classification
Title: Port _hashlib to OpenSSL 3.0.0
Type: enhancement Stage: patch review
Components: SSL Versions: Python 3.9, Python 3.8, Python 3.7
process
Status: open Resolution:
Dependencies: Superseder:
Assigned To: christian.heimes Nosy List: christian.heimes, gregory.p.smith, miss-islington
Priority: normal Keywords: patch

Created on 2020-05-03 09:23 by christian.heimes, last changed 2020-05-15 17:10 by miss-islington.

Pull Requests
URL Status Linked Edit
PR 19878 open christian.heimes, 2020-05-03 09:28
PR 20107 merged christian.heimes, 2020-05-15 15:44
PR 20108 merged christian.heimes, 2020-05-15 15:50
PR 20111 merged miss-islington, 2020-05-15 16:48
PR 20112 merged miss-islington, 2020-05-15 16:48
Messages (5)
msg367962 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2020-05-03 09:23
OpenSSL 3.0.0-alpha1 was releases about a week ago. OpenSSL 1.1.x APIs are still functional. However some APIs have been deprecated and FIPS (usedforsecurity flag) is no longer functional.

* One shot HMAC() is deprecated and should be replaced with EVP_MAC API calls
* ERR_func_error_string() is deprecated
* OpenSSL has introduced a new concept of crypto providers (OSSL_PROVIDER), library context (OPENSSL_CTX) and additional flags. A new function EVP_MD_fetch() has been introduced.
* FIPS support has been rewritten and is now shipped with OpenSSL 3.0.0. EVP_MD_CTX_FLAG_NON_FIPS_ALLOW is no longer supported. FIPS state is no longer part of EVP_MD_CTX but of EVP_MD.

See https://wiki.openssl.org/index.php/OpenSSL_3.0
msg368957 - (view) Author: miss-islington (miss-islington) Date: 2020-05-15 16:28
New changeset 16d4e6f6f559b4fd21c9d29fea303489f658674f by Christian Heimes in branch 'master':
bpo-40479: Fix hashlib issue with OpenSSL 3.0.0 (GH-20107)
https://github.com/python/cpython/commit/16d4e6f6f559b4fd21c9d29fea303489f658674f
msg368958 - (view) Author: miss-islington (miss-islington) Date: 2020-05-15 16:48
New changeset 62d618c06bd395308b7163dbcb26c7e6d0922033 by Christian Heimes in branch 'master':
bpo-40479: Test with latest OpenSSL versions (GH-20108)
https://github.com/python/cpython/commit/62d618c06bd395308b7163dbcb26c7e6d0922033
msg368961 - (view) Author: miss-islington (miss-islington) Date: 2020-05-15 17:06
New changeset 5e6b491403d7211588dcd399167f5bc21781c69c by Miss Islington (bot) in branch '3.7':
bpo-40479: Test with latest OpenSSL versions (GH-20108)
https://github.com/python/cpython/commit/5e6b491403d7211588dcd399167f5bc21781c69c
msg368962 - (view) Author: miss-islington (miss-islington) Date: 2020-05-15 17:10
New changeset 5a06cf01ecb6a048fb47c086adc1336f54fe8789 by Miss Islington (bot) in branch '3.8':
bpo-40479: Test with latest OpenSSL versions (GH-20108)
https://github.com/python/cpython/commit/5a06cf01ecb6a048fb47c086adc1336f54fe8789
History
Date User Action Args
2020-05-15 17:10:20miss-islingtonsetmessages: + msg368962
2020-05-15 17:06:01miss-islingtonsetmessages: + msg368961
2020-05-15 16:48:51miss-islingtonsetpull_requests: + pull_request19419
2020-05-15 16:48:41miss-islingtonsetpull_requests: + pull_request19418
2020-05-15 16:48:33miss-islingtonsetmessages: + msg368958
2020-05-15 16:28:12miss-islingtonsetnosy: + miss-islington
messages: + msg368957
2020-05-15 15:50:54christian.heimessetpull_requests: + pull_request19415
2020-05-15 15:44:26christian.heimessetpull_requests: + pull_request19414
2020-05-03 09:28:19christian.heimessetkeywords: + patch
stage: patch review
pull_requests: + pull_request19190
2020-05-03 09:23:23christian.heimescreate