Hi all, It looks like the sha support for openssl has been left without much follow up.
I noticed that there is a oneshot mode in openssl libraries, so for my immediate purposes I modified the patch by Michal to work only with oneshot hashing. You can download the patch from: http://dev.alpinelinux.org/cgit/aports/plain/core/openssl/openssl-0.9.8k-padlock-oneshot-sha.patch After some trivial testing it seems to be ok. This is mostly enough for me, as I can use the EVP_Digest() directly to do everything in one go. Even for regular size files I can just mmap() them and issue one EVP_Digest(). This won't obviously work with very large files, but it isn't a problem for me at this time. Now it would be also nice to get it working also with multiple updates using the guard page trick. As most implementations do only one simultaneous hash, it'd be probably enough to pre-allocate one hashing area; and do dynamic allocation/free at context init/free if there's more than one context active, or just silently fall back to the software implementations. Did anyone do this for openssl yet? Would doing this be acceptable enough to get merged in openssl? Feedback appreciated. Thanks, Timo ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
