1 |
On Fri, Oct 20, 2017 at 05:21:47PM -0500, R0b0t1 wrote: |
2 |
> In general I do not mind updating the algorithms used, but I do feel |
3 |
> it is important to keep at least three present. Without at least three |
4 |
> (or a larger odd number) it is not possible to break a tie. |
5 |
> |
6 |
> That may ultimately be beside the point, as any invalid hashes should |
7 |
> result in the user contacting the developers or doing something else, |
8 |
> but it is hard to know. |
9 |
I'm dropping the rest of your email about about exactly which hashes |
10 |
we're bike-shedding, to focus on the number of hashes. |
11 |
|
12 |
I agree with your opinion to have three hashes present, and I've give a |
13 |
solid rationale with historical references. |
14 |
|
15 |
The major reason to have 3 hashes, is as a tie-breaker, to detect if |
16 |
there was a bug in the hash somehow (implementation, compiler/assembler, |
17 |
interpreter), and not the distfile. This also strongly suggests that 3 |
18 |
hashes should have different construction. |
19 |
|
20 |
It's come up enough times in Gentoo history already. Here's 3 of the |
21 |
instances that came to mind and I could link up with bugs easily. I also |
22 |
recall an instance where the entire SHA2 family was bitten by a buggy |
23 |
arch-specific (mips? arm?) GCC patch, but I can't the bug for it. |
24 |
|
25 |
2006: https://bugs.gentoo.org/121182 |
26 |
pycrypto RMD160 on ia64 (and many other 64bit arches) |
27 |
(it also had a big cleanup for the tree as a result: https://bugs.gentoo.org/121124) |
28 |
|
29 |
2009: https://bugs.gentoo.org/255131 |
30 |
app-crypt/mhash-0.9.9 segfaults with NULL digest in whirlpool/snefru |
31 |
(portage uses python-mhash bindings) |
32 |
|
33 |
2012: https://bugs.gentoo.org/406407 |
34 |
sys-apps/portage-2.1.10.49: internal version of whirlpool algorithm generates wrong hash |
35 |
|
36 |
Since we're going to much newer hashes, I think there is a non-zero |
37 |
chance we WILL hit errors in the hashes again, and it would be wise to |
38 |
cover the bases. |
39 |
|
40 |
This ends up probably looking like: SHA512, BLAKE2B, SHA3_512 |
41 |
|
42 |
-- |
43 |
Robin Hugh Johnson |
44 |
Gentoo Linux: Dev, Infra Lead, Foundation Asst. Treasurer |
45 |
E-Mail : robbat2@g.o |
46 |
GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85 |
47 |
GnuPG FP : 7D0B3CEB E9B85B1F 825BCECF EE05E6F6 A48F6136 |