[openssh-commits] [openssh] 03/04: upstream: perform hashing directly in crypto_hash_sha512() using

git+noreply at mindrot.org git+noreply at mindrot.org
Fri Nov 29 11:19:57 AEDT 2019


This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 7404b81f25a4a7847380c0f0cf7f1bea5f0a5cd3
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Fri Nov 29 00:11:21 2019 +0000

    upstream: perform hashing directly in crypto_hash_sha512() using
    
    libcrypto or libc SHA512 functions rather than calling ssh_digest_memory();
    avoids many dependencies on ssh code that complicate standalone use of
    ed25519, as we want to do in sk-dummy.so
    
    OpenBSD-Commit-ID: 5a3c37593d3ba7add037b587cec44aaea088496d
---
 hash.c | 30 ++++++++++++++++++++++--------
 1 file changed, 22 insertions(+), 8 deletions(-)

diff --git a/hash.c b/hash.c
index 5875d41f..a3502787 100644
--- a/hash.c
+++ b/hash.c
@@ -1,6 +1,6 @@
 /* $OpenBSD: hash.c,v 1.4 2017/12/14 21:07:39 naddy Exp $ */
 
-/* $OpenBSD: hash.c,v 1.5 2018/01/13 00:24:09 naddy Exp $ */
+/* $OpenBSD: hash.c,v 1.6 2019/11/29 00:11:21 djm Exp $ */
 /*
  * Public domain. Author: Christian Weisgerber <naddy at openbsd.org>
  * API compatible reimplementation of function from nacl
@@ -10,18 +10,32 @@
 
 #include <stdarg.h>
 
-#include "digest.h"
-#include "log.h"
-#include "ssherr.h"
+#ifdef WITH_OPENSSL
+#include <openssl/evp.h>
 
 int
 crypto_hash_sha512(unsigned char *out, const unsigned char *in,
     unsigned long long inlen)
 {
-	int r;
 
-	if ((r = ssh_digest_memory(SSH_DIGEST_SHA512, in, inlen, out,
-	    crypto_hash_sha512_BYTES)) != 0)
-		fatal("%s: %s", __func__, ssh_err(r));
+	if (!EVP_Digest(in, inlen, out, NULL, EVP_sha512(), NULL))
+		return -1;
 	return 0;
 }
+
+#else
+#include <sha2.h>
+
+int
+crypto_hash_sha512(unsigned char *out, const unsigned char *in,
+    unsigned long long inlen)
+{
+
+	SHA2_CTX ctx;
+
+	SHA512Init(&ctx);
+	SHA512Update(&ctx, in, inlen);
+	SHA512Final(out, &ctx);
+	return 0;
+}
+#endif /* WITH_OPENSSL */

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list