Bug#1020695: [Pkg-openssl-devel] Bug#1020695: failure to compute digest: md4 and rmd160

2022-11-29 Thread Richard B. Kreckel
IMO, this bug can be closed. There's been the decision by the OpenSSL Managment Board to reinstate RIPEMD160 (and only that) to the default providers in release 3.0.7. The other algorithm, MD4 is unsafe and remains in the legacy provider. References: OMC decision:

Bug#1020695: [Pkg-openssl-devel] Bug#1020695: failure to compute digest: md4 and rmd160

2022-09-29 Thread Sebastian Andrzej Siewior
On 2022-09-29 20:03:56 [+0200], Richard B. Kreckel wrote: > On 9/27/22 08:15, Sebastian Andrzej Siewior wrote: > > It is not part of any standard. > > It could hardly be less standardized. See ISO/IEC 10118-3:2018. That is not what I meant. Wahat I meant that it is part of a standard/

Bug#1020695: [Pkg-openssl-devel] Bug#1020695: failure to compute digest: md4 and rmd160

2022-09-29 Thread Richard B. Kreckel
On 9/27/22 08:15, Sebastian Andrzej Siewior wrote: It is not part of any standard. It could hardly be less standardized. See ISO/IEC 10118-3:2018. -richy. -- Richard B. Kreckel

Bug#1020695: [Pkg-openssl-devel] Bug#1020695: failure to compute digest: md4 and rmd160

2022-09-27 Thread Sebastian Andrzej Siewior
On 2022-09-26 00:10:27 [+0200], Richard B. Kreckel wrote: > W.r.t. RIPEMD160, this seems to be a mistake: > https://github.com/openssl/openssl/issues/16994 > Also, Fedora seems to have worked around this. The issue is not closed by OpenSSL upstream so there is nothing that I can backport. I don't

Bug#1020695: [Pkg-openssl-devel] Bug#1020695: failure to compute digest: md4 and rmd160

2022-09-27 Thread Sebastian Andrzej Siewior
On 2022-09-25 22:59:27 [+0200], Richard B. Kreckel wrote: > On 9/25/22 21:14, Sebastian Andrzej Siewior wrote: > > See the man page for OSSL_PROVIDER-legacy. > > Having to add a the extra option -provider legacy breaks otherwise flawless > existing software. This happens. You can add code to the