On December 19, 2008 01:50:46 pm Rustam Rakhimov wrote: > Excuse me > I mean another thing. > For example in Linux you are using OpenOffice, and you want sign(Digital > Sign) some document created in OpenOffice, when you signing OpenOffice use > some algorithm (may be RSA or DSA), so where it take these algorithms, if > it takes from OS, I mean may be from kernel, than I can create my own > algorithm and adjust it to kernel. After that every Utilities which of use > these algorithms can use my algorithm. > > Are you catch it ? > Ok - if you are asking if there is a generic "crypto" layer in Linux - the answer is no. Today, there is a mix of applications that use their own crypto (eg: parts of KDE, Java, others), applications that use OpenSSL (Apache, Postfix, OpenLDAP, etc.), application that use GNUTLS, applications that use NSS - Netscape Security Services (Evolution, OpenOffice (I think), Mozilla), GPGSM (other parts of KDE), and the Kernel (several of the IPSec implementations).
So, depending on what you want to do, there are a plethora of places that you would have to add your own algorithm if you were so inclined. There are a couple of projects that have as goals to "centralize" some of this functionality (for instance, we've written Pathfinder, which is equally usable for RFC5280 PDVal by applications using NSS and OpenSSL with goals to add Java support), but in general, if you are adding primitives, then you've got A LOT of places to go and add that support to). Have fun. -- Patrick Patterson President and Chief PKI Architect, Carillon Information Security Inc. http://www.carillon.ca ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
