mirrors/electron
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions 1

refactor: migrate hashing code to new upstream crypto::hash API (#46237)

Browse source 
* refactor: migrate AsarFileValidator to crypto::hash

This change migrates AsarFileValidator's uses of crypto::secure_hash
to the new crypto::hash API, which has more memory safety and less
heap allocations.

Xref: 6287609

* refactor: migrate ValidateIntegrityOrDie to crypto::hash

This change migrates ValidateIntegrityOrDie's use of crypto::SHA256Hash
to the new crypto::hash API, which has more memory safety and less heap
allocations.

Xref: 6287609
This commit is contained in:
Charles Kerr 2025-03-25 15:01:17 -05:00 committed by GitHub
parent bb0ddcad27
commit c8d3184a95
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 8 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

5
shell/common/asar/asar_util.cc
View file

@ -16,8 +16,7 @@
#include "base/strings/string_util.h"
#include "base/synchronization/lock.h"
#include "base/threading/thread_local.h"
#include "crypto/secure_hash.h"
#include "crypto/sha2.h"
#include "crypto/hash.h"
#include "shell/common/asar/archive.h"
#include "shell/common/thread_restrictions.h"
@ -139,7 +138,7 @@ void ValidateIntegrityOrDie(base::span<const uint8_t> input,
const IntegrityPayload& integrity) {
if (integrity.algorithm == HashAlgorithm::kSHA256) {
const std::string hex_hash =
base::ToLowerASCII(base::HexEncode(crypto::SHA256Hash(input)));
base::ToLowerASCII(base::HexEncode(crypto::hash::Sha256(input)));
if (integrity.hash != hex_hash) {
LOG(FATAL) << "Integrity check failed for asar archive ("
<< integrity.hash << " vs " << hex_hash << ")";