[openssl-dev] Fwd: Re: [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback
Matt Caswell
matt at openssl.org
Tue Nov 17 10:03:08 UTC 2015
On 17/11/15 00:01, Viktor Dukhovni wrote:
> On Mon, Nov 16, 2015 at 11:23:52PM +0000, Matt Caswell wrote:
>
>> Disabling algorithms isn't the right answer IMO. I do like the idea of a
>> "liblegacycrypto". That way people that only have need of current
>> up-to-date crypto can stick with the main library. Others who need the
>> older crypto can still get at it. Yes, that means we still have to
>> maintain this code - but I don't see it as that big a burden.
>
> What becomes a bit tricky is having an EVP interface that can find
> the algorithms in liblegacrypto. This I think means two different
> builds of the crypto library, one that depends on liblegacycrypto
> and provides its algorithms, and another than does not.
Is this just limited to
OpenSSL_add_all_algorithms()/OpenSSL_add_all_ciphers()/OpenSSL_add_all_digests()?
How about if those were macros that just picked up the relevant
implementation based on a define. So in evp.h, something like:
#ifdef OPENSSL_LEGACY_ALGS
void OpenSSL_add_all_legacy_algorithms();
void OpenSSL_add_all_legacy_ciphers();
void OpenSSL_add_all_legacy_digests();
#define OpenSSL_add_all_algorithms() OpenSSL_add_all_legacy_algorithms()
#define OpenSSL_add_all_ciphers() OpenSSL_add_all_legacy_ciphers()
#define OpenSSL_add_all_digests() OpenSSL_add_all_legacy_digests()
#else
void OpenSSL_add_all_main_algorithms();
void OpenSSL_add_all_main_ciphers();
void OpenSSL_add_all_main_digests();
#define OpenSSL_add_all_algorithms() OpenSSL_add_all_main_algorithms()
#define OpenSSL_add_all_ciphers() OpenSSL_add_all_main_ciphers()
#define OpenSSL_add_all_digests() OpenSSL_add_all_main_digests()
#endif
OpenSSL_add_all_legacy_ciphers() would call
OpenSSL_add_all_main_ciphers() and add all the legacy ones in too.
Similarly for the other functions.
Then you just compile apps which don't need legacy support with
"-lcrypto", and apps that do with "-DOPENSSL_LEGACY_ALGS -lcrypto
-lcrypto-legacy"
>
> Systems might then ship with:
>
> libcrypto-legacy.so - Just the legacy algorithms
>
> libcrypto-compat.so - Libcrypto that supports the above
> libcrypto-secure.so - Libcrypto with just the strong algos
>
> libcrypto.so - Symlink to one of the two above
>
> Some applications might be linked directly to "-secure" or "-compat"
> to make sure they get one or the other. This is a bunch of work.
I don't think you would need libcrypto-compat if you took the approach
above.
I'm wondering whether splitting libcrypto into 3 might be worthwhile:
libcrypto-core.so - Core elements of libcrypto needed by libssl
libcrypto.so - Would depend on libcrypto-core. Adds mainstream and
current crypto stuff that isn't needed by libssl
libcrypto-legacy.so - Would depend on libcrypto and libcrypto-core. Just
the legacy algorithms.
That way users who only have an interest in libssl don't have to carry
around all the other stuff that libcrypto provides - only those bits
they need. Apps using libcrypto directly can mostly just forget about
libcrypto-legacy and just add it if they really need it.
Matt
More information about the openssl-dev
mailing list