On 31/10/2019 11:59, Samuel Williams wrote:
> I am maintaining the OpenSSL bindings for Ruby, and I'm considering
> exposing SHA3 and BLAKE digests.
>
> In addition, for the first time, I wrote some tests to test ALL
> algorithms we expose, and found that "DSS", "DSS1" and "SHA" no longer
> exist.
>
> I'm going to assume this algorithm is removed because it's old and/or
> insecure. But I would like to seek some clarification on this because it
> represents a breaking change in semantic versioning, to the extent that
> we exposed these digests explicitly.
>
> So:
>
> - Did they exist?
Yes, they did exist. EVP_sha() (aka SHA0) and EVP_dss() (aka DSS0) were
removed by commit 474e469bb. It had this commit description:
commit 474e469bbd056aebcf7e7d3207ef820f2faed4ce
Author: Rich Salz <rsalz@xxxxxxxxxxx>
AuthorDate: Tue Jan 27 12:34:45 2015 -0500
Commit: Rich Salz <rsalz@xxxxxxxxxxx>
CommitDate: Tue Jan 27 12:34:45 2015 -0500
OPENSSL_NO_xxx cleanup: SHA
Remove support for SHA0 and DSS0 (they were broken), and remove
the ability to attempt to build without SHA (it didn't work).
For simplicity, remove the option of not building various SHA
algorithms;
you could argue that SHA_224/256/384/512 should be kept, since they're
like crypto algorithms, but I decided to go the other way.
So these options are gone:
GENUINE_DSA OPENSSL_NO_SHA0
OPENSSL_NO_SHA OPENSSL_NO_SHA1
OPENSSL_NO_SHA224 OPENSSL_NO_SHA256
OPENSSL_NO_SHA384 OPENSSL_NO_SHA512
Reviewed-by: Richard Levitte <levitte@xxxxxxxxxxx>
EVP_dss1() was removed by commit 7f572e958b with this commit description:
commit 7f572e958b13041056f377a62d3219633cfb1e8a
Author: Dr. Stephen Henson <steve@xxxxxxxxxxx>
AuthorDate: Wed Dec 2 13:57:04 2015 +0000
Commit: Dr. Stephen Henson <steve@xxxxxxxxxxx>
CommitDate: Wed Dec 2 17:52:01 2015 +0000
Remove legacy sign/verify from EVP_MD.
Remove sign/verify and required_pkey_type fields of EVP_MD: these are a
legacy from when digests were linked to public key types. All signing is
now handled by the corresponding EVP_PKEY_METHOD.
Only allow supported digest types in RSA EVP_PKEY_METHOD: other
algorithms
already block unsupported types.
Remove now obsolete EVP_dss1() and EVP_ecdsa().
Reviewed-by: Richard Levitte <levitte@xxxxxxxxxxx>
> - When did they stop existing?
The first release that contained the above commits was OpenSSL 1.1.0.
That was a major release that did not claim backwards source
compatibility. Most notably because of the structures becoming opaque,
but it did impact some other areas too.
> - Are they still relevant?
Since 1.1.0 has been around for nearly 4 years now, and this is the
first time I recall anyone ever noticing this, I would say "No".
