root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
openssl/crypto/evp/legacy_sha.c

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

234 lines
8.2 KiB
C
Raw Normal View History

Move all SHA digests completely to the default provider This leaves minimal implementations of EVP_sha* and EVP_shake*, which is now only there to provide a name for implicit fetches. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10059)
2019-09-30 23:04:33 +08:00
/*
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14986)
2021-04-22 21:38:44 +08:00
* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
Move all SHA digests completely to the default provider This leaves minimal implementations of EVP_sha* and EVP_shake*, which is now only there to provide a name for implicit fetches. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10059)
2019-09-30 23:04:33 +08:00
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
Deprecate the low level SHA functions. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10791)
2020-01-09 11:14:13 +08:00
/*
* All SHA low level APIs are deprecated for public use, but still ok for
* internal use.
*/
#include "internal/deprecated.h"
Move all SHA digests completely to the default provider This leaves minimal implementations of EVP_sha* and EVP_shake*, which is now only there to provide a name for implicit fetches. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10059)
2019-09-30 23:04:33 +08:00
#include <openssl/sha.h> /* diverse SHA macros */
#include "internal/sha3.h" /* KECCAK1600_WIDTH */
#include "crypto/evp.h"
Cleanup legacy digest methods. Macros have been added to generate the simple legacy methods. Engines and EVP_MD_METH_get methods still require access to the old legacy methods, so they needed to be added back in. They may only be removed after engines are deprecated and removed. Removed some unnecessary #includes and #ifndef guards (which are done in build.info instead). Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10602)
2019-12-18 12:46:01 +08:00
/* Used by legacy methods */
#include "crypto/sha.h"
#include "legacy_meth.h"
#include "evp_local.h"
/*-
* LEGACY methods for SHA.
* These only remain to support engines that can get these methods.
* Hardware support for SHA3 has been removed from these legacy cases.
*/
#define IMPLEMENT_LEGACY_EVP_MD_METH_SHA3(nm, fn, tag) \
static int nm##_init(EVP_MD_CTX *ctx) \
{ \
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_, EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_, EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_, EVP_MD_, and EVP_CIPHER_ prefixes are renamed. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15405)
2021-05-21 22:58:08 +08:00
return fn##_init(EVP_MD_CTX_get0_md_data(ctx), tag, ctx->digest->md_size * 8); \
Cleanup legacy digest methods. Macros have been added to generate the simple legacy methods. Engines and EVP_MD_METH_get methods still require access to the old legacy methods, so they needed to be added back in. They may only be removed after engines are deprecated and removed. Removed some unnecessary #includes and #ifndef guards (which are done in build.info instead). Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10602)
2019-12-18 12:46:01 +08:00
} \
static int nm##_update(EVP_MD_CTX *ctx, const void *data, size_t count) \
{ \
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_, EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_, EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_, EVP_MD_, and EVP_CIPHER_ prefixes are renamed. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15405)
2021-05-21 22:58:08 +08:00
return fn##_update(EVP_MD_CTX_get0_md_data(ctx), data, count); \
Cleanup legacy digest methods. Macros have been added to generate the simple legacy methods. Engines and EVP_MD_METH_get methods still require access to the old legacy methods, so they needed to be added back in. They may only be removed after engines are deprecated and removed. Removed some unnecessary #includes and #ifndef guards (which are done in build.info instead). Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10602)
2019-12-18 12:46:01 +08:00
} \
static int nm##_final(EVP_MD_CTX *ctx, unsigned char *md) \
{ \
Add EVP_DigestSqueeze() API. Fixes #7894 This allows SHAKE to squeeze multiple times with different output sizes. The existing EVP_DigestFinalXOF() API has been left as a one shot operation. A similar interface is used by another toolkit. The low level SHA3_Squeeze() function needed to change slightly so that it can handle multiple squeezes. This involves changing the assembler code so that it passes a boolean to indicate whether the Keccak function should be called on entry. At the provider level, the squeeze is buffered, so that it only requests a multiple of the blocksize when SHA3_Squeeze() is called. On the first call the value is zero, on subsequent calls the value passed is 1. This PR is derived from the excellent work done by @nmathewson in https://github.com/openssl/openssl/pull/7921 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21511)
2023-07-21 13:05:38 +08:00
KECCAK1600_CTX *kctx = EVP_MD_CTX_get0_md_data(ctx); \
return fn##_final(kctx, md, kctx->md_size); \
Cleanup legacy digest methods. Macros have been added to generate the simple legacy methods. Engines and EVP_MD_METH_get methods still require access to the old legacy methods, so they needed to be added back in. They may only be removed after engines are deprecated and removed. Removed some unnecessary #includes and #ifndef guards (which are done in build.info instead). Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10602)
2019-12-18 12:46:01 +08:00
}
#define IMPLEMENT_LEGACY_EVP_MD_METH_SHAKE(nm, fn, tag) \
static int nm##_init(EVP_MD_CTX *ctx) \
{ \
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_, EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_, EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_, EVP_MD_, and EVP_CIPHER_ prefixes are renamed. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15405)
2021-05-21 22:58:08 +08:00
return fn##_init(EVP_MD_CTX_get0_md_data(ctx), tag, ctx->digest->md_size * 8); \
Cleanup legacy digest methods. Macros have been added to generate the simple legacy methods. Engines and EVP_MD_METH_get methods still require access to the old legacy methods, so they needed to be added back in. They may only be removed after engines are deprecated and removed. Removed some unnecessary #includes and #ifndef guards (which are done in build.info instead). Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10602)
2019-12-18 12:46:01 +08:00
} \
#define sha512_224_Init sha512_224_init
#define sha512_256_Init sha512_256_init
#define sha512_224_Update SHA512_Update
#define sha512_224_Final SHA512_Final
#define sha512_256_Update SHA512_Update
#define sha512_256_Final SHA512_Final
IMPLEMENT_LEGACY_EVP_MD_METH(sha1, SHA1)
IMPLEMENT_LEGACY_EVP_MD_METH(sha224, SHA224)
IMPLEMENT_LEGACY_EVP_MD_METH(sha256, SHA256)
IMPLEMENT_LEGACY_EVP_MD_METH(sha384, SHA384)
IMPLEMENT_LEGACY_EVP_MD_METH(sha512, SHA512)
IMPLEMENT_LEGACY_EVP_MD_METH(sha512_224_int, sha512_224)
IMPLEMENT_LEGACY_EVP_MD_METH(sha512_256_int, sha512_256)
rename sha1_ctrl to ossl_sha1_ctrl. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13417)
2020-11-16 10:08:30 +08:00
IMPLEMENT_LEGACY_EVP_MD_METH_SHA3(sha3_int, ossl_sha3, '\x06')
IMPLEMENT_LEGACY_EVP_MD_METH_SHAKE(shake, ossl_sha3, '\x1f')
Cleanup legacy digest methods. Macros have been added to generate the simple legacy methods. Engines and EVP_MD_METH_get methods still require access to the old legacy methods, so they needed to be added back in. They may only be removed after engines are deprecated and removed. Removed some unnecessary #includes and #ifndef guards (which are done in build.info instead). Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10602)
2019-12-18 12:46:01 +08:00
static int sha1_int_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2)
{
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_, EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_, EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_, EVP_MD_, and EVP_CIPHER_ prefixes are renamed. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15405)
2021-05-21 22:58:08 +08:00
return ossl_sha1_ctrl(ctx != NULL ? EVP_MD_CTX_get0_md_data(ctx) : NULL,
rename sha1_ctrl to ossl_sha1_ctrl. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13417)
2020-11-16 10:08:30 +08:00
cmd, p1, p2);
Cleanup legacy digest methods. Macros have been added to generate the simple legacy methods. Engines and EVP_MD_METH_get methods still require access to the old legacy methods, so they needed to be added back in. They may only be removed after engines are deprecated and removed. Removed some unnecessary #includes and #ifndef guards (which are done in build.info instead). Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10602)
2019-12-18 12:46:01 +08:00
}
static int shake_ctrl(EVP_MD_CTX *evp_ctx, int cmd, int p1, void *p2)
{
EVP shake_ctrl(): add missing NULL evp_ctx check Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22390)
2023-10-14 04:27:31 +08:00
KECCAK1600_CTX *ctx;
if (evp_ctx == NULL)
return 0;
ctx = evp_ctx->md_data;
Cleanup legacy digest methods. Macros have been added to generate the simple legacy methods. Engines and EVP_MD_METH_get methods still require access to the old legacy methods, so they needed to be added back in. They may only be removed after engines are deprecated and removed. Removed some unnecessary #includes and #ifndef guards (which are done in build.info instead). Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10602)
2019-12-18 12:46:01 +08:00
switch (cmd) {
case EVP_MD_CTRL_XOF_LEN:
ctx->md_size = p1;
return 1;
default:
return 0;
}
}
Move all SHA digests completely to the default provider This leaves minimal implementations of EVP_sha* and EVP_shake*, which is now only there to provide a name for implicit fetches. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10059)
2019-09-30 23:04:33 +08:00
static const EVP_MD sha1_md = {
NID_sha1,
NID_sha1WithRSAEncryption,
SHA_DIGEST_LENGTH,
EVP_MD_FLAG_DIGALGID_ABSENT,
Add "origin" field to EVP_CIPHER, EVP_MD Add a "where did this EVP_{CIPHER,MD} come from" flag: global, via fetch, or via EVP_{CIPHER,MD}_meth_new. Update EVP_{CIPHER,MD}_free to handle all three origins. The flag is deliberately right before some function pointers, so that compile-time failures (int/pointer) will occur, as opposed to taking a bit in the existing "flags" field. The "global variable" flag is non-zero, so the default case of using OPENSSL_zalloc (for provider ciphers), will do the right thing. Ref-counting is a no-op for Make up_ref no-op for global MD and CIPHER objects Deprecate EVP_MD_CTX_md(). Added EVP_MD_CTX_get0_md() (same semantics as the deprecated function) and EVP_MD_CTX_get1_md(). Likewise, deprecate EVP_CIPHER_CTX_cipher() in favor of EVP_CIPHER_CTX_get0_cipher(), and add EVP_CIPHER_CTX_get1_CIPHER(). Refactor EVP_MD_free() and EVP_MD_meth_free() to call new common evp_md_free_int() function. Refactor EVP_CIPHER_free() and EVP_CIPHER_meth_free() to call new common evp_cipher_free_int() function. Also change some flags tests to explicit test == or != zero. E.g., if (flags & x) --> if ((flags & x) != 0) if (!(flags & x)) --> if ((flags & x) == 0) Only done for those lines where "get0_cipher" calls were made. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14193)
2021-02-17 06:51:56 +08:00
EVP_ORIG_GLOBAL,
Cleanup legacy digest methods. Macros have been added to generate the simple legacy methods. Engines and EVP_MD_METH_get methods still require access to the old legacy methods, so they needed to be added back in. They may only be removed after engines are deprecated and removed. Removed some unnecessary #includes and #ifndef guards (which are done in build.info instead). Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10602)
2019-12-18 12:46:01 +08:00
LEGACY_EVP_MD_METH_TABLE(sha1_init, sha1_update, sha1_final, sha1_int_ctrl,
SHA_CBLOCK),
Move all SHA digests completely to the default provider This leaves minimal implementations of EVP_sha* and EVP_shake*, which is now only there to provide a name for implicit fetches. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10059)
2019-09-30 23:04:33 +08:00
};
const EVP_MD *EVP_sha1(void)
{
return &sha1_md;
}
static const EVP_MD sha224_md = {
NID_sha224,
NID_sha224WithRSAEncryption,
SHA224_DIGEST_LENGTH,
EVP_MD_FLAG_DIGALGID_ABSENT,
Add "origin" field to EVP_CIPHER, EVP_MD Add a "where did this EVP_{CIPHER,MD} come from" flag: global, via fetch, or via EVP_{CIPHER,MD}_meth_new. Update EVP_{CIPHER,MD}_free to handle all three origins. The flag is deliberately right before some function pointers, so that compile-time failures (int/pointer) will occur, as opposed to taking a bit in the existing "flags" field. The "global variable" flag is non-zero, so the default case of using OPENSSL_zalloc (for provider ciphers), will do the right thing. Ref-counting is a no-op for Make up_ref no-op for global MD and CIPHER objects Deprecate EVP_MD_CTX_md(). Added EVP_MD_CTX_get0_md() (same semantics as the deprecated function) and EVP_MD_CTX_get1_md(). Likewise, deprecate EVP_CIPHER_CTX_cipher() in favor of EVP_CIPHER_CTX_get0_cipher(), and add EVP_CIPHER_CTX_get1_CIPHER(). Refactor EVP_MD_free() and EVP_MD_meth_free() to call new common evp_md_free_int() function. Refactor EVP_CIPHER_free() and EVP_CIPHER_meth_free() to call new common evp_cipher_free_int() function. Also change some flags tests to explicit test == or != zero. E.g., if (flags & x) --> if ((flags & x) != 0) if (!(flags & x)) --> if ((flags & x) == 0) Only done for those lines where "get0_cipher" calls were made. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14193)
2021-02-17 06:51:56 +08:00
EVP_ORIG_GLOBAL,
Cleanup legacy digest methods. Macros have been added to generate the simple legacy methods. Engines and EVP_MD_METH_get methods still require access to the old legacy methods, so they needed to be added back in. They may only be removed after engines are deprecated and removed. Removed some unnecessary #includes and #ifndef guards (which are done in build.info instead). Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10602)
2019-12-18 12:46:01 +08:00
LEGACY_EVP_MD_METH_TABLE(sha224_init, sha224_update, sha224_final, NULL,
SHA256_CBLOCK),
Move all SHA digests completely to the default provider This leaves minimal implementations of EVP_sha* and EVP_shake*, which is now only there to provide a name for implicit fetches. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10059)
2019-09-30 23:04:33 +08:00
};
const EVP_MD *EVP_sha224(void)
{
return &sha224_md;
}
static const EVP_MD sha256_md = {
NID_sha256,
NID_sha256WithRSAEncryption,
SHA256_DIGEST_LENGTH,
EVP_MD_FLAG_DIGALGID_ABSENT,
Add "origin" field to EVP_CIPHER, EVP_MD Add a "where did this EVP_{CIPHER,MD} come from" flag: global, via fetch, or via EVP_{CIPHER,MD}_meth_new. Update EVP_{CIPHER,MD}_free to handle all three origins. The flag is deliberately right before some function pointers, so that compile-time failures (int/pointer) will occur, as opposed to taking a bit in the existing "flags" field. The "global variable" flag is non-zero, so the default case of using OPENSSL_zalloc (for provider ciphers), will do the right thing. Ref-counting is a no-op for Make up_ref no-op for global MD and CIPHER objects Deprecate EVP_MD_CTX_md(). Added EVP_MD_CTX_get0_md() (same semantics as the deprecated function) and EVP_MD_CTX_get1_md(). Likewise, deprecate EVP_CIPHER_CTX_cipher() in favor of EVP_CIPHER_CTX_get0_cipher(), and add EVP_CIPHER_CTX_get1_CIPHER(). Refactor EVP_MD_free() and EVP_MD_meth_free() to call new common evp_md_free_int() function. Refactor EVP_CIPHER_free() and EVP_CIPHER_meth_free() to call new common evp_cipher_free_int() function. Also change some flags tests to explicit test == or != zero. E.g., if (flags & x) --> if ((flags & x) != 0) if (!(flags & x)) --> if ((flags & x) == 0) Only done for those lines where "get0_cipher" calls were made. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14193)
2021-02-17 06:51:56 +08:00
EVP_ORIG_GLOBAL,
Cleanup legacy digest methods. Macros have been added to generate the simple legacy methods. Engines and EVP_MD_METH_get methods still require access to the old legacy methods, so they needed to be added back in. They may only be removed after engines are deprecated and removed. Removed some unnecessary #includes and #ifndef guards (which are done in build.info instead). Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10602)
2019-12-18 12:46:01 +08:00
LEGACY_EVP_MD_METH_TABLE(sha256_init, sha256_update, sha256_final, NULL,
SHA256_CBLOCK),
Move all SHA digests completely to the default provider This leaves minimal implementations of EVP_sha* and EVP_shake*, which is now only there to provide a name for implicit fetches. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10059)
2019-09-30 23:04:33 +08:00
};
const EVP_MD *EVP_sha256(void)
{
return &sha256_md;
}
static const EVP_MD sha512_224_md = {
NID_sha512_224,
NID_sha512_224WithRSAEncryption,
SHA224_DIGEST_LENGTH,
EVP_MD_FLAG_DIGALGID_ABSENT,
Add "origin" field to EVP_CIPHER, EVP_MD Add a "where did this EVP_{CIPHER,MD} come from" flag: global, via fetch, or via EVP_{CIPHER,MD}_meth_new. Update EVP_{CIPHER,MD}_free to handle all three origins. The flag is deliberately right before some function pointers, so that compile-time failures (int/pointer) will occur, as opposed to taking a bit in the existing "flags" field. The "global variable" flag is non-zero, so the default case of using OPENSSL_zalloc (for provider ciphers), will do the right thing. Ref-counting is a no-op for Make up_ref no-op for global MD and CIPHER objects Deprecate EVP_MD_CTX_md(). Added EVP_MD_CTX_get0_md() (same semantics as the deprecated function) and EVP_MD_CTX_get1_md(). Likewise, deprecate EVP_CIPHER_CTX_cipher() in favor of EVP_CIPHER_CTX_get0_cipher(), and add EVP_CIPHER_CTX_get1_CIPHER(). Refactor EVP_MD_free() and EVP_MD_meth_free() to call new common evp_md_free_int() function. Refactor EVP_CIPHER_free() and EVP_CIPHER_meth_free() to call new common evp_cipher_free_int() function. Also change some flags tests to explicit test == or != zero. E.g., if (flags & x) --> if ((flags & x) != 0) if (!(flags & x)) --> if ((flags & x) == 0) Only done for those lines where "get0_cipher" calls were made. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14193)
2021-02-17 06:51:56 +08:00
EVP_ORIG_GLOBAL,
Cleanup legacy digest methods. Macros have been added to generate the simple legacy methods. Engines and EVP_MD_METH_get methods still require access to the old legacy methods, so they needed to be added back in. They may only be removed after engines are deprecated and removed. Removed some unnecessary #includes and #ifndef guards (which are done in build.info instead). Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10602)
2019-12-18 12:46:01 +08:00
LEGACY_EVP_MD_METH_TABLE(sha512_224_int_init, sha512_224_int_update,
sha512_224_int_final, NULL, SHA512_CBLOCK),
Move all SHA digests completely to the default provider This leaves minimal implementations of EVP_sha* and EVP_shake*, which is now only there to provide a name for implicit fetches. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10059)
2019-09-30 23:04:33 +08:00
};
const EVP_MD *EVP_sha512_224(void)
{
return &sha512_224_md;
}
static const EVP_MD sha512_256_md = {
NID_sha512_256,
NID_sha512_256WithRSAEncryption,
SHA256_DIGEST_LENGTH,
EVP_MD_FLAG_DIGALGID_ABSENT,
Add "origin" field to EVP_CIPHER, EVP_MD Add a "where did this EVP_{CIPHER,MD} come from" flag: global, via fetch, or via EVP_{CIPHER,MD}_meth_new. Update EVP_{CIPHER,MD}_free to handle all three origins. The flag is deliberately right before some function pointers, so that compile-time failures (int/pointer) will occur, as opposed to taking a bit in the existing "flags" field. The "global variable" flag is non-zero, so the default case of using OPENSSL_zalloc (for provider ciphers), will do the right thing. Ref-counting is a no-op for Make up_ref no-op for global MD and CIPHER objects Deprecate EVP_MD_CTX_md(). Added EVP_MD_CTX_get0_md() (same semantics as the deprecated function) and EVP_MD_CTX_get1_md(). Likewise, deprecate EVP_CIPHER_CTX_cipher() in favor of EVP_CIPHER_CTX_get0_cipher(), and add EVP_CIPHER_CTX_get1_CIPHER(). Refactor EVP_MD_free() and EVP_MD_meth_free() to call new common evp_md_free_int() function. Refactor EVP_CIPHER_free() and EVP_CIPHER_meth_free() to call new common evp_cipher_free_int() function. Also change some flags tests to explicit test == or != zero. E.g., if (flags & x) --> if ((flags & x) != 0) if (!(flags & x)) --> if ((flags & x) == 0) Only done for those lines where "get0_cipher" calls were made. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14193)
2021-02-17 06:51:56 +08:00
EVP_ORIG_GLOBAL,
Cleanup legacy digest methods. Macros have been added to generate the simple legacy methods. Engines and EVP_MD_METH_get methods still require access to the old legacy methods, so they needed to be added back in. They may only be removed after engines are deprecated and removed. Removed some unnecessary #includes and #ifndef guards (which are done in build.info instead). Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10602)
2019-12-18 12:46:01 +08:00
LEGACY_EVP_MD_METH_TABLE(sha512_256_int_init, sha512_256_int_update,
sha512_256_int_final, NULL, SHA512_CBLOCK),
Move all SHA digests completely to the default provider This leaves minimal implementations of EVP_sha* and EVP_shake*, which is now only there to provide a name for implicit fetches. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10059)
2019-09-30 23:04:33 +08:00
};
const EVP_MD *EVP_sha512_256(void)
{
return &sha512_256_md;
}
static const EVP_MD sha384_md = {
NID_sha384,
NID_sha384WithRSAEncryption,
SHA384_DIGEST_LENGTH,
EVP_MD_FLAG_DIGALGID_ABSENT,
Add "origin" field to EVP_CIPHER, EVP_MD Add a "where did this EVP_{CIPHER,MD} come from" flag: global, via fetch, or via EVP_{CIPHER,MD}_meth_new. Update EVP_{CIPHER,MD}_free to handle all three origins. The flag is deliberately right before some function pointers, so that compile-time failures (int/pointer) will occur, as opposed to taking a bit in the existing "flags" field. The "global variable" flag is non-zero, so the default case of using OPENSSL_zalloc (for provider ciphers), will do the right thing. Ref-counting is a no-op for Make up_ref no-op for global MD and CIPHER objects Deprecate EVP_MD_CTX_md(). Added EVP_MD_CTX_get0_md() (same semantics as the deprecated function) and EVP_MD_CTX_get1_md(). Likewise, deprecate EVP_CIPHER_CTX_cipher() in favor of EVP_CIPHER_CTX_get0_cipher(), and add EVP_CIPHER_CTX_get1_CIPHER(). Refactor EVP_MD_free() and EVP_MD_meth_free() to call new common evp_md_free_int() function. Refactor EVP_CIPHER_free() and EVP_CIPHER_meth_free() to call new common evp_cipher_free_int() function. Also change some flags tests to explicit test == or != zero. E.g., if (flags & x) --> if ((flags & x) != 0) if (!(flags & x)) --> if ((flags & x) == 0) Only done for those lines where "get0_cipher" calls were made. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14193)
2021-02-17 06:51:56 +08:00
EVP_ORIG_GLOBAL,
Cleanup legacy digest methods. Macros have been added to generate the simple legacy methods. Engines and EVP_MD_METH_get methods still require access to the old legacy methods, so they needed to be added back in. They may only be removed after engines are deprecated and removed. Removed some unnecessary #includes and #ifndef guards (which are done in build.info instead). Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10602)
2019-12-18 12:46:01 +08:00
LEGACY_EVP_MD_METH_TABLE(sha384_init, sha384_update, sha384_final, NULL,
SHA512_CBLOCK),
Move all SHA digests completely to the default provider This leaves minimal implementations of EVP_sha* and EVP_shake*, which is now only there to provide a name for implicit fetches. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10059)
2019-09-30 23:04:33 +08:00
};
const EVP_MD *EVP_sha384(void)
{
return &sha384_md;
}
static const EVP_MD sha512_md = {
NID_sha512,
NID_sha512WithRSAEncryption,
SHA512_DIGEST_LENGTH,
EVP_MD_FLAG_DIGALGID_ABSENT,
Add "origin" field to EVP_CIPHER, EVP_MD Add a "where did this EVP_{CIPHER,MD} come from" flag: global, via fetch, or via EVP_{CIPHER,MD}_meth_new. Update EVP_{CIPHER,MD}_free to handle all three origins. The flag is deliberately right before some function pointers, so that compile-time failures (int/pointer) will occur, as opposed to taking a bit in the existing "flags" field. The "global variable" flag is non-zero, so the default case of using OPENSSL_zalloc (for provider ciphers), will do the right thing. Ref-counting is a no-op for Make up_ref no-op for global MD and CIPHER objects Deprecate EVP_MD_CTX_md(). Added EVP_MD_CTX_get0_md() (same semantics as the deprecated function) and EVP_MD_CTX_get1_md(). Likewise, deprecate EVP_CIPHER_CTX_cipher() in favor of EVP_CIPHER_CTX_get0_cipher(), and add EVP_CIPHER_CTX_get1_CIPHER(). Refactor EVP_MD_free() and EVP_MD_meth_free() to call new common evp_md_free_int() function. Refactor EVP_CIPHER_free() and EVP_CIPHER_meth_free() to call new common evp_cipher_free_int() function. Also change some flags tests to explicit test == or != zero. E.g., if (flags & x) --> if ((flags & x) != 0) if (!(flags & x)) --> if ((flags & x) == 0) Only done for those lines where "get0_cipher" calls were made. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14193)
2021-02-17 06:51:56 +08:00
EVP_ORIG_GLOBAL,
Cleanup legacy digest methods. Macros have been added to generate the simple legacy methods. Engines and EVP_MD_METH_get methods still require access to the old legacy methods, so they needed to be added back in. They may only be removed after engines are deprecated and removed. Removed some unnecessary #includes and #ifndef guards (which are done in build.info instead). Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10602)
2019-12-18 12:46:01 +08:00
LEGACY_EVP_MD_METH_TABLE(sha512_init, sha512_update, sha512_final, NULL,
SHA512_CBLOCK),
Move all SHA digests completely to the default provider This leaves minimal implementations of EVP_sha* and EVP_shake*, which is now only there to provide a name for implicit fetches. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10059)
2019-09-30 23:04:33 +08:00
};
const EVP_MD *EVP_sha512(void)
{
return &sha512_md;
}
Cleanup legacy digest methods. Macros have been added to generate the simple legacy methods. Engines and EVP_MD_METH_get methods still require access to the old legacy methods, so they needed to be added back in. They may only be removed after engines are deprecated and removed. Removed some unnecessary #includes and #ifndef guards (which are done in build.info instead). Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10602)
2019-12-18 12:46:01 +08:00
#define EVP_MD_SHA3(bitlen) \
const EVP_MD *EVP_sha3_##bitlen(void) \
{ \
static const EVP_MD sha3_##bitlen##_md = { \
NID_sha3_##bitlen, \
NID_RSA_SHA3_##bitlen, \
bitlen / 8, \
EVP_MD_FLAG_DIGALGID_ABSENT, \
Add "origin" field to EVP_CIPHER, EVP_MD Add a "where did this EVP_{CIPHER,MD} come from" flag: global, via fetch, or via EVP_{CIPHER,MD}_meth_new. Update EVP_{CIPHER,MD}_free to handle all three origins. The flag is deliberately right before some function pointers, so that compile-time failures (int/pointer) will occur, as opposed to taking a bit in the existing "flags" field. The "global variable" flag is non-zero, so the default case of using OPENSSL_zalloc (for provider ciphers), will do the right thing. Ref-counting is a no-op for Make up_ref no-op for global MD and CIPHER objects Deprecate EVP_MD_CTX_md(). Added EVP_MD_CTX_get0_md() (same semantics as the deprecated function) and EVP_MD_CTX_get1_md(). Likewise, deprecate EVP_CIPHER_CTX_cipher() in favor of EVP_CIPHER_CTX_get0_cipher(), and add EVP_CIPHER_CTX_get1_CIPHER(). Refactor EVP_MD_free() and EVP_MD_meth_free() to call new common evp_md_free_int() function. Refactor EVP_CIPHER_free() and EVP_CIPHER_meth_free() to call new common evp_cipher_free_int() function. Also change some flags tests to explicit test == or != zero. E.g., if (flags & x) --> if ((flags & x) != 0) if (!(flags & x)) --> if ((flags & x) == 0) Only done for those lines where "get0_cipher" calls were made. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14193)
2021-02-17 06:51:56 +08:00
EVP_ORIG_GLOBAL, \
Cleanup legacy digest methods. Macros have been added to generate the simple legacy methods. Engines and EVP_MD_METH_get methods still require access to the old legacy methods, so they needed to be added back in. They may only be removed after engines are deprecated and removed. Removed some unnecessary #includes and #ifndef guards (which are done in build.info instead). Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10602)
2019-12-18 12:46:01 +08:00
LEGACY_EVP_MD_METH_TABLE(sha3_int_init, sha3_int_update, \
sha3_int_final, NULL, \
(KECCAK1600_WIDTH - bitlen * 2) / 8), \
}; \
return &sha3_##bitlen##_md; \
}
#define EVP_MD_SHAKE(bitlen) \
const EVP_MD *EVP_shake##bitlen(void) \
{ \
static const EVP_MD shake##bitlen##_md = { \
NID_shake##bitlen, \
0, \
bitlen / 8, \
Fix SHAKE AlgorithmIdentifier encodings NIST CSOR specifies that the id-shake128 and id-shake256 algorithm identifiers, like the SHA-3 ones, do not carry any parameters. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/27190)
2025-03-28 18:40:32 +08:00
EVP_MD_FLAG_XOF | EVP_MD_FLAG_DIGALGID_ABSENT, \
Add "origin" field to EVP_CIPHER, EVP_MD Add a "where did this EVP_{CIPHER,MD} come from" flag: global, via fetch, or via EVP_{CIPHER,MD}_meth_new. Update EVP_{CIPHER,MD}_free to handle all three origins. The flag is deliberately right before some function pointers, so that compile-time failures (int/pointer) will occur, as opposed to taking a bit in the existing "flags" field. The "global variable" flag is non-zero, so the default case of using OPENSSL_zalloc (for provider ciphers), will do the right thing. Ref-counting is a no-op for Make up_ref no-op for global MD and CIPHER objects Deprecate EVP_MD_CTX_md(). Added EVP_MD_CTX_get0_md() (same semantics as the deprecated function) and EVP_MD_CTX_get1_md(). Likewise, deprecate EVP_CIPHER_CTX_cipher() in favor of EVP_CIPHER_CTX_get0_cipher(), and add EVP_CIPHER_CTX_get1_CIPHER(). Refactor EVP_MD_free() and EVP_MD_meth_free() to call new common evp_md_free_int() function. Refactor EVP_CIPHER_free() and EVP_CIPHER_meth_free() to call new common evp_cipher_free_int() function. Also change some flags tests to explicit test == or != zero. E.g., if (flags & x) --> if ((flags & x) != 0) if (!(flags & x)) --> if ((flags & x) == 0) Only done for those lines where "get0_cipher" calls were made. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14193)
2021-02-17 06:51:56 +08:00
EVP_ORIG_GLOBAL, \
Cleanup legacy digest methods. Macros have been added to generate the simple legacy methods. Engines and EVP_MD_METH_get methods still require access to the old legacy methods, so they needed to be added back in. They may only be removed after engines are deprecated and removed. Removed some unnecessary #includes and #ifndef guards (which are done in build.info instead). Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10602)
2019-12-18 12:46:01 +08:00
LEGACY_EVP_MD_METH_TABLE(shake_init, sha3_int_update, sha3_int_final, \
shake_ctrl, (KECCAK1600_WIDTH - bitlen * 2) / 8), \
}; \
return &shake##bitlen##_md; \
}
Move all SHA digests completely to the default provider This leaves minimal implementations of EVP_sha* and EVP_shake*, which is now only there to provide a name for implicit fetches. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10059)
2019-09-30 23:04:33 +08:00
EVP_MD_SHA3(224)
EVP_MD_SHA3(256)
EVP_MD_SHA3(384)
EVP_MD_SHA3(512)
EVP_MD_SHAKE(128)
EVP_MD_SHAKE(256)