refactor: replace md5 with sha256 for commenter email hash (#7092)

#### What type of PR is this?

/kind feature
/kind improvement

#### What this PR does / why we need it:

本次PR对系统中用于电子邮件哈希的算法进行了升级。原先使用的是MD5算法,现在替换为了更安全的SHA-256算法。这一变更提高了数据的安全性,降低了电子邮件被破解的风险。

#### Which issue(s) this PR fixes:

未指定具体问题编号,但解决了潜在的安全隐患。

#### Special notes for your reviewer:

在替换哈希算法的过程中,我已经确保了代码的兼容性和性能。建议审查者在合并前进行全面的测试,以确保新算法的正确性和系统的稳定性。

#### Does this PR introduce a user-facing change?

```release-note
增强评论邮箱哈希算法(SHA256)
```
pull/7122/head
cryptochecktool 2024-12-09 09:23:32 +08:00 committed by GitHub
parent 348e7c906f
commit 0748ae4334
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 10 additions and 4 deletions

View File

@ -1,12 +1,14 @@
package run.halo.app.theme.finders.impl;
import static java.nio.charset.StandardCharsets.UTF_8;
import static org.apache.commons.lang3.ObjectUtils.defaultIfNull;
import static run.halo.app.extension.index.query.QueryFactory.and;
import static run.halo.app.extension.index.query.QueryFactory.equal;
import static run.halo.app.extension.index.query.QueryFactory.isNull;
import static run.halo.app.extension.index.query.QueryFactory.or;
import com.google.common.hash.Hashing;
import java.security.Principal;
import java.util.HashMap;
import java.util.Optional;
@ -20,7 +22,6 @@ import org.springframework.security.core.context.ReactiveSecurityContextHolder;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.stereotype.Component;
import org.springframework.util.Assert;
import org.springframework.util.DigestUtils;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;
import run.halo.app.content.comment.OwnerInfo;
@ -172,7 +173,9 @@ public class CommentPublicQueryServiceImpl implements CommentPublicQueryService
specOwner.setName("");
var email = owner.getEmail();
if (StringUtils.isNotBlank(email)) {
var emailHash = DigestUtils.md5DigestAsHex(email.getBytes());
var emailHash = Hashing.sha256()
.hashString(email.toLowerCase(), UTF_8)
.toString();
if (specOwner.getAnnotations() == null) {
specOwner.setAnnotations(new HashMap<>(2));
}
@ -224,7 +227,9 @@ public class CommentPublicQueryServiceImpl implements CommentPublicQueryService
specOwner.setName("");
var email = owner.getEmail();
if (StringUtils.isNotBlank(email)) {
var emailHash = DigestUtils.md5DigestAsHex(email.getBytes());
var emailHash = Hashing.sha256()
.hashString(email.toLowerCase(), UTF_8)
.toString();
if (specOwner.getAnnotations() == null) {
specOwner.setAnnotations(new HashMap<>(2));
}

View File

@ -389,7 +389,8 @@ class CommentPublicQueryServiceIntegrationTest {
"name":"",
"displayName":"fake-display-name",
"annotations":{
"email-hash": "4249f4df72b475e7894fabed1c5888cf"
"email-hash": \
"79783106d88279c6c8f94f1f4dec22bdb9f90a8d14c9d6c6628a11430e236cbf"
}
},
"creationTime": "2024-03-11T06:23:42.923294424Z",