On Wed, Jun 29, 2016 at 04:15:39AM +0200, Christian Seiler wrote: > On 06/11/2016 02:30 PM, Kurt Roeckx wrote: > > There is an upstream wiki page for this at: > > https://wiki.openssl.org/index.php/1.1_API_Changes > > > > If things aren't clear, you have questions, are there are missing > > access functions please contact us. > > I'm currently packaging a piece of software (open-isns, [1]) that uses > libcrypto functions internally. While trying to make sure that it will > compile against OpenSSL 1.1 (and hence be binNMU-able), most of the > things were straight-forward (opaque structures now requiring getters), > but I have encountered the following issue that doesn't appear to be > completely trivial to me: the software uses DSA+SHA1 as its signature > algoritm [2], and effectively boils down to the following code to > generate signatures: > > md_ctx = EVP_MD_CTX_new(); > EVP_SignInit(md_ctx, EVP_dss1()); > EVP_DigestUpdate(md_ctx, /* stuff */); > EVP_SignFinal(md_ctx, signature, &sig_len, pkey); > EVP_MD_CTX_free(md_ctx); > > (Verification is analogous with VerifyInit/VerifyFinal.) > > The problem is that EVP_dss1() doesn't exist anymore in OpenSSL 1.1. If > I understand the man page correctly, EVP_dss1 is a hack in really old > OpenSSL versions (how old btw.?) to support SHA1 signatures with DSA, > because back then the hash algorithms were tied to the public key > algorithms. > > So is it correct to simply replace EVP_dss1() with EVP_sha1() in the > above code and it will still produce DSA signatures? Or do I have to do > something else to achieve the same results?
I'm not sure why they were removed at this time and not just replaced by a #define. Using EVP_sha1() is the correct replacement for EVP_dss1(), as the manpage says. Kurt
