[RFC] sha2: new <sha2.h> header

[RFC] sha2: new <sha2.h> header

[Shawn Landden]

We have sha512 and sha256 code sitting here, yet we don't export it with any useful interface.

This came out of discussion with pikhq on IRC.

No tests yet, and no sha256 until this gets some review.
---
 include/sha2.h            | 33 +++++++++++++++++++++++++++++++++
 src/crypt/crypt_sha512.c  | 37 ++++++++++++++++++++++++++++---------
 src/crypt/sha512.c        | 11 +++++++++++
 src/crypt/sha512_finish.c |  9 +++++++++
 src/crypt/sha512_push.c   |  9 +++++++++
 5 files changed, 90 insertions(+), 9 deletions(-)
 create mode 100644 include/sha2.h
 create mode 100644 src/crypt/sha512.c
 create mode 100644 src/crypt/sha512_finish.c
 create mode 100644 src/crypt/sha512_push.c

diff --git a/include/sha2.h b/include/sha2.h
new file mode 100644
index 0000000..eb45bae
--- /dev/null
+++ b/include/sha2.h
@@ -0,0 +1,33 @@
+#ifndef _SHA2_H
+#define _SHA2_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <stdint.h>
+
+typedef struct sha512_state_t {
+	char __internal_state[8 + 64 + 128];
+} sha512_state_t;
+
+union sha512 {
+	uint8_t s8[64];
+	uint16_t s16[32];
+	uint32_t s32[16];
+	uint64_t s64[8];
+};
+
+/* using a macro allows switching to a static initializer in the future */
+#define SHA512STATEINIT __sha512_init()
+
+void *sha512(const void *__restrict, size_t n, void *__restrict);
+sha512_state_t __sha512_init();
+void sha512_push(sha512_state_t *s, const void *__restrict, size_t n);
+void sha512_finish(sha512_state_t *s, void *__restrict);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/src/crypt/crypt_sha512.c b/src/crypt/crypt_sha512.c
index 1294e98..c3b57e9 100644
--- a/src/crypt/crypt_sha512.c
+++ b/src/crypt/crypt_sha512.c
@@ -16,11 +16,11 @@
 /* public domain sha512 implementation based on fips180-3 */
 /* >=2^64 bits messages are not supported (about 2000 peta bytes) */
 
-struct sha512 {
+typedef struct sha512_state_t {
 	uint64_t len;     /* processed message length */
 	uint64_t h[8];    /* hash state */
 	uint8_t buf[128]; /* message block buffer */
-};
+} sha512_state_t;
 
 static uint64_t ror(uint64_t n, int k) { return (n >> k) | (n << (64-k)); }
 #define Ch(x,y,z)  (z ^ (x & (y ^ z)))
@@ -53,7 +53,7 @@ static const uint64_t K[80] = {
 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL, 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL
 };
 
-static void processblock(struct sha512 *s, const uint8_t *buf)
+static void processblock(sha512_state_t *s, const uint8_t *buf)
 {
 	uint64_t W[80], t1, t2, a, b, c, d, e, f, g, h;
 	int i;
@@ -100,7 +100,7 @@ static void processblock(struct sha512 *s, const uint8_t *buf)
 	s->h[7] += h;
 }
 
-static void pad(struct sha512 *s)
+static void pad(sha512_state_t *s)
 {
 	unsigned r = s->len % 128;
 
@@ -123,7 +123,7 @@ static void pad(struct sha512 *s)
 	processblock(s, s->buf);
 }
 
-static void sha512_init(struct sha512 *s)
+static void sha512_init(sha512_state_t *s)
 {
 	s->len = 0;
 	s->h[0] = 0x6a09e667f3bcc908ULL;
@@ -136,7 +136,7 @@ static void sha512_init(struct sha512 *s)
 	s->h[7] = 0x5be0cd19137e2179ULL;
 }
 
-static void sha512_sum(struct sha512 *s, uint8_t *md)
+static void sha512_sum(sha512_state_t *s, uint8_t *md)
 {
 	int i;
 
@@ -153,7 +153,7 @@ static void sha512_sum(struct sha512 *s, uint8_t *md)
 	}
 }
 
-static void sha512_update(struct sha512 *s, const void *m, unsigned long len)
+static void sha512_update(sha512_state_t *s, const void *m, unsigned long len)
 {
 	const uint8_t *p = m;
 	unsigned r = s->len % 128;
@@ -196,7 +196,7 @@ static char *to64(char *s, unsigned int u, int n)
 #define ROUNDS_MAX 9999999
 
 /* hash n bytes of the repeated md message digest */
-static void hashmd(struct sha512 *s, unsigned int n, const void *md)
+static void hashmd(sha512_state_t  *s, unsigned int n, const void *md)
 {
 	unsigned int i;
 
@@ -207,7 +207,7 @@ static void hashmd(struct sha512 *s, unsigned int n, const void *md)
 
 static char *sha512crypt(const char *key, const char *setting, char *output)
 {
-	struct sha512 ctx;
+	sha512_state_t ctx;
 	unsigned char md[64], kmd[64], smd[64];
 	unsigned int i, r, klen, slen;
 	char rounds[20] = "";
@@ -369,3 +369,22 @@ char *__crypt_sha512(const char *key, const char *setting, char *output)
 		return "*";
 	return p;
 }
+
+void __sha512_push(sha512_state_t *s, const void *d, size_t n)
+{
+	sha512_update(s, d, n);
+}
+
+void __sha512_finish(sha512_state_t *s, const void *md)
+{
+	sha512_sum(s, (uint8_t *)md);
+}
+
+sha512_state_t __sha512_init()
+{
+	sha512_state_t s;
+
+	sha512_init(&s);
+
+	return s;
+}
diff --git a/src/crypt/sha512.c b/src/crypt/sha512.c
new file mode 100644
index 0000000..42059e9
--- /dev/null
+++ b/src/crypt/sha512.c
@@ -0,0 +1,11 @@
+#include <unistd.h>
+#include <sha2.h>
+
+void *sha512(const void *d, size_t n, void *md)
+{
+	sha512_state_t s = SHA512STATEINIT;
+
+	sha512_push(&s, d, n);
+	sha512_finish(&s, md);
+	return md;
+}
diff --git a/src/crypt/sha512_finish.c b/src/crypt/sha512_finish.c
new file mode 100644
index 0000000..fe91bd5
--- /dev/null
+++ b/src/crypt/sha512_finish.c
@@ -0,0 +1,9 @@
+#include <unistd.h>
+#include <sha2.h>
+
+void __sha512_finish(sha512_state_t *s, void *__restrict);
+
+void sha512_finish(sha512_state_t *s, void *md)
+{
+	__sha512_finish(s, md);
+}
diff --git a/src/crypt/sha512_push.c b/src/crypt/sha512_push.c
new file mode 100644
index 0000000..dffb9dc
--- /dev/null
+++ b/src/crypt/sha512_push.c
@@ -0,0 +1,9 @@
+#include <unistd.h>
+#include <sha2.h>
+
+void __sha512_push(sha512_state_t *s, const void *__restrict, size_t n);
+
+void sha512_push(sha512_state_t *s, const void *d, size_t n)
+{
+	__sha512_push(s, d, n);
+}
-- 
2.2.1.209.g41e5f3a

Re: [RFC] sha2: new <sha2.h> header

[Shawn Landden]

On Tue, Mar 24, 2015 at 9:57 AM, Shawn Landden <shawn@churchofgit.com> wrote:
> We have sha512 and sha256 code sitting here, yet we don't export it with any useful interface.
>
> This came out of discussion with pikhq on IRC.
>
> No tests yet, and no sha256 until this gets some review.
> ---
>  include/sha2.h            | 33 +++++++++++++++++++++++++++++++++
>  src/crypt/crypt_sha512.c  | 37 ++++++++++++++++++++++++++++---------
>  src/crypt/sha512.c        | 11 +++++++++++
>  src/crypt/sha512_finish.c |  9 +++++++++
>  src/crypt/sha512_push.c   |  9 +++++++++
>  5 files changed, 90 insertions(+), 9 deletions(-)
>  create mode 100644 include/sha2.h
>  create mode 100644 src/crypt/sha512.c
>  create mode 100644 src/crypt/sha512_finish.c
>  create mode 100644 src/crypt/sha512_push.c
>
> diff --git a/include/sha2.h b/include/sha2.h
> new file mode 100644
> index 0000000..eb45bae
> --- /dev/null
> +++ b/include/sha2.h
> @@ -0,0 +1,33 @@
> +#ifndef _SHA2_H
> +#define _SHA2_H
> +
> +#ifdef __cplusplus
> +extern "C" {
> +#endif
> +
> +#include <stdint.h>
> +
> +typedef struct sha512_state_t {
> +       char __internal_state[8 + 64 + 128];
> +} sha512_state_t;
> +
> +union sha512 {
> +       uint8_t s8[64];
> +       uint16_t s16[32];
> +       uint32_t s32[16];
> +       uint64_t s64[8];
> +};
whoops for including this. I was thinking of having a type for the
digest, with differn't width accessors, like in6_addr has.
> +
> +/* using a macro allows switching to a static initializer in the future */
> +#define SHA512STATEINIT __sha512_init()
> +
> +void *sha512(const void *__restrict, size_t n, void *__restrict);
> +sha512_state_t __sha512_init();
> +void sha512_push(sha512_state_t *s, const void *__restrict, size_t n);
> +void sha512_finish(sha512_state_t *s, void *__restrict);
> +
> +#ifdef __cplusplus
> +}
> +#endif
> +
> +#endif
> diff --git a/src/crypt/crypt_sha512.c b/src/crypt/crypt_sha512.c
> index 1294e98..c3b57e9 100644
> --- a/src/crypt/crypt_sha512.c
> +++ b/src/crypt/crypt_sha512.c
> @@ -16,11 +16,11 @@
>  /* public domain sha512 implementation based on fips180-3 */
>  /* >=2^64 bits messages are not supported (about 2000 peta bytes) */
>
> -struct sha512 {
> +typedef struct sha512_state_t {
>         uint64_t len;     /* processed message length */
>         uint64_t h[8];    /* hash state */
>         uint8_t buf[128]; /* message block buffer */
> -};
> +} sha512_state_t;
>
>  static uint64_t ror(uint64_t n, int k) { return (n >> k) | (n << (64-k)); }
>  #define Ch(x,y,z)  (z ^ (x & (y ^ z)))
> @@ -53,7 +53,7 @@ static const uint64_t K[80] = {
>  0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL, 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL
>  };
>
> -static void processblock(struct sha512 *s, const uint8_t *buf)
> +static void processblock(sha512_state_t *s, const uint8_t *buf)
>  {
>         uint64_t W[80], t1, t2, a, b, c, d, e, f, g, h;
>         int i;
> @@ -100,7 +100,7 @@ static void processblock(struct sha512 *s, const uint8_t *buf)
>         s->h[7] += h;
>  }
>
> -static void pad(struct sha512 *s)
> +static void pad(sha512_state_t *s)
>  {
>         unsigned r = s->len % 128;
>
> @@ -123,7 +123,7 @@ static void pad(struct sha512 *s)
>         processblock(s, s->buf);
>  }
>
> -static void sha512_init(struct sha512 *s)
> +static void sha512_init(sha512_state_t *s)
>  {
>         s->len = 0;
>         s->h[0] = 0x6a09e667f3bcc908ULL;
> @@ -136,7 +136,7 @@ static void sha512_init(struct sha512 *s)
>         s->h[7] = 0x5be0cd19137e2179ULL;
>  }
>
> -static void sha512_sum(struct sha512 *s, uint8_t *md)
> +static void sha512_sum(sha512_state_t *s, uint8_t *md)
>  {
>         int i;
>
> @@ -153,7 +153,7 @@ static void sha512_sum(struct sha512 *s, uint8_t *md)
>         }
>  }
>
> -static void sha512_update(struct sha512 *s, const void *m, unsigned long len)
> +static void sha512_update(sha512_state_t *s, const void *m, unsigned long len)
>  {
>         const uint8_t *p = m;
>         unsigned r = s->len % 128;
> @@ -196,7 +196,7 @@ static char *to64(char *s, unsigned int u, int n)
>  #define ROUNDS_MAX 9999999
>
>  /* hash n bytes of the repeated md message digest */
> -static void hashmd(struct sha512 *s, unsigned int n, const void *md)
> +static void hashmd(sha512_state_t  *s, unsigned int n, const void *md)
>  {
>         unsigned int i;
>
> @@ -207,7 +207,7 @@ static void hashmd(struct sha512 *s, unsigned int n, const void *md)
>
>  static char *sha512crypt(const char *key, const char *setting, char *output)
>  {
> -       struct sha512 ctx;
> +       sha512_state_t ctx;
>         unsigned char md[64], kmd[64], smd[64];
>         unsigned int i, r, klen, slen;
>         char rounds[20] = "";
> @@ -369,3 +369,22 @@ char *__crypt_sha512(const char *key, const char *setting, char *output)
>                 return "*";
>         return p;
>  }
> +
> +void __sha512_push(sha512_state_t *s, const void *d, size_t n)
> +{
> +       sha512_update(s, d, n);
> +}
> +
> +void __sha512_finish(sha512_state_t *s, const void *md)
> +{
> +       sha512_sum(s, (uint8_t *)md);
> +}
> +
> +sha512_state_t __sha512_init()
> +{
> +       sha512_state_t s;
> +
> +       sha512_init(&s);
> +
> +       return s;
> +}
> diff --git a/src/crypt/sha512.c b/src/crypt/sha512.c
> new file mode 100644
> index 0000000..42059e9
> --- /dev/null
> +++ b/src/crypt/sha512.c
> @@ -0,0 +1,11 @@
> +#include <unistd.h>
> +#include <sha2.h>
> +
> +void *sha512(const void *d, size_t n, void *md)
> +{
> +       sha512_state_t s = SHA512STATEINIT;
> +
> +       sha512_push(&s, d, n);
> +       sha512_finish(&s, md);
> +       return md;
> +}
> diff --git a/src/crypt/sha512_finish.c b/src/crypt/sha512_finish.c
> new file mode 100644
> index 0000000..fe91bd5
> --- /dev/null
> +++ b/src/crypt/sha512_finish.c
> @@ -0,0 +1,9 @@
> +#include <unistd.h>
> +#include <sha2.h>
> +
> +void __sha512_finish(sha512_state_t *s, void *__restrict);
> +
> +void sha512_finish(sha512_state_t *s, void *md)
> +{
> +       __sha512_finish(s, md);
> +}
> diff --git a/src/crypt/sha512_push.c b/src/crypt/sha512_push.c
> new file mode 100644
> index 0000000..dffb9dc
> --- /dev/null
> +++ b/src/crypt/sha512_push.c
> @@ -0,0 +1,9 @@
> +#include <unistd.h>
> +#include <sha2.h>
> +
> +void __sha512_push(sha512_state_t *s, const void *__restrict, size_t n);
> +
> +void sha512_push(sha512_state_t *s, const void *d, size_t n)
> +{
> +       __sha512_push(s, d, n);
> +}
> --
> 2.2.1.209.g41e5f3a
>



-- 
Shawn Landden

Re: [RFC] sha2: new <sha2.h> header

[Daniel Cegiełka]

2015-03-24 17:57 GMT+01:00 Shawn Landden <shawn@churchofgit.com>:
> We have sha512 and sha256 code sitting here, yet we don't export it with any useful interface.
>
> This came out of discussion with pikhq on IRC.
>
> No tests yet, and no sha256 until this gets some review.

http://www.openwall.com/lists/musl/2015/01/14/6

Daniel

Re: [RFC] sha2: new <sha2.h> header

[Shawn Landden]

Rich Felker complains about corner cases, but these functions don't
have corner cases. There are no errors possible except going over a
size of 2^64, which takes longer than the age of the universe, and
these are totally standardized hashes. Yes, there is a length of a
state field that is exported, but that is about it.

On Tue, Mar 24, 2015 at 10:00 AM, Shawn Landden <shawn@churchofgit.com> wrote:
> On Tue, Mar 24, 2015 at 9:57 AM, Shawn Landden <shawn@churchofgit.com> wrote:
>> We have sha512 and sha256 code sitting here, yet we don't export it with any useful interface.
>>
>> This came out of discussion with pikhq on IRC.
>>
>> No tests yet, and no sha256 until this gets some review.
>> ---
>>  include/sha2.h            | 33 +++++++++++++++++++++++++++++++++
>>  src/crypt/crypt_sha512.c  | 37 ++++++++++++++++++++++++++++---------
>>  src/crypt/sha512.c        | 11 +++++++++++
>>  src/crypt/sha512_finish.c |  9 +++++++++
>>  src/crypt/sha512_push.c   |  9 +++++++++
>>  5 files changed, 90 insertions(+), 9 deletions(-)
>>  create mode 100644 include/sha2.h
>>  create mode 100644 src/crypt/sha512.c
>>  create mode 100644 src/crypt/sha512_finish.c
>>  create mode 100644 src/crypt/sha512_push.c
>>
>> diff --git a/include/sha2.h b/include/sha2.h
>> new file mode 100644
>> index 0000000..eb45bae
>> --- /dev/null
>> +++ b/include/sha2.h
>> @@ -0,0 +1,33 @@
>> +#ifndef _SHA2_H
>> +#define _SHA2_H
>> +
>> +#ifdef __cplusplus
>> +extern "C" {
>> +#endif
>> +
>> +#include <stdint.h>
>> +
>> +typedef struct sha512_state_t {
>> +       char __internal_state[8 + 64 + 128];
>> +} sha512_state_t;
>> +
>> +union sha512 {
>> +       uint8_t s8[64];
>> +       uint16_t s16[32];
>> +       uint32_t s32[16];
>> +       uint64_t s64[8];
>> +};
> whoops for including this. I was thinking of having a type for the
> digest, with differn't width accessors, like in6_addr has.
>> +
>> +/* using a macro allows switching to a static initializer in the future */
>> +#define SHA512STATEINIT __sha512_init()
>> +
>> +void *sha512(const void *__restrict, size_t n, void *__restrict);
>> +sha512_state_t __sha512_init();
>> +void sha512_push(sha512_state_t *s, const void *__restrict, size_t n);
>> +void sha512_finish(sha512_state_t *s, void *__restrict);
>> +
>> +#ifdef __cplusplus
>> +}
>> +#endif
>> +
>> +#endif
>> diff --git a/src/crypt/crypt_sha512.c b/src/crypt/crypt_sha512.c
>> index 1294e98..c3b57e9 100644
>> --- a/src/crypt/crypt_sha512.c
>> +++ b/src/crypt/crypt_sha512.c
>> @@ -16,11 +16,11 @@
>>  /* public domain sha512 implementation based on fips180-3 */
>>  /* >=2^64 bits messages are not supported (about 2000 peta bytes) */
>>
>> -struct sha512 {
>> +typedef struct sha512_state_t {
>>         uint64_t len;     /* processed message length */
>>         uint64_t h[8];    /* hash state */
>>         uint8_t buf[128]; /* message block buffer */
>> -};
>> +} sha512_state_t;
>>
>>  static uint64_t ror(uint64_t n, int k) { return (n >> k) | (n << (64-k)); }
>>  #define Ch(x,y,z)  (z ^ (x & (y ^ z)))
>> @@ -53,7 +53,7 @@ static const uint64_t K[80] = {
>>  0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL, 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL
>>  };
>>
>> -static void processblock(struct sha512 *s, const uint8_t *buf)
>> +static void processblock(sha512_state_t *s, const uint8_t *buf)
>>  {
>>         uint64_t W[80], t1, t2, a, b, c, d, e, f, g, h;
>>         int i;
>> @@ -100,7 +100,7 @@ static void processblock(struct sha512 *s, const uint8_t *buf)
>>         s->h[7] += h;
>>  }
>>
>> -static void pad(struct sha512 *s)
>> +static void pad(sha512_state_t *s)
>>  {
>>         unsigned r = s->len % 128;
>>
>> @@ -123,7 +123,7 @@ static void pad(struct sha512 *s)
>>         processblock(s, s->buf);
>>  }
>>
>> -static void sha512_init(struct sha512 *s)
>> +static void sha512_init(sha512_state_t *s)
>>  {
>>         s->len = 0;
>>         s->h[0] = 0x6a09e667f3bcc908ULL;
>> @@ -136,7 +136,7 @@ static void sha512_init(struct sha512 *s)
>>         s->h[7] = 0x5be0cd19137e2179ULL;
>>  }
>>
>> -static void sha512_sum(struct sha512 *s, uint8_t *md)
>> +static void sha512_sum(sha512_state_t *s, uint8_t *md)
>>  {
>>         int i;
>>
>> @@ -153,7 +153,7 @@ static void sha512_sum(struct sha512 *s, uint8_t *md)
>>         }
>>  }
>>
>> -static void sha512_update(struct sha512 *s, const void *m, unsigned long len)
>> +static void sha512_update(sha512_state_t *s, const void *m, unsigned long len)
>>  {
>>         const uint8_t *p = m;
>>         unsigned r = s->len % 128;
>> @@ -196,7 +196,7 @@ static char *to64(char *s, unsigned int u, int n)
>>  #define ROUNDS_MAX 9999999
>>
>>  /* hash n bytes of the repeated md message digest */
>> -static void hashmd(struct sha512 *s, unsigned int n, const void *md)
>> +static void hashmd(sha512_state_t  *s, unsigned int n, const void *md)
>>  {
>>         unsigned int i;
>>
>> @@ -207,7 +207,7 @@ static void hashmd(struct sha512 *s, unsigned int n, const void *md)
>>
>>  static char *sha512crypt(const char *key, const char *setting, char *output)
>>  {
>> -       struct sha512 ctx;
>> +       sha512_state_t ctx;
>>         unsigned char md[64], kmd[64], smd[64];
>>         unsigned int i, r, klen, slen;
>>         char rounds[20] = "";
>> @@ -369,3 +369,22 @@ char *__crypt_sha512(const char *key, const char *setting, char *output)
>>                 return "*";
>>         return p;
>>  }
>> +
>> +void __sha512_push(sha512_state_t *s, const void *d, size_t n)
>> +{
>> +       sha512_update(s, d, n);
>> +}
>> +
>> +void __sha512_finish(sha512_state_t *s, const void *md)
>> +{
>> +       sha512_sum(s, (uint8_t *)md);
>> +}
>> +
>> +sha512_state_t __sha512_init()
>> +{
>> +       sha512_state_t s;
>> +
>> +       sha512_init(&s);
>> +
>> +       return s;
>> +}
>> diff --git a/src/crypt/sha512.c b/src/crypt/sha512.c
>> new file mode 100644
>> index 0000000..42059e9
>> --- /dev/null
>> +++ b/src/crypt/sha512.c
>> @@ -0,0 +1,11 @@
>> +#include <unistd.h>
>> +#include <sha2.h>
>> +
>> +void *sha512(const void *d, size_t n, void *md)
>> +{
>> +       sha512_state_t s = SHA512STATEINIT;
>> +
>> +       sha512_push(&s, d, n);
>> +       sha512_finish(&s, md);
>> +       return md;
>> +}
>> diff --git a/src/crypt/sha512_finish.c b/src/crypt/sha512_finish.c
>> new file mode 100644
>> index 0000000..fe91bd5
>> --- /dev/null
>> +++ b/src/crypt/sha512_finish.c
>> @@ -0,0 +1,9 @@
>> +#include <unistd.h>
>> +#include <sha2.h>
>> +
>> +void __sha512_finish(sha512_state_t *s, void *__restrict);
>> +
>> +void sha512_finish(sha512_state_t *s, void *md)
>> +{
>> +       __sha512_finish(s, md);
>> +}
>> diff --git a/src/crypt/sha512_push.c b/src/crypt/sha512_push.c
>> new file mode 100644
>> index 0000000..dffb9dc
>> --- /dev/null
>> +++ b/src/crypt/sha512_push.c
>> @@ -0,0 +1,9 @@
>> +#include <unistd.h>
>> +#include <sha2.h>
>> +
>> +void __sha512_push(sha512_state_t *s, const void *__restrict, size_t n);
>> +
>> +void sha512_push(sha512_state_t *s, const void *d, size_t n)
>> +{
>> +       __sha512_push(s, d, n);
>> +}
>> --
>> 2.2.1.209.g41e5f3a
>>
>
>
>
> --
> Shawn Landden



-- 
Shawn Landden

Re: Re: [RFC] sha2: new <sha2.h> header

[Laurent Bercot]

  I think the main point isn't corner cases, the main point is that
those functions (as well-written and useful as they are) are not
standardized to be included in a libc, and that would make
depending on them nonportable and/or hazardous.

  I agree with Rich's point: sha2 and other cryptographic functions
have their place in a user library, not in a libc.

-- 
  Laurent