[gnutls-dev] Re: Request for goals for GnuTLS 1.7.x

Simon Josefsson simon at josefsson.org
Thu Nov 30 14:46:42 CET 2006


Rupert Kittinger-Sereinig <rks at mur.at> writes:

> Hardware crypto support would be great. However, I am not sure what
> would be the proper way to do this. One idea would be to insert a
> PKCS#11 wrapper around libgcrypt that would allow using different
> crypto engines, e.g. opensc:
>
> http://www.opensc-project.org

I started to abstract all crypto-operations in GnuTLS to a general API
(see lgl/gc.h) and symmetric encryption, hashes and RNG is
implemented, but the large part is to support MPI and RSA/DSA.

Defining an abstract API for MPI/RSA/DSA and using it is probably only
half of the problem, the other is that GnuTLS internally do things on
a very low level.  That could be improved too, to move up the
abstraction level, and would result in cleaner and simpler code.

If anyone wants to work on this, that would be cool.  This is a too
large project for me to take on without someone sponsoring it.

/Simon




More information about the Gnutls-devel mailing list