Ivan Vecerina wrote:
Hello,
In some application, I would like to be able to authenticate the
origin of a data file (such as a new program to flash on an EPROM),
to make sure it is a properly tested/validated version.
It seems like a digital signature system such as DSA is what I need.
But I really do not need any of the fluff (encodings of the signature,
certificate management, etc).
The raw crypto algorithms in NSS are in lib/freebl. Look at blapi.h
for the function prototypes.
NSS is designed to benefit the application of encryption in standard
protocols, not at the raw use of crypto in home made protocols.
Getting crypto protocols right is very difficult. Lots of "obvious"
and "simple" approaches are vulnerable to attacks. That is why NSS
encourages the use of vetted crypto protocols and does not encourage
roll-your-own crypto protocols.
_______________________________________________
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
