diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2021-03-29 19:32:48 +0200 |
---|---|---|
committer | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2021-05-08 14:41:36 +0200 |
commit | 4d49b68504cc494e552bce8e0b82ec8b501d5abe (patch) | |
tree | 24870549aee659def396116715f8d10c1ea71de3 /providers/implementations/ciphers | |
parent | 0a8a6afdfb71e42962921980b51942cea8632697 (diff) |
Crypto: Add deprecation compatibility declarations for SHA* message digest functions
Also add hints to SHA256_Init.pod and CHANGES.md how to replace SHA256() etc.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14741)
Diffstat (limited to 'providers/implementations/ciphers')
-rw-r--r-- | providers/implementations/ciphers/cipher_tdes_wrap.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/providers/implementations/ciphers/cipher_tdes_wrap.c b/providers/implementations/ciphers/cipher_tdes_wrap.c index be109129bd..4bfd17f515 100644 --- a/providers/implementations/ciphers/cipher_tdes_wrap.c +++ b/providers/implementations/ciphers/cipher_tdes_wrap.c @@ -18,6 +18,7 @@ #include <openssl/proverr.h> #include "cipher_tdes_default.h" #include "crypto/evp.h" +#include "crypto/sha.h" #include "prov/implementations.h" #include "prov/providercommon.h" @@ -64,10 +65,8 @@ static int des_ede3_unwrap(PROV_CIPHER_CTX *ctx, unsigned char *out, /* Decrypt again using new IV */ ctx->hw->cipher(ctx, out, out, inl - 16); ctx->hw->cipher(ctx, icv, icv, 8); - /* Work out SHA1 hash of first portion */ - SHA1(out, inl - 16, sha1tmp); - - if (!CRYPTO_memcmp(sha1tmp, icv, 8)) + if (ossl_sha1(out, inl - 16, sha1tmp) /* Work out hash of first portion */ + && CRYPTO_memcmp(sha1tmp, icv, 8) == 0) rv = inl - 16; OPENSSL_cleanse(icv, 8); OPENSSL_cleanse(sha1tmp, SHA_DIGEST_LENGTH); @@ -93,7 +92,8 @@ static int des_ede3_wrap(PROV_CIPHER_CTX *ctx, unsigned char *out, /* Copy input to output buffer + 8 so we have space for IV */ memmove(out + ivlen, in, inl); /* Work out ICV */ - SHA1(in, inl, sha1tmp); + if (!ossl_sha1(in, inl, sha1tmp)) + return 0; memcpy(out + inl + ivlen, sha1tmp, icvlen); OPENSSL_cleanse(sha1tmp, SHA_DIGEST_LENGTH); /* Generate random IV */ |