rust-tuf icon indicating copy to clipboard operation
rust-tuf copied to clipboard

Published 20 hours ago verified publisher icon theupdateframework

Add suport for additional hash algorithms

Open heartsucker opened this issue 7 years ago • 7 comments

Currently the plan is to only use sha256 and sha512.

Note: sha1 and md5 are out of the questions. If someone wants to tackle this, don't implement those.

heartsucker avatar Apr 11 '17 19:04 heartsucker

Nice! We're planning to support SHA-3 soon enough...

trishankkarthik avatar Apr 11 '17 19:04 trishankkarthik

Yeah, I meant I'm only going to support those two initially because I have to start with something. Ideally there'd be a large number of options in the lib so people can pick and choose what works.

heartsucker avatar Apr 11 '17 19:04 heartsucker

SHA-256 and SHA-512 are fine, FWIW.

tonychain avatar Apr 11 '17 20:04 tonychain

I mean, yeah, those two are sufficient for most use cases, but since this is a lib, I want it to be flexible for other people's use cases. Also, this is probably something relatively straight forward a new contributor could do to get a feel for the codebase.

heartsucker avatar Apr 12 '17 04:04 heartsucker

I left some notes on the upstream TUF thread. If you want a SHA-3 family function, I'd suggest using SHAKE128 instead of SHA3-256 simply because it's faster (and that's more or less advice directly from the Keccak Team, as it were)

tonychain avatar Apr 12 '17 18:04 tonychain

@tonychain The spec doesn't specify which hash algorithms to use. here. To that end, if this is going to flexible, we should add in whatever (safe, modern) hash algorithms other people want to use.

heartsucker avatar Apr 12 '17 20:04 heartsucker

Blocked by https://github.com/briansmith/ring/issues/59

heartsucker avatar May 30 '17 10:05 heartsucker