src/backup/crypt_config.rs - compute_digest: make it more secure
This commit is contained in:
parent
69e5d71961
commit
c1ff544eff
@ -80,10 +80,9 @@ impl CryptConfig {
|
||||
/// chunk digest values do not clash with values computed for
|
||||
/// other sectret keys.
|
||||
pub fn compute_digest(&self, data: &[u8]) -> [u8; 32] {
|
||||
// FIXME: use HMAC-SHA256 instead??
|
||||
let mut hasher = openssl::sha::Sha256::new();
|
||||
hasher.update(&self.id_key);
|
||||
hasher.update(data);
|
||||
hasher.update(&self.id_key); // at the end, to avoid length extensions attacks
|
||||
hasher.finish()
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user