Reply to post:

Here's a fab idea: Get crypto libs to warn devs when they screw up

Anonymous Coward
Anonymous Coward

I prefer the LibreSSL strategy of simply removing all the bad, broken or exploited algorithms. Then your code simply doesn't compile/run if you try to use a garbage encryption algorithm or weak parameters. While I'm sure devs appreciate the hints on how to use a good algorithm correctly, it still won't stop them from doing stupid stuff when they're apathetic or pressed for time.

Ideally, all the crypto--including exception handling--should happen in the crypto library. Asking a regular dev to understand how all the fiddly crypto details work is a recipe for disaster. Getting to that ideal is not easy though.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019