[OAK-209] BlobStore: use SHA-256 instead of SHA-1, and use two directory levels for FileBlobStore - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 0.4
Component/s: mk
Labels:
None

Description

Currently we use SHA-1 as the hash algorithm for the blob store (same as with Jackrabbit 2.x). I think it makes sense if we use SHA-256 instead:

Advantages:

SHA-1 is considered "broken" by some experts:
http://www.schneier.com/blog/archives/2005/02/sha1_broken.html

SHA-256 belongs to the SHA-2 family, which is recommended by NIST
for new applications:
http://csrc.nist.gov/groups/ST/toolkit/secure_hashing.html

Disadvantages:

Longer file name

Longer content hash

Not compatible with Jackrabbit 2.x

For the FileBlobStore, the current implementation uses only one directory level while Jackrabbit 2.x uses 3 levels. I think we should use two levels for Oak, to avoid too many files in the same directory.

Attachments

Activity

People

Assignee:: Thomas Mueller

Reporter:: Thomas Mueller

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 24/Jul/12 15:40

Updated:: 14/Aug/12 09:28

Resolved:: 02/Aug/12 15:34