[gnutls-dev] Symmetric cipher API
Nikos Mavrogiannopoulos
nmav at gnutls.org
Mon Nov 19 07:38:17 CET 2007
On Sunday 18 November 2007, Sam Varshavchik wrote:
> Recently I converted some code that uses OpenSSL's EVP_CIPHER symmetric
> cipher API. I wrote a wrapper that mapped the following functions to their
> gcrypt equivalents: EVP_CIPHER_CTX_init(), EVP_CIPHER_CTX_cleanup(),
> EVP_(Encrypt|Decrypt)Init_ex(), EVP_(Encrypt|Decrypt)Update(), and
> EVP_(Encrypt|Decrypt)Final_ex().
We could always commit something like this to the openssl compatibility
interface. However I don't understand its use. Why did you need such wrapper?
> If you are interested, I'll be happy to contribute this code. I also
> thought that it's better to make this a native libgcrypt API. This should
> be only a matter of renaming the function names and arguments to follow
> libgcrypt's naming conventions, and all the EVP function become now just
> some lightweight wrappers (or probably even macros).
Why do you think that it's better to have it as native libgcrypt API? What are
the advantages of using this api comparing to libgcrypt's? As far as I
understand the differences the libgcrypt's functions are safer, since you
don't directly access structures, and the internals can be changed without
breaking binary compatibility.
regards,
Nikos
More information about the Gnutls-devel
mailing list