SecureD - A simple cryptography library for D (page 2) - D Programming Language Discussion Forum

rikki cattermole wrote: > On 14/11/2016 9:31 AM, Adam Wilson wrote: >> Jacob Carlborg wrote: >>> On 2016-11-12 21:50, Adam Wilson wrote: >>> >>>> I choose OpenSSL because it's a well respected, highly trusted, and it >>>> is available everywhere. I despise the license and the API. Sadly, >>>> those >>>> are not primary concerns when dealing with Cryptograpy libraries. >>> >>> Well, Apple abandoned it years ago because it was difficult to upgrade >>> without breaking applications that are using it. There are also very few >>> core developers working on it, as I understand it. >>> >>> Other companies/organizations have abandoned it as well in favor of >>> other implementations like libressl due to various reasons. >>> >>> Perhaps, if possible, a common API on top of whatever is the "native" >>> cryptographic library on each supported platform. >>> >> >> What if we did something with DUB build configurations. You can build >> the default OpenSSL configuration or build a Botan configuration based >> on the Botan D port depending on your needs. They would use the same >> cryptographic primitives and produces the same results, just using >> different libraries. >> >> Would that work? > > Yup, simple set of versions should do it. > I'll take a look at it. Botan should be easier to work with than OpenSSL. -- Adam Wilson IRC: LightBender //quiet.dlang.dev

Adam Wilson wrote: > rikki cattermole wrote: >> On 14/11/2016 9:31 AM, Adam Wilson wrote: >>> Jacob Carlborg wrote: >>>> On 2016-11-12 21:50, Adam Wilson wrote: >>>> >>>>> I choose OpenSSL because it's a well respected, highly trusted, and it >>>>> is available everywhere. I despise the license and the API. Sadly, >>>>> those >>>>> are not primary concerns when dealing with Cryptograpy libraries. >>>> >>>> Well, Apple abandoned it years ago because it was difficult to upgrade >>>> without breaking applications that are using it. There are also very >>>> few >>>> core developers working on it, as I understand it. >>>> >>>> Other companies/organizations have abandoned it as well in favor of >>>> other implementations like libressl due to various reasons. >>>> >>>> Perhaps, if possible, a common API on top of whatever is the "native" >>>> cryptographic library on each supported platform. >>>> >>> >>> What if we did something with DUB build configurations. You can build >>> the default OpenSSL configuration or build a Botan configuration based >>> on the Botan D port depending on your needs. They would use the same >>> cryptographic primitives and produces the same results, just using >>> different libraries. >>> >>> Would that work? >> >> Yup, simple set of versions should do it. >> > > I'll take a look at it. Botan should be easier to work with than OpenSSL. > This is going to have to wait. The Botan port currently does not build with 2.072.0 due to the removal of std.stream. I've filed a bug here: https://github.com/etcimon/botan/issues/24 -- Adam Wilson IRC: LightBender //quiet.dlang.dev

December 11, 2016

Re: SecureD - A simple cryptography library for D

Posted by Adam Wilson
in reply to Adam Wilson

Permalink

Adam Wilson

Posted in reply to Adam Wilson

Permalink

Adam Wilson wrote:
> Adam Wilson wrote:
>> rikki cattermole wrote:
>>> On 14/11/2016 9:31 AM, Adam Wilson wrote:
>>>> Jacob Carlborg wrote:
>>>>> On 2016-11-12 21:50, Adam Wilson wrote:
>>>>>
>>>>>> I choose OpenSSL because it's a well respected, highly trusted,
>>>>>> and it
>>>>>> is available everywhere. I despise the license and the API. Sadly,
>>>>>> those
>>>>>> are not primary concerns when dealing with Cryptograpy libraries.
>>>>>
>>>>> Well, Apple abandoned it years ago because it was difficult to upgrade
>>>>> without breaking applications that are using it. There are also very
>>>>> few
>>>>> core developers working on it, as I understand it.
>>>>>
>>>>> Other companies/organizations have abandoned it as well in favor of
>>>>> other implementations like libressl due to various reasons.
>>>>>
>>>>> Perhaps, if possible, a common API on top of whatever is the "native"
>>>>> cryptographic library on each supported platform.
>>>>>
>>>>
>>>> What if we did something with DUB build configurations. You can build
>>>> the default OpenSSL configuration or build a Botan configuration based
>>>> on the Botan D port depending on your needs. They would use the same
>>>> cryptographic primitives and produces the same results, just using
>>>> different libraries.
>>>>
>>>> Would that work?
>>>
>>> Yup, simple set of versions should do it.
>>>
>>
>> I'll take a look at it. Botan should be easier to work with than OpenSSL.
>>
>
> This is going to have to wait. The Botan port currently does not build
> with 2.072.0 due to the removal of std.stream. I've filed a bug here:
> https://github.com/etcimon/botan/issues/24
>

The std.stream deprecation has been fixed and I've pushed the code to implement Botan, but the tests fail on a SegFault inside Botan in the PEM export functions. AES/Hash/HMAC/PBKDF2/RNG work. On OSX you need to use LDC or the linker will fail.

Tracking issue for the segfault: https://github.com/etcimon/botan/issues/25

-- 
Adam Wilson
IRC: LightBender
//quiet.dlang.dev

Jacob Carlborg wrote: > On 2016-12-12 08:07, Adam Wilson wrote: > >> On OSX you need to use LDC or the linker will fail. > > What linker errors do you get using DMD? > ld: in ../../.dub/packages/botan-1.12.8/botan/.dub/build/full-unittest-posix.osx-x86_64-dmd_2072-0D593375D53C36354213ADF6E4F6A036/libbotan_base.a(unique_40d1_3b6.o), in section __TEXT,__textcoal_nt reloc 2: symbol index out of range for architecture x86_64 -- Adam Wilson IRC: LightBender //quiet.dlang.dev

On 2016-12-13 09:20, Adam Wilson wrote: > ld: in > ../../.dub/packages/botan-1.12.8/botan/.dub/build/full-unittest-posix.osx-x86_64-dmd_2072-0D593375D53C36354213ADF6E4F6A036/libbotan_base.a(unique_40d1_3b6.o), > in section __TEXT,__textcoal_nt reloc 2: symbol index out of range for > architecture x86_64 Hmm, interesting. -- /Jacob Carlborg

Forums