apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dirkjan Ochtman <...@apache.org>
Subject Re: SHA2 in APR
Date Wed, 16 Oct 2013 15:57:13 GMT
On Wed, Oct 16, 2013 at 5:17 PM, Nick Kew <niq@apache.org> wrote:> OK,
that raises two questions:
> 1. From your point of view, how useful would a fully-implemented
>    apr_sha2 be, compared either to using a third-party library or a
>    standalone implementation?

Well, the alternatives are (a) relying on an extra dependency for my
Apache module, probably NSS or OpenSSL or both, or (b) pulling in a
semi-random copy of SHA2 from the internet and including that. If APR
already included a maintained version of SHA2 (and it looks like it
already does, except it's not exposed to external users), that would
definitely make things easier for me.

> 2. If it does add value, is the API referenced in your bug exactly
>    what you want, or might there be mileage in reviewing/extending it?

Given that the API seen in Doxygen [1] is quite similar to the API
already exposed for sha1 (which for some reason doesn't appear at
http://apr.apache.org/docs/apr-util/1.5/, although it certainly
installed on my Linux box through dev-libs/apr-util-1.5.2), I'm quite
confident it's sufficient.

(So I only just discovered that the sha1 implementation we're using is
in APR-util, not APR itself; not sure how that changes things.)



[1] http://ci.apache.org/projects/httpd/trunk/doxygen/sha2_8h.html

View raw message