Upgrade File content hashing to SHA256
58011a4e8e7fUnpublished
Actions

Unpublished Commit · Learn More

Repository Importing: This repository is still importing.

Upgrade File content hashing to SHA256

Summary:
Ref T12464. This defuses any possible SHA1-collision attacks by using SHA256, for which there is no known collision.

(SHA256 hashes are larger -- 256 bits -- so expand the storage column to 64 bytes to hold them.)

Test Plan:

Uploaded the same file twice, saw the two files generate the same SHA256 content hash and use the same underlying data.
Tried with a fake hash algorihtm ("quackxyz") to make sure the failure mode worked/degraded correctly if we don't have SHA256 for some reason. Got two valid files with two copies of the same data, as expected.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12464

Provenance

epriestley <git@epriestley.com>

Authored on Apr 5 2017, 12:31 AM

Parents

Branches

Unknown

Tags

Unknown

epriestley <git@epriestley.com> committed rPHAB58011a4e8e7f: Upgrade File content hashing to SHA256 (authored by epriestley <git@epriestley.com>).Apr 5 2017, 1:23 AM

Path

Size

src/

applications/

files/

storage/