HMAC with crypto.a ??

Thu, 13 Apr 2000 13:46:06 -0700 

Hi all,

I am interested in adding some encryption into a legacy app.  I was looking
at two different packages.
One, which I'm guessing some of you might be experienced with is CryptoPP by
Wei Dai.  The other is OpenSSL.  It looks like their is a large amount of
redundancy with the two libraries as far as crypto algorithms are concerned.
CryptoPP doesn't have SSL (which I *MUST* have), but it does have alot more
cryptographic algorithms.  Specifically I must use HMAC<MD5>, triple DES,
and SSL.

The Crypto library has HMAC, which in conjuction with a very impressive oo
design I can template that to any of the other crypto algorithms, ie: access
to HMAC<MD5>.  It does not however have any SSL support.

Since I must have SSL support, I started playing with OpenSSL and I then
realized that the crypto lib that comes with OpenSSL has a lot of these same
algorithms I can use directly.  It seems like a waste to include both
libraries as so muc of them are redundant, however I noticed from the
documentation on the OpenSSL site that HMAC and MD5 are supported but on the
HMAC page it states you can only use HMAC with SHA or ripemd160.  (See
http://www.openssl.org/docs/crypto/hmac.html# ).

My questions are:

a)  Is this documentation correct?  It seems to be a work in progress...
b)  If so, can I point evp_md to a MD5 hash function, and will it work, or
is there special reasons why it can only point to one of those two hash
functions.
c)  If a/b are both not in my favor, is their any probability of this being
added?
d)  Ive been programming for a while, so Im not afraid of writing my code,
but I am brand spankin' new to the world of cryptography, and I'm trying to
figure this out for myself.... Is there any reason why MD5 is not included
that makes this impossible, ie: If I wanted to add this functionality
myself, are their any gotcha's??

Im basically trying to save myself of using both libraries as it would
duplicate so much code.

Ive found this library and assorted web sites documenting it an extremely
helpful learning tool, props to the whole organization!,
   brian

Brian Snyder.vcf

Reply via email to