From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Nala Ginrut Newsgroups: gmane.lisp.guile.devel Subject: Re: About Guile crypto support Date: Mon, 04 Feb 2013 11:12:00 +0800 Organization: HFG Message-ID: <1359947520.2754.27.camel@Renee-desktop.suse> References: <1359896146.2754.19.camel@Renee-desktop.suse> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8bit X-Trace: ger.gmane.org 1359947534 7875 80.91.229.3 (4 Feb 2013 03:12:14 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Mon, 4 Feb 2013 03:12:14 +0000 (UTC) Cc: guile-devel@gnu.org To: Daniel Hartwig Original-X-From: guile-devel-bounces+guile-devel=m.gmane.org@gnu.org Mon Feb 04 04:12:35 2013 Return-path: Envelope-to: guile-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1U2CTw-0003vi-Sm for guile-devel@m.gmane.org; Mon, 04 Feb 2013 04:12:33 +0100 Original-Received: from localhost ([::1]:35209 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1U2CTe-0004nd-2r for guile-devel@m.gmane.org; Sun, 03 Feb 2013 22:12:14 -0500 Original-Received: from eggs.gnu.org ([208.118.235.92]:40470) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1U2CTa-0004nV-3k for guile-devel@gnu.org; Sun, 03 Feb 2013 22:12:11 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1U2CTY-0004Hq-M4 for guile-devel@gnu.org; Sun, 03 Feb 2013 22:12:10 -0500 Original-Received: from mail-da0-f51.google.com ([209.85.210.51]:43017) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1U2CTY-0004HV-Er for guile-devel@gnu.org; Sun, 03 Feb 2013 22:12:08 -0500 Original-Received: by mail-da0-f51.google.com with SMTP id i30so2454114dad.10 for ; Sun, 03 Feb 2013 19:12:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:message-id:subject:from:to:cc:date:in-reply-to :references:organization:content-type:x-mailer:mime-version :content-transfer-encoding; bh=FuwJIutb3v5TUif88hudXelWkCLAowK+8dJ71oNSAWA=; b=OkUHuBqzT6IcFaF9GzyD1NIbbzLwVAFciaPtkDuq9wdLkJlKlNEg8GxMKOjoOjZbGb ayv+A9iIN4Mf4PNvZ8cB33SrLkZ6zRMp5NU9vlX22o71g/RPzb6CD50PBlgL5yH2IqGv 6g/to2caCaB1qkikrqH5fZTsz8N4+xyA4LEKc818DkRMdTacjFgs6OYUocUIJjWxlTnd HI81ALDZXjHBoHiwhF9wbxk3PiPmnk1jSDGIhpiedvlxsqlylcABv/sdQ4XYqfKth+Vi i+gzKeaA8laGzBFkaTC5pbIz+0r3PNUlPWrNpsnJOMhhkuVixa0fXC+oT/PBSdrQItw8 5Z8w== X-Received: by 10.66.87.67 with SMTP id v3mr48078875paz.63.1359947526689; Sun, 03 Feb 2013 19:12:06 -0800 (PST) Original-Received: from [147.2.147.112] ([61.14.130.226]) by mx.google.com with ESMTPS id e6sm17621555paw.16.2013.02.03.19.12.03 (version=SSLv3 cipher=RC4-SHA bits=128/128); Sun, 03 Feb 2013 19:12:04 -0800 (PST) In-Reply-To: X-Mailer: Evolution 3.4.4 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [fuzzy] X-Received-From: 209.85.210.51 X-BeenThere: guile-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Developers list for Guile, the GNU extensibility library" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guile-devel-bounces+guile-devel=m.gmane.org@gnu.org Original-Sender: guile-devel-bounces+guile-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.lisp.guile.devel:15678 Archived-At: On Mon, 2013-02-04 at 09:14 +0800, Daniel Hartwig wrote: > Hello > > On 3 February 2013 20:55, Nala Ginrut wrote: > > As mentioned in another thread about digest algorithm support in Guile, > > my plan is use part of implementation of libgcrypt and make a wrapper, > > then put into libguile. > > But now I found weinholt's Scheme industria lib, which contains all > > mainstream crypto(not only digest) algorithm. > > http://weinholt.se/industria/manual/crypto.html#crypto > > As mentioned on that page, there are some issues that apply to any > pure Scheme implementation: > If it's worthy, I can do some modification. > > Beware that if you're using some of these libraries for sensitive > > data, let's say passwords, then there is probably no way to make > > sure a password is ever gone from memory. There is no guarantee that > > the passwords will not be swapped out to disk or transmitted by > > radio. > > Libgcrypt provides a means to specify that some data should be stored > in secured memory, which will never be swapped to disk. Doing > something similar in Guile may be problematic, at least with a > Scheme-only implementation. > > > So what's your opinion, guys? > > Would you prefer C implementation or Scheme way? > > As gcrypt is mature, reimplementing it in either C or Scheme just for > Guile does not seem useful — on it's own. An FFI wrapper or extension > benefits from upstream security and maintenance efforts. > > > If you have a particular interest in learning about crypto. algorithms, > by all means port or write your own implementation using whichever > language. If you want it to have a Scheme interface, then Scheme > seems a logical choice to use. > Well, no ;-) > If your goal is only to provide crypto. support to Guile programs, > then time is better spent providing a wrapper to the existing library. > Concerns about adding an external dependency do not hold much weight > next to the advantages of directly using the library; “don't repeat > yourself”, and all that. > That's my aim, nowadays a language should provide md5/sha1 at least since they are very common. > Perhaps you are aware that there an extension for gcrypt under > development, with modules for the hash and randomize functions: > . > I have a similar project too: https://gitorious.org/nacre/libgcrypt-guile Write a lib-wrapper is another story, guys who needs more specific feature(efficiency/security) could use these packages from guildhall. But my opinion is to provide the common digest API in ice-9, many guys asked such a questions, and I suggested them use my libgcrypt-guile, but I can't answer why Guile doesn't has these common API. So I decide to add them. What do you think? > > Regards >