From 10fed404ae000a9cd6f8d357e85202f4c884f54e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dominik=20Sch=C3=BCrmann?= Date: Wed, 21 Oct 2015 21:42:37 +0200 Subject: SHA1 and RIPEMD160 are not declared insecure until widely deployed --- .../org/sufficientlysecure/keychain/pgp/PgpSecurityConstants.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'OpenKeychain') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSecurityConstants.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSecurityConstants.java index cbd8ce47a..7ad7b4d0f 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSecurityConstants.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSecurityConstants.java @@ -79,8 +79,8 @@ public class PgpSecurityConstants { */ private static HashSet sHashAlgorithmsWhitelist = new HashSet<>(Arrays.asList( // MD5: broken - // SHA1: broken - // RIPEMD160: same security properties as SHA1 + HashAlgorithmTags.SHA1, // TODO: disable when SHA256 is widely deployed + HashAlgorithmTags.RIPEMD160, // same security properties as SHA1, TODO: disable when SHA256 is widely deployed // DOUBLE_SHA: not used widely // MD2: not used widely // TIGER_192: not used widely -- cgit v1.2.3