The overall goal of this PR is to remove the dependency on zarith (and thus gmplib) from nocrypto. To achieve this goal, the separate opam package nocrypto-asymmetric was introduced. nocrypto does no longer depend on zarith. This reduces the binary size of conventional fortuna-PRNG MirageOS unikernels that don't use asymmetric cryptography by 700kB (3.5MB instead of 4.2MB, tested with mirage-skeleton's device-usage/prng and some of my DNS servers and resolvers -- which use a decent PRNG, and some hash/hmac functions for authentication).
technical notes:
nocrypto-asymmetric is in the asymmetric subdirectory
tests have been split off into test{lib|runner}_asymmetric
I removed the usage of pack because my ocamlbuild skills are not good enough to do these changes with packed libraries (I always encountered ... and ... are making incompatible assumptions over nocrypto when linking the final product that uses both nocrypto and nocrypto-asymmetric)
topkg lint fails (it fails since ppx_sexp_conv introduced runtime dependencies, which leads to ocamlbuild rules that produce a META from META.in by optionally including the sexp runtime library as dependency
the Numeric module is retained in Nocrypto (it is used by GCM), but the Numeric.S with type t = Z.t is part of nocrypto-asymmetric
the Rng.Z module moved to nocrypto-asymmetric
travis was updated to include some nocrypto and some nocrypto-asymmetric tests
the implicit fallthrough, I tested the fixes on both GNU/Linux (with gcc Debian 8.2.0-14) and FreeBSD (with clang version 7.0.1)
some reverse dependencies are already ported to this new package layout (e.g. x509, tls)
I'd appreciate feedback, and hopefully getting this merged soon and a new release of nocrypto (0.5.4 has been around for two years now) before the end of this month.
The overall goal of this PR is to remove the dependency on zarith (and thus gmplib) from nocrypto. To achieve this goal, the separate opam package
nocrypto-asymmetricwas introduced.nocryptodoes no longer depend onzarith. This reduces the binary size of conventional fortuna-PRNG MirageOS unikernels that don't use asymmetric cryptography by 700kB (3.5MB instead of 4.2MB, tested with mirage-skeleton's device-usage/prng and some of my DNS servers and resolvers -- which use a decent PRNG, and some hash/hmac functions for authentication).technical notes:
packbecause my ocamlbuild skills are not good enough to do these changes with packed libraries (I always encountered... and ... are making incompatible assumptions over nocryptowhen linking the final product that uses both nocrypto and nocrypto-asymmetric)topkg lintfails (it fails since ppx_sexp_conv introduced runtime dependencies, which leads to ocamlbuild rules that produce a META from META.in by optionally including the sexp runtime library as dependencysome reverse dependencies are already ported to this new package layout (e.g. x509, tls)
I'd appreciate feedback, and hopefully getting this merged soon and a new release of nocrypto (0.5.4 has been around for two years now) before the end of this month.