Digest algorithms for Ruby
Samuel Williams
space.ship.traveller at gmail.com
Thu Dec 12 21:31:31 UTC 2019
Thanks everyone, your replies were most helpful.
On Sat, 2 Nov 2019 at 06:42, Jordan Brown <openssl at jordan.maileater.net>
wrote:
> On 10/31/2019 7:35 AM, Viktor Dukhovni wrote:
>
> My advice would be to avoid specific support for any *particular* digest
> algorithm. Instead, provide bindings to:
>
> - EVP_get_digestbyname(),
> - EVP_MD_CTX_create(3),
> - EVP_DigestInit_ex(3),
> - EVP_DigestUpdate(3),
> - EVP_DigestFinal_ex(3),
> - EVP_MD_CTX_destroy(3)
>
> which can they use *any* available digest algorithm (by name).
>
>
> That avoids having *your* software be dependent on the digest algorithms,
> but it does so by exporting the dependency out to your caller.
>
> The bottom line for somebody trying to maintain compatibility is that when
> you remove some algorithm X, there's always a risk that something in the
> stack - be it software or user configuration - explicitly depends on X and
> so will fail on upgrade.
>
> --
> Jordan Brown, Oracle ZFS Storage Appliance, Oracle Solaris
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20191213/dbfe1e98/attachment.html>
More information about the openssl-users
mailing list