Re: [NSE][PATCH] OpenSSL bindings for NSE

[David Fifield <david () bamsoftware com>]

On Mon, Sep 22, 2008 at 07:44:49AM -0500, Ron wrote:
> Sven Klemm wrote:
> > Hi everyone,
> >
> > here is the latest OpenSSL bindings patch for nmap including support for
> > multiprecision integer arithmetics, message digests, hmac, symmetric
> > encryption, symmetric decryption.
> > Documentation for the new functions is also included.
> >
> > Cheers,
> > Sven
>
> This code will definitely be useful to me, but any idea when it'll make
> its way into the trunk?

Hi Ron. I am leaning towards merging this to the trunk when a few
remaining issues have been resolved. An important issue to me is the
module's API. Currently (correct me if I'm wrong), there's only one
script using the openssl module, SSH-hostkey.nse, and it only uses the
bignum functions. I want to have more assurance that all parts of the
module are useful to script programmers, and are easy to use.

You sound like you have definite ideas for using the new hash and crypto
functions? I wonder, would you mind implementing some of them using a
checkout of the nse_openssl branch? Maybe one or two small functions you
have in mind. Then write back to the list with any suggestions you may
have for changing the API.

Once we merge the library we're making a pretty firm commitment to the
API. I want it to have been tested against some real script development.
It's especially important because I think Sven's module will be useful
for a lot of scripts.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org