[Development] Backporting the Keccak change
Harri Porten
porten at froglogic.com
Sun Sep 3 11:35:54 CEST 2017
On Sat, 2 Sep 2017, Oswald Buddenhagen wrote:
> if we wanted to be really conservative, we'd leave the old meaning of
> the sha3 constants and introduce realSha3 (or something to that effect)
> instead, in 5.10+. keccak aliases would be also provided for a smooth
> migration.
Fwiw, I would have appreciated such a bug-compatible approach. For a new
product we relied on the old SHA-3 to store hashes of data. That data is
lost now. Luckily the losses were minimal and did not affect customers,
yet.
On the other hand: having users rely on a buggy implementation without
knowing (who reads API documentation for completed code?) has its
downsides as well.
In that light, giving up the backward compatibility and changinging the
Sha3_256 enum to intentionally breaking Sha3_256_Good+Sha3_256_Broken for
the rest of Qt 5.x lifetime could have been an option, too....
Harri.
More information about the Development
mailing list