gnueval-security
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [gnueval-security] [Richard Stallman] evaluating an encryption progr


From: Christian Grothoff
Subject: Re: [gnueval-security] [Richard Stallman] evaluating an encryption program
Date: Wed, 27 Nov 2013 22:50:54 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130922 Icedove/17.0.9

On 11/26/2013 09:32 AM, Niels Möller wrote:
> At this point, would it be useful to also have a look at the provided
> source code and see if it appears to be well written?

I checked, the main issue would seem to be the use of vanilla Makefiles
(no autotools) to build the code, but the C itself seems very clean and
documented.  The API itself also makes a good impression to me.  There is
also additional documentation with the code (C/*/doc/), and the headers
are commented very nicely.

So while I didn't do a "security audit" (for that, I'd have to really
read up on the NTRU specs and compare AND go line-by-line over the
code), the quality of the code itself beats OpenSSL's mess any day ;-).

My 2 cents

Christian



reply via email to

[Prev in Thread] Current Thread [Next in Thread]