+ o Add fingerprint to SilcSILCPublicKey and retrieval to silcpk.h, and
+ possibly to silcpkcs.h.
+
+ /* Return fingerprint of the `public_key'. Returns also the algorithm
+ that has been used to make the fingerprint. */
+ const unsigned char *
+ silc_pkcs_get_fingerprint(SilcPublicKey public_key,
+ const char **hash_algorithm,
+ SilcUInt32 *fingerprint_len);
+
+ o Add CMAC and maybe others. Change needs rewrite of the internals of
+ the SILC Mac API, currently it's suitable only for HMACs.
+
+ o Global RNG must be changed to use SILC Global API.
+
+ o Global cipher, hash, mac, and pkcs tables must use SILC Global API.
+
+ o Add FIPS compliant RNG.
+
+ o Implement the defined SilcDH API. The definition is in
+ lib/silccrypt/silcdh.h. Make sure it is asynchronous so that it can
+ be accelerated. Also take into account that it could use elliptic
+ curves.
+
+ o Add Elgamal.
+
+ o Add ECDSA support.
+
+ o Add ECDH support.
+
+ o Add PKCS#1 RSAES-OAEP and RSASSA-PSS.
+
+ o Add GCM mode.
+
+ o Do GCC vs ICC benchmarks of all key algorithms.
+
+ o Add DSA support to SILC public key.
+
+ o The asynchronous functions to perhaps to _async to preserve backwards
+ compatibility with synchronous versions, and make easier to migrate
+ from 1.1 to 1.2. (***DONE)
+
+ o AES CBC is missing proper alignment code. (***DONE)
+
+ o silc_pkcs_public_key_alloc should accept also SILC_PKCS_ANY as argument
+ and try all supported PKCS until one succeeds. (***DONE)
+
+ o Associate a default hash function with all PKCS algorithms. User can
+ override it in silc_pkcs_sign. DSA with FIPS186-3 determines the
+ hash algorithm by the key length. (***DONE)
+
+ o Document all cipher names, hash names, mac names, pkcs names. (***DONE)
+
+ o SilcHmac must be replaced with generic SilcMac so that we can add
+ others than just HMAC algorithms. Backwards support (via #define's)
+ must be preserved. (***DONE)
+
+ o Change the DSA implementation to support FIPS186-3. This means that
+ the q length is determined by the key length. (***DONE)
+
+ o Add silc_crypto_init and silc_crypto_uninit. The _init should take
+ SilcStack that will act as global memory pool for all of crypto
+ library. It should not be necessary anymore to separately register
+ default ciphers, HMACs, etc, the _init would do that. However, if
+ user after _init calls silc_pkcs_register, for example, it would take
+ preference over the default once, ie. user can always dictate the
+ order of algorithms. (***DONE)
+
+ o Change SILC PKCS API to asynchronous, so that accelerators can be used.
+ All PKCS routines should now take callbacks as argument and they should
+ be delivered to SilcPKCSObject and SilcPKCSAlgorithm too. (***DONE)
+
+ o Change PKCS Algorithm API to take SilcPKCSAlgorithm as argument to
+ encrypt, decrypt, sign and verify functions. We may need to for exmaple
+ check the alg->hash, supported hash functions. Maybe deliver it also
+ to all other functions in SilcPKCSAlgorithm to be consistent. (***DONE)
+
+ o Add DSS support. (***DONE)
+
+ o All cipher, hash, hmac etc. allocation routines should take their name
+ in as const char * not const unsigned char *. (***DONE)
+
+
+SKR Library, lib/silcskr/
+=========================
+
+ o Add fingerprint as search constraint.
+
+ o Add SSH support. (***DONE, TESTING NEEDED)
+
+ o Add OpenPGP support. Adding, removing, fetching PGP keys. (Keyring
+ support?)