Closed swcurran closed 2 years ago
Andrew -- what we talked about the other day, but with the some additional information needed.
aries-askar
(from the new branch) does not depend on Ursa. It does make use of several other cryptography-related Rust crates, some of these are also dependencies of Ursa:
aead
aes-gcm
argon2
blake2
bls12_381
chacha20
chacha20poly1305
crypto_box
curve25519-dalek
ed25519-dalek
digest
group
hmac
k256
p256
rand
sha2
x25519-dalek
zeroize
indy_credx
(indy-shared-rs) uses CL signature generation and verification. This includes everything under ursa::cl
, as well as crate::ursa::bn::BigNumber
. In practice the cl_native
flag is used so this is a wrapper around OpenSSL's bignum support.
indy_vdr
uses BLS aggregated public key verification (no signing):
use ursa::bls::{Bls, Generator, MultiSignature, VerKey};
It imports sha3, but that's just a re-export from ursa:
use ursa::hash::sha3;
It also uses Ed25519 signature verification via indy_utils
(indy-shared-rs):
use ursa::signatures::{ed25519::Ed25519Sha512, SignatureScheme};
indy-sdk
uses various parts of Ursa, is that already being checked?
Would it take long to do the indy-sdk? I don't have anyone doing that right now. But if this is a lot for you, I can find someone else. If it will be quick for you, please do.
It looks like indy-sdk
uses mostly the same parts:
ursa::cl
along with ursa::bn::BigNumber
(OpenSSL), to implement Anoncreds.ursa::bls::{Bls, Generator, MultiSignature, VerKey}
to verify transaction state proofs
bls::SignKey
to create a signature, but only in tests.ursa::keys::PublicKey
and ursa::signatures::ed25519::Ed25519Sha512
but only in one test. Otherwise it uses libsodium/sodiumoxide to handle the ed25519 key operations.indy-node
via indy-plenum
also depends on the Ursa BLS support, signing and verification of multi-signatures.
Excellent -- thanks, Andrew.
ACA-Py now also depends on the ursa_bbs_signatures
pip package which depends on the bbs
crate (which comes from ursa)
Please provide for aries-askar and ACA-Py:
Probably best to have the pointers to the code go to a commit, so that they stay stable.
This data will be used as input into an assessment of the cryptography of Ursa, ACA-Py and aries-askar.