Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Switch to SHA2 for secret key hashing #303

Merged
merged 2 commits into from Jul 5, 2018

Conversation

Projects
None yet
4 participants
@T-Dnzt
Copy link
Member

commented Jul 5, 2018

Issue/Task Number: T494

Overview

This PR switches away from Bcrypt to SHA2 for hashing of the secret keys.

Impact

All current access/secret keys should be deleted since they will not be usable anymore.

@T-Dnzt T-Dnzt requested review from unnawut and sirn and removed request for unnawut Jul 5, 2018

@T-Dnzt T-Dnzt self-assigned this Jul 5, 2018

@T-Dnzt T-Dnzt requested review from unnawut and mederic-p Jul 5, 2018

@sirn

sirn approved these changes Jul 5, 2018

Copy link
Member

left a comment

👍

@unnawut

unnawut approved these changes Jul 5, 2018

Copy link
Collaborator

left a comment

Thinking it might be possible to reduce the Base.url_encode64() to fewer places ...

but looks like most of them are in the tests, I might try tackle this in a separate test refactoring PR.

@T-Dnzt T-Dnzt merged commit 1802c35 into develop Jul 5, 2018

1 check passed

continuous-integration/jenkins/pr-head This commit looks good
Details

@T-Dnzt T-Dnzt deleted the T494-sha2-switch branch Jul 5, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.