sha1-checked 0.10.0

SHA-1 hash function with collision detection
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98

# RustCrypto: SHA-1 Checked

[![crate][crate-image]][crate-link]
[![Docs][docs-image]][docs-link]
![Apache2/MIT licensed][license-image]
![Rust Version][rustc-image]
[![Project Chat][chat-image]][chat-link]
[![Build Status][build-image]][build-link]

Pure Rust implementation of the [SHA-1] cryptographic hash algorithm with collision detection.

## 🚨 Warning: Cryptographically Broken! 🚨

The SHA-1 hash function should be considered cryptographically broken and
unsuitable for further use in any security critical capacity, as it is
[practically vulnerable to chosen-prefix collisions][1].

But, this crate provides the detection [algorithm] pioneered by git, to detect hash collisions when they
occur and prevent them. The [paper] has more details on how this works.

This implementation will be slower to use than the pure SHA-1 implementation, as more work as to be done.

## Examples

### One-shot API

```rust
use hex_literal::hex;
use sha1_checked::Sha1;

let result = Sha1::try_digest(b"hello world");
assert_eq!(result.hash().as_ref(), hex!("2aae6c35c94fcfb415dbe95f408b9ce91ee846ed"));
assert!(!result.has_collision());
```

### Incremental API

```rust
use hex_literal::hex;
use sha1_checked::{Sha1, Digest};

let mut hasher = Sha1::new();
hasher.update(b"hello world");
let result = hasher.try_finalize();

assert_eq!(result.hash().as_ref(), hex!("2aae6c35c94fcfb415dbe95f408b9ce91ee846ed"));
assert!(!result.has_collision());
```

Also, see the [examples section] in the RustCrypto/hashes readme.

## Minimum Supported Rust Version

Rust **1.72** or higher.

Minimum supported Rust version can be changed in the future, but it will be
done with a minor version bump.

## SemVer Policy

- All on-by-default features of this library are covered by SemVer
- MSRV is considered exempt from SemVer as noted above

## License

The crate is licensed under either of:

* [Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0)
* [MIT license](http://opensource.org/licenses/MIT)

at your option.

### Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted
for inclusion in the work by you, as defined in the Apache-2.0 license, shall be
dual licensed as above, without any additional terms or conditions.

[//]: # (badges)

[crate-image]: https://img.shields.io/crates/v/sha1-checked.svg
[crate-link]: https://crates.io/crates/sha1-checked
[docs-image]: https://docs.rs/sha1-checked/badge.svg
[docs-link]: https://docs.rs/sha1-checked/
[license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg
[rustc-image]: https://img.shields.io/badge/rustc-1.72+-blue.svg
[chat-image]: https://img.shields.io/badge/zulip-join_chat-blue.svg
[chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/260041-hashes
[build-image]: https://github.com/RustCrypto/hashes/workflows/sha1-checked/badge.svg?branch=master
[build-link]: https://github.com/RustCrypto/hashes/actions?query=workflow%3Asha1-checked

[//]: # (general links)

[SHA-1]: https://en.wikipedia.org/wiki/SHA-1
[1]: https://sha-mbles.github.io/
[examples section]: https://github.com/RustCrypto/hashes#Examples
[algorithm]: https://github.com/cr-marcstevens/sha1collisiondetection
[paper]: https://marc-stevens.nl/research/papers/C13-S.pdf