Update MD5 usages with Cryptographically secure SHA256
See original GitHub issuePrerequisites
- Put an X between the brackets on this line if you have done all of the following:
- Running the latest version of Constellation
- Attached the Support Package via
Help
>Support Package
- Checked the FAQs: https://github.com/constellation-app/constellation/wiki/FAQ
- Checked that your issue isn’t already filed: https://github.com/constellation-app/constellation/issues
- Checked that there is not already a module that provides the described functionality: https://github.com/constellation-app/constellation/wiki/Catalogue-of-Repositories
Description
Upgrading to JDK 11 and NB11 means some methods are deprecated, to prepare for this, some usages will need to be handled accordingly.
From this comment The postToNifi method I think we can change it to support SHA256 based on https://nifi.apache.org/docs/nifi-docs/components/org.apache.nifi/nifi-standard-nar/1.11.1/org.apache.nifi.processors.standard.HashContent/.
A global project search may need to be done to ensure other usages of HashContent.md5() are not hiding somewhere.
Testing to ensure no behavioural changes are made and any subsequent methods which read from the hashed values still function as intended.
Steps to Reproduce
N/A
Expected behaviour:
Actual behaviour:
Reproduces how often:
Additional Information
Although this change is a deprecation, it is useful to implement since the md5 is not cryptographically secure.
Issue Analytics
- State:
- Created 4 years ago
- Reactions:1
- Comments:5 (3 by maintainers)
Top GitHub Comments
Thinking about it further, I’d vote to replace it with SHA256 so that we are more future proof and don’t have to worry about when it is removed from the JDK.
Agreed in terms of speed it will be better to stay with MD5. For my use case I don’t call
createMD5Hash
often so I can take the performance hit.Okay, will do.