[gentoo-commits] data/glep:master commit in: / - gentoo-commits

From:	"Michał Górny" <mgorny@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] data/glep:master commit in: /
Date:	Wed, 21 Sep 2022 17:32:02
Message-Id:	`1663781501.26220236cdb5a8a743513fb57990961b9df2fcbe.mgorny@gentoo`

1

commit:     26220236cdb5a8a743513fb57990961b9df2fcbe

2

Author:     Michał Górny <mgorny <AT> gentoo <DOT> org>

3

AuthorDate: Sun Sep 11 11:01:38 2022 +0000

4

Commit:     Michał Górny <mgorny <AT> gentoo <DOT> org>

5

CommitDate: Wed Sep 21 17:31:41 2022 +0000

6

URL:        https://gitweb.gentoo.org/data/glep.git/commit/?id=26220236

7

8

glep-0074: Specify supported hash algorithms

9

10

Replace the informational hash name section with a formal specification

11

of allowed hash algorithms.  The original reasoning for leaving them

12

implementation-defined was poor.  After all, not a single new hash

13

was added since the initial version of the GLEP.  At the same time,

14

ensuring consistent support for at least a minimal set of hash

15

algorithms is crucial to interoperability.  Given that the effort needed

16

to update the GLEP is relatively small, it is better to require all

17

algorithms to be formally listed than to have to track all

18

implementations for new hashes and hope for consistency.

19

20

Signed-off-by: Michał Górny <mgorny <AT> gentoo.org>

21

22

 glep-0074.rst | 177 +++++++++++++++++++++++++++++++++++++++++-----------------

23

 1 file changed, 127 insertions(+), 50 deletions(-)

24

25

diff --git a/glep-0074.rst b/glep-0074.rst

26

index c55242f..3d7bbbd 100644

27

--- a/glep-0074.rst

28

+++ b/glep-0074.rst

29

@@ -6,7 +6,7 @@ Author: Michał Górny <mgorny@g.o>,

30

         Ulrich Müller <ulm@g.o>

31

 Type: Standards Track

32

 Status: Final

33

-Version: 1.2

34

+Version: 1.3

35

 Created: 2017-10-21

36

 Last-Modified: 2022-09-21

37

 Post-History: 2017-10-26, 2017-11-16, 2018-02-08, 2022-09-08, 2022-09-11

38

@@ -26,6 +26,9 @@ efficient and provide means of backwards compatibility.

39

 Changes

40

 =======

41

42

+v1.3

43

+  Formally specified the current set of hash algorithms supported.

44

+

45

 v1.2

46

   Specified the newline convention used for Manifests.

47

48

@@ -364,27 +367,60 @@ up to and including the *original* directory. Note that those

49

 sub-Manifests can use different filenames than ``Manifest``.

50

51

52

-Checksum algorithms (informational)

53

------------------------------------

54

-

55

-This section is informational only. Specifying the exact set

56

-of supported algorithms is outside the scope of this specification.

57

-

58

-The algorithm names reserved at the time of writing are:

59

-

60

-- ``MD5`` [#MD5]_,

61

-- ``RMD160`` -- RIPEMD-160 [#RIPEMD160]_,

62

-- ``SHA1`` [#SHS]_,

63

-- ``SHA256`` and ``SHA512`` -- SHA-2 family of hashes [#SHS]_,

64

-- ``WHIRLPOOL`` [#WHIRLPOOL]_,

65

-- ``BLAKE2B`` and ``BLAKE2S`` -- BLAKE2 family of hashes [#BLAKE2]_,

66

-- ``SHA3_256`` and ``SHA3_512`` -- SHA-3 family of hashes [#SHA3]_,

67

-- ``STREEBOG256`` and ``STREEBOG512`` -- Streebog family of hashes

68

-  [#STREEBOG]_.

69

-

70

-The method of introducing new hashes is defined by GLEP 59 [#GLEP59]_.

71

-It is recommended that any new hashes are named after the Python

72

-``hashlib`` module algorithm names, transformed into uppercase.

73

+Checksum algorithms

74

+-------------------

75

+

76

+.. table:: Table 1. Defined hash algorithms

77

+   :widths: auto

78

+

79

+   +-----------------+-----------------------+------+------+-------------+

80

+   | Name            | Specification         | Bits | Enc. | Notes       |

81

+   +=================+=======================+======+======+=============+

82

+   | ``BLAKE2B``     |                       | 512  | Hex  | Recommended |

83

+   +-----------------+ RFC 7693 [#RFC7693]_  +------+------+-------------+

84

+   | ``BLAKE2S``     |                       | 256  | Hex  |             |

85

+   +-----------------+-----------------------+------+------+-------------+

86

+   | ``MD5``         | RFC 1321 [#RFC1321]_  | 128  | Hex  | Deprecated  |

87

+   +-----------------+-----------------------+------+------+-------------+

88

+   | ``RMD160``      | RIPEMD-160 [#RMD160]_ | 160  | Hex  |             |

89

+   +-----------------+-----------------------+------+------+-------------+

90

+   | ``SHA1``        |                       | 160  | Hex  | Deprecated  |

91

+   +-----------------+                       +------+------+-------------+

92

+   | ``SHA256``      | FIPS 180-4 [#SHS]_    | 256  | Hex  |             |

93

+   +-----------------+                       +------+------+-------------+

94

+   | ``SHA512``      |                       | 512  | Hex  | Recommended |

95

+   +-----------------+-----------------------+------+------+-------------+

96

+   | ``SHA3_256``    |                       | 256  | Hex  |             |

97

+   +-----------------+ FIPS 202 [#SHA3]_     +------+------+-------------+

98

+   | ``SHA3_512``    |                       | 512  | Hex  |             |

99

+   +-----------------+-----------------------+------+------+-------------+

100

+   | ``STREEBOG256`` |                       | 256  | Hex  |             |

101

+   +-----------------+ RFC 6986 [#RFC6986]_  +------+------+-------------+

102

+   | ``STREEBOG512`` |                       | 512  | Hex  |             |

103

+   +-----------------+-----------------------+------+------+-------------+

104

+   | ``WHIRLPOOL``   | Whirlpool [#BARRETO]_ | 512  | Hex  |             |

105

+   +-----------------+-----------------------+------+------+-------------+

106

+

107

+Any new hashes must be added to this specification prior to being used

108

+in Manifest files. Adding a new hash is considered

109

+a backwards-compatible change to the GLEP. It is recommended that new

110

+hashes are named after the Python ``hashlib`` module algorithm names,

111

+transformed into uppercase, with dashes replaced by underscores.

112

+

113

+An implementation can implement an arbitrary subset of the listed

114

+hashes. For best interoperability, it should implement at least

115

+recommended hashes. If deprecated hashes are implemented, it is

116

+preferable to disallow their use by default.

117

+

118

+If an entry specifies multiple hashes using different algorithms,

119

+an implementation may choose to verify an arbitrary subset of them.

120

+However, should any tested hash yield a mismatch, the verification must

121

+fail.

122

+

123

+If a particular hash is either unsupported or unknown,

124

+the implementation can either ignore it or report a failure. However,

125

+at least one algorithm specified for a particular entry must be

126

+supported for the verification to succeed.

127

128

129

 Manifest compression

130

@@ -498,6 +534,43 @@ for a package directory would have the following content::

131

     DIST sphinxtrain-1.0.8.tar.gz 8925803 SHA256 548e.. SHA512 465d..

132

133

134

+Security considerations (informational)

135

+---------------------------------------

136

+

137

+The Manifest files are text files that are transmitted as part of larger

138

+file sets in order to provide integrity and authenticity verification

139

+for other files. They are primarily intended to be processed locally

140

+to verify transferred files. They are commonly used along with the rsync

141

+protocol and inside tar archives.

142

+

143

+The format does not provide support for executable content,

144

+nor the ability to issue network requests. Its security is primarily

145

+considered in context of opening and reading local files for the purpose

146

+of computing hashes.

147

+

148

+Depending on the delivery method, it may be possible to include special

149

+files and symbolic links in the verified file set. Attempting to read

150

+special files (e.g. named pipes or devices like ``/dev/urandom``) could

151

+cause the tools to hang or enter an infinite loop. The specification

152

+explicitly requires implementations to verify the file type and reject

153

+processing non-regular files.

154

+

155

+The use of symbolic links permits computing checksums for arbitrary

156

+paths, including files with potentially sensitive content and files

157

+on special filesystems such as the ``/proc`` filesystem. Reading these

158

+files should not comprise an immediate risk, nor displaying checksum

159

+mismatches to the local risk. However, there is a risk of exposing

160

+sensitive information if the user reports checksum failures.

161

+Implementations can take steps to reduce the risk, e.g. by minimalizing

162

+the amount of information reported on checksum mismatches and warning

163

+about symbolic links.

164

+

165

+

166

+

167

+Portability considerations (informational)

168

+------------------------------------------

169

+

170

+

171

 Rationale

172

 =========

173

174

@@ -913,23 +986,25 @@ tool working with this Manifest format.

175

 Hash algorithms

176

 ---------------

177

178

-While maintaining a consistent supported hash set is important

179

-for interoperability, it is not a good fit for the generic layout

180

-of this GLEP. Furthermore, it would require updating the GLEP

181

-in the future every time the used algorithms change.

182

+Originally, this GLEP did not formally specify the complete set of hash

183

+algorithms. Instead, it only listed (informationally) the names already

184

+used at the time of writing. Since enforcing consistent use of algorithm

185

+names is important for interoperability, this was changed in version

186

+1.3.

187

188

-Instead, the specification focuses on listing the currently used

189

-algorithm names for interoperability, and sets a recommendation

190

-for consistent naming of algorithms in the future. The Python

191

-``hashlib`` module is used as a reference since it is used

192

-as the provider of hash functions for most of the Python software,

193

-including Portage and PkgCore.

194

+Since the effort needed to update the GLEP is small compared to the time

195

+needed for a new hash algorithm to be well-deployed, the GLEP needs

196

+to be updated prior to adding a new hash method.

197

198

-The basic rules for changing hash algorithms are defined in GLEP 59

199

-[#GLEP59]_. The implementations can focus only on those algorithms

200

-that are actually used or planned on being used. It may be feasible

201

-to devise a new GLEP that specifies the currently used hashes (or update

202

-GLEP 59 accordingly).

203

+The recommended naming is based off Python ``hashlib`` module,

204

+as most of the Gentoo tooling is written in Python. The names

205

+are transformed to match the historical naming used for hash functions

206

+in Manifests.

207

+

208

+Implementations are allowed to support and use only a subset of hashes

209

+listed in Manifest files. This could be used both to avoid the overhead

210

+of computing multiple hashes on non-performant systems, and to handle

211

+transition to new hashes gracefully.

212

213

214

 Manifest compression

215

@@ -1072,27 +1147,29 @@ References

216

 .. [#FILE-NAMING-RULES] Ebuild File Format -- Gentoo Development Guide

217

    (https://devmanual.gentoo.org/ebuild-writing/file-format/#file-naming-rules)

218

219

-.. [#MD5] RFC1321: The MD5 Message-Digest Algorithm

220

-   (https://www.ietf.org/rfc/rfc1321.txt)

221

+.. [#RFC7693] RFC 7693: The BLAKE2 Cryptographic Hash and Message Authentication

222

+   Code (MAC)

223

+   (https://www.rfc-editor.org/rfc/rfc7693)

224

+

225

+.. [#RFC1321] RFC 1321: The MD5 Message-Digest Algorithm

226

+   (https://www.rfc-editor.org/rfc/rfc1321)

227

228

-.. [#RIPEMD160] The hash function RIPEMD-160

229

+.. [#RMD160] The hash function RIPEMD-160

230

    (https://homes.esat.kuleuven.be/~bosselae/ripemd160.html)

231

232

 .. [#SHS] FIPS PUB 180-4: Secure Hash Standard (SHS)

233

-   (http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf)

234

-

235

-.. [#WHIRLPOOL] The WHIRLPOOL Hash Function

236

-   (http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html)

237

-

238

-.. [#BLAKE2] BLAKE2 -- fast secure hashing

239

-   (https://blake2.net/)

240

+   (https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf)

241

242

 .. [#SHA3] FIPS PUB 202: SHA-3 Standard: Permutation-Based Hash

243

    and Extendable-Output Functions

244

-   (http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf)

245

+   (https:://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf)

246

+

247

+.. [#RFC6986] RFC 6986: GOST R 34.11-2012: Hash Function

248

+   (https://www.rfc-editor.org/rfc/rfc6986)

249

250

-.. [#STREEBOG] GOST R 34.11-2012: Streebog Hash Function

251

-   (https://www.streebog.net/)

252

+.. [#BARRETO] Paulo S. L. M. Barreto, The WHIRLPOOL Hash Function

253

+   (archived at 2017-11-29)

254

+   (https://web.archive.org/web/20171129084214/http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html)

255

256

 .. [#C08] Cappos, J et al. (2008). "Attacks on Package Managers"

257

    (https://www2.cs.arizona.edu/stork/packagemanagersecurity/attacks-on-package-managers.html)

1	commit: 26220236cdb5a8a743513fb57990961b9df2fcbe
2	Author: Michał Górny <mgorny <AT> gentoo <DOT> org>
3	AuthorDate: Sun Sep 11 11:01:38 2022 +0000
4	Commit: Michał Górny <mgorny <AT> gentoo <DOT> org>
5	CommitDate: Wed Sep 21 17:31:41 2022 +0000
6	URL: https://gitweb.gentoo.org/data/glep.git/commit/?id=26220236
7
8	glep-0074: Specify supported hash algorithms
9
10	Replace the informational hash name section with a formal specification
11	of allowed hash algorithms. The original reasoning for leaving them
12	implementation-defined was poor. After all, not a single new hash
13	was added since the initial version of the GLEP. At the same time,
14	ensuring consistent support for at least a minimal set of hash
15	algorithms is crucial to interoperability. Given that the effort needed
16	to update the GLEP is relatively small, it is better to require all
17	algorithms to be formally listed than to have to track all
18	implementations for new hashes and hope for consistency.
19
20	Signed-off-by: Michał Górny <mgorny <AT> gentoo.org>
21
22	glep-0074.rst \| 177 +++++++++++++++++++++++++++++++++++++++++-----------------
23	1 file changed, 127 insertions(+), 50 deletions(-)
24
25	diff --git a/glep-0074.rst b/glep-0074.rst
26	index c55242f..3d7bbbd 100644
27	--- a/glep-0074.rst
28	+++ b/glep-0074.rst
29	@@ -6,7 +6,7 @@ Author: Michał Górny <mgorny@g.o>,
30	Ulrich Müller <ulm@g.o>
31	Type: Standards Track
32	Status: Final
33	-Version: 1.2
34	+Version: 1.3
35	Created: 2017-10-21
36	Last-Modified: 2022-09-21
37	Post-History: 2017-10-26, 2017-11-16, 2018-02-08, 2022-09-08, 2022-09-11
38	@@ -26,6 +26,9 @@ efficient and provide means of backwards compatibility.
39	Changes
40	=======
41
42	+v1.3
43	+ Formally specified the current set of hash algorithms supported.
44	+
45	v1.2
46	Specified the newline convention used for Manifests.
47
48	@@ -364,27 +367,60 @@ up to and including the original directory. Note that those
49	sub-Manifests can use different filenames than ``Manifest``.
50
51
52	-Checksum algorithms (informational)
53	------------------------------------
54	-
55	-This section is informational only. Specifying the exact set
56	-of supported algorithms is outside the scope of this specification.
57	-
58	-The algorithm names reserved at the time of writing are:
59	-
60	-- ``MD5`` [#MD5]_,
61	-- ``RMD160`` -- RIPEMD-160 [#RIPEMD160]_,
62	-- ``SHA1`` [#SHS]_,
63	-- ``SHA256`` and ``SHA512`` -- SHA-2 family of hashes [#SHS]_,
64	-- ``WHIRLPOOL`` [#WHIRLPOOL]_,
65	-- ``BLAKE2B`` and ``BLAKE2S`` -- BLAKE2 family of hashes [#BLAKE2]_,
66	-- ``SHA3_256`` and ``SHA3_512`` -- SHA-3 family of hashes [#SHA3]_,
67	-- ``STREEBOG256`` and ``STREEBOG512`` -- Streebog family of hashes
68	- [#STREEBOG]_.
69	-
70	-The method of introducing new hashes is defined by GLEP 59 [#GLEP59]_.
71	-It is recommended that any new hashes are named after the Python
72	-``hashlib`` module algorithm names, transformed into uppercase.
73	+Checksum algorithms
74	+-------------------
75	+
76	+.. table:: Table 1. Defined hash algorithms
77	+ :widths: auto
78	+
79	+ +-----------------+-----------------------+------+------+-------------+
80	+ \| Name \| Specification \| Bits \| Enc. \| Notes \|
81	+ +=================+=======================+======+======+=============+
82	+ \| ``BLAKE2B`` \| \| 512 \| Hex \| Recommended \|
83	+ +-----------------+ RFC 7693 [#RFC7693]_ +------+------+-------------+
84	+ \| ``BLAKE2S`` \| \| 256 \| Hex \| \|
85	+ +-----------------+-----------------------+------+------+-------------+
86	+ \| ``MD5`` \| RFC 1321 [#RFC1321]_ \| 128 \| Hex \| Deprecated \|
87	+ +-----------------+-----------------------+------+------+-------------+
88	+ \| ``RMD160`` \| RIPEMD-160 [#RMD160]_ \| 160 \| Hex \| \|
89	+ +-----------------+-----------------------+------+------+-------------+
90	+ \| ``SHA1`` \| \| 160 \| Hex \| Deprecated \|
91	+ +-----------------+ +------+------+-------------+
92	+ \| ``SHA256`` \| FIPS 180-4 [#SHS]_ \| 256 \| Hex \| \|
93	+ +-----------------+ +------+------+-------------+
94	+ \| ``SHA512`` \| \| 512 \| Hex \| Recommended \|
95	+ +-----------------+-----------------------+------+------+-------------+
96	+ \| ``SHA3_256`` \| \| 256 \| Hex \| \|
97	+ +-----------------+ FIPS 202 [#SHA3]_ +------+------+-------------+
98	+ \| ``SHA3_512`` \| \| 512 \| Hex \| \|
99	+ +-----------------+-----------------------+------+------+-------------+
100	+ \| ``STREEBOG256`` \| \| 256 \| Hex \| \|
101	+ +-----------------+ RFC 6986 [#RFC6986]_ +------+------+-------------+
102	+ \| ``STREEBOG512`` \| \| 512 \| Hex \| \|
103	+ +-----------------+-----------------------+------+------+-------------+
104	+ \| ``WHIRLPOOL`` \| Whirlpool [#BARRETO]_ \| 512 \| Hex \| \|
105	+ +-----------------+-----------------------+------+------+-------------+
106	+
107	+Any new hashes must be added to this specification prior to being used
108	+in Manifest files. Adding a new hash is considered
109	+a backwards-compatible change to the GLEP. It is recommended that new
110	+hashes are named after the Python ``hashlib`` module algorithm names,
111	+transformed into uppercase, with dashes replaced by underscores.
112	+
113	+An implementation can implement an arbitrary subset of the listed
114	+hashes. For best interoperability, it should implement at least
115	+recommended hashes. If deprecated hashes are implemented, it is
116	+preferable to disallow their use by default.
117	+
118	+If an entry specifies multiple hashes using different algorithms,
119	+an implementation may choose to verify an arbitrary subset of them.
120	+However, should any tested hash yield a mismatch, the verification must
121	+fail.
122	+
123	+If a particular hash is either unsupported or unknown,
124	+the implementation can either ignore it or report a failure. However,
125	+at least one algorithm specified for a particular entry must be
126	+supported for the verification to succeed.
127
128
129	Manifest compression
130	@@ -498,6 +534,43 @@ for a package directory would have the following content::
131	DIST sphinxtrain-1.0.8.tar.gz 8925803 SHA256 548e.. SHA512 465d..
132
133
134	+Security considerations (informational)
135	+---------------------------------------
136	+
137	+The Manifest files are text files that are transmitted as part of larger
138	+file sets in order to provide integrity and authenticity verification
139	+for other files. They are primarily intended to be processed locally
140	+to verify transferred files. They are commonly used along with the rsync
141	+protocol and inside tar archives.
142	+
143	+The format does not provide support for executable content,
144	+nor the ability to issue network requests. Its security is primarily
145	+considered in context of opening and reading local files for the purpose
146	+of computing hashes.
147	+
148	+Depending on the delivery method, it may be possible to include special
149	+files and symbolic links in the verified file set. Attempting to read
150	+special files (e.g. named pipes or devices like ``/dev/urandom``) could
151	+cause the tools to hang or enter an infinite loop. The specification
152	+explicitly requires implementations to verify the file type and reject
153	+processing non-regular files.
154	+
155	+The use of symbolic links permits computing checksums for arbitrary
156	+paths, including files with potentially sensitive content and files
157	+on special filesystems such as the ``/proc`` filesystem. Reading these
158	+files should not comprise an immediate risk, nor displaying checksum
159	+mismatches to the local risk. However, there is a risk of exposing
160	+sensitive information if the user reports checksum failures.
161	+Implementations can take steps to reduce the risk, e.g. by minimalizing
162	+the amount of information reported on checksum mismatches and warning
163	+about symbolic links.
164	+
165	+
166	+
167	+Portability considerations (informational)
168	+------------------------------------------
169	+
170	+
171	Rationale
172	=========
173
174	@@ -913,23 +986,25 @@ tool working with this Manifest format.
175	Hash algorithms
176	---------------
177
178	-While maintaining a consistent supported hash set is important
179	-for interoperability, it is not a good fit for the generic layout
180	-of this GLEP. Furthermore, it would require updating the GLEP
181	-in the future every time the used algorithms change.
182	+Originally, this GLEP did not formally specify the complete set of hash
183	+algorithms. Instead, it only listed (informationally) the names already
184	+used at the time of writing. Since enforcing consistent use of algorithm
185	+names is important for interoperability, this was changed in version
186	+1.3.
187
188	-Instead, the specification focuses on listing the currently used
189	-algorithm names for interoperability, and sets a recommendation
190	-for consistent naming of algorithms in the future. The Python
191	-``hashlib`` module is used as a reference since it is used
192	-as the provider of hash functions for most of the Python software,
193	-including Portage and PkgCore.
194	+Since the effort needed to update the GLEP is small compared to the time
195	+needed for a new hash algorithm to be well-deployed, the GLEP needs
196	+to be updated prior to adding a new hash method.
197
198	-The basic rules for changing hash algorithms are defined in GLEP 59
199	-[#GLEP59]_. The implementations can focus only on those algorithms
200	-that are actually used or planned on being used. It may be feasible
201	-to devise a new GLEP that specifies the currently used hashes (or update
202	-GLEP 59 accordingly).
203	+The recommended naming is based off Python ``hashlib`` module,
204	+as most of the Gentoo tooling is written in Python. The names
205	+are transformed to match the historical naming used for hash functions
206	+in Manifests.
207	+
208	+Implementations are allowed to support and use only a subset of hashes
209	+listed in Manifest files. This could be used both to avoid the overhead
210	+of computing multiple hashes on non-performant systems, and to handle
211	+transition to new hashes gracefully.
212
213
214	Manifest compression
215	@@ -1072,27 +1147,29 @@ References
216	.. [#FILE-NAMING-RULES] Ebuild File Format -- Gentoo Development Guide
217	(https://devmanual.gentoo.org/ebuild-writing/file-format/#file-naming-rules)
218
219	-.. [#MD5] RFC1321: The MD5 Message-Digest Algorithm
220	- (https://www.ietf.org/rfc/rfc1321.txt)
221	+.. [#RFC7693] RFC 7693: The BLAKE2 Cryptographic Hash and Message Authentication
222	+ Code (MAC)
223	+ (https://www.rfc-editor.org/rfc/rfc7693)
224	+
225	+.. [#RFC1321] RFC 1321: The MD5 Message-Digest Algorithm
226	+ (https://www.rfc-editor.org/rfc/rfc1321)
227
228	-.. [#RIPEMD160] The hash function RIPEMD-160
229	+.. [#RMD160] The hash function RIPEMD-160
230	(https://homes.esat.kuleuven.be/~bosselae/ripemd160.html)
231
232	.. [#SHS] FIPS PUB 180-4: Secure Hash Standard (SHS)
233	- (http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf)
234	-
235	-.. [#WHIRLPOOL] The WHIRLPOOL Hash Function
236	- (http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html)
237	-
238	-.. [#BLAKE2] BLAKE2 -- fast secure hashing
239	- (https://blake2.net/)
240	+ (https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf)
241
242	.. [#SHA3] FIPS PUB 202: SHA-3 Standard: Permutation-Based Hash
243	and Extendable-Output Functions
244	- (http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf)
245	+ (https:://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf)
246	+
247	+.. [#RFC6986] RFC 6986: GOST R 34.11-2012: Hash Function
248	+ (https://www.rfc-editor.org/rfc/rfc6986)
249
250	-.. [#STREEBOG] GOST R 34.11-2012: Streebog Hash Function
251	- (https://www.streebog.net/)
252	+.. [#BARRETO] Paulo S. L. M. Barreto, The WHIRLPOOL Hash Function
253	+ (archived at 2017-11-29)
254	+ (https://web.archive.org/web/20171129084214/http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html)
255
256	.. [#C08] Cappos, J et al. (2008). "Attacks on Package Managers"
257	(https://www2.cs.arizona.edu/stork/packagemanagersecurity/attacks-on-package-managers.html)

Gentoo Archives: gentoo-commits