BoringSSL: Support new SHA_CTX definition for EAP-SIM PRF

BoringSSL modified the struct sha_state_st (SHA_CTX) definition by
converting h0..h4 with h[5] array. This broke wpa_supplicant/hostapd
build with EAP-SIM enabled. BoringSSL restored the old version for
ANDROID builds, but only the new version is currently defined for
non-Android cases. For now, fix this by having matching selection in
fips_prf_openssl.c based on OPENSSL_IS_BORINGSSL and ANDROID defines.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/src/crypto/fips_prf_openssl.c b/src/crypto/fips_prf_openssl.c
index fb03efcd4ffc2ccd9b936e87183670502c5c6049..9d094b822a66e5529b5c326269ae6312f03a3ab4 100644 (file)
--- a/src/crypto/fips_prf_openssl.c
+++ b/src/crypto/fips_prf_openssl.c
@@ -17,6 +17,19 @@ static void sha1_transform(u32 *state, const u8 data[64])
 {
        SHA_CTX context;
        os_memset(&context, 0, sizeof(context));
+#if defined(OPENSSL_IS_BORINGSSL) && !defined(ANDROID)
+       context.h[0] = state[0];
+       context.h[1] = state[1];
+       context.h[2] = state[2];
+       context.h[3] = state[3];
+       context.h[4] = state[4];
+       SHA1_Transform(&context, data);
+       state[0] = context.h[0];
+       state[1] = context.h[1];
+       state[2] = context.h[2];
+       state[3] = context.h[3];
+       state[4] = context.h[4];
+#else
        context.h0 = state[0];
        context.h1 = state[1];
        context.h2 = state[2];
@@ -28,6 +41,7 @@ static void sha1_transform(u32 *state, const u8 data[64])
        state[2] = context.h2;
        state[3] = context.h3;
        state[4] = context.h4;
+#endif
 }