When adding cryptographic dependencies, critically evaluate whether broad libraries like OpenSSL are necessary or if more specific, focused alternatives can meet your requirements. Broad cryptographic libraries often include extensive functionality that may not be needed, potentially increasing the attack surface and complexity.
When adding cryptographic dependencies, critically evaluate whether broad libraries like OpenSSL are necessary or if more specific, focused alternatives can meet your requirements. Broad cryptographic libraries often include extensive functionality that may not be needed, potentially increasing the attack surface and complexity.
Before adding general-purpose cryptographic libraries, consider:
Example from the codebase:
# Instead of:
openssl = "0.10"
# Consider using:
rsa = "0.9" # If you only need RSA functionality
This approach reduces dependency bloat, minimizes potential security vulnerabilities, and makes your cryptographic intentions more explicit in the codebase.
Enter the URL of a public GitHub repository