Hi Niels,
On Mon, 02 Nov 2020 18:49:39 +0100, Niels Möller wrote:
"Neal H. Walfield" neal@walfield.org writes:
So we could add:
void sha1_collision_detection_init(...); void sha1_collision_detection_update (struct sha1_ctx *ctx, size_t length, const uint8_t *data) error_code_t sha1_collision_detection_digest (struct sha1_ctx *ctx, size_t length, uint8_t *digest)
What do you think? Or, am I misunderstanding what you mean by breaking compatibility?
I haven't yet read the background, so I don't know what I think about the feature in general. But from an api point of view, that looks reasonable. Do all three operations need new functions? Do you need an extended context struct too?
I'm not that familiar with Nettle's API, so I don't know if the following is sufficiently idiomatic.
That said, we could do the following: we could add a flag to the sha1 context to indicate to the update function that it should try to detect collision attempts, we could add a few ifs to the update function to do the checks, and we could add a second function to return whether a collision was detected:
void sha1_check_for_collisions(struct sha1_ctx *ctx); int sha1_detected_collision(struct sha1_ctx *ctx);
What do you think?
:) Neal