mfbt implements SHA-1, which is increasingly considered too weak for security purposes, like hashing user data. It would be nice to have a implementation of SHA-2 available, e.g. SHA-256.
History suggests this can be done by porting security/nss/lib/freebl/sha512.c as like was done for sha_fash.c.
SHA-1 is not meant to be used as a replacement for crypto-secure hashes. We have NSS for that.
Status: NEW → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 830880
You need to log in before you can comment on or make changes to this bug.