Return-Path: <dev-return-26834-archive-asf-public=cust-asf.ponee.io@apr.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id 462B8200C02
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Fri, 20 Jan 2017 12:53:10 +0100 (CET)
Received: by cust-asf.ponee.io (Postfix)
	id 44ABD160B48; Fri, 20 Jan 2017 11:53:10 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id 8ED4C160B39
	for <archive-asf-public@cust-asf.ponee.io>; Fri, 20 Jan 2017 12:53:09 +0100 (CET)
Received: (qmail 78562 invoked by uid 500); 20 Jan 2017 11:53:06 -0000
Mailing-List: contact dev-help@apr.apache.org; run by ezmlm
Precedence: bulk
List-Post: <mailto:dev@apr.apache.org>
List-Help: <mailto:dev-help@apr.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@apr.apache.org>
List-Id: <dev.apr.apache.org>
Delivered-To: mailing list dev@apr.apache.org
Received: (qmail 78552 invoked by uid 99); 20 Jan 2017 11:53:06 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 20 Jan 2017 11:53:06 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id E7EB318C36E
	for <dev@apr.apache.org>; Fri, 20 Jan 2017 11:53:05 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: 0.379
X-Spam-Level: 
X-Spam-Status: No, score=0.379 tagged_above=-999 required=6.31
	tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
	RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01,
	RCVD_IN_MSPIKE_WL=-0.01, RCVD_IN_SORBS_SPAM=0.5, SPF_PASS=-0.001]
	autolearn=disabled
Authentication-Results: spamd3-us-west.apache.org (amavisd-new);
	dkim=pass (2048-bit key) header.d=gmail.com
Received: from mx1-lw-eu.apache.org ([10.40.0.8])
	by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024)
	with ESMTP id 9pf5Trdfa6gX for <dev@apr.apache.org>;
	Fri, 20 Jan 2017 11:53:03 +0000 (UTC)
Received: from mail-yb0-f170.google.com (mail-yb0-f170.google.com [209.85.213.170])
	by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTPS id E820D5FB5D
	for <dev@apr.apache.org>; Fri, 20 Jan 2017 11:53:02 +0000 (UTC)
Received: by mail-yb0-f170.google.com with SMTP id w194so50332909ybe.0
        for <dev@apr.apache.org>; Fri, 20 Jan 2017 03:53:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc;
        bh=klvXO/N3l8K/B7hyz7iZpz90igWgcjcadon03av1/ng=;
        b=A2w0vW333EAc8Do9W0LcQoxzdIhKcHb9UkvtdbB6SDfE5DXiGkUd0DafYPRkFYAYEU
         DZB1gpzdq7/dr5oUV5NYLLUmf9RFcXPPFbYd6KNrO8vBA8hS7+qh0k/IQKuzUPtofNuu
         WNQehqIdxMl3eH7f9g3mt8JosrmyuxzjC+nTcfk827Kj3I7vS5Wut8hHRt75uTZ6wGCT
         b2BHCtIrga00bzqHOt0v2zBI2hwHIUKcZqVbxSv/tesy5FExbdvfV/9T39y2sNJ0Hluf
         0KErWplUk/zKvQEe0zq6gVZc1H37KsxmV7u+po6Tmje3D/NTTdq44Mx1cHjznjfRthq0
         LOew==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc;
        bh=klvXO/N3l8K/B7hyz7iZpz90igWgcjcadon03av1/ng=;
        b=AzUM/NeFp45pAgrHJ9WqeYJj2tNAyu2MdkLkjz5VNRKAUIJhHb4qfkO9lleYof8F43
         7qjYxjHDmcfk9pWdkLDWEzS/2m7orgNIgpxSB0ecY5Fj4eueMspzK308xv4HdJyCvSCQ
         g5sD2TT/RYn/0R0h+9s98mH6+bY1DxHtJcy1/ngakdHhw5XIGyhIaGaspxjUOPUVB9/W
         mWAzPZ1Qt7nyZgFip3ywBZGqmSTMmNwKBltri6ov7SWZ5a+dCyp8jUnoqZODM5xEeDyC
         QHFQAGwjXjLtdweRNwhdLkQJoEsAxu0gqOJRAVWEctOlnWznpRi/h2UjHmBYOh31maxU
         v7hA==
X-Gm-Message-State: AIkVDXLhlF/pCXU86zmxo7lAZVV8h/Rqcg80puWBflLNawB5fPrKYKB7D7xwHslNBynbAmCpQaOKEgaw7om1sQ==
X-Received: by 10.200.37.199 with SMTP id f7mr11789387qtf.186.1484913181935;
 Fri, 20 Jan 2017 03:53:01 -0800 (PST)
MIME-Version: 1.0
Received: by 10.55.177.66 with HTTP; Fri, 20 Jan 2017 03:53:01 -0800 (PST)
In-Reply-To: <C54ED910-317D-43D3-8BF9-F18B5D427405@webweaving.org>
References: <EB050EBB-EA5E-4908-9B6A-031E5B6F5E0E@webweaving.org>
 <BCC8F08D-6B96-4137-98A7-DC748F2B7A9A@webweaving.org> <DCD529CE-6AFC-4606-98ED-189CF51FB511@sharp.fm>
 <493F36A5-3620-4603-BFB2-6C16E77D243B@webweaving.org> <CACsi253GuONTZv5J7oCu-_Y2ryvbvC8JQ41AK3e--OZfzEKXsA@mail.gmail.com>
 <C54ED910-317D-43D3-8BF9-F18B5D427405@webweaving.org>
From: Yann Ylavic <ylavic.dev@gmail.com>
Date: Fri, 20 Jan 2017 12:53:01 +0100
Message-ID: <CAKQ1sVN+uHb11TSSsdyQVn2nVNZ-YwEq3zH9q9etVLjS0hY+qQ@mail.gmail.com>
Subject: Re: SHA256 and friends.
To: Dirk-Willem van Gulik <dirkx@webweaving.org>
Cc: APR Developer List <dev@apr.apache.org>
Content-Type: text/plain; charset=UTF-8
archived-at: Fri, 20 Jan 2017 11:53:10 -0000

On Fri, Jan 20, 2017 at 9:22 AM, Dirk-Willem van Gulik
<dirkx@webweaving.org> wrote:
>
> As to the selection of the hash - I can see three strategies
>
> A)      current approach (we do this I think only for sha256):
>
>                  apr_crypto_hash_t * ctx = apr_crypto_sha256_new(pool);
>
>         followed by a hash neutral/generic
>
>                 apr_hash(sha256_ctx, &buf, &len,  plain, plainlen, pool);

Probably apr_crypto_hash() since apr_hash() is non-crypto hashtable in APR.
Would be nice to have init/update/finish versions too.

>
>         and then create the the corresponding
>
>                 apr_crypto_md4_new(apr_pool_t *);
>                 apr_crypto_md5_new(apr_pool_t *);
>                 apr_crypto_sha1_new(apr_pool_t *);
>                 apr_crypto_sha256_new(apr_pool_t *);
>
>         and create new ones (eg. SHA512 etc, etc) as we go along.

I like C) more since you propose ;)

>
> B)      more of the ENUM approach as used elsewhere in APR:
>
>                 enum {
>                         APR_CRYPTO_SANE_DEFAULT = APR_CRYPTO_SHA256, // whatever the report of Ecrypt/NIST recommended in the year of the release.
>                         APR_CRYPTO_MD4,
>                         APR_CRYPTO_MD5,
>                         ....
>
>                 apr_crypto_hash_t * ctx = apr_crypto_hash_new(pool, APR_CRYPTO_MD4);
>
>         with the goal of deprectating the apr_crypto_sha256_new soon. Which has
>         the downside that this ultimately means numbers rather than symbols
>         and limiting what you can spot at link time.

Quite the same as A) from an evolutivity perspective, with the
mentioned downside.

>
> C)      something more akin to what I use now (as the code I am trying
>         to get under long term maintenance control fudges things a bit
>         to deal with hardware base crypto (network HSMs and cheap
>         USB chipcards/SIMS):
>
>                 #define APR_CRYPTO_MD4 "MD4"
>                 apr_crypto_hash_t * ctx = apr_crypto_hash_new(pool, APR_CRYPTO_MD4);
>
>         where the strings are picked so that they work with the existing
>         char* based pickers of openssl and nss (EVP_get_digestbyname et.al.).

I like it, quite agile wrt APR release cycle.
Maybe return an apr_status_t somehow for things like APR_ENOTIMPL.

>
> Does anyone have any strong opinions ?

Not strong, but C) if no objection raises.


Anyway, thanks for this work, authenticated encryption (AES-GCM,
Chacha20-poly, caesar upcoming portfolio, ...) would be nice too.

Regards,
Yann.