Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
25af7a5d
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
大约 1 年 前同步成功
通知
9
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
25af7a5d
编写于
7月 17, 2013
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Add support for X9.62 KDF.
Add X9.62 KDF to EC EVP_PKEY_METHOD.
上级
6af440ce
变更
5
隐藏空白更改
内联
并排
Showing
5 changed file
with
364 addition
and
6 deletion
+364
-6
crypto/ec/ec.h
crypto/ec/ec.h
+66
-0
crypto/ec/ec_pmeth.c
crypto/ec/ec_pmeth.c
+175
-4
crypto/ecdh/Makefile
crypto/ecdh/Makefile
+2
-2
crypto/ecdh/ecdh.h
crypto/ecdh/ecdh.h
+5
-0
crypto/ecdh/ech_kdf.c
crypto/ecdh/ech_kdf.c
+116
-0
未找到文件。
crypto/ec/ec.h
浏览文件 @
25af7a5d
...
...
@@ -973,8 +973,69 @@ int EC_KEY_print_fp(FILE *fp, const EC_KEY *key, int off);
EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, \
EVP_PKEY_CTRL_EC_PARAM_ENC, flag, NULL)
#define EVP_PKEY_CTX_set_ecdh_cofactor_mode(ctx, flag) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_EC_ECDH_COFACTOR, flag, NULL)
#define EVP_PKEY_CTX_get_ecdh_cofactor_mode(ctx) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_EC_ECDH_COFACTOR, -2, NULL)
#define EVP_PKEY_CTX_set_ecdh_kdf_type(ctx, kdf) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_EC_KDF_TYPE, kdf, NULL)
#define EVP_PKEY_CTX_get_ecdh_kdf_type(ctx) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_EC_KDF_TYPE, -2, NULL)
#define EVP_PKEY_CTX_set_ecdh_kdf_md(ctx, md) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_EC_KDF_MD, 0, (void *)md)
#define EVP_PKEY_CTX_get_ecdh_kdf_md(ctx, pmd) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_GET_EC_KDF_MD, 0, (void *)pmd)
#define EVP_PKEY_CTX_set_ecdh_kdf_outlen(ctx, len) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_EC_KDF_OUTLEN, len, NULL)
#define EVP_PKEY_CTX_get_ecdh_kdf_outlen(ctx, plen) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN, 0, (void *)plen)
#define EVP_PKEY_CTX_set0_ecdh_kdf_ukm(ctx, p, plen) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_EC_KDF_UKM, plen, (void *)p)
#define EVP_PKEY_CTX_get0_ecdh_kdf_ukm(ctx, p) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_GET_EC_KDF_UKM, 0, (void *)p)
#define EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID (EVP_PKEY_ALG_CTRL + 1)
#define EVP_PKEY_CTRL_EC_PARAM_ENC (EVP_PKEY_ALG_CTRL + 2)
#define EVP_PKEY_CTRL_EC_ECDH_COFACTOR (EVP_PKEY_ALG_CTRL + 3)
#define EVP_PKEY_CTRL_EC_KDF_TYPE (EVP_PKEY_ALG_CTRL + 4)
#define EVP_PKEY_CTRL_EC_KDF_MD (EVP_PKEY_ALG_CTRL + 5)
#define EVP_PKEY_CTRL_GET_EC_KDF_MD (EVP_PKEY_ALG_CTRL + 6)
#define EVP_PKEY_CTRL_EC_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 7)
#define EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 8)
#define EVP_PKEY_CTRL_EC_KDF_UKM (EVP_PKEY_ALG_CTRL + 9)
#define EVP_PKEY_CTRL_GET_EC_KDF_UKM (EVP_PKEY_ALG_CTRL + 10)
/* KDF types */
#define EVP_PKEY_ECDH_KDF_NONE 1
#define EVP_PKEY_ECDH_KDF_X9_62 2
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
...
...
@@ -991,6 +1052,8 @@ void ERR_load_EC_strings(void);
#define EC_F_D2I_ECPKPARAMETERS 145
#define EC_F_D2I_ECPRIVATEKEY 146
#define EC_F_DO_EC_KEY_PRINT 221
#define EC_F_ECDH_CMS_DECRYPT 238
#define EC_F_ECDH_CMS_SET_SHARED_INFO 239
#define EC_F_ECKEY_PARAM2TYPE 223
#define EC_F_ECKEY_PARAM_DECODE 212
#define EC_F_ECKEY_PRIV_DECODE 213
...
...
@@ -1149,6 +1212,7 @@ void ERR_load_EC_strings(void);
#define EC_R_INVALID_PENTANOMIAL_BASIS 132
#define EC_R_INVALID_PRIVATE_KEY 123
#define EC_R_INVALID_TRINOMIAL_BASIS 137
#define EC_R_KDF_PARAMETER_ERROR 148
#define EC_R_KEYS_NOT_SET 140
#define EC_R_MISSING_PARAMETERS 124
#define EC_R_MISSING_PRIVATE_KEY 125
...
...
@@ -1159,9 +1223,11 @@ void ERR_load_EC_strings(void);
#define EC_R_NO_FIELD_MOD 133
#define EC_R_NO_PARAMETERS_SET 139
#define EC_R_PASSED_NULL_PARAMETER 134
#define EC_R_PEER_KEY_ERROR 149
#define EC_R_PKPARAMETERS2GROUP_FAILURE 127
#define EC_R_POINT_AT_INFINITY 106
#define EC_R_POINT_IS_NOT_ON_CURVE 107
#define EC_R_SHARED_INFO_ERROR 150
#define EC_R_SLOT_FULL 108
#define EC_R_UNDEFINED_GENERATOR 113
#define EC_R_UNDEFINED_ORDER 128
...
...
crypto/ec/ec_pmeth.c
浏览文件 @
25af7a5d
...
...
@@ -60,6 +60,7 @@
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include <openssl/ec.h>
#include "ec_lcl.h"
#include <openssl/ecdsa.h>
#include <openssl/evp.h>
#include "evp_locl.h"
...
...
@@ -72,6 +73,20 @@ typedef struct
EC_GROUP
*
gen_group
;
/* message digest */
const
EVP_MD
*
md
;
/* Duplicate key if custom cofactor needed */
EC_KEY
*
co_key
;
/* Cofactor mode */
char
cofactor_mode
;
/* KDF (if any) to use for ECDH */
char
kdf_type
;
/* Message digest to use for key derivation */
const
EVP_MD
*
kdf_md
;
/* User key material */
unsigned
char
*
kdf_ukm
;
size_t
kdf_ukmlen
;
/* KDF output length */
size_t
kdf_outlen
;
}
EC_PKEY_CTX
;
static
int
pkey_ec_init
(
EVP_PKEY_CTX
*
ctx
)
...
...
@@ -83,6 +98,14 @@ static int pkey_ec_init(EVP_PKEY_CTX *ctx)
dctx
->
gen_group
=
NULL
;
dctx
->
md
=
NULL
;
dctx
->
cofactor_mode
=
-
1
;
dctx
->
co_key
=
NULL
;
dctx
->
kdf_type
=
EVP_PKEY_ECDH_KDF_NONE
;
dctx
->
kdf_md
=
NULL
;
dctx
->
kdf_outlen
=
0
;
dctx
->
kdf_ukm
=
NULL
;
dctx
->
kdf_ukmlen
=
0
;
ctx
->
data
=
dctx
;
return
1
;
...
...
@@ -102,6 +125,25 @@ static int pkey_ec_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
return
0
;
}
dctx
->
md
=
sctx
->
md
;
if
(
sctx
->
co_key
)
{
dctx
->
co_key
=
EC_KEY_dup
(
sctx
->
co_key
);
if
(
!
dctx
->
co_key
)
return
0
;
}
dctx
->
kdf_type
=
sctx
->
kdf_type
;
dctx
->
kdf_md
=
sctx
->
kdf_md
;
dctx
->
kdf_outlen
=
sctx
->
kdf_outlen
;
if
(
sctx
->
kdf_ukm
)
{
dctx
->
kdf_ukm
=
BUF_memdup
(
sctx
->
kdf_ukm
,
sctx
->
kdf_ukmlen
);
if
(
!
dctx
->
kdf_ukm
)
return
0
;
}
else
dctx
->
kdf_ukm
=
NULL
;
dctx
->
kdf_ukmlen
=
sctx
->
kdf_ukmlen
;
return
1
;
}
...
...
@@ -112,6 +154,10 @@ static void pkey_ec_cleanup(EVP_PKEY_CTX *ctx)
{
if
(
dctx
->
gen_group
)
EC_GROUP_free
(
dctx
->
gen_group
);
if
(
dctx
->
co_key
)
EC_KEY_free
(
dctx
->
co_key
);
if
(
dctx
->
kdf_ukm
)
OPENSSL_free
(
dctx
->
kdf_ukm
);
OPENSSL_free
(
dctx
);
}
}
...
...
@@ -172,20 +218,23 @@ static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
int
ret
;
size_t
outlen
;
const
EC_POINT
*
pubkey
=
NULL
;
EC_KEY
*
eckey
;
EC_PKEY_CTX
*
dctx
=
ctx
->
data
;
if
(
!
ctx
->
pkey
||
!
ctx
->
peerkey
)
{
ECerr
(
EC_F_PKEY_EC_DERIVE
,
EC_R_KEYS_NOT_SET
);
return
0
;
}
eckey
=
dctx
->
co_key
?
dctx
->
co_key
:
ctx
->
pkey
->
pkey
.
ec
;
if
(
!
key
)
{
const
EC_GROUP
*
group
;
group
=
EC_KEY_get0_group
(
ctx
->
pkey
->
pkey
.
ec
);
group
=
EC_KEY_get0_group
(
eckey
);
*
keylen
=
(
EC_GROUP_get_degree
(
group
)
+
7
)
/
8
;
return
1
;
}
pubkey
=
EC_KEY_get0_public_key
(
ctx
->
peerkey
->
pkey
.
ec
);
/* NB: unlike PKCS#3 DH, if *outlen is less than maximum size this is
...
...
@@ -194,13 +243,52 @@ static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
outlen
=
*
keylen
;
ret
=
ECDH_compute_key
(
key
,
outlen
,
pubkey
,
ctx
->
pkey
->
pkey
.
ec
,
0
);
ret
=
ECDH_compute_key
(
key
,
outlen
,
pubkey
,
eckey
,
0
);
if
(
ret
<
0
)
return
ret
;
*
keylen
=
ret
;
return
1
;
}
static
int
pkey_ec_kdf_derive
(
EVP_PKEY_CTX
*
ctx
,
unsigned
char
*
key
,
size_t
*
keylen
)
{
EC_PKEY_CTX
*
dctx
=
ctx
->
data
;
unsigned
char
*
ktmp
=
NULL
;
size_t
ktmplen
;
int
rv
=
0
;
if
(
dctx
->
kdf_type
==
EVP_PKEY_ECDH_KDF_NONE
)
return
pkey_ec_derive
(
ctx
,
key
,
keylen
);
if
(
!
key
)
{
*
keylen
=
dctx
->
kdf_outlen
;
return
1
;
}
if
(
*
keylen
!=
dctx
->
kdf_outlen
)
return
0
;
if
(
!
pkey_ec_derive
(
ctx
,
NULL
,
&
ktmplen
))
return
0
;
ktmp
=
OPENSSL_malloc
(
ktmplen
);
if
(
!
ktmp
)
return
0
;
if
(
!
pkey_ec_derive
(
ctx
,
ktmp
,
&
ktmplen
))
goto
err
;
/* Do KDF stuff */
if
(
!
ECDH_KDF_X9_62
(
key
,
*
keylen
,
ktmp
,
ktmplen
,
dctx
->
kdf_ukm
,
dctx
->
kdf_ukmlen
,
dctx
->
kdf_md
))
goto
err
;
rv
=
1
;
err:
if
(
ktmp
)
{
OPENSSL_cleanse
(
ktmp
,
ktmplen
);
OPENSSL_free
(
ktmp
);
}
return
rv
;
}
static
int
pkey_ec_ctrl
(
EVP_PKEY_CTX
*
ctx
,
int
type
,
int
p1
,
void
*
p2
)
{
EC_PKEY_CTX
*
dctx
=
ctx
->
data
;
...
...
@@ -228,6 +316,89 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
EC_GROUP_set_asn1_flag
(
dctx
->
gen_group
,
p1
);
return
1
;
case
EVP_PKEY_CTRL_EC_ECDH_COFACTOR
:
if
(
p1
==
-
2
)
{
if
(
dctx
->
co_key
)
return
dctx
->
cofactor_mode
;
else
{
EC_KEY
*
ec_key
=
ctx
->
pkey
->
pkey
.
ec
;
return
EC_KEY_get_flags
(
ec_key
)
&
EC_FLAG_COFACTOR_ECDH
?
1
:
0
;
}
}
else
if
(
p1
<
-
1
||
p1
>
1
)
return
-
2
;
dctx
->
cofactor_mode
=
p1
;
if
(
p1
!=
-
1
)
{
EC_KEY
*
ec_key
=
ctx
->
pkey
->
pkey
.
ec
;
if
(
!
ec_key
->
group
)
return
-
2
;
/* If cofactor is 1 cofactor mode does nothing */
if
(
BN_is_one
(
&
ec_key
->
group
->
cofactor
))
return
1
;
if
(
!
dctx
->
co_key
)
{
dctx
->
co_key
=
EC_KEY_dup
(
ec_key
);
if
(
!
dctx
->
co_key
)
return
0
;
}
if
(
p1
)
EC_KEY_set_flags
(
dctx
->
co_key
,
EC_FLAG_COFACTOR_ECDH
);
else
EC_KEY_clear_flags
(
dctx
->
co_key
,
EC_FLAG_COFACTOR_ECDH
);
}
else
if
(
dctx
->
co_key
)
{
EC_KEY_free
(
dctx
->
co_key
);
dctx
->
co_key
=
NULL
;
}
return
1
;
case
EVP_PKEY_CTRL_EC_KDF_TYPE
:
if
(
p1
==
-
2
)
return
dctx
->
kdf_type
;
if
(
p1
!=
EVP_PKEY_ECDH_KDF_NONE
&&
p1
!=
EVP_PKEY_ECDH_KDF_X9_62
)
return
-
2
;
dctx
->
kdf_type
=
p1
;
return
1
;
case
EVP_PKEY_CTRL_EC_KDF_MD
:
dctx
->
kdf_md
=
p2
;
return
1
;
case
EVP_PKEY_CTRL_GET_EC_KDF_MD
:
*
(
const
EVP_MD
**
)
p2
=
dctx
->
kdf_md
;
return
1
;
case
EVP_PKEY_CTRL_EC_KDF_OUTLEN
:
if
(
p1
<=
0
)
return
-
2
;
dctx
->
kdf_outlen
=
(
size_t
)
p1
;
return
1
;
case
EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN
:
*
(
int
*
)
p2
=
dctx
->
kdf_outlen
;
return
1
;
case
EVP_PKEY_CTRL_EC_KDF_UKM
:
if
(
dctx
->
kdf_ukm
)
OPENSSL_free
(
dctx
->
kdf_ukm
);
dctx
->
kdf_ukm
=
p2
;
if
(
p2
)
dctx
->
kdf_ukmlen
=
p1
;
else
dctx
->
kdf_ukmlen
=
0
;
return
1
;
case
EVP_PKEY_CTRL_GET_EC_KDF_UKM
:
*
(
unsigned
char
**
)
p2
=
dctx
->
kdf_ukm
;
return
dctx
->
kdf_ukmlen
;
case
EVP_PKEY_CTRL_MD
:
if
(
EVP_MD_type
((
const
EVP_MD
*
)
p2
)
!=
NID_sha1
&&
EVP_MD_type
((
const
EVP_MD
*
)
p2
)
!=
NID_ecdsa_with_SHA1
&&
...
...
@@ -369,7 +540,7 @@ const EVP_PKEY_METHOD ec_pkey_meth =
0
,
0
,
0
,
pkey_ec_derive
,
pkey_ec_
kdf_
derive
,
pkey_ec_ctrl
,
pkey_ec_ctrl_str
...
...
crypto/ecdh/Makefile
浏览文件 @
25af7a5d
...
...
@@ -17,9 +17,9 @@ TEST=ecdhtest.c
APPS
=
LIB
=
$(TOP)
/libcrypto.a
LIBSRC
=
ech_lib.c ech_ossl.c ech_key.c ech_err.c
LIBSRC
=
ech_lib.c ech_ossl.c ech_key.c ech_err.c
ech_kdf.c
LIBOBJ
=
ech_lib.o ech_ossl.o ech_key.o ech_err.o
LIBOBJ
=
ech_lib.o ech_ossl.o ech_key.o ech_err.o
ech_kdf.o
SRC
=
$(LIBSRC)
...
...
crypto/ecdh/ecdh.h
浏览文件 @
25af7a5d
...
...
@@ -101,6 +101,11 @@ int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
int
ECDH_set_ex_data
(
EC_KEY
*
d
,
int
idx
,
void
*
arg
);
void
*
ECDH_get_ex_data
(
EC_KEY
*
d
,
int
idx
);
int
ECDH_KDF_X9_62
(
unsigned
char
*
out
,
size_t
outlen
,
const
unsigned
char
*
Z
,
size_t
Zlen
,
const
unsigned
char
*
sinfo
,
size_t
sinfolen
,
const
EVP_MD
*
md
);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
...
...
crypto/ecdh/ech_kdf.c
0 → 100644
浏览文件 @
25af7a5d
/* crypto/ecdh/ec_kdf.c */
/*
* Written by Stephen Henson for the OpenSSL project.
*/
/* ====================================================================
* Copyright (c) 2013 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#define OPENSSL_FIPSAPI
#include <string.h>
#include <openssl/ecdh.h>
#include <openssl/evp.h>
/* Key derivation function from X9.62/SECG */
#define ECDH_KDF_MAX (1L << 31)
int
ECDH_KDF_X9_62
(
unsigned
char
*
out
,
size_t
outlen
,
const
unsigned
char
*
Z
,
size_t
Zlen
,
const
unsigned
char
*
sinfo
,
size_t
sinfolen
,
const
EVP_MD
*
md
)
{
EVP_MD_CTX
mctx
;
int
rv
=
0
;
unsigned
int
i
;
size_t
mdlen
;
unsigned
char
ctr
[
4
];
if
(
sinfolen
>
ECDH_KDF_MAX
||
outlen
>
ECDH_KDF_MAX
||
Zlen
>
ECDH_KDF_MAX
)
return
0
;
mdlen
=
EVP_MD_size
(
md
);
EVP_MD_CTX_init
(
&
mctx
);
for
(
i
=
1
;;
i
++
)
{
unsigned
char
mtmp
[
EVP_MAX_MD_SIZE
];
EVP_DigestInit_ex
(
&
mctx
,
md
,
NULL
);
ctr
[
3
]
=
i
&
0xFF
;
ctr
[
2
]
=
(
i
>>
8
)
&
0xFF
;
ctr
[
1
]
=
(
i
>>
16
)
&
0xFF
;
ctr
[
0
]
=
(
i
>>
24
)
&
0xFF
;
if
(
!
EVP_DigestUpdate
(
&
mctx
,
Z
,
Zlen
))
goto
err
;
if
(
!
EVP_DigestUpdate
(
&
mctx
,
ctr
,
sizeof
(
ctr
)))
goto
err
;
if
(
!
EVP_DigestUpdate
(
&
mctx
,
sinfo
,
sinfolen
))
goto
err
;
if
(
outlen
>
mdlen
)
{
if
(
!
EVP_DigestFinal
(
&
mctx
,
out
,
NULL
))
goto
err
;
outlen
-=
mdlen
;
if
(
outlen
==
0
)
break
;
out
+=
mdlen
;
}
else
{
if
(
!
EVP_DigestFinal
(
&
mctx
,
mtmp
,
NULL
))
goto
err
;
memcpy
(
out
,
mtmp
,
outlen
);
OPENSSL_cleanse
(
mtmp
,
mdlen
);
break
;
}
}
rv
=
1
;
err:
EVP_MD_CTX_cleanup
(
&
mctx
);
return
rv
;
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录