On 2022-09-25 22:59:27 [+0200], Richard B. Kreckel wrote: > On 9/25/22 21:14, Sebastian Andrzej Siewior wrote: > > See the man page for OSSL_PROVIDER-legacy. > > Having to add a the extra option -provider legacy breaks otherwise flawless > existing software.
This happens. You can add code to the python script to enable legacy algorithm or replace it with something modern if possible. > There are no good reasons to break openssl dgst -rmd160, since RIPEMD160 is > a hash algorithm with still good security properties. It is used by a lot of > crypto software (e.g. BitCoin...) Here is how this breaks Python's HashLib: Yes and I've been looking and haven't found anything other than BitCoin that is kind of prominent. It is not part of any standard. > -richy. Sebastian
