Hey Guys
145 views
Skip to first unread message
Tom St Denis
Jul 26, 2010, 12:30:26 PM7/26/10
to LibTom Projects
Just dropping in to say I joined the list. I've pointed libtom.org at
their website (yes, it's really up, and yes they're hosting it :-)).
I can add sub-domains for mirrors/etc as you guys request them.
As for my involvement in the projects as I've sent to them I'm not
actively involved at all. My work kinda prevents me from working on
LTC, but I can contribute to LTM/TFM freely. Mostly I'm just lurking
for the moment.
I submitted a list of projects for them on the LTC front [ideas of
things to work on]. Notably
1. BER decoding support for various STRING ASN.1 types (bit/octet/
printable/ia5)
2. Flexi Encoder for ASN.1
3. OID table for all sorts of X.509 fields (key types, extensions,
etc...)
4. There is a bug in the ecc_sign_hash/verify_hash for when the
hashlen > curvelen. It's not insecure it's just not standards
compliant. Instead of of reducing the hash modulo the order you
should right shift it until the bit lengths are equal (this fix will
make it CAVP compliant).
5. I have no idea what state the binary ECC is in [I did a clean port
from scratch for my work] but it might be nice to have to have
symmetry.
From this you can start on
1. X.509 parser for Flexi list
2. X.509 creator [flexilist -> ASN.1 DER]
3. PKCS #8 library (encode/decode, encrypt/decrypt, I'd build those
in layers, e.g. pkcs8_encrypt_key calls pkcs8_export then does the
crypto on it).
From this
1-oo. All sorts of X.509 routines [cert sign, hash, retrieve/set
values, import/export key, etc].
From that ...
1. TLS support
2. PKCS #7 support
...
Those sorts of projects are what I do for a living now, so my reason
for not contributing to LTC is mostly about IP but also because I'd
rather study piano in my spare time then re-write what I was working
on at the office :-)
Tom
their website (yes, it's really up, and yes they're hosting it :-)).
I can add sub-domains for mirrors/etc as you guys request them.
As for my involvement in the projects as I've sent to them I'm not
actively involved at all. My work kinda prevents me from working on
LTC, but I can contribute to LTM/TFM freely. Mostly I'm just lurking
for the moment.
I submitted a list of projects for them on the LTC front [ideas of
things to work on]. Notably
1. BER decoding support for various STRING ASN.1 types (bit/octet/
printable/ia5)
2. Flexi Encoder for ASN.1
3. OID table for all sorts of X.509 fields (key types, extensions,
etc...)
4. There is a bug in the ecc_sign_hash/verify_hash for when the
hashlen > curvelen. It's not insecure it's just not standards
compliant. Instead of of reducing the hash modulo the order you
should right shift it until the bit lengths are equal (this fix will
make it CAVP compliant).
5. I have no idea what state the binary ECC is in [I did a clean port
from scratch for my work] but it might be nice to have to have
symmetry.
From this you can start on
1. X.509 parser for Flexi list
2. X.509 creator [flexilist -> ASN.1 DER]
3. PKCS #8 library (encode/decode, encrypt/decrypt, I'd build those
in layers, e.g. pkcs8_encrypt_key calls pkcs8_export then does the
crypto on it).
From this
1-oo. All sorts of X.509 routines [cert sign, hash, retrieve/set
values, import/export key, etc].
From that ...
1. TLS support
2. PKCS #7 support
...
Those sorts of projects are what I do for a living now, so my reason
for not contributing to LTC is mostly about IP but also because I'd
rather study piano in my spare time then re-write what I was working
on at the office :-)
Tom
Keith Willis
Jul 26, 2010, 4:47:32 PM7/26/10
to lib...@googlegroups.com
Tom, it's good to know that you're still around. Good libraries, and
good people involved, generally.
Take care dude.
Alejandro Mery
Aug 11, 2010, 4:42:08 AM8/11/10
to LibTom Projects
Welcome back! we really missed you all this time :D
bb gardin
Sep 2, 2014, 10:57:03 AM9/2/14
to lib...@googlegroups.com, t...@iahu.ca
Hi Tom,
Great lib, this libtomcrypt. I'm presently trying to implement X509 utility methods on top of ASN1 method and currently trying to use der_decode_sequence_flexi() without success for X509v3 (built from openssl). From the list of next actions you listed, shall i understand that der_decode_sequence_flexi() of libtomcrypt (1.17) is not yet suitable to decode X509 V3 certificate ?
Thanks you very much for any feedback you may provide
Reply all
Reply to author
Forward
0 new messages