5 releases (3 breaking)

new 0.11.3 Nov 24, 2024
0.10.2 Nov 24, 2024
0.10.0 Nov 24, 2024
0.8.0 Apr 10, 2024
0.7.0 Apr 10, 2024

#2263 in Cryptography


Used in 5 crates

MIT/Apache

35KB
803 lines

Website shields.io crates.io codecov Build docs License: MIT License: Apache 2.0 Slack Linux macOS Windows iOS Android

A post-quantum signal-like protocol that makes developing hyper-secure client-to-server and p2p applications easy

Whitepaper

The whitepaper for the Citadel Protocol can be found in the repository here. Note: this whitepaper has not been updated since July 2022. While the protocol is very similar to what is covered in the whitepaper, it has since evolved. The whitepaper will be synced to the source code in the near future.

Documentation

For examples on building applications, please check the docs

Build instructions

OpenSSL and Clang are required in order to compile the libraries. View the CI files in .github for an example of getting the code to compile on a bare machine. Alternatively, you can run the following command to setup the environment

cargo make install

Testing instructions

When running unit tests inside citadel_sdk, you must use the Makefile. The Makefile contains special flags and environmental variables set to interface with cargo test. First, install cargo make:

cargo install --force cargo-make

To run tests locally with limited setup, run:

cargo make test-local

To run a comprehensive set of tests that require a SQL and/or redis server set up (please check the description in Makefile.toml for help setting up the environment variables), run:

cargo make test

WASM (dev only WIP)

The target triple wasm32-wasi is a WIP for support. These commands should be executed in order to compile to wasm

# Allows execution of `cargo wasi test --package citadel_pqcrypto`
cargo install cargo-wasi
# install wasmtime
curl https://wasmtime.dev/install.sh -sSf | bash
# get the include/build files
wget https://github.com/WebAssembly/wasi-sdk/releases/download/wasi-sdk-12/wasi-sysroot-12.0.tar.gz
tar -xvzf wasi-sysroot-12.0.tar.gz
rm wasi-sysroot-12.0.tar.gz
# Set environment variables
export WASI_SDK_DIR="$(pwd)/wasi-sysroot"
export WASMTIME_HOME="$(pwd)/.wasmtime"
export PATH="$WASMTIME_HOME/bin:$PATH"
export RUSTFLAGS="--cfg tokio_unstable"
# If on Mac M1, make sure to use the clang/ar provided by homebrew. Make sure to replace <LATEST_VERSION>
export PATH="/opt/homebrew/Cellar/llvm/<LATEST_VERSION>/bin/:$PATH"
export AR="/opt/homebrew/Cellar/llvm/<LATEST_VERSION>/bin/llvm-ar"
export CC="/opt/homebrew/Cellar/llvm/<LATEST_VERSION>/bin/clang"

Additionally, the feature wasm should be enabled when checking/compiling.

Disclaimer

This project has not (yet) been audited by a third party. While some of the underlying cryptographic primitives come from the verified Open Quantum Safe (OQS) project and/or the PQClean project, the Kyber library has not yet received an audit (the known answer tests pass, however).

As such, we recommend that, if you choose to use this library and accept the risks associated with its use, you use hybrid cryptography by using either TLS or QUIC as an underlying protocol to ensure that the protocol is at least as secure as elliptical curve cryptography.

Authors

Thomas Braun - Founder

Contributing

Contributions are welcome! I have been the only developer for the past 5 years, and, need more people to help make the ecosystem flourish.

Dependencies

~2–2.8MB
~62K SLoC