From: Vladimir 'phcoder' Serbinenko <phcoder@gmail.com>
To: The development of GNU GRUB <grub-devel@gnu.org>
Subject: Re: [PATCH] Cryptography
Date: Mon, 16 Nov 2009 21:20:00 +0100 [thread overview]
Message-ID: <4B01B3F0.2010001@gmail.com> (raw)
In-Reply-To: <20091116195906.GB31886@thorin>
[-- Attachment #1: Type: text/plain, Size: 1946 bytes --]
Robert Millan wrote:
> On Mon, Nov 16, 2009 at 08:38:54PM +0100, Vladimir 'phcoder' Serbinenko wrote:
>
>> Robert Millan wrote:
>>
>>> On Mon, Nov 16, 2009 at 03:56:26PM +0100, Vladimir 'phcoder' Serbinenko wrote:
>>>
>>>
>>>> 2) Adaptation to the lack of gnulib abstraction layer on top of gcrypt
>>>>
>>>>
>>> It seems that the usual way of importing gc-pbkdf2-sha1.c is by linking it
>>> with gc-gnulib.c or gc-libgcrypt.c. Is this option problematic?
>>>
>>>
>>>
>> libgcrypt is done like this:
>>
>> libgcrypt API ----> Common cryptographic algorithms layer (for some
>> algorithms it's quite a passthrough) ---> ciphers
>>
>> Although we use ciphers from libgcrypt, our middle layer is much simpler
>> and lacks per-cipher integer IDs. Because of it using gc-libgcrypt.c
>> would require an additional level of wrapping and it's much easier to
>> just modify few lines in PBKDF2
>>
>
> Ok. Then in principle we wouldn't contemplate resyncing this file, right?
>
>
Unless there will be a cryptographic or legal issue, no. PBKDF2 is a
static standard
> What version of libgcrypt should be imported?
>
>
I used 1.4.4. Latest ChangeLog entry in cipher/ directory is:
2009-01-22 Werner Koch <wk@g10code.com>
* ecc.c (compute_keygrip): Remove superfluous const.
Latest SVN has latest ChangeLog entry:
2009-08-21 Werner Koch <wk@g10code.com>
* dsa.c (dsa_generate_ext): Release retfactors array before
setting it to NULL. Reported by Daiko Ueno.
and ChangeLog doesn't mention anything that would result in a different
import, except of the currently unused public-key cryptography files
(and which will require adaptations in import_gcry.py to be handled) and
unused files md.c/cipher.c included in import for reference.
So I recommend importing 1.4.4
--
Regards
Vladimir 'phcoder' Serbinenko
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 293 bytes --]
next prev parent reply other threads:[~2009-11-16 20:20 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-11-16 13:48 [PATCH] Cryptography Vladimir 'phcoder' Serbinenko
2009-11-16 14:35 ` Robert Millan
2009-11-16 14:56 ` Vladimir 'phcoder' Serbinenko
2009-11-16 18:26 ` Robert Millan
2009-11-16 19:38 ` Vladimir 'phcoder' Serbinenko
2009-11-16 19:59 ` Robert Millan
2009-11-16 20:20 ` Vladimir 'phcoder' Serbinenko [this message]
2009-11-16 21:16 ` Import of libgcrypt 1.4.4 ciphers (was: Re: [PATCH] Cryptography) Robert Millan
2009-11-16 14:42 ` [PATCH] Cryptography Felix Zielcke
2009-11-16 14:58 ` Vladimir 'phcoder' Serbinenko
2009-11-17 12:21 ` Robert Millan
2009-11-17 12:56 ` Robert Millan
2009-12-05 15:44 ` Vladimir 'φ-coder/phcoder' Serbinenko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4B01B3F0.2010001@gmail.com \
--to=phcoder@gmail.com \
--cc=grub-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.