static void hmac_ctx_cleanup(HMAC_CTX *ctx) { EVP_MD_CTX_reset(ctx->i_ctx); EVP_MD_CTX_reset(ctx->o_ctx); EVP_MD_CTX_reset(ctx->md_ctx); ctx->md = NULL; ctx->key_length = 0; OPENSSL_cleanse(ctx->key, sizeof(ctx->key)); }
static void hmac_ctx_cleanup(HMAC_CTX *ctx) { EVP_MD_CTX_reset(ctx->i_ctx); EVP_MD_CTX_reset(ctx->o_ctx); EVP_MD_CTX_reset(ctx->md_ctx); ctx->md = NULL; ctx->key_length = 0; memset(ctx->key, 0, sizeof(HMAC_MAX_MD_CBLOCK)); }
static void _sol_message_digest_evp_reset(struct sol_message_digest *handle) { EVP_MD_CTX *ctx = sol_message_digest_common_get_context(handle); EVP_MD_CTX_reset(ctx); }
/** @impl_interface_method{RTCRDIGESTDESC::pfnInit} */ static DECLCALLBACK(int) rtCrDigestOsslEvp_Init(void *pvState, void *pvOpaque, bool fReInit) { EVP_MD_CTX *pThis = (EVP_MD_CTX *)pvState; EVP_MD const *pEvpType = (EVP_MD const *)pvOpaque; if (fReInit) { pEvpType = EVP_MD_CTX_md(pThis); # if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER) EVP_MD_CTX_reset(pThis); # else EVP_MD_CTX_cleanup(pThis); # endif } AssertPtrReturn(pEvpType, VERR_INVALID_PARAMETER); # if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER) Assert(EVP_MD_block_size(pEvpType)); # else Assert(pEvpType->md_size); # endif if (EVP_DigestInit(pThis, pEvpType)) return VINF_SUCCESS; return VERR_CR_DIGEST_OSSL_DIGEST_INIT_ERROR; }
PKI_MEM * HSM_OPENSSL_sign(PKI_MEM *der, PKI_DIGEST_ALG *digest, PKI_X509_KEYPAIR *key) { EVP_MD_CTX *ctx = NULL; size_t out_size = 0; size_t ossl_ret = 0; PKI_MEM *out_mem = NULL; EVP_PKEY *pkey = NULL; if (!der || !der->data || !key || !key->value) { PKI_ERROR( PKI_ERR_PARAM_NULL, NULL); return NULL; } // Private Key pkey = key->value; // Get the Maximum size of a signature ossl_ret = out_size = (size_t) EVP_PKEY_size(pkey); // Initialize the return structure out_mem = PKI_MEM_new ((size_t)out_size); ctx = EVP_MD_CTX_new(); if (!out_mem || !ctx) { if (ctx) EVP_MD_CTX_free(ctx); if (out_mem) PKI_MEM_free(out_mem); PKI_ERROR( PKI_ERR_MEMORY_ALLOC, NULL); return NULL; } EVP_MD_CTX_init(ctx); EVP_SignInit_ex(ctx, digest, NULL); EVP_SignUpdate (ctx, der->data, der->size); // Finalize the signature if (!EVP_SignFinal(ctx, out_mem->data, (unsigned int *) &ossl_ret, pkey)) { PKI_log_err("ERROR while finalizing signature (%s)", HSM_OPENSSL_get_errdesc(HSM_OPENSSL_get_errno(), NULL, 0)); PKI_MEM_free(out_mem); out_mem = NULL; } else out_mem->size = (size_t) ossl_ret; // Cleanup the context #if OPENSSL_VERSION_NUMBER <= 0x1010000f EVP_MD_CTX_cleanup(ctx); #else EVP_MD_CTX_reset(ctx); #endif EVP_MD_CTX_free(ctx); return out_mem; }
/** @impl_interface_method{RTCRDIGESTDESC::pfn} */ static DECLCALLBACK(void) rtCrDigestOsslEvp_Delete(void *pvState) { EVP_MD_CTX *pThis = (EVP_MD_CTX *)pvState; # if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER) EVP_MD_CTX_reset(pThis); # else EVP_MD_CTX_cleanup(pThis); # endif }
void CC_EVP(const EVP_MD *evp, uint32_t mlen, const void *data, uint32_t len, unsigned char *md) { unsigned int mdlen = mlen; EVP_MD_CTX* c = EVP_MD_CTX_new(); EVP_MD_CTX_reset(c); EVP_DigestInit(c, evp); EVP_DigestUpdate(c, data, len); EVP_DigestFinal(c, md, &mdlen); EVP_MD_CTX_free(c); }
size_t ssl3_final_finish_mac(SSL *s, const char *sender, size_t len, unsigned char *p) { int ret; EVP_MD_CTX *ctx = NULL; if (!ssl3_digest_cached_records(s, 0)) { /* SSLfatal() already called */ return 0; } if (EVP_MD_CTX_type(s->s3->handshake_dgst) != NID_md5_sha1) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_FINAL_FINISH_MAC, SSL_R_NO_REQUIRED_DIGEST); return 0; } ctx = EVP_MD_CTX_new(); if (ctx == NULL) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_FINAL_FINISH_MAC, ERR_R_MALLOC_FAILURE); return 0; } if (!EVP_MD_CTX_copy_ex(ctx, s->s3->handshake_dgst)) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_FINAL_FINISH_MAC, ERR_R_INTERNAL_ERROR); return 0; } ret = EVP_MD_CTX_size(ctx); if (ret < 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_FINAL_FINISH_MAC, ERR_R_INTERNAL_ERROR); EVP_MD_CTX_reset(ctx); return 0; } if ((sender != NULL && EVP_DigestUpdate(ctx, sender, len) <= 0) || EVP_MD_CTX_ctrl(ctx, EVP_CTRL_SSL3_MASTER_SECRET, (int)s->session->master_key_length, s->session->master_key) <= 0 || EVP_DigestFinal_ex(ctx, p, NULL) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_FINAL_FINISH_MAC, ERR_R_INTERNAL_ERROR); ret = 0; } EVP_MD_CTX_free(ctx); return ret; }
static gint lua_cryptobox_hash_gc (lua_State *L) { struct rspamd_lua_cryptobox_hash *h = lua_check_cryptobox_hash (L, 1); if (h->is_ssl) { #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) EVP_MD_CTX_cleanup (h->c); #else EVP_MD_CTX_reset (h->c); #endif EVP_MD_CTX_destroy (h->c); } else { rspamd_explicit_memzero (h->h, sizeof (*h->h)); g_slice_free1 (sizeof (*h->h), h->h); } g_slice_free1 (sizeof (*h), h); return 0; }
void md_ctx_cleanup(EVP_MD_CTX *ctx) { EVP_MD_CTX_reset(ctx); }
int main(int argc, char **argv) { unsigned char md[SHA512_DIGEST_LENGTH]; int i; EVP_MD_CTX *evp; # ifdef OPENSSL_IA32_SSE2 /* * Alternative to this is to call OpenSSL_add_all_algorithms... The below * code is retained exclusively for debugging purposes. */ { char *env; if ((env = getenv("OPENSSL_ia32cap"))) OPENSSL_ia32cap = strtoul(env, NULL, 0); } # endif fprintf(stdout, "Testing SHA-512 "); EVP_Digest("abc", 3, md, NULL, EVP_sha512(), NULL); if (memcmp(md, app_c1, sizeof(app_c1))) { fflush(stdout); fprintf(stderr, "\nTEST 1 of 3 failed.\n"); return 1; } else fprintf(stdout, "."); fflush(stdout); EVP_Digest("abcdefgh" "bcdefghi" "cdefghij" "defghijk" "efghijkl" "fghijklm" "ghijklmn" "hijklmno" "ijklmnop" "jklmnopq" "klmnopqr" "lmnopqrs" "mnopqrst" "nopqrstu", 112, md, NULL, EVP_sha512(), NULL); if (memcmp(md, app_c2, sizeof(app_c2))) { fflush(stdout); fprintf(stderr, "\nTEST 2 of 3 failed.\n"); return 1; } else fprintf(stdout, "."); fflush(stdout); evp = EVP_MD_CTX_new(); if (evp == NULL) { fflush(stdout); fprintf(stderr, "\nTEST 3 of 3 failed. (malloc failure)\n"); return 1; } EVP_DigestInit_ex(evp, EVP_sha512(), NULL); for (i = 0; i < 1000000; i += 288) EVP_DigestUpdate(evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa", (1000000 - i) < 288 ? 1000000 - i : 288); EVP_DigestFinal_ex(evp, md, NULL); EVP_MD_CTX_reset(evp); if (memcmp(md, app_c3, sizeof(app_c3))) { fflush(stdout); fprintf(stderr, "\nTEST 3 of 3 failed.\n"); return 1; } else fprintf(stdout, "."); fflush(stdout); fprintf(stdout, " passed.\n"); fflush(stdout); fprintf(stdout, "Testing SHA-384 "); EVP_Digest("abc", 3, md, NULL, EVP_sha384(), NULL); if (memcmp(md, app_d1, sizeof(app_d1))) { fflush(stdout); fprintf(stderr, "\nTEST 1 of 3 failed.\n"); return 1; } else fprintf(stdout, "."); fflush(stdout); EVP_Digest("abcdefgh" "bcdefghi" "cdefghij" "defghijk" "efghijkl" "fghijklm" "ghijklmn" "hijklmno" "ijklmnop" "jklmnopq" "klmnopqr" "lmnopqrs" "mnopqrst" "nopqrstu", 112, md, NULL, EVP_sha384(), NULL); if (memcmp(md, app_d2, sizeof(app_d2))) { fflush(stdout); fprintf(stderr, "\nTEST 2 of 3 failed.\n"); return 1; } else fprintf(stdout, "."); fflush(stdout); EVP_DigestInit_ex(evp, EVP_sha384(), NULL); for (i = 0; i < 1000000; i += 64) EVP_DigestUpdate(evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa", (1000000 - i) < 64 ? 1000000 - i : 64); EVP_DigestFinal_ex(evp, md, NULL); EVP_MD_CTX_free(evp); if (memcmp(md, app_d3, sizeof(app_d3))) { fflush(stdout); fprintf(stderr, "\nTEST 3 of 3 failed.\n"); return 1; } else fprintf(stdout, "."); fflush(stdout); fprintf(stdout, " passed.\n"); fflush(stdout); return 0; }
/*- * Positive and negative ECDSA testing through EVP interface: * - EVP_DigestSign (this is the one-shot version) * - EVP_DigestVerify * * Tests the library can successfully: * - create a key * - create a signature * - accept that signature * - reject that signature with a different public key * - reject that signature if its length is not correct * - reject that signature after modifying the message * - accept that signature after un-modifying the message * - reject that signature after modifying the signature * - accept that signature after un-modifying the signature */ static int test_builtin(int n) { EC_KEY *eckey_neg = NULL, *eckey = NULL; unsigned char dirt, offset, tbs[128]; unsigned char *sig = NULL; EVP_PKEY *pkey_neg = NULL, *pkey = NULL; EVP_MD_CTX *mctx = NULL; size_t sig_len; int nid, ret = 0; nid = curves[n].nid; /* skip built-in curves where ord(G) is not prime */ if (nid == NID_ipsec4 || nid == NID_ipsec3) { TEST_info("skipped: ECDSA unsupported for curve %s", OBJ_nid2sn(nid)); return 1; } TEST_info("testing ECDSA for curve %s", OBJ_nid2sn(nid)); if (!TEST_ptr(mctx = EVP_MD_CTX_new()) /* get some random message data */ || !TEST_true(RAND_bytes(tbs, sizeof(tbs))) /* real key */ || !TEST_ptr(eckey = EC_KEY_new_by_curve_name(nid)) || !TEST_true(EC_KEY_generate_key(eckey)) || !TEST_ptr(pkey = EVP_PKEY_new()) || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)) /* fake key for negative testing */ || !TEST_ptr(eckey_neg = EC_KEY_new_by_curve_name(nid)) || !TEST_true(EC_KEY_generate_key(eckey_neg)) || !TEST_ptr(pkey_neg = EVP_PKEY_new()) || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey_neg, eckey_neg))) goto err; sig_len = ECDSA_size(eckey); if (!TEST_ptr(sig = OPENSSL_malloc(sig_len)) /* create a signature */ || !TEST_true(EVP_DigestSignInit(mctx, NULL, NULL, NULL, pkey)) || !TEST_true(EVP_DigestSign(mctx, sig, &sig_len, tbs, sizeof(tbs))) || !TEST_int_le(sig_len, ECDSA_size(eckey)) /* negative test, verify with wrong key, 0 return */ || !TEST_true(EVP_MD_CTX_reset(mctx)) || !TEST_true(EVP_DigestVerifyInit(mctx, NULL, NULL, NULL, pkey_neg)) || !TEST_int_eq(EVP_DigestVerify(mctx, sig, sig_len, tbs, sizeof(tbs)), 0) /* negative test, verify with wrong signature length, -1 return */ || !TEST_true(EVP_MD_CTX_reset(mctx)) || !TEST_true(EVP_DigestVerifyInit(mctx, NULL, NULL, NULL, pkey)) || !TEST_int_eq(EVP_DigestVerify(mctx, sig, sig_len - 1, tbs, sizeof(tbs)), -1) /* positive test, verify with correct key, 1 return */ || !TEST_true(EVP_MD_CTX_reset(mctx)) || !TEST_true(EVP_DigestVerifyInit(mctx, NULL, NULL, NULL, pkey)) || !TEST_int_eq(EVP_DigestVerify(mctx, sig, sig_len, tbs, sizeof(tbs)), 1)) goto err; /* muck with the message, test it fails with 0 return */ tbs[0] ^= 1; if (!TEST_true(EVP_MD_CTX_reset(mctx)) || !TEST_true(EVP_DigestVerifyInit(mctx, NULL, NULL, NULL, pkey)) || !TEST_int_eq(EVP_DigestVerify(mctx, sig, sig_len, tbs, sizeof(tbs)), 0)) goto err; /* un-muck and test it verifies */ tbs[0] ^= 1; if (!TEST_true(EVP_MD_CTX_reset(mctx)) || !TEST_true(EVP_DigestVerifyInit(mctx, NULL, NULL, NULL, pkey)) || !TEST_int_eq(EVP_DigestVerify(mctx, sig, sig_len, tbs, sizeof(tbs)), 1)) goto err; /*- * Muck with the ECDSA signature. The DER encoding is one of: * - 30 LL 02 .. * - 30 81 LL 02 .. * * - Sometimes this mucks with the high level DER sequence wrapper: * in that case, DER-parsing of the whole signature should fail. * * - Sometimes this mucks with the DER-encoding of ECDSA.r: * in that case, DER-parsing of ECDSA.r should fail. * * - Sometimes this mucks with the DER-encoding of ECDSA.s: * in that case, DER-parsing of ECDSA.s should fail. * * - Sometimes this mucks with ECDSA.r: * in that case, the signature verification should fail. * * - Sometimes this mucks with ECDSA.s: * in that case, the signature verification should fail. * * The usual case is changing the integer value of ECDSA.r or ECDSA.s. * Because the ratio of DER overhead to signature bytes is small. * So most of the time it will be one of the last two cases. * * In any case, EVP_PKEY_verify should not return 1 for valid. */ offset = tbs[0] % sig_len; dirt = tbs[1] ? tbs[1] : 1; sig[offset] ^= dirt; if (!TEST_true(EVP_MD_CTX_reset(mctx)) || !TEST_true(EVP_DigestVerifyInit(mctx, NULL, NULL, NULL, pkey)) || !TEST_int_ne(EVP_DigestVerify(mctx, sig, sig_len, tbs, sizeof(tbs)), 1)) goto err; /* un-muck and test it verifies */ sig[offset] ^= dirt; if (!TEST_true(EVP_MD_CTX_reset(mctx)) || !TEST_true(EVP_DigestVerifyInit(mctx, NULL, NULL, NULL, pkey)) || !TEST_int_eq(EVP_DigestVerify(mctx, sig, sig_len, tbs, sizeof(tbs)), 1)) goto err; ret = 1; err: EVP_PKEY_free(pkey); EVP_PKEY_free(pkey_neg); EVP_MD_CTX_free(mctx); OPENSSL_free(sig); return ret; }
void EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) { EVP_MD_CTX_reset(ctx); }