Issues

ZF2-71: MD2 support in Zend_Crypt is a potential problem as it is no longer supported by OpenSSL

Description

Zend_Crypt fails when specifying an MD2 algorithm in the constructor on up-to-date versions of OpenSSL as the OPENSSL_ALGO_MD2 constant no longer exists for security reasons. Should support for MD2 be removed altogether or does it need to stay for compatibility with older implementations of SSL?

There is already an issue created for this relating to ZF1:

http://framework.zend.com/issues/browse/ZF-10748

Comments