Subject: Re: Adding sha1 hashed passwords
To: Simon J. Gerraty <>
From: Bill Studenmund <>
List: tech-userlevel
Date: 05/29/2004 17:40:49
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, May 29, 2004 at 12:47:50AM -0700, Simon J. Gerraty wrote:
> Questions...
> I notice that libcrypt uses __md5crypt() rather than the name
> crypt_md5() used in FreeBSD (where I presume the routine originated).
> I'm wondering if there's a reason to change the name of crypt_sha1 to
> __sha1crypt for NetBSD or wether the current name is ok.

__sha1crypt is in the library's name space, while crypt_sha1 is in the=20
application's name space. So __sha1crypt is better for internal uses.

> I extracted the static to64 from md5crypt.c and put it in its
> own .c file as crypt_to64 and it is now used by __md5crypt, crypt_sha1
> and pwd_gensalt.  Again, is there a reason the name should be
> different?

Same name space stuff as above.

> Also, should hmac_sha1 be added to libcrypt or libc (or both?)
> I've currently added it to both - to make my testing easier.
> FWIW the hmac implementation is very simple - based on RFC 2104 and
> includes unit tests for hmac_sha1 and hmac_md5.

Not sure. My guess is libcrypt not libc.

> Finally, does adding crypt_sha1 require bumping the version of
> ?

If it's in as crypt_sha1, yes, as it's an externally-visable symbol.

Take care,


Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.2.3 (NetBSD)