*/
#include "hashBox.h"
#include "lib/base.h"
static struct {
const char *name;
const EVP_MD *md;
} hashalgos[] = {
{ "MD 5", EVP_md5() },
{ "SHA 1", EVP_sha1() },
{ "SHA 256", EVP_sha256() },
{ "SHA 384", EVP_sha384() },
{ "SHA 512", EVP_sha512() },
{ "RIPEMD 160", EVP_ripemd160() },
};
QString hashBox::default_md = QString(hashalgos[1].name); /* SHA1 */
hashBox::hashBox(QWidget *parent)
:QComboBox(parent)
{
setupAllHashes();
setDefaultHash();
}
void hashBox::setKeyType(int type)
{
key_type = type;
}
CK_RV PKCS11_Digest_OpenSSL::DigestInit(Cryptoki_Session_Context* pSessionCtx, CK_MECHANISM_PTR pMechanism)
{
OPENSSL_HEADER();
OpenSSLDigestData* pDigData;
const EVP_MD* pDigest;
CK_OBJECT_HANDLE hKey = CK_OBJECT_HANDLE_INVALID;
bool isHMAC = false;
if(pSessionCtx == NULL) return CKR_SESSION_CLOSED;
if(pSessionCtx->DigestCtx != NULL) return CKR_SESSION_PARALLEL_NOT_SUPPORTED; // another digest is in progress
pDigData = (OpenSSLDigestData*)TINYCLR_SSL_MALLOC(sizeof(*pDigData));
if(pDigData == NULL) return CKR_DEVICE_MEMORY;
TINYCLR_SSL_MEMSET(pDigData, 0, sizeof(*pDigData));
EVP_MD_CTX_init(&pDigData->CurrentCtx);
switch(pMechanism->mechanism)
{
case CKM_SHA_1:
pDigest = EVP_sha1();
break;
case CKM_SHA224:
pDigest = EVP_sha224();
break;
case CKM_SHA256:
pDigest = EVP_sha256();
break;
case CKM_SHA384:
pDigest = EVP_sha384();
break;
case CKM_SHA512:
pDigest = EVP_sha512();
break;
case CKM_MD5:
pDigest = EVP_md5();
break;
case CKM_RIPEMD160:
pDigest = EVP_ripemd160();
break;
case CKM_MD5_HMAC:
pDigest = EVP_md5();
isHMAC = true;
break;
case CKM_SHA_1_HMAC:
pDigest = EVP_sha1();
isHMAC = true;
break;
case CKM_SHA256_HMAC:
pDigest = EVP_sha256();
isHMAC = true;
break;
case CKM_SHA384_HMAC:
pDigest = EVP_sha384();
isHMAC = true;
break;
case CKM_SHA512_HMAC:
pDigest = EVP_sha512();
isHMAC = true;
break;
case CKM_RIPEMD160_HMAC:
pDigest = EVP_ripemd160();
isHMAC = true;
break;
default:
OPENSSL_SET_AND_LEAVE(CKR_MECHANISM_INVALID);
}
if(isHMAC)
{
if(pMechanism->pParameter != NULL && pMechanism->ulParameterLen == sizeof(CK_OBJECT_HANDLE))
{
hKey = SwapEndianIfBEc32(*(CK_OBJECT_HANDLE*)pMechanism->pParameter);
}
else
{
OPENSSL_SET_AND_LEAVE(CKR_MECHANISM_PARAM_INVALID);
}
pDigData->HmacKey = PKCS11_Keys_OpenSSL::GetKeyFromHandle(pSessionCtx, hKey, TRUE);
if(pDigData->HmacKey==NULL) OPENSSL_SET_AND_LEAVE(CKR_MECHANISM_PARAM_INVALID);
pDigData->HmacCtx.md = pDigest;
OPENSSL_CHECKRESULT(HMAC_Init(&pDigData->HmacCtx, pDigData->HmacKey->key, pDigData->HmacKey->size/8, pDigData->HmacCtx.md));
}
else
{
OPENSSL_CHECKRESULT(EVP_DigestInit_ex(&pDigData->CurrentCtx, pDigest, NULL));
}
pSessionCtx->DigestCtx = pDigData;
OPENSSL_CLEANUP();
if(retVal != CKR_OK && pDigData != NULL)
{
TINYCLR_SSL_FREE(pDigData);
}
OPENSSL_RETURN();
}
static int
xmlSecOpenSSLEvpSignatureInitialize(xmlSecTransformPtr transform) {
xmlSecOpenSSLEvpSignatureCtxPtr ctx;
xmlSecAssert2(xmlSecOpenSSLEvpSignatureCheckId(transform), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpSignatureSize), -1);
ctx = xmlSecOpenSSLEvpSignatureGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
memset(ctx, 0, sizeof(xmlSecOpenSSLEvpSignatureCtx));
#ifndef XMLSEC_NO_DSA
#ifndef XMLSEC_NO_SHA1
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformDsaSha1Id)) {
ctx->digest = xmlSecOpenSSLDsaSha1Evp();
ctx->keyId = xmlSecOpenSSLKeyDataDsaId;
} else
#endif /* XMLSEC_NO_SHA1 */
#endif /* XMLSEC_NO_DSA */
#ifndef XMLSEC_NO_RSA
#ifndef XMLSEC_NO_MD5
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaMd5Id)) {
ctx->digest = EVP_md5();
ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
} else
#endif /* XMLSEC_NO_MD5 */
#ifndef XMLSEC_NO_RIPEMD160
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaRipemd160Id)) {
ctx->digest = EVP_ripemd160();
ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
} else
#endif /* XMLSEC_NO_RIPEMD160 */
#ifndef XMLSEC_NO_SHA1
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha1Id)) {
ctx->digest = EVP_sha1();
ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
} else
#endif /* XMLSEC_NO_SHA1 */
#ifndef XMLSEC_NO_SHA224
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha224Id)) {
ctx->digest = EVP_sha224();
ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
} else
#endif /* XMLSEC_NO_SHA224 */
#ifndef XMLSEC_NO_SHA256
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha256Id)) {
ctx->digest = EVP_sha256();
ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
} else
#endif /* XMLSEC_NO_SHA256 */
#ifndef XMLSEC_NO_SHA384
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha384Id)) {
ctx->digest = EVP_sha384();
ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
} else
#endif /* XMLSEC_NO_SHA384 */
#ifndef XMLSEC_NO_SHA512
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha512Id)) {
ctx->digest = EVP_sha512();
ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
} else
#endif /* XMLSEC_NO_SHA512 */
#endif /* XMLSEC_NO_RSA */
if(1) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
NULL,
XMLSEC_ERRORS_R_INVALID_TRANSFORM,
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
#ifndef XMLSEC_OPENSSL_096
EVP_MD_CTX_init(&(ctx->digestCtx));
#endif /* XMLSEC_OPENSSL_096 */
return(0);
}
static int
__archive_openssl_ripemd160init(archive_rmd160_ctx *ctx)
{
EVP_DigestInit(ctx, EVP_ripemd160());
return (ARCHIVE_OK);
}
int
main(int argc, char **argv, char **envp)
{
#if 0
const char *algorithm = NULL;
#else
const char *algorithm = "md5";
#endif
const char *key = NULL;
const char *msg = NULL;
const char *signature = NULL;
#if 0
const char *type = NULL;
#else
const char *type = "rsa";
#endif
xxxflag = false;
if(!(prog = basename(argv[0]))) {
fprintf(stderr, "err: basename: %s -- %s\n",
strerror(errno), argv[0]);
return(-1);
/* NOTREACHED */
}
{
int ch = 0;
#if 0
while((ch = getopt(argc, argv, "a:k:m:s:t:@")) != -1) {
#else
while((ch = getopt(argc, argv, "k:m:s:@")) != -1) {
#endif
switch (ch) {
#if 0
case 'a':
algorithm = optarg;
break;
#endif
case 'k':
key = optarg;
break;
case 'm':
msg = optarg;
break;
case 's':
signature = optarg;
break;
#if 0
case 't':
type = optarg;
break;
#endif
case '@':
xxxflag = true;
break;
default:
usage();
/* NOTREACHED */
break;
}
}
argc -= optind;
argv += optind;
}
if(argc || !algorithm || !key || !msg || !type) {
usage();
/* NOTREACHED */
}
return(sigcomp_main(algorithm, key, msg, signature, type)? 0: -1);
/* NOTREACHED */
}
static bool
sigcomp_main(const char *const algorithm, const char *const key,
const char *const msg, const char *const signature,
const char *const type)
{
const EVP_MD *evp_md = NULL;
BIGNUM *bn_key = NULL;
BIGNUM *bn_msg = NULL;
BIGNUM *bn_signature = NULL;
ERR_load_crypto_strings();
if(!(evp_md = evp_md_with_algorithm(type, algorithm))) {
fprintf(stderr, "err: algorithm: %s -- "
"unknown algorithm for %s\n", algorithm, type);
return(sigcomp_return(false, bn_key, bn_msg, bn_signature));
}
/* key -> bn_key */
if(!(bn_key = BN_new())) {
openssl_strerror("BN_new");
return(sigcomp_return(false, bn_key, bn_msg, bn_signature));
}
if(!BN_hex2bn(&bn_key, (const char *)key)) {
openssl_strerror("BN_hex2bn");
return(sigcomp_return(false, bn_key, bn_msg, bn_signature));
}
/* msg -> bn_msg */
if(!(bn_msg = BN_new())) {
openssl_strerror("BN_new");
return(sigcomp_return(false, bn_key, bn_msg, bn_signature));
}
if(!BN_hex2bn(&bn_msg, (const char *)msg)) {
openssl_strerror("BN_hex2bn");
return(sigcomp_return(false, bn_key, bn_msg, bn_signature));
}
if(signature) {
/* signature -> bn_signature */
if(!(bn_signature = BN_new())) {
openssl_strerror("BN_new");
return(sigcomp_return(false,
bn_key, bn_msg, bn_signature));
}
if(!BN_hex2bn(&bn_signature, (const char *)signature)) {
openssl_strerror("BN_hex2bn");
return(sigcomp_return(false,
bn_key, bn_msg, bn_signature));
}
if(!sigcomp_vrfy(evp_md, bn_key, bn_msg, bn_signature, type)) {
return(sigcomp_return(false,
bn_key, bn_msg, bn_signature));
}
} else {
if(!sigcomp_sign(evp_md, bn_key, bn_msg, type)) {
return(sigcomp_return(false,
bn_key, bn_msg, bn_signature));
}
}
return(sigcomp_return(true, bn_key, bn_msg, bn_signature));
}
static bool
sigcomp_return(const bool code,
BIGNUM *bn_key, BIGNUM *bn_msg, BIGNUM *bn_signature)
{
if(bn_signature) {
BN_free(bn_signature); bn_signature = NULL;
}
if(bn_msg) {
BN_free(bn_msg); bn_msg = NULL;
}
if(bn_key) {
BN_free(bn_key); bn_key = NULL;
}
return(code);
}
static bool
sigcomp_sign(const EVP_MD *const evp_md, const BIGNUM *const bn_key,
const BIGNUM *const bn_msg, const char *const type)
{
EVP_PKEY *pkey = NULL;
unsigned char *key = NULL;
unsigned char *msg = NULL;
unsigned char *signature = NULL;
unsigned char *ptr = NULL;
int keylen = 0;
int msglen = 0;
int signaturelen = 0;
int padding = 0;
/* bn_key -> key */
if(!(keylen = BN_num_bytes(bn_key))) {
openssl_strerror("BN_num_bytes");
return(sigcomp_sign_return(false, key, msg, signature, pkey));
}
if(!(key = (unsigned char *)malloc(keylen))) {
fprintf(stderr, "err: malloc: %s\n", strerror(errno));
return(sigcomp_sign_return(false, key, msg, signature, pkey));
}
if(BN_bn2bin(bn_key, key) != keylen) {
openssl_strerror("BN_bn2bin");
return(sigcomp_sign_return(false, key, msg, signature, pkey));
}
#ifdef DEBUG
dmp(stderr, "key", key, keylen);
#endif // DEBUG
/* bn_msg -> msg */
if(!(msglen = BN_num_bytes(bn_msg))) {
openssl_strerror("BN_num_bytes");
return(sigcomp_sign_return(false, key, msg, signature, pkey));
}
if(!(msg = (unsigned char *)malloc(msglen))) {
fprintf(stderr, "err: malloc: %s\n", strerror(errno));
return(sigcomp_sign_return(false, key, msg, signature, pkey));
}
if(BN_bn2bin(bn_msg, msg) != msglen) {
openssl_strerror("BN_bn2bin");
return(sigcomp_sign_return(false, key, msg, signature, pkey));
}
#ifdef DEBUG
dmp(stderr, "msg", msg, msglen);
#endif // DEBUG
ptr = key;
for( ; ; ) {
if(!strcmp(type, "rsa")) {
#if defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x0090800fL)
if(!(pkey = d2i_PrivateKey(EVP_PKEY_RSA,
NULL, (const unsigned char **)&ptr, keylen))) {
#else
if(!(pkey = d2i_PrivateKey(EVP_PKEY_RSA,
NULL, &ptr, keylen))) {
#endif
openssl_strerror("d2i_PrivateKey");
return(sigcomp_sign_return(false,
key, msg, signature, pkey));
}
signaturelen = RSA_size(pkey->pkey.rsa);
padding = RSA_PKCS1_PADDING;
break;
}
if(!strcmp(type, "dsa")) {
#if defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x0090800fL)
if(!(pkey = d2i_PrivateKey(EVP_PKEY_DSA,
NULL, (const unsigned char **)&ptr, keylen))) {
#else
if(!(pkey = d2i_PrivateKey(EVP_PKEY_DSA,
NULL, &ptr, keylen))) {
#endif
openssl_strerror("d2i_PrivateKey");
return(sigcomp_sign_return(false,
key, msg, signature, pkey));
}
fprintf(stderr, "err: type: %s -- not implemented\n",
type);
return(sigcomp_sign_return(false,
key, msg, signature, pkey));
break;
}
fprintf(stderr, "err: type: %s -- unknown type\n",
type);
return(sigcomp_sign_return(false, key, msg, signature, pkey));
/* NOTREACHED */
}
if(!(signature = (unsigned char *)malloc(signaturelen))) {
fprintf(stderr, "err: malloc: %s\n", strerror(errno));
return(sigcomp_sign_return(false, key, msg, signature, pkey));
}
RSA_private_encrypt(msglen, msg, signature, pkey->pkey.rsa, padding);
#ifdef DEBUG
dmp(stderr, "signature", signature, signaturelen);
#endif // DEBUG
sigcomp_sign_dump(key, keylen, msg, msglen, signature, signaturelen);
return(sigcomp_sign_return(true, key, msg, signature, pkey));
}
static void
sigcomp_sign_dump(const unsigned char *const key, int keylen,
const unsigned char *const msg, int msglen,
const unsigned char *const signature, int signaturelen)
{
int d = 0;
if(xxxflag) {
#if 0 /* needless */
for(d = 0; d < msglen; d ++) {
printf("%02x", msg[d]);
}
#endif
for(d = 0; d < signaturelen; d ++) {
printf("%02x", signature[d]);
}
printf("\n");
return;
}
printf("log:SigCompSign_Results (length:%d)\n",
keylen + msglen + signaturelen);
printf("log:| PrivateKey (length:%d)\n", keylen);
printf("log:| | data = ");
for(d = 0; d < keylen; d ++) {
printf("%02x", key[d]);
}
printf("\n");
printf("log:| Message (length:%d)\n", msglen);
printf("log:| | data = ");
for(d = 0; d < msglen; d ++) {
printf("%02x", msg[d]);
}
printf("\n");
printf("log:| Signature (length:%d)\n",
signaturelen);
printf("log:| | data = ");
for(d = 0; d < signaturelen; d ++) {
printf("%02x", signature[d]);
}
printf("\n");
return;
}
static bool
sigcomp_sign_return(const bool code,
unsigned char *key, unsigned char *msg, unsigned char *signature,
EVP_PKEY *pkey)
{
if(pkey) {
EVP_PKEY_free(pkey); pkey = NULL;
}
if(signature) {
free(signature); signature = NULL;
}
if(msg) {
free(msg); msg = NULL;
}
if(key) {
free(key); key = NULL;
}
return(code);
}
static bool
sigcomp_vrfy(const EVP_MD *const evp_md, const BIGNUM *const bn_key,
const BIGNUM *const bn_msg,
const BIGNUM *const bn_signature, const char *const type)
{
EVP_PKEY *pkey = NULL;
unsigned char *key = NULL;
unsigned char *msg = NULL;
unsigned char *signature = NULL;
unsigned char *to = NULL;
unsigned char *ptr = NULL;
int keylen = 0;
int msglen = 0;
int signaturelen = 0;
int tolen = 0;
int padding = 0;
bool compare = true;
/* bn_key -> key */
if(!(keylen = BN_num_bytes(bn_key))) {
openssl_strerror("BN_num_bytes");
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
}
if(!(key = (unsigned char *)malloc(keylen))) {
fprintf(stderr, "err: malloc: %s\n", strerror(errno));
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
}
if(BN_bn2bin(bn_key, key) != keylen) {
openssl_strerror("BN_bn2bin");
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
}
#ifdef DEBUG
dmp(stderr, "key", key, keylen);
#endif // DEBUG
/* bn_msg -> msg */
if(!(msglen = BN_num_bytes(bn_msg))) {
openssl_strerror("BN_num_bytes");
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
}
if(!(msg = (unsigned char *)malloc(msglen))) {
fprintf(stderr, "err: malloc: %s\n", strerror(errno));
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
}
if(BN_bn2bin(bn_msg, msg) != msglen) {
openssl_strerror("BN_bn2bin");
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
}
#ifdef DEBUG
dmp(stderr, "msg", msg, msglen);
#endif // DEBUG
/* bn_signature -> signature */
if(!(signaturelen = BN_num_bytes(bn_signature))) {
openssl_strerror("BN_num_bytes");
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
}
if(!(signature = (unsigned char *)malloc(signaturelen))) {
fprintf(stderr, "err: malloc: %s\n", strerror(errno));
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
}
if(BN_bn2bin(bn_signature, signature) != signaturelen) {
openssl_strerror("BN_bn2bin");
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
}
#ifdef DEBUG
dmp(stderr, "signature", signature, signaturelen);
#endif // DEBUG
ptr = key;
for( ; ; ) {
if(!strcmp(type, "rsa")) {
#if defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x0090800fL)
if(!(pkey = d2i_PublicKey(EVP_PKEY_RSA,
NULL, (const unsigned char **)&ptr, keylen))) {
#else
if(!(pkey = d2i_PublicKey(EVP_PKEY_RSA,
NULL, &ptr, keylen))) {
#endif
openssl_strerror("d2i_PublicKey");
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
}
tolen = RSA_size(pkey->pkey.rsa);
padding = RSA_PKCS1_PADDING;
break;
}
if(!strcmp(type, "dsa")) {
#if defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x0090800fL)
if(!(pkey = d2i_PublicKey(EVP_PKEY_DSA,
NULL, (const unsigned char **)&ptr, keylen))) {
#else
if(!(pkey = d2i_PublicKey(EVP_PKEY_DSA,
NULL, &ptr, keylen))) {
#endif
openssl_strerror("d2i_PublicKey");
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
}
fprintf(stderr, "err: type: %s -- not implemented\n",
type);
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
/* NOTREACHED */
break;
}
fprintf(stderr, "err: type: %s -- unknown type\n",
type);
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
/* NOTREACHED */
}
if(!(to = (unsigned char *)malloc(tolen))) {
fprintf(stderr, "err: malloc: %s\n", strerror(errno));
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
}
if(RSA_public_decrypt(signaturelen,
signature, to, pkey->pkey.rsa, padding) < 0) {
openssl_strerror("RSA_public_decrypt");
return(sigcomp_vrfy_return(true,
key, msg, signature, to, pkey));
}
if(memcmp(msg, to, msglen)) {
compare = false;
}
sigcomp_vrfy_dump(compare, key, keylen,
msg, msglen, signature, signaturelen, to, tolen);
return(sigcomp_vrfy_return(true, key, msg, signature, to, pkey));
}
static void
sigcomp_vrfy_dump(const bool code, const unsigned char *const key, int keylen,
const unsigned char *const msg, int msglen,
const unsigned char *const signature, int signaturelen,
const unsigned char *const to, int tolen)
{
int d = 0;
printf("log:SigCompVrfy_Results (length:%d)\n",
keylen + msglen + signaturelen + tolen);
printf("log:| PublicKey (length:%d)\n", keylen);
printf("log:| | data = ");
for(d = 0; d < keylen; d ++) {
printf("%02x", key[d]);
}
printf("\n");
printf("log:| Message (length:%d)\n", msglen);
printf("log:| | data = ");
for(d = 0; d < msglen; d ++) {
printf("%02x", msg[d]);
}
printf("\n");
printf("log:| Signature (length:%d)\n",
signaturelen + tolen);
printf("log:| | status = %s\n",
code? "true": "false");
printf("log:| | Encrypted (length:%d)\n",
signaturelen);
printf("log:| | | data = ");
for(d = 0; d < signaturelen; d ++) {
printf("%02x", signature[d]);
}
printf("\n");
printf("log:| | Decrypted (length:%d)\n", tolen);
printf("log:| | | data = ");
for(d = 0; d < tolen; d ++) {
printf("%02x", to[d]);
}
printf("\n");
return;
}
static bool
sigcomp_vrfy_return(const bool code,
unsigned char *key, unsigned char *msg, unsigned char *signature,
unsigned char *to, EVP_PKEY *pkey)
{
if(pkey) {
EVP_PKEY_free(pkey); pkey = NULL;
}
if(to) {
free(to); to = NULL;
}
if(signature) {
free(signature); signature = NULL;
}
if(msg) {
free(msg); msg = NULL;
}
if(key) {
free(key); key = NULL;
}
return(code);
}
static const EVP_MD *
evp_md_with_algorithm(const char *const type, const char *const algorithm)
{
const EVP_MD *evp_md = NULL;
bool dsa = false;
bool rsa = false;
for( ; ; ) {
if(!strcmp(type, "dsa")) {
dsa = true;
break;
}
if(!strcmp(type, "rsa")) {
rsa = true;
break;
}
break;
}
for( ; ; ) {
if(dsa && !strcmp(algorithm, "dss1")) {
evp_md = EVP_dss1();
break;
}
if(rsa && !strcmp(algorithm, "md2")) {
evp_md = EVP_md2();
break;
}
if(rsa && !strcmp(algorithm, "md4")) {
evp_md = EVP_md4();
break;
}
if(rsa && !strcmp(algorithm, "md5")) {
evp_md = EVP_md5();
break;
}
#if ! defined(__linux__)
if(rsa && !strcmp(algorithm, "mdc2")) {
evp_md = EVP_mdc2();
break;
}
#endif
if(rsa && !strcmp(algorithm, "ripemd160")) {
evp_md = EVP_ripemd160();
break;
}
if(rsa && !strcmp(algorithm, "sha1")) {
evp_md = EVP_sha1();
break;
}
break;
}
return(evp_md);
}
static void
openssl_strerror(const char *const label)
{
unsigned long code = 0;
while((code = ERR_get_error())) {
fprintf(stderr, "err: %s: %s\n",
label, ERR_error_string(code, NULL));
}
return;
}
static int
xmlSecOpenSSLHmacInitialize(xmlSecTransformPtr transform) {
xmlSecOpenSSLHmacCtxPtr ctx;
xmlSecAssert2(xmlSecOpenSSLHmacCheckId(transform), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLHmacSize), -1);
ctx = xmlSecOpenSSLHmacGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
/* initialize context */
memset(ctx, 0, sizeof(xmlSecOpenSSLHmacCtx));
#ifndef XMLSEC_NO_SHA1
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacSha1Id)) {
ctx->hmacDgst = EVP_sha1();
} else
#endif /* XMLSEC_NO_SHA1 */
#ifndef XMLSEC_NO_SHA224
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacSha224Id)) {
ctx->hmacDgst = EVP_sha224();
} else
#endif /* XMLSEC_NO_SHA224 */
#ifndef XMLSEC_NO_SHA256
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacSha256Id)) {
ctx->hmacDgst = EVP_sha256();
} else
#endif /* XMLSEC_NO_SHA256 */
#ifndef XMLSEC_NO_SHA384
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacSha384Id)) {
ctx->hmacDgst = EVP_sha384();
} else
#endif /* XMLSEC_NO_SHA384 */
#ifndef XMLSEC_NO_SHA512
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacSha512Id)) {
ctx->hmacDgst = EVP_sha512();
} else
#endif /* XMLSEC_NO_SHA512 */
#ifndef XMLSEC_NO_RIPEMD160
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacRipemd160Id)) {
ctx->hmacDgst = EVP_ripemd160();
} else
#endif /* XMLSEC_NO_RIPEMD160 */
#ifndef XMLSEC_NO_MD5
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacMd5Id)) {
ctx->hmacDgst = EVP_md5();
} else
#endif /* XMLSEC_NO_MD5 */
{
xmlSecInvalidTransfromError(transform)
return(-1);
}
/* create hmac CTX */
ctx->hmacCtx = HMAC_CTX_new();
if(ctx->hmacCtx == NULL) {
xmlSecOpenSSLError("HMAC_CTX_new",
xmlSecTransformGetName(transform));
return(-1);
}
/* done */
return(0);
}
static int
xmlSecOpenSSLHmacInitialize(xmlSecTransformPtr transform) {
xmlSecOpenSSLHmacCtxPtr ctx;
xmlSecAssert2(xmlSecOpenSSLHmacCheckId(transform), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLHmacSize), -1);
ctx = xmlSecOpenSSLHmacGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
/* initialize context */
memset(ctx, 0, sizeof(xmlSecOpenSSLHmacCtx));
#ifndef XMLSEC_NO_SHA1
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacSha1Id)) {
ctx->hmacDgst = EVP_sha1();
} else
#endif /* XMLSEC_NO_SHA1 */
#ifndef XMLSEC_NO_SHA224
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacSha224Id)) {
ctx->hmacDgst = EVP_sha224();
} else
#endif /* XMLSEC_NO_SHA224 */
#ifndef XMLSEC_NO_SHA256
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacSha256Id)) {
ctx->hmacDgst = EVP_sha256();
} else
#endif /* XMLSEC_NO_SHA256 */
#ifndef XMLSEC_NO_SHA384
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacSha384Id)) {
ctx->hmacDgst = EVP_sha384();
} else
#endif /* XMLSEC_NO_SHA384 */
#ifndef XMLSEC_NO_SHA512
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacSha512Id)) {
ctx->hmacDgst = EVP_sha512();
} else
#endif /* XMLSEC_NO_SHA512 */
#ifndef XMLSEC_NO_RIPEMD160
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacRipemd160Id)) {
ctx->hmacDgst = EVP_ripemd160();
} else
#endif /* XMLSEC_NO_RIPEMD160 */
#ifndef XMLSEC_NO_MD5
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacMd5Id)) {
ctx->hmacDgst = EVP_md5();
} else
#endif /* XMLSEC_NO_MD5 */
{
xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
NULL,
XMLSEC_ERRORS_R_INVALID_TRANSFORM,
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
#ifndef XMLSEC_OPENSSL_096
HMAC_CTX_init(&(ctx->hmacCtx));
#endif /* XMLSEC_OPENSSL_096 */
return(0);
}
