Tracker of removing/reviewing hard-coded uses of SHA-256

[mtrmac]

Rules:

• This lists individual subpackages in this repository, identified as relevant by https://github.com/mtrmac/container-libs/tree/digest-audit . Inclusion of a subpackage on the list means that a review is necessary, not that there is certainly work to be done.
• For each subpackage, link to PRs that fix things in that subpackage, issues where designs are discussed / tracked, or add a brief comment if all uses were reviewed and no action is necessary.
• The checkbox should be marked as done only when there is no outstanding work for that subpackage.

---

• common/libimage
• common/libimage/manifests
• common/pkg/libartifact
• common/pkg/libartifact/store
• common/pkg/manifests: Document that we assume exact digest matching in c/common/pkg/manifests #511
• common/pkg/supplemented
• image/copy: Add digests.Options and set one up inside c/image/copy #530, In compareImageDestinationManifestEqual, compare full manifests #510, much more outstanding
• image/directory: dir: sha512 support for skopeo copy #475, image/directory: store manifest and signature with digest algorithm prefix #535
• image/docker
• image/docker/daemon: Implementation is generic, but explicitly refuses non-sha256: The API syntax is ambiguous for Docker short names vs. image IDs, and that’s been resolved by reserving the sha256: repo name only. Anyway digest references are currently broken due to Error "Manifest does not match provided manifest digest" when using @sha256:digest in docker-daemon #261 .
• image/docker/internal/tarfile: Respect digests.Options in sif:, tarball:, and for configs in docker-daemon: and docker-archive: #531 for source, destination outstanding
• image/docker/policyconfiguration: Correctly reflects users’ input
• image/docker/reference: Deprecate reference.ParseAnyReference #508, otherwise only parses/formats unmodified digest values.
• image/internal/image: image/internal: validate blob against digest #486 , more uses outstanding
• image/internal/imagedestination/impl
• image/internal/manifest: [sha512] image/manifest: Add DigestWithAlgorithm function #499 updates the package, but then we need to deprecate/audit manifest.Digest
• image/internal/putblobdigest
• image/manifest: Manifest.ImageID, future design unclear yet
• image/oci/layout
• image/openshift: Forwards to docker:// or uses a full digest in API calls
• image/pkg/blobcache
• image/pkg/blobinfocache/*: Will we need to re-design to record known pairs of equivalent sha256/sha512 digests and the like? At least .UncompressedDigest* assume there is only one such value.
• image/pkg/blobinfocache/boltdb
• image/pkg/blobinfocache/internal/prioritize: Will we need to filter matches based on user-desired digest?
• image/pkg/blobinfocache/internal/test: Used in tests only
• image/pkg/blobinfocache/memory
• image/pkg/blobinfocache/sqlite
• image/sif: Respect digests.Options in sif:, tarball:, and for configs in docker-daemon: and docker-archive: #531
• image/signature: Need to determine/use the desired digest algorithm when signing
• image/signature/internal: Need to determine/use the desired digest algorithm when signing
• image/signature/sigstore/fulcio: Will need to allow generating non-sha256-based keys for Fulcio certificates
• image/storage: [sha512] Configurable digest support for container image builds #519 …
• image/tarball: Respect digests.Options in sif:, tarball:, and for configs in docker-daemon: and docker-archive: #531
• storage
• storage/cmd/containers-storage: set-image-big-data and applydiff-using-staging-dir hard-code SHA256, otherwise just prints of recorded data.
• storage/pkg/chunked/compressor
• storage/pkg/chunked/internal/minimal
• storage/pkg/chunked/internal/path
• storage/pkg/supported-digests

Note that the digest-audit-generated list is not exhaustive, e.g. it can’t identify

• layer ID / image ID values (typed as a plain string throughout the codebase).
• References to digest.SHA256, digest.Canonical, digest.FromBytes and the like.
• Indirect uses of digests via other functions which imply a SHA-256 assumption (e.g. calls to manifest.Digest)

Those to-do items need to be added manually.

[mtrmac]

For the record, the precise command used to generate the list:

for i in storage image common; do go run ./digest-audit ./$i; done | sed 's,^\([^:]*\)/[^/:]*:.*$,- [ ] \1,' | LC_ALL=C sort -u

[mtrmac]

Cc: @lsm5

[lsm5]

• image/storage

#519

[lsm5]

• image/directory:

#535