On 16-08-2010 14:05, kartik rustagi wrote:
Hello all,
For an internal testing I want to enable MD2 hashing in Openssl. Can any one
tell me how to do it (easiest way)? I am a newbie to openssl.
# openssl version
Openssl 0.9.8k 25 Mar 2009
On Ubuntu 10.04
As far as I recall the Debian and Ubuntu OpenSSL packages disabled MD2
in a clumsy and hard to fix way due to a clueless CVE bulletin claiming
that anything implementing MD2 is insecure even in situations where it
is done safely, such as verifying some historic CA root certificates
that were selfsigned with MD2, but do not use MD2 when signing real
certificates.
For vanilla OpenSSL, this is simply a matter of adding md2 to the
"./Configure" command line when building OpenSSL.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
