Date: Sat, 26 Oct 2013 18:30:19 -0600 From: Kyle Sanderson <kyle.leet@...il.com> To: musl@...ts.openwall.com Subject: Re: [Feature Request] SHA-1 HMAC Thanks for the replies! The reason why I thought it would be cool to have SHA1-HMAC included was I had thought SHA1 was included (in the crypt/ folder). However, now that I look at it again, it's actually SHA2, which makes the whole request bad :( I'll try my hand at porting the code from Busybox. Thanks for the kind responses! Kyle. On Sat, Oct 26, 2013 at 12:38 PM, Rich Felker <dalias@...ifal.cx> wrote: > On Sat, Oct 26, 2013 at 02:28:48PM +0200, Szabolcs Nagy wrote: > > * Daniel Cegie?ka <daniel.cegielka@...il.com> [2013-10-25 21:23:03 > +0200]: > > > Adding HMAC to musl doesn't make sense. This is only one C file, so > > > why you just don't want to keep this in the sources of your software? > > > > including a source file is not optimal > > I think whether this is the case depends a lot on what you're doing. > One question I always recommend asking is which will be larger and > more work to maintain: the copied code, or the library glue? For use > of a single hash function from a crypto lib with a complex API, just > the glue code to setup and call the crypto lib is probably as large as > the hash code. Then you have to consider also the build system. At > this point we haven't even started considering the potential space for > bugs, issues if someone uses a different implementation of the > original crypto lib as a drop-in replacement for it (common with > openssl), etc. > > So I think in this specific case, including the source file may > actually be the optimal solution. > > Rich > Content of type "text/html" skipped
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.