Reputation: 479
How to use SHA-256 crypt with musl?
I am using musl: https://www.musl-libc.org
If i browse the repository i can see that there are a bunch of crypt related source files (including crypt_sha256.c).
The problem is that there are no header files for them. How am i supposed to use them?
These are the symbols from the lib on my system:
I could also not find any code samples from google how to use the SHA-256 features of musl.
Thanks!
Upvotes: 3
Views: 633
Answers (3)
Reputation: 215547
As Ctx wrote and commented about not knowing the reason for, these functions are not exported. I can fill in that reason.
Generally, musl does not unilaterally invent new interfaces that will almost surely end up differing in subtle ways from similar interfaces other libc providers end up inventing. We are in the process of launching a cross-libc collaboration group less formal than the POSIX standardization process that might make it reasonable to offer some interfaces like this in the future, and that might eventually funnel some of the consensus that emerges upstream to POSIX.
Short of that, anyone wanting to use these implementations is welcome to copy the code and use it under the terms of the license. They're small, self-contained, and permissively-licensed, and by using them this way you don't lock in the signature for any external interface boundary. As usual with cryptographic code, though, you should be careful of any risk of side channels leaking secrets. As used in musl I don't believe that's an issue, but I haven't analyzed other possible uses, and it might be safer to pick an implementation designed for use in arbitrary cryptographic settings.
Upvotes: 3
Reputation: 18420
You are correct, that the three functions
- sha256_init()
- sha256_update()
- sha256_sum()
are indeed generic SHA256 hash functions.
Unfortunately, these symbols are not exported publically, but only used internally to generate a salted password hash of the form $5$0rXgD0/KkyyT0$5PPj3bke0vPxsMDlSXzBz2D3TFNahLrXSs7.elU3u2/
For that reason, no public header files for use of these functions are provided. Only the higher-level function crypt_sha256() is exported.
Why they decided to not export the generic interface can only be speculated about, at least I could not find an explanation for that.
Upvotes: 3
Reputation: 134046
That's not generic SHA-256 message digest algorithm but a specific algorithm used by the crypt(3) password hashing function. See the documentation for that function on how it is used.
Upvotes: 3
Related Questions
- sha1 example in C using openssl library
- HMAC-SHA256 in C with OpenSSL - how to get a correct output
- SHA256 implementation in c
- Get SHA256 hash of UTF-16le String
- How to get hex hash with crypt() function?
- How to implement SHA512/256 OpenSSL?
- How to encrypt data using RSA, with SHA-256 as hash function and MGF1 as mask generating function?
- OpenSSL and CryptoJS SHA256 encryption conversion
- Calculate and print SHA256 hash of a file using OpenSSL
- How to use OpenSSL's SHA256 functions