tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

OpenSSL SHA-2 symbol mess



[followups to tech-userlevel; bcc tech-crypto, tech-security,
tech-toolchain]

tl;dr -- We have an annoying maintenance burden with OpenSSL's SHA-2
API that I'd like to try to reduce.

Instead of patching OpenSSL's SHA-2 symbols out in favour of libc's as
we do now, what if we just rename the symbols from, e.g., SHA256_Init
to _OpenSSL_SHA256_Init, without changing the API, by declaring `int
SHA256_Init(...) asm("_OpenSSL_SHA256_init")' in <openssl/sha.h>?


BACKGROUND

Since NetBSD 3.0, libc has defined symbols for computing the SHA-2
functions, declared in <sys/sha2.h>:

SHA256_Init, SHA256_Update, SHA256_Final
SHA384_Init, SHA384_Update, SHA384_Final
SHA512_Init, SHA512_Update, SHA512_Final
(and, since 6.0: SHA224_Init, SHA224_Update, SHA224_Final)

OpenSSL's API also defines C functions by the same names, using types
of the same names (SHA256_CTX, SHA512_CTX) as libc -- but OpenSSL uses
different context types declared in <openssl/sha.h> which are larger,
and has different implementations that rely on the larger contexts.

This causes some headaches:

1. If OpenSSL libcrypto defined the same symbols, applications which
   allocate the smaller contexts from <sys/sha2.h> would be subject to
   buffer overruns when calling the OpenSSL implementations.

   => So we patch OpenSSL to remove the files defining these symbols
      from libcrypto, leaving only the libc symbols which are safe
      with either the smaller <sys/sha2.h> context types or the larger
      <openssl/sha.h> context types.

2. OpenSSL also provides functions like SHA256(buf, len, hash) to
   compute a one-shot hash of a single buffer, by calling SHA256_Init,
   SHA256_Update, SHA256_Final.

   These were previously defined in the same files that defined
   SHA256_Init/Update/Final, which we removed in addressing (1).

   => So we provide our own definitions of these functions using the
      libc symbols.  (That said, upstream has since moved these
      functions out to a separate file, so maybe having our own copy
      is no longer needed.)

3. Since the version we imported in 2018, OpenSSL relies on the
   semantics of the _OpenSSL_ SHA512_Final function to write only 28
   bytes for SHA-512/224 or 32 bytes for SHA-512/256, based on state
   stored in OpenSSL's larger SHA512_CTX structure.

   Using the NetBSD libc SHA512_Final unconditionally writes out 64
   bytes, which overruns the buffer (https://gnats.NetBSD.org/58039).

   => So we now patch the logic implementing SHA-512/224 and
      SHA-512/256 using libc SHA512_Final into a temporary 64-byte
      buffer on the stack and memcpy to write only 28 or 32 bytes to
      the caller's buffer (then we zero the temporary buffer).

There are some other references to SHA*_Final in libcrypto.so.  On
cursory review I don't see any that are problematic.  But that could
change in the next update.

Maybe because OpenSSL is deprecating the easy-to-use C APIs like
SHA*_Init/Update/Final in favour of the EVP_Digest* abstraction, this
won't continue to be an issue.  But the buffer overrun of PR lib/58039
was a purely internal issue in OpenSSL's implementation of truncated
SHA-512 variants.

So this is a precarious state of affairs that requires a careful audit
on every OpenSSL update -- which we haven't always done.


PROPOSAL

Instead of trying to remove the OpenSSL SHA-2 symbols, let's rename
them using the same mechanism we use to rename symbols for compat
(https://wiki.NetBSD.org/symbol_versions):

/* openssl/sha.h */
int SHA256_Init(...) __RENAME(_OpenSSL_SHA256_Init);

Internally, __RENAME(...) expands to asm("...") to set the ELF symbol
of the object being declared.

This way:

- The C API remains unchanged: users still call SHA256_Init.

- This shouldn't break any existing binaries.  Existing binaries all
  use the ELF symbol SHA256_Init, which libc.so still defines and
  which the new libcrypto.so still won't define.

- New programs compiled with #include <sys/sha2.h> will get the libc
  symbols, never the OpenSSL symbols, just like old programs.

- New programs compiled with #include <openssl/sha.h> will get the
  OpenSSL symbols.  This means they will also take advantage of
  OpenSSL speedups (https://gnats.NetBSD.org/51333).

- Both sets of symbols can peacefully coexist in the same address
  space, and the compiler should generally prevent accidentally mixing
  the different SHA*_CTX types.

- Internally, OpenSSL will stop using the libc.so symbols altogether,
  so we no longer have to worry about semantic mismatches between our
  SHA512_Final and OpenSSL's SHA512_Final.

- We are unlikely to risk further namespace conflicts: C identifiers
  named `_OpenSSL_...' are reserved to the implementation by the C
  standard, so libraries and programs can't expect to define them
  without running into trouble.  (Maybe it should be _OPENSSL_...
  instead of _OpenSSL_...; I don't care what the prefix is.)


I haven't thoroughly tested this, just verified that the tests under
tests/crypto/libcrypto pass with this change (including a new test to
check for the SHA-512/224 and SHA-512/256 buffer overruns).  We might
want to run a bulk build to see how it pans out.


Thoughts?
>From 7c2a554b476a0b17ff015646bdaaecb761acc097 Mon Sep 17 00:00:00 2001
From: Taylor R Campbell <riastradh%NetBSD.org@localhost>
Date: Fri, 15 Mar 2024 22:23:27 +0000
Subject: [PATCH] openssl: Just rename the sha2 symbols.

Ditch all our other local changes related to them.

These symbols end up as private symbols in libcrypto, and our
libcrypto has never exported the sha2 symbols anyway so that can't
break existing applications.  So this might even be safe to pull up
to branches.

This changes some libcrypto symbols listed in crypto.map -- but those
symbols weren't defined anyway!  And ld apparently doesn't care if
they're not defined.

PR bin/51333
PR lib/58039
---
 .../bsd/openssl/dist/crypto/evp/legacy_sha.c  |  4 +-
 .../bsd/openssl/dist/include/openssl/sha.h    | 28 +++---
 .../implementations/digests/sha2_prov.c       |  6 +-
 .../bsd/openssl/lib/libcrypto/Makefile        |  1 +
 .../bsd/openssl/lib/libcrypto/crypto.map      | 28 +++---
 .../bsd/openssl/lib/libcrypto/libc-sha1.c     | 45 ----------
 .../bsd/openssl/lib/libcrypto/libc-sha256.c   | 49 ----------
 .../bsd/openssl/lib/libcrypto/libc-sha2xx.c   | 90 -------------------
 .../bsd/openssl/lib/libcrypto/libc-sha512.c   | 49 ----------
 .../bsd/openssl/lib/libcrypto/sha.inc         | 18 ++--
 10 files changed, 39 insertions(+), 279 deletions(-)
 delete mode 100644 crypto/external/bsd/openssl/lib/libcrypto/libc-sha1.c
 delete mode 100644 crypto/external/bsd/openssl/lib/libcrypto/libc-sha256.c
 delete mode 100644 crypto/external/bsd/openssl/lib/libcrypto/libc-sha2xx.c
 delete mode 100644 crypto/external/bsd/openssl/lib/libcrypto/libc-sha512.c

diff --git a/crypto/external/bsd/openssl/dist/crypto/evp/legacy_sha.c b/crypto/external/bsd/openssl/dist/crypto/evp/legacy_sha.c
index 1649601cf92b..ca9a3264978a 100644
--- a/crypto/external/bsd/openssl/dist/crypto/evp/legacy_sha.c
+++ b/crypto/external/bsd/openssl/dist/crypto/evp/legacy_sha.c
@@ -49,9 +49,9 @@ static int nm##_init(EVP_MD_CTX *ctx)                                          \
 #define sha512_256_Init    sha512_256_init
 
 #define sha512_224_Update  SHA512_Update
-#define sha512_224_Final   sha512_224_final /* XXX NetBSD libc sha2 */
+#define sha512_224_Final   SHA512_Final
 #define sha512_256_Update  SHA512_Update
-#define sha512_256_Final   sha512_256_final /* XXX NetBSD libc sha2 */
+#define sha512_256_Final   SHA512_Final
 
 IMPLEMENT_LEGACY_EVP_MD_METH(sha1, SHA1)
 IMPLEMENT_LEGACY_EVP_MD_METH(sha224, SHA224)
diff --git a/crypto/external/bsd/openssl/dist/include/openssl/sha.h b/crypto/external/bsd/openssl/dist/include/openssl/sha.h
index c7084bf9889e..bb620faf91d9 100644
--- a/crypto/external/bsd/openssl/dist/include/openssl/sha.h
+++ b/crypto/external/bsd/openssl/dist/include/openssl/sha.h
@@ -70,16 +70,16 @@ typedef struct SHA256state_st {
     unsigned int num, md_len;
 } SHA256_CTX;
 
-OSSL_DEPRECATEDIN_3_0 int SHA224_Init(SHA256_CTX *c);
+OSSL_DEPRECATEDIN_3_0 int SHA224_Init(SHA256_CTX *c) __RENAME(_OpenSSL_SHA224_Init);
 OSSL_DEPRECATEDIN_3_0 int SHA224_Update(SHA256_CTX *c,
-                                        const void *data, size_t len);
-OSSL_DEPRECATEDIN_3_0 int SHA224_Final(unsigned char *md, SHA256_CTX *c);
-OSSL_DEPRECATEDIN_3_0 int SHA256_Init(SHA256_CTX *c);
+                                        const void *data, size_t len) __RENAME(_OpenSSL_SHA224_Update);
+OSSL_DEPRECATEDIN_3_0 int SHA224_Final(unsigned char *md, SHA256_CTX *c) __RENAME(_OpenSSL_SHA224_Final);
+OSSL_DEPRECATEDIN_3_0 int SHA256_Init(SHA256_CTX *c) __RENAME(_OpenSSL_SHA256_Init);
 OSSL_DEPRECATEDIN_3_0 int SHA256_Update(SHA256_CTX *c,
-                                        const void *data, size_t len);
-OSSL_DEPRECATEDIN_3_0 int SHA256_Final(unsigned char *md, SHA256_CTX *c);
+                                        const void *data, size_t len) __RENAME(_OpenSSL_SHA256_Update);
+OSSL_DEPRECATEDIN_3_0 int SHA256_Final(unsigned char *md, SHA256_CTX *c) __RENAME(_OpenSSL_SHA256_Final);
 OSSL_DEPRECATEDIN_3_0 void SHA256_Transform(SHA256_CTX *c,
-                                            const unsigned char *data);
+                                            const unsigned char *data) __RENAME(_OpenSSL_SHA256_Transform);
 # endif
 
 unsigned char *SHA224(const unsigned char *d, size_t n, unsigned char *md);
@@ -120,16 +120,16 @@ typedef struct SHA512state_st {
     unsigned int num, md_len;
 } SHA512_CTX;
 
-OSSL_DEPRECATEDIN_3_0 int SHA384_Init(SHA512_CTX *c);
+OSSL_DEPRECATEDIN_3_0 int SHA384_Init(SHA512_CTX *c) __RENAME(_OpenSSL_SHA384_Init);
 OSSL_DEPRECATEDIN_3_0 int SHA384_Update(SHA512_CTX *c,
-                                        const void *data, size_t len);
-OSSL_DEPRECATEDIN_3_0 int SHA384_Final(unsigned char *md, SHA512_CTX *c);
-OSSL_DEPRECATEDIN_3_0 int SHA512_Init(SHA512_CTX *c);
+                                        const void *data, size_t len) __RENAME(_OpenSSL_SHA384_Update);
+OSSL_DEPRECATEDIN_3_0 int SHA384_Final(unsigned char *md, SHA512_CTX *c) __RENAME(_OpenSSL_SHA384_Final);
+OSSL_DEPRECATEDIN_3_0 int SHA512_Init(SHA512_CTX *c) __RENAME(_OpenSSL_SHA512_Init);
 OSSL_DEPRECATEDIN_3_0 int SHA512_Update(SHA512_CTX *c,
-                                        const void *data, size_t len);
-OSSL_DEPRECATEDIN_3_0 int SHA512_Final(unsigned char *md, SHA512_CTX *c);
+                                        const void *data, size_t len) __RENAME(_OpenSSL_SHA512_Update);
+OSSL_DEPRECATEDIN_3_0 int SHA512_Final(unsigned char *md, SHA512_CTX *c) __RENAME(_OpenSSL_SHA512_Final);
 OSSL_DEPRECATEDIN_3_0 void SHA512_Transform(SHA512_CTX *c,
-                                            const unsigned char *data);
+                                            const unsigned char *data) __RENAME(_OpenSSL_SHA512_Transform);
 # endif
 
 unsigned char *SHA384(const unsigned char *d, size_t n, unsigned char *md);
diff --git a/crypto/external/bsd/openssl/dist/providers/implementations/digests/sha2_prov.c b/crypto/external/bsd/openssl/dist/providers/implementations/digests/sha2_prov.c
index ca748b2634fe..3b731796bdc4 100644
--- a/crypto/external/bsd/openssl/dist/providers/implementations/digests/sha2_prov.c
+++ b/crypto/external/bsd/openssl/dist/providers/implementations/digests/sha2_prov.c
@@ -86,12 +86,10 @@ IMPLEMENT_digest_functions(sha512, SHA512_CTX,
 /* ossl_sha512_224_functions */
 IMPLEMENT_digest_functions(sha512_224, SHA512_CTX,
                            SHA512_CBLOCK, SHA224_DIGEST_LENGTH, SHA2_FLAGS,
-                           sha512_224_init, SHA512_Update,
-                           /* XXX NetBSD libc sha2 */sha512_224_final)
+                           sha512_224_init, SHA512_Update, SHA512_Final)
 
 /* ossl_sha512_256_functions */
 IMPLEMENT_digest_functions(sha512_256, SHA512_CTX,
                            SHA512_CBLOCK, SHA256_DIGEST_LENGTH, SHA2_FLAGS,
-                           sha512_256_init, SHA512_Update,
-                           /* XXX NetBSD libc sha2 */sha512_256_final)
+                           sha512_256_init, SHA512_Update, SHA512_Final)
 
diff --git a/crypto/external/bsd/openssl/lib/libcrypto/Makefile b/crypto/external/bsd/openssl/lib/libcrypto/Makefile
index 192c269139e1..2920678c427a 100644
--- a/crypto/external/bsd/openssl/lib/libcrypto/Makefile
+++ b/crypto/external/bsd/openssl/lib/libcrypto/Makefile
@@ -247,6 +247,7 @@ COPTS.eng_padlock.c = -Wno-stack-protector
 INCSDIR=/usr/include/openssl
 
 LDFLAGS+=-Wl,--version-script=${.CURDIR}/crypto.map
+DPADD+=	${.CURDIR}/crypto.map
 
 PKGCONFIG=libcrypto
 .include "${.CURDIR}/../../pkgconfig.mk"
diff --git a/crypto/external/bsd/openssl/lib/libcrypto/crypto.map b/crypto/external/bsd/openssl/lib/libcrypto/crypto.map
index fdde8eee0a1d..d25554679287 100644
--- a/crypto/external/bsd/openssl/lib/libcrypto/crypto.map
+++ b/crypto/external/bsd/openssl/lib/libcrypto/crypto.map
@@ -3910,23 +3910,23 @@ OPENSSL_3.0.0 {
         SHA1_Transform;
         SHA1_Update;
         SHA224;
-        SHA224_Final;
-        SHA224_Init;
-        SHA224_Update;
+        _OpenSSL_SHA224_Final;
+        _OpenSSL_SHA224_Init;
+        _OpenSSL_SHA224_Update;
         SHA256;
-        SHA256_Final;
-        SHA256_Init;
-        SHA256_Transform;
-        SHA256_Update;
+        _OpenSSL_SHA256_Final;
+        _OpenSSL_SHA256_Init;
+        _OpenSSL_SHA256_Transform;
+        _OpenSSL_SHA256_Update;
         SHA384;
-        SHA384_Final;
-        SHA384_Init;
-        SHA384_Update;
+        _OpenSSL_SHA384_Final;
+        _OpenSSL_SHA384_Init;
+        _OpenSSL_SHA384_Update;
         SHA512;
-        SHA512_Final;
-        SHA512_Init;
-        SHA512_Transform;
-        SHA512_Update;
+        _OpenSSL_SHA512_Final;
+        _OpenSSL_SHA512_Init;
+        _OpenSSL_SHA512_Transform;
+        _OpenSSL_SHA512_Update;
         SMIME_crlf_copy;
         SMIME_read_ASN1;
         SMIME_read_ASN1_ex;
diff --git a/crypto/external/bsd/openssl/lib/libcrypto/libc-sha1.c b/crypto/external/bsd/openssl/lib/libcrypto/libc-sha1.c
deleted file mode 100644
index 66f10443ea4e..000000000000
--- a/crypto/external/bsd/openssl/lib/libcrypto/libc-sha1.c
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-/*
- * SHA-1 low level APIs are deprecated for public use, but still ok for
- * internal use.
- */
-#include "internal/deprecated.h"
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/sha.h>
-#include <openssl/evp.h>
-#include "crypto/sha.h"
-
-unsigned char *ossl_sha1(const unsigned char *d, size_t n, unsigned char *md)
-{
-    SHA_CTX c;
-    static unsigned char m[SHA_DIGEST_LENGTH];
-
-    if (md == NULL)
-        md = m;
-    if (!SHA1_Init(&c))
-        return NULL;
-    SHA1_Update(&c, d, n);
-    SHA1_Final(md, &c);
-    OPENSSL_cleanse(&c, sizeof(c));
-    return md;
-}
-
-unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md)
-{
-    static unsigned char m[SHA_DIGEST_LENGTH];
-
-    if (md == NULL)
-        md = m;
-    return EVP_Q_digest(NULL, "SHA1", NULL, d, n, md, NULL) ? md : NULL;
-}
diff --git a/crypto/external/bsd/openssl/lib/libcrypto/libc-sha256.c b/crypto/external/bsd/openssl/lib/libcrypto/libc-sha256.c
deleted file mode 100644
index c63101a43f75..000000000000
--- a/crypto/external/bsd/openssl/lib/libcrypto/libc-sha256.c
+++ /dev/null
@@ -1,49 +0,0 @@
-/*
- * Special version of sha256.c that uses the libc SHA256 implementation
- * of libc.
- */
-
-/* crypto/sha/sha256.c */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved
- * according to the OpenSSL license [found in ../../LICENSE].
- * ====================================================================
- */
-#include <openssl/opensslconf.h>
-
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/crypto.h>
-#undef OSSL_DEPRECATEDIN_3_0
-#define OSSL_DEPRECATEDIN_3_0
-#include <openssl/sha.h>
-#include <openssl/opensslv.h>
-
-#include "internal/cryptlib.h"
-
-unsigned char *SHA224(const unsigned char *d, size_t n, unsigned char *md)
-	{
-	SHA256_CTX c;
-	static unsigned char m[SHA224_DIGEST_LENGTH];
-
-	if (md == NULL) md=m;
-	SHA224_Init(&c);
-	SHA224_Update(&c,d,n);
-	SHA224_Final(md,&c);
-	OPENSSL_cleanse(&c,sizeof(c));
-	return(md);
-	}
-
-unsigned char *SHA256(const unsigned char *d, size_t n, unsigned char *md)
-	{
-	SHA256_CTX c;
-	static unsigned char m[SHA256_DIGEST_LENGTH];
-
-	if (md == NULL) md=m;
-	SHA256_Init(&c);
-	SHA256_Update(&c,d,n);
-	SHA256_Final(md,&c);
-	OPENSSL_cleanse(&c,sizeof(c));
-	return(md);
-	}
diff --git a/crypto/external/bsd/openssl/lib/libcrypto/libc-sha2xx.c b/crypto/external/bsd/openssl/lib/libcrypto/libc-sha2xx.c
deleted file mode 100644
index e14dc9275525..000000000000
--- a/crypto/external/bsd/openssl/lib/libcrypto/libc-sha2xx.c
+++ /dev/null
@@ -1,90 +0,0 @@
-/*
- * Special version of sha512.c that uses the libc SHA512 implementation
- * of libc.
- */
-
-
-#include <string.h>
-#include <sys/sha2.h>
-
-static const uint64_t sha512_224_initial_hash_value[] = {
-	0x8c3d37c819544da2ULL,
-	0x73e1996689dcd4d6ULL,
-	0x1dfab7ae32ff9c82ULL,
-	0x679dd514582f9fcfULL,
-	0x0f6d2b697bd44da8ULL,
-	0x77e36f7304c48942ULL,
-	0x3f9d85a86a1d36c8ULL,
-	0x1112e6ad91d692a1ULL,
-};
-
-static const uint64_t sha512_256_initial_hash_value[] = {
-	0x22312194fc2bf72cULL,
-	0x9f555fa3c84c64c2ULL,
-	0x2393b86b6f53b151ULL,
-	0x963877195940eabdULL,
-	0x96283ee2a88effe3ULL,
-	0xbe5e1e2553863992ULL,
-	0x2b0199fc2c85b8aaULL,
-	0x0eb72ddc81c52ca2ULL,
-};
-
-extern int
-sha512_224_init(SHA512_CTX *context);
-int
-sha512_224_init(SHA512_CTX *context)
-{
-	if (context == NULL)
-		return 1;
-
-	memcpy(context->state, sha512_224_initial_hash_value,
-	    (size_t)(SHA512_DIGEST_LENGTH));
-	memset(context->buffer, 0, (size_t)(SHA512_BLOCK_LENGTH));
-	context->bitcount[0] = context->bitcount[1] =  0;
-
-	return 1;
-
-}
-
-extern int
-sha512_224_final(unsigned char *md, SHA512_CTX *context);
-int
-sha512_224_final(unsigned char *md, SHA512_CTX *context)
-{
-	unsigned char tmp[64];
-
-	SHA512_Final(tmp, context);
-	memcpy(md, tmp, 28);
-	explicit_memset(tmp, 0, sizeof(tmp));
-	return 1;
-
-}
-
-extern int
-sha512_256_init(SHA512_CTX *context);
-int
-sha512_256_init(SHA512_CTX *context)
-{
-	if (context == NULL)
-		return 1;
-
-	memcpy(context->state, sha512_256_initial_hash_value,
-	    (size_t)(SHA512_DIGEST_LENGTH));
-	memset(context->buffer, 0, (size_t)(SHA512_BLOCK_LENGTH));
-	context->bitcount[0] = context->bitcount[1] =  0;
-
-	return 1;
-}
-
-extern int
-sha512_256_final(unsigned char *md, SHA512_CTX *context);
-int
-sha512_256_final(unsigned char *md, SHA512_CTX *context)
-{
-	unsigned char tmp[64];
-
-	SHA512_Final(tmp, context);
-	memcpy(md, tmp, 32);
-	explicit_memset(tmp, 0, sizeof(tmp));
-	return 1;
-}
diff --git a/crypto/external/bsd/openssl/lib/libcrypto/libc-sha512.c b/crypto/external/bsd/openssl/lib/libcrypto/libc-sha512.c
deleted file mode 100644
index 443f50251bee..000000000000
--- a/crypto/external/bsd/openssl/lib/libcrypto/libc-sha512.c
+++ /dev/null
@@ -1,49 +0,0 @@
-/*
- * Special version of sha512.c that uses the libc SHA512 implementation
- * of libc.
- */
-
-/* crypto/sha/sha512.c */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved
- * according to the OpenSSL license [found in ../../LICENSE].
- * ====================================================================
- */
-// #include <openssl/opensslconf.h>
-
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/crypto.h>
-#undef OSSL_DEPRECATEDIN_3_0
-#define OSSL_DEPRECATEDIN_3_0
-#include <openssl/sha.h>
-#include <openssl/opensslv.h>
-
-#include "internal/cryptlib.h"
-
-unsigned char *SHA384(const unsigned char *d, size_t n, unsigned char *md)
-	{
-	SHA512_CTX c;
-	static unsigned char m[SHA384_DIGEST_LENGTH];
-
-	if (md == NULL) md=m;
-	SHA384_Init(&c);
-	SHA384_Update(&c, d, n);
-	SHA384_Final(md, &c);
-	OPENSSL_cleanse(&c, sizeof(c));
-	return(md);
-	}
-
-unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md)
-	{
-	SHA512_CTX c;
-	static unsigned char m[SHA512_DIGEST_LENGTH];
-
-	if (md == NULL) md=m;
-	SHA512_Init(&c);
-	SHA512_Update(&c,d,n);
-	SHA512_Final(md,&c);
-	OPENSSL_cleanse(&c,sizeof(c));
-	return(md);
-	}
diff --git a/crypto/external/bsd/openssl/lib/libcrypto/sha.inc b/crypto/external/bsd/openssl/lib/libcrypto/sha.inc
index 12696ab78af1..f90913d096e9 100644
--- a/crypto/external/bsd/openssl/lib/libcrypto/sha.inc
+++ b/crypto/external/bsd/openssl/lib/libcrypto/sha.inc
@@ -2,21 +2,15 @@
 
 .PATH:	${OPENSSLSRC}/crypto/sha
 
-
-SHA_SRCS += sha1dgst.c sha3.c
-
-# Replaced OpenSSL version to avoid overlap with libc
-SHA_SRCS+= libc-sha1.c libc-sha512.c libc-sha256.c libc-sha2xx.c
-
 .if !defined(KECCAKNI)
 SHA_SRCS+= keccak1600.c
 .endif
-#SHA_SRCS += \
-#sha1_one.c \
-#sha1dgst.c \
-#sha256.c \
-#sha3.c \
-#sha512.c \
+SHA_SRCS += \
+sha1_one.c \
+sha1dgst.c \
+sha256.c \
+sha3.c \
+sha512.c \
 
 SRCS += ${SHA_SRCS}
 


Home | Main Index | Thread Index | Old Index