Daniel Kahn Gillmor dkg@fifthhorseman.net writes:
I'm building Perl bindings for libnettle. I hope to claim the Crypt::Nettle namespace.
Nice!
I'm not very familiar with perl, but I have had a quick look at the documentation.
You can read the docs with:
pod2text lib/Crypt/Nettle.pm
A typo:
: In the future, it should support asymmetric encrpytion and pseudo-random ^^ : number generation.
: COPYRIGHT AND LICENSE : Copyright (c) Daniel Kahn Gillmor Crypt::Nettle is free software, you : may redistribute it and/or modify it under the same terms as Perl : itself.
The GPL/LGPL license of the nettle library itself may apply to perl programs using these bindings. I don't know if it's customary to document this in a bit more detail?
pod2text lib/Crypt/Nettle/Hash.pm
: hmac_data($algo, $data)
How do you provide the key?
I'm not sure it's the right design to mix hash functions and macs (and how will you deal with macs that are not based on the hmac construction)?
pod2text lib/Crypt/Nettle/Cipher.pm
Typo:
: ABSTRACT : Crypt::Nettle::Cipher provides an object interface to symmetric : encrpytion and decryption from the nettle C library. Each ^^
: new($is_encrypt, $algo, $key, $mode, $iv)
You include arctwo algorithms twice in the algorithm list. Maybe you should exclude serpent until the recently discovered interoperability problems are sorted out?
How do you deal with algorithms with a large number of possible key sizes? Maybe it would be better to view, e.g., aes and arcfour as just two algorithm, and let the size of the given key imply the keysize?
The $is_encrypt flag to new seems a bit awkward. Maybe it would be easier with
my $ctx = new ($algo, $mode) /* Possibly with $mode defaulting to ecb?, and not allowed at all for stream ciphers. */
$ctx->set_encrypt_key($key, $iv) /* $iv optional and required when applicable */ $ctx->set_decrypt_key($key, $iv)
: process($data)
I think the requirement that the length is a multiple of the block size needs to be relaxed a bit. For CTR mode, one should allow a partial block for the last call. And *maybe* for all calls (with an internal block buffer to let CTR work like a stream cipher), even if that's not how nettle's ctr mode support works.
Maybe you should think about how to add gcm support. Which is a bit more complicated, with both per-key state and per-message state, and additional inputs and outputs.
How do you query if a cipher is a block or a stream cipher? block_size() returning 0?
Happy hacking, /Niels