From: Rich Felker <dalias@aerifal.cx>
To: musl@lists.openwall.com
Subject: Re: High-priority library replacements?
Date: Thu, 25 Apr 2013 21:51:14 -0400 [thread overview]
Message-ID: <20130426015114.GP20323@brightrain.aerifal.cx> (raw)
In-Reply-To: <20130426005545.GA7923@Caracal>
On Thu, Apr 25, 2013 at 05:55:45PM -0700, idunham@lavabit.com wrote:
> > I am working on cryptographic library. It's far from being finished.
> > I would be very glad, if someone could look at it.
> > Currently I have problems with API design so help would be welcome.
> > It isn't in git yet.
> > You can get it here:
> > https://dl.dropboxusercontent.com/u/83450675/kripto/kripto.tar.gz
> > I have plans for SSL library on top of it, but it could take years.
>
> I hate to be the one who says this, but...
> Why another crypto library?
> There are at least 6 I can think of off the top of my head
> (openssl crypto, gcrypt, nettle, tomcrypt, gpg, openbgp)
> and I know that's not even half of them.
> tomcrypt is already good (as Rich mentioned), so code quality isn't
> a reason.
> While writing your own "xyz" may be a good learning experience and fun
> and so on, a crypto library faces some restrictions:
> -You will need to fix bugs promptly until you hand over maintainership.
> (Otherwise, you become responsible when there's a vulnerability that
> stays unfixed.)
> -You have to finish it.
> Consider the case of gcrypt, which is a GNU project with multiple
> contributors, but still doesn't implement enough to make LDAP over SSL
> work in all cases (I don't know the exact issue, but it's a standing bug
> in Debian.)
>
> And you have to write a good API. When someone else has a library with
> that, you may be better off using it.
> What Rich asked about was an SSL lib based on an existing crypto lib,
> namely tomcrypt. And that is likely to be a quicker path to results.
Yes. Crypto is hard to get right and when there's an implementation
with high-quality public domain code, I think you'd need a really
strong justification for using a new crypto implementation in an SSL
library.
> > I think best way is not to trust any certificate authority.
> > Maybe some certificate p2p protocol could be done?
>
> Not really an option for regular SSL, I'm afraid.
> (just due to the standards, and the need for getting it going...)
> But something along the lines of OpenBGP (I think that's the name; it's
> a BSD-licensed PGP library) would be one place to start if you wanted
> that.
> It would be interesting if the library transparently handles both SSL
> and something along those lines, so someone gets the certificate p2p
> stuff for free by using the library.
Yes, I don't really know what the future directions will be, I just
think a library should be prepared to adapt to changing needs for how
we determine trust.
> > > - Have absolutely zero global state.
> > There is no global state and there won't be any.
>
> Sounding good, and looking good from what I saw. (Although I tend to
> dislike "magic number tables", but that's mainly personal taste...
> Also, don't consider me an authority on C or programming. I know some,
> but far too little.)
If you dislike magic number tables, you can always include a script in
the build process to generate them. Using tens or hundreds of kb per
process and tons of startup time however is not an acceptable solution
to "I dislike magic number tables". Like them or not, magic number
tables are the only non-bloated solution.
Rich
next prev parent reply other threads:[~2013-04-26 1:51 UTC|newest]
Thread overview: 84+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-04-25 4:15 Rich Felker
2013-04-25 5:05 ` Daniel Cegiełka
2013-04-25 5:21 ` Rich Felker
2013-04-25 5:55 ` Kurt H Maier
2013-04-25 7:34 ` Jens Staal
2013-04-25 12:18 ` Rich Felker
2013-04-25 13:54 ` Kurt H Maier
2013-04-25 6:43 ` Gregor Pintar
2013-04-26 0:55 ` idunham
2013-04-26 1:11 ` crypto libraries idunham
2013-04-26 7:51 ` Daniel Cegiełka
2013-04-26 1:51 ` Rich Felker [this message]
2013-04-26 8:11 ` High-priority library replacements? Gregor Pintar
2013-04-26 15:47 ` Rich Felker
2013-04-26 17:24 ` Gregor Pintar
2013-04-28 21:43 ` Rob Landley
2013-04-29 10:16 ` Szabolcs Nagy
2013-04-29 12:09 ` Rich Felker
2013-04-29 17:35 ` Gregor Pintar
2013-04-29 21:55 ` Szabolcs Nagy
2013-04-30 2:10 ` Rich Felker
2013-04-30 6:32 ` Gregor Pintar
2013-04-30 8:35 ` Szabolcs Nagy
2013-04-30 9:58 ` Gregor Pintar
2013-04-30 11:30 ` Szabolcs Nagy
2013-04-30 14:11 ` Gregor Pintar
2013-05-01 7:26 ` Gregor Pintar
2013-05-08 21:37 ` Daniel Cegiełka
2013-05-08 23:00 ` idunham
2013-05-09 7:36 ` Daniel Cegiełka
2013-05-09 9:03 ` Daniel Cegiełka
2013-05-09 11:10 ` LM
2013-05-09 14:08 ` Rich Felker
2013-05-09 14:40 ` Daniel Cegiełka
2013-05-09 14:45 ` Rich Felker
2013-05-12 22:42 ` Brad Conroy
2013-05-15 20:17 ` Rich Felker
2013-05-16 16:12 ` Justin Cormack
2013-05-17 1:56 ` Rich Felker
2013-05-17 7:28 ` Justin Cormack
2013-05-09 16:40 ` LM
2013-04-30 18:47 ` Nicolas Braud-Santoni
2013-04-30 19:18 ` Gregor Pintar
2013-05-26 20:09 ` Daniel Cegiełka
2013-05-27 15:53 ` Gregor Pintar
2013-05-28 9:27 ` Daniel Cegiełka
2013-05-28 17:30 ` Gregor Pintar
2013-05-28 13:11 ` LM
2013-05-28 21:38 ` Rob Landley
2013-05-31 11:13 ` LM
2013-05-31 11:36 ` LM
2013-04-25 7:21 ` Hal Clark
2013-04-25 10:58 ` Igmar Palsenberg
2013-04-25 12:28 ` Rich Felker
2013-04-25 11:44 ` LM
2013-04-25 12:51 ` Rich Felker
2013-04-25 15:30 ` Jens Staal
2013-04-25 16:51 ` Zvi Gilboa
2013-04-25 16:57 ` Justin Cormack
2013-04-25 17:53 ` Zvi Gilboa
2013-04-27 5:45 ` Rob Landley
2013-04-27 8:13 ` Luca Barbato
2013-04-27 13:05 ` Zvi Gilboa
2013-04-26 6:11 ` Igmar Palsenberg
2013-04-28 21:34 ` Licensing Rob Landley
2013-04-29 20:47 ` Licensing Rich Felker
2013-04-29 21:10 ` Licensing Jens Gustedt
2013-04-29 22:47 ` Licensing Kurt H Maier
2013-04-29 22:50 ` Licensing Rob Landley
2013-04-30 12:32 ` Licensing LM
2013-04-26 4:19 ` High-priority library replacements? Isaac Dunham
2013-04-26 11:41 ` LM
2013-04-26 12:57 ` Muhammad Sumyandityo Noor
2013-04-26 15:53 ` Rich Felker
2013-04-28 6:53 ` Muhammad Sumyandityo Noor
2013-04-28 17:46 ` Rich Felker
2013-04-26 16:52 ` LM
2013-04-26 4:32 ` nwmcsween
2013-04-29 5:51 Brad Conroy
2013-04-29 16:38 ` John Spencer
2013-04-29 20:14 ` Rob Landley
2013-04-29 20:53 ` Rich Felker
2013-04-30 1:53 ` idunham
2013-04-30 2:21 ` Rich Felker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130426015114.GP20323@brightrain.aerifal.cx \
--to=dalias@aerifal.cx \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).