mbox

[bug#42020,0/4] Add daemon support for SHA3 and BLAKE2s

Message ID 20200623153633.15346-1-ludo@gnu.org
Headers show

Message

Ludovic Courtès June 23, 2020, 3:36 p.m. UTC 
Hello!

This is a followup to:

  https://issues.guix.gnu.org/41382

This patch series adds daemon support for a few more cryptographic
hash functions, for use by fixed-output derivations (origins) and
the likes.  We should wait for a year or so before using those
algorithms in package definitions so we can assume that the new
daemon is widespread.

Note that there are still places where SHA256 is hard-coded.
For instance, the ‘query-path-hash’ RPC always returns a SHA256
hash.  Internally, the ‘ValidPaths’ table of the database can
store any hash, but in practice it only ever contains a SHA256
hash (see ‘LocalStore::addValidPath’ and (guix store database)).

Feedback welcome!

Ludo’.

Ludovic Courtès (4):
  daemon: Map directly to gcrypt hash functions.
  daemon: Remove OpenSSL hash compatibility wrappers.
  daemon: Recognize SHA3 and BLAKE2s.
  packages: Recognize SHA3 and BLAKE2s for 'content-hash'.

 guix/packages.scm          |  5 ++-
 nix/libutil/gcrypt-hash.cc | 51 -----------------------------
 nix/libutil/gcrypt-hash.hh | 50 ----------------------------
 nix/libutil/hash.cc        | 67 +++++++++++++++++++-------------------
 nix/libutil/hash.hh        | 20 +++++++-----
 nix/libutil/md5.h          | 35 --------------------
 nix/libutil/sha1.h         | 35 --------------------
 nix/libutil/sha256.h       | 35 --------------------
 nix/libutil/sha512.h       | 35 --------------------
 nix/local.mk               | 12 ++-----
 tests/packages.scm         | 26 +++++++++++++++
 tests/store.scm            |  4 +--
 12 files changed, 80 insertions(+), 295 deletions(-)
 delete mode 100644 nix/libutil/gcrypt-hash.cc
 delete mode 100644 nix/libutil/gcrypt-hash.hh
 delete mode 100644 nix/libutil/md5.h
 delete mode 100644 nix/libutil/sha1.h
 delete mode 100644 nix/libutil/sha256.h
 delete mode 100644 nix/libutil/sha512.h

Comments

Ludovic Courtès June 27, 2020, 9:44 p.m. UTC | #1 
Ludovic Courtès <ludo@gnu.org> skribis:

> This patch series adds daemon support for a few more cryptographic
> hash functions, for use by fixed-output derivations (origins) and
> the likes.  We should wait for a year or so before using those
> algorithms in package definitions so we can assume that the new
> daemon is widespread.

Pushed!

  0505eda9c7 packages: Recognize SHA3 and BLAKE2s for 'content-hash'.
  8e6c1415d8 daemon: Recognize SHA3 and BLAKE2s.
  8dc6c38785 daemon: Remove OpenSSL hash compatibility wrappers.
  3fb6b8f304 daemon: Map directly to gcrypt hash functions.

Ludo’.