[Florian Weimer]
> > It should be replaced with "-". Beyond alphanumerics, only ".",
> > "_", "-" are in the POSIX portable filename character set[1], and
> > some systems do not allow the character "+" in file names.
[Henning Makholm]
> However there are already plenty of files with "+" in their names
> involved in Debian (e.g. /usr/lib/libstdc++.so.6).
Well, if we're trying to drive a standard representation, there will be
people outside Debian who will care about POSIX filename characters.
> Having every 64th hash-based filename start with "-" or "." would
> lead to failure modes for shell scripts
True.
> (Yes: substitute /+ with _-, and then move the last character of the
> base64 encoding to the front. Due to zero padding it must come from
> the set [AEIMQUYcgkosw048].)
Or: substitute /+ with _- and then add a short prefix like "s-" to
denote the hash type, in case other 256-bit hashes become popular. I
guess we didn't really have that problem with 128-bit and 160-bit
checksums, but we could've.
sha256sum () {
local f;
if [ $# = 0 ]; then
openssl dgst -sha256 -binary | base64-encode |
sed 'y|/+|_-|; s|^|s-|; s|=|\t-|'
else for f; do
echo "s-$(openssl dgst -sha256 -binary "$f" | base64-encode |
sed 'y|/+|_-|; s|=|\t|')$f"
done; fi
}
(Implementation of -c left as an exercise, etc.)
Attachment:
signature.asc
Description: Digital signature