@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.)
hq.recaptime.dev/wiki/Phorge
phorge
phabricator
Upgrade File content hashing to SHA256
Summary:
Ref T12464. This defuses any possible SHA1-collision attacks by using SHA256, for which there is no known collision.
(SHA256 hashes are larger -- 256 bits -- so expand the storage column to 64 bytes to hold them.)
Test Plan:
- Uploaded the same file twice, saw the two files generate the same SHA256 content hash and use the same underlying data.
- Tried with a fake hash algorihtm ("quackxyz") to make sure the failure mode worked/degraded correctly if we don't have SHA256 for some reason. Got two valid files with two copies of the same data, as expected.
Reviewers: chad
Reviewed By: chad
Maniphest Tasks: T12464
Differential Revision: https://secure.phabricator.com/D17620
+12
-2
+12
-2
src/applications/files/storage/PhabricatorFile.php
+12
-2
src/applications/files/storage/PhabricatorFile.php
···
94
94
'storageHandle' => 'text255',
95
95
'authorPHID' => 'phid?',
96
96
'secretKey' => 'bytes20?',
97
-
'contentHash' => 'bytes40?',
97
+
'contentHash' => 'bytes64?',
98
98
'ttl' => 'epoch?',
99
99
'isExplicitUpload' => 'bool?',
100
100
'mailKey' => 'bytes20',
···
718
718
}
719
719
720
720
public static function hashFileContent($data) {
721
-
return null;
721
+
// NOTE: Hashing can fail if the algorithm isn't available in the current
722
+
// build of PHP. It's fine if we're unable to generate a content hash:
723
+
// it just means we'll store extra data when users upload duplicate files
724
+
// instead of being able to deduplicate it.
725
+
726
+
$hash = hash('sha256', $data, $raw_output = false);
727
+
if ($hash === false) {
728
+
return null;
729
+
}
730
+
731
+
return $hash;
722
732
}
723
733
724
734
public function loadFileData() {