On 2014-05-05 2:54 PM, Daniele M. wrote:
Have you thought about creating an SSL/TLS implementations tester instead?
You mean testing existing TLS libraries using this information?
The advantages of using all-D is having zero-copy buffers that inline
with the other layers of streams when built inside another D project. I
can also add processor-specific assembler-code algorithms of AES and RSA
from openSSL (optimizing the critical parts can put it on par or better
in speed).
To answer the question about safety, the code is very modular and so
when you decide to zero out memory of keys before/after
serialization/deserialization or even for the buffers, it happens for
everything regardless of the complexity of the application. It's
definitely easier to make it safer!
