bitbake: data/siggen: Switch md5 -> sha256

Similarly to the codeparser change, change to sha256 hashes due to worries over collisions. The main impact of this change is slightly slower parsing time as well as longer sstate file names. (Bitbake rev: 66f1b766997d53b4375fdd25719b1175f3828903) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2025-07-19 21:09:03 +02:00 · 2018-12-17 14:53:06 +00:00 · 2018-12-17 14:53:06 +00:00 · f008c24dab
commit f008c24dab
parent 941c5ddd19
3 changed files with 5 additions and 5 deletions
--- a/bitbake/lib/bb/data.py
+++ b/bitbake/lib/bb/data.py
@ -436,7 +436,7 @@ def generate_dependency_hash(tasklist, gendeps, lookupcache, whitelist, fn):
            if var is not None:
                data = data + str(var)
        k = fn + "." + task
-        basehash[k] = hashlib.md5(data.encode("utf-8")).hexdigest()
+        basehash[k] = hashlib.sha256(data.encode("utf-8")).hexdigest()
        taskdeps[task] = alldeps

    return taskdeps, basehash
--- a/bitbake/lib/bb/data_smart.py
+++ b/bitbake/lib/bb/data_smart.py
@ -1074,4 +1074,4 @@ class DataSmart(MutableMapping):
                    data.update({i:value})

        data_str = str([(k, data[k]) for k in sorted(data.keys())])
-        return hashlib.md5(data_str.encode("utf-8")).hexdigest()
+        return hashlib.sha256(data_str.encode("utf-8")).hexdigest()
--- a/bitbake/lib/bb/siggen.py
+++ b/bitbake/lib/bb/siggen.py
@ -216,7 +216,7 @@ class SignatureGeneratorBasic(SignatureGenerator):
            self.taints[k] = taint
            logger.warning("%s is tainted from a forced run" % k)

-        h = hashlib.md5(data.encode("utf-8")).hexdigest()
+        h = hashlib.sha256(data.encode("utf-8")).hexdigest()
        self.taskhash[k] = h
        #d.setVar("BB_TASKHASH_task-%s" % task, taskhash[task])
        return h
@ -650,7 +650,7 @@ def calc_basehash(sigdata):
        if val is not None:
            basedata = basedata + str(val)

-    return hashlib.md5(basedata.encode("utf-8")).hexdigest()
+    return hashlib.sha256(basedata.encode("utf-8")).hexdigest()

 def calc_taskhash(sigdata):
    data = sigdata['basehash']
@ -668,7 +668,7 @@ def calc_taskhash(sigdata):
        else:
            data = data + sigdata['taint']

-    return hashlib.md5(data.encode("utf-8")).hexdigest()
+    return hashlib.sha256(data.encode("utf-8")).hexdigest()


 def dump_sigfile(a):