Subject: Re: muhah
To: Alistair Crooks <agc@pkgsrc.org>
From: Bill Studenmund <wrstuden@zembu.com>
List: tech-pkg
Date: 03/26/2001 09:10:32
On Mon, 26 Mar 2001, Alistair Crooks wrote:
> On Sat, Mar 24, 2001 at 05:09:48PM -0800, Bill Studenmund wrote:
> > On Fri, 23 Mar 2001, Trevor Johnson wrote:
> >
> > > You misunderstand. What I requested is output from "digest sha1 foo" in
> > > the format that "openssl dgst -sha1 foo" has, and likewise for "digest
> > > rmd160 foo" to have the same format as "openssl dgst -rmd160". That way,
> > > if it ever becomes desirable to use OpenSSL for hashing--for instance, in
> > > a future world where pre-1999 versions of NetBSD needn't to be fully
> > > supported--such massaging will not be necessary. I've appended a trivial
> > > patch which does this. For the SHA-1 and RIPEMD-160 hashes, the slightly
> > > different output is unnecessary. MD5 hashes have already been calculated,
> > > so I don't propose changing them.
> >
> > Looks fine to me.
>
> It doesn't look fine to me, since this is incompatible with the *BSD md5(1)
> output format.
So? They aren't MD5 hashes. :-)
As I understand it, the *BSD md5(1) program set prior art for how md5
hashes look. It's a shame that openssl didn't follow the same format. But
then openssl went off and added sha1 and r{,ipe}md160 support. Why does it
make sense to not follow their lead? At least in how we name the hashes..
(RIPEMD160 vs RMD160).
And since the support for these hashes hasn't been in md5/cksum(1) for a
week, changing it shouldn't be too big a deal.
Take care,
Bill