fix: update sha generation logic

Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

pkg/util/secretutil/secret.go

@@ -23,7 +23,6 @@ import (
 	"crypto/x509"
 	"encoding/pem"
 	"fmt"
-	"io"
 	"os"
 	"sort"
 	"strings"
@@ -217,23 +216,23 @@ func GetSecretData(secretObjData []*secretsstorev1.SecretObjectData, secretType
 
 // GetSHAFromSecret gets SHA for the secret data
 func GetSHAFromSecret(data map[string][]byte) (string, error) {
-	var values []string
-	for k, v := range data {
-		values = append(values, k+"="+string(v))
-	}
-	// sort the values to always obtain a deterministic SHA for
-	// same content in different order
-	sort.Strings(values)
-	return generateSHA(strings.Join(values, ";"))
-}
+	h := sha256.New()
+
+	keys := make([]string, 0, len(data))
+	for k := range data {
+		keys = append(keys, k)
+	}
+	sort.Strings(keys)
 
-// generateSHA generates SHA from string
-func generateSHA(data string) (string, error) {
-	hasher := sha256.New()
-	_, err := io.WriteString(hasher, data)
-	if err != nil {
-		return "", err
+	for _, k := range keys {
+		b := sha256.Sum256([]byte(k))
+		if _, err := h.Write(b[:]); err != nil {
+			return "", err
+		}
+		if _, err := h.Write(data[k]); err != nil {
+			return "", err
+		}
 	}
-	sha := hasher.Sum(nil)
-	return fmt.Sprintf("%x", sha), nil
+
+	return fmt.Sprintf("%x", h.Sum(nil)), nil
 }