Avahi optimisations

Morgan Collett morgan.collett at collabora.co.uk
Tue Feb 26 05:48:06 EST 2008


Ivan Krstić wrote:
> On Feb 26, 2008, at 4:24 AM, Morgan Collett wrote:
>> I've logged #6572 against Presence Service with a patch, to replace the
>> public key with its sha1 hash. Works in jhbuild.
> 
> That ticket indicates a 40-byte hash, but SHA-1 is a 160-bit function.
> Whence the doubling? Also, would you mind updating it to use
> hashlib.sha256? SHA-1 should be considered deprecated in all new code
> being written.

I used hexdigest, but actually we are normally using b64 encoding so
that brought it down to 28 bytes. Using SHA-256 it's 44 bytes in the TXT
record.

I've updated the patch. This is a minimal patch for comparative testing
of avahi, given that we will change things anyway after we do the
security analysis - but for now it means we have a thing called a key in
PS and Sugar that we can't use as a (cryptographic) key.

If we need to live with this for more releases before we get the crypto
designed and implemented, I'll probably do a more invasive patch post
Update.1 that makes it clear that this is not actually the key.

Morgan


More information about the Devel mailing list