Adam Wilson wrote:
Adam Wilson wrote:
rikki cattermole wrote:
On 14/11/2016 9:31 AM, Adam Wilson wrote:
Jacob Carlborg wrote:
On 2016-11-12 21:50, Adam Wilson wrote:

I choose OpenSSL because it's a well respected, highly trusted,
and it
is available everywhere. I despise the license and the API. Sadly,
those
are not primary concerns when dealing with Cryptograpy libraries.

Well, Apple abandoned it years ago because it was difficult to upgrade
without breaking applications that are using it. There are also very
few
core developers working on it, as I understand it.

Other companies/organizations have abandoned it as well in favor of
other implementations like libressl due to various reasons.

Perhaps, if possible, a common API on top of whatever is the "native"
cryptographic library on each supported platform.


What if we did something with DUB build configurations. You can build
the default OpenSSL configuration or build a Botan configuration based
on the Botan D port depending on your needs. They would use the same
cryptographic primitives and produces the same results, just using
different libraries.

Would that work?

Yup, simple set of versions should do it.


I'll take a look at it. Botan should be easier to work with than OpenSSL.


This is going to have to wait. The Botan port currently does not build
with 2.072.0 due to the removal of std.stream. I've filed a bug here:
https://github.com/etcimon/botan/issues/24


The std.stream deprecation has been fixed and I've pushed the code to implement Botan, but the tests fail on a SegFault inside Botan in the PEM export functions. AES/Hash/HMAC/PBKDF2/RNG work. On OSX you need to use LDC or the linker will fail.

Tracking issue for the segfault: https://github.com/etcimon/botan/issues/25

--
Adam Wilson
IRC: LightBender
//quiet.dlang.dev

Reply via email to