Re : Re: Re : Default digest implementation?

nicolas . kox Fri, 18 Jul 2014 01:10:39 -0700

that's why :
in crypto/rand/rand_lcl.h
--
#elif defined(USE_SHA1_RAND)
#include <openssl/sha.h>
#define MD_DIGEST_LENGTH        SHA_DIGEST_LENGTH


#define MD_Init(a)              EVP_DigestInit_ex(a,EVP_sha1(), NULL)

#define MD(a,b,c)               EVP_Digest(a,b,c,NULL,EVP_sha1(), NULL)
--
then in crypto/rand/md_rand.c

if (!MD_Init(&m))
        goto err;
if (!MD_Update(&m,local_md,MD_DIGEST_LENGTH))
        goto err;



----- Mail d'origine -----
De: Jeffrey Walton <noloa...@gmail.com>
À: OpenSSL Users List <openssl-users@openssl.org>
Envoyé: Fri, 18 Jul 2014 09:32:09 +0200 (CEST)
Objet: Re: Re : Default digest implementation?

On Fri, Jul 18, 2014 at 3:02 AM,  <nicolas....@free.fr> wrote:
>
> Actually, there's no default digest.
> When created, the EVP_MD_CTX struct is initialized to 0, then all pointers 
> are NULL by default, in particular ctx->type.
> If a a digest was previously used, it can be reused if no EVP_MD is given, 
> otherwise the initialization will fail.
>
Hmmm... something does not sound correct.

I was tracing in the context of md_rand (crypto/rand/md_rand.c). When
ssleay_rand_add() or ssleay_rand_bytes() is called, md_rand is mixing
with something. Its clearly not setting `m` to something like
EVP_md5(); rather its using the default implementation discussed in
the docs.

Jeff

> ----- Mail d'origine -----
> De: Jeffrey Walton <noloa...@gmail.com>
> À: OpenSSL Users List <openssl-users@openssl.org>
> Envoyé: Fri, 18 Jul 2014 06:04:17 +0200 (CEST)
> Objet: Default digest implementation?
>
> https://www.openssl.org/docs/crypto/EVP_DigestInit.html
>
> The doc states the default default digest implementation is used if
> 'impl' is NULL. The docs also state "OpenSSL 1.0 and later does not
> include the MD2 digest algorithm in the default configuration...".
>
> I found the call to EVP_DigestInit which calls EVP_DigestInit_ex. But
> I'm getting lost in EVP_DigestInit_ex:
>
>     if(impl)
>     {
>         ...
>     }
>     else
>     {
>         /* Ask if an ENGINE is reserved for this job */
>         impl = ENGINE_get_digest_engine(type->type);
>     }
>
> I'm having trouble tracking down 'type' used by ENGINE_get_digest_engine.
>
> What is the default digest implementation for 1.0 and later? Or where
> can I find the source file that sets the default?
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Re : Re: Re : Default digest implementation?

Reply via email to