int _krb5_evp_digest_iov(krb5_crypto crypto, const struct krb5_crypto_iov *iov, int niov, void *hash, unsigned int *hsize, const EVP_MD *md, ENGINE *engine) { EVP_MD_CTX *ctx; int ret, i; krb5_data current = {0,0}; if (crypto != NULL) { if (crypto->mdctx == NULL) crypto->mdctx = EVP_MD_CTX_create(); if (crypto->mdctx == NULL) return 0; ctx = crypto->mdctx; } else ctx = EVP_MD_CTX_create(); ret = EVP_DigestInit_ex(ctx, md, engine); if (ret != 1) goto out; for (i = 0; i < niov; i++) { if (_krb5_crypto_iov_should_sign(&iov[i])) { if ((char *)current.data + current.length == iov[i].data.data) { current.length += iov[i].data.length; } else { if (current.data) { ret = EVP_DigestUpdate(ctx, current.data, current.length); if (ret != 1) goto out; } current = iov[i].data; } } } if (current.data) { ret = EVP_DigestUpdate(ctx, current.data, current.length); if (ret != 1) goto out; } ret = EVP_DigestFinal_ex(ctx, hash, hsize); out: if (crypto == NULL) EVP_MD_CTX_destroy(ctx); return ret; }
static struct rspamd_lua_cryptobox_hash * rspamd_lua_hash_create (const gchar *type) { struct rspamd_lua_cryptobox_hash *h; h = g_slice_alloc0 (sizeof (*h)); if (type) { if (g_ascii_strcasecmp (type, "md5") == 0) { h->is_ssl = TRUE; h->c = EVP_MD_CTX_create (); EVP_DigestInit (h->c, EVP_md5 ()); goto ret; } else if (g_ascii_strcasecmp (type, "sha1") == 0 || g_ascii_strcasecmp (type, "sha") == 0) { h->is_ssl = TRUE; h->c = EVP_MD_CTX_create (); EVP_DigestInit (h->c, EVP_sha1 ()); goto ret; } else if (g_ascii_strcasecmp (type, "sha256") == 0) { h->is_ssl = TRUE; h->c = EVP_MD_CTX_create (); EVP_DigestInit (h->c, EVP_sha256 ()); goto ret; } else if (g_ascii_strcasecmp (type, "sha512") == 0) { h->is_ssl = TRUE; h->c = EVP_MD_CTX_create (); EVP_DigestInit (h->c, EVP_sha512 ()); goto ret; } else if (g_ascii_strcasecmp (type, "sha384") == 0) { h->is_ssl = TRUE; h->c = EVP_MD_CTX_create (); EVP_DigestInit (h->c, EVP_sha384 ()); goto ret; } } h->h = g_slice_alloc0 (sizeof (*h->h)); rspamd_cryptobox_hash_init (h->h, NULL, 0); ret: return h; }
static bool verifySignature(const char *data, int dataLength, char *signature, int signatureLength, const char *cert) { X509* x509; BIO* bio = BIO_new(BIO_s_mem()); BIO_puts(bio, cert); x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL); BIO_free(bio); if (!x509) { return false; } EVP_PKEY* pubKey = X509_get_pubkey(x509); EVP_MD_CTX *mdctx = NULL; mdctx = EVP_MD_CTX_create(); EVP_DigestVerifyInit(mdctx, NULL, EVP_sha256(), NULL, pubKey); EVP_DigestVerifyUpdate(mdctx, data, dataLength); int result = EVP_DigestVerifyFinal(mdctx, signature, signatureLength); X509_free(x509); EVP_PKEY_free(pubKey); EVP_MD_CTX_destroy(mdctx); return result > 0; }
static int verify_jwt_signature(EVP_PKEY *key, const char *alg, grpc_slice signature, grpc_slice signed_data) { EVP_MD_CTX *md_ctx = EVP_MD_CTX_create(); const EVP_MD *md = evp_md_from_alg(alg); int result = 0; GPR_ASSERT(md != NULL); /* Checked before. */ if (md_ctx == NULL) { gpr_log(GPR_ERROR, "Could not create EVP_MD_CTX."); goto end; } if (EVP_DigestVerifyInit(md_ctx, NULL, md, NULL, key) != 1) { gpr_log(GPR_ERROR, "EVP_DigestVerifyInit failed."); goto end; } if (EVP_DigestVerifyUpdate(md_ctx, GRPC_SLICE_START_PTR(signed_data), GRPC_SLICE_LENGTH(signed_data)) != 1) { gpr_log(GPR_ERROR, "EVP_DigestVerifyUpdate failed."); goto end; } if (EVP_DigestVerifyFinal(md_ctx, GRPC_SLICE_START_PTR(signature), GRPC_SLICE_LENGTH(signature)) != 1) { gpr_log(GPR_ERROR, "JWT signature verification failed."); goto end; } result = 1; end: if (md_ctx != NULL) EVP_MD_CTX_destroy(md_ctx); return result; }
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL _krb5_des_checksum(krb5_context context, const EVP_MD *evp_md, struct _krb5_key_data *key, const void *data, size_t len, Checksum *cksum) { struct _krb5_evp_schedule *ctx = key->schedule->data; EVP_MD_CTX *m; DES_cblock ivec; unsigned char *p = cksum->checksum.data; krb5_generate_random_block(p, 8); m = EVP_MD_CTX_create(); if (m == NULL) return krb5_enomem(context); EVP_DigestInit_ex(m, evp_md, NULL); EVP_DigestUpdate(m, p, 8); EVP_DigestUpdate(m, data, len); EVP_DigestFinal_ex (m, p + 8, NULL); EVP_MD_CTX_destroy(m); memset (&ivec, 0, sizeof(ivec)); EVP_CipherInit_ex(&ctx->ectx, NULL, NULL, NULL, (void *)&ivec, -1); EVP_Cipher(&ctx->ectx, p, p, 24); return 0; }
/** * returns -1 on error * returns 0 on non-verified digest * returns 1 on verified digest */ int evp_verify(EVP_PKEY* evp, enum EVP_DIGEST_TYPE type, FILE* fp, string* s) { unsigned char digest[SHA_DIGEST_LENGTH]; unsigned int digest_length = 0; int ret; EVP_MD_CTX* ctx = NULL; if (evp == NULL) { fprintf(stderr, "evp_verify: NULL EVP_PKEY\n"); return EVP_ERROR; } if (!digest_fp(fp, type, digest, &digest_length)) { fprintf(stderr, "evp_verify: message digest failed\n"); return EVP_ERROR; } ctx = EVP_MD_CTX_create(); if (ctx == NULL) { fprintf(stderr, "evp_verify: failed to create digest context\n"); return EVP_ERROR; } ret = evp_verify_internal(evp, ctx, type, digest, digest_length, s); EVP_MD_CTX_cleanup(ctx); EVP_MD_CTX_destroy(ctx); return ret; }
static LUA_FUNCTION(openssl_evp_digest_init) { EVP_MD* md = CHECK_OBJECT(1, EVP_MD, "openssl.evp_digest"); ENGINE* e = lua_gettop(L) > 1 ? CHECK_OBJECT(2, ENGINE, "openssl.engine") : NULL; EVP_MD_CTX* ctx = EVP_MD_CTX_create(); if (ctx) { int ret; EVP_MD_CTX_init(ctx); ret = EVP_DigestInit_ex(ctx, md, e); if (ret == 1) { PUSH_OBJECT(ctx, "openssl.evp_digest_ctx"); } else { EVP_MD_CTX_destroy(ctx); return openssl_pushresult(L, ret); } } else lua_pushnil(L); return 1; }
/* * Constructors * All constructors call two common methods: HashBasicInit(...) and HashCalculatePrintableRepresentation(...). * Each constructor reads the data to create the Hash from different sources so after the basic * initialization and up to the point where the hash is computed, each follows its own path. */ Hash *HashNew(const char *data, const unsigned int length, HashMethod method) { if (!data || (length == 0)) { return NULL; } if (method >= HASH_METHOD_NONE) { return NULL; } /* * OpenSSL documentation marked EVP_DigestInit and EVP_DigestFinal functions as deprecated and * recommends moving to EVP_DigestInit_ex and EVP_DigestFinal_ex. */ EVP_MD_CTX *context = NULL; const EVP_MD *md = NULL; int md_len = 0; md = EVP_get_digestbyname(CF_DIGEST_TYPES[method]); if (md == NULL) { Log(LOG_LEVEL_INFO, "Digest type %s not supported by OpenSSL library", CF_DIGEST_TYPES[method]); return NULL; } Hash *hash = HashBasicInit(method); context = EVP_MD_CTX_create(); EVP_DigestInit_ex(context, md, NULL); EVP_DigestUpdate(context, data, (size_t) length); EVP_DigestFinal_ex(context, hash->digest, &md_len); EVP_MD_CTX_destroy(context); /* Update the printable representation */ HashCalculatePrintableRepresentation(hash); /* Return the hash */ return hash; }
char *pkgr_generate_checksum(char *filename, char *hexdigest) { OpenSSL_add_all_digests(); const EVP_MD *md = EVP_get_digestbyname("rmd160"); if(!md) { pkgr_error("Ripemd-160 is not supported by this version of OpenSSL"); exit(1); } EVP_MD_CTX *ctx = EVP_MD_CTX_create(); EVP_DigestInit_ex(ctx, md, NULL); FILE *dfile = fopen(filename, "rb"); if(dfile == NULL) { pkgr_error("Invalid file (%s)", filename); exit(1); } while(!feof(dfile)) { char data[1024]; size_t size = fread(data, sizeof(char), sizeof(data), dfile); EVP_DigestUpdate(ctx, data, size); } unsigned int md_len; unsigned char checksum[EVP_MAX_MD_SIZE]; EVP_DigestFinal_ex(ctx, checksum, &md_len); EVP_MD_CTX_destroy(ctx); unsigned int i; for(i = 0; i < md_len; i++) { char buffer[3]; snprintf(buffer, sizeof(buffer), "%02x", checksum[i]); strcat(hexdigest, buffer); } return hexdigest; }
static int _md_ctx_create (md_ctx *x) { assert (x != NULL); #if HAVE_EVP_MD_CTX_NEW /* OpenSSL >= 1.1.0 */ x->ctx = EVP_MD_CTX_new (); /* alloc & init */ #elif HAVE_EVP_MD_CTX_CREATE /* OpenSSL >= 0.9.7, < 1.1.0 */ x->ctx = EVP_MD_CTX_create (); /* alloc & init */ #else /* !HAVE_EVP_MD_CTX_CREATE */ x->ctx = OPENSSL_malloc (sizeof (EVP_MD_CTX)); /* allocate */ #if HAVE_EVP_MD_CTX_INIT /* OpenSSL >= 0.9.7, < 1.1.0 */ if (x->ctx != NULL ) { EVP_MD_CTX_init (x->ctx); /* initialize */ } #endif /* HAVE_EVP_MD_CTX_INIT */ #endif /* !HAVE_EVP_MD_CTX_CREATE */ if (x->ctx == NULL) { return (-1); } return (0); }
EAC_CTX * EAC_CTX_new(void) { EAC_CTX *ctx = OPENSSL_malloc(sizeof(EAC_CTX)); if (!ctx) return NULL; ctx->bn_ctx = BN_CTX_new(); ctx->ca_ctxs = (STACK_OF(CA_CTX *)) sk_new_null(); ctx->cipher_ctx = EVP_CIPHER_CTX_new(); ctx->md_ctx = EVP_MD_CTX_create(); ctx->pace_ctxs = (STACK_OF(PACE_CTX *)) sk_new_null(); ctx->ri_ctxs = (STACK_OF(RI_CTX *)) sk_new_null(); ctx->ssc = BN_new(); ctx->ta_ctx = TA_CTX_new(); if (!ctx->bn_ctx || !ctx->md_ctx || !ctx->pace_ctxs || !ctx->ta_ctx || !ctx->ca_ctxs || !ctx->cipher_ctx || !ctx->ri_ctxs || !ctx->ssc) goto err; BN_CTX_init(ctx->bn_ctx); EVP_CIPHER_CTX_init(ctx->cipher_ctx); ctx->ca_ctx = NULL; ctx->key_ctx = NULL; ctx->pace_ctx = NULL; ctx->ri_ctx = NULL; ctx->tr_version = EAC_TR_VERSION_2_02; return ctx; err: EAC_CTX_clear_free(ctx); return NULL; }
CAMLprim value ocaml_EVP_MD_CTX_init(value v_alg) { CAMLparam1(v_alg); EVP_MD_CTX *ctx; const EVP_MD *digest; char *digest_name = String_val(v_alg); if (strcmp(digest_name, "sha1") == 0) digest = EVP_sha1(); else if (strcmp(digest_name, "sha256") == 0) digest = EVP_sha256(); else { caml_failwith("Unknown digest name"); CAMLreturn(Val_unit); /* (make compiler happy) */ } if ((ctx = EVP_MD_CTX_create()) == NULL) caml_failwith("EVP_MD_CTX_create: out of memory"); EVP_DigestInit_ex(ctx, digest, NULL); CAMLlocal1(block); block = caml_alloc_custom(&ctx_ops, sizeof(EVP_MD_CTX*), 0, 1); Ctx_val(block) = ctx; CAMLreturn(block); }
/* * @func sha256 calculates SHA256 * @param IN const void* const buf is the input payload * @param size_t buflen is the payload length in bytes * @param OUT uint8_t* hash is the resulting output hash * @return encip_ret_e: * ENCIP_ERROR_SHA_INVALID_PARAM if any of the input parameters is NULL * ENCIP_ERROR_SHA_ALLOC if EVP_MD_CTX_create is unable to allocate buffer * ENCIP_ERROR_SHA_INIT is EVP_DigestInit_ex fails * ENCIP_ERROR_SHA_UPDATE if EVP_DigestUpdate fails * ENCIP_ERROR_SHA_FINAL if EVP_DigestFinal_ex fails * ENCIP_SUCCESS if success */ encip_ret_e sha256(IN const void* const buf, size_t buflen, OUT uint8_t* hash) { encip_ret_e ret = ENCIP_ERROR_FAIL; unsigned int digest_len = 0; if(NULL== buf || NULL== hash) return ENCIP_ERROR_SHA_INVALID_PARAM; EVP_MD_CTX *mdctx = EVP_MD_CTX_create(); if(NULL == mdctx) return ENCIP_ERROR_SHA_ALLOC; if(EVP_SUCCESS != EVP_DigestInit_ex(mdctx, EVP_sha256(), NULL)){ ret = ENCIP_ERROR_SHA_INIT; goto Label_free_context; } if(EVP_SUCCESS != EVP_DigestUpdate(mdctx, buf, buflen)){ ret = ENCIP_ERROR_SHA_UPDATE; goto Label_free_context; } if((EVP_SUCCESS != EVP_DigestFinal_ex(mdctx, hash, &digest_len)) || (SGX_SHA256_HASH_SIZE != digest_len)){ ret = ENCIP_ERROR_SHA_FINAL; goto Label_free_context; } ret = ENCIP_SUCCESS; Label_free_context: EVP_MD_CTX_destroy(mdctx); return ret; }
//Create base 64 encoded digital signature of given data bool digiSign(StringBuffer &b64Signature, size32_t dataSz, const void *data, const CLoadedKey &signingKey) { OwnedEVPMdCtx signingCtx(EVP_MD_CTX_create()); //initialize context for SHA-256 hashing function int rc = EVP_DigestSignInit(signingCtx, nullptr, EVP_sha256(), nullptr, signingKey); if (rc <= 0) throwEVPException(-1, "digiSign:EVP_DigestSignInit"); //add string to the context if (EVP_DigestSignUpdate(signingCtx, data, dataSz) <= 0) throwEVPException(-1, "digiSign:EVP_DigestSignUpdate"); //compute length of signature size_t encMsgLen; if (EVP_DigestSignFinal(signingCtx, nullptr, &encMsgLen) <= 0) throwEVPException(-1, "digiSign:EVP_DigestSignFinal1"); if (encMsgLen == 0) throwEVPException(-1, "digiSign:EVP_DigestSignFinal length returned 0"); //compute signature (signed digest) OwnedEVPMemory encMsg = OPENSSL_malloc(encMsgLen); if (encMsg == nullptr) throw MakeStringException(-1, "digiSign:OPENSSL_malloc(%u) returned NULL", (unsigned)encMsgLen); if (EVP_DigestSignFinal(signingCtx, (unsigned char *)encMsg.get(), &encMsgLen) <= 0) throwEVPException(-1, "digiSign:EVP_DigestSignFinal2"); //convert to base64 JBASE64_Encode(encMsg, encMsgLen, b64Signature, false); return true; }
//Computes a digest of 'filename'. The length of the digest is stored in 'md_len' unsigned char *digest_file(char* filename, int *md_len) { FILE *f = fopen(filename, "r"); if(f != NULL) { EVP_MD_CTX *ctx; unsigned char *md_value = calloc(EVP_MAX_MD_SIZE, sizeof(unsigned char)); ctx = EVP_MD_CTX_create(); EVP_DigestInit_ex(ctx, EVP_sha512(), NULL); while(feof(f) == 0) { char *buf = calloc(FILE_HASH_SIZE, sizeof(char)); int amount = fread(buf, sizeof(char), FILE_HASH_SIZE, f); EVP_DigestUpdate(ctx, buf, amount); free(buf); } fclose(f); EVP_DigestFinal_ex(ctx, md_value, md_len); EVP_MD_CTX_destroy(ctx); //resize the md_value if(*md_len < EVP_MAX_MD_SIZE) md_value = realloc(md_value, *md_len); return md_value; } else { fprintf(stderr, "Could not create digest of %s: %s\n",filename, strerror(errno)); return NULL; } }
char * crypt_pass(char *password, int encode) { EVP_MD_CTX *mdctx; const EVP_MD *md; unsigned char md_value[EVP_MAX_MD_SIZE]; char buffer[2*DIGEST_LEN + 1]; char *ret; unsigned int md_len; md = EVP_get_digestbyname(DIGEST_FUNCTION); mdctx = EVP_MD_CTX_create(); EVP_MD_CTX_init(mdctx); EVP_DigestInit_ex(mdctx, md, NULL); EVP_DigestUpdate(mdctx, password, strlen(password)); EVP_DigestFinal_ex(mdctx, md_value, &md_len); EVP_MD_CTX_destroy(mdctx); if(encode) { base16_encode(buffer, sizeof(buffer), (char *)md_value, DIGEST_LEN); DupString(ret, buffer); } else { ret = MyMalloc(DIGEST_LEN); memcpy(ret, md_value, DIGEST_LEN); } return ret; }
static isc_result_t opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) { EVP_MD_CTX *evp_md_ctx; const EVP_MD *type = NULL; UNUSED(key); REQUIRE(dctx->key->key_alg == DST_ALG_ECDSA256 || dctx->key->key_alg == DST_ALG_ECDSA384); evp_md_ctx = EVP_MD_CTX_create(); if (evp_md_ctx == NULL) return (ISC_R_NOMEMORY); if (dctx->key->key_alg == DST_ALG_ECDSA256) type = EVP_sha256(); else type = EVP_sha384(); if (!EVP_DigestInit_ex(evp_md_ctx, type, NULL)) { EVP_MD_CTX_destroy(evp_md_ctx); return (dst__openssl_toresult3(dctx->category, "EVP_DigestInit_ex", ISC_R_FAILURE)); } dctx->ctxdata.evp_md_ctx = evp_md_ctx; return (ISC_R_SUCCESS); }
int main(int argc, char *argv[]) { EVP_MD_CTX *mdctx; const EVP_MD *md; unsigned char md_value[EVP_MAX_MD_SIZE]; int md_len, i; OpenSSL_add_all_digests(); if (argc != 3) { printf("Usage: %s <Message> <MDType>\n", argv[0]); exit(1); } md = EVP_get_digestbyname(argv[2]); if (!md) { printf("Unknown message digest %s\n", argv[2]); exit(1); } mdctx = EVP_MD_CTX_create(); EVP_DigestInit_ex(mdctx, md, NULL); EVP_DigestUpdate(mdctx, argv[1], strlen(argv[1])); EVP_DigestFinal_ex(mdctx, md_value, &md_len); EVP_MD_CTX_destroy(mdctx); printf("%s [%s]: ", argv[1], argv[2]); for (i = 0; i < md_len; i++) printf("%02x", md_value[i]); printf("\n"); }
Hash *HashNewFromDescriptor(const int descriptor, HashMethod method) { if (descriptor < 0) { return NULL; } if (method >= HASH_METHOD_NONE) { return NULL; } char buffer[1024]; int read_count = 0; EVP_MD_CTX *context = NULL; const EVP_MD *md = NULL; int md_len = 0; md = EVP_get_digestbyname(CF_DIGEST_TYPES[method]); if (md == NULL) { Log(LOG_LEVEL_INFO, "Digest type %s not supported by OpenSSL library", CF_DIGEST_TYPES[method]); return NULL; } Hash *hash = HashBasicInit(method); context = EVP_MD_CTX_create(); EVP_DigestInit_ex(context, md, NULL); do { read_count = read(descriptor, buffer, 1024); EVP_DigestUpdate(context, buffer, (size_t) read_count); } while (read_count > 0); EVP_DigestFinal_ex(context, hash->digest, &md_len); EVP_MD_CTX_destroy(context); /* Update the printable representation */ HashCalculatePrintableRepresentation(hash); /* Return the hash */ return hash; }
int lws_genhash_init(struct lws_genhash_ctx *ctx, enum lws_genhash_types type) { ctx->type = type; ctx->mdctx = EVP_MD_CTX_create(); if (!ctx->mdctx) return 1; switch (ctx->type) { case LWS_GENHASH_TYPE_SHA1: ctx->evp_type = EVP_sha1(); break; case LWS_GENHASH_TYPE_SHA256: ctx->evp_type = EVP_sha256(); break; case LWS_GENHASH_TYPE_SHA384: ctx->evp_type = EVP_sha384(); break; case LWS_GENHASH_TYPE_SHA512: ctx->evp_type = EVP_sha512(); break; default: return 1; } if (EVP_DigestInit_ex(ctx->mdctx, ctx->evp_type, NULL) != 1) { EVP_MD_CTX_destroy(ctx->mdctx); return 1; } return 0; }
int evp_sign(EVP_PKEY* evp, enum EVP_DIGEST_TYPE type, FILE* fp, string* s) { unsigned char digest[EVP_MAX_MD_SIZE]; unsigned int digest_length = 0; EVP_MD_CTX* ctx; int ret; if (!digest_fp(fp, type, digest, &digest_length)) { return 0; } ctx = EVP_MD_CTX_create(); if (ctx == NULL) { fprintf(stderr, "evp_verify: failed to create digest context\n"); return EVP_ERROR; } string_resize(s, EVP_PKEY_size(evp)); ret = evp_sign_internal(evp, ctx, type, digest, digest_length, s); EVP_MD_CTX_cleanup(ctx); EVP_MD_CTX_destroy(ctx); return ret; }
static int evp_fdigest(lua_State *L) { EVP_MD_CTX *c = NULL; const char *type_name = luaL_checkstring(L, 1); const char *s = luaL_checkstring(L, 2); const EVP_MD *type = EVP_get_digestbyname(type_name); unsigned char digest[EVP_MAX_MD_SIZE]; size_t written = 0; unsigned int i; char *hex; if (type == NULL) { luaL_argerror(L, 1, "invalid digest type"); return 0; } c = EVP_MD_CTX_create(); EVP_DigestInit_ex(c, type, NULL); EVP_DigestUpdate(c, s, lua_strlen(L, 2)); EVP_DigestFinal_ex(c, digest, &written); if (lua_toboolean(L, 3)) lua_pushlstring(L, (char *)digest, written); else { hex = calloc(sizeof(char), written*2 + 1); for (i = 0; i < written; i++) sprintf(hex + 2*i, "%02x", digest[i]); lua_pushlstring(L, hex, written*2); free(hex); } return 1; }
int HashSHA256(unsigned char *hashed, const unsigned char *plain, unsigned int plen){ if (hashed == NULL || plain == NULL || plen <= 0) return 0; EVP_MD_CTX *mdctx; int md_len = 0; if (!(mdctx = EVP_MD_CTX_create())) return 0; if (1 != EVP_DigestInit_ex(mdctx, EVP_sha256(), NULL)) { if (mdctx) EVP_MD_CTX_destroy(mdctx); return 0; } if (1 != EVP_DigestUpdate(mdctx, plain, plen)) { if (mdctx) EVP_MD_CTX_destroy(mdctx); return 0; } if (1 != EVP_DigestFinal_ex(mdctx, hashed, &md_len)) { if (mdctx) EVP_MD_CTX_destroy(mdctx); return 0; } if (mdctx) EVP_MD_CTX_destroy(mdctx); return md_len; }
static int evp_digest(lua_State *L) { EVP_MD_CTX *c = evp_pget(L, 1); EVP_MD_CTX *d = NULL; unsigned char digest[EVP_MAX_MD_SIZE]; size_t written = 0; unsigned int i; char *hex; if (lua_isstring(L, 2)) { const char *s = luaL_checkstring(L, 2); EVP_DigestUpdate(c, s, lua_strlen(L, 2)); } d = EVP_MD_CTX_create(); EVP_MD_CTX_copy_ex(d, c); EVP_DigestFinal_ex(d, digest, &written); EVP_MD_CTX_destroy(d); if (lua_toboolean(L, 3)) lua_pushlstring(L, (char *)digest, written); else { hex = calloc(sizeof(char), written*2 + 1); for (i = 0; i < written; i++) sprintf(hex + 2*i, "%02x", digest[i]); lua_pushlstring(L, hex, written*2); free(hex); } return 1; }
std::string PbeMd5AndDesEncryptor::generateDataHash(const std::string& data, const std::string salt, long iterations) { EVP_MD_CTX *ctx = EVP_MD_CTX_create(); const EVP_MD *algorithm = EVP_md5(); unsigned char result[MD5_DIGEST_LENGTH]; if (salt.length() < ALGO_BLOCK_SIZE) { BOOST_THROW_EXCEPTION(StringEncryptorException("Provided salt is of insufficient length")); } /* * Add digest to digest stack if not already there. * Digest stack gets cleanup upon program termination. */ EVP_add_digest(algorithm); if (!EVP_DigestInit_ex(ctx, algorithm, NULL) || !EVP_DigestUpdate(ctx, data.data(), data.length()) || !EVP_DigestUpdate(ctx, salt.data(), ALGO_BLOCK_SIZE) || !EVP_DigestFinal_ex(ctx, result, NULL)) { BOOST_THROW_EXCEPTION(StringEncryptorException("Error in generating digest")); } while (--iterations != 0) { if (!EVP_DigestInit_ex(ctx, algorithm, NULL) || !EVP_DigestUpdate(ctx, result, MD5_DIGEST_LENGTH) || !EVP_DigestFinal_ex(ctx, result, NULL)) { BOOST_THROW_EXCEPTION(StringEncryptorException("Error in generating digest")); } } EVP_MD_CTX_destroy(ctx); return std::string(reinterpret_cast<char *>(result), MD5_DIGEST_LENGTH); }
static int sign(void *ctx,char *file,void *in,int ilen,void *out,int *olen) { int r=NOCARD; size_t slen=*olen; ENGINE *e=(ENGINE *)ctx; EVP_PKEY *key; EVP_MD_CTX *mdc; resume_engine(e,engbits); if(!(key=ENGINE_load_private_key(e,file,NULL,NULL)))goto err1; r=CRYPTOFAIL; if(!(mdc=EVP_MD_CTX_create()))goto err2; if(EVP_DigestInit_ex(mdc,EVP_sha256(),NULL)!=1)goto err3; if(EVP_DigestSignInit(mdc,NULL,EVP_sha256(),NULL,key)!=1)goto err3; if(EVP_DigestSignUpdate(mdc,in,ilen)!=1)goto err3; if(EVP_DigestSignFinal(mdc,out,&slen)!=1)goto err3; *olen=slen; r=OK; err3: EVP_MD_CTX_destroy(mdc); err2: EVP_PKEY_free(key); err1: suspend_engine(e,&engbits); return r; }
/** * @ingroup SnmpParser * @brief 비밀번호로 key 를 생성한다. * @param pszPassWord 비밀번호 * @param pszKey 생성된 key 저장 변수 * @returns 성공하면 true 를 리턴하고 실패하면 false 를 리턴한다. */ bool SnmpMakeKey( const char * pszPassWord, uint8_t * pszKey ) { int iPassWordLen = strlen(pszPassWord); int iInputLen = 1024 * 1024; int iIndex = 0; char szBuf[64]; unsigned int iResultLen = 16; EVP_MD_CTX * psttCtx = EVP_MD_CTX_create(); EVP_DigestInit( psttCtx, EVP_md5() ); while( iInputLen > 0 ) { for( int i = 0; i < 64; ++i ) { szBuf[i] = pszPassWord[iIndex % iPassWordLen]; ++iIndex; } EVP_DigestUpdate( psttCtx, szBuf, 64 ); iInputLen -= 64; } EVP_DigestFinal( psttCtx, (unsigned char *)pszKey, &iResultLen ); EVP_MD_CTX_destroy( psttCtx ); return true; }
static int verify(char *file,void *in,int ilen,void *sig,int slen) { int r=FILEFAIL; BIO *cert; X509 *x509; EVP_PKEY *key; EVP_MD_CTX *mdc; if(!(cert=BIO_new(BIO_s_file())))goto err1; if(BIO_read_filename(cert,file)<=0)goto err2; r=CRYPTOFAIL; if(!(x509=PEM_read_bio_X509_AUX(cert,NULL,NULL,NULL)))goto err2; if(!(key=X509_get_pubkey(x509)))goto err3; if(!(mdc=EVP_MD_CTX_create()))goto err4; if(EVP_DigestInit_ex(mdc,EVP_sha256(),NULL)!=1)goto err5; if(EVP_DigestVerifyInit(mdc,NULL,EVP_sha256(),NULL,key)!=1)goto err5; if(EVP_DigestVerifyUpdate(mdc,in,ilen)!=1)goto err5; if(EVP_DigestVerifyFinal(mdc,sig,slen)!=1)goto err5; r=OK; err5: EVP_MD_CTX_destroy(mdc); err4: EVP_PKEY_free(key); err3: X509_free(x509); err2: BIO_free(cert); err1: return r; }
struct swupdate_digest *swupdate_HASH_init(const char *SHAlength) { struct swupdate_digest *dgst; const EVP_MD *md; int ret; dgst = calloc(1, sizeof(*dgst)); if (!dgst) { return NULL; } if ((!SHAlength) || strcmp(SHAlength, "sha1")) md = EVP_sha256(); else md = EVP_sha1(); dgst->ctx = EVP_MD_CTX_create(); if(dgst->ctx == NULL) { ERROR("EVP_MD_CTX_create failed, error 0x%lx", ERR_get_error()); free(dgst); return NULL; } ret = dgst_init(dgst, md); if (ret) { free(dgst); return NULL; } return dgst; }
static isc_result_t openssldsa_createctx(dst_key_t *key, dst_context_t *dctx) { #if USE_EVP EVP_MD_CTX *evp_md_ctx; UNUSED(key); evp_md_ctx = EVP_MD_CTX_create(); if (evp_md_ctx == NULL) return (ISC_R_NOMEMORY); if (!EVP_DigestInit_ex(evp_md_ctx, EVP_dss1(), NULL)) { EVP_MD_CTX_destroy(evp_md_ctx); return (ISC_R_FAILURE); } dctx->ctxdata.evp_md_ctx = evp_md_ctx; return (ISC_R_SUCCESS); #else isc_sha1_t *sha1ctx; UNUSED(key); sha1ctx = isc_mem_get(dctx->mctx, sizeof(isc_sha1_t)); isc_sha1_init(sha1ctx); dctx->ctxdata.sha1ctx = sha1ctx; return (ISC_R_SUCCESS); #endif }