upstream: perform hashing directly in crypto_hash_sha512() using

libcrypto or libc SHA512 functions rather than calling ssh_digest_memory();
avoids many dependencies on ssh code that complicate standalone use of
ed25519, as we want to do in sk-dummy.so

OpenBSD-Commit-ID: 5a3c37593d3ba7add037b587cec44aaea088496d

diff --git a/hash.c b/hash.c
index 5875d41fafa7eb20228417f666cf4c145b2778de..a35027870b16e6120ab6171e5c92006ead4ff86c 100644 (file)
--- a/hash.c
+++ b/hash.c
@@ -1,6 +1,6 @@
 /* $OpenBSD: hash.c,v 1.4 2017/12/14 21:07:39 naddy Exp $ */
 
-/* $OpenBSD: hash.c,v 1.5 2018/01/13 00:24:09 naddy Exp $ */
+/* $OpenBSD: hash.c,v 1.6 2019/11/29 00:11:21 djm Exp $ */
 /*
  * Public domain. Author: Christian Weisgerber <naddy@openbsd.org>
  * API compatible reimplementation of function from nacl
@@ -10,18 +10,32 @@
 
 #include <stdarg.h>
 
-#include "digest.h"
-#include "log.h"
-#include "ssherr.h"
+#ifdef WITH_OPENSSL
+#include <openssl/evp.h>
 
 int
 crypto_hash_sha512(unsigned char *out, const unsigned char *in,
     unsigned long long inlen)
 {
-       int r;
 
-       if ((r = ssh_digest_memory(SSH_DIGEST_SHA512, in, inlen, out,
-           crypto_hash_sha512_BYTES)) != 0)
-               fatal("%s: %s", __func__, ssh_err(r));
+       if (!EVP_Digest(in, inlen, out, NULL, EVP_sha512(), NULL))
+               return -1;
        return 0;
 }
+
+#else
+#include <sha2.h>
+
+int
+crypto_hash_sha512(unsigned char *out, const unsigned char *in,
+    unsigned long long inlen)
+{
+
+       SHA2_CTX ctx;
+
+       SHA512Init(&ctx);
+       SHA512Update(&ctx, in, inlen);
+       SHA512Final(out, &ctx);
+       return 0;
+}
+#endif /* WITH_OPENSSL */