|
|
|
|
|
|
by SparklingCotton
4451 days ago
|
|
|
What you say can easily be disproved, and you are simply asking for too much if you ask for something to be a drop-in replacement for OpenSSL. Some re-architecting is requred simply because of the insecurity of C. For example, a shared library that implements SSL would have to be a shim for something living in a separate process space. http://hackage.haskell.org/package/tls That is a Haskell implementation of TLS. It is written in a language that has very strong guarantees about mutation, and a very powerful type system which can express complex invariants. Yes, crypto primitives must be written in a low level language. C is not low level enough to write crypto, neither securely nor fast, so that's not an argument in its favor. |
|
|