Page MenuHomePhabricator

Upgrade File content hashing to SHA256
ClosedPublic

Authored by epriestley on Apr 4 2017, 10:38 PM.
Tags
None
Referenced Files
F14013194: D17620.id42383.diff
Sat, Nov 2, 1:58 AM
F14013193: D17620.id42372.diff
Sat, Nov 2, 1:58 AM
F14013192: D17620.id.diff
Sat, Nov 2, 1:58 AM
F14011336: D17620.diff
Thu, Oct 31, 10:55 PM
F14005415: D17620.diff
Sun, Oct 27, 12:37 PM
F13972882: D17620.id42383.diff
Thu, Oct 17, 9:41 PM
F13963529: D17620.id42372.diff
Tue, Oct 15, 4:26 PM
F13960438: D17620.id42383.diff
Mon, Oct 14, 11:24 PM
Subscribers
None

Details

Summary

Ref T12464. This defuses any possible SHA1-collision attacks by using SHA256, for which there is no known collision.

(SHA256 hashes are larger -- 256 bits -- so expand the storage column to 64 bytes to hold them.)

Test Plan
  • Uploaded the same file twice, saw the two files generate the same SHA256 content hash and use the same underlying data.
  • Tried with a fake hash algorihtm ("quackxyz") to make sure the failure mode worked/degraded correctly if we don't have SHA256 for some reason. Got two valid files with two copies of the same data, as expected.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable