<div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Also, the NIST SHA-1/256/384/512 code is freely available, there's<br>also no reason to rely on OpenSSL for it (although it looks like the
<br>PKI reference implementation links that I can find are dead, so we<br>might have to hunt a little bit).<br><br>In either case, we could probably copy the relevant pieces out of OpenSSL.</blockquote><div><br>No. OpenSSL hashlib support was added for a good reason. Its implementations are *much* faster as it includes platform optimized versions of all hash algorithms that are continually being updated tweaked and tuned. OpenSSL itself also doesn't lend itself to cut and paste very well. libtomcrypt is the ideal completely unencumbered basic C implementation of all hash and crypto algorithms and is easy to cut from. We already use it for sha256/512 when needed, i'll do it for the non-openssl md5 and sha1 modules in the next week or so.
<br><br>Someone could also implement all these hash algorithms in python. Bad idea. Not what python is good at. :)<br><br>-gps<br></div></div>