"NaCl (pronounced "salt") is a new easy-to-use high-speed software library for network communication, encryption, decryption, signatures, etc. NaCl's goal is to provide all of the core operations needed to build higher-level cryptographic tools. Of course, other libraries already exist for these core operations. NaCl advances the state of the art by improving security, by improving usability, and by improving speed."
Python and C implementations
The NaCl library was originally implemented in Python. It was ported to C afterwards, later also providing C++ language bindings. The C sourcecode is available on http://nacl.cace-project.eu/, and is used in my QuickTun VPN software.
See NaCl/Windows for information on building NaCl on Windows.
See NaCl/Shared for information about building a shared, dynamically linkable library. A dynamic shared library and an automated way to build one on Debian/Ubuntu systems, are also available in the repository at http://apt.ucis.nl/.
Building only reference implementations
Sometimes it is desirable to build a generic platform independent library. In this case, it is recommended to only use the reference implementations of the provided primitives. To do so, the patch below can be used on the do script (patch do patchfile):
*** do.org 2011-02-27 17:47:19.997126841 +0100 --- do 2011-02-27 18:05:53.837122146 +0100 *************** *** 168,169 **** --- 168,173 ---- implementationdir=`dirname $doth` + implementation=`basename "$implementationdir"` + if [ "$implementation" != "ref" -a "$implementation" != "ref2" ]; then + continue; + fi opi=`echo "$implementationdir" | tr ./- ___`
C# / .Net implementation
This is a partial port directly from the original C sourcecode to pure ("unsafe") C# code. All code has been put into classes, and array operations had to be changed to use pointers. Only few changes had to be made to the actual logic. The sourcecode is available at https://bitbucket.org/IvoSmits/ucis.core as part of the UCIS.Core project. Note that not all code has been ported yet.
Most of the ported code should be as secure as the original C code. The C# code performs somewhat slower than the original C code, mostly because the original code is highly optimized for specific hardware.
The key generation procedure may be less secure than the original code, due to the use of a possibly pseudo-random number generator. Also, browsers tend to be prone to all kinds of (cross-site) scripting attacks. The code is a lot slower than the original C code, as it's dynamically interpreted. Obviously, it performs best in Google Chrome, then comes Firefox, and is just terribly slow in MSIE. But hey, it works!
Other PHP modules providing similar functionality are available at https://github.com/Gasol/pecl-nacl (NaCl based) and https://github.com/jedisct1/libsodium-php (libsodium based), providing their own, incompatible, interfaces.