tweetnacl-android: version 1.00.0
TweetNaCl - Android NDK port
tweetnacl-android is a port of Dan Bernstein's TweetNaCl "crypto library in a 100 tweets" code to the Android NDK.
The simplest way to use the tweetnacl-android library is to clone the project into your workspace and reference the TweetNaCl project in the native-lib directory as an Android library project.
Alternatively, copy the libs and src directories to your own project.
To rebuild the native library:
- create an entry for ndk.dir in the local.properties file in the native-lib project that points to your installation of the Android NDK
- execute the 'clean' and 'build' targets in the build.xml Ant script
Alternatively invoke the Android NDK ndk-build script from the jni directory in the native-lib project
To build the 'benchmark' project:
- update the Android section of the project properties so that the android-support-v7-appcompat library project references the Android SDK extras/android/support/v7/appcompat project (or a copy thereof)
- for some (infinitely bizarre) reason you will probably have to update the v4 support library in both projects
- for the same (infinitely bizarre) reason you will quite probably have to restart Eclipse/ADT after updating the v4 support library to get the project to build cleanly
The 'test' project manifest references the 'benchmark' project and should build correctly once the 'benchmark' project builds cleanly.
The JNI wrapper has been kept as 'thin' as possible to avoid compromising the careful design and coding of the original TweetNaCl implementation. However, cryptography being what it is, the wrapper may have (entirely inadvertently) introduced non-obvious vulnerabilities (for instance How to zero a buffer). So ....
USE ENTIRELY AT YOUR OWN RISK !
- There is a barely measureable (5%) but seemingly consistent performance improvement using GetByteArrayElements rather than GetByteArrayRegion.
- And pre-emptive apologies are probably in order for the fairly bleak spy-vs-spy themed benchmark app.
- tweetnacl/z: optional implementation with external buffer management
- See if ByteBuffer perform better for transferring data to/from native lib.
- (Cryptol ?)
- TweetNaCl: A crypto library in 100 tweets
- Cryptography in NaCl
- TweetNaCl: How cr.yp.to’s developers got carried away by the carry bit
- NaCl: Cryptography for the Internet
- On NaCl: Undefined Behaviour
- Safe, Efficient, and Portable Rotate in C/C++
- StackOveflow:Is there a replacement for /dev/random on Android JNI
- Issue 42265:Android empties the entropy pool, resulting in blocking, user perceived lag/poor performance
- Android Developer's Blog:Some SecureRandom Thoughts
- How to zero a buffer
- Zeroing buffers is insufficient
- How to zero a buffer: Erratum