Closed endgame closed 2 months ago
This is not straightforward: the various Digest a
s that we get from crypton
can only be interacted with using the ByteArrayAccess
interface from memory
, which is why amazonka-core
has polymorphic functions for base{16,64}
encoding. And if we move to botan
we'll be able to get encoders from there anyway, so there's little point in doing this refactoring twice.
I think we'll have to consider to raise this question with the crypton maintainers, I'd hope they can maintain memory
to serve crypton?
That may be necessary in the medium-term, but memory
also seems to be small enough that it doesn't seem to need too much active maintenance. Especially not in the amazonka-core
use case, where we're just computing digests and HMACs but don't need the crypto primitive stuff like scrubbed memory, constant-time equality, etc. My hope is that we can eventually move all of this stuff across to botan
when it matures.
@endgame I think that http-client-tls
is used by amazonka, and this uses the tls
package which uses crypton
which uses memory
.
Almost certainly. The migration will be an effort from all of us, but when botan
is ready we can at least do our part in the amazonka space.
We should aim to stop directly depending on
memory
: Vincent's packages are unmaintained, there's no clear replacement like withcrypton
/ite
, and it doesn't seem like we're using it for anything fancy. A quick grep makes me think it's only used to do base16 and base64 encoding, so replacing those functions with ones from packagesbase16
andbase64
might be easy.