lhotari commented on code in PR #23386: URL: https://github.com/apache/pulsar/pull/23386#discussion_r1801532275
########## pulsar-broker-common/src/main/java/org/apache/pulsar/common/configuration/anonymizer/DefaultRoleAnonymizerType.java: ########## @@ -0,0 +1,79 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.pulsar.common.util.anonymizer; + +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.util.Base64; + +public enum DefaultRoleAnonymizerType { + NONE { + @Override + public String anonymize(String role) { + return role; + } + }, + REDACTED { + @Override + public String anonymize(String role) { + return REDACTED_VALUE; + } + }, + SHA256 { + private static final String PREFIX = "SHA-256:"; + private final MessageDigest digest; + + { + // Initializing the MessageDigest once for SHA-256 + try { + digest = MessageDigest.getInstance("SHA-256"); + } catch (NoSuchAlgorithmException e) { + throw new RuntimeException("SHA-256 algorithm not found", e); + } + } + + @Override + public String anonymize(String role) { + byte[] hash = digest.digest(role.getBytes()); + return PREFIX + Base64.getEncoder().encodeToString(hash); + } + }, + MD5 { + private static final String PREFIX = "MD5:"; + private final MessageDigest digest; + + { + // Initializing the MessageDigest once for MD5 + try { + digest = MessageDigest.getInstance("MD5"); Review Comment: add a comment `// codeql[java/weak-cryptographic-algorithm] - md5 is sufficient for this use case` above this line so that GitHub CodeQL scanning doesn't mark this as a security issue. example in https://github.com/apache/pulsar/blob/f98297f3c9c052d7ddd8444bc0ef876ceeb924b1/pulsar-client-messagecrypto-bc/src/main/java/org/apache/pulsar/client/impl/crypto/MessageCryptoBc.java#L161 I'm not exactly sure whether that's the correct syntax for allowing the use of MD5 in a code base that is scanned with CodeQL. We'll find out on the way. ########## pulsar-broker-common/src/main/java/org/apache/pulsar/common/configuration/anonymizer/DefaultAuthenticationRoleLoggingAnonymizer.java: ########## @@ -0,0 +1,67 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.pulsar.common.util.anonymizer; Review Comment: I think `org.apache.pulsar.common.anonymizer` is a better package name. the `.util` is just an unnecessary extra level. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
