Werner Koch wk@gnupg.org
Mon, 25 Oct 1999 09:40:17 +0200

"D. Hugh Redelmeier" <hugh@mimosa.com> writes:

> Will the list be the right way to communicate (once it is functional)?
Yes, I did this on request of one Debian developer but it happend to get never used. The permissions are now fixed. Please subscribe if you like to do so.
> Right now, I'm trying to hack dsa.c/elgamal.c to fit into our code
> since we need support for DSS yesterday.
I understand.
> I'm trying to make dsa.c/elgamal.c work with GMP because that is what
> we use for big integers. We use it because we use libdes (Eric
> Young's old code) and libdes uses GMP. What a tangle.
libdes needs big integers - it is not the one from OpenSSL I guess. There are some reasons why I decided not to use plain GMP: - Too much unneeded code (okay that doesn't matter with shared lib) - GMP does not use a pointer to hide internals - this gives better performance but because we only do a few function calls this does not matter much when compared to the execution time of a single function. - It is not possible to use a chunk of mlock()ed memory for confidential numbers due to the use of alloca() and mallocs. I hacked the whole library to support what I called "secure memory": You have 2 calls to allocate a MPI, one for normal ones and another which flags that MPI to be stored and calucatled only in a special memory area.
> In the end, we'd like all sorts of crypto code: symmetric and public
> key. I'd like to be using one library, not two. We'd even like RSA,
> but that isn't important for another year :-).
No problem; there will be RSA on Sep 20th, 2000 ;-)
> Oh, and it would be great if we could compile it in a way for it to be
> run in the linux kernel (not my area). I don't know how this fits in
> with the international kernel patch; maybe it doesn't.
I talked with Richard about this and I will take care to allow for this (ciphers and digests).
> Any thought to a timeframe for the gcrypt portion?
Yes, last spring :-( Due to many other tasked I have not done any real work on code for the last couple of weeks. I'll be to Japan next week and I hope to find some time to work on libgcrypt while I am there or in the week after it. I really need libgcrypt for gnupg 1.1 and some other things I am working on, so there should be some working code soon.
> Should I be on a different mailing list to find out about this?
Feel free to use this ML, it is no extra work for me (I will add a search engine for the lists too). Werner -- Werner Koch at guug.de www.gnupg.org keyid 621CC013