A security review of the D library Crypto

[Cym13]

On Saturday, 4 July 2020 at 14:37:41 UTC, H. S. Teoh wrote:
> I'm not the author, but I'm curious about the D implementation 
> of Botan (https://code.dlang.org/packages/botan) -- how is its 
> security level?  I glanced at it before and it seemed OK, but 
> it'd be really nice to have a 3rd party opinion, esp. from 
> someone who's skilled with cryptanalysis.
>
>
> T

I can't say much at the moment. Botan is another beast altogether 
and lots of work is going to be required to get any certitude.

What I can say is that it's a nice library, ported from a library 
that has been audited in the past and is still actively 
maintained. A cursory shows none of the issues found in Crypto. 
Everything seems really good.

The main issue with Botan from a design standpont may be its 
completeness. It's great if you are building off an established 
project or protocol and need specific algorithms. If you're 
starting a new project from scratch though more options mean more 
ways to potentially chose a bad one. I mentionned libsodium in a 
previous answer; this is the kind of opiniated library that is 
well suited to that type of new projects.

But really, it's hard to say anything bad when the project's wiki 
starts with a list of books and resources to learn cryptography 
prior to using the library [1]. I don't know the author but at 
least it seems like he knows what he's messing with.

So, to conclude, based on that preliminary look alone I would 
feel confident about recommending Botan since I don't expect any 
major issue. But I'll still need to find the time to properly 
review it someday, be it only for my own peace of mind.

[1]: https://github.com/etcimon/botan/wiki