libgcrypt, pk api, sample code

Werner Koch
Mon, 12 Jun 2000 10:20:54 +0200


On Mon, 12 Jun 2000, Vladimir Vukicevic wrote:

> I'm using the latest CVS snapshot of the gnupg codebase and I'm
> trying to use the gcrypt library to do public key encyrption from
I have not done much work on libgcrypt in the last months, due to time constraints and the fact that enhacing gpg 1.0 is more importtant. I will we large task to megre both versions again :-(
> (i.e. gcry_pk_encrypt succeeds, but gcry_pk_decrypt fails.) A
> statically-linked version works. I've sort of traced this down to a
> problem in building libgcrypt -- the .so is only 400k big, while the .a is
> about 1.3MB -- something is clearly wrong. For one, the .sym file that
> contained the publicly-exported functions was very limited; it didn't suck
The gcry_pk_* functions are not very well tested; they are currently only used for gpg. Needs more work.
> Also, is there any sample code for -anything-? (Esp. the pk encryption.)
Not for pk except gpg. Other stuff is in GSTI which I have only local under PRCS control - I see whether I can build a version for you.
> for large data? Also, by doing this for simple data using ElGemal, the
> encrypted data comes out to be about 20x as big as the cleartext, which
> seems to be wrong (I thought ElGemal ended up as 2x..) Some sample code to
There is a minimum size for an ElGamal message.
> appreciated. (The gpg code itself helps, but since it uses iobufs and
> slings a lot of structs containing state around, it's rather difficult to
> glean the important bits -- plus that it doesn't fully use the gcrypt API
I see what I can do.
> Also, is any development on libgcrypt being done still? If not, is there
> any interest at all in continuing it? What are the legalities of someone
Yes, but slowly ;-)
> in the US contributing to libgcrypt? (I'll be out of the country for most
> of July & August, so that wouldn't be as much of an issue then.) Is there
> a list of things that needs doing?
If you are an U.S. citizen, it doesn't matter where you stay, export rules will always travel with you. The good news is, that there is no problem with free software wanymore. Eben Moglen (FSF lawyer) checked, that it is okay to do GNU crypto stuff in the U.S. Werner -- Werner Koch OpenPGP key 621CC013 OpenIT GmbH tel +49 211 239577-0 Birkenstr. 12 email D-40233 Duesseldorf