use sha256 instead of sha1, minor changes

6 years ago · 198176427b
parent 944c8b52ee
commit 198176427b
4 changed files with 10 additions and 12 deletions
--- a/cmd/control/cmd/sanitize.go
+++ b/cmd/control/cmd/sanitize.go
@ -20,9 +20,9 @@ var sanitizeCmd = &cobra.Command{
 		fmt.Println()
 		fmt.Println(" HOW IT WORKS")
-		fmt.Println("   In sanitized history, all sensitive information is replaced with its SHA1 hashes.")
+		fmt.Println("   In sanitized history, all sensitive information is replaced with its SHA256 hashes.")
 		fmt.Println()
-		fmt.Println("Resulting sanitized files ...")
+		fmt.Println("Creating sanitized history files ...")
 		fmt.Println(" * ~/resh_history_sanitized.json (full lengh hashes)")
 		execCmd := exec.Command("resh-sanitize", "-trim-hashes", "0", "--output", dir+"/resh_history_sanitized.json")
 		execCmd.Stdout = os.Stdout
--- a/cmd/sanitize/main.go
+++ b/cmd/sanitize/main.go
@ -2,7 +2,7 @@ package main
 import (
 	"bufio"
-	"crypto/sha1"
+	"crypto/sha256"
 	"encoding/binary"
 	"encoding/hex"
 	"encoding/json"
@ -480,21 +480,17 @@ func (s *sanitizer) hashToken(token string) string {
 	if len(token) <= 0 {
 		return token
 	}
-	// hash with sha1
+	// hash with sha256
-	h := sha1.New()
+	sum := sha256.Sum256([]byte(token))
-	h.Write([]byte(token))
+	return s.trimHash(hex.EncodeToString(sum[:]))
 	sum := h.Sum(nil)
 	return s.trimHash(hex.EncodeToString(sum))
 }
 func (s *sanitizer) hashNumericToken(token string) string {
 	if len(token) <= 0 {
 		return token
 	}
-	h := sha1.New()
+	sum := sha256.Sum256([]byte(token))
-	h.Write([]byte(token))
+	sumInt := int(binary.LittleEndian.Uint64(sum[:]))
 	sum := h.Sum(nil)
 	sumInt := int(binary.LittleEndian.Uint64(sum))
 	if sumInt < 0 {
 		return strconv.Itoa(sumInt * -1)
 	}
--- a/go.mod
+++ b/go.mod
@ -5,6 +5,7 @@ go 1.12
 require (
 	github.com/BurntSushi/toml v0.3.1
 	github.com/awesome-gocui/gocui v0.6.0
 	github.com/coreos/go-semver v0.2.0
 	github.com/jpillora/longestcommon v0.0.0-20161227235612-adb9d91ee629
 	github.com/mattn/go-runewidth v0.0.8 // indirect
 	github.com/mattn/go-shellwords v1.0.6
--- a/go.sum
+++ b/go.sum
@ -52,6 +52,7 @@ github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:
 golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=