source.dussan.org Git - jgit.git/commit

author	Matthias Sohn <matthias.sohn@sap.com>
	Fri, 11 Nov 2022 16:54:06 +0000 (17:54 +0100)
committer	Matthias Sohn <matthias.sohn@sap.com>
	Tue, 15 Nov 2022 22:08:13 +0000 (23:08 +0100)
commit	59029aec30ff6b3cb2d9c74af77fe96a5f108595
tree	64b159c81aae76193677d5457327d200f64a41d3	tree \| snapshot
parent	924491d4df62b1e43e9458f922da6ef4f3b3df30	commit \| diff

Add option to allow using JDK's SHA1 implementation

The change If6da9833 moved the computation of SHA1 from the JVM's
JCE to a pure Java implementation with collision detection.
The extra security for public sites comes with a cost of slower
SHA1 processing compared to the native implementation in the JDK.

When JGit is used internally and not exposed to any traffic from
external or untrusted users, the extra cost of the pure Java SHA1
implementation can be avoided, falling back to the previous
native MessageDigest implementation.

Bug: 580310
Change-Id: Ic24c0ba1cb0fb6282b8ca3025ffbffa84035565e

org.eclipse.jgit.test/tst/org/eclipse/jgit/util/sha1/SHA1Test.java		diff \| blob \| history
org.eclipse.jgit/src/org/eclipse/jgit/lib/ConfigConstants.java		diff \| blob \| history
org.eclipse.jgit/src/org/eclipse/jgit/util/sha1/SHA1.java		diff \| blob \| history
org.eclipse.jgit/src/org/eclipse/jgit/util/sha1/SHA1Java.java	[new file with mode: 0644]	blob
org.eclipse.jgit/src/org/eclipse/jgit/util/sha1/SHA1Native.java	[new file with mode: 0644]	blob
org.eclipse.jgit/src/org/eclipse/jgit/util/sha1/Sha1CollisionException.java		diff \| blob \| history