refactor: use sha2 directly rather than sha256

Dr-Emann · Dr-Emann · commit 589eb5f27b7c · 2025-11-28T00:32:55.000-05:00
this also means we don't need to parse from hex, we can go directly to
digest bytes
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -8,7 +8,7 @@ hex = "0.4.3"
 log = "0.4.22"
 md5 = "0.8.0"
 # default "async" feature that brings in tokio
-sha256 = { version = "1.5.0", default-features = false }
+sha2 = "0.10.8"
 thiserror = "2.0.0"
 sha1 = "0.10.6"
 hmac = "0.12.1"
diff --git a/src/openssl.rs b/src/openssl.rs
@@ -1,6 +1,7 @@
 use crate::aes;
 use crate::common::DecryptError;
 use log::warn;
+use sha2::Digest;
 
 /// The type of hash to use when generating a key/iv pair from a passphrase
 #[derive(Clone, Debug)]
@@ -24,8 +25,7 @@ struct OpenSSLCryptInfo {
 
 /// Returns the SHA256 hash of the provided data
 fn sha256_digest(data: &[u8]) -> Vec<u8> {
-    // This *should* never fail
-    hex::decode(sha256::digest(data)).expect("Failed to decode SHA256 hash")
+    sha2::Sha256::digest(data).to_vec()
 }
 
 /// Returns the MD5 hash of the provided data
