Hello On 3 February 2013 20:55, Nala Ginrut <nalagin...@gmail.com> wrote: > As mentioned in another thread about digest algorithm support in Guile, > my plan is use part of implementation of libgcrypt and make a wrapper, > then put into libguile. > But now I found weinholt's Scheme industria lib, which contains all > mainstream crypto(not only digest) algorithm. > http://weinholt.se/industria/manual/crypto.html#crypto
As mentioned on that page, there are some issues that apply to any pure Scheme implementation: > Beware that if you're using some of these libraries for sensitive > data, let's say passwords, then there is probably no way to make > sure a password is ever gone from memory. There is no guarantee that > the passwords will not be swapped out to disk or transmitted by > radio. Libgcrypt provides a means to specify that some data should be stored in secured memory, which will never be swapped to disk. Doing something similar in Guile may be problematic, at least with a Scheme-only implementation. > So what's your opinion, guys? > Would you prefer C implementation or Scheme way? As gcrypt is mature, reimplementing it in either C or Scheme just for Guile does not seem useful — on it's own. An FFI wrapper or extension benefits from upstream security and maintenance efforts. If you have a particular interest in learning about crypto. algorithms, by all means port or write your own implementation using whichever language. If you want it to have a Scheme interface, then Scheme seems a logical choice to use. If your goal is only to provide crypto. support to Guile programs, then time is better spent providing a wrapper to the existing library. Concerns about adding an external dependency do not hold much weight next to the advantages of directly using the library; “don't repeat yourself”, and all that. Perhaps you are aware that there an extension for gcrypt under development, with modules for the hash and randomize functions: <https://gitorious.org/gcrypt-guile/>. Regards
