From: Bruce Korb <bkorb@gnu.org>
To: Bruno Haible <bruno@clisp.org>
Cc: bug-gnulib@gnu.org
Subject: Re: gc-pbkdf2-sha1 must not be deprecated
Date: Wed, 23 Sep 2020 09:55:48 -0700 [thread overview]
Message-ID: <feb8ca65-c9cd-1fa0-4cb4-ad6877dba731@gnu.org> (raw)
In-Reply-To: <1659983.Jv00QytavF@omega>
On 9/22/20 10:03 AM, Bruno Haible wrote:
> I'm not really familiar with these. Does the libgcrypt documentation help,
> maybe?
>
> Bruno
I have become much more familiar that I'd really like to be. It seems
that without the crypto/gc-pbkdf2-sha1 module defined, then
GNULIB_GC_HMAC_SHA1 is not defined so the switch statement falls through
to the error return. If crypto/gc-pbkdf2 provides a definition for
GC_SHA1, then the code needs to handle it. There are legitimate uses for
SHA1, even if it should not be used for signing files. It cannot be
obsoleted. Ever.
> 101 Gc_rc
> 102 gc_pbkdf2_hmac (Gc_hash hash,
> 103 const char *P, size_t Plen,
> 104 const char *S, size_t Slen,
> (gdb)
> 105 unsigned int c, char *DK, size_t dkLen)
> 106 {
> 107 gc_prf_func prf;
> 108 size_t hLen;
> 109
> 110 switch (hash)
> 111 {
> 112 #if GNULIB_GC_HMAC_SHA1
> 113 case GC_SHA1:
> 114 prf = gc_hmac_sha1;
> (gdb)
> 115 hLen = GC_SHA1_DIGEST_SIZE;
> 116 break;
> 117 #endif
> 118
> 119 #if GNULIB_GC_HMAC_SHA256
> 120 case GC_SHA256:
> 121 prf = gc_hmac_sha256;
> 122 hLen = GC_SHA256_DIGEST_SIZE;
> 123 break;
> 124 #endif
> (gdb)
> 125
> 126 #if GNULIB_GC_HMAC_SHA512
> 127 case GC_SHA512:
> 128 prf = gc_hmac_sha512;
> 129 hLen = GC_SHA512_DIGEST_SIZE;
> 130 break;
> 131 #endif
> 132
> 133 default:
> 134 return GC_INVALID_HASH;
> (gdb)
> 135 }
> 136
> 137 return gc_pbkdf2_prf (prf, hLen, P, Plen, S, Slen, c, DK,
> dkLen);
> 138 }
prev parent reply other threads:[~2020-09-23 16:55 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CAKRnqNLXD7waxPm7h=5S2-HkAe9WMVsLDtCuNrOFy_eyJZeZBQ@mail.gmail.com>
[not found] ` <56102afd-8924-3338-722f-da03e590dd63@gnu.org>
[not found] ` <87d02ob434.fsf@herbrand>
2020-09-14 21:11 ` Trying to bootstrap my project, distcheck doesn't configure Bruce Korb
2020-09-14 22:53 ` Bruno Haible
2020-09-15 14:16 ` Bruce Korb
2020-09-18 15:58 ` gc-pbkdf2-sha1 is deprecated Bruce Korb
2020-09-18 16:32 ` Bruno Haible
2020-09-21 22:49 ` Bruce Korb
2020-09-22 15:04 ` Bruce Korb
2020-09-22 17:03 ` Bruno Haible
2020-09-23 16:55 ` Bruce Korb [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://lists.gnu.org/mailman/listinfo/bug-gnulib
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=feb8ca65-c9cd-1fa0-4cb4-ad6877dba731@gnu.org \
--to=bkorb@gnu.org \
--cc=bruno@clisp.org \
--cc=bug-gnulib@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).