I know I'm taking on a big topic here, especially considering the amount of influence a project like this has and the opinions that are going to be raised. Every single piece of public and internal APIs will be questioned, although there are hard specs that will remain.
The initial topic I'm creating will contain my open questions. I'll be adding my own separate reply to this topic with my own opinions and ideas.
Cryptography
Cryptography is a very broadly applied set of technologies and consists of many aspects. To name a few:
- Cryptographic Hash Functions
- Symmetric Key Cryptography
- Public-Key cryptography
And many derived techniques and technologies such as:
- Key Derivation Functions
- Message Authenticators
- Diffie-Hellman Key exchange
- SSL
- Blockchain
The Scope
As you read above, there is a wide variety of technologies that are related to cryptography in a broad sense.
I think it's important for those that are interested in a project like this to define and share your opinion of a scope and API. For this reason I compiled a list of questions that you can fill out.
Feel free to bring up opinions and feedback related to this idea forward, irregardless of the questions below.
Some Questions
Should cryptography be solely or partially reliant on CommonCrypto/libcrypto/the platform's preferred library? And if so, how are algorithms outside of the platform's support treated?
Does cryptography need to be implemented in Swift or C, or is this decided on a case-by-case basis?
The world is still full of old technology. Do "ancient" algorithms such as MD4 be implemented in this project either now or later down the line?
Should the API work with pointers, (Contiguous)Arrays, Collections, Strings or a combination of these?
Would the API support common representations of information such as hexadecimal and Base64?
Does an algorithm such as a hash function be a struct
or a class
?
What kind of features should be implemented and which should not. Why do you think so?
Think of the following non-exhaustive list in no particular order:
- AES
- BCrypt
- Blockchain
- Blowfish
- DES
- Diffie-Hellman
- ECC
- ECDSA
- HMAC
- MD4
- MD5
- PBKDF1
- PBKDF2
- PEM
- PGP
- ROT13
- RSA
- SHA0
- SHA1
- SHA2 (and its variations such as SHA256 and SHA512)
- SHA3
- TLS