Van de Ven: Deprecating old crypto
Van de Ven: Deprecating old crypto
Posted Mar 25, 2015 21:46 UTC (Wed) by mathstuf (subscriber, #69389)In reply to: Van de Ven: Deprecating old crypto by epa
Parent article: Van de Ven: Deprecating old crypto
Well, if the interfaces were that easy, maybe people wouldn't have thought they needed to reimplement them in their own projects. Really, the code to get hashes of data out of these things is absurd.
Posted Mar 25, 2015 23:41 UTC (Wed)
by cesarb (subscriber, #6266)
[Link] (2 responses)
The traditional hashing API is pretty simple: an "init" function, an "update" function to be called repeatedly as data arrived, and a "finish" function to be called at the end to finish the computations and return the hash. The code to get a hash out of this API is not "absurd"; in fact, if you have all the data already in memory, it's three straight calls (init, update passing all the data at once, finish).
I can see, however, the value in providing two variants of the "finish" call: one which simply returns the hash, and one which does a constant-time compare with a passed hash. A lot of people forget the "constant-time" part, and it's important!
Posted Mar 30, 2015 13:47 UTC (Mon)
by mathstuf (subscriber, #69389)
[Link] (1 responses)
Posted Mar 30, 2015 19:24 UTC (Mon)
by dkg (subscriber, #55359)
[Link]
Van de Ven: Deprecating old crypto
Van de Ven: Deprecating old crypto
If you just want a simple hashing interface without a lot of unnecessary library initialization and shutdown overhead, i recommend looking at nettle. The nettle manual's example code even shows that workflow explicitly.
Van de Ven: Deprecating old crypto