I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties.
The MD5 hash (used in java.security.MessageDigest.getInstance) is insecure. Consider changing it to a secure hash algorithm
// for backwards compatability. next time we have a backwards
// incompatible change, we should update this by removing ", 32"
// SEE NOTES ABOVE
try {
The SHA-1 hash (used in java.security.MessageDigest.getInstance) is insecure. Consider changing it to a secure hash algorithm
128: MessageDigest.getInstance("SHA-1");
[core/java/src/net/i2p/crypto/SHA1.java
65: return MessageDigest.getInstance("SHA-1"); [core/java/src/com/nettgryppa/security/HashCash.java
179: MessageDigest md = MessageDigest.getInstance("SHA1");
[core/java/src/com/nettgryppa/security/HashCash.java]
229: MessageDigest md = MessageDigest.getInstance("MD5");
[core/java/src/net/i2p/util/PasswordManager.java] core/java/src/net/i2p/util/PasswordManager.java#L229)
The MD5 hash (used in java.security.MessageDigest.getInstance) is insecure. Consider changing it to a secure hash algorithm
108: MessageDigest md = MessageDigest.getInstance("MD5");
/router/java/src/net/i2p/router/transport/udp/SSUHMACGenerator.java#L108)
95: md = MessageDigest.getInstance("SHA1");
apps/imagegen/identicon/core/src/main/java/com/docuverse/identicon/IdenticonUtil.java#L95)