Exemple #1
0
int
_krb5_evp_digest_iov(krb5_crypto crypto,
		     const struct krb5_crypto_iov *iov,
		     int niov,
		     void *hash,
		     unsigned int *hsize,
		     const EVP_MD *md,
		     ENGINE *engine)
{
    EVP_MD_CTX *ctx;
    int ret, i;
    krb5_data current = {0,0};

    if (crypto != NULL) {
	if (crypto->mdctx == NULL)
	    crypto->mdctx = EVP_MD_CTX_create();
	if (crypto->mdctx == NULL)
	    return 0;
	ctx = crypto->mdctx;
    } else
        ctx = EVP_MD_CTX_create();

    ret = EVP_DigestInit_ex(ctx, md, engine);
    if (ret != 1)
	goto out;

    for (i = 0; i < niov; i++) {
        if (_krb5_crypto_iov_should_sign(&iov[i])) {
	    if ((char *)current.data + current.length == iov[i].data.data) {
		current.length += iov[i].data.length;
	    } else {
		if (current.data) {
		    ret = EVP_DigestUpdate(ctx, current.data, current.length);
		    if (ret != 1)
		        goto out;
		}
		current = iov[i].data;
	    }
	}
    }

    if (current.data) {
	ret = EVP_DigestUpdate(ctx, current.data, current.length);
	if (ret != 1)
	    goto out;
    }

    ret = EVP_DigestFinal_ex(ctx, hash, hsize);

out:
    if (crypto == NULL)
        EVP_MD_CTX_destroy(ctx);

    return ret;
}
Exemple #2
0
static struct rspamd_lua_cryptobox_hash *
rspamd_lua_hash_create (const gchar *type)
{
	struct rspamd_lua_cryptobox_hash *h;

	h = g_slice_alloc0 (sizeof (*h));

	if (type) {
		if (g_ascii_strcasecmp (type, "md5") == 0) {
			h->is_ssl = TRUE;
			h->c = EVP_MD_CTX_create ();
			EVP_DigestInit (h->c, EVP_md5 ());

			goto ret;
		}
		else if (g_ascii_strcasecmp (type, "sha1") == 0 ||
					g_ascii_strcasecmp (type, "sha") == 0) {
			h->is_ssl = TRUE;
			h->c = EVP_MD_CTX_create ();
			EVP_DigestInit (h->c, EVP_sha1 ());

			goto ret;
		}
		else if (g_ascii_strcasecmp (type, "sha256") == 0) {
			h->is_ssl = TRUE;
			h->c = EVP_MD_CTX_create ();
			EVP_DigestInit (h->c, EVP_sha256 ());

			goto ret;
		}
		else if (g_ascii_strcasecmp (type, "sha512") == 0) {
			h->is_ssl = TRUE;
			h->c = EVP_MD_CTX_create ();
			EVP_DigestInit (h->c, EVP_sha512 ());

			goto ret;
		}
		else if (g_ascii_strcasecmp (type, "sha384") == 0) {
			h->is_ssl = TRUE;
			h->c = EVP_MD_CTX_create ();
			EVP_DigestInit (h->c, EVP_sha384 ());

			goto ret;
		}
	}

	h->h = g_slice_alloc0 (sizeof (*h->h));
	rspamd_cryptobox_hash_init (h->h, NULL, 0);

ret:
	return h;
}
static bool verifySignature(const char *data, int dataLength, char *signature, int signatureLength, const char *cert) {
    X509* x509;
    BIO* bio = BIO_new(BIO_s_mem());
    BIO_puts(bio, cert);
    x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
    
    BIO_free(bio);
    
    if (!x509) {
        return false;
    }
    
    EVP_PKEY* pubKey = X509_get_pubkey(x509);
    EVP_MD_CTX *mdctx = NULL;
    mdctx = EVP_MD_CTX_create();
    EVP_DigestVerifyInit(mdctx, NULL, EVP_sha256(), NULL, pubKey);
    EVP_DigestVerifyUpdate(mdctx, data, dataLength);
    int result = EVP_DigestVerifyFinal(mdctx, signature, signatureLength);
    
    X509_free(x509);
    EVP_PKEY_free(pubKey);
    EVP_MD_CTX_destroy(mdctx);
    
    return result > 0;
}
Exemple #4
0
static int verify_jwt_signature(EVP_PKEY *key, const char *alg,
                                grpc_slice signature, grpc_slice signed_data) {
  EVP_MD_CTX *md_ctx = EVP_MD_CTX_create();
  const EVP_MD *md = evp_md_from_alg(alg);
  int result = 0;

  GPR_ASSERT(md != NULL); /* Checked before. */
  if (md_ctx == NULL) {
    gpr_log(GPR_ERROR, "Could not create EVP_MD_CTX.");
    goto end;
  }
  if (EVP_DigestVerifyInit(md_ctx, NULL, md, NULL, key) != 1) {
    gpr_log(GPR_ERROR, "EVP_DigestVerifyInit failed.");
    goto end;
  }
  if (EVP_DigestVerifyUpdate(md_ctx, GRPC_SLICE_START_PTR(signed_data),
                             GRPC_SLICE_LENGTH(signed_data)) != 1) {
    gpr_log(GPR_ERROR, "EVP_DigestVerifyUpdate failed.");
    goto end;
  }
  if (EVP_DigestVerifyFinal(md_ctx, GRPC_SLICE_START_PTR(signature),
                            GRPC_SLICE_LENGTH(signature)) != 1) {
    gpr_log(GPR_ERROR, "JWT signature verification failed.");
    goto end;
  }
  result = 1;

end:
  if (md_ctx != NULL) EVP_MD_CTX_destroy(md_ctx);
  return result;
}
Exemple #5
0
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
_krb5_des_checksum(krb5_context context,
		   const EVP_MD *evp_md,
		   struct _krb5_key_data *key,
		   const void *data,
		   size_t len,
		   Checksum *cksum)
{
    struct _krb5_evp_schedule *ctx = key->schedule->data;
    EVP_MD_CTX *m;
    DES_cblock ivec;
    unsigned char *p = cksum->checksum.data;

    krb5_generate_random_block(p, 8);

    m = EVP_MD_CTX_create();
    if (m == NULL)
	return krb5_enomem(context);

    EVP_DigestInit_ex(m, evp_md, NULL);
    EVP_DigestUpdate(m, p, 8);
    EVP_DigestUpdate(m, data, len);
    EVP_DigestFinal_ex (m, p + 8, NULL);
    EVP_MD_CTX_destroy(m);
    memset (&ivec, 0, sizeof(ivec));
    EVP_CipherInit_ex(&ctx->ectx, NULL, NULL, NULL, (void *)&ivec, -1);
    EVP_Cipher(&ctx->ectx, p, p, 24);

    return 0;
}
Exemple #6
0
/**
 * returns -1 on error
 * returns 0 on non-verified digest
 * returns 1 on verified digest
 */
int evp_verify(EVP_PKEY* evp, enum EVP_DIGEST_TYPE type, FILE* fp, string* s)
{
  unsigned char digest[SHA_DIGEST_LENGTH];
  unsigned int digest_length = 0;
  int ret;
  EVP_MD_CTX* ctx = NULL;

  if (evp == NULL) {
    fprintf(stderr, "evp_verify: NULL EVP_PKEY\n");
    return EVP_ERROR;
  }

  if (!digest_fp(fp, type, digest, &digest_length)) {
    fprintf(stderr, "evp_verify: message digest failed\n");
    return EVP_ERROR;
  }

  ctx = EVP_MD_CTX_create();

  if (ctx == NULL) {
    fprintf(stderr, "evp_verify: failed to create digest context\n");
    return EVP_ERROR;
  }

  ret = evp_verify_internal(evp, ctx, type, digest, digest_length, s);

  EVP_MD_CTX_cleanup(ctx);
  EVP_MD_CTX_destroy(ctx);

  return ret;
}
Exemple #7
0
static LUA_FUNCTION(openssl_evp_digest_init)
{
  EVP_MD* md = CHECK_OBJECT(1, EVP_MD, "openssl.evp_digest");
  ENGINE*     e = lua_gettop(L) > 1 ? CHECK_OBJECT(2, ENGINE, "openssl.engine") : NULL;

  EVP_MD_CTX* ctx = EVP_MD_CTX_create();
  if (ctx)
  {
    int ret;
    EVP_MD_CTX_init(ctx);
    ret = EVP_DigestInit_ex(ctx, md, e);
    if (ret == 1)
    {
      PUSH_OBJECT(ctx, "openssl.evp_digest_ctx");
    }
    else
    {
      EVP_MD_CTX_destroy(ctx);
      return openssl_pushresult(L, ret);
    }
  }
  else
    lua_pushnil(L);
  return 1;
}
Exemple #8
0
Fichier : hash.c Projet : lra/core
/*
 * Constructors
 * All constructors call two common methods: HashBasicInit(...) and HashCalculatePrintableRepresentation(...).
 * Each constructor reads the data to create the Hash from different sources so after the basic
 * initialization and up to the point where the hash is computed, each follows its own path.
 */
Hash *HashNew(const char *data, const unsigned int length, HashMethod method)
{
    if (!data || (length == 0))
    {
        return NULL;
    }
    if (method >= HASH_METHOD_NONE)
    {
        return NULL;
    }
    /*
     * OpenSSL documentation marked EVP_DigestInit and EVP_DigestFinal functions as deprecated and
     * recommends moving to EVP_DigestInit_ex and EVP_DigestFinal_ex.
     */
    EVP_MD_CTX *context = NULL;
    const EVP_MD *md = NULL;
    int md_len = 0;
    md = EVP_get_digestbyname(CF_DIGEST_TYPES[method]);
    if (md == NULL)
    {
        Log(LOG_LEVEL_INFO, "Digest type %s not supported by OpenSSL library", CF_DIGEST_TYPES[method]);
        return NULL;
    }
    Hash *hash = HashBasicInit(method);
    context = EVP_MD_CTX_create();
    EVP_DigestInit_ex(context, md, NULL);
    EVP_DigestUpdate(context, data, (size_t) length);
    EVP_DigestFinal_ex(context, hash->digest, &md_len);
    EVP_MD_CTX_destroy(context);
    /* Update the printable representation */
    HashCalculatePrintableRepresentation(hash);
    /* Return the hash */
    return hash;
}
Exemple #9
0
char *pkgr_generate_checksum(char *filename, char *hexdigest) {
    OpenSSL_add_all_digests();
    const EVP_MD *md = EVP_get_digestbyname("rmd160");
    if(!md) {
        pkgr_error("Ripemd-160 is not supported by this version of OpenSSL");
        exit(1);
    }
    EVP_MD_CTX *ctx = EVP_MD_CTX_create();
    EVP_DigestInit_ex(ctx, md, NULL);
    FILE *dfile = fopen(filename, "rb");
    if(dfile == NULL) {
        pkgr_error("Invalid file (%s)", filename);
        exit(1);
    }
    while(!feof(dfile)) {
        char data[1024];
        size_t size = fread(data, sizeof(char), sizeof(data), dfile);
        EVP_DigestUpdate(ctx, data, size);
    }
    unsigned int md_len;
    unsigned char checksum[EVP_MAX_MD_SIZE];
    EVP_DigestFinal_ex(ctx, checksum, &md_len);
    EVP_MD_CTX_destroy(ctx);
    unsigned int i;
    for(i = 0; i < md_len; i++) {
        char buffer[3];
        snprintf(buffer, sizeof(buffer), "%02x", checksum[i]);
        strcat(hexdigest, buffer);
    }
    return hexdigest;
}
Exemple #10
0
Fichier : md.c Projet : dun/munge
static int
_md_ctx_create (md_ctx *x)
{
    assert (x != NULL);

#if HAVE_EVP_MD_CTX_NEW
    /*  OpenSSL >= 1.1.0  */
    x->ctx = EVP_MD_CTX_new ();                         /* alloc & init */
#elif HAVE_EVP_MD_CTX_CREATE
    /*  OpenSSL >= 0.9.7, < 1.1.0  */
    x->ctx = EVP_MD_CTX_create ();                      /* alloc & init */
#else  /* !HAVE_EVP_MD_CTX_CREATE */
    x->ctx = OPENSSL_malloc (sizeof (EVP_MD_CTX));      /* allocate */
#if HAVE_EVP_MD_CTX_INIT
    /*  OpenSSL >= 0.9.7, < 1.1.0  */
    if (x->ctx != NULL ) {
        EVP_MD_CTX_init (x->ctx);                       /* initialize */
    }
#endif /* HAVE_EVP_MD_CTX_INIT */
#endif /* !HAVE_EVP_MD_CTX_CREATE */
    if (x->ctx == NULL) {
        return (-1);
    }
    return (0);
}
Exemple #11
0
EAC_CTX *
EAC_CTX_new(void)
{
    EAC_CTX *ctx = OPENSSL_malloc(sizeof(EAC_CTX));
    if (!ctx)
        return NULL;

    ctx->bn_ctx = BN_CTX_new();
    ctx->ca_ctxs = (STACK_OF(CA_CTX *)) sk_new_null();
    ctx->cipher_ctx = EVP_CIPHER_CTX_new();
    ctx->md_ctx = EVP_MD_CTX_create();
    ctx->pace_ctxs = (STACK_OF(PACE_CTX *)) sk_new_null();
    ctx->ri_ctxs = (STACK_OF(RI_CTX *)) sk_new_null();
    ctx->ssc = BN_new();
    ctx->ta_ctx = TA_CTX_new();

    if (!ctx->bn_ctx || !ctx->md_ctx || !ctx->pace_ctxs
            || !ctx->ta_ctx || !ctx->ca_ctxs || !ctx->cipher_ctx
            || !ctx->ri_ctxs || !ctx->ssc)
        goto err;

    BN_CTX_init(ctx->bn_ctx);
    EVP_CIPHER_CTX_init(ctx->cipher_ctx);
    ctx->ca_ctx = NULL;
    ctx->key_ctx = NULL;
    ctx->pace_ctx = NULL;
    ctx->ri_ctx = NULL;
    ctx->tr_version = EAC_TR_VERSION_2_02;

    return ctx;

err:
    EAC_CTX_clear_free(ctx);
    return NULL;
}
Exemple #12
0
CAMLprim value ocaml_EVP_MD_CTX_init(value v_alg) {
  CAMLparam1(v_alg);

  EVP_MD_CTX *ctx;

  const EVP_MD *digest;

  char *digest_name = String_val(v_alg);
  if (strcmp(digest_name, "sha1") == 0)
    digest = EVP_sha1();
  else if (strcmp(digest_name, "sha256") == 0)
    digest = EVP_sha256();
  else {
    caml_failwith("Unknown digest name");
    CAMLreturn(Val_unit);	/* (make compiler happy) */
  }

  if ((ctx = EVP_MD_CTX_create()) == NULL)
    caml_failwith("EVP_MD_CTX_create: out of memory");

  EVP_DigestInit_ex(ctx, digest, NULL);

  CAMLlocal1(block);
  block = caml_alloc_custom(&ctx_ops, sizeof(EVP_MD_CTX*), 0, 1);
  Ctx_val(block) = ctx;

  CAMLreturn(block);
}
Exemple #13
0
/*
 * @func sha256 calculates SHA256 
 * @param IN const void* const buf is the input payload
 * @param size_t buflen is the payload length in bytes
 * @param OUT uint8_t* hash is the resulting output hash
 * @return encip_ret_e:
 * ENCIP_ERROR_SHA_INVALID_PARAM if any of the input parameters is NULL
 * ENCIP_ERROR_SHA_ALLOC if EVP_MD_CTX_create is unable to allocate buffer
 * ENCIP_ERROR_SHA_INIT is EVP_DigestInit_ex fails
 * ENCIP_ERROR_SHA_UPDATE if EVP_DigestUpdate fails
 * ENCIP_ERROR_SHA_FINAL if EVP_DigestFinal_ex fails
 * ENCIP_SUCCESS if success
 */
encip_ret_e sha256(IN const void* const buf, size_t buflen, OUT uint8_t* hash)
{
    encip_ret_e ret = ENCIP_ERROR_FAIL; 
    unsigned int digest_len = 0;
    
    if(NULL== buf || NULL== hash)
        return ENCIP_ERROR_SHA_INVALID_PARAM;

    EVP_MD_CTX *mdctx = EVP_MD_CTX_create();
    if(NULL == mdctx)
        return ENCIP_ERROR_SHA_ALLOC;

    if(EVP_SUCCESS != EVP_DigestInit_ex(mdctx, EVP_sha256(), NULL)){
        ret = ENCIP_ERROR_SHA_INIT;
        goto Label_free_context;
    }

    if(EVP_SUCCESS != EVP_DigestUpdate(mdctx, buf, buflen)){
        ret = ENCIP_ERROR_SHA_UPDATE;
        goto Label_free_context;
    }

    if((EVP_SUCCESS != EVP_DigestFinal_ex(mdctx, hash, &digest_len)) ||
       (SGX_SHA256_HASH_SIZE != digest_len)){
        ret = ENCIP_ERROR_SHA_FINAL;
        goto Label_free_context;
    }

    ret = ENCIP_SUCCESS;

Label_free_context: 
    EVP_MD_CTX_destroy(mdctx);
    
    return ret;
}
//Create base 64 encoded digital signature of given data
bool digiSign(StringBuffer &b64Signature, size32_t dataSz, const void *data, const CLoadedKey &signingKey)
{
    OwnedEVPMdCtx signingCtx(EVP_MD_CTX_create());
    //initialize context for SHA-256 hashing function
    int rc = EVP_DigestSignInit(signingCtx, nullptr, EVP_sha256(), nullptr, signingKey);
    if (rc <= 0)
        throwEVPException(-1, "digiSign:EVP_DigestSignInit");

    //add string to the context
    if (EVP_DigestSignUpdate(signingCtx, data, dataSz) <= 0)
        throwEVPException(-1, "digiSign:EVP_DigestSignUpdate");

    //compute length of signature
    size_t encMsgLen;
    if (EVP_DigestSignFinal(signingCtx, nullptr, &encMsgLen) <= 0)
        throwEVPException(-1, "digiSign:EVP_DigestSignFinal1");

    if (encMsgLen == 0)
        throwEVPException(-1, "digiSign:EVP_DigestSignFinal length returned 0");

    //compute signature (signed digest)
    OwnedEVPMemory encMsg = OPENSSL_malloc(encMsgLen);
    if (encMsg == nullptr)
        throw MakeStringException(-1, "digiSign:OPENSSL_malloc(%u) returned NULL", (unsigned)encMsgLen);

    if (EVP_DigestSignFinal(signingCtx, (unsigned char *)encMsg.get(), &encMsgLen) <= 0)
        throwEVPException(-1, "digiSign:EVP_DigestSignFinal2");

    //convert to base64
    JBASE64_Encode(encMsg, encMsgLen, b64Signature, false);

    return true;
}
Exemple #15
0
//Computes a digest of 'filename'. The length of the digest is stored in 'md_len'
unsigned char *digest_file(char* filename, int *md_len)
{
	FILE *f = fopen(filename, "r");
	if(f != NULL) {
		EVP_MD_CTX *ctx;
		unsigned char *md_value = calloc(EVP_MAX_MD_SIZE, sizeof(unsigned char));
		ctx = EVP_MD_CTX_create();
		EVP_DigestInit_ex(ctx, EVP_sha512(), NULL);
		while(feof(f) == 0) {
			char *buf = calloc(FILE_HASH_SIZE, sizeof(char));
			int amount = fread(buf, sizeof(char), FILE_HASH_SIZE, f);
			EVP_DigestUpdate(ctx, buf, amount);
			free(buf);
		}
		fclose(f);
		EVP_DigestFinal_ex(ctx, md_value, md_len);
		EVP_MD_CTX_destroy(ctx);
		//resize the md_value
		if(*md_len < EVP_MAX_MD_SIZE)	
			md_value = realloc(md_value, *md_len);
		return md_value;
	} else {
		fprintf(stderr, "Could not create digest of %s: %s\n",filename, strerror(errno));
		return NULL;
	}
}
Exemple #16
0
char *
crypt_pass(char *password, int encode)
{
  EVP_MD_CTX *mdctx;
  const EVP_MD *md;
  unsigned char md_value[EVP_MAX_MD_SIZE];
  char buffer[2*DIGEST_LEN + 1];
  char *ret;
  unsigned int md_len;

  md = EVP_get_digestbyname(DIGEST_FUNCTION);

  mdctx = EVP_MD_CTX_create();
  EVP_MD_CTX_init(mdctx);
  EVP_DigestInit_ex(mdctx, md, NULL);
  EVP_DigestUpdate(mdctx, password, strlen(password));
  EVP_DigestFinal_ex(mdctx, md_value, &md_len);
  EVP_MD_CTX_destroy(mdctx);

  if(encode)
  {
    base16_encode(buffer, sizeof(buffer), (char *)md_value, DIGEST_LEN);
    DupString(ret, buffer);
  }
  else
  {
    ret = MyMalloc(DIGEST_LEN);
    memcpy(ret, md_value, DIGEST_LEN);
  }
  return ret;
}
static isc_result_t
opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) {
	EVP_MD_CTX *evp_md_ctx;
	const EVP_MD *type = NULL;

	UNUSED(key);
	REQUIRE(dctx->key->key_alg == DST_ALG_ECDSA256 ||
		dctx->key->key_alg == DST_ALG_ECDSA384);

	evp_md_ctx = EVP_MD_CTX_create();
	if (evp_md_ctx == NULL)
		return (ISC_R_NOMEMORY);
	if (dctx->key->key_alg == DST_ALG_ECDSA256)
		type = EVP_sha256();
	else
		type = EVP_sha384();

	if (!EVP_DigestInit_ex(evp_md_ctx, type, NULL)) {
		EVP_MD_CTX_destroy(evp_md_ctx);
		return (dst__openssl_toresult3(dctx->category,
					       "EVP_DigestInit_ex",
					       ISC_R_FAILURE));
	}

	dctx->ctxdata.evp_md_ctx = evp_md_ctx;

	return (ISC_R_SUCCESS);
}
Exemple #18
0
int main(int argc, char *argv[])
{
	EVP_MD_CTX *mdctx;
	const EVP_MD *md;
	unsigned char md_value[EVP_MAX_MD_SIZE];
	int md_len, i;

	OpenSSL_add_all_digests();

	if (argc != 3)
	{
		printf("Usage: %s <Message> <MDType>\n", argv[0]);
		exit(1);
	}

	md = EVP_get_digestbyname(argv[2]);

	if (!md)
	{
		printf("Unknown message digest %s\n", argv[2]);
		exit(1);
	}

	mdctx = EVP_MD_CTX_create();
	EVP_DigestInit_ex(mdctx, md, NULL);
	EVP_DigestUpdate(mdctx, argv[1], strlen(argv[1]));
	EVP_DigestFinal_ex(mdctx, md_value, &md_len);
	EVP_MD_CTX_destroy(mdctx);

	printf("%s [%s]: ", argv[1], argv[2]);
	for (i = 0; i < md_len; i++) printf("%02x", md_value[i]);
	printf("\n");

}
Exemple #19
0
Fichier : hash.c Projet : lra/core
Hash *HashNewFromDescriptor(const int descriptor, HashMethod method)
{
    if (descriptor < 0)
    {
        return NULL;
    }
    if (method >= HASH_METHOD_NONE)
    {
        return NULL;
    }
    char buffer[1024];
    int read_count = 0;
    EVP_MD_CTX *context = NULL;
    const EVP_MD *md = NULL;
    int md_len = 0;
    md = EVP_get_digestbyname(CF_DIGEST_TYPES[method]);
    if (md == NULL)
    {
        Log(LOG_LEVEL_INFO, "Digest type %s not supported by OpenSSL library", CF_DIGEST_TYPES[method]);
        return NULL;
    }
    Hash *hash = HashBasicInit(method);
    context = EVP_MD_CTX_create();
    EVP_DigestInit_ex(context, md, NULL);
    do {
        read_count = read(descriptor, buffer, 1024);
        EVP_DigestUpdate(context, buffer, (size_t) read_count);
    } while (read_count > 0);
    EVP_DigestFinal_ex(context, hash->digest, &md_len);
    EVP_MD_CTX_destroy(context);
    /* Update the printable representation */
    HashCalculatePrintableRepresentation(hash);
    /* Return the hash */
    return hash;
}
Exemple #20
0
int
lws_genhash_init(struct lws_genhash_ctx *ctx, enum lws_genhash_types type)
{
	ctx->type = type;
	ctx->mdctx = EVP_MD_CTX_create();
	if (!ctx->mdctx)
		return 1;

	switch (ctx->type) {
	case LWS_GENHASH_TYPE_SHA1:
		ctx->evp_type = EVP_sha1();
		break;
	case LWS_GENHASH_TYPE_SHA256:
		ctx->evp_type = EVP_sha256();
		break;
	case LWS_GENHASH_TYPE_SHA384:
		ctx->evp_type = EVP_sha384();
		break;
	case LWS_GENHASH_TYPE_SHA512:
		ctx->evp_type = EVP_sha512();
		break;
	default:
		return 1;
	}

	if (EVP_DigestInit_ex(ctx->mdctx, ctx->evp_type, NULL) != 1) {
		EVP_MD_CTX_destroy(ctx->mdctx);

		return 1;
	}

	return 0;
}
Exemple #21
0
int evp_sign(EVP_PKEY* evp, enum EVP_DIGEST_TYPE type, FILE* fp, string* s)
{
  unsigned char digest[EVP_MAX_MD_SIZE];
  unsigned int digest_length = 0;
  EVP_MD_CTX* ctx;
  int ret;

  if (!digest_fp(fp, type, digest, &digest_length)) {
    return 0;
  }

  ctx = EVP_MD_CTX_create();

  if (ctx == NULL) {
    fprintf(stderr, "evp_verify: failed to create digest context\n");
    return EVP_ERROR;
  }

  string_resize(s, EVP_PKEY_size(evp));

  ret = evp_sign_internal(evp, ctx, type, digest, digest_length, s);

  EVP_MD_CTX_cleanup(ctx);
  EVP_MD_CTX_destroy(ctx);

  return ret;
}
Exemple #22
0
static int evp_fdigest(lua_State *L)
{
  EVP_MD_CTX *c = NULL;
  const char *type_name = luaL_checkstring(L, 1);
  const char *s = luaL_checkstring(L, 2);
  const EVP_MD *type = EVP_get_digestbyname(type_name);
  unsigned char digest[EVP_MAX_MD_SIZE];
  size_t written = 0;
  unsigned int i;
  char *hex;
  
  if (type == NULL) {
    luaL_argerror(L, 1, "invalid digest type");
    return 0;
  }
  
  c = EVP_MD_CTX_create();
  EVP_DigestInit_ex(c, type, NULL);
  EVP_DigestUpdate(c, s, lua_strlen(L, 2));
  EVP_DigestFinal_ex(c, digest, &written);
  
  if (lua_toboolean(L, 3))
    lua_pushlstring(L, (char *)digest, written);
  else
  {
    hex = calloc(sizeof(char), written*2 + 1);
    for (i = 0; i < written; i++)
      sprintf(hex + 2*i, "%02x", digest[i]);
    lua_pushlstring(L, hex, written*2);
    free(hex);
  }
  
  return 1;
}
Exemple #23
0
int HashSHA256(unsigned char *hashed, const unsigned char *plain, unsigned int plen){
	if (hashed == NULL || plain == NULL || plen <= 0) return 0;

	EVP_MD_CTX *mdctx;
	int md_len = 0;

	if (!(mdctx = EVP_MD_CTX_create())) return 0;

	if (1 != EVP_DigestInit_ex(mdctx, EVP_sha256(), NULL)) {
		if (mdctx) EVP_MD_CTX_destroy(mdctx);
		return 0;
	}

	if (1 != EVP_DigestUpdate(mdctx, plain, plen)) {
		if (mdctx) EVP_MD_CTX_destroy(mdctx);
		return 0;
	}

	if (1 != EVP_DigestFinal_ex(mdctx, hashed, &md_len)) {
		if (mdctx) EVP_MD_CTX_destroy(mdctx);
		return 0;
	}

	if (mdctx) EVP_MD_CTX_destroy(mdctx);

	return md_len;
}
Exemple #24
0
static int evp_digest(lua_State *L) 
{
  EVP_MD_CTX *c = evp_pget(L, 1);
  EVP_MD_CTX *d = NULL;
  unsigned char digest[EVP_MAX_MD_SIZE];
  size_t written = 0;
  unsigned int i;
  char *hex;
  
  if (lua_isstring(L, 2))
  {  
    const char *s = luaL_checkstring(L, 2);
    EVP_DigestUpdate(c, s, lua_strlen(L, 2));
  }
  
  d = EVP_MD_CTX_create();
  EVP_MD_CTX_copy_ex(d, c);
  EVP_DigestFinal_ex(d, digest, &written);
  EVP_MD_CTX_destroy(d);
  
  if (lua_toboolean(L, 3))
    lua_pushlstring(L, (char *)digest, written);
  else
  {
    hex = calloc(sizeof(char), written*2 + 1);
    for (i = 0; i < written; i++)
      sprintf(hex + 2*i, "%02x", digest[i]);
    lua_pushlstring(L, hex, written*2);
    free(hex);
  }
  
  return 1;
}
std::string PbeMd5AndDesEncryptor::generateDataHash(const std::string& data, const std::string salt, long iterations) {
    EVP_MD_CTX *ctx = EVP_MD_CTX_create();
    const EVP_MD *algorithm = EVP_md5();
    unsigned char result[MD5_DIGEST_LENGTH];

    if (salt.length() < ALGO_BLOCK_SIZE) {
        BOOST_THROW_EXCEPTION(StringEncryptorException("Provided salt is of insufficient length"));
    }

    /*
     * Add digest to digest stack if not already there.
     * Digest stack gets cleanup upon program termination.
     */
    EVP_add_digest(algorithm);

    if (!EVP_DigestInit_ex(ctx, algorithm, NULL) ||
        !EVP_DigestUpdate(ctx, data.data(), data.length()) ||
        !EVP_DigestUpdate(ctx, salt.data(), ALGO_BLOCK_SIZE) ||
        !EVP_DigestFinal_ex(ctx, result, NULL)) {
        BOOST_THROW_EXCEPTION(StringEncryptorException("Error in generating digest"));
    }

    while (--iterations != 0) {
        if (!EVP_DigestInit_ex(ctx, algorithm, NULL) ||
            !EVP_DigestUpdate(ctx, result, MD5_DIGEST_LENGTH) ||
            !EVP_DigestFinal_ex(ctx, result, NULL)) {
            BOOST_THROW_EXCEPTION(StringEncryptorException("Error in generating digest"));
        }
    }

    EVP_MD_CTX_destroy(ctx);
    return std::string(reinterpret_cast<char *>(result), MD5_DIGEST_LENGTH);
}
Exemple #26
0
static int sign(void *ctx,char *file,void *in,int ilen,void *out,int *olen)
{
	int r=NOCARD;
	size_t slen=*olen;
	ENGINE *e=(ENGINE *)ctx;
	EVP_PKEY *key;
	EVP_MD_CTX *mdc;

	resume_engine(e,engbits);

	if(!(key=ENGINE_load_private_key(e,file,NULL,NULL)))goto err1;

	r=CRYPTOFAIL;
	if(!(mdc=EVP_MD_CTX_create()))goto err2;
	if(EVP_DigestInit_ex(mdc,EVP_sha256(),NULL)!=1)goto err3;
	if(EVP_DigestSignInit(mdc,NULL,EVP_sha256(),NULL,key)!=1)goto err3;
	if(EVP_DigestSignUpdate(mdc,in,ilen)!=1)goto err3;
	if(EVP_DigestSignFinal(mdc,out,&slen)!=1)goto err3;
	*olen=slen;
	r=OK;

err3:	EVP_MD_CTX_destroy(mdc);
err2:	EVP_PKEY_free(key);
err1:	suspend_engine(e,&engbits);
	return r;
}
Exemple #27
0
/**
 * @ingroup SnmpParser
 * @brief 비밀번호로 key 를 생성한다.
 * @param pszPassWord 비밀번호
 * @param pszKey			생성된 key 저장 변수
 * @returns 성공하면 true 를 리턴하고 실패하면 false 를 리턴한다.
 */
bool SnmpMakeKey( const char * pszPassWord, uint8_t * pszKey )
{
	int iPassWordLen = strlen(pszPassWord);

	int iInputLen = 1024 * 1024;
	int iIndex = 0;
	char szBuf[64];

	unsigned int iResultLen = 16;

	EVP_MD_CTX * psttCtx = EVP_MD_CTX_create();
	EVP_DigestInit( psttCtx, EVP_md5() );

	while( iInputLen > 0 )
	{
		for( int i = 0; i < 64; ++i )
		{
			szBuf[i] = pszPassWord[iIndex % iPassWordLen];
			++iIndex;
		}

		EVP_DigestUpdate( psttCtx, szBuf, 64 );

		iInputLen -= 64;
	}
	
	EVP_DigestFinal( psttCtx, (unsigned char *)pszKey, &iResultLen );
	EVP_MD_CTX_destroy( psttCtx );

	return true;
}
Exemple #28
0
static int verify(char *file,void *in,int ilen,void *sig,int slen)
{
	int r=FILEFAIL;
	BIO *cert;
	X509 *x509;
	EVP_PKEY *key;
	EVP_MD_CTX *mdc;

	if(!(cert=BIO_new(BIO_s_file())))goto err1;
	if(BIO_read_filename(cert,file)<=0)goto err2;

	r=CRYPTOFAIL;
	if(!(x509=PEM_read_bio_X509_AUX(cert,NULL,NULL,NULL)))goto err2;
	if(!(key=X509_get_pubkey(x509)))goto err3;
	if(!(mdc=EVP_MD_CTX_create()))goto err4;
	if(EVP_DigestInit_ex(mdc,EVP_sha256(),NULL)!=1)goto err5;
	if(EVP_DigestVerifyInit(mdc,NULL,EVP_sha256(),NULL,key)!=1)goto err5;
	if(EVP_DigestVerifyUpdate(mdc,in,ilen)!=1)goto err5;
	if(EVP_DigestVerifyFinal(mdc,sig,slen)!=1)goto err5;
	r=OK;

err5:	EVP_MD_CTX_destroy(mdc);
err4:	EVP_PKEY_free(key);
err3:	X509_free(x509);
err2:	BIO_free(cert);
err1:	return r;
}
Exemple #29
0
struct swupdate_digest *swupdate_HASH_init(const char *SHAlength)
{
	struct swupdate_digest *dgst;
	const EVP_MD *md;
	int ret;

	dgst = calloc(1, sizeof(*dgst));
	if (!dgst) {
		return NULL;
	}

	if ((!SHAlength) || strcmp(SHAlength, "sha1"))
		md = EVP_sha256();
	else
		md = EVP_sha1();

 	dgst->ctx = EVP_MD_CTX_create();
	if(dgst->ctx == NULL) {
		ERROR("EVP_MD_CTX_create failed, error 0x%lx", ERR_get_error());
		free(dgst);
		return NULL;
	}

	ret = dgst_init(dgst, md);
	if (ret) {
		free(dgst);
		return NULL;
	}

	return dgst;
}
static isc_result_t
openssldsa_createctx(dst_key_t *key, dst_context_t *dctx) {
#if USE_EVP
	EVP_MD_CTX *evp_md_ctx;

	UNUSED(key);

	evp_md_ctx = EVP_MD_CTX_create();
	if (evp_md_ctx == NULL)
		return (ISC_R_NOMEMORY);

	if (!EVP_DigestInit_ex(evp_md_ctx, EVP_dss1(), NULL)) {
		EVP_MD_CTX_destroy(evp_md_ctx);
			return (ISC_R_FAILURE);
	}

	dctx->ctxdata.evp_md_ctx = evp_md_ctx;

	return (ISC_R_SUCCESS);
#else
	isc_sha1_t *sha1ctx;

	UNUSED(key);

	sha1ctx = isc_mem_get(dctx->mctx, sizeof(isc_sha1_t));
	isc_sha1_init(sha1ctx);
	dctx->ctxdata.sha1ctx = sha1ctx;
	return (ISC_R_SUCCESS);
#endif
}