Description
HashEntry is defined by the CoSWID spec. Digest is defined by the CoRIM spec. The two definitions are nearly identical. Both pair an algorithm from IANA hash algorithm registry, with a byte string containing the hash. The only difference is that HashEntry requires the algorithm to be represented by its integer ID, and Digest allows either the integer ID or the string name.
Even though HashEntry mandates integer algorithms, for JSON representation (which is not coverd by the spec) we'd still want to use string names, as the reprsentation is entended to be human-readable. Digest implementation in #15 will use integer representation when serializing into CBOR*, so the implmentation will always produce spec-compliant CoSWIDs and will only be sightly more generous when parsing.
*It will, currently, fall back to string names for algorithms that don't have an ID. I can change it to use 0 , which would technically be compliant with the CoSWID spec; or, we could just drop these/raise an error for now.
FWIW, the Go implementation of CoRIM just uses CoSWID's HashEntry for digests: https://github.com/veraison/corim/blob/c72125652c527f07cdf3ae23ce12a20666327d04/comid/digests.go#L14