On 09/02/2012 10:17 PM, Gary Gregory wrote: > On Sep 2, 2012, at 15:51, sebb <seb...@gmail.com> wrote: > >> On 2 September 2012 19:45, Gary Gregory <garydgreg...@gmail.com> wrote: >>> Hi All: >>> >>> There has been a recent mini-flury of changes in codec as a release >>> candidate is approaching. >>> >>> Thank you to all the committers and patchers for helping codec move closer >>> to another release. >>> >>> This coming week or next weekend, I'd like to roll an RC. >>> >>> Does anyone want to discuss anything or fiddle with code before I proceed? >> >> DigestUtils shaHex methods have been deprecated in favour of sha1Hex; >> as such I would expect the shaHex implementations to delegate to sha1. >> Instead they have their own implementations; it is only by comparison >> with the sha1 versions that one can see they are the same. >> > > It is not clear to me that calling DigestMessage with "SHA" and > "SHA-1" does the same thing because different objects are returned, > likely because neither are cached. Because "SHA" is not an official > name I did not want to take the risk. If both names are aliases, then > we can and should redirect one to the other.
the official page about standard names for security algorithms does not list SHA, but SHA-1: http://docs.oracle.com/javase/6/docs/technotes/guides/security/StandardNames.html Strangely, the javadoc page for MessageDigest uses SHA as example: http://docs.oracle.com/javase/6/docs/api/java/security/MessageDigest.html According to this stackoverflow page SHA and SHA-1 should be synonyms: http://stackoverflow.com/questions/6907090/sha-in-java-and-testing-tool Will do a more in-depth review of the code this week, just been quite busy atm with other non-tech stuff. Thomas --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
