Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-dev

From: "Robin H. Johnson" <robbat2@g.o>
To: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] Manifest2 hashes, take n+1-th: 3 hashes for the tie-breaker case
Date: Mon, 23 Oct 2017 08:16:54
Message-Id: robbat2-20171023T075239-354218452Z@orbis-terrarum.net
In Reply to: Re: [gentoo-dev] Manifest2 hashes, take n+1-th by R0b0t1
1 On Fri, Oct 20, 2017 at 05:21:47PM -0500, R0b0t1 wrote:
2 > In general I do not mind updating the algorithms used, but I do feel
3 > it is important to keep at least three present. Without at least three
4 > (or a larger odd number) it is not possible to break a tie.
5 >
6 > That may ultimately be beside the point, as any invalid hashes should
7 > result in the user contacting the developers or doing something else,
8 > but it is hard to know.
9 I'm dropping the rest of your email about about exactly which hashes
10 we're bike-shedding, to focus on the number of hashes.
11
12 I agree with your opinion to have three hashes present, and I've give a
13 solid rationale with historical references.
14
15 The major reason to have 3 hashes, is as a tie-breaker, to detect if
16 there was a bug in the hash somehow (implementation, compiler/assembler,
17 interpreter), and not the distfile. This also strongly suggests that 3
18 hashes should have different construction.
19
20 It's come up enough times in Gentoo history already. Here's 3 of the
21 instances that came to mind and I could link up with bugs easily. I also
22 recall an instance where the entire SHA2 family was bitten by a buggy
23 arch-specific (mips? arm?) GCC patch, but I can't the bug for it.
24
25 2006: https://bugs.gentoo.org/121182
26 pycrypto RMD160 on ia64 (and many other 64bit arches)
27 (it also had a big cleanup for the tree as a result: https://bugs.gentoo.org/121124)
28
29 2009: https://bugs.gentoo.org/255131
30 app-crypt/mhash-0.9.9 segfaults with NULL digest in whirlpool/snefru
31 (portage uses python-mhash bindings)
32
33 2012: https://bugs.gentoo.org/406407
34 sys-apps/portage-2.1.10.49: internal version of whirlpool algorithm generates wrong hash
35
36 Since we're going to much newer hashes, I think there is a non-zero
37 chance we WILL hit errors in the hashes again, and it would be wise to
38 cover the bases.
39
40 This ends up probably looking like: SHA512, BLAKE2B, SHA3_512
41
42 --
43 Robin Hugh Johnson
44 Gentoo Linux: Dev, Infra Lead, Foundation Asst. Treasurer
45 E-Mail : robbat2@g.o
46 GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85
47 GnuPG FP : 7D0B3CEB E9B85B1F 825BCECF EE05E6F6 A48F6136

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies

Subject Author
Re: [gentoo-dev] Manifest2 hashes, take n+1-th: 3 hashes for the tie-breaker case "Michał Górny" <mgorny@g.o>
Report Message
Find on MARC Find on Google Groups