Skip to content

Commit

Permalink
fix(x-pack/reporting): use FIPS-compliant ID generator uuidv4 in Re…
Browse files Browse the repository at this point in the history
…porting plugin (elastic#174809)

## Summary
Closes elastic#174798 


### Checklist

Delete any items that are not applicable to this PR.



### Risk Matrix

Delete this section if it is not applicable to this PR.


### For maintainers

- [ ] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)

---------

Co-authored-by: Tim Sullivan <[email protected]>
Co-authored-by: Kibana Machine <[email protected]>
  • Loading branch information
3 people authored Jan 24, 2024
1 parent a63bb6a commit cd90773
Show file tree
Hide file tree
Showing 7 changed files with 9 additions and 40 deletions.
2 changes: 0 additions & 2 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -1003,7 +1003,6 @@
"mapbox-gl-draw-rectangle-mode": "1.0.4",
"maplibre-gl": "3.1.0",
"markdown-it": "^12.3.2",
"md5": "^2.1.0",
"mdast-util-to-hast": "10.2.0",
"memoize-one": "^6.0.0",
"mime": "^2.4.4",
Expand Down Expand Up @@ -1040,7 +1039,6 @@
"pretty-ms": "6.0.0",
"prop-types": "^15.8.1",
"proxy-from-env": "1.0.0",
"puid": "1.0.7",
"puppeteer": "21.5.2",
"query-string": "^6.13.2",
"rbush": "^3.0.1",
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,24 +5,24 @@
* 2.0.
*/

import md5 from 'md5';
import { sha256 } from 'js-sha256';
import { createCalloutId } from './helpers';

describe('createCalloutId', () => {
it('creates id correctly with one id', () => {
const digest = md5('one');
const digest = sha256('one');
const id = createCalloutId(['one']);
expect(id).toBe(digest);
});

it('creates id correctly with multiples ids', () => {
const digest = md5('one|two|three');
const digest = sha256('one|two|three');
const id = createCalloutId(['one', 'two', 'three']);
expect(id).toBe(digest);
});

it('creates id correctly with multiples ids and delimiter', () => {
const digest = md5('one,two,three');
const digest = sha256('one,two,three');
const id = createCalloutId(['one', 'two', 'three'], ',');
expect(id).toBe(digest);
});
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
* 2.0.
*/

import md5 from 'md5';
import { sha256 } from 'js-sha256';

export const createCalloutId = (ids: string[], delimiter: string = '|'): string =>
md5(ids.join(delimiter));
sha256(ids.join(delimiter));
15 changes: 0 additions & 15 deletions x-pack/plugins/reporting/server/lib/puid.d.ts

This file was deleted.

5 changes: 2 additions & 3 deletions x-pack/plugins/reporting/server/lib/store/report.ts
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@

import { omit } from 'lodash';
import moment from 'moment';
import Puid from 'puid';
import { v4 as uuidv4 } from 'uuid';

import { JOB_STATUS } from '@kbn/reporting-common';
import {
Expand All @@ -19,7 +19,6 @@ import {

import type { ReportTaskParams } from '../tasks';

const puid = new Puid();
export const MIGRATION_VERSION = '7.14.0';

/*
Expand Down Expand Up @@ -63,7 +62,7 @@ export class Report implements Partial<ReportSource & ReportDocumentHead> {
* Index string is required
*/
constructor(opts: Partial<ReportSource> & Partial<ReportDocumentHead>, fields?: ReportFields) {
this._id = opts._id != null ? opts._id : puid.generate();
this._id = opts._id != null ? opts._id : uuidv4();
this._index = opts._index;
this._primary_term = opts._primary_term;
this._seq_no = opts._seq_no;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,15 +5,7 @@
* 2.0.
*/

jest.mock(
'puid',
() =>
class MockPuid {
generate() {
return 'mock-report-id';
}
}
);
jest.mock('uuid', () => ({ v4: () => 'mock-report-id' }));

import rison from '@kbn/rison';

Expand Down
5 changes: 0 additions & 5 deletions yarn.lock
Original file line number Diff line number Diff line change
Expand Up @@ -25343,11 +25343,6 @@ public-encrypt@^4.0.0:
parse-asn1 "^5.0.0"
randombytes "^2.0.1"

[email protected]:
version "1.0.7"
resolved "https://registry.yarnpkg.com/puid/-/puid-1.0.7.tgz#fa638a737d7b20419059d93965aed36ca20e1c84"
integrity sha1-+mOKc317IEGQWdk5Za7TbKIOHIQ=

pump@^2.0.0:
version "2.0.1"
resolved "https://registry.yarnpkg.com/pump/-/pump-2.0.1.tgz#12399add6e4cf7526d973cbc8b5ce2e2908b3909"
Expand Down

0 comments on commit cd90773

Please sign in to comment.