PuTTY wish cryptoapi

This is a mirror. Follow this link to find the primary PuTTY web site.

Home | FAQ | Feedback | Licence | Updates | Mirrors | Keys | Links | Team
Download: Stable · Snapshot | Docs | Changes | Wishlist

summary: Use of MS Crypto API on Windows
class: wish: This is a request for an enhancement.
difficulty: tricky: Needs many tuits.
depends: mdpi
priority: low: We aren't sure whether to fix this or not.

We did once have some sort of optional support for the Microsoft Crypto API, but it rotted, and didn't support all the algorithms we needed (eg Blowfish), so was eventually removed.

Quoth Simon:

My other concern about CryptoAPI is the whole idea of handing a MS-controlled function a pointer and saying `here, take a look at my plaintext'. Not that I think MS is likely to be bugging that function (as it were) at the moment, but there's no point in making it easy for someone to install a modified DLL and trojan all cryptography done in the system.

On the other hand, it might be good to be able to make use of the thermal noise-based random number generators now appearing in some commodity chipsets such as the Intel 810 FWH. These might be exposed through the Crypto API.

May also be relevant to smartcard-auth.

Any support would have to be optional (controlled by configuration option? Test for presence of API?). Probably an application for the MDPI.


If you want to comment on this web site, see the Feedback page.
Audit trail for this wish.
(last revision of this bug record was at 2017-04-28 16:52:45 +0100)