[
https://issues.apache.org/jira/browse/COUCHDB-625?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jonathan D. Knezek updated COUCHDB-625:
---------------------------------------
Attachment: ccrypto.erl
This new version exports the pure functions (prefixed with pure_) for testing,
adds test_rand_bytes/1 which reports the number of collisions found in N
generated UUIDs, and combines the word expansion and mixing steps for sha/1.
The SHA1 implementation is about 15% faster than the previous version due to
the elimination of list construction.
Also, after actually checking the sites where sha/1 and sha_mac/2 were called,
I'm much less concerned about speed. I thought they were being used to
calculate the revisions, so I was worried about possibly handling several MB.
All the uses are dealing with authentication, though, and this version can hash
about 21kB/s on my 1.2 GHz SheevaPlug.
I say give legal a ring. :]
> Pure Erlang alternative to crypto library
> -----------------------------------------
>
> Key: COUCHDB-625
> URL: https://issues.apache.org/jira/browse/COUCHDB-625
> Project: CouchDB
> Issue Type: Improvement
> Components: Infrastructure
> Reporter: Jonathan D. Knezek
> Assignee: Chris Anderson
> Priority: Minor
> Attachments: ccrypto.erl, ccrypto.erl
>
>
> On some platforms (in my case a SheevaPlug running on armv5te) it may be
> difficult or impossible to obtain a version of Erlang built with support for
> the crypto standard library. I grepped the CouchDB source and have attempted
> to reproduce the used crypto calls in pure Erlang.
> I have reproduced the start/0, rand_uniform/2, rand_bytes/1, sha/1, and
> sha_mac/2 functions, along with test_sha/1 and test_sha_mac/1 functions to
> validate the pure Erlang results against the crypto library's results. The
> public non-test functions attempt to first call into crypto if available, as
> it is the preferred implementation.
> As I'm not familiar with the build system, app system, etc. of Erlang I am
> only attaching the library implementation. I'm sure more work would be
> required to fully integrate it into CouchDB if accepted.
> As far as licensing goes, SHA1 is defined in NIST FIPS 180-2
> (http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf), and
> according to the IETF, the patent covering the algorithm has been made
> royalty-free (https://datatracker.ietf.org/ipr/858).
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
