in reply to Decent crypto library?

Dare I ask... why not just use the OpenSSL binary?

I use a function called find_openssl to locate a copy of openssl from well-known locations, falling back to Alien::OpenSSL if it is installed.

As well as using find_openssl in the application code, I also call the function from Makefile.PL, and if it can't find openssl, a dependency on Alien::OpenSSL will be added to the MYMETA.json file, which CPAN clients should automatically pick up and install.

use Moops; class Cow :rw { has name => (default => 'Ermintrude') }; say Cow->new->name

Replies are listed 'Best First'.
Re^2: Decent crypto library?
by vsespb (Chaplain) on Oct 28, 2013 at 16:21 UTC
    Dare I ask... why not just use the OpenSSL binary?
    That't my plan B. or C.

    cons (for me):
    1. that would be probably slow if you have a lot of small files (process creation overhead)
    2. I need to use custom key and IV (-K and -iv options for openssl "enc" command)
    That options are visible in command line, thus it's considered unsecure, I don't see the way it can be hidden (unlike, say, option "-k" can be hidden using --kfile)
[reply]
Re^2: Decent crypto library?
by vsespb (Chaplain) on Oct 28, 2013 at 16:31 UTC
    Seems that indeed there is no way to hide IV and Key in command line

    And someone in OpenSSL mailing list explains that openssl binary is not for production use (only dev/demo tool)
[reply]

In Section Seekers of Perl Wisdom