On Wed, Feb 01, 2012, Roumen Petrov wrote: > Hello all, > > mdc2 algorithm is not listed as enabled by default in 1.0+. > > What is current status to this algorithm ? > > It seems to me** result of openssl 0.9.8t digest command (*openssl* > *dgst -mdcs2..) *is not compatible with openssl 1.0+ . > > Another issue is between 0.9.8, 1.0.0 and upcoming 1.0.1 . If a > certificate use mdcd2 algorithm created by openssl 0.9.8 it could > be verified by 0.9.8 and 1.0.0+ but fail with 1.0.1(stable branch). > Same if for certificates created by 1.0.0+ - verify command succeed > with 0.9.8 and 1.0.0+ and fail with 1.0.1. Certificates created with > 1.01 could be verified only with 1.0.1 and verification fail with > earlier version. > > Issue with certificates apply to CRLs >
Looking into this there is a long standing incompatibility between various functions that use mdc2 for signatures. Since SSLeay the function RSA_sign() using mdc2 as an argument uses a DigestInfo structure whereas using EVP ends up with a different octet string format signature. It's only when the signature code was revised to use RSA_sign more extensively that this is more apparent. How widespread is use of mdc2 for signatures and certificates? I can address the 1.0.1 certificate issue fairly easily but I'm wondering if some compatibility option is needed for dgst too. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
