Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
btwise
openssl
提交
75d44c04
O
openssl
项目概览
btwise
/
openssl
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
O
openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
75d44c04
编写于
4月 09, 2006
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Store digests as EVP_MD instead of a NID.
Add digest size sanity checks.
上级
a58a6368
变更
6
显示空白变更内容
内联
并排
Showing
6 changed file
with
50 addition
and
22 deletion
+50
-22
crypto/evp/evp.h
crypto/evp/evp.h
+1
-1
crypto/evp/pmeth_lib.c
crypto/evp/pmeth_lib.c
+2
-2
crypto/rsa/rsa.h
crypto/rsa/rsa.h
+2
-0
crypto/rsa/rsa_err.c
crypto/rsa/rsa_err.c
+2
-0
crypto/rsa/rsa_pmeth.c
crypto/rsa/rsa_pmeth.c
+31
-16
crypto/rsa/rsa_sign.c
crypto/rsa/rsa_sign.c
+12
-3
未找到文件。
crypto/evp/evp.h
浏览文件 @
75d44c04
...
...
@@ -914,7 +914,7 @@ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
#define EVP_PKEY_OP_ENCRYPT 8
#define EVP_PKEY_OP_DECRYPT 9
#define EVP_PKEY_CTRL_MD
_NID
1
#define EVP_PKEY_CTRL_MD 1
#define EVP_PKEY_ALG_CTRL 0x1000
...
...
crypto/evp/pmeth_lib.c
浏览文件 @
75d44c04
...
...
@@ -187,8 +187,8 @@ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx,
EVPerr
(
EVP_F_EVP_PKEY_CTX_CTRL
,
EVP_R_INVALID_DIGEST
);
return
0
;
}
return
EVP_PKEY_CTX_ctrl
(
ctx
,
-
1
,
-
1
,
EVP_PKEY_CTRL_MD
_NID
,
EVP_MD_type
(
md
),
NULL
);
return
EVP_PKEY_CTX_ctrl
(
ctx
,
-
1
,
-
1
,
EVP_PKEY_CTRL_MD
,
0
,
(
void
*
)
md
);
}
return
ctx
->
pmeth
->
ctrl_str
(
ctx
,
name
,
value
);
}
crypto/rsa/rsa.h
浏览文件 @
75d44c04
...
...
@@ -351,6 +351,7 @@ void ERR_load_RSA_strings(void);
/* Function codes. */
#define RSA_F_CHECK_PADDING_NID 140
#define RSA_F_MEMORY_LOCK 100
#define RSA_F_PKEY_RSA_SIGN 142
#define RSA_F_PKEY_RSA_VERIFYRECOVER 141
#define RSA_F_RSA_BUILTIN_KEYGEN 129
#define RSA_F_RSA_CHECK_KEY 123
...
...
@@ -412,6 +413,7 @@ void ERR_load_RSA_strings(void);
#define RSA_R_D_E_NOT_CONGRUENT_TO_1 123
#define RSA_R_FIRST_OCTET_INVALID 133
#define RSA_R_INVALID_DIGEST 105
#define RSA_R_INVALID_DIGEST_LENGTH 143
#define RSA_R_INVALID_HEADER 137
#define RSA_R_INVALID_MESSAGE_LENGTH 131
#define RSA_R_INVALID_PADDING 138
...
...
crypto/rsa/rsa_err.c
浏览文件 @
75d44c04
...
...
@@ -72,6 +72,7 @@ static ERR_STRING_DATA RSA_str_functs[]=
{
{
ERR_FUNC
(
RSA_F_CHECK_PADDING_NID
),
"CHECK_PADDING_NID"
},
{
ERR_FUNC
(
RSA_F_MEMORY_LOCK
),
"MEMORY_LOCK"
},
{
ERR_FUNC
(
RSA_F_PKEY_RSA_SIGN
),
"PKEY_RSA_SIGN"
},
{
ERR_FUNC
(
RSA_F_PKEY_RSA_VERIFYRECOVER
),
"PKEY_RSA_VERIFYRECOVER"
},
{
ERR_FUNC
(
RSA_F_RSA_BUILTIN_KEYGEN
),
"RSA_BUILTIN_KEYGEN"
},
{
ERR_FUNC
(
RSA_F_RSA_CHECK_KEY
),
"RSA_check_key"
},
...
...
@@ -136,6 +137,7 @@ static ERR_STRING_DATA RSA_str_reasons[]=
{
ERR_REASON
(
RSA_R_D_E_NOT_CONGRUENT_TO_1
),
"d e not congruent to 1"
},
{
ERR_REASON
(
RSA_R_FIRST_OCTET_INVALID
)
,
"first octet invalid"
},
{
ERR_REASON
(
RSA_R_INVALID_DIGEST
)
,
"invalid digest"
},
{
ERR_REASON
(
RSA_R_INVALID_DIGEST_LENGTH
)
,
"invalid digest length"
},
{
ERR_REASON
(
RSA_R_INVALID_HEADER
)
,
"invalid header"
},
{
ERR_REASON
(
RSA_R_INVALID_MESSAGE_LENGTH
),
"invalid message length"
},
{
ERR_REASON
(
RSA_R_INVALID_PADDING
)
,
"invalid padding"
},
...
...
crypto/rsa/rsa_pmeth.c
浏览文件 @
75d44c04
...
...
@@ -78,7 +78,7 @@ typedef struct
/* RSA padding mode */
int
pad_mode
;
/* nid for message digest */
int
md_ni
d
;
const
EVP_MD
*
m
d
;
/* Temp buffer */
unsigned
char
*
tbuf
;
}
RSA_PKEY_CTX
;
...
...
@@ -92,7 +92,7 @@ static int pkey_rsa_init(EVP_PKEY_CTX *ctx)
rctx
->
nbits
=
1024
;
rctx
->
pub_exp
=
NULL
;
rctx
->
pad_mode
=
RSA_PKCS1_PADDING
;
rctx
->
md
_nid
=
NID_undef
;
rctx
->
md
=
NULL
;
rctx
->
tbuf
=
NULL
;
ctx
->
data
=
rctx
;
...
...
@@ -129,15 +129,21 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, int *siglen,
int
ret
;
RSA_PKEY_CTX
*
rctx
=
ctx
->
data
;
if
(
rctx
->
md
_nid
!=
NID_undef
)
if
(
rctx
->
md
)
{
if
(
tbslen
!=
EVP_MD_size
(
rctx
->
md
))
{
RSAerr
(
RSA_F_PKEY_RSA_SIGN
,
RSA_R_INVALID_DIGEST_LENGTH
);
return
-
1
;
}
if
(
rctx
->
pad_mode
==
RSA_X931_PADDING
)
{
if
(
!
setup_tbuf
(
rctx
,
ctx
))
return
-
1
;
memcpy
(
rctx
->
tbuf
,
tbs
,
tbslen
);
rctx
->
tbuf
[
tbslen
]
=
RSA_X931_hash_id
(
rctx
->
md_nid
);
rctx
->
tbuf
[
tbslen
]
=
RSA_X931_hash_id
(
EVP_MD_type
(
rctx
->
md
));
ret
=
RSA_private_encrypt
(
tbslen
+
1
,
rctx
->
tbuf
,
sig
,
ctx
->
pkey
->
pkey
.
rsa
,
RSA_X931_PADDING
);
...
...
@@ -145,7 +151,8 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, int *siglen,
else
if
(
rctx
->
pad_mode
==
RSA_PKCS1_PADDING
)
{
unsigned
int
sltmp
;
ret
=
RSA_sign
(
rctx
->
md_nid
,
tbs
,
tbslen
,
sig
,
&
sltmp
,
ret
=
RSA_sign
(
EVP_MD_type
(
rctx
->
md
),
tbs
,
tbslen
,
sig
,
&
sltmp
,
ctx
->
pkey
->
pkey
.
rsa
);
}
else
...
...
@@ -168,7 +175,7 @@ static int pkey_rsa_verifyrecover(EVP_PKEY_CTX *ctx,
int
ret
;
RSA_PKEY_CTX
*
rctx
=
ctx
->
data
;
if
(
rctx
->
md
_nid
!=
NID_undef
)
if
(
rctx
->
md
)
{
if
(
rctx
->
pad_mode
==
RSA_X931_PADDING
)
{
...
...
@@ -180,18 +187,26 @@ static int pkey_rsa_verifyrecover(EVP_PKEY_CTX *ctx,
if
(
ret
<
1
)
return
0
;
ret
--
;
if
(
rctx
->
tbuf
[
ret
]
!=
RSA_X931_hash_id
(
rctx
->
md_nid
))
if
(
rctx
->
tbuf
[
ret
]
!=
RSA_X931_hash_id
(
EVP_MD_type
(
rctx
->
md
)))
{
RSAerr
(
RSA_F_PKEY_RSA_VERIFYRECOVER
,
RSA_R_ALGORITHM_MISMATCH
);
return
0
;
}
if
(
ret
!=
EVP_MD_size
(
rctx
->
md
))
{
RSAerr
(
RSA_F_PKEY_RSA_VERIFYRECOVER
,
RSA_R_INVALID_DIGEST_LENGTH
);
return
0
;
}
memcpy
(
sig
,
rctx
->
tbuf
,
ret
);
}
else
if
(
rctx
->
pad_mode
==
RSA_PKCS1_PADDING
)
{
unsigned
int
sltmp
;
ret
=
int_rsa_verify
(
rctx
->
md_nid
,
NULL
,
0
,
sig
,
&
sltmp
,
ret
=
int_rsa_verify
(
EVP_MD_type
(
rctx
->
md
),
NULL
,
0
,
sig
,
&
sltmp
,
tbs
,
tbslen
,
ctx
->
pkey
->
pkey
.
rsa
);
}
else
...
...
@@ -232,9 +247,9 @@ static int pkey_rsa_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, int *outlen,
return
1
;
}
static
int
check_padding_
nid
(
int
ni
d
,
int
padding
)
static
int
check_padding_
md
(
const
EVP_MD
*
m
d
,
int
padding
)
{
if
(
nid
==
NID_undef
)
if
(
!
md
)
return
1
;
if
(
padding
==
RSA_NO_PADDING
)
{
...
...
@@ -244,7 +259,7 @@ static int check_padding_nid(int nid, int padding)
if
(
padding
==
RSA_X931_PADDING
)
{
if
(
RSA_X931_hash_id
(
nid
)
==
-
1
)
if
(
RSA_X931_hash_id
(
EVP_MD_type
(
md
)
)
==
-
1
)
{
RSAerr
(
RSA_F_CHECK_PADDING_NID
,
RSA_R_INVALID_X931_DIGEST
);
...
...
@@ -268,17 +283,17 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
{
if
(
ctx
->
operation
==
EVP_PKEY_OP_KEYGEN
)
return
-
2
;
if
(
!
check_padding_
nid
(
rctx
->
md_ni
d
,
p1
))
if
(
!
check_padding_
md
(
rctx
->
m
d
,
p1
))
return
0
;
rctx
->
pad_mode
=
p1
;
return
1
;
}
return
-
2
;
case
EVP_PKEY_CTRL_MD
_NID
:
if
(
!
check_padding_
nid
(
p1
,
rctx
->
pad_mode
))
case
EVP_PKEY_CTRL_MD
:
if
(
!
check_padding_
md
(
p2
,
rctx
->
pad_mode
))
return
0
;
rctx
->
md
_nid
=
p1
;
rctx
->
md
=
p2
;
return
1
;
default:
...
...
crypto/rsa/rsa_sign.c
浏览文件 @
75d44c04
...
...
@@ -220,10 +220,19 @@ int int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len,
}
if
(
rm
)
{
memcpy
(
rm
,
sig
->
digest
->
data
,
sig
->
digest
->
length
);
const
EVP_MD
*
md
;
md
=
EVP_get_digestbynid
(
dtype
);
if
(
md
&&
(
EVP_MD_size
(
md
)
!=
sig
->
digest
->
length
))
RSAerr
(
RSA_F_RSA_VERIFY
,
RSA_R_INVALID_DIGEST_LENGTH
);
else
{
memcpy
(
rm
,
sig
->
digest
->
data
,
sig
->
digest
->
length
);
*
prm_len
=
sig
->
digest
->
length
;
ret
=
1
;
}
}
else
if
(((
unsigned
int
)
sig
->
digest
->
length
!=
m_len
)
||
(
memcmp
(
m
,
sig
->
digest
->
data
,
m_len
)
!=
0
))
{
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录