Return-Path: 
 <security-dev-return-4008-apmail-xml-security-dev-archive=xml.apache.org@xml.apache.org>
Delivered-To: apmail-xml-security-dev-archive@www.apache.org
Received: (qmail 49517 invoked from network); 17 Feb 2005 09:09:09 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199)
  by minotaur-2.apache.org with SMTP; 17 Feb 2005 09:09:09 -0000
Received: (qmail 88534 invoked by uid 500); 17 Feb 2005 09:09:08 -0000
Delivered-To: apmail-xml-security-dev-archive@xml.apache.org
Received: (qmail 88290 invoked by uid 500); 17 Feb 2005 09:09:07 -0000
Mailing-List: contact security-dev-help@xml.apache.org; run by ezmlm
Precedence: bulk
List-Post: <mailto:security-dev@xml.apache.org>
List-Help: <mailto:security-dev-help@xml.apache.org>
List-Unsubscribe: <mailto:security-dev-unsubscribe@xml.apache.org>
List-Subscribe: <mailto:security-dev-subscribe@xml.apache.org>
Reply-To: security-dev@xml.apache.org
Delivered-To: mailing list security-dev@xml.apache.org
Received: (qmail 88277 invoked by uid 99); 17 Feb 2005 09:09:07 -0000
X-ASF-Spam-Status: No, hits=1.1 required=10.0
	tests=FORGED_RCVD_HELO,NO_DNS_FOR_FROM
X-Spam-Check-By: apache.org
Received-SPF: pass (hermes.apache.org: local policy)
Received: from cust4394.vic01.dataco.com.au (HELO cerberus.wingsofhermes.org)
 (202.164.195.42)
  by apache.org (qpsmtpd/0.28) with SMTP; Thu, 17 Feb 2005 01:09:06 -0800
Received: (qmail 26005 invoked by uid 1008); 17 Feb 2005 09:09:01 -0000
Received: from 192.168.3.10 by cerberus.wingsofhermes.org (envelope-from
 <berin@wingsofhermes.org>, uid 1002) with qmail-scanner-1.23
 (clamdscan: 0.75.1. spamassassin: 3.0.0.  
 Clear:RC:1(192.168.3.10):.
 Processed in 0.11539 secs); 17 Feb 2005 09:09:01 -0000
Received: from unknown (HELO ?192.168.3.10?) (192.168.3.10)
  by 0 with SMTP; 17 Feb 2005 09:09:00 -0000
Message-ID: <42145F06.2020108@wingsofhermes.org>
Date: Thu, 17 Feb 2005 20:08:22 +1100
From: Berin Lautenbach <berin@wingsofhermes.org>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
 rv:1.7.3) Gecko/20040910
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: security-dev@xml.apache.org
Subject: Re: C++ lib support for SHA-256, etc.?
References: <200502161821.j1GIL4Gg025626@defang9.net.ohio-state.edu>
In-Reply-To: <200502161821.j1GIL4Gg025626@defang9.net.ohio-state.edu>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-Virus-Checked: Checked
X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N

Scott,

Just been reading about it.  (Was away for a few days.)

The reason it's not there now is neither Windows CAPI nor OpenSSL 
supported -256 or -512 when the hashing functions were first implemented.

I notice the development branch of OpenSSL now includes SHA-256/512 so I 
might look at compiling up 0.9.8-dev and see how it goes.

Otherwise we'll have to actually implement the algorithm.  Mind you - 
that's not that difficult to do, it's just not likely to be as quick as 
the OpenSSL implementation.

Cheers,
	Berin

Scott Cantor wrote:
> In light of the recent talk about SHA-1 being weakened, does the C++ xmlsec
> library support the stronger SHA hashing algorithms at this point?
> 
> I see the constants defined in the Java version, but I can't use them if
> they won't interop.
> 
> I suspect adding the support isn't too hard, but I don't have an ASF contrib
> form on file, so it's not a simple matter for me to donate the work if I do
> it, so I thought I'd ask first.
> 
> -- Scott
> 
> 
>