Prefer OpenSSL's SHA256 in sk-dummy.so

Previously sk-dummy.so used libc's (or compat's) SHA256 since it may be
built without OpenSSL.  In many cases, however, including both libc's
and OpenSSL's headers together caused conflicting definitions.

We tried working around this (on OpenSSL <1.1 you could define
OPENSSL_NO_SHA, NetBSD had USE_LIBC_SHA2, various #define hacks) with
varying levels of success.  Since OpenSSL >=1.1 removed OPENSSL_NO_SHA
and including most OpenSSL headers would bring sha.h in, even if it
wasn't used directly this was a constant hassle.

Admit defeat and use OpenSSL's SHA256 unless we aren't using OpenSSL at
all.  ok djm@
This commit is contained in:
Darren Tucker 2023-07-27 02:25:09 +10:00
parent 36cdb5dbf5
commit 0fa803a1dd
No known key found for this signature in database
1 changed files with 9 additions and 30 deletions

View File

@ -24,41 +24,11 @@
#include <stdio.h>
#include <stddef.h>
#include <stdarg.h>
#ifdef HAVE_SHA2_H
#include <sha2.h>
#endif
#include "crypto_api.h"
#include "sk-api.h"
#if defined(WITH_OPENSSL) && !defined(OPENSSL_HAS_ECC)
# undef WITH_OPENSSL
#endif
#ifdef WITH_OPENSSL
/*
* We use native (or compat) SHA2, but some bits of OpenSSL conflict with
* some native sha2 implementations. SHA2 is no longer optional in OpenSSL,
* so prevent conflicts as best we can.
*/
#define USE_LIBC_SHA2 /* NetBSD 9 */
#define SHA256_CTX openssl_SHA256_CTX
#define SHA512_CTX openssl_SHA512_CTX
#ifdef SHA1
# undef SHA1
#endif
#ifdef SHA224
# undef SHA224
#endif
#ifdef SHA256
# undef SHA256
#endif
#ifdef SHA384
# undef SHA384
#endif
#ifdef SHA512
# undef SHA512
#endif
#include <openssl/opensslv.h>
#include <openssl/sha.h>
#include <openssl/crypto.h>
@ -67,6 +37,15 @@
#include <openssl/ec.h>
#include <openssl/ecdsa.h>
#include <openssl/pem.h>
/* Use OpenSSL SHA256 instead of libc */
#define SHA256Init(x) SHA256_Init(x)
#define SHA256Update(x, y, z) SHA256_Update(x, y, z)
#define SHA256Final(x, y) SHA256_Final(x, y)
#define SHA2_CTX SHA256_CTX
#elif defined(HAVE_SHA2_H)
#include <sha2.h>
#endif /* WITH_OPENSSL */
/* #define SK_DEBUG 1 */