Node: DSA-SHA1 Missing (removed?) from crypto.getHashes() in node 10.0.0

Created on 25 Apr 2018  路  6Comments  路  Source: nodejs/node
  • v10.0.0:
  • Linux portaloo 4.13.0-38-generic #43-Ubuntu SMP Wed Mar 14 15:20:44 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux:
  • Crypto:

As far as I know rsa-dss is still supported in openssl 1.1.0h but it seems like it is no longer supported by node. It's missing from the crpyto.getHashes list. I know it's old and insecure but I don't have a choice but to use it.

crypto question
Source
picture linusnorton
👍1

Most helpful comment

crypto.createVerify('DSS1') still works, I think.

picture bnoordhuis on 25 Apr 2018
🎉1 👍1

All 6 comments

@nodejs/crypto

Trott picture Trott on 25 Apr 2018

When you say 'rsa-dss', I assume you mean crypto.createHash('dss1')? That was removed in openssl 1.1.0, use 'sha1' instead.

bnoordhuis picture bnoordhuis on 25 Apr 2018

The specific call is crypto.createVerify("DSA-SHA1"), is there any alternative for that?

linusnorton picture linusnorton on 25 Apr 2018

crypto.createVerify('DSS1') still works, I think.

bnoordhuis picture bnoordhuis on 25 Apr 2018
🎉1 👍1

I noticed similar issue with DSA:

crypto.createSign('DSA'); - works in Node 8 + crypto.getHashes() - returns DSA
crypto.createSign('DSA'); - doesn't work in Node 10 + crypto.getHashes() doesn't return any DSA hashes.

What's the alternative?

iaforek picture iaforek on 6 Feb 2019

I see similar issue here:
https://github.com/mscdex/ssh2-streams/issues/101

and it has the same advice - DSA-SHA1 has been renamed to DSS1.

However, if I run in node v10.15.1 crypto.getHashes() then I don't get DSS1 too. See this:

[ 'RSA-MD4',
  'RSA-MD5',
  'RSA-MDC2',
  'RSA-RIPEMD160',
  'RSA-SHA1',
  'RSA-SHA1-2',
  'RSA-SHA224',
  'RSA-SHA256',
  'RSA-SHA384',
  'RSA-SHA512',
  'blake2b512',
  'blake2s256',
  'md4',
  'md4WithRSAEncryption',
  'md5',
  'md5-sha1',
  'md5WithRSAEncryption',
  'mdc2',
  'mdc2WithRSA',
  'ripemd',
  'ripemd160',
  'ripemd160WithRSA',
  'rmd160',
  'sha1',
  'sha1WithRSAEncryption',
  'sha224',
  'sha224WithRSAEncryption',
  'sha256',
  'sha256WithRSAEncryption',
  'sha384',
  'sha384WithRSAEncryption',
  'sha512',
  'sha512WithRSAEncryption',
  'ssl3-md5',
  'ssl3-sha1',
  'whirlpool' ]
iaforek picture iaforek on 6 Feb 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

cong88 picture cong88  路  3Comments
mcollina picture mcollina  路  3Comments
akdor1154 picture akdor1154  路  3Comments
dfahlander picture dfahlander  路  3Comments
filipesilvaa picture filipesilvaa  路  3Comments