On 02/09/2025 07:27, Collin Funk wrote:
Hi,
Here is a patch to add OpenSSL support for SHA-3 using the EVP API.
There are two things I am not 100% happy with, but I do not see a way
around.
First, we must call EVP_MD_CTX_create to malloc an EVP_MD_CTX. This is
because an EVP_MD_CTX field cannot be inside of a structure; it is a
typedef to an incomplete type.
Do you need a EVP_MD_CTX_cleanup() to match the EVP_MD_CTX_create() ?
Second, I used xalloc-die as a conditional dependency. This is because
the EVP functions are documented as returning 0 on failure. In practice,
I can only see this being the case for EVP_MD_CTX_create, but that
should be rare (e.g. OOM). I would rather not change the prototypes to
be different than the other digests in Gnulib, so there is no way to
return errors back to the caller. This shouldn't matter for Coreutils,
but calling abort in libraries is not great, in my opinion. Using
xalloc_die is only slightly more friendly.
Yes ideally the existing gnulib interfaces would not have assumed
all future implementations would succeed. If any of them returned a status
you could have deferred the error, but since none do I don't see another option.
thanks again,
Padraig
