[MacPorts] #63857: PythonX: ripemd160 not supported with openssl3

MacPorts noreply at macports.org
Mon Nov 8 19:12:30 UTC 2021 

#63857: PythonX: ripemd160 not supported with openssl3
-------------------------------------------------+-------------------------
  Reporter:  cculianu                            |      Owner:  jmroot
      Type:  defect                              |     Status:  assigned
  Priority:  Normal                              |  Milestone:
 Component:  ports                               |    Version:
Resolution:                                      |   Keywords:
      Port:  python310 python39 python38         |
  python37 python36                              |
-------------------------------------------------+-------------------------

Comment (by cjones051073):

 Replying to [comment:25 mouse07410]:
 > First, no offense meant, but the current OpenSSL-3 port seems screwed.
 Here's one illustration, showing RIPEMD issue:
 >
 > {{{
 > $ openssl version
 > OpenSSL 3.0.0 7 sep 2021 (Library: OpenSSL 3.0.0 7 sep 2021)
 > $ openssl speed ripemd160 sha256
 > Doing sha256 for 3s on 16 size blocks: 7626940 sha256's in 3.00s
 > Doing sha256 for 3s on 64 size blocks: 5517678 sha256's in 2.99s
 > Doing sha256 for 3s on 256 size blocks: 3297906 sha256's in 3.01s
 > Doing sha256 for 3s on 1024 size blocks: 1233593 sha256's in 3.00s
 > Doing sha256 for 3s on 8192 size blocks: 180307 sha256's in 3.00s
 > Doing sha256 for 3s on 16384 size blocks: 91294 sha256's in 3.00s
 > Doing rmd160 for 3s on 16 size blocks: rmd160 error!
 > 002E4C0201000000:error:0308010C:digital envelope
 routines:inner_evp_generic_fetch:unsupported:crypto/evp/evp_fetch.c:346:Global
 default library context, Algorithm (RIPEMD160 : 101), Properties ()
 > 002E4C0201000000:error:03000086:digital envelope
 routines:evp_md_init_internal:initialization
 error:crypto/evp/digest.c:234:
 > version: 3.0.0
 > built on: built on: Thu Oct 14 00:15:47 2021 UTC
 > options:bn(64,64)
 > compiler: /usr/bin/clang -fPIC -arch x86_64 -pipe -Os
 -isysroot/Library/Developer/CommandLineTools/SDKs/MacOSX11.sdk -arch
 x86_64 -isysroot /Library/Developer/CommandLineTools/SDKs/MacOSX11.sdk
 -DL_ENDIAN -DOPENSSL_PIC -D_REENTRANT -DOPENSSL_BUILDING_OPENSSL -DZLIB
 -DNDEBUG -I/opt/local/include
 -isysroot/Library/Developer/CommandLineTools/SDKs/MacOSX11.sdk
 > CPUINFO: OPENSSL_ia32cap=0x7ffef3ffffebffff:0x139efffb
 > The 'numbers' are in 1000s of bytes per second processed.
 > type             16 bytes     64 bytes    256 bytes   1024 bytes   8192
 bytes  16384 bytes
 > rmd160               0.00         0.00         0.00         0.00
 0.00         0.00
 > sha256           40677.01k   118104.14k   280486.36k   421066.41k
 492358.31k   498586.97k
 > }}}
 >
 > If RIPEMD is present, I'd expect some reasonable numbers. If it is not -
 I'd expect an error message.

 I see an error message above. Maybe not worried how you would prefer, but
 its there.

 >
 > Also, this does not seem right:
 > {{{
 > $ openssl engine -t
 > (rdrand) Intel RDRAND engine
 >      [ available ]
 > (dynamic) Dynamic engine loading support
 >      [ unavailable ]
 > }}}
 >
 > Very few of crypto engines (like, PKCS#11 engine) successfully moved to
 the new Provider interface (which, BTW, still has problems). So,
 configuring OpenSSL-3 without them does not make sense at all.

 I am not sure exactly what point you are making here, but again, if you
 have a specific suggestion to make on how to configure openssl3 (which is
 essentially just using the upstream defaults) please open a PR
 implementing your suggestion.

-- 
Ticket URL: <https://trac.macports.org/ticket/63857#comment:26>
MacPorts <https://www.macports.org/>
Ports system for macOS

More information about the macports-tickets mailing list