In discussion https://forum.dlang.org/thread/[email protected] it became clear, including crypto logic into phobos might be a pandora box and should be avoided.
An alternative is to provide a crypto interface within phobos with implementations for SChannel (windows api), mbedtls, openssl, ...
As a starting point, I am interested in RSA Digital Signature Validation but The crypto interface should be open for any algorithm.
Comment #1 by andre — 2017-11-01T15:23:49Z
*** Issue 16510 has been marked as a duplicate of this issue. ***
Comment #2 by greensunny12 — 2018-02-09T11:56:50Z
Hmm, not sure if this wouldn't be a huge effort for Phobos + given that crypto needs to be able to be patched within hours, I'm inclined to make this a WONTFIX too.
The best library solution I know is this https://github.com/LightBender/SecureD
Comment #3 by andre — 2018-02-14T21:04:33Z
(In reply to Seb from comment #2)
> Hmm, not sure if this wouldn't be a huge effort for Phobos + given that
> crypto needs to be able to be patched within hours, I'm inclined to make
> this a WONTFIX too.
>
> The best library solution I know is this
> https://github.com/LightBender/SecureD
If in Phobos crypto functionality isn't directly implemented but a nice wrapper is available around operation system crypto libraries (on windows SChannel) / OpenSSL /... then neither Phobos needs to be patched nor the application developer needs to ship a new version of his application.
The crypto fix will be provided by the operation system (windows update in case of windows...)
(Delphi is using this approach)
What I suggest is a crypto interface in Phobos with implementations for SChannel / OpenSSL / ...
Comment #4 by robert.schadek — 2024-12-01T16:31:04Z