stable
Clone or download
Read-only
request #10015: Mitigate SHA-1 collision in SVN
This is a first mitigation based on the known SHA-1 collision. A second step is going to be to integrate a checker for the collision attack published on SHA-1 [1] to have a more general mitigation. To test this contribution with SVN core, to do not forget to redeploy codendi_svn_pre_commit.php. You can find 2 files exploiting the known SHA-1 collision attached to the request. [1] https://marc-stevens.nl/research/papers/C13-S.pdf Change-Id: I928e00ddb7080afb8acb926baee47099169746d8
Modified Files
| Name | ||||
|---|---|---|---|---|
| M | plugins/svn/bin/svn_pre_commit.php | +8 | −3 | Go to diff View file |
| M | plugins/svn/include/Svn/Commit/Svnlook.class.php | +13 | −1 | Go to diff View file |
| M | plugins/svn/include/Svn/Hooks/PreCommit.php | +57 | −11 | Go to diff View file |
| A | plugins/svn/tests/Svn/Hooks/PreCommitSHA1CollisionTest.php | +74 | −0 | Go to diff View file |
| M | plugins/svn/tests/Svn/Hooks/PreCommitTest.php | +5 | −1 | Go to diff View file |
| M | src/common/autoload.php | +4 | −2 | Go to diff View file |
| A | src/common/svn/SHA1CollisionDetector.php | +40 | −0 | Go to diff View file |
| A | src/common/svn/SHA1CollisionException.php | +25 | −0 | Go to diff View file |
| M | src/common/svn/SVN_Svnlook.class.php | +13 | −3 | Go to diff View file |
| M | src/common/svn/hook/PreCommit.class.php | +47 | −4 | Go to diff View file |
| M | src/utils/svn/codendi_svn_pre_commit.php | +5 | −1 | Go to diff View file |
| A | tests/simpletest/common/svn/PreCommitSHA1CollisionTest.php | +68 | −0 | Go to diff View file |
| M | tests/simpletest/common/svn/PreCommitTest.php | +3 | −1 | Go to diff View file |
| A | tests/simpletest/common/svn/SHA1CollisionDetectorTest.php | +46 | −0 | Go to diff View file |
| A | tests/simpletest/common/svn/_fixtures/tuleap-shattered.pdf | Binary file | Go to diff View file | |