On 2016-05-27 14:41, M.-A. Lemburg wrote:
On 27.05.2016 22:58, Ryan Gonzalez wrote:
On May 27, 2016 3:04 PM, "Victor Stinner" <victor.stinner@gmail.com> wrote:
Le vendredi 27 mai 2016, M.-A. Lemburg <mal@egenix.com> a écrit :
The current patch is 1.2MB for SHA-3 - that's pretty heavy for just a few hash functions, which aren't in any wide spread use yet and probably won't be for quite a few years ahead.
Oh wow, it's so fat? Why is it so big? Can't we use a lighter version?
The stark majority of the patch is Lib/test/vectors/sha3_224.txt, which seems to be (as the file path implies) just test data. A whopping >1k LOC of really long hashes.
Right. There's about 1MB test data in the patch, but even without that data, the patch adds more than 6400 lines of code.
The KeccakCodePackage is rather large. I already removed all unnecessary files and modified some files so more code is shared between 32 and 64bit optimized variants. Please keep in mind that the KCP contains multiple implementations with different optimizations for CPU architectures. I already removed the ARM NEON optimization. I also don't get your obsession with lines of code. The gzip and expat are far bigger than the KeccakCodePackage.
If we add this now, there should at least be an exit strategy to remove the code again, when OpenSSL ships with the same code, IMO.
Aside: BLAKE2 has already landed in OpenSSL 1.1.0:
https://github.com/openssl/openssl/tree/master/crypto/blake2
Except BLAKE2 in OpenSSL is severely castrated and tailored towards a very limited use case. The implementation does not support any of the useful advanced features like keyed hashing (MAC), salt, personalization, tree hashing and variable hash length.