On 03/22/2010 04:45 AM, Niels Möller wrote:
You may want to look at the (unfinished) openpgp code in Nettle, when I worked on it the first objective was to be able to generate key packets.
sweet, i'll take a look. fwiw, i think that kind of higher-level work belongs in a separate library, so that the crypto primitives are available independently.
so: not a great or urgent reason, but it'd be nice to be able to use nettle as a basis for tools that implement higher-level specs.
I guess it shouldn't be too difficult to implement SHA512 (and -384) if one uses uint64_t and doesn't care too much about performance on 32-bit machines.
i do care about performance on 32-bit machines, but i care about having the functionality available more ;) optimization can come later if we want.
So one has to figure out the corresponding string to use for sha-512 and sha-384 (none is specified in fips180-2.pdf, so one has to look in some other spec).
ah, ok, i didn't realize you were referring to pkcs#1.
The object IDs for the higer-level hashes are specified here:
http://tools.ietf.org/html/rfc3447#page-43
I changed the mailman configuration, but not sure things work. I signed my previous message (and I'm signing this one too), and it got throuh to the list, but the message/signature pair was corrupted somehow when I received it (I use gnupg and the builtin pgp support built in emacs-23.1, Gnus-v5.13).
I'm signing this one too; i'll have a look into the problem if it gets mangled in transit.
--dkg