"Stephen R. van den Berg" srb@cuci.nl writes:
I just submitted a patch for bcrypt support to Nettle. Can this be included in Nettle?
Thanks. What's the main interface? How is it going to be used, in particular, where will the code be to check the "$2b$ "prefix and invke this code? The interface needs some documentation (for a start, comments in the header file) before it can be reviewed.
If not, do I need to change anything in the patch to make it more acceptable?
I think it needs some changes to fit better in Nettle. My initial comments, after only a quick look:
Put it in a separate .c file. If it needs access to blowfish internals, add a new header file blowfish-internal.h with declarations, and arrange so that any internal symbols visibile to the linker has the prefix _nettle. It's not clear what internals it is using, but if it can be arranged to only use the public blowfish functions that would be nice.
The new files can use the standard nettle copyright notice + a comment saying "Based on public domain code by ..." where appropriate.
See if there's a way to reuse Nettle's base64 functions (it's not entirely clear to me what BF_decode really is doing).
Use macros like READ_UINT32/LE_READ_UNINT32 (macros.h) to convert bytes to integers. For any other endian-dependent code, use WORDS_BIGENDIAN, provided by configure.
Don't set errno. If any function really needs to distinguish between different types of failures, rather than just a success/fail indication, that should be reported without using any globals.
Regards, /Niels