Merge branch 'ew/hash-with-openssl-evp' · freshlybakedca.ke/git@889c94d

Git fork

Merge branch 'ew/hash-with-openssl-evp'

Adjust to OpenSSL 3+, which deprecates its SHA-1 functions based on
its traditional API, by using its EVP API instead.

* ew/hash-with-openssl-evp:
avoid SHA-1 functions deprecated in OpenSSL 3+
sha256: avoid functions deprecated in OpenSSL 3+

Junio C Hamano 2 years ago 889c94d2 a82fb66f

+120 -2

4 changed files

expand all

unified split

Makefile

hash-ll.h

sha1

openssl.h

sha256

openssl.h

Makefile

··· 3216 3216 sparse: $(SP_OBJ) 3217 3217 3218 3218 EXCEPT_HDRS := $(GENERATED_H) unicode-width.h compat/% xdiff/% 3219 + ifndef OPENSSL_SHA1 3220 + EXCEPT_HDRS += sha1/openssl.h 3221 + endif 3222 + ifndef OPENSSL_SHA256 3223 + EXCEPT_HDRS += sha256/openssl.h 3224 + endif 3219 3225 ifndef NETTLE_SHA256 3220 3226 EXCEPT_HDRS += sha256/nettle.h 3221 3227 endif

+16 -2

hash-ll.h

··· 4 4 #if defined(SHA1_APPLE) 5 5 #include <CommonCrypto/CommonDigest.h> 6 6 #elif defined(SHA1_OPENSSL) 7 - #include <openssl/sha.h> 7 + # include <openssl/sha.h> 8 + # if defined(OPENSSL_API_LEVEL) && OPENSSL_API_LEVEL >= 3 9 + # define SHA1_NEEDS_CLONE_HELPER 10 + # include "sha1/openssl.h" 11 + # endif 8 12 #elif defined(SHA1_DC) 9 13 #include "sha1dc_git.h" 10 14 #else /* SHA1_BLK */ ··· 17 21 #define SHA256_NEEDS_CLONE_HELPER 18 22 #include "sha256/gcrypt.h" 19 23 #elif defined(SHA256_OPENSSL) 20 - #include <openssl/sha.h> 24 + # include <openssl/sha.h> 25 + # if defined(OPENSSL_API_LEVEL) && OPENSSL_API_LEVEL >= 3 26 + # define SHA256_NEEDS_CLONE_HELPER 27 + # include "sha256/openssl.h" 28 + # endif 21 29 #else 22 30 #include "sha256/block/sha256.h" 23 31 #endif ··· 41 49 #define git_SHA1_Update platform_SHA1_Update 42 50 #define git_SHA1_Final platform_SHA1_Final 43 51 52 + #ifdef platform_SHA1_Clone 53 + #define git_SHA1_Clone platform_SHA1_Clone 54 + #endif 55 + 44 56 #ifndef platform_SHA256_CTX 45 57 #define platform_SHA256_CTX SHA256_CTX 46 58 #define platform_SHA256_Init SHA256_Init ··· 63 75 #define git_SHA1_Update git_SHA1_Update_Chunked 64 76 #endif 65 77 78 + #ifndef SHA1_NEEDS_CLONE_HELPER 66 79 static inline void git_SHA1_Clone(git_SHA_CTX *dst, const git_SHA_CTX *src) 67 80 { 68 81 memcpy(dst, src, sizeof(*dst)); 69 82 } 83 + #endif 70 84 71 85 #ifndef SHA256_NEEDS_CLONE_HELPER 72 86 static inline void git_SHA256_Clone(git_SHA256_CTX *dst, const git_SHA256_CTX *src)

+49

sha1/openssl.h

··· 1 + /* wrappers for the EVP API of OpenSSL 3+ */ 2 + #ifndef SHA1_OPENSSL_H 3 + #define SHA1_OPENSSL_H 4 + #include <openssl/evp.h> 5 + 6 + struct openssl_SHA1_CTX { 7 + EVP_MD_CTX *ectx; 8 + }; 9 + 10 + typedef struct openssl_SHA1_CTX openssl_SHA1_CTX; 11 + 12 + static inline void openssl_SHA1_Init(struct openssl_SHA1_CTX *ctx) 13 + { 14 + const EVP_MD *type = EVP_sha1(); 15 + 16 + ctx->ectx = EVP_MD_CTX_new(); 17 + if (!ctx->ectx) 18 + die("EVP_MD_CTX_new: out of memory"); 19 + 20 + EVP_DigestInit_ex(ctx->ectx, type, NULL); 21 + } 22 + 23 + static inline void openssl_SHA1_Update(struct openssl_SHA1_CTX *ctx, 24 + const void *data, 25 + size_t len) 26 + { 27 + EVP_DigestUpdate(ctx->ectx, data, len); 28 + } 29 + 30 + static inline void openssl_SHA1_Final(unsigned char *digest, 31 + struct openssl_SHA1_CTX *ctx) 32 + { 33 + EVP_DigestFinal_ex(ctx->ectx, digest, NULL); 34 + EVP_MD_CTX_free(ctx->ectx); 35 + } 36 + 37 + static inline void openssl_SHA1_Clone(struct openssl_SHA1_CTX *dst, 38 + const struct openssl_SHA1_CTX *src) 39 + { 40 + EVP_MD_CTX_copy_ex(dst->ectx, src->ectx); 41 + } 42 + 43 + #define platform_SHA_CTX openssl_SHA1_CTX 44 + #define platform_SHA1_Init openssl_SHA1_Init 45 + #define platform_SHA1_Clone openssl_SHA1_Clone 46 + #define platform_SHA1_Update openssl_SHA1_Update 47 + #define platform_SHA1_Final openssl_SHA1_Final 48 + 49 + #endif /* SHA1_OPENSSL_H */

+49

sha256/openssl.h

··· 1 + /* wrappers for the EVP API of OpenSSL 3+ */ 2 + #ifndef SHA256_OPENSSL_H 3 + #define SHA256_OPENSSL_H 4 + #include <openssl/evp.h> 5 + 6 + struct openssl_SHA256_CTX { 7 + EVP_MD_CTX *ectx; 8 + }; 9 + 10 + typedef struct openssl_SHA256_CTX openssl_SHA256_CTX; 11 + 12 + static inline void openssl_SHA256_Init(struct openssl_SHA256_CTX *ctx) 13 + { 14 + const EVP_MD *type = EVP_sha256(); 15 + 16 + ctx->ectx = EVP_MD_CTX_new(); 17 + if (!ctx->ectx) 18 + die("EVP_MD_CTX_new: out of memory"); 19 + 20 + EVP_DigestInit_ex(ctx->ectx, type, NULL); 21 + } 22 + 23 + static inline void openssl_SHA256_Update(struct openssl_SHA256_CTX *ctx, 24 + const void *data, 25 + size_t len) 26 + { 27 + EVP_DigestUpdate(ctx->ectx, data, len); 28 + } 29 + 30 + static inline void openssl_SHA256_Final(unsigned char *digest, 31 + struct openssl_SHA256_CTX *ctx) 32 + { 33 + EVP_DigestFinal_ex(ctx->ectx, digest, NULL); 34 + EVP_MD_CTX_free(ctx->ectx); 35 + } 36 + 37 + static inline void openssl_SHA256_Clone(struct openssl_SHA256_CTX *dst, 38 + const struct openssl_SHA256_CTX *src) 39 + { 40 + EVP_MD_CTX_copy_ex(dst->ectx, src->ectx); 41 + } 42 + 43 + #define platform_SHA256_CTX openssl_SHA256_CTX 44 + #define platform_SHA256_Init openssl_SHA256_Init 45 + #define platform_SHA256_Clone openssl_SHA256_Clone 46 + #define platform_SHA256_Update openssl_SHA256_Update 47 + #define platform_SHA256_Final openssl_SHA256_Final 48 + 49 + #endif /* SHA256_OPENSSL_H */