libtom
Reconsider the default mode for LTC_ARGCHK
Currently by default the LTC_ARGCK calls abort() when the check in question fails.
Isn't it too strict to literally die (core-dump) when you for example "only" pass an IV of invalid length?
You can probably imagine what does it mean for example when LTC_ARGCHK fails somewhere deep inside my perl bindings (it will cause the whole perl interpreter to crash).
I would prefer to only return CRYPT_INVALID_ARG by default (which means using current ARGTYPE == 4 as a default).
IIUC you're not using a system-provided ltc, right? why don't you then simply define -DARGTYPE=4 while compiling ltc?
I wouldn't want to change this per default TBH
Yes, the trick with -DARGTYPE=4 is exactly what I did. But for example Fedora/RedHat guys for some reason insist on linking with system's libtomcrypt.
The thing is that the ARGTYPE==0 decision is basically hardcoded in library binaries. We use LTC_ARGCHK pretty everywhere not only in really severe situations where there is no other way than to core dump.
It might happen that you have for example a nonce of invalid length (in a really mean scenario it may be a user input) which you pass to some libtomcrypt function ... and ... it will abort the whole program due to LTC_ARGCHK fail.