diff --git a/Cargo.lock b/Cargo.lock
index 10595ccd0c5..a0202682cd7 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -961,13 +961,13 @@ dependencies = [
 
 [[package]]
 name = "content-security-policy"
-version = "0.4.2"
+version = "0.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "91ea9f813e3c5ece60232e2b5d0d8187d310bf1e5641c5457e54099780a892a8"
+checksum = "1780f19455c4d346013dc4fb3e9c329c64c7c300b0ebeff786743f4b9f34ec0e"
 dependencies = [
- "base64 0.12.0",
+ "base64 0.13.0",
  "bitflags",
- "lazy_static",
+ "once_cell",
  "percent-encoding",
  "regex",
  "serde",
@@ -1410,9 +1410,9 @@ dependencies = [
 
 [[package]]
 name = "digest"
-version = "0.10.3"
+version = "0.10.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f2fb860ca6fafa5552fb6d0e816a69c8e49f0908bf524e30a90d97c85892d506"
+checksum = "8168378f4e5023e7218c89c891c0fd8ecdb5e5e4f18cb78f38cf245dd021e76f"
 dependencies = [
  "block-buffer 0.10.2",
  "crypto-common",
@@ -3995,6 +3995,7 @@ dependencies = [
  "flate2",
  "futures 0.3.5",
  "futures-util",
+ "generic-array 0.14.4",
  "headers",
  "http",
  "hyper 0.14.5",
@@ -4023,6 +4024,7 @@ dependencies = [
  "servo_arc",
  "servo_config",
  "servo_url",
+ "sha2",
  "std_test_override",
  "time",
  "tokio 0.2.24",
@@ -5948,19 +5950,18 @@ checksum = "028f48d513f9678cda28f6e4064755b3fbb2af6acd672f2c209b62323f7aea0f"
 dependencies = [
  "cfg-if 1.0.0",
  "cpufeatures",
- "digest 0.10.3",
+ "digest 0.10.6",
 ]
 
 [[package]]
 name = "sha2"
-version = "0.8.1"
+version = "0.10.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "27044adfd2e1f077f649f59deb9490d3941d674002f7d062870a60ebe9bd47a0"
+checksum = "82e6b795fe2e3b1e845bafcb27aa35405c4d47cdfc92af5fc8d3002f76cebdc0"
 dependencies = [
- "block-buffer 0.7.3",
- "digest 0.8.1",
- "fake-simd",
- "opaque-debug 0.2.3",
+ "cfg-if 1.0.0",
+ "cpufeatures",
+ "digest 0.10.6",
 ]
 
 [[package]]
diff --git a/components/malloc_size_of/Cargo.toml b/components/malloc_size_of/Cargo.toml
index 6cccc9ae622..10d989d75ec 100644
--- a/components/malloc_size_of/Cargo.toml
+++ b/components/malloc_size_of/Cargo.toml
@@ -30,7 +30,7 @@ servo = [
 [dependencies]
 accountable-refcell = { version = "0.2.0", optional = true }
 app_units = "0.7"
-content-security-policy = { version = "0.4.0", features = ["serde"], optional = true }
+content-security-policy = { version = "0.5", features = ["serde"], optional = true }
 crossbeam-channel = { version = "0.4", optional = true }
 cssparser = "0.29"
 euclid = "0.22"
diff --git a/components/net/Cargo.toml b/components/net/Cargo.toml
index 08e38428ba7..81ed3de24c7 100644
--- a/components/net/Cargo.toml
+++ b/components/net/Cargo.toml
@@ -20,7 +20,7 @@ async-tungstenite = { version = "0.9", features = ["tokio-openssl"] }
 base64 = "0.10.1"
 brotli = "3"
 bytes = "1"
-content-security-policy = { version = "0.4.0", features = ["serde"] }
+content-security-policy = { version = "0.5", features = ["serde"] }
 cookie_rs = { package = "cookie", version = "0.12" }
 crossbeam-channel = "0.4"
 data-url = "0.1.0"
@@ -29,6 +29,7 @@ embedder_traits = { path = "../embedder_traits" }
 flate2 = "1"
 futures = { version = "0.3", package = "futures" }
 futures-util = { version  = "0.3" }
+generic-array = "0.14"
 headers = "0.3"
 http = "0.2"
 hyper = { version = "0.14", features = ["client", "http1", "http2", "tcp", "stream"] }
@@ -57,6 +58,7 @@ servo_allocator = { path = "../allocator" }
 servo_arc = { path = "../servo_arc" }
 servo_config = { path = "../config" }
 servo_url = { path = "../url" }
+sha2 = "0.10"
 time = "0.1.41"
 tokio = { version = "1", package = "tokio", features = ["sync", "macros", "rt-multi-thread"] }
 tokio2 = { version = "0.2", package = "tokio", features = ["sync", "macros", "rt-threaded", "tcp"] }
diff --git a/components/net/subresource_integrity.rs b/components/net/subresource_integrity.rs
index a57cab3a848..a823d3787c8 100644
--- a/components/net/subresource_integrity.rs
+++ b/components/net/subresource_integrity.rs
@@ -3,8 +3,9 @@
  * file, You can obtain one at https://mozilla.org/MPL/2.0/. */
 
 use base64;
+use generic_array::ArrayLength;
 use net_traits::response::{Response, ResponseBody, ResponseType};
-use openssl::hash::{hash, MessageDigest};
+use sha2::{Digest, Sha256, Sha384, Sha512};
 use std::iter::Filter;
 use std::str::Split;
 use std::sync::MutexGuard;
@@ -115,12 +116,13 @@ pub fn get_strongest_metadata(integrity_metadata_list: Vec<SriEntry>) -> Vec<Sri
 }
 
 /// <https://w3c.github.io/webappsec-subresource-integrity/#apply-algorithm-to-response>
-fn apply_algorithm_to_response(
+fn apply_algorithm_to_response<S: ArrayLength<u8>, D: Digest<OutputSize = S>>(
     body: MutexGuard<ResponseBody>,
-    message_digest: MessageDigest,
+    mut hasher: D,
 ) -> String {
     if let ResponseBody::Done(ref vec) = *body {
-        let response_digest = hash(message_digest, vec).unwrap(); //Now hash
+        hasher.update(vec);
+        let response_digest = hasher.finalize(); //Now hash
         base64::encode(&response_digest)
     } else {
         unreachable!("Tried to calculate digest of incomplete response body")
@@ -156,14 +158,14 @@ pub fn is_response_integrity_valid(integrity_metadata: &str, response: &Response
         let algorithm = item.alg;
         let digest = item.val;
 
-        let message_digest = match &*algorithm {
-            "sha256" => MessageDigest::sha256(),
-            "sha384" => MessageDigest::sha384(),
-            "sha512" => MessageDigest::sha512(),
+        let hashed = match &*algorithm {
+            "sha256" => apply_algorithm_to_response(body, Sha256::new()),
+            "sha384" => apply_algorithm_to_response(body, Sha384::new()),
+            "sha512" => apply_algorithm_to_response(body, Sha512::new()),
             _ => continue,
         };
 
-        if apply_algorithm_to_response(body, message_digest) == digest {
+        if hashed == digest {
             return true;
         }
     }
diff --git a/components/net_traits/Cargo.toml b/components/net_traits/Cargo.toml
index ffd51ff2063..9f5ec0ca4f3 100644
--- a/components/net_traits/Cargo.toml
+++ b/components/net_traits/Cargo.toml
@@ -13,7 +13,7 @@ test = false
 doctest = false
 
 [dependencies]
-content-security-policy = { version = "0.4.0", features = ["serde"] }
+content-security-policy = { version = "0.5", features = ["serde"] }
 cookie = "0.12"
 embedder_traits = { path = "../embedder_traits" }
 headers = "0.3"
diff --git a/components/script/Cargo.toml b/components/script/Cargo.toml
index d85cbc32d16..95b7a2ff86c 100644
--- a/components/script/Cargo.toml
+++ b/components/script/Cargo.toml
@@ -39,7 +39,7 @@ bitflags = "1.0"
 bluetooth_traits = { path = "../bluetooth_traits" }
 canvas_traits = { path = "../canvas_traits" }
 chrono = "0.4"
-content-security-policy = { version = "0.4.0", features = ["serde"] }
+content-security-policy = { version = "0.5", features = ["serde"] }
 cookie = "0.12"
 crossbeam-channel = "0.4"
 cssparser = "0.29"