[MacPorts] #71760: OpenSSL-3.4.0 legacy provider improperly built/configured
MacPorts
noreply at macports.org
Sun Jan 5 15:30:59 UTC 2025
#71760: OpenSSL-3.4.0 legacy provider improperly built/configured
------------------------+----------------------
Reporter: mouse07410 | Owner: (none)
Type: defect | Status: new
Priority: Normal | Milestone:
Component: ports | Version:
Keywords: | Port: openssl3
------------------------+----------------------
Apple Silicon M2 Max, Sequoia 15.2, Xcode-16.2.
Installed OpenSSL-3 using
{{{
$ sudo port install openssl3 +legacy +rfc3779
}}}
Installation went OK, OpenSSL works fine. **But** - {{{legacy}}} provider
is partially broken: it advertises algorithms that it fails to actually
support (see also https://trac.macports.org/ticket/71730#comment:28).
{{{
$ port installed -v openssl3
The following ports are currently installed:
openssl3 @3.4.0_0+legacy+rfc3779 (active)
requested_variants='+legacy+rfc3779' platform='darwin 24' archs='arm64'
date='2025-01-05T09:53:51-0500'
$ openssl version
OpenSSL 3.4.0 22 Oct 2024 (Library: OpenSSL 3.4.0 22 Oct 2024)
$ openssl list -providers
Providers:
default
name: OpenSSL Default Provider
version: 3.4.0
status: active
legacy
name: OpenSSL Legacy Provider
version: 3.4.0
status: active
oqs
name: OpenSSL OQS Provider
version: 0.8.1-dev
status: active
pkcs11
name: PKCS#11 Provider
version: 3.4.0
status: active
$ openssl list -provider legacy -digest-algorithms | grep whirlpool
whirlpool
$ openssl list -digest-algorithms | grep legacy
{ 1.3.36.3.2.1, RIPEMD, RIPEMD-160, RIPEMD160, RMD160 } @ legacy
$ openssl dgst -whirlpool -hex ~/.zshrc
Error setting digest
40024EF101000000:error:0308010C:digital envelope
routines:inner_evp_generic_fetch:unsupported:crypto/evp/evp_fetch.c:355:Global
default library context, Algorithm (whirlpool : 108), Properties ()
40024EF101000000:error:03000086:digital envelope
routines:evp_md_init_internal:initialization
error:crypto/evp/digest.c:271:
$
$ openssl dgst -provider legacy -whirlpool -hex ~/.zshrc
dgst: Unknown option or message digest: whirlpool
dgst: Use -help for summary.
40024EF101000000:error:0308010C:digital envelope
routines:inner_evp_generic_fetch:unsupported:crypto/evp/evp_fetch.c:355:Global
default library context, Algorithm (whirlpool : 108), Properties (<null>)
$
}}}
On the other hand, OpenSSL that I build myself from the sources, seems to
work fine:
{{{
$ openssl3 version
OpenSSL 3.5.0-dev (Library: OpenSSL 3.5.0-dev )
$ openssl3 list -providers
Providers:
default
name: OpenSSL Default Provider
version: 3.5.0
status: active
gost
name: OpenSSL GOST Provider
status: active
legacy
name: OpenSSL Legacy Provider
version: 3.4.0
status: active
oqs
name: OpenSSL OQS Provider
version: 0.8.1-dev
status: active
pkcs11
name: PKCS#11 Provider
version: 3.4.0
status: active
$ openssl3 list -digest-algorithms | grep legacy
{ 1.3.36.3.2.1, RIPEMD, RIPEMD-160, RIPEMD160, RMD160 } @ legacy
{ 1.0.10118.3.0.55, whirlpool } @ legacy
{ 2.5.8.3.101, MDC2 } @ legacy
{ 1.2.840.113549.2.4, MD4 } @ legacy
$
$ openssl3 dgst -whirlpool -hex ~/.zshrc
WHIRLPOOL(/Users/ur20980/.zshrc)=
2714940724676c37e299b639c811c678faa93b581c75fc5e85c78f50939835de117a855146248a61e7a7f04cd980f97e20ebc699ee53275b15608a53c41e33ac
$
}}}
--
Ticket URL: <https://trac.macports.org/ticket/71760>
MacPorts <https://www.macports.org/>
Ports system for macOS
More information about the macports-tickets
mailing list