[ANN] elliptic curves - maintainable and verified (full stack, from primitives to TLS)

hannes · April 23, 2021, 1:41pm

Dear friends,

over the last month I worked on upgrading the cryptography stack for OCaml and MirageOS. I just published a blog post. Enhancments of OCaml-TLS (usenix security paper from 2015) and X.509 are in place.

The main achievement after TLS 1.3 support (since May 2020, 0.12.0) is that elliptic curve certificates are now supported. Elliptic curve cryptography uses fiat. The X509 implementation now supports PKCS 12 (used by browsers and other software (e.g. OpenVPN) to bundle certificates and private keys).

Get mirage-crypto-ec, x509 0.13.0 and tls 0.13.1 (all available in the opam-repository). Discussion and feedback appreciated.

orbitz · August 22, 2021, 11:19am

I stumbled upon the mirage-crypto work you’ve been doing this weekend while adding a new feature to a project. Thank. You. Before I was trying to use nocrypto but would have to flip to cryptokit for some things because it was a bit easier in cryptokit. With mirage-crypto I was able to entirely switch over to it and it addresses everything I need.

Thanks!

hannes · August 24, 2021, 1:09pm

great to hear that mirage-crypto is useful for your projects

Topic		Replies	Views
[ANN] mirage-crypto 0.11.3 (with more speed for elliptic curves) -- and the future roadmap of mirage-crypto Ecosystem announce , cryptography	7	300	February 28, 2024
[ANN] maintenance releease mirage-crypto Ecosystem announce , crypto , cryptography	0	278	September 19, 2023
MirageOS 4.0 Beta Release Community mirageos , announce	2	1642	February 11, 2022
Windows support for nocrypto Ecosystem esy	4	848	May 26, 2019
[ANN] MirageOS 3.9.0 released Community mirageos , announce	3	1164	November 4, 2020

[ANN] elliptic curves - maintainable and verified (full stack, from primitives to TLS)

Related Topics