diff options
| author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2021-03-29 19:32:48 +0200 |
|---|---|---|
| committer | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2021-05-08 14:41:36 +0200 |
| commit | 4d49b68504cc494e552bce8e0b82ec8b501d5abe (patch) | |
| tree | 24870549aee659def396116715f8d10c1ea71de3 /providers | |
| parent | 0a8a6afdfb71e42962921980b51942cea8632697 (diff) | |
| download | openssl-new-4d49b68504cc494e552bce8e0b82ec8b501d5abe.tar.gz | |
Crypto: Add deprecation compatibility declarations for SHA* message digest functions
Also add hints to SHA256_Init.pod and CHANGES.md how to replace SHA256() etc.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14741)
Diffstat (limited to 'providers')
| -rw-r--r-- | providers/fips-sources.checksums | 6 | ||||
| -rw-r--r-- | providers/fips.checksum | 2 | ||||
| -rw-r--r-- | providers/implementations/ciphers/cipher_tdes_wrap.c | 10 |
3 files changed, 9 insertions, 9 deletions
diff --git a/providers/fips-sources.checksums b/providers/fips-sources.checksums index 6175384c2d..0ab5e40394 100644 --- a/providers/fips-sources.checksums +++ b/providers/fips-sources.checksums @@ -166,7 +166,7 @@ fa39906519062932adafb63cbf05b5dfa7563673576d421c80ec6b889d024e84 crypto/ec/ecp_ 22c44f561ab42d1bd7fd3a3c538ebaba375a704f98056b035e7949d73963c580 crypto/ec/ecx_key.c 7c7f3e2a19a95d62942790e525f00cccc87e46da099a0c96d101787d68c75128 crypto/evp/asymcipher.c 0e75a058dcbbb62cfe39fec6c4a85385dc1a8fce794e4278ce6cebb29763b82b crypto/evp/dh_support.c -4433d40517d9550f6a1db90dfb912e32ee10b95497ddfc2a7edb2116f87ee531 crypto/evp/digest.c +e819c499207dd2ee5457cd9411c6089e13476bedf41de2aa67e10b13810ff0e5 crypto/evp/digest.c 87599335b61f97362799170d7b19cbbf775bfecc0fab570b267c7622241cfad8 crypto/evp/ec_support.c c146c0a8a06e3c558207c1c76039dd2a61a2160cc243e9e3de2e290bc6e1b2d0 crypto/evp/evp_enc.c 9b4956b5c28db987001b33421aacf3b9f352181f874c768ad1b034e083483561 crypto/evp/evp_fetch.c @@ -297,9 +297,9 @@ f64d16c1e5c3fa4a7969de494a8372127502171a517c14be7a1e3a43a7308699 crypto/sha/asm 8725cabb8d695c576619f19283b034074a3fa0f1c0be952a9dbe9793be15b907 crypto/sha/asm/sha512p8-ppc.pl 4d13c5020a92190d43721018c50776fd4df858fe92f3cce1d465ed98dfb142d1 crypto/sha/keccak1600.c 306cacd3f86e5cacaca74c58ef862516515e5c0cafaff48636d537fd84f1c2fb crypto/sha/sha1dgst.c -b40bd40b91a2ecdba63777758f84c5405a92e673636dba2cb83512c34aae3882 crypto/sha/sha256.c +4d8cf04f5806611e7586aab47fb28165ec1afb00168e2c9876bb36cb5c29bf8b crypto/sha/sha256.c 01aff75580e47ee880f411a319ed5d86198df464e3b8056b8734698e3c8d4d07 crypto/sha/sha3.c -7598a626c55fb6505cc234cb438c78846756cde95c4400ca07bf9460b9bec834 crypto/sha/sha512.c +65ef028da082f1a9b6ce2c45ae5644895b7fca356a798fca65428852ccf24b96 crypto/sha/sha512.c 86913a593b55c759a3824eeede398f966278d79c148bef41986c5ac4e48f0bd7 crypto/sparse_array.c 32b48ac523d69b65d46b5588cd75697c473eec0b97bdefc820f436f25403a1df crypto/stack/stack.c 7b4efa594d8d1f3ecbf4605cf54f72fb296a3b1d951bdc69e415aaa08f34e5c8 crypto/threads_lib.c diff --git a/providers/fips.checksum b/providers/fips.checksum index 50a9c51b5c..cbb359f123 100644 --- a/providers/fips.checksum +++ b/providers/fips.checksum @@ -1 +1 @@ -4d501c5fb8a5646c618eb02511a7a1ffab71823f6adee558ee30df8bb4bd6f40 providers/fips-sources.checksums +db2202782291f6e77fbe9f6271517cb41d7c06790a606a61f69e564f002f76f5 providers/fips-sources.checksums diff --git a/providers/implementations/ciphers/cipher_tdes_wrap.c b/providers/implementations/ciphers/cipher_tdes_wrap.c index be109129bd..4bfd17f515 100644 --- a/providers/implementations/ciphers/cipher_tdes_wrap.c +++ b/providers/implementations/ciphers/cipher_tdes_wrap.c @@ -18,6 +18,7 @@ #include <openssl/proverr.h> #include "cipher_tdes_default.h" #include "crypto/evp.h" +#include "crypto/sha.h" #include "prov/implementations.h" #include "prov/providercommon.h" @@ -64,10 +65,8 @@ static int des_ede3_unwrap(PROV_CIPHER_CTX *ctx, unsigned char *out, /* Decrypt again using new IV */ ctx->hw->cipher(ctx, out, out, inl - 16); ctx->hw->cipher(ctx, icv, icv, 8); - /* Work out SHA1 hash of first portion */ - SHA1(out, inl - 16, sha1tmp); - - if (!CRYPTO_memcmp(sha1tmp, icv, 8)) + if (ossl_sha1(out, inl - 16, sha1tmp) /* Work out hash of first portion */ + && CRYPTO_memcmp(sha1tmp, icv, 8) == 0) rv = inl - 16; OPENSSL_cleanse(icv, 8); OPENSSL_cleanse(sha1tmp, SHA_DIGEST_LENGTH); @@ -93,7 +92,8 @@ static int des_ede3_wrap(PROV_CIPHER_CTX *ctx, unsigned char *out, /* Copy input to output buffer + 8 so we have space for IV */ memmove(out + ivlen, in, inl); /* Work out ICV */ - SHA1(in, inl, sha1tmp); + if (!ossl_sha1(in, inl, sha1tmp)) + return 0; memcpy(out + inl + ivlen, sha1tmp, icvlen); OPENSSL_cleanse(sha1tmp, SHA_DIGEST_LENGTH); /* Generate random IV */ |