expose isc__crypto_md in isc/ossl_wrap.h

This is a bit of a namespace convention violation but it fits the spirit of
this header since it is exposing OpenSSL-isms to others.

Further work is needed to make sure the exposed EVP_MD isn't needed
anymore.

lib/dns/opensslecdsa_link.c

@@ -23,6 +23,7 @@
 #include <isc/crypto.h>
 #include <isc/md.h>
 #include <isc/mem.h>
+#include <isc/ossl_wrap.h>
 #include <isc/result.h>
 #include <isc/safe.h>
 #include <isc/string.h>
@@ -35,9 +36,6 @@
 #include "dst_parse.h"
 #include "openssl_shim.h"
 
-/* TODO(aydin): remove this crap */
-extern EVP_MD *isc__crypto_md[];
-
 #ifndef NID_X9_62_prime256v1
 #error "P-256 group is not known (NID_X9_62_prime256v1)"
 #endif /* ifndef NID_X9_62_prime256v1 */

lib/dns/opensslrsa_link.c

@@ -35,9 +35,6 @@
 
 #define OPENSSLRSA_MAX_MODULUS_BITS 4096
 
-/* TODO(aydin): remove this crap */
-extern EVP_MD *isc__crypto_md[];
-
 /* length byte + 1.2.840.113549.1.1.11 BER encoded RFC 4055 */
 static unsigned char oid_rsasha256[] = { 0x0b, 0x06, 0x09, 0x2a, 0x86, 0x48,
 					 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b };

lib/isc/crypto/crypto_p.h

@@ -1,18 +0,0 @@
-/*
- * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
- *
- * SPDX-License-Identifier: MPL-2.0
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, you can obtain one at https://mozilla.org/MPL/2.0/.
- *
- * See the COPYRIGHT file distributed with this work for additional
- * information regarding copyright ownership.
- */
-
-#pragma once
-
-#include <openssl/evp.h>
-
-extern EVP_MD *isc__crypto_md[];

lib/isc/crypto/ossl1_1.c

@@ -30,8 +30,6 @@
 #include <isc/safe.h>
 #include <isc/util.h>
 
-#include "crypto_p.h"
-
 #define HMAC_KEY_MAGIC ISC_MAGIC('H', 'M', 'A', 'C')
 
 struct isc_hmac_key {

lib/isc/crypto/ossl3.c

@@ -34,8 +34,6 @@
 #include <isc/safe.h>
 #include <isc/util.h>
 
-#include "crypto_p.h"
-
 struct isc_hmac_key {
 	uint32_t magic;
 	uint32_t len;

lib/isc/crypto/ossl_common.c

@@ -16,8 +16,7 @@
 
 #include <isc/crypto.h>
 #include <isc/md.h>
-
-#include "crypto_p.h"
+#include <isc/ossl_wrap.h>
 
 EVP_MD *isc__crypto_md[] = {
 	[ISC_MD_UNKNOWN] = NULL, [ISC_MD_MD5] = NULL,	 [ISC_MD_SHA1] = NULL,

lib/isc/include/isc/ossl_wrap.h

@@ -278,3 +278,10 @@ isc__ossl_wrap_logged_toresult(isc_logcategory_t category,
 			       isc_logmodule_t module, const char *funcname,
 			       isc_result_t fallback, const char *file,
 			       int line);
+
+/*
+ * This is a bit of a namespace convention violation but it fits the spirit of
+ * this header since it is exposing OpenSSL-isms to others.
+ */
+
+extern EVP_MD *isc__crypto_md[];

lib/isc/iterated_hash.c

@@ -19,11 +19,10 @@
 
 #include <isc/iterated_hash.h>
 #include <isc/md.h>
+#include <isc/ossl_wrap.h>
 #include <isc/thread.h>
 #include <isc/util.h>
 
-#include "crypto/crypto_p.h"
-
 #if OPENSSL_VERSION_NUMBER < 0x30000000L
 
 #include <openssl/sha.h>

lib/isc/md.c

@@ -18,9 +18,9 @@
 #include <openssl/opensslv.h>
 
 #include <isc/md.h>
+#include <isc/ossl_wrap.h>
 #include <isc/util.h>
 
-#include "crypto/crypto_p.h"
 #include "openssl_shim.h"
 
 isc_md_t *

lib/isc/tls.c

@@ -42,6 +42,7 @@
 #include <isc/mem.h>
 #include <isc/mutex.h>
 #include <isc/once.h>
+#include <isc/ossl_wrap.h>
 #include <isc/random.h>
 #include <isc/refcount.h>
 #include <isc/rwlock.h>
@@ -52,9 +53,6 @@
 
 #include "openssl_shim.h"
 
-/* TODO(aydin): remove this crap */
-extern EVP_MD *isc__crypto_md[];
-
 #define COMMON_SSL_OPTIONS \
 	(SSL_OP_NO_COMPRESSION | SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION)