[issue34930] sha1module: Switch sha1 implementation to sha1dc/hardened sha1
Christian Heimes
report at bugs.python.org
Tue Oct 16 10:05:07 EDT 2018
Christian Heimes <lists at cheimes.de> added the comment:
I wouldn't call SHA1 a secure hash function any more. SHA1DC is both an incompatible implementation and a bandaid for legacy applications that can't easily update to a proper hashing algorithm. Also it's rather pointless to update our SHA1 implementation since OpenSSL still uses the standardized SHA1 implementation. CPython prefers OpenSSL's implementation because it's much, much faster than libtomcrypt's implementation.
I need to study SHA1DC first and get some advice before I can make an educated statement. But I'm leaning towards -1 to even support SHA1DC in the standard library, because I don't want to promote SHA1 any more. Applications should move to SHA2, SHA3 and blake2.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue34930>
_______________________________________
More information about the Python-bugs-list
mailing list