static isc_result_t
opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) {
EVP_MD_CTX *evp_md_ctx;
const EVP_MD *type = NULL;
UNUSED(key);
REQUIRE(dctx->key->key_alg == DST_ALG_ECDSA256 ||
dctx->key->key_alg == DST_ALG_ECDSA384);
evp_md_ctx = EVP_MD_CTX_create();
if (evp_md_ctx == NULL)
return (ISC_R_NOMEMORY);
if (dctx->key->key_alg == DST_ALG_ECDSA256)
type = EVP_sha256();
else
type = EVP_sha384();
if (!EVP_DigestInit_ex(evp_md_ctx, type, NULL)) {
EVP_MD_CTX_destroy(evp_md_ctx);
return (dst__openssl_toresult3(dctx->category,
"EVP_DigestInit_ex",
ISC_R_FAILURE));
}
dctx->ctxdata.evp_md_ctx = evp_md_ctx;
return (ISC_R_SUCCESS);
}
nyx_error_t sha_init(const char *name)
{
const struct sha_algo_data_t *algo = sha_algo_data_lookup(name);
if (algo == NULL)
{
return NYX_ERROR_INVALID_VALUE;
}
if (running_mdctx != NULL)
{
EVP_MD_CTX_cleanup(running_mdctx);
EVP_MD_CTX_destroy(running_mdctx);
}
running_mdctx = EVP_MD_CTX_create();
EVP_MD_CTX_init(running_mdctx);
if (EVP_DigestInit_ex(running_mdctx, algo->md(), NULL) != 1)
{
return NYX_ERROR_GENERIC;
}
return NYX_ERROR_NONE;
}
static bool verifySignature(const char *data, int dataLength, const char *signature, int signatureLength, const char *cert) {
X509* x509;
BIO* bio = BIO_new(BIO_s_mem());
BIO_puts(bio, cert);
x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
BIO_free(bio);
if (!x509) {
return false;
}
EVP_PKEY* pubKey = X509_get_pubkey(x509);
EVP_MD_CTX *mdctx = NULL;
mdctx = EVP_MD_CTX_create();
EVP_DigestVerifyInit(mdctx, NULL, EVP_sha256(), NULL, pubKey);
EVP_DigestVerifyUpdate(mdctx, data, dataLength);
int result = EVP_DigestVerifyFinal(mdctx, signature, signatureLength);
X509_free(x509);
EVP_PKEY_free(pubKey);
EVP_MD_CTX_destroy(mdctx);
return result > 0;
}
static int digestOfBytes(uint8_t *message, char **output, char *type, int inLength) {
EVP_MD_CTX *mdctx;
const EVP_MD *md;
unsigned char md_value[EVP_MAX_MD_SIZE];
unsigned int md_len, i;
OpenSSL_add_all_digests();
md = EVP_get_digestbyname(type);
mdctx = EVP_MD_CTX_create();
EVP_DigestInit_ex(mdctx, md, NULL);
EVP_DigestUpdate(mdctx, message, inLength);
EVP_DigestFinal_ex(mdctx, md_value, &md_len);
EVP_MD_CTX_destroy(mdctx);
char *digest = calloc((md_len*2) + 1, sizeof(char));
for(i = 0; i < md_len; i++) {
sprintf(&digest[2*i], "%02x", md_value[i]);
}
digest[md_len * 2] = '\0';
memcpy(*output, digest, strlen(digest));
free(digest);
/* Call this once before exit. */
//EVP_cleanup();
return NOERROR;
}
int ssl2_PRF( const u_char* secret, uint32_t secret_len,
const u_char* challenge, uint32_t challenge_len,
const u_char* conn_id, uint32_t conn_id_len,
u_char* out, uint32_t out_len )
{
u_char c= '0';
int repeat = 0;
int i = 0;
const EVP_MD *md5 = NULL;
EVP_MD_CTX *ctx;
md5 = EVP_md5();
if( !out ) return NM_ERROR( DSSL_E_INVALID_PARAMETER );
if( out_len % EVP_MD_size(md5) != 0 ) { return NM_ERROR( DSSL_E_INVALID_PARAMETER ); }
repeat = out_len / EVP_MD_size(md5);
ctx = EVP_MD_CTX_create();
EVP_MD_CTX_init( ctx );
for( i = 0; i < repeat; i++ )
{
EVP_DigestInit_ex( ctx, md5, NULL );
EVP_DigestUpdate( ctx, secret, secret_len );
EVP_DigestUpdate( ctx, &c, 1);
c++; /* '0', '1', etc. */
EVP_DigestUpdate( ctx, challenge, challenge_len );
EVP_DigestUpdate( ctx, conn_id, conn_id_len );
EVP_DigestFinal_ex( ctx, out, NULL );
out += EVP_MD_size( md5 );
}
EVP_MD_CTX_destroy( ctx );
return DSSL_RC_OK;
}
bool
NvPairingManager::verifySignature(QByteArray data, QByteArray signature, QByteArray serverCertificate)
{
BIO* bio = BIO_new_mem_buf(serverCertificate.data(), -1);
THROW_BAD_ALLOC_IF_NULL(bio);
X509* cert = PEM_read_bio_X509(bio, nullptr, nullptr, nullptr);
BIO_free_all(bio);
EVP_PKEY* pubKey = X509_get_pubkey(cert);
THROW_BAD_ALLOC_IF_NULL(pubKey);
EVP_MD_CTX* mdctx = EVP_MD_CTX_create();
THROW_BAD_ALLOC_IF_NULL(mdctx);
EVP_DigestVerifyInit(mdctx, nullptr, EVP_sha256(), nullptr, pubKey);
EVP_DigestVerifyUpdate(mdctx, data.data(), data.length());
int result = EVP_DigestVerifyFinal(mdctx, reinterpret_cast<unsigned char*>(signature.data()), signature.length());
EVP_PKEY_free(pubKey);
EVP_MD_CTX_destroy(mdctx);
X509_free(cert);
return result > 0;
}
void swupdate_HASH_cleanup(struct swupdate_digest *dgst)
{
if (dgst) {
EVP_MD_CTX_destroy(dgst->ctx);
free(dgst);
dgst = NULL;
}
}
int
sldns_digest_evp(unsigned char* data, unsigned int len, unsigned char* dest,
const EVP_MD* md)
{
EVP_MD_CTX* ctx;
ctx = EVP_MD_CTX_create();
if(!ctx)
return 0;
if(!EVP_DigestInit_ex(ctx, md, NULL) ||
!EVP_DigestUpdate(ctx, data, len) ||
!EVP_DigestFinal_ex(ctx, dest, NULL)) {
EVP_MD_CTX_destroy(ctx);
return 0;
}
EVP_MD_CTX_destroy(ctx);
return 1;
}
static LUA_FUNCTION(openssl_digest_ctx_free)
{
EVP_MD_CTX *ctx = CHECK_OBJECT(1, EVP_MD_CTX, "openssl.evp_digest_ctx");
lua_pushnil(L);
lua_setmetatable(L, 1);
EVP_MD_CTX_destroy(ctx);
return 0;
}
Sha::~Sha()
{
if(mdctx != nullptr)
{
EVP_MD_CTX_destroy(mdctx);
mdctx = nullptr;
}
}
static void sc_pkcs11_openssl_md_release(sc_pkcs11_operation_t *op)
{
EVP_MD_CTX *md_ctx = DIGEST_CTX(op);
if (md_ctx)
EVP_MD_CTX_destroy(md_ctx);
op->priv_data = NULL;
}
int signMsgRSA(EVP_PKEY* key, const unsigned char* msg,
unsigned char** sig, size_t* slen, size_t msglen){
EVP_MD_CTX* ctx = NULL;
const EVP_MD* md = NULL;
if(msg == NULL || sig == NULL || slen == NULL)
return 0;
ctx = EVP_MD_CTX_create();
md = EVP_get_digestbyname(hn);
if(md == NULL){
printf("ERR EVP_get_digestbyname\n");
return 0;
}
if(ctx == NULL){
printf("ERR EVP_MD_CTX_create\n");
return 0;
}
if(1 != EVP_DigestInit_ex(ctx, md, NULL)){
printf("ERR EVP_DigestInit_ex\n");
return 0;
}
if(1 != EVP_DigestSignInit(ctx, NULL, md, NULL, key)){
printf("ERR EVP_DigestSignInit\n");
return 0;
}
/*SE FIRMA EL MENSAJE*/
if(1 != EVP_DigestSignUpdate(ctx, msg, msglen)){
printf("ERR EVP_DigestSignUpdate\n");
return 0;
}
if(1 != EVP_DigestSignFinal(ctx, NULL, slen)){
printf("ERR EVP_DigestSignFinal\n");
return 0;
}
*sig = OPENSSL_malloc(*slen);
if(*sig == NULL){
printf("ERR OPENSSL_malloc\n");
}
if(1 != EVP_DigestSignFinal(ctx, *sig, slen)){
printf("ERR EVP_DigestSignFinal\n");
return 0;
}
EVP_MD_CTX_destroy(ctx);
ctx = NULL;
return 1;
}
static void
opensslgost_destroyctx(dst_context_t *dctx) {
EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx;
if (evp_md_ctx != NULL) {
EVP_MD_CTX_destroy(evp_md_ctx);
dctx->ctxdata.evp_md_ctx = NULL;
}
}
bool Digest::shutdown() { //necessary IFF script uses pcre.
if (loaded) {
EVP_MD_CTX_destroy(context);
}
if ( lib_handle != nullptr ) {
dlclose(lib_handle);
}
return true;
}
static int md_free(BIO *a)
{
if (a == NULL) return(0);
EVP_MD_CTX_destroy(a->ptr);
a->ptr=NULL;
a->init=0;
a->flags=0;
return(1);
}
int calculateChecksumProto(FILE *file, Song *s)
{
unsigned char digest[EVP_MAX_MD_SIZE];
EVP_MD_CTX *mdctx;
const EVP_MD *md;
int md_len;
md = EVP_get_digestbyname("SHA256");
mdctx = EVP_MD_CTX_create();
EVP_DigestInit_ex(mdctx, md, NULL);
int bufferSize = 4096;
char *buff = malloc(bufferSize);
if(!buff)
fatal_error("malloc failed\n");
int numBytesToRead = fileLen(file);
int currBytesRead =0;
int bytesRead = 0;
while(numBytesToRead>bytesRead)
{
/* checks if bytes to be read in this iteration are greater than buffer */
int currNumBytesToRead=(numBytesToRead-bytesRead>bufferSize)?bufferSize:numBytesToRead-bytesRead;
/* read bytes */
currBytesRead=fread(buff,1,currNumBytesToRead,file);
if(currBytesRead<= 0)
fatal_error("read failed\n");
/* update md5 calculation */
EVP_DigestUpdate(mdctx, buff, currNumBytesToRead);
/* calculate the total number of bytes read thus far */
bytesRead += currBytesRead;
}
EVP_DigestFinal_ex(mdctx, digest, &md_len);
EVP_MD_CTX_destroy(mdctx);
free(buff);
if(fseek(file, 0, SEEK_SET))
fatal_error("failed to return back to the beginning of the file\n");
//s->checksum = malloc(sizeof (unsigned char) * (md_len));
//memcpy(s->checksum, digest, md_len);
s->checksum.data = malloc(sizeof(unsigned char) * (md_len));
s->checksum.len = md_len;
memcpy(s->checksum.data, digest, md_len);
return 1;
}
int main(int argc, char** argv) {
EVP_MD_CTX* ctx;
const EVP_MD* md;
char* input_string;
unsigned char hash_value[EVP_MAX_MD_SIZE];
unsigned int hash_length;
char* digest_name = "sha1";
// check arguments
if(1 >= argc) {
fprintf(stderr, "%s <input_string> [digest type]\n", argv[0]);
exit(-1);
}
else if(3 == argc) {
// set the digest name
digest_name = (char*)calloc(strlen(argv[2])+1, sizeof(char));
if(NULL == digest_name) {
fprintf(stderr,"Allocate memory for digest_name error\n");
exit(-1);
}
strncpy(digest_name, argv[2], strlen(argv[2]));
}
// set the input string
input_string = (char*)calloc(strlen(argv[1])+1, sizeof(char));
if(NULL == input_string) {
fprintf(stderr,"Allocate memory for input_string error\n");
exit(-1);
}
strncpy(input_string, argv[1], strlen(argv[1]));
// load digest
OpenSSL_add_all_digests();
// set digest type
md = EVP_get_digestbyname(digest_name);
if(!md) {
fprintf(stderr,"Unknown message digest\n");
exit(-1);
}
// create and process
ctx = EVP_MD_CTX_create();
EVP_DigestInit_ex(ctx, md, NULL);
EVP_DigestUpdate(ctx, input_string, strlen(input_string));
EVP_DigestFinal_ex(ctx, hash_value, &hash_length);
EVP_MD_CTX_destroy(ctx);
printf("Digest is:\n");
for(unsigned int i=0; i<hash_length; i++) {
printf("%02x", hash_value[i]);
}
printf("\n");
return 0;
}
void Sha::reset()
{
if(mdctx != nullptr)
{
EVP_MD_CTX_destroy(mdctx);
mdctx = nullptr;
}
mdctx = EVP_MD_CTX_create();
EVP_DigestInit_ex(mdctx, EVP_sha512(), NULL);
}
int EnclaveCreatorST::destroy_enclave(sgx_enclave_id_t enclave_id, uint64_t enclave_size)
{
UNUSED(enclave_id);
UNUSED(enclave_size);
if(m_ctx){
EVP_MD_CTX_destroy(m_ctx);
m_ctx = NULL;
}
return SGX_SUCCESS;
}
void CC_EVP(const EVP_MD *evp, uint32_t mlen, const void *data, uint32_t len, unsigned char *md)
{
unsigned int mdlen = mlen;
EVP_MD_CTX* c = EVP_MD_CTX_create();
EVP_MD_CTX_init(c);
EVP_DigestInit(c, evp);
EVP_DigestUpdate(c, data, len);
EVP_DigestFinal(c, md, &mdlen);
EVP_MD_CTX_destroy(c);
}
// digest_public_modulus: calculates the SHA256 digest of the
// hexadecimal representation of the public modulus of an RSA
// key. digest must be initialized with at least 32 bytes of
// space and is used to return the SHA256 digest.
static void digest_public_modulus(RSA *key, BYTE *digest) {
char *hex;
EVP_MD_CTX *ctx = EVP_MD_CTX_create();
EVP_DigestInit_ex(ctx, EVP_sha256(), 0);
hex = BN_bn2hex(key->n);
EVP_DigestUpdate(ctx, hex, strlen(hex));
EVP_DigestFinal_ex(ctx, digest, 0);
EVP_MD_CTX_destroy(ctx);
OPENSSL_free(hex);
}
Hash *HashNewFromKey(const RSA *rsa, HashMethod method)
{
if (!rsa)
{
return NULL;
}
if (method >= HASH_METHOD_NONE)
{
return NULL;
}
EVP_MD_CTX *context = NULL;
const EVP_MD *md = NULL;
int md_len = 0;
unsigned char *buffer = NULL;
int buffer_length = 0;
int actual_length = 0;
if (rsa->n)
{
buffer_length = (size_t) BN_num_bytes(rsa->n);
}
else
{
buffer_length = 0;
}
if (rsa->e)
{
if (buffer_length < (size_t) BN_num_bytes(rsa->e))
{
buffer_length = (size_t) BN_num_bytes(rsa->e);
}
}
md = EVP_get_digestbyname(CF_DIGEST_TYPES[method]);
if (md == NULL)
{
Log(LOG_LEVEL_INFO, "Digest type %s not supported by OpenSSL library", CF_DIGEST_TYPES[method]);
return NULL;
}
Hash *hash = HashBasicInit(method);
context = EVP_MD_CTX_create();
EVP_DigestInit_ex(context, md, NULL);
buffer = xmalloc(buffer_length);
actual_length = BN_bn2bin(rsa->n, buffer);
EVP_DigestUpdate(context, buffer, actual_length);
actual_length = BN_bn2bin(rsa->e, buffer);
EVP_DigestUpdate(context, buffer, actual_length);
EVP_DigestFinal_ex(context, hash->digest, &md_len);
EVP_MD_CTX_destroy(context);
free (buffer);
/* Update the printable representation */
HashCalculatePrintableRepresentation(hash);
/* Return the hash */
return hash;
}
int
_krb5_evp_digest_iov(krb5_crypto crypto,
const struct krb5_crypto_iov *iov,
int niov,
void *hash,
unsigned int *hsize,
const EVP_MD *md,
ENGINE *engine)
{
EVP_MD_CTX *ctx;
int ret, i;
krb5_data current = {0,0};
if (crypto != NULL) {
if (crypto->mdctx == NULL)
crypto->mdctx = EVP_MD_CTX_create();
if (crypto->mdctx == NULL)
return 0;
ctx = crypto->mdctx;
} else
ctx = EVP_MD_CTX_create();
ret = EVP_DigestInit_ex(ctx, md, engine);
if (ret != 1)
goto out;
for (i = 0; i < niov; i++) {
if (_krb5_crypto_iov_should_sign(&iov[i])) {
if ((char *)current.data + current.length == iov[i].data.data) {
current.length += iov[i].data.length;
} else {
if (current.data) {
ret = EVP_DigestUpdate(ctx, current.data, current.length);
if (ret != 1)
goto out;
}
current = iov[i].data;
}
}
}
if (current.data) {
ret = EVP_DigestUpdate(ctx, current.data, current.length);
if (ret != 1)
goto out;
}
ret = EVP_DigestFinal_ex(ctx, hash, hsize);
out:
if (crypto == NULL)
EVP_MD_CTX_destroy(ctx);
return ret;
}
static int digest_fdigest(lua_State *L)
{
const char *type_name = luaL_checkstring(L, 2);
const EVP_MD *type = EVP_get_digestbyname(type_name);
const char *s = luaL_checkstring(L, 3);
unsigned char digest[EVP_MAX_MD_SIZE];
unsigned int written = 0;
EVP_MD_CTX *c;
if (type == NULL) {
luaL_argerror(L, 1, "invalid digest type");
return 0;
}
c = EVP_MD_CTX_create();
if (!EVP_DigestInit_ex(c, type, NULL)) {
EVP_MD_CTX_destroy(c);
return crypto_error(L);
}
if (!EVP_DigestUpdate(c, s, lua_strlen(L, 3))) {
EVP_MD_CTX_destroy(c);
return crypto_error(L);
}
if (!EVP_DigestFinal_ex(c, digest, &written)) {
EVP_MD_CTX_destroy(c);
return crypto_error(L);
}
EVP_MD_CTX_destroy(c);
if (lua_toboolean(L, 4))
lua_pushlstring(L, (char *)digest, written);
else {
char *hex = (char*)calloc(sizeof(char), written*2 + 1);
unsigned int i;
for (i = 0; i < written; i++)
sprintf(hex + 2*i, "%02x", digest[i]);
lua_pushlstring(L, hex, written*2);
free(hex);
}
return 1;
}
/*!
* \brief Destroy message digest context.
*
* \param context Context to be freed.
*
* \return Always KNOT_EOK.
*/
static int destroy_digest_context(EVP_MD_CTX **context)
{
assert(context);
if (*context) {
EVP_MD_CTX_destroy(*context);
*context = NULL;
}
return KNOT_EOK;
}
ikptr
ikrt_openssl_evp_md_ctx_destroy (ikptr s_ctx, ikpcb * pcb)
{
#ifdef HAVE_EVP_MD_CTX_DESTROY
EVP_MD_CTX * ctx = IK_EVP_MD_CTX(s_ctx);
EVP_MD_CTX_destroy(ctx);
return IK_VOID;
#else
feature_failure(__func__);
#endif
}
tr_sha1_ctx_t
tr_sha1_init (void)
{
EVP_MD_CTX * handle = EVP_MD_CTX_create ();
if (check_result (EVP_DigestInit_ex (handle, EVP_sha1 (), NULL)))
return handle;
EVP_MD_CTX_destroy (handle);
return NULL;
}
void ssl3_free_digest_list(SSL *s)
{
int i;
if (!s->s3->handshake_dgst) return;
for (i=0;i<SSL_MAX_DIGEST;i++)
{
if (s->s3->handshake_dgst[i])
EVP_MD_CTX_destroy(s->s3->handshake_dgst[i]);
}
OPENSSL_free(s->s3->handshake_dgst);
s->s3->handshake_dgst=NULL;
}
int
lws_genhmac_destroy(struct lws_genhmac_ctx *ctx, void *result)
{
size_t size = lws_genhmac_size(ctx->type);
int n = EVP_DigestSignFinal(ctx->ctx, result, &size);
EVP_MD_CTX_destroy(ctx->ctx);
if (n != 1)
return -1;
return 0;
}
static void
opensslecdsa_destroyctx(dst_context_t *dctx) {
EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx;
REQUIRE(dctx->key->key_alg == DST_ALG_ECDSA256 ||
dctx->key->key_alg == DST_ALG_ECDSA384);
if (evp_md_ctx != NULL) {
EVP_MD_CTX_destroy(evp_md_ctx);
dctx->ctxdata.evp_md_ctx = NULL;
}
}