From 6d50010b34dbbcb90a7b4512f97e07fd8beceea5 Mon Sep 17 00:00:00 2001
From: Stefan Kangas <stefankangas@gmail.com>
Date: Mon, 16 Sep 2019 10:45:14 +0200
Subject: Recommend against SHA-1 and MD5 for security

* doc/lispref/text.texi (Checksum/Hash):
* src/fns.c (Fmd5, Fsecure_hash):
* lisp/subr.el (sha1): Doc fix to recommend against SHA-1 and MD5 for
security-related applications, since they are not collision
resistant.  (Bug#37420)
---
 lisp/subr.el | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'lisp/subr.el')

diff --git a/lisp/subr.el b/lisp/subr.el
index 0b47da884b7..45b99a82d2b 100644
--- a/lisp/subr.el
+++ b/lisp/subr.el
@@ -3120,11 +3120,15 @@ Otherwise, return nil."
       raw-field)))
 
 (defun sha1 (object &optional start end binary)
-  "Return the SHA1 (Secure Hash Algorithm) of an OBJECT.
+  "Return the SHA-1 (Secure Hash Algorithm) of an OBJECT.
 OBJECT is either a string or a buffer.  Optional arguments START and
 END are character positions specifying which portion of OBJECT for
 computing the hash.  If BINARY is non-nil, return a string in binary
-form."
+form.
+
+Note that SHA-1 is not collision resistant and should not be used
+for anything security-related.  See `secure-hash' for
+alternatives."
   (secure-hash 'sha1 object start end binary))
 
 (defun function-get (f prop &optional autoload)
-- 
cgit v1.2.1