1 /* $NetBSD: evp-openssl.c,v 1.2 2017/01/28 21:31:47 christos Exp $ */ 2 3 /* 4 * Copyright (c) 2016, Kungliga Tekniska Högskolan 5 * (Royal Institute of Technology, Stockholm, Sweden). 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * - Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * - Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in 17 * the documentation and/or other materials provided with the 18 * distribution. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 24 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, 25 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 26 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 27 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 29 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 30 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 31 * OF THE POSSIBILITY OF SUCH DAMAGE. 32 */ 33 34 /* OpenSSL provider */ 35 36 #include "config.h" 37 #include <krb5/roken.h> 38 #include <krb5/heimbase.h> 39 40 #include <assert.h> 41 #include <evp.h> 42 43 #ifdef HAVE_HCRYPTO_W_OPENSSL 44 45 /* 46 * This is the OpenSSL 1.x backend for hcrypto. It has been tested with 47 * OpenSSL 1.0.1f and OpenSSL 1.1.0-pre3-dev. 48 * 49 * NOTE: In order for this to work with OpenSSL 1.1.x and up, it is 50 * critical to use opaque OpenSSL type accessors everywhere / 51 * never use knowledge of opaque OpenSSL type internals. 52 */ 53 54 #include <evp-openssl.h> 55 56 /* 57 * This being an OpenSSL backend for hcrypto... we need to be able to 58 * refer to types and objects (functions) from both, OpenSSL and 59 * hcrypto. 60 * 61 * The hcrypto API is *very* similar to the OpenSSL 1.0.x API, with the 62 * same type and symbol names in many cases, except that the hcrypto 63 * names are prefixed with hc_*. hcrypto has convenience macros that 64 * provide OpenSSL aliases for the hcrypto interfaces, and hcrypto 65 * applications are expected to use the OpenSSL names. 66 * 67 * Since here we must be able to refer to types and objects from both 68 * OpenSSL and from hcrypto, we disable the hcrypto renaming for the 69 * rest of this file. These #undefs could be collected into an 70 * <hcrypto/undef.h> for the purpose of permitting other applications to 71 * use both, hcrypto and OpenSSL in the same source files (provided that 72 * such applications refer to hcrypto types and objects by their proper 73 * hc_-prefixed names). 74 */ 75 #include <undef.h> 76 77 /* Now it's safe to include OpenSSL headers */ 78 #include <openssl/evp.h> 79 80 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) 81 #define EVP_MD_CTX_new EVP_MD_CTX_create 82 #define EVP_MD_CTX_free EVP_MD_CTX_destroy 83 #endif 84 85 /* A HEIM_BASE_ONCE argument struct for per-EVP one-time initialization */ 86 struct once_init_cipher_ctx { 87 const hc_EVP_CIPHER **hc_memoizep; 88 hc_EVP_CIPHER *hc_memoize; 89 const hc_EVP_CIPHER *fallback; 90 unsigned long flags; 91 int nid; 92 }; 93 94 /* Our wrapper for OpenSSL EVP_CIPHER_CTXs */ 95 struct ossl_cipher_ctx { 96 EVP_CIPHER_CTX *ossl_cipher_ctx; /* OpenSSL cipher ctx */ 97 const EVP_CIPHER *ossl_cipher; /* OpenSSL cipher */ 98 int initialized; 99 }; 100 101 /* 102 * Our hc_EVP_CIPHER init() method; wraps around OpenSSL 103 * EVP_CipherInit_ex(). 104 * 105 * This is very similar to the init() function pointer in an OpenSSL 106 * EVP_CIPHER, but a) we can't access them in 1.1, and b) the method 107 * invocation protocols in hcrypto and OpenSSL are similar but not the 108 * same, thus we must have this wrapper. 109 */ 110 static int 111 cipher_ctx_init(hc_EVP_CIPHER_CTX *ctx, const unsigned char *key, 112 const unsigned char *iv, int enc) 113 { 114 struct ossl_cipher_ctx *ossl_ctx = ctx->cipher_data; /* EVP_CIPHER_CTX wrapper */ 115 const EVP_CIPHER *c; 116 117 assert(ossl_ctx != NULL); 118 assert(ctx->cipher != NULL); 119 assert(ctx->cipher->app_data != NULL); 120 121 /* 122 * Here be dragons. 123 * 124 * We need to make sure that the OpenSSL EVP_CipherInit_ex() is 125 * called with cipher!=NULL just once per EVP_CIPHER_CTX, otherwise 126 * state in the OpenSSL EVP_CIPHER_CTX will get cleaned up and then 127 * we'll segfault. 128 * 129 * hcrypto applications can re-initialize an (hc_)EVP_CIPHER_CTX as 130 * usual by calling (hc)EVP_CipherInit_ex() with a non-NULL cipher 131 * argument, and that will cause cipher_cleanup() (below) to be 132 * called. 133 */ 134 c = ossl_ctx->ossl_cipher = ctx->cipher->app_data; /* OpenSSL's EVP_CIPHER * */ 135 if (!ossl_ctx->initialized) { 136 ossl_ctx->ossl_cipher_ctx = EVP_CIPHER_CTX_new(); 137 if (ossl_ctx->ossl_cipher_ctx == NULL) 138 return 0; 139 /* 140 * So we always call EVP_CipherInit_ex() with c!=NULL, but other 141 * things NULL... 142 */ 143 if (!EVP_CipherInit_ex(ossl_ctx->ossl_cipher_ctx, c, NULL, NULL, NULL, enc)) 144 return 0; 145 ossl_ctx->initialized = 1; 146 } 147 148 /* ...and from here on always call EVP_CipherInit_ex() with c=NULL */ 149 if ((ctx->cipher->flags & hc_EVP_CIPH_VARIABLE_LENGTH) && 150 ctx->key_len > 0) 151 EVP_CIPHER_CTX_set_key_length(ossl_ctx->ossl_cipher_ctx, ctx->key_len); 152 153 return EVP_CipherInit_ex(ossl_ctx->ossl_cipher_ctx, NULL, NULL, key, iv, enc); 154 } 155 156 static int 157 cipher_do_cipher(hc_EVP_CIPHER_CTX *ctx, unsigned char *out, 158 const unsigned char *in, unsigned int len) 159 { 160 struct ossl_cipher_ctx *ossl_ctx = ctx->cipher_data; 161 162 assert(ossl_ctx != NULL); 163 return EVP_Cipher(ossl_ctx->ossl_cipher_ctx, out, in, len); 164 } 165 166 static int 167 cipher_cleanup(hc_EVP_CIPHER_CTX *ctx) 168 { 169 struct ossl_cipher_ctx *ossl_ctx = ctx->cipher_data; 170 171 if (ossl_ctx == NULL || !ossl_ctx->initialized) 172 return 1; 173 174 if (ossl_ctx->ossl_cipher_ctx != NULL) 175 EVP_CIPHER_CTX_free(ossl_ctx->ossl_cipher_ctx); 176 177 ossl_ctx->ossl_cipher_ctx = NULL; 178 ossl_ctx->ossl_cipher = NULL; 179 ossl_ctx->initialized = 0; 180 return 1; 181 } 182 183 static int 184 cipher_ctrl(hc_EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) 185 { 186 struct ossl_cipher_ctx *ossl_ctx = ctx->cipher_data; 187 188 assert(ossl_ctx != NULL); 189 return EVP_CIPHER_CTX_ctrl(ossl_ctx->ossl_cipher_ctx, type, arg, ptr); 190 } 191 192 193 static void 194 get_EVP_CIPHER_once_cb(void *d) 195 { 196 struct once_init_cipher_ctx *arg = d; 197 const EVP_CIPHER *ossl_evp; 198 hc_EVP_CIPHER *hc_evp; 199 200 hc_evp = arg->hc_memoize; 201 202 /* 203 * We lookup EVP_CIPHER *s by NID so that we don't fail to find a 204 * symbol such as EVP_aes...() when libcrypto changes after build 205 * time (e.g., updates, LD_LIBRARY_PATH/LD_PRELOAD). 206 */ 207 ossl_evp = EVP_get_cipherbynid(arg->nid); 208 if (ossl_evp == NULL) { 209 (void) memset(hc_evp, 0, sizeof(*hc_evp)); 210 #if HCRYPTO_FALLBACK 211 *arg->hc_memoizep = arg->fallback; 212 #endif 213 return; 214 } 215 216 /* Build the hc_EVP_CIPHER */ 217 hc_evp->nid = EVP_CIPHER_nid(ossl_evp); /* We would an hcrypto NIDs if we had them */ 218 hc_evp->block_size = EVP_CIPHER_block_size(ossl_evp); 219 hc_evp->key_len = EVP_CIPHER_key_length(ossl_evp); 220 hc_evp->iv_len = EVP_CIPHER_iv_length(ossl_evp); 221 222 /* 223 * We force hc_EVP_CipherInit_ex to always call our init() function, 224 * otherwise we don't get a chance to call EVP_CipherInit_ex() 225 * correctly. 226 */ 227 hc_evp->flags = hc_EVP_CIPH_ALWAYS_CALL_INIT | arg->flags; 228 229 /* Our cipher context */ 230 hc_evp->ctx_size = sizeof(struct ossl_cipher_ctx); 231 232 /* Our wrappers */ 233 hc_evp->init = cipher_ctx_init; 234 hc_evp->do_cipher = cipher_do_cipher; 235 hc_evp->cleanup = cipher_cleanup; 236 hc_evp->set_asn1_parameters = NULL; 237 hc_evp->get_asn1_parameters = NULL; 238 hc_evp->ctrl = cipher_ctrl; 239 240 /* Our link to the OpenSSL EVP_CIPHER */ 241 hc_evp->app_data = (void *)ossl_evp; 242 243 /* Finally, set the static hc_EVP_CIPHER * to the one we just built */ 244 *arg->hc_memoizep = hc_evp; 245 } 246 247 static const hc_EVP_CIPHER * 248 get_EVP_CIPHER(heim_base_once_t *once, hc_EVP_CIPHER *hc_memoize, 249 const hc_EVP_CIPHER **hc_memoizep, 250 const hc_EVP_CIPHER *fallback, 251 unsigned long flags, int nid) 252 { 253 struct once_init_cipher_ctx arg; 254 255 arg.flags = flags; 256 arg.hc_memoizep = hc_memoizep; 257 arg.hc_memoize = hc_memoize; 258 arg.fallback = fallback; 259 arg.nid = nid; 260 heim_base_once_f(once, &arg, get_EVP_CIPHER_once_cb); 261 return *hc_memoizep; /* May be NULL */ 262 } 263 264 #define OSSL_CIPHER_ALGORITHM(name, flags) \ 265 extern const hc_EVP_CIPHER *hc_EVP_hcrypto_##name(void); \ 266 const hc_EVP_CIPHER *hc_EVP_ossl_##name(void) \ 267 { \ 268 static hc_EVP_CIPHER ossl_##name##_st; \ 269 static const hc_EVP_CIPHER *ossl_##name; \ 270 static heim_base_once_t once = HEIM_BASE_ONCE_INIT; \ 271 return get_EVP_CIPHER(&once, &ossl_##name##_st, &ossl_##name, \ 272 hc_EVP_hcrypto_##name(), \ 273 flags, NID_##name); \ 274 } 275 276 /* As above, but for EVP_MDs */ 277 278 struct ossl_md_ctx { 279 EVP_MD_CTX *ossl_md_ctx; /* OpenSSL md ctx */ 280 const EVP_MD *ossl_md; /* OpenSSL md */ 281 int initialized; 282 }; 283 284 static int 285 ossl_md_init(struct ossl_md_ctx *ctx, const EVP_MD *md) 286 { 287 if (ctx->initialized) 288 EVP_MD_CTX_free(ctx->ossl_md_ctx); 289 ctx->initialized = 0; 290 291 ctx->ossl_md = md; 292 ctx->ossl_md_ctx = EVP_MD_CTX_new(); 293 if (!EVP_DigestInit(ctx->ossl_md_ctx, md)) { 294 EVP_MD_CTX_free(ctx->ossl_md_ctx); 295 ctx->ossl_md_ctx = NULL; 296 ctx->ossl_md = NULL; 297 return 0; 298 } 299 ctx->initialized = 1; 300 return 1; 301 } 302 303 static int 304 ossl_md_update(hc_EVP_MD_CTX *d, const void *data, size_t count) 305 { 306 struct ossl_md_ctx *ctx = (void *)d; 307 308 return EVP_DigestUpdate(ctx->ossl_md_ctx, data, count); 309 } 310 311 static int 312 ossl_md_final(void *md_data, hc_EVP_MD_CTX *d) 313 { 314 struct ossl_md_ctx *ctx = (void *)d; 315 316 return EVP_DigestFinal(ctx->ossl_md_ctx, md_data, NULL); 317 } 318 319 static int 320 ossl_md_cleanup(hc_EVP_MD_CTX *d) 321 { 322 struct ossl_md_ctx *ctx = (void *)d; 323 324 if (!ctx->initialized) 325 return 1; 326 EVP_MD_CTX_free(ctx->ossl_md_ctx); 327 ctx->ossl_md = NULL; 328 ctx->initialized = 0; 329 330 return 1; 331 } 332 333 struct once_init_md_ctx { 334 const EVP_MD **ossl_memoizep; 335 const hc_EVP_MD **hc_memoizep; 336 hc_EVP_MD *hc_memoize; 337 const hc_EVP_MD *fallback; 338 hc_evp_md_init md_init; 339 int nid; 340 }; 341 342 static void 343 get_EVP_MD_once_cb(void *d) 344 { 345 struct once_init_md_ctx *arg = d; 346 const EVP_MD *ossl_evp; 347 hc_EVP_MD *hc_evp; 348 349 hc_evp = arg->hc_memoize; 350 *arg->ossl_memoizep = ossl_evp = EVP_get_digestbynid(arg->nid); 351 352 if (ossl_evp == NULL) { 353 (void) memset(hc_evp, 0, sizeof(*hc_evp)); 354 #if HCRYPTO_FALLBACK 355 *arg->hc_memoizep = arg->fallback; 356 #endif 357 return; 358 } 359 360 /* Build the hc_EVP_MD */ 361 hc_evp->block_size = EVP_MD_block_size(ossl_evp); 362 hc_evp->hash_size = EVP_MD_size(ossl_evp); 363 hc_evp->ctx_size = sizeof(struct ossl_md_ctx); 364 hc_evp->init = arg->md_init; 365 hc_evp->update = ossl_md_update; 366 hc_evp->final = ossl_md_final; 367 hc_evp->cleanup = ossl_md_cleanup; 368 369 *arg->hc_memoizep = hc_evp; 370 } 371 372 static const hc_EVP_MD * 373 get_EVP_MD(heim_base_once_t *once, hc_EVP_MD *hc_memoize, 374 const hc_EVP_MD **hc_memoizep, const EVP_MD **ossl_memoizep, 375 const hc_EVP_MD *fallback, 376 hc_evp_md_init md_init, int nid) 377 { 378 struct once_init_md_ctx ctx; 379 380 ctx.ossl_memoizep = ossl_memoizep; 381 ctx.hc_memoizep = hc_memoizep; 382 ctx.hc_memoize = hc_memoize; 383 ctx.fallback = fallback; 384 ctx.md_init = md_init; 385 ctx.nid = nid; 386 heim_base_once_f(once, &ctx, get_EVP_MD_once_cb); 387 return *hc_memoizep; /* May be NULL */ 388 } 389 390 #define OSSL_MD_ALGORITHM(name) \ 391 extern const hc_EVP_MD *hc_EVP_hcrypto_##name(void); \ 392 static const EVP_MD *ossl_EVP_##name; \ 393 static const hc_EVP_MD *ossl_##name; \ 394 static int ossl_init_##name(hc_EVP_MD_CTX *d) \ 395 { \ 396 return ossl_md_init((void *)d, ossl_EVP_##name); \ 397 } \ 398 const hc_EVP_MD *hc_EVP_ossl_##name(void) \ 399 { \ 400 static hc_EVP_MD ossl_##name##_st; \ 401 static heim_base_once_t once = HEIM_BASE_ONCE_INIT; \ 402 return get_EVP_MD(&once, &ossl_##name##_st, &ossl_##name, \ 403 &ossl_EVP_##name, hc_EVP_hcrypto_##name(), \ 404 ossl_init_##name, NID_##name); \ 405 } 406 407 #else /* HAVE_HCRYPTO_W_OPENSSL */ 408 409 #include "evp-hcrypto.h" 410 411 #define OSSL_CIPHER_ALGORITHM(name, flags) \ 412 extern const hc_EVP_CIPHER *hc_EVP_ossl_##name(void); \ 413 const hc_EVP_CIPHER *hc_EVP_ossl_##name(void) \ 414 { \ 415 return hc_EVP_hcrypto_##name(); \ 416 } 417 418 #define OSSL_MD_ALGORITHM(name) \ 419 extern const hc_EVP_MD *hc_EVP_ossl_##name(void); \ 420 const hc_EVP_MD *hc_EVP_ossl_##name(void) \ 421 { \ 422 return hc_EVP_hcrypto_##name(); \ 423 } 424 425 #endif /* HAVE_HCRYPTO_W_OPENSSL */ 426 427 /** 428 * The triple DES cipher type (OpenSSL provider) 429 * 430 * @return the DES-EDE3-CBC EVP_CIPHER pointer. 431 * 432 * @ingroup hcrypto_evp 433 */ 434 OSSL_CIPHER_ALGORITHM(des_ede3_cbc, hc_EVP_CIPH_CBC_MODE) 435 436 /** 437 * The DES cipher type (OpenSSL provider) 438 * 439 * @return the DES-CBC EVP_CIPHER pointer. 440 * 441 * @ingroup hcrypto_evp 442 */ 443 OSSL_CIPHER_ALGORITHM(des_cbc, hc_EVP_CIPH_CBC_MODE) 444 445 /** 446 * The AES-128 cipher type (OpenSSL provider) 447 * 448 * @return the AES-128-CBC EVP_CIPHER pointer. 449 * 450 * @ingroup hcrypto_evp 451 */ 452 OSSL_CIPHER_ALGORITHM(aes_128_cbc, hc_EVP_CIPH_CBC_MODE) 453 454 /** 455 * The AES-192 cipher type (OpenSSL provider) 456 * 457 * @return the AES-192-CBC EVP_CIPHER pointer. 458 * 459 * @ingroup hcrypto_evp 460 */ 461 OSSL_CIPHER_ALGORITHM(aes_192_cbc, hc_EVP_CIPH_CBC_MODE) 462 463 /** 464 * The AES-256 cipher type (OpenSSL provider) 465 * 466 * @return the AES-256-CBC EVP_CIPHER pointer. 467 * 468 * @ingroup hcrypto_evp 469 */ 470 OSSL_CIPHER_ALGORITHM(aes_256_cbc, hc_EVP_CIPH_CBC_MODE) 471 472 /** 473 * The AES-128 CFB8 cipher type (OpenSSL provider) 474 * 475 * @return the AES-128-CFB8 EVP_CIPHER pointer. 476 * 477 * @ingroup hcrypto_evp 478 */ 479 OSSL_CIPHER_ALGORITHM(aes_128_cfb8, hc_EVP_CIPH_CFB8_MODE) 480 481 /** 482 * The AES-192 CFB8 cipher type (OpenSSL provider) 483 * 484 * @return the AES-192-CFB8 EVP_CIPHER pointer. 485 * 486 * @ingroup hcrypto_evp 487 */ 488 OSSL_CIPHER_ALGORITHM(aes_192_cfb8, hc_EVP_CIPH_CFB8_MODE) 489 490 /** 491 * The AES-256 CFB8 cipher type (OpenSSL provider) 492 * 493 * @return the AES-256-CFB8 EVP_CIPHER pointer. 494 * 495 * @ingroup hcrypto_evp 496 */ 497 OSSL_CIPHER_ALGORITHM(aes_256_cfb8, hc_EVP_CIPH_CFB8_MODE) 498 499 /* 500 * RC2 is only needed for tests of PKCS#12 support, which currently uses 501 * the RC2 PBE. So no RC2 -> tests fail. 502 */ 503 504 /** 505 * The RC2 cipher type - OpenSSL 506 * 507 * @return the RC2 EVP_CIPHER pointer. 508 * 509 * @ingroup hcrypto_evp 510 */ 511 OSSL_CIPHER_ALGORITHM(rc2_cbc, 512 hc_EVP_CIPH_CBC_MODE | 513 hc_EVP_CIPH_VARIABLE_LENGTH) 514 515 /** 516 * The RC2-40 cipher type - OpenSSL 517 * 518 * @return the RC2-40 EVP_CIPHER pointer. 519 * 520 * @ingroup hcrypto_evp 521 */ 522 OSSL_CIPHER_ALGORITHM(rc2_40_cbc, 523 hc_EVP_CIPH_CBC_MODE) 524 525 /** 526 * The RC2-64 cipher type - OpenSSL 527 * 528 * @return the RC2-64 EVP_CIPHER pointer. 529 * 530 * @ingroup hcrypto_evp 531 */ 532 OSSL_CIPHER_ALGORITHM(rc2_64_cbc, 533 hc_EVP_CIPH_CBC_MODE | 534 hc_EVP_CIPH_VARIABLE_LENGTH) 535 536 /** 537 * The Camellia-128 cipher type - OpenSSL 538 * 539 * @return the Camellia-128 EVP_CIPHER pointer. 540 * 541 * @ingroup hcrypto_evp 542 */ 543 OSSL_CIPHER_ALGORITHM(camellia_128_cbc, hc_EVP_CIPH_CBC_MODE) 544 545 /** 546 * The Camellia-198 cipher type - OpenSSL 547 * 548 * @return the Camellia-198 EVP_CIPHER pointer. 549 * 550 * @ingroup hcrypto_evp 551 */ 552 OSSL_CIPHER_ALGORITHM(camellia_192_cbc, hc_EVP_CIPH_CBC_MODE) 553 554 /** 555 * The Camellia-256 cipher type - OpenSSL 556 * 557 * @return the Camellia-256 EVP_CIPHER pointer. 558 * 559 * @ingroup hcrypto_evp 560 */ 561 OSSL_CIPHER_ALGORITHM(camellia_256_cbc, hc_EVP_CIPH_CBC_MODE) 562 563 /** 564 * The RC4 cipher type (OpenSSL provider) 565 * 566 * @return the RC4 EVP_CIPHER pointer. 567 * 568 * @ingroup hcrypto_evp 569 */ 570 OSSL_CIPHER_ALGORITHM(rc4, 571 hc_EVP_CIPH_STREAM_CIPHER | 572 hc_EVP_CIPH_VARIABLE_LENGTH) 573 574 /** 575 * The RC4-40 cipher type (OpenSSL provider) 576 * 577 * @return the RC4 EVP_CIPHER pointer. 578 * 579 * @ingroup hcrypto_evp 580 */ 581 OSSL_CIPHER_ALGORITHM(rc4_40, 582 hc_EVP_CIPH_STREAM_CIPHER | 583 hc_EVP_CIPH_VARIABLE_LENGTH) 584 585 /** 586 * The MD2 hash algorithm (OpenSSL provider) 587 * 588 * @return the MD2 EVP_MD pointer. 589 * 590 * @ingroup hcrypto_evp 591 */ 592 OSSL_MD_ALGORITHM(md2) 593 594 /** 595 * The MD4 hash algorithm (OpenSSL provider) 596 * 597 * @return the MD4 EVP_MD pointer. 598 * 599 * @ingroup hcrypto_evp 600 */ 601 OSSL_MD_ALGORITHM(md4) 602 603 /** 604 * The MD5 hash algorithm (OpenSSL provider) 605 * 606 * @return the MD5 EVP_MD pointer. 607 * 608 * @ingroup hcrypto_evp 609 */ 610 OSSL_MD_ALGORITHM(md5) 611 612 /** 613 * The SHA-1 hash algorithm (OpenSSL provider) 614 * 615 * @return the SHA-1 EVP_MD pointer. 616 * 617 * @ingroup hcrypto_evp 618 */ 619 OSSL_MD_ALGORITHM(sha1) 620 621 /** 622 * The SHA-256 hash algorithm (OpenSSL provider) 623 * 624 * @return the SHA-256 EVP_MD pointer. 625 * 626 * @ingroup hcrypto_evp 627 */ 628 OSSL_MD_ALGORITHM(sha256) 629 630 /** 631 * The SHA-384 hash algorithm (OpenSSL provider) 632 * 633 * @return the SHA-384 EVP_MD pointer. 634 * 635 * @ingroup hcrypto_evp 636 */ 637 OSSL_MD_ALGORITHM(sha384) 638 639 /** 640 * The SHA-512 hash algorithm (OpenSSL provider) 641 * 642 * @return the SHA-512 EVP_MD pointer. 643 * 644 * @ingroup hcrypto_evp 645 */ 646 OSSL_MD_ALGORITHM(sha512) 647