Add submodule dependency filesHEADmaster

Change-Id: Iaf8d18082d3991dec7c0ebbea540f092188eb4ec

6 files changed, 1298 insertions, 0 deletions

diff --git a/roms/edk2/CryptoPkg/Library/OpensslLib/openssl/boringssl/crypto/digest/CMakeLists.txt b/roms/edk2/CryptoPkg/Library/OpensslLib/openssl/boringssl/crypto/digest/CMakeLists.txt
new file mode 100644
index 000000000..7a68f6fe0
--- /dev/null
+++ b/roms/edk2/CryptoPkg/Library/OpensslLib/openssl/boringssl/crypto/digest/CMakeLists.txt
@@ -0,0 +1,21 @@
+include_directories(../../include)
+
+add_library(
+  digest
+
+  OBJECT
+
+  digest.c
+  digests.c
+)
+
+add_executable(
+  digest_test
+
+  digest_test.cc
+
+  $<TARGET_OBJECTS:test_support>
+)
+
+target_link_libraries(digest_test crypto)
+add_dependencies(all_tests digest_test)
diff --git a/roms/edk2/CryptoPkg/Library/OpensslLib/openssl/boringssl/crypto/digest/digest.c b/roms/edk2/CryptoPkg/Library/OpensslLib/openssl/boringssl/crypto/digest/digest.c
new file mode 100644
index 000000000..9c9962b53
--- /dev/null
+++ b/roms/edk2/CryptoPkg/Library/OpensslLib/openssl/boringssl/crypto/digest/digest.c
@@ -0,0 +1,251 @@
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.] */
+
+#include <openssl/digest.h>
+
+#include <assert.h>
+#include <string.h>
+
+#include <openssl/err.h>
+#include <openssl/mem.h>
+
+#include "internal.h"
+#include "../internal.h"
+
+
+int EVP_MD_type(const EVP_MD *md) { return md->type; }
+
+uint32_t EVP_MD_flags(const EVP_MD *md) { return md->flags; }
+
+size_t EVP_MD_size(const EVP_MD *md) { return md->md_size; }
+
+size_t EVP_MD_block_size(const EVP_MD *md) { return md->block_size; }
+
+
+void EVP_MD_CTX_init(EVP_MD_CTX *ctx) {
+  OPENSSL_memset(ctx, 0, sizeof(EVP_MD_CTX));
+}
+
+EVP_MD_CTX *EVP_MD_CTX_create(void) {
+  EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof(EVP_MD_CTX));
+
+  if (ctx) {
+    EVP_MD_CTX_init(ctx);
+  }
+
+  return ctx;
+}
+
+int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) {
+  if (ctx->digest && ctx->digest->ctx_size && ctx->md_data) {
+    OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size);
+    OPENSSL_free(ctx->md_data);
+  }
+
+  assert(ctx->pctx == NULL || ctx->pctx_ops != NULL);
+  if (ctx->pctx_ops) {
+    ctx->pctx_ops->free(ctx->pctx);
+  }
+
+  EVP_MD_CTX_init(ctx);
+
+  return 1;
+}
+
+void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx) {
+  if (!ctx) {
+    return;
+  }
+
+  EVP_MD_CTX_cleanup(ctx);
+  OPENSSL_free(ctx);
+}
+
+int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) {
+  uint8_t *tmp_buf = NULL;
+
+  if (in == NULL || in->digest == NULL) {
+    OPENSSL_PUT_ERROR(DIGEST, DIGEST_R_INPUT_NOT_INITIALIZED);
+    return 0;
+  }
+
+  if (out->digest == in->digest) {
+    /* |md_data| will be the correct size in this case so it's removed from
+     * |out| at this point so that |EVP_MD_CTX_cleanup| doesn't free it and
+     * then it's reused. */
+    tmp_buf = out->md_data;
+    out->md_data = NULL;
+  }
+
+  EVP_MD_CTX_cleanup(out);
+
+  out->digest = in->digest;
+  if (in->md_data && in->digest->ctx_size) {
+    if (tmp_buf) {
+      out->md_data = tmp_buf;
+    } else {
+      out->md_data = OPENSSL_malloc(in->digest->ctx_size);
+      if (!out->md_data) {
+        OPENSSL_PUT_ERROR(DIGEST, ERR_R_MALLOC_FAILURE);
+        return 0;
+      }
+    }
+    OPENSSL_memcpy(out->md_data, in->md_data, in->digest->ctx_size);
+  }
+
+  assert(in->pctx == NULL || in->pctx_ops != NULL);
+  out->pctx_ops = in->pctx_ops;
+  if (in->pctx && in->pctx_ops) {
+    out->pctx = in->pctx_ops->dup(in->pctx);
+    if (!out->pctx) {
+      EVP_MD_CTX_cleanup(out);
+      return 0;
+    }
+  }
+
+  return 1;
+}
+
+int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in) {
+  EVP_MD_CTX_init(out);
+  return EVP_MD_CTX_copy_ex(out, in);
+}
+
+int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *engine) {
+  if (ctx->digest != type) {
+    if (ctx->digest && ctx->digest->ctx_size > 0) {
+      OPENSSL_free(ctx->md_data);
+      ctx->md_data = NULL;
+    }
+    ctx->digest = type;
+    if (type->ctx_size > 0) {
+      ctx->md_data = OPENSSL_malloc(type->ctx_size);
+      if (ctx->md_data == NULL) {
+        OPENSSL_PUT_ERROR(DIGEST, ERR_R_MALLOC_FAILURE);
+        return 0;
+      }
+    }
+  }
+
+  assert(ctx->pctx == NULL || ctx->pctx_ops != NULL);
+
+  ctx->digest->init(ctx);
+  return 1;
+}
+
+int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) {
+  EVP_MD_CTX_init(ctx);
+  return EVP_DigestInit_ex(ctx, type, NULL);
+}
+
+int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t len) {
+  ctx->digest->update(ctx, data, len);
+  return 1;
+}
+
+int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, uint8_t *md_out, unsigned int *size) {
+  assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
+  ctx->digest->final(ctx, md_out);
+  if (size != NULL) {
+    *size = ctx->digest->md_size;
+  }
+  OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size);
+  return 1;
+}
+
+int EVP_DigestFinal(EVP_MD_CTX *ctx, uint8_t *md, unsigned int *size) {
+  (void)EVP_DigestFinal_ex(ctx, md, size);
+  EVP_MD_CTX_cleanup(ctx);
+  return 1;
+}
+
+int EVP_Digest(const void *data, size_t count, uint8_t *out_md,
+               unsigned int *out_size, const EVP_MD *type, ENGINE *impl) {
+  EVP_MD_CTX ctx;
+  int ret;
+
+  EVP_MD_CTX_init(&ctx);
+  ret = EVP_DigestInit_ex(&ctx, type, impl) &&
+        EVP_DigestUpdate(&ctx, data, count) &&
+        EVP_DigestFinal_ex(&ctx, out_md, out_size);
+  EVP_MD_CTX_cleanup(&ctx);
+
+  return ret;
+}
+
+
+const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx) {
+  if (ctx == NULL) {
+    return NULL;
+  }
+  return ctx->digest;
+}
+
+size_t EVP_MD_CTX_size(const EVP_MD_CTX *ctx) {
+  return EVP_MD_size(EVP_MD_CTX_md(ctx));
+}
+
+size_t EVP_MD_CTX_block_size(const EVP_MD_CTX *ctx) {
+  return EVP_MD_block_size(EVP_MD_CTX_md(ctx));
+}
+
+int EVP_MD_CTX_type(const EVP_MD_CTX *ctx) {
+  return EVP_MD_type(EVP_MD_CTX_md(ctx));
+}
+
+int EVP_add_digest(const EVP_MD *digest) {
+  return 1;
+}
diff --git a/roms/edk2/CryptoPkg/Library/OpensslLib/openssl/boringssl/crypto/digest/digest_test.cc b/roms/edk2/CryptoPkg/Library/OpensslLib/openssl/boringssl/crypto/digest/digest_test.cc
new file mode 100644
index 000000000..36a62ab0e
--- /dev/null
+++ b/roms/edk2/CryptoPkg/Library/OpensslLib/openssl/boringssl/crypto/digest/digest_test.cc
@@ -0,0 +1,282 @@
+/* Copyright (c) 2014, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#include <stdint.h>
+#include <stdio.h>
+#include <string.h>
+
+#include <memory>
+
+#include <openssl/asn1.h>
+#include <openssl/crypto.h>
+#include <openssl/digest.h>
+#include <openssl/err.h>
+#include <openssl/md4.h>
+#include <openssl/md5.h>
+#include <openssl/nid.h>
+#include <openssl/obj.h>
+#include <openssl/sha.h>
+
+#include "../internal.h"
+
+
+struct MD {
+  // name is the name of the digest.
+  const char* name;
+  // md_func is the digest to test.
+  const EVP_MD *(*func)(void);
+  // one_shot_func is the convenience one-shot version of the
+  // digest.
+  uint8_t *(*one_shot_func)(const uint8_t *, size_t, uint8_t *);
+};
+
+static const MD md4 = { "MD4", &EVP_md4, nullptr };
+static const MD md5 = { "MD5", &EVP_md5, &MD5 };
+static const MD sha1 = { "SHA1", &EVP_sha1, &SHA1 };
+static const MD sha224 = { "SHA224", &EVP_sha224, &SHA224 };
+static const MD sha256 = { "SHA256", &EVP_sha256, &SHA256 };
+static const MD sha384 = { "SHA384", &EVP_sha384, &SHA384 };
+static const MD sha512 = { "SHA512", &EVP_sha512, &SHA512 };
+static const MD md5_sha1 = { "MD5-SHA1", &EVP_md5_sha1, nullptr };
+
+struct TestVector {
+  // md is the digest to test.
+  const MD &md;
+  // input is a NUL-terminated string to hash.
+  const char *input;
+  // repeat is the number of times to repeat input.
+  size_t repeat;
+  // expected_hex is the expected digest in hexadecimal.
+  const char *expected_hex;
+};
+
+static const TestVector kTestVectors[] = {
+    // MD4 tests, from RFC 1320. (crypto/md4 does not provide a
+    // one-shot MD4 function.)
+    { md4, "", 1, "31d6cfe0d16ae931b73c59d7e0c089c0" },
+    { md4, "a", 1, "bde52cb31de33e46245e05fbdbd6fb24" },
+    { md4, "abc", 1, "a448017aaf21d8525fc10ae87aa6729d" },
+    { md4, "message digest", 1, "d9130a8164549fe818874806e1c7014b" },
+    { md4, "abcdefghijklmnopqrstuvwxyz", 1,
+      "d79e1c308aa5bbcdeea8ed63df412da9" },
+    { md4,
+      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", 1,
+      "043f8582f241db351ce627e153e7f0e4" },
+    { md4, "1234567890", 8, "e33b4ddc9c38f2199c3e7b164fcc0536" },
+
+    // MD5 tests, from RFC 1321.
+    { md5, "", 1, "d41d8cd98f00b204e9800998ecf8427e" },
+    { md5, "a", 1, "0cc175b9c0f1b6a831c399e269772661" },
+    { md5, "abc", 1, "900150983cd24fb0d6963f7d28e17f72" },
+    { md5, "message digest", 1, "f96b697d7cb7938d525a2f31aaf161d0" },
+    { md5, "abcdefghijklmnopqrstuvwxyz", 1,
+      "c3fcd3d76192e4007dfb496cca67e13b" },
+    { md5,
+      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", 1,
+      "d174ab98d277d9f5a5611c2c9f419d9f" },
+    { md5, "1234567890", 8, "57edf4a22be3c955ac49da2e2107b67a" },
+
+    // SHA-1 tests, from RFC 3174.
+    { sha1, "abc", 1, "a9993e364706816aba3e25717850c26c9cd0d89d" },
+    { sha1,
+      "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 1,
+      "84983e441c3bd26ebaae4aa1f95129e5e54670f1" },
+    { sha1, "a", 1000000, "34aa973cd4c4daa4f61eeb2bdbad27316534016f" },
+    { sha1,
+      "0123456701234567012345670123456701234567012345670123456701234567", 10,
+      "dea356a2cddd90c7a7ecedc5ebb563934f460452" },
+
+    // SHA-224 tests, from RFC 3874.
+    { sha224, "abc", 1,
+      "23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7" },
+    { sha224,
+      "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 1,
+      "75388b16512776cc5dba5da1fd890150b0c6455cb4f58b1952522525" },
+    { sha224,
+      "a", 1000000,
+      "20794655980c91d8bbb4c1ea97618a4bf03f42581948b2ee4ee7ad67" },
+
+    // SHA-256 tests, from NIST.
+    { sha256, "abc", 1,
+      "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" },
+    { sha256,
+      "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 1,
+      "248d6a61d20638b8e5c026930c3e6039a33ce45964ff2167f6ecedd419db06c1" },
+
+    // SHA-384 tests, from NIST.
+    { sha384, "abc", 1,
+      "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed"
+      "8086072ba1e7cc2358baeca134c825a7" },
+    { sha384,
+      "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
+      "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", 1,
+      "09330c33f71147e83d192fc782cd1b4753111b173b3b05d22fa08086e3b0f712"
+      "fcc7c71a557e2db966c3e9fa91746039" },
+
+    // SHA-512 tests, from NIST.
+    { sha512, "abc", 1,
+      "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a"
+      "2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f" },
+    { sha512,
+      "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
+      "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", 1,
+      "8e959b75dae313da8cf4f72814fc143f8f7779c6eb9f7fa17299aeadb6889018"
+      "501d289e4900f7e4331b99dec4b5433ac7d329eeb6dd26545e96e55b874be909" },
+
+    // MD5-SHA1 tests.
+    { md5_sha1, "abc", 1,
+      "900150983cd24fb0d6963f7d28e17f72a9993e364706816aba3e25717850c26c9cd0d89d" },
+};
+
+static bool CompareDigest(const TestVector *test,
+                          const uint8_t *digest,
+                          size_t digest_len) {
+  static const char kHexTable[] = "0123456789abcdef";
+  char digest_hex[2*EVP_MAX_MD_SIZE + 1];
+
+  for (size_t i = 0; i < digest_len; i++) {
+    digest_hex[2*i] = kHexTable[digest[i] >> 4];
+    digest_hex[2*i + 1] = kHexTable[digest[i] & 0xf];
+  }
+  digest_hex[2*digest_len] = '\0';
+
+  if (strcmp(digest_hex, test->expected_hex) != 0) {
+    fprintf(stderr, "%s(\"%s\" * %d) = %s; want %s\n",
+            test->md.name, test->input, (int)test->repeat,
+            digest_hex, test->expected_hex);
+    return false;
+  }
+
+  return true;
+}
+
+static int TestDigest(const TestVector *test) {
+  bssl::ScopedEVP_MD_CTX ctx;
+
+  // Test the input provided.
+  if (!EVP_DigestInit_ex(ctx.get(), test->md.func(), NULL)) {
+    fprintf(stderr, "EVP_DigestInit_ex failed\n");
+    return false;
+  }
+  for (size_t i = 0; i < test->repeat; i++) {
+    if (!EVP_DigestUpdate(ctx.get(), test->input, strlen(test->input))) {
+      fprintf(stderr, "EVP_DigestUpdate failed\n");
+      return false;
+    }
+  }
+  std::unique_ptr<uint8_t[]> digest(new uint8_t[EVP_MD_size(test->md.func())]);
+  unsigned digest_len;
+  if (!EVP_DigestFinal_ex(ctx.get(), digest.get(), &digest_len)) {
+    fprintf(stderr, "EVP_DigestFinal_ex failed\n");
+    return false;
+  }
+  if (!CompareDigest(test, digest.get(), digest_len)) {
+    return false;
+  }
+
+  // Test the input one character at a time.
+  if (!EVP_DigestInit_ex(ctx.get(), test->md.func(), NULL)) {
+    fprintf(stderr, "EVP_DigestInit_ex failed\n");
+    return false;
+  }
+  if (!EVP_DigestUpdate(ctx.get(), NULL, 0)) {
+    fprintf(stderr, "EVP_DigestUpdate failed\n");
+    return false;
+  }
+  for (size_t i = 0; i < test->repeat; i++) {
+    for (const char *p = test->input; *p; p++) {
+      if (!EVP_DigestUpdate(ctx.get(), p, 1)) {
+        fprintf(stderr, "EVP_DigestUpdate failed\n");
+        return false;
+      }
+    }
+  }
+  if (!EVP_DigestFinal_ex(ctx.get(), digest.get(), &digest_len)) {
+    fprintf(stderr, "EVP_DigestFinal_ex failed\n");
+    return false;
+  }
+  if (digest_len != EVP_MD_size(test->md.func())) {
+    fprintf(stderr, "EVP_MD_size output incorrect\n");
+    return false;
+  }
+  if (!CompareDigest(test, digest.get(), digest_len)) {
+    return false;
+  }
+
+  // Test the one-shot function.
+  if (test->md.one_shot_func && test->repeat == 1) {
+    uint8_t *out = test->md.one_shot_func((const uint8_t *)test->input,
+                                          strlen(test->input), digest.get());
+    if (out != digest.get()) {
+      fprintf(stderr, "one_shot_func gave incorrect return\n");
+      return false;
+    }
+    if (!CompareDigest(test, digest.get(), EVP_MD_size(test->md.func()))) {
+      return false;
+    }
+
+    // Test the deprecated static buffer variant, until it's removed.
+    out = test->md.one_shot_func((const uint8_t *)test->input,
+                                 strlen(test->input), NULL);
+    if (!CompareDigest(test, out, EVP_MD_size(test->md.func()))) {
+      return false;
+    }
+  }
+
+  return true;
+}
+
+static int TestGetters() {
+  if (EVP_get_digestbyname("RSA-SHA512") != EVP_sha512() ||
+      EVP_get_digestbyname("sha512WithRSAEncryption") != EVP_sha512() ||
+      EVP_get_digestbyname("nonsense") != NULL ||
+      EVP_get_digestbyname("SHA512") != EVP_sha512() ||
+      EVP_get_digestbyname("sha512") != EVP_sha512()) {
+    return false;
+  }
+
+  if (EVP_get_digestbynid(NID_sha512) != EVP_sha512() ||
+      EVP_get_digestbynid(NID_sha512WithRSAEncryption) != NULL ||
+      EVP_get_digestbynid(NID_undef) != NULL) {
+    return false;
+  }
+
+  bssl::UniquePtr<ASN1_OBJECT> obj(OBJ_txt2obj("1.3.14.3.2.26", 0));
+  if (!obj ||
+      EVP_get_digestbyobj(obj.get()) != EVP_sha1() ||
+      EVP_get_digestbyobj(OBJ_nid2obj(NID_md5_sha1)) != EVP_md5_sha1() ||
+      EVP_get_digestbyobj(OBJ_nid2obj(NID_sha1)) != EVP_sha1()) {
+    return false;
+  }
+
+  return true;
+}
+
+int main() {
+  CRYPTO_library_init();
+
+  for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kTestVectors); i++) {
+    if (!TestDigest(&kTestVectors[i])) {
+      fprintf(stderr, "Test %d failed\n", (int)i);
+      return 1;
+    }
+  }
+
+  if (!TestGetters()) {
+    return 1;
+  }
+
+  printf("PASS\n");
+  return 0;
+}
diff --git a/roms/edk2/CryptoPkg/Library/OpensslLib/openssl/boringssl/crypto/digest/digests.c b/roms/edk2/CryptoPkg/Library/OpensslLib/openssl/boringssl/crypto/digest/digests.c
new file mode 100644
index 000000000..fd2a939ab
--- /dev/null
+++ b/roms/edk2/CryptoPkg/Library/OpensslLib/openssl/boringssl/crypto/digest/digests.c
@@ -0,0 +1,358 @@
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.] */
+
+#include <openssl/digest.h>
+
+#include <assert.h>
+#include <string.h>
+
+#include <openssl/asn1.h>
+#include <openssl/md4.h>
+#include <openssl/md5.h>
+#include <openssl/nid.h>
+#include <openssl/sha.h>
+
+#include "internal.h"
+#include "../internal.h"
+
+#if defined(NDEBUG)
+#define CHECK(x) (void) (x)
+#else
+#define CHECK(x) assert(x)
+#endif
+
+
+static void md4_init(EVP_MD_CTX *ctx) {
+  CHECK(MD4_Init(ctx->md_data));
+}
+
+static void md4_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
+  CHECK(MD4_Update(ctx->md_data, data, count));
+}
+
+static void md4_final(EVP_MD_CTX *ctx, uint8_t *out) {
+  CHECK(MD4_Final(out, ctx->md_data));
+}
+
+static const EVP_MD md4_md = {
+    NID_md4,    MD4_DIGEST_LENGTH, 0 /* flags */,       md4_init,
+    md4_update, md4_final,         64 /* block size */, sizeof(MD4_CTX),
+};
+
+const EVP_MD *EVP_md4(void) { return &md4_md; }
+
+
+static void md5_init(EVP_MD_CTX *ctx) {
+  CHECK(MD5_Init(ctx->md_data));
+}
+
+static void md5_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
+  CHECK(MD5_Update(ctx->md_data, data, count));
+}
+
+static void md5_final(EVP_MD_CTX *ctx, uint8_t *out) {
+  CHECK(MD5_Final(out, ctx->md_data));
+}
+
+static const EVP_MD md5_md = {
+    NID_md5,    MD5_DIGEST_LENGTH, 0 /* flags */,       md5_init,
+    md5_update, md5_final,         64 /* block size */, sizeof(MD5_CTX),
+};
+
+const EVP_MD *EVP_md5(void) { return &md5_md; }
+
+
+static void sha1_init(EVP_MD_CTX *ctx) {
+  CHECK(SHA1_Init(ctx->md_data));
+}
+
+static void sha1_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
+  CHECK(SHA1_Update(ctx->md_data, data, count));
+}
+
+static void sha1_final(EVP_MD_CTX *ctx, uint8_t *md) {
+  CHECK(SHA1_Final(md, ctx->md_data));
+}
+
+static const EVP_MD sha1_md = {
+    NID_sha1,    SHA_DIGEST_LENGTH, 0 /* flags */,       sha1_init,
+    sha1_update, sha1_final,        64 /* block size */, sizeof(SHA_CTX),
+};
+
+const EVP_MD *EVP_sha1(void) { return &sha1_md; }
+
+
+static void sha224_init(EVP_MD_CTX *ctx) {
+  CHECK(SHA224_Init(ctx->md_data));
+}
+
+static void sha224_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
+  CHECK(SHA224_Update(ctx->md_data, data, count));
+}
+
+static void sha224_final(EVP_MD_CTX *ctx, uint8_t *md) {
+  CHECK(SHA224_Final(md, ctx->md_data));
+}
+
+static const EVP_MD sha224_md = {
+    NID_sha224,          SHA224_DIGEST_LENGTH, 0 /* flags */,
+    sha224_init,         sha224_update,        sha224_final,
+    64 /* block size */, sizeof(SHA256_CTX),
+};
+
+const EVP_MD *EVP_sha224(void) { return &sha224_md; }
+
+
+static void sha256_init(EVP_MD_CTX *ctx) {
+  CHECK(SHA256_Init(ctx->md_data));
+}
+
+static void sha256_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
+  CHECK(SHA256_Update(ctx->md_data, data, count));
+}
+
+static void sha256_final(EVP_MD_CTX *ctx, uint8_t *md) {
+  CHECK(SHA256_Final(md, ctx->md_data));
+}
+
+static const EVP_MD sha256_md = {
+    NID_sha256,          SHA256_DIGEST_LENGTH, 0 /* flags */,
+    sha256_init,         sha256_update,        sha256_final,
+    64 /* block size */, sizeof(SHA256_CTX),
+};
+
+const EVP_MD *EVP_sha256(void) { return &sha256_md; }
+
+
+static void sha384_init(EVP_MD_CTX *ctx) {
+  CHECK(SHA384_Init(ctx->md_data));
+}
+
+static void sha384_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
+  CHECK(SHA384_Update(ctx->md_data, data, count));
+}
+
+static void sha384_final(EVP_MD_CTX *ctx, uint8_t *md) {
+  CHECK(SHA384_Final(md, ctx->md_data));
+}
+
+static const EVP_MD sha384_md = {
+    NID_sha384,           SHA384_DIGEST_LENGTH, 0 /* flags */,
+    sha384_init,          sha384_update,        sha384_final,
+    128 /* block size */, sizeof(SHA512_CTX),
+};
+
+const EVP_MD *EVP_sha384(void) { return &sha384_md; }
+
+
+static void sha512_init(EVP_MD_CTX *ctx) {
+  CHECK(SHA512_Init(ctx->md_data));
+}
+
+static void sha512_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
+  CHECK(SHA512_Update(ctx->md_data, data, count));
+}
+
+static void sha512_final(EVP_MD_CTX *ctx, uint8_t *md) {
+  CHECK(SHA512_Final(md, ctx->md_data));
+}
+
+static const EVP_MD sha512_md = {
+    NID_sha512,           SHA512_DIGEST_LENGTH, 0 /* flags */,
+    sha512_init,          sha512_update,        sha512_final,
+    128 /* block size */, sizeof(SHA512_CTX),
+};
+
+const EVP_MD *EVP_sha512(void) { return &sha512_md; }
+
+
+typedef struct {
+  MD5_CTX md5;
+  SHA_CTX sha1;
+} MD5_SHA1_CTX;
+
+static void md5_sha1_init(EVP_MD_CTX *md_ctx) {
+  MD5_SHA1_CTX *ctx = md_ctx->md_data;
+  CHECK(MD5_Init(&ctx->md5) && SHA1_Init(&ctx->sha1));
+}
+
+static void md5_sha1_update(EVP_MD_CTX *md_ctx, const void *data,
+                            size_t count) {
+  MD5_SHA1_CTX *ctx = md_ctx->md_data;
+  CHECK(MD5_Update(&ctx->md5, data, count) &&
+        SHA1_Update(&ctx->sha1, data, count));
+}
+
+static void md5_sha1_final(EVP_MD_CTX *md_ctx, uint8_t *out) {
+  MD5_SHA1_CTX *ctx = md_ctx->md_data;
+  CHECK(MD5_Final(out, &ctx->md5) &&
+        SHA1_Final(out + MD5_DIGEST_LENGTH, &ctx->sha1));
+}
+
+static const EVP_MD md5_sha1_md = {
+    NID_md5_sha1,
+    MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH,
+    0 /* flags */,
+    md5_sha1_init,
+    md5_sha1_update,
+    md5_sha1_final,
+    64 /* block size */,
+    sizeof(MD5_SHA1_CTX),
+};
+
+const EVP_MD *EVP_md5_sha1(void) { return &md5_sha1_md; }
+
+
+struct nid_to_digest {
+  int nid;
+  const EVP_MD* (*md_func)(void);
+  const char *short_name;
+  const char *long_name;
+};
+
+static const struct nid_to_digest nid_to_digest_mapping[] = {
+    {NID_md4, EVP_md4, SN_md4, LN_md4},
+    {NID_md5, EVP_md5, SN_md5, LN_md5},
+    {NID_sha1, EVP_sha1, SN_sha1, LN_sha1},
+    {NID_sha224, EVP_sha224, SN_sha224, LN_sha224},
+    {NID_sha256, EVP_sha256, SN_sha256, LN_sha256},
+    {NID_sha384, EVP_sha384, SN_sha384, LN_sha384},
+    {NID_sha512, EVP_sha512, SN_sha512, LN_sha512},
+    {NID_md5_sha1, EVP_md5_sha1, SN_md5_sha1, LN_md5_sha1},
+    /* As a remnant of signing |EVP_MD|s, OpenSSL returned the corresponding
+     * hash function when given a signature OID. To avoid unintended lax parsing
+     * of hash OIDs, this is no longer supported for lookup by OID or NID.
+     * Node.js, however, exposes |EVP_get_digestbyname|'s full behavior to
+     * consumers so we retain it there. */
+    {NID_undef, EVP_sha1, SN_dsaWithSHA, LN_dsaWithSHA},
+    {NID_undef, EVP_sha1, SN_dsaWithSHA1, LN_dsaWithSHA1},
+    {NID_undef, EVP_sha1, SN_ecdsa_with_SHA1, NULL},
+    {NID_undef, EVP_md5, SN_md5WithRSAEncryption, LN_md5WithRSAEncryption},
+    {NID_undef, EVP_sha1, SN_sha1WithRSAEncryption, LN_sha1WithRSAEncryption},
+    {NID_undef, EVP_sha224, SN_sha224WithRSAEncryption,
+     LN_sha224WithRSAEncryption},
+    {NID_undef, EVP_sha256, SN_sha256WithRSAEncryption,
+     LN_sha256WithRSAEncryption},
+    {NID_undef, EVP_sha384, SN_sha384WithRSAEncryption,
+     LN_sha384WithRSAEncryption},
+    {NID_undef, EVP_sha512, SN_sha512WithRSAEncryption,
+     LN_sha512WithRSAEncryption},
+};
+
+const EVP_MD* EVP_get_digestbynid(int nid) {
+  if (nid == NID_undef) {
+    /* Skip the |NID_undef| entries in |nid_to_digest_mapping|. */
+    return NULL;
+  }
+
+  for (unsigned i = 0; i < OPENSSL_ARRAY_SIZE(nid_to_digest_mapping); i++) {
+    if (nid_to_digest_mapping[i].nid == nid) {
+      return nid_to_digest_mapping[i].md_func();
+    }
+  }
+
+  return NULL;
+}
+
+static const struct {
+  uint8_t oid[9];
+  uint8_t oid_len;
+  const EVP_MD *(*md_func) (void);
+} kMDOIDs[] = {
+  /* 1.2.840.113549.2.4 */
+  { {0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x04}, 8, EVP_md4 },
+  /* 1.2.840.113549.2.5 */
+  { {0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x05}, 8, EVP_md5 },
+  /* 1.3.14.3.2.26 */
+  { {0x2b, 0x0e, 0x03, 0x02, 0x1a}, 5, EVP_sha1 },
+  /* 2.16.840.1.101.3.4.2.1 */
+  { {0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01}, 9, EVP_sha256 },
+  /* 2.16.840.1.101.3.4.2.2 */
+  { {0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02}, 9, EVP_sha384 },
+  /* 2.16.840.1.101.3.4.2.3 */
+  { {0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03}, 9, EVP_sha512 },
+  /* 2.16.840.1.101.3.4.2.4 */
+  { {0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04}, 9, EVP_sha224 },
+};
+
+const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *obj) {
+  /* Handle objects with no corresponding OID. */
+  if (obj->nid != NID_undef) {
+    return EVP_get_digestbynid(obj->nid);
+  }
+
+  for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kMDOIDs); i++) {
+    if (obj->length == kMDOIDs[i].oid_len &&
+        memcmp(obj->data, kMDOIDs[i].oid, obj->length) == 0) {
+      return kMDOIDs[i].md_func();
+    }
+  }
+
+  return NULL;
+}
+
+const EVP_MD *EVP_get_digestbyname(const char *name) {
+  for (unsigned i = 0; i < OPENSSL_ARRAY_SIZE(nid_to_digest_mapping); i++) {
+    const char *short_name = nid_to_digest_mapping[i].short_name;
+    const char *long_name = nid_to_digest_mapping[i].long_name;
+    if ((short_name && strcmp(short_name, name) == 0) ||
+        (long_name && strcmp(long_name, name) == 0)) {
+      return nid_to_digest_mapping[i].md_func();
+    }
+  }
+
+  return NULL;
+}
diff --git a/roms/edk2/CryptoPkg/Library/OpensslLib/openssl/boringssl/crypto/digest/internal.h b/roms/edk2/CryptoPkg/Library/OpensslLib/openssl/boringssl/crypto/digest/internal.h
new file mode 100644
index 000000000..e3d812ad8
--- /dev/null
+++ b/roms/edk2/CryptoPkg/Library/OpensslLib/openssl/boringssl/crypto/digest/internal.h
@@ -0,0 +1,112 @@
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.] */
+
+#ifndef OPENSSL_HEADER_DIGEST_INTERNAL_H
+#define OPENSSL_HEADER_DIGEST_INTERNAL_H
+
+#include <openssl/base.h>
+
+#if defined(__cplusplus)
+extern "C" {
+#endif
+
+
+struct env_md_st {
+  /* type contains a NID identifing the digest function. (For example,
+   * NID_md5.) */
+  int type;
+
+  /* md_size contains the size, in bytes, of the resulting digest. */
+  unsigned md_size;
+
+  /* flags contains the OR of |EVP_MD_FLAG_*| values. */
+  uint32_t flags;
+
+  /* init initialises the state in |ctx->md_data|. */
+  void (*init)(EVP_MD_CTX *ctx);
+
+  /* update hashes |len| bytes of |data| into the state in |ctx->md_data|. */
+  void (*update)(EVP_MD_CTX *ctx, const void *data, size_t count);
+
+  /* final completes the hash and writes |md_size| bytes of digest to |out|. */
+  void (*final)(EVP_MD_CTX *ctx, uint8_t *out);
+
+  /* block_size contains the hash's native block size. */
+  unsigned block_size;
+
+  /* ctx_size contains the size, in bytes, of the state of the hash function. */
+  unsigned ctx_size;
+};
+
+/* evp_md_pctx_ops contains function pointers to allow the |pctx| member of
+ * |EVP_MD_CTX| to be manipulated without breaking layering by calling EVP
+ * functions. */
+struct evp_md_pctx_ops {
+  /* free is called when an |EVP_MD_CTX| is being freed and the |pctx| also
+   * needs to be freed. */
+  void (*free) (EVP_PKEY_CTX *pctx);
+
+  /* dup is called when an |EVP_MD_CTX| is copied and so the |pctx| also needs
+   * to be copied. */
+  EVP_PKEY_CTX* (*dup) (EVP_PKEY_CTX *pctx);
+};
+
+
+#if defined(__cplusplus)
+}  /* extern C */
+#endif
+
+#endif  /* OPENSSL_HEADER_DIGEST_INTERNAL */
diff --git a/roms/edk2/CryptoPkg/Library/OpensslLib/openssl/boringssl/crypto/digest/md32_common.h b/roms/edk2/CryptoPkg/Library/OpensslLib/openssl/boringssl/crypto/digest/md32_common.h
new file mode 100644
index 000000000..45fe93951
--- /dev/null
+++ b/roms/edk2/CryptoPkg/Library/OpensslLib/openssl/boringssl/crypto/digest/md32_common.h
@@ -0,0 +1,274 @@
+/* ====================================================================
+ * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ==================================================================== */
+
+#ifndef OPENSSL_HEADER_MD32_COMMON_H
+#define OPENSSL_HEADER_MD32_COMMON_H
+
+#include <openssl/base.h>
+
+#include <assert.h>
+
+#include "../internal.h"
+
+#if defined(__cplusplus)
+extern "C" {
+#endif
+
+
+/* This is a generic 32-bit "collector" for message digest algorithms. It
+ * collects input character stream into chunks of 32-bit values and invokes the
+ * block function that performs the actual hash calculations. To make use of
+ * this mechanism, the following macros must be defined before including
+ * md32_common.h.
+ *
+ * One of |DATA_ORDER_IS_BIG_ENDIAN| or |DATA_ORDER_IS_LITTLE_ENDIAN| must be
+ * defined to specify the byte order of the input stream.
+ *
+ * |HASH_CBLOCK| must be defined as the integer block size, in bytes.
+ *
+ * |HASH_CTX| must be defined as the name of the context structure, which must
+ * have at least the following members:
+ *
+ *     typedef struct <name>_state_st {
+ *       uint32_t h[<chaining length> / sizeof(uint32_t)];
+ *       uint32_t Nl, Nh;
+ *       uint8_t data[HASH_CBLOCK];
+ *       unsigned num;
+ *       ...
+ *     } <NAME>_CTX;
+ *
+ * <chaining length> is the output length of the hash in bytes, before
+ * any truncation (e.g. 64 for SHA-224 and SHA-256, 128 for SHA-384 and
+ * SHA-512).
+ *
+ * |HASH_UPDATE| must be defined as the name of the "Update" function to
+ * generate.
+ *
+ * |HASH_TRANSFORM| must be defined as the  the name of the "Transform"
+ * function to generate.
+ *
+ * |HASH_FINAL| must be defined as the name of "Final" function to generate.
+ *
+ * |HASH_BLOCK_DATA_ORDER| must be defined as the name of the "Block" function.
+ * That function must be implemented manually. It must be capable of operating
+ * on *unaligned* input data in its original (data) byte order. It must have
+ * this signature:
+ *
+ *     void HASH_BLOCK_DATA_ORDER(uint32_t *state, const uint8_t *data,
+ *                                size_t num);
+ *
+ * It must update the hash state |state| with |num| blocks of data from |data|,
+ * where each block is |HASH_CBLOCK| bytes; i.e. |data| points to a array of
+ * |HASH_CBLOCK * num| bytes. |state| points to the |h| member of a |HASH_CTX|,
+ * and so will have |<chaining length> / sizeof(uint32_t)| elements.
+ *
+ * |HASH_MAKE_STRING(c, s)| must be defined as a block statement that converts
+ * the hash state |c->h| into the output byte order, storing the result in |s|.
+ */
+
+#if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN)
+#error "DATA_ORDER must be defined!"
+#endif
+
+#ifndef HASH_CBLOCK
+#error "HASH_CBLOCK must be defined!"
+#endif
+#ifndef HASH_CTX
+#error "HASH_CTX must be defined!"
+#endif
+
+#ifndef HASH_UPDATE
+#error "HASH_UPDATE must be defined!"
+#endif
+#ifndef HASH_TRANSFORM
+#error "HASH_TRANSFORM must be defined!"
+#endif
+#ifndef HASH_FINAL
+#error "HASH_FINAL must be defined!"
+#endif
+
+#ifndef HASH_BLOCK_DATA_ORDER
+#error "HASH_BLOCK_DATA_ORDER must be defined!"
+#endif
+
+#ifndef HASH_MAKE_STRING
+#error "HASH_MAKE_STRING must be defined!"
+#endif
+
+#if defined(DATA_ORDER_IS_BIG_ENDIAN)
+
+#define HOST_c2l(c, l)                     \
+  do {                                     \
+    (l) = (((uint32_t)(*((c)++))) << 24);  \
+    (l) |= (((uint32_t)(*((c)++))) << 16); \
+    (l) |= (((uint32_t)(*((c)++))) << 8);  \
+    (l) |= (((uint32_t)(*((c)++))));       \
+  } while (0)
+
+#define HOST_l2c(l, c)                        \
+  do {                                        \
+    *((c)++) = (uint8_t)(((l) >> 24) & 0xff); \
+    *((c)++) = (uint8_t)(((l) >> 16) & 0xff); \
+    *((c)++) = (uint8_t)(((l) >> 8) & 0xff);  \
+    *((c)++) = (uint8_t)(((l)) & 0xff);       \
+  } while (0)
+
+#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
+
+#define HOST_c2l(c, l)                     \
+  do {                                     \
+    (l) = (((uint32_t)(*((c)++))));        \
+    (l) |= (((uint32_t)(*((c)++))) << 8);  \
+    (l) |= (((uint32_t)(*((c)++))) << 16); \
+    (l) |= (((uint32_t)(*((c)++))) << 24); \
+  } while (0)
+
+#define HOST_l2c(l, c)                        \
+  do {                                        \
+    *((c)++) = (uint8_t)(((l)) & 0xff);       \
+    *((c)++) = (uint8_t)(((l) >> 8) & 0xff);  \
+    *((c)++) = (uint8_t)(((l) >> 16) & 0xff); \
+    *((c)++) = (uint8_t)(((l) >> 24) & 0xff); \
+  } while (0)
+
+#endif /* DATA_ORDER */
+
+int HASH_UPDATE(HASH_CTX *c, const void *data_, size_t len) {
+  const uint8_t *data = data_;
+
+  if (len == 0) {
+    return 1;
+  }
+
+  uint32_t l = c->Nl + (((uint32_t)len) << 3);
+  if (l < c->Nl) {
+    /* Handle carries. */
+    c->Nh++;
+  }
+  c->Nh += (uint32_t)(len >> 29);
+  c->Nl = l;
+
+  size_t n = c->num;
+  if (n != 0) {
+    if (len >= HASH_CBLOCK || len + n >= HASH_CBLOCK) {
+      OPENSSL_memcpy(c->data + n, data, HASH_CBLOCK - n);
+      HASH_BLOCK_DATA_ORDER(c->h, c->data, 1);
+      n = HASH_CBLOCK - n;
+      data += n;
+      len -= n;
+      c->num = 0;
+      /* Keep |c->data| zeroed when unused. */
+      OPENSSL_memset(c->data, 0, HASH_CBLOCK);
+    } else {
+      OPENSSL_memcpy(c->data + n, data, len);
+      c->num += (unsigned)len;
+      return 1;
+    }
+  }
+
+  n = len / HASH_CBLOCK;
+  if (n > 0) {
+    HASH_BLOCK_DATA_ORDER(c->h, data, n);
+    n *= HASH_CBLOCK;
+    data += n;
+    len -= n;
+  }
+
+  if (len != 0) {
+    c->num = (unsigned)len;
+    OPENSSL_memcpy(c->data, data, len);
+  }
+  return 1;
+}
+
+
+void HASH_TRANSFORM(HASH_CTX *c, const uint8_t *data) {
+  HASH_BLOCK_DATA_ORDER(c->h, data, 1);
+}
+
+
+int HASH_FINAL(uint8_t *md, HASH_CTX *c) {
+  /* |c->data| always has room for at least one byte. A full block would have
+   * been consumed. */
+  size_t n = c->num;
+  assert(n < HASH_CBLOCK);
+  c->data[n] = 0x80;
+  n++;
+
+  /* Fill the block with zeros if there isn't room for a 64-bit length. */
+  if (n > (HASH_CBLOCK - 8)) {
+    OPENSSL_memset(c->data + n, 0, HASH_CBLOCK - n);
+    n = 0;
+    HASH_BLOCK_DATA_ORDER(c->h, c->data, 1);
+  }
+  OPENSSL_memset(c->data + n, 0, HASH_CBLOCK - 8 - n);
+
+  /* Append a 64-bit length to the block and process it. */
+  uint8_t *p = c->data + HASH_CBLOCK - 8;
+#if defined(DATA_ORDER_IS_BIG_ENDIAN)
+  HOST_l2c(c->Nh, p);
+  HOST_l2c(c->Nl, p);
+#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
+  HOST_l2c(c->Nl, p);
+  HOST_l2c(c->Nh, p);
+#endif
+  assert(p == c->data + HASH_CBLOCK);
+  HASH_BLOCK_DATA_ORDER(c->h, c->data, 1);
+  c->num = 0;
+  OPENSSL_memset(c->data, 0, HASH_CBLOCK);
+
+  HASH_MAKE_STRING(c, md);
+  return 1;
+}
+
+
+#if defined(__cplusplus)
+} /* extern C */
+#endif
+
+#endif /* OPENSSL_HEADER_MD32_COMMON_H */