refactor: replace md5 with sha256 for commenter email hash (#7092)

#### What type of PR is this? /kind feature /kind improvement #### What this PR does / why we need it: 本次PR对系统中用于电子邮件哈希的算法进行了升级。原先使用的是MD5算法，现在替换为了更安全的SHA-256算法。这一变更提高了数据的安全性，降低了电子邮件被破解的风险。 #### Which issue(s) this PR fixes: 未指定具体问题编号，但解决了潜在的安全隐患。 #### Special notes for your reviewer: 在替换哈希算法的过程中，我已经确保了代码的兼容性和性能。建议审查者在合并前进行全面的测试，以确保新算法的正确性和系统的稳定性。 #### Does this PR introduce a user-facing change? ```release-note 增强评论邮箱哈希算法（SHA256） ```
2024-12-09 09:23:32 +08:00 · 2024-12-09 09:23:32 +08:00 · 0748ae4334
parent 348e7c906f
commit 0748ae4334
2 changed files with 10 additions and 4 deletions
--- a/application/src/main/java/run/halo/app/theme/finders/impl/CommentPublicQueryServiceImpl.java
+++ b/application/src/main/java/run/halo/app/theme/finders/impl/CommentPublicQueryServiceImpl.java
@ -1,12 +1,14 @@
 package run.halo.app.theme.finders.impl;


+import static java.nio.charset.StandardCharsets.UTF_8;
 import static org.apache.commons.lang3.ObjectUtils.defaultIfNull;
 import static run.halo.app.extension.index.query.QueryFactory.and;
 import static run.halo.app.extension.index.query.QueryFactory.equal;
 import static run.halo.app.extension.index.query.QueryFactory.isNull;
 import static run.halo.app.extension.index.query.QueryFactory.or;

+import com.google.common.hash.Hashing;
 import java.security.Principal;
 import java.util.HashMap;
 import java.util.Optional;
@ -20,7 +22,6 @@ import org.springframework.security.core.context.ReactiveSecurityContextHolder;
 import org.springframework.security.core.context.SecurityContext;
 import org.springframework.stereotype.Component;
 import org.springframework.util.Assert;
-import org.springframework.util.DigestUtils;
 import reactor.core.publisher.Flux;
 import reactor.core.publisher.Mono;
 import run.halo.app.content.comment.OwnerInfo;
@ -172,7 +173,9 @@ public class CommentPublicQueryServiceImpl implements CommentPublicQueryService
        specOwner.setName("");
        var email = owner.getEmail();
        if (StringUtils.isNotBlank(email)) {
-            var emailHash = DigestUtils.md5DigestAsHex(email.getBytes());
+            var emailHash = Hashing.sha256()
+                .hashString(email.toLowerCase(), UTF_8)
+                .toString();
            if (specOwner.getAnnotations() == null) {
                specOwner.setAnnotations(new HashMap<>(2));
            }
@ -224,7 +227,9 @@ public class CommentPublicQueryServiceImpl implements CommentPublicQueryService
        specOwner.setName("");
        var email = owner.getEmail();
        if (StringUtils.isNotBlank(email)) {
-            var emailHash = DigestUtils.md5DigestAsHex(email.getBytes());
+            var emailHash = Hashing.sha256()
+                .hashString(email.toLowerCase(), UTF_8)
+                .toString();
            if (specOwner.getAnnotations() == null) {
                specOwner.setAnnotations(new HashMap<>(2));
            }
--- a/application/src/test/java/run/halo/app/theme/finders/impl/CommentPublicQueryServiceIntegrationTest.java
+++ b/application/src/test/java/run/halo/app/theme/finders/impl/CommentPublicQueryServiceIntegrationTest.java
@ -389,7 +389,8 @@ class CommentPublicQueryServiceIntegrationTest {
                                "name":"",
                                "displayName":"fake-display-name",
                                "annotations":{
-                                    "email-hash": "4249f4df72b475e7894fabed1c5888cf"
+                                    "email-hash": \
+                    "79783106d88279c6c8f94f1f4dec22bdb9f90a8d14c9d6c6628a11430e236cbf"
                                }
                            },
                            "creationTime": "2024-03-11T06:23:42.923294424Z",