the hash_file() function still supports md5 and sha1 so people that need it
should then migrate to hash_file('md5', ...) or hash_file('sha1', ...)
instead. That was the ideaKind regards, Tom On Mon, Feb 10, 2020 at 10:52 PM j adams <zardozro...@gmail.com> wrote: > I disagree. While MD5 and SHA1 might not be suitable for modern > cryptographic operations, these functions might be needed for legacy > situations -- e.g., munging through old data. > > > On Mon, Feb 10, 2020 at 1:50 PM Tom Van Looy via internals < > internals@lists.php.net> wrote: > >> Hi >> >> While in some environments the use of MD5 and SHA1 are still acceptable >> for >> some use cases like file integrity verification etc. the use of these >> algorithms should be discouraged and not be your choice when developing >> new >> applications. >> >> I suggest to deprecated the functions md5_file() and sha1_file(). This >> will >> make people think about upgrading to a better alternative. If you still >> need this functionality you can always switch to the hash_file() function. >> >> Carrying around these two dedicated functions seems a bit too much for a >> modern PHP. What do you think? >> >> My feeling was that this is a no brainer. Should I open an RFC for this? >> >> Kind regards, >> >> Tom Van Looy >> >
