Page Menu
Home
GnuPG
Search
Configure Global Search
Log In
Files
F18826521
TODO
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Size
2 KB
Subscribers
None
TODO
View Options
What's left to do -*- outline -*-
* Updated the FSF's directory.
* Add more tests.
* udiv-qrnbd.o should get build as *.lo [HPUX]
* Allow operation using RSA keys consisting of the OpenSSL list of
parameters and allow for a third form where the private Exponent
is not given (saves space).
* Add a warning to the manual, to check that libgcrypt actually has
been compiled with thread support when used by a threaded
application.
* write an autoconf test to check whether the linker supports a
version script.
* Make use of the forthcoming visibility attribute.
* Add attributes to the MPI functions.
* Write tests for the progress function
* In case the ac interface will be more popular than the pk interface,
the asymmetric ciphers could be changed for convenient interaction
with the ac interface (i.e. by using ac's `data sets') and the pk
interface could be changed to be a wrapper for the ac interface.
* cipher/pubkey.c and pubkey implementaions.
Don't rely on the secure memory based wiping function but add an
extra wiping.
* update/improve documentation
- it's outdated for e.g. gcry_pk_algo_info.
- document algorithm capabilities
* Use builtin bit functions of gcc 3.4
* Consider using a daemon to maintain he random pool
The down side of this is that we can't assume that the random das
has always been stored in "secure memory". And we rely on that
sniffing of Unix domain sockets is not possible. We can implement
this simply by detecting a special prefixed random seed name and
divert in this case to the daemon. There are several benefits with
such an approach: We keep the state of the RNG over invocations of
libgcrypt based applications, don't need time consuming
initialization of the pool and in case the entropy collectros need
to run that bunch of Unix utilities we don't waste their precious
results.
* Out of memory handler for secure memory should do proper logging
There is no shortage of standard memory, so logging is most likely
possible.
* signed vs. unsigned.
Sync the code with 1.2 where we have fixed all these issues.
* mpi_print does not use secure memory
for internal variables.
* gry_mpi_lshift is missing
* Add OAEP
* Next API break:
** gcry_ac_io_t
Remove use of anonymous union.
* ac.c
There are still some things fishy. The fixes I did todat
(2006-10-23) seem to cure just a symptom. Needs a complete review.
* gcryptrnd.c
Requires test for pth and other stuff.
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Mon, Dec 23, 5:23 PM (2 h, 33 m)
Storage Engine
local-disk
Storage Format
Raw Data
Storage Handle
b6/d0/ea767e34b536ece96e0b1a812788
Attached To
rC libgcrypt
Event Timeline
Log In to Comment