New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
libscrypt-kdf #168
libscrypt-kdf #168
Conversation
This comment has been minimized.
This comment has been minimized.
From offline communication, libtool is ok. I've therefore reworked this to use libtool, in order to provide a shared library as well. Two remaining questions:
|
Note: before the first release that includes libscrypt, we should update |
Dumb question: Is it possible to make libtool necessary only for people who want libscrypt and not for people who only want the utility? |
I'll check again, but I tried hiding LT_INIT inside an AS_IF but it still generated the configure checks. It's just possible that I forgot to |
Looks like I wasn't wrong. If
then only one of those should be executed. But instead, I get:
which amusingly seems to imply that Looking at the resulting |
Rebased onto master |
Sigh... the wonders of autoconf... Ok, we definitely need to make this version 1.3.0. |
Not that I disagree with the number 1.3.0, but it just occurred to me that I only tested "does it check for libtool?", not "does it bail if it doesn't find libtool?". Also, I was looking at the "build from git", not "build from a release tarball". I'll test the latter now. |
Hmm, I wonder if it makes sense for this to be |
First thought: if somebody doesn't check the header file, they're not going to know which parameters are for the salt, N, r, etc. That said, it's quite plausible that somebody would look for a What would you feel about a symlink for |
I was thinking maybe that we could simply have a separate |
... ok. I'm guessing that file would be
|
No, because I'd prefer to install just one header file, not two. ;-) And it needs some magic so that people can call |
ok, I'll add that. Thinking about release plans... how about we have 1.2.2 without libscrypt, but add a note saying that we're adding a libscrypt library and expect to have 1.3.0 in a week or two. (or maybe that should be a separate message) Basically, get the current code out there (in case libtool turns out to be a huge pain for some people), and attract more eyeballs on the libscrypt branch before we have a "libscrypt 1.0.0" out there. |
Good news:
so there's absolutely no dependency on autotools. |
libscrypt/scrypt.c
Outdated
uint8_t * buf, size_t buflen) | ||
{ | ||
|
||
return (crypto_scrypt(passwd, passwdlen, salt, saltlen, N, _r, _p, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In a comment, you said:
And it needs some magic so that people can call
scrypt()
and end up runningcrypto_scrypt
code.
Do you actually want magic (something fancy), or just a plain function call?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was thinking that #define scrypt crypto_scrypt
along with the declaration of crypto_scrypt
would suffice.
libscrypt/scrypt.h
Outdated
* This file was originally written by Colin Percival as part of the Tarsnap | ||
* online backup system. | ||
*/ | ||
#ifndef SCRYPT_H_ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oops, I took off the initial underscore, but forgot about the trailing one.
BTW: can we not have an initial underscore here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure.
tests/libscrypt/Makefile
Outdated
.POSIX: | ||
|
||
all: | ||
${CC} sample-libscrypt.c -lscrypt |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I forgot that I gave a sample compile command in the README. We probably don't need this makefile, then.
I'm leaning towards making a |
Updated PR with rebase |
Updated with rename to |
LGTM, should I merge this now? |
I've just rebased it onto master so that we'll have nicer-looking history. Then it's good for a merge. :) |
actually, I'll do a final test of this on OSX. |
Good to go now. We'll assume that if somebody is installing the library on OSX to a non-standard location, they know how to set up |
No description provided.