cvs commit: src/lib/libmd Makefile sha256.3 sha256.h sha256c.c
shadriver.c src/sbin/md5 Makefile md5.c
Richard Coleman
rcoleman at criticalmagic.com
Wed Mar 9 12:22:31 PST 2005
Colin Percival wrote:
>>Is there a reason that there are multiple versions of
>>md5/sha1/sha256/etc in the source tree?
>
> As far as I could tell, we didn't have sha256 in the tree until I added
> it. As for md5 and sha1, it's useful to have a minimalist libmd for
> applications which don't require the bloated monst^W^W^W OpenSSL, and
> these are small enough that a bit of duplication really doesn't matter.
There are versions of sha256, sha384, and sha512 in sys/crypto/sha2. I
know that both the /dev/random code and (I think) GBDE are using those
versions.
But I understand what you are saying about openssl being so large. But
openssl seems to be the only place in the tree that has assembly
language versions of those routines. It's too bad there is not an easy
way to leverage these versions everywhere.
I understand that these hashes are relatively small (although sha256/512
is much bigger than md5), so this duplication is not a big deal. But I
suspect that the next generation of hashes will be much more
complicated. Now that sha1 is busted, there should be a flurry of new
hashes in the next year.
Just a random thought. But I'm glad to see sha256 added to libmd
anyways. It may be useful to add sha384 and sha512 as well.
Richard Coleman
rcoleman at criticalmagic.com
More information about the cvs-all
mailing list