forked from onflow/flow-go
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Replace getFileMD5 with getFileSHA256
The function was using an MD5 for checking, whereas a more secure option like SHA-256 would be preferred. See https://www.iacr.org/cryptodb/data/paper.php?pubkey=23903 (for example) for the (in-)security. SHA256 was chosen over Blake2 because there's a widely deployed CLI sha256sum on unix systems, and performance is not an issue here. Activates gosec G401 to fix such an issue, activates G501, G502, G503, G505 to tie up loose ends on less-secure hash functions..
- Loading branch information
1 parent
5ab2a15
commit 3fe8bcc
Showing
4 changed files
with
15 additions
and
11 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters