FS#76462 : openssl is missing digest commands (md4 gost mdc2)

FS#76462 - openssl is missing digest commands (md4 gost mdc2)

Attached to Project: Arch Linux
Opened by Joost Molenaar (j0057_1) - Monday, 07 November 2022, 09:04 GMT
Last edited by freswa (frederik) - Monday, 07 November 2022, 09:28 GMT

Task Type	Bug Report
Category	Packages: Core
Status	Closed
Assigned To	No-one
Architecture	All
Severity	Low
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

The new openssl 3.0.7 is missing a number of digest commands. Because
downgrading openssl is a bit tricky due to pacman depending on it, it's
probably easier to reproduce this inside a podman container:

# podman run --rm -it docker://docker.io/library/archlinux:base-20221030.0.98412
# pacman -Sy
...
# pacman -Q openssl
openssl 1.1.1.q-1

In openssl-1.1.1.q-1, md4 was supported:

# openssl md4 <<<foo
(stdin)= 3ee037f347c64cc372ad18857b0db91f
# openssl list -digest-commands
blake2b512 blake2s256 gost md4
md5 mdc2 rmd160 sha1
sha224 sha256 sha3-224 sha3-256
sha3-384 sha3-512 sha384 sha512
sha512-224 sha512-256 shake128 shake256
sm3

After upgrading to openssl-3.0.7-2, md4 and a number of other
digest algorithms are no longer supported as commands:

# pacman -Syu
...
# openssl md4 <<<foo
Error setting digest
40377D09F37F0000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:crypto/evp/evp_fetch.c:373:Global default library context, Algorithm (MD4 : 91), Properties ()
40377D09F37F0000:error:03000086:digital envelope routines:evp_md_init_internal:initialization error:crypto/evp/digest.c:254:
# openssl list -digest-commands
blake2b512 blake2s256 md5 rmd160
sha1 sha224 sha256 sha3-224
sha3-256 sha3-384 sha3-512 sha384
sha512 sha512-224 sha512-256 shake128
shake256 sm3

This task depends upon

Closed by freswa (frederik)
Monday, 07 November 2022, 09:28 GMT
Reason for closing: Not a bug
Additional comments about closing: Intended upstream behavior

Comment by Joost Molenaar (j0057_1) - Monday, 07 November 2022, 09:19 GMT

Never mind/PEBCAK, it's intended upstream behavior, see the openssl
wiki[1]. A snippet for an openssl.conf is listed there that then
needs to be pointed at using the OPENSSL_CONF environment variable.

[1]: https://wiki.openssl.org/index.php/OpenSSL_3.0#Providers

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#76462 - openssl is missing digest commands (md4 gost mdc2)

Details

Loading...