On 02/11/2017 09:44 PM, Peter Wu wrote:
On Sat, Feb 11, 2017 at 08:54:39PM +0000, Jo�o Valverde wrote:
[..]
I think a small abstraction layer above the lower-level crypto routines,
whatever those may be (libgcrypt, nettle, home-grown - yuck), would be a
useful thing to have. It would accomplish two things:
1. Easily change dependencies without having to change dissector code.
2. Disable crypto in a saner way and keep the dependency optional, without
having to use #ifdefs all over the place (just one place in fact). Example:
int ws_aes_decrypt(...) {
#ifdef HAVE_AES_DEPENDENCY
err = aes_decrypt(...);
if (err == AES_OK) {
return WS_CRYPTO_OK;
} else {
...
}
#else
return WS_CRYPTO_DISABLED;
#endif
}
Then of course require crypto consumers (dissectors and whatever else) to
handle the WS_CRYPTO_DISABLED case as appropriate.
Disabling is an option if you want to make the crypto library optional,
but the vast majority of the files/functions are hash functions (md5 is
used for example in editcap.c for duplicate detection). Since you need a
crypto library for the hash functions, you get decryption algorithms
like AES for free. (Unless you want to keep the bundled algorithms... I
would rather not).
OK, I'm swayed by those arguments. I was already fine with making it
mandatory anyway.