From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with archive (Exim 4.43) id 1NA83m-0002Wy-Ue for mharc-grub-devel@gnu.org; Mon, 16 Nov 2009 15:20:26 -0500 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1NA83k-0002Th-Fl for grub-devel@gnu.org; Mon, 16 Nov 2009 15:20:24 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1NA83f-0002RF-3T for grub-devel@gnu.org; Mon, 16 Nov 2009 15:20:23 -0500 Received: from [199.232.76.173] (port=60754 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1NA83f-0002RC-0c for grub-devel@gnu.org; Mon, 16 Nov 2009 15:20:19 -0500 Received: from mail-yw0-f194.google.com ([209.85.211.194]:33653) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1NA83e-0000gN-KC for grub-devel@gnu.org; Mon, 16 Nov 2009 15:20:18 -0500 Received: by ywh32 with SMTP id 32so6796780ywh.14 for ; Mon, 16 Nov 2009 12:20:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :x-enigmail-version:content-type; bh=WUgzDps7lwoBhTgtc9A9+bWTiR7+9/T2UJdlFkQzyxs=; b=r2fAXupRhUdII43ImdnVrhYcl+ihNJ59Dpi6EDSByd03zREjEsDUFc113momznU+Ya nOne7C1V1E/zGpNA8Os+1+f2YoHofUmHwEiD0FVTe63PwK1pRynSvTfq74Qlyuv11xjE sN8TGhk198lEUR8WQV2v3qQYSrJb/0Gh1GQhY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:x-enigmail-version:content-type; b=Q+AD51LGacGoB4EY5pVBugMbzYpNFx0+EhqUCdkFUjpUhisdiRnyf14o8yeQHFTW35 B0VQh1crjZFZzqGprfKsS98HdWhInk3H+E1DyfKKW+Qnyei1MUHZUd3ATRRbf2LDgvdO HGs5rORwvxhgMSpW4lPmdaGhPbjdezw052x80= Received: by 10.213.23.210 with SMTP id s18mr1999529ebb.1.1258402817389; Mon, 16 Nov 2009 12:20:17 -0800 (PST) Received: from debian.bg45.phnet (gprs01.swisscom-mobile.ch [193.247.250.1]) by mx.google.com with ESMTPS id 24sm6095197eyx.21.2009.11.16.12.20.15 (version=TLSv1/SSLv3 cipher=RC4-MD5); Mon, 16 Nov 2009 12:20:16 -0800 (PST) Message-ID: <4B01B3F0.2010001@gmail.com> Date: Mon, 16 Nov 2009 21:20:00 +0100 From: Vladimir 'phcoder' Serbinenko User-Agent: Mozilla-Thunderbird 2.0.0.22 (X11/20091109) MIME-Version: 1.0 To: The development of GNU GRUB References: <4B015812.3040808@gmail.com> <20091116143510.GA25789@thorin> <4B01681A.9070302@gmail.com> <20091116182647.GA30919@thorin> <4B01AA4E.9010504@gmail.com> <20091116195906.GB31886@thorin> In-Reply-To: <20091116195906.GB31886@thorin> X-Enigmail-Version: 0.95.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enig8B62AE4543651F6428D0D744" X-detected-operating-system: by monty-python.gnu.org: GNU/Linux 2.6 (newer, 2) Subject: Re: [PATCH] Cryptography X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: The development of GNU GRUB List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Nov 2009 20:20:24 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig8B62AE4543651F6428D0D744 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Robert Millan wrote: > On Mon, Nov 16, 2009 at 08:38:54PM +0100, Vladimir 'phcoder' Serbinenko= wrote: > =20 >> Robert Millan wrote: >> =20 >>> On Mon, Nov 16, 2009 at 03:56:26PM +0100, Vladimir 'phcoder' Serbinen= ko wrote: >>> =20 >>> =20 >>>> 2) Adaptation to the lack of gnulib abstraction layer on top of gcry= pt >>>> =20 >>>> =20 >>> It seems that the usual way of importing gc-pbkdf2-sha1.c is by linki= ng it >>> with gc-gnulib.c or gc-libgcrypt.c. Is this option problematic? >>> >>> =20 >>> =20 >> libgcrypt is done like this: >> >> libgcrypt API ----> Common cryptographic algorithms layer (for some >> algorithms it's quite a passthrough) ---> ciphers >> >> Although we use ciphers from libgcrypt, our middle layer is much simpl= er >> and lacks per-cipher integer IDs. Because of it using gc-libgcrypt.c >> would require an additional level of wrapping and it's much easier to >> just modify few lines in PBKDF2 >> =20 > > Ok. Then in principle we wouldn't contemplate resyncing this file, rig= ht? > > =20 Unless there will be a cryptographic or legal issue, no. PBKDF2 is a static standard > What version of libgcrypt should be imported? > > =20 I used 1.4.4. Latest ChangeLog entry in cipher/ directory is: 2009-01-22 Werner Koch * ecc.c (compute_keygrip): Remove superfluous const. Latest SVN has latest ChangeLog entry: 2009-08-21 Werner Koch * dsa.c (dsa_generate_ext): Release retfactors array before setting it to NULL. Reported by Daiko Ueno. and ChangeLog doesn't mention anything that would result in a different import, except of the currently unused public-key cryptography files (and which will require adaptations in import_gcry.py to be handled) and unused files md.c/cipher.c included in import for reference. So I recommend importing 1.4.4 --=20 Regards Vladimir 'phcoder' Serbinenko --------------enig8B62AE4543651F6428D0D744 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iF4EAREKAAYFAksBs/oACgkQNak7dOguQgmEeAEAjnxC8Il6DJo7hCH9cTzijaq9 Dv2bseBEHtJj7SdOsscA/AkRv2Ql7iS/H751Wo4DZZ6VuiKkdAwyy36vtN9LxMFJ =qU/N -----END PGP SIGNATURE----- --------------enig8B62AE4543651F6428D0D744--