merged branch jfsimon/issue-8583 (PR #8609)
This PR was squashed before being merged into the master branch (closes #8609).
Discussion
----------
Replace sha1 and md5 hashing with sha256 algorithm
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8583
Commits
-------
dd8014a Replace sha1 and md5 hashing with sha256 algorithm
This commit is contained in:
Fabien Potencier
commit
cade045e34
|
|
@ -368,7 +368,7 @@ abstract class AbstractDoctrineExtension extends Extension
|
|||
|
||||
if (!isset($cacheDriver['namespace'])) {
|
||||
// generate a unique namespace for the given application
|
||||
$cacheDriver['namespace'] = 'sf2'.$this->getMappingResourceExtension().'_'.$objectManager['name'].'_'.md5($container->getParameter('kernel.root_dir').$container->getParameter('kernel.environment'));
|
||||
$cacheDriver['namespace'] = 'sf2'.$this->getMappingResourceExtension().'_'.$objectManager['name'].'_'.hash('sha256',($container->getParameter('kernel.root_dir').$container->getParameter('kernel.environment')));
|
||||
}
|
||||
|
||||
$cacheDef->addMethodCall('setNamespace', array($cacheDriver['namespace']));
|
||||
|
|
|
|||
|
|
@ -109,7 +109,7 @@ abstract class DoctrineType extends AbstractType
|
|||
? spl_object_hash($options['group_by'])
|
||||
: $options['group_by'];
|
||||
|
||||
$hash = md5(json_encode(array(
|
||||
$hash = hash('sha256', json_encode(array(
|
||||
spl_object_hash($options['em']),
|
||||
$options['class'],
|
||||
$propertyHash,
|
||||
|
|
|
|||
|
|
@ -624,7 +624,7 @@ class FrameworkExtension extends Extension
|
|||
->replaceArgument(1, new Reference('validator.mapping.cache.'.$config['cache']));
|
||||
$container->setParameter(
|
||||
'validator.mapping.cache.prefix',
|
||||
'validator_'.md5($container->getParameter('kernel.root_dir'))
|
||||
'validator_'.hash('sha256', $container->getParameter('kernel.root_dir'))
|
||||
);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -53,7 +53,7 @@ class ClassCollectionLoader
|
|||
$classes = array_diff($classes, $declared);
|
||||
|
||||
// the cache is different depending on which classes are already declared
|
||||
$name = $name.'-'.substr(md5(implode('|', $classes)), 0, 5);
|
||||
$name = $name.'-'.substr(hash('sha256', implode('|', $classes)), 0, 5);
|
||||
}
|
||||
|
||||
$classes = array_unique($classes);
|
||||
|
|
|
|||
|
|
@ -233,7 +233,7 @@ class XmlFileLoader extends FileLoader
|
|||
if (false !== $nodes = $xml->xpath('//container:argument[@type="service"][not(@id)]|//container:property[@type="service"][not(@id)]')) {
|
||||
foreach ($nodes as $node) {
|
||||
// give it a unique name
|
||||
$id = sprintf('%s_%d', md5($file), ++$count);
|
||||
$id = sprintf('%s_%d', hash('sha256', $file), ++$count);
|
||||
$node['id'] = $id;
|
||||
|
||||
$definitions[$id] = array($node->service, $file, false);
|
||||
|
|
@ -245,7 +245,7 @@ class XmlFileLoader extends FileLoader
|
|||
if (false !== $nodes = $xml->xpath('//container:services/container:service[not(@id)]')) {
|
||||
foreach ($nodes as $node) {
|
||||
// give it a unique name
|
||||
$id = sprintf('%s_%d', md5($file), ++$count);
|
||||
$id = sprintf('%s_%d', hash('sha256', $file), ++$count);
|
||||
$node['id'] = $id;
|
||||
|
||||
$definitions[$id] = array($node, $file, true);
|
||||
|
|
|
|||
|
|
@ -164,7 +164,7 @@ class ChoiceType extends AbstractType
|
|||
$choices = null !== $options['choices'] ? $options['choices'] : array();
|
||||
|
||||
// Reuse existing choice lists in order to increase performance
|
||||
$hash = md5(json_encode(array($choices, $options['preferred_choices'])));
|
||||
$hash = hash('sha256', json_encode(array($choices, $options['preferred_choices'])));
|
||||
|
||||
if (!isset($choiceListCache[$hash])) {
|
||||
$choiceListCache[$hash] = new SimpleChoiceList($choices, $options['preferred_choices']);
|
||||
|
|
|
|||
|
|
@ -249,7 +249,7 @@ class MockArraySessionStorage implements SessionStorageInterface
|
|||
*/
|
||||
protected function generateId()
|
||||
{
|
||||
return sha1(uniqid(mt_rand()));
|
||||
return hash('sha256', uniqid(mt_rand()));
|
||||
}
|
||||
|
||||
protected function loadSession()
|
||||
|
|
|
|||
|
|
@ -214,7 +214,7 @@ class Store implements StoreInterface
|
|||
*/
|
||||
protected function generateContentDigest(Response $response)
|
||||
{
|
||||
return 'en'.sha1($response->getContent());
|
||||
return 'en'.hash('sha256', $response->getContent());
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -377,7 +377,7 @@ class Store implements StoreInterface
|
|||
return $this->keyCache[$request];
|
||||
}
|
||||
|
||||
return $this->keyCache[$request] = 'md'.sha1($request->getUri());
|
||||
return $this->keyCache[$request] = 'md'.hash('sha256', $request->getUri());
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -204,7 +204,7 @@ class Profiler
|
|||
return;
|
||||
}
|
||||
|
||||
$profile = new Profile(substr(sha1(uniqid(mt_rand(), true)), 0, 6));
|
||||
$profile = new Profile(substr(hash('sha256', uniqid(mt_rand(), true)), 0, 6));
|
||||
$profile->setTime(time());
|
||||
$profile->setUrl($request->getUri());
|
||||
$profile->setIp($request->getClientIp());
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@ class HIncludeFragmentRendererTest extends \PHPUnit_Framework_TestCase
|
|||
{
|
||||
$strategy = new HIncludeFragmentRenderer(null, new UriSigner('foo'));
|
||||
|
||||
$this->assertEquals('<hx:include src="/_fragment?_path=_format%3Dhtml%26_locale%3Den%26_controller%3Dmain_controller&_hash=5RZ1IkwF487EaXt6buHka73CCtQ%3D"></hx:include>', $strategy->render(new ControllerReference('main_controller', array(), array()), Request::create('/'))->getContent());
|
||||
$this->assertEquals('<hx:include src="/_fragment?_path=_format%3Dhtml%26_locale%3Den%26_controller%3Dmain_controller&_hash=2RweanrYElMFCPCuRjoIUqaG2vpMpjtGqvqj9pUFLxA%3D"></hx:include>', $strategy->render(new ControllerReference('main_controller', array(), array()), Request::create('/'))->getContent());
|
||||
}
|
||||
|
||||
public function testRenderWithUri()
|
||||
|
|
|
|||
|
|
@ -623,7 +623,7 @@ class HttpCacheTest extends HttpCacheTestCase
|
|||
$r = new \ReflectionObject($this->store);
|
||||
$m = $r->getMethod('save');
|
||||
$m->setAccessible(true);
|
||||
$m->invoke($this->store, 'md'.sha1('http://localhost/'), serialize($tmp));
|
||||
$m->invoke($this->store, 'md'.hash('sha256', 'http://localhost/'), serialize($tmp));
|
||||
|
||||
// build subsequent request; should be found but miss due to freshness
|
||||
$this->request('GET', '/');
|
||||
|
|
|
|||
|
|
@ -89,7 +89,7 @@ class StoreTest extends \PHPUnit_Framework_TestCase
|
|||
$entries = $this->getStoreMetadata($cacheKey);
|
||||
list ($req, $res) = $entries[0];
|
||||
|
||||
$this->assertEquals('ena94a8fe5ccb19ba61c4c0873d391e987982fbbd3', $res['x-content-digest'][0]);
|
||||
$this->assertEquals('en9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08', $res['x-content-digest'][0]);
|
||||
}
|
||||
|
||||
public function testFindsAStoredEntryWithLookup()
|
||||
|
|
@ -139,7 +139,7 @@ class StoreTest extends \PHPUnit_Framework_TestCase
|
|||
{
|
||||
$this->storeSimpleEntry();
|
||||
$response = $this->store->lookup($this->request);
|
||||
$this->assertEquals($this->getStorePath('en'.sha1('test')), $response->getContent());
|
||||
$this->assertEquals($this->getStorePath('en'.hash('sha256', 'test')), $response->getContent());
|
||||
}
|
||||
|
||||
public function testInvalidatesMetaAndEntityStoreEntriesWithInvalidate()
|
||||
|
|
@ -182,9 +182,9 @@ class StoreTest extends \PHPUnit_Framework_TestCase
|
|||
$res3 = new Response('test 3', 200, array('Vary' => 'Foo Bar'));
|
||||
$this->store->write($req3, $res3);
|
||||
|
||||
$this->assertEquals($this->getStorePath('en'.sha1('test 3')), $this->store->lookup($req3)->getContent());
|
||||
$this->assertEquals($this->getStorePath('en'.sha1('test 2')), $this->store->lookup($req2)->getContent());
|
||||
$this->assertEquals($this->getStorePath('en'.sha1('test 1')), $this->store->lookup($req1)->getContent());
|
||||
$this->assertEquals($this->getStorePath('en'.hash('sha256', 'test 3')), $this->store->lookup($req3)->getContent());
|
||||
$this->assertEquals($this->getStorePath('en'.hash('sha256', 'test 2')), $this->store->lookup($req2)->getContent());
|
||||
$this->assertEquals($this->getStorePath('en'.hash('sha256', 'test 1')), $this->store->lookup($req1)->getContent());
|
||||
|
||||
$this->assertCount(3, $this->getStoreMetadata($key));
|
||||
}
|
||||
|
|
@ -194,17 +194,17 @@ class StoreTest extends \PHPUnit_Framework_TestCase
|
|||
$req1 = Request::create('/test', 'get', array(), array(), array(), array('HTTP_FOO' => 'Foo', 'HTTP_BAR' => 'Bar'));
|
||||
$res1 = new Response('test 1', 200, array('Vary' => 'Foo Bar'));
|
||||
$key = $this->store->write($req1, $res1);
|
||||
$this->assertEquals($this->getStorePath('en'.sha1('test 1')), $this->store->lookup($req1)->getContent());
|
||||
$this->assertEquals($this->getStorePath('en'.hash('sha256', 'test 1')), $this->store->lookup($req1)->getContent());
|
||||
|
||||
$req2 = Request::create('/test', 'get', array(), array(), array(), array('HTTP_FOO' => 'Bling', 'HTTP_BAR' => 'Bam'));
|
||||
$res2 = new Response('test 2', 200, array('Vary' => 'Foo Bar'));
|
||||
$this->store->write($req2, $res2);
|
||||
$this->assertEquals($this->getStorePath('en'.sha1('test 2')), $this->store->lookup($req2)->getContent());
|
||||
$this->assertEquals($this->getStorePath('en'.hash('sha256', 'test 2')), $this->store->lookup($req2)->getContent());
|
||||
|
||||
$req3 = Request::create('/test', 'get', array(), array(), array(), array('HTTP_FOO' => 'Foo', 'HTTP_BAR' => 'Bar'));
|
||||
$res3 = new Response('test 3', 200, array('Vary' => 'Foo Bar'));
|
||||
$key = $this->store->write($req3, $res3);
|
||||
$this->assertEquals($this->getStorePath('en'.sha1('test 3')), $this->store->lookup($req3)->getContent());
|
||||
$this->assertEquals($this->getStorePath('en'.hash('sha256', 'test 3')), $this->store->lookup($req3)->getContent());
|
||||
|
||||
$this->assertCount(2, $this->getStoreMetadata($key));
|
||||
}
|
||||
|
|
|
|||
|
|
@ -67,6 +67,6 @@ class UriSigner
|
|||
|
||||
private function computeHash($uri)
|
||||
{
|
||||
return urlencode(base64_encode(hash_hmac('sha1', $uri, $this->secret, true)));
|
||||
return urlencode(base64_encode(hash_hmac('sha256', $uri, $this->secret, true)));
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -73,7 +73,7 @@ class UrlPackage extends Package
|
|||
return $this->baseUrls[0];
|
||||
|
||||
default:
|
||||
return $this->baseUrls[fmod(hexdec(substr(md5($path), 0, 10)), $count)];
|
||||
return $this->baseUrls[fmod(hexdec(substr(hash('sha256', $path), 0, 10)), $count)];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -50,7 +50,7 @@ class CacheLoader extends Loader
|
|||
*/
|
||||
public function load(TemplateReferenceInterface $template)
|
||||
{
|
||||
$key = md5($template->getLogicalName());
|
||||
$key = hash('sha256', $template->getLogicalName());
|
||||
$dir = $this->dir.DIRECTORY_SEPARATOR.substr($key, 0, 2);
|
||||
$file = substr($key, 2).'.tpl';
|
||||
$path = $dir.DIRECTORY_SEPARATOR.$file;
|
||||
|
|
|
|||
|
|
@ -86,7 +86,7 @@ class PhpEngine implements EngineInterface, \ArrayAccess
|
|||
public function render($name, array $parameters = array())
|
||||
{
|
||||
$storage = $this->load($name);
|
||||
$key = md5(serialize($storage));
|
||||
$key = hash('sha256', serialize($storage));
|
||||
$this->current = $key;
|
||||
$this->parents[$key] = null;
|
||||
|
||||
|
|
|
|||
Reference in New Issue