On 19 Jan 2017, at 18:29, Dirk-Willem van Gulik <di...@webweaving.org> wrote:

> Am wondering now it if makes sense to create a new directory with:
> 
>    hash/*
> 
> section (or something in crypto) where I cull things/move out of the current 
> apr_random, sha256_glue and apr_md4/5 and apr_sha1 - and
> then all give them below treatment.
> 
> It would make wiring them up to OS specific things or to 
> nss/openssl/CommonCrypto also a bit easier.
> 
> And then perhaps come up with a few extra apr_hash things that do a subset of 
> what we currently do in the various apr_sha/md’s.
> 
> Or is that not worth it - as mid to long term md4/md5 and sha1 will evaporate.

I've always been keen to create an apr_crypto_hash_*() set of functions that do 
hashing, but guaranteed to be implemented by crypto libraries (OpenSSL et al) 
and therefore secure.

Regards,
Graham
--


Reply via email to