Skip to content
This repository has been archived by the owner on Apr 28, 2020. It is now read-only.

Switch from md5sum to sha256 #165

Open
jace opened this issue Feb 5, 2016 · 1 comment
Open

Switch from md5sum to sha256 #165

jace opened this issue Feb 5, 2016 · 1 comment

Comments

@jace
Copy link
Member

jace commented Feb 5, 2016

The UserEmail and UserEmailClaim fields store a md5sum hash with a unique constraint. However, md5sum is not safe anymore and a (small) risk of collision exists. We need to use sha256 instead.

However, md5sum is still required for external services like Gravatar, so we can't just remove it. We need to instead:

  1. Add sha256 column, populate it, change it to a required field with unique constraint (migration)
  2. Remove the unique constraint on md5sum, using just an index now, and
  3. Update code everywhere to use sha256 instead of md5sum.
@jace
Copy link
Member Author

jace commented Feb 5, 2016

To ensure old email verify and reset links continue working, the two views need to look for a match in both columns. The hashes have different lengths (IIRC) so there's no chance of a mismatch.

@jace jace mentioned this issue Sep 21, 2017
Open
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jace