JAMES-2201 Switch to SHA-256 for Cassandra blob IDs This is in reaction to rising threats of SHA-1 collisions (see SHAttered from Google).
Project: http://git-wip-us.apache.org/repos/asf/james-project/repo Commit: http://git-wip-us.apache.org/repos/asf/james-project/commit/1795156c Tree: http://git-wip-us.apache.org/repos/asf/james-project/tree/1795156c Diff: http://git-wip-us.apache.org/repos/asf/james-project/diff/1795156c Branch: refs/heads/master Commit: 1795156ccb5faa828d40fd2aef70bcb57c5b9d67 Parents: fc99239 Author: Thibaut SAUTEREAU <tsauter...@linagora.com> Authored: Mon Oct 23 11:31:02 2017 +0700 Committer: Thibaut SAUTEREAU <tsauter...@linagora.com> Committed: Wed Nov 8 17:26:58 2017 +0700 ---------------------------------------------------------------------- .../main/java/org/apache/james/mailbox/cassandra/ids/BlobId.java | 2 +- .../java/org/apache/james/mailbox/cassandra/ids/BlobIdTest.java | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/james-project/blob/1795156c/mailbox/cassandra/src/main/java/org/apache/james/mailbox/cassandra/ids/BlobId.java ---------------------------------------------------------------------- diff --git a/mailbox/cassandra/src/main/java/org/apache/james/mailbox/cassandra/ids/BlobId.java b/mailbox/cassandra/src/main/java/org/apache/james/mailbox/cassandra/ids/BlobId.java index d04fc07..3824003 100644 --- a/mailbox/cassandra/src/main/java/org/apache/james/mailbox/cassandra/ids/BlobId.java +++ b/mailbox/cassandra/src/main/java/org/apache/james/mailbox/cassandra/ids/BlobId.java @@ -30,7 +30,7 @@ import com.google.common.base.Strings; public class BlobId { public static BlobId forPayload(byte[] payload) { Preconditions.checkArgument(payload != null); - return new BlobId(DigestUtils.sha1Hex(payload)); + return new BlobId(DigestUtils.sha256Hex(payload)); } public static BlobId from(String id) { http://git-wip-us.apache.org/repos/asf/james-project/blob/1795156c/mailbox/cassandra/src/test/java/org/apache/james/mailbox/cassandra/ids/BlobIdTest.java ---------------------------------------------------------------------- diff --git a/mailbox/cassandra/src/test/java/org/apache/james/mailbox/cassandra/ids/BlobIdTest.java b/mailbox/cassandra/src/test/java/org/apache/james/mailbox/cassandra/ids/BlobIdTest.java index 56d6356..3e17004 100644 --- a/mailbox/cassandra/src/test/java/org/apache/james/mailbox/cassandra/ids/BlobIdTest.java +++ b/mailbox/cassandra/src/test/java/org/apache/james/mailbox/cassandra/ids/BlobIdTest.java @@ -71,13 +71,13 @@ public class BlobIdTest { public void forPayloadShouldHashEmptyArray() { BlobId blobId = BlobId.forPayload(new byte[0]); - assertThat(blobId.getId()).isEqualTo("da39a3ee5e6b4b0d3255bfef95601890afd80709"); + assertThat(blobId.getId()).isEqualTo("e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"); } @Test public void forPayloadShouldHashArray() { BlobId blobId = BlobId.forPayload("content".getBytes(Charsets.UTF_8)); - assertThat(blobId.getId()).isEqualTo("040f06fd774092478d450774f5ba30c5da78acc8"); + assertThat(blobId.getId()).isEqualTo("ed7002b439e9ac845f22357d822bac1444730fbdb6016d3ec9432297b9ec9f73"); } } --------------------------------------------------------------------- To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org For additional commands, e-mail: server-dev-h...@james.apache.org