Low-level crypto interface
14 Dec 2000 11:07:06 +0100
Bob Deblier <email@example.com> writes:
> Thanks for sending this contribution - it was good reading material. Here
> are a few comments and thoughts I have about this subject:
Thanks for reading.
> The way I've solved this is by having a table which describes all
> algorithms of a certain kind.
This is a common approach, I guess (I think both Werner's gnupg,
openssl and several other libraries do that).
In lsh, I also have a table, but at a higher level. I have integer
constants for all algorithms known by my secsh implementation, for
instance ATOM_3DES_CBC, which is installed in the table by something
ALIST_SET(algorithms, ATOM_3DES_CBC, make_3des_cbc());
But there's no entry for plain des anywhere. Then I have a
gperf-generated code to map names that occur in protocol messages to
these integer atoms, and a different, more fuzzy, function for mapping
human-supplied names to atoms.
I can build this on top of the low-level interface, and I believe it
should be straight-forward to build a table like yours on top of the
same code. My intention is to make it feasible to share a low-level
library, even between applications and contexts with different ideas
on how to manage and select algorithms.
Some generic functions could perhaps also be added to the low-level
void gcrypt_cbc_encrypt(void *ctx,
(*encrypt)(void *, unsigned length,
uint8_t *dst, const uint8_t *src),
uint8_t *iv, unsigned block_size,
uint8_t *dst, const uint8_t *src);
if that seems useful. memxor() should also be part of the library (and
perhaps also a part of glibc, of we can sell that idea to the glibc
> Offtopic: I'm thinking about starting a new open-source (GPL) project
> called 'BeeUtils', of which the first part will be small apps for
> computing the cryptographic hash value of a file. Of course the md5sum
> utility is available in the GNU textutils, but what about a sha1sum, or
> even a sha256sum? Is there a need for utilities that do this?
My first reaction is that I would rather see those utilities as a part
of text-utils, just like md5sum.