Hello?

Werner Koch wk@gnupg.org
Mon, 25 Oct 1999 09:40:17 +0200 

"D. Hugh Redelmeier" <hugh@mimosa.com> writes:


> Will the list be the right way to communicate (once it is functional)?


Yes, I did this on request of one Debian developer but it happend to
get never used.  The permissions are now fixed.  Please subscribe if
you like to do so.


> Right now, I'm trying to hack dsa.c/elgamal.c to fit into our code

> since we need support for DSS yesterday.


I understand.


> I'm trying to make dsa.c/elgamal.c work with GMP because that is what

> we use for big integers.  We use it because we use libdes (Eric

> Young's old code) and libdes uses GMP.  What a tangle.


libdes needs big integers - it is not the one from OpenSSL I guess.

There are some reasons why I decided not to use plain GMP:

  - Too much unneeded code (okay that doesn't matter with  shared lib)
  - GMP does not use a pointer to hide internals - this gives better
    performance but because we only do a few function calls this does
    not matter much when compared to the execution time of a single
    function.
  - It is not possible to use a chunk of mlock()ed memory for
    confidential numbers due to the use of alloca() and mallocs.  I
    hacked the whole library to support what I called "secure memory":
    You have 2 calls to allocate a MPI, one for normal ones and
    another which flags that MPI to be stored and calucatled only in
    a special memory area.


> In the end, we'd like all sorts of crypto code: symmetric and public

> key.  I'd like to be using one library, not two.  We'd even like RSA,

> but that isn't important for another year :-).


No problem; there will be RSA on Sep 20th, 2000 ;-)


> Oh, and it would be great if we could compile it in a way for it to be

> run in the linux kernel (not my area).  I don't know how this fits in

> with the international kernel patch; maybe it doesn't.


I talked with Richard about this and I will take care to allow for
this (ciphers and digests).


> Any thought to a timeframe for the gcrypt portion?


Yes, last spring :-(  Due to many other tasked I have not done any
real work on code for the last couple of weeks.  I'll be to Japan next
week and I hope to find some time to work on libgcrypt while I am
there or in the week after it.

I really need libgcrypt for gnupg 1.1 and some other things I am
working on, so there should be some working code soon. 


> Should I be on a different mailing list to find out about this?


Feel free to use this ML, it is no extra work for me (I will add 
a search engine for the lists too).


   Werner

-- 
Werner Koch at guug.de           www.gnupg.org           keyid 621CC013