From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/3243 Path: news.gmane.org!not-for-mail From: Gregor Pintar Newsgroups: gmane.linux.lib.musl.general Subject: Re: High-priority library replacements? Date: Mon, 29 Apr 2013 19:35:03 +0200 Message-ID: References: <20130425041553.GA13951@brightrain.aerifal.cx> <20130426005545.GA7923@Caracal> <20130429101620.GG12689@port70.net> Reply-To: musl@lists.openwall.com NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 X-Trace: ger.gmane.org 1367256916 18764 80.91.229.3 (29 Apr 2013 17:35:16 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Mon, 29 Apr 2013 17:35:16 +0000 (UTC) To: musl@lists.openwall.com Original-X-From: musl-return-3247-gllmg-musl=m.gmane.org@lists.openwall.com Mon Apr 29 19:35:16 2013 Return-path: Envelope-to: gllmg-musl@plane.gmane.org Original-Received: from mother.openwall.net ([195.42.179.200]) by plane.gmane.org with smtp (Exim 4.69) (envelope-from ) id 1UWryt-0006Eg-KJ for gllmg-musl@plane.gmane.org; Mon, 29 Apr 2013 19:35:15 +0200 Original-Received: (qmail 31814 invoked by uid 550); 29 Apr 2013 17:35:15 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: Original-Received: (qmail 31805 invoked from network); 29 Apr 2013 17:35:14 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:content-type; bh=EOX+QyTwYxf2MIUzQP54jEZBpIWvdCMaJ2ig1AHS0TU=; b=K/fe50R/wd0+jzFBBhCpW3H8CrbZvINlu/1SCkk9us/2AGriMv7QmrqMP4mTaLxw2O fY0qhJmM9so4D7eQ6WJov1om/ih6BPS4q+5W/xMWJH89iaNhd8G0UIeMoQWndmQaUh8A mDnsAp+Y+d+9hizBi9D87TVcplEHDnoCNoLkZ3r4j7cGLEqkSgZLdVTHoHIjxJXrGsh2 jxVpIj0zKyt5xdKSMQZEXaDBVxSinJko5H0kCYf7RldLH+fA1ZSr6KAYx2FewVWdUDEK 6kLeV9TZhofO3SgT1uM+23hHvDXGkSRuIrVO3/Jy/ILAjP5bn9ckubk9U4tDViwzXOFR V/xw== X-Received: by 10.194.133.198 with SMTP id pe6mr98351825wjb.9.1367256903608; Mon, 29 Apr 2013 10:35:03 -0700 (PDT) In-Reply-To: <20130429101620.GG12689@port70.net> Xref: news.gmane.org gmane.linux.lib.musl.general:3243 Archived-At: 2013/4/29, Szabolcs Nagy : > * Gregor Pintar [2013-04-26 10:11:32 +0200]: >> tomcrypt is good, but it has some global states (ltc_cipher_descriptor, >> ...) >> and I want even more flexible library (variable rounds, no global state). >> I would like API that allows replacing ciphers very easy. >> For example: allways use kripto_stream_encrypt(), >> if you use any block cipher in any mode or stream cipher directly. >> Also my hash API supports variable length output (great for sponge >> constructions). >> > > i'm not sure about the flexibility part > > it is good when you want to have the same api > for a wide range of algorithms and you want > to be able to fiddle with their internal settings > > but in my opinion this adds many failure modes > which is bad > > i never liked that in tomcrypt, openssl etc trivial > functions have error code return values which > should never fail > > (eg hash_update(ctx, buf, len) should never fail > even if there is a counter in ctx that can overflow > every 2^64th bit of input, documenting the behaviour > for longer inputs is better, it would be even better > if the apropriate standards were more careful about > failures) Devs that ignore return values would probably ignore documentation too. > the way it is done in most crypt apis make most of the > code that use them broken: > they don't check the return value so if the function > may fail the code is broken, or they check but never > test the failure path so the code is broken for a > different reason Encrypting more than 2^(block size) / 2 of blocks is broken too.