crypto-browserify icon indicating copy to clipboard operation
crypto-browserify copied to clipboard
verified publisher icon browserify

OAEP encryption using SHA1?

Open core433 opened this issue 8 years ago • 1 comments

I've posted this issue on the public-encrypt repo as well:

https://github.com/crypto-browserify/publicEncrypt/issues/13

Public Encrypt is using sha1 for the hash function, is that secure? It sounds like sha1 is being deprecated because it's been theoretically crackable since 2005. Is this the same hash function that node crypto is using / are they not on sha2 / sha256?

core433 avatar Oct 06 '17 00:10 core433

yes probably but the goal here is to be fully compatible with the node crypto api, so we'll remove this when they do.

dominictarr avatar Oct 11 '17 02:10 dominictarr