The direct $HASH_{Init,Update,Final} has been discouraged for a while. With the upcoming OpenSSL 3.0 it will be officially deprecated.
Add a handy macro, to avoid repetition and mistakes like in the current code. Namely - we're using SHA cblock/digest_len for md5 :-\
The macro will also make it easier to add more, as seen with next patch.
v2: Align it with the crypto implementations, namely: - use openssh_hash_ctx::evp, use correct sizeof() - move hash_update out of the macro - remove forward declarations for hash functions
Signed-off-by: Emil Velikov emil.l.velikov@gmail.com --- examples/nettle-openssl.c | 110 +++++++++++++++----------------------- 1 file changed, 44 insertions(+), 66 deletions(-)
diff --git a/examples/nettle-openssl.c b/examples/nettle-openssl.c index bb2e6627..3c487013 100644 --- a/examples/nettle-openssl.c +++ b/examples/nettle-openssl.c @@ -62,6 +62,13 @@ struct openssl_cipher_ctx { EVP_CIPHER_CTX *evp; };
+/* We use Openssl's EVP api for all openssl hashes. This API selects + platform-specific implementations if appropriate, e.g., using x86 + AES-NI instructions. */ +struct openssl_hash_ctx { + EVP_MD_CTX *evp; +}; + void nettle_openssl_init(void) { @@ -383,76 +390,47 @@ nettle_openssl_cast128 = {
/* Hash functions */
-/* md5 */ -static nettle_hash_init_func openssl_md5_init; -static void -openssl_md5_init(void *ctx) -{ - MD5_Init(ctx); -} - -static nettle_hash_update_func openssl_md5_update; -static void -openssl_md5_update(void *ctx, - size_t length, - const uint8_t *src) -{ - MD5_Update(ctx, src, length); -} - -static nettle_hash_digest_func openssl_md5_digest; -static void -openssl_md5_digest(void *ctx, - size_t length, uint8_t *dst) -{ - assert(length == SHA_DIGEST_LENGTH); - MD5_Final(dst, ctx); - MD5_Init(ctx); -} - -const struct nettle_hash -nettle_openssl_md5 = { - "openssl md5", sizeof(SHA_CTX), - SHA_DIGEST_LENGTH, SHA_CBLOCK, - openssl_md5_init, - openssl_md5_update, - openssl_md5_digest -}; - -/* sha1 */ -static nettle_hash_init_func openssl_sha1_init; -static void -openssl_sha1_init(void *ctx) -{ - SHA1_Init(ctx); -} - -static nettle_hash_update_func openssl_sha1_update; static void -openssl_sha1_update(void *ctx, +openssl_hash_update(void *p, size_t length, const uint8_t *src) { - SHA1_Update(ctx, src, length); -} + struct openssl_hash_ctx *ctx = p; + EVP_DigestUpdate(ctx->evp, src, length); +} + +#define OPENSSL_HASH(NAME, name) \ +static void \ +openssl_##name##_init(void *p) \ +{ \ + struct openssl_hash_ctx *ctx = p; \ + if ((ctx->evp = EVP_MD_CTX_new()) == NULL) \ + return; \ + \ + EVP_DigestInit(ctx->evp, EVP_##name()); \ +} \ + \ +static void \ +openssl_##name##_digest(void *p, \ + size_t length, uint8_t *dst) \ +{ \ + struct openssl_hash_ctx *ctx = p; \ + assert(length == NAME##_DIGEST_LENGTH); \ + \ + EVP_DigestFinal(ctx->evp, dst, NULL); \ + EVP_DigestInit(ctx->evp, EVP_##name()); \ +} \ + \ +const struct nettle_hash \ +nettle_openssl_##name = { \ + "openssl " #name, sizeof(struct openssl_hash_ctx), \ + NAME##_DIGEST_LENGTH, NAME##_CBLOCK, \ + openssl_##name##_init, \ + openssl_hash_update, \ + openssl_##name##_digest \ +};
-static nettle_hash_digest_func openssl_sha1_digest; -static void -openssl_sha1_digest(void *ctx, - size_t length, uint8_t *dst) -{ - assert(length == SHA_DIGEST_LENGTH); - SHA1_Final(dst, ctx); - SHA1_Init(ctx); -} +OPENSSL_HASH(MD5, md5) +OPENSSL_HASH(SHA, sha1)
-const struct nettle_hash -nettle_openssl_sha1 = { - "openssl sha1", sizeof(SHA_CTX), - SHA_DIGEST_LENGTH, SHA_CBLOCK, - openssl_sha1_init, - openssl_sha1_update, - openssl_sha1_digest -}; - #endif /* WITH_OPENSSL */
In particular, this commit adds sha256, sha384 and sha512.
Rough numbers from my system:
Algorithm mode Mbyte/s sha1 update 462.05 openssl sha1 update 804.90 sha256 update 222.32 openssl sha256 update 369.49 sha384 update 355.34 openssl sha384 update 536.05 sha512 update 355.90 openssl sha512 update 546.07
Signed-off-by: Emil Velikov emil.l.velikov@gmail.com --- examples/nettle-benchmark.c | 6 ++++-- examples/nettle-openssl.c | 3 +++ nettle-internal.h | 3 +++ 3 files changed, 10 insertions(+), 2 deletions(-)
diff --git a/examples/nettle-benchmark.c b/examples/nettle-benchmark.c index 5d0e649e..b6e550cf 100644 --- a/examples/nettle-benchmark.c +++ b/examples/nettle-benchmark.c @@ -912,8 +912,10 @@ main(int argc, char **argv) &nettle_md2, &nettle_md4, &nettle_md5, OPENSSL(&nettle_openssl_md5) &nettle_sha1, OPENSSL(&nettle_openssl_sha1) - &nettle_sha224, &nettle_sha256, - &nettle_sha384, &nettle_sha512, + &nettle_sha224, + &nettle_sha256, OPENSSL(&nettle_openssl_sha256) + &nettle_sha384, OPENSSL(&nettle_openssl_sha384) + &nettle_sha512, OPENSSL(&nettle_openssl_sha512) &nettle_sha512_224, &nettle_sha512_256, &nettle_sha3_224, &nettle_sha3_256, &nettle_sha3_384, &nettle_sha3_512, diff --git a/examples/nettle-openssl.c b/examples/nettle-openssl.c index 3c487013..517ed724 100644 --- a/examples/nettle-openssl.c +++ b/examples/nettle-openssl.c @@ -432,5 +432,8 @@ nettle_openssl_##name = { \
OPENSSL_HASH(MD5, md5) OPENSSL_HASH(SHA, sha1) +OPENSSL_HASH(SHA256, sha256) +OPENSSL_HASH(SHA512, sha384) // NOTE: SHA512 here is not a typo +OPENSSL_HASH(SHA512, sha512)
#endif /* WITH_OPENSSL */ diff --git a/nettle-internal.h b/nettle-internal.h index dc379f1f..f1a27f49 100644 --- a/nettle-internal.h +++ b/nettle-internal.h @@ -114,6 +114,9 @@ extern const struct nettle_aead nettle_openssl_arcfour128;
extern const struct nettle_hash nettle_openssl_md5; extern const struct nettle_hash nettle_openssl_sha1; +extern const struct nettle_hash nettle_openssl_sha256; +extern const struct nettle_hash nettle_openssl_sha384; +extern const struct nettle_hash nettle_openssl_sha512;
extern const struct nettle_hash * const _nettle_hashes[];
Emil Velikov emil.l.velikov@gmail.com writes:
In particular, this commit adds sha256, sha384 and sha512.
I've pushed the previous part.
--- a/examples/nettle-openssl.c +++ b/examples/nettle-openssl.c @@ -432,5 +432,8 @@ nettle_openssl_##name = { \
OPENSSL_HASH(MD5, md5) OPENSSL_HASH(SHA, sha1) +OPENSSL_HASH(SHA256, sha256) +OPENSSL_HASH(SHA512, sha384) // NOTE: SHA512 here is not a typo
Why doesn't
OPENSSL_HASH(SHA384, sha384)
work? Would it help to replace
NAME##_CBLOCK
which I guess expands to an openssl constant, with
NAME##_BLOCK_SIZE
which should be defined by Nettle? In the definition of the OPENSSL_HASH macro, that is.
Regards, /Niels
Hi all,
Please ignore the "libdrm" in the header. Not sure how it got there.
-Emil
On Mon, 11 May 2020 at 09:46, Emil Velikov emil.l.velikov@gmail.com wrote:
The direct $HASH_{Init,Update,Final} has been discouraged for a while. With the upcoming OpenSSL 3.0 it will be officially deprecated.
Add a handy macro, to avoid repetition and mistakes like in the current code. Namely - we're using SHA cblock/digest_len for md5 :-\
The macro will also make it easier to add more, as seen with next patch.
v2: Align it with the crypto implementations, namely:
- use openssh_hash_ctx::evp, use correct sizeof()
- move hash_update out of the macro
- remove forward declarations for hash functions
Humble poke?
Hope that Niels and the nettle team are OK. It seems strange to have ~2 weeks of silence, when the original patches got immediate feedback.
-Emil
On 22/05/20 11:29 pm, Emil Velikov wrote:
On Mon, 11 May 2020 at 09:46, Emil Velikov wrote:
The direct $HASH_{Init,Update,Final} has been discouraged for a while. With the upcoming OpenSSL 3.0 it will be officially deprecated.
Add a handy macro, to avoid repetition and mistakes like in the current code. Namely - we're using SHA cblock/digest_len for md5 :-\
The macro will also make it easier to add more, as seen with next patch.
v2: Align it with the crypto implementations, namely:
- use openssh_hash_ctx::evp, use correct sizeof()
- move hash_update out of the macro
- remove forward declarations for hash functions
Humble poke?
Hope that Niels and the nettle team are OK. It seems strange to have ~2 weeks of silence, when the original patches got immediate feedback.
Niels takes breaks (at least from list related work) occasionally without notice. Given the recent release focus I suspect a short holiday. Even with the current world situation I'd give it 4-5 weeks before getting worried.
HTH AYJ
On Sat, 23 May 2020 at 00:33, Amos Jeffries squid3@treenet.co.nz wrote:
On 22/05/20 11:29 pm, Emil Velikov wrote:
On Mon, 11 May 2020 at 09:46, Emil Velikov wrote:
The direct $HASH_{Init,Update,Final} has been discouraged for a while. With the upcoming OpenSSL 3.0 it will be officially deprecated.
Add a handy macro, to avoid repetition and mistakes like in the current code. Namely - we're using SHA cblock/digest_len for md5 :-\
The macro will also make it easier to add more, as seen with next patch.
v2: Align it with the crypto implementations, namely:
- use openssh_hash_ctx::evp, use correct sizeof()
- move hash_update out of the macro
- remove forward declarations for hash functions
Humble poke?
Hope that Niels and the nettle team are OK. It seems strange to have ~2 weeks of silence, when the original patches got immediate feedback.
Niels takes breaks (at least from list related work) occasionally without notice. Given the recent release focus I suspect a short holiday. Even with the current world situation I'd give it 4-5 weeks before getting worried.
Thanks Amos. I'll send some patches for CONTRIBUTING.md mentioning this + mandatory ML subscription.
-Emil
Emil Velikov emil.l.velikov@gmail.com writes:
Hope that Niels and the nettle team are OK. It seems strange to have ~2 weeks of silence, when the original patches got immediate feedback.
I'm usually a bit busy and tired during the weeks, and it's not all weekends when I get any hacking time either. And then my attention can appear a bit bipolar.
It's perfectly fine to ping me, on or off list.
Regards, /Niels
nettle-bugs@lists.lysator.liu.se
-
Amos Jeffries -
Emil Velikov -
nisse@lysator.liu.se