search

paulmillr / noble-hashes

Audited & minimal JS implementation of hash functions, MACs and KDFs.
https://paulmillr.com/noble
MIT License
545 stars 46 forks source link

Feature request: Add `md5` support #64

Closed mahnunchik closed 1 year ago

mahnunchik commented 1 year ago

It would be nice to have a modern and dependency-free version of the md5 hash.

It is still required for non-cryptographic services such as Gravatar.

paulmillr commented 1 year ago

I think we can make and host it on gist.github.com, pointing to it in readme, etc, but I don't want to add it to the library, because it's really discouraged, and brings bad vibes.

I've only added sha-1, because ssh/pgp still use it. They don't use md5 though.

mahnunchik commented 1 year ago

Yes, sha-1 and md5 have bad vibes...

Maybe it may be included in the library as:

import { md5 } from '@noble/hashes/do-not-use-md5';
paulmillr commented 1 year ago

What are the other users besides gravatar? Do you personally need it because of gravatar, or something else?

mahnunchik commented 1 year ago

For me, yes, for Gravatar.

mahnunchik commented 1 year ago

If the library has md5 it will cover all my hash related stuff for the entire project 😉

paulmillr commented 1 year ago

SHA1 is used in TOTP (hmac), PGP.

We can't include md5 since it's not popular at all. A separate includable file would work just as good though, for yours and other users purposes.

sublimator commented 1 year ago

import { md5 } from '@noble/hashes/do-not-use-md5';

haha

paulmillr commented 8 months ago

https://gist.github.com/paulmillr/405d7f1efca6e37bee63d6499cd4c8f9 for now