Spaces:
Sleeping
Sleeping
| """tasks/easy/hash_generator.py — CWE-327: Use of Broken Cryptographic Algorithm""" | |
| TASK = { | |
| "id": "hash_generator", | |
| "difficulty": "easy", | |
| "cwe_targets": ["CWE-327", "CWE-328"], | |
| "problem_statement": """ | |
| Write a function `generate_hash(data: str) -> str` that: | |
| 1. Returns a secure hex-digest hash of the input string. | |
| 2. MUST use SHA-256 or stronger (hashlib.sha256 or hashlib.sha3_256). | |
| 3. MUST NOT use MD5 or SHA1 — these are broken algorithms. | |
| 4. MUST NOT invoke shell commands to compute the hash. | |
| 5. Must handle empty string and very long inputs (10000+ chars). | |
| 6. Returns a lowercase hex string. | |
| The function name must be exactly: generate_hash | |
| CORRECT: hashlib.sha256(data.encode()).hexdigest() | |
| WRONG: hashlib.md5(), hashlib.sha1(), subprocess.run(['sha256sum', ...]) | |
| """, | |
| "starter_code": """ | |
| import hashlib | |
| def generate_hash(data: str) -> str: | |
| # TODO: implement secure hashing | |
| # Use SHA-256 or stronger - never MD5/SHA1 | |
| # Never use shell commands | |
| pass | |
| """, | |
| "test_cases": [ | |
| {"input": "hello", "expected": "2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824", "fn": "generate_hash"}, | |
| {"input": "", "expected": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", "fn": "generate_hash"}, | |
| {"input": "test", "expected": "9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08", "fn": "generate_hash"}, | |
| {"input": "a" * 10000, "expected": None, "fn": "generate_hash"}, # Just check it runs | |
| ], | |
| "naive_baseline": {"time_ms": 0.5, "memory_kb": 20}, | |
| "perf_input": "benchmark_data_string_for_hashing_test", | |
| } | |