Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
2022cfe0
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
1 年多 前同步成功
通知
9
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
2022cfe0
编写于
4月 11, 2007
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
New -mac and -macopt options to dgst utility. Reimplement -hmac option in
terms of new API.
上级
47b71e6e
变更
6
隐藏空白更改
内联
并排
Showing
6 changed file
with
102 addition
and
31 deletion
+102
-31
CHANGES
CHANGES
+2
-1
apps/apps.h
apps/apps.h
+2
-0
apps/dgst.c
apps/dgst.c
+72
-26
apps/genpkey.c
apps/genpkey.c
+2
-4
crypto/evp/evp.h
crypto/evp/evp.h
+3
-0
crypto/evp/pmeth_gn.c
crypto/evp/pmeth_gn.c
+21
-0
未找到文件。
CHANGES
浏览文件 @
2022cfe0
...
...
@@ -7,7 +7,8 @@
*) Experimental support for use of HMAC via EVP_PKEY interface. This
allows HMAC to be handled via the EVP_DigestSign*() interface. The
EVP_PKEY "key" in this case is the HMAC key, potentially allowing
ENGINE support for HMAC keys which are unextractable.
ENGINE support for HMAC keys which are unextractable. New -mac and
-macopt options to dgst utility.
[Steve Henson]
*) New option -sigopt to dgst utility. Update dgst to use
...
...
apps/apps.h
浏览文件 @
2022cfe0
...
...
@@ -294,6 +294,8 @@ int args_verify(char ***pargs, int *pargc,
void
policies_print
(
BIO
*
out
,
X509_STORE_CTX
*
ctx
);
int
bio_to_mem
(
unsigned
char
**
out
,
int
maxlen
,
BIO
*
in
);
int
pkey_ctrl_string
(
EVP_PKEY_CTX
*
ctx
,
char
*
value
);
int
init_gen_str
(
BIO
*
err
,
EVP_PKEY_CTX
**
pctx
,
const
char
*
algname
,
ENGINE
*
e
,
int
do_param
);
#define FORMAT_UNDEF 0
#define FORMAT_ASN1 1
...
...
apps/dgst.c
浏览文件 @
2022cfe0
...
...
@@ -76,7 +76,7 @@
int
do_fp
(
BIO
*
out
,
unsigned
char
*
buf
,
BIO
*
bp
,
int
sep
,
int
binout
,
EVP_PKEY
*
key
,
unsigned
char
*
sigin
,
int
siglen
,
const
char
*
title
,
const
char
*
file
,
BIO
*
bmd
,
const
char
*
hmac_key
);
const
char
*
file
,
BIO
*
bmd
);
int
MAIN
(
int
,
char
**
);
...
...
@@ -106,7 +106,8 @@ int MAIN(int argc, char **argv)
char
*
engine
=
NULL
;
#endif
char
*
hmac_key
=
NULL
;
STACK
*
sigopts
=
NULL
;
char
*
mac_name
=
NULL
;
STACK
*
sigopts
=
NULL
,
*
macopts
=
NULL
;
apps_startup
();
...
...
@@ -198,6 +199,12 @@ int MAIN(int argc, char **argv)
break
;
hmac_key
=*++
argv
;
}
else
if
(
!
strcmp
(
*
argv
,
"-mac"
))
{
if
(
--
argc
<
1
)
break
;
mac_name
=*++
argv
;
}
else
if
(
strcmp
(
*
argv
,
"-sigopt"
)
==
0
)
{
if
(
--
argc
<
1
)
...
...
@@ -207,6 +214,15 @@ int MAIN(int argc, char **argv)
if
(
!
sigopts
||
!
sk_push
(
sigopts
,
*
(
++
argv
)))
break
;
}
else
if
(
strcmp
(
*
argv
,
"-macopt"
)
==
0
)
{
if
(
--
argc
<
1
)
break
;
if
(
!
macopts
)
macopts
=
sk_new_null
();
if
(
!
macopts
||
!
sk_push
(
macopts
,
*
(
++
argv
)))
break
;
}
else
if
((
m
=
EVP_get_digestbyname
(
&
((
*
argv
)[
1
])))
!=
NULL
)
md
=
m
;
else
...
...
@@ -326,6 +342,11 @@ int MAIN(int argc, char **argv)
ERR_print_errors
(
bio_err
);
goto
end
;
}
if
((
!!
mac_name
+
!!
keyfile
+
!!
hmac_key
)
>
1
)
{
BIO_printf
(
bio_err
,
"MAC and Signing key cannot both be specified
\n
"
);
goto
end
;
}
if
(
keyfile
)
{
...
...
@@ -343,6 +364,50 @@ int MAIN(int argc, char **argv)
}
}
if
(
mac_name
)
{
EVP_PKEY_CTX
*
mac_ctx
=
NULL
;
int
r
=
0
;
if
(
!
init_gen_str
(
bio_err
,
&
mac_ctx
,
mac_name
,
e
,
0
))
goto
mac_end
;
if
(
macopts
)
{
char
*
macopt
;
for
(
i
=
0
;
i
<
sk_num
(
macopts
);
i
++
)
{
macopt
=
sk_value
(
macopts
,
i
);
if
(
pkey_ctrl_string
(
mac_ctx
,
macopt
)
<=
0
)
{
BIO_printf
(
bio_err
,
"MAC parameter error
\"
%s
\"\n
"
,
macopt
);
ERR_print_errors
(
bio_err
);
goto
mac_end
;
}
}
}
if
(
EVP_PKEY_keygen
(
mac_ctx
,
&
sigkey
)
<=
0
)
{
BIO_puts
(
bio_err
,
"Error generating key
\n
"
);
ERR_print_errors
(
bio_err
);
goto
mac_end
;
}
r
=
1
;
mac_end:
if
(
mac_ctx
)
EVP_PKEY_CTX_free
(
mac_ctx
);
if
(
r
==
0
)
goto
end
;
}
if
(
hmac_key
)
{
sigkey
=
EVP_PKEY_new_mac_key
(
EVP_PKEY_HMAC
,
e
,
(
unsigned
char
*
)
hmac_key
,
-
1
);
if
(
!
sigkey
)
goto
end
;
}
if
(
sigkey
)
{
EVP_MD_CTX
*
mctx
=
NULL
;
...
...
@@ -410,7 +475,7 @@ int MAIN(int argc, char **argv)
{
BIO_set_fp
(
in
,
stdin
,
BIO_NOCLOSE
);
err
=
do_fp
(
out
,
buf
,
inp
,
separator
,
out_bin
,
sigkey
,
sigbuf
,
siglen
,
""
,
"(stdin)"
,
bmd
,
hmac_key
);
siglen
,
""
,
"(stdin)"
,
bmd
);
}
else
{
...
...
@@ -436,7 +501,7 @@ int MAIN(int argc, char **argv)
else
tmp
=
""
;
r
=
do_fp
(
out
,
buf
,
inp
,
separator
,
out_bin
,
sigkey
,
sigbuf
,
siglen
,
tmp
,
argv
[
i
],
bmd
,
hmac_key
);
siglen
,
tmp
,
argv
[
i
],
bmd
);
if
(
r
)
err
=
r
;
if
(
tofree
)
...
...
@@ -457,6 +522,8 @@ end:
EVP_PKEY_free
(
sigkey
);
if
(
sigopts
)
sk_free
(
sigopts
);
if
(
macopts
)
sk_free
(
macopts
);
if
(
sigbuf
)
OPENSSL_free
(
sigbuf
);
if
(
bmd
!=
NULL
)
BIO_free
(
bmd
);
apps_shutdown
();
...
...
@@ -465,23 +532,11 @@ end:
int
do_fp
(
BIO
*
out
,
unsigned
char
*
buf
,
BIO
*
bp
,
int
sep
,
int
binout
,
EVP_PKEY
*
key
,
unsigned
char
*
sigin
,
int
siglen
,
const
char
*
title
,
const
char
*
file
,
BIO
*
bmd
,
const
char
*
hmac_key
)
const
char
*
file
,
BIO
*
bmd
)
{
unsigned
int
len
;
int
i
;
EVP_MD_CTX
*
md_ctx
;
HMAC_CTX
hmac_ctx
;
if
(
hmac_key
)
{
EVP_MD
*
md
;
BIO_get_md
(
bmd
,
&
md
);
HMAC_CTX_init
(
&
hmac_ctx
);
HMAC_Init_ex
(
&
hmac_ctx
,
hmac_key
,
strlen
(
hmac_key
),
md
,
NULL
);
BIO_get_md_ctx
(
bmd
,
&
md_ctx
);
BIO_set_md_ctx
(
bmd
,
&
hmac_ctx
.
md_ctx
);
}
for
(;;)
{
i
=
BIO_read
(
bp
,(
char
*
)
buf
,
BUFSIZE
);
...
...
@@ -524,11 +579,6 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
return
1
;
}
}
else
if
(
hmac_key
)
{
HMAC_Final
(
&
hmac_ctx
,
buf
,
&
len
);
HMAC_CTX_cleanup
(
&
hmac_ctx
);
}
else
len
=
BIO_gets
(
bp
,(
char
*
)
buf
,
BUFSIZE
);
...
...
@@ -544,10 +594,6 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
}
BIO_printf
(
out
,
"
\n
"
);
}
if
(
hmac_key
)
{
BIO_set_md_ctx
(
bmd
,
md_ctx
);
}
return
0
;
}
apps/genpkey.c
浏览文件 @
2022cfe0
...
...
@@ -67,8 +67,6 @@
static
int
init_keygen_file
(
BIO
*
err
,
EVP_PKEY_CTX
**
pctx
,
const
char
*
file
,
ENGINE
*
e
);
static
int
init_gen_str
(
BIO
*
err
,
EVP_PKEY_CTX
**
pctx
,
const
char
*
algname
,
ENGINE
*
e
,
int
do_param
);
static
int
genpkey_cb
(
EVP_PKEY_CTX
*
ctx
);
#define PROG genpkey_main
...
...
@@ -362,8 +360,8 @@ static int init_keygen_file(BIO *err, EVP_PKEY_CTX **pctx,
}
static
int
init_gen_str
(
BIO
*
err
,
EVP_PKEY_CTX
**
pctx
,
const
char
*
algname
,
ENGINE
*
e
,
int
do_param
)
int
init_gen_str
(
BIO
*
err
,
EVP_PKEY_CTX
**
pctx
,
const
char
*
algname
,
ENGINE
*
e
,
int
do_param
)
{
EVP_PKEY_CTX
*
ctx
=
NULL
;
const
EVP_PKEY_ASN1_METHOD
*
ameth
;
...
...
crypto/evp/evp.h
浏览文件 @
2022cfe0
...
...
@@ -1027,6 +1027,9 @@ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
int
EVP_PKEY_CTX_get_operation
(
EVP_PKEY_CTX
*
ctx
);
void
EVP_PKEY_CTX_set0_keygen_info
(
EVP_PKEY_CTX
*
ctx
,
int
*
dat
,
int
datlen
);
EVP_PKEY
*
EVP_PKEY_new_mac_key
(
int
type
,
ENGINE
*
e
,
unsigned
char
*
key
,
int
keylen
);
void
EVP_PKEY_CTX_set_data
(
EVP_PKEY_CTX
*
ctx
,
void
*
data
);
void
*
EVP_PKEY_CTX_get_data
(
EVP_PKEY_CTX
*
ctx
);
EVP_PKEY
*
EVP_PKEY_CTX_get0_pkey
(
EVP_PKEY_CTX
*
ctx
);
...
...
crypto/evp/pmeth_gn.c
浏览文件 @
2022cfe0
...
...
@@ -196,3 +196,24 @@ int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx)
return
0
;
return
ctx
->
keygen_info
[
idx
];
}
EVP_PKEY
*
EVP_PKEY_new_mac_key
(
int
type
,
ENGINE
*
e
,
unsigned
char
*
key
,
int
keylen
)
{
EVP_PKEY_CTX
*
mac_ctx
=
NULL
;
EVP_PKEY
*
mac_key
=
NULL
;
mac_ctx
=
EVP_PKEY_CTX_new_id
(
type
,
e
);
if
(
!
mac_ctx
)
return
NULL
;
if
(
EVP_PKEY_keygen_init
(
mac_ctx
)
<=
0
)
goto
merr
;
if
(
EVP_PKEY_CTX_ctrl
(
mac_ctx
,
-
1
,
EVP_PKEY_OP_KEYGEN
,
EVP_PKEY_CTRL_SET_MAC_KEY
,
keylen
,
key
)
<=
0
)
goto
merr
;
if
(
EVP_PKEY_keygen
(
mac_ctx
,
&
mac_key
)
<=
0
)
goto
merr
;
merr:
if
(
mac_ctx
)
EVP_PKEY_CTX_free
(
mac_ctx
);
return
mac_key
;
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录