05-Jul-2014 23:33, deadalnix пишет:
On Sunday, 29 June 2014 at 07:19:49 UTC, Adam Wilson wrote:
On Sat, 28 Jun 2014 23:08:51 -0700, Charles
<[email protected]> wrote:
Is there a native D crypto library like Crypto++?
No. And for good reason. Building a cryptography library is an
extremely dificult proposition. Even after you've completed the build,
you still face a trust problem. You need to convince people that your
library is not subject to a myriad of side-channel attacks. The only
way to do that is to battle-test is, which requires that people use it
in the first place. The philosophy of the D community is to binding to
more trusted and tested libraries.
I used to think that. A few years ago, I looked into OpenSSL, noticed
several horrors. Several of them mentioned here:
https://www.youtube.com/watch?v=GnBbhXBDmwU
I had the same reasoning: crytpo is hard and these guys know much more
than I do.
Indeed a common misconception and I would recommend for anybody thinking
otherwise to actually go ahead and read e.g. that damn OpenSSL source
code. Huge and old C libraries are a security problem in their own
right, without even looking further for potential theoretical faults.
They don't. The simple fact they are are using C to build security
related basic block show that they have no idea what they are doing. No
bound check, no memory safety, integer overflow is undefined behavior
(which mean that even if you remember to check for it, you are not
checking for it).
--
Dmitry Olshansky
