Re: Add SQL function for SHA1

Michael Paquier <michael@paquier.xyz>

From: Michael Paquier <michael@paquier.xyz>
To: Bruce Momjian <bruce@momjian.us>
Cc: Kenneth Marshall <ktm@rice.edu>, Sehrope Sarkuni <sehrope@jackdb.com>, Postgres hackers <pgsql-hackers@lists.postgresql.org>
Date: 2021-01-26T07:22:56Z
Lists: pgsql-hackers

Commits

Same data as JSON: GET /api/v1/messages/:b64id/commits the thread's linked commits as JSON, with link sources. API reference →
  1. Refactor SQL functions of SHA-2 in cryptohashfuncs.c

On Mon, Jan 25, 2021 at 11:27:28PM -0500, Bruce Momjian wrote:
> On Mon, Jan 25, 2021 at 10:23:30PM -0600, Kenneth Marshall wrote:
>> +1 I know that it has been deprecated, but it can be very useful when
>> working with data from pre-deprecation. :) It is annoying to have to
>> resort to plperl or plpython because it is not available. The lack or
>> orthogonality is painful.

plperl and plpython can be annoying to require if you have strong
security requirements as these are untrusted languages, but I don't
completely agree with this argument because pgcrypto gives the option
to use SHA1 with digest(), and this one is fine to have even in
environments under STIG or equally-constrained environments.

> Yes, I think having SHA1 makes sense --- there are probably still valid
> uses for it.

Consistency with the existing in-core SQL functions for cryptohashes
and the possibility to not need pgcrypto are my only arguments at
hand.

;)
--
Michael