cvs commit: src/lib/libmd Makefile sha256.3 sha256.h sha256c.c shadriver.c src/sbin/md5 Makefile md5.c

Poul-Henning Kamp phk at
Wed Mar 9 12:57:35 PST 2005

In message <422F5D94.4030702 at>, Colin Percival writes:

>My personal feeling is that sha(384|512) are overkill on the side of
>hash length and probably underkill on the side of design (considering
>that they have the same basic design which has been repeatedly shown
>to be vulnerable to the Chinese attack) anyway -- we really need an
>AES-like process for selecting a new hash standard.

As far as I can tell from the phk-bashing on that cryptographer list,
SHA is the current king for the lack of something better.

I will add my voice to the chorus who pine for us to have one single
copy of things like hashes and encryption.

And by "one single copy" I mean one shared between kernel and userland.

Since all these functions are really just memcpy() overdosed on LSD,
I can't see _any_ reason why the kernel and userland would need different
versions, much less why different pieces of the kernel or userland

Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

More information about the cvs-src mailing list