Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-93838

Consider SHA-1 algorithm deprecated

    XMLWordPrintable

Details

    • Bug
    • Resolution: Unresolved
    • P4: Low
    • None
    • 5.15.4, 6.1.0
    • Core: Other
    • None
    • All

    Description

      The Qt API (QCryptographicHash) still provides SHA-1 algorithm which was considered deprecated and not secure enough.

      It has been officially deprecated by NIST (National Institute of Standards and Technology) in 2011 and adviced to remove it from products ASAP and move to SHA-2 or SHA-3 instead. Also all browsers no longer accept SHA-1 SSL certificates and Microsoft discontinued SHA-1 code signing in 2020.

      Therefore, this algorithm should be also considered as deprecated in Qt and users should be adviced to use something else instead.

       

       

      Attachments

        For Gerrit Dashboard: QTBUG-93838
        # Subject Branch Project Status CR V

        Activity

          People

            thiago Thiago Macieira
            jgrulich Jan Grulich
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:

              Gerrit Reviews

                There are no open Gerrit changes