* NIST uses, or that are used for ASN.1 OBJECT IDENTIFIERs, or names
* we have used historically.
*/
-static const OSSL_ALGORITHM fips_digests[] = {
- /* Our primary name:NiST name[:our older names] */
- { PROV_NAMES_SHA1, FIPS_DEFAULT_PROPERTIES, ossl_sha1_functions },
- { PROV_NAMES_SHA2_224, FIPS_DEFAULT_PROPERTIES, ossl_sha224_functions },
- { PROV_NAMES_SHA2_256, FIPS_DEFAULT_PROPERTIES, ossl_sha256_functions },
- { PROV_NAMES_SHA2_384, FIPS_DEFAULT_PROPERTIES, ossl_sha384_functions },
- { PROV_NAMES_SHA2_512, FIPS_DEFAULT_PROPERTIES, ossl_sha512_functions },
- { PROV_NAMES_SHA2_512_224, FIPS_DEFAULT_PROPERTIES,
- ossl_sha512_224_functions },
- { PROV_NAMES_SHA2_512_256, FIPS_DEFAULT_PROPERTIES,
- ossl_sha512_256_functions },
-
- /* We agree with NIST here, so one name only */
- { PROV_NAMES_SHA3_224, FIPS_DEFAULT_PROPERTIES, ossl_sha3_224_functions },
- { PROV_NAMES_SHA3_256, FIPS_DEFAULT_PROPERTIES, ossl_sha3_256_functions },
- { PROV_NAMES_SHA3_384, FIPS_DEFAULT_PROPERTIES, ossl_sha3_384_functions },
- { PROV_NAMES_SHA3_512, FIPS_DEFAULT_PROPERTIES, ossl_sha3_512_functions },
-
- { PROV_NAMES_SHAKE_128, FIPS_DEFAULT_PROPERTIES, ossl_shake_128_functions },
- { PROV_NAMES_SHAKE_256, FIPS_DEFAULT_PROPERTIES, ossl_shake_256_functions },
+#define FIPS_DIGESTS_COMMON() \
+{ PROV_NAMES_SHA1, FIPS_DEFAULT_PROPERTIES, ossl_sha1_functions }, \
+{ PROV_NAMES_SHA2_224, FIPS_DEFAULT_PROPERTIES, ossl_sha224_functions }, \
+{ PROV_NAMES_SHA2_256, FIPS_DEFAULT_PROPERTIES, ossl_sha256_functions }, \
+{ PROV_NAMES_SHA2_384, FIPS_DEFAULT_PROPERTIES, ossl_sha384_functions }, \
+{ PROV_NAMES_SHA2_512, FIPS_DEFAULT_PROPERTIES, ossl_sha512_functions }, \
+{ PROV_NAMES_SHA2_512_224, FIPS_DEFAULT_PROPERTIES, \
+ ossl_sha512_224_functions }, \
+{ PROV_NAMES_SHA2_512_256, FIPS_DEFAULT_PROPERTIES, \
+ ossl_sha512_256_functions }, \
+{ PROV_NAMES_SHA3_224, FIPS_DEFAULT_PROPERTIES, ossl_sha3_224_functions }, \
+{ PROV_NAMES_SHA3_256, FIPS_DEFAULT_PROPERTIES, ossl_sha3_256_functions }, \
+{ PROV_NAMES_SHA3_384, FIPS_DEFAULT_PROPERTIES, ossl_sha3_384_functions }, \
+{ PROV_NAMES_SHA3_512, FIPS_DEFAULT_PROPERTIES, ossl_sha3_512_functions }, \
+{ PROV_NAMES_SHAKE_128, FIPS_DEFAULT_PROPERTIES, ossl_shake_128_functions }, \
+{ PROV_NAMES_SHAKE_256, FIPS_DEFAULT_PROPERTIES, ossl_shake_256_functions }
+
+static const OSSL_ALGORITHM fips_digests[] = {
+ FIPS_DIGESTS_COMMON(),
+ { NULL, NULL, NULL }
+};
+static const OSSL_ALGORITHM fips_digests_internal[] = {
+ FIPS_DIGESTS_COMMON(),
+ /* Used by LMS/HSS */
+ { PROV_NAMES_SHA2_256_192, FIPS_DEFAULT_PROPERTIES,
+ ossl_sha256_192_functions },
/*
* KECCAK-KMAC-128 and KECCAK-KMAC-256 as hashes are mostly useful for
* KMAC128 and KMAC256.
static const OSSL_ALGORITHM *fips_query_internal(void *provctx, int operation_id,
int *no_cache)
{
- if (operation_id == OSSL_OP_MAC) {
+ int is_digest_op = (operation_id == OSSL_OP_DIGEST);
+
+ if (is_digest_op
+ || operation_id == OSSL_OP_MAC) {
*no_cache = 0;
if (!ossl_prov_is_running())
return NULL;
- return fips_macs_internal;
+ return is_digest_op ? fips_digests_internal : fips_macs_internal;
}
return fips_query(provctx, operation_id, no_cache);
}
/*
- * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
IMPLEMENT_digest_functions(sha256, SHA256_CTX,
SHA256_CBLOCK, SHA256_DIGEST_LENGTH, SHA2_FLAGS,
SHA256_Init, SHA256_Update, SHA256_Final)
-#ifndef FIPS_MODULE
/* ossl_sha256_192_functions */
IMPLEMENT_digest_functions(sha256_192, SHA256_CTX,
SHA256_CBLOCK, SHA256_192_DIGEST_LENGTH, SHA2_FLAGS,
ossl_sha256_192_init, SHA256_Update, SHA256_Final)
-#endif
/* ossl_sha384_functions */
IMPLEMENT_digest_functions(sha384, SHA512_CTX,
SHA512_CBLOCK, SHA384_DIGEST_LENGTH, SHA2_FLAGS,
projects / thirdparty / openssl.git / commitdiff
