Adding new public key KEM API
NIIBE Yutaka
gniibe at fsij.org
Tue Oct 24 08:25:54 CEST 2023
Werner Koch <wk at gnupg.org> wrote:
> On Thu, 19 Oct 2023 16:37, NIIBE Yutaka said:
>
>> gcry_error_t gcry_kem_decap (int algo,
>> const void *seckey,
>> const void *ciphertext,
>> void *shared_secret);
>
> I still don't feel comfortable without a size argument.
Assumption here (for lower level API) is:
It's caller side (user of libgcrypt) which does static
compile-time check against ALGO and the length of each
byte-array.
If not static, caller side can do run-time check, if needed,
before the call.
Having a size argument would mean,
libgcrypt does run-time check of the length (for each call)
I wonder if this kind of run-time check in libgcrypt is useful in lower
level API.
I could imagine having an API offering static compile-time check. In
this case, it would provide a macro something like gcry_kem_decap_check
which has length arguments. The ABI is gcry_kem_decap.
--
More information about the Gcrypt-devel
mailing list