[
https://issues.apache.org/jira/browse/COUCHDB-625?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12802038#action_12802038
]
Jonathan D. Knezek commented on COUCHDB-625:
--------------------------------------------
Sure.
The SHA1 pseudo-code came from
http://en.wikipedia.org/w/index.php?title=SHA_hash_functions&oldid=338273346#SHA-1_pseudocode.
It was hand-typed as I attempted to convert from imperative to functional
code. This is one of my first attempts at serious Erlang and functional
programming in general so it was originally intended as an intellectual
challenge.
The currently posted version is very similar structurally. My latest
(unposted) version has ~15% improved performance and is very different
structurally (combined the extend and loop sections to avoid list
construction). I can post this latest version if it'll help.
The HMAC pseudo-code came from
http://en.wikipedia.org/w/index.php?title=HMAC&oldid=336183553#Implementation
which is actually incorrect. I corrected my implementation from the RFC
description at http://tools.ietf.org/html/rfc2104. The code is very similar,
but this is an algorithm I would argue can only really be implemented one
way... It's only ten lines of pseudo-code.
I unfortunately think it's a moot point because the pure Erlang performance is
too poor to be useful and will likely have to be implemented as a native
extension, external port, or something like that to be feasible...
> Pure Erlang alternative to crypto library
> -----------------------------------------
>
> Key: COUCHDB-625
> URL: https://issues.apache.org/jira/browse/COUCHDB-625
> Project: CouchDB
> Issue Type: Improvement
> Components: Infrastructure
> Reporter: Jonathan D. Knezek
> Assignee: Chris Anderson
> Priority: Minor
> Attachments: ccrypto.erl
>
>
> On some platforms (in my case a SheevaPlug running on armv5te) it may be
> difficult or impossible to obtain a version of Erlang built with support for
> the crypto standard library. I grepped the CouchDB source and have attempted
> to reproduce the used crypto calls in pure Erlang.
> I have reproduced the start/0, rand_uniform/2, rand_bytes/1, sha/1, and
> sha_mac/2 functions, along with test_sha/1 and test_sha_mac/1 functions to
> validate the pure Erlang results against the crypto library's results. The
> public non-test functions attempt to first call into crypto if available, as
> it is the preferred implementation.
> As I'm not familiar with the build system, app system, etc. of Erlang I am
> only attaching the library implementation. I'm sure more work would be
> required to fully integrate it into CouchDB if accepted.
> As far as licensing goes, SHA1 is defined in NIST FIPS 180-2
> (http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf), and
> according to the IETF, the patent covering the algorithm has been made
> royalty-free (https://datatracker.ietf.org/ipr/858).
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
