On 1/20/08, Greg Sabino Mullane <greg@turnstep.com> wrote:
> In summary: what would objections be to my writing a sha1() patch?
Well.
If you do start adding hashes to core then _please_ pick a path
that allows having all the standard hashes in advance. That means
both md5 and sha-1, sha2 (4 hashes) and there is also sha-3 in the
horizon.
Basically there seems to be 2 variants:
1) Continue the md5() style: md5(), sha1(), sha224(), sha256(), sha384(), sha512(), plus another 4 for SHA-3.
2) Move hashing functions from pgcrypto to core. That means digest() and I would suggest hmac() and crypt() too. I'm
alsostarting to think it may be worth having hexdigest().
I prefer 2). There is some common infrastructure in pgcrypto,
the hash specific parts can be either split out or rewritten
from scratch, hashes need very small amount of code.
I agree that having all of pgcrypto in core is bit overkill,
so please don't think of it as all-or-nothing affair.
--
marko