You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-dev@james.apache.org by ad...@apache.org on 2017/11/08 10:42:51 UTC
[1/4] james-project git commit: JAMES-2201 Add unit test for SHA-1
collision with Cassandra blob IDs
Repository: james-project
Updated Branches:
refs/heads/master 0e99fb117 -> 5afa61ba0
JAMES-2201 Add unit test for SHA-1 collision with Cassandra blob IDs
Project: http://git-wip-us.apache.org/repos/asf/james-project/repo
Commit: http://git-wip-us.apache.org/repos/asf/james-project/commit/5afa61ba
Tree: http://git-wip-us.apache.org/repos/asf/james-project/tree/5afa61ba
Diff: http://git-wip-us.apache.org/repos/asf/james-project/diff/5afa61ba
Branch: refs/heads/master
Commit: 5afa61ba07d2ef4c27674220e8c06f357f457a9c
Parents: feea786
Author: Thibaut SAUTEREAU <ts...@linagora.com>
Authored: Wed Oct 25 17:29:39 2017 +0700
Committer: Thibaut SAUTEREAU <ts...@linagora.com>
Committed: Wed Nov 8 17:26:58 2017 +0700
----------------------------------------------------------------------
.../james/mailbox/cassandra/ids/BlobIdTest.java | 10 ++++++++++
.../cassandra/src/test/resources/shattered-1.pdf | Bin 0 -> 422435 bytes
.../cassandra/src/test/resources/shattered-2.pdf | Bin 0 -> 422435 bytes
3 files changed, 10 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/james-project/blob/5afa61ba/mailbox/cassandra/src/test/java/org/apache/james/mailbox/cassandra/ids/BlobIdTest.java
----------------------------------------------------------------------
diff --git a/mailbox/cassandra/src/test/java/org/apache/james/mailbox/cassandra/ids/BlobIdTest.java b/mailbox/cassandra/src/test/java/org/apache/james/mailbox/cassandra/ids/BlobIdTest.java
index 3e17004..0261274 100644
--- a/mailbox/cassandra/src/test/java/org/apache/james/mailbox/cassandra/ids/BlobIdTest.java
+++ b/mailbox/cassandra/src/test/java/org/apache/james/mailbox/cassandra/ids/BlobIdTest.java
@@ -21,6 +21,7 @@ package org.apache.james.mailbox.cassandra.ids;
import static org.assertj.core.api.Assertions.assertThat;
+import org.apache.commons.io.IOUtils;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
@@ -80,4 +81,13 @@ public class BlobIdTest {
assertThat(blobId.getId()).isEqualTo("ed7002b439e9ac845f22357d822bac1444730fbdb6016d3ec9432297b9ec9f73");
}
+
+ @Test
+ public void forPayloadShouldCalculateDifferentHashesWhenCraftedSha1Collision() throws Exception {
+ byte[] payload1 = IOUtils.toByteArray(ClassLoader.getSystemResourceAsStream("shattered-1.pdf"));
+ byte[] payload2 = IOUtils.toByteArray(ClassLoader.getSystemResourceAsStream("shattered-2.pdf"));
+ BlobId blobId1 = BlobId.forPayload(payload1);
+ BlobId blobId2 = BlobId.forPayload(payload2);
+ assertThat(blobId1).isNotEqualTo(blobId2);
+ }
}
http://git-wip-us.apache.org/repos/asf/james-project/blob/5afa61ba/mailbox/cassandra/src/test/resources/shattered-1.pdf
----------------------------------------------------------------------
diff --git a/mailbox/cassandra/src/test/resources/shattered-1.pdf b/mailbox/cassandra/src/test/resources/shattered-1.pdf
new file mode 100644
index 0000000..ba9aaa1
Binary files /dev/null and b/mailbox/cassandra/src/test/resources/shattered-1.pdf differ
http://git-wip-us.apache.org/repos/asf/james-project/blob/5afa61ba/mailbox/cassandra/src/test/resources/shattered-2.pdf
----------------------------------------------------------------------
diff --git a/mailbox/cassandra/src/test/resources/shattered-2.pdf b/mailbox/cassandra/src/test/resources/shattered-2.pdf
new file mode 100644
index 0000000..b621eec
Binary files /dev/null and b/mailbox/cassandra/src/test/resources/shattered-2.pdf differ
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
[2/4] james-project git commit: JAMES-2201 Switch to SHA-256 for
Cassandra blob IDs
Posted by ad...@apache.org.
JAMES-2201 Switch to SHA-256 for Cassandra blob IDs
This is in reaction to rising threats of SHA-1 collisions (see SHAttered
from Google).
Project: http://git-wip-us.apache.org/repos/asf/james-project/repo
Commit: http://git-wip-us.apache.org/repos/asf/james-project/commit/1795156c
Tree: http://git-wip-us.apache.org/repos/asf/james-project/tree/1795156c
Diff: http://git-wip-us.apache.org/repos/asf/james-project/diff/1795156c
Branch: refs/heads/master
Commit: 1795156ccb5faa828d40fd2aef70bcb57c5b9d67
Parents: fc99239
Author: Thibaut SAUTEREAU <ts...@linagora.com>
Authored: Mon Oct 23 11:31:02 2017 +0700
Committer: Thibaut SAUTEREAU <ts...@linagora.com>
Committed: Wed Nov 8 17:26:58 2017 +0700
----------------------------------------------------------------------
.../main/java/org/apache/james/mailbox/cassandra/ids/BlobId.java | 2 +-
.../java/org/apache/james/mailbox/cassandra/ids/BlobIdTest.java | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/james-project/blob/1795156c/mailbox/cassandra/src/main/java/org/apache/james/mailbox/cassandra/ids/BlobId.java
----------------------------------------------------------------------
diff --git a/mailbox/cassandra/src/main/java/org/apache/james/mailbox/cassandra/ids/BlobId.java b/mailbox/cassandra/src/main/java/org/apache/james/mailbox/cassandra/ids/BlobId.java
index d04fc07..3824003 100644
--- a/mailbox/cassandra/src/main/java/org/apache/james/mailbox/cassandra/ids/BlobId.java
+++ b/mailbox/cassandra/src/main/java/org/apache/james/mailbox/cassandra/ids/BlobId.java
@@ -30,7 +30,7 @@ import com.google.common.base.Strings;
public class BlobId {
public static BlobId forPayload(byte[] payload) {
Preconditions.checkArgument(payload != null);
- return new BlobId(DigestUtils.sha1Hex(payload));
+ return new BlobId(DigestUtils.sha256Hex(payload));
}
public static BlobId from(String id) {
http://git-wip-us.apache.org/repos/asf/james-project/blob/1795156c/mailbox/cassandra/src/test/java/org/apache/james/mailbox/cassandra/ids/BlobIdTest.java
----------------------------------------------------------------------
diff --git a/mailbox/cassandra/src/test/java/org/apache/james/mailbox/cassandra/ids/BlobIdTest.java b/mailbox/cassandra/src/test/java/org/apache/james/mailbox/cassandra/ids/BlobIdTest.java
index 56d6356..3e17004 100644
--- a/mailbox/cassandra/src/test/java/org/apache/james/mailbox/cassandra/ids/BlobIdTest.java
+++ b/mailbox/cassandra/src/test/java/org/apache/james/mailbox/cassandra/ids/BlobIdTest.java
@@ -71,13 +71,13 @@ public class BlobIdTest {
public void forPayloadShouldHashEmptyArray() {
BlobId blobId = BlobId.forPayload(new byte[0]);
- assertThat(blobId.getId()).isEqualTo("da39a3ee5e6b4b0d3255bfef95601890afd80709");
+ assertThat(blobId.getId()).isEqualTo("e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855");
}
@Test
public void forPayloadShouldHashArray() {
BlobId blobId = BlobId.forPayload("content".getBytes(Charsets.UTF_8));
- assertThat(blobId.getId()).isEqualTo("040f06fd774092478d450774f5ba30c5da78acc8");
+ assertThat(blobId.getId()).isEqualTo("ed7002b439e9ac845f22357d822bac1444730fbdb6016d3ec9432297b9ec9f73");
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
[4/4] james-project git commit: JAMES-2201 Switch to SHA-256 for
attachments indexing
Posted by ad...@apache.org.
JAMES-2201 Switch to SHA-256 for attachments indexing
This is in reaction to rising threats of SHA-1 collisions (see SHAttered
from Google).
Project: http://git-wip-us.apache.org/repos/asf/james-project/repo
Commit: http://git-wip-us.apache.org/repos/asf/james-project/commit/fc992394
Tree: http://git-wip-us.apache.org/repos/asf/james-project/tree/fc992394
Diff: http://git-wip-us.apache.org/repos/asf/james-project/diff/fc992394
Branch: refs/heads/master
Commit: fc992394942e191c158c379dee88d580481b0612
Parents: 0e99fb1
Author: Thibaut SAUTEREAU <ts...@linagora.com>
Authored: Mon Oct 23 10:09:15 2017 +0700
Committer: Thibaut SAUTEREAU <ts...@linagora.com>
Committed: Wed Nov 8 17:26:58 2017 +0700
----------------------------------------------------------------------
.../java/org/apache/james/mailbox/model/AttachmentId.java | 4 ++--
.../org/apache/james/mailbox/model/AttachmentIdTest.java | 8 ++++----
2 files changed, 6 insertions(+), 6 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/james-project/blob/fc992394/mailbox/api/src/main/java/org/apache/james/mailbox/model/AttachmentId.java
----------------------------------------------------------------------
diff --git a/mailbox/api/src/main/java/org/apache/james/mailbox/model/AttachmentId.java b/mailbox/api/src/main/java/org/apache/james/mailbox/model/AttachmentId.java
index 81a5588..38aee93 100644
--- a/mailbox/api/src/main/java/org/apache/james/mailbox/model/AttachmentId.java
+++ b/mailbox/api/src/main/java/org/apache/james/mailbox/model/AttachmentId.java
@@ -47,10 +47,10 @@ public class AttachmentId {
}
private static String computeRawId(final byte[] payload, final String contentType) {
- return DigestUtils.sha1Hex(
+ return DigestUtils.sha256Hex(
Bytes.concat(
asMimeType(contentType).getBytes(StandardCharsets.UTF_8),
- DigestUtils.sha1Hex(payload).getBytes(StandardCharsets.UTF_8)));
+ DigestUtils.sha256Hex(payload).getBytes(StandardCharsets.UTF_8)));
}
@VisibleForTesting static String asMimeType(String contentType) {
http://git-wip-us.apache.org/repos/asf/james-project/blob/fc992394/mailbox/api/src/test/java/org/apache/james/mailbox/model/AttachmentIdTest.java
----------------------------------------------------------------------
diff --git a/mailbox/api/src/test/java/org/apache/james/mailbox/model/AttachmentIdTest.java b/mailbox/api/src/test/java/org/apache/james/mailbox/model/AttachmentIdTest.java
index 148149e..3e462b6 100644
--- a/mailbox/api/src/test/java/org/apache/james/mailbox/model/AttachmentIdTest.java
+++ b/mailbox/api/src/test/java/org/apache/james/mailbox/model/AttachmentIdTest.java
@@ -29,21 +29,21 @@ import org.junit.Test;
public class AttachmentIdTest {
@Test
- public void forPayloadAndTypeShouldCalculateTheUnderlyingSha1() {
+ public void forPayloadAndTypeShouldCalculateTheUnderlyingSha256() {
AttachmentId attachmentId = AttachmentId.forPayloadAndType("payload".getBytes(), "text/plain");
- String expectedId = "826b0786f04e07525a36be70f84c647af7b73059";
+ String expectedId = "d3a2642ee092a1b32c0a83cf94fc2499f7495b7b91b1bd434302a0a4c2aa4278";
assertThat(attachmentId.getId()).isEqualTo(expectedId);
}
@Test
- public void forPayloadAndTypeShouldCalculateDifferentSha1WhenContentTypeIsDifferent() {
+ public void forPayloadAndTypeShouldCalculateDifferentSha256WhenContentTypeIsDifferent() {
AttachmentId attachmentId = AttachmentId.forPayloadAndType("payload".getBytes(), "text/plain");
AttachmentId attachmentId2 = AttachmentId.forPayloadAndType("payload".getBytes(), "text/html");
assertThat(attachmentId.getId()).isNotEqualTo(attachmentId2.getId());
}
@Test
- public void forPayloadAndTypeShouldCalculateSameSha1WhenMimeTypeIsSameButNotParameters() {
+ public void forPayloadAndTypeShouldCalculateSameSha256WhenMimeTypeIsSameButNotParameters() {
AttachmentId attachmentId = AttachmentId.forPayloadAndType("payload".getBytes(), "text/html; charset=UTF-8");
AttachmentId attachmentId2 = AttachmentId.forPayloadAndType("payload".getBytes(), "text/html; charset=UTF-16");
assertThat(attachmentId.getId()).isEqualTo(attachmentId2.getId());
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
[3/4] james-project git commit: JAMES-2201 Add unit test for SHA-1
collision with attachment IDs
Posted by ad...@apache.org.
JAMES-2201 Add unit test for SHA-1 collision with attachment IDs
Project: http://git-wip-us.apache.org/repos/asf/james-project/repo
Commit: http://git-wip-us.apache.org/repos/asf/james-project/commit/feea7863
Tree: http://git-wip-us.apache.org/repos/asf/james-project/tree/feea7863
Diff: http://git-wip-us.apache.org/repos/asf/james-project/diff/feea7863
Branch: refs/heads/master
Commit: feea7863f320d9f36a6706c238a786c03748cca3
Parents: 1795156
Author: Thibaut SAUTEREAU <ts...@linagora.com>
Authored: Wed Oct 25 15:53:54 2017 +0700
Committer: Thibaut SAUTEREAU <ts...@linagora.com>
Committed: Wed Nov 8 17:26:58 2017 +0700
----------------------------------------------------------------------
.../james/mailbox/model/AttachmentIdTest.java | 12 ++++++++++++
mailbox/api/src/test/resources/shattered-1.pdf | Bin 0 -> 422435 bytes
mailbox/api/src/test/resources/shattered-2.pdf | Bin 0 -> 422435 bytes
3 files changed, 12 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/james-project/blob/feea7863/mailbox/api/src/test/java/org/apache/james/mailbox/model/AttachmentIdTest.java
----------------------------------------------------------------------
diff --git a/mailbox/api/src/test/java/org/apache/james/mailbox/model/AttachmentIdTest.java b/mailbox/api/src/test/java/org/apache/james/mailbox/model/AttachmentIdTest.java
index 3e462b6..baf826b 100644
--- a/mailbox/api/src/test/java/org/apache/james/mailbox/model/AttachmentIdTest.java
+++ b/mailbox/api/src/test/java/org/apache/james/mailbox/model/AttachmentIdTest.java
@@ -22,8 +22,11 @@ package org.apache.james.mailbox.model;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
+import java.io.InputStream;
import java.util.UUID;
+import java.util.stream.Stream;
+import org.apache.commons.io.IOUtils;
import org.junit.Test;
public class AttachmentIdTest {
@@ -123,4 +126,13 @@ public class AttachmentIdTest {
assertThat(mimeType).isEqualTo("application/octet-stream");
}
+
+ @Test
+ public void forPayloadAndTypeShouldCalculateDifferentHashesWhenCraftedSha1Collision() throws Exception {
+ byte[] payload1 = IOUtils.toByteArray(ClassLoader.getSystemResourceAsStream("shattered-1.pdf"));
+ byte[] payload2 = IOUtils.toByteArray(ClassLoader.getSystemResourceAsStream("shattered-2.pdf"));
+ AttachmentId attachmentId1 = AttachmentId.forPayloadAndType(payload1, "application/pdf");
+ AttachmentId attachmentId2 = AttachmentId.forPayloadAndType(payload2, "application/pdf");
+ assertThat(attachmentId1).isNotEqualTo(attachmentId2);
+ }
}
http://git-wip-us.apache.org/repos/asf/james-project/blob/feea7863/mailbox/api/src/test/resources/shattered-1.pdf
----------------------------------------------------------------------
diff --git a/mailbox/api/src/test/resources/shattered-1.pdf b/mailbox/api/src/test/resources/shattered-1.pdf
new file mode 100644
index 0000000..ba9aaa1
Binary files /dev/null and b/mailbox/api/src/test/resources/shattered-1.pdf differ
http://git-wip-us.apache.org/repos/asf/james-project/blob/feea7863/mailbox/api/src/test/resources/shattered-2.pdf
----------------------------------------------------------------------
diff --git a/mailbox/api/src/test/resources/shattered-2.pdf b/mailbox/api/src/test/resources/shattered-2.pdf
new file mode 100644
index 0000000..b621eec
Binary files /dev/null and b/mailbox/api/src/test/resources/shattered-2.pdf differ
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org