diff --git a/.gitignore b/.gitignore index 805d350b..f549a0ae 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ openssl.test +.idea diff --git a/cert.go b/cert.go index e841e22c..1c7d65b8 100644 --- a/cert.go +++ b/cert.go @@ -26,24 +26,6 @@ import ( "unsafe" ) -type EVP_MD int - -const ( - EVP_NULL EVP_MD = iota - EVP_MD5 EVP_MD = iota - EVP_MD4 EVP_MD = iota - EVP_SHA EVP_MD = iota - EVP_SHA1 EVP_MD = iota - EVP_DSS EVP_MD = iota - EVP_DSS1 EVP_MD = iota - EVP_MDC2 EVP_MD = iota - EVP_RIPEMD160 EVP_MD = iota - EVP_SHA224 EVP_MD = iota - EVP_SHA256 EVP_MD = iota - EVP_SHA384 EVP_MD = iota - EVP_SHA512 EVP_MD = iota -) - // X509_Version represents a version on an x509 certificate. type X509_Version int diff --git a/ctx.go b/ctx.go index 33befc40..73762c4a 100644 --- a/ctx.go +++ b/ctx.go @@ -298,8 +298,7 @@ func (s *CertificateStore) AddCertificate(cert *Certificate) error { } type CertificateStoreCtx struct { - ctx *C.X509_STORE_CTX - ssl_ctx *Ctx + ctx *C.X509_STORE_CTX } func (self *CertificateStoreCtx) VerifyResult() VerifyResult { diff --git a/digest_computer.go b/digest_computer.go new file mode 100644 index 00000000..e787f9a5 --- /dev/null +++ b/digest_computer.go @@ -0,0 +1,68 @@ +package openssl + +// #include "shim.h" +import "C" +import ( + "fmt" + "runtime" + "unsafe" +) + +// DigestComputer is a generic structure to compute message digest +// with any hash function supported by OpenSSL +type DigestComputer struct { + ctx *C.EVP_MD_CTX + engine *Engine + evpMD EVP_MD +} + +func NewDigestComputer(digestType EVP_MD) (*DigestComputer, error) { + return NewDigestComputerWithEngine(nil, digestType) +} + +func NewDigestComputerWithEngine(e *Engine, digestType EVP_MD) (*DigestComputer, error) { + hash := &DigestComputer{engine: e, evpMD: digestType} + hash.ctx = C.X_EVP_MD_CTX_new() + if hash.ctx == nil { + return nil, fmt.Errorf("openssl: %s: unable to allocate ctx", digestType.String()) + } + runtime.SetFinalizer(hash, func(hash *DigestComputer) { hash.Close() }) + if err := hash.Reset(); err != nil { + return nil, err + } + return hash, nil +} + +func (s *DigestComputer) Close() { + if s.ctx != nil { + C.X_EVP_MD_CTX_free(s.ctx) + s.ctx = nil + } +} + +func (s *DigestComputer) Reset() error { + if 1 != C.X_EVP_DigestInit_ex(s.ctx, s.evpMD.c(), engineRef(s.engine)) { + return fmt.Errorf("openssl: %v: cannot init evpMD ctx", s.evpMD.String()) + } + return nil +} + +func (s *DigestComputer) Write(p []byte) (n int, err error) { + if len(p) == 0 { + return 0, nil + } + if 1 != C.X_EVP_DigestUpdate(s.ctx, unsafe.Pointer(&p[0]), + C.size_t(len(p))) { + return 0, fmt.Errorf("openssl: %v: cannot update evpMD", s.evpMD.String()) + } + return len(p), nil +} + +func (s *DigestComputer) Sum() ([]byte, error) { + result := make([]byte, s.evpMD.Size()) + if 1 != C.X_EVP_DigestFinal_ex(s.ctx, + (*C.uchar)(unsafe.Pointer(&result[0])), nil) { + return result, fmt.Errorf("openssl: %v: cannot finalize ctx", s.evpMD.String()) + } + return result, s.Reset() +} diff --git a/engine.go b/engine.go index 78aef956..c23040bb 100644 --- a/engine.go +++ b/engine.go @@ -48,3 +48,10 @@ func EngineById(name string) (*Engine, error) { }) return e, nil } + +func engineRef(e *Engine) *C.ENGINE { + if e == nil { + return nil + } + return e.e +} diff --git a/evp_md.go b/evp_md.go new file mode 100644 index 00000000..d0d0b8ae --- /dev/null +++ b/evp_md.go @@ -0,0 +1,356 @@ +package openssl + +// #include "openssl/opensslv.h" +// #include "shim.h" +import "C" + +// EVP_MD represents hash function implemented by OpenSSL +type EVP_MD int + +const ( + EVP_NULL EVP_MD = iota + EVP_MD5 + EVP_MD4 + EVP_SHA + EVP_SHA1 + EVP_DSS + EVP_DSS1 + EVP_MDC2 + EVP_RIPEMD160 + EVP_SHA224 + EVP_SHA256 + EVP_SHA384 + EVP_SHA512 + EVP_SHA512_224 + EVP_SHA512_256 + EVP_BLAKE2B_512 + EVP_BLAKE2S_256 + EVP_GOST + EVP_MD2 + EVP_SHA3_224 + EVP_SHA3_256 + EVP_SHA3_384 + EVP_SHA3_512 + EVP_SHAKE128 + EVP_SHAKE256 + EVP_SM3 + EVP_WHIRLPOOL +) + +// Size returns the size of the digest +func (evp EVP_MD) Size() int { + var bits int + switch evp { + case EVP_BLAKE2B_512: + bits = 512 + case EVP_BLAKE2S_256: + bits = 256 + case EVP_GOST: + bits = 256 + case EVP_MD2: + bits = 128 + case EVP_MD4: + bits = 128 + case EVP_MD5: + bits = 128 + case EVP_RIPEMD160: + bits = 160 + case EVP_SHA1: + bits = 160 + case EVP_SHA224: + bits = 224 + case EVP_SHA256: + bits = 256 + case EVP_SHA384: + bits = 384 + case EVP_SHA512: + bits = 512 + case EVP_SHA512_224: + bits = 224 + case EVP_SHA512_256: + bits = 256 + case EVP_SHA3_224: + bits = 224 + case EVP_SHA3_256: + bits = 256 + case EVP_SHA3_384: + bits = 384 + case EVP_SHA3_512: + bits = 512 + case EVP_SHAKE128: + bits = 128 + case EVP_SHAKE256: + bits = 256 + case EVP_SM3: + bits = 256 + } + return bits / 8 +} + +// Size returns hash function block size in bytes +func (evp EVP_MD) BlockSize() int { + var bits int + switch evp { + case EVP_BLAKE2B_512: + bits = 1024 + case EVP_BLAKE2S_256: + bits = 512 + case EVP_GOST: + bits = 256 + case EVP_MD2: + bits = 128 + case EVP_MD4: + bits = 512 + case EVP_MD5: + bits = 512 + case EVP_RIPEMD160: + bits = 512 + case EVP_SHA1: + bits = 512 + case EVP_SHA224: + bits = 512 + case EVP_SHA256: + bits = 512 + case EVP_SHA384: + bits = 1024 + case EVP_SHA512: + bits = 1024 + case EVP_SHA512_224: + bits = 1024 + case EVP_SHA512_256: + bits = 1024 + case EVP_SHA3_224: + bits = 1124 + case EVP_SHA3_256: + bits = 1088 + case EVP_SHA3_384: + bits = 832 + case EVP_SHA3_512: + bits = 576 + case EVP_SHAKE128: + bits = 1344 + case EVP_SHAKE256: + bits = 1088 + case EVP_SM3: + bits = 512 + } + return bits / 8 +} + +func (evp EVP_MD) String() string { + switch evp { + case EVP_BLAKE2B_512: + return "BLAKE2B_512" + case EVP_BLAKE2S_256: + return "BLAKE2S_256" + case EVP_GOST: + return "GOST" + case EVP_MD2: + return "MD2" + case EVP_MD4: + return "MD4" + case EVP_MD5: + return "MD5" + case EVP_RIPEMD160: + return "RMD160" + case EVP_SHA1: + return "SHA1" + case EVP_SHA224: + return "SHA224" + case EVP_SHA256: + return "SHA256" + case EVP_SHA384: + return "SHA384" + case EVP_SHA512: + return "SHA512" + case EVP_SHA512_224: + return "SHA512_224" + case EVP_SHA512_256: + return "SHA512_256" + case EVP_SHA3_224: + return "SHA3_224" + case EVP_SHA3_256: + return "SHA3_256" + case EVP_SHA3_384: + return "SHA3_384" + case EVP_SHA3_512: + return "SHA3_512" + case EVP_SHAKE128: + return "SHAKE128" + case EVP_SHAKE256: + return "SHAKE256" + case EVP_SM3: + return "SM3" + default: + return "UNKNOWN" + } +} + + +/* +OpenSSL compatibility table: + +1.1.1 -> 0x1010100fL +1.1.0 -> 0x1010000fL + +Digest 1.0.2 1.1.0 1.1.1 +BLAKE2B512 - + + +BLAKE2S256 - + + +GOST - + + +MD2 - + + +MD4 + + + +MD5 + + + +RIPEMD160 + + + +SHA1 + + + +SHA224 + + + +SHA256 + + + +SHA384 + + + +SHA512 + + + +SHA512-224 - - + +SHA512-256 - - + +SHA3-224 - - + +SHA3-256 - - + +SHA3-384 - - + +SHA3-512 - - + +SHAKE128 - - + +SHAKE256 - - + +SM3 - - + +WHIRLPOOL + + + +*/ + +var hashFunctionsOpenSSLv111 = map[EVP_MD]bool{ + EVP_BLAKE2B_512: true, + EVP_BLAKE2S_256: true, + EVP_GOST: true, + EVP_MD2: true, + EVP_MD4: true, + EVP_MD5: true, + EVP_RIPEMD160: true, + EVP_SHA1: true, + EVP_SHA224: true, + EVP_SHA256: true, + EVP_SHA384: true, + EVP_SHA512: true, + EVP_SHA512_224: true, + EVP_SHA512_256: true, + EVP_SHA3_224: true, + EVP_SHA3_256: true, + EVP_SHA3_384: true, + EVP_SHA3_512: true, + EVP_SHAKE128: true, + EVP_SHAKE256: true, + EVP_SM3: true, + EVP_WHIRLPOOL: true, +} + +var hashFunctionsOpenSSLv110 = map[EVP_MD]bool{ + EVP_BLAKE2B_512: true, + EVP_BLAKE2S_256: true, + EVP_GOST: true, + EVP_MD2: true, + EVP_MD4: true, + EVP_MD5: true, + EVP_RIPEMD160: true, + EVP_SHA1: true, + EVP_SHA224: true, + EVP_SHA256: true, + EVP_SHA384: true, + EVP_SHA512: true, + EVP_SHA512_224: false, + EVP_SHA512_256: false, + EVP_SHA3_224: false, + EVP_SHA3_256: false, + EVP_SHA3_384: false, + EVP_SHA3_512: false, + EVP_SHAKE128: false, + EVP_SHAKE256: false, + EVP_SM3: false, + EVP_WHIRLPOOL: true, +} + +var hashFunctionsOpenSSLv102 = map[EVP_MD]bool{ + EVP_BLAKE2B_512: false, + EVP_BLAKE2S_256: false, + EVP_GOST: false, + EVP_MD2: false, + EVP_MD4: true, + EVP_MD5: true, + EVP_RIPEMD160: true, + EVP_SHA1: true, + EVP_SHA224: true, + EVP_SHA256: true, + EVP_SHA384: true, + EVP_SHA512: true, + EVP_SHA512_224: false, + EVP_SHA512_256: false, + EVP_SHA3_224: false, + EVP_SHA3_256: false, + EVP_SHA3_384: false, + EVP_SHA3_512: false, + EVP_SHAKE128: false, + EVP_SHAKE256: false, + EVP_SM3: false, + EVP_WHIRLPOOL: true, +} + +// Supported checks if this hash function is supported by the installed version of OpenSSL +func (evp EVP_MD) Supported() bool { + if C.OPENSSL_VERSION_NUMBER >= 0x1010100f { + return hashFunctionsOpenSSLv111[evp] + } else if C.OPENSSL_VERSION_NUMBER >= 0x1010000f { + return hashFunctionsOpenSSLv110[evp] + } + return hashFunctionsOpenSSLv102[evp] +} + +// c returns pointer to the struct that is used during digest initialization +func (evp EVP_MD) c() (evpMD *C.EVP_MD) { + switch evp { + case EVP_BLAKE2B_512: + evpMD = C.X_EVP_blake2b512() + case EVP_BLAKE2S_256: + evpMD = C.X_EVP_blake2s256() + case EVP_GOST: + panic("Not implemented yet") + case EVP_MD2: + evpMD = C.X_EVP_md2() + case EVP_MD4: + evpMD = C.X_EVP_md4() + case EVP_MD5: + evpMD = C.X_EVP_md5() + case EVP_RIPEMD160: + evpMD = C.X_EVP_ripemd160() + case EVP_SHA1: + evpMD = C.X_EVP_sha1() + case EVP_SHA224: + evpMD = C.X_EVP_sha224() + case EVP_SHA256: + evpMD = C.X_EVP_sha256() + case EVP_SHA384: + evpMD = C.X_EVP_sha384() + case EVP_SHA512: + evpMD = C.X_EVP_sha512() + case EVP_SHA512_224: + evpMD = C.X_EVP_sha512_224() + case EVP_SHA512_256: + evpMD = C.X_EVP_sha512_256() + case EVP_SHA3_224: + evpMD = C.X_EVP_sha3_224() + case EVP_SHA3_256: + evpMD = C.X_EVP_sha3_256() + case EVP_SHA3_384: + evpMD = C.X_EVP_sha3_384() + case EVP_SHA3_512: + evpMD = C.X_EVP_sha3_512() + case EVP_SHAKE128: + evpMD = C.X_EVP_shake128() + case EVP_SHAKE256: + evpMD = C.X_EVP_shake256() + case EVP_SM3: + panic("Not implemented yet") + default: + panic("Not implemented yet") + } + return +} + diff --git a/md4.go b/md4.go index e5cc7d86..0a717c61 100644 --- a/md4.go +++ b/md4.go @@ -17,63 +17,27 @@ package openssl // #include "shim.h" import "C" -import ( - "errors" - "runtime" - "unsafe" -) - type MD4Hash struct { - ctx *C.EVP_MD_CTX - engine *Engine + *DigestComputer } func NewMD4Hash() (*MD4Hash, error) { return NewMD4HashWithEngine(nil) } func NewMD4HashWithEngine(e *Engine) (*MD4Hash, error) { - hash := &MD4Hash{engine: e} - hash.ctx = C.X_EVP_MD_CTX_new() - if hash.ctx == nil { - return nil, errors.New("openssl: md4: unable to allocate ctx") - } - runtime.SetFinalizer(hash, func(hash *MD4Hash) { hash.Close() }) - if err := hash.Reset(); err != nil { + dc, err := NewDigestComputerWithEngine(e, EVP_MD4) + if err != nil { return nil, err } - return hash, nil -} - -func (s *MD4Hash) Close() { - if s.ctx != nil { - C.X_EVP_MD_CTX_free(s.ctx) - s.ctx = nil - } -} - -func (s *MD4Hash) Reset() error { - if 1 != C.X_EVP_DigestInit_ex(s.ctx, C.X_EVP_md4(), engineRef(s.engine)) { - return errors.New("openssl: md4: cannot init digest ctx") - } - return nil -} - -func (s *MD4Hash) Write(p []byte) (n int, err error) { - if len(p) == 0 { - return 0, nil - } - if 1 != C.X_EVP_DigestUpdate(s.ctx, unsafe.Pointer(&p[0]), - C.size_t(len(p))) { - return 0, errors.New("openssl: md4: cannot update digest") - } - return len(p), nil + return &MD4Hash{DigestComputer: dc}, nil } func (s *MD4Hash) Sum() (result [16]byte, err error) { - if 1 != C.X_EVP_DigestFinal_ex(s.ctx, - (*C.uchar)(unsafe.Pointer(&result[0])), nil) { - return result, errors.New("openssl: md4: cannot finalize ctx") + sum, err := s.DigestComputer.Sum() + if err != nil { + return } - return result, s.Reset() + copy(result[:], sum) + return } func MD4(data []byte) (result [16]byte, err error) { diff --git a/md4_test.go b/md4_test.go index b31c7e64..9e953e59 100644 --- a/md4_test.go +++ b/md4_test.go @@ -120,9 +120,17 @@ func benchmarkMD4(b *testing.B, length int64, fn md4func) { } func BenchmarkMD4Large_openssl(b *testing.B) { - benchmarkMD4(b, 1024*1024, func(buf []byte) { MD4(buf) }) + benchmarkMD4(b, 1024*1024, func(buf []byte) { + if _, err := MD4(buf); err != nil { + b.Fatal(err) + } + }) } func BenchmarkMD4Small_openssl(b *testing.B) { - benchmarkMD4(b, 1, func(buf []byte) { MD4(buf) }) + benchmarkMD4(b, 1, func(buf []byte) { + if _, err := MD4(buf); err != nil { + b.Fatal(err) + } + }) } diff --git a/md5.go b/md5.go index 82f2eb2f..01447ec8 100644 --- a/md5.go +++ b/md5.go @@ -17,63 +17,27 @@ package openssl // #include "shim.h" import "C" -import ( - "errors" - "runtime" - "unsafe" -) - type MD5Hash struct { - ctx *C.EVP_MD_CTX - engine *Engine + *DigestComputer } func NewMD5Hash() (*MD5Hash, error) { return NewMD5HashWithEngine(nil) } func NewMD5HashWithEngine(e *Engine) (*MD5Hash, error) { - hash := &MD5Hash{engine: e} - hash.ctx = C.X_EVP_MD_CTX_new() - if hash.ctx == nil { - return nil, errors.New("openssl: md5: unable to allocate ctx") - } - runtime.SetFinalizer(hash, func(hash *MD5Hash) { hash.Close() }) - if err := hash.Reset(); err != nil { + dc, err := NewDigestComputerWithEngine(e, EVP_MD5) + if err != nil { return nil, err } - return hash, nil -} - -func (s *MD5Hash) Close() { - if s.ctx != nil { - C.X_EVP_MD_CTX_free(s.ctx) - s.ctx = nil - } -} - -func (s *MD5Hash) Reset() error { - if 1 != C.X_EVP_DigestInit_ex(s.ctx, C.X_EVP_md5(), engineRef(s.engine)) { - return errors.New("openssl: md5: cannot init digest ctx") - } - return nil -} - -func (s *MD5Hash) Write(p []byte) (n int, err error) { - if len(p) == 0 { - return 0, nil - } - if 1 != C.X_EVP_DigestUpdate(s.ctx, unsafe.Pointer(&p[0]), - C.size_t(len(p))) { - return 0, errors.New("openssl: md5: cannot update digest") - } - return len(p), nil + return &MD5Hash{DigestComputer: dc}, nil } func (s *MD5Hash) Sum() (result [16]byte, err error) { - if 1 != C.X_EVP_DigestFinal_ex(s.ctx, - (*C.uchar)(unsafe.Pointer(&result[0])), nil) { - return result, errors.New("openssl: md5: cannot finalize ctx") + sum, err := s.DigestComputer.Sum() + if err != nil { + return } - return result, s.Reset() + copy(result[:], sum) + return } func MD5(data []byte) (result [16]byte, err error) { diff --git a/sha1.go b/sha1.go index c227bee8..4c9368d6 100644 --- a/sha1.go +++ b/sha1.go @@ -17,70 +17,27 @@ package openssl // #include "shim.h" import "C" -import ( - "errors" - "runtime" - "unsafe" -) - type SHA1Hash struct { - ctx *C.EVP_MD_CTX - engine *Engine + *DigestComputer } func NewSHA1Hash() (*SHA1Hash, error) { return NewSHA1HashWithEngine(nil) } func NewSHA1HashWithEngine(e *Engine) (*SHA1Hash, error) { - hash := &SHA1Hash{engine: e} - hash.ctx = C.X_EVP_MD_CTX_new() - if hash.ctx == nil { - return nil, errors.New("openssl: sha1: unable to allocate ctx") - } - runtime.SetFinalizer(hash, func(hash *SHA1Hash) { hash.Close() }) - if err := hash.Reset(); err != nil { + dc, err := NewDigestComputerWithEngine(e, EVP_SHA1) + if err != nil { return nil, err } - return hash, nil -} - -func (s *SHA1Hash) Close() { - if s.ctx != nil { - C.X_EVP_MD_CTX_free(s.ctx) - s.ctx = nil - } -} - -func engineRef(e *Engine) *C.ENGINE { - if e == nil { - return nil - } - return e.e -} - -func (s *SHA1Hash) Reset() error { - if 1 != C.X_EVP_DigestInit_ex(s.ctx, C.X_EVP_sha1(), engineRef(s.engine)) { - return errors.New("openssl: sha1: cannot init digest ctx") - } - return nil -} - -func (s *SHA1Hash) Write(p []byte) (n int, err error) { - if len(p) == 0 { - return 0, nil - } - if 1 != C.X_EVP_DigestUpdate(s.ctx, unsafe.Pointer(&p[0]), - C.size_t(len(p))) { - return 0, errors.New("openssl: sha1: cannot update digest") - } - return len(p), nil + return &SHA1Hash{DigestComputer: dc}, nil } func (s *SHA1Hash) Sum() (result [20]byte, err error) { - if 1 != C.X_EVP_DigestFinal_ex(s.ctx, - (*C.uchar)(unsafe.Pointer(&result[0])), nil) { - return result, errors.New("openssl: sha1: cannot finalize ctx") + sum, err := s.DigestComputer.Sum() + if err != nil { + return } - return result, s.Reset() + copy(result[:], sum) + return } func SHA1(data []byte) (result [20]byte, err error) { diff --git a/sha256.go b/sha256.go index d25c7a95..d4135b4a 100644 --- a/sha256.go +++ b/sha256.go @@ -17,63 +17,27 @@ package openssl // #include "shim.h" import "C" -import ( - "errors" - "runtime" - "unsafe" -) - type SHA256Hash struct { - ctx *C.EVP_MD_CTX - engine *Engine + *DigestComputer } func NewSHA256Hash() (*SHA256Hash, error) { return NewSHA256HashWithEngine(nil) } func NewSHA256HashWithEngine(e *Engine) (*SHA256Hash, error) { - hash := &SHA256Hash{engine: e} - hash.ctx = C.X_EVP_MD_CTX_new() - if hash.ctx == nil { - return nil, errors.New("openssl: sha256: unable to allocate ctx") - } - runtime.SetFinalizer(hash, func(hash *SHA256Hash) { hash.Close() }) - if err := hash.Reset(); err != nil { + dc, err := NewDigestComputerWithEngine(e, EVP_SHA256) + if err != nil { return nil, err } - return hash, nil -} - -func (s *SHA256Hash) Close() { - if s.ctx != nil { - C.X_EVP_MD_CTX_free(s.ctx) - s.ctx = nil - } -} - -func (s *SHA256Hash) Reset() error { - if 1 != C.X_EVP_DigestInit_ex(s.ctx, C.X_EVP_sha256(), engineRef(s.engine)) { - return errors.New("openssl: sha256: cannot init digest ctx") - } - return nil -} - -func (s *SHA256Hash) Write(p []byte) (n int, err error) { - if len(p) == 0 { - return 0, nil - } - if 1 != C.X_EVP_DigestUpdate(s.ctx, unsafe.Pointer(&p[0]), - C.size_t(len(p))) { - return 0, errors.New("openssl: sha256: cannot update digest") - } - return len(p), nil + return &SHA256Hash{DigestComputer: dc}, nil } func (s *SHA256Hash) Sum() (result [32]byte, err error) { - if 1 != C.X_EVP_DigestFinal_ex(s.ctx, - (*C.uchar)(unsafe.Pointer(&result[0])), nil) { - return result, errors.New("openssl: sha256: cannot finalize ctx") + sum, err := s.DigestComputer.Sum() + if err != nil { + return } - return result, s.Reset() + copy(result[:], sum) + return } func SHA256(data []byte) (result [32]byte, err error) { diff --git a/shim.c b/shim.c index 6e680841..664f6ea6 100644 --- a/shim.c +++ b/shim.c @@ -598,26 +598,50 @@ const EVP_MD *X_EVP_md_null() { return EVP_md_null(); } -const EVP_MD *X_EVP_md5() { - return EVP_md5(); +const EVP_MD *X_EVP_blake2b512() { +#if OPENSSL_VERSION_NUMBER >= 0x1010000fL + return EVP_blake2b512(); +#else + return NULL; +#endif +} + +const EVP_MD *X_EVP_blake2s256() { +#if OPENSSL_VERSION_NUMBER >= 0x1010000fL + return EVP_blake2s256(); +#else + return NULL; +#endif +} + +const EVP_MD *X_EVP_md2() { +#if OPENSSL_VERSION_NUMBER >= 0x1010000fL + return EVP_md2(); +#else + return NULL; +#endif } const EVP_MD *X_EVP_md4() { return EVP_md4(); } -const EVP_MD *X_EVP_ripemd160() { - return EVP_ripemd160(); +const EVP_MD *X_EVP_md5() { + return EVP_md5(); } -const EVP_MD *X_EVP_sha224() { - return EVP_sha224(); +const EVP_MD *X_EVP_ripemd160() { + return EVP_ripemd160(); } const EVP_MD *X_EVP_sha1() { return EVP_sha1(); } +const EVP_MD *X_EVP_sha224() { + return EVP_sha224(); +} + const EVP_MD *X_EVP_sha256() { return EVP_sha256(); } @@ -630,6 +654,74 @@ const EVP_MD *X_EVP_sha512() { return EVP_sha512(); } +const EVP_MD *X_EVP_sha512_224() { +#if OPENSSL_VERSION_NUMBER >= 0x1010100fL + return EVP_sha512_224(); +#else + return NULL; +#endif +} + +const EVP_MD *X_EVP_sha512_256() { +#if OPENSSL_VERSION_NUMBER >= 0x1010100fL + return EVP_sha512_256(); +#else + return NULL; +#endif +} + +const EVP_MD *X_EVP_sha3_224() { +#if OPENSSL_VERSION_NUMBER >= 0x1010100fL + return EVP_sha3_224(); +#else + return NULL; +#endif +} + +const EVP_MD *X_EVP_sha3_256() { +#if OPENSSL_VERSION_NUMBER >= 0x1010100fL + return EVP_sha3_256(); +#else + return NULL; +#endif +} + +const EVP_MD *X_EVP_sha3_384() { +#if OPENSSL_VERSION_NUMBER >= 0x1010100fL + return EVP_sha3_384(); +#else + return NULL; +#endif +} + +const EVP_MD *X_EVP_sha3_512() { +#if OPENSSL_VERSION_NUMBER >= 0x1010100fL + return EVP_sha3_512(); +#else + return NULL; +#endif +} + +const EVP_MD *X_EVP_shake128() { +#if OPENSSL_VERSION_NUMBER >= 0x1010100fL + return EVP_shake128(); +#else + return NULL; +#endif +} + +const EVP_MD *X_EVP_shake256() { +#if OPENSSL_VERSION_NUMBER >= 0x1010100fL + return EVP_shake256(); +#else + return NULL; +#endif +} + +const EVP_MD *X_EVP_whirlpool() { + return EVP_whirlpool(); +} + int X_EVP_MD_size(const EVP_MD *md) { return EVP_MD_size(md); } diff --git a/shim.h b/shim.h index b792822b..056b32fb 100644 --- a/shim.h +++ b/shim.h @@ -108,8 +108,9 @@ extern const EVP_MD *X_EVP_get_digestbyname(const char *name); extern EVP_MD_CTX *X_EVP_MD_CTX_new(); extern void X_EVP_MD_CTX_free(EVP_MD_CTX *ctx); extern const EVP_MD *X_EVP_md_null(); -extern const EVP_MD *X_EVP_md5(); +extern const EVP_MD *X_EVP_md2(); extern const EVP_MD *X_EVP_md4(); +extern const EVP_MD *X_EVP_md5(); extern const EVP_MD *X_EVP_sha(); extern const EVP_MD *X_EVP_sha1(); extern const EVP_MD *X_EVP_dss(); @@ -119,6 +120,16 @@ extern const EVP_MD *X_EVP_sha224(); extern const EVP_MD *X_EVP_sha256(); extern const EVP_MD *X_EVP_sha384(); extern const EVP_MD *X_EVP_sha512(); +extern const EVP_MD *X_EVP_sha512_224(); +extern const EVP_MD *X_EVP_sha512_256(); +extern const EVP_MD *X_EVP_sha3_224(); +extern const EVP_MD *X_EVP_sha3_256(); +extern const EVP_MD *X_EVP_sha3_384(); +extern const EVP_MD *X_EVP_sha3_512(); +extern const EVP_MD *X_EVP_blake2b512(); +extern const EVP_MD *X_EVP_blake2s256(); +extern const EVP_MD *X_EVP_shake128(); +extern const EVP_MD *X_EVP_shake256(); extern int X_EVP_MD_size(const EVP_MD *md); extern int X_EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); extern int X_EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);