[pacman-dev] [PATCH] Replace MD5 with SHA-256 as a default file integrity check in PKGBUILDs

[Artur Juraszek]

A non-text attachment was scrubbed...
Name: 0001-Replace-MD5-with-SHA-256-as-a-default-file-integrity.patch
Type: text/x-patch
Size: 4961 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/pacman-dev/attachments/20200123/196ede9a/attachment.bin>
-------------- next part --------------
Hi all,

While poking through Arch's package system, I noticed that despite its
bad reputation, MD5 remains a default, and even some kind of a "recommendation", due
to its presence in the example PKBUILDs, hashing algorithm for file integrity verification.

Is there a reason to not have it changed to a more future-proof one? I mean, at least for now,
it seems good enough to protect before a so-called "2nd preimage attack", which is the primary
concern in the classic file verification scenario, BUT:

a) given the huge size of AUR and its rather chaotic nature, it is not that hard to imagine
_a_ malicious upstream which could try to sneak some nasty changes in its own files,
with AUR maintainer not noticing anything - leveraging flaws which do exist and are quite
well-explored even today.

b) it's already shown its weaknesses and it is not going to be any better - the only research direction
is to found more (practical) attacks against MD5, so faster the change, fewer the people possibly
affected in the future

Attaching a patch which, I think, replaces MD5 with SHA256 as a default completely - it's my first
change in ABS-related code, though, so please do not hesitate to criticize if something's wrong ;]

--
Artur Juraszek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/pacman-dev/attachments/20200123/196ede9a/attachment.sig>