[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: dpkg-sig support wanted?

  [Florian Weimer]
> > It should be replaced with "-".  Beyond alphanumerics, only ".",
> > "_", "-" are in the POSIX portable filename character set[1], and
> > some systems do not allow the character "+" in file names.

[Henning Makholm]
> However there are already plenty of files with "+" in their names
> involved in Debian (e.g. /usr/lib/libstdc++.so.6).

Well, if we're trying to drive a standard representation, there will be
people outside Debian who will care about POSIX filename characters.

> Having every 64th hash-based filename start with "-" or "." would
> lead to failure modes for shell scripts


> (Yes: substitute /+ with _-, and then move the last character of the
> base64 encoding to the front. Due to zero padding it must come from
> the set [AEIMQUYcgkosw048].)

Or: substitute /+ with _- and then add a short prefix like "s-" to
denote the hash type, in case other 256-bit hashes become popular.  I
guess we didn't really have that problem with 128-bit and 160-bit
checksums, but we could've.

  sha256sum () {
    local f;
    if [ $# = 0 ]; then
      openssl dgst -sha256 -binary | base64-encode |
      sed 'y|/+|_-|;  s|^|s-|;  s|=|\t-|'
    else for f; do
      echo "s-$(openssl dgst -sha256 -binary "$f" | base64-encode |
                sed 'y|/+|_-|;  s|=|\t|')$f"
    done; fi

(Implementation of -c left as an exercise, etc.)

Attachment: signature.asc
Description: Digital signature

Reply to: