search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix initialization race in evp-openssl.c
[heimdal.git] / lib / hcrypto / evp-openssl.c
blob88fd40d4d989ba517ef4d780d7b5bd9355af52c7
1 /*
2 * Copyright (c) 2016, Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * - Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * - Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
16 * distribution.
17 *
18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
21 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
22 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
23 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
24 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
25 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
27 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
29 * OF THE POSSIBILITY OF SUCH DAMAGE.
30 */
31
32 /* OpenSSL provider */
33
34 #include "config.h"
35 #include <roken.h>
36 #include <heimbase.h>
37
38 #include <assert.h>
39 #include <evp.h>
40
41 #ifdef HAVE_HCRYPTO_W_OPENSSL
42
43 /*
44 * This is the OpenSSL 1.x backend for hcrypto. It has been tested with
45 * OpenSSL 1.0.1f and OpenSSL 1.1.0-pre3-dev.
46 *
47 * NOTE: In order for this to work with OpenSSL 1.1.x and up, it is
48 * critical to use opaque OpenSSL type accessors everywhere /
49 * never use knowledge of opaque OpenSSL type internals.
50 */
51
52 #include <evp-openssl.h>
53
54 /*
55 * This being an OpenSSL backend for hcrypto... we need to be able to
56 * refer to types and objects (functions) from both, OpenSSL and
57 * hcrypto.
58 *
59 * The hcrypto API is *very* similar to the OpenSSL 1.0.x API, with the
60 * same type and symbol names in many cases, except that the hcrypto
61 * names are prefixed with hc_*. hcrypto has convenience macros that
62 * provide OpenSSL aliases for the hcrypto interfaces, and hcrypto
63 * applications are expected to use the OpenSSL names.
64 *
65 * Since here we must be able to refer to types and objects from both
66 * OpenSSL and from hcrypto, we disable the hcrypto renaming for the
67 * rest of this file. These #undefs could be collected into an
68 * <hcrypto/undef.h> for the purpose of permitting other applications to
69 * use both, hcrypto and OpenSSL in the same source files (provided that
70 * such applications refer to hcrypto types and objects by their proper
71 * hc_-prefixed names).
72 */
73 #include <undef.h>
74
75 /* Now it's safe to include OpenSSL headers */
76 #include <openssl/evp.h>
77
78 #if OPENSSL_VERSION_NUMBER < 0x10100000L
79 #define EVP_MD_CTX_new EVP_MD_CTX_create
80 #define EVP_MD_CTX_free EVP_MD_CTX_destroy
81 #endif
82
83 /* A HEIM_BASE_ONCE argument struct for per-EVP one-time initialization */
84 struct once_init_cipher_ctx {
85 const hc_EVP_CIPHER **hc_memoizep;
86 hc_EVP_CIPHER *hc_memoize;
87 const hc_EVP_CIPHER *fallback;
88 unsigned long flags;
89 int nid;
90 };
91
92 /* Our wrapper for OpenSSL EVP_CIPHER_CTXs */
93 struct ossl_cipher_ctx {
94 EVP_CIPHER_CTX *ossl_cipher_ctx; /* OpenSSL cipher ctx */
95 const EVP_CIPHER *ossl_cipher; /* OpenSSL cipher */
96 int initialized;
97 };
98
99 /*
100 * Our hc_EVP_CIPHER init() method; wraps around OpenSSL
101 * EVP_CipherInit_ex().
102 *
103 * This is very similar to the init() function pointer in an OpenSSL
104 * EVP_CIPHER, but a) we can't access them in 1.1, and b) the method
105 * invocation protocols in hcrypto and OpenSSL are similar but not the
106 * same, thus we must have this wrapper.
107 */
108 static int
109 cipher_ctx_init(hc_EVP_CIPHER_CTX *ctx, const unsigned char *key,
110 const unsigned char *iv, int enc)
111 {
112 struct ossl_cipher_ctx *ossl_ctx = ctx->cipher_data; /* EVP_CIPHER_CTX wrapper */
113 const EVP_CIPHER *c;
114
115 assert(ossl_ctx != NULL);
116 assert(ctx->cipher != NULL);
117 assert(ctx->cipher->app_data != NULL);
118
119 /*
120 * Here be dragons.
121 *
122 * We need to make sure that the OpenSSL EVP_CipherInit_ex() is
123 * called with cipher!=NULL just once per EVP_CIPHER_CTX, otherwise
124 * state in the OpenSSL EVP_CIPHER_CTX will get cleaned up and then
125 * we'll segfault.
126 *
127 * hcrypto applications can re-initialize an (hc_)EVP_CIPHER_CTX as
128 * usual by calling (hc)EVP_CipherInit_ex() with a non-NULL cipher
129 * argument, and that will cause cipher_cleanup() (below) to be
130 * called.
131 */
132 c = ossl_ctx->ossl_cipher = ctx->cipher->app_data; /* OpenSSL's EVP_CIPHER * */
133 if (!ossl_ctx->initialized) {
134 ossl_ctx->ossl_cipher_ctx = EVP_CIPHER_CTX_new();
135 if (ossl_ctx->ossl_cipher_ctx == NULL)
136 return 0;
137 /*
138 * So we always call EVP_CipherInit_ex() with c!=NULL, but other
139 * things NULL...
140 */
141 if (!EVP_CipherInit_ex(ossl_ctx->ossl_cipher_ctx, c, NULL, NULL, NULL, enc))
142 return 0;
143 ossl_ctx->initialized = 1;
144 }
145
146 /* ...and from here on always call EVP_CipherInit_ex() with c=NULL */
147 if ((ctx->cipher->flags & hc_EVP_CIPH_VARIABLE_LENGTH) &&
148 ctx->key_len > 0)
149 EVP_CIPHER_CTX_set_key_length(ossl_ctx->ossl_cipher_ctx, ctx->key_len);
150
151 return EVP_CipherInit_ex(ossl_ctx->ossl_cipher_ctx, NULL, NULL, key, iv, enc);
152 }
153
154 static int
155 cipher_do_cipher(hc_EVP_CIPHER_CTX *ctx, unsigned char *out,
156 const unsigned char *in, unsigned int len)
157 {
158 struct ossl_cipher_ctx *ossl_ctx = ctx->cipher_data;
159
160 assert(ossl_ctx != NULL);
161 return EVP_Cipher(ossl_ctx->ossl_cipher_ctx, out, in, len);
162 }
163
164 static int
165 cipher_cleanup(hc_EVP_CIPHER_CTX *ctx)
166 {
167 struct ossl_cipher_ctx *ossl_ctx = ctx->cipher_data;
168
169 if (ossl_ctx == NULL || !ossl_ctx->initialized)
170 return 1;
171
172 if (ossl_ctx->ossl_cipher_ctx != NULL)
173 EVP_CIPHER_CTX_free(ossl_ctx->ossl_cipher_ctx);
174
175 ossl_ctx->ossl_cipher_ctx = NULL;
176 ossl_ctx->ossl_cipher = NULL;
177 ossl_ctx->initialized = 0;
178 return 1;
179 }
180
181 static int
182 cipher_ctrl(hc_EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
183 {
184 struct ossl_cipher_ctx *ossl_ctx = ctx->cipher_data;
185
186 assert(ossl_ctx != NULL);
187 return EVP_CIPHER_CTX_ctrl(ossl_ctx->ossl_cipher_ctx, type, arg, ptr);
188 }
189
190
191 static void
192 get_EVP_CIPHER_once_cb(void *d)
193 {
194 struct once_init_cipher_ctx *arg = d;
195 const EVP_CIPHER *ossl_evp;
196 hc_EVP_CIPHER *hc_evp;
197
198 hc_evp = arg->hc_memoize;
199
200 /*
201 * We lookup EVP_CIPHER *s by NID so that we don't fail to find a
202 * symbol such as EVP_aes...() when libcrypto changes after build
203 * time (e.g., updates, LD_LIBRARY_PATH/LD_PRELOAD).
204 */
205 ossl_evp = EVP_get_cipherbynid(arg->nid);
206 if (ossl_evp == NULL) {
207 (void) memset(hc_evp, 0, sizeof(*hc_evp));
208 *arg->hc_memoizep = arg->fallback;
209 return;
210 }
211
212 /* Build the hc_EVP_CIPHER */
213 hc_evp->nid = EVP_CIPHER_nid(ossl_evp); /* We would an hcrypto NIDs if we had them */
214 hc_evp->block_size = EVP_CIPHER_block_size(ossl_evp);
215 hc_evp->key_len = EVP_CIPHER_key_length(ossl_evp);
216 hc_evp->iv_len = EVP_CIPHER_iv_length(ossl_evp);
217
218 /*
219 * We force hc_EVP_CipherInit_ex to always call our init() function,
220 * otherwise we don't get a chance to call EVP_CipherInit_ex()
221 * correctly.
222 */
223 hc_evp->flags = hc_EVP_CIPH_ALWAYS_CALL_INIT | arg->flags;
224
225 /* Our cipher context */
226 hc_evp->ctx_size = sizeof(struct ossl_cipher_ctx);
227
228 /* Our wrappers */
229 hc_evp->init = cipher_ctx_init;
230 hc_evp->do_cipher = cipher_do_cipher;
231 hc_evp->cleanup = cipher_cleanup;
232 hc_evp->set_asn1_parameters = NULL;
233 hc_evp->get_asn1_parameters = NULL;
234 hc_evp->ctrl = cipher_ctrl;
235
236 /* Our link to the OpenSSL EVP_CIPHER */
237 hc_evp->app_data = (void *)ossl_evp;
238
239 /* Finally, set the static hc_EVP_CIPHER * to the one we just built */
240 *arg->hc_memoizep = hc_evp;
241 }
242
243 static const hc_EVP_CIPHER *
244 get_EVP_CIPHER(heim_base_once_t *once, hc_EVP_CIPHER *hc_memoize,
245 const hc_EVP_CIPHER **hc_memoizep,
246 const hc_EVP_CIPHER *fallback,
247 unsigned long flags, int nid)
248 {
249 struct once_init_cipher_ctx arg;
250
251 arg.flags = flags;
252 arg.hc_memoizep = hc_memoizep;
253 arg.hc_memoize = hc_memoize;
254 arg.fallback = fallback;
255 arg.nid = nid;
256 heim_base_once_f(once, &arg, get_EVP_CIPHER_once_cb);
257 return *hc_memoizep; /* May be NULL */
258 }
259
260 #define OSSL_CIPHER_ALGORITHM(name, flags) \
261 extern const hc_EVP_CIPHER *hc_EVP_hcrypto_##name(void); \
262 const hc_EVP_CIPHER *hc_EVP_ossl_##name(void) \
263 { \
264 static hc_EVP_CIPHER ossl_##name##_st; \
265 static const hc_EVP_CIPHER *ossl_##name; \
266 static heim_base_once_t once = HEIM_BASE_ONCE_INIT; \
267 return get_EVP_CIPHER(&once, &ossl_##name##_st, &ossl_##name, \
268 hc_EVP_hcrypto_##name(), \
269 flags, NID_##name); \
270 }
271
272 /* As above, but for EVP_MDs */
273
274 struct ossl_md_ctx {
275 EVP_MD_CTX *ossl_md_ctx; /* OpenSSL md ctx */
276 const EVP_MD *ossl_md; /* OpenSSL md */
277 int initialized;
278 };
279
280 static int
281 ossl_md_init(struct ossl_md_ctx *ctx, const EVP_MD *md)
282 {
283 if (ctx->initialized)
284 EVP_MD_CTX_free(ctx->ossl_md_ctx);
285 ctx->initialized = 0;
286
287 ctx->ossl_md = md;
288 ctx->ossl_md_ctx = EVP_MD_CTX_new();
289 if (!EVP_DigestInit(ctx->ossl_md_ctx, md)) {
290 EVP_MD_CTX_free(ctx->ossl_md_ctx);
291 ctx->ossl_md_ctx = NULL;
292 ctx->ossl_md = NULL;
293 return 0;
294 }
295 ctx->initialized = 1;
296 return 1;
297 }
298
299 static int
300 ossl_md_update(hc_EVP_MD_CTX *d, const void *data, size_t count)
301 {
302 struct ossl_md_ctx *ctx = (void *)d;
303
304 return EVP_DigestUpdate(ctx->ossl_md_ctx, data, count);
305 }
306
307 static int
308 ossl_md_final(void *md_data, hc_EVP_MD_CTX *d)
309 {
310 struct ossl_md_ctx *ctx = (void *)d;
311
312 return EVP_DigestFinal(ctx->ossl_md_ctx, md_data, NULL);
313 }
314
315 static int
316 ossl_md_cleanup(hc_EVP_MD_CTX *d)
317 {
318 struct ossl_md_ctx *ctx = (void *)d;
319
320 if (!ctx->initialized)
321 return 1;
322 EVP_MD_CTX_free(ctx->ossl_md_ctx);
323 ctx->ossl_md = NULL;
324 ctx->initialized = 0;
325
326 return 1;
327 }
328
329 struct once_init_md_ctx {
330 const EVP_MD **ossl_memoizep;
331 const hc_EVP_MD **hc_memoizep;
332 hc_EVP_MD *hc_memoize;
333 const hc_EVP_MD *fallback;
334 hc_evp_md_init md_init;
335 int nid;
336 };
337
338 static void
339 get_EVP_MD_once_cb(void *d)
340 {
341 struct once_init_md_ctx *arg = d;
342 const EVP_MD *ossl_evp;
343 hc_EVP_MD *hc_evp;
344
345 hc_evp = arg->hc_memoize;
346 *arg->ossl_memoizep = ossl_evp = EVP_get_digestbynid(arg->nid);
347
348 if (ossl_evp == NULL) {
349 (void) memset(hc_evp, 0, sizeof(*hc_evp));
350 *arg->hc_memoizep = arg->fallback;
351 return;
352 }
353
354 /* Build the hc_EVP_MD */
355 hc_evp->ctx_size = sizeof(struct ossl_md_ctx);
356 hc_evp->init = arg->md_init;
357 hc_evp->update = ossl_md_update;
358 hc_evp->final = ossl_md_final;
359 hc_evp->cleanup = ossl_md_cleanup;
360
361 *arg->hc_memoizep = hc_evp;
362 }
363
364 static const hc_EVP_MD *
365 get_EVP_MD(heim_base_once_t *once, hc_EVP_MD *hc_memoize,
366 const hc_EVP_MD **hc_memoizep, const EVP_MD **ossl_memoizep,
367 const hc_EVP_MD *fallback,
368 hc_evp_md_init md_init, int nid)
369 {
370 struct once_init_md_ctx ctx;
371
372 ctx.ossl_memoizep = ossl_memoizep;
373 ctx.hc_memoizep = hc_memoizep;
374 ctx.hc_memoize = hc_memoize;
375 ctx.fallback = fallback;
376 ctx.md_init = md_init;
377 ctx.nid = nid;
378 heim_base_once_f(once, &ctx, get_EVP_MD_once_cb);
379 return *hc_memoizep; /* May be NULL */
380 }
381
382 #define OSSL_MD_ALGORITHM(name) \
383 extern const hc_EVP_MD *hc_EVP_hcrypto_##name(void); \
384 static const EVP_MD *ossl_EVP_##name; \
385 static const hc_EVP_MD *ossl_##name; \
386 static int ossl_init_##name(hc_EVP_MD_CTX *d) \
387 { \
388 return ossl_md_init((void *)d, ossl_EVP_##name); \
389 } \
390 const hc_EVP_MD *hc_EVP_ossl_##name(void) \
391 { \
392 static hc_EVP_MD ossl_##name##_st; \
393 static heim_base_once_t once = HEIM_BASE_ONCE_INIT; \
394 return get_EVP_MD(&once, &ossl_##name##_st, &ossl_##name, \
395 &ossl_EVP_##name, hc_EVP_hcrypto_##name(), \
396 ossl_init_##name, NID_##name); \
397 }
398
399 #else /* HAVE_HCRYPTO_W_OPENSSL */
400
401 #define OSSL_CIPHER_ALGORITHM(name, flags) \
402 const hc_EVP_CIPHER *hc_EVP_ossl_##name(void) \
403 { \
404 return hc_EVP_hcrypto_##name(); \
405 }
406
407 #define OSSL_MD_ALGORITHM(name) \
408 const hc_EVP_MD *hc_EVP_ossl_##name(void) \
409 { \
410 return hc_EVP_hcrypto_##name(); \
411 }
412
413 #endif /* HAVE_HCRYPTO_W_OPENSSL */
414
415 /**
416 * The triple DES cipher type (OpenSSL provider)
417 *
418 * @return the DES-EDE3-CBC EVP_CIPHER pointer.
419 *
420 * @ingroup hcrypto_evp
421 */
422 OSSL_CIPHER_ALGORITHM(des_ede3_cbc, hc_EVP_CIPH_CBC_MODE)
423
424 /**
425 * The DES cipher type (OpenSSL provider)
426 *
427 * @return the DES-CBC EVP_CIPHER pointer.
428 *
429 * @ingroup hcrypto_evp
430 */
431 OSSL_CIPHER_ALGORITHM(des_cbc, hc_EVP_CIPH_CBC_MODE)
432
433 /**
434 * The AES-128 cipher type (OpenSSL provider)
435 *
436 * @return the AES-128-CBC EVP_CIPHER pointer.
437 *
438 * @ingroup hcrypto_evp
439 */
440 OSSL_CIPHER_ALGORITHM(aes_128_cbc, hc_EVP_CIPH_CBC_MODE)
441
442 /**
443 * The AES-192 cipher type (OpenSSL provider)
444 *
445 * @return the AES-192-CBC EVP_CIPHER pointer.
446 *
447 * @ingroup hcrypto_evp
448 */
449 OSSL_CIPHER_ALGORITHM(aes_192_cbc, hc_EVP_CIPH_CBC_MODE)
450
451 /**
452 * The AES-256 cipher type (OpenSSL provider)
453 *
454 * @return the AES-256-CBC EVP_CIPHER pointer.
455 *
456 * @ingroup hcrypto_evp
457 */
458 OSSL_CIPHER_ALGORITHM(aes_256_cbc, hc_EVP_CIPH_CBC_MODE)
459
460 /**
461 * The AES-128 CFB8 cipher type (OpenSSL provider)
462 *
463 * @return the AES-128-CFB8 EVP_CIPHER pointer.
464 *
465 * @ingroup hcrypto_evp
466 */
467 OSSL_CIPHER_ALGORITHM(aes_128_cfb8, hc_EVP_CIPH_CFB8_MODE)
468
469 /**
470 * The AES-192 CFB8 cipher type (OpenSSL provider)
471 *
472 * @return the AES-192-CFB8 EVP_CIPHER pointer.
473 *
474 * @ingroup hcrypto_evp
475 */
476 OSSL_CIPHER_ALGORITHM(aes_192_cfb8, hc_EVP_CIPH_CFB8_MODE)
477
478 /**
479 * The AES-256 CFB8 cipher type (OpenSSL provider)
480 *
481 * @return the AES-256-CFB8 EVP_CIPHER pointer.
482 *
483 * @ingroup hcrypto_evp
484 */
485 OSSL_CIPHER_ALGORITHM(aes_256_cfb8, hc_EVP_CIPH_CFB8_MODE)
486
487 /*
488 * RC2 is only needed for tests of PKCS#12 support, which currently uses
489 * the RC2 PBE. So no RC2 -> tests fail.
490 */
491
492 /**
493 * The RC2 cipher type - OpenSSL
494 *
495 * @return the RC2 EVP_CIPHER pointer.
496 *
497 * @ingroup hcrypto_evp
498 */
499 OSSL_CIPHER_ALGORITHM(rc2_cbc,
500 hc_EVP_CIPH_CBC_MODE |
501 hc_EVP_CIPH_VARIABLE_LENGTH)
502
503 /**
504 * The RC2-40 cipher type - OpenSSL
505 *
506 * @return the RC2-40 EVP_CIPHER pointer.
507 *
508 * @ingroup hcrypto_evp
509 */
510 OSSL_CIPHER_ALGORITHM(rc2_40_cbc,
511 hc_EVP_CIPH_CBC_MODE)
512
513 /**
514 * The RC2-64 cipher type - OpenSSL
515 *
516 * @return the RC2-64 EVP_CIPHER pointer.
517 *
518 * @ingroup hcrypto_evp
519 */
520 OSSL_CIPHER_ALGORITHM(rc2_64_cbc,
521 hc_EVP_CIPH_CBC_MODE |
522 hc_EVP_CIPH_VARIABLE_LENGTH)
523
524 /**
525 * The Camellia-128 cipher type - OpenSSL
526 *
527 * @return the Camellia-128 EVP_CIPHER pointer.
528 *
529 * @ingroup hcrypto_evp
530 */
531 OSSL_CIPHER_ALGORITHM(camellia_128_cbc, hc_EVP_CIPH_CBC_MODE)
532
533 /**
534 * The Camellia-198 cipher type - OpenSSL
535 *
536 * @return the Camellia-198 EVP_CIPHER pointer.
537 *
538 * @ingroup hcrypto_evp
539 */
540 OSSL_CIPHER_ALGORITHM(camellia_192_cbc, hc_EVP_CIPH_CBC_MODE)
541
542 /**
543 * The Camellia-256 cipher type - OpenSSL
544 *
545 * @return the Camellia-256 EVP_CIPHER pointer.
546 *
547 * @ingroup hcrypto_evp
548 */
549 OSSL_CIPHER_ALGORITHM(camellia_256_cbc, hc_EVP_CIPH_CBC_MODE)
550
551 /**
552 * The RC4 cipher type (OpenSSL provider)
553 *
554 * @return the RC4 EVP_CIPHER pointer.
555 *
556 * @ingroup hcrypto_evp
557 */
558 OSSL_CIPHER_ALGORITHM(rc4,
559 hc_EVP_CIPH_STREAM_CIPHER |
560 hc_EVP_CIPH_VARIABLE_LENGTH)
561
562 /**
563 * The RC4-40 cipher type (OpenSSL provider)
564 *
565 * @return the RC4 EVP_CIPHER pointer.
566 *
567 * @ingroup hcrypto_evp
568 */
569 OSSL_CIPHER_ALGORITHM(rc4_40,
570 hc_EVP_CIPH_STREAM_CIPHER |
571 hc_EVP_CIPH_VARIABLE_LENGTH)
572
573 /**
574 * The MD2 hash algorithm (OpenSSL provider)
575 *
576 * @return the MD2 EVP_MD pointer.
577 *
578 * @ingroup hcrypto_evp
579 */
580 OSSL_MD_ALGORITHM(md2)
581
582 /**
583 * The MD4 hash algorithm (OpenSSL provider)
584 *
585 * @return the MD4 EVP_MD pointer.
586 *
587 * @ingroup hcrypto_evp
588 */
589 OSSL_MD_ALGORITHM(md4)
590
591 /**
592 * The MD5 hash algorithm (OpenSSL provider)
593 *
594 * @return the MD5 EVP_MD pointer.
595 *
596 * @ingroup hcrypto_evp
597 */
598 OSSL_MD_ALGORITHM(md5)
599
600 /**
601 * The SHA-1 hash algorithm (OpenSSL provider)
602 *
603 * @return the SHA-1 EVP_MD pointer.
604 *
605 * @ingroup hcrypto_evp
606 */
607 OSSL_MD_ALGORITHM(sha1)
608
609 /**
610 * The SHA-256 hash algorithm (OpenSSL provider)
611 *
612 * @return the SHA-256 EVP_MD pointer.
613 *
614 * @ingroup hcrypto_evp
615 */
616 OSSL_MD_ALGORITHM(sha256)
617
618 /**
619 * The SHA-384 hash algorithm (OpenSSL provider)
620 *
621 * @return the SHA-384 EVP_MD pointer.
622 *
623 * @ingroup hcrypto_evp
624 */
625 OSSL_MD_ALGORITHM(sha384)
626
627 /**
628 * The SHA-512 hash algorithm (OpenSSL provider)
629 *
630 * @return the SHA-512 EVP_MD pointer.
631 *
632 * @ingroup hcrypto_evp
633 */
634 OSSL_MD_ALGORITHM(sha512)
Heimdal