of these are also dependencies of Ursa:

aead
aes-gcm
argon2
blake2
bls12_381
chacha20
chacha20poly1305
crypto_box
curve25519-dalek
ed25519-dalek
digest
group
hmac
k256
p256
rand
sha2
x25519-dalek
zeroize

---

indy_credx (indy-shared-rs) uses CL signature generation and verification. This includes everything under ursa::cl, as well as crate::ursa::bn::BigNumber. In practice the cl_native flag is used so this is a wrapper around OpenSSL's bignum support.

---

indy_vdr uses BLS aggregated public key verification (no signing):

use ursa::bls::{Bls, Generator, MultiSignature, VerKey};

It imports sha3, but that's just a re-export from ursa:

use ursa::hash::sha3;

It also uses Ed25519 signature verification via indy_utils (indy-shared-rs):

use ursa::signatures::{ed25519::Ed25519Sha512, SignatureScheme};

---

indy-sdk uses various parts of Ursa, is that already being checked?

[swcurran]

Would it take long to do the indy-sdk? I don't have anyone doing that right now. But if this is a lot for you, I can find someone else. If it will be quick for you, please do.

[andrewwhitehead]

It looks like indy-sdk uses mostly the same parts:

• Essentially all of ursa::cl along with ursa::bn::BigNumber (OpenSSL), to implement Anoncreds.
• ursa::bls::{Bls, Generator, MultiSignature, VerKey} to verify transaction state proofs
  • indy-sdk also uses bls::SignKey to create a signature, but only in tests.
• It uses ursa::keys::PublicKey and ursa::signatures::ed25519::Ed25519Sha512 but only in one test. Otherwise it uses libsodium/sodiumoxide to handle the ed25519 key operations.

indy-node via indy-plenum also depends on the Ursa BLS support, signing and verification of multi-signatures.

[swcurran]

Excellent -- thanks, Andrew.

[TimoGlastra]

ACA-Py now also depends on the ursa_bbs_signatures pip package which depends on the bbs crate (which comes from ursa)