Author: allanjude Date: Tue May 21 22:17:00 2019 New Revision: 348073 URL: https://svnweb.freebsd.org/changeset/base/348073
Log: Add admonitions against using MD5 and SHA1 to the API man pages Modified: head/lib/libmd/mdX.3 head/lib/libmd/sha.3 Modified: head/lib/libmd/mdX.3 ============================================================================== --- head/lib/libmd/mdX.3 Tue May 21 22:11:53 2019 (r348072) +++ head/lib/libmd/mdX.3 Tue May 21 22:17:00 2019 (r348073) @@ -208,6 +208,8 @@ This code is derived directly from these implementatio .Pp Phk ristede runen. .Sh BUGS -No method is known to exist which finds two files having the same hash value, -nor to find a file with a specific hash value. -There is on the other hand no guarantee that such a method does not exist. +The +.Tn MD5 +algorithm has been proven to be vulnerable to practical collision +attacks and should not be relied upon to produce unique outputs, +.Em nor should they be used as part of a cryptographic signature scheme. Modified: head/lib/libmd/sha.3 ============================================================================== --- head/lib/libmd/sha.3 Tue May 21 22:11:53 2019 (r348072) +++ head/lib/libmd/sha.3 Tue May 21 22:17:00 2019 (r348073) @@ -191,9 +191,11 @@ published .Tn FIPS standards. .Sh BUGS -No method is known to exist which finds two files having the same hash value, -nor to find a file with a specific hash value. -There is on the other hand no guarantee that such a method does not exist. +The +.Tn SHA1 +algorithm has been proven to be vulnerable to practical collision +attacks and should not be relied upon to produce unique outputs, +.Em nor should they be used as part of a cryptographic signature scheme. .Pp The .Tn IA32 _______________________________________________ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
