1. 11
  1.  

  2. 3

    Here’s the code if anyone wants to browse: https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libcsi/

    1. 1

      I looked at the API, but it seems that this only handles diffie-hellman key exchanges. What problem does this API solve, and where would I use it?

      1. 1

        Well, as it says:

        In due course various applications and libraries will be able to benefit from a clean and robust API, rather than using libcrypto or other similar APIs directly.

        I guess if you really like the libcrypto API you just stick with that.

        1. 1

          In due course various applications and libraries will be able to benefit from a clean and robust API, rather than using libcrypto or other similar APIs directly.

          I understand the desire for a non-awful API. I’m just wondering why these are the primitives that were chosen, since only having DH key exchanges seems a bit… limited for general use.

          1. 1

            Oh, well, you have to start somewhere, and these operations happen to be useful to ssh.

      2. 1

        Are there any docs for the design principles that will be used to guide how the APIs look and function?

        1. 1

          Some of the background is that the target consumer is ssh, so I think the initial version of the API will look a lot like what’s convenient for ssh.

          1. 1

            That is useful context, thanks.