Open strogonoff opened 6 years ago
I think Ronald answered everything better than I would have. :thumbsup:
Thanks @ronaldtse & @dewyatt. Here’s more, could you answer each point individually please
Can you clarify what name stylization is officially adopted? It’s written in lowercase “rnp” in some places and uppercase RNP in others.
What is a complete list of ciphers rnp supports?
Do any performance benchmarks exist?
Leaving aside SM cipher support, what would be the top focus of rnp if you had to come up with just one?
2 & 3. @dewyatt and @ni4 are in better position to elaborate them.
@strogonoff
Weak and weaker algorithms (like MD5, SHA1, IDEA, Triple DES, ElGamal signatures) are supported for backward compatibility with older implementations (say, to be able to decrypt file encrypted 15 years ago).
Sweet, thanks! Cipher support looks comprehensive compared with other maintained competitors. Just a few more questions left I think.
One of the strong points of RNP seems to be that it can be depended upon as a proper library. However, README seems a bit thin on that, mostly focusing on CLI tool usage. In brief how would one go about integrating it in their own project? Is there a typical use case or two you can outline?
Can I use it now if I develop a macOS/iOS app in Swift? a web app in Python? Will it be possible only when the respective bindings are published?
Are you aware of any major projects/organizations where RNP is used in some way now? Not counting Ribose itself, but affiliated initiatives are OK
Which major features were recently released and what are the biggest features planned next?
Are you planning on releasing a major version within the next week or two?
What is the current version of RNP? It’s hard to tell (I’d recommend maintaining a CHANGELOG file by the way, it’s never too late to start!)
I can try to answer some:
rnp.h
, best not to mention the filename rnp2.h
), which is also where the only API documentation really lives at the moment. One of the things we probably need to do is to add a doxygen cmake target and commit docs. As for use cases, it's generally useful for anything where one wants to interact with OpenPGP data in an automated/programmatic way. Maybe someone can expand on this point though.Thanks, @dewyatt . I would add some notes:
There are no Swift bindings yet and I didn't dig into it. However, anyone may use C library from the Objective-C code (if familiar with C coding, of course).
As for me most of the previous year's work was updating the codebase to get rid of old NetPGP code, ensure compatibility with GnuPG and other implementations, add lacking basic features. Major pieces of work were:
Maybe @ronaldtse would like to add something to this list as well.
@dewyatt
Regarding Ruby bindings, what would be a most minimal step-by-step example of (what I assume to be) a typical use case: generate a key[pair] -> encrypt a message -> decrypt a message?
Algorithm is not important—let’s assume a cipher that’d typically be used in secure P2P messaging :)
I suppose it would be a variation of below but I’d like to check for correctness or whether this is a valid supported use case (if not then maybe it’s something concerning password manager/key manager).
require 'rnp'
rnp = Rnp.new
key = rnp.generate_key(…)
rnp.load_keys(…)
plaintext = "Hello!"
ciphertext = rnp.encrypt(plaintext)
ciphertext_decrypted = rnp.decrypt(ciphertext)
ciphertext_decrypted == plaintext
cc @dewyatt @ni4 @ronaldtse
Would be good to mention the good practices as to how to store keys with RNP as well.
Would be good to mention the good practices as to how to store keys with RNP as well.
I really have nothing to say on this, I don't mean to ignore the question.
No worries, moving further questions to PR with post copy
@dewyatt, here are a few questions about rnp covering some info needed for a decent introductory post:
Feel free to reply here—alternatively, a call might be a good way to deal with this without adding to your TODO list, though it’d block about 15 minutes off your calendar. In that case the above items would constitute the majority of call’s agenda.