Subject: Re: Adding sha1 hashed passwords
To: Simon J. Gerraty <firstname.lastname@example.org>
From: Bill Studenmund <email@example.com>
Date: 05/29/2004 17:40:49
Content-Type: text/plain; charset=us-ascii
On Sat, May 29, 2004 at 12:47:50AM -0700, Simon J. Gerraty wrote:
> I notice that libcrypt uses __md5crypt() rather than the name
> crypt_md5() used in FreeBSD (where I presume the routine originated).
> I'm wondering if there's a reason to change the name of crypt_sha1 to
> __sha1crypt for NetBSD or wether the current name is ok.
__sha1crypt is in the library's name space, while crypt_sha1 is in the=20
application's name space. So __sha1crypt is better for internal uses.
> I extracted the static to64 from md5crypt.c and put it in its
> own .c file as crypt_to64 and it is now used by __md5crypt, crypt_sha1
> and pwd_gensalt. Again, is there a reason the name should be
Same name space stuff as above.
> Also, should hmac_sha1 be added to libcrypt or libc (or both?)
> I've currently added it to both - to make my testing easier.
> FWIW the hmac implementation is very simple - based on RFC 2104 and
> includes unit tests for hmac_sha1 and hmac_md5.
Not sure. My guess is libcrypt not libc.
> Finally, does adding crypt_sha1 require bumping the version of
> libcrypt.so ?
If it's in as crypt_sha1, yes, as it's an externally-visable symbol.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (NetBSD)
-----END PGP SIGNATURE-----