[JCR-4115] Don't use SHA-1 for new DataStore binaries (Jackrabbit) - ASF JIRA

Attach files

Attach Screenshot

Voters

Watch issue

Watchers

Create sub-task

Link

Clone

Update Comment Author

Replace String in Comment

Update Comment Visibility

Delete Comments

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.16, 2.15.1, 2.14.2
Component/s: None
Labels:
None

Description

A collision for SHA-1 has been published. We still use SHA-1 for the FileDataStore, and I believe the S3 DataStore right now. Given there is a collision, we should switch to a stronger algorithm, for example SHA-256, for new binaries.

Attachments

JCR-4115.patch
24/Feb/17 09:27
3 kB
Thomas Mueller
JCR-4115b.patch
24/Feb/17 14:20
6 kB
Thomas Mueller
JCR-4115c.patch
28/Feb/17 11:26
8 kB
Amit Jain

Issue Links

Add Link

blocks

OAK-5827 Don't use SHA-1 for new DataStore binaries

Closed

Delete this link

breaks

JCR-4149 change to drop SHA-1 requires version change

Closed

Delete this link

is duplicated by

OAK-4810 FileDataStore: support SHA-2

Resolved

Delete this link

Activity

Comment

This comment will be Viewable by All Users Viewable by All Users

Cancel

People

Assignee:: Amit Jain

Reporter:: Thomas Mueller

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 24/Feb/17 08:59

Updated:: 08/Oct/19 15:21

Resolved:: 03/Mar/17 08:10

Agile

View on Board

Don't use SHA-1 for new DataStore binaries (Jackrabbit)

Details

Description

Attachments

Attachments

Issue Links

Activity

People

Dates

Agile

Slack

Issue deployment