}
#define LARGEST_DIGEST_CTX SHA_CTX
-#ifndef OPENSSL_NO_SHA256
static void
tls1_sha256_final_raw(void* ctx, unsigned char *md_out)
{
}
#undef LARGEST_DIGEST_CTX
#define LARGEST_DIGEST_CTX SHA256_CTX
-#endif
-#ifndef OPENSSL_NO_SHA512
static void
tls1_sha512_final_raw(void* ctx, unsigned char *md_out)
{
}
#undef LARGEST_DIGEST_CTX
#define LARGEST_DIGEST_CTX SHA512_CTX
-#endif
/* ssl3_cbc_record_digest_supported returns 1 iff |ctx| uses a hash function
* which ssl3_cbc_digest_record supports. */
switch (EVP_MD_CTX_type(ctx)) {
case NID_md5:
case NID_sha1:
-#ifndef OPENSSL_NO_SHA256
case NID_sha224:
case NID_sha256:
-#endif
-#ifndef OPENSSL_NO_SHA512
case NID_sha384:
case NID_sha512:
-#endif
return 1;
default:
return 0;
md_transform = (void(*)(void *ctx, const unsigned char *block)) SHA1_Transform;
md_size = 20;
break;
-#ifndef OPENSSL_NO_SHA256
case NID_sha224:
SHA224_Init((SHA256_CTX*)md_state.c);
md_final_raw = tls1_sha256_final_raw;
md_transform = (void(*)(void *ctx, const unsigned char *block)) SHA256_Transform;
md_size = 32;
break;
-#endif
-#ifndef OPENSSL_NO_SHA512
case NID_sha384:
SHA384_Init((SHA512_CTX*)md_state.c);
md_final_raw = tls1_sha512_final_raw;
md_block_size = 128;
md_length_size = 16;
break;
-#endif
default:
/* ssl3_cbc_record_digest_supported should have been
* called first to check that the hash function is
*/
EVP_Digest(p, ticklen,
s->session->session_id, &s->session->session_id_length,
-#ifndef OPENSSL_NO_SHA256
EVP_sha256(), NULL);
-#else
- EVP_sha1(), NULL);
-#endif
ret = 1;
return (ret);
f_err:
}
#define LARGEST_DIGEST_CTX SHA_CTX
-#ifndef OPENSSL_NO_SHA256
static void
tls1_sha256_final_raw(void* ctx, unsigned char *md_out)
{
}
#undef LARGEST_DIGEST_CTX
#define LARGEST_DIGEST_CTX SHA256_CTX
-#endif
-#ifndef OPENSSL_NO_SHA512
static void
tls1_sha512_final_raw(void* ctx, unsigned char *md_out)
{
}
#undef LARGEST_DIGEST_CTX
#define LARGEST_DIGEST_CTX SHA512_CTX
-#endif
/* ssl3_cbc_record_digest_supported returns 1 iff |ctx| uses a hash function
* which ssl3_cbc_digest_record supports. */
switch (EVP_MD_CTX_type(ctx)) {
case NID_md5:
case NID_sha1:
-#ifndef OPENSSL_NO_SHA256
case NID_sha224:
case NID_sha256:
-#endif
-#ifndef OPENSSL_NO_SHA512
case NID_sha384:
case NID_sha512:
-#endif
return 1;
default:
return 0;
md_transform = (void(*)(void *ctx, const unsigned char *block)) SHA1_Transform;
md_size = 20;
break;
-#ifndef OPENSSL_NO_SHA256
case NID_sha224:
SHA224_Init((SHA256_CTX*)md_state.c);
md_final_raw = tls1_sha256_final_raw;
md_transform = (void(*)(void *ctx, const unsigned char *block)) SHA256_Transform;
md_size = 32;
break;
-#endif
-#ifndef OPENSSL_NO_SHA512
case NID_sha384:
SHA384_Init((SHA512_CTX*)md_state.c);
md_final_raw = tls1_sha512_final_raw;
md_block_size = 128;
md_length_size = 16;
break;
-#endif
default:
/* ssl3_cbc_record_digest_supported should have been
* called first to check that the hash function is
*/
EVP_Digest(p, ticklen,
s->session->session_id, &s->session->session_id_length,
-#ifndef OPENSSL_NO_SHA256
EVP_sha256(), NULL);
-#else
- EVP_sha1(), NULL);
-#endif
ret = 1;
return (ret);
f_err:
EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
#endif
-#ifndef OPENSSL_NO_SHA256
EVP_add_digest(EVP_sha224());
EVP_add_digest(EVP_sha256());
-#endif
-#ifndef OPENSSL_NO_SHA512
EVP_add_digest(EVP_sha384());
EVP_add_digest(EVP_sha512());
-#endif
#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_DSA)
EVP_add_digest(EVP_dss1()); /* DSA with sha1 */
EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2);
int ssl_check_clienthello_tlsext_late(SSL *s);
int ssl_check_serverhello_tlsext(SSL *s);
-#ifdef OPENSSL_NO_SHA256
-#define tlsext_tick_md EVP_sha1
-#else
#define tlsext_tick_md EVP_sha256
-#endif
int tls1_process_ticket(SSL *s, unsigned char *session_id, int len,
const unsigned char *limit, SSL_SESSION **ret);
tlsext_sigalg_ecdsa(md)
static unsigned char tls12_sigalgs[] = {
-#ifndef OPENSSL_NO_SHA512
tlsext_sigalg(TLSEXT_hash_sha512)
tlsext_sigalg(TLSEXT_hash_sha384)
-#endif
-#ifndef OPENSSL_NO_SHA256
tlsext_sigalg(TLSEXT_hash_sha256)
tlsext_sigalg(TLSEXT_hash_sha224)
-#endif
#ifndef OPENSSL_NO_SHA
tlsext_sigalg(TLSEXT_hash_sha1)
#endif
#ifndef OPENSSL_NO_SHA
{NID_sha1, TLSEXT_hash_sha1},
#endif
-#ifndef OPENSSL_NO_SHA256
{NID_sha224, TLSEXT_hash_sha224},
{NID_sha256, TLSEXT_hash_sha256},
-#endif
-#ifndef OPENSSL_NO_SHA512
{NID_sha384, TLSEXT_hash_sha384},
{NID_sha512, TLSEXT_hash_sha512}
-#endif
};
static tls12_lookup tls12_sig[] = {
case TLSEXT_hash_sha1:
return EVP_sha1();
#endif
-#ifndef OPENSSL_NO_SHA256
case TLSEXT_hash_sha224:
return EVP_sha224();
case TLSEXT_hash_sha256:
return EVP_sha256();
-#endif
-#ifndef OPENSSL_NO_SHA512
case TLSEXT_hash_sha384:
return EVP_sha384();
case TLSEXT_hash_sha512:
return EVP_sha512();
-#endif
default:
return NULL;
EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
#endif
-#ifndef OPENSSL_NO_SHA256
EVP_add_digest(EVP_sha224());
EVP_add_digest(EVP_sha256());
-#endif
-#ifndef OPENSSL_NO_SHA512
EVP_add_digest(EVP_sha384());
EVP_add_digest(EVP_sha512());
-#endif
#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_DSA)
EVP_add_digest(EVP_dss1()); /* DSA with sha1 */
EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2);
int ssl_check_clienthello_tlsext_late(SSL *s);
int ssl_check_serverhello_tlsext(SSL *s);
-#ifdef OPENSSL_NO_SHA256
-#define tlsext_tick_md EVP_sha1
-#else
#define tlsext_tick_md EVP_sha256
-#endif
int tls1_process_ticket(SSL *s, unsigned char *session_id, int len,
const unsigned char *limit, SSL_SESSION **ret);
tlsext_sigalg_ecdsa(md)
static unsigned char tls12_sigalgs[] = {
-#ifndef OPENSSL_NO_SHA512
tlsext_sigalg(TLSEXT_hash_sha512)
tlsext_sigalg(TLSEXT_hash_sha384)
-#endif
-#ifndef OPENSSL_NO_SHA256
tlsext_sigalg(TLSEXT_hash_sha256)
tlsext_sigalg(TLSEXT_hash_sha224)
-#endif
#ifndef OPENSSL_NO_SHA
tlsext_sigalg(TLSEXT_hash_sha1)
#endif
#ifndef OPENSSL_NO_SHA
{NID_sha1, TLSEXT_hash_sha1},
#endif
-#ifndef OPENSSL_NO_SHA256
{NID_sha224, TLSEXT_hash_sha224},
{NID_sha256, TLSEXT_hash_sha256},
-#endif
-#ifndef OPENSSL_NO_SHA512
{NID_sha384, TLSEXT_hash_sha384},
{NID_sha512, TLSEXT_hash_sha512}
-#endif
};
static tls12_lookup tls12_sig[] = {
case TLSEXT_hash_sha1:
return EVP_sha1();
#endif
-#ifndef OPENSSL_NO_SHA256
case TLSEXT_hash_sha224:
return EVP_sha224();
case TLSEXT_hash_sha256:
return EVP_sha256();
-#endif
-#ifndef OPENSSL_NO_SHA512
case TLSEXT_hash_sha384:
return EVP_sha384();
case TLSEXT_hash_sha512:
return EVP_sha512();
-#endif
default:
return NULL;