[openssl] openssl-3.0 update
tomas at openssl.org
tomas at openssl.org
Mon Nov 15 08:26:09 UTC 2021
The branch openssl-3.0 has been updated
via cf9a84a12dc4f3b314347e44f5c51b473a504926 (commit)
from 487934081d87a0d02bbb9afd6bd650d5d1afe8ea (commit)
- Log -----------------------------------------------------------------
commit cf9a84a12dc4f3b314347e44f5c51b473a504926
Author: Tomas Mraz <tomas at openssl.org>
Date: Fri Nov 12 16:31:35 2021 +0100
Add null digest implementation to the default provider
This is necessary to keep compatibility with 1.1.1.
Fixes #16660
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17016)
(cherry picked from commit bef9b48e5071cdd2b41a4f486d1bcb5e14b2a5c3)
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/digest.c | 5 ++-
providers/defltprov.c | 1 +
providers/implementations/digests/build.info | 3 ++
providers/implementations/digests/null_prov.c | 52 ++++++++++++++++++++++
.../implementations/include/prov/digestcommon.h | 23 +++++-----
.../implementations/include/prov/implementations.h | 1 +
test/evp_extra_test.c | 30 +++++++++++++
7 files changed, 104 insertions(+), 11 deletions(-)
create mode 100644 providers/implementations/digests/null_prov.c
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 1f2910bc69..a269bb8260 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -228,7 +228,10 @@ static int evp_md_init_internal(EVP_MD_CTX *ctx, const EVP_MD *type,
ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
return 0;
#else
- EVP_MD *provmd = EVP_MD_fetch(NULL, OBJ_nid2sn(type->type), "");
+ /* The NULL digest is a special case */
+ EVP_MD *provmd = EVP_MD_fetch(NULL,
+ type->type != NID_undef ? OBJ_nid2sn(type->type)
+ : "NULL", "");
if (provmd == NULL) {
ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
diff --git a/providers/defltprov.c b/providers/defltprov.c
index 62258da723..6e669fbdfb 100644
--- a/providers/defltprov.c
+++ b/providers/defltprov.c
@@ -148,6 +148,7 @@ static const OSSL_ALGORITHM deflt_digests[] = {
{ PROV_NAMES_MD5_SHA1, "provider=default", ossl_md5_sha1_functions },
#endif /* OPENSSL_NO_MD5 */
+ { PROV_NAMES_NULL, "provider=default", ossl_nullmd_functions },
{ NULL, NULL, NULL }
};
diff --git a/providers/implementations/digests/build.info b/providers/implementations/digests/build.info
index 2c2b0c3db0..c6508b6e85 100644
--- a/providers/implementations/digests/build.info
+++ b/providers/implementations/digests/build.info
@@ -9,6 +9,7 @@ $SHA3_GOAL=../../libdefault.a ../../libfips.a
$BLAKE2_GOAL=../../libdefault.a
$SM3_GOAL=../../libdefault.a
$MD5_GOAL=../../libdefault.a
+$NULL_GOAL=../../libdefault.a
$MD2_GOAL=../../liblegacy.a
$MD4_GOAL=../../liblegacy.a
@@ -22,6 +23,8 @@ SOURCE[$COMMON_GOAL]=digestcommon.c
SOURCE[$SHA2_GOAL]=sha2_prov.c
SOURCE[$SHA3_GOAL]=sha3_prov.c
+SOURCE[$NULL_GOAL]=null_prov.c
+
IF[{- !$disabled{blake2} -}]
SOURCE[$BLAKE2_GOAL]=blake2_prov.c blake2b_prov.c blake2s_prov.c
ENDIF
diff --git a/providers/implementations/digests/null_prov.c b/providers/implementations/digests/null_prov.c
new file mode 100644
index 0000000000..b220a1966f
--- /dev/null
+++ b/providers/implementations/digests/null_prov.c
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/crypto.h>
+#include "prov/digestcommon.h"
+#include "prov/implementations.h"
+
+typedef struct {
+ unsigned char nothing;
+} NULLMD_CTX;
+
+static int null_init(NULLMD_CTX *ctx)
+{
+ return 1;
+}
+
+static int null_update(NULLMD_CTX *ctx, const void *data, size_t datalen)
+{
+ return 1;
+}
+
+static int null_final(unsigned char *md, NULLMD_CTX *ctx)
+{
+ return 1;
+}
+
+/*
+ * We must override the PROV_FUNC_DIGEST_FINAL as dgstsize == 0
+ * and that would cause compilation warnings with the default implementation.
+ */
+#undef PROV_FUNC_DIGEST_FINAL
+#define PROV_FUNC_DIGEST_FINAL(name, dgstsize, fin) \
+static OSSL_FUNC_digest_final_fn name##_internal_final; \
+static int name##_internal_final(void *ctx, unsigned char *out, size_t *outl, \
+ size_t outsz) \
+{ \
+ if (ossl_prov_is_running() && fin(out, ctx)) { \
+ *outl = dgstsize; \
+ return 1; \
+ } \
+ return 0; \
+}
+
+IMPLEMENT_digest_functions(nullmd, NULLMD_CTX,
+ 0, 0, 0,
+ null_init, null_update, null_final)
diff --git a/providers/implementations/include/prov/digestcommon.h b/providers/implementations/include/prov/digestcommon.h
index b0ed83648d..abdb8bb2ad 100644
--- a/providers/implementations/include/prov/digestcommon.h
+++ b/providers/implementations/include/prov/digestcommon.h
@@ -35,6 +35,18 @@ static int name##_get_params(OSSL_PARAM params[]) \
{ OSSL_FUNC_DIGEST_GETTABLE_PARAMS, \
(void (*)(void))ossl_digest_default_gettable_params }
+# define PROV_FUNC_DIGEST_FINAL(name, dgstsize, fin) \
+static OSSL_FUNC_digest_final_fn name##_internal_final; \
+static int name##_internal_final(void *ctx, unsigned char *out, size_t *outl, \
+ size_t outsz) \
+{ \
+ if (ossl_prov_is_running() && outsz >= dgstsize && fin(out, ctx)) { \
+ *outl = dgstsize; \
+ return 1; \
+ } \
+ return 0; \
+}
+
# define PROV_DISPATCH_FUNC_DIGEST_CONSTRUCT_START( \
name, CTX, blksize, dgstsize, flags, upd, fin) \
static OSSL_FUNC_digest_newctx_fn name##_newctx; \
@@ -58,16 +70,7 @@ static void *name##_dupctx(void *ctx) \
*ret = *in; \
return ret; \
} \
-static OSSL_FUNC_digest_final_fn name##_internal_final; \
-static int name##_internal_final(void *ctx, unsigned char *out, size_t *outl, \
- size_t outsz) \
-{ \
- if (ossl_prov_is_running() && outsz >= dgstsize && fin(out, ctx)) { \
- *outl = dgstsize; \
- return 1; \
- } \
- return 0; \
-} \
+PROV_FUNC_DIGEST_FINAL(name, dgstsize, fin) \
PROV_FUNC_DIGEST_GET_PARAM(name, blksize, dgstsize, flags) \
const OSSL_DISPATCH ossl_##name##_functions[] = { \
{ OSSL_FUNC_DIGEST_NEWCTX, (void (*)(void))name##_newctx }, \
diff --git a/providers/implementations/include/prov/implementations.h b/providers/implementations/include/prov/implementations.h
index 73e1823742..30e5e4cd77 100644
--- a/providers/implementations/include/prov/implementations.h
+++ b/providers/implementations/include/prov/implementations.h
@@ -36,6 +36,7 @@ extern const OSSL_DISPATCH ossl_md4_functions[];
extern const OSSL_DISPATCH ossl_mdc2_functions[];
extern const OSSL_DISPATCH ossl_wp_functions[];
extern const OSSL_DISPATCH ossl_ripemd160_functions[];
+extern const OSSL_DISPATCH ossl_nullmd_functions[];
/* Ciphers */
extern const OSSL_DISPATCH ossl_null_functions[];
diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c
index a8d4d6cf4d..0db48a7c93 100644
--- a/test/evp_extra_test.c
+++ b/test/evp_extra_test.c
@@ -1445,6 +1445,35 @@ static int test_EVP_Digest(void)
return ret;
}
+static int test_EVP_md_null(void)
+{
+ int ret = 0;
+ EVP_MD_CTX *md_ctx = NULL;
+ const EVP_MD *md_null = EVP_md_null();
+ unsigned char md_value[EVP_MAX_MD_SIZE];
+ unsigned int md_len = sizeof(md_value);
+
+ if (nullprov != NULL)
+ return TEST_skip("Test does not support a non-default library context");
+
+ if (!TEST_ptr(md_null)
+ || !TEST_ptr(md_ctx = EVP_MD_CTX_new()))
+ goto out;
+
+ if (!TEST_true(EVP_DigestInit_ex(md_ctx, md_null, NULL))
+ || !TEST_true(EVP_DigestUpdate(md_ctx, "test", 4))
+ || !TEST_true(EVP_DigestFinal_ex(md_ctx, md_value, &md_len)))
+ goto out;
+
+ if (!TEST_uint_eq(md_len, 0))
+ goto out;
+
+ ret = 1;
+ out:
+ EVP_MD_CTX_free(md_ctx);
+ return ret;
+}
+
static int test_d2i_AutoPrivateKey(int i)
{
int ret = 0;
@@ -4249,6 +4278,7 @@ int setup_tests(void)
ADD_TEST(test_siphash_digestsign);
#endif
ADD_TEST(test_EVP_Digest);
+ ADD_TEST(test_EVP_md_null);
ADD_ALL_TESTS(test_EVP_PKEY_sign, 3);
ADD_ALL_TESTS(test_EVP_Enveloped, 2);
ADD_ALL_TESTS(test_d2i_AutoPrivateKey, OSSL_NELEM(keydata));
More information about the openssl-commits
mailing list