MC-41213: Update existing Magento 2.4 code to pass Insecure Function phpcs checks

Author: zakdma

app/code/Magento/EncryptionKey/Model/ResourceModel/Key/Change.php

@@ -108,6 +108,9 @@ public function changeEncryptionKey($key = null)
         }
 
         if (null === $key) {
+            // md5() here is not for cryptographic use. It used for generate encryption key itself
+            // and do not encrypt any passwords
+            // phpcs:ignore Magento2.Security.InsecureFunction
             $key = md5($this->random->getRandomString(ConfigOptionsListConstants::STORE_KEY_RANDOM_STRING_SIZE));
         }
         $this->encryptor->setNewKey($key);

setup/src/Magento/Setup/Model/CryptKeyGenerator.php

@@ -37,6 +37,9 @@ public function __construct(Random $random)
      */
     public function generate()
     {
+        // md5() here is not for cryptographic use. It used for generate encryption key itself
+        // and do not encrypt any passwords
+        // phpcs:ignore Magento2.Security.InsecureFunction
         return md5($this->getRandomString());
     }