ZhenYi/gitdataai
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(app): fix session key to use SHA-512 (64 bytes)

Browse Source 
cookie::Key requires exactly 64 bytes, SHA-256 only produces 32 bytes
Change to SHA-512 and slice to 64 bytes for correct key length
This commit is contained in:
ZhenYi 2026-04-27 16:40:20 +08:00
parent e022240757
commit 65627a8662
2 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
apps/app/Cargo.toml
View File

@ -18,6 +18,7 @@ uuid = { workspace = true }
service = { workspace = true } service = { workspace = true }
observability = { workspace = true } observability = { workspace = true }
room = { workspace = true } room = { workspace = true }
sha2 = { workspace = true }
api = { workspace = true } api = { workspace = true }
session = { workspace = true } session = { workspace = true }
config = { workspace = true } config = { workspace = true }

7
apps/app/src/main.rs
View File

@ -114,11 +114,12 @@ fn build_session_key(cfg: &AppConfig) -> anyhow::Result<Key> {
); );
return Ok(Key::generate()); return Ok(Key::generate());
} }
use sha2::{Digest, Sha256}; use sha2::{Digest, Sha512};
let mut hasher = Sha256::new(); let mut hasher = Sha512::new();
hasher.update(secret.as_bytes()); hasher.update(secret.as_bytes());
let hash = hasher.finalize(); let hash = hasher.finalize();
return Ok(Key::from(hash.as_slice())); // cookie::Key requires exactly 64 bytes; SHA-512 produces 64 bytes
return Ok(Key::from(&hash[..64]));
} }
Ok(Key::generate()) Ok(Key::generate())
} }