Merge pull request #639 from Katee/update-sha1-to-sha256

Use SHA256 instead of SHA1 for fingerprinting
quay · Oct 15, 2018 · 2ac088d · 2ac088d
2 parents fe614f2 + 8d5a013
commit 2ac088d
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/ext/vulnsrc/debian/debian.go b/ext/vulnsrc/debian/debian.go
@@ -17,7 +17,7 @@
 package debian
 
 import (
-	"crypto/sha1"
+	"crypto/sha256"
 	"encoding/hex"
 	"encoding/json"
 	"fmt"
@@ -67,7 +67,7 @@ func (u *updater) Update(datastore database.Datastore) (resp vulnsrc.UpdateRespo
 		return resp, err
 	}
 
-	// Get the SHA-1 of the latest update's JSON data
+	// Get the hash of the latest update's JSON data
 	latestHash, ok, err := tx.FindKeyValue(updaterFlag)
 	if err != nil {
 		return resp, err
@@ -119,9 +119,9 @@ func buildResponse(jsonReader io.Reader, latestKnownHash string) (resp vulnsrc.U
 		}
 	}()
 
-	// Create a TeeReader so that we can unmarshal into JSON and write to a SHA-1
+	// Create a TeeReader so that we can unmarshal into JSON and write to a hash
 	// digest at the same time.
-	jsonSHA := sha1.New()
+	jsonSHA := sha256.New()
 	teedJSONReader := io.TeeReader(jsonReader, jsonSHA)
 
 	// Unmarshal JSON.