static int pkey_rsa_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, const unsigned char *tbs, size_t tbslen) { RSA_PKEY_CTX *rctx = (RSA_PKEY_CTX*)ctx->data; RSA *rsa = ctx->pkey->pkey.rsa; size_t rslen; if (rctx->md) { if (rctx->pad_mode == RSA_PKCS1_PADDING) return RSA_verify(EVP_MD_type(rctx->md), tbs, tbslen, sig, siglen, rsa); if (rctx->pad_mode == RSA_X931_PADDING) { if (pkey_rsa_verifyrecover(ctx, NULL, &rslen, sig, siglen) <= 0) return 0; } else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING) { int ret; if (!setup_tbuf(rctx, ctx)) return -1; ret = RSA_public_decrypt(siglen, sig, rctx->tbuf, rsa, RSA_NO_PADDING); if (ret <= 0) return 0; ret = RSA_verify_PKCS1_PSS(rsa, tbs, rctx->md, rctx->tbuf, rctx->saltlen); if (ret <= 0) return 0; return 1; } else return -1; } else { if (!setup_tbuf(rctx, ctx)) return -1; rslen = RSA_public_decrypt(siglen, sig, rctx->tbuf, rsa, rctx->pad_mode); if (rslen == 0) return 0; } if ((rslen != tbslen) || TINYCLR_SSL_MEMCMP(tbs, rctx->tbuf, rslen)) return 0; return 1; }
OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst, X509_NAME *issuerName, ASN1_BIT_STRING *issuerKey, ASN1_INTEGER *serialNumber) { int nid; unsigned int i; X509_ALGOR *alg; OCSP_CERTID *cid = NULL; unsigned char md[EVP_MAX_MD_SIZE]; if (!(cid = OCSP_CERTID_new())) goto err; alg = cid->hashAlgorithm; if (alg->algorithm != NULL) ASN1_OBJECT_free(alg->algorithm); if ((nid = EVP_MD_type(dgst)) == NID_undef) { OCSPerr(OCSP_F_OCSP_CERT_ID_NEW, OCSP_R_UNKNOWN_NID); goto err; } if (!(alg->algorithm = OBJ_nid2obj(nid))) goto err; if ((alg->parameter = ASN1_TYPE_new()) == NULL) goto err; alg->parameter->type = V_ASN1_NULL; if (!X509_NAME_digest(issuerName, dgst, md, &i)) goto digerr; if (!(ASN1_OCTET_STRING_set(cid->issuerNameHash, md, i))) goto err; /* Calculate the issuerKey hash, excluding tag and length */ if (!EVP_Digest(issuerKey->data, issuerKey->length, md, &i, dgst, NULL)) goto err; if (!(ASN1_OCTET_STRING_set(cid->issuerKeyHash, md, i))) goto err; if (serialNumber) { ASN1_INTEGER_free(cid->serialNumber); if (!(cid->serialNumber = ASN1_INTEGER_dup(serialNumber))) goto err; } return cid; digerr: OCSPerr(OCSP_F_OCSP_CERT_ID_NEW, OCSP_R_DIGEST_ERR); err: if (cid) OCSP_CERTID_free(cid); return NULL; }
/* --------------------- control functions ------------------------------*/ static int pkey_gost_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { struct gost_pmeth_data *pctx = (struct gost_pmeth_data *)EVP_PKEY_CTX_get_data(ctx); switch (type) { case EVP_PKEY_CTRL_MD: { if (EVP_MD_type((const EVP_MD *)p2) != NID_id_GostR3411_94) { GOSTerr(GOST_F_PKEY_GOST_CTRL, GOST_R_INVALID_DIGEST_TYPE); return 0; } pctx->md = (EVP_MD *)p2; return 1; } case EVP_PKEY_CTRL_GET_MD: *(const EVP_MD **)p2 = pctx->md; return 1; case EVP_PKEY_CTRL_PKCS7_ENCRYPT: case EVP_PKEY_CTRL_PKCS7_DECRYPT: case EVP_PKEY_CTRL_PKCS7_SIGN: case EVP_PKEY_CTRL_DIGESTINIT: #ifndef OPENSSL_NO_CMS case EVP_PKEY_CTRL_CMS_ENCRYPT: case EVP_PKEY_CTRL_CMS_DECRYPT: case EVP_PKEY_CTRL_CMS_SIGN: #endif return 1; case EVP_PKEY_CTRL_GOST_PARAMSET: pctx->sign_param_nid = (int)p1; return 1; case EVP_PKEY_CTRL_SET_IV: pctx->shared_ukm = OPENSSL_malloc((int)p1); if (pctx->shared_ukm == NULL) { GOSTerr(GOST_F_PKEY_GOST_CTRL, ERR_R_MALLOC_FAILURE); return 0; } memcpy(pctx->shared_ukm, p2, (int)p1); return 1; case EVP_PKEY_CTRL_PEER_KEY: if (p1 == 0 || p1 == 1) /* call from EVP_PKEY_derive_set_peer */ return 1; if (p1 == 2) /* TLS: peer key used? */ return pctx->peer_key_used; if (p1 == 3) /* TLS: peer key used! */ return (pctx->peer_key_used = 1); return -2; } return -2; }
static int pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { DSA_PKEY_CTX *dctx = ctx->data; switch (type) { case EVP_PKEY_CTRL_DSA_PARAMGEN_BITS: if (p1 < 256) return -2; dctx->nbits = p1; return 1; case EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS: if (p1 != 160 && p1 != 224 && p1 && p1 != 256) return -2; dctx->qbits = p1; return 1; case EVP_PKEY_CTRL_DSA_PARAMGEN_MD: if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 && EVP_MD_type((const EVP_MD *)p2) != NID_sha224 && EVP_MD_type((const EVP_MD *)p2) != NID_sha256) { DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE); return 0; } dctx->md = p2; return 1; case EVP_PKEY_CTRL_MD: if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 && EVP_MD_type((const EVP_MD *)p2) != NID_dsa && EVP_MD_type((const EVP_MD *)p2) != NID_sha224 && EVP_MD_type((const EVP_MD *)p2) != NID_sha256) { DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE); return 0; } dctx->md = p2; return 1; case EVP_PKEY_CTRL_DIGESTINIT: case EVP_PKEY_CTRL_PKCS7_SIGN: case EVP_PKEY_CTRL_CMS_SIGN: return 1; case EVP_PKEY_CTRL_PEER_KEY: DSAerr(DSA_F_PKEY_DSA_CTRL, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return -2; default: return -2; } }
void cms_DigestAlgorithm_set(X509_ALGOR *alg, const EVP_MD *md) { int param_type; switch (EVP_MD_type(md)) { case NID_sha1: case NID_sha224: case NID_sha256: case NID_sha384: case NID_sha512: param_type = V_ASN1_UNDEF; break; default: param_type = V_ASN1_NULL; break; } X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_MD_type(md)), param_type, NULL); }
static int pkey_ec_verify(EVP_PKEY_CTX *ctx, const uint8_t *sig, size_t siglen, const uint8_t *tbs, size_t tbslen) { int type; EC_PKEY_CTX *dctx = ctx->data; EC_KEY *ec = ctx->pkey->pkey.ec; type = NID_sha1; if (dctx->md) { type = EVP_MD_type(dctx->md); } return ECDSA_verify(type, tbs, tbslen, sig, siglen, ec); }
static LUA_FUNCTION(openssl_digest_info) { EVP_MD *md = CHECK_OBJECT(1, EVP_MD, "openssl.evp_digest"); lua_newtable(L); AUXILIAR_SET(L, -1, "nid", EVP_MD_nid(md), integer); AUXILIAR_SET(L, -1, "name", EVP_MD_name(md), string); AUXILIAR_SET(L, -1, "size", EVP_MD_size(md), integer); AUXILIAR_SET(L, -1, "block_size", EVP_MD_block_size(md), integer); AUXILIAR_SET(L, -1, "pkey_type", EVP_MD_pkey_type(md), integer); AUXILIAR_SET(L, -1, "flags", EVP_MD_type(md), integer); return 1; }
static int pkey_rsa_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, const unsigned char *tbs, size_t tbslen) { RSA_PKEY_CTX *rctx = ctx->data; RSA *rsa = ctx->pkey->pkey.rsa; size_t rslen; if (rctx->md) { if (rctx->pad_mode == RSA_PKCS1_PADDING) return RSA_verify(EVP_MD_type(rctx->md), tbs, tbslen, sig, siglen, rsa); if (tbslen != (size_t)EVP_MD_size(rctx->md)) { RSAerr(RSA_F_PKEY_RSA_VERIFY, RSA_R_INVALID_DIGEST_LENGTH); return -1; } if (rctx->pad_mode == RSA_X931_PADDING) { if (pkey_rsa_verifyrecover(ctx, NULL, &rslen, sig, siglen) <= 0) return 0; } else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING) { int ret; if (!setup_tbuf(rctx, ctx)) return -1; ret = RSA_public_decrypt(siglen, sig, rctx->tbuf, rsa, RSA_NO_PADDING); if (ret <= 0) return 0; ret = RSA_verify_PKCS1_PSS_mgf1(rsa, tbs, rctx->md, rctx->mgf1md, rctx->tbuf, rctx->saltlen); if (ret <= 0) return 0; return 1; } else { return -1; } } else { if (!setup_tbuf(rctx, ctx)) return -1; rslen = RSA_public_decrypt(siglen, sig, rctx->tbuf, rsa, rctx->pad_mode); if (rslen == 0) return 0; } if ((rslen != tbslen) || memcmp(tbs, rctx->tbuf, rslen)) return 0; return 1; }
//We can control the state of our engine by commands static int pkey_gost_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { struct te_mac_pmeth_data *data = (struct te_mac_pmeth_data*)EVP_PKEY_CTX_get_data(ctx); switch (type) { case EVP_PKEY_CTRL_MD: if (EVP_MD_type((const EVP_MD *)p2) != NID_hmac_sha1) { printf("Error: unsupported digest type\n"); return 0; } data->md = (EVP_MD*)p2; return 1; case EVP_PKEY_CTRL_PKCS7_ENCRYPT: case EVP_PKEY_CTRL_PKCS7_DECRYPT: case EVP_PKEY_CTRL_PKCS7_SIGN: return 1; case EVP_PKEY_CTRL_SET_MAC_KEY: //here we can insert pkey extraction printf("Got set user id command: %s\n", (char*)p2); //or save user id for further operations if(strcmp((char*)p2, "123")) { printf("Error: unknown user (id = %s)\n", (char*)p2); return 0; } memcpy(data->uid, p2, p1); memcpy(data->key, "user_123_key\0", 13); data->key_ln = 12; data->key_set = 1; return 1; case EVP_PKEY_CTRL_DIGESTINIT: { //this request runs in different context (for unknown reason) printf("Got digest init command\n"); //but has the key that we have installed in keygen request void *key = 0; //in this request we must transfer the key into digest context int keyln = 0; //so digest must support control commands if(!data->key_set) { EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx); if (!pkey) { printf("Error: unable to set key\n"); return 0; } key = EVP_PKEY_get0(pkey); if (!key) { printf("Error: unable to set key\n"); return 0; } keyln = strlen((char *)key); //it's so dangerous } else { key = &(data->key); keyln = data->key_ln; } return ((EVP_MD_CTX*)p2)->digest->md_ctrl((EVP_MD_CTX*)p2, EVP_MD_CTRL_SET_KEY, keyln, key); } } return -2; }
static int ossltest_digest_nids(const int **nids) { static int digest_nids[6] = { 0, 0, 0, 0, 0, 0 }; static int pos = 0; static int init = 0; if (!init) { const EVP_MD *md; if ((md = digest_md5()) != NULL) digest_nids[pos++] = EVP_MD_type(md); if ((md = digest_sha1()) != NULL) digest_nids[pos++] = EVP_MD_type(md); if ((md = digest_sha256()) != NULL) digest_nids[pos++] = EVP_MD_type(md); if ((md = digest_sha384()) != NULL) digest_nids[pos++] = EVP_MD_type(md); if ((md = digest_sha512()) != NULL) digest_nids[pos++] = EVP_MD_type(md); digest_nids[pos] = 0; init = 1; } *nids = digest_nids; return pos; }
static int check_padding_md(const EVP_MD *md, int padding) { int mdnid; if (!md) return 1; mdnid = EVP_MD_type(md); if (padding == RSA_NO_PADDING) { RSAerr(RSA_F_CHECK_PADDING_MD, RSA_R_INVALID_PADDING_MODE); return 0; } if (padding == RSA_X931_PADDING) { if (RSA_X931_hash_id(mdnid) == -1) { RSAerr(RSA_F_CHECK_PADDING_MD, RSA_R_INVALID_X931_DIGEST); return 0; } } else { switch(mdnid) { /* List of all supported RSA digests */ case NID_sha1: case NID_sha224: case NID_sha256: case NID_sha384: case NID_sha512: case NID_md5: case NID_md5_sha1: case NID_md2: case NID_md4: case NID_mdc2: case NID_ripemd160: case NID_sha3_224: case NID_sha3_256: case NID_sha3_384: case NID_sha3_512: return 1; default: RSAerr(RSA_F_CHECK_PADDING_MD, RSA_R_INVALID_DIGEST); return 0; } } return 1; }
static int pkey_gost_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); switch (type) { case EVP_PKEY_CTRL_MD: if (EVP_MD_type(p2) != NID_id_Gost28147_89_MAC) { GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, GOST_R_INVALID_DIGEST_TYPE); return 0; } data->md = p2; return 1; case EVP_PKEY_CTRL_SET_MAC_KEY: if (p1 != 32) { GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, GOST_R_INVALID_MAC_KEY_LENGTH); return 0; } memcpy(data->key, p2, 32); data->key_set = 1; return 1; case EVP_PKEY_CTRL_DIGESTINIT: { EVP_MD_CTX *mctx = p2; void *key; if (!data->key_set) { EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx); if (!pkey) { GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, GOST_R_MAC_KEY_NOT_SET); return 0; } key = EVP_PKEY_get0(pkey); if (!key) { GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, GOST_R_MAC_KEY_NOT_SET); return 0; } } else { key = &(data->key); } if (!mctx->digest->md_ctrl) return 0; return mctx->digest->md_ctrl(mctx, EVP_MD_CTRL_SET_KEY, 32 * 8, key); } } return -2; }
int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md, EVP_PBE_KEYGEN *keygen) { int cipher_nid, md_nid; if (cipher) cipher_nid = EVP_CIPHER_type(cipher); else cipher_nid = -1; if (md) md_nid = EVP_MD_type(md); else md_nid = -1; return EVP_PBE_alg_add_type(EVP_PBE_TYPE_OUTER, nid, cipher_nid, md_nid, keygen); }
static int test_digest_nids(const int **nids) { static int digest_nids[2] = { 0, 0 }; static int pos = 0; static int init = 0; if (!init) { const EVP_MD *md; if ((md = test_sha_md()) != NULL) digest_nids[pos++] = EVP_MD_type(md); digest_nids[pos] = 0; init = 1; } *nids = digest_nids; return pos; }
static int pkey_ec_verifyctx(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen, EVP_MD_CTX *mctx) { unsigned char dgst[EVP_MAX_MD_SIZE]; unsigned int dgstlen; EC_PKEY_CTX *ec_ctx = ctx->data; EC_KEY *ec_key = ctx->pkey->pkey.ec; int type = ec_ctx->md ? EVP_MD_type(ec_ctx->md) : NID_sm3; dgstlen = sizeof(dgst); if (!EVP_DigestFinal_ex(mctx, dgst, &dgstlen)) { return -1; } return SM2_verify(type, dgst, dgstlen, sig, siglen, ec_key); }
KDF_FUNC KDF_get_x9_63(const EVP_MD *md) { switch (EVP_MD_type(md)) { case NID_sm3: return x963_sm3kdf; #ifndef OPENSSL_NO_MD5 case NID_md5: return x963_md5kdf; #endif #ifndef OPENSSL_NO_BLAKE2 case NID_blake2b512: return x963_blake2b512kdf; case NID_blake2s256: return x963_blake2s256kdf; #endif #ifndef OPENSSL_NO_SHA case NID_sha1: return x963_sha1kdf; # ifndef OPENSSL_NO_SHA256 case NID_sha224: return x963_sha224kdf; case NID_sha256: return x963_sha256kdf; # endif # ifndef OPENSSL_NO_SHA512 case NID_sha384: return x963_sha384kdf; case NID_sha512: return x963_sha512kdf; # endif #endif #ifndef OPENSSL_NO_MDC2 case NID_mdc2: return x963_mdc2kdf; #endif #ifndef OPENSSL_NO_RMD160 case NID_ripemd160: return x963_ripemd160kdf; #endif #ifndef OPENSSL_NO_WHIRLPOOL case NID_whirlpool: return x963_whirlpoolkdf; #endif } return NULL; }
int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, EVP_MD *dgst) { char is_dsa; if (pkey->type == EVP_PKEY_DSA) is_dsa = 1; else is_dsa = 0; /* We now need to add another PKCS7_SIGNER_INFO entry */ ASN1_INTEGER_set(p7i->version,1); X509_NAME_set(&p7i->issuer_and_serial->issuer, X509_get_issuer_name(x509)); /* because ASN1_INTEGER_set is used to set a 'long' we will do * things the ugly way. */ M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial); p7i->issuer_and_serial->serial= M_ASN1_INTEGER_dup(X509_get_serialNumber(x509)); /* lets keep the pkey around for a while */ CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY); p7i->pkey=pkey; /* Set the algorithms */ if (is_dsa) p7i->digest_alg->algorithm=OBJ_nid2obj(NID_sha1); else p7i->digest_alg->algorithm=OBJ_nid2obj(EVP_MD_type(dgst)); if (p7i->digest_alg->parameter != NULL) ASN1_TYPE_free(p7i->digest_alg->parameter); if ((p7i->digest_alg->parameter=ASN1_TYPE_new()) == NULL) goto err; p7i->digest_alg->parameter->type=V_ASN1_NULL; p7i->digest_enc_alg->algorithm=OBJ_nid2obj(EVP_PKEY_type(pkey->type)); if (p7i->digest_enc_alg->parameter != NULL) ASN1_TYPE_free(p7i->digest_enc_alg->parameter); if(is_dsa) p7i->digest_enc_alg->parameter = NULL; else { if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new())) goto err; p7i->digest_enc_alg->parameter->type=V_ASN1_NULL; } return(1); err: return(0); }
int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, const EVP_MD *dgst) { int ret; /* We now need to add another PKCS7_SIGNER_INFO entry */ if (!ASN1_INTEGER_set(p7i->version,1)) goto err; if (!X509_NAME_set(&p7i->issuer_and_serial->issuer, X509_get_issuer_name(x509))) goto err; /* because ASN1_INTEGER_set is used to set a 'long' we will do * things the ugly way. */ M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial); if (!(p7i->issuer_and_serial->serial= M_ASN1_INTEGER_dup(X509_get_serialNumber(x509)))) goto err; /* lets keep the pkey around for a while */ CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY); p7i->pkey=pkey; /* Set the algorithms */ X509_ALGOR_set0(p7i->digest_alg, OBJ_nid2obj(EVP_MD_type(dgst)), V_ASN1_NULL, NULL); if (pkey->ameth && pkey->ameth->pkey_ctrl) { ret = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_PKCS7_SIGN, 0, p7i); if (ret > 0) return 1; if (ret != -2) { PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SET, PKCS7_R_SIGNING_CTRL_FAILURE); return 0; } } PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SET, PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); err: return 0; }
int tls12_get_sigandhash(unsigned char *p, const EVP_PKEY *pk, const EVP_MD *md) { int sig_id, md_id; if (!md) return 0; md_id = tls12_find_id(EVP_MD_type(md), tls12_md, sizeof(tls12_md) / sizeof(tls12_lookup)); if (md_id == -1) return 0; sig_id = tls12_get_sigid(pk); if (sig_id == -1) return 0; p[0] = (unsigned char)md_id; p[1] = (unsigned char)sig_id; return 1; }
static int pkey_dsa_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, const unsigned char *tbs, size_t tbslen) { int ret, type; DSA_PKEY_CTX *dctx = ctx->data; DSA *dsa = ctx->pkey->pkey.dsa; if (dctx->md) type = EVP_MD_type(dctx->md); else type = NID_sha1; ret = DSA_verify(type, tbs, tbslen, sig, siglen, dsa); return ret; }
static int pkey_ec_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, const unsigned char *tbs, size_t tbslen) { int ret, type; EC_PKEY_CTX *dctx = ctx->data; EC_KEY *ec = ctx->pkey->pkey.ec; if (dctx->md) type = EVP_MD_type(dctx->md); else type = NID_sha1; ret = ECDSA_verify(type, tbs, tbslen, sig, siglen, ec); return ret; }
int x509_digest_sign_algorithm(EVP_MD_CTX *ctx, X509_ALGOR *algor) { EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx); if (pkey == NULL) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_CONTEXT_NOT_INITIALISED); return 0; } if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) { int pad_mode; if (!EVP_PKEY_CTX_get_rsa_padding(ctx->pctx, &pad_mode)) { return 0; } /* RSA-PSS has special signature algorithm logic. */ if (pad_mode == RSA_PKCS1_PSS_PADDING) { return x509_rsa_ctx_to_pss(ctx, algor); } } if (EVP_PKEY_id(pkey) == EVP_PKEY_ED25519) { return X509_ALGOR_set0(algor, OBJ_nid2obj(NID_ED25519), V_ASN1_UNDEF, NULL); } /* Default behavior: look up the OID for the algorithm/hash pair and encode * that. */ const EVP_MD *digest = EVP_MD_CTX_md(ctx); if (digest == NULL) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_CONTEXT_NOT_INITIALISED); return 0; } int sign_nid; if (!OBJ_find_sigid_by_algs(&sign_nid, EVP_MD_type(digest), EVP_PKEY_id(pkey))) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); return 0; } /* RSA signature algorithms include an explicit NULL parameter. Others omit * it. */ int paramtype = (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) ? V_ASN1_NULL : V_ASN1_UNDEF; X509_ALGOR_set0(algor, OBJ_nid2obj(sign_nid), paramtype, NULL); return 1; }
static void list_md_fn(const EVP_MD * m, const char *from, const char *to, void *arg) { const char *mname; /* Skip aliases */ if (!m) return; mname = OBJ_nid2ln(EVP_MD_type(m)); /* Skip shortnames */ if (strcmp(from, mname)) return; /* Skip clones */ if (EVP_MD_flags(m) & EVP_MD_FLAG_PKEY_DIGEST) return; if (strchr(mname, ' ')) mname = EVP_MD_name(m); BIO_printf(arg, "-%-14s to use the %s message digest algorithm\n", mname, mname); }
/* Set up a mac structure */ int PKCS12_setup_mac (PKCS12 * p12, int iter, unsigned char *salt, int saltlen, const EVP_MD * md_type) { if (!(p12->mac = PKCS12_MAC_DATA_new ())) return PKCS12_ERROR; if (iter > 1) { if (!(p12->mac->iter = M_ASN1_INTEGER_new ())) { PKCS12err (PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE); return 0; } if (!ASN1_INTEGER_set (p12->mac->iter, iter)) { PKCS12err (PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE); return 0; } } if (!saltlen) saltlen = PKCS12_SALT_LEN; p12->mac->salt->length = saltlen; if (!(p12->mac->salt->data = OPENSSL_malloc (saltlen))) { PKCS12err (PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE); return 0; } if (!salt) { if (RAND_pseudo_bytes (p12->mac->salt->data, saltlen) < 0) return 0; } else memcpy (p12->mac->salt->data, salt, saltlen); p12->mac->dinfo->algor->algorithm = OBJ_nid2obj (EVP_MD_type (md_type)); if (!(p12->mac->dinfo->algor->parameter = ASN1_TYPE_new ())) { PKCS12err (PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE); return 0; } p12->mac->dinfo->algor->parameter->type = V_ASN1_NULL; return 1; }
static int pkey_dsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen) { int ret, type; unsigned int sltmp; DSA_PKEY_CTX *dctx = ctx->data; DSA *dsa = ctx->pkey->pkey.dsa; if (dctx->md) type = EVP_MD_type(dctx->md); else type = NID_sha1; ret = DSA_sign(type, tbs, tbslen, sig, &sltmp, dsa); if (ret <= 0) return ret; *siglen = sltmp; return 1; }
static int pkey_ec_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, const unsigned char *dgst, size_t dgstlen) { int ret, type; EC_PKEY_CTX *dctx = ctx->data; EC_KEY *ec_key = ctx->pkey->pkey.ec; if (dctx->md) type = EVP_MD_type(dctx->md); else type = NID_sha1; if (dctx->sign_type == NID_sm2sign) ret = SM2_verify(type, dgst, dgstlen, sig, siglen, ec_key); else ret = ECDSA_verify(type, dgst, dgstlen, sig, siglen, ec_key); return ret; }
static int check_padding_md(const EVP_MD *md, int padding) { if (!md) return 1; if (padding == RSA_NO_PADDING) { RSAerr(RSA_F_CHECK_PADDING_MD, RSA_R_INVALID_PADDING_MODE); return 0; } if (padding == RSA_X931_PADDING) { if (RSA_X931_hash_id(EVP_MD_type(md)) == -1) { RSAerr(RSA_F_CHECK_PADDING_MD, RSA_R_INVALID_X931_DIGEST); return 0; } return 1; } return 1; }
static int pkey_ec_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *dgst, size_t dgstlen) { int ret; EC_PKEY_CTX *dctx = ctx->data; EC_KEY *ec_key = ctx->pkey->pkey.ec; int type; unsigned int len; if (!sig) { *siglen = ECDSA_size(ec_key); return 1; } else if (*siglen < (size_t)ECDSA_size(ec_key)) { ECerr(EC_F_PKEY_EC_SIGN, EC_R_BUFFER_TOO_SMALL); return 0; } if (dctx->sign_type != NID_secg_scheme && dctx->sign_type != NID_sm_scheme) { return 0; } if (dctx->md) type = EVP_MD_type(dctx->md); else if (dctx->sign_type == NID_secg_scheme) type = NID_sha1; else if (dctx->sign_type == NID_sm_scheme) type = NID_sm3; if (dctx->sign_type == NID_secg_scheme) { ret = ECDSA_sign(type, dgst, dgstlen, sig, &len, ec_key); } else if (dctx->sign_type == NID_sm_scheme) { ret = SM2_sign(type, dgst, dgstlen, sig, &len, ec_key); } if (ret <= 0) return ret; *siglen = len; return 1; }
/** * Hashes a block of data and verifies it against an RSA signature. */ int verify_RSA_sig(RSA_key_t rsa, int hashtype, const unsigned char *mes, unsigned int meslen, unsigned char *sig, unsigned int siglen) { unsigned char meshash[HMAC_LEN]; unsigned int meshashlen; const EVP_MD *hashptr; if (!hash(hashtype, mes, meslen, meshash, &meshashlen)) { return 0; } hashptr = get_hash(hashtype); if (!RSA_verify(EVP_MD_type(hashptr), meshash, meshashlen, sig, siglen, rsa)) { log_ssl_err("RSA_verify failed"); return 0; } else { return 1; } }
void static list_md_fn_OpenSSLHashes(const EVP_MD *m, const char *, const char *, void *) { if (m) { QString name(EVP_MD_name(m)); // blacklisting some messages digest returned by openssl list function. // If someone can explain to me why the list of hashes in here is different // from the one given by the openssl command line tool that would be great. // Not only it returns a different list, but the list itself is mostly duplicated ?? // Blacklist also includes hashes already present by default in the Qt API if (OpensslPlugin::blacklistHash.contains(name)) { return; } if (!OpenSSLHashes::hashList.contains(name)) { qDebug() << name << " " << m << " " << EVP_MD_type(m); OpenSSLHashes::hashList.append(name); } } }