cheat/vendor/github.com/pjbgf/sha1cd/README.md

# sha1cd

A Go implementation of SHA1 with counter-cryptanalysis, which detects
collision attacks. 

The `cgo/lib` code is a carbon copy of the [original code], based on
the award winning [white paper] by Marc Stevens.

The Go implementation is largely based off Go's generic sha1.
At present no SIMD optimisations have been implemented.

## Usage

`sha1cd` can be used as a drop-in replacement for `crypto/sha1`:

```golang
import "github.com/pjbgf/sha1cd"

func test(){
	data := []byte("data to be sha1 hashed")
	h := sha1cd.Sum(data)
	fmt.Printf("hash: %q\n", hex.EncodeToString(h))
}
```

To obtain information as to whether a collision was found, use the
func `CollisionResistantSum`.

```golang
import "github.com/pjbgf/sha1cd"

func test(){
	data := []byte("data to be sha1 hashed")
	h, col  := sha1cd.CollisionResistantSum(data)
	if col {
		fmt.Println("collision found!")
	}
	fmt.Printf("hash: %q", hex.EncodeToString(h))
}
```

Note that the algorithm will automatically avoid collision, by 
extending the SHA1 to 240-steps, instead of 80 when a collision
attempt is detected. Therefore, inputs that contains the unavoidable
bit conditions will yield a different hash from `sha1cd`, when compared
with results using `crypto/sha1`. Valid inputs will have matching the outputs.

## References
- https://shattered.io/
- https://github.com/cr-marcstevens/sha1collisiondetection
- https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Secure-Hashing#shavs

## Use of the Original Implementation
- https://github.com/git/git/commit/28dc98e343ca4eb370a29ceec4c19beac9b5c01e
- https://github.com/libgit2/libgit2/pull/4136

[original code]: https://github.com/cr-marcstevens/sha1collisiondetection
[white paper]: https://marc-stevens.nl/research/papers/C13-S.pdf
chore(deps): upgrade dependencies Upgrade all dependencies to newest versions. 2023-12-13 14:29:02 +01:00			`# sha1cd`

			`A Go implementation of SHA1 with counter-cryptanalysis, which detects`
			`collision attacks.`

			The `cgo/lib` code is a carbon copy of the [original code], based on
			`the award winning [white paper] by Marc Stevens.`

			`The Go implementation is largely based off Go's generic sha1.`
			`At present no SIMD optimisations have been implemented.`

			`## Usage`

			`sha1cd` can be used as a drop-in replacement for `crypto/sha1`:

			```golang
			`import "github.com/pjbgf/sha1cd"`

			`func test(){`
			`data := []byte("data to be sha1 hashed")`
			`h := sha1cd.Sum(data)`
			`fmt.Printf("hash: %q\n", hex.EncodeToString(h))`
			`}`
			```

			`To obtain information as to whether a collision was found, use the`
			func `CollisionResistantSum`.

			```golang
			`import "github.com/pjbgf/sha1cd"`

			`func test(){`
			`data := []byte("data to be sha1 hashed")`
			`h, col := sha1cd.CollisionResistantSum(data)`
			`if col {`
			`fmt.Println("collision found!")`
			`}`
			`fmt.Printf("hash: %q", hex.EncodeToString(h))`
			`}`
			```

			`Note that the algorithm will automatically avoid collision, by`
			`extending the SHA1 to 240-steps, instead of 80 when a collision`
			`attempt is detected. Therefore, inputs that contains the unavoidable`
			bit conditions will yield a different hash from `sha1cd`, when compared
			with results using `crypto/sha1`. Valid inputs will have matching the outputs.

			`## References`
			`- https://shattered.io/`
			`- https://github.com/cr-marcstevens/sha1collisiondetection`
			`- https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Secure-Hashing#shavs`

			`## Use of the Original Implementation`
			`- https://github.com/git/git/commit/28dc98e343ca4eb370a29ceec4c19beac9b5c01e`
			`- https://github.com/libgit2/libgit2/pull/4136`

			`[original code]: https://github.com/cr-marcstevens/sha1collisiondetection`
			`[white paper]: https://marc-stevens.nl/research/papers/C13-S.pdf`