- o The perl/ stuff needs a major overhaul. Currently it's
- totally obsolete. Either we clean it up and enhance it to be up-to-date
- with the C code or we also could replace it with the really nice
- Net::SSLeay package we can find under
- http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a
- longer time and it works fine and is a nice Perl module. Best would be
- to convince the author to work for the OpenSSL project and create a
- Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for
- us.
-
- Status: Ralf thinks we should both contact the author of Net::SSLeay
- and look how much effort it is to bring Eric's perl/ stuff up
- to date.
- Paul +1
-
- o The EVP and ASN1 stuff is a mess. Currently you have one EVP_CIPHER
- structure for each cipher. This may make sense for things like DES but
- for variable length ciphers like RC2 and RC4 it is NBG. Need a way to
- use the EVP interface and set up the cipher parameters. The ASN1 stuff
- is also foo wrt ciphers whose AlgorithmIdentifier has more than just
- an IV in it (e.g. RC2, RC5). This also means that EVP_Seal and EVP_Open
- don't work unless the key length matches the fixed value (some vendors
- use a key length decided by the size of the RSA encrypted key and expect
- RC2 to adapt).
-
- o ERR_error_string(..., buf) does not know how large buf is,
- there should be ERR_error_string_n(..., buf, bufsize)
- or similar.
+ o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?]
+ where the callback function can request that the function be aborted.
+ [Gregory Stark <ghstark@pobox.com>, <rayyang2000@yahoo.com>]