On 02/06/2011 12:08 AM, Niels Möller wrote:
void gcm_set_key(struct gcm_ctx *ctx, void *cipher, nettle_crypt_func *f);
I don't like the name of the function name. It doesn't reveal anything about its purpose. There is no key to set there. I'd suggest the original gcm_init.
Moreover by not allowing the setting the blocksize as option any extension on that code to work with 64-bit ciphers, will require an abi break, or a new gcm64 mode... (what if 256-bit ciphers are added in the future?)
void gcm_encrypt(struct gcm_ctx *ctx, void *cipher, nettle_crypt_func *f, unsigned length, uint8_t *dst, const uint8_t *src); void gcm_digest(struct gcm_ctx *ctx, void *cipher, nettle_crypt_func *f, unsigned length, uint8_t *digest);
As I already mentioned I prefer having the cipher and f, to context to avoid supplying on individual calls. There is no advantage (that I can see) on having on each function parameters, and it just delegates the storage of those two pointers, to caller's structures instead. It's no big deal but it is inconvenience.
regards, Nikos