cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

SHA1 and RIPEMD160 are not declared insecure until widely deployed

Browse Source
This commit is contained in:
Dominik Schürmann
2015-10-21 21:42:37 +02:00
parent 14d193a0f2
commit 10fed404ae
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSecurityConstants.java
View File

@@ -79,8 +79,8 @@ public class PgpSecurityConstants {
*/ */
private static HashSet<Integer> sHashAlgorithmsWhitelist = new HashSet<>(Arrays.asList( private static HashSet<Integer> sHashAlgorithmsWhitelist = new HashSet<>(Arrays.asList(
// MD5: broken // MD5: broken
// SHA1: broken HashAlgorithmTags.SHA1, // TODO: disable when SHA256 is widely deployed
// RIPEMD160: same security properties as SHA1 HashAlgorithmTags.RIPEMD160, // same security properties as SHA1, TODO: disable when SHA256 is widely deployed
// DOUBLE_SHA: not used widely // DOUBLE_SHA: not used widely
// MD2: not used widely // MD2: not used widely
// TIGER_192: not used widely // TIGER_192: not used widely