From 2c3a2b29b2bdaa2db5c65da215ae6e44ccf9196c Mon Sep 17 00:00:00 2001
From: Benjamin Carleski <benjamin@proworks.com>
Date: Mon, 28 Jan 2019 16:27:57 -0800
Subject: [PATCH] Obsolete direct hash generation methods, and switch to
 generic GenerateHash

As noted in https://github.com/umbraco/Umbraco-CMS/issues/4292, using direct hash methods can break compliance when on restricted systems that require FIPS compliance.  This has been addressed in a few commits.  This commit goes further to obsolete methods not previously obsoleted relating to direct hashing calls, and switches a direct call to one of these methods to use the correct, generic GenerateHash.
---
 src/Umbraco.Core/StringExtensions.cs              | 2 ++
 src/Umbraco.Web/Models/Mapping/UserModelMapper.cs | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/Umbraco.Core/StringExtensions.cs b/src/Umbraco.Core/StringExtensions.cs
index 93ff2aac50..869181f1b9 100644
--- a/src/Umbraco.Core/StringExtensions.cs
+++ b/src/Umbraco.Core/StringExtensions.cs
@@ -731,6 +731,7 @@ namespace Umbraco.Core
         /// </summary>
         /// <param name="stringToConvert">Referrs to itself</param>
         /// <returns>The MD5 hashed string</returns>
+        [Obsolete("Please use the GenerateHash method instead. This may be removed in future versions")]
         public static string ToMd5(this string stringToConvert)
         {
             return stringToConvert.GenerateHash("MD5");
@@ -741,6 +742,7 @@ namespace Umbraco.Core
         /// </summary>
         /// <param name="stringToConvert">referrs to itself</param>
         /// <returns>The SHA1 hashed string</returns>
+        [Obsolete("Please use the GenerateHash method instead. This may be removed in future versions")]
         public static string ToSHA1(this string stringToConvert)
         {
             return stringToConvert.GenerateHash("SHA1");
diff --git a/src/Umbraco.Web/Models/Mapping/UserModelMapper.cs b/src/Umbraco.Web/Models/Mapping/UserModelMapper.cs
index ad6c81e2ee..4c7f8c17f8 100644
--- a/src/Umbraco.Web/Models/Mapping/UserModelMapper.cs
+++ b/src/Umbraco.Web/Models/Mapping/UserModelMapper.cs
@@ -323,7 +323,7 @@ namespace Umbraco.Web.Models.Mapping
                 .ForMember(detail => detail.Culture, opt => opt.MapFrom(user => user.GetUserCulture(applicationContext.Services.TextService)))
                 .ForMember(
                     detail => detail.EmailHash,
-                    opt => opt.MapFrom(user => user.Email.ToLowerInvariant().Trim().ToMd5()))
+                    opt => opt.MapFrom(user => user.Email.ToLowerInvariant().Trim().GenerateHash()))
                 .ForMember(detail => detail.ParentId, opt => opt.UseValue(-1))
                 .ForMember(detail => detail.Path, opt => opt.MapFrom(user => "-1," + user.Id))
                 .ForMember(detail => detail.Notifications, opt => opt.Ignore())