gcrypt initialization
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Mon Oct 26 23:14:53 CET 2009
hey gcrypt folks--
I'm trying to understand the various phases of gcrypt initialization.
I've read the docs, but in some places they appear to be
self-contradictory about what calls are specifically allowed when.
As i understand it, the required order is:
A) gcry_control(GCRYCTL_SET_THREAD_CBS or GCRYCTL_FORCE_FIPS_MODE)
B) gcry_check_version()
C) gcry_control(<other commands>,...)
D) gcry_control(GCRYCTL_INITIALIZATION_FINISHED)
E) <actual use of the library>
When a gcry_control command says that it can "only be used during
initialization time" (e.g. GCRYCTL_ENABLE_M_GUARD), i believe that
means that it must be invoked during phase C, but other gcry_control
invocations can be invoked at any time (including after the library has
actually been used).
Is this correct? What am i missing?
Regards,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 891 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20091026/bfb41683/attachment.pgp>
More information about the Gcrypt-devel
mailing list