FIX: [CodeQL: SM02196] Weak cryptography in TrackingConfigHashAlgorithm.cs

[MantavyaDh]

Context

In TrackingConfigHashAlgorithm.cs, SHA1 was being used to compute the hashKey, which is used to identify the tracking config file in the agent system and hence the workspace identifier.

Change Description

The PR addresses the CodeQL warning of using a weak hash algortihm by replacing it with SHA256 based on the recommendations - SM02196

Also it updates the existing Unit Tests with the updated hash values from the new algorithm.

Validations

• Locally debugged the agent and checked that the new hashes are being generated from the SHA256 algorithm.
• Verified that the tracking config file has the new hash in azure-pipelines-agent_layout\win-x64_work\SourceRootMapping\collectionID\definitionID
• Ran the unit and functional tests.

[MantavyaDh]

@MantavyaDh please read the following Contributor License Agreement(CLA). If you agree with the CLA, please reply with the following information.

@microsoft-github-policy-service agree [company="{your company}"]

Options:

• (default - no company specified) I have sole ownership of intellectual property rights to my Submissions and I am not making Submissions in the course of work for my employer.

@microsoft-github-policy-service agree

• (when company given) I am making Submissions in the course of work for my employer (or my employer has intellectual property rights in my Submissions by contract or applicable law). I have permission from my employer to make Submissions and enter into this Agreement on behalf of my employer. By signing below, the defined term “You” includes me and my employer.

@microsoft-github-policy-service agree company="Microsoft"

Contributor License Agreement

@microsoft-github-policy-service agree company="Microsoft"