Bug#1020695: [Pkg-openssl-devel] Bug#1020695: failure to compute digest: md4 and rmd160

IMO, this bug can be closed. There's been the decision by the OpenSSL Managment Board to reinstate RIPEMD160 (and only that) to the default providers in release 3.0.7. The other algorithm, MD4 is unsafe and remains in the legacy provider. References: OMC decision:

Bug#1020695: [Pkg-openssl-devel] Bug#1020695: failure to compute digest: md4 and rmd160

On 2022-09-29 20:03:56 [+0200], Richard B. Kreckel wrote: > On 9/27/22 08:15, Sebastian Andrzej Siewior wrote: > > It is not part of any standard. > > It could hardly be less standardized. See ISO/IEC 10118-3:2018. That is not what I meant. Wahat I meant that it is part of a standard/

Bug#1020695: [Pkg-openssl-devel] Bug#1020695: failure to compute digest: md4 and rmd160

On 9/27/22 08:15, Sebastian Andrzej Siewior wrote: It is not part of any standard. It could hardly be less standardized. See ISO/IEC 10118-3:2018. -richy. -- Richard B. Kreckel

Bug#1020695: [Pkg-openssl-devel] Bug#1020695: failure to compute digest: md4 and rmd160

On 2022-09-26 00:10:27 [+0200], Richard B. Kreckel wrote: > W.r.t. RIPEMD160, this seems to be a mistake: > https://github.com/openssl/openssl/issues/16994 > Also, Fedora seems to have worked around this. The issue is not closed by OpenSSL upstream so there is nothing that I can backport. I don't

Bug#1020695: [Pkg-openssl-devel] Bug#1020695: failure to compute digest: md4 and rmd160

On 2022-09-25 22:59:27 [+0200], Richard B. Kreckel wrote: > On 9/25/22 21:14, Sebastian Andrzej Siewior wrote: > > See the man page for OSSL_PROVIDER-legacy. > > Having to add a the extra option -provider legacy breaks otherwise flawless > existing software. This happens. You can add code to the

Bug#1020695: failure to compute digest: md4 and rmd160

W.r.t. RIPEMD160, this seems to be a mistake: https://github.com/openssl/openssl/issues/16994 Also, Fedora seems to have worked around this.

Bug#1020695: failure to compute digest: md4 and rmd160

On 9/25/22 21:14, Sebastian Andrzej Siewior wrote: See the man page for OSSL_PROVIDER-legacy. Having to add a the extra option -provider legacy breaks otherwise flawless existing software. There are no good reasons to break openssl dgst -rmd160, since RIPEMD160 is a hash algorithm with

Bug#1020695: failure to compute digest: md4 and rmd160

Package: openssl Version: 3.0.5-4 rbk@bitzer:~$ echo foo |openssl dgst -md4 Error setting digest 4087791C597F:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:../crypto/evp/evp_fetch.c:373:Global default library context, Algorithm (MD4 : 88), Properties ()