md4, md5: switch to wolfCrypt API in wolfSSL builds

Replacing the OpenSSL-like compatibility interface, and syncing with other hashes, when building with wolfSSL. Also: stop stomping on OpenSSL public MD4 symbols. This makes the wolfSSL coexist workaround unnecessary, while also syncing up with MD5 sources. After this patch the only remaining reference to wolfSSL's OpenSSL compatibility layer is in `lib/curl_ntlm_core.c`. Closes #21093
2026-04-11 12:01:42 +08:00 · 2026-03-25 00:49:38 +01:00 · 2026-03-25 00:49:38 +01:00 · bf6a34d8eb
commit bf6a34d8eb
parent 486334509f
2 changed files with 64 additions and 50 deletions
--- a/lib/md4.c
+++ b/lib/md4.c
@ -44,19 +44,41 @@

 /* When OpenSSL or wolfSSL is available, we use their MD4 functions. */

-#if defined(USE_WOLFSSL) && !defined(NO_MD4)
-#include <wolfssl/openssl/md4.h>
-#define VOID_MD4_INIT
+#if defined(USE_OPENSSL) && !defined(OPENSSL_NO_MD4)
+#include <openssl/md4.h>

-#ifdef OPENSSL_COEXIST
-#  define MD4_CTX    WOLFSSL_MD4_CTX
-#  define MD4_Init   wolfSSL_MD4_Init
-#  define MD4_Update wolfSSL_MD4_Update
-#  define MD4_Final  wolfSSL_MD4_Final
+/* Map directly to OpenSSL implementation */
+#define my_md4_ctx    MD4_CTX
+#define my_md4_init   MD4_Init
+#define my_md4_update MD4_Update
+#define my_md4_final  MD4_Final
+
+#elif defined(USE_WOLFSSL) && !defined(NO_MD4)
+#include <wolfssl/wolfcrypt/md4.h>
+#include <wolfssl/version.h>
+
+#if LIBWOLFSSL_VERSION_HEX >= 0x05007006
+typedef wc_Md4 my_md4_ctx;
+#else
+typedef Md4 my_md4_ctx;
 #endif

-#elif defined(USE_OPENSSL) && !defined(OPENSSL_NO_MD4)
-#include <openssl/md4.h>
+static int my_md4_init(my_md4_ctx *ctx)
+{
+  wc_InitMd4(ctx);
+  return 1;
+}
+
+static void my_md4_update(my_md4_ctx *ctx,
+                          const void *input, unsigned long len)
+{
+  wc_Md4Update(ctx, input, (word32)len);
+}
+
+static void my_md4_final(unsigned char *digest, my_md4_ctx *ctx)
+{
+  wc_Md4Final(ctx, digest);
+}

 #elif (defined(__MAC_OS_X_VERSION_MAX_ALLOWED) && \
              (__MAC_OS_X_VERSION_MAX_ALLOWED >= 1040) && \
@ -68,19 +90,20 @@
              (__IPHONE_OS_VERSION_MIN_REQUIRED < 130000))
 #include <CommonCrypto/CommonDigest.h>

-typedef CC_MD4_CTX MD4_CTX;
+typedef CC_MD4_CTX my_md4_ctx;

-static int MD4_Init(MD4_CTX *ctx)
+static int my_md4_init(my_md4_ctx *ctx)
 {
  return CC_MD4_Init(ctx);
 }

-static void MD4_Update(MD4_CTX *ctx, const void *input, unsigned long len)
+static void my_md4_update(my_md4_ctx *ctx,
+                          const void *input, unsigned long len)
 {
  (void)CC_MD4_Update(ctx, input, (CC_LONG)len);
 }

-static void MD4_Final(unsigned char *digest, MD4_CTX *ctx)
+static void my_md4_final(unsigned char *digest, my_md4_ctx *ctx)
 {
  (void)CC_MD4_Final(digest, ctx);
 }
@ -92,9 +115,9 @@ struct md4_ctx {
  HCRYPTPROV hCryptProv;
  HCRYPTHASH hHash;
 };
-typedef struct md4_ctx MD4_CTX;
+typedef struct md4_ctx my_md4_ctx;

-static int MD4_Init(MD4_CTX *ctx)
+static int my_md4_init(my_md4_ctx *ctx)
 {
  ctx->hCryptProv = 0;
  ctx->hHash = 0;
@ -112,12 +135,13 @@ static int MD4_Init(MD4_CTX *ctx)
  return 1;
 }

-static void MD4_Update(MD4_CTX *ctx, const void *input, unsigned long len)
+static void my_md4_update(my_md4_ctx *ctx,
+                          const void *input, unsigned long len)
 {
  CryptHashData(ctx->hHash, (const BYTE *)input, (unsigned int)len, 0);
 }

-static void MD4_Final(unsigned char *digest, MD4_CTX *ctx)
+static void my_md4_final(unsigned char *digest, my_md4_ctx *ctx)
 {
  unsigned long length = 0;

@ -135,20 +159,21 @@ static void MD4_Final(unsigned char *digest, MD4_CTX *ctx)
 #elif defined(USE_GNUTLS)
 #include <nettle/md4.h>

-typedef struct md4_ctx MD4_CTX;
+typedef struct md4_ctx my_md4_ctx;

-static int MD4_Init(MD4_CTX *ctx)
+static int my_md4_init(my_md4_ctx *ctx)
 {
  md4_init(ctx);
  return 1;
 }

-static void MD4_Update(MD4_CTX *ctx, const void *input, unsigned long len)
+static void my_md4_update(my_md4_ctx *ctx,
+                          const void *input, unsigned long len)
 {
  md4_update(ctx, len, input);
 }

-static void MD4_Final(unsigned char *digest, MD4_CTX *ctx)
+static void my_md4_final(unsigned char *digest, my_md4_ctx *ctx)
 {
  md4_digest(ctx, MD4_DIGEST_SIZE, digest);
 }
@ -187,7 +212,7 @@ struct md4_ctx {
  unsigned char buffer[64];
  uint32_t block[16];
 };
-typedef struct md4_ctx MD4_CTX;
+typedef struct md4_ctx my_md4_ctx;

 /*
 * The basic MD4 functions.
@ -229,7 +254,7 @@ typedef struct md4_ctx MD4_CTX;
 * This processes one or more 64-byte data blocks, but does NOT update
 * the bit counters. There are no alignment requirements.
 */
-static const void *my_md4_body(MD4_CTX *ctx,
+static const void *my_md4_body(my_md4_ctx *ctx,
                               const void *input, unsigned long size)
 {
  const unsigned char *ptr;
@ -320,7 +345,7 @@ static const void *my_md4_body(MD4_CTX *ctx,
  return ptr;
 }

-static int MD4_Init(MD4_CTX *ctx)
+static int my_md4_init(my_md4_ctx *ctx)
 {
  ctx->a = 0x67452301;
  ctx->b = 0xefcdab89;
@ -333,7 +358,8 @@ static int MD4_Init(MD4_CTX *ctx)
  return 1;
 }

-static void MD4_Update(MD4_CTX *ctx, const void *input, unsigned long len)
+static void my_md4_update(my_md4_ctx *ctx,
+                          const void *input, unsigned long len)
 {
  uint32_t saved_lo;
  unsigned long used;
@ -368,7 +394,7 @@ static void MD4_Update(MD4_CTX *ctx, const void *input, unsigned long len)
  memcpy(ctx->buffer, input, len);
 }

-static void MD4_Final(unsigned char *digest, MD4_CTX *ctx)
+static void my_md4_final(unsigned char *digest, my_md4_ctx *ctx)
 {
  unsigned long used, available;

@ -424,17 +450,11 @@ static void MD4_Final(unsigned char *digest, MD4_CTX *ctx)
 CURLcode Curl_md4it(unsigned char *output,
                    const unsigned char *input, const size_t len)
 {
-  MD4_CTX ctx;
-
-#ifdef VOID_MD4_INIT
-  MD4_Init(&ctx);
-#else
-  if(!MD4_Init(&ctx))
+  my_md4_ctx ctx;
+  if(!my_md4_init(&ctx))
    return CURLE_FAILED_INIT;
-#endif
-
-  MD4_Update(&ctx, input, curlx_uztoui(len));
-  MD4_Final(output, &ctx);
+  my_md4_update(&ctx, input, curlx_uztoui(len));
+  my_md4_final(output, &ctx);
  return CURLE_OK;
 }

--- a/lib/md5.c
+++ b/lib/md5.c
@ -67,14 +67,9 @@ static void my_md5_final(unsigned char *digest, void *ctx)
  md5_digest(ctx, 16, digest);
 }

-#elif (defined(USE_OPENSSL) && \
-  !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_DEPRECATED_3_0)) || \
-  (defined(USE_WOLFSSL) && !defined(NO_MD5) && !defined(OPENSSL_COEXIST))
-#ifdef USE_OPENSSL
+#elif defined(USE_OPENSSL) && \
+  !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
 #include <openssl/md5.h>
-#else
-#include <wolfssl/openssl/md5.h>
-#endif

 typedef MD5_CTX my_md5_ctx;

@ -98,27 +93,26 @@ static void my_md5_final(unsigned char *digest, void *ctx)
 }

 #elif defined(USE_WOLFSSL) && !defined(NO_MD5)
-#include <wolfssl/openssl/md5.h>
+#include <wolfssl/wolfcrypt/md5.h>

-typedef WOLFSSL_MD5_CTX my_md5_ctx;
+typedef wc_Md5 my_md5_ctx;

 static CURLcode my_md5_init(void *ctx)
 {
-  if(!wolfSSL_MD5_Init(ctx))
+  if(wc_InitMd5(ctx))
    return CURLE_OUT_OF_MEMORY;
-
  return CURLE_OK;
 }

 static void my_md5_update(void *ctx,
                          const unsigned char *input, unsigned int len)
 {
-  (void)wolfSSL_MD5_Update(ctx, input, len);
+  (void)wc_Md5Update(ctx, input, (word32)len);
 }

 static void my_md5_final(unsigned char *digest, void *ctx)
 {
-  (void)wolfSSL_MD5_Final(digest, ctx);
+  (void)wc_Md5Final(ctx, digest);
 }

 #elif defined(USE_MBEDTLS) && \