diff --git a/apps/pkcs12.c b/apps/pkcs12.c index 1e26c1333ba03..0de46f008d2d7 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -58,7 +58,7 @@ */ #include -#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1) +#if !defined(OPENSSL_NO_DES) # include # include diff --git a/apps/progs.h b/apps/progs.h index c66da3036b11a..9a8a1923eee36 100644 --- a/apps/progs.h +++ b/apps/progs.h @@ -128,7 +128,7 @@ FUNCTION functions[] = { {FUNC_TYPE_GENERAL, "ciphers", ciphers_main}, #endif {FUNC_TYPE_GENERAL, "nseq", nseq_main}, -#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1) +#if !defined(OPENSSL_NO_DES) {FUNC_TYPE_GENERAL, "pkcs12", pkcs12_main}, #endif {FUNC_TYPE_GENERAL, "pkcs8", pkcs8_main}, @@ -158,30 +158,18 @@ FUNCTION functions[] = { #ifndef OPENSSL_NO_MD5 {FUNC_TYPE_MD, "md5", dgst_main}, #endif -#ifndef OPENSSL_NO_SHA {FUNC_TYPE_MD, "sha", dgst_main}, -#endif -#ifndef OPENSSL_NO_SHA1 {FUNC_TYPE_MD, "sha1", dgst_main}, -#endif #ifndef OPENSSL_NO_MDC2 {FUNC_TYPE_MD, "mdc2", dgst_main}, #endif #ifndef OPENSSL_NO_RMD160 {FUNC_TYPE_MD, "rmd160", dgst_main}, #endif -#ifndef OPENSSL_NO_SHA224 {FUNC_TYPE_MD, "sha224", dgst_main}, -#endif -#ifndef OPENSSL_NO_SHA256 {FUNC_TYPE_MD, "sha256", dgst_main}, -#endif -#ifndef OPENSSL_NO_SHA384 {FUNC_TYPE_MD, "sha384", dgst_main}, -#endif -#ifndef OPENSSL_NO_SHA512 {FUNC_TYPE_MD, "sha512", dgst_main}, -#endif #ifndef OPENSSL_NO_AES {FUNC_TYPE_CIPHER, "aes-128-cbc", enc_main}, #endif diff --git a/apps/progs.pl b/apps/progs.pl index 8695742f28fc3..09dd00b7ee282 100644 --- a/apps/progs.pl +++ b/apps/progs.pl @@ -6,22 +6,22 @@ grep(s/^asn1pars$/asn1parse/,@ARGV); foreach (@ARGV) - { printf "extern int %s_main(int argc,char *argv[]);\n",$_; } + { printf "extern int %s_main(int argc, char *argv[]);\n",$_; } print <<'EOF'; -#define FUNC_TYPE_GENERAL 1 -#define FUNC_TYPE_MD 2 -#define FUNC_TYPE_CIPHER 3 -#define FUNC_TYPE_PKEY 4 -#define FUNC_TYPE_MD_ALG 5 -#define FUNC_TYPE_CIPHER_ALG 6 +#define FUNC_TYPE_GENERAL 1 +#define FUNC_TYPE_MD 2 +#define FUNC_TYPE_CIPHER 3 +#define FUNC_TYPE_PKEY 4 +#define FUNC_TYPE_MD_ALG 5 +#define FUNC_TYPE_CIPHER_ALG 6 typedef struct { - int type; - const char *name; - int (*func)(int argc,char *argv[]); - } FUNCTION; + int type; + const char *name; + int (*func) (int argc, char *argv[]); +} FUNCTION; DECLARE_LHASH_OF(FUNCTION); FUNCTION functions[] = { @@ -30,7 +30,7 @@ foreach (@ARGV) { push(@files,$_); - $str="\t{FUNC_TYPE_GENERAL,\"$_\",${_}_main},\n"; + $str=" {FUNC_TYPE_GENERAL, \"$_\", ${_}_main},\n"; if (($_ =~ /^s_/) || ($_ =~ /^ciphers$/)) { print "#if !defined(OPENSSL_NO_SOCK)\n${str}#endif\n"; } elsif ( ($_ =~ /^engine$/)) @@ -44,7 +44,7 @@ elsif ( ($_ =~ /^dh$/) || ($_ =~ /^gendh$/) || ($_ =~ /^dhparam$/)) { print "#ifndef OPENSSL_NO_DH\n${str}#endif\n"; } elsif ( ($_ =~ /^pkcs12$/)) - { print "#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)\n${str}#endif\n"; } + { print "#if !defined(OPENSSL_NO_DES)\n${str}#endif\n"; } elsif ( ($_ =~ /^cms$/)) { print "#ifndef OPENSSL_NO_CMS\n${str}#endif\n"; } elsif ( ($_ =~ /^ocsp$/)) @@ -58,7 +58,9 @@ foreach ("md2","md4","md5","sha","sha1","mdc2","rmd160","sha224","sha256","sha384","sha512") { push(@files,$_); - printf "#ifndef OPENSSL_NO_".uc($_)."\n\t{FUNC_TYPE_MD,\"".$_."\",dgst_main},\n#endif\n"; + printf "#ifndef OPENSSL_NO_".uc($_)."\n" if ! /sha/; + printf " {FUNC_TYPE_MD, \"".$_."\", dgst_main},\n"; + printf "#endif\n" if ! /sha/; } foreach ( @@ -84,7 +86,7 @@ { push(@files,$_); - $t=sprintf("\t{FUNC_TYPE_CIPHER,\"%s\",enc_main},\n",$_); + $t=sprintf(" {FUNC_TYPE_CIPHER, \"%s\", enc_main},\n", $_); if ($_ =~ /des/) { $t="#ifndef OPENSSL_NO_DES\n${t}#endif\n"; } elsif ($_ =~ /aes/) { $t="#ifndef OPENSSL_NO_AES\n${t}#endif\n"; } elsif ($_ =~ /camellia/) { $t="#ifndef OPENSSL_NO_CAMELLIA\n${t}#endif\n"; } @@ -99,4 +101,4 @@ print $t; } -print "\t{0,NULL,NULL}\n\t};\n"; +print " {0, NULL, NULL}\n};\n"; diff --git a/apps/speed.c b/apps/speed.c index f5af9a345e3ce..419dced8078cc 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -137,9 +137,7 @@ # include #endif #include -#ifndef OPENSSL_NO_SHA # include -#endif #ifndef OPENSSL_NO_RMD160 # include #endif @@ -339,15 +337,10 @@ static const int KDF1_SHA1_len = 20; static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen) { -# ifndef OPENSSL_NO_SHA if (*outlen < SHA_DIGEST_LENGTH) return NULL; - else - *outlen = SHA_DIGEST_LENGTH; + *outlen = SHA_DIGEST_LENGTH; return SHA1(in, inlen, out); -# else - return NULL; -# endif /* OPENSSL_NO_SHA */ } #endif /* OPENSSL_NO_ECDH */ @@ -382,15 +375,9 @@ int MAIN(int argc, char **argv) unsigned char md5[MD5_DIGEST_LENGTH]; unsigned char hmac[MD5_DIGEST_LENGTH]; #endif -#ifndef OPENSSL_NO_SHA unsigned char sha[SHA_DIGEST_LENGTH]; -# ifndef OPENSSL_NO_SHA256 unsigned char sha256[SHA256_DIGEST_LENGTH]; -# endif -# ifndef OPENSSL_NO_SHA512 unsigned char sha512[SHA512_DIGEST_LENGTH]; -# endif -#endif #ifndef OPENSSL_NO_WHIRLPOOL unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH]; #endif @@ -827,23 +814,15 @@ int MAIN(int argc, char **argv) doit[D_HMAC] = 1; else #endif -#ifndef OPENSSL_NO_SHA if (strcmp(*argv, "sha1") == 0) doit[D_SHA1] = 1; else if (strcmp(*argv, "sha") == 0) doit[D_SHA1] = 1, doit[D_SHA256] = 1, doit[D_SHA512] = 1; - else -# ifndef OPENSSL_NO_SHA256 - if (strcmp(*argv, "sha256") == 0) + else if (strcmp(*argv, "sha256") == 0) doit[D_SHA256] = 1; - else -# endif -# ifndef OPENSSL_NO_SHA512 - if (strcmp(*argv, "sha512") == 0) + else if (strcmp(*argv, "sha512") == 0) doit[D_SHA512] = 1; else -# endif -#endif #ifndef OPENSSL_NO_WHIRLPOOL if (strcmp(*argv, "whirlpool") == 0) doit[D_WHIRLPOOL] = 1; @@ -1110,27 +1089,16 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "hmac "); # endif #endif -#ifndef OPENSSL_NO_SHA1 BIO_printf(bio_err, "sha1 "); -#endif -#ifndef OPENSSL_NO_SHA256 BIO_printf(bio_err, "sha256 "); -#endif -#ifndef OPENSSL_NO_SHA512 BIO_printf(bio_err, "sha512 "); -#endif #ifndef OPENSSL_NO_WHIRLPOOL BIO_printf(bio_err, "whirlpool"); #endif #ifndef OPENSSL_NO_RMD160 BIO_printf(bio_err, "rmd160"); #endif -#if !defined(OPENSSL_NO_MD2) || !defined(OPENSSL_NO_MDC2) || \ - !defined(OPENSSL_NO_MD4) || !defined(OPENSSL_NO_MD5) || \ - !defined(OPENSSL_NO_SHA1) || !defined(OPENSSL_NO_RMD160) || \ - !defined(OPENSSL_NO_WHIRLPOOL) BIO_printf(bio_err, "\n"); -#endif #ifndef OPENSSL_NO_IDEA BIO_printf(bio_err, "idea-cbc "); @@ -1660,23 +1628,16 @@ int MAIN(int argc, char **argv) HMAC_CTX_cleanup(&hctx); } #endif -#ifndef OPENSSL_NO_SHA if (doit[D_SHA1]) { for (j = 0; j < SIZE_NUM; j++) { print_message(names[D_SHA1], c[D_SHA1][j], lengths[j]); Time_F(START); for (count = 0, run = 1; COND(c[D_SHA1][j]); count++) -# if 0 - EVP_Digest(buf, (unsigned long)lengths[j], &(sha[0]), NULL, - EVP_sha1(), NULL); -# else SHA1(buf, lengths[j], sha); -# endif d = Time_F(STOP); print_result(D_SHA1, j, count, d); } } -# ifndef OPENSSL_NO_SHA256 if (doit[D_SHA256]) { for (j = 0; j < SIZE_NUM; j++) { print_message(names[D_SHA256], c[D_SHA256][j], lengths[j]); @@ -1687,9 +1648,6 @@ int MAIN(int argc, char **argv) print_result(D_SHA256, j, count, d); } } -# endif - -# ifndef OPENSSL_NO_SHA512 if (doit[D_SHA512]) { for (j = 0; j < SIZE_NUM; j++) { print_message(names[D_SHA512], c[D_SHA512][j], lengths[j]); @@ -1700,8 +1658,6 @@ int MAIN(int argc, char **argv) print_result(D_SHA512, j, count, d); } } -# endif -#endif #ifndef OPENSSL_NO_WHIRLPOOL if (doit[D_WHIRLPOOL]) { diff --git a/crypto/asn1/x_crl.c b/crypto/asn1/x_crl.c index 027950330d8b6..79eab4f398c54 100644 --- a/crypto/asn1/x_crl.c +++ b/crypto/asn1/x_crl.c @@ -220,9 +220,7 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, break; case ASN1_OP_D2I_POST: -#ifndef OPENSSL_NO_SHA X509_CRL_digest(crl, EVP_sha1(), crl->sha1_hash, NULL); -#endif crl->idp = X509_CRL_get_ext_d2i(crl, NID_issuing_distribution_point, NULL, NULL); diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c index de6028698e37f..ecdce9ff1498c 100644 --- a/crypto/bn/bn_rand.c +++ b/crypto/bn/bn_rand.c @@ -289,7 +289,6 @@ int BN_pseudo_rand_range(BIGNUM *r, const BIGNUM *range) return bn_rand_range(1, r, range); } -#ifndef OPENSSL_NO_SHA512 /* * BN_generate_dsa_nonce generates a random number 0 <= out < range. Unlike * BN_rand_range, it also includes the contents of |priv| and |message| in @@ -362,4 +361,3 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range, OPENSSL_free(k_bytes); return ret; } -#endif /* OPENSSL_NO_SHA512 */ diff --git a/crypto/dsa/dsa_depr.c b/crypto/dsa/dsa_depr.c index b3d0fab14b660..be1df138cb09a 100644 --- a/crypto/dsa/dsa_depr.c +++ b/crypto/dsa/dsa_depr.c @@ -58,37 +58,25 @@ * version(s). */ -#undef GENUINE_DSA - -#ifdef GENUINE_DSA -/* - * Parameter generation follows the original release of FIPS PUB 186, - * Appendix 2.2 (i.e. use SHA as defined in FIPS PUB 180) - */ -# define HASH EVP_sha() -#else /* * Parameter generation follows the updated Appendix 2.2 for FIPS PUB 186, * also Appendix 2.2 of FIPS PUB 186-1 (i.e. use SHA as defined in FIPS PUB * 180-1) */ -# define HASH EVP_sha1() -#endif +#define xxxHASH EVP_sha1() static void *dummy = &dummy; -#ifndef OPENSSL_NO_SHA - -# include -# include -# include "cryptlib.h" -# include -# include -# include -# include -# include +#include +#include +#include "cryptlib.h" +#include +#include +#include +#include +#include -# ifndef OPENSSL_NO_DEPRECATED +#ifndef OPENSSL_NO_DEPRECATED DSA *DSA_generate_parameters(int bits, unsigned char *seed_in, int seed_len, int *counter_ret, unsigned long *h_ret, @@ -117,5 +105,4 @@ DSA *DSA_generate_parameters(int bits, DSA_free(ret); return NULL; } -# endif #endif diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c index 5e92d93d9a655..37b23c9f41cb7 100644 --- a/crypto/dsa/dsa_gen.c +++ b/crypto/dsa/dsa_gen.c @@ -56,35 +56,23 @@ * [including the GNU Public Licence.] */ -#undef GENUINE_DSA - -#ifdef GENUINE_DSA -/* - * Parameter generation follows the original release of FIPS PUB 186, - * Appendix 2.2 (i.e. use SHA as defined in FIPS PUB 180) - */ -# define HASH EVP_sha() -#else /* * Parameter generation follows the updated Appendix 2.2 for FIPS PUB 186, * also Appendix 2.2 of FIPS PUB 186-1 (i.e. use SHA as defined in FIPS PUB * 180-1) */ -# define HASH EVP_sha1() -#endif +#define xxxHASH EVP_sha1() #include /* To see if OPENSSL_NO_SHA is defined */ -#ifndef OPENSSL_NO_SHA +#include +#include "cryptlib.h" +#include +#include +#include +#include -# include -# include "cryptlib.h" -# include -# include -# include -# include - -# include "dsa_locl.h" +#include "dsa_locl.h" int DSA_generate_parameters_ex(DSA *ret, int bits, const unsigned char *seed_in, int seed_len, @@ -714,5 +702,3 @@ int dsa_paramgen_check_g(DSA *dsa) return rv; } - -#endif diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c index 8584963609833..1c05b0f80dde6 100644 --- a/crypto/dsa/dsa_key.c +++ b/crypto/dsa/dsa_key.c @@ -59,10 +59,9 @@ #include #include #include "cryptlib.h" -#ifndef OPENSSL_NO_SHA -# include -# include -# include +#include +#include +#include static int dsa_builtin_keygen(DSA *dsa); @@ -133,4 +132,3 @@ static int dsa_builtin_keygen(DSA *dsa) BN_CTX_free(ctx); return (ok); } -#endif diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c index bd8322754915f..96f5d6fed166a 100644 --- a/crypto/dsa/dsa_ossl.c +++ b/crypto/dsa/dsa_ossl.c @@ -258,7 +258,6 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, /* Get random k */ do { -#ifndef OPENSSL_NO_SHA512 if (dgst != NULL) { /* * We calculate k from SHA512(private_key + H(message) + random). @@ -267,9 +266,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, if (!BN_generate_dsa_nonce(k, dsa->q, dsa->priv_key, dgst, dlen, ctx)) goto err; - } else -#endif - if (!BN_rand_range(k, dsa->q)) + } else if (!BN_rand_range(k, dsa->q)) goto err; } while (BN_is_zero(k)); diff --git a/crypto/ecdh/ecdhtest.c b/crypto/ecdh/ecdhtest.c index a791d63ca7868..04b0cf30d09bd 100644 --- a/crypto/ecdh/ecdhtest.c +++ b/crypto/ecdh/ecdhtest.c @@ -103,15 +103,10 @@ static const int KDF1_SHA1_len = 20; static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen) { -# ifndef OPENSSL_NO_SHA if (*outlen < SHA_DIGEST_LENGTH) return NULL; - else - *outlen = SHA_DIGEST_LENGTH; + *outlen = SHA_DIGEST_LENGTH; return SHA1(in, inlen, out); -# else - return NULL; -# endif } static int test_ecdh_curve(int nid, const char *text, BN_CTX *ctx, BIO *out) diff --git a/crypto/ecdsa/ecs_ossl.c b/crypto/ecdsa/ecs_ossl.c index 95d9dadc84116..c232321cf91a3 100644 --- a/crypto/ecdsa/ecs_ossl.c +++ b/crypto/ecdsa/ecs_ossl.c @@ -140,7 +140,6 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, do { /* get random k */ do -#ifndef OPENSSL_NO_SHA512 if (dgst != NULL) { if (!BN_generate_dsa_nonce (k, order, EC_KEY_get0_private_key(eckey), dgst, dlen, @@ -149,9 +148,7 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED); goto err; } - } else -#endif - { + } else { if (!BN_rand_range(k, order)) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED); diff --git a/crypto/engine/eng_openssl.c b/crypto/engine/eng_openssl.c index 19c5213b5b2e9..3e12ecf76093f 100644 --- a/crypto/engine/eng_openssl.c +++ b/crypto/engine/eng_openssl.c @@ -108,13 +108,6 @@ # undef TEST_ENG_OPENSSL_RC4_P_INIT # undef TEST_ENG_OPENSSL_RC4_P_CIPHER #endif -#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA0) || defined(OPENSSL_NO_SHA1) -# undef TEST_ENG_OPENSSL_SHA -# undef TEST_ENG_OPENSSL_SHA_OTHERS -# undef TEST_ENG_OPENSSL_SHA_P_INIT -# undef TEST_ENG_OPENSSL_SHA_P_UPDATE -# undef TEST_ENG_OPENSSL_SHA_P_FINAL -#endif #ifdef TEST_ENG_OPENSSL_RC4 static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher, diff --git a/crypto/evp/Makefile b/crypto/evp/Makefile index fd5727dd455ac..f882096ceb701 100644 --- a/crypto/evp/Makefile +++ b/crypto/evp/Makefile @@ -22,7 +22,7 @@ LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c evp_cnf.c \ e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c\ e_rc4.c e_aes.c names.c e_seed.c \ e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \ - m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c m_wp.c \ + m_null.c m_md2.c m_md4.c m_md5.c m_sha1.c m_wp.c \ m_dss.c m_dss1.c m_mdc2.c m_ripemd.c m_ecdsa.c\ p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \ bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \ @@ -35,7 +35,7 @@ LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o evp_cnf.o \ e_des.o e_bf.o e_idea.o e_des3.o e_camellia.o\ e_rc4.o e_aes.o names.o e_seed.o \ e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \ - m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o m_wp.o \ + m_null.o m_md2.o m_md4.o m_md5.o m_sha1.o m_wp.o \ m_dss.o m_dss1.o m_mdc2.o m_ripemd.o m_ecdsa.o\ p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \ bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \ @@ -568,19 +568,6 @@ m_ripemd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h m_ripemd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h m_ripemd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h m_ripemd.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_ripemd.c -m_sha.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -m_sha.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -m_sha.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -m_sha.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -m_sha.o: ../../include/openssl/err.h ../../include/openssl/evp.h -m_sha.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -m_sha.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -m_sha.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_sha.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h -m_sha.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_sha.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_sha.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_sha.o: ../cryptlib.h m_sha.c m_sha1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h m_sha1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c index 0a1f90a07989a..174a41988342e 100644 --- a/crypto/evp/c_allc.c +++ b/crypto/evp/c_allc.c @@ -214,14 +214,10 @@ void OpenSSL_add_all_ciphers(void) EVP_add_cipher(EVP_aes_256_wrap_pad()); EVP_add_cipher_alias(SN_aes_256_cbc, "AES256"); EVP_add_cipher_alias(SN_aes_256_cbc, "aes256"); -# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1()); EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1()); -# endif -# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256) EVP_add_cipher(EVP_aes_128_cbc_hmac_sha256()); EVP_add_cipher(EVP_aes_256_cbc_hmac_sha256()); -# endif #endif #ifndef OPENSSL_NO_CAMELLIA diff --git a/crypto/evp/c_alld.c b/crypto/evp/c_alld.c index 7e1200b157198..0d4278b86a0bb 100644 --- a/crypto/evp/c_alld.c +++ b/crypto/evp/c_alld.c @@ -71,13 +71,6 @@ void OpenSSL_add_all_digests(void) EVP_add_digest(EVP_md5()); EVP_add_digest_alias(SN_md5, "ssl3-md5"); #endif -#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0) - EVP_add_digest(EVP_sha()); -# ifndef OPENSSL_NO_DSA - EVP_add_digest(EVP_dss()); -# endif -#endif -#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) EVP_add_digest(EVP_sha1()); EVP_add_digest_alias(SN_sha1, "ssl3-sha1"); EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA); @@ -90,7 +83,6 @@ void OpenSSL_add_all_digests(void) # ifndef OPENSSL_NO_ECDSA EVP_add_digest(EVP_ecdsa()); # endif -#endif #if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES) EVP_add_digest(EVP_mdc2()); #endif @@ -99,14 +91,10 @@ void OpenSSL_add_all_digests(void) EVP_add_digest_alias(SN_ripemd160, "ripemd"); EVP_add_digest_alias(SN_ripemd160, "rmd160"); #endif -#ifndef OPENSSL_NO_SHA256 EVP_add_digest(EVP_sha224()); EVP_add_digest(EVP_sha256()); -#endif -#ifndef OPENSSL_NO_SHA512 EVP_add_digest(EVP_sha384()); EVP_add_digest(EVP_sha512()); -#endif #ifndef OPENSSL_NO_WHIRLPOOL EVP_add_digest(EVP_whirlpool()); #endif diff --git a/crypto/evp/e_aes_cbc_hmac_sha1.c b/crypto/evp/e_aes_cbc_hmac_sha1.c index e0127a9bb2e7a..960be3cdbc56c 100644 --- a/crypto/evp/e_aes_cbc_hmac_sha1.c +++ b/crypto/evp/e_aes_cbc_hmac_sha1.c @@ -52,7 +52,7 @@ #include #include -#if !defined(OPENSSL_NO_AES) && !defined(OPENSSL_NO_SHA1) +#if !defined(OPENSSL_NO_AES) # include # include diff --git a/crypto/evp/e_aes_cbc_hmac_sha256.c b/crypto/evp/e_aes_cbc_hmac_sha256.c index 598c096d9e9fd..bea8f6dd50e97 100644 --- a/crypto/evp/e_aes_cbc_hmac_sha256.c +++ b/crypto/evp/e_aes_cbc_hmac_sha256.c @@ -52,7 +52,7 @@ #include #include -#if !defined(OPENSSL_NO_AES) && !defined(OPENSSL_NO_SHA256) +#if !defined(OPENSSL_NO_AES) # include # include diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c index 0627a63b556a8..73d792304f812 100644 --- a/crypto/evp/e_des3.c +++ b/crypto/evp/e_des3.c @@ -374,9 +374,8 @@ const EVP_CIPHER *EVP_des_ede3(void) return &des_ede3_ecb; } -# ifndef OPENSSL_NO_SHA -# include +# include static const unsigned char wrap_iv[8] = { 0x4a, 0xdd, 0xa2, 0x2c, 0x79, 0xe8, 0x21, 0x05 }; @@ -482,5 +481,4 @@ const EVP_CIPHER *EVP_des_ede3_wrap(void) return &des3_wrap; } -# endif #endif diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index 7a95de0b1dad3..ca7447f540ff0 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -759,21 +759,13 @@ const EVP_MD *EVP_md4(void); # ifndef OPENSSL_NO_MD5 const EVP_MD *EVP_md5(void); # endif -# ifndef OPENSSL_NO_SHA -const EVP_MD *EVP_sha(void); const EVP_MD *EVP_sha1(void); -const EVP_MD *EVP_dss(void); const EVP_MD *EVP_dss1(void); const EVP_MD *EVP_ecdsa(void); -# endif -# ifndef OPENSSL_NO_SHA256 const EVP_MD *EVP_sha224(void); const EVP_MD *EVP_sha256(void); -# endif -# ifndef OPENSSL_NO_SHA512 const EVP_MD *EVP_sha384(void); const EVP_MD *EVP_sha512(void); -# endif # ifndef OPENSSL_NO_MDC2 const EVP_MD *EVP_mdc2(void); # endif @@ -917,14 +909,10 @@ const EVP_CIPHER *EVP_aes_256_wrap_pad(void); # ifndef OPENSSL_NO_OCB const EVP_CIPHER *EVP_aes_256_ocb(void); # endif -# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void); const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void); -# endif -# ifndef OPENSSL_NO_SHA256 const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha256(void); const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha256(void); -# endif # endif # ifndef OPENSSL_NO_CAMELLIA const EVP_CIPHER *EVP_camellia_128_ecb(void); diff --git a/crypto/evp/m_dss.c b/crypto/evp/m_dss.c index 221eda4cf7871..7fa1ca36e6fce 100644 --- a/crypto/evp/m_dss.c +++ b/crypto/evp/m_dss.c @@ -65,7 +65,6 @@ # include #endif -#ifndef OPENSSL_NO_SHA static int init(EVP_MD_CTX *ctx) { @@ -101,4 +100,3 @@ const EVP_MD *EVP_dss(void) { return (&dsa_md); } -#endif diff --git a/crypto/evp/m_dss1.c b/crypto/evp/m_dss1.c index a80a865769cdb..41b837cd77364 100644 --- a/crypto/evp/m_dss1.c +++ b/crypto/evp/m_dss1.c @@ -59,14 +59,12 @@ #include #include "cryptlib.h" -#ifndef OPENSSL_NO_SHA - -# include -# include -# include -# ifndef OPENSSL_NO_DSA -# include -# endif +#include +#include +#include +#ifndef OPENSSL_NO_DSA +# include +#endif static int init(EVP_MD_CTX *ctx) { @@ -102,4 +100,3 @@ const EVP_MD *EVP_dss1(void) { return (&dss1_md); } -#endif diff --git a/crypto/evp/m_ecdsa.c b/crypto/evp/m_ecdsa.c index b774e41fda957..181f19f744694 100644 --- a/crypto/evp/m_ecdsa.c +++ b/crypto/evp/m_ecdsa.c @@ -115,8 +115,6 @@ #include #include -#ifndef OPENSSL_NO_SHA - static int init(EVP_MD_CTX *ctx) { return SHA1_Init(ctx->md_data); @@ -151,4 +149,3 @@ const EVP_MD *EVP_ecdsa(void) { return (&ecdsa_md); } -#endif diff --git a/crypto/evp/m_sha.c b/crypto/evp/m_sha.c deleted file mode 100644 index 548fae424c478..0000000000000 --- a/crypto/evp/m_sha.c +++ /dev/null @@ -1,105 +0,0 @@ -/* crypto/evp/m_sha.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" - -#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0) - -# include -# include -# include -# ifndef OPENSSL_NO_RSA -# include -# endif - -static int init(EVP_MD_CTX *ctx) -{ - return SHA_Init(ctx->md_data); -} - -static int update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - return SHA_Update(ctx->md_data, data, count); -} - -static int final(EVP_MD_CTX *ctx, unsigned char *md) -{ - return SHA_Final(md, ctx->md_data); -} - -static const EVP_MD sha_md = { - NID_sha, - NID_shaWithRSAEncryption, - SHA_DIGEST_LENGTH, - 0, - init, - update, - final, - NULL, - NULL, - EVP_PKEY_RSA_method, - SHA_CBLOCK, - sizeof(EVP_MD *) + sizeof(SHA_CTX), -}; - -const EVP_MD *EVP_sha(void) -{ - return (&sha_md); -} -#endif diff --git a/crypto/evp/m_sha1.c b/crypto/evp/m_sha1.c index 83edc40638bfe..9ab8c9093ea96 100644 --- a/crypto/evp/m_sha1.c +++ b/crypto/evp/m_sha1.c @@ -59,14 +59,12 @@ #include #include "cryptlib.h" -#ifndef OPENSSL_NO_SHA - -# include -# include -# include -# ifndef OPENSSL_NO_RSA -# include -# endif +#include +#include +#include +#ifndef OPENSSL_NO_RSA +# include +#endif static int init(EVP_MD_CTX *ctx) { @@ -102,9 +100,7 @@ const EVP_MD *EVP_sha1(void) { return (&sha1_md); } -#endif -#ifndef OPENSSL_NO_SHA256 static int init224(EVP_MD_CTX *ctx) { return SHA224_Init(ctx->md_data); @@ -169,9 +165,7 @@ const EVP_MD *EVP_sha256(void) { return (&sha256_md); } -#endif /* ifndef OPENSSL_NO_SHA256 */ -#ifndef OPENSSL_NO_SHA512 static int init384(EVP_MD_CTX *ctx) { return SHA384_Init(ctx->md_data); @@ -232,4 +226,3 @@ const EVP_MD *EVP_sha512(void) { return (&sha512_md); } -#endif /* ifndef OPENSSL_NO_SHA512 */ diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c index f2ae1e5790d06..b9c4dcbeda4d7 100644 --- a/crypto/evp/p5_crpt2.c +++ b/crypto/evp/p5_crpt2.c @@ -59,7 +59,7 @@ #include #include #include "cryptlib.h" -#if !defined(OPENSSL_NO_HMAC) && !defined(OPENSSL_NO_SHA) +#if !defined(OPENSSL_NO_HMAC) # include # include # include diff --git a/crypto/evp/p5_crpt2_test.c b/crypto/evp/p5_crpt2_test.c index 451c580a071aa..01661b15eda36 100644 --- a/crypto/evp/p5_crpt2_test.c +++ b/crypto/evp/p5_crpt2_test.c @@ -60,14 +60,6 @@ #include #include -#ifdef OPENSSL_NO_SHA -int main(int argc, char *argv[]) -{ - printf("No SHA support\n"); - return (0); -} -#else - typedef struct { const char *pass; int passlen; @@ -200,15 +192,9 @@ int main(int argc, char **argv) printf("PKCS5_PBKDF2_HMAC() tests "); for (i = 0; test->pass != NULL; i++, test++) { -# ifndef OPENSSL_NO_SHA0 test_p5_pbkdf2(i, "sha1", test, sha1_results[i]); -# endif -# ifndef OPENSSL_NO_SHA256 test_p5_pbkdf2(i, "sha256", test, sha256_results[i]); -# endif -# ifndef OPENSSL_NO_SHA512 test_p5_pbkdf2(i, "sha512", test, sha512_results[i]); -# endif printf("."); } printf(" done\n"); @@ -223,4 +209,3 @@ int main(int argc, char **argv) CRYPTO_mem_leaks_fp(stderr); return 0; } -#endif /* OPENSSL_NO_SHA */ diff --git a/crypto/lhash/lhash.h b/crypto/lhash/lhash.h index 92ec80af4bfee..cb0185413836d 100644 --- a/crypto/lhash/lhash.h +++ b/crypto/lhash/lhash.h @@ -178,6 +178,10 @@ void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg); unsigned long lh_strhash(const char *c); unsigned long lh_num_items(const _LHASH *lh); +# ifndef OPENSSL_NO_STDIO +void lh_stats(const _LHASH *lh, FILE *fp); +void lh_node_stats(const _LHASH *lh, FILE *fp); +# endif void lh_stats_bio(const _LHASH *lh, BIO *out); void lh_node_stats_bio(const _LHASH *lh, BIO *out); void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out); diff --git a/crypto/ocsp/ocsp_lib.c b/crypto/ocsp/ocsp_lib.c index 442a5b63d4ba2..24ca40eef129c 100644 --- a/crypto/ocsp/ocsp_lib.c +++ b/crypto/ocsp/ocsp_lib.c @@ -81,10 +81,8 @@ OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer) X509_NAME *iname; ASN1_INTEGER *serial; ASN1_BIT_STRING *ikey; -#ifndef OPENSSL_NO_SHA1 if (!dgst) dgst = EVP_sha1(); -#endif if (subject) { iname = X509_get_issuer_name(subject); serial = X509_get_serialNumber(subject); diff --git a/crypto/rand/rand_lcl.h b/crypto/rand/rand_lcl.h index e2f784479d4cc..3ced44d803c13 100644 --- a/crypto/rand/rand_lcl.h +++ b/crypto/rand/rand_lcl.h @@ -115,17 +115,7 @@ # define ENTROPY_NEEDED 32 /* require 256 bits = 32 bytes of randomness */ # if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND) -# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) -# define USE_SHA1_RAND -# elif !defined(OPENSSL_NO_MD5) -# define USE_MD5_RAND -# elif !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES) -# define USE_MDC2_RAND -# elif !defined(OPENSSL_NO_MD2) -# define USE_MD2_RAND -# else -# error No message digest algorithm available -# endif +# define USE_SHA1_RAND # endif # include diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c index b8d9221592358..73a8e07d35946 100644 --- a/crypto/rsa/rsa_eay.c +++ b/crypto/rsa/rsa_eay.c @@ -193,11 +193,9 @@ static int RSA_eay_public_encrypt(int flen, const unsigned char *from, case RSA_PKCS1_PADDING: i = RSA_padding_add_PKCS1_type_2(buf, num, from, flen); break; -# ifndef OPENSSL_NO_SHA case RSA_PKCS1_OAEP_PADDING: i = RSA_padding_add_PKCS1_OAEP(buf, num, from, flen, NULL, 0); break; -# endif case RSA_SSLV23_PADDING: i = RSA_padding_add_SSLv23(buf, num, from, flen); break; @@ -603,11 +601,9 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, case RSA_PKCS1_PADDING: r = RSA_padding_check_PKCS1_type_2(to, num, buf, j, num); break; -# ifndef OPENSSL_NO_SHA case RSA_PKCS1_OAEP_PADDING: r = RSA_padding_check_PKCS1_OAEP(to, num, buf, j, num, NULL, 0); break; -# endif case RSA_SSLV23_PADDING: r = RSA_padding_check_SSLv23(to, num, buf, j, num); break; diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c index ebaad1a8ac56d..ab8f9ec07889d 100644 --- a/crypto/rsa/rsa_oaep.c +++ b/crypto/rsa/rsa_oaep.c @@ -19,14 +19,13 @@ #include "constant_time_locl.h" -#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) -# include -# include "cryptlib.h" -# include -# include -# include -# include -# include +#include +#include "cryptlib.h" +#include +#include +#include +#include +#include int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, const unsigned char *from, int flen, @@ -76,11 +75,11 @@ int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, memcpy(db + emlen - flen - mdlen, from, (unsigned int)flen); if (RAND_bytes(seed, mdlen) <= 0) return 0; -# ifdef PKCS_TESTVECT +#ifdef PKCS_TESTVECT memcpy(seed, "\xaa\xfd\x12\xf6\x59\xca\xe6\x34\x89\xb4\x79\xe5\x07\x6d\xde\xc2\xf0\x6c\xb5\x8f", 20); -# endif +#endif dbmask = OPENSSL_malloc(emlen - mdlen); if (dbmask == NULL) { @@ -279,5 +278,3 @@ int PKCS1_MGF1(unsigned char *mask, long len, EVP_MD_CTX_cleanup(&c); return rv; } - -#endif diff --git a/crypto/sha/Makefile b/crypto/sha/Makefile index a8c0cf78509d5..c72bba69bd7b3 100644 --- a/crypto/sha/Makefile +++ b/crypto/sha/Makefile @@ -22,8 +22,8 @@ TEST=shatest.c sha1test.c sha256t.c sha512t.c APPS= LIB=$(TOP)/libcrypto.a -LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c sha256.c sha512.c -LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o sha256.o sha512.o $(SHA1_ASM_OBJ) +LIBSRC=sha1dgst.c sha1_one.c sha256.c sha512.c +LIBOBJ=sha1dgst.o sha1_one.o sha256.o sha512.o $(SHA1_ASM_OBJ) SRC= $(LIBSRC) @@ -162,14 +162,3 @@ sha512.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h sha512.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h sha512.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h sha512.o: ../cryptlib.h sha512.c -sha_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -sha_dgst.o: ../../include/openssl/opensslconf.h -sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -sha_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -sha_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -sha_dgst.o: ../md32_common.h sha_dgst.c sha_locl.h -sha_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -sha_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -sha_one.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -sha_one.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -sha_one.o: ../../include/openssl/symhacks.h sha_one.c diff --git a/crypto/sha/sha.h b/crypto/sha/sha.h index d76790b35a1cd..e35f328943562 100644 --- a/crypto/sha/sha.h +++ b/crypto/sha/sha.h @@ -66,10 +66,6 @@ extern "C" { #endif -# if defined(OPENSSL_NO_SHA) || (defined(OPENSSL_NO_SHA0) && defined(OPENSSL_NO_SHA1)) -# error SHA is disabled. -# endif - /*- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! * ! SHA_LONG has to be at least 32 bits wide. ! @@ -91,26 +87,15 @@ typedef struct SHAstate_st { unsigned int num; } SHA_CTX; -# ifndef OPENSSL_NO_SHA0 -int SHA_Init(SHA_CTX *c); -int SHA_Update(SHA_CTX *c, const void *data, size_t len); -int SHA_Final(unsigned char *md, SHA_CTX *c); -unsigned char *SHA(const unsigned char *d, size_t n, unsigned char *md); -void SHA_Transform(SHA_CTX *c, const unsigned char *data); -# endif -# ifndef OPENSSL_NO_SHA1 int SHA1_Init(SHA_CTX *c); int SHA1_Update(SHA_CTX *c, const void *data, size_t len); int SHA1_Final(unsigned char *md, SHA_CTX *c); unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md); void SHA1_Transform(SHA_CTX *c, const unsigned char *data); -# endif # define SHA256_CBLOCK (SHA_LBLOCK*4)/* SHA-256 treats input data as a * contiguous array of 32 bit wide * big-endian values. */ -# define SHA224_DIGEST_LENGTH 28 -# define SHA256_DIGEST_LENGTH 32 typedef struct SHA256state_st { SHA_LONG h[8]; @@ -119,7 +104,6 @@ typedef struct SHA256state_st { unsigned int num, md_len; } SHA256_CTX; -# ifndef OPENSSL_NO_SHA256 int SHA224_Init(SHA256_CTX *c); int SHA224_Update(SHA256_CTX *c, const void *data, size_t len); int SHA224_Final(unsigned char *md, SHA256_CTX *c); @@ -129,12 +113,12 @@ int SHA256_Update(SHA256_CTX *c, const void *data, size_t len); int SHA256_Final(unsigned char *md, SHA256_CTX *c); unsigned char *SHA256(const unsigned char *d, size_t n, unsigned char *md); void SHA256_Transform(SHA256_CTX *c, const unsigned char *data); -# endif +# define SHA224_DIGEST_LENGTH 28 +# define SHA256_DIGEST_LENGTH 32 # define SHA384_DIGEST_LENGTH 48 # define SHA512_DIGEST_LENGTH 64 -# ifndef OPENSSL_NO_SHA512 /* * Unlike 32-bit digest algorithms, SHA-512 *relies* on SHA_LONG64 * being exactly 64-bit wide. See Implementation Notes in sha512.c @@ -145,17 +129,17 @@ void SHA256_Transform(SHA256_CTX *c, const unsigned char *data); * contiguous array of 64 bit * wide big-endian values. */ -# define SHA512_CBLOCK (SHA_LBLOCK*8) -# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__) -# define SHA_LONG64 unsigned __int64 -# define U64(C) C##UI64 -# elif defined(__arch64__) -# define SHA_LONG64 unsigned long -# define U64(C) C##UL -# else -# define SHA_LONG64 unsigned long long -# define U64(C) C##ULL -# endif +# define SHA512_CBLOCK (SHA_LBLOCK*8) +# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__) +# define SHA_LONG64 unsigned __int64 +# define U64(C) C##UI64 +# elif defined(__arch64__) +# define SHA_LONG64 unsigned long +# define U64(C) C##UL +# else +# define SHA_LONG64 unsigned long long +# define U64(C) C##ULL +# endif typedef struct SHA512state_st { SHA_LONG64 h[8]; @@ -166,9 +150,7 @@ typedef struct SHA512state_st { } u; unsigned int num, md_len; } SHA512_CTX; -# endif -# ifndef OPENSSL_NO_SHA512 int SHA384_Init(SHA512_CTX *c); int SHA384_Update(SHA512_CTX *c, const void *data, size_t len); int SHA384_Final(unsigned char *md, SHA512_CTX *c); @@ -178,7 +160,6 @@ int SHA512_Update(SHA512_CTX *c, const void *data, size_t len); int SHA512_Final(unsigned char *md, SHA512_CTX *c); unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md); void SHA512_Transform(SHA512_CTX *c, const unsigned char *data); -# endif #ifdef __cplusplus } diff --git a/crypto/sha/sha1_one.c b/crypto/sha/sha1_one.c index a6dd760a1e0e0..4a591156648e0 100644 --- a/crypto/sha/sha1_one.c +++ b/crypto/sha/sha1_one.c @@ -61,7 +61,6 @@ #include #include -#ifndef OPENSSL_NO_SHA1 unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md) { SHA_CTX c; @@ -76,4 +75,3 @@ unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md) OPENSSL_cleanse(&c, sizeof(c)); return (md); } -#endif diff --git a/crypto/sha/sha1dgst.c b/crypto/sha/sha1dgst.c index a67f1fe36479e..9f1b8f0630d56 100644 --- a/crypto/sha/sha1dgst.c +++ b/crypto/sha/sha1dgst.c @@ -58,10 +58,6 @@ #include #include -#if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_SHA) - -# undef SHA_0 -# define SHA_1 # include @@ -70,5 +66,3 @@ const char SHA1_version[] = "SHA1" OPENSSL_VERSION_PTEXT; /* The implementation is in ../md32_common.h */ # include "sha_locl.h" - -#endif diff --git a/crypto/sha/sha1test.c b/crypto/sha/sha1test.c index 0052a95c7dd43..cc3633dc6899e 100644 --- a/crypto/sha/sha1test.c +++ b/crypto/sha/sha1test.c @@ -61,23 +61,12 @@ #include #include "../e_os.h" +#include +#include -#ifdef OPENSSL_NO_SHA -int main(int argc, char *argv[]) -{ - printf("No SHA support\n"); - return (0); -} -#else -# include -# include - -# ifdef CHARSET_EBCDIC -# include -# endif - -# undef SHA_0 /* FIPS 180 */ -# define SHA_1 /* FIPS 180-1 */ +#ifdef CHARSET_EBCDIC +# include +#endif static char *test[] = { "abc", @@ -85,22 +74,12 @@ static char *test[] = { NULL, }; -# ifdef SHA_0 -static char *ret[] = { - "0164b8a914cd2a5e74c4f7ff082c4d97f1edf880", - "d2516ee1acfa5baf33dfc1c471e438449ef134c8", -}; - -static char *bigret = "3232affa48628a26653b5aaa44541fd90d690603"; -# endif -# ifdef SHA_1 static char *ret[] = { "a9993e364706816aba3e25717850c26c9cd0d89d", "84983e441c3bd26ebaae4aa1f95129e5e54670f1", }; static char *bigret = "34aa973cd4c4daa4f61eeb2bdbad27316534016f"; -# endif static char *pt(unsigned char *md); int main(int argc, char *argv[]) @@ -112,10 +91,10 @@ int main(int argc, char *argv[]) EVP_MD_CTX c; unsigned char md[SHA_DIGEST_LENGTH]; -# ifdef CHARSET_EBCDIC +#ifdef CHARSET_EBCDIC ebcdic2ascii(test[0], test[0], strlen(test[0])); ebcdic2ascii(test[1], test[1], strlen(test[1])); -# endif +#endif EVP_MD_CTX_init(&c); P = test; @@ -136,9 +115,9 @@ int main(int argc, char *argv[]) } memset(buf, 'a', 1000); -# ifdef CHARSET_EBCDIC +#ifdef CHARSET_EBCDIC ebcdic2ascii(buf, buf, 1000); -# endif /* CHARSET_EBCDIC */ +#endif /* CHARSET_EBCDIC */ EVP_DigestInit_ex(&c, EVP_sha1(), NULL); for (i = 0; i < 1000; i++) EVP_DigestUpdate(&c, buf, 1000); @@ -153,10 +132,10 @@ int main(int argc, char *argv[]) } else printf("test 3 ok\n"); -# ifdef OPENSSL_SYS_NETWARE +#ifdef OPENSSL_SYS_NETWARE if (err) printf("ERROR: %d\n", err); -# endif +#endif EXIT(err); EVP_MD_CTX_cleanup(&c); return (0); @@ -171,4 +150,3 @@ static char *pt(unsigned char *md) sprintf(&(buf[i * 2]), "%02x", md[i]); return (buf); } -#endif diff --git a/crypto/sha/sha256.c b/crypto/sha/sha256.c index 92d8dd84f2b40..eec0cadf985c2 100644 --- a/crypto/sha/sha256.c +++ b/crypto/sha/sha256.c @@ -5,14 +5,13 @@ * ==================================================================== */ #include -#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256) -# include -# include +#include +#include -# include -# include -# include +#include +#include +#include const char SHA256_version[] = "SHA-256" OPENSSL_VERSION_PTEXT; @@ -84,11 +83,12 @@ int SHA224_Final(unsigned char *md, SHA256_CTX *c) return SHA256_Final(md, c); } -# define DATA_ORDER_IS_BIG_ENDIAN +#define DATA_ORDER_IS_BIG_ENDIAN + +#define HASH_LONG SHA_LONG +#define HASH_CTX SHA256_CTX +#define HASH_CBLOCK SHA_CBLOCK -# define HASH_LONG SHA_LONG -# define HASH_CTX SHA256_CTX -# define HASH_CBLOCK SHA_CBLOCK /* * Note that FIPS180-2 discusses "Truncation of the Hash Function Output." * default: case below covers for it. It's not clear however if it's @@ -97,7 +97,7 @@ int SHA224_Final(unsigned char *md, SHA256_CTX *c) * Idea behind separate cases for pre-defined lenghts is to let the * compiler decide if it's appropriate to unroll small loops. */ -# define HASH_MAKE_STRING(c,s) do { \ +#define HASH_MAKE_STRING(c,s) do { \ unsigned long ll; \ unsigned int nn; \ switch ((c)->md_len) \ @@ -118,18 +118,18 @@ int SHA224_Final(unsigned char *md, SHA256_CTX *c) } \ } while (0) -# define HASH_UPDATE SHA256_Update -# define HASH_TRANSFORM SHA256_Transform -# define HASH_FINAL SHA256_Final -# define HASH_BLOCK_DATA_ORDER sha256_block_data_order -# ifndef SHA256_ASM +#define HASH_UPDATE SHA256_Update +#define HASH_TRANSFORM SHA256_Transform +#define HASH_FINAL SHA256_Final +#define HASH_BLOCK_DATA_ORDER sha256_block_data_order +#ifndef SHA256_ASM static -# endif +#endif void sha256_block_data_order(SHA256_CTX *ctx, const void *in, size_t num); -# include "md32_common.h" +#include "md32_common.h" -# ifndef SHA256_ASM +#ifndef SHA256_ASM static const SHA_LONG K256[64] = { 0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, 0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, @@ -154,15 +154,15 @@ static const SHA_LONG K256[64] = { * is left one. This is why you might notice that rotation coefficients * differ from those observed in FIPS document by 32-N... */ -# define Sigma0(x) (ROTATE((x),30) ^ ROTATE((x),19) ^ ROTATE((x),10)) -# define Sigma1(x) (ROTATE((x),26) ^ ROTATE((x),21) ^ ROTATE((x),7)) -# define sigma0(x) (ROTATE((x),25) ^ ROTATE((x),14) ^ ((x)>>3)) -# define sigma1(x) (ROTATE((x),15) ^ ROTATE((x),13) ^ ((x)>>10)) +# define Sigma0(x) (ROTATE((x),30) ^ ROTATE((x),19) ^ ROTATE((x),10)) +# define Sigma1(x) (ROTATE((x),26) ^ ROTATE((x),21) ^ ROTATE((x),7)) +# define sigma0(x) (ROTATE((x),25) ^ ROTATE((x),14) ^ ((x)>>3)) +# define sigma1(x) (ROTATE((x),15) ^ ROTATE((x),13) ^ ((x)>>10)) -# define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z))) -# define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) +# define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z))) +# define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) -# ifdef OPENSSL_SMALL_FOOTPRINT +# ifdef OPENSSL_SMALL_FOOTPRINT static void sha256_block_data_order(SHA256_CTX *ctx, const void *in, size_t num) @@ -229,14 +229,14 @@ static void sha256_block_data_order(SHA256_CTX *ctx, const void *in, } } -# else +# else -# define ROUND_00_15(i,a,b,c,d,e,f,g,h) do { \ +# define ROUND_00_15(i,a,b,c,d,e,f,g,h) do { \ T1 += h + Sigma1(e) + Ch(e,f,g) + K256[i]; \ h = Sigma0(a) + Maj(a,b,c); \ d += T1; h += T1; } while (0) -# define ROUND_16_63(i,a,b,c,d,e,f,g,h,X) do { \ +# define ROUND_16_63(i,a,b,c,d,e,f,g,h,X) do { \ s0 = X[(i+1)&0x0f]; s0 = sigma0(s0); \ s1 = X[(i+14)&0x0f]; s1 = sigma1(s1); \ T1 = X[(i)&0x0f] += s0 + s1 + X[(i+9)&0x0f]; \ @@ -381,7 +381,5 @@ static void sha256_block_data_order(SHA256_CTX *ctx, const void *in, } } -# endif -# endif /* SHA256_ASM */ - -#endif /* OPENSSL_NO_SHA256 */ +# endif +#endif /* SHA256_ASM */ diff --git a/crypto/sha/sha256t.c b/crypto/sha/sha256t.c index 476702c7ed9ad..0872f346b7cbd 100644 --- a/crypto/sha/sha256t.c +++ b/crypto/sha/sha256t.c @@ -10,14 +10,6 @@ #include #include -#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA256) -int main(int argc, char *argv[]) -{ - printf("No SHA256 support\n"); - return (0); -} -#else - unsigned char app_b1[SHA256_DIGEST_LENGTH] = { 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23, @@ -159,4 +151,3 @@ int main(int argc, char **argv) return 0; } -#endif diff --git a/crypto/sha/sha512.c b/crypto/sha/sha512.c index d79c2a0e70b30..f934c74414851 100644 --- a/crypto/sha/sha512.c +++ b/crypto/sha/sha512.c @@ -5,7 +5,6 @@ * ==================================================================== */ #include -#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA512) /*- * IMPLEMENTATION NOTES. * @@ -41,24 +40,24 @@ * 16-bit platforms. * */ -# include -# include +#include +#include -# include -# include -# include +#include +#include +#include -# include "cryptlib.h" +#include "cryptlib.h" const char SHA512_version[] = "SHA-512" OPENSSL_VERSION_PTEXT; -# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \ +#if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \ defined(__x86_64) || defined(_M_AMD64) || defined(_M_X64) || \ defined(__s390__) || defined(__s390x__) || \ defined(__aarch64__) || \ defined(SHA512_ASM) -# define SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA -# endif +# define SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA +#endif int SHA384_Init(SHA512_CTX *c) { @@ -96,9 +95,9 @@ int SHA512_Init(SHA512_CTX *c) return 1; } -# ifndef SHA512_ASM +#ifndef SHA512_ASM static -# endif +#endif void sha512_block_data_order(SHA512_CTX *ctx, const void *in, size_t num); int SHA512_Final(unsigned char *md, SHA512_CTX *c) @@ -113,10 +112,10 @@ int SHA512_Final(unsigned char *md, SHA512_CTX *c) sha512_block_data_order(c, p, 1); memset(p + n, 0, sizeof(c->u) - 16 - n); -# ifdef B_ENDIAN +#ifdef B_ENDIAN c->u.d[SHA_LBLOCK - 2] = c->Nh; c->u.d[SHA_LBLOCK - 1] = c->Nl; -# else +#else p[sizeof(c->u) - 1] = (unsigned char)(c->Nl); p[sizeof(c->u) - 2] = (unsigned char)(c->Nl >> 8); p[sizeof(c->u) - 3] = (unsigned char)(c->Nl >> 16); @@ -133,7 +132,7 @@ int SHA512_Final(unsigned char *md, SHA512_CTX *c) p[sizeof(c->u) - 14] = (unsigned char)(c->Nh >> 40); p[sizeof(c->u) - 15] = (unsigned char)(c->Nh >> 48); p[sizeof(c->u) - 16] = (unsigned char)(c->Nh >> 56); -# endif +#endif sha512_block_data_order(c, p, 1); @@ -213,14 +212,14 @@ int SHA512_Update(SHA512_CTX *c, const void *_data, size_t len) } if (len >= sizeof(c->u)) { -# ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA +#ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA if ((size_t)data % sizeof(c->u.d[0]) != 0) while (len >= sizeof(c->u)) memcpy(p, data, sizeof(c->u)), sha512_block_data_order(c, p, 1), len -= sizeof(c->u), data += sizeof(c->u); else -# endif +#endif sha512_block_data_order(c, data, len / sizeof(c->u)), data += len, len %= sizeof(c->u), data -= len; } @@ -238,10 +237,10 @@ int SHA384_Update(SHA512_CTX *c, const void *data, size_t len) void SHA512_Transform(SHA512_CTX *c, const unsigned char *data) { -# ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA +#ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA if ((size_t)data % sizeof(c->u.d[0]) != 0) memcpy(c->u.p, data, sizeof(c->u.p)), data = c->u.p; -# endif +#endif sha512_block_data_order(c, data, 1); } @@ -273,7 +272,7 @@ unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md) return (md); } -# ifndef SHA512_ASM +#ifndef SHA512_ASM static const SHA_LONG64 K512[80] = { U64(0x428a2f98d728ae22), U64(0x7137449123ef65cd), U64(0xb5c0fbcfec4d3b2f), U64(0xe9b5dba58189dbbc), @@ -317,23 +316,23 @@ static const SHA_LONG64 K512[80] = { U64(0x5fcb6fab3ad6faec), U64(0x6c44198c4a475817) }; -# ifndef PEDANTIC -# if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) -# if defined(__x86_64) || defined(__x86_64__) -# define ROTR(a,n) ({ SHA_LONG64 ret; \ +# ifndef PEDANTIC +# if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) +# if defined(__x86_64) || defined(__x86_64__) +# define ROTR(a,n) ({ SHA_LONG64 ret; \ asm ("rorq %1,%0" \ : "=r"(ret) \ : "J"(n),"0"(a) \ : "cc"); ret; }) -# if !defined(B_ENDIAN) -# define PULL64(x) ({ SHA_LONG64 ret=*((const SHA_LONG64 *)(&(x))); \ +# if !defined(B_ENDIAN) +# define PULL64(x) ({ SHA_LONG64 ret=*((const SHA_LONG64 *)(&(x))); \ asm ("bswapq %0" \ : "=r"(ret) \ : "0"(ret)); ret; }) -# endif -# elif (defined(__i386) || defined(__i386__)) && !defined(B_ENDIAN) -# if defined(I386_ONLY) -# define PULL64(x) ({ const unsigned int *p=(const unsigned int *)(&(x));\ +# endif +# elif (defined(__i386) || defined(__i386__)) && !defined(B_ENDIAN) +# if defined(I386_ONLY) +# define PULL64(x) ({ const unsigned int *p=(const unsigned int *)(&(x));\ unsigned int hi=p[0],lo=p[1]; \ asm("xchgb %%ah,%%al;xchgb %%dh,%%dl;"\ "roll $16,%%eax; roll $16,%%edx; "\ @@ -341,39 +340,39 @@ static const SHA_LONG64 K512[80] = { : "=a"(lo),"=d"(hi) \ : "0"(lo),"1"(hi) : "cc"); \ ((SHA_LONG64)hi)<<32|lo; }) -# else -# define PULL64(x) ({ const unsigned int *p=(const unsigned int *)(&(x));\ +# else +# define PULL64(x) ({ const unsigned int *p=(const unsigned int *)(&(x));\ unsigned int hi=p[0],lo=p[1]; \ asm ("bswapl %0; bswapl %1;" \ : "=r"(lo),"=r"(hi) \ : "0"(lo),"1"(hi)); \ ((SHA_LONG64)hi)<<32|lo; }) -# endif -# elif (defined(_ARCH_PPC) && defined(__64BIT__)) || defined(_ARCH_PPC64) -# define ROTR(a,n) ({ SHA_LONG64 ret; \ +# endif +# elif (defined(_ARCH_PPC) && defined(__64BIT__)) || defined(_ARCH_PPC64) +# define ROTR(a,n) ({ SHA_LONG64 ret; \ asm ("rotrdi %0,%1,%2" \ : "=r"(ret) \ : "r"(a),"K"(n)); ret; }) -# elif defined(__aarch64__) -# define ROTR(a,n) ({ SHA_LONG64 ret; \ +# elif defined(__aarch64__) +# define ROTR(a,n) ({ SHA_LONG64 ret; \ asm ("ror %0,%1,%2" \ : "=r"(ret) \ : "r"(a),"I"(n)); ret; }) -# if defined(__BYTE_ORDER__) && defined(__ORDER_LITTLE_ENDIAN__) && \ +# if defined(__BYTE_ORDER__) && defined(__ORDER_LITTLE_ENDIAN__) && \ __BYTE_ORDER__==__ORDER_LITTLE_ENDIAN__ -# define PULL64(x) ({ SHA_LONG64 ret; \ +# define PULL64(x) ({ SHA_LONG64 ret; \ asm ("rev %0,%1" \ : "=r"(ret) \ : "r"(*((const SHA_LONG64 *)(&(x))))); ret; }) -# endif # endif -# elif defined(_MSC_VER) -# if defined(_WIN64) /* applies to both IA-64 and AMD64 */ -# pragma intrinsic(_rotr64) -# define ROTR(a,n) _rotr64((a),n) -# endif -# if defined(_M_IX86) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) -# if defined(I386_ONLY) +# endif +# elif defined(_MSC_VER) +# if defined(_WIN64) /* applies to both IA-64 and AMD64 */ +# pragma intrinsic(_rotr64) +# define ROTR(a,n) _rotr64((a),n) +# endif +# if defined(_M_IX86) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) +# if defined(I386_ONLY) static SHA_LONG64 __fastcall __pull64be(const void *x) { _asm mov edx,[ecx + 0] @@ -381,34 +380,34 @@ static SHA_LONG64 __fastcall __pull64be(const void *x) _asm xchg dh, dl _asm xchg ah, al _asm rol edx, 16 _asm rol eax, 16 _asm xchg dh, dl _asm xchg ah, al} -# else +# else static SHA_LONG64 __fastcall __pull64be(const void *x) { _asm mov edx,[ecx + 0] _asm mov eax,[ecx + 4] _asm bswap edx _asm bswap eax} -# endif -# define PULL64(x) __pull64be(&(x)) -# if _MSC_VER<=1200 -# pragma inline_depth(0) -# endif +# endif +# define PULL64(x) __pull64be(&(x)) +# if _MSC_VER<=1200 +# pragma inline_depth(0) # endif # endif # endif -# ifndef PULL64 -# define B(x,j) (((SHA_LONG64)(*(((const unsigned char *)(&x))+j)))<<((7-j)*8)) -# define PULL64(x) (B(x,0)|B(x,1)|B(x,2)|B(x,3)|B(x,4)|B(x,5)|B(x,6)|B(x,7)) -# endif -# ifndef ROTR -# define ROTR(x,s) (((x)>>s) | (x)<<(64-s)) -# endif -# define Sigma0(x) (ROTR((x),28) ^ ROTR((x),34) ^ ROTR((x),39)) -# define Sigma1(x) (ROTR((x),14) ^ ROTR((x),18) ^ ROTR((x),41)) -# define sigma0(x) (ROTR((x),1) ^ ROTR((x),8) ^ ((x)>>7)) -# define sigma1(x) (ROTR((x),19) ^ ROTR((x),61) ^ ((x)>>6)) -# define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z))) -# define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) -# if defined(__i386) || defined(__i386__) || defined(_M_IX86) +# endif +# ifndef PULL64 +# define B(x,j) (((SHA_LONG64)(*(((const unsigned char *)(&x))+j)))<<((7-j)*8)) +# define PULL64(x) (B(x,0)|B(x,1)|B(x,2)|B(x,3)|B(x,4)|B(x,5)|B(x,6)|B(x,7)) +# endif +# ifndef ROTR +# define ROTR(x,s) (((x)>>s) | (x)<<(64-s)) +# endif +# define Sigma0(x) (ROTR((x),28) ^ ROTR((x),34) ^ ROTR((x),39)) +# define Sigma1(x) (ROTR((x),14) ^ ROTR((x),18) ^ ROTR((x),41)) +# define sigma0(x) (ROTR((x),1) ^ ROTR((x),8) ^ ((x)>>7)) +# define sigma1(x) (ROTR((x),19) ^ ROTR((x),61) ^ ((x)>>6)) +# define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z))) +# define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) +# if defined(__i386) || defined(__i386__) || defined(_M_IX86) /* * This code should give better results on 32-bit CPU with less than * ~24 registers, both size and performance wise... @@ -433,11 +432,11 @@ _asm bswap edx _asm bswap eax} F[7] = ctx->h[7]; for (i = 0; i < 16; i++, F--) { -# ifdef B_ENDIAN +# ifdef B_ENDIAN T = W[i]; -# else +# else T = PULL64(W[i]); -# endif +# endif F[0] = A; F[4] = E; F[8] = T; @@ -472,7 +471,7 @@ _asm bswap edx _asm bswap eax} } } -# elif defined(OPENSSL_SMALL_FOOTPRINT) +# elif defined(OPENSSL_SMALL_FOOTPRINT) static void sha512_block_data_order(SHA512_CTX *ctx, const void *in, size_t num) { @@ -493,11 +492,11 @@ static void sha512_block_data_order(SHA512_CTX *ctx, const void *in, h = ctx->h[7]; for (i = 0; i < 16; i++) { -# ifdef B_ENDIAN +# ifdef B_ENDIAN T1 = X[i] = W[i]; -# else +# else T1 = X[i] = PULL64(W[i]); -# endif +# endif T1 += h + Sigma1(e) + Ch(e, f, g) + K512[i]; T2 = Sigma0(a) + Maj(a, b, c); h = g; @@ -542,12 +541,12 @@ static void sha512_block_data_order(SHA512_CTX *ctx, const void *in, } } -# else -# define ROUND_00_15(i,a,b,c,d,e,f,g,h) do { \ +# else +# define ROUND_00_15(i,a,b,c,d,e,f,g,h) do { \ T1 += h + Sigma1(e) + Ch(e,f,g) + K512[i]; \ h = Sigma0(a) + Maj(a,b,c); \ d += T1; h += T1; } while (0) -# define ROUND_16_80(i,j,a,b,c,d,e,f,g,h,X) do { \ +# define ROUND_16_80(i,j,a,b,c,d,e,f,g,h,X) do { \ s0 = X[(j+1)&0x0f]; s0 = sigma0(s0); \ s1 = X[(j+14)&0x0f]; s1 = sigma1(s1); \ T1 = X[(j)&0x0f] += s0 + s1 + X[(j+9)&0x0f]; \ @@ -571,7 +570,7 @@ static void sha512_block_data_order(SHA512_CTX *ctx, const void *in, g = ctx->h[6]; h = ctx->h[7]; -# ifdef B_ENDIAN +# ifdef B_ENDIAN T1 = X[0] = W[0]; ROUND_00_15(0, a, b, c, d, e, f, g, h); T1 = X[1] = W[1]; @@ -604,7 +603,7 @@ static void sha512_block_data_order(SHA512_CTX *ctx, const void *in, ROUND_00_15(14, c, d, e, f, g, h, a, b); T1 = X[15] = W[15]; ROUND_00_15(15, b, c, d, e, f, g, h, a); -# else +# else T1 = X[0] = PULL64(W[0]); ROUND_00_15(0, a, b, c, d, e, f, g, h); T1 = X[1] = PULL64(W[1]); @@ -637,7 +636,7 @@ static void sha512_block_data_order(SHA512_CTX *ctx, const void *in, ROUND_00_15(14, c, d, e, f, g, h, a, b); T1 = X[15] = PULL64(W[15]); ROUND_00_15(15, b, c, d, e, f, g, h, a); -# endif +# endif for (i = 16; i < 80; i += 16) { ROUND_16_80(i, 0, a, b, c, d, e, f, g, h, X); @@ -671,14 +670,6 @@ static void sha512_block_data_order(SHA512_CTX *ctx, const void *in, } } -# endif - -# endif /* SHA512_ASM */ - -#else /* !OPENSSL_NO_SHA512 */ - -# if defined(PEDANTIC) || defined(__DECC) || defined(OPENSSL_SYS_MACOSX) -static void *dummy = &dummy; # endif -#endif /* !OPENSSL_NO_SHA512 */ +#endif /* SHA512_ASM */ diff --git a/crypto/sha/sha512t.c b/crypto/sha/sha512t.c index 178882fc76b67..a4d4b5e80b7d2 100644 --- a/crypto/sha/sha512t.c +++ b/crypto/sha/sha512t.c @@ -11,14 +11,6 @@ #include #include -#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA512) -int main(int argc, char *argv[]) -{ - printf("No SHA512 support\n"); - return (0); -} -#else - unsigned char app_c1[SHA512_DIGEST_LENGTH] = { 0xdd, 0xaf, 0x35, 0xa1, 0x93, 0x61, 0x7a, 0xba, 0xcc, 0x41, 0x73, 0x49, 0xae, 0x20, 0x41, 0x31, @@ -193,4 +185,3 @@ int main(int argc, char **argv) return 0; } -#endif diff --git a/crypto/sha/sha_dgst.c b/crypto/sha/sha_dgst.c deleted file mode 100644 index f77cf5e38d8ed..0000000000000 --- a/crypto/sha/sha_dgst.c +++ /dev/null @@ -1,74 +0,0 @@ -/* crypto/sha/sha1dgst.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#if !defined(OPENSSL_NO_SHA0) && !defined(OPENSSL_NO_SHA) - -# undef SHA_1 -# define SHA_0 - -# include - -const char SHA_version[] = "SHA" OPENSSL_VERSION_PTEXT; - -/* The implementation is in ../md32_common.h */ - -# include "sha_locl.h" - -#endif diff --git a/crypto/sha/sha_locl.h b/crypto/sha/sha_locl.h index 2a44f57c7bd44..af62d9e2900a1 100644 --- a/crypto/sha/sha_locl.h +++ b/crypto/sha/sha_locl.h @@ -76,35 +76,19 @@ ll=(c)->h4; (void)HOST_l2c(ll,(s)); \ } while (0) -#if defined(SHA_0) - -# define HASH_UPDATE SHA_Update -# define HASH_TRANSFORM SHA_Transform -# define HASH_FINAL SHA_Final -# define HASH_INIT SHA_Init -# define HASH_BLOCK_DATA_ORDER sha_block_data_order -# define Xupdate(a,ix,ia,ib,ic,id) (ix=(a)=(ia^ib^ic^id)) - -static void sha_block_data_order(SHA_CTX *c, const void *p, size_t num); - -#elif defined(SHA_1) - -# define HASH_UPDATE SHA1_Update -# define HASH_TRANSFORM SHA1_Transform -# define HASH_FINAL SHA1_Final -# define HASH_INIT SHA1_Init -# define HASH_BLOCK_DATA_ORDER sha1_block_data_order -# define Xupdate(a,ix,ia,ib,ic,id) ( (a)=(ia^ib^ic^id), \ +#define HASH_UPDATE SHA1_Update +#define HASH_TRANSFORM SHA1_Transform +#define HASH_FINAL SHA1_Final +#define HASH_INIT SHA1_Init +#define HASH_BLOCK_DATA_ORDER sha1_block_data_order +#define Xupdate(a,ix,ia,ib,ic,id) ( (a)=(ia^ib^ic^id), \ ix=(a)=ROTATE((a),1) \ ) -# ifndef SHA1_ASM -static -# endif -void sha1_block_data_order(SHA_CTX *c, const void *p, size_t num); - +#ifndef SHA1_ASM +static void sha1_block_data_order(SHA_CTX *c, const void *p, size_t num); #else -# error "Either SHA_0 or SHA_1 must be defined." +void sha1_block_data_order(SHA_CTX *c, const void *p, size_t num); #endif #include "md32_common.h" @@ -197,7 +181,7 @@ int HASH_INIT(SHA_CTX *c) # define X(i) XX[i] # endif -# if !defined(SHA_1) || !defined(SHA1_ASM) +# if !defined(SHA1_ASM) static void HASH_BLOCK_DATA_ORDER(SHA_CTX *c, const void *p, size_t num) { const unsigned char *data = p; @@ -431,7 +415,7 @@ static void HASH_BLOCK_DATA_ORDER(SHA_CTX *c, const void *p, size_t num) E=D, D=C, C=ROTATE(B,30), B=A; \ A=ROTATE(A,5)+T+xa; } while(0) -# if !defined(SHA_1) || !defined(SHA1_ASM) +# if !defined(SHA1_ASM) static void HASH_BLOCK_DATA_ORDER(SHA_CTX *c, const void *p, size_t num) { const unsigned char *data = p; diff --git a/crypto/sha/sha_one.c b/crypto/sha/sha_one.c deleted file mode 100644 index 0930b98a66b6f..0000000000000 --- a/crypto/sha/sha_one.c +++ /dev/null @@ -1,79 +0,0 @@ -/* crypto/sha/sha_one.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include - -#ifndef OPENSSL_NO_SHA0 -unsigned char *SHA(const unsigned char *d, size_t n, unsigned char *md) -{ - SHA_CTX c; - static unsigned char m[SHA_DIGEST_LENGTH]; - - if (md == NULL) - md = m; - if (!SHA_Init(&c)) - return NULL; - SHA_Update(&c, d, n); - SHA_Final(md, &c); - OPENSSL_cleanse(&c, sizeof(c)); - return (md); -} -#endif diff --git a/crypto/sha/shatest.c b/crypto/sha/shatest.c deleted file mode 100644 index 105060a7ec2da..0000000000000 --- a/crypto/sha/shatest.c +++ /dev/null @@ -1,174 +0,0 @@ -/* crypto/sha/shatest.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include "../e_os.h" - -#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA0) -int main(int argc, char *argv[]) -{ - printf("No SHA0 support\n"); - return (0); -} -#else -# include -# include - -# ifdef CHARSET_EBCDIC -# include -# endif - -# define SHA_0 /* FIPS 180 */ -# undef SHA_1 /* FIPS 180-1 */ - -static char *test[] = { - "abc", - "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", - NULL, -}; - -# ifdef SHA_0 -static char *ret[] = { - "0164b8a914cd2a5e74c4f7ff082c4d97f1edf880", - "d2516ee1acfa5baf33dfc1c471e438449ef134c8", -}; - -static char *bigret = "3232affa48628a26653b5aaa44541fd90d690603"; -# endif -# ifdef SHA_1 -static char *ret[] = { - "a9993e364706816aba3e25717850c26c9cd0d89d", - "84983e441c3bd26ebaae4aa1f95129e5e54670f1", -}; - -static char *bigret = "34aa973cd4c4daa4f61eeb2bdbad27316534016f"; -# endif - -static char *pt(unsigned char *md); -int main(int argc, char *argv[]) -{ - int i, err = 0; - char **P, **R; - static unsigned char buf[1000]; - char *p, *r; - EVP_MD_CTX c; - unsigned char md[SHA_DIGEST_LENGTH]; - -# ifdef CHARSET_EBCDIC - ebcdic2ascii(test[0], test[0], strlen(test[0])); - ebcdic2ascii(test[1], test[1], strlen(test[1])); -# endif - - EVP_MD_CTX_init(&c); - P = test; - R = ret; - i = 1; - while (*P != NULL) { - EVP_Digest(*P, strlen(*P), md, NULL, EVP_sha(), NULL); - p = pt(md); - if (strcmp(p, *R) != 0) { - printf("error calculating SHA on '%s'\n", *P); - printf("got %s instead of %s\n", p, *R); - err++; - } else - printf("test %d ok\n", i); - i++; - R++; - P++; - } - - memset(buf, 'a', 1000); -# ifdef CHARSET_EBCDIC - ebcdic2ascii(buf, buf, 1000); -# endif /* CHARSET_EBCDIC */ - EVP_DigestInit_ex(&c, EVP_sha(), NULL); - for (i = 0; i < 1000; i++) - EVP_DigestUpdate(&c, buf, 1000); - EVP_DigestFinal_ex(&c, md, NULL); - p = pt(md); - - r = bigret; - if (strcmp(p, r) != 0) { - printf("error calculating SHA on '%s'\n", p); - printf("got %s instead of %s\n", p, r); - err++; - } else - printf("test 3 ok\n"); - -# ifdef OPENSSL_SYS_NETWARE - if (err) - printf("ERROR: %d\n", err); -# endif - EVP_MD_CTX_cleanup(&c); - EXIT(err); - return (0); -} - -static char *pt(unsigned char *md) -{ - int i; - static char buf[80]; - - for (i = 0; i < SHA_DIGEST_LENGTH; i++) - sprintf(&(buf[i * 2]), "%02x", md[i]); - return (buf); -} -#endif diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h index 13f7531c24d5d..fae320f9f3991 100644 --- a/crypto/x509/x509.h +++ b/crypto/x509/x509.h @@ -97,9 +97,7 @@ # endif # endif -# ifndef OPENSSL_NO_SHA -# include -# endif +# include # include #ifdef __cplusplus @@ -280,9 +278,7 @@ struct x509_st { NAME_CONSTRAINTS *nc; STACK_OF(IPAddressFamily) *rfc3779_addr; struct ASIdentifiers_st *rfc3779_asid; -# ifndef OPENSSL_NO_SHA unsigned char sha1_hash[SHA_DIGEST_LENGTH]; -# endif X509_CERT_AUX *aux; } /* X509 */ ; @@ -453,9 +449,7 @@ struct X509_crl_st { /* CRL and base CRL numbers for delta processing */ ASN1_INTEGER *crl_number; ASN1_INTEGER *base_crl_number; -# ifndef OPENSSL_NO_SHA unsigned char sha1_hash[SHA_DIGEST_LENGTH]; -# endif STACK_OF(GENERAL_NAMES) *issuers; const X509_CRL_METHOD *meth; void *meth_data; diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c index 49c71b91280e5..04cecad14af38 100644 --- a/crypto/x509/x509_cmp.c +++ b/crypto/x509/x509_cmp.c @@ -122,12 +122,10 @@ int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b) return (X509_NAME_cmp(a->crl->issuer, b->crl->issuer)); } -#ifndef OPENSSL_NO_SHA int X509_CRL_match(const X509_CRL *a, const X509_CRL *b) { return memcmp(a->sha1_hash, b->sha1_hash, 20); } -#endif X509_NAME *X509_get_issuer_name(X509 *a) { @@ -168,7 +166,6 @@ unsigned long X509_subject_name_hash_old(X509 *x) } #endif -#ifndef OPENSSL_NO_SHA /* * Compare two certificates: they must be identical for this to work. NB: * Although "cmp" operations are generally prototyped to take "const" @@ -197,7 +194,6 @@ int X509_cmp(const X509 *a, const X509 *b) } return rv; } -#endif int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b) { diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c index dfc8c5b8e10c1..b748e98b2cefd 100644 --- a/crypto/x509v3/v3_purp.c +++ b/crypto/x509v3/v3_purp.c @@ -390,9 +390,7 @@ static void x509v3_cache_extensions(X509 *x) int i; if (x->ex_flags & EXFLAG_SET) return; -#ifndef OPENSSL_NO_SHA X509_digest(x, EVP_sha1(), x->sha1_hash, NULL); -#endif /* V1 should mean no extensions ... */ if (!X509_get_version(x)) x->ex_flags |= EXFLAG_V1; diff --git a/doc/crypto/EVP_DigestInit.pod b/doc/crypto/EVP_DigestInit.pod index d9fada9c0b0ed..66055070c22b1 100644 --- a/doc/crypto/EVP_DigestInit.pod +++ b/doc/crypto/EVP_DigestInit.pod @@ -6,7 +6,7 @@ EVP_MD_CTX_init, EVP_MD_CTX_create, EVP_DigestInit_ex, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_MD_CTX_cleanup, EVP_MD_CTX_destroy, EVP_MAX_MD_SIZE, EVP_MD_CTX_copy_ex, EVP_DigestInit, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, -EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_md_null, EVP_md2, EVP_md5, EVP_sha, EVP_sha1, +EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_md_null, EVP_md2, EVP_md5, EVP_sha1, EVP_sha224, EVP_sha256, EVP_sha384, EVP_sha512, EVP_dss, EVP_dss1, EVP_mdc2, EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj - EVP digest routines @@ -49,7 +49,6 @@ EVP digest routines const EVP_MD *EVP_md_null(void); const EVP_MD *EVP_md2(void); const EVP_MD *EVP_md5(void); - const EVP_MD *EVP_sha(void); const EVP_MD *EVP_sha1(void); const EVP_MD *EVP_dss(void); const EVP_MD *EVP_dss1(void); @@ -134,9 +133,9 @@ return B. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons. -EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_sha224(), EVP_sha256(), +EVP_md2(), EVP_md5(), EVP_sha1(), EVP_sha224(), EVP_sha256(), EVP_sha384(), EVP_sha512(), EVP_mdc2() and EVP_ripemd160() return B -structures for the MD2, MD5, SHA, SHA1, SHA224, SHA256, SHA384, SHA512, MDC2 +structures for the MD2, MD5, SHA1, SHA224, SHA256, SHA384, SHA512, MDC2 and RIPEMD160 digest algorithms respectively. EVP_dss() and EVP_dss1() return B structures for SHA and SHA1 digest @@ -165,7 +164,7 @@ corresponding OBJECT IDENTIFIER or NID_undef if none exists. EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size() and EVP_MD_CTX_block_size() return the digest or block size in bytes. -EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_dss(), +EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha1(), EVP_dss(), EVP_dss1(), EVP_mdc2() and EVP_ripemd160() return pointers to the corresponding EVP_MD structures. @@ -269,7 +268,7 @@ EVP_MD_CTX_init(), EVP_MD_CTX_create(), EVP_MD_CTX_copy_ex(), EVP_MD_CTX_cleanup(), EVP_MD_CTX_destroy(), EVP_DigestInit_ex() and EVP_DigestFinal_ex() were added in OpenSSL 0.9.7. -EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), +EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha1(), EVP_dss(), EVP_dss1(), EVP_mdc2() and EVP_ripemd160() were changed to return truly const EVP_MD * in OpenSSL 0.9.7. diff --git a/engines/e_sureware.c b/engines/e_sureware.c index dc3e21f56eceb..aae568ab71fc5 100644 --- a/engines/e_sureware.c +++ b/engines/e_sureware.c @@ -946,13 +946,11 @@ static int surewarehk_rsa_priv_dec(int flen, const unsigned char *from, } memcpy(buf, to, tlen); /* transfert to into buf */ switch (padding) { /* check padding in software */ -# ifndef OPENSSL_NO_SHA case RSA_PKCS1_OAEP_PADDING: ret = RSA_padding_check_PKCS1_OAEP(to, tlen, (unsigned char *)buf, tlen, tlen, NULL, 0); break; -# endif case RSA_SSLV23_PADDING: ret = RSA_padding_check_SSLv23(to, tlen, (unsigned char *)buf, flen, diff --git a/makevms.com b/makevms.com index 47053462f8a62..331b1be6258a5 100755 --- a/makevms.com +++ b/makevms.com @@ -566,12 +566,6 @@ $ WRITE H_FILE "#undef SIXTEEN_BIT" $ WRITE H_FILE "#undef EIGHT_BIT" $ WRITE H_FILE "#endif" $! -$! Oddly enough, the following symbol is tested in crypto/sha/sha512.c -$! before sha.h gets included (and HEADER_SHA_H defined), so we will not -$! protect this one... -$ WRITE H_FILE "#undef OPENSSL_NO_SHA512" -$ WRITE H_FILE "#define OPENSSL_NO_SHA512" -$! $ WRITE H_FILE "#undef OPENSSL_EXPORT_VAR_AS_FUNCTION" $ WRITE H_FILE "#define OPENSSL_EXPORT_VAR_AS_FUNCTION" $! diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c index e5a04ace60df9..53e3c8764c58d 100644 --- a/ssl/s3_cbc.c +++ b/ssl/s3_cbc.c @@ -328,9 +328,6 @@ static void tls1_sha1_final_raw(void *ctx, unsigned char *md_out) l2n(sha1->h4, md_out); } -#define LARGEST_DIGEST_CTX SHA_CTX - -#ifndef OPENSSL_NO_SHA256 static void tls1_sha256_final_raw(void *ctx, unsigned char *md_out) { SHA256_CTX *sha256 = ctx; @@ -341,11 +338,6 @@ static void tls1_sha256_final_raw(void *ctx, unsigned char *md_out) } } -# undef LARGEST_DIGEST_CTX -# define LARGEST_DIGEST_CTX SHA256_CTX -#endif - -#ifndef OPENSSL_NO_SHA512 static void tls1_sha512_final_raw(void *ctx, unsigned char *md_out) { SHA512_CTX *sha512 = ctx; @@ -356,9 +348,8 @@ static void tls1_sha512_final_raw(void *ctx, unsigned char *md_out) } } -# undef LARGEST_DIGEST_CTX -# define LARGEST_DIGEST_CTX SHA512_CTX -#endif +#undef LARGEST_DIGEST_CTX +#define LARGEST_DIGEST_CTX SHA512_CTX /* * ssl3_cbc_record_digest_supported returns 1 iff |ctx| uses a hash function @@ -371,14 +362,10 @@ char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx) switch (EVP_MD_CTX_type(ctx)) { case NID_md5: case NID_sha1: -#ifndef OPENSSL_NO_SHA256 case NID_sha224: case NID_sha256: -#endif -#ifndef OPENSSL_NO_SHA512 case NID_sha384: case NID_sha512: -#endif return 1; default: return 0; @@ -465,7 +452,6 @@ void ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, (void (*)(void *ctx, const unsigned char *block))SHA1_Transform; md_size = 20; break; -#ifndef OPENSSL_NO_SHA256 case NID_sha224: SHA224_Init((SHA256_CTX *)md_state.c); md_final_raw = tls1_sha256_final_raw; @@ -480,8 +466,6 @@ void ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, (void (*)(void *ctx, const unsigned char *block))SHA256_Transform; md_size = 32; break; -#endif -#ifndef OPENSSL_NO_SHA512 case NID_sha384: SHA384_Init((SHA512_CTX *)md_state.c); md_final_raw = tls1_sha512_final_raw; @@ -500,7 +484,6 @@ void ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, md_block_size = 128; md_length_size = 16; break; -#endif default: /* * ssl3_cbc_record_digest_supported should have been called first to diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 93518b89b3b60..a383eee70acea 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -2225,11 +2225,7 @@ int ssl3_get_new_session_ticket(SSL *s) */ EVP_Digest(p, ticklen, s->session->session_id, &s->session->session_id_length, -# ifndef OPENSSL_NO_SHA256 EVP_sha256(), NULL); -# else - EVP_sha1(), NULL); -# endif ret = 1; return (ret); f_err: diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index ccc418ad786d9..e92965879871a 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -3385,7 +3385,7 @@ int ssl3_send_newsession_ticket(SSL *s) EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, tctx->tlsext_tick_aes_key, iv); HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16, - tlsext_tick_md(), NULL); + EVP_sha256(), NULL); memcpy(key_name, tctx->tlsext_tick_key_name, 16); } diff --git a/ssl/ssl_algs.c b/ssl/ssl_algs.c index fdf1481444466..3843aefe8d54a 100644 --- a/ssl/ssl_algs.c +++ b/ssl/ssl_algs.c @@ -91,14 +91,10 @@ int SSL_library_init(void) EVP_add_cipher(EVP_aes_256_cbc()); EVP_add_cipher(EVP_aes_128_gcm()); EVP_add_cipher(EVP_aes_256_gcm()); -# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1()); EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1()); -# endif -# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256) EVP_add_cipher(EVP_aes_128_cbc_hmac_sha256()); EVP_add_cipher(EVP_aes_256_cbc_hmac_sha256()); -# endif #endif #ifndef OPENSSL_NO_CAMELLIA EVP_add_cipher(EVP_camellia_128_cbc()); @@ -113,20 +109,14 @@ int SSL_library_init(void) EVP_add_digest(EVP_md5()); EVP_add_digest_alias(SN_md5, "ssl3-md5"); #endif -#ifndef OPENSSL_NO_SHA EVP_add_digest(EVP_sha1()); /* RSA with sha1 */ EVP_add_digest_alias(SN_sha1, "ssl3-sha1"); EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA); -#endif -#ifndef OPENSSL_NO_SHA256 EVP_add_digest(EVP_sha224()); EVP_add_digest(EVP_sha256()); -#endif -#ifndef OPENSSL_NO_SHA512 EVP_add_digest(EVP_sha384()); EVP_add_digest(EVP_sha512()); -#endif -#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_DSA) +#if !defined(OPENSSL_NO_DSA) EVP_add_digest(EVP_dss1()); /* DSA with sha1 */ EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2); EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1"); @@ -134,11 +124,6 @@ int SSL_library_init(void) #endif #ifndef OPENSSL_NO_ECDSA EVP_add_digest(EVP_ecdsa()); -#endif - /* If you want support for phased out ciphers, add the following */ -#if 0 - EVP_add_digest(EVP_sha()); - EVP_add_digest(EVP_dss()); #endif #ifndef OPENSSL_NO_COMP /* diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index f58a605ad0a1c..fcf5f8d61d1c9 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -1329,11 +1329,6 @@ int tls1_process_heartbeat(SSL *s); int dtls1_process_heartbeat(SSL *s); # endif -# ifdef OPENSSL_NO_SHA256 -# define tlsext_tick_md EVP_sha1 -# else -# define tlsext_tick_md EVP_sha256 -# endif int tls1_process_ticket(SSL *s, unsigned char *session_id, int len, const unsigned char *limit, SSL_SESSION **ret); diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 115aab5596246..6a1ed6a7427f7 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -906,17 +906,11 @@ static int tls1_check_cert_param(SSL *s, X509 *x, int set_ee_md) tlsext_sigalg_ecdsa(md) static const unsigned char tls12_sigalgs[] = { -# ifndef OPENSSL_NO_SHA512 tlsext_sigalg(TLSEXT_hash_sha512) tlsext_sigalg(TLSEXT_hash_sha384) -# endif -# ifndef OPENSSL_NO_SHA256 tlsext_sigalg(TLSEXT_hash_sha256) tlsext_sigalg(TLSEXT_hash_sha224) -# endif -# ifndef OPENSSL_NO_SHA tlsext_sigalg(TLSEXT_hash_sha1) -# endif }; # ifndef OPENSSL_NO_ECDSA @@ -3318,7 +3312,7 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, if (memcmp(etick, tctx->tlsext_tick_key_name, 16)) return 2; HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16, - tlsext_tick_md(), NULL); + EVP_sha256(), NULL); EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, tctx->tlsext_tick_aes_key, etick + 16); } @@ -3462,25 +3456,11 @@ static const tls12_hash_info tls12_md_info[] = { # else {NID_md5, 64, EVP_md5}, # endif -# ifdef OPENSSL_NO_SHA - {NID_sha1, 80, 0}, -# else {NID_sha1, 80, EVP_sha1}, -# endif -# ifdef OPENSSL_NO_SHA256 - {NID_sha224, 112, 0}, - {NID_sha256, 128, 0}, -# else {NID_sha224, 112, EVP_sha224}, {NID_sha256, 128, EVP_sha256}, -# endif -# ifdef OPENSSL_NO_SHA512 - {NID_sha384, 192, 0}, - {NID_sha512, 256, 0} -# else {NID_sha384, 192, EVP_sha384}, {NID_sha512, 256, EVP_sha512} -# endif }; static const tls12_hash_info *tls12_get_hash_info(unsigned char hash_alg) diff --git a/util/mk1mf.pl b/util/mk1mf.pl index 07f6fdd56d6b4..5424ed543cdc3 100755 --- a/util/mk1mf.pl +++ b/util/mk1mf.pl @@ -177,7 +177,7 @@ $no_mdc2=1 if ($no_des); -$no_ssl3=1 if ($no_md5 || $no_sha); +$no_ssl3=1 if ($no_md5); $no_ssl3=1 if ($no_rsa && $no_dh); $out_def="out"; @@ -281,8 +281,6 @@ $cflags.=" -DOPENSSL_NO_MD2" if $no_md2; $cflags.=" -DOPENSSL_NO_MD4" if $no_md4; $cflags.=" -DOPENSSL_NO_MD5" if $no_md5; -$cflags.=" -DOPENSSL_NO_SHA" if $no_sha; -$cflags.=" -DOPENSSL_NO_SHA1" if $no_sha1; $cflags.=" -DOPENSSL_NO_RMD160" if $no_ripemd; $cflags.=" -DOPENSSL_NO_MDC2" if $no_mdc2; $cflags.=" -DOPENSSL_NO_BF" if $no_bf; @@ -1123,8 +1121,6 @@ sub var_add @a=grep(!/_dhp$/,@a) if $no_dh; - @a=grep(!/(^sha[^1])|(_sha$)|(m_dss$)/,@a) if $no_sha; - @a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1; @a=grep(!/_mdc2$/,@a) if $no_mdc2; @a=grep(!/(srp)/,@a) if $no_srp; @@ -1133,11 +1129,8 @@ sub var_add @a=grep(!/^hw$/,@a) if $no_hw; @a=grep(!/(^rsa$)|(^genrsa$)/,@a) if $no_rsa; @a=grep(!/(^dsa$)|(^gendsa$)|(^dsaparam$)/,@a) if $no_dsa; - @a=grep(!/^gendsa$/,@a) if $no_sha1; @a=grep(!/(^dh$)|(^gendh$)/,@a) if $no_dh; - @a=grep(!/(^dh)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1; - grep($_="$dir/$_",@a); @a=grep(!/(^|\/)s_/,@a) if $no_sock; @a=grep(!/(^|\/)bio_sock/,@a) if $no_sock; @@ -1409,8 +1402,6 @@ sub read_options "no-md2" => \$no_md2, "no-md4" => \$no_md4, "no-md5" => \$no_md5, - "no-sha" => \$no_sha, - "no-sha1" => \$no_sha1, "no-ripemd" => \$no_ripemd, "no-mdc2" => \$no_mdc2, "no-whirlpool" => \$no_whirlpool, @@ -1444,7 +1435,7 @@ sub read_options "no-hw" => \$no_hw, "just-ssl" => [\$no_rc2, \$no_idea, \$no_des, \$no_bf, \$no_cast, - \$no_md2, \$no_sha, \$no_mdc2, \$no_dsa, \$no_dh, + \$no_md2, \$no_mdc2, \$no_dsa, \$no_dh, \$no_err, \$no_ripemd, \$no_rc5, \$no_aes, \$no_camellia, \$no_seed, \$no_srp], "rsaref" => 0, diff --git a/util/mkdef.pl b/util/mkdef.pl index a6f64e3fc3a29..1dbd55579743d 100755 --- a/util/mkdef.pl +++ b/util/mkdef.pl @@ -972,7 +972,6 @@ sub do_defs $a .= ",RC4" if($s =~ /EVP_rc4/); $a .= ",RC5" if($s =~ /EVP_rc5/); $a .= ",RIPEMD" if($s =~ /EVP_ripemd/); - $a .= ",SHA" if($s =~ /EVP_sha/); $a .= ",RSA" if($s =~ /EVP_(Open|Seal)(Final|Init)/); $a .= ",RSA" if($s =~ /PEM_Seal(Final|Init|Update)/); $a .= ",RSA" if($s =~ /RSAPrivateKey/);