CTO wrote:
EVP covers hashing, signatures, and encryption/decryption. If we're going to go for a longer name, maybe "cryptography" would be more appropriate?
Something to keep in mind while working on this is your threat model for the library. If you aren't going to do anything to guard against side-channel attacks (which are rather hard to avoid in a cross platform algorithm on a general purpose PC) or against attacks which grab unencrypted messages and keys from released-but-not-overwritten computer memory or (worse) the swap file, then this should be mentioned in the documentation. That way application developers that are looking for that extra level of security will know they need to look elsewhere. Regards, Nick. -- Nick Coghlan | ncoghlan@gmail.com | Brisbane, Australia ---------------------------------------------------------------