Bug 358210 - Add support for secure checksums: SHA-2 instead of SHA-1 and MD5
Summary: Add support for secure checksums: SHA-2 instead of SHA-1 and MD5
Status: RESOLVED FIXED
Alias: None
Product: kleopatra
Classification: Applications
Component: general (show other bugs)
Version: 2.2.0
Platform: Fedora RPMs Linux
: NOR normal
Target Milestone: ---
Assignee: Andre Heinecke
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-01-19 13:05 UTC by Christian Stadelmann
Modified: 2021-03-10 21:12 UTC (History)
2 users (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Christian Stadelmann 2016-01-19 13:05:25 UTC
Currently Kleopatra supports md5sum and sha1sum to generate checksums. Using sha256sum and sha512sum would be highly appreciated since MD5 is known to be broken for years and SHA-1 is very weak, its use is highly discouraged.

Reproducible: Always

Steps to Reproduce:
1. Open preferences
2. go to crypto operations, tab "File operations"
3. choose "Checksum program to use"

Actual Results:  
only md5sum (broken) and sha1sum (very weak) are available

Expected Results:  
sha256sum and sha512sum should be available. If possible (violation of standards?) one of those commands based on SHA-2 should be default.
Comment 1 Justin Zobel 2021-03-10 00:15:36 UTC
Thank you for the bug report.

As this report hasn't seen any changes in 5 years or more, we ask if you can please confirm that the issue still persists.

If this bug is no longer persisting or relevant please change the status to resolved.
Comment 2 Christian Stadelmann 2021-03-10 21:12:22 UTC
This issue has been fixed in a more recent version. With Kleopatra 3.1.11, the default is sha256sum. sha512sum is also available. Thanks!