In due course various applications and
libraries will be able to benefit from a clean and robust API, rather than
using libcrypto or other similar APIs directly.
I guess if you really like the libcrypto API you just stick with that.
In due course various applications and libraries will be able to benefit from a clean and robust API, rather than using libcrypto or other similar APIs directly.
I understand the desire for a non-awful API. I’m just wondering why these are the primitives that were chosen, since only having DH key exchanges seems a bit… limited for general use.
Here’s the code if anyone wants to browse: https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libcsi/
I looked at the API, but it seems that this only handles diffie-hellman key exchanges. What problem does this API solve, and where would I use it?
Well, as it says:
I guess if you really like the libcrypto API you just stick with that.
I understand the desire for a non-awful API. I’m just wondering why these are the primitives that were chosen, since only having DH key exchanges seems a bit… limited for general use.
Oh, well, you have to start somewhere, and these operations happen to be useful to ssh.
Are there any docs for the design principles that will be used to guide how the APIs look and function?
Some of the background is that the target consumer is ssh, so I think the initial version of the API will look a lot like what’s convenient for ssh.
That is useful context, thanks.