Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use SHA256 instead of SHA1 for fingerprinting #639

Merged
merged 1 commit into from Oct 15, 2018
Merged

Use SHA256 instead of SHA1 for fingerprinting #639

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
8 changes: 4 additions & 4 deletions ext/vulnsrc/debian/debian.go
View file
Open in desktop
Expand Up @@ -17,7 +17,7 @@
package debian

import (
"crypto/sha1"
"crypto/sha256"
"encoding/hex"
"encoding/json"
"fmt"
Expand Down Expand Up @@ -67,7 +67,7 @@ func (u *updater) Update(datastore database.Datastore) (resp vulnsrc.UpdateRespo
return resp, err
}

// Get the SHA-1 of the latest update's JSON data
// Get the hash of the latest update's JSON data
latestHash, ok, err := tx.FindKeyValue(updaterFlag)
if err != nil {
return resp, err
Expand Down Expand Up @@ -119,9 +119,9 @@ func buildResponse(jsonReader io.Reader, latestKnownHash string) (resp vulnsrc.U
}
}()

// Create a TeeReader so that we can unmarshal into JSON and write to a SHA-1
// Create a TeeReader so that we can unmarshal into JSON and write to a hash
// digest at the same time.
jsonSHA := sha1.New()
jsonSHA := sha256.New()
teedJSONReader := io.TeeReader(jsonReader, jsonSHA)

// Unmarshal JSON.
Expand Down