Add new setting for file hashing algorithms

Using securesystemslib.settings.HASH_ALGORITHMS is undersirable, because
it binds tuf to an implementation detail of the underlying library.
In this specific instance of file hashing algorithms it's even more
undesirable because it's overloading the intended use of the setting
which is "algorithm(s) [...] used to generate key IDs".

Add a new setting tuf.settings.FILE_HASH_ALGORITHMS, with a default
value of ['sha256', 'sha512'] (that matches the current value of
securesystemslib.settings.HASH_ALGORITHMS), to be used for file
hashing operations in tuf.

Signed-off-by: Joshua Lock <jlock@vmware.com>

tuf/repository_lib.py

@@ -974,7 +974,7 @@ def get_metadata_fileinfo(filename, custom=None):
   # file information, such as the file's author, version/revision
   # numbers, etc.
   filesize, filehashes = securesystemslib.util.get_file_details(filename,
-      securesystemslib.settings.HASH_ALGORITHMS)
+      tuf.settings.FILE_HASH_ALGORITHMS)
 
   return tuf.formats.make_fileinfo(filesize, filehashes, custom=custom)
 

tuf/settings.py

@@ -102,6 +102,9 @@
 # the securesystemslib external library.
 DEFAULT_HASH_ALGORITHM = 'sha256'
 
+# The hashing algorithms used to compute file hashes
+FILE_HASH_ALGORITHMS = ['sha256', 'sha512']
+
 # The client's update procedure (contained within a while-loop) can potentially
 # hog the CPU.  The following setting can be used to force the update sequence
 # to suspend execution for a specified amount of time.  See