

History of Ironclad, a Common Lisp Crypto Library - wtbob
http://www.method-combination.net/blog/archives/2014/12/29/ironclads-history.html

======
wglb
It is refreshing to see the author of crypto code so honest about limitations
of the code.

------
jrapdx3
Appreciated the article. I've done something sort of similar with a Lisp
dialect, Chicken Scheme, partly as a learning tool. Implementing SHA1 turned
out not to be too difficult, though doing something more general is a whole
other matter.

Working on implementing AES-CTR came really close to success, but there's some
error in it. One of these days I'll have to get back to it and finish it. Of
course, it is difficult to get it right.

I've had the idea that if it is correct in Scheme, and as Chicken does, then
compiled to very regular C, the ultimate native-code program is much less
likely to have the errors of hand-coded C as we've seen in OpenSSL, GnuTLS and
others. Probably not a brand new idea, but certainly haven't seen it "in the
wild".

~~~
nightcracker
None of the errors in OpenSSL, GnuTLS have been errors in the crypto
primitives, so I don't think this helps much.

~~~
rurban
There was one actually recently. Wrong bignum square in OpenSSL CVE-2014-3570,
which caused quite a stir with Bitcoin Core.
[https://www.reddit.com/r/Bitcoin/comments/2rrxq7/on_why_010s...](https://www.reddit.com/r/Bitcoin/comments/2rrxq7/on_why_010s_release_notes_say_we_have_reason_to/)

