/**
@fn int soap_smd_final(struct soap *soap, struct soap_smd_data *data, char *buf, int *len)
@brief Finalizes (signed) digest computation and returns digest or signature.
@param soap context
@param[in,out] data smdevp engine context
@param[in] buf contains signature for verification (SOAP_SMD_VRFY algorithms)
@param[out] buf is populated with the digest or signature
@param[in] len points to length of signature to verify (SOAP_SMD_VRFY algorithms)
@param[out] len points to length of stored digest or signature (pass NULL if you are not interested in this value)
@return SOAP_OK or SOAP_SSL_ERROR
*/
int
soap_smd_final(struct soap *soap, struct soap_smd_data *data, char *buf, int *len)
{ unsigned int n = 0;
int ok = 1;
if (!data->ctx)
return soap_set_receiver_error(soap, "soap_smd_final() failed", "No context", SOAP_SSL_ERROR);
if (buf)
{ /* finalize the digest or signature computation */
switch (data->alg & SOAP_SMD_ALGO)
{ case SOAP_SMD_HMAC:
HMAC_Final((HMAC_CTX*)data->ctx, (unsigned char*)buf, &n);
break;
case SOAP_SMD_DGST:
EVP_DigestFinal_ex((EVP_MD_CTX*)data->ctx, (unsigned char*)buf, &n);
break;
case SOAP_SMD_SIGN:
ok = EVP_SignFinal((EVP_MD_CTX*)data->ctx, (unsigned char*)buf, &n, (EVP_PKEY*)data->key);
break;
case SOAP_SMD_VRFY:
if (len)
{ n = (unsigned int)*len;
ok = EVP_VerifyFinal((EVP_MD_CTX*)data->ctx, (unsigned char*)buf, n, (EVP_PKEY*)data->key);
}
else
ok = 0;
break;
}
DBGLOG(TEST, SOAP_MESSAGE(fdebug, "-- SMD Final alg=%x (%p) %d bytes--\n", data->alg, data->ctx, n));
DBGHEX(TEST, buf, n);
DBGLOG(TEST, SOAP_MESSAGE(fdebug, "\n--"));
/* pass back length of digest or signature produced */
if (len)
*len = (int)n;
}
/* cleanup */
if ((data->alg & SOAP_SMD_ALGO) == SOAP_SMD_HMAC)
HMAC_CTX_cleanup((HMAC_CTX*)data->ctx);
else
EVP_MD_CTX_cleanup((EVP_MD_CTX*)data->ctx);
SOAP_FREE(soap, data->ctx);
data->ctx = NULL;
/* check and return */
return soap_smd_check(soap, data, ok, "soap_smd_final() failed");
}
static int block_in(BIO *b)
{
BIO_OK_CTX *ctx;
EVP_MD_CTX *md;
unsigned long tl = 0;
unsigned char tmp[EVP_MAX_MD_SIZE];
int md_size;
ctx = BIO_get_data(b);
md = ctx->md;
md_size = EVP_MD_size(EVP_MD_CTX_md(md));
assert(sizeof(tl) >= OK_BLOCK_BLOCK); /* always true */
tl = ctx->buf[0];
tl <<= 8;
tl |= ctx->buf[1];
tl <<= 8;
tl |= ctx->buf[2];
tl <<= 8;
tl |= ctx->buf[3];
if (ctx->buf_len < tl + OK_BLOCK_BLOCK + md_size)
return 1;
if (!EVP_DigestUpdate(md,
(unsigned char *)&(ctx->buf[OK_BLOCK_BLOCK]), tl))
goto berr;
if (!EVP_DigestFinal_ex(md, tmp, NULL))
goto berr;
if (memcmp(&(ctx->buf[tl + OK_BLOCK_BLOCK]), tmp, md_size) == 0) {
/* there might be parts from next block lurking around ! */
ctx->buf_off_save = tl + OK_BLOCK_BLOCK + md_size;
ctx->buf_len_save = ctx->buf_len;
ctx->buf_off = OK_BLOCK_BLOCK;
ctx->buf_len = tl + OK_BLOCK_BLOCK;
ctx->blockout = 1;
} else {
ctx->cont = 0;
}
return 1;
berr:
BIO_clear_retry_flags(b);
return 0;
}
size_t ssl3_final_finish_mac(SSL *s, const char *sender, size_t len,
unsigned char *p)
{
int ret;
EVP_MD_CTX *ctx = NULL;
if (!ssl3_digest_cached_records(s, 0))
return 0;
if (EVP_MD_CTX_type(s->s3->handshake_dgst) != NID_md5_sha1) {
SSLerr(SSL_F_SSL3_FINAL_FINISH_MAC, SSL_R_NO_REQUIRED_DIGEST);
return 0;
}
ctx = EVP_MD_CTX_new();
if (ctx == NULL) {
SSLerr(SSL_F_SSL3_FINAL_FINISH_MAC, ERR_R_MALLOC_FAILURE);
return 0;
}
if (!EVP_MD_CTX_copy_ex(ctx, s->s3->handshake_dgst)) {
SSLerr(SSL_F_SSL3_FINAL_FINISH_MAC, ERR_R_INTERNAL_ERROR);
return 0;
}
ret = EVP_MD_CTX_size(ctx);
if (ret < 0) {
EVP_MD_CTX_reset(ctx);
return 0;
}
if ((sender != NULL && EVP_DigestUpdate(ctx, sender, len) <= 0)
|| EVP_MD_CTX_ctrl(ctx, EVP_CTRL_SSL3_MASTER_SECRET,
(int)s->session->master_key_length,
s->session->master_key) <= 0
|| EVP_DigestFinal_ex(ctx, p, NULL) <= 0) {
SSLerr(SSL_F_SSL3_FINAL_FINISH_MAC, ERR_R_INTERNAL_ERROR);
ret = 0;
}
EVP_MD_CTX_free(ctx);
return ret;
}
/**
* Return the SHA-512 based hash.
*/
char * hash_string(char *inbytes, size_t inLen, size_t *wroteBytes) {
unsigned char md_value[EVP_MAX_MD_SIZE];
unsigned int md_len;
mdctx = EVP_MD_CTX_create();
EVP_DigestInit_ex(mdctx, md,NULL);
EVP_DigestUpdate(mdctx,inbytes,inLen);
EVP_DigestFinal_ex(mdctx, md_value, &md_len);
char *outputBuffer = (char *)malloc(sizeof(char) * 64);
for(int i=0; i<SHA512_DIGEST_LENGTH; i++) {
outputBuffer[i] = md_value[i];
}
if (wroteBytes != NULL) {
*wroteBytes = 512;
}
EVP_MD_CTX_destroy(mdctx);
return outputBuffer;
}
int
tc_sha1_digest_one(unsigned char *dest, unsigned int dest_len,
const unsigned char *seed, unsigned int seed_len)
{
unsigned int sha1_value_len;
unsigned char sha1_value[EVP_MAX_MD_SIZE];
if (!sha1_init) {
return 0;
}
EVP_DigestInit_ex(&sha1_ctx, md, NULL);
EVP_DigestUpdate(&sha1_ctx, seed, seed_len);
EVP_DigestFinal_ex(&sha1_ctx, sha1_value, &sha1_value_len);
tc_tailor(dest, dest_len, sha1_value, sha1_value_len);
return 1;
}
static void block_out(BIO* b)
{
BIO_OK_CTX *ctx;
EVP_MD_CTX *md;
unsigned long tl;
ctx=(BIO_OK_CTX *)b->ptr;
md=&ctx->md;
tl= ctx->buf_len- OK_BLOCK_BLOCK;
ctx->buf[0]=(unsigned char)(tl>>24);
ctx->buf[1]=(unsigned char)(tl>>16);
ctx->buf[2]=(unsigned char)(tl>>8);
ctx->buf[3]=(unsigned char)(tl);
EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl);
EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL);
ctx->buf_len+= md->digest->md_size;
ctx->blockout= 1;
}
void
md_reset( struct message_digest *md )
{
if ( md->md_ctx_status != MDCTX_READY ) {
if ( md->md_ctx_status == MDCTX_UNINITIALIZED ) {
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
md->md_ctx = EVP_MD_CTX_new( );
#else
md->md_ctx = EVP_MD_CTX_create( );
#endif /* OpenSSL 1.1.0 */
} else if ( md->md_ctx_status == MDCTX_IN_USE ) {
EVP_DigestFinal_ex( md->md_ctx, md->md_value, &md->md_len );
}
EVP_DigestInit_ex( md->md_ctx, simta_checksum_md, NULL );
md->md_ctx_status = MDCTX_READY;
md->md_ctx_bytes = 0;
}
}
BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N)
{
/* k = SHA1(PAD(A) || PAD(B) ) -- tls-srp draft 8 */
BIGNUM *u = NULL;
unsigned char cu[SHA_DIGEST_LENGTH];
unsigned char *cAB = NULL;
EVP_MD_CTX *ctxt = NULL;
int longN;
if ((A == NULL) || (B == NULL) || (N == NULL))
return NULL;
if (BN_ucmp(A, N) >= 0 || BN_ucmp(B, N) >= 0)
return NULL;
longN = BN_num_bytes(N);
ctxt = EVP_MD_CTX_new();
if (ctxt == NULL)
return NULL;
if ((cAB = OPENSSL_malloc(2 * longN)) == NULL)
goto err;
memset(cAB, 0, longN);
EVP_DigestInit_ex(ctxt, EVP_sha1(), NULL);
EVP_DigestUpdate(ctxt, cAB + BN_bn2bin(A, cAB + longN), longN);
EVP_DigestUpdate(ctxt, cAB + BN_bn2bin(B, cAB + longN), longN);
OPENSSL_free(cAB);
EVP_DigestFinal_ex(ctxt, cu, NULL);
if ((u = BN_bin2bn(cu, sizeof(cu), NULL)) == NULL)
goto err;
if (BN_is_zero(u)) {
BN_free(u);
u = NULL;
}
err:
EVP_MD_CTX_free(ctxt);
return u;
}
static int digest_fdigest(lua_State *L)
{
const char *type_name = luaL_checkstring(L, 2);
const EVP_MD *type = EVP_get_digestbyname(type_name);
const char *s = luaL_checkstring(L, 3);
unsigned char digest[EVP_MAX_MD_SIZE];
unsigned int written = 0;
EVP_MD_CTX *c;
if (type == NULL) {
luaL_argerror(L, 1, "invalid digest type");
return 0;
}
c = EVP_MD_CTX_create();
if (!EVP_DigestInit_ex(c, type, NULL)) {
EVP_MD_CTX_destroy(c);
return crypto_error(L);
}
if (!EVP_DigestUpdate(c, s, lua_strlen(L, 3))) {
EVP_MD_CTX_destroy(c);
return crypto_error(L);
}
if (!EVP_DigestFinal_ex(c, digest, &written)) {
EVP_MD_CTX_destroy(c);
return crypto_error(L);
}
EVP_MD_CTX_destroy(c);
if (lua_toboolean(L, 4))
lua_pushlstring(L, (char *)digest, written);
else {
char *hex = (char*)calloc(sizeof(char), written*2 + 1);
unsigned int i;
for (i = 0; i < written; i++)
sprintf(hex + 2*i, "%02x", digest[i]);
lua_pushlstring(L, hex, written*2);
free(hex);
}
return 1;
}
int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen)
{
int sctx, r = 0;
if (ctx->pctx->pmeth->signctx)
sctx = 1;
else
sctx = 0;
if (sigret)
{
EVP_MD_CTX tmp_ctx;
unsigned char md[EVP_MAX_MD_SIZE];
unsigned int mdlen;
EVP_MD_CTX_init(&tmp_ctx);
if (!EVP_MD_CTX_copy_ex(&tmp_ctx,ctx))
return 0;
if (sctx)
r = tmp_ctx.pctx->pmeth->signctx(tmp_ctx.pctx,
sigret, siglen, &tmp_ctx);
else
r = EVP_DigestFinal_ex(&tmp_ctx,md,&mdlen);
EVP_MD_CTX_cleanup(&tmp_ctx);
if (sctx || !r)
return r;
if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0)
return 0;
}
else
{
if (sctx)
{
if (ctx->pctx->pmeth->signctx(ctx->pctx, sigret, siglen, ctx) <= 0)
return 0;
}
else
{
int s = EVP_MD_size(ctx->digest);
if (s < 0 || EVP_PKEY_sign(ctx->pctx, sigret, siglen, NULL, s) <= 0)
return 0;
}
}
return 1;
}
int
cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify)
{
EVP_MD_CTX mctx;
unsigned char md[EVP_MAX_MD_SIZE];
unsigned int mdlen;
int r = 0;
CMS_DigestedData *dd;
EVP_MD_CTX_init(&mctx);
dd = cms->d.digestedData;
if (!cms_DigestAlgorithm_find_ctx(&mctx, chain, dd->digestAlgorithm))
goto err;
if (EVP_DigestFinal_ex(&mctx, md, &mdlen) <= 0)
goto err;
if (verify) {
if (mdlen != (unsigned int)dd->digest->length) {
CMSerr(CMS_F_CMS_DIGESTEDDATA_DO_FINAL,
CMS_R_MESSAGEDIGEST_WRONG_LENGTH);
goto err;
}
if (memcmp(md, dd->digest->data, mdlen))
CMSerr(CMS_F_CMS_DIGESTEDDATA_DO_FINAL,
CMS_R_VERIFICATION_FAILURE);
else
r = 1;
} else {
if (!ASN1_STRING_set(dd->digest, md, mdlen))
goto err;
r = 1;
}
err:
EVP_MD_CTX_cleanup(&mctx);
return r;
}
void openssl_evp_digest()
{
EVP_MD_CTX mdctx;
unsigned int md_len, i;
char author[] = "beike";
char msg[] = "openssl digest";
unsigned char md_value[EVP_MAX_MD_SIZE];
OpenSSL_add_all_algorithms();
EVP_MD_CTX_init(&mdctx);
EVP_DigestInit_ex(&mdctx, EVP_md5(), NULL);
EVP_DigestUpdate(&mdctx, msg, strlen(msg));
EVP_DigestUpdate(&mdctx, author, strlen(author));
EVP_DigestFinal_ex(&mdctx, md_value, &md_len);
printf("\nEVP_Digest(%s, %s) = ", msg, author);
for (i = 0; i < md_len; i++)
printf("0x%02x ", md_value[i]);
printf("\n");
EVP_MD_CTX_cleanup(&mdctx);
}
bool
tr_sha1_final (tr_sha1_ctx_t handle,
uint8_t * hash)
{
bool ret = true;
if (hash != NULL)
{
unsigned int hash_length;
assert (handle != NULL);
ret = check_result (EVP_DigestFinal_ex (handle, hash, &hash_length));
assert (!ret || hash_length == SHA_DIGEST_LENGTH);
}
EVP_MD_CTX_destroy (handle);
return ret;
}
int
digest_MD5_util(char * input, char * output_t) {
EVP_MD_CTX mdctx;
const EVP_MD *md;
int output_len;
unsigned char output[EVP_MAX_MD_SIZE];
OpenSSL_add_all_digests();
md = EVP_get_digestbyname("MD5");
EVP_MD_CTX_init(&mdctx);
EVP_DigestInit_ex(&mdctx, md, NULL);
EVP_DigestUpdate(&mdctx, input, strlen(input));
EVP_DigestFinal_ex(&mdctx, output, &output_len);
EVP_MD_CTX_cleanup(&mdctx);
strncpy(output_t, output, output_len);
output_t[output_len + 1] = 0;
return output_len;
}
char * Crypto_Digest_Hash (int count, char * algoName, char * data) {
count = count;
EVP_MD_CTX mdctx;
const EVP_MD *md;
unsigned char md_value [EVP_MAX_MD_SIZE];
unsigned int md_len;
OpenSSL_add_all_digests ();
md = EVP_get_digestbyname (algoName);
if (!md) return "";
EVP_MD_CTX_init (&mdctx);
EVP_DigestInit_ex (&mdctx, md, NULL);
EVP_DigestUpdate (&mdctx, data, strlen (data));
EVP_DigestFinal_ex (&mdctx, md_value, &md_len);
EVP_MD_CTX_cleanup (&mdctx);
return Crypto_Digest_MakeHexDigest (md_value, md_len);
}
int EVP_DigestSignFinal(EVP_MD_CTX *ctx, uint8_t *out_sig,
size_t *out_sig_len) {
if (out_sig) {
EVP_MD_CTX tmp_ctx;
int ret;
uint8_t md[EVP_MAX_MD_SIZE];
unsigned int mdlen;
EVP_MD_CTX_init(&tmp_ctx);
ret = EVP_MD_CTX_copy_ex(&tmp_ctx, ctx) &&
EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen) &&
EVP_PKEY_sign(ctx->pctx, out_sig, out_sig_len, md, mdlen);
EVP_MD_CTX_cleanup(&tmp_ctx);
return ret;
} else {
size_t s = EVP_MD_size(ctx->digest);
return EVP_PKEY_sign(ctx->pctx, out_sig, out_sig_len, NULL, s);
}
}
string md5(uint8_t *pBuffer, uint32_t length, bool textResult) {
EVP_MD_CTX mdctx;
unsigned char md_value[EVP_MAX_MD_SIZE];
unsigned int md_len;
EVP_DigestInit(&mdctx, EVP_md5());
EVP_DigestUpdate(&mdctx, pBuffer, length);
EVP_DigestFinal_ex(&mdctx, md_value, &md_len);
EVP_MD_CTX_cleanup(&mdctx);
if (textResult) {
string result = "";
for (uint32_t i = 0; i < md_len; i++) {
result += format("%02hhx", md_value[i]);
}
return result;
} else {
return string((char *) md_value, md_len);
}
}
/*****************get the Hash value with sha256****************************/
void getHash(char *msg, int len, char *hash) {
EVP_MD_CTX *mdctx;
const EVP_MD *md;
size_t md_len, i;
unsigned char md_value[EVP_MAX_MD_SIZE];
char hashname[] = "sha256";
OpenSSL_add_all_digests();
md = EVP_get_digestbyname(hashname);
if(!md) {
printf("Unknown message digest %s\n", hashname);
exit(1);
}
mdctx = EVP_MD_CTX_create();
EVP_DigestInit_ex(mdctx, md, NULL);
EVP_DigestUpdate(mdctx, msg, len);
EVP_DigestFinal_ex(mdctx, md_value, &md_len);
EVP_MD_CTX_destroy(mdctx);
memcpy(hash, md_value, HASHLEN);
}
nyx_error_t sha_finalize(char *dest, int *destlen)
{
if (running_mdctx == NULL)
{
return NYX_ERROR_INVALID_VALUE;
}
if (EVP_DigestFinal_ex(running_mdctx, (unsigned char *)dest,
(unsigned int *)destlen) != 1)
{
return NYX_ERROR_GENERIC;
}
EVP_MD_CTX_cleanup(running_mdctx);
EVP_MD_CTX_destroy(running_mdctx);
running_mdctx = NULL;
return NYX_ERROR_NONE;
}
unsigned long X509_NAME_hash_old(X509_NAME *x)
{
EVP_MD_CTX md_ctx;
unsigned long ret = 0;
unsigned char md[16];
/* Make sure X509_NAME structure contains valid cached encoding */
i2d_X509_NAME(x, NULL);
EVP_MD_CTX_init(&md_ctx);
EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
if (EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL)
&& EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length)
&& EVP_DigestFinal_ex(&md_ctx, md, NULL))
ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) |
((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)
) & 0xffffffffL;
EVP_MD_CTX_cleanup(&md_ctx);
return (ret);
}
static ssize_t evp_md_xlat(UNUSED void *instance, UNUSED REQUEST *request,
char const *fmt, char *out, size_t outlen, EVP_MD const *md)
{
uint8_t digest[EVP_MAX_MD_SIZE];
unsigned int digestlen, i, len;
ssize_t inlen;
uint8_t const *p;
EVP_MD_CTX *ctx;
/*
* We need room for at least one octet of output.
*/
if (outlen < 3) {
*out = '\0';
return 0;
}
inlen = xlat_fmt_to_ref(&p, request, fmt);
if (inlen < 0) {
return -1;
}
ctx = EVP_MD_CTX_create();
EVP_DigestInit_ex(ctx, md, NULL);
EVP_DigestUpdate(ctx, p, inlen);
EVP_DigestFinal_ex(ctx, digest, &digestlen);
EVP_MD_CTX_destroy(ctx);
/*
* Each digest octet takes two hex digits, plus one for
* the terminating NUL.
*/
len = (outlen / 2) - 1;
if (len > digestlen) len = digestlen;
for (i = 0; i < len; i++) {
snprintf(out + i * 2, 3, "%02x", digest[i]);
}
return strlen(out);
}
static int sig_in(BIO *b)
{
BIO_OK_CTX *ctx;
EVP_MD_CTX *md;
unsigned char tmp[EVP_MAX_MD_SIZE];
int ret = 0;
ctx = b->ptr;
md = &ctx->md;
if ((int)(ctx->buf_len - ctx->buf_off) < 2 * md->digest->md_size)
return 1;
if (!EVP_DigestInit_ex(md, md->digest, NULL))
goto berr;
memcpy(md->md_data, &(ctx->buf[ctx->buf_off]), md->digest->md_size);
longswap(md->md_data, md->digest->md_size);
ctx->buf_off += md->digest->md_size;
if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)))
goto berr;
if (!EVP_DigestFinal_ex(md, tmp, NULL))
goto berr;
ret = memcmp(&(ctx->buf[ctx->buf_off]), tmp, md->digest->md_size) == 0;
ctx->buf_off += md->digest->md_size;
if (ret == 1) {
ctx->sigio = 0;
if (ctx->buf_len != ctx->buf_off) {
memmove(ctx->buf, &(ctx->buf[ctx->buf_off]),
ctx->buf_len - ctx->buf_off);
}
ctx->buf_len -= ctx->buf_off;
ctx->buf_off = 0;
} else {
ctx->cont = 0;
}
return 1;
berr:
BIO_clear_retry_flags(b);
return 0;
}
static int sig_out(BIO *b)
{
BIO_OK_CTX *ctx;
EVP_MD_CTX *md;
const EVP_MD *digest;
int md_size;
void *md_data;
ctx = BIO_get_data(b);
md = ctx->md;
digest = EVP_MD_CTX_md(md);
md_size = EVP_MD_size(digest);
md_data = EVP_MD_CTX_md_data(md);
if (ctx->buf_len + 2 * md_size > OK_BLOCK_SIZE)
return 1;
if (!EVP_DigestInit_ex(md, digest, NULL))
goto berr;
/*
* FIXME: there's absolutely no guarantee this makes any sense at all,
* particularly now EVP_MD_CTX has been restructured.
*/
if (RAND_bytes(md_data, md_size) <= 0)
goto berr;
memcpy(&(ctx->buf[ctx->buf_len]), md_data, md_size);
longswap(&(ctx->buf[ctx->buf_len]), md_size);
ctx->buf_len += md_size;
if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)))
goto berr;
if (!EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL))
goto berr;
ctx->buf_len += md_size;
ctx->blockout = 1;
ctx->sigio = 0;
return 1;
berr:
BIO_clear_retry_flags(b);
return 0;
}
int md5_handler(struct soap *soap, void **context, enum md5_action action, char *buf, size_t len)
{ EVP_MD_CTX *ctx;
unsigned char hash[EVP_MAX_MD_SIZE];
unsigned int size;
switch (action)
{ case MD5_INIT:
soap_ssl_init();
if (!*context)
{ *context = (void*)SOAP_MALLOC(soap, sizeof(EVP_MD_CTX));
EVP_MD_CTX_init((EVP_MD_CTX*)*context);
}
ctx = (EVP_MD_CTX*)*context;
DBGLOG(TEST, SOAP_MESSAGE(fdebug, "-- MD5 Init %p\n", ctx));
EVP_DigestInit_ex(ctx, EVP_md5(), NULL);
break;
case MD5_UPDATE:
ctx = (EVP_MD_CTX*)*context;
DBGLOG(TEST, SOAP_MESSAGE(fdebug, "-- MD5 Update %p (%lu) --\n", ctx, (unsigned long)len));
DBGMSG(TEST, buf, len);
DBGLOG(TEST, SOAP_MESSAGE(fdebug, "\n--"));
EVP_DigestUpdate(ctx, (const void*)buf, (unsigned int)len);
break;
case MD5_FINAL:
ctx = (EVP_MD_CTX*)*context;
EVP_DigestFinal_ex(ctx, (unsigned char*)hash, &size);
DBGLOG(TEST, SOAP_MESSAGE(fdebug, "-- MD5 Final %p --\n", ctx));
DBGHEX(TEST, hash, size);
DBGLOG(TEST, SOAP_MESSAGE(fdebug, "\n--"));
soap_memcpy((void*)buf, 16, (const void*)hash, 16);
break;
case MD5_DELETE:
ctx = (EVP_MD_CTX*)*context;
DBGLOG(TEST, SOAP_MESSAGE(fdebug, "-- MD5 Delete %p --\n", ctx));
if (ctx)
{ EVP_MD_CTX_cleanup(ctx);
SOAP_FREE(soap, ctx);
}
*context = NULL;
}
return SOAP_OK;
}
std::string EnigmaMachine::mdHash(std::string const& input)
{
const EVP_MD* md(EVP_sha1());
EVP_MD_CTX* mdContext(EVP_MD_CTX_create());
EVP_DigestInit_ex(mdContext, md, NULL);
// The input is hashed twice, with the seed used as salt
// for good measure.
EVP_DigestUpdate(mdContext, input.c_str(), input.size());
EVP_DigestUpdate(mdContext, &m_seed, sizeof(unsigned int));
EVP_DigestUpdate(mdContext, input.c_str(), input.size());
unsigned int mdLength;
BinaryData mdValue[EVP_MAX_MD_SIZE];
EVP_DigestFinal_ex(mdContext, mdValue, &mdLength);
EVP_MD_CTX_destroy(mdContext);
std::string hash;
for (unsigned int i = 0; i < mdLength; ++i) hash += charToHex(mdValue[i]);
return hash;
}
static int fips_dsa_sign(int type, const unsigned char *x, int y,
unsigned char *sig, unsigned int *siglen, EVP_MD_SVCTX *sv)
{
DSA *dsa = sv->key;
unsigned char dig[EVP_MAX_MD_SIZE];
unsigned int dlen;
DSA_SIG *s;
EVP_DigestFinal_ex(sv->mctx, dig, &dlen);
s=dsa->meth->dsa_do_sign(dig,dlen,dsa);
OPENSSL_cleanse(dig, dlen);
if (s == NULL)
{
*siglen=0;
return 0;
}
*siglen= FIPS_dsa_sig_encode(sig, s);
DSA_SIG_free(s);
if (*siglen < 0)
return 0;
return 1;
}
static int fips_dsa_verify(int type, const unsigned char *x, int y,
const unsigned char *sigbuf, unsigned int siglen, EVP_MD_SVCTX *sv)
{
DSA *dsa = sv->key;
DSA_SIG *s;
int ret=-1;
unsigned char dig[EVP_MAX_MD_SIZE];
unsigned int dlen;
s = DSA_SIG_new();
if (s == NULL)
return ret;
if (!FIPS_dsa_sig_decode(s,sigbuf,siglen))
goto err;
EVP_DigestFinal_ex(sv->mctx, dig, &dlen);
ret=dsa->meth->dsa_do_verify(dig,dlen,s,dsa);
OPENSSL_cleanse(dig, dlen);
err:
DSA_SIG_free(s);
return ret;
}
int cmeDigestFinal(EVP_MD_CTX **ctx, unsigned char *out, unsigned int *outl)
{
int result;
result=EVP_DigestFinal_ex(*ctx,out,outl);
cmeFree(*ctx);
if (result==0) //1= success, 0=failure
{
#ifdef ERROR_LOG
fprintf(stderr,"CaumeDSE Error: evpDigestFinal(), EVP_DigestFinal_ex() failure!\n");
#endif
return (1);
}
else
{
#ifdef DEBUG
fprintf(stdout,"CaumeDSE Debug: evpDigestFinal(), EVP_DigestFinal_ex() success.\n");
#endif
return (0);
}
}
/**
* Compute md5
*
* @param url the char*
* @return a char* representing the md5 of the url
* @warning make sure to free resources returned by this function
*/
char* getMd5(char* url){
EVP_MD_CTX md5ctx;
char* fresult=(char*)malloc((EVP_MAX_MD_SIZE+1)*sizeof(char));
unsigned char result[EVP_MAX_MD_SIZE];
unsigned int len;
EVP_DigestInit(&md5ctx, EVP_md5());
EVP_DigestUpdate(&md5ctx, url, strlen(url));
EVP_DigestFinal_ex(&md5ctx,result,&len);
EVP_MD_CTX_cleanup(&md5ctx);
int i;
for(i = 0; i < len; i++){
if(i>0){
char *tmp=strdup(fresult);
sprintf(fresult,"%s%02x", tmp,result[i]);
free(tmp);
}
else
sprintf(fresult,"%02x",result[i]);
}
return fresult;
}
/*
* call-seq:
* digest.finish -> aString
*
*/
static VALUE
ossl_digest_finish(int argc, VALUE *argv, VALUE self)
{
EVP_MD_CTX *ctx;
VALUE str;
rb_scan_args(argc, argv, "01", &str);
GetDigest(self, ctx);
if (NIL_P(str)) {
str = rb_str_new(NULL, EVP_MD_CTX_size(ctx));
} else {
StringValue(str);
rb_str_resize(str, EVP_MD_CTX_size(ctx));
}
EVP_DigestFinal_ex(ctx, (unsigned char *)RSTRING_PTR(str), NULL);
return str;
}