gnu-crypto-discuss
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [GNU Crypto] Public Key cryptography in GNU crypto

From: Raif S. Naffah
Subject: Re: [GNU Crypto] Public Key cryptography in GNU crypto
Date: Sat, 10 May 2003 10:50:21 +1000
User-agent: KMail/1.5.1 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

hello Morgon,

On Sat, 10 May 2003 07:24 am, Morgon Kanter wrote:
> Is there someone already working on this? If not, now seems to be as
> good a time as any to start. Before I do, however, is there a certain
> already-published API (like Sun's java class library) that I should
> conform to while coding this?

no. yes. may be (see third+ para) :-)

in GNU Crypto we first try to analyse what an (ideal?) API would look 
like, and implement it if/when we find it.  if Sun or others have a 
published API that addresses the same issue, and we decide to offer 
compatibility with it, we then build Adapters over our adopted API for 
the other one(s).  this is the way for example we implemented support 
for the Java Cryptography Extension (JCE); thus allowing users to use 
GNU Crypto with as well as without the JCE.  in my own (and biased) 
opinion, i believe we have, in Cascades and Transformers (soon to be 
checked-in), a more robust and flexible API for combining and 
constructing complex ciphers, modes, padding and others, than the JCE.

the other alternative is to adopt an API and implement it if/when we 
feel we cannot do better, or that API as it is acceptable.  and example 
of such API is the soon to be checked-in SASL (Simple Authentication 
and Security Layer) mechanisms.  another example that has not yet 
eventuated is the IEEE P1363.

for public-key cryptography, we have support for:

* keypair generation, and 
* digital signature.

the latter is specifically for digital signature with appendix schemes 
which require the original message as input to the verification phase.  
we dont have implementations (or API if it turns out we need one) for 
digital signature schemes with message recovery.

furthermore the algorithms implemented so far are:

* DSS and RSA (for keypair generation),
* DSS and RSA-PSS (for signature with appendix).

all related classes are in the gnu.crypto.sig hierarchy.


i hope this gives you a clear idea of what we have and have not, and 
would help you identify where and how you can contribute.

cheers;
rsn
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Que du magnifique

iD8DBQE+vEzN+e1AKnsTRiERA0KVAJ9BQ2/NaKcpxwcwidLevVmR6EBcOQCgref0
1iR8lOCptGMC+2xloPQfV+o=
=+N/x
-----END PGP SIGNATURE-----
reply via email to
[Prev in Thread] Current Thread [Next in Thread]