diff options
| -rw-r--r-- | doc/lispref/text.texi | 12 | ||||
| -rw-r--r-- | lisp/subr.el | 8 | ||||
| -rw-r--r-- | src/fns.c | 11 |
3 files changed, 21 insertions, 10 deletions
diff --git a/doc/lispref/text.texi b/doc/lispref/text.texi index 7ce54f59c69..955ad6130ca 100644 --- a/doc/lispref/text.texi +++ b/doc/lispref/text.texi | |||
| @@ -4710,12 +4710,12 @@ that you have an unaltered copy of that data. | |||
| 4710 | SHA-1, SHA-2, SHA-224, SHA-256, SHA-384 and SHA-512. MD5 is the | 4710 | SHA-1, SHA-2, SHA-224, SHA-256, SHA-384 and SHA-512. MD5 is the |
| 4711 | oldest of these algorithms, and is commonly used in @dfn{message | 4711 | oldest of these algorithms, and is commonly used in @dfn{message |
| 4712 | digests} to check the integrity of messages transmitted over a | 4712 | digests} to check the integrity of messages transmitted over a |
| 4713 | network. MD5 is not collision resistant (i.e., it is possible to | 4713 | network. MD5 and SHA-1 are not collision resistant (i.e., it is |
| 4714 | deliberately design different pieces of data which have the same MD5 | 4714 | possible to deliberately design different pieces of data which have |
| 4715 | hash), so you should not used it for anything security-related. A | 4715 | the same MD5 or SHA-1 hash), so you should not use them for anything |
| 4716 | similar theoretical weakness also exists in SHA-1. Therefore, for | 4716 | security-related. For security-related applications you should use |
| 4717 | security-related applications you should use the other hash types, | 4717 | the other hash types, such as SHA-2 (e.g. @code{sha256} or |
| 4718 | such as SHA-2. | 4718 | @code{sha512}). |
| 4719 | 4719 | ||
| 4720 | @defun secure-hash-algorithms | 4720 | @defun secure-hash-algorithms |
| 4721 | This function returns a list of symbols representing algorithms that | 4721 | This function returns a list of symbols representing algorithms that |
diff --git a/lisp/subr.el b/lisp/subr.el index 0b47da884b7..45b99a82d2b 100644 --- a/lisp/subr.el +++ b/lisp/subr.el | |||
| @@ -3120,11 +3120,15 @@ Otherwise, return nil." | |||
| 3120 | raw-field))) | 3120 | raw-field))) |
| 3121 | 3121 | ||
| 3122 | (defun sha1 (object &optional start end binary) | 3122 | (defun sha1 (object &optional start end binary) |
| 3123 | "Return the SHA1 (Secure Hash Algorithm) of an OBJECT. | 3123 | "Return the SHA-1 (Secure Hash Algorithm) of an OBJECT. |
| 3124 | OBJECT is either a string or a buffer. Optional arguments START and | 3124 | OBJECT is either a string or a buffer. Optional arguments START and |
| 3125 | END are character positions specifying which portion of OBJECT for | 3125 | END are character positions specifying which portion of OBJECT for |
| 3126 | computing the hash. If BINARY is non-nil, return a string in binary | 3126 | computing the hash. If BINARY is non-nil, return a string in binary |
| 3127 | form." | 3127 | form. |
| 3128 | |||
| 3129 | Note that SHA-1 is not collision resistant and should not be used | ||
| 3130 | for anything security-related. See `secure-hash' for | ||
| 3131 | alternatives." | ||
| 3128 | (secure-hash 'sha1 object start end binary)) | 3132 | (secure-hash 'sha1 object start end binary)) |
| 3129 | 3133 | ||
| 3130 | (defun function-get (f prop &optional autoload) | 3134 | (defun function-get (f prop &optional autoload) |
| @@ -5376,7 +5376,10 @@ If OBJECT is a string, the most preferred coding system (see the | |||
| 5376 | command `prefer-coding-system') is used. | 5376 | command `prefer-coding-system') is used. |
| 5377 | 5377 | ||
| 5378 | If NOERROR is non-nil, silently assume the `raw-text' coding if the | 5378 | If NOERROR is non-nil, silently assume the `raw-text' coding if the |
| 5379 | guesswork fails. Normally, an error is signaled in such case. */) | 5379 | guesswork fails. Normally, an error is signaled in such case. |
| 5380 | |||
| 5381 | Note that MD5 is not collision resistant and should not be used for | ||
| 5382 | anything security-related. See `secure-hash' for alternatives. */) | ||
| 5380 | (Lisp_Object object, Lisp_Object start, Lisp_Object end, Lisp_Object coding_system, Lisp_Object noerror) | 5383 | (Lisp_Object object, Lisp_Object start, Lisp_Object end, Lisp_Object coding_system, Lisp_Object noerror) |
| 5381 | { | 5384 | { |
| 5382 | return secure_hash (Qmd5, object, start, end, coding_system, noerror, Qnil); | 5385 | return secure_hash (Qmd5, object, start, end, coding_system, noerror, Qnil); |
| @@ -5393,7 +5396,11 @@ whole OBJECT. | |||
| 5393 | 5396 | ||
| 5394 | The full list of algorithms can be obtained with `secure-hash-algorithms'. | 5397 | The full list of algorithms can be obtained with `secure-hash-algorithms'. |
| 5395 | 5398 | ||
| 5396 | If BINARY is non-nil, returns a string in binary form. */) | 5399 | If BINARY is non-nil, returns a string in binary form. |
| 5400 | |||
| 5401 | Note that MD5 and SHA-1 are not collision resistant and should not be | ||
| 5402 | used for anything security-related. For these applications, use one | ||
| 5403 | of the other hash types instead, e.g. sha256 or sha512. */) | ||
| 5397 | (Lisp_Object algorithm, Lisp_Object object, Lisp_Object start, Lisp_Object end, Lisp_Object binary) | 5404 | (Lisp_Object algorithm, Lisp_Object object, Lisp_Object start, Lisp_Object end, Lisp_Object binary) |
| 5398 | { | 5405 | { |
| 5399 | return secure_hash (algorithm, object, start, end, Qnil, Qnil, binary); | 5406 | return secure_hash (algorithm, object, start, end, Qnil, Qnil, binary); |