Thanks everyone, your replies were most helpful. On Sat, 2 Nov 2019 at 06:42, Jordan Brown <open...@jordan.maileater.net> wrote:
> On 10/31/2019 7:35 AM, Viktor Dukhovni wrote: > > My advice would be to avoid specific support for any *particular* digest > algorithm. Instead, provide bindings to: > > - EVP_get_digestbyname(), > - EVP_MD_CTX_create(3), > - EVP_DigestInit_ex(3), > - EVP_DigestUpdate(3), > - EVP_DigestFinal_ex(3), > - EVP_MD_CTX_destroy(3) > > which can they use *any* available digest algorithm (by name). > > > That avoids having *your* software be dependent on the digest algorithms, > but it does so by exporting the dependency out to your caller. > > The bottom line for somebody trying to maintain compatibility is that when > you remove some algorithm X, there's always a risk that something in the > stack - be it software or user configuration - explicitly depends on X and > so will fail on upgrade. > > -- > Jordan Brown, Oracle ZFS Storage Appliance, Oracle Solaris > >
