From 7d9a17167666cba7417960a7c147901222b5c7d9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Simon=20R=C3=BCegg?= <simon@rueggs.ch>
Date: Mon, 9 Nov 2020 19:07:41 +0100
Subject: [PATCH] Use SHA256 hashes for key fingerprints
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Closes #214

Signed-off-by: Simon Rüegg <simon@rueggs.ch>
---
 share/ccrypto/keys.go | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)

diff --git a/share/ccrypto/keys.go b/share/ccrypto/keys.go
index 31a10dbb..91d875aa 100644
--- a/share/ccrypto/keys.go
+++ b/share/ccrypto/keys.go
@@ -3,12 +3,12 @@ package ccrypto
 import (
 	"crypto/ecdsa"
 	"crypto/elliptic"
-	"crypto/md5"
 	"crypto/rand"
+	"crypto/sha256"
 	"crypto/x509"
+	"encoding/base64"
 	"encoding/pem"
 	"fmt"
-	"strings"
 
 	"golang.org/x/crypto/ssh"
 )
@@ -30,12 +30,8 @@ func GenerateKey(seed string) ([]byte, error) {
 	return pem.EncodeToMemory(&pem.Block{Type: "EC PRIVATE KEY", Bytes: b}), nil
 }
 
-//FingerprintKey calculates the MD5 of an SSH public key
+//FingerprintKey calculates the SHA256 hash of an SSH public key
 func FingerprintKey(k ssh.PublicKey) string {
-	bytes := md5.Sum(k.Marshal())
-	strbytes := make([]string, len(bytes))
-	for i, b := range bytes {
-		strbytes[i] = fmt.Sprintf("%02x", b)
-	}
-	return strings.Join(strbytes, ":")
+	bytes := sha256.Sum256(k.Marshal())
+	return base64.StdEncoding.EncodeToString(bytes[:])
 }