Re: [PATCH] Digest Processing Always using EVP layer

Wed, 25 Apr 2001 20:52:43 -0700 

> Verdon Walker wrote:
> 
> We are currently modifying OpenSSL to use a different crypto lib (for
> license and export reasons). One thing I have done to help reduce the
> entry points into our code is replace all calls directly to digest
> functions (MD5_Init, SHA1_Update, etc.) to always use the EVP layer. I
> think this is a useful cleanup item to be patched into the openssl
> source so I am submitting this patch.
> 
> I created a new function called "EVP_Digest" to replace calls to MD5,
> SHA1, etc. I replaced all direct references to digest functions in the
> ssl directory to call EVP functions. I believe that I also replaced
> all calls in the crypto and apps code. I also removed any references
> to the md5.h, sha.h, etc. header files in the sll directory.
> 
> This patch was built using a clean version of 0.9.6a. The code passes
> all tests in test.bat. It was built on WindowsNT but should be
> portable to all platforms.
> 
> Note: The patch has been copied to [EMAIL PROTECTED] since it
> orignates in the USA. The code changes are not in any cryptographic
> functions only in the code calling the cryptographic functions.
> 
> I hope that I have submitted this patch correctly. Please let me know
> if there is anything more I need to do. I hope the diff is OK. I am
> developing on Windows 2000 and my version of diff does not have a -u
> option. I hope the slightly different format is OK.
> 
> Any questions, comments or concerns, please contact me. Thanks.
> 

I agree that the applications, and indeed the library should not make
low level digest calls and should use EVP. This kind of thing will be
needed when/if when digests get added to ENGINE anyway.

There is already an EVP_Digest() function in OpenSSL 0.9.7-dev which has
similar functionality, except it doesn't use the static buffer if md is
NULL which isn't threadsafe anyway.

Steve.
-- 
Dr Stephen N. Henson.   http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED] 
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the   OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to