Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
88ce56f8
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
大约 1 年 前同步成功
通知
9
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
88ce56f8
编写于
2月 02, 2001
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Various function for commmon operations.
上级
664d83bb
变更
12
隐藏空白更改
内联
并排
Showing
12 changed file
with
49 addition
and
45 deletion
+49
-45
CHANGES
CHANGES
+6
-0
apps/ocsp.c
apps/ocsp.c
+1
-1
crypto/asn1/a_digest.c
crypto/asn1/a_digest.c
+2
-8
crypto/asn1/n_pkey.c
crypto/asn1/n_pkey.c
+3
-9
crypto/evp/digest.c
crypto/evp/digest.c
+11
-1
crypto/evp/evp.h
crypto/evp/evp.h
+2
-0
crypto/ocsp/ocsp_lib.c
crypto/ocsp/ocsp_lib.c
+3
-9
crypto/ocsp/ocsp_vfy.c
crypto/ocsp/ocsp_vfy.c
+2
-13
crypto/x509/x509.h
crypto/x509/x509.h
+3
-0
crypto/x509/x509_cmp.c
crypto/x509/x509_cmp.c
+6
-0
crypto/x509/x_all.c
crypto/x509/x_all.c
+9
-0
crypto/x509v3/v3_skey.c
crypto/x509v3/v3_skey.c
+1
-4
未找到文件。
CHANGES
浏览文件 @
88ce56f8
...
...
@@ -3,6 +3,12 @@
Changes between 0.9.6 and 0.9.7 [xx XXX 2000]
*) Various new functions. EVP_Digest() combines EVP_Digest{Init,Update,Final}()
in a single operation. X509_get0_pubkey_bitstr() extracts the public_key
structure from a certificate. X509_pubkey_digest() digests tha public_key
contents: this is used in various key identifiers.
[Steve Henson]
*) Tolerate nonRepudiation as being valid for S/MIME signing and certSign
keyUsage if basicConstraints absent for a CA.
[Steve Henson]
...
...
apps/ocsp.c
浏览文件 @
88ce56f8
...
...
@@ -525,7 +525,7 @@ static int add_ocsp_serial(OCSP_REQUEST **req, char *serial, X509 *issuer,
if
(
!*
req
)
*
req
=
OCSP_REQUEST_new
();
if
(
!*
req
)
goto
err
;
iname
=
X509_get_subject_name
(
issuer
);
ikey
=
issuer
->
cert_info
->
key
->
public_key
;
ikey
=
X509_get0_pubkey_bitstr
(
issuer
)
;
sno
=
s2i_ASN1_INTEGER
(
NULL
,
serial
);
if
(
!
sno
)
{
...
...
crypto/asn1/a_digest.c
浏览文件 @
88ce56f8
...
...
@@ -74,7 +74,6 @@
int
ASN1_digest
(
int
(
*
i2d
)(),
const
EVP_MD
*
type
,
char
*
data
,
unsigned
char
*
md
,
unsigned
int
*
len
)
{
EVP_MD_CTX
ctx
;
int
i
;
unsigned
char
*
str
,
*
p
;
...
...
@@ -83,9 +82,7 @@ int ASN1_digest(int (*i2d)(), const EVP_MD *type, char *data,
p
=
str
;
i2d
(
data
,
&
p
);
EVP_DigestInit
(
&
ctx
,
type
);
EVP_DigestUpdate
(
&
ctx
,
str
,
i
);
EVP_DigestFinal
(
&
ctx
,
md
,
len
);
EVP_Digest
(
str
,
i
,
md
,
len
,
type
);
OPENSSL_free
(
str
);
return
(
1
);
}
...
...
@@ -96,16 +93,13 @@ int ASN1_digest(int (*i2d)(), const EVP_MD *type, char *data,
int
ASN1_item_digest
(
const
ASN1_ITEM
*
it
,
const
EVP_MD
*
type
,
void
*
asn
,
unsigned
char
*
md
,
unsigned
int
*
len
)
{
EVP_MD_CTX
ctx
;
int
i
;
unsigned
char
*
str
=
NULL
;
i
=
ASN1_item_i2d
(
asn
,
&
str
,
it
);
if
(
!
str
)
return
(
0
);
EVP_DigestInit
(
&
ctx
,
type
);
EVP_DigestUpdate
(
&
ctx
,
str
,
i
);
EVP_DigestFinal
(
&
ctx
,
md
,
len
);
EVP_Digest
(
str
,
i
,
md
,
len
,
type
);
OPENSSL_free
(
str
);
return
(
1
);
}
...
...
crypto/asn1/n_pkey.c
浏览文件 @
88ce56f8
...
...
@@ -196,14 +196,11 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey)
i
=
strlen
((
char
*
)
buf
);
/* If the key is used for SGC the algorithm is modified a little. */
if
(
sgckey
)
{
EVP_MD_CTX
mctx
;
EVP_DigestInit
(
&
mctx
,
EVP_md5
());
EVP_DigestUpdate
(
&
mctx
,
buf
,
i
);
EVP_DigestFinal
(
&
mctx
,
buf
,
NULL
);
EVP_Digest
(
buf
,
i
,
buf
,
NULL
,
EVP_md5
());
memcpy
(
buf
+
16
,
"SGCKEYSALT"
,
10
);
i
=
26
;
}
EVP_BytesToKey
(
EVP_rc4
(),
EVP_md5
(),
NULL
,
buf
,
i
,
1
,
key
,
NULL
);
memset
(
buf
,
0
,
256
);
...
...
@@ -287,10 +284,7 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
i
=
strlen
((
char
*
)
buf
);
if
(
sgckey
){
EVP_MD_CTX
mctx
;
EVP_DigestInit
(
&
mctx
,
EVP_md5
());
EVP_DigestUpdate
(
&
mctx
,
buf
,
i
);
EVP_DigestFinal
(
&
mctx
,
buf
,
NULL
);
EVP_Digest
(
buf
,
i
,
buf
,
NULL
,
EVP_md5
());
memcpy
(
buf
+
16
,
"SGCKEYSALT"
,
10
);
i
=
26
;
}
...
...
crypto/evp/digest.c
浏览文件 @
88ce56f8
...
...
@@ -89,4 +89,14 @@ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in)
}
memcpy
((
char
*
)
out
,(
char
*
)
in
,
in
->
digest
->
ctx_size
);
return
1
;
}
}
int
EVP_Digest
(
void
*
data
,
unsigned
int
count
,
unsigned
char
*
md
,
unsigned
int
*
size
,
const
EVP_MD
*
type
)
{
EVP_MD_CTX
ctx
;
EVP_DigestInit
(
&
ctx
,
type
);
EVP_DigestUpdate
(
&
ctx
,
data
,
count
);
EVP_DigestFinal
(
&
ctx
,
md
,
size
);
return
1
;
}
crypto/evp/evp.h
浏览文件 @
88ce56f8
...
...
@@ -559,6 +559,8 @@ void EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
void
EVP_DigestUpdate
(
EVP_MD_CTX
*
ctx
,
const
void
*
d
,
unsigned
int
cnt
);
void
EVP_DigestFinal
(
EVP_MD_CTX
*
ctx
,
unsigned
char
*
md
,
unsigned
int
*
s
);
int
EVP_Digest
(
void
*
data
,
unsigned
int
count
,
unsigned
char
*
md
,
unsigned
int
*
size
,
const
EVP_MD
*
type
);
int
EVP_read_pw_string
(
char
*
buf
,
int
length
,
const
char
*
prompt
,
int
verify
);
void
EVP_set_pw_prompt
(
char
*
prompt
);
...
...
crypto/ocsp/ocsp_lib.c
浏览文件 @
88ce56f8
...
...
@@ -82,7 +82,7 @@ OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer)
#endif
iname
=
X509_get_issuer_name
(
subject
);
serial
=
X509_get_serialNumber
(
subject
);
ikey
=
issuer
->
cert_info
->
key
->
public_key
;
ikey
=
X509_get0_pubkey_bitstr
(
issuer
)
;
return
OCSP_cert_id_new
(
dgst
,
iname
,
ikey
,
serial
);
}
...
...
@@ -97,7 +97,6 @@ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
X509_ALGOR
*
alg
;
OCSP_CERTID
*
cid
=
NULL
;
unsigned
char
md
[
EVP_MAX_MD_SIZE
];
EVP_MD_CTX
ctx
;
if
(
!
(
cid
=
OCSP_CERTID_new
()))
goto
err
;
...
...
@@ -116,9 +115,7 @@ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
if
(
!
(
ASN1_OCTET_STRING_set
(
cid
->
issuerNameHash
,
md
,
i
)))
goto
err
;
/* Calculate the issuerKey hash, excluding tag and length */
EVP_DigestInit
(
&
ctx
,
dgst
);
EVP_DigestUpdate
(
&
ctx
,
issuerKey
->
data
,
issuerKey
->
length
);
EVP_DigestFinal
(
&
ctx
,
md
,
&
i
);
EVP_Digest
(
issuerKey
->
data
,
issuerKey
->
length
,
md
,
&
i
,
dgst
);
if
(
!
(
ASN1_OCTET_STRING_set
(
cid
->
issuerKeyHash
,
md
,
i
)))
goto
err
;
...
...
@@ -186,7 +183,6 @@ OCSP_BASICRESP *OCSP_basic_response_new(int type, X509* cert)
{
time_t
t
;
OCSP_RESPID
*
rid
;
ASN1_BIT_STRING
*
bs
;
OCSP_BASICRESP
*
rsp
=
NULL
;
unsigned
char
md
[
SHA_DIGEST_LENGTH
];
...
...
@@ -205,9 +201,7 @@ OCSP_BASICRESP *OCSP_basic_response_new(int type, X509* cert)
/* SHA-1 hash of responder's public key
* (excluding the tag and length fields)
*/
bs
=
cert
->
cert_info
->
key
->
public_key
;
SHA1
(
ASN1_STRING_data
((
ASN1_STRING
*
)
bs
),
ASN1_STRING_length
((
ASN1_STRING
*
)
bs
),
md
);
X509_pubkey_digest
(
cert
,
EVP_sha1
(),
md
,
NULL
);
if
(
!
(
rid
->
value
.
byKey
=
ASN1_OCTET_STRING_new
()))
goto
err
;
if
(
!
(
ASN1_OCTET_STRING_set
(
rid
->
value
.
byKey
,
...
...
crypto/ocsp/ocsp_vfy.c
浏览文件 @
88ce56f8
...
...
@@ -177,8 +177,6 @@ static X509 *ocsp_find_signer_sk(STACK_OF(X509) *certs, OCSP_RESPID *id)
{
int
i
;
unsigned
char
tmphash
[
SHA_DIGEST_LENGTH
],
*
keyhash
;
ASN1_BIT_STRING
*
key
;
EVP_MD_CTX
ctx
;
X509
*
x
;
/* Easy if lookup by name */
...
...
@@ -194,10 +192,7 @@ static X509 *ocsp_find_signer_sk(STACK_OF(X509) *certs, OCSP_RESPID *id)
for
(
i
=
0
;
i
<
sk_X509_num
(
certs
);
i
++
)
{
x
=
sk_X509_value
(
certs
,
i
);
key
=
x
->
cert_info
->
key
->
public_key
;
EVP_DigestInit
(
&
ctx
,
EVP_sha1
());
EVP_DigestUpdate
(
&
ctx
,
key
->
data
,
key
->
length
);
EVP_DigestFinal
(
&
ctx
,
tmphash
,
NULL
);
X509_pubkey_digest
(
x
,
EVP_sha1
(),
tmphash
,
NULL
);
if
(
!
memcmp
(
keyhash
,
tmphash
,
SHA_DIGEST_LENGTH
))
return
x
;
}
...
...
@@ -294,9 +289,7 @@ static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid,
if
(
cid
)
{
const
EVP_MD
*
dgst
;
EVP_MD_CTX
ctx
;
X509_NAME
*
iname
;
ASN1_BIT_STRING
*
ikey
;
int
mdlen
;
unsigned
char
md
[
EVP_MAX_MD_SIZE
];
if
(
!
(
dgst
=
EVP_get_digestbyobj
(
cid
->
hashAlgorithm
->
algorithm
)))
...
...
@@ -314,11 +307,7 @@ static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid,
return
-
1
;
if
(
memcmp
(
md
,
cid
->
issuerNameHash
->
data
,
mdlen
))
return
0
;
ikey
=
cert
->
cert_info
->
key
->
public_key
;
EVP_DigestInit
(
&
ctx
,
dgst
);
EVP_DigestUpdate
(
&
ctx
,
ikey
->
data
,
ikey
->
length
);
EVP_DigestFinal
(
&
ctx
,
md
,
NULL
);
X509_pubkey_digest
(
cert
,
EVP_sha1
(),
md
,
NULL
);
if
(
memcmp
(
md
,
cid
->
issuerKeyHash
->
data
,
mdlen
))
return
0
;
...
...
crypto/x509/x509.h
浏览文件 @
88ce56f8
...
...
@@ -719,6 +719,8 @@ int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
int
X509_CRL_sign
(
X509_CRL
*
x
,
EVP_PKEY
*
pkey
,
const
EVP_MD
*
md
);
int
NETSCAPE_SPKI_sign
(
NETSCAPE_SPKI
*
x
,
EVP_PKEY
*
pkey
,
const
EVP_MD
*
md
);
int
X509_pubkey_digest
(
const
X509
*
data
,
const
EVP_MD
*
type
,
unsigned
char
*
md
,
unsigned
int
*
len
);
int
X509_digest
(
const
X509
*
data
,
const
EVP_MD
*
type
,
unsigned
char
*
md
,
unsigned
int
*
len
);
int
X509_CRL_digest
(
const
X509_CRL
*
data
,
const
EVP_MD
*
type
,
...
...
@@ -937,6 +939,7 @@ int X509_set_notBefore(X509 *x, ASN1_TIME *tm);
int
X509_set_notAfter
(
X509
*
x
,
ASN1_TIME
*
tm
);
int
X509_set_pubkey
(
X509
*
x
,
EVP_PKEY
*
pkey
);
EVP_PKEY
*
X509_get_pubkey
(
X509
*
x
);
ASN1_BIT_STRING
*
X509_get0_pubkey_bitstr
(
const
X509
*
x
);
int
X509_certificate_type
(
X509
*
x
,
EVP_PKEY
*
pubkey
/* optional */
);
int
X509_REQ_set_version
(
X509_REQ
*
x
,
long
version
);
...
...
crypto/x509/x509_cmp.c
浏览文件 @
88ce56f8
...
...
@@ -264,6 +264,12 @@ EVP_PKEY *X509_get_pubkey(X509 *x)
return
(
X509_PUBKEY_get
(
x
->
cert_info
->
key
));
}
ASN1_BIT_STRING
*
X509_get0_pubkey_bitstr
(
const
X509
*
x
)
{
if
(
!
x
)
return
NULL
;
return
x
->
cert_info
->
key
->
public_key
;
}
int
X509_check_private_key
(
X509
*
x
,
EVP_PKEY
*
k
)
{
EVP_PKEY
*
xk
=
NULL
;
...
...
crypto/x509/x_all.c
浏览文件 @
88ce56f8
...
...
@@ -379,6 +379,15 @@ X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne)
return
ASN1_item_dup
(
&
X509_NAME_ENTRY_it
,
ne
);
}
int
X509_pubkey_digest
(
const
X509
*
data
,
const
EVP_MD
*
type
,
unsigned
char
*
md
,
unsigned
int
*
len
)
{
ASN1_BIT_STRING
*
key
;
key
=
X509_get0_pubkey_bitstr
(
data
);
if
(
!
key
)
return
0
;
return
EVP_Digest
(
key
->
data
,
key
->
length
,
md
,
len
,
type
);
}
int
X509_digest
(
const
X509
*
data
,
const
EVP_MD
*
type
,
unsigned
char
*
md
,
unsigned
int
*
len
)
{
...
...
crypto/x509v3/v3_skey.c
浏览文件 @
88ce56f8
...
...
@@ -104,7 +104,6 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,
ASN1_OCTET_STRING
*
oct
;
ASN1_BIT_STRING
*
pk
;
unsigned
char
pkey_dig
[
EVP_MAX_MD_SIZE
];
EVP_MD_CTX
md
;
unsigned
int
diglen
;
if
(
strcmp
(
str
,
"hash"
))
return
s2i_ASN1_OCTET_STRING
(
method
,
ctx
,
str
);
...
...
@@ -130,9 +129,7 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,
goto
err
;
}
EVP_DigestInit
(
&
md
,
EVP_sha1
());
EVP_DigestUpdate
(
&
md
,
pk
->
data
,
pk
->
length
);
EVP_DigestFinal
(
&
md
,
pkey_dig
,
&
diglen
);
EVP_Digest
(
pk
->
data
,
pk
->
length
,
pkey_dig
,
&
diglen
,
EVP_sha1
());
if
(
!
M_ASN1_OCTET_STRING_set
(
oct
,
pkey_dig
,
diglen
))
{
X509V3err
(
X509V3_F_S2I_S2I_SKEY_ID
,
ERR_R_MALLOC_FAILURE
);
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录