diff options
author | cpovirk <cpovirk@google.com> | 2024-04-06 08:31:42 -0700 |
---|---|---|
committer | Google Java Core Libraries <jake-team+copybara@google.com> | 2024-04-06 08:34:20 -0700 |
commit | d364abbfd08f767af612d071a9298b19dad9e810 (patch) | |
tree | acd9a58bf9b71cf9b8c05b116ca6359a4f75a3d9 | |
parent | faa651613b7daa8a81cab89f8fdc77feaeb8cd2e (diff) | |
download | guava-d364abbfd08f767af612d071a9298b19dad9e810.tar.gz |
Discourage use of HMAC-MD5.
Fixes https://github.com/google/guava/pull/7131
RELNOTES=n/a
PiperOrigin-RevId: 622450594
-rw-r--r-- | android/guava/src/com/google/common/hash/Hashing.java | 8 | ||||
-rw-r--r-- | guava/src/com/google/common/hash/Hashing.java | 8 |
2 files changed, 16 insertions, 0 deletions
diff --git a/android/guava/src/com/google/common/hash/Hashing.java b/android/guava/src/com/google/common/hash/Hashing.java index 1d9d1e741..2f7141ab8 100644 --- a/android/guava/src/com/google/common/hash/Hashing.java +++ b/android/guava/src/com/google/common/hash/Hashing.java @@ -281,6 +281,10 @@ public final class Hashing { * Returns a hash function implementing the Message Authentication Code (MAC) algorithm, using the * MD5 (128 hash bits) hash function and the given secret key. * + * <p>If you are designing a new system that needs HMAC, prefer {@link #hmacSha256} or other + * future-proof algorithsm <a + * href="https://datatracker.ietf.org/doc/html/rfc6151#section-2.3">over {@code hmacMd5}</a>. + * * @param key the secret key * @throws IllegalArgumentException if the given key is inappropriate for initializing this MAC * @since 20.0 @@ -294,6 +298,10 @@ public final class Hashing { * MD5 (128 hash bits) hash function and a {@link SecretKeySpec} created from the given byte array * and the MD5 algorithm. * + * <p>If you are designing a new system that needs HMAC, prefer {@link #hmacSha256} or other + * future-proof algorithsm <a + * href="https://datatracker.ietf.org/doc/html/rfc6151#section-2.3">over {@code hmacMd5}</a>. + * * @param key the key material of the secret key * @since 20.0 */ diff --git a/guava/src/com/google/common/hash/Hashing.java b/guava/src/com/google/common/hash/Hashing.java index f2ec72f38..404b232e7 100644 --- a/guava/src/com/google/common/hash/Hashing.java +++ b/guava/src/com/google/common/hash/Hashing.java @@ -286,6 +286,10 @@ public final class Hashing { * Returns a hash function implementing the Message Authentication Code (MAC) algorithm, using the * MD5 (128 hash bits) hash function and the given secret key. * + * <p>If you are designing a new system that needs HMAC, prefer {@link #hmacSha256} or other + * future-proof algorithsm <a + * href="https://datatracker.ietf.org/doc/html/rfc6151#section-2.3">over {@code hmacMd5}</a>. + * * @param key the secret key * @throws IllegalArgumentException if the given key is inappropriate for initializing this MAC * @since 20.0 @@ -299,6 +303,10 @@ public final class Hashing { * MD5 (128 hash bits) hash function and a {@link SecretKeySpec} created from the given byte array * and the MD5 algorithm. * + * <p>If you are designing a new system that needs HMAC, prefer {@link #hmacSha256} or other + * future-proof algorithsm <a + * href="https://datatracker.ietf.org/doc/html/rfc6151#section-2.3">over {@code hmacMd5}</a>. + * * @param key the key material of the secret key * @since 20.0 */ |