"brian m. carlson" <sandals@xxxxxxxxxxxxxxxxxxxx> writes: > SHA-1 is weak and we need to transition to a new hash function. For > some time, we have referred to this new function as NewHash. Recently, > we decided to pick SHA-256 as NewHash. Even if we have decided to not repeat the reasoning behind the need to switch away from SHA-1, and the choice of SHA-256 as NewHash, I think we should provide _references_ to those discussion (either to the mailing list via public-inbox, or via Git Rev News articles). So the above paragraph would be: SHA-1 is weak and we need to transition to a new hash function [1]. For some time, we have referred to this new function as NewHash. Recently, we decided to pick SHA-256 as NewHash [2]. [1]: <some URL> [2]: <some URL> > > Add a basic implementation of SHA-256 based off libtomcrypt, which is in > the public domain. Optimize it and restructure it to meet our coding > standards. Pull in the update and final functions from the SHA-1 block > implementation, as we know these function correctly with all compilers. > This implementation is slower than SHA-1, but more performant > implementations will be introduced in future commits. > > Wire up SHA-256 in the list of hash algorithms, and add a test that the > algorithm works correctly. > > Note that with this patch, it is still not possible to switch to using > SHA-256 in Git. Additional patches are needed to prepare the code to > handle a larger hash algorithm and further test fixes are needed. > > Signed-off-by: brian m. carlson <sandals@xxxxxxxxxxxxxxxxxxxx> Best, -- Jakub Narębski
