Ivan Krstić wrote: > On Feb 26, 2008, at 4:24 AM, Morgan Collett wrote: >> I've logged #6572 against Presence Service with a patch, to replace the >> public key with its sha1 hash. Works in jhbuild. > > That ticket indicates a 40-byte hash, but SHA-1 is a 160-bit function. > Whence the doubling? Also, would you mind updating it to use > hashlib.sha256? SHA-1 should be considered deprecated in all new code > being written.
I used hexdigest, but actually we are normally using b64 encoding so that brought it down to 28 bytes. Using SHA-256 it's 44 bytes in the TXT record. I've updated the patch. This is a minimal patch for comparative testing of avahi, given that we will change things anyway after we do the security analysis - but for now it means we have a thing called a key in PS and Sugar that we can't use as a (cryptographic) key. If we need to live with this for more releases before we get the crypto designed and implemented, I'll probably do a more invasive patch post Update.1 that makes it clear that this is not actually the key. Morgan _______________________________________________ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel