Pure Haskell replacement for a dependency package
Marcel Fourné
haskell at marcelfourne.de
Thu Feb 28 17:14:11 UTC 2019
Hi,
Am 2019-02-22 um 13:46 schrieb Mikhail Glushenkov:
>Looking closer at eccrypto, I can identify the following issues:
>
>1) eccrypto has a larger dependency footprint than ed25519, which only
>depends on GHC boot libraries
>2) ed25519 is much better documented
>3) eccrypto is quite new and not as mature as ed25519, which is based
>on the reference implementation
Regarding those issues, I uploaded a new version of eccrypto with only
cryptohash-sha512 as a non-boot dependency. Since hackage-security
already depends on cryptohash-sha256 with its low depency footprint, I
thought it most prudent to go that route. Of course, the new code is
also analysed like the one from last release.
Documentation will follow, as well as scientific review.
Only the last part - being more mature than the ref10 C code - my code
will never be. ;-)
>However, I still think that we could accept a patch adding support for
>eccrypto as a compile-time option (not enabled by default).
I'll also start looking into making a patch for hackage-security
for review.
Best,
Marcel
More information about the cabal-devel
mailing list