Comment 1 Conrad Meyer 2018-07-09 17:32:38 UTC

(This is related to CURRENT r336125, which added support for these plain hashes.)

CCing jkim@ as you've been updating OpenSSL in base, and Bernard as the port maintainer.

Comment 2 John Baldwin 2018-07-09 19:16:25 UTC

That patch is against 1.1.x yes?  The dev/crypto engine in 1.1.x is completely rewritten so a patch against that isn't going to apply to 1.0.x.  OTOH, I had really wanted to teach OpenSSL to actually pass the hmac NID to the engine interface and not just the hash.

Comment 3 Conrad Meyer 2018-07-09 19:22:25 UTC

(In reply to John Baldwin from comment #2)
The patch is to a portion of the file that dates to long before OpenSSL 1.0.  It should apply trivially to 1.0.x.

Comment 4 Conrad Meyer 2018-07-09 19:23:47 UTC

Oh, I got my dates confused.  I guess the change is only 1.5 year old:

https://github.com/openssl/openssl/commit/619eb33a0c3dc488ba2bcc366633220813b701c7

Comment 5 Conrad Meyer 2018-07-09 19:37:45 UTC

Ok — OpenSSL 1.0 does not appear to use the plain hash modes (or SHA2??) anyway:

https://github.com/openssl/openssl/blob/OpenSSL_1_0_2-stable/crypto/engine/eng_cryptodev.c

So this only applies to the openssl-devel 1.1.x port.

Sorry for the mixup!

Comment 6 Conrad Meyer 2018-08-25 21:41:52 UTC

Obviated by one or both of bug 228912 , bug 230679.

*** This bug has been marked as a duplicate of bug 230679 ***