HMAC-SHA1 is used https://www.schneier.com/blog/archives/2005/02/sha1_broken.html "although it doesn't affect applications such as HMAC where collisions aren't important"
2017-02-25 10:56 GMT+01:00 minek van <[email protected]>: > In the blog: > https://blog.filippo.io/so-i-lost-my-openbsd-fde-password/ > I seen that "sha1" is still used, but afaik 6.1 will have a different FDE. > >> Sent: Thursday, February 23, 2017 at 5:27 PM >> From: "Christian Weisgerber" <[email protected]> >> To: [email protected] >> Subject: Re: Is OpenBSD using SHA1 anywhere? >> >> On 2017-02-23, Marc Espie <[email protected]> wrote: >> >> > Talking from the ports side, ports and packages moved to SHA256 >> > back in 2007/2008. >> >> To be expressly clear: Marc is referring to the ports and packages >> infrastructure here. The packaged third-party software still >> contains many uses of SHA1; some may be harmless, some are embedded >> into protocols that can't be easily changed. >> >> > Ports distinfo made it the only default in 2007, and pkg tools moved >> > straight >> > from md5 to sha1. >> ^^^^^^^ >> to sha256 >> >> (Unfortunate typo.) >> >> -- >> Christian "naddy" Weisgerber [email protected] > -- Cordialement, Coues Ludovic +336 148 743 42
