yeray/gobyexample
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update SHA1 example to SHA256 (#418)

Browse Source 
This encourages the use of stronger cryptographic hashes. Tools such as
securego/gosec will show errors when SHA1/MD5 hashes are used.
This commit is contained in:
Hayden B 2022-03-31 05:41:58 -07:00 committed by GitHub
parent e6da67918c
commit ac01d2d4bb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 51 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
examples.txt
View File

@ -57,7 +57,7 @@ Time Formatting / Parsing
Random Numbers Random Numbers
Number Parsing Number Parsing
URL Parsing URL Parsing
SHA1 Hashes SHA256 Hashes
Base64 Encoding Base64 Encoding
Reading Files Reading Files
Writing Files Writing Files

2
examples/sha1-hashes/sha1-hashes.hash
View File

@ -1,2 +0,0 @@
fc2de63b58865a6761749490ee217a94b4e343d1
XLftf8Gvj4y

14
examples/sha1-hashes/sha1-hashes.sh
View File

@ -1,14 +0,0 @@
# Running the program computes the hash and prints it in
# a human-readable hex format.
$ go run sha1-hashes.go
sha1 this string
cf23df2207d99a74fbe169e3eba035e633b65d94
# You can compute other hashes using a similar pattern to
# the one shown above. For example, to compute MD5 hashes
# import `crypto/md5` and use `md5.New()`.
# Note that if you need cryptographically secure hashes,
# you should carefully research
# [hash strength](http://en.wikipedia.org/wiki/Cryptographic_hash_function)!

19
examples/sha1-hashes/sha1-hashes.go → examples/sha256-hashes/sha256-hashes.go
View File

@ -1,26 +1,23 @@
// [_SHA1 hashes_](http://en.wikipedia.org/wiki/SHA-1) are // [_SHA256 hashes_](https://en.wikipedia.org/wiki/SHA-2) are
// frequently used to compute short identities for binary // frequently used to compute short identities for binary
// or text blobs. For example, the [git revision control // or text blobs. For example, TLS/SSL certificates use SHA256
// system](http://git-scm.com/) uses SHA1s extensively to // to compute a certificate's signature. Here's how to compute
// identify versioned files and directories. Here's how to // SHA256 hashes in Go.
// compute SHA1 hashes in Go.
package main package main
// Go implements several hash functions in various // Go implements several hash functions in various
// `crypto/*` packages. // `crypto/*` packages.
import ( import (
"crypto/sha1" "crypto/sha256"
"fmt" "fmt"
) )
func main() { func main() {
s := "sha1 this string" s := "sha256 this string"
// The pattern for generating a hash is `sha1.New()`,
// `sha1.Write(bytes)`, then `sha1.Sum([]byte{})`.
// Here we start with a new hash. // Here we start with a new hash.
h := sha1.New() h := sha256.New()
// `Write` expects bytes. If you have a string `s`, // `Write` expects bytes. If you have a string `s`,
// use `[]byte(s)` to coerce it to bytes. // use `[]byte(s)` to coerce it to bytes.
@ -31,7 +28,7 @@ func main() {
// to an existing byte slice: it usually isn't needed. // to an existing byte slice: it usually isn't needed.
bs := h.Sum(nil) bs := h.Sum(nil)
// SHA1 values are often printed in hex, for example // SHA256 values are often printed in hex, for example
// in git commits. Use the `%x` format verb to convert // in git commits. Use the `%x` format verb to convert
// a hash results to a hex string. // a hash results to a hex string.
fmt.Println(s) fmt.Println(s)

2
examples/sha256-hashes/sha256-hashes.hash Normal file
View File

@ -0,0 +1,2 @@
21f16c864c11958f29949c491a9684bcb885831f
jIQtrUxWLvq

15
examples/sha256-hashes/sha256-hashes.sh Normal file
View File

@ -0,0 +1,15 @@
# Running the program computes the hash and prints it in
# a human-readable hex format.
$ go run sha256-hashes.go
sha256 this string
1af1dfa857bf1d8814fe1af8983c18080019922e557f15a8a...
# You can compute other hashes using a similar pattern to
# the one shown above. For example, to compute
# SHA512 hashes import `crypto/sha512` and use
# `sha512.New()`.
# Note that if you need cryptographically secure hashes,
# you should carefully research
# [hash strength](https://en.wikipedia.org/wiki/Cryptographic_hash_function)!

2
public/base64-encoding generated
View File

@ -9,7 +9,7 @@
onkeydown = (e) => { onkeydown = (e) => {
if (e.key == "ArrowLeft") { if (e.key == "ArrowLeft") {
window.location.href = 'sha1-hashes'; window.location.href = 'sha256-hashes';
} }

2
public/index.html generated
View File

@ -145,7 +145,7 @@
<li><a href="url-parsing">URL Parsing</a></li> <li><a href="url-parsing">URL Parsing</a></li>
<li><a href="sha1-hashes">SHA1 Hashes</a></li> <li><a href="sha256-hashes">SHA256 Hashes</a></li>
<li><a href="base64-encoding">Base64 Encoding</a></li> <li><a href="base64-encoding">Base64 Encoding</a></li>

44
public/sha1-hashes → public/sha256-hashes generated
View File

@ -2,7 +2,7 @@
<html> <html>
<head> <head>
<meta charset="utf-8"> <meta charset="utf-8">
<title>Go by Example: SHA1 Hashes</title> <title>Go by Example: SHA256 Hashes</title>
<link rel=stylesheet href="site.css"> <link rel=stylesheet href="site.css">
</head> </head>
<script> <script>
@ -20,19 +20,18 @@
} }
</script> </script>
<body> <body>
<div class="example" id="sha1-hashes"> <div class="example" id="sha256-hashes">
<h2><a href="./">Go by Example</a>: SHA1 Hashes</h2> <h2><a href="./">Go by Example</a>: SHA256 Hashes</h2>
<table> <table>
<tr> <tr>
<td class="docs"> <td class="docs">
<p><a href="http://en.wikipedia.org/wiki/SHA-1"><em>SHA1 hashes</em></a> are <p><a href="https://en.wikipedia.org/wiki/SHA-2"><em>SHA256 hashes</em></a> are
frequently used to compute short identities for binary frequently used to compute short identities for binary
or text blobs. For example, the <a href="http://git-scm.com/">git revision control or text blobs. For example, TLS/SSL certificates use SHA256
system</a> uses SHA1s extensively to to compute a certificate&rsquo;s signature. Here&rsquo;s how to compute
identify versioned files and directories. Here&rsquo;s how to SHA256 hashes in Go.</p>
compute SHA1 hashes in Go.</p>
</td> </td>
<td class="code empty leading"> <td class="code empty leading">
@ -46,7 +45,7 @@ compute SHA1 hashes in Go.</p>
</td> </td>
<td class="code leading"> <td class="code leading">
<a href="http://play.golang.org/p/XLftf8Gvj4y"><img title="Run code" src="play.png" class="run" /></a><img title="Copy code" src="clipboard.png" class="copy" /> <a href="http://play.golang.org/p/jIQtrUxWLvq"><img title="Run code" src="play.png" class="run" /></a><img title="Copy code" src="clipboard.png" class="copy" />
<pre class="chroma"><span class="kn">package</span> <span class="nx">main</span> <pre class="chroma"><span class="kn">package</span> <span class="nx">main</span>
</pre> </pre>
</td> </td>
@ -62,7 +61,7 @@ compute SHA1 hashes in Go.</p>
<pre class="chroma"> <pre class="chroma">
<span class="kn">import</span> <span class="p">(</span> <span class="kn">import</span> <span class="p">(</span>
<span class="s">&#34;crypto/sha1&#34;</span> <span class="s">&#34;crypto/sha256&#34;</span>
<span class="s">&#34;fmt&#34;</span> <span class="s">&#34;fmt&#34;</span>
<span class="p">)</span> <span class="p">)</span>
</pre> </pre>
@ -76,22 +75,20 @@ compute SHA1 hashes in Go.</p>
<td class="code leading"> <td class="code leading">
<pre class="chroma"><span class="kd">func</span> <span class="nf">main</span><span class="p">()</span> <span class="p">{</span> <pre class="chroma"><span class="kd">func</span> <span class="nf">main</span><span class="p">()</span> <span class="p">{</span>
<span class="nx">s</span> <span class="o">:=</span> <span class="s">&#34;sha1 this string&#34;</span> <span class="nx">s</span> <span class="o">:=</span> <span class="s">&#34;sha256 this string&#34;</span>
</pre> </pre>
</td> </td>
</tr> </tr>
<tr> <tr>
<td class="docs"> <td class="docs">
<p>The pattern for generating a hash is <code>sha1.New()</code>, <p>Here we start with a new hash.</p>
<code>sha1.Write(bytes)</code>, then <code>sha1.Sum([]byte{})</code>.
Here we start with a new hash.</p>
</td> </td>
<td class="code leading"> <td class="code leading">
<pre class="chroma"> <pre class="chroma">
<span class="nx">h</span> <span class="o">:=</span> <span class="nx">sha1</span><span class="p">.</span><span class="nf">New</span><span class="p">()</span> <span class="nx">h</span> <span class="o">:=</span> <span class="nx">sha256</span><span class="p">.</span><span class="nf">New</span><span class="p">()</span>
</pre> </pre>
</td> </td>
</tr> </tr>
@ -127,7 +124,7 @@ to an existing byte slice: it usually isn&rsquo;t needed.</p>
<tr> <tr>
<td class="docs"> <td class="docs">
<p>SHA1 values are often printed in hex, for example <p>SHA256 values are often printed in hex, for example
in git commits. Use the <code>%x</code> format verb to convert in git commits. Use the <code>%x</code> format verb to convert
a hash results to a hex string.</p> a hash results to a hex string.</p>
@ -155,17 +152,18 @@ a human-readable hex format.</p>
<td class="code leading"> <td class="code leading">
<pre class="chroma"> <pre class="chroma">
<span class="gp">$</span> go run sha1-hashes.go <span class="gp">$</span> go run sha256-hashes.go
<span class="go">sha1 this string <span class="go">sha256 this string
</span><span class="go">cf23df2207d99a74fbe169e3eba035e633b65d94</span></pre> </span><span class="go">1af1dfa857bf1d8814fe1af8983c18080019922e557f15a8a...</span></pre>
</td> </td>
</tr> </tr>
<tr> <tr>
<td class="docs"> <td class="docs">
<p>You can compute other hashes using a similar pattern to <p>You can compute other hashes using a similar pattern to
the one shown above. For example, to compute MD5 hashes the one shown above. For example, to compute
import <code>crypto/md5</code> and use <code>md5.New()</code>.</p> SHA512 hashes import <code>crypto/sha512</code> and use
<code>sha512.New()</code>.</p>
</td> </td>
<td class="code empty leading"> <td class="code empty leading">
@ -178,7 +176,7 @@ import <code>crypto/md5</code> and use <code>md5.New()</code>.</p>
<td class="docs"> <td class="docs">
<p>Note that if you need cryptographically secure hashes, <p>Note that if you need cryptographically secure hashes,
you should carefully research you should carefully research
<a href="http://en.wikipedia.org/wiki/Cryptographic_hash_function">hash strength</a>!</p> <a href="https://en.wikipedia.org/wiki/Cryptographic_hash_function">hash strength</a>!</p>
</td> </td>
<td class="code empty"> <td class="code empty">
@ -202,7 +200,7 @@ you should carefully research
</div> </div>
<script> <script>
var codeLines = []; var codeLines = [];
codeLines.push('');codeLines.push('package main\u000A');codeLines.push('import (\u000A \"crypto/sha1\"\u000A \"fmt\"\u000A)\u000A');codeLines.push('func main() {\u000A s :\u003D \"sha1 this string\"\u000A');codeLines.push(' h :\u003D sha1.New()\u000A');codeLines.push(' h.Write([]byte(s))\u000A');codeLines.push(' bs :\u003D h.Sum(nil)\u000A');codeLines.push(' fmt.Println(s)\u000A fmt.Printf(\"%x\\n\", bs)\u000A}\u000A');codeLines.push('');codeLines.push('');codeLines.push(''); codeLines.push('');codeLines.push('package main\u000A');codeLines.push('import (\u000A \"crypto/sha256\"\u000A \"fmt\"\u000A)\u000A');codeLines.push('func main() {\u000A s :\u003D \"sha256 this string\"\u000A');codeLines.push(' h :\u003D sha256.New()\u000A');codeLines.push(' h.Write([]byte(s))\u000A');codeLines.push(' bs :\u003D h.Sum(nil)\u000A');codeLines.push(' fmt.Println(s)\u000A fmt.Printf(\"%x\\n\", bs)\u000A}\u000A');codeLines.push('');codeLines.push('');codeLines.push('');
</script> </script>
<script src="site.js" async></script> <script src="site.js" async></script>
</body> </body>

4
public/url-parsing generated
View File

@ -14,7 +14,7 @@
if (e.key == "ArrowRight") { if (e.key == "ArrowRight") {
window.location.href = 'sha1-hashes'; window.location.href = 'sha256-hashes';
} }
} }
@ -222,7 +222,7 @@ pieces that we extracted.</p>
<p class="next"> <p class="next">
Next example: <a href="sha1-hashes">SHA1 Hashes</a>. Next example: <a href="sha256-hashes">SHA256 Hashes</a>.
</p> </p>