Beefy Boxes and Bandwidth Generously Provided by pair Networks
Syntactic Confectionery Delight
 
PerlMonks  

What you want in a crypto API.

by rpc (Monk)
on Jan 13, 2001 at 05:50 UTC ( [id://51539]=perlmeditation: print w/replies, xml ) Need Help??

I've just finished the core code for my Crypt::RC6 extension. The API is still in puberty. Before I mature it anymore, I'd be interested in hearing what monks look for in a crypto API.

Right now what I have in mind is:
- The ability to throw large amounts of data at an (?:en|de)cryption method and not have to worry about the size of the blocks.
- Transparent handling of various data types. Methods should be able to handle scalars, arrays, hashes at _least_.
- Automatic secure hashing of user supplied keys. This would eliminate the need to pre-hash passphrases, etc.
- Multiple encryption modes. ECB is implemented, CBC will follow soon.

Any suggestions would be greatly appreciated.
Thanks!

Replies are listed 'Best First'.
Re (tilly) 1: What you want in a crypto API.
by tilly (Archbishop) on Jan 13, 2001 at 06:05 UTC
    KISS.

    Encrypt/decrypt strings. That is it. People can use Data::Dumper or Storable if they want to dump data structures. Allow it to handle a list in and out. If a list of strings are passed in in array context, send back a list of (en|de)crypted strings. If the output context is scalar, do a join on the data coming in. No need for more complexity, we already have interfaces for dealing with that. Text is the common denominator of both Unix and Perl. Perl is good at making things look like text.

    Not worrying about the size of blocks is good. Hashing of user supplied keys is good.

    Oh, and supply another pair of functions which take handles in and out. For encrypting a lot of data there is no need to have it all in memory at once.

[reply]
Re: What you want in a crypto API.
by saucepan (Scribe) on Jan 16, 2001 at 04:02 UTC
    Just a quick suggestion, and apologies if this was already obvious:

    If you do go ahead with the key auto-hashing, providing a method to bypass it and set the raw key will help keep people from tearing their hair out when writing code that must interoperate with existing data, or other languages.

[reply]

Back to Meditations

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: perlmeditation [id://51539]
Approved by root
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others cooling their heels in the Monastery: (4)
As of 2024-04-25 15:30 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found