On Mon, Nov 28, 2005 at 12:09:33PM -0600, Peter Samuelson wrote: > I still think two-byte prefixes for non-md5-non-sha1 hashes makes some > sense, like s- for sha-256. Avoids the filename encoding issue you > mentioned later (unless we want to encode newlines).
The encoding issues are only for doing base64 (or similar compression) or filename encoding, so you can't avoid them :) > > OTOH, it would be far more convenient for *us* if it supported the > > .changes style we use, ie: > > MD5Sum: > > hash size filename > This might be generally reasonable, Doesn't matter if it's generally reasonable, it's needed by *us*. That's the format we use in .changes, in .dscs and Sources, and in Release. It's silly to have a useful format, then not have tools that conveniently check it, particularly if we're writing our own. > > $ dsum -a sha1 foo; sha1sum foo > > f572d396fae9206628714fb2ce00f72e94f2258f foo > > f572d396fae9206628714fb2ce00f72e94f2258f foo > > > > $ dsum -d foo > > SHA1Sum: > > f572d396fae9206628714fb2ce00f72e94f2258f 6 foo > > > > $ dsum -b foo > > SHA1 (foo) = f572d396fae9206628714fb2ce00f72e94f2258f > What's the " 6 " above? wc -c foo. foo was "hello\n" for reference. (And it probably should've been SHA1: not SHA1Sum: too) > > (Note that "dsum" would probably need to become Priority:required, > > and possibly Essential:yes, with the complications that entails) > Hmmm, promoting libgcrypt11 + libgpg-error0 to Required adds 516 kB on > i386, plus a trivial amount for dsum itself. I wonder if it'd be > better to just copy / paste the algorithm code into dsum. libssl0.9.8 is 860kB of .deb, 2MB installed. It's possible that libssl would be too much of a nuisance wrt transitions to use, at least dynamically. Cheers, aj
signature.asc
Description: Digital signature
