[Pkg-openssl-devel] Bug#1020695: Bug#1020695: failure to compute digest: md4 and rmd160
Sebastian Andrzej Siewior
sebastian at breakpoint.cc
Tue Sep 27 07:15:37 BST 2022
On 2022-09-25 22:59:27 [+0200], Richard B. Kreckel wrote:
> On 9/25/22 21:14, Sebastian Andrzej Siewior wrote:
> > See the man page for OSSL_PROVIDER-legacy.
>
> Having to add a the extra option -provider legacy breaks otherwise flawless
> existing software.
This happens. You can add code to the python script to enable legacy
algorithm or replace it with something modern if possible.
> There are no good reasons to break openssl dgst -rmd160, since RIPEMD160 is
> a hash algorithm with still good security properties. It is used by a lot of
> crypto software (e.g. BitCoin...) Here is how this breaks Python's HashLib:
Yes and I've been looking and haven't found anything other than BitCoin
that is kind of prominent. It is not part of any standard.
> -richy.
Sebastian
More information about the Pkg-openssl-devel
mailing list