Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 26 Apr 2013 19:24:37 +0200
From: Gregor Pintar <>
Subject: Re: High-priority library replacements?

2013/4/26, Rich Felker <>:
> On Fri, Apr 26, 2013 at 10:11:32AM +0200, Gregor Pintar wrote:
>> 2013/4/26, <>:
>> > I hate to be the one who says this, but...
>> > Why another crypto library?
>> > There are at least 6 I can think of off the top of my head
>> > (openssl crypto, gcrypt, nettle, tomcrypt, gpg, openbgp)
>> > and I know that's not even half of them.
>> > tomcrypt is already good (as Rich mentioned), so code quality isn't
>> > a reason.
>> Most of them are realy bad (support only few ciphers, ugly API,
>> inflexible, license).
>> tomcrypt is good, but it has some global states (ltc_cipher_descriptor,
>> ...)
> Yes, this is stupid, but I don't think there's any reason to use it.
> Can't you just use the extern descriptor for the cipher you want
> directly?
You can't, because modes read from global descriptor.

> In any case, I agree that when using tomcrypt the register
> and unregister functions should be nop'd out and the cipher_descriptor
> array replaced with a const version thereof. There may be more changes
> needed to fix it too, but that sounds like most of it.
But that would break API anyway.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.