Botan Cryptography Monthly Status Report #1

Monthly Status Report

This is the second* monthly report for the Botan Cryptography Project, and it is far overdue; I must apologize for the latency, and I do hope you’ll forgive me. I kept putting off writing the update in favor of coding, and suddenly its days later. :grimacing: Good thing I have plenty to talk about!

* I regret started at 0 because now it is confusing!

Where we were

In our first Monthly Status Report #0, we had just finished a month of C++ work development performing work to extend the Botan X509 FFI.

Our timeline roughly was:

Bindings library botan-bindings
Low-level library botan-low
Unit tests
Extended X509 support <- we were here
High-level library botan
Test vectors
Stream Cipher support
TLS support

Where we are

This last month has been spent on a variety of things. The largest arguably was the CAPI-experiments branch, in which:

  • botan-bindings was updated to use CApiFFI and capi
  • botan-bindings is effectively frozen, with only minor changes expected
  • botan-low was updated to use ConstPtr and the new data types and binding generators
  • botan-low is close to freezing as its interface solidifies

All of this took a few weeks, and was recently successfully merged back into main.

Then, the README was completely revamped, with greatly improved organization and build instructions all around.

Aside from that:

  • There was some additional X509 work before I decided it was endangering other deliverables
  • Pattern synonym constants and functions were added for algorithm names to avoid proliferation of magic strings
  • CI is now working for MacOS, and I’ll be spending some time getting it working for Ubuntu
  • Work on the highest-level botan has started back up
  • Botan.RNG is tentatively complete as an example
  • Documentation and tutorials are ongoing
  • crypto-schemes was moved out of the repo

The project’s github activity log is just lovely as we’ve kept our pacing:

Our stats for the end of the month are:

334 commits (297 Haskell + 37 C/C++)
187 days
15908 significant lines of code (13499 Haskell + 2409 C/C++)

Our lines of code seems like it didn’t much, but that’s to be expected. Refactoring for CApiFFI was a big focus, as was the README and CI, and none of that really affected our line count. Plus, we did a bunch of cleanup, including removing crypto-schemes from the repo - pruning code is just as important as writing it, and this last month we removed a lot of dead code. As the libraries grow stable, their line count shouldn’t change that much, so this is a healthy sign for us.

Where we are going

I’m so damn excited - with the libraries solidifying, I can finally get back to writing the high-level library and tutorials without everything breaking constantly. After all of the tedious low-level bindings, now we finally get to work on all of the fun bits!

We are on track to complete all of the necessary deliverables. The Extended X509 optional deliverable has been paused to avoid blocking. It still needs more work, and is in a good spot, and we’ll pick it back up after the core libraries are stable.

Our current timeline is roughly as follows:

Bindings library botan-bindings
Low-level library botan-low
Unit tests
Extended X509 support
High-level library botan <- we are here
Tutorials <- we need to get at least here
Test vectors
Stream Cipher support
TLS support

Documentation and tutorials are ongoing but dependent on finishing the libraries, so I’ve switch from horizontal refinement (applying changes to a widelibrary layer) to vertical refinement (applying changes to a feature / module stack). This means each day I will focus on a given feature, and ensure that it works properly, all the way from botan-bindings to botan, and that it has proper documentation and tutorials.

As I’ve continued to make progress, I keep seeing how it can be further improved. There plenty to do that’s out of scope of the current funding and objectives, but I’ve been taking notes, and have begun writing up a proposal for extending the funding of this project, once the current deliverables are met.

Follow the devlog for mor frequent updates!

Past reports

Monthly Status Report #0


This project has received funding from the Haskell Foundation.


Great work and update, thanks!

It’s not too late to renumber your updates, probably ? :slight_smile:

1 Like