feat: use SHA256 for added security

bytebeamio · Feb 3, 2024 · 5d7d24c · 5d7d24c
1 parent e1fc083
commit 5d7d24c
Show file tree

Hide file tree

Showing 3 changed files with 171 additions and 15 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/uplink/Cargo.toml b/uplink/Cargo.toml
@@ -42,12 +42,12 @@ tunshell-client = { git = "https://github.com/bytebeamio/tunshell.git", branch =
 fake = { version = "2.5.0", features = ["derive"] }
 rand = { workspace = true }
 # downloader
-hex = "0.4"
-md-5 = "0.10"
 fs2 = "0.4"
 futures-util = { workspace = true }
+hex = "0.4"
 human_bytes = "0.4"
 reqwest = { version = "0.11", default-features = false, features = ["stream", "rustls-tls"] }
+rsa = { version = "0.9.6", features = ["sha2"] }
 # systemstats
 sysinfo = "0.26"
 # logcat

diff --git a/uplink/src/collector/downloader.rs b/uplink/src/collector/downloader.rs
@@ -52,8 +52,8 @@ use flume::Receiver;
 use futures_util::{Future, StreamExt};
 use human_bytes::human_bytes;
 use log::{debug, error, info, trace, warn};
-use md5::{Digest, Md5};
 use reqwest::{Certificate, Client, ClientBuilder, Error as ReqwestError, Identity, Response};
+use rsa::sha2::{Digest, Sha256};
 use serde::{Deserialize, Serialize};
 use tokio::time::{timeout_at, Instant};
 
@@ -375,7 +375,7 @@ impl DownloadFile {
         let Some(checksum) = &self.checksum else { return Ok(()) };
         let path = self.download_path.as_ref().expect("Downloader didn't set \"download_path\"");
         let mut file = File::open(path)?;
-        let mut hasher = Md5::new();
+        let mut hasher = Sha256::new();
         io::copy(&mut file, &mut hasher)?;
         let hash = hasher.finalize().to_vec();