debug: Add OpenSSL version logging to verification workflows

Added 'openssl version' output to both workflows to diagnose
SHA256 output format differences:

1. wheels.yml: Log OpenSSL version when creating .verify.txt
2. release.yml: Log OpenSSL version when re-verifying .verify.txt

This will show us exactly which OpenSSL version is being used
in each workflow and help us understand the format differences:
- OpenSSL 1.x outputs: SHA256(file)= hash
- OpenSSL 3.x outputs: SHA2-256(file)= hash

Related to: crossbario#1716, crossbario#1717

Author: oberstet

.github/workflows/release.yml

@@ -164,6 +164,9 @@ jobs:
           echo "==> Source Distribution Re-Verification (Chain of Custody)"
           echo "======================================================================"
           echo ""
+          echo "OpenSSL version:"
+          openssl version
+          echo ""
           echo "Re-verifying artifact integrity at release workflow."
           echo "Comparing against original verification from wheels workflow."
           echo ""
@@ -205,7 +208,7 @@ jobs:
             echo "DEBUG: Lines matching 'SHA256':"
             grep -i "SHA256" "$VERIFY_FILE" || echo "(no matches found)"
             echo ""
-            ORIGINAL_SHA256=$(grep "^SHA256(" "$VERIFY_FILE" | awk '{print $2}' | tr -d ')' || echo "")
+            ORIGINAL_SHA256=$(grep -E "^SHA(2-)?256\(" "$VERIFY_FILE" | awk -F'= ' '{print $2}' | tr -d ' ' || echo "")
             if [ -z "$ORIGINAL_SHA256" ]; then
               echo "❌ ERROR: Could not extract SHA256 from verification report"
               echo "   The verification report may have an unexpected format"
@@ -528,6 +531,9 @@ jobs:
           echo "==> Source Distribution Re-Verification (Chain of Custody)"
           echo "======================================================================"
           echo ""
+          echo "OpenSSL version:"
+          openssl version
+          echo ""
           echo "Re-verifying artifact integrity at release workflow."
           echo "Comparing against original verification from wheels workflow."
           echo ""
@@ -569,7 +575,7 @@ jobs:
             echo "DEBUG: Lines matching 'SHA256':"
             grep -i "SHA256" "$VERIFY_FILE" || echo "(no matches found)"
             echo ""
-            ORIGINAL_SHA256=$(grep "^SHA256(" "$VERIFY_FILE" | awk '{print $2}' | tr -d ')' || echo "")
+            ORIGINAL_SHA256=$(grep -E "^SHA(2-)?256\(" "$VERIFY_FILE" | awk -F'= ' '{print $2}' | tr -d ' ' || echo "")
             if [ -z "$ORIGINAL_SHA256" ]; then
               echo "❌ ERROR: Could not extract SHA256 from verification report"
               echo "   The verification report may have an unexpected format"
@@ -917,6 +923,9 @@ jobs:
           echo "==> Source Distribution Re-Verification (Chain of Custody)"
           echo "======================================================================"
           echo ""
+          echo "OpenSSL version:"
+          openssl version
+          echo ""
           echo "Re-verifying artifact integrity at release workflow."
           echo "Comparing against original verification from wheels workflow."
           echo ""
@@ -958,7 +967,7 @@ jobs:
             echo "DEBUG: Lines matching 'SHA256':"
             grep -i "SHA256" "$VERIFY_FILE" || echo "(no matches found)"
             echo ""
-            ORIGINAL_SHA256=$(grep "^SHA256(" "$VERIFY_FILE" | awk '{print $2}' | tr -d ')' || echo "")
+            ORIGINAL_SHA256=$(grep -E "^SHA(2-)?256\(" "$VERIFY_FILE" | awk -F'= ' '{print $2}' | tr -d ' ' || echo "")
             if [ -z "$ORIGINAL_SHA256" ]; then
               echo "❌ ERROR: Could not extract SHA256 from verification report"
               echo "   The verification report may have an unexpected format"

.github/workflows/wheels.yml

@@ -249,6 +249,9 @@ jobs:
           echo "==> Source Distribution Integrity Verification (Issue #1716)"
           echo "======================================================================"
           echo ""
+          echo "OpenSSL version:"
+          openssl version
+          echo ""
           echo "Creating cryptographic fingerprints and verification logs for"
           echo "supply chain integrity - ensures no corruption from build → artifact → release."
           echo ""