Page MenuHomePhabricator

Upgrade File content hashing to SHA256
ClosedPublic

Authored by epriestley on Apr 4 2017, 10:38 PM.

Details

Summary

Ref T12464. This defuses any possible SHA1-collision attacks by using SHA256, for which there is no known collision.

(SHA256 hashes are larger -- 256 bits -- so expand the storage column to 64 bytes to hold them.)

Test Plan
  • Uploaded the same file twice, saw the two files generate the same SHA256 content hash and use the same underlying data.
  • Tried with a fake hash algorihtm ("quackxyz") to make sure the failure mode worked/degraded correctly if we don't have SHA256 for some reason. Got two valid files with two copies of the same data, as expected.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable