[0/2] avoid functions deprecated in OpenSSL 3+

Message

Eric Wong Aug. 1, 2023, 2:54 a.m. UTC

OpenSSL appears to be getting rid of the SHA1* and SHA256*
functions in favor of the more generic EVP_* APIs.  The EVP_*
APIs unfortunately require more attention to be paid to memory
management and require specialized copy functions (like gcrypt),
so I'm only using them with OpenSSL 3.x (I've tested 1.1.1n, too).

I'm in favor of keeping OpenSSL support since its development
headers/libraries are more likely to be already-installed on
developers' systems than nettle or gcrypt.

On Debian systems participating in popularity-contest:
libssl-dev is in 21.95% of systems, while nettle-dev and
libgcrypt20-dev is are only in 4.08% and 2.94%, respectively:

  https://qa.debian.org/popcon.php?package=openssl
  https://qa.debian.org/popcon.php?package=nettle
  https://qa.debian.org/popcon.php?package=libgcrypt20

Eric Wong (2):
  sha256: avoid functions deprecated in OpenSSL 3+
  avoid SHA-1 functions deprecated in OpenSSL 3+

 Makefile         |  6 ++++++
 hash-ll.h        | 18 ++++++++++++++++--
 sha1/openssl.h   | 49 ++++++++++++++++++++++++++++++++++++++++++++++++
 sha256/openssl.h | 49 ++++++++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 120 insertions(+), 2 deletions(-)
 create mode 100644 sha1/openssl.h
 create mode 100644 sha256/openssl.h