Add 'md5-sha1' to hashlib_weak_hash and hmac_digest_weak
Closed this issue · 1 comments
ericwb commented
Is your feature request related to a problem? Please describe.
md5-sha1 is another outdated weak algorithm that may appear as available in hashlib.
Describe the solution you'd like
Add md5-sha1 to hashlib_weak_hash and hmac_digest_weak rules.
Describe alternatives you've considered
n/a
Additional context
>>> hashlib.algorithms_available
{'md5', 'sm3', 'shake_128', 'blake2s', 'sha3_224', 'sha512_224', 'sha512', 'sha3_512', 'sha256', 'md5-sha1', 'sha1', 'sha224', 'sha384', 'blake2b', 'sha512_256', 'shake_256', 'ripemd160', 'sha3_384', 'sha3_256'}
Love this idea? Give it a 👍. We prioritize fulfilling features with the most 👍.
ericwb commented
Note, it seems you can use md5-sha1 as a function:
>>> hashlib.md5-sha1
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
NameError: name 'sha1' is not defined
Only works if passed to hashlib.new("md5-sha1")