> On Apr 12, 2022, at 4:55 PM, Paolo Bonzini <
pbonzini@redhat.com> wrote:
>
> On Tue, Apr 12, 2022 at 10:15 AM Cornelia Huck <
cohuck@redhat.com> wrote:
>> +#define VIRTIO_CRYPTO_RSA_NO_HASH 0
>> +#define VIRTIO_CRYPTO_RSA_MD2 1
>> +#define VIRTIO_CRYPTO_RSA_MD3 2
>> +#define VIRTIO_CRYPTO_RSA_MD4 3
>> +#define VIRTIO_CRYPTO_RSA_MD5 4
>> +#define VIRTIO_CRYPTO_RSA_SHA1 5
>> +#define VIRTIO_CRYPTO_RSA_SHA256 6
>> +#define VIRTIO_CRYPTO_RSA_SHA384 7
>> +#define VIRTIO_CRYPTO_RSA_SHA512 8
>> +#define VIRTIO_CRYPTO_RSA_SHA224 9
>
> Hi, should virtio-crypto really support outdated hashes such as MD2-MD5?
> The kernel driver that has been merged only uses SHA1 or raw.
>
> Paolo
>
Removing these outdated hash algorithms is OK for me, there are two reasons to keep
these outdated hashing algorithms:
1. In the early stage of development, I referred to OpenSSL, and those hash
algorithms are all supported by OpenSSL.
2. When providing signing/verifying services, we only need to use their corresponding
OIDs instead of doing the actual hashing.
Now that hashing algorithms like md2 are considered outdated by everyone, it is better to
remove them before the protocol is updated.
As Daniel said, we can also use VIRTIO_CRYPTO_HASH_XXX directly to specify the
hash algorithm for rsa-pkcs1pad. But there is a little problem here: linux kernel’s
built-in rsa-pkcs1pad implementation can recognize rmd160.
Should we add a constant like ‘VIRTIO_CRYPTO_HASH_RMD160’ ?