Digest algorithms for Ruby

Matt Caswell matt at openssl.org
Thu Oct 31 17:56:25 UTC 2019

On 31/10/2019 11:59, Samuel Williams wrote:
> I am maintaining the OpenSSL bindings for Ruby, and I'm considering
> exposing SHA3 and BLAKE digests.
> In addition, for the first time, I wrote some tests to test ALL
> algorithms we expose, and found that "DSS", "DSS1" and "SHA" no longer
> exist.
> I'm going to assume this algorithm is removed because it's old and/or
> insecure. But I would like to seek some clarification on this because it
> represents a breaking change in semantic versioning, to the extent that
> we exposed these digests explicitly.
> So:
> - Did they exist?

Yes, they did exist. EVP_sha() (aka SHA0) and EVP_dss() (aka DSS0) were
removed by commit 474e469bb. It had this commit description:

commit 474e469bbd056aebcf7e7d3207ef820f2faed4ce
Author:     Rich Salz <rsalz at openssl.org>
AuthorDate: Tue Jan 27 12:34:45 2015 -0500
Commit:     Rich Salz <rsalz at openssl.org>
CommitDate: Tue Jan 27 12:34:45 2015 -0500

    OPENSSL_NO_xxx cleanup: SHA

    Remove support for SHA0 and DSS0 (they were broken), and remove
    the ability to attempt to build without SHA (it didn't work).
    For simplicity, remove the option of not building various SHA
    you could argue that SHA_224/256/384/512 should be kept, since they're
    like crypto algorithms, but I decided to go the other way.
    So these options are gone:
            GENUINE_DSA         OPENSSL_NO_SHA0
            OPENSSL_NO_SHA224   OPENSSL_NO_SHA256
            OPENSSL_NO_SHA384   OPENSSL_NO_SHA512

    Reviewed-by: Richard Levitte <levitte at openssl.org>

EVP_dss1() was removed by commit 7f572e958b with this commit description:

commit 7f572e958b13041056f377a62d3219633cfb1e8a
Author:     Dr. Stephen Henson <steve at openssl.org>
AuthorDate: Wed Dec 2 13:57:04 2015 +0000
Commit:     Dr. Stephen Henson <steve at openssl.org>
CommitDate: Wed Dec 2 17:52:01 2015 +0000

    Remove legacy sign/verify from EVP_MD.

    Remove sign/verify and required_pkey_type fields of EVP_MD: these are a
    legacy from when digests were linked to public key types. All signing is
    now handled by the corresponding EVP_PKEY_METHOD.

    Only allow supported digest types in RSA EVP_PKEY_METHOD: other
    already block unsupported types.

    Remove now obsolete EVP_dss1() and EVP_ecdsa().

    Reviewed-by: Richard Levitte <levitte at openssl.org>

> - When did they stop existing?

The first release that contained the above commits was OpenSSL 1.1.0.
That was a major release that did not claim backwards source
compatibility. Most notably because of the structures becoming opaque,
but it did impact some other areas too.

> - Are they still relevant?

Since 1.1.0 has been around for nearly 4 years now, and this is the
first time I recall anyone ever noticing this, I would say "No".

More information about the openssl-users mailing list