Now SHA256 has been shown to be an adequate replacement for SHA1, use SHA256 for verifying all port downloads. Ref #2767
http://www.pcg-random.org/ http://www.pcg-random.org/using-pcg-c.html Ref #2477 Fix #2499