You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by zh...@apache.org on 2020/03/31 01:18:01 UTC
[pulsar] branch master updated: Suggest use sha-512 in
SaslRoleTokenSigner for security concern (#6447)
This is an automated email from the ASF dual-hosted git repository.
zhaijia pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/pulsar.git
The following commit(s) were added to refs/heads/master by this push:
new b5e9be62 Suggest use sha-512 in SaslRoleTokenSigner for security concern (#6447)
b5e9be62 is described below
commit b5e9be6290f76586d1e497b19c7b5aef26add4bc
Author: YYTVicky <61...@users.noreply.github.com>
AuthorDate: Mon Mar 30 21:17:51 2020 -0400
Suggest use sha-512 in SaslRoleTokenSigner for security concern (#6447)
Suggest use sha-512 in SaslRoleTokenSigner for security concern #6447
---
.../org/apache/pulsar/broker/authentication/SaslRoleTokenSigner.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pulsar-broker-auth-sasl/src/main/java/org/apache/pulsar/broker/authentication/SaslRoleTokenSigner.java b/pulsar-broker-auth-sasl/src/main/java/org/apache/pulsar/broker/authentication/SaslRoleTokenSigner.java
index dee320f..ccd2547 100644
--- a/pulsar-broker-auth-sasl/src/main/java/org/apache/pulsar/broker/authentication/SaslRoleTokenSigner.java
+++ b/pulsar-broker-auth-sasl/src/main/java/org/apache/pulsar/broker/authentication/SaslRoleTokenSigner.java
@@ -93,7 +93,7 @@ public class SaslRoleTokenSigner {
*/
protected String computeSignature(String str) {
try {
- MessageDigest md = MessageDigest.getInstance("SHA");
+ MessageDigest md = MessageDigest.getInstance("SHA-512");
md.update(str.getBytes());