From aa0e6872de97793a976bf4223df9ccbed3fc03fc Mon Sep 17 00:00:00 2001
From: bobby <1544881+desimone@users.noreply.github.com>
Date: Thu, 22 Jul 2021 06:15:54 -0700
Subject: [PATCH] evaluator: use cryputil to hash (#2384)

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
---
 authorize/evaluator/policy_evaluator.go | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)

diff --git a/authorize/evaluator/policy_evaluator.go b/authorize/evaluator/policy_evaluator.go
index 3541d4357..bf8d1212f 100644
--- a/authorize/evaluator/policy_evaluator.go
+++ b/authorize/evaluator/policy_evaluator.go
@@ -2,8 +2,6 @@ package evaluator
 
 import (
 	"context"
-	"crypto/sha256"
-	"encoding/hex"
 	"fmt"
 	"net/http"
 	"strconv"
@@ -15,6 +13,7 @@ import (
 	"github.com/pomerium/pomerium/config"
 	"github.com/pomerium/pomerium/internal/log"
 	"github.com/pomerium/pomerium/internal/telemetry/trace"
+	"github.com/pomerium/pomerium/pkg/cryptutil"
 	"github.com/pomerium/pomerium/pkg/policy"
 )
 
@@ -116,13 +115,9 @@ func NewPolicyEvaluator(ctx context.Context, store *Store, configPolicy *config.
 			return nil, err
 		}
 
-		h := sha256.New()
-		h.Write([]byte(script))
-		checksum := hex.EncodeToString(h.Sum(nil))
-
 		e.queries = append(e.queries, policyQuery{
 			PreparedEvalQuery: q,
-			checksum:          checksum,
+			checksum:          fmt.Sprintf("%x", cryptutil.Hash("script", []byte(script))),
 		})
 	}