"Nelson Bolyard" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Ivan Vecerina wrote: > > It seems like a digital signature system such as DSA is what I need. > > But I really do not need any of the fluff (encodings of the signature, > > certificate management, etc). > > The raw crypto algorithms in NSS are in lib/freebl. Look at blapi.h > for the function prototypes. > > NSS is designed to benefit the application of encryption in standard > protocols, not at the raw use of crypto in home made protocols.
The system I work on is not intended to support any network protocol or key exchange, just the serial upload of a (signed) data file. > Getting crypto protocols right is very difficult. Lots of "obvious" > and "simple" approaches are vulnerable to attacks. That is why NSS > encourages the use of vetted crypto protocols and does not encourage > roll-your-own crypto protocols. Got the point - I could never be aware and careful enough about it. This said, it is not a high-security or life-supporting device I'm working on (just investigating so far...). Thank you for the helpful reference. Kind regards, Ivan -- http://ivan.vecerina.com/contact/?subject=NG_POST <- e-mail contact form _______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
