Title: [206850] trunk/Source/WebCore
- Revision
- 206850
- Author
- mcatanz...@igalia.com
- Date
- 2016-10-05 23:39:14 -0700 (Wed, 05 Oct 2016)
Log Message
[SOUP] HostTLSCertificateSet should not use SHA-1 hashes to compare certificates
https://bugs.webkit.org/show_bug.cgi?id=162965
Reviewed by Carlos Garcia Campos.
Use SHA-256 instead.
No new tests, covered by TestSSL.
* platform/network/soup/SoupNetworkSession.cpp:
(WebCore::HostTLSCertificateSet::computeCertificateHash):
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (206849 => 206850)
--- trunk/Source/WebCore/ChangeLog 2016-10-06 06:38:34 UTC (rev 206849)
+++ trunk/Source/WebCore/ChangeLog 2016-10-06 06:39:14 UTC (rev 206850)
@@ -1,5 +1,19 @@
2016-10-05 Michael Catanzaro <mcatanz...@igalia.com>
+ [SOUP] HostTLSCertificateSet should not use SHA-1 hashes to compare certificates
+ https://bugs.webkit.org/show_bug.cgi?id=162965
+
+ Reviewed by Carlos Garcia Campos.
+
+ Use SHA-256 instead.
+
+ No new tests, covered by TestSSL.
+
+ * platform/network/soup/SoupNetworkSession.cpp:
+ (WebCore::HostTLSCertificateSet::computeCertificateHash):
+
+2016-10-05 Michael Catanzaro <mcatanz...@igalia.com>
+
[GTK] Bump Chrome version in Chrome user agent quirk
https://bugs.webkit.org/show_bug.cgi?id=162984
Modified: trunk/Source/WebCore/platform/network/soup/SoupNetworkSession.cpp (206849 => 206850)
--- trunk/Source/WebCore/platform/network/soup/SoupNetworkSession.cpp 2016-10-06 06:38:34 UTC (rev 206849)
+++ trunk/Source/WebCore/platform/network/soup/SoupNetworkSession.cpp 2016-10-06 06:39:14 UTC (rev 206850)
@@ -31,6 +31,7 @@
#include "AuthenticationChallenge.h"
#include "CookieJarSoup.h"
+#include "CryptoDigest.h"
#include "FileSystem.h"
#include "GUniquePtrSoup.h"
#include "Logging.h"
@@ -39,7 +40,6 @@
#include <libsoup/soup.h>
#include <wtf/HashSet.h>
#include <wtf/NeverDestroyed.h>
-#include <wtf/SHA1.h>
#include <wtf/text/Base64.h>
#include <wtf/text/CString.h>
#include <wtf/text/StringBuilder.h>
@@ -77,13 +77,11 @@
if (!certificateData)
return String();
- SHA1 sha1;
- sha1.addBytes(certificateData->data, certificateData->len);
+ auto digest = CryptoDigest::create(CryptoDigest::Algorithm::SHA_256);
+ digest->addBytes(certificateData->data, certificateData->len);
- SHA1::Digest digest;
- sha1.computeHash(digest);
-
- return base64Encode(reinterpret_cast<const char*>(digest.data()), SHA1::hashSize);
+ auto hash = digest->computeHash();
+ return base64Encode(reinterpret_cast<const char*>(hash.data()), hash.size());
}
HashSet<String> m_certificates;
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
