From owner-freebsd-arch@FreeBSD.ORG  Thu May 15 16:43:23 2003
Return-Path: <owner-freebsd-arch@FreeBSD.ORG>
Delivered-To: freebsd-arch@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 66A5337B401
	for <arch@freebsd.org>; Thu, 15 May 2003 16:43:23 -0700 (PDT)
Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.157.42])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 6F5CB43F85
	for <arch@freebsd.org>; Thu, 15 May 2003 16:43:22 -0700 (PDT)
	(envelope-from mark@grondar.org)
Received: from storm.FreeBSD.org.uk (Ugrondar@localhost [127.0.0.1])
	by storm.FreeBSD.org.uk (8.12.7/8.12.7) with ESMTP id h4FNhLgw088911;
	Fri, 16 May 2003 00:43:21 +0100 (BST)
	(envelope-from mark@grondar.org)
Received: (from Ugrondar@localhost)h4FNhL6G088910;
	Fri, 16 May 2003 00:43:21 +0100 (BST)
X-Authentication-Warning: storm.FreeBSD.org.uk: Ugrondar set sender to
	mark@grondar.org using -f
Received: from grondar.org (localhost [127.0.0.1])h4FNi4gN032787;
	Fri, 16 May 2003 00:44:04 +0100 (BST)
	(envelope-from mark@grondar.org)
From: Mark Murray <mark@grondar.org>
Message-Id: <200305152344.h4FNi4gN032787@grimreaper.grondar.org>
To: Dag-Erling Smorgrav <des@ofug.org>
In-Reply-To: Your message of "Thu, 15 May 2003 21:32:23 +0200."
             <xzpllx8hupk.fsf@flood.ping.uio.no> 
Date: Fri, 16 May 2003 00:44:04 +0100
Sender: mark@grondar.org
cc: arch@freebsd.org
Subject: Re: NOCRYPT / NOSECURE 
X-BeenThere: freebsd-arch@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussion related to FreeBSD architecture
	<freebsd-arch.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
	<mailto:freebsd-arch-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-arch>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Help: <mailto:freebsd-arch-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
	<mailto:freebsd-arch-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 15 May 2003 23:43:23 -0000

Dag-Erling Smorgrav writes:
> Mark Murray <mark@grondar.org> writes:
> > If openssl's des(1) is the same as our bdes(1) (ie, gives the same results)
> > then I'm in support of this.
> 
> I haven't compared OpenSSL'S des(1) directly with bdes(1), but they
> are both ports (or reimplementations) of Sun's des(1), and I've used
> OpenSSL's des(1) in the past to exchange data with Solaris users who
> were using Sun's des(1).

I've converted our bdes(1) to use the openSSL library. I've also done
ed(1). :-). libcipher is now OBE.

> >                              I'd also approve of a wrapper script that
> > calls openssl(1) or des(1) and make a compatible bdes(1).
> 
> That's possible of course, but bdes(1) has a lot of command-line
> options which we'd need to implement.  Probably not worth the trouble.

No problem. See above :-).

> >                                                           Similar scripts
> > may be a good idea for md5(1) and sha1(1).
> 
> 'ln -s /usr/bin/openssl /usr/bin/md5' is almost right for md5(1),
> except for some parentheses in the output IIRC.  ISTR the same goes
> for sha1(1).

A one-liner shell script does it :-).

M
--
Mark Murray
iumop ap!sdn w,I idlaH