>> mdc2 algorithm is not listed as enabled by default in 1.0+. >> >> What is current status to this algorithm ? >> >> It seems to me** result of openssl 0.9.8t digest command (*openssl* >> *dgst -mdcs2..) *is not compatible with openssl 1.0+ . >> >> Another issue is between 0.9.8, 1.0.0 and upcoming 1.0.1 . If a >> certificate use mdcd2 algorithm created by openssl 0.9.8 it could >> be verified by 0.9.8 and 1.0.0+ but fail with 1.0.1(stable branch). >> Same if for certificates created by 1.0.0+ - verify command succeed >> with 0.9.8 and 1.0.0+ and fail with 1.0.1. Certificates created with >> 1.01 could be verified only with 1.0.1 and verification fail with >> earlier version. >> >> Issue with certificates apply to CRLs >> > > Looking into this there is a long standing incompatibility between various > functions that use mdc2 for signatures. Since SSLeay the function RSA_sign() > using mdc2 as an argument uses a DigestInfo structure whereas using EVP ends > up with a different octet string format signature. > > It's only when the signature code was revised to use RSA_sign more extensively > that this is more apparent. > > How widespread is use of mdc2 for signatures and certificates?
Neither Redhat, Debian or Suse deliver openssl with mdc2, so it can't be widespread. However, it's more of a principle, 1.0.1 is meant to be compatible with 1.0.0 and fixing it in 1.0.1 would be manifestation that we actually stick to the principle. As for 1.1 it might be appropriate to actually omit mdc2 (along with some other algorithms)... > I can address the 1.0.1 certificate issue fairly easily but I'm wondering if > some compatibility option is needed for dgst too. Tricky one. The breakage in certificate handling is caused by switch from EVP_[Sign|Verify]XXX to EVP_Digest[Sign|Verify]XXX in crypto/asn1/a_[sign|verify].c, but 1.0.0 dgst is using the latter. I'd guess dgst is incompatible between 0.9.8 and 1.0.0, but not between 1.0.0 and 1.0.1. And it appears to be the case. I personally would vote for treating dgst behavior in 1.0.0 as bug and fixing it in EVP_Digest[Sign|Verify] so that certificate handling and dgst is harmonized. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
