This is the mail archive of the
libc-hacker@cygnus.com
mailing list for the glibc project.
Re: 2.2 projects
- To: zack@rabi.columbia.edu
- Subject: Re: 2.2 projects
- From: Geoff Keating <geoffk@ozemail.com.au>
- Date: Sat, 30 Jan 1999 15:41:28 +1100
- CC: libc-hacker@cygnus.com
- References: <199901281615.LAA14703@rabi.phys.columbia.edu>
> Date: Thu, 28 Jan 1999 11:15:50 -0500
> From: Zack Weinberg <zack@rabi.columbia.edu>
>
>
> Now it looks like 2.1 is in the can, we should start thinking about what we
> want to do for 2.2. I already have a short list:
>
> - localedef rewrite
> - wide streams
> - build overhaul
> - new test framework
> - TLI over sockets, XTI if possible
> - Thomas's pthreads rewrite
>
> and a longer one:
>
> - OpenBSD extended crypt() [need non-US hacker]
This is the Blowfish '$2a$' crypt prefix, isn't it?
I don't really want to put that in, because it isn't exportable and we
already have a MD5-based crypt that is secure and exportable. I guess
you could add a SHA-based crypt if you wanted an alternative to
MD5---it might be helpful to US government people who need to use
an approved algorithm.
The other possible extension is a cryptographic random number
generator, for generating salts (and suchlike), along the lines of
OpenBSD's arc4random. It would read /dev/urandom (and fail if it
doesn't exist? or try something else?). It would be exportable since
it isn't cryptography.
SYNOPSIS
#include <stdlib.h>
u_int32_t
arc4random(void)
void
arc4random_stir(void)
void
arc4random_addrandom(u_char *dat, int datlen)
DESCRIPTION
The arc4random() function uses the key stream generator employed by the
arc4 cipher, which uses 8*8 8 bit S-Boxes. The S-Boxes can be in about
(2**1700) states.
The arc4random_stir() function reads data from /dev/arandom and uses it
to permutate the S-Boxes via arc4random_addrandom().
There is no need to call arc4random_stir() before using arc4random(),
since arc4random() automatically initalizes itself.
--
Geoffrey Keating <geoffk@ozemail.com.au>