[gnutls-dev] Symmetric cipher API

Simon Josefsson simon at josefsson.org
Sun Nov 25 16:14:48 CET 2007


Sam Varshavchik <mrsam at courier-mta.com> writes:

> Recently I converted some code that uses OpenSSL's EVP_CIPHER
> symmetric cipher API. I wrote a wrapper that mapped the following
> functions to their gcrypt equivalents: EVP_CIPHER_CTX_init(),
> EVP_CIPHER_CTX_cleanup(), EVP_(Encrypt|Decrypt)Init_ex(),
> EVP_(Encrypt|Decrypt)Update(), and EVP_(Encrypt|Decrypt)Final_ex().
>
> If you are interested, I'll be happy to contribute this code.

That sounds like a useful addition for gnutls-openssl to me, please post
the patch and we can review it.  If you haven't signed a copyright
assignment with the FSF, you'll need to do that before we can accept the
patch though.  Let me know privately and I'll send the form.

> I also thought that it's better to make this a native libgcrypt
> API. This should be only a matter of renaming the function names and
> arguments to follow libgcrypt's naming conventions, and all the EVP
> function become now just some lightweight wrappers (or probably even
> macros).

That would be something for the libgcrypt maintainers to consider.  In
any case, patches to improve the OpenSSL compatibility layer in GnuTLS
are always welcome.

/Simon



More information about the Gnutls-dev mailing list