Daniel Kahn Gillmor <[email protected]> writes:
> I'm building Perl bindings for libnettle. I hope to claim the
> Crypt::Nettle namespace.
Nice!
I'm not very familiar with perl, but I have had a quick look at the
documentation.
> You can read the docs with:
>
> pod2text lib/Crypt/Nettle.pm
A typo:
: In the future, it should support asymmetric encrpytion and pseudo-random
^^
: number generation.
: COPYRIGHT AND LICENSE
: Copyright (c) Daniel Kahn Gillmor Crypt::Nettle is free software, you
: may redistribute it and/or modify it under the same terms as Perl
: itself.
The GPL/LGPL license of the nettle library itself may apply to perl
programs using these bindings. I don't know if it's customary to
document this in a bit more detail?
> pod2text lib/Crypt/Nettle/Hash.pm
: hmac_data($algo, $data)
How do you provide the key?
I'm not sure it's the right design to mix hash functions and macs (and
how will you deal with macs that are not based on the hmac construction)?
> pod2text lib/Crypt/Nettle/Cipher.pm
Typo:
: ABSTRACT
: Crypt::Nettle::Cipher provides an object interface to symmetric
: encrpytion and decryption from the nettle C library. Each
^^
: new($is_encrypt, $algo, $key, $mode, $iv)
You include arctwo algorithms twice in the algorithm list. Maybe you
should exclude serpent until the recently discovered interoperability
problems are sorted out?
How do you deal with algorithms with a large number of possible key
sizes? Maybe it would be better to view, e.g., aes and arcfour as just
two algorithm, and let the size of the given key imply the keysize?
The $is_encrypt flag to new seems a bit awkward. Maybe it would be
easier with
my $ctx = new ($algo, $mode) /* Possibly with $mode defaulting to
ecb?, and not allowed at all for stream
ciphers. */
$ctx->set_encrypt_key($key, $iv) /* $iv optional and required when applicable
*/
$ctx->set_decrypt_key($key, $iv)
: process($data)
I think the requirement that the length is a multiple of the block size
needs to be relaxed a bit. For CTR mode, one should allow a partial
block for the last call. And *maybe* for all calls (with an internal block
buffer to let CTR work like a stream cipher), even if that's not how
nettle's ctr mode support works.
Maybe you should think about how to add gcm support. Which is a bit more
complicated, with both per-key state and per-message state, and
additional inputs and outputs.
How do you query if a cipher is a block or a stream cipher?
block_size() returning 0?
Happy hacking,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
_______________________________________________
nettle-bugs mailing list
[email protected]
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
