frontend: update snippet hashing algorithm from SHA1 to SHA256
Change-Id: Ie1aa861c8413f075682098ff99166e62a6c0e049
Reviewed-on: https://go-review.googlesource.com/84977
Reviewed-by: Russ Cox <rsc@golang.org>
diff --git a/frontend/server_test.go b/frontend/server_test.go
index 4eec012..7c62c66 100644
--- a/frontend/server_test.go
+++ b/frontend/server_test.go
@@ -102,7 +102,7 @@
}{
{"OPTIONS no-op", http.MethodOptions, http.StatusOK, nil, nil},
{"Non-POST request", http.MethodGet, http.StatusMethodNotAllowed, nil, nil},
- {"Standard flow", http.MethodPost, http.StatusOK, []byte("Snippy McSnipface"), []byte("ti55j8ibFJ")},
+ {"Standard flow", http.MethodPost, http.StatusOK, []byte("Snippy McSnipface"), []byte("wX8wRZRjvv")},
{"Snippet too large", http.MethodPost, http.StatusRequestEntityTooLarge, make([]byte, maxSnippetSize+1), nil},
}
diff --git a/frontend/share.go b/frontend/share.go
index 1ac139f..4e9de47 100644
--- a/frontend/share.go
+++ b/frontend/share.go
@@ -6,7 +6,7 @@
import (
"bytes"
- "crypto/sha1"
+ "crypto/sha256"
"encoding/base64"
"fmt"
"io"
@@ -14,16 +14,20 @@
"os"
)
-const salt = "[replace this with something unique]"
+const (
+ // This salt is not meant to be kept secret (it’s checked in after all). It’s
+ // a tiny bit of paranoia to avoid whatever problems a collision may cause.
+ salt = "Go playground salt\n"
-const maxSnippetSize = 64 * 1024
+ maxSnippetSize = 64 * 1024
+)
type snippet struct {
Body []byte
}
func (s *snippet) ID() string {
- h := sha1.New()
+ h := sha256.New()
io.WriteString(h, salt)
h.Write(s.Body)
sum := h.Sum(nil)
