Skip to content

Commit

Permalink
Merge pull request #1679 from OpSecId/replace-sha3-package
Browse files Browse the repository at this point in the history
[Security] Remove sha3 (CVE-2022-37454)
  • Loading branch information
WadeBarnes authored Sep 13, 2024
2 parents 80c5226 + 8df8910 commit 8810d2e
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 9 deletions.
2 changes: 0 additions & 2 deletions setup.py
Original file line number Diff line number Diff line change
Expand Up @@ -127,8 +127,6 @@ def run(self):
### Tests fail without version pin (GHA run: https://github.com/udosson/indy-plenum/actions/runs/1078745445)
'rlp==0.6.0',
'semver==2.13.0',
# 'sha3==0.2.1',
'sha3',
# 'six==1.15.0',
'six',
### Tests fail without version pin (GHA run: https://github.com/udosson/indy-plenum/actions/runs/1078741118)
Expand Down
9 changes: 2 additions & 7 deletions state/util/utils.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,14 +3,9 @@


import hashlib
if hasattr(hashlib, 'sha3_256'):
def sha3_256(x):
return hashlib.sha3_256(x).digest()
else:
import sha3 as _sha3
def sha3_256(x):
return _sha3.sha3_256(x).digest()

def sha3_256(x):
return hashlib.sha3_256(x).digest()

import rlp
from rlp.sedes import big_endian_int, BigEndianInt, Binary
Expand Down

0 comments on commit 8810d2e

Please sign in to comment.