yeray/gobyexample
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update SHA1 example to SHA256 (#418)

Browse Source 
This encourages the use of stronger cryptographic hashes. Tools such as
securego/gosec will show errors when SHA1/MD5 hashes are used.
This commit is contained in:
Hayden B 2022-03-31 05:41:58 -07:00 committed by GitHub
parent e6da67918c
commit ac01d2d4bb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 51 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
examples.txt
View File

@ -57,7 +57,7 @@ Time Formatting / Parsing
Random Numbers
Number Parsing
URL Parsing
SHA1 Hashes
SHA256 Hashes
Base64 Encoding
Reading Files
Writing Files

2
examples/sha1-hashes/sha1-hashes.hash
View File

@ -1,2 +0,0 @@
fc2de63b58865a6761749490ee217a94b4e343d1
XLftf8Gvj4y

14
examples/sha1-hashes/sha1-hashes.sh
View File

@ -1,14 +0,0 @@
# Running the program computes the hash and prints it in
# a human-readable hex format.
$ go run sha1-hashes.go
sha1 this string
cf23df2207d99a74fbe169e3eba035e633b65d94
# You can compute other hashes using a similar pattern to
# the one shown above. For example, to compute MD5 hashes
# import `crypto/md5` and use `md5.New()`.
# Note that if you need cryptographically secure hashes,
# you should carefully research
# [hash strength](http://en.wikipedia.org/wiki/Cryptographic_hash_function)!

19
examples/sha1-hashes/sha1-hashes.go → examples/sha256-hashes/sha256-hashes.go
View File

@ -1,26 +1,23 @@
// [_SHA1 hashes_](http://en.wikipedia.org/wiki/SHA-1) are
// [_SHA256 hashes_](https://en.wikipedia.org/wiki/SHA-2) are
// frequently used to compute short identities for binary
// or text blobs. For example, the [git revision control
// system](http://git-scm.com/) uses SHA1s extensively to
// identify versioned files and directories. Here's how to
// compute SHA1 hashes in Go.
// or text blobs. For example, TLS/SSL certificates use SHA256
// to compute a certificate's signature. Here's how to compute
// SHA256 hashes in Go.
package main
// Go implements several hash functions in various
// `crypto/*` packages.
import (
"crypto/sha1"
"crypto/sha256"
"fmt"
)
func main() {
s := "sha1 this string"
s := "sha256 this string"
// The pattern for generating a hash is `sha1.New()`,
// `sha1.Write(bytes)`, then `sha1.Sum([]byte{})`.
// Here we start with a new hash.
h := sha1.New()
h := sha256.New()
// `Write` expects bytes. If you have a string `s`,
// use `[]byte(s)` to coerce it to bytes.
@ -31,7 +28,7 @@ func main() {
// to an existing byte slice: it usually isn't needed.
bs := h.Sum(nil)
// SHA1 values are often printed in hex, for example
// SHA256 values are often printed in hex, for example
// in git commits. Use the `%x` format verb to convert
// a hash results to a hex string.
fmt.Println(s)

2
examples/sha256-hashes/sha256-hashes.hash Normal file
View File

@ -0,0 +1,2 @@
21f16c864c11958f29949c491a9684bcb885831f
jIQtrUxWLvq

15
examples/sha256-hashes/sha256-hashes.sh Normal file
View File

@ -0,0 +1,15 @@
# Running the program computes the hash and prints it in
# a human-readable hex format.
$ go run sha256-hashes.go
sha256 this string
1af1dfa857bf1d8814fe1af8983c18080019922e557f15a8a...
# You can compute other hashes using a similar pattern to
# the one shown above. For example, to compute
# SHA512 hashes import `crypto/sha512` and use
# `sha512.New()`.
# Note that if you need cryptographically secure hashes,
# you should carefully research
# [hash strength](https://en.wikipedia.org/wiki/Cryptographic_hash_function)!

2
public/base64-encoding generated
View File

@ -9,7 +9,7 @@
onkeydown = (e) => {
if (e.key == "ArrowLeft") {
window.location.href = 'sha1-hashes';
window.location.href = 'sha256-hashes';
}

2
public/index.html generated
View File

@ -145,7 +145,7 @@
<li><a href="url-parsing">URL Parsing</a></li>
<li><a href="sha1-hashes">SHA1 Hashes</a></li>
<li><a href="sha256-hashes">SHA256 Hashes</a></li>
<li><a href="base64-encoding">Base64 Encoding</a></li>

44
public/sha1-hashes → public/sha256-hashes generated
View File

@ -2,7 +2,7 @@
<html>
<head>
<meta charset="utf-8">
<title>Go by Example: SHA1 Hashes</title>
<title>Go by Example: SHA256 Hashes</title>
<link rel=stylesheet href="site.css">
</head>
<script>
@ -20,19 +20,18 @@
}
</script>
<body>
<div class="example" id="sha1-hashes">
<h2><a href="./">Go by Example</a>: SHA1 Hashes</h2>
<div class="example" id="sha256-hashes">
<h2><a href="./">Go by Example</a>: SHA256 Hashes</h2>
<table>
<tr>
<td class="docs">
<p><a href="http://en.wikipedia.org/wiki/SHA-1"><em>SHA1 hashes</em></a> are
<p><a href="https://en.wikipedia.org/wiki/SHA-2"><em>SHA256 hashes</em></a> are
frequently used to compute short identities for binary
or text blobs. For example, the <a href="http://git-scm.com/">git revision control
system</a> uses SHA1s extensively to
identify versioned files and directories. Here&rsquo;s how to
compute SHA1 hashes in Go.</p>
or text blobs. For example, TLS/SSL certificates use SHA256
to compute a certificate&rsquo;s signature. Here&rsquo;s how to compute
SHA256 hashes in Go.</p>
</td>
<td class="code empty leading">
@ -46,7 +45,7 @@ compute SHA1 hashes in Go.</p>
</td>
<td class="code leading">
<a href="http://play.golang.org/p/XLftf8Gvj4y"><img title="Run code" src="play.png" class="run" /></a><img title="Copy code" src="clipboard.png" class="copy" />
<a href="http://play.golang.org/p/jIQtrUxWLvq"><img title="Run code" src="play.png" class="run" /></a><img title="Copy code" src="clipboard.png" class="copy" />
<pre class="chroma"><span class="kn">package</span> <span class="nx">main</span>
</pre>
</td>
@ -62,7 +61,7 @@ compute SHA1 hashes in Go.</p>
<pre class="chroma">
<span class="kn">import</span> <span class="p">(</span>
<span class="s">&#34;crypto/sha1&#34;</span>
<span class="s">&#34;crypto/sha256&#34;</span>
<span class="s">&#34;fmt&#34;</span>
<span class="p">)</span>
</pre>
@ -76,22 +75,20 @@ compute SHA1 hashes in Go.</p>
<td class="code leading">
<pre class="chroma"><span class="kd">func</span> <span class="nf">main</span><span class="p">()</span> <span class="p">{</span>
<span class="nx">s</span> <span class="o">:=</span> <span class="s">&#34;sha1 this string&#34;</span>
<span class="nx">s</span> <span class="o">:=</span> <span class="s">&#34;sha256 this string&#34;</span>
</pre>
</td>
</tr>
<tr>
<td class="docs">
<p>The pattern for generating a hash is <code>sha1.New()</code>,
<code>sha1.Write(bytes)</code>, then <code>sha1.Sum([]byte{})</code>.
Here we start with a new hash.</p>
<p>Here we start with a new hash.</p>
</td>
<td class="code leading">
<pre class="chroma">
<span class="nx">h</span> <span class="o">:=</span> <span class="nx">sha1</span><span class="p">.</span><span class="nf">New</span><span class="p">()</span>
<span class="nx">h</span> <span class="o">:=</span> <span class="nx">sha256</span><span class="p">.</span><span class="nf">New</span><span class="p">()</span>
</pre>
</td>
</tr>
@ -127,7 +124,7 @@ to an existing byte slice: it usually isn&rsquo;t needed.</p>
<tr>
<td class="docs">
<p>SHA1 values are often printed in hex, for example
<p>SHA256 values are often printed in hex, for example
in git commits. Use the <code>%x</code> format verb to convert
a hash results to a hex string.</p>
@ -155,17 +152,18 @@ a human-readable hex format.</p>
<td class="code leading">
<pre class="chroma">
<span class="gp">$</span> go run sha1-hashes.go
<span class="go">sha1 this string
</span><span class="go">cf23df2207d99a74fbe169e3eba035e633b65d94</span></pre>
<span class="gp">$</span> go run sha256-hashes.go
<span class="go">sha256 this string
</span><span class="go">1af1dfa857bf1d8814fe1af8983c18080019922e557f15a8a...</span></pre>
</td>
</tr>
<tr>
<td class="docs">
<p>You can compute other hashes using a similar pattern to
the one shown above. For example, to compute MD5 hashes
import <code>crypto/md5</code> and use <code>md5.New()</code>.</p>
the one shown above. For example, to compute
SHA512 hashes import <code>crypto/sha512</code> and use
<code>sha512.New()</code>.</p>
</td>
<td class="code empty leading">
@ -178,7 +176,7 @@ import <code>crypto/md5</code> and use <code>md5.New()</code>.</p>
<td class="docs">
<p>Note that if you need cryptographically secure hashes,
you should carefully research
<a href="http://en.wikipedia.org/wiki/Cryptographic_hash_function">hash strength</a>!</p>
<a href="https://en.wikipedia.org/wiki/Cryptographic_hash_function">hash strength</a>!</p>
</td>
<td class="code empty">
@ -202,7 +200,7 @@ you should carefully research
</div>
<script>
var codeLines = [];
codeLines.push('');codeLines.push('package main\u000A');codeLines.push('import (\u000A \"crypto/sha1\"\u000A \"fmt\"\u000A)\u000A');codeLines.push('func main() {\u000A s :\u003D \"sha1 this string\"\u000A');codeLines.push(' h :\u003D sha1.New()\u000A');codeLines.push(' h.Write([]byte(s))\u000A');codeLines.push(' bs :\u003D h.Sum(nil)\u000A');codeLines.push(' fmt.Println(s)\u000A fmt.Printf(\"%x\\n\", bs)\u000A}\u000A');codeLines.push('');codeLines.push('');codeLines.push('');
codeLines.push('');codeLines.push('package main\u000A');codeLines.push('import (\u000A \"crypto/sha256\"\u000A \"fmt\"\u000A)\u000A');codeLines.push('func main() {\u000A s :\u003D \"sha256 this string\"\u000A');codeLines.push(' h :\u003D sha256.New()\u000A');codeLines.push(' h.Write([]byte(s))\u000A');codeLines.push(' bs :\u003D h.Sum(nil)\u000A');codeLines.push(' fmt.Println(s)\u000A fmt.Printf(\"%x\\n\", bs)\u000A}\u000A');codeLines.push('');codeLines.push('');codeLines.push('');
</script>
<script src="site.js" async></script>
</body>

4
public/url-parsing generated
View File

@ -14,7 +14,7 @@
if (e.key == "ArrowRight") {
window.location.href = 'sha1-hashes';
window.location.href = 'sha256-hashes';
}
}
@ -222,7 +222,7 @@ pieces that we extracted.</p>
<p class="next">
Next example: <a href="sha1-hashes">SHA1 Hashes</a>.
Next example: <a href="sha256-hashes">SHA256 Hashes</a>.
</p>