HomePhabricator
Diffusion Phabricator 58011a4e8e7f

Upgrade File content hashing to SHA256
58011a4e8e7f
Actions

Description

Upgrade File content hashing to SHA256

Summary:
Ref T12464. This defuses any possible SHA1-collision attacks by using SHA256, for which there is no known collision.

(SHA256 hashes are larger -- 256 bits -- so expand the storage column to 64 bytes to hold them.)

Test Plan:

  • Uploaded the same file twice, saw the two files generate the same SHA256 content hash and use the same underlying data.
  • Tried with a fake hash algorihtm ("quackxyz") to make sure the failure mode worked/degraded correctly if we don't have SHA256 for some reason. Got two valid files with two copies of the same data, as expected.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12464

Differential Revision: https://secure.phabricator.com/D17620

Details

Provenance
epriestleyAuthored on Apr 4 2017, 10:31 PM
epriestleyPushed on Apr 4 2017, 11:23 PM
Reviewer
chad
Differential Revision
D17620: Upgrade File content hashing to SHA256
Parents
rP440ef5b7a7e4: Remove SHA1 file content hashing and make Files work without any hashing
Branches
Unknown
Tags
Unknown
Tasks
T12464: Move away from SHA1 in Files
Build Status
Buildable 16310
Build 21684: Run Core Tests

Changes (1)

PathSize
src/
applications/
files/
storage/

rP58011a4e8e7f

View Options

src/applications/files/storage/PhabricatorFile.php

Loading...
Phabricator ยท Built by Phacility