> ulf> > des_read_pw_string ../libcrypto.a(evp_key.o)
> ulf>
> ulf> Is there any reason why that function is defined in the DES directory
> ulf> at all? Couldn't the implementation be moved into evp/evp_key.c?
>
> I assume it has to do with the EAY's thoughts about it all (taken from
> doc/ssleay.txt, section why.doc):
EAY's first work was implementing a DES library compatible with MIT's
Kerberos 4 Bones (no-crypto) implementation. For this to work it
required a compatible function set. Hence, the des_read_pw_string()
function. This entry point is required if you want to maintain
compatibility between the crypto library and other packages that
rely on that API.
> That together with the fact (or at least, I think that's how things
> are) that DES was among the first crypto things EAY wrote makes it
> logical.
>
> Other than that, you're right, it should be moved somewhere else. Not
> into EVP though, since that would more or less implicitely mean you
> include another bag of stuff you don't want (assuming someone wants to
> pull out parts of the library, like EAY used to do :-)). I'd rather
> put it in it's own directory, called "passwd" for example...
I would create a parallel function set for password management but
leave the old DES stuff alone. There is an awful lot of code out
there that uses this library.
Jeffrey Altman * Sr.Software Designer * Kermit-95 for Win32 and OS/2
The Kermit Project * Columbia University
612 West 115th St #716 * New York, NY * 10025
http://www.kermit-project.org/k95.html * [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
