do not register sha384 by default

The SHA-384 algorithm is not documented in the OCI image-spec ([1], [2]), and is not encouraged to be used. Commit 084376b registered all algorithms by default, but also included SHA-384. This patch disables SHA-384 by default, to discourage its use. [1]: https://github.com/opencontainers/image-spec/blob/v1.0.2/descriptor.md#digests [2]: https://github.com/opencontainers/image-spec/blob/v1.0.2/descriptor.md#registered-algorithms Signed-off-by: Sebastiaan van Stijn <[email protected]>
opencontainers · Jan 25, 2024 · e40c566 · e40c566
1 parent 429d031
commit e40c566
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 1 deletion.
diff --git a/digest_test.go b/digest_test.go
@@ -15,13 +15,17 @@
 package digest_test
 
 import (
+	"crypto"
 	"testing"
 
 	"github.com/opencontainers/go-digest"
 	"github.com/opencontainers/go-digest/testdigest"
 )
 
 func TestParseDigest(t *testing.T) {
+	// SHA-384 is not registered by default, but used in this test.
+	digest.RegisterAlgorithm(digest.SHA384, crypto.SHA384)
+
 	tests := []testdigest.TestCase{
 		{
 			Input:     "sha256:e58fcf7418d4390dec8e8fb69d88c06ec07039d651fedd3aa72af9972e7d046b",

diff --git a/sha.go b/sha.go
@@ -18,6 +18,5 @@ const (
 
 func init() {
 	RegisterAlgorithm(SHA256, crypto.SHA256)
-	RegisterAlgorithm(SHA384, crypto.SHA384)
 	RegisterAlgorithm(SHA512, crypto.SHA512)
 }