Mike Hearn [ARCHIVE] on Nostr: 📅 Original date posted:2014-03-02 📝 Original message:SHA-1 support is there for ...
📅 Original date posted:2014-03-02
📝 Original message:SHA-1 support is there for PHP developers. Apparently it can't do SHA-2.
On 2 Mar 2014 08:53, "Jeremy Spilman" <jeremy at taplink.co> wrote:
> From BIP70:
>
> If pki_type is "x509+sha256", then the Payment message is hashed using
> the
> SHA256 algorithm to produce the message digest that is signed. If
> pki_type
> is "x509+sha1", then the SHA1 algorithm is used.
>
> A couple minor comments;
>
> - I think it meant to say the field to be hashed is 'PaymentRequest' not
> 'Payment' message -- probably got renamed at some point and this is an old
> reference calling it by its original name.
>
> - Could be a bit more explicit about the hashing, e.g. 'copy the
> PaymentRequest, set the signature field to the empty string, serialize to
> a byte[] and hash.
>
> - SHA1 is retiring, any particular reason to even have it in there at
> all?
>
> - Should there any way for the end-user to see details like the pki_type
> and the certificate chain, like browser do?
>
>
> Thanks,
> Jeremy
>
>
>
> ------------------------------------------------------------------------------
> Flow-based real-time traffic analytics software. Cisco certified tool.
> Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer
> Customize your own dashboards, set traffic alerts and generate reports.
> Network behavioral analysis & security monitoring. All-in-one tool.
>
> http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140302/35e640c6/attachment.html>;
📝 Original message:SHA-1 support is there for PHP developers. Apparently it can't do SHA-2.
On 2 Mar 2014 08:53, "Jeremy Spilman" <jeremy at taplink.co> wrote:
> From BIP70:
>
> If pki_type is "x509+sha256", then the Payment message is hashed using
> the
> SHA256 algorithm to produce the message digest that is signed. If
> pki_type
> is "x509+sha1", then the SHA1 algorithm is used.
>
> A couple minor comments;
>
> - I think it meant to say the field to be hashed is 'PaymentRequest' not
> 'Payment' message -- probably got renamed at some point and this is an old
> reference calling it by its original name.
>
> - Could be a bit more explicit about the hashing, e.g. 'copy the
> PaymentRequest, set the signature field to the empty string, serialize to
> a byte[] and hash.
>
> - SHA1 is retiring, any particular reason to even have it in there at
> all?
>
> - Should there any way for the end-user to see details like the pki_type
> and the certificate chain, like browser do?
>
>
> Thanks,
> Jeremy
>
>
>
> ------------------------------------------------------------------------------
> Flow-based real-time traffic analytics software. Cisco certified tool.
> Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer
> Customize your own dashboards, set traffic alerts and generate reports.
> Network behavioral analysis & security monitoring. All-in-one tool.
>
> http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140302/35e640c6/attachment.html>;