On Thu, Aug 11, 2011 at 5:46 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> Marko Kreen <markokr@gmail.com> writes:
>> On Wed, Aug 10, 2011 at 9:19 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>>> ... which this approach would create, because digest() isn't restricted
>>> to just those algorithms. I think it'd be better to just invent two
>>> new functions, which also avoids issues for applications that currently
>>> expect the digest functions to be installed in pgcrypto's schema.
>
>> I would suggest digest() with fixed list of algorithms: md5, sha1, sha2.
>
>> The uncommon/obsolete algorithms that can be used
>> from digest() if compiled with openssl, are not something we
>> need to worry over. In fact we have never "supported" them,
>> as no testing has been done.
>
> Hmm ... they may be untested by us, but I feel sure that if we remove
> that functionality from pgcrypto, *somebody* is gonna complain.
If you dont want to break digest() but do not want such behaviour in core,
we could go with hash(data, algo) that has fixed number of digests,
but also couple non-cryptographic hashes like crc32, lookup2/3.
This would also fix the problem of people using hashtext() in user code.
--
marko
