On Wed, Dec 31, 2025 at 11:44:26AM +0100, Daniel Sahlberg wrote: > Hi, > > Subversion is using the APR/APR-util checksum implementations (SHA1 and > MD5). One of our committers in Subversion made some tests switching out > these for the ones in OpenSSL instead. OpenSSL is (opt-out) using an ASM > optimized implementation on many platforms. > > Copy-pasting from the commit message[1] to include some raw numbers:
Hi Daniel, The apr_crypto API already wraps the OpenSSL EVP API, so adding another wrapper using the deprecated digest APIs wouldn't really make sense IMO. It's also (again IMO) important to note that the OpenSSL digest implementations should be treated as having restricted availability; MD5_Init() etc will fail under FIPS mode (as do the EVP equivalents). The SVN code referenced seems ignore the _Init() return values (copying dev@svn for this). Regards, Joe > > Cheers, > Daniel > > [1] https://lists.apache.org/thread/o38r06vg08pyzzy35bfgg8ooovphsxss
