Hi, On Mon, January 8, 2018 12:05, Christophe Thomas wrote: > Thx for your feedback,
you're welcome. > Don't worry I won't even imagine using some unknown third party code for > crypto in production code. > > Since yesterday I've continued studying my case and my problem is that I'm > bounded to a specific format: I'm trying to implement some map (S63 > format) > decryption. If it is only decryption (or verification) you may be fine. For encryption you have to know rather more than what is usually documented (there are some hidden traps in implementing this). > This format is using > - blowfish as encryption/decryption method => so no real choice here for > me, but you are right I will use openssl instead of some other code for > this Since this forces you to implement the protocol level yourself, I'd recommend libgcrypt - it is much easier to use than the OpenSSL low level functions. https://www.gnupg.org/software/libgcrypt/index.html > - DSA keys and signature are provided in plain text format (see below), so > my main concerne is to build the key or signature with those data in order > to launch DSA verify command. I'm now thinking of manually building the > data in DER/ASN.1 format but if I can do things directly it would be > better. Don't do DER (or BER, CER, ...) yourself if you can avoid it. It is an endless source of sorrow... With libgcrypt you build an S-expression structure directly from the text values using gcry_sexp_build and use this structure to feed the public key functions. No need to mock about with ASN.1. If this is a commercial project and your company can afford it: I'd recommend to hire a cryptography expert for a few days to either implement the crypto stuff directly or at least to review the code. Konrad _______________________________________________ Interest mailing list Interest@qt-project.org http://lists.qt-project.org/mailman/listinfo/interest