Which library to use for cryptographic functions

Question

Note: this is not asking for a personal viewpoint on what is the better library, but rather what is the "safest" library or what is a good indication of a "safe" library.

I was looking for a Haskell library with AES256 encryption/decryption capabilities and found quite a few.

The problem is that most of these seem abandoned, except cryptonite who again seems like the least popular library (the one with the least amount of downloads).

I was wondering if using a library that seems outdated could be a problem (should I worry about possible security flaws, etc.) or if I should simply go with the one that seems most popular?

Without any criteria for assessment, this question is utterly useless. If the criteria is activity, then you've answered the question yourself. — Artjom B., May 18 '16 at 17:51

score 2 · Accepted Answer · answered May 18 '16 at 14:34

2

I'd definitely recommend cryptonite. It's a newer library consolidating a number of older libraries, and the ecosystem hasn't moved over yet.

answered May 18 '16 at 14:34

Michael Snoyman

31,100
3
48
77

That was what I was thinking, however cryptonite doesn't seem to have any production-ready versions. – NatureShade May 18 '16 at 14:51
1

@NatureShade Define "production-ready" – Thomas M. DuBuisson May 18 '16 at 23:04

Which library to use for cryptographic functions

1 Answers1