mirror of
https://github.com/openssl/openssl.git
synced 2024-12-21 06:09:35 +08:00
6eb648941e
For some reason, DSA has been aliased with dsaWithSHA1 for an eternity. They are not the same, though, and should never have been aliased in the first place. This was first discovered with 'openssl list': $ openssl list -signature-algorithms ... { 1.2.840.10040.4.1, 1.2.840.10040.4.3, 1.3.14.3.2.12, 1.3.14.3.2.13, 1.3.14.3.2.27, DSA, DSA-old, DSA-SHA, DSA-SHA1, DSA-SHA1-old, dsaEncryption, dsaEncryption-old, dsaWithSHA, dsaWithSHA1, dsaWithSHA1-old } @ default This isn't good at all, as it confuses the key algorithms signature function with a signature scheme that involves SHA1, and it makes it look like OpenSSL's providers offer a DSA-SHA1 implementation (which they currently do not do). Breaking this aliasing apart (i.e. aliasing DSA, DSA-old, dsaEncryption and dsaEncryption-old separately from the names that involve SHA) appears harmless as far as OpenSSL's test suite goes. Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24828) |
||
---|---|---|
.. | ||
build.info | ||
dsa_ameth.c | ||
dsa_asn1.c | ||
dsa_backend.c | ||
dsa_check.c | ||
dsa_depr.c | ||
dsa_err.c | ||
dsa_gen.c | ||
dsa_key.c | ||
dsa_lib.c | ||
dsa_local.h | ||
dsa_meth.c | ||
dsa_ossl.c | ||
dsa_pmeth.c | ||
dsa_prn.c | ||
dsa_sign.c | ||
dsa_vrf.c |