Mon, 25 Oct 1999 09:40:17 +0200
"D. Hugh Redelmeier" <firstname.lastname@example.org> writes:
> Will the list be the right way to communicate (once it is functional)?
Yes, I did this on request of one Debian developer but it happend to
get never used. The permissions are now fixed. Please subscribe if
you like to do so.
> Right now, I'm trying to hack dsa.c/elgamal.c to fit into our code
> since we need support for DSS yesterday.
> I'm trying to make dsa.c/elgamal.c work with GMP because that is what
> we use for big integers. We use it because we use libdes (Eric
> Young's old code) and libdes uses GMP. What a tangle.
libdes needs big integers - it is not the one from OpenSSL I guess.
There are some reasons why I decided not to use plain GMP:
- Too much unneeded code (okay that doesn't matter with shared lib)
- GMP does not use a pointer to hide internals - this gives better
performance but because we only do a few function calls this does
not matter much when compared to the execution time of a single
- It is not possible to use a chunk of mlock()ed memory for
confidential numbers due to the use of alloca() and mallocs. I
hacked the whole library to support what I called "secure memory":
You have 2 calls to allocate a MPI, one for normal ones and
another which flags that MPI to be stored and calucatled only in
a special memory area.
> In the end, we'd like all sorts of crypto code: symmetric and public
> key. I'd like to be using one library, not two. We'd even like RSA,
> but that isn't important for another year :-).
No problem; there will be RSA on Sep 20th, 2000 ;-)
> Oh, and it would be great if we could compile it in a way for it to be
> run in the linux kernel (not my area). I don't know how this fits in
> with the international kernel patch; maybe it doesn't.
I talked with Richard about this and I will take care to allow for
this (ciphers and digests).
> Any thought to a timeframe for the gcrypt portion?
Yes, last spring :-( Due to many other tasked I have not done any
real work on code for the last couple of weeks. I'll be to Japan next
week and I hope to find some time to work on libgcrypt while I am
there or in the week after it.
I really need libgcrypt for gnupg 1.1 and some other things I am
working on, so there should be some working code soon.
> Should I be on a different mailing list to find out about this?
Feel free to use this ML, it is no extra work for me (I will add
a search engine for the lists too).
Werner Koch at guug.de www.gnupg.org keyid 621CC013