From 2efb16b7d7c0dca0c6b994a17726754f734d380f Mon Sep 17 00:00:00 2001 From: David Benjamin Date: Fri, 22 Sep 2017 20:14:25 -0400 Subject: [PATCH] crypto: add compat logic for "DSS1" and "dss1" In OpenSSL 1.1.0, EVP_dss1() is removed. These hash names were exposed in Node's public API, so add compatibility hooks for them. PR-URL: https://github.com/nodejs/node/pull/16130 Backport-PR-URL: https://github.com/nodejs/node/pull/18622 Reviewed-By: Ben Noordhuis Reviewed-By: Rod Vagg --- src/node_crypto.cc | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/node_crypto.cc b/src/node_crypto.cc index 568964e2d34dcb..d50e4081dd5dd9 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -4124,6 +4124,14 @@ SignBase::~SignBase() { SignBase::Error SignBase::Init(const char* sign_type) { CHECK_EQ(mdctx_, nullptr); +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + // Historically, "dss1" and "DSS1" were DSA aliases for SHA-1 + // exposed through the public API. + if (strcmp(sign_type, "dss1") == 0 || + strcmp(sign_type, "DSS1") == 0) { + sign_type = "SHA1"; + } +#endif const EVP_MD* md = EVP_get_digestbyname(sign_type); if (md == nullptr) return kSignUnknownDigest;