weak hashing functions MD5 #1304
Labels
enhancement
New feature or request
Comments
|
👋 @nishantsikarwar the MD5 hash in this case is used for an integrity check (along with the CRC64) to protect against data corruption over the wire. it's not being used as a cryptographic hash function, so its insecure hashing properties can't be exploited in any way in this codepath we do wish to remove this and only use CRC64, but for historical reasons it is still required at this time |
|
Hi @robherley thanks for the response. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the enhancement
MD5 is a weak hash function and should not be used for security purposes. It is also not supported by the hash function in Azure Logic Apps. It would be nice to have a SHA256 hash function available.
Code Snippet
use sha256 instead of md5
toolkit/packages/artifact/src/internal/utils.ts
Line 311 in 06c3c38
Additional information
None
The text was updated successfully, but these errors were encountered: