From: Tobias Brunner Date: Tue, 10 Mar 2020 10:22:12 +0000 (+0100) Subject: openssl: Add support for SHA-3 X-Git-Tag: 5.8.3rc1~3 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=112de13f1f6aad799260f71494ad2dac01afd378;p=thirdparty%2Fstrongswan.git openssl: Add support for SHA-3 --- diff --git a/src/libstrongswan/plugins/openssl/openssl_hasher.c b/src/libstrongswan/plugins/openssl/openssl_hasher.c index eb6c505082..fcdca28e15 100644 --- a/src/libstrongswan/plugins/openssl/openssl_hasher.c +++ b/src/libstrongswan/plugins/openssl/openssl_hasher.c @@ -93,14 +93,19 @@ METHOD(hasher_t, destroy, void, */ const EVP_MD *openssl_get_md(hash_algorithm_t hash) { + const EVP_MD *md; char *name; - name = enum_to_name(hash_algorithm_short_names, hash); + name = strdupnull(enum_to_name(hash_algorithm_short_names, hash)); if (!name) { return NULL; } - return EVP_get_digestbyname(name); + /* for SHA3, we use underscores, while OpenSSL uses dashes */ + translate(name, "_", "-"); + md = EVP_get_digestbyname(name); + free(name); + return md; } /* diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c index 71369e9b10..73e3245d92 100644 --- a/src/libstrongswan/plugins/openssl/openssl_plugin.c +++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c @@ -546,6 +546,14 @@ METHOD(plugin_t, get_features, int, PLUGIN_PROVIDE(HASHER, HASH_SHA384), PLUGIN_PROVIDE(HASHER, HASH_SHA512), #endif +/* SHA3 was added with OpenSSL 1.1.1, it doesn't seem to be possible to + * disable it, defining the checked var prevents registration, though */ +#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(OPENSSL_NO_SHA3) + PLUGIN_PROVIDE(HASHER, HASH_SHA3_224), + PLUGIN_PROVIDE(HASHER, HASH_SHA3_256), + PLUGIN_PROVIDE(HASHER, HASH_SHA3_384), + PLUGIN_PROVIDE(HASHER, HASH_SHA3_512), +#endif #ifndef OPENSSL_NO_SHA1 /* keyed sha1 hasher (aka prf) */ PLUGIN_REGISTER(PRF, openssl_sha1_prf_create),