Library crypt4gh can generate and use keys based on different algorithms. One of them is scrypt, which depends on very specific features from OpenSSL used to compile python interpreter.
As this algorithm availability is very dependent on the version of OpenSSL, WfExS-backend should:
Emit a warning each time the conditions where it could fail happen: OpenSSL < 1.1.0 and key generated with scrypt.
Generate new keys always using a different algorithm, like bcrypt, which is not so sensitive to used OpenSSL version on python interpreter compilation.
Library crypt4gh can generate and use keys based on different algorithms. One of them is
scrypt
, which depends on very specific features from OpenSSL used to compile python interpreter.https://github.com/EGA-archive/crypt4gh/blob/2ba98a7cea96e8fb337b17310cc1a226ad3b3e65/crypt4gh/keys/kdf.py#L29-L43
As this algorithm availability is very dependent on the version of OpenSSL, WfExS-backend should:
scrypt
.bcrypt
, which is not so sensitive to used OpenSSL version on python interpreter compilation.