salty-coffee icon indicating copy to clipboard operation
salty-coffee copied to clipboard

Published 20 hours ago verified publisher icon NeilMadden

Feature request: Use native libraries when available

Open NeilMadden opened this issue 4 years ago • 3 comments

If libsodium is installed then we should make use of it in preference to the pure-Java implementations. The native library is likely to have better constant-time guarantees and be more performant.

NeilMadden avatar Jan 02 '20 15:01 NeilMadden

How difficult is it to get a cryptographic professional to look over this source code of the NaCI implementation? Just curious. Need to use a library for this and this one looked promising.

mjovanc avatar Sep 16 '22 07:09 mjovanc

I think that probably you'd have to pay to have a professional cryptographic audit. There are several companies and individuals that perform these kinds of services. (I may stump up the cash myself at some point, but I'm not in a position to commit to that at this point in time).

NeilMadden avatar Sep 22 '22 09:09 NeilMadden

Alright I see. Probably not cheap. Thanks for information!

mjovanc avatar Sep 22 '22 09:09 mjovanc