"Chad Seibert" <chadseibert@live.com> wrote in message news:BAY113-W109DEA4654FE7B53F0F6F5D3160@phx.gbl...
Also, Botan was engineered mostly by a security expert, meaning it is likely to be more secure.
Hopefully coding skills also matter in the Boost community and sadly Botan leaves a lot to be desired in this regard. 'Hacking up' an example to test a real use case of a simple RSA+SHA256 message verification with the public key stored in static memory gives the following results: (MSVC++ 9.0 SP1, Botan built with default parameters (makefile only changed to use link time code generation)) - project with an empty main : 40.448 bytes - project with the following Botan code int main() { unsigned char const in_memory_key[] = "an invalid key" ; unsigned char const msg [] = "a dummy message"; unsigned char const sig [] = "an invalid sig"; LibraryInitializer init; DataSource_Memory botan_in_memory_key( in_memory_key, _countof( in_memory_key ) ); std::auto_ptr<X509_PublicKey> key( X509::load_key( botan_in_memory_key ) ); RSA_PublicKey* rsakey = dynamic_cast<RSA_PublicKey*>(key.get()); std::auto_ptr<PK_Verifier> verifier( get_pk_verifier( *rsakey, "EMSA1(SHA-256)") ); return verifier->verify_message(msg,sizeof(msg),sig,sizeof(sig)); } ...: 1.092.096 bytes (yup, over a megabyte!) - an equivalent project only using LibTomCrypt+LibTomMath (mentioned here http://permalink.gmane.org/gmane.comp.lib.boost.devel/202443): 84.480 bytes IMNHO that's a failed test by any standard (worse than OpenSSL and Crypto++)... (must I really pay for e.g. virtual inheritance, dynamic_casts, by-std::string-runtime-algorithm-lookups etc. etc... for such a simple use case?)...
It is also being maintained, so security and feature patches will be made.
From this I gather that the original author plans to continue to develop and maintain the original library, in which case I wonder what would be the purpose of having a library that is nothing more but a 'parallel' 'boostified' version of the original that in itself offers nothing new and is updated only after the original one is updated?
-- "What Huxley teaches is that in the age of advanced technology, spiritual devastation is more likely to come from an enemy with a smiling face than from one whose countenance exudes suspicion and hate." Neil Postman