本文整理汇总了C++中EVP_DigestInit_ex函数的典型用法代码示例。如果您正苦于以下问题:C++ EVP_DigestInit_ex函数的具体用法?C++ EVP_DigestInit_ex怎么用?C++ EVP_DigestInit_ex使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了EVP_DigestInit_ex函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: ndn_merkle_root_hash
int ndn_merkle_root_hash(const unsigned char *msg, size_t size,
const struct ndn_parsed_ContentObject *co,
const EVP_MD *digest_type,
MP_info *merkle_path_info,
unsigned char *result, int result_size)
{
int node = ASN1_INTEGER_get(merkle_path_info->node);
EVP_MD_CTX digest_context;
EVP_MD_CTX *digest_contextp = &digest_context;
size_t data_size;
unsigned char *input_hash[2] = {NULL, NULL};
//int hash_count = sk_ASN1_OCTET_STRING_num(merkle_path_info->hashes);
int hash_index = sk_ASN1_OCTET_STRING_num(merkle_path_info->hashes) - 1;
//ASN1_OCTET_STRING *sibling_hash;
int res;
if (result_size != EVP_MD_size(digest_type))
return -1;
/*
* This is the calculation for the node we're starting from
*
* The digest type for the leaf node we'll take from the MHT OID
* We can assume that, since we're using the same digest function, the
* result size will always be the same.
*/
EVP_MD_CTX_init(digest_contextp);
EVP_DigestInit_ex(digest_contextp, digest_type, NULL);
data_size = co->offset[NDN_PCO_E_Content] - co->offset[NDN_PCO_B_Name];
res = EVP_DigestUpdate(digest_contextp, msg + co->offset[NDN_PCO_B_Name], data_size);
res &= EVP_DigestFinal_ex(digest_contextp, result, NULL);
EVP_MD_CTX_cleanup(digest_contextp);
if (res != 1)
return(-1);
/* input_hash[0, 1] = address of hash for (left,right) node of parent
*/
while (node != 1) {
input_hash[node & 1] = result;
input_hash[(node & 1) ^ 1] = sk_ASN1_OCTET_STRING_value(merkle_path_info->hashes, hash_index)->data;
if (sk_ASN1_OCTET_STRING_value(merkle_path_info->hashes, hash_index)->length != result_size)
return (-1);
hash_index -= 1;
#ifdef DEBUG
fprintf(stderr, "node[%d].lefthash = ", parent_of(node));
for (int x = 0; x < result_size; x++) {
fprintf(stderr, "%02x", input_hash[0][x]);
}
fprintf(stderr, "\n");
fprintf(stderr, "node[%d].righthash = ", parent_of(node));
for (int x = 0; x < result_size; x++) {
fprintf(stderr, "%02x", input_hash[1][x]);
}
fprintf(stderr, "\n");
#endif
EVP_MD_CTX_init(digest_contextp);
res = EVP_DigestInit_ex(digest_contextp, digest_type, NULL);
res &= EVP_DigestUpdate(digest_contextp, input_hash[0], result_size);
res &= EVP_DigestUpdate(digest_contextp, input_hash[1], result_size);
res &= EVP_DigestFinal_ex(digest_contextp, result, NULL);
EVP_MD_CTX_cleanup(digest_contextp);
if (res != 1)
return(-1);
node = parent_of(node);
#ifdef DEBUG
fprintf(stderr, "yielding node[%d] hash = ", node);
for (int x = 0; x < result_size; x++) {
fprintf(stderr, "%02x", result[x]);
}
fprintf(stderr, "\n");
#endif
}
return (0);
}
示例2: digest
static void
digest(struct executable *x)
{
EVP_MD_CTX *mdctx;
const EVP_MD *md;
size_t sum_of_bytes_hashed;
int i, ok;
/*
* Windows Authenticode Portable Executable Signature Format
* spec version 1.0 specifies MD5 and SHA1. However, pesign
* and sbsign both use SHA256, so do the same.
*/
md = EVP_get_digestbyname(DIGEST);
if (md == NULL) {
ERR_print_errors_fp(stderr);
errx(1, "EVP_get_digestbyname(\"%s\") failed", DIGEST);
}
mdctx = EVP_MD_CTX_create();
if (mdctx == NULL) {
ERR_print_errors_fp(stderr);
errx(1, "EVP_MD_CTX_create(3) failed");
}
ok = EVP_DigestInit_ex(mdctx, md, NULL);
if (ok == 0) {
ERR_print_errors_fp(stderr);
errx(1, "EVP_DigestInit_ex(3) failed");
}
/*
* According to the Authenticode spec, we need to compute
* the digest in a rather... specific manner; see "Calculating
* the PE Image Hash" part of the spec for details.
*
* First, everything from 0 to before the PE checksum.
*/
digest_range(x, mdctx, 0, x->x_checksum_off);
/*
* Second, from after the PE checksum to before the Certificate
* entry in Data Directory.
*/
digest_range(x, mdctx, x->x_checksum_off + x->x_checksum_len,
x->x_certificate_entry_off -
(x->x_checksum_off + x->x_checksum_len));
/*
* Then, from after the Certificate entry to the end of headers.
*/
digest_range(x, mdctx,
x->x_certificate_entry_off + x->x_certificate_entry_len,
x->x_headers_len -
(x->x_certificate_entry_off + x->x_certificate_entry_len));
/*
* Then, each section in turn, as specified in the PE Section Table.
*
* XXX: Sorting.
*/
sum_of_bytes_hashed = x->x_headers_len;
for (i = 0; i < x->x_nsections; i++) {
digest_range(x, mdctx,
x->x_section_off[i], x->x_section_len[i]);
sum_of_bytes_hashed += x->x_section_len[i];
}
/*
* I believe this can happen with overlapping sections.
*/
if (sum_of_bytes_hashed > x->x_len)
errx(1, "number of bytes hashed is larger than file size");
/*
* I can't really explain this one; just do what the spec says.
*/
if (sum_of_bytes_hashed < x->x_len) {
digest_range(x, mdctx, sum_of_bytes_hashed,
x->x_len - (signature_size(x) + sum_of_bytes_hashed));
}
ok = EVP_DigestFinal_ex(mdctx, x->x_digest, &x->x_digest_len);
if (ok == 0) {
ERR_print_errors_fp(stderr);
errx(1, "EVP_DigestFinal_ex(3) failed");
}
EVP_MD_CTX_destroy(mdctx);
}
示例3: RSA_padding_add_PKCS1_PSS_mgf1
int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
const unsigned char *mHash,
const EVP_MD *Hash, const EVP_MD *mgf1Hash, int sLen)
{
int i;
int ret = 0;
int hLen, maskedDBLen, MSBits, emLen;
unsigned char *H, *salt = NULL, *p;
EVP_MD_CTX ctx;
if (mgf1Hash == NULL)
mgf1Hash = Hash;
hLen = M_EVP_MD_size(Hash);
if (hLen < 0)
goto err;
/*
* Negative sLen has special meanings:
* -1 sLen == hLen
* -2 salt length is maximized
* -N reserved
*/
if (sLen == -1) sLen = hLen;
else if (sLen == -2) sLen = -2;
else if (sLen < -2)
{
RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1, RSA_R_SLEN_CHECK_FAILED);
goto err;
}
MSBits = (BN_num_bits(rsa->n) - 1) & 0x7;
emLen = RSA_size(rsa);
if (MSBits == 0)
{
*EM++ = 0;
emLen--;
}
if (sLen == -2)
{
sLen = emLen - hLen - 2;
}
else if (emLen < (hLen + sLen + 2))
{
RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
goto err;
}
if (sLen > 0)
{
salt = OPENSSL_malloc(sLen);
if (!salt)
{
RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1,ERR_R_MALLOC_FAILURE);
goto err;
}
if (RAND_bytes(salt, sLen) <= 0)
goto err;
}
maskedDBLen = emLen - hLen - 1;
H = EM + maskedDBLen;
EVP_MD_CTX_init(&ctx);
if (!EVP_DigestInit_ex(&ctx, Hash, NULL)
|| !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes)
|| !EVP_DigestUpdate(&ctx, mHash, hLen))
goto err;
if (sLen && !EVP_DigestUpdate(&ctx, salt, sLen))
goto err;
if (!EVP_DigestFinal_ex(&ctx, H, NULL))
goto err;
EVP_MD_CTX_cleanup(&ctx);
/* Generate dbMask in place then perform XOR on it */
if (PKCS1_MGF1(EM, maskedDBLen, H, hLen, mgf1Hash))
goto err;
p = EM;
/* Initial PS XORs with all zeroes which is a NOP so just update
* pointer. Note from a test above this value is guaranteed to
* be non-negative.
*/
p += emLen - sLen - hLen - 2;
*p++ ^= 0x1;
if (sLen > 0)
{
for (i = 0; i < sLen; i++)
*p++ ^= salt[i];
}
if (MSBits)
EM[0] &= 0xFF >> (8 - MSBits);
/* H is already in place so just set final 0xbc */
EM[emLen - 1] = 0xbc;
ret = 1;
err:
if (salt)
OPENSSL_free(salt);
//.........这里部分代码省略.........
示例4: EVP_BytesToKey
int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
const unsigned char *salt, const unsigned char *data, int datal,
int count, unsigned char *key, unsigned char *iv)
{
EVP_MD_CTX c;
unsigned char md_buf[EVP_MAX_MD_SIZE];
int niv,nkey,addmd=0;
unsigned int mds=0,i;
nkey=type->key_len;
niv=type->iv_len;
OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH);
OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH);
if (data == NULL) return(nkey);
EVP_MD_CTX_init(&c);
for (;;)
{
EVP_DigestInit_ex(&c,md, NULL);
if (addmd++)
EVP_DigestUpdate(&c,&(md_buf[0]),mds);
EVP_DigestUpdate(&c,data,datal);
if (salt != NULL)
EVP_DigestUpdate(&c,salt,PKCS5_SALT_LEN);
EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds);
for (i=1; i<(unsigned int)count; i++)
{
EVP_DigestInit_ex(&c,md, NULL);
EVP_DigestUpdate(&c,&(md_buf[0]),mds);
EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds);
}
i=0;
if (nkey)
{
for (;;)
{
if (nkey == 0) break;
if (i == mds) break;
if (key != NULL)
*(key++)=md_buf[i];
nkey--;
i++;
}
}
if (niv && (i != mds))
{
for (;;)
{
if (niv == 0) break;
if (i == mds) break;
if (iv != NULL)
*(iv++)=md_buf[i];
niv--;
i++;
}
}
if ((nkey == 0) && (niv == 0)) break;
}
EVP_MD_CTX_cleanup(&c);
OPENSSL_cleanse(&(md_buf[0]),EVP_MAX_MD_SIZE);
return(type->key_len);
}
示例5: ssl3_change_cipher_state
//.........这里部分代码省略.........
else
/* make sure it's intialized in case we exit later with an error */
EVP_CIPHER_CTX_init(s->enc_write_ctx);
dd= s->enc_write_ctx;
ssl_replace_hash(&s->write_hash,m);
#ifndef OPENSSL_NO_COMP
/* COMPRESS */
if (s->compress != NULL)
{
COMP_CTX_free(s->compress);
s->compress=NULL;
}
if (comp != NULL)
{
s->compress=COMP_CTX_new(comp);
if (s->compress == NULL)
{
SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR);
goto err2;
}
}
#endif
memset(&(s->s3->write_sequence[0]),0,8);
mac_secret= &(s->s3->write_mac_secret[0]);
}
if (reuse_dd)
EVP_CIPHER_CTX_cleanup(dd);
p=s->s3->tmp.key_block;
i=EVP_MD_size(m);
if (i < 0)
goto err2;
cl=EVP_CIPHER_key_length(c);
j=is_exp ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ?
cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
/* Was j=(is_exp)?5:EVP_CIPHER_key_length(c); */
k=EVP_CIPHER_iv_length(c);
if ( (which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
(which == SSL3_CHANGE_CIPHER_SERVER_READ))
{
ms= &(p[ 0]); n=i+i;
key= &(p[ n]); n+=j+j;
iv= &(p[ n]); n+=k+k;
er1= &(s->s3->client_random[0]);
er2= &(s->s3->server_random[0]);
}
else
{
n=i;
ms= &(p[ n]); n+=i+j;
key= &(p[ n]); n+=j+k;
iv= &(p[ n]); n+=k;
er1= &(s->s3->server_random[0]);
er2= &(s->s3->client_random[0]);
}
if (n > s->s3->tmp.key_block_length)
{
SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,ERR_R_INTERNAL_ERROR);
goto err2;
}
EVP_MD_CTX_init(&md);
memcpy(mac_secret,ms,i);
if (is_exp)
{
/* In here I set both the read and write key/iv to the
* same value since only the correct one will be used :-).
*/
EVP_DigestInit_ex(&md,EVP_md5(), NULL);
EVP_DigestUpdate(&md,key,j);
EVP_DigestUpdate(&md,er1,SSL3_RANDOM_SIZE);
EVP_DigestUpdate(&md,er2,SSL3_RANDOM_SIZE);
EVP_DigestFinal_ex(&md,&(exp_key[0]),NULL);
key= &(exp_key[0]);
if (k > 0)
{
EVP_DigestInit_ex(&md,EVP_md5(), NULL);
EVP_DigestUpdate(&md,er1,SSL3_RANDOM_SIZE);
EVP_DigestUpdate(&md,er2,SSL3_RANDOM_SIZE);
EVP_DigestFinal_ex(&md,&(exp_iv[0]),NULL);
iv= &(exp_iv[0]);
}
}
s->session->key_arg_length=0;
EVP_CipherInit_ex(dd,c,NULL,key,iv,(which & SSL3_CC_WRITE));
OPENSSL_cleanse(&(exp_key[0]),sizeof(exp_key));
OPENSSL_cleanse(&(exp_iv[0]),sizeof(exp_iv));
EVP_MD_CTX_cleanup(&md);
return(1);
err:
SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,ERR_R_MALLOC_FAILURE);
err2:
return(0);
}
示例6: PKCS5_PBE_keyivgen
int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
ASN1_TYPE *param, const EVP_CIPHER *cipher,
const EVP_MD *md, int en_de)
{
EVP_MD_CTX ctx;
unsigned char md_tmp[EVP_MAX_MD_SIZE];
unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
int i;
PBEPARAM *pbe;
int saltlen, iter;
unsigned char *salt;
const unsigned char *pbuf;
int mdsize;
int rv = 0;
EVP_MD_CTX_init(&ctx);
/* Extract useful info from parameter */
if (param == NULL || param->type != V_ASN1_SEQUENCE ||
param->value.sequence == NULL) {
EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
return 0;
}
pbuf = param->value.sequence->data;
if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) {
EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
return 0;
}
if (!pbe->iter)
iter = 1;
else
iter = ASN1_INTEGER_get(pbe->iter);
salt = pbe->salt->data;
saltlen = pbe->salt->length;
if (!pass)
passlen = 0;
else if (passlen == -1)
passlen = strlen(pass);
if (!EVP_DigestInit_ex(&ctx, md, NULL))
goto err;
if (!EVP_DigestUpdate(&ctx, pass, passlen))
goto err;
if (!EVP_DigestUpdate(&ctx, salt, saltlen))
goto err;
PBEPARAM_free(pbe);
if (!EVP_DigestFinal_ex(&ctx, md_tmp, NULL))
goto err;
mdsize = EVP_MD_size(md);
if (mdsize < 0)
return 0;
for (i = 1; i < iter; i++) {
if (!EVP_DigestInit_ex(&ctx, md, NULL))
goto err;
if (!EVP_DigestUpdate(&ctx, md_tmp, mdsize))
goto err;
if (!EVP_DigestFinal_ex(&ctx, md_tmp, NULL))
goto err;
}
OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= (int)sizeof(md_tmp));
memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16);
memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
EVP_CIPHER_iv_length(cipher));
if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de))
goto err;
OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE);
OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH);
rv = 1;
err:
EVP_MD_CTX_cleanup(&ctx);
return rv;
}
示例7: ssl3_handshake_mac
static int ssl3_handshake_mac(SSL *s, int md_nid, const char *sender, int len,
uint8_t *p) {
unsigned int ret;
int npad, n;
unsigned int i;
uint8_t md_buf[EVP_MAX_MD_SIZE];
EVP_MD_CTX ctx, *d = NULL;
if (s->s3->handshake_buffer &&
!ssl3_digest_cached_records(s, free_handshake_buffer)) {
return 0;
}
/* Search for digest of specified type in the handshake_dgst array. */
for (i = 0; i < SSL_MAX_DIGEST; i++) {
if (s->s3->handshake_dgst[i] &&
EVP_MD_CTX_type(s->s3->handshake_dgst[i]) == md_nid) {
d = s->s3->handshake_dgst[i];
break;
}
}
if (!d) {
OPENSSL_PUT_ERROR(SSL, ssl3_handshake_mac, SSL_R_NO_REQUIRED_DIGEST);
return 0;
}
EVP_MD_CTX_init(&ctx);
if (!EVP_MD_CTX_copy_ex(&ctx, d)) {
EVP_MD_CTX_cleanup(&ctx);
OPENSSL_PUT_ERROR(SSL, ssl3_handshake_mac, ERR_LIB_EVP);
return 0;
}
n = EVP_MD_CTX_size(&ctx);
if (n < 0) {
return 0;
}
npad = (48 / n) * n;
if (sender != NULL) {
EVP_DigestUpdate(&ctx, sender, len);
}
EVP_DigestUpdate(&ctx, s->session->master_key, s->session->master_key_length);
EVP_DigestUpdate(&ctx, ssl3_pad_1, npad);
EVP_DigestFinal_ex(&ctx, md_buf, &i);
if (!EVP_DigestInit_ex(&ctx, EVP_MD_CTX_md(&ctx), NULL)) {
EVP_MD_CTX_cleanup(&ctx);
OPENSSL_PUT_ERROR(SSL, ssl3_handshake_mac, ERR_LIB_EVP);
return 0;
}
EVP_DigestUpdate(&ctx, s->session->master_key, s->session->master_key_length);
EVP_DigestUpdate(&ctx, ssl3_pad_2, npad);
EVP_DigestUpdate(&ctx, md_buf, i);
EVP_DigestFinal_ex(&ctx, p, &ret);
EVP_MD_CTX_cleanup(&ctx);
return ret;
}
示例8: ssl3_handshake_mac
static int ssl3_handshake_mac(SSL *ssl, int md_nid, const char *sender,
size_t sender_len, uint8_t *p) {
unsigned int ret;
size_t npad, n;
unsigned int i;
uint8_t md_buf[EVP_MAX_MD_SIZE];
EVP_MD_CTX ctx;
const EVP_MD_CTX *ctx_template;
if (md_nid == NID_md5) {
ctx_template = &ssl->s3->handshake_md5;
} else if (md_nid == EVP_MD_CTX_type(&ssl->s3->handshake_hash)) {
ctx_template = &ssl->s3->handshake_hash;
} else {
OPENSSL_PUT_ERROR(SSL, SSL_R_NO_REQUIRED_DIGEST);
return 0;
}
EVP_MD_CTX_init(&ctx);
if (!EVP_MD_CTX_copy_ex(&ctx, ctx_template)) {
EVP_MD_CTX_cleanup(&ctx);
OPENSSL_PUT_ERROR(SSL, ERR_LIB_EVP);
return 0;
}
static const uint8_t kPad1[48] = {
0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
};
static const uint8_t kPad2[48] = {
0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
};
n = EVP_MD_CTX_size(&ctx);
npad = (48 / n) * n;
if (sender != NULL) {
EVP_DigestUpdate(&ctx, sender, sender_len);
}
EVP_DigestUpdate(&ctx, ssl->session->master_key,
ssl->session->master_key_length);
EVP_DigestUpdate(&ctx, kPad1, npad);
EVP_DigestFinal_ex(&ctx, md_buf, &i);
if (!EVP_DigestInit_ex(&ctx, EVP_MD_CTX_md(&ctx), NULL)) {
EVP_MD_CTX_cleanup(&ctx);
OPENSSL_PUT_ERROR(SSL, ERR_LIB_EVP);
return 0;
}
EVP_DigestUpdate(&ctx, ssl->session->master_key,
ssl->session->master_key_length);
EVP_DigestUpdate(&ctx, kPad2, npad);
EVP_DigestUpdate(&ctx, md_buf, i);
EVP_DigestFinal_ex(&ctx, p, &ret);
EVP_MD_CTX_cleanup(&ctx);
return ret;
}
示例9: HMAC_Init_ex
int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
const EVP_MD *md, ENGINE *impl)
{
int rv = 0;
int i, j, reset = 0;
unsigned char pad[HMAC_MAX_MD_CBLOCK_SIZE];
/* If we are changing MD then we must have a key */
if (md != NULL && md != ctx->md && (key == NULL || len < 0))
return 0;
if (md != NULL) {
reset = 1;
ctx->md = md;
} else if (ctx->md) {
md = ctx->md;
} else {
return 0;
}
if (key != NULL) {
reset = 1;
j = EVP_MD_block_size(md);
if (!ossl_assert(j <= (int)sizeof(ctx->key)))
return 0;
if (j < len) {
if (!EVP_DigestInit_ex(ctx->md_ctx, md, impl)
|| !EVP_DigestUpdate(ctx->md_ctx, key, len)
|| !EVP_DigestFinal_ex(ctx->md_ctx, ctx->key,
&ctx->key_length))
return 0;
} else {
if (len < 0 || len > (int)sizeof(ctx->key))
return 0;
memcpy(ctx->key, key, len);
ctx->key_length = len;
}
if (ctx->key_length != HMAC_MAX_MD_CBLOCK_SIZE)
memset(&ctx->key[ctx->key_length], 0,
HMAC_MAX_MD_CBLOCK_SIZE - ctx->key_length);
}
if (reset) {
for (i = 0; i < HMAC_MAX_MD_CBLOCK_SIZE; i++)
pad[i] = 0x36 ^ ctx->key[i];
if (!EVP_DigestInit_ex(ctx->i_ctx, md, impl)
|| !EVP_DigestUpdate(ctx->i_ctx, pad, EVP_MD_block_size(md)))
goto err;
for (i = 0; i < HMAC_MAX_MD_CBLOCK_SIZE; i++)
pad[i] = 0x5c ^ ctx->key[i];
if (!EVP_DigestInit_ex(ctx->o_ctx, md, impl)
|| !EVP_DigestUpdate(ctx->o_ctx, pad, EVP_MD_block_size(md)))
goto err;
}
if (!EVP_MD_CTX_copy_ex(ctx->md_ctx, ctx->i_ctx))
goto err;
rv = 1;
err:
if (reset)
OPENSSL_cleanse(pad, sizeof(pad));
return rv;
}
示例10: main
main(int argc, char *argv[])
{
EVP_MD_CTX *mdctx;
EVP_MD_CTX *mdctxdup;
const EVP_MD *md;
const EVP_MD *mddup;
char *mess1;
unsigned char md_value[EVP_MAX_MD_SIZE];
unsigned char md_valuedup[EVP_MAX_MD_SIZE];
int md_len,md_lendup, i;
char originalBinary[24];
char randomBinary[24];
OpenSSL_add_all_digests();
if(!argv[1]) {
printf("Usage: mdtest digestname\n");
exit(1);
}
md = EVP_get_digestbyname(argv[1]) ;
if(!md) {
printf("Unknown message digest %s\n", argv[1]);
exit(1);
}
int dontExit =1;
char *str ;
int num1,num2,timesExecuted=0;
srand(time(NULL));
while(dontExit)
{
timesExecuted++;
mess1 = (char*)malloc(33);
num1 = rand();
sprintf(mess1,"%d",num1);
//mess1 = rand_string(mess1,3);
mdctx = EVP_MD_CTX_create();
EVP_DigestInit_ex(mdctx, md, NULL);
EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
EVP_DigestFinal_ex(mdctx, md_value, &md_len);
EVP_MD_CTX_destroy(mdctx);
//printf("Input Original: %s\n",mess1);
//printf("Digest Original: ");
//for(i = 0; i < md_len; i++)
//printf("%02x", md_value[i]);
//printf("\n");
str = (char*)malloc(32);
num2 = rand();
sprintf(str,"%d",num2);
mdctxdup = EVP_MD_CTX_create();
EVP_DigestInit_ex(mdctxdup, md, NULL);
EVP_DigestUpdate(mdctxdup, str, strlen(str));
EVP_DigestFinal_ex(mdctxdup, md_valuedup, &md_lendup);
EVP_MD_CTX_destroy(mdctxdup);
if((md_value[0] == md_valuedup[0]) && (md_value[1] == md_valuedup[1]) && (md_value[2] == md_valuedup[2]) )
{
break;
}
free(mess1);
free(str);
}
printf("Input Original: %s\n",mess1);
printf("Digest Original: ");
for(i = 0; i < md_len; i++)
printf("%02x", md_value[i]);
printf("\n");
printf("Input Random: %s\n",str);
printf("Digest Random: ");
for(i = 0; i < md_lendup; i++)
printf("%02x", md_valuedup[i]);
printf("\n");
printf("Times executed : %d\n",timesExecuted);
/* Call this once before exit. */
EVP_cleanup();
exit(0);
}
示例11: EVP_BytesToKey
int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
const unsigned char *salt, const unsigned char *data,
int datal, int count, unsigned char *key,
unsigned char *iv)
{
EVP_MD_CTX *c;
unsigned char md_buf[EVP_MAX_MD_SIZE];
int niv, nkey, addmd = 0;
unsigned int mds = 0, i;
int rv = 0;
nkey = EVP_CIPHER_key_length(type);
niv = EVP_CIPHER_iv_length(type);
OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH);
OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH);
if (data == NULL)
return nkey;
c = EVP_MD_CTX_new();
if (c == NULL)
goto err;
for (;;) {
if (!EVP_DigestInit_ex(c, md, NULL))
goto err;
if (addmd++)
if (!EVP_DigestUpdate(c, &(md_buf[0]), mds))
goto err;
if (!EVP_DigestUpdate(c, data, datal))
goto err;
if (salt != NULL)
if (!EVP_DigestUpdate(c, salt, PKCS5_SALT_LEN))
goto err;
if (!EVP_DigestFinal_ex(c, &(md_buf[0]), &mds))
goto err;
for (i = 1; i < (unsigned int)count; i++) {
if (!EVP_DigestInit_ex(c, md, NULL))
goto err;
if (!EVP_DigestUpdate(c, &(md_buf[0]), mds))
goto err;
if (!EVP_DigestFinal_ex(c, &(md_buf[0]), &mds))
goto err;
}
i = 0;
if (nkey) {
for (;;) {
if (nkey == 0)
break;
if (i == mds)
break;
if (key != NULL)
*(key++) = md_buf[i];
nkey--;
i++;
}
}
if (niv && (i != mds)) {
for (;;) {
if (niv == 0)
break;
if (i == mds)
break;
if (iv != NULL)
*(iv++) = md_buf[i];
niv--;
i++;
}
}
if ((nkey == 0) && (niv == 0))
break;
}
rv = EVP_CIPHER_key_length(type);
err:
EVP_MD_CTX_free(c);
OPENSSL_cleanse(md_buf, sizeof(md_buf));
return rv;
}
示例12: EvpDigestInitEx
extern "C" int32_t EvpDigestInitEx(EVP_MD_CTX* ctx, const EVP_MD* type, ENGINE* impl)
{
return EVP_DigestInit_ex(ctx, type, impl);
}
示例13: x9_62_tests
/*-
* This function hijacks the RNG to feed it the chosen ECDSA key and nonce.
* The ECDSA KATs are from:
* - the X9.62 draft (4)
* - NIST CAVP (720)
*
* It uses the low-level ECDSA_sign_setup instead of EVP to control the RNG.
* NB: This is not how applications should use ECDSA; this is only for testing.
*
* Tests the library can successfully:
* - generate public keys that matches those KATs
* - create ECDSA signatures that match those KATs
* - accept those signatures as valid
*/
static int x9_62_tests(int n)
{
int nid, md_nid, ret = 0;
const char *r_in = NULL, *s_in = NULL, *tbs = NULL;
unsigned char *pbuf = NULL, *qbuf = NULL, *message = NULL;
unsigned char digest[EVP_MAX_MD_SIZE];
unsigned int dgst_len = 0;
long q_len, msg_len = 0;
size_t p_len;
EVP_MD_CTX *mctx = NULL;
EC_KEY *key = NULL;
ECDSA_SIG *signature = NULL;
BIGNUM *r = NULL, *s = NULL;
BIGNUM *kinv = NULL, *rp = NULL;
const BIGNUM *sig_r = NULL, *sig_s = NULL;
nid = ecdsa_cavs_kats[n].nid;
md_nid = ecdsa_cavs_kats[n].md_nid;
r_in = ecdsa_cavs_kats[n].r;
s_in = ecdsa_cavs_kats[n].s;
tbs = ecdsa_cavs_kats[n].msg;
numbers[0] = ecdsa_cavs_kats[n].d;
numbers[1] = ecdsa_cavs_kats[n].k;
TEST_info("ECDSA KATs for curve %s", OBJ_nid2sn(nid));
if (!TEST_ptr(mctx = EVP_MD_CTX_new())
/* get the message digest */
|| !TEST_ptr(message = OPENSSL_hexstr2buf(tbs, &msg_len))
|| !TEST_true(EVP_DigestInit_ex(mctx, EVP_get_digestbynid(md_nid), NULL))
|| !TEST_true(EVP_DigestUpdate(mctx, message, msg_len))
|| !TEST_true(EVP_DigestFinal_ex(mctx, digest, &dgst_len))
/* create the key */
|| !TEST_ptr(key = EC_KEY_new_by_curve_name(nid))
/* load KAT variables */
|| !TEST_ptr(r = BN_new())
|| !TEST_ptr(s = BN_new())
|| !TEST_true(BN_hex2bn(&r, r_in))
|| !TEST_true(BN_hex2bn(&s, s_in))
/* swap the RNG source */
|| !TEST_true(change_rand()))
goto err;
/* public key must match KAT */
use_fake = 1;
if (!TEST_true(EC_KEY_generate_key(key))
|| !TEST_true(p_len = EC_KEY_key2buf(key, POINT_CONVERSION_UNCOMPRESSED,
&pbuf, NULL))
|| !TEST_ptr(qbuf = OPENSSL_hexstr2buf(ecdsa_cavs_kats[n].Q, &q_len))
|| !TEST_int_eq(q_len, p_len)
|| !TEST_mem_eq(qbuf, q_len, pbuf, p_len))
goto err;
/* create the signature via ECDSA_sign_setup to avoid use of ECDSA nonces */
use_fake = 1;
if (!TEST_true(ECDSA_sign_setup(key, NULL, &kinv, &rp))
|| !TEST_ptr(signature = ECDSA_do_sign_ex(digest, dgst_len,
kinv, rp, key))
/* verify the signature */
|| !TEST_int_eq(ECDSA_do_verify(digest, dgst_len, signature, key), 1))
goto err;
/* compare the created signature with the expected signature */
ECDSA_SIG_get0(signature, &sig_r, &sig_s);
if (!TEST_BN_eq(sig_r, r)
|| !TEST_BN_eq(sig_s, s))
goto err;
ret = 1;
err:
/* restore the RNG source */
if (!TEST_true(restore_rand()))
ret = 0;
OPENSSL_free(message);
OPENSSL_free(pbuf);
OPENSSL_free(qbuf);
EC_KEY_free(key);
ECDSA_SIG_free(signature);
BN_free(r);
BN_free(s);
EVP_MD_CTX_free(mctx);
BN_clear_free(kinv);
BN_clear_free(rp);
return ret;
//.........这里部分代码省略.........
示例14: EVP_tls_cbc_digest_record
//.........这里部分代码省略.........
hmac_pad[i] ^= 0x36;
}
md_transform(&md_state, hmac_pad);
// The length check means |bits| fits in four bytes.
uint8_t length_bytes[MAX_HASH_BIT_COUNT_BYTES];
OPENSSL_memset(length_bytes, 0, md_length_size - 4);
length_bytes[md_length_size - 4] = (uint8_t)(bits >> 24);
length_bytes[md_length_size - 3] = (uint8_t)(bits >> 16);
length_bytes[md_length_size - 2] = (uint8_t)(bits >> 8);
length_bytes[md_length_size - 1] = (uint8_t)bits;
if (k > 0) {
// k is a multiple of md_block_size.
uint8_t first_block[MAX_HASH_BLOCK_SIZE];
OPENSSL_memcpy(first_block, header, 13);
OPENSSL_memcpy(first_block + 13, data, md_block_size - 13);
md_transform(&md_state, first_block);
for (size_t i = 1; i < k / md_block_size; i++) {
md_transform(&md_state, data + md_block_size * i - 13);
}
}
uint8_t mac_out[EVP_MAX_MD_SIZE];
OPENSSL_memset(mac_out, 0, sizeof(mac_out));
// We now process the final hash blocks. For each block, we construct
// it in constant time. If the |i==index_a| then we'll include the 0x80
// bytes and zero pad etc. For each block we selectively copy it, in
// constant time, to |mac_out|.
for (size_t i = num_starting_blocks;
i <= num_starting_blocks + kVarianceBlocks; i++) {
uint8_t block[MAX_HASH_BLOCK_SIZE];
uint8_t is_block_a = constant_time_eq_8(i, index_a);
uint8_t is_block_b = constant_time_eq_8(i, index_b);
for (size_t j = 0; j < md_block_size; j++) {
uint8_t b = 0;
if (k < kHeaderLength) {
b = header[k];
} else if (k < data_plus_mac_plus_padding_size + kHeaderLength) {
b = data[k - kHeaderLength];
}
k++;
uint8_t is_past_c = is_block_a & constant_time_ge_8(j, c);
uint8_t is_past_cp1 = is_block_a & constant_time_ge_8(j, c + 1);
// If this is the block containing the end of the
// application data, and we are at the offset for the
// 0x80 value, then overwrite b with 0x80.
b = constant_time_select_8(is_past_c, 0x80, b);
// If this the the block containing the end of the
// application data and we're past the 0x80 value then
// just write zero.
b = b & ~is_past_cp1;
// If this is index_b (the final block), but not
// index_a (the end of the data), then the 64-bit
// length didn't fit into index_a and we're having to
// add an extra block of zeros.
b &= ~is_block_b | is_block_a;
// The final bytes of one of the blocks contains the
// length.
if (j >= md_block_size - md_length_size) {
// If this is index_b, write a length byte.
b = constant_time_select_8(
is_block_b, length_bytes[j - (md_block_size - md_length_size)], b);
}
block[j] = b;
}
md_transform(&md_state, block);
md_final_raw(&md_state, block);
// If this is index_b, copy the hash value to |mac_out|.
for (size_t j = 0; j < md_size; j++) {
mac_out[j] |= block[j] & is_block_b;
}
}
EVP_MD_CTX md_ctx;
EVP_MD_CTX_init(&md_ctx);
if (!EVP_DigestInit_ex(&md_ctx, md, NULL /* engine */)) {
EVP_MD_CTX_cleanup(&md_ctx);
return 0;
}
// Complete the HMAC in the standard manner.
for (size_t i = 0; i < md_block_size; i++) {
hmac_pad[i] ^= 0x6a;
}
EVP_DigestUpdate(&md_ctx, hmac_pad, md_block_size);
EVP_DigestUpdate(&md_ctx, mac_out, md_size);
unsigned md_out_size_u;
EVP_DigestFinal(&md_ctx, md_out, &md_out_size_u);
*md_out_size = md_out_size_u;
EVP_MD_CTX_cleanup(&md_ctx);
return 1;
}
示例15: sign_tftf
/**
* @brief Sign a TFTF
*
* @param filename The pathname to the TFTF file to sign.
* @param signature_format The pathname to the TFTF file to sign.
* @param signature_algorithm The pathname to the TFTF file to sign.
* @param key_filename The pathname to the TFTF file to sign.
* @param write_if_good If true and we were able to sign it, write the signed
* TFTF file. If false only verify we can sign the TFTF.
* @param verbose If true, display the signed TFTF.
*
* @returns True on success, false on failure
*/
bool sign_tftf(const char * filename,
const uint32_t signature_algorithm,
const char * key_name,
const char * key_filename,
const bool write_if_good,
const bool verbose) {
bool success = false;
int status;
ssize_t tftf_size;
tftf_header * tftf_hdr = NULL;
char * loc_key_filename = NULL;
/* Sanity check */
if (!filename || !key_filename) {
fprintf (stderr, "ERROR (sign_tftf): invalid parameters\n");
return false;
}
/* Create a local copy of the key_filename */
loc_key_filename = malloc(strlen(key_filename) + 1);
if (!loc_key_filename) {
fprintf(stderr,
"ERROR (sign_tftf): can't alloc. local key_filename\n");
return false;
}
strcpy(loc_key_filename, key_filename);
/* Read in the TFTF file as a blob */
tftf_hdr = (tftf_header *)alloc_load_file(filename, &tftf_size);
if (tftf_hdr) {
EVP_MD_CTX * mdctx;
uint8_t * hdr_signable_start = NULL;
size_t hdr_signable_length = 0;
uint8_t * scn_signable_start = NULL;
size_t scn_signable_length = 0;
tftf_signature signature_block;
uint8_t md_value[EVP_MAX_MD_SIZE];
unsigned int md_len;
unsigned int sig_len = sizeof(signature_block.signature);
/* Initialize the signature block */
signature_block.length = sizeof(signature_block);
signature_block.type = signature_algorithm;
safer_strcpy(signature_block.key_name,
sizeof(signature_block.key_name),
key_name);
/* Extract the signable blob from the TFTF and sign it */
success = tftf_get_signable_region(tftf_hdr,
&hdr_signable_start,
&hdr_signable_length,
&scn_signable_start,
&scn_signable_length);
mdctx = EVP_MD_CTX_create();
if (mdctx) {
status = EVP_DigestInit_ex(mdctx, EVP_sha256(), NULL);
if (status < 1) {
fprintf(stderr, "ERROR: EVP_DigestInit_ex failed: %s\n",
ERR_error_string(ERR_get_error(), NULL));
goto signing_err;
}
status = EVP_DigestUpdate(mdctx, hdr_signable_start,
hdr_signable_length);
if (status < 1) {
fprintf(stderr, "ERROR: EVP_DigestUpdate (hdr) failed: %s\n",
ERR_error_string(ERR_get_error(), NULL));
goto signing_err;
}
status = EVP_DigestUpdate(mdctx, scn_signable_start,
scn_signable_length);
if (status < 1) {
fprintf(stderr, "ERROR: EVP_DigestUpdate (scn) failed: %s\n",
ERR_error_string(ERR_get_error(), NULL));
goto signing_err;
}
status = EVP_DigestFinal_ex(mdctx, md_value, &md_len);
if (status < 1) {
fprintf(stderr, "ERROR: EVP_DigestFinal_ex failed: %s\n",
ERR_error_string(ERR_get_error(), NULL));
goto signing_err;
}
status = RSA_sign(NID_sha256, md_value, md_len,
signature_block.signature, &sig_len, rsa);
if (status < 1) {
fprintf(stderr, "ERROR: RSA_sign failed: %s\n",
//.........这里部分代码省略.........