Crypto interface in phobos #10269
Labels
Comments
andre commented on 2017-11-01T15:23:49Z*** Issue 16510 has been marked as a duplicate of this issue. *** |
greensunny12 commented on 2018-02-09T11:56:50ZHmm, not sure if this wouldn't be a huge effort for Phobos + given that crypto needs to be able to be patched within hours, I'm inclined to make this a WONTFIX too.
The best library solution I know is this https://github.com/LightBender/SecureD |
andre commented on 2018-02-14T21:04:33Z(In reply to Seb from comment #2)
> Hmm, not sure if this wouldn't be a huge effort for Phobos + given that
> crypto needs to be able to be patched within hours, I'm inclined to make
> this a WONTFIX too.
>
> The best library solution I know is this
> https://github.com/LightBender/SecureD
If in Phobos crypto functionality isn't directly implemented but a nice wrapper is available around operation system crypto libraries (on windows SChannel) / OpenSSL /... then neither Phobos needs to be patched nor the application developer needs to ship a new version of his application.
The crypto fix will be provided by the operation system (windows update in case of windows...)
(Delphi is using this approach)
What I suggest is a crypto interface in Phobos with implementations for SChannel / OpenSSL / ... |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
andre reported this on 2017-11-01T15:23:06Z
Transfered from https://issues.dlang.org/show_bug.cgi?id=17958
CC List
Description
In discussion https://forum.dlang.org/thread/osnema$d5s$1@digitalmars.com it became clear, including crypto logic into phobos might be a pandora box and should be avoided. An alternative is to provide a crypto interface within phobos with implementations for SChannel (windows api), mbedtls, openssl, ... As a starting point, I am interested in RSA Digital Signature Validation but The crypto interface should be open for any algorithm.The text was updated successfully, but these errors were encountered: