Home
|
FAQ
|
Feedback
|
Licence
|
Updates
|
Mirrors
|
Keys
|
Links
|
Team
Download:
Stable
·
Snapshot
|
Docs
|
Changes
|
Wishlist
We did once have some sort of optional support for the Microsoft Crypto API, but it rotted, and didn't support all the algorithms we needed (eg Blowfish), so was eventually removed.
Quoth Simon:
My other concern about CryptoAPI is the whole idea of handing a MS-controlled function a pointer and saying `here, take a look at my plaintext'. Not that I think MS is likely to be bugging that function (as it were) at the moment, but there's no point in making it easy for someone to install a modified DLL and trojan all cryptography done in the system.
On the other hand, it might be good to be able to make use of the thermal noise-based random number generators now appearing in some commodity chipsets such as the Intel 810 FWH. These might be exposed through the Crypto API.
May also be relevant to `smartcard-auth'.
Any support would have to be optional (controlled by configuration option? Test for presence of API?). Probably an application for the MDPI.