On Tuesday, July 22, 2014 7:45:41 PM UTC+3, Jon Keys wrote:
I've not heard of Nettle before. It looks really nice!
Is there any reason to choose Nettle over OpenSSL aside from a nicer / more stable API?
I hadn't heard about it until this June when I saw annoucement of the version 3.0 at Phoronix. I looked it quickly, and it looked a very straight forward to implement LuaJIT bindings to it, so that's what I ended up doing. I think that it is a default crypto library in GNU projects (like GNUTLS). Its performance is comparable to OpenSSLs. The code is cleanly laid out, and easy to follow.
No particular reason. A great learning experience. I also wanted to have nice AES/Camellia libraries with different modes like (ECB, CBC, CTR, EAX, GCM, and CCM), and PBKDF2 lib. It's been a lot of fun too. Piece by piece I ended up implementing a nice Lua API for Nettle.
Lua doesn't come batteries included, and while OpenResty has some batteries, the more building blocks are needed. I like this OpenResty project, so as a hobby I end up implementing this and that to support the project, and make it better for web development. There are common libs that you usually need when developing web apps:
- crypto
- image manipulation / conversion
- movie transcoding
- authentication (+ extenal authentication like openid, google, ms, facebook, twitter, github etc. logins, and app-to-app auth like oauth)
- session management
- cookie handling
- localization
- access to backend systems like dbs, caches, and search services
- excel / pdf report generation
- html templating
- input validation
- email/sms handling
- string manipulation, encodings
- a lot of saas services to bind to
- ...
I just tend to pick something that I think at this phase I will need. Right now I feel the core of OpenResty is quite alright, and there are libs
already for many things (thanks to agentz and others).
I like the way how OpenResty is constructed. It uses Nginx cleverly where it fits. It's not an opionated framework, and more like a nice Lua library layer on top of Nginx. Loosely coupled small libraries is a way to go, in my opinion (I think it is better to copy paste small amounts of code than it is to create dependencies between libs - not to mention fullstack opionated frameworks where all your code belongs to framework). I think what OpenResty needs is just more libs (for everything) and Luafied APIs for FFI-bindings, and a package management for them (something agentz has been talking about).
So lua-resty-nettle is just a one component to have (and I'm pretty sure some others will find it useful as well).
Regards
Aapo
