Switch to sha256 from sha1 in order to avoid future asset hash collisions.
Some successful collision attacks have been carried out on sha1 with speculation that more are possible. http://en.wikipedia.org/wiki/Cryptographic_hash_function#Cryptographic_hash_algorithms No successful attacks have been shown on sha256, which makes it less likely that anybody will be able to engineer an asset hash collision in the future. Tradeoff is more storage required for hashes, and more cpu to hash, though this is neglible compared to db operations and network access.xassetservice
parent
fd2b285b1b
commit
441449e240
|
@ -31,6 +31,7 @@ using System.Data;
|
|||
using System.IO;
|
||||
using System.IO.Compression;
|
||||
using System.Reflection;
|
||||
using System.Security.Cryptography;
|
||||
using System.Text;
|
||||
using log4net;
|
||||
using MySql.Data.MySqlClient;
|
||||
|
@ -44,15 +45,20 @@ namespace OpenSim.Data.MySQL
|
|||
{
|
||||
private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
|
||||
|
||||
private bool m_enableCompression = false;
|
||||
private string m_connectionString;
|
||||
private object m_dbLock = new object();
|
||||
|
||||
protected virtual Assembly Assembly
|
||||
{
|
||||
get { return GetType().Assembly; }
|
||||
}
|
||||
|
||||
private bool m_enableCompression = false;
|
||||
private string m_connectionString;
|
||||
private object m_dbLock = new object();
|
||||
|
||||
/// <summary>
|
||||
/// We can reuse this for all hashing since all methods are single-threaded through m_dbBLock
|
||||
/// </summary>
|
||||
private HashAlgorithm hasher = new SHA256CryptoServiceProvider();
|
||||
|
||||
#region IPlugin Members
|
||||
|
||||
public override string Version { get { return "1.0.0.0"; } }
|
||||
|
@ -213,7 +219,7 @@ namespace OpenSim.Data.MySQL
|
|||
}
|
||||
}
|
||||
|
||||
string hash = Util.SHA1Hash(asset.Data);
|
||||
byte[] hash = hasher.ComputeHash(asset.Data);
|
||||
|
||||
// m_log.DebugFormat(
|
||||
// "[XASSET DB]: Compressed data size for {0} {1}, hash {2} is {3}",
|
||||
|
@ -328,7 +334,7 @@ namespace OpenSim.Data.MySQL
|
|||
/// <param name="transaction"></param>
|
||||
/// <param name="hash"></param>
|
||||
/// <returns></returns>
|
||||
private bool ExistsData(MySqlConnection dbcon, MySqlTransaction transaction, string hash)
|
||||
private bool ExistsData(MySqlConnection dbcon, MySqlTransaction transaction, byte[] hash)
|
||||
{
|
||||
// m_log.DebugFormat("[ASSETS DB]: Checking for asset {0}", uuid);
|
||||
|
||||
|
@ -438,7 +444,9 @@ namespace OpenSim.Data.MySQL
|
|||
metadata.Flags = (AssetFlags)Convert.ToInt32(dbReader["asset_flags"]);
|
||||
metadata.FullID = DBGuid.FromDB(dbReader["id"]);
|
||||
metadata.CreatorID = dbReader["creator_id"].ToString();
|
||||
metadata.SHA1 = Encoding.Default.GetBytes((string)dbReader["hash"]);
|
||||
|
||||
// We'll ignore this for now - it appears unused!
|
||||
// metadata.SHA1 = dbReader["hash"]);
|
||||
|
||||
retList.Add(metadata);
|
||||
}
|
||||
|
|
|
@ -5,7 +5,7 @@ BEGIN;
|
|||
|
||||
CREATE TABLE `xassetsmeta` (
|
||||
`id` char(36) NOT NULL,
|
||||
`hash` char(64) NOT NULL,
|
||||
`hash` binary(32) NOT NULL,
|
||||
`name` varchar(64) NOT NULL,
|
||||
`description` varchar(64) NOT NULL,
|
||||
`asset_type` tinyint(4) NOT NULL,
|
||||
|
@ -19,7 +19,7 @@ CREATE TABLE `xassetsmeta` (
|
|||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='Version 1';
|
||||
|
||||
CREATE TABLE `xassetsdata` (
|
||||
`hash` char(64) NOT NULL,
|
||||
`hash` binary(32) NOT NULL,
|
||||
`data` longblob NOT NULL,
|
||||
PRIMARY KEY (`hash`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='Version 1';
|
||||
|
|
|
@ -2051,9 +2051,10 @@
|
|||
|
||||
<ReferencePath>../../../bin/</ReferencePath>
|
||||
<Reference name="System"/>
|
||||
<Reference name="System.Xml"/>
|
||||
<Reference name="System.Core"/>
|
||||
<Reference name="System.Data"/>
|
||||
<Reference name="System.Drawing"/>
|
||||
<Reference name="System.Xml"/>
|
||||
<Reference name="OpenSim.Framework"/>
|
||||
<Reference name="OpenSim.Data"/>
|
||||
<Reference name="OpenMetaverseTypes" path="../../../bin/"/>
|
||||
|
|
Loading…
Reference in New Issue