|
Message-ID: <CACsaVZKdoBQCZQFEZYu9j_JaOmivLOWK1=Nzu8e4=07iCPDdQg@mail.gmail.com>
Date: Sat, 26 Oct 2013 18:30:19 -0600
From: Kyle Sanderson <kyle.leet@...il.com>
To: musl@...ts.openwall.com
Subject: Re: [Feature Request] SHA-1 HMAC
Thanks for the replies! The reason why I thought it would be cool to have
SHA1-HMAC included was I had thought SHA1 was included (in the crypt/
folder). However, now that I look at it again, it's actually SHA2, which
makes the whole request bad :( I'll try my hand at porting the code from
Busybox.
Thanks for the kind responses!
Kyle.
On Sat, Oct 26, 2013 at 12:38 PM, Rich Felker <dalias@...ifal.cx> wrote:
> On Sat, Oct 26, 2013 at 02:28:48PM +0200, Szabolcs Nagy wrote:
> > * Daniel Cegie?ka <daniel.cegielka@...il.com> [2013-10-25 21:23:03
> +0200]:
> > > Adding HMAC to musl doesn't make sense. This is only one C file, so
> > > why you just don't want to keep this in the sources of your software?
> >
> > including a source file is not optimal
>
> I think whether this is the case depends a lot on what you're doing.
> One question I always recommend asking is which will be larger and
> more work to maintain: the copied code, or the library glue? For use
> of a single hash function from a crypto lib with a complex API, just
> the glue code to setup and call the crypto lib is probably as large as
> the hash code. Then you have to consider also the build system. At
> this point we haven't even started considering the potential space for
> bugs, issues if someone uses a different implementation of the
> original crypto lib as a drop-in replacement for it (common with
> openssl), etc.
>
> So I think in this specific case, including the source file may
> actually be the optimal solution.
>
> Rich
>
Content of type "text/html" skipped
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.