On 6/29/14, 12:19 AM, Adam Wilson via Digitalmars-d wrote:
On Sat, 28 Jun 2014 23:08:51 -0700, Charles <[email protected]> wrote:
Is there a native D crypto library like Crypto++?
No. And for good reason. Building a cryptography library is an extremely
dificult proposition. Even
after you've completed the build, you still face a trust problem. You need to
convince people that
your library is not subject to a myriad of side-channel attacks. The only way
to do that is to
battle-test is, which requires that people use it in the first place. The
philosophy of the D
community is to binding to more trusted and tested libraries.
I currently am working on one such binding to the Botan library called Titanium.
https://github.com/ellipticbit/titanium
https://github.com/randombit/botan/
Botan isn't as battle-tested as OpenSSL or Crypto++ but it was designed from
the ground up to
mitigate or prevent the kind of problems that OpenSSL is currently
experiencing, and was implemented
by someone who has done multiple Cryptographic Module Verifications for NIST. I
personally went with
Botan because it's relatively easy to create bindings for the languages I use
and API is relatively
sane for a crypto library (I'm looking at you OpenSSL).
A safe rule of thumb with crypto code / libraries: If the thought of writing that type of code
doesn't scare you for at least a dozen or so reasons, you don't know enough to tread in that
playground. Or you're one of the damned few people on the planet qualified and are already working
on one.
