From f335d91a3bfe47de702af564eb3661ab8906d1be Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Tue, 14 Feb 2023 03:19:58 +0800
Subject: CryptoPkg/BaseCryptLib: avoid using SHA512()

In openssl 3.0 SHA512() goes through the provider logic,
requiring a huge amount of openssl code.  The individual
functions do not, so use them instead.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
---
 CryptoPkg/Library/BaseCryptLib/Hash/CryptSha512.c | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha512.c b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha512.c
index 2ab7188035..dee8f35c41 100644
--- a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha512.c
+++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha512.c
@@ -430,6 +430,8 @@ Sha512HashAll (
   OUT  UINT8       *HashValue
   )
 {
+  SHA512_CTX  Context;
+
   //
   // Check input parameters.
   //
@@ -444,9 +446,17 @@ Sha512HashAll (
   //
   // OpenSSL SHA-512 Hash Computation.
   //
-  if (SHA512 (Data, DataSize, HashValue) == NULL) {
+  if (!SHA512_Init (&Context)) {
+    return FALSE;
+  }
+
+  if (!SHA512_Update (&Context, Data, DataSize)) {
     return FALSE;
-  } else {
-    return TRUE;
   }
+
+  if (!SHA512_Final (HashValue, &Context)) {
+    return FALSE;
+  }
+
+  return TRUE;
 }
-- 
cgit