Telodendria/Cytoplasm
Telodendria/Cytoplasm
3
3
Fork 5
Code Issues 17 Pull requests 2 Projects Releases 2 Packages Activity Actions

Start optionally using the SHA implementation from the existing crypto API #44

Merged
jordan merged 5 commits from lda/Cytoplasm:opt-ssl-for-sha into master 2024-08-24 17:06:05 +00:00
Conversation 1 Commits 5 Files changed 2 +46 -1
lda commented 2024-08-16 16:33:00 +00:00
Contributor
Copy link

Those are probably faster and more secure than the default one. The older implementation still stays when no good TLS library can provide its SHA functions.

Keeping this as a WIP since I'm not 100% sure it compiles on LibreSSL, but can't test as of now. If anyone has the time to do so, please let me know.

Those are probably faster and more secure than the default one. The older implementation still stays when no good TLS library can provide its SHA functions. Keeping this as a WIP since I'm not 100% sure it compiles on LibreSSL, but can't test as of now. If anyone has the time to do so, please let me know.
lda added 2 commits 2024-08-16 16:33:01 +00:00 
I still haven't tested on LibreSSL (Debian doesn't seem to actually like
it all that much), but manuals seems to state that they're the same in
that regard. If anyone is up to verify, let me know so that I'm aware
it's safe to merge it.
lda added 1 commit 2024-08-16 16:33:14 +00:00
jordan commented 2024-08-18 23:22:00 +00:00
Owner
Copy link

Faster, yes, probably.

More secure, probably not. It's just an algorithm. Unless I didn't implement it properly, it should be just as secure as the TLS library's. Anyone can audit the code if they want. As far as I can tell, it is implemented properly, but I'm always open to being corrected.

That being said, I have no problem with this pull request at all. I'll happily merge it once we verify it can compile with LibreSSL. I unfortunately am not in the position to verify this for myself, as I'm on mostly Linux systems these days that have OpenSSL.

Faster, yes, probably. More secure, probably not. It's just an algorithm. Unless I didn't implement it properly, it should be just as secure as the TLS library's. Anyone can audit the code if they want. As far as I can tell, it is implemented properly, but I'm always open to being corrected. That being said, I have no problem with this pull request at all. I'll happily merge it once we verify it can compile with LibreSSL. I unfortunately am not in the position to verify this for myself, as I'm on mostly Linux systems these days that have OpenSSL.
jordan reviewed 2024-08-23 20:22:15 +00:00
src/Sha/Sha1.c Outdated
@ -28,6 +28,26 @@
#include <limits.h>
#if (TLS_IMPL == TLS_OPENSSL) || (TLS_IMPL == TLS_LIBRESSL)
jordan commented 2024-08-23 20:22:15 +00:00
Owner
Copy link

If you just say #if (TLS_IMPL == TLS_OPENSSL) and get rid of the LibreSSL check, then this will only be applied with OpenSSL, which you verified to work. We can then merge this and add back LibreSSL support later after we verify it is working.

If you just say `#if (TLS_IMPL == TLS_OPENSSL)` and get rid of the LibreSSL check, then this will only be applied with OpenSSL, which you verified to work. We can then merge this and add back LibreSSL support later after we verify it is working.
lda marked this conversation as resolved
lda added 2 commits 2024-08-23 20:46:15 +00:00 
We'll test later...
lda changed title from WIP: Start optionally using the SHA implementation from the existing crypto API to Start optionally using the SHA implementation from the existing crypto API 2024-08-23 20:46:26 +00:00
jordan merged commit f5ce4f5238 into master 2024-08-24 17:06:05 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
bug

Something is not working

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
help wanted

Need some help

  
invalid

Something is wrong

  
question

More information is needed

  
wontfix

This won't be fixed

No labels
bug
duplicate
enhancement
help wanted
invalid
question
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: Telodendria/Cytoplasm#44
No description provided.
Delete branch "lda/Cytoplasm:opt-ssl-for-sha"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?