security: changed sha1 calls to sha256

DelineaXPM · Jul 18, 2024 · 02b00e9 · 02b00e9
1 parent 1e4cdc8
commit 02b00e9
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 4 deletions.
diff --git a/.changes/unreleased/🔒 Security-20240718-081820.yaml b/.changes/unreleased/🔒 Security-20240718-081820.yaml
@@ -0,0 +1,3 @@
+kind: "\U0001F512 Security"
+body: Changed sha1 function calls to sha256
+time: 2024-07-18T08:18:20.013668-07:00
diff --git a/commands/secret.go b/commands/secret.go
@@ -1,7 +1,7 @@
 package cmd
 
 import (
-	"crypto/sha1"
+	"crypto/sha256"
 	"encoding/json"
 	"fmt"
 	"log"
@@ -1014,12 +1014,12 @@ func getSecretFromServer(vcli vaultcli.CLI, secretType string, path string, id s
 
 func getSecretCachePrefix() string {
 	profile := viper.GetString(cst.Profile)
-	return fmt.Sprintf("%s-%x", cst.SecretRoot, sha1.Sum([]byte(profile)))
+	return fmt.Sprintf("%s-%x", cst.SecretRoot, sha256.Sum256([]byte(profile)))
 }
 
 func getSecretDescCachePrefix() string {
 	profile := viper.GetString(cst.Profile)
-	return fmt.Sprintf("%s-%x", cst.SecretDescriptionRoot, sha1.Sum([]byte(profile)))
+	return fmt.Sprintf("%s-%x", cst.SecretDescriptionRoot, sha256.Sum256([]byte(profile)))
 }
 
 func getSecretCacheKey(path string, id string, requestSuffix string) string {
@@ -1037,7 +1037,7 @@ func getSecretCacheKey(path string, id string, requestSuffix string) string {
 		cacheKey = id
 	}
 	cacheKey = strings.ReplaceAll(cacheKey, ":", "/")
-	cacheKey = fmt.Sprintf("%s-%x", prefix, sha1.Sum([]byte(cacheKey)))
+	cacheKey = fmt.Sprintf("%s-%x", prefix, sha256.Sum256([]byte(cacheKey)))
 	return cacheKey
 }