yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Obsolete direct hash generation methods, and switch to generic GenerateHash

Browse Source 
As noted in https://github.com/umbraco/Umbraco-CMS/issues/4292, using direct hash methods can break compliance when on restricted systems that require FIPS compliance.  This has been addressed in a few commits.  This commit goes further to obsolete methods not previously obsoleted relating to direct hashing calls, and switches a direct call to one of these methods to use the correct, generic GenerateHash.
This commit is contained in:
Benjamin Carleski
2019-01-28 16:27:57 -08:00
committed by Sebastiaan Janssen
parent d174499e50
commit 2c3a2b29b2
2 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/Umbraco.Core/StringExtensions.cs
View File

@@ -731,6 +731,7 @@ namespace Umbraco.Core
/// </summary>
/// <param name="stringToConvert">Referrs to itself</param>
/// <returns>The MD5 hashed string</returns>
[Obsolete("Please use the GenerateHash method instead. This may be removed in future versions")]
public static string ToMd5(this string stringToConvert)
{
return stringToConvert.GenerateHash("MD5");
@@ -741,6 +742,7 @@ namespace Umbraco.Core
/// </summary>
/// <param name="stringToConvert">referrs to itself</param>
/// <returns>The SHA1 hashed string</returns>
[Obsolete("Please use the GenerateHash method instead. This may be removed in future versions")]
public static string ToSHA1(this string stringToConvert)
{
return stringToConvert.GenerateHash("SHA1");

2
src/Umbraco.Web/Models/Mapping/UserModelMapper.cs
View File

@@ -323,7 +323,7 @@ namespace Umbraco.Web.Models.Mapping
.ForMember(detail => detail.Culture, opt => opt.MapFrom(user => user.GetUserCulture(applicationContext.Services.TextService)))
.ForMember(
detail => detail.EmailHash,
opt => opt.MapFrom(user => user.Email.ToLowerInvariant().Trim().ToMd5()))
opt => opt.MapFrom(user => user.Email.ToLowerInvariant().Trim().GenerateHash()))
.ForMember(detail => detail.ParentId, opt => opt.UseValue(-1))
.ForMember(detail => detail.Path, opt => opt.MapFrom(user => "-1," + user.Id))
.ForMember(detail => detail.Notifications, opt => opt.Ignore())