Le 24/05/2019 à 10:44, Pascal Van Leeuwen a écrit :
Valid? A totally fabricated case, if you ask me. Yes, you could do that,
but is it *useful* at all? Really?
No, it's not because a file of length 0 is a file of length 0, the length
in itself is sufficient guarantee of its contents. The hash does not add
*anything* in this case. It's a constant anyway, the same value for *any*
zero-length file. It doesn't tell you anything you didn't already know.
IMHO the tool should just return a message stating "hashing an empty file
does not make any sense at all ...".
Of course it's useful. It means that *every* possible file has a SHA-256
digest. So if you're validating a file, you just check the SHA-256 digest;
or
if you're creating a manifest, you just hash the file and list the SHA-256
digest. Making everyone handle empty files specially would be insane.
As I already mentioned in another thread somewhere, this morning in the
shower I realised that this may be useful if you have no expectation of
the length itself. But it's still a pretty specific use case which was
never considered for our hardware. And our HW doesn't seem to be alone in
this.
Does shaXXXsum or md5sum use the kernel crypto API though?
The ones from libkcapi do (http://www.chronox.de/libkcapi.html)
Christophe