Simon Josefsson <[email protected]> writes:
> /* FIXME: Should use const for the cipher context. Then needs const for
> nettle_crypt_func, which also rules out using that abstraction for
> arcfour. */
>
> However GCM (like CCM) is only specified for block ciphers, and further,
> only for 128-bit block ciphers. Thus I wonder if avoiding use of const
> just to let the abstraction support a stream cipher is wise?
This nettle_Crypt_func is not gcm-specific. It is used primarily for the
nettle_cipher class in nettle-meta.h:
struct nettle_cipher
{
const char *name;
unsigned context_size;
/* Zero for stream ciphers */
unsigned block_size;
/* Suggested key size; other sizes are sometimes possible. */
unsigned key_size;
nettle_set_key_func *set_encrypt_key;
nettle_set_key_func *set_decrypt_key;
nettle_crypt_func *encrypt;
nettle_crypt_func *decrypt;
};
This currently is used to represent both block and stream ciphers,
[...]
extern const struct nettle_cipher nettle_aes256;
extern const struct nettle_cipher nettle_arcfour128;
extern const struct nettle_cipher nettle_camellia128;
[...]
Currently, arcfour is the only supported stream cipher (they seem to be
out of fashion, are thare any other stream ciphers in use? A5 maybe?)
So the question is, should we decide that nettle_cipher is för block
ciphers only (where the encrypt and decrypt functions don't change any
state )? Fitting arcfour and block ciphers into the same
abstraction doesn't make much sense anyway, since they should be used
very differently. Then we can make the context argument const for
nettle_crypt_func, but we'd also have to delete
extern const struct nettle_cipher nettle_arcfour128;
or replace it with something else, which is an incompatible interface
change. As long as it's the only supported stream cipher, it doesn't
make much sense to me create a new general stream cipher construction.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
_______________________________________________
nettle-bugs mailing list
[email protected]
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
