Cryptography and D
Brad Roberts via Digitalmars-d
digitalmars-d at puremagic.com
Sun Jun 29 01:12:37 PDT 2014
On 6/29/14, 12:19 AM, Adam Wilson via Digitalmars-d wrote:
> On Sat, 28 Jun 2014 23:08:51 -0700, Charles <charles.hoskinson at gmail.com> wrote:
>
>> Is there a native D crypto library like Crypto++?
>
> No. And for good reason. Building a cryptography library is an extremely dificult proposition. Even
> after you've completed the build, you still face a trust problem. You need to convince people that
> your library is not subject to a myriad of side-channel attacks. The only way to do that is to
> battle-test is, which requires that people use it in the first place. The philosophy of the D
> community is to binding to more trusted and tested libraries.
>
> I currently am working on one such binding to the Botan library called Titanium.
>
> https://github.com/ellipticbit/titanium
> https://github.com/randombit/botan/
>
> Botan isn't as battle-tested as OpenSSL or Crypto++ but it was designed from the ground up to
> mitigate or prevent the kind of problems that OpenSSL is currently experiencing, and was implemented
> by someone who has done multiple Cryptographic Module Verifications for NIST. I personally went with
> Botan because it's relatively easy to create bindings for the languages I use and API is relatively
> sane for a crypto library (I'm looking at you OpenSSL).
A safe rule of thumb with crypto code / libraries: If the thought of writing that type of code
doesn't scare you for at least a dozen or so reasons, you don't know enough to tread in that
playground. Or you're one of the damned few people on the planet qualified and are already working
on one.
More information about the Digitalmars-d
mailing list