From owner-freebsd-arch@FreeBSD.ORG  Thu May 15 12:32:25 2003
Return-Path: <owner-freebsd-arch@FreeBSD.ORG>
Delivered-To: freebsd-arch@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id DF68B37B401
	for <arch@freebsd.org>; Thu, 15 May 2003 12:32:25 -0700 (PDT)
Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 3B72243F85
	for <arch@freebsd.org>; Thu, 15 May 2003 12:32:25 -0700 (PDT)
	(envelope-from des@ofug.org)
Received: by flood.ping.uio.no (Postfix, from userid 2602)
	id CDB5F530E; Thu, 15 May 2003 21:32:23 +0200 (CEST)
X-URL: http://www.ofug.org/~des/
X-Disclaimer: The views expressed in this message do not necessarily
  coincide with those of any organisation or company with
  which I am or have been affiliated.
To: Mark Murray <mark@grondar.org>
References: <200305151820.h4FIK2gN027630@grimreaper.grondar.org>
From: Dag-Erling Smorgrav <des@ofug.org>
Date: Thu, 15 May 2003 21:32:23 +0200
In-Reply-To: <200305151820.h4FIK2gN027630@grimreaper.grondar.org> (Mark
 Murray's message of "Thu, 15 May 2003 19:20:02 +0100")
Message-ID: <xzpllx8hupk.fsf@flood.ping.uio.no>
User-Agent: Gnus/5.1001 (Gnus v5.10.1) Emacs/21.3 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
cc: arch@freebsd.org
Subject: Re: NOCRYPT / NOSECURE
X-BeenThere: freebsd-arch@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussion related to FreeBSD architecture
	<freebsd-arch.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
	<mailto:freebsd-arch-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-arch>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Help: <mailto:freebsd-arch-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
	<mailto:freebsd-arch-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 15 May 2003 19:32:26 -0000

Mark Murray <mark@grondar.org> writes:
> If openssl's des(1) is the same as our bdes(1) (ie, gives the same results)
> then I'm in support of this.

I haven't compared OpenSSL'S des(1) directly with bdes(1), but they
are both ports (or reimplementations) of Sun's des(1), and I've used
OpenSSL's des(1) in the past to exchange data with Solaris users who
were using Sun's des(1).

>                              I'd also approve of a wrapper script that
> calls openssl(1) or des(1) and make a compatible bdes(1).

That's possible of course, but bdes(1) has a lot of command-line
options which we'd need to implement.  Probably not worth the trouble.

>                                                           Similar scripts
> may be a good idea for md5(1) and sha1(1).

'ln -s /usr/bin/openssl /usr/bin/md5' is almost right for md5(1),
except for some parentheses in the output IIRC.  ISTR the same goes
for sha1(1).

DES
-- 
Dag-Erling Smorgrav - des@ofug.org