[117790] in Cypherpunks
java SHA1 builtin? (Re: (eternity) black designs)
daemon@ATHENA.MIT.EDU (Adam Back)
Fri Sep 10 15:32:38 1999
Date: Fri, 10 Sep 1999 08:13:15 +0100
Message-Id: <199909100713.IAA24515@server.cypherspace.org>
To: ota+@transarc.com
From: Adam Back <adam@cypherspace.org>
Cc: cypherpunks@cyberpass.net
In-reply-to: <0rq4sk099g1Q0c2040@transarc.com> (message from Ted Anderson on
Thu, 9 Sep 1999 20:17:52 -0400 (EDT))
Reply-To: Adam Back <adam@cypherspace.org>
Ted Anderson writes:
> One question I had was on your suggestion for a "variable length hash"
> dated 18 June[2]. You say:
>
> Here is a simple efficient variable length hash function. java has
> a builtin SHA1 hash function.
>
> SHA1 output size is 20 bits (5 bytes), so we have constant
> SHA1_OUTPUT_BYTES.
>
> I though SHA1 has an output size of 20 bytes (160 bits) not 5 bytes. Is
> this a mistake or some oddity in the way the Java implementation works?
my mistake -- probably thinking of 5 32 bit words or something.
Should be 160 bits, 20 bytes or 5 32 bit words.
> Also someone (Ian?) responded in a way that gave me the impression that
> the SHA1 code is only in the Sun toolkit and not generally available.
> Do you know any more about that?
I don't know, not a java person. However I would've thought SHA1
would be pretty universal -- it is needed for Java code signing as
they use DSA for signing.
Perhaps someone more familiar with java security could comment?
There are a number of pure java implementations also, if there is no
builtin, but builtin would be nice for performance reasons.
Adam