rnp icon indicating copy to clipboard operation
rnp copied to clipboard

Published 20 hours ago verified publisher icon rnpgp

Add ENABLE_* options for OpenSSL 3.0 legacy crypto provider

Open ni4 opened this issue 2 years ago • 1 comments

Description

OpenSSL 3.0 moved some of the digests/symmetric ciphers to the 'legacy' crypto provider, which is not loaded by default. We should be ready to disable those digests/symmetric ciphers via the build-time switches, like it is done with Twofish/Brainpool curves/whatever else.

See this for the details: https://wiki.openssl.org/index.php/OpenSSL_3.0#Provider_implemented_ciphers

ni4 avatar Jul 18 '22 09:07 ni4

From reading that wiki page, and the source code of legacy provider, only 4 legacy features are relevant to OpenPGP and RNP: BF (Blowfish), CAST, RIPEMD160 and IDEA. IDEA already has a build option, so I will add build options to for the others.

andrey-utkin avatar Jul 18 '22 11:07 andrey-utkin

Fixed via #1883

ni4 avatar Jan 26 '23 11:01 ni4