Wire up truncated SHA-2, SHA-3 and related things

from jsing

diff --git a/lib/libcrypto/dsa/dsa_pmeth.c b/lib/libcrypto/dsa/dsa_pmeth.c
index 66f4ddb..9b03a2f 100644 (file)
--- a/lib/libcrypto/dsa/dsa_pmeth.c
+++ b/lib/libcrypto/dsa/dsa_pmeth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsa_pmeth.c,v 1.16 2022/11/26 16:08:52 tb Exp $ */
+/* $OpenBSD: dsa_pmeth.c,v 1.17 2023/04/25 15:48:48 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
@@ -203,6 +203,7 @@ pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
                return 1;
 
        case EVP_PKEY_CTRL_MD:
+               /* ANSI X9.57 and NIST CSOR. */
                switch (EVP_MD_type((const EVP_MD *)p2)) {
                case NID_sha1:
                case NID_dsa:
@@ -211,6 +212,10 @@ pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
                case NID_sha256:
                case NID_sha384:
                case NID_sha512:
+               case NID_sha3_224:
+               case NID_sha3_256:
+               case NID_sha3_384:
+               case NID_sha3_512:
                        break;
                default:
                        DSAerror(DSA_R_INVALID_DIGEST_TYPE);

diff --git a/lib/libcrypto/ec/ec_pmeth.c b/lib/libcrypto/ec/ec_pmeth.c
index 9582224..d1bb52d 100644 (file)
--- a/lib/libcrypto/ec/ec_pmeth.c
+++ b/lib/libcrypto/ec/ec_pmeth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_pmeth.c,v 1.16 2022/11/26 16:08:52 tb Exp $ */
+/* $OpenBSD: ec_pmeth.c,v 1.17 2023/04/25 15:48:48 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
@@ -381,12 +381,17 @@ pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
                return dctx->kdf_ukmlen;
 
        case EVP_PKEY_CTRL_MD:
+               /* RFC 3279, RFC 5758 and NIST CSOR. */
                if (EVP_MD_type((const EVP_MD *) p2) != NID_sha1 &&
                    EVP_MD_type((const EVP_MD *) p2) != NID_ecdsa_with_SHA1 &&
                    EVP_MD_type((const EVP_MD *) p2) != NID_sha224 &&
                    EVP_MD_type((const EVP_MD *) p2) != NID_sha256 &&
                    EVP_MD_type((const EVP_MD *) p2) != NID_sha384 &&
-                   EVP_MD_type((const EVP_MD *) p2) != NID_sha512) {
+                   EVP_MD_type((const EVP_MD *) p2) != NID_sha512 &&
+                   EVP_MD_type((const EVP_MD *) p2) != NID_sha3_224 &&
+                   EVP_MD_type((const EVP_MD *) p2) != NID_sha3_256 &&
+                   EVP_MD_type((const EVP_MD *) p2) != NID_sha3_384 &&
+                   EVP_MD_type((const EVP_MD *) p2) != NID_sha3_512) {
                        ECerror(EC_R_INVALID_DIGEST_TYPE);
                        return 0;
                }

diff --git a/lib/libcrypto/evp/c_all.c b/lib/libcrypto/evp/c_all.c
index 8fc1aa6..936d7e8 100644 (file)
--- a/lib/libcrypto/evp/c_all.c
+++ b/lib/libcrypto/evp/c_all.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: c_all.c,v 1.28 2022/10/21 13:39:35 tb Exp $ */
+/* $OpenBSD: c_all.c,v 1.29 2023/04/25 15:48:48 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -290,6 +290,14 @@ OpenSSL_add_all_digests_internal(void)
 #ifndef OPENSSL_NO_SHA512
        EVP_add_digest(EVP_sha384());
        EVP_add_digest(EVP_sha512());
+       EVP_add_digest(EVP_sha512_224());
+       EVP_add_digest(EVP_sha512_256());
+#endif
+#ifndef OPENSSL_NO_SHA3
+       EVP_add_digest(EVP_sha3_224());
+       EVP_add_digest(EVP_sha3_256());
+       EVP_add_digest(EVP_sha3_384());
+       EVP_add_digest(EVP_sha3_512());
 #endif
 #ifndef OPENSSL_NO_SM3
        EVP_add_digest(EVP_sm3());

diff --git a/lib/libcrypto/hmac/hmac.h b/lib/libcrypto/hmac/hmac.h
index ff01ae2..1ce3652 100644 (file)
--- a/lib/libcrypto/hmac/hmac.h
+++ b/lib/libcrypto/hmac/hmac.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: hmac.h,v 1.16 2022/01/14 08:06:03 tb Exp $ */
+/* $OpenBSD: hmac.h,v 1.17 2023/04/25 15:48:48 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -66,7 +66,7 @@
 
 #include <openssl/evp.h>
 
-#define HMAC_MAX_MD_CBLOCK     128     /* largest known is SHA512 */
+#define HMAC_MAX_MD_CBLOCK     144     /* largest known is SHA3-224 */
 
 #ifdef  __cplusplus
 extern "C" {

diff --git a/lib/libcrypto/rsa/rsa_pmeth.c b/lib/libcrypto/rsa/rsa_pmeth.c
index 688c0d6..8e06365 100644 (file)
--- a/lib/libcrypto/rsa/rsa_pmeth.c
+++ b/lib/libcrypto/rsa/rsa_pmeth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_pmeth.c,v 1.36 2023/04/15 18:48:52 tb Exp $ */
+/* $OpenBSD: rsa_pmeth.c,v 1.37 2023/04/25 15:48:48 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
@@ -371,12 +371,19 @@ check_padding_md(const EVP_MD *md, int padding)
        }
 
        /* List of all supported RSA digests. */
+       /* RFC 8017 and NIST CSOR. */
        switch(EVP_MD_type(md)) {
        case NID_sha1:
        case NID_sha224:
        case NID_sha256:
        case NID_sha384:
        case NID_sha512:
+       case NID_sha512_224:
+       case NID_sha512_256:
+       case NID_sha3_224:
+       case NID_sha3_256:
+       case NID_sha3_384:
+       case NID_sha3_512:
        case NID_md5:
        case NID_md5_sha1:
        case NID_md4: