On 03/22/2010 05:25 PM, Niels Möller wrote:
Right, anything large belongs elsewhere, but I think it would be useful to at least have tools for converting keys to and from openpgp format.
understood. i'll try to take a look at those tools soon.
I just checked in an implementation of SHA 512. Basically copy and paste of the SHA 256 code, with larger datatypes and different constants...
great, thanks!
A lot of minor things left, like HMAC and RSA using SHA 512, but I might add that shortly. And SHA 384, which is almost the same thing (is anybody using that?).
i'm not using SHA 384 myself, but it seems worth handling for the sake of completeness (most protocol i've seen that supports SHA512 also supports SHA384).
If you or anybody else have additional test vectors for SHA 512 or HMAC-SHA-512 or RSA signatures with SHA 512, I'd like to add them. Currently, I have only two test cases, extracted from the FIPS 180-2 spec.
I put a set of test cases in t/08-digest.t of perl's Crypt::GCrypt, if you're interested. They're mostly generated by running other implementations, and not by some sort of clever first-principles approach, but all the uncommented ones match at least both GCrypt and one other implementation.
You can download the tarball here:
http://search.cpan.org/CPAN/authors/id/A/AA/AAR/Crypt-GCrypt-1.24.tar.gz
You're welcome to re-use those test cases for nettle in any way you see fit, under whatever license you please.
Thanks for being so responsive here, Niels.
Regards,
--dkg