couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jonathan D. Knezek (JIRA)" <>
Subject [jira] Commented: (COUCHDB-625) Pure Erlang alternative to crypto library
Date Tue, 19 Jan 2010 02:08:54 GMT


Jonathan D. Knezek commented on COUCHDB-625:


The SHA1 pseudo-code came from
 It was hand-typed as I attempted to convert from imperative to functional code.  This is
one of my first attempts at serious Erlang and functional programming in general so it was
originally intended as an intellectual challenge.

The currently posted version is very similar structurally.  My latest (unposted) version has
~15% improved performance and is very different structurally (combined the extend and loop
sections to avoid list construction).  I can post this latest version if it'll help.

The HMAC pseudo-code came from
which is actually incorrect.  I corrected my implementation from the RFC description at
 The code is very similar, but this is an algorithm I would argue can only really be implemented
one way...  It's only ten lines of pseudo-code.

I unfortunately think it's a moot point because the pure Erlang performance is too poor to
be useful and will likely have to be implemented as a native extension, external port, or
something like that to be feasible...

> Pure Erlang alternative to crypto library
> -----------------------------------------
>                 Key: COUCHDB-625
>                 URL:
>             Project: CouchDB
>          Issue Type: Improvement
>          Components: Infrastructure
>            Reporter: Jonathan D. Knezek
>            Assignee: Chris Anderson
>            Priority: Minor
>         Attachments: ccrypto.erl
> On some platforms (in my case a SheevaPlug running on armv5te) it may be difficult or
impossible to obtain a version of Erlang built with support for the crypto standard library.
 I grepped the CouchDB source and have attempted to reproduce the used crypto calls in pure
> I have reproduced the start/0, rand_uniform/2, rand_bytes/1, sha/1, and sha_mac/2 functions,
along with test_sha/1 and test_sha_mac/1 functions to validate the pure Erlang results against
the crypto library's results.  The public non-test functions attempt to first call into crypto
if available, as it is the preferred implementation.
> As I'm not familiar with the build system, app system, etc. of Erlang I am only attaching
the library implementation.  I'm sure more work would be required to fully integrate it into
CouchDB if accepted.
> As far as licensing goes, SHA1 is defined in NIST FIPS 180-2 (,
and according to the IETF, the patent covering the algorithm has been made royalty-free (

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message