cvs commit: src/lib/libmd Makefile sha256.3 sha256.h sha256c.c shadriver.c src/sbin/md5 Makefile md5.c

Colin Percival cperciva at
Wed Mar 9 13:10:38 PST 2005

Pawel Jakub Dawidek wrote:
> On Wed, Mar 09, 2005 at 12:33:24PM -0800, Colin Percival wrote:
> +> My personal feeling is that sha(384|512) are overkill on the side of
> +> hash length and probably underkill on the side of design (considering
> +> that they have the same basic design which has been repeatedly shown
> +> to be vulnerable to the Chinese attack) anyway -- we really need an
> +> AES-like process for selecting a new hash standard.
> Colin, with all due respect. I don't think your personal feeling should be
> the reason to not support sha(384|512).

Of course -- I was just mentioning it as a side note.

> If you think your version is cleaner/better that the one from sys/, maybe
> it should be reviewed and sys/ version replaced, but we should not duplicate
> crypto code.

Again, I didn't know there was a version in sys/ until Richard pointed it
out; if someone wants to rip my sha256c.c out and replace it with some sort
of build magic which sucks in the version from sys/, I have no objection.

Colin Percival

More information about the cvs-all mailing list