Hash algorithm migration supposed to be completed

Question

Hash algorithm migration supposed to be completed

liilac opened this issue 8 years ago · comments

https://github.com/pomf/pomf-php/blob/master/classes/UploadedFile.class.php

This is not horribly difficult to do. There are two components

replace SHA-1 with SHA-2 in above
replace all existing hashes in DB with new one

The latter would be CPU intensive, so running it may need to be planned (and ensuring it has low nice value, etc). It should not be very difficult to generate new hashes in the background, then when ready, use new code that checks SHA-2 hashes.

Les De Ridder · Answer 1 · Mon Jul 04 2016 22:24:24 GMT+0800 (China Standard Time)

What's the reasoning behind switching to SHA-2 hashes?

Lilac Kapul · Answer 2 · Mon Jul 04 2016 23:34:57 GMT+0800 (China Standard Time)

No idea tbh 😋

Lilac Kapul · Answer 3 · Mon Jul 04 2016 23:35:59 GMT+0800 (China Standard Time)

Ask Wub? 😉

Les De Ridder · Answer 4 · Tue Jul 05 2016 00:06:32 GMT+0800 (China Standard Time)

Let's not.

jithatsonei · Answer 5 · Tue Jul 05 2016 09:20:07 GMT+0800 (China Standard Time)

is there a reason to switch to SHA-2 while SHA-1 works fine @ileyd?

ewhal · Answer 6 · Tue Jul 05 2016 09:24:11 GMT+0800 (China Standard Time)

I forgot to remove all of wub's deprecation notices. SHA1 is still fine for something like pomf so no real reason to switch.