commit 152fbc28e80f46dd1183989b3839e89031631806
author Dr. Stephen Henson <steve@openssl.org> Sun Nov 29 16:27:08 2015 +0000
committer Dr. Stephen Henson <steve@openssl.org> Mon Nov 30 00:32:57 2015 +0000
tree fc2dba11016da2a1d0612527a7f1c00108989372
parent 9446daac5b7be3210e9c5d80c3d95309d946ee38

Use digest tables for defaults.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

ssl/ssl_ciph.c

diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index 4e3c1e5..2059fa0 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -712,7 +712,7 @@
         return (0);
 }
 
-static const EVP_MD *ssl_cipher_table_idx(int idx)
+const EVP_MD *ssl_md(int idx)
 {
     idx &= SSL_HANDSHAKE_MAC_MASK;
     if (idx < 0 || idx >= SSL_MD_NUM_IDX)
@@ -722,12 +722,12 @@
 
 const EVP_MD *ssl_handshake_md(SSL *s)
 {
-    return ssl_cipher_table_idx(ssl_get_algorithm2(s));
+    return ssl_md(ssl_get_algorithm2(s));
 }
 
 const EVP_MD *ssl_prf_md(SSL *s)
 {
-    return ssl_cipher_table_idx(ssl_get_algorithm2(s) >> TLS1_PRF_DGST_SHIFT);
+    return ssl_md(ssl_get_algorithm2(s) >> TLS1_PRF_DGST_SHIFT);
 }
 
 #define ITEM_SEP(a) \

ssl/ssl_locl.h

diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 0cbb3cc..9d28b97 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -2139,6 +2139,7 @@
 __owur int ssl_parse_serverhello_use_srtp_ext(SSL *s, PACKET *pkt, int *al);
 
 __owur int ssl_handshake_hash(SSL *s, unsigned char *out, int outlen);
+__owur const EVP_MD *ssl_md(int idx);
 __owur const EVP_MD *ssl_handshake_md(SSL *s);
 __owur const EVP_MD *ssl_prf_md(SSL *s);
 

ssl/t1_lib.c

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 2784fa1..ed6fb07 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -2706,22 +2706,22 @@
 {
     const EVP_MD **pmd = s->s3->tmp.md;
 #ifndef OPENSSL_NO_DSA
-    pmd[SSL_PKEY_DSA_SIGN] = EVP_sha1();
+    pmd[SSL_PKEY_DSA_SIGN] = ssl_md(SSL_MD_SHA1_IDX);
 #endif
 #ifndef OPENSSL_NO_RSA
     if (SSL_USE_SIGALGS(s))
-        pmd[SSL_PKEY_RSA_SIGN] = EVP_sha1();
+        pmd[SSL_PKEY_RSA_SIGN] = ssl_md(SSL_MD_SHA1_IDX);
     else
-        pmd[SSL_PKEY_RSA_SIGN] = EVP_md5_sha1();
+        pmd[SSL_PKEY_RSA_SIGN] = ssl_md(SSL_MD_MD5_SHA1_IDX);
     pmd[SSL_PKEY_RSA_ENC] = pmd[SSL_PKEY_RSA_SIGN];
 #endif
 #ifndef OPENSSL_NO_EC
-    pmd[SSL_PKEY_ECC] = EVP_sha1();
+    pmd[SSL_PKEY_ECC] = ssl_md(SSL_MD_SHA1_IDX);
 #endif
 #ifndef OPENSSL_NO_GOST
-    pmd[SSL_PKEY_GOST01] = EVP_get_digestbynid(NID_id_GostR3411_94);
-    pmd[SSL_PKEY_GOST12_256] = EVP_get_digestbynid(NID_id_GostR3411_2012_256);
-    pmd[SSL_PKEY_GOST12_512] = EVP_get_digestbynid(NID_id_GostR3411_2012_512);
+    pmd[SSL_PKEY_GOST01] = ssl_md(SSL_MD_GOST94_IDX);
+    pmd[SSL_PKEY_GOST12_256] = ssl_md(SSL_MD_GOST12_256_IDX);
+    pmd[SSL_PKEY_GOST12_512] = ssl_md(SSL_MD_GOST12_512_IDX);
 #endif
 }