ExternalVendorCode/corda
1
0
Fork 0
mirror of https://github.com/corda/corda.git synced 2024-12-30 01:39:04 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Add a TODO referencing PLT-147 to NodeAttachmentService (randomise attachment JARs)

Browse Source
This commit is contained in:
Mike Hearn 2016-04-19 11:16:38 +02:00
parent 283d9a031c
commit bfa5e2091c
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/main/kotlin/core/node/services/NodeAttachmentService.kt
View File

@ -101,6 +101,7 @@ class NodeAttachmentService(val storePath: Path, val metrics: MetricRegistry) :
return AttachmentImpl(id, path, checkAttachmentsOnLoad)
}
// TODO: PLT-147: The attachment should be randomised to prevent brute force guessing and thus privacy leaks.
override fun importAttachment(jar: InputStream): SecureHash {
require(jar !is JarInputStream)
val hs = HashingInputStream(Hashing.sha256(), jar)