Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
btwise
openssl
提交
85522a07
O
openssl
项目概览
btwise
/
openssl
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
O
openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
85522a07
编写于
3月 11, 2010
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Algorithm specific ASN1 signing functions.
上级
31d66c2a
变更
5
隐藏空白更改
内联
并排
Showing
5 changed file
with
83 addition
and
34 deletion
+83
-34
CHANGES
CHANGES
+6
-0
crypto/asn1/a_sign.c
crypto/asn1/a_sign.c
+69
-33
crypto/asn1/asn1.h
crypto/asn1/asn1.h
+2
-0
crypto/asn1/asn1_err.c
crypto/asn1/asn1_err.c
+3
-1
crypto/asn1/asn1_locl.h
crypto/asn1/asn1_locl.h
+3
-0
未找到文件。
CHANGES
浏览文件 @
85522a07
...
...
@@ -4,6 +4,12 @@
Changes between 1.0.0 and 1.1.0 [xx XXX xxxx]
*) Support for companion algorithm specific ASN1 signing routines.
New function ASN1_item_sign_ctx() signs a pre-initialised
EVP_MD_CTX structure and sets AlgorithmIdentifiers based on
the appropriate parameters.
[Steve Henson]
*) Add new algorithm specific ASN1 verification initialisation function
to EVP_PKEY_ASN1_METHOD: this is not in EVP_PKEY_METHOD since the ASN1
handling will be the same no matter what EVP_PKEY_METHOD is used.
...
...
crypto/asn1/a_sign.c
浏览文件 @
85522a07
...
...
@@ -218,64 +218,100 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
const
EVP_MD
*
type
)
{
EVP_MD_CTX
ctx
;
EVP_MD_CTX_init
(
&
ctx
);
if
(
!
EVP_DigestSignInit
(
&
ctx
,
NULL
,
type
,
NULL
,
pkey
))
{
EVP_MD_CTX_cleanup
(
&
ctx
);
return
0
;
}
return
ASN1_item_sign_ctx
(
&
ctx
,
it
,
algor1
,
algor2
,
signature
,
asn
);
}
int
ASN1_item_sign_ctx
(
EVP_MD_CTX
*
ctx
,
const
ASN1_ITEM
*
it
,
X509_ALGOR
*
algor1
,
X509_ALGOR
*
algor2
,
ASN1_BIT_STRING
*
signature
,
void
*
asn
)
{
const
EVP_MD
*
type
;
EVP_PKEY
*
pkey
;
unsigned
char
*
buf_in
=
NULL
,
*
buf_out
=
NULL
;
size_t
inl
=
0
,
outl
=
0
,
outll
=
0
;
int
signid
,
paramtype
;
int
rv
;
type
=
EVP_MD_CTX_md
(
ctx
);
pkey
=
EVP_PKEY_CTX_get0_pkey
(
ctx
->
pctx
);
if
(
type
==
NULL
)
if
(
!
type
||
!
pkey
)
{
int
def_nid
;
if
(
EVP_PKEY_get_default_digest_nid
(
pkey
,
&
def_nid
)
>
0
)
type
=
EVP_get_digestbynid
(
def_nid
);
ASN1err
(
ASN1_F_ASN1_ITEM_SIGN_CTX
,
ASN1_R_CONTEXT_NOT_INITIALISED
);
return
0
;
}
if
(
type
==
NULL
)
if
(
pkey
->
ameth
->
item_sign
)
{
ASN1err
(
ASN1_F_ASN1_ITEM_SIGN
,
ASN1_R_NO_DEFAULT_DIGEST
);
return
0
;
rv
=
pkey
->
ameth
->
item_sign
(
ctx
,
it
,
asn
,
algor1
,
algor2
,
signature
);
if
(
rv
==
1
)
outl
=
signature
->
length
;
/* Return value meanings:
* <=0: error.
* 1: method does everything.
* 2: carry on as normal.
* 3: ASN1 method sets algorithm identifiers: just sign.
*/
if
(
rv
<=
0
)
ASN1err
(
ASN1_F_ASN1_ITEM_SIGN_CTX
,
ERR_R_EVP_LIB
);
if
(
rv
<=
1
)
goto
err
;
}
else
rv
=
2
;
if
(
type
->
flags
&
EVP_MD_FLAG_PKEY_METHOD_SIGNATURE
)
if
(
rv
==
2
)
{
if
(
!
pkey
->
ameth
||
!
OBJ_find_sigid_by_algs
(
&
signid
,
EVP_MD_nid
(
type
),
pkey
->
ameth
->
pkey_id
))
if
(
type
->
flags
&
EVP_MD_FLAG_PKEY_METHOD_SIGNATURE
)
{
ASN1err
(
ASN1_F_ASN1_ITEM_SIGN
,
ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED
);
return
0
;
if
(
!
pkey
->
ameth
||
!
OBJ_find_sigid_by_algs
(
&
signid
,
EVP_MD_nid
(
type
),
pkey
->
ameth
->
pkey_id
))
{
ASN1err
(
ASN1_F_ASN1_ITEM_SIGN_CTX
,
ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED
);
return
0
;
}
}
}
else
signid
=
type
->
pkey_type
;
else
signid
=
type
->
pkey_type
;
if
(
pkey
->
ameth
->
pkey_flags
&
ASN1_PKEY_SIGPARAM_NULL
)
paramtype
=
V_ASN1_NULL
;
else
paramtype
=
V_ASN1_UNDEF
;
if
(
pkey
->
ameth
->
pkey_flags
&
ASN1_PKEY_SIGPARAM_NULL
)
paramtype
=
V_ASN1_NULL
;
else
paramtype
=
V_ASN1_UNDEF
;
if
(
algor1
)
X509_ALGOR_set0
(
algor1
,
OBJ_nid2obj
(
signid
),
paramtype
,
NULL
);
if
(
algor2
)
X509_ALGOR_set0
(
algor2
,
OBJ_nid2obj
(
signid
),
paramtype
,
NULL
);
if
(
algor1
)
X509_ALGOR_set0
(
algor1
,
OBJ_nid2obj
(
signid
),
paramtype
,
NULL
);
if
(
algor2
)
X509_ALGOR_set0
(
algor2
,
OBJ_nid2obj
(
signid
),
paramtype
,
NULL
);
}
EVP_MD_CTX_init
(
&
ctx
);
inl
=
ASN1_item_i2d
(
asn
,
&
buf_in
,
it
);
outll
=
outl
=
EVP_PKEY_size
(
pkey
);
buf_out
=
(
unsigned
char
*
)
OPENSSL_malloc
((
unsigned
int
)
outl
);
buf_out
=
OPENSSL_malloc
((
unsigned
int
)
outl
);
if
((
buf_in
==
NULL
)
||
(
buf_out
==
NULL
))
{
outl
=
0
;
ASN1err
(
ASN1_F_ASN1_ITEM_SIGN
,
ERR_R_MALLOC_FAILURE
);
ASN1err
(
ASN1_F_ASN1_ITEM_SIGN
_CTX
,
ERR_R_MALLOC_FAILURE
);
goto
err
;
}
if
(
!
EVP_DigestSignInit
(
&
ctx
,
NULL
,
type
,
NULL
,
pkey
)
||
!
EVP_DigestSignUpdate
(
&
ctx
,
buf_in
,
inl
)
||
!
EVP_DigestSignFinal
(
&
ctx
,
buf_out
,
&
outl
))
if
(
!
EVP_DigestSignUpdate
(
ctx
,
buf_in
,
inl
)
||
!
EVP_DigestSignFinal
(
ctx
,
buf_out
,
&
outl
))
{
outl
=
0
;
ASN1err
(
ASN1_F_ASN1_ITEM_SIGN
,
ERR_R_EVP_LIB
);
ASN1err
(
ASN1_F_ASN1_ITEM_SIGN
_CTX
,
ERR_R_EVP_LIB
);
goto
err
;
}
if
(
signature
->
data
!=
NULL
)
OPENSSL_free
(
signature
->
data
);
...
...
@@ -288,7 +324,7 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
signature
->
flags
&=
~
(
ASN1_STRING_FLAG_BITS_LEFT
|
0x07
);
signature
->
flags
|=
ASN1_STRING_FLAG_BITS_LEFT
;
err:
EVP_MD_CTX_cleanup
(
&
ctx
);
EVP_MD_CTX_cleanup
(
ctx
);
if
(
buf_in
!=
NULL
)
{
OPENSSL_cleanse
((
char
*
)
buf_in
,(
unsigned
int
)
inl
);
OPENSSL_free
(
buf_in
);
}
if
(
buf_out
!=
NULL
)
...
...
crypto/asn1/asn1.h
浏览文件 @
85522a07
...
...
@@ -1193,6 +1193,7 @@ void ERR_load_ASN1_strings(void);
#define ASN1_F_ASN1_ITEM_I2D_FP 193
#define ASN1_F_ASN1_ITEM_PACK 198
#define ASN1_F_ASN1_ITEM_SIGN 195
#define ASN1_F_ASN1_ITEM_SIGN_CTX 220
#define ASN1_F_ASN1_ITEM_UNPACK 199
#define ASN1_F_ASN1_ITEM_VERIFY 197
#define ASN1_F_ASN1_MBSTRING_NCOPY 122
...
...
@@ -1291,6 +1292,7 @@ void ERR_load_ASN1_strings(void);
#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106
#define ASN1_R_BUFFER_TOO_SMALL 107
#define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 108
#define ASN1_R_CONTEXT_NOT_INITIALISED 217
#define ASN1_R_DATA_IS_WRONG 109
#define ASN1_R_DECODE_ERROR 110
#define ASN1_R_DECODING_ERROR 111
...
...
crypto/asn1/asn1_err.c
浏览文件 @
85522a07
/* crypto/asn1/asn1_err.c */
/* ====================================================================
* Copyright (c) 1999-20
09
The OpenSSL Project. All rights reserved.
* Copyright (c) 1999-20
10
The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
...
...
@@ -107,6 +107,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
{
ERR_FUNC
(
ASN1_F_ASN1_ITEM_I2D_FP
),
"ASN1_item_i2d_fp"
},
{
ERR_FUNC
(
ASN1_F_ASN1_ITEM_PACK
),
"ASN1_item_pack"
},
{
ERR_FUNC
(
ASN1_F_ASN1_ITEM_SIGN
),
"ASN1_item_sign"
},
{
ERR_FUNC
(
ASN1_F_ASN1_ITEM_SIGN_CTX
),
"ASN1_item_sign_ctx"
},
{
ERR_FUNC
(
ASN1_F_ASN1_ITEM_UNPACK
),
"ASN1_item_unpack"
},
{
ERR_FUNC
(
ASN1_F_ASN1_ITEM_VERIFY
),
"ASN1_item_verify"
},
{
ERR_FUNC
(
ASN1_F_ASN1_MBSTRING_NCOPY
),
"ASN1_mbstring_ncopy"
},
...
...
@@ -208,6 +209,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
{
ERR_REASON
(
ASN1_R_BOOLEAN_IS_WRONG_LENGTH
),
"boolean is wrong length"
},
{
ERR_REASON
(
ASN1_R_BUFFER_TOO_SMALL
)
,
"buffer too small"
},
{
ERR_REASON
(
ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER
),
"cipher has no object identifier"
},
{
ERR_REASON
(
ASN1_R_CONTEXT_NOT_INITIALISED
),
"context not initialised"
},
{
ERR_REASON
(
ASN1_R_DATA_IS_WRONG
)
,
"data is wrong"
},
{
ERR_REASON
(
ASN1_R_DECODE_ERROR
)
,
"decode error"
},
{
ERR_REASON
(
ASN1_R_DECODING_ERROR
)
,
"decoding error"
},
...
...
crypto/asn1/asn1_locl.h
浏览文件 @
85522a07
...
...
@@ -119,6 +119,9 @@ struct evp_pkey_asn1_method_st
int
(
*
item_verify
)(
EVP_MD_CTX
*
ctx
,
const
ASN1_ITEM
*
it
,
void
*
asn
,
X509_ALGOR
*
a
,
ASN1_BIT_STRING
*
sig
,
EVP_PKEY
*
pkey
);
int
(
*
item_sign
)(
EVP_MD_CTX
*
ctx
,
const
ASN1_ITEM
*
it
,
void
*
asn
,
X509_ALGOR
*
alg1
,
X509_ALGOR
*
alg2
,
ASN1_BIT_STRING
*
sig
);
}
/* EVP_PKEY_ASN1_METHOD */
;
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录