[openssl-commits] [openssl] master update

Mon Nov 30 00:36:31 UTC 2015

The branch master has been updated
       via  152fbc28e80f46dd1183989b3839e89031631806 (commit)
      from  9446daac5b7be3210e9c5d80c3d95309d946ee38 (commit)


- Log -----------------------------------------------------------------
commit 152fbc28e80f46dd1183989b3839e89031631806
Author: Dr. Stephen Henson <steve at openssl.org>
Date:   Sun Nov 29 16:27:08 2015 +0000

    Use digest tables for defaults.
    
    Reviewed-by: Viktor Dukhovni <viktor at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 ssl/ssl_ciph.c |  6 +++---
 ssl/ssl_locl.h |  1 +
 ssl/t1_lib.c   | 14 +++++++-------
 3 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index 4e3c1e5..2059fa0 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -712,7 +712,7 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
         return (0);
 }
 
-static const EVP_MD *ssl_cipher_table_idx(int idx)
+const EVP_MD *ssl_md(int idx)
 {
     idx &= SSL_HANDSHAKE_MAC_MASK;
     if (idx < 0 || idx >= SSL_MD_NUM_IDX)
@@ -722,12 +722,12 @@ static const EVP_MD *ssl_cipher_table_idx(int idx)
 
 const EVP_MD *ssl_handshake_md(SSL *s)
 {
-    return ssl_cipher_table_idx(ssl_get_algorithm2(s));
+    return ssl_md(ssl_get_algorithm2(s));
 }
 
 const EVP_MD *ssl_prf_md(SSL *s)
 {
-    return ssl_cipher_table_idx(ssl_get_algorithm2(s) >> TLS1_PRF_DGST_SHIFT);
+    return ssl_md(ssl_get_algorithm2(s) >> TLS1_PRF_DGST_SHIFT);
 }
 
 #define ITEM_SEP(a) \
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 0cbb3cc..9d28b97 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -2139,6 +2139,7 @@ __owur int ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len,
 __owur int ssl_parse_serverhello_use_srtp_ext(SSL *s, PACKET *pkt, int *al);
 
 __owur int ssl_handshake_hash(SSL *s, unsigned char *out, int outlen);
+__owur const EVP_MD *ssl_md(int idx);
 __owur const EVP_MD *ssl_handshake_md(SSL *s);
 __owur const EVP_MD *ssl_prf_md(SSL *s);
 
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 2784fa1..ed6fb07 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -2706,22 +2706,22 @@ void ssl_set_default_md(SSL *s)
 {
     const EVP_MD **pmd = s->s3->tmp.md;
 #ifndef OPENSSL_NO_DSA
-    pmd[SSL_PKEY_DSA_SIGN] = EVP_sha1();
+    pmd[SSL_PKEY_DSA_SIGN] = ssl_md(SSL_MD_SHA1_IDX);
 #endif
 #ifndef OPENSSL_NO_RSA
     if (SSL_USE_SIGALGS(s))
-        pmd[SSL_PKEY_RSA_SIGN] = EVP_sha1();
+        pmd[SSL_PKEY_RSA_SIGN] = ssl_md(SSL_MD_SHA1_IDX);
     else
-        pmd[SSL_PKEY_RSA_SIGN] = EVP_md5_sha1();
+        pmd[SSL_PKEY_RSA_SIGN] = ssl_md(SSL_MD_MD5_SHA1_IDX);
     pmd[SSL_PKEY_RSA_ENC] = pmd[SSL_PKEY_RSA_SIGN];
 #endif
 #ifndef OPENSSL_NO_EC
-    pmd[SSL_PKEY_ECC] = EVP_sha1();
+    pmd[SSL_PKEY_ECC] = ssl_md(SSL_MD_SHA1_IDX);
 #endif
 #ifndef OPENSSL_NO_GOST
-    pmd[SSL_PKEY_GOST01] = EVP_get_digestbynid(NID_id_GostR3411_94);
-    pmd[SSL_PKEY_GOST12_256] = EVP_get_digestbynid(NID_id_GostR3411_2012_256);
-    pmd[SSL_PKEY_GOST12_512] = EVP_get_digestbynid(NID_id_GostR3411_2012_512);
+    pmd[SSL_PKEY_GOST01] = ssl_md(SSL_MD_GOST94_IDX);
+    pmd[SSL_PKEY_GOST12_256] = ssl_md(SSL_MD_GOST12_256_IDX);
+    pmd[SSL_PKEY_GOST12_512] = ssl_md(SSL_MD_GOST12_512_IDX);
 #endif
 }
 
