int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx, const char *str, int slen, unsigned char *out) { unsigned int i; EVP_MD_CTX ctx; unsigned char buf[TLS_MD_MAX_CONST_SIZE+MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH]; unsigned char *q,buf2[12]; q=buf; memcpy(q,str,slen); q+=slen; EVP_MD_CTX_init(&ctx); EVP_MD_CTX_copy_ex(&ctx,in1_ctx); EVP_DigestFinal_ex(&ctx,q,&i); q+=i; EVP_MD_CTX_copy_ex(&ctx,in2_ctx); EVP_DigestFinal_ex(&ctx,q,&i); q+=i; tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(q-buf), s->session->master_key,s->session->master_key_length, out,buf2,sizeof buf2); EVP_MD_CTX_cleanup(&ctx); return sizeof buf2; }
int n_ssl3_mac(SSL *ssl, unsigned char *md, int send) { SSL3_RECORD *rec; unsigned char *mac_sec,*seq; EVP_MD_CTX md_ctx; const EVP_MD_CTX *hash; unsigned char *p,rec_char; unsigned int md_size; int npad; int t; if (send) { rec= &(ssl->s3->wrec); mac_sec= &(ssl->s3->write_mac_secret[0]); seq= &(ssl->s3->write_sequence[0]); hash=ssl->write_hash; } else { rec= &(ssl->s3->rrec); mac_sec= &(ssl->s3->read_mac_secret[0]); seq= &(ssl->s3->read_sequence[0]); hash=ssl->read_hash; } t=EVP_MD_CTX_size(hash); if (t < 0) return -1; md_size=t; npad=(48/md_size)*md_size; /* Chop the digest off the end :-) */ EVP_MD_CTX_init(&md_ctx); EVP_MD_CTX_copy_ex( &md_ctx,hash); EVP_DigestUpdate(&md_ctx,mac_sec,md_size); EVP_DigestUpdate(&md_ctx,ssl3_pad_1,npad); EVP_DigestUpdate(&md_ctx,seq,8); rec_char=rec->type; EVP_DigestUpdate(&md_ctx,&rec_char,1); p=md; s2n(rec->length,p); EVP_DigestUpdate(&md_ctx,md,2); EVP_DigestUpdate(&md_ctx,rec->input,rec->length); EVP_DigestFinal_ex( &md_ctx,md,NULL); EVP_MD_CTX_copy_ex( &md_ctx,hash); EVP_DigestUpdate(&md_ctx,mac_sec,md_size); EVP_DigestUpdate(&md_ctx,ssl3_pad_2,npad); EVP_DigestUpdate(&md_ctx,md,md_size); EVP_DigestFinal_ex( &md_ctx,md,&md_size); EVP_MD_CTX_cleanup(&md_ctx); ssl3_record_sequence_update(seq); return(md_size); }
int HMAC_CTX_copy_ex(HMAC_CTX *dest, const HMAC_CTX *src) { if (!EVP_MD_CTX_copy_ex(&dest->i_ctx, &src->i_ctx) || !EVP_MD_CTX_copy_ex(&dest->o_ctx, &src->o_ctx) || !EVP_MD_CTX_copy_ex(&dest->md_ctx, &src->md_ctx)) { return 0; } dest->md = src->md; return 1; }
static int _md_copy (md_ctx *xdst, md_ctx *xsrc) { assert (xdst != NULL); assert (xsrc != NULL); if (_md_ctx_create (xdst) < 0) { return (-1); } #if HAVE_EVP_MD_CTX_COPY_EX /* OpenSSL >= 0.9.7 */ if (!(EVP_MD_CTX_copy_ex (xdst->ctx, xsrc->ctx))) { return (-1); } #elif HAVE_EVP_MD_CTX_COPY /* EVP_MD_CTX_copy() implicitly initializes the EVP_MD_CTX for xdst. */ if (!(EVP_MD_CTX_copy (xdst->ctx, xsrc->ctx))) { return (-1); } #else /* !HAVE_EVP_MD_CTX_COPY */ #error "No OpenSSL EVP_MD_CTX_copy" #endif /* !HAVE_EVP_MD_CTX_COPY */ return (0); }
int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, size_t siglen) { EVP_MD_CTX tmp_ctx; unsigned char md[EVP_MAX_MD_SIZE]; int r; unsigned int mdlen; int vctx; if (ctx->pctx->pmeth->verifyctx) vctx = 1; else vctx = 0; EVP_MD_CTX_init(&tmp_ctx); if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx)) return -1; if (vctx) { r = tmp_ctx.pctx->pmeth->verifyctx(tmp_ctx.pctx, sig, siglen, &tmp_ctx); } else r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen); EVP_MD_CTX_cleanup(&tmp_ctx); if (vctx || !r) return r; return EVP_PKEY_verify(ctx->pctx, sig, siglen, md, mdlen); }
int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, size_t siglen) { unsigned char md[EVP_MAX_MD_SIZE]; int r = 0; unsigned int mdlen = 0; int vctx = 0; if (ctx->pctx->pmeth->verifyctx) vctx = 1; else vctx = 0; if (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) { if (vctx) { r = ctx->pctx->pmeth->verifyctx(ctx->pctx, sig, siglen, ctx); } else r = EVP_DigestFinal_ex(ctx, md, &mdlen); } else { EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new(); if (tmp_ctx == NULL || !EVP_MD_CTX_copy_ex(tmp_ctx, ctx)) return -1; if (vctx) { r = tmp_ctx->pctx->pmeth->verifyctx(tmp_ctx->pctx, sig, siglen, tmp_ctx); } else r = EVP_DigestFinal_ex(tmp_ctx, md, &mdlen); EVP_MD_CTX_free(tmp_ctx); } if (vctx || !r) return r; return EVP_PKEY_verify(ctx->pctx, sig, siglen, md, mdlen); }
static int ssl3_handshake_mac(SSL *s, EVP_MD_CTX *in_ctx, const char *sender, int len, unsigned char *p) { unsigned int ret; int npad,n; unsigned int i; unsigned char md_buf[EVP_MAX_MD_SIZE]; EVP_MD_CTX ctx; EVP_MD_CTX_init(&ctx); EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); EVP_MD_CTX_copy_ex(&ctx,in_ctx); n=EVP_MD_CTX_size(&ctx); npad=(48/n)*n; if (sender != NULL) EVP_DigestUpdate(&ctx,sender,len); EVP_DigestUpdate(&ctx,s->session->master_key, s->session->master_key_length); EVP_DigestUpdate(&ctx,ssl3_pad_1,npad); EVP_DigestFinal_ex(&ctx,md_buf,&i); EVP_DigestInit_ex(&ctx,EVP_MD_CTX_md(&ctx), NULL); EVP_DigestUpdate(&ctx,s->session->master_key, s->session->master_key_length); EVP_DigestUpdate(&ctx,ssl3_pad_2,npad); EVP_DigestUpdate(&ctx,md_buf,i); EVP_DigestFinal_ex(&ctx,p,&ret); EVP_MD_CTX_cleanup(&ctx); return((int)ret); }
int EVP_VerifyFinal(EVP_MD_CTX *ctx, const uint8_t *sig, size_t sig_len, EVP_PKEY *pkey) { uint8_t m[EVP_MAX_MD_SIZE]; unsigned int m_len; int ret = 0; EVP_MD_CTX tmp_ctx; EVP_PKEY_CTX *pkctx = NULL; EVP_MD_CTX_init(&tmp_ctx); if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx) || !EVP_DigestFinal_ex(&tmp_ctx, m, &m_len)) { EVP_MD_CTX_cleanup(&tmp_ctx); goto out; } EVP_MD_CTX_cleanup(&tmp_ctx); pkctx = EVP_PKEY_CTX_new(pkey, NULL); if (!pkctx || !EVP_PKEY_verify_init(pkctx) || !EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest)) { goto out; } ret = EVP_PKEY_verify(pkctx, sig, sig_len, m, m_len); out: EVP_PKEY_CTX_free(pkctx); return ret; }
int EVP_SignFinal(const EVP_MD_CTX *ctx, uint8_t *sig, unsigned int *out_sig_len, EVP_PKEY *pkey) { uint8_t m[EVP_MAX_MD_SIZE]; unsigned int m_len; int ret = 0; EVP_MD_CTX tmp_ctx; EVP_PKEY_CTX *pkctx = NULL; size_t sig_len = EVP_PKEY_size(pkey); *out_sig_len = 0; EVP_MD_CTX_init(&tmp_ctx); if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx) || !EVP_DigestFinal_ex(&tmp_ctx, m, &m_len)) { goto out; } EVP_MD_CTX_cleanup(&tmp_ctx); pkctx = EVP_PKEY_CTX_new(pkey, NULL); if (!pkctx || !EVP_PKEY_sign_init(pkctx) || !EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) || !EVP_PKEY_sign(pkctx, sig, &sig_len, m, m_len)) { goto out; } *out_sig_len = sig_len; ret = 1; out: if (pkctx) { EVP_PKEY_CTX_free(pkctx); } return ret; }
int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain, X509_ALGOR *mdalg) { int nid; ASN1_OBJECT *mdoid; X509_ALGOR_get0(&mdoid, NULL, NULL, mdalg); nid = OBJ_obj2nid(mdoid); /* Look for digest type to match signature */ for (;;) { EVP_MD_CTX *mtmp; chain = BIO_find_type(chain, BIO_TYPE_MD); if (chain == NULL) { CMSerr(CMS_F_CMS_DIGESTALGORITHM_FIND_CTX, CMS_R_NO_MATCHING_DIGEST); return 0; } BIO_get_md_ctx(chain, &mtmp); if (EVP_MD_CTX_type(mtmp) == nid /* * Workaround for broken implementations that use signature * algorithm OID instead of digest. */ || EVP_MD_pkey_type(EVP_MD_CTX_md(mtmp)) == nid) return EVP_MD_CTX_copy_ex(mctx, mtmp); chain = BIO_next(chain); } }
int EVP_DigestSignFinal(EVP_MD_CTX *ctx, uint8_t *out_sig, size_t *out_sig_len) { int r = 0; const int has_signctx = ctx->pctx->pmeth->signctx != NULL; if (out_sig) { EVP_MD_CTX tmp_ctx; uint8_t md[EVP_MAX_MD_SIZE]; unsigned int mdlen; EVP_MD_CTX_init(&tmp_ctx); if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx)) { return 0; } if (has_signctx) { r = tmp_ctx.pctx->pmeth->signctx(tmp_ctx.pctx, out_sig, out_sig_len, &tmp_ctx); } else { r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen); } EVP_MD_CTX_cleanup(&tmp_ctx); if (has_signctx || !r) { return r; } return EVP_PKEY_sign(ctx->pctx, out_sig, out_sig_len, md, mdlen); } else { if (has_signctx) { return ctx->pctx->pmeth->signctx(ctx->pctx, out_sig, out_sig_len, ctx); } else { size_t s = EVP_MD_size(ctx->digest); return EVP_PKEY_sign(ctx->pctx, out_sig, out_sig_len, NULL, s); } } }
int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *out) { unsigned int ret; EVP_MD_CTX ctx, *d=NULL; int i; if (s->s3->handshake_buffer) if (!ssl3_digest_cached_records(s)) return 0; for (i=0;i<SSL_MAX_DIGEST;i++) { if (s->s3->handshake_dgst[i]&&EVP_MD_CTX_type(s->s3->handshake_dgst[i])==md_nid) { d=s->s3->handshake_dgst[i]; break; } } if (!d) { SSLerr(SSL_F_TLS1_CERT_VERIFY_MAC,SSL_R_NO_REQUIRED_DIGEST); return 0; } EVP_MD_CTX_init(&ctx); EVP_MD_CTX_copy_ex(&ctx,d); EVP_DigestFinal_ex(&ctx,out,&ret); EVP_MD_CTX_cleanup(&ctx); return((int)ret); }
static int evp_digest(lua_State *L) { EVP_MD_CTX *c = evp_pget(L, 1); EVP_MD_CTX *d = NULL; unsigned char digest[EVP_MAX_MD_SIZE]; size_t written = 0; unsigned int i; char *hex; if (lua_isstring(L, 2)) { const char *s = luaL_checkstring(L, 2); EVP_DigestUpdate(c, s, lua_strlen(L, 2)); } d = EVP_MD_CTX_create(); EVP_MD_CTX_copy_ex(d, c); EVP_DigestFinal_ex(d, digest, &written); EVP_MD_CTX_destroy(d); if (lua_toboolean(L, 3)) lua_pushlstring(L, (char *)digest, written); else { hex = calloc(sizeof(char), written*2 + 1); for (i = 0; i < written; i++) sprintf(hex + 2*i, "%02x", digest[i]); lua_pushlstring(L, hex, written*2); free(hex); } return 1; }
int ssl3_final_finish_mac(SSL *s, const char *sender, int len, unsigned char *p) { int ret; EVP_MD_CTX ctx; if (!ssl3_digest_cached_records(s, 0)) return 0; if (EVP_MD_CTX_type(s->s3->handshake_dgst) != NID_md5_sha1) { SSLerr(SSL_F_SSL3_HANDSHAKE_MAC, SSL_R_NO_REQUIRED_DIGEST); return 0; } EVP_MD_CTX_init(&ctx); EVP_MD_CTX_copy_ex(&ctx, s->s3->handshake_dgst); ret = EVP_MD_CTX_size(&ctx); if (ret < 0) { EVP_MD_CTX_cleanup(&ctx); return 0; } if ((sender != NULL && EVP_DigestUpdate(&ctx, sender, len) <= 0) || EVP_MD_CTX_ctrl(&ctx, EVP_CTRL_SSL3_MASTER_SECRET, s->session->master_key_length, s->session->master_key) <= 0 || EVP_DigestFinal_ex(&ctx, p, NULL) <= 0) { SSLerr(SSL_F_SSL3_HANDSHAKE_MAC, ERR_R_INTERNAL_ERROR); ret = 0; } EVP_MD_CTX_cleanup(&ctx); return ret; }
int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen) { int sctx = 0, r = 0; EVP_PKEY_CTX *pctx = ctx->pctx; if (pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM) { if (!sigret) return pctx->pmeth->signctx(pctx, sigret, siglen, ctx); if (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) r = pctx->pmeth->signctx(pctx, sigret, siglen, ctx); else { EVP_PKEY_CTX *dctx = EVP_PKEY_CTX_dup(ctx->pctx); if (!dctx) return 0; r = dctx->pmeth->signctx(dctx, sigret, siglen, ctx); EVP_PKEY_CTX_free(dctx); } return r; } if (pctx->pmeth->signctx) sctx = 1; else sctx = 0; if (sigret) { unsigned char md[EVP_MAX_MD_SIZE]; unsigned int mdlen = 0; if (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) { if (sctx) r = ctx->pctx->pmeth->signctx(ctx->pctx, sigret, siglen, ctx); else r = EVP_DigestFinal_ex(ctx, md, &mdlen); } else { EVP_MD_CTX tmp_ctx; EVP_MD_CTX_init(&tmp_ctx); if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx)) return 0; if (sctx) r = tmp_ctx.pctx->pmeth->signctx(tmp_ctx.pctx, sigret, siglen, &tmp_ctx); else r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen); EVP_MD_CTX_cleanup(&tmp_ctx); } if (sctx || !r) return r; if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0) return 0; } else { if (sctx) { if (pctx->pmeth->signctx(pctx, sigret, siglen, ctx) <= 0) return 0; } else { int s = EVP_MD_size(ctx->digest); if (s < 0 || EVP_PKEY_sign(pctx, sigret, siglen, NULL, s) <= 0) return 0; } } return 1; }
int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, EVP_PKEY *pkey) { unsigned char m[EVP_MAX_MD_SIZE]; unsigned int m_len; int i,ok=0,v; EVP_MD_CTX tmp_ctx; *siglen=0; EVP_MD_CTX_init(&tmp_ctx); EVP_MD_CTX_copy_ex(&tmp_ctx,ctx); EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len); EVP_MD_CTX_cleanup(&tmp_ctx); if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) { EVP_PKEY_CTX *pkctx = NULL; size_t sltmp = (size_t)EVP_PKEY_size(pkey); i = 0; pkctx = EVP_PKEY_CTX_new(pkey, NULL); if (!pkctx) goto err; if (EVP_PKEY_sign_init(pkctx) <= 0) goto err; if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0) goto err; if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0) goto err; *siglen = sltmp; i = 1; err: EVP_PKEY_CTX_free(pkctx); return i; } for (i=0; i<4; i++) { v=ctx->digest->required_pkey_type[i]; if (v == 0) break; if (pkey->type == v) { ok=1; break; } } if (!ok) { EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE); return(0); } if (ctx->digest->sign == NULL) { EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_NO_SIGN_FUNCTION_CONFIGURED); return(0); } return(ctx->digest->sign(ctx->digest->type,m,m_len,sigret,siglen, pkey->pkey.ptr)); }
int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, unsigned int siglen, EVP_PKEY *pkey) { unsigned char m[EVP_MAX_MD_SIZE]; unsigned int m_len = 0; int i = 0, ok = 0, v = 0; EVP_PKEY_CTX *pkctx = NULL; if (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) { if (!EVP_DigestFinal_ex(ctx, m, &m_len)) goto err; } else { int rv = 0; EVP_MD_CTX tmp_ctx; EVP_MD_CTX_init(&tmp_ctx); rv = EVP_MD_CTX_copy_ex(&tmp_ctx, ctx); if (rv) rv = EVP_DigestFinal_ex(&tmp_ctx, m, &m_len); EVP_MD_CTX_cleanup(&tmp_ctx); if (!rv) return 0; } if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) { i = -1; pkctx = EVP_PKEY_CTX_new(pkey, NULL); if (pkctx == NULL) goto err; if (EVP_PKEY_verify_init(pkctx) <= 0) goto err; if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0) goto err; i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len); err: EVP_PKEY_CTX_free(pkctx); return i; } for (i = 0; i < 4; i++) { v = ctx->digest->required_pkey_type[i]; if (v == 0) break; if (pkey->type == v) { ok = 1; break; } } if (!ok) { EVPerr(EVP_F_EVP_VERIFYFINAL, EVP_R_WRONG_PUBLIC_KEY_TYPE); return (-1); } if (ctx->digest->verify == NULL) { EVPerr(EVP_F_EVP_VERIFYFINAL, EVP_R_NO_VERIFY_FUNCTION_CONFIGURED); return (0); } return (ctx->digest->verify(ctx->digest->type, m, m_len, sigbuf, siglen, pkey->pkey.ptr)); }
int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, size_t key_len, const EVP_MD *md, ENGINE *impl) { unsigned i, reset = 0; uint8_t pad[HMAC_MAX_MD_CBLOCK]; if (md != NULL) { reset = 1; ctx->md = md; } else { md = ctx->md; } if (key != NULL) { size_t block_size = EVP_MD_block_size(md); reset = 1; assert(block_size <= sizeof(ctx->key)); if (block_size < key_len) { if (!EVP_DigestInit_ex(&ctx->md_ctx, md, impl) || !EVP_DigestUpdate(&ctx->md_ctx, key, key_len) || !EVP_DigestFinal_ex(&(ctx->md_ctx), ctx->key, &ctx->key_length)) { goto err; } } else { assert(key_len >= 0 && key_len <= sizeof(ctx->key)); memcpy(ctx->key, key, key_len); ctx->key_length = key_len; } if (ctx->key_length != HMAC_MAX_MD_CBLOCK) { memset(&ctx->key[ctx->key_length], 0, sizeof(ctx->key) - ctx->key_length); } } if (reset) { for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++) { pad[i] = 0x36 ^ ctx->key[i]; } if (!EVP_DigestInit_ex(&ctx->i_ctx, md, impl) || !EVP_DigestUpdate(&ctx->i_ctx, pad, EVP_MD_block_size(md))) { goto err; } for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++) { pad[i] = 0x5c ^ ctx->key[i]; } if (!EVP_DigestInit_ex(&ctx->o_ctx, md, impl) || !EVP_DigestUpdate(&ctx->o_ctx, pad, EVP_MD_block_size(md))) { goto err; } } if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->i_ctx)) { goto err; } return 1; err: return 0; }
static int evp_clone(lua_State *L) { EVP_MD_CTX *c = evp_pget(L, 1); EVP_MD_CTX *d = evp_pnew(L); EVP_MD_CTX_init(d); EVP_MD_CTX_copy_ex(d, c); return 1; }
int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md, ENGINE *impl) { int i, j, reset = 0; unsigned char pad[HMAC_MAX_MD_CBLOCK]; if (md != NULL) { reset = 1; ctx->md = md; } else md = ctx->md; if (key != NULL) { reset = 1; j = EVP_MD_block_size(md); OPENSSL_assert(j <= (int)sizeof(ctx->key)); if (j < len) { if (!EVP_DigestInit_ex(&ctx->md_ctx, md, impl)) goto err; if (!EVP_DigestUpdate(&ctx->md_ctx, key, len)) goto err; if (!EVP_DigestFinal_ex(&(ctx->md_ctx), ctx->key, &ctx->key_length)) goto err; } else { OPENSSL_assert(len >= 0 && len <= (int)sizeof(ctx->key)); memcpy(ctx->key, key, len); ctx->key_length = len; } if (ctx->key_length != HMAC_MAX_MD_CBLOCK) memset(&ctx->key[ctx->key_length], 0, HMAC_MAX_MD_CBLOCK - ctx->key_length); } if (reset) { for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++) pad[i] = 0x36 ^ ctx->key[i]; if (!EVP_DigestInit_ex(&ctx->i_ctx, md, impl)) goto err; if (!EVP_DigestUpdate(&ctx->i_ctx, pad, EVP_MD_block_size(md))) goto err; for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++) pad[i] = 0x5c ^ ctx->key[i]; if (!EVP_DigestInit_ex(&ctx->o_ctx, md, impl)) goto err; if (!EVP_DigestUpdate(&ctx->o_ctx, pad, EVP_MD_block_size(md))) goto err; } if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->i_ctx)) goto err; return 1; err: return 0; }
int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx) { if (!HMAC_CTX_reset(dctx)) goto err; if (!EVP_MD_CTX_copy_ex(dctx->i_ctx, sctx->i_ctx)) goto err; if (!EVP_MD_CTX_copy_ex(dctx->o_ctx, sctx->o_ctx)) goto err; if (!EVP_MD_CTX_copy_ex(dctx->md_ctx, sctx->md_ctx)) goto err; memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK); dctx->key_length = sctx->key_length; dctx->md = sctx->md; return 1; err: hmac_ctx_cleanup(dctx); return 0; }
int ssh_digest_copy_state(struct ssh_digest_ctx *from, struct ssh_digest_ctx *to) { if (from->alg != to->alg) return SSH_ERR_INVALID_ARGUMENT; /* we have bcopy-style order while openssl has memcpy-style */ if (!EVP_MD_CTX_copy_ex(&to->mdctx, &from->mdctx)) return SSH_ERR_LIBCRYPTO_ERROR; return 0; }
static int digest_clone(lua_State *L) { EVP_MD_CTX *c = (EVP_MD_CTX*)luaL_checkudata(L, 1, LUACRYPTO_DIGESTNAME); EVP_MD_CTX *d = digest_pnew(L); EVP_MD_CTX_init(d); if (!EVP_MD_CTX_copy_ex(d, c)) { return crypto_error(L); } return 1; }
int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx) { HMAC_CTX_init(dctx); if (!EVP_MD_CTX_copy_ex(&dctx->i_ctx, &sctx->i_ctx)) goto err; if (!EVP_MD_CTX_copy_ex(&dctx->o_ctx, &sctx->o_ctx)) goto err; if (!EVP_MD_CTX_copy_ex(&dctx->md_ctx, &sctx->md_ctx)) goto err; dctx->key_init = sctx->key_init; if (sctx->key_init) { memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK); dctx->key_length = sctx->key_length; } dctx->md = sctx->md; return 1; err: return 0; }
int tls1_cert_verify_mac(SSL *s, EVP_MD_CTX *in_ctx, unsigned char *out) { unsigned int ret; EVP_MD_CTX ctx; EVP_MD_CTX_init(&ctx); EVP_MD_CTX_copy_ex(&ctx,in_ctx); EVP_DigestFinal_ex(&ctx,out,&ret); EVP_MD_CTX_cleanup(&ctx); return((int)ret); }
static int ssl3_handshake_mac(SSL *s, int md_nid, const char *sender, int len, unsigned char *p) { unsigned int ret; int npad, n; unsigned int i; unsigned char md_buf[EVP_MAX_MD_SIZE]; EVP_MD_CTX ctx, *d = NULL; if (!ssl3_digest_cached_records(s, 0)) return 0; /* * Search for digest of specified type in the handshake_dgst array */ for (i = 0; i < SSL_MAX_DIGEST; i++) { if (s->s3->handshake_dgst[i] && EVP_MD_CTX_type(s->s3->handshake_dgst[i]) == md_nid) { d = s->s3->handshake_dgst[i]; break; } } if (!d) { SSLerr(SSL_F_SSL3_HANDSHAKE_MAC, SSL_R_NO_REQUIRED_DIGEST); return 0; } EVP_MD_CTX_init(&ctx); EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); EVP_MD_CTX_copy_ex(&ctx, d); n = EVP_MD_CTX_size(&ctx); if (n < 0) return 0; npad = (48 / n) * n; if ((sender != NULL && EVP_DigestUpdate(&ctx, sender, len) <= 0) || EVP_DigestUpdate(&ctx, s->session->master_key, s->session->master_key_length) <= 0 || EVP_DigestUpdate(&ctx, ssl3_pad_1, npad) <= 0 || EVP_DigestFinal_ex(&ctx, md_buf, &i) <= 0 || EVP_DigestInit_ex(&ctx, EVP_MD_CTX_md(&ctx), NULL) <= 0 || EVP_DigestUpdate(&ctx, s->session->master_key, s->session->master_key_length) <= 0 || EVP_DigestUpdate(&ctx, ssl3_pad_2, npad) <= 0 || EVP_DigestUpdate(&ctx, md_buf, i) <= 0 || EVP_DigestFinal_ex(&ctx, p, &ret) <= 0) { SSLerr(SSL_F_SSL3_HANDSHAKE_MAC, ERR_R_INTERNAL_ERROR); ret = 0; } EVP_MD_CTX_cleanup(&ctx); return ((int)ret); }
int tls1_final_finish_mac(SSL *s, const char *str, int slen, unsigned char *out) { unsigned int i; EVP_MD_CTX ctx; unsigned char buf[2*EVP_MAX_MD_SIZE]; unsigned char *q,buf2[12]; int idx; long mask; int err=0; const EVP_MD *md; q=buf; if (s->s3->handshake_buffer) if (!ssl3_digest_cached_records(s)) return 0; EVP_MD_CTX_init(&ctx); for (idx=0;ssl_get_handshake_digest(idx,&mask,&md);idx++) { if (mask & s->s3->tmp.new_cipher->algorithm2) { int hashsize = EVP_MD_size(md); if (hashsize < 0 || hashsize > (int)(sizeof buf - (size_t)(q-buf))) { /* internal error: 'buf' is too small for this cipersuite! */ err = 1; } else { EVP_MD_CTX_copy_ex(&ctx,s->s3->handshake_dgst[idx]); EVP_DigestFinal_ex(&ctx,q,&i); if (i != (unsigned int)hashsize) /* can't really happen */ err = 1; q+=i; } } } if (!tls1_PRF(s->s3->tmp.new_cipher->algorithm2, str,slen, buf,(int)(q-buf), NULL,0, NULL,0, NULL,0, s->session->master_key,s->session->master_key_length, out,buf2,sizeof buf2)) err = 1; EVP_MD_CTX_cleanup(&ctx); if (err) return 0; else return sizeof buf2; }
ikptr ikrt_openssl_evp_md_ctx_copy_ex (ikptr s_ou, ikptr s_in, ikpcb * pcb) { #ifdef HAVE_EVP_MD_CTX_COPY_EX EVP_MD_CTX * ou = IK_EVP_MD_CTX(s_ou); const EVP_MD_CTX * in = IK_EVP_MD_CTX(s_in); int rv; rv = EVP_MD_CTX_copy_ex(ou, in); return (rv)? ika_pointer_alloc(pcb, (long)rv) : IK_FALSE; #else feature_failure(__func__); #endif }
static int ssl3_mac(AEAD_SSL3_CTX *ssl3_ctx, uint8_t *out, unsigned *out_len, const uint8_t *ad, size_t ad_len, const uint8_t *in, size_t in_len) { size_t md_size = EVP_MD_CTX_size(&ssl3_ctx->md_ctx); size_t pad_len = (md_size == 20) ? 40 : 48; /* To allow for CBC mode which changes cipher length, |ad| doesn't include the * length for legacy ciphers. */ uint8_t ad_extra[2]; ad_extra[0] = (uint8_t)(in_len >> 8); ad_extra[1] = (uint8_t)(in_len & 0xff); EVP_MD_CTX md_ctx; EVP_MD_CTX_init(&md_ctx); uint8_t pad[48]; uint8_t tmp[EVP_MAX_MD_SIZE]; memset(pad, 0x36, pad_len); if (!EVP_MD_CTX_copy_ex(&md_ctx, &ssl3_ctx->md_ctx) || !EVP_DigestUpdate(&md_ctx, pad, pad_len) || !EVP_DigestUpdate(&md_ctx, ad, ad_len) || !EVP_DigestUpdate(&md_ctx, ad_extra, sizeof(ad_extra)) || !EVP_DigestUpdate(&md_ctx, in, in_len) || !EVP_DigestFinal_ex(&md_ctx, tmp, NULL)) { EVP_MD_CTX_cleanup(&md_ctx); return 0; } memset(pad, 0x5c, pad_len); if (!EVP_MD_CTX_copy_ex(&md_ctx, &ssl3_ctx->md_ctx) || !EVP_DigestUpdate(&md_ctx, pad, pad_len) || !EVP_DigestUpdate(&md_ctx, tmp, md_size) || !EVP_DigestFinal_ex(&md_ctx, out, out_len)) { EVP_MD_CTX_cleanup(&md_ctx); return 0; } EVP_MD_CTX_cleanup(&md_ctx); return 1; }
void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len) { int j; unsigned int i; unsigned char buf[EVP_MAX_MD_SIZE]; j=EVP_MD_block_size(ctx->md); EVP_DigestFinal_ex(&ctx->md_ctx,buf,&i); EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->o_ctx); EVP_DigestUpdate(&ctx->md_ctx,buf,i); EVP_DigestFinal_ex(&ctx->md_ctx,md,len); }