Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20120813215344.GB27715@brightrain.aerifal.cx>
Date: Mon, 13 Aug 2012 17:53:44 -0400
From: Rich Felker <dalias@...ifal.cx>
To: musl@...ts.openwall.com
Subject: Re: Todo for release?

On Mon, Aug 13, 2012 at 11:31:54PM +0200, Szabolcs Nagy wrote:
> * Rich Felker <dalias@...ifal.cx> [2012-08-13 14:53:30 -0400]:
> > - MD5 and SHA crypt (nsz?)
> 
> i only have code for the hashes, not crypt
> 
> it seems these crypt schemes are fairly ugly
> i don't mind if their implementation is delayed

It looks like the API the hash functions provide matches closely what
the BSD crypt functions expect, so I think we could potentially just
use or adapt one of them..

> md5 based crypt is not recommended anymore
> http://phk.freebsd.dk/sagas/md5crypt_eol.html

Indeed. But is it used in existing Linux user databases on any
significant scale? If not, I agree we can just drop it.

> the sha2 based crypt seems to be designed recently
> and the spec has a public domain implementation
> http://www.akkadia.org/drepper/SHA-crypt.txt

I'm confused by all the SHA names (1/2/256/512)...

Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.