Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
b6dcdbfc
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
1 年多 前同步成功
通知
9
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
b6dcdbfc
编写于
9月 23, 2009
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Audit libcrypto for unchecked return values: fix all cases enountered
上级
cd4f7cdd
变更
39
隐藏空白更改
内联
并排
Showing
39 changed file
with
496 addition
and
245 deletion
+496
-245
CHANGES
CHANGES
+7
-0
crypto/asn1/a_digest.c
crypto/asn1/a_digest.c
+4
-2
crypto/asn1/a_sign.c
crypto/asn1/a_sign.c
+6
-6
crypto/asn1/a_verify.c
crypto/asn1/a_verify.c
+13
-3
crypto/asn1/n_pkey.c
crypto/asn1/n_pkey.c
+24
-14
crypto/asn1/p5_pbev2.c
crypto/asn1/p5_pbev2.c
+2
-1
crypto/asn1/t_x509.c
crypto/asn1/t_x509.c
+6
-3
crypto/cms/cms_lib.c
crypto/cms/cms_lib.c
+1
-4
crypto/cms/cms_sd.c
crypto/cms/cms_sd.c
+2
-1
crypto/dsa/dsa_gen.c
crypto/dsa/dsa_gen.c
+7
-3
crypto/evp/bio_enc.c
crypto/evp/bio_enc.c
+22
-11
crypto/evp/bio_md.c
crypto/evp/bio_md.c
+8
-3
crypto/evp/bio_ok.c
crypto/evp/bio_ok.c
+76
-27
crypto/evp/e_rc2.c
crypto/evp/e_rc2.c
+2
-1
crypto/evp/evp_key.c
crypto/evp/evp_key.c
+18
-9
crypto/evp/p5_crpt.c
crypto/evp/p5_crpt.c
+21
-11
crypto/evp/p5_crpt2.c
crypto/evp/p5_crpt2.c
+18
-6
crypto/evp/p_open.c
crypto/evp/p_open.c
+2
-1
crypto/evp/p_seal.c
crypto/evp/p_seal.c
+2
-1
crypto/evp/p_sign.c
crypto/evp/p_sign.c
+4
-2
crypto/evp/p_verify.c
crypto/evp/p_verify.c
+4
-2
crypto/hmac/hm_pmeth.c
crypto/hmac/hm_pmeth.c
+9
-5
crypto/ocsp/ocsp_lib.c
crypto/ocsp/ocsp_lib.c
+2
-1
crypto/pem/pem.h
crypto/pem/pem.h
+3
-3
crypto/pem/pem_lib.c
crypto/pem/pem_lib.c
+17
-10
crypto/pem/pem_seal.c
crypto/pem/pem_seal.c
+10
-5
crypto/pem/pem_sign.c
crypto/pem/pem_sign.c
+4
-4
crypto/pem/pvkfmt.c
crypto/pem/pvkfmt.c
+35
-23
crypto/pkcs12/p12_decr.c
crypto/pkcs12/p12_decr.c
+9
-1
crypto/pkcs12/p12_key.c
crypto/pkcs12/p12_key.c
+12
-7
crypto/pkcs12/p12_mutl.c
crypto/pkcs12/p12_mutl.c
+8
-4
crypto/pkcs7/pk7_doit.c
crypto/pkcs7/pk7_doit.c
+17
-7
crypto/rand/md_rand.c
crypto/rand/md_rand.c
+59
-29
crypto/rand/rand.h
crypto/rand/rand.h
+2
-2
crypto/rsa/rsa_oaep.c
crypto/rsa/rsa_oaep.c
+17
-9
crypto/rsa/rsa_pss.c
crypto/rsa/rsa_pss.c
+20
-13
crypto/ts/ts_rsp_verify.c
crypto/ts/ts_rsp_verify.c
+6
-3
crypto/x509/x509_cmp.c
crypto/x509/x509_cmp.c
+15
-7
crypto/x509v3/v3_skey.c
crypto/x509v3/v3_skey.c
+2
-1
未找到文件。
CHANGES
浏览文件 @
b6dcdbfc
...
...
@@ -4,6 +4,13 @@
Changes between 0.9.8k and 1.0 [xx XXX xxxx]
*) Extensive audit of libcrypto with DEBUG_UNUSED. Fix many cases where
return value is ignored. NB. The functions RAND_add(), RAND_seed(),
BIO_set_cipher() and some obscure PEM functions were changed so they
can now return an error. The RAND changes required a change to the
RAND_METHOD structure.
[Steve Henson]
*) New macro __owur for "OpenSSL Warn Unused Result". This makes use of
a gcc attribute to warn if the result of a function is ignored. This
is enable if DEBUG_UNUSED is set. Add to several functions in evp.h
...
...
crypto/asn1/a_digest.c
浏览文件 @
b6dcdbfc
...
...
@@ -87,7 +87,8 @@ int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
p
=
str
;
i2d
(
data
,
&
p
);
EVP_Digest
(
str
,
i
,
md
,
len
,
type
,
NULL
);
if
(
!
EVP_Digest
(
str
,
i
,
md
,
len
,
type
,
NULL
))
return
0
;
OPENSSL_free
(
str
);
return
(
1
);
}
...
...
@@ -104,7 +105,8 @@ int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *asn,
i
=
ASN1_item_i2d
(
asn
,
&
str
,
it
);
if
(
!
str
)
return
(
0
);
EVP_Digest
(
str
,
i
,
md
,
len
,
type
,
NULL
);
if
(
!
EVP_Digest
(
str
,
i
,
md
,
len
,
type
,
NULL
))
return
0
;
OPENSSL_free
(
str
);
return
(
1
);
}
...
...
crypto/asn1/a_sign.c
浏览文件 @
b6dcdbfc
...
...
@@ -184,9 +184,9 @@ int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2,
p
=
buf_in
;
i2d
(
data
,
&
p
);
EVP_SignInit_ex
(
&
ctx
,
type
,
NULL
);
EVP_SignUpdate
(
&
ctx
,(
unsigned
char
*
)
buf_in
,
inl
);
if
(
!
EVP_SignFinal
(
&
ctx
,(
unsigned
char
*
)
buf_out
,
if
(
!
EVP_SignInit_ex
(
&
ctx
,
type
,
NULL
)
||
!
EVP_SignUpdate
(
&
ctx
,(
unsigned
char
*
)
buf_in
,
inl
)
||
!
EVP_SignFinal
(
&
ctx
,(
unsigned
char
*
)
buf_out
,
(
unsigned
int
*
)
&
outl
,
pkey
))
{
outl
=
0
;
...
...
@@ -270,9 +270,9 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
goto
err
;
}
EVP_SignInit_ex
(
&
ctx
,
type
,
NULL
);
EVP_SignUpdate
(
&
ctx
,(
unsigned
char
*
)
buf_in
,
inl
);
if
(
!
EVP_SignFinal
(
&
ctx
,(
unsigned
char
*
)
buf_out
,
if
(
!
EVP_SignInit_ex
(
&
ctx
,
type
,
NULL
)
||
!
EVP_SignUpdate
(
&
ctx
,(
unsigned
char
*
)
buf_in
,
inl
)
||
!
EVP_SignFinal
(
&
ctx
,(
unsigned
char
*
)
buf_out
,
(
unsigned
int
*
)
&
outl
,
pkey
))
{
outl
=
0
;
...
...
crypto/asn1/a_verify.c
浏览文件 @
b6dcdbfc
...
...
@@ -101,8 +101,13 @@ int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature,
p
=
buf_in
;
i2d
(
data
,
&
p
);
EVP_VerifyInit_ex
(
&
ctx
,
type
,
NULL
);
EVP_VerifyUpdate
(
&
ctx
,(
unsigned
char
*
)
buf_in
,
inl
);
if
(
!
EVP_VerifyInit_ex
(
&
ctx
,
type
,
NULL
)
||
!
EVP_VerifyUpdate
(
&
ctx
,(
unsigned
char
*
)
buf_in
,
inl
))
{
ASN1err
(
ASN1_F_ASN1_VERIFY
,
ERR_R_EVP_LIB
);
ret
=
0
;
goto
err
;
}
OPENSSL_cleanse
(
buf_in
,(
unsigned
int
)
inl
);
OPENSSL_free
(
buf_in
);
...
...
@@ -173,7 +178,12 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
goto
err
;
}
EVP_VerifyUpdate
(
&
ctx
,(
unsigned
char
*
)
buf_in
,
inl
);
if
(
!
EVP_VerifyUpdate
(
&
ctx
,(
unsigned
char
*
)
buf_in
,
inl
))
{
ASN1err
(
ASN1_F_ASN1_ITEM_VERIFY
,
ERR_R_EVP_LIB
);
ret
=
0
;
goto
err
;
}
OPENSSL_cleanse
(
buf_in
,(
unsigned
int
)
inl
);
OPENSSL_free
(
buf_in
);
...
...
crypto/asn1/n_pkey.c
浏览文件 @
b6dcdbfc
...
...
@@ -129,6 +129,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp,
unsigned
char
buf
[
256
],
*
zz
;
unsigned
char
key
[
EVP_MAX_KEY_LENGTH
];
EVP_CIPHER_CTX
ctx
;
EVP_CIPHER_CTX_init
(
&
ctx
);
if
(
a
==
NULL
)
return
(
0
);
...
...
@@ -206,24 +207,28 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp,
i
=
strlen
((
char
*
)
buf
);
/* If the key is used for SGC the algorithm is modified a little. */
if
(
sgckey
)
{
EVP_Digest
(
buf
,
i
,
buf
,
NULL
,
EVP_md5
(),
NULL
);
if
(
!
EVP_Digest
(
buf
,
i
,
buf
,
NULL
,
EVP_md5
(),
NULL
))
goto
err
;
memcpy
(
buf
+
16
,
"SGCKEYSALT"
,
10
);
i
=
26
;
}
EVP_BytesToKey
(
EVP_rc4
(),
EVP_md5
(),
NULL
,
buf
,
i
,
1
,
key
,
NULL
);
if
(
!
EVP_BytesToKey
(
EVP_rc4
(),
EVP_md5
(),
NULL
,
buf
,
i
,
1
,
key
,
NULL
))
goto
err
;
OPENSSL_cleanse
(
buf
,
256
);
/* Encrypt private key in place */
zz
=
enckey
->
enckey
->
digest
->
data
;
EVP_CIPHER_CTX_init
(
&
ctx
);
EVP_EncryptInit_ex
(
&
ctx
,
EVP_rc4
(),
NULL
,
key
,
NULL
);
EVP_EncryptUpdate
(
&
ctx
,
zz
,
&
i
,
zz
,
pkeylen
);
EVP_EncryptFinal_ex
(
&
ctx
,
zz
+
i
,
&
j
);
EVP_CIPHER_CTX_cleanup
(
&
ctx
);
if
(
!
EVP_EncryptInit_ex
(
&
ctx
,
EVP_rc4
(),
NULL
,
key
,
NULL
))
goto
err
;
if
(
!
EVP_EncryptUpdate
(
&
ctx
,
zz
,
&
i
,
zz
,
pkeylen
))
goto
err
;
if
(
!
EVP_EncryptFinal_ex
(
&
ctx
,
zz
+
i
,
&
j
))
goto
err
;
ret
=
i2d_NETSCAPE_ENCRYPTED_PKEY
(
enckey
,
pp
);
err:
EVP_CIPHER_CTX_cleanup
(
&
ctx
);
NETSCAPE_ENCRYPTED_PKEY_free
(
enckey
);
NETSCAPE_PKEY_free
(
pkey
);
return
(
ret
);
...
...
@@ -289,6 +294,7 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
const
unsigned
char
*
zz
;
unsigned
char
key
[
EVP_MAX_KEY_LENGTH
];
EVP_CIPHER_CTX
ctx
;
EVP_CIPHER_CTX_init
(
&
ctx
);
i
=
cb
((
char
*
)
buf
,
256
,
"Enter Private Key password:"
,
0
);
if
(
i
!=
0
)
...
...
@@ -299,19 +305,22 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
i
=
strlen
((
char
*
)
buf
);
if
(
sgckey
){
EVP_Digest
(
buf
,
i
,
buf
,
NULL
,
EVP_md5
(),
NULL
);
if
(
!
EVP_Digest
(
buf
,
i
,
buf
,
NULL
,
EVP_md5
(),
NULL
))
goto
err
;
memcpy
(
buf
+
16
,
"SGCKEYSALT"
,
10
);
i
=
26
;
}
EVP_BytesToKey
(
EVP_rc4
(),
EVP_md5
(),
NULL
,
buf
,
i
,
1
,
key
,
NULL
);
if
(
!
EVP_BytesToKey
(
EVP_rc4
(),
EVP_md5
(),
NULL
,
buf
,
i
,
1
,
key
,
NULL
))
goto
err
;
OPENSSL_cleanse
(
buf
,
256
);
EVP_CIPHER_CTX_init
(
&
ctx
);
EVP_DecryptInit_ex
(
&
ctx
,
EVP_rc4
(),
NULL
,
key
,
NULL
);
EVP_DecryptUpdate
(
&
ctx
,
os
->
data
,
&
i
,
os
->
data
,
os
->
length
);
EVP_DecryptFinal_ex
(
&
ctx
,
&
(
os
->
data
[
i
]),
&
j
);
EVP_CIPHER_CTX_cleanup
(
&
ctx
);
if
(
!
EVP_DecryptInit_ex
(
&
ctx
,
EVP_rc4
(),
NULL
,
key
,
NULL
))
goto
err
;
if
(
!
EVP_DecryptUpdate
(
&
ctx
,
os
->
data
,
&
i
,
os
->
data
,
os
->
length
))
goto
err
;
if
(
!
EVP_DecryptFinal_ex
(
&
ctx
,
&
(
os
->
data
[
i
]),
&
j
))
goto
err
;
os
->
length
=
i
+
j
;
zz
=
os
->
data
;
...
...
@@ -329,6 +338,7 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
goto
err
;
}
err:
EVP_CIPHER_CTX_cleanup
(
&
ctx
);
NETSCAPE_PKEY_free
(
pkey
);
return
(
ret
);
}
...
...
crypto/asn1/p5_pbev2.c
浏览文件 @
b6dcdbfc
...
...
@@ -127,7 +127,8 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
EVP_CIPHER_CTX_init
(
&
ctx
);
/* Dummy cipherinit to just setup the IV, and PRF */
EVP_CipherInit_ex
(
&
ctx
,
cipher
,
NULL
,
NULL
,
iv
,
0
);
if
(
!
EVP_CipherInit_ex
(
&
ctx
,
cipher
,
NULL
,
NULL
,
iv
,
0
))
goto
err
;
if
(
EVP_CIPHER_param_to_asn1
(
&
ctx
,
scheme
->
parameter
)
<
0
)
{
ASN1err
(
ASN1_F_PKCS5_PBE2_SET_IV
,
ASN1_R_ERROR_SETTING_CIPHER_PARAMS
);
...
...
crypto/asn1/t_x509.c
浏览文件 @
b6dcdbfc
...
...
@@ -255,7 +255,8 @@ int X509_ocspid_print (BIO *bp, X509 *x)
goto
err
;
i2d_X509_NAME
(
x
->
cert_info
->
subject
,
&
dertmp
);
EVP_Digest
(
der
,
derlen
,
SHA1md
,
NULL
,
EVP_sha1
(),
NULL
);
if
(
!
EVP_Digest
(
der
,
derlen
,
SHA1md
,
NULL
,
EVP_sha1
(),
NULL
))
goto
err
;
for
(
i
=
0
;
i
<
SHA_DIGEST_LENGTH
;
i
++
)
{
if
(
BIO_printf
(
bp
,
"%02X"
,
SHA1md
[
i
])
<=
0
)
goto
err
;
...
...
@@ -268,8 +269,10 @@ int X509_ocspid_print (BIO *bp, X509 *x)
if
(
BIO_printf
(
bp
,
"
\n
Public key OCSP hash: "
)
<=
0
)
goto
err
;
EVP_Digest
(
x
->
cert_info
->
key
->
public_key
->
data
,
x
->
cert_info
->
key
->
public_key
->
length
,
SHA1md
,
NULL
,
EVP_sha1
(),
NULL
);
if
(
!
EVP_Digest
(
x
->
cert_info
->
key
->
public_key
->
data
,
x
->
cert_info
->
key
->
public_key
->
length
,
SHA1md
,
NULL
,
EVP_sha1
(),
NULL
))
goto
err
;
for
(
i
=
0
;
i
<
SHA_DIGEST_LENGTH
;
i
++
)
{
if
(
BIO_printf
(
bp
,
"%02X"
,
SHA1md
[
i
])
<=
0
)
...
...
crypto/cms/cms_lib.c
浏览文件 @
b6dcdbfc
...
...
@@ -407,10 +407,7 @@ int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
}
BIO_get_md_ctx
(
chain
,
&
mtmp
);
if
(
EVP_MD_CTX_type
(
mtmp
)
==
nid
)
{
EVP_MD_CTX_copy_ex
(
mctx
,
mtmp
);
return
1
;
}
return
EVP_MD_CTX_copy_ex
(
mctx
,
mtmp
);
chain
=
BIO_next
(
chain
);
}
}
...
...
crypto/cms/cms_sd.c
浏览文件 @
b6dcdbfc
...
...
@@ -641,7 +641,8 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
cms
->
d
.
signedData
->
encapContentInfo
->
eContentType
;
unsigned
char
md
[
EVP_MAX_MD_SIZE
];
unsigned
int
mdlen
;
EVP_DigestFinal_ex
(
&
mctx
,
md
,
&
mdlen
);
if
(
!
EVP_DigestFinal_ex
(
&
mctx
,
md
,
&
mdlen
))
goto
err
;
if
(
!
CMS_signed_add1_attr_by_NID
(
si
,
NID_pkcs9_messageDigest
,
V_ASN1_OCTET_STRING
,
md
,
mdlen
))
...
...
crypto/dsa/dsa_gen.c
浏览文件 @
b6dcdbfc
...
...
@@ -201,8 +201,10 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
}
/* step 2 */
EVP_Digest
(
seed
,
qsize
,
md
,
NULL
,
evpmd
,
NULL
);
EVP_Digest
(
buf
,
qsize
,
buf2
,
NULL
,
evpmd
,
NULL
);
if
(
!
EVP_Digest
(
seed
,
qsize
,
md
,
NULL
,
evpmd
,
NULL
))
goto
err
;
if
(
!
EVP_Digest
(
buf
,
qsize
,
buf2
,
NULL
,
evpmd
,
NULL
))
goto
err
;
for
(
i
=
0
;
i
<
qsize
;
i
++
)
md
[
i
]
^=
buf2
[
i
];
...
...
@@ -252,7 +254,9 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
break
;
}
EVP_Digest
(
buf
,
qsize
,
md
,
NULL
,
evpmd
,
NULL
);
if
(
!
EVP_Digest
(
buf
,
qsize
,
md
,
NULL
,
evpmd
,
NULL
))
goto
err
;
/* step 8 */
if
(
!
BN_bin2bn
(
md
,
qsize
,
r0
))
...
...
crypto/evp/bio_enc.c
浏览文件 @
b6dcdbfc
...
...
@@ -198,9 +198,13 @@ static int enc_read(BIO *b, char *out, int outl)
}
else
{
EVP_CipherUpdate
(
&
(
ctx
->
cipher
),
if
(
!
EVP_CipherUpdate
(
&
(
ctx
->
cipher
),
(
unsigned
char
*
)
ctx
->
buf
,
&
ctx
->
buf_len
,
(
unsigned
char
*
)
&
(
ctx
->
buf
[
BUF_OFFSET
]),
i
);
(
unsigned
char
*
)
&
(
ctx
->
buf
[
BUF_OFFSET
]),
i
))
{
BIO_clear_retry_flags
(
b
);
return
0
;
}
ctx
->
cont
=
1
;
/* Note: it is possible for EVP_CipherUpdate to
* decrypt zero bytes because this is or looks like
...
...
@@ -257,9 +261,13 @@ static int enc_write(BIO *b, const char *in, int inl)
while
(
inl
>
0
)
{
n
=
(
inl
>
ENC_BLOCK_SIZE
)
?
ENC_BLOCK_SIZE
:
inl
;
EVP_CipherUpdate
(
&
(
ctx
->
cipher
),
if
(
!
EVP_CipherUpdate
(
&
(
ctx
->
cipher
),
(
unsigned
char
*
)
ctx
->
buf
,
&
ctx
->
buf_len
,
(
unsigned
char
*
)
in
,
n
);
(
unsigned
char
*
)
in
,
n
))
{
BIO_clear_retry_flags
(
b
);
return
0
;
}
inl
-=
n
;
in
+=
n
;
...
...
@@ -298,8 +306,9 @@ static long enc_ctrl(BIO *b, int cmd, long num, void *ptr)
case
BIO_CTRL_RESET
:
ctx
->
ok
=
1
;
ctx
->
finished
=
0
;
EVP_CipherInit_ex
(
&
(
ctx
->
cipher
),
NULL
,
NULL
,
NULL
,
NULL
,
ctx
->
cipher
.
encrypt
);
if
(
!
EVP_CipherInit_ex
(
&
(
ctx
->
cipher
),
NULL
,
NULL
,
NULL
,
NULL
,
ctx
->
cipher
.
encrypt
))
return
0
;
ret
=
BIO_ctrl
(
b
->
next_bio
,
cmd
,
num
,
ptr
);
break
;
case
BIO_CTRL_EOF
:
/* More to read */
...
...
@@ -405,22 +414,24 @@ EVP_CIPHER_ctx *c;
}
*/
void
BIO_set_cipher
(
BIO
*
b
,
const
EVP_CIPHER
*
c
,
const
unsigned
char
*
k
,
int
BIO_set_cipher
(
BIO
*
b
,
const
EVP_CIPHER
*
c
,
const
unsigned
char
*
k
,
const
unsigned
char
*
i
,
int
e
)
{
BIO_ENC_CTX
*
ctx
;
if
(
b
==
NULL
)
return
;
if
(
b
==
NULL
)
return
0
;
if
((
b
->
callback
!=
NULL
)
&&
(
b
->
callback
(
b
,
BIO_CB_CTRL
,(
const
char
*
)
c
,
BIO_CTRL_SET
,
e
,
0L
)
<=
0
))
return
;
return
0
;
b
->
init
=
1
;
ctx
=
(
BIO_ENC_CTX
*
)
b
->
ptr
;
EVP_CipherInit_ex
(
&
(
ctx
->
cipher
),
c
,
NULL
,
k
,
i
,
e
);
if
(
!
EVP_CipherInit_ex
(
&
(
ctx
->
cipher
),
c
,
NULL
,
k
,
i
,
e
))
return
0
;
if
(
b
->
callback
!=
NULL
)
b
->
callback
(
b
,
BIO_CB_CTRL
,(
const
char
*
)
c
,
BIO_CTRL_SET
,
e
,
1L
);
return
b
->
callback
(
b
,
BIO_CB_CTRL
,(
const
char
*
)
c
,
BIO_CTRL_SET
,
e
,
1L
);
return
1
;
}
crypto/evp/bio_md.c
浏览文件 @
b6dcdbfc
...
...
@@ -153,8 +153,12 @@ static int md_write(BIO *b, const char *in, int inl)
{
if
(
ret
>
0
)
{
EVP_DigestUpdate
(
ctx
,(
const
unsigned
char
*
)
in
,
(
unsigned
int
)
ret
);
if
(
!
EVP_DigestUpdate
(
ctx
,(
const
unsigned
char
*
)
in
,
(
unsigned
int
)
ret
))
{
BIO_clear_retry_flags
(
b
);
return
0
;
}
}
}
if
(
b
->
next_bio
!=
NULL
)
...
...
@@ -220,7 +224,8 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr)
case
BIO_CTRL_DUP
:
dbio
=
ptr
;
dctx
=
dbio
->
ptr
;
EVP_MD_CTX_copy_ex
(
dctx
,
ctx
);
if
(
!
EVP_MD_CTX_copy_ex
(
dctx
,
ctx
))
return
0
;
b
->
init
=
1
;
break
;
default:
...
...
crypto/evp/bio_ok.c
浏览文件 @
b6dcdbfc
...
...
@@ -133,10 +133,10 @@ static int ok_new(BIO *h);
static
int
ok_free
(
BIO
*
data
);
static
long
ok_callback_ctrl
(
BIO
*
h
,
int
cmd
,
bio_info_cb
*
fp
);
static
void
sig_out
(
BIO
*
b
);
static
void
sig_in
(
BIO
*
b
);
static
void
block_out
(
BIO
*
b
);
static
void
block_in
(
BIO
*
b
);
static
__owur
int
sig_out
(
BIO
*
b
);
static
__owur
int
sig_in
(
BIO
*
b
);
static
__owur
int
block_out
(
BIO
*
b
);
static
__owur
int
block_in
(
BIO
*
b
);
#define OK_BLOCK_SIZE (1024*4)
#define OK_BLOCK_BLOCK 4
#define IOBS (OK_BLOCK_SIZE+ OK_BLOCK_BLOCK+ 3*EVP_MAX_MD_SIZE)
...
...
@@ -266,10 +266,24 @@ static int ok_read(BIO *b, char *out, int outl)
ctx
->
buf_len
+=
i
;
/* no signature yet -- check if we got one */
if
(
ctx
->
sigio
==
1
)
sig_in
(
b
);
if
(
ctx
->
sigio
==
1
)
{
if
(
!
sig_in
(
b
))
{
BIO_clear_retry_flags
(
b
);
return
0
;
}
}
/* signature ok -- check if we got block */
if
(
ctx
->
sigio
==
0
)
block_in
(
b
);
if
(
ctx
->
sigio
==
0
)
{
if
(
!
block_in
(
b
))
{
BIO_clear_retry_flags
(
b
);
return
0
;
}
}
/* invalid block -- cancel */
if
(
ctx
->
cont
<=
0
)
break
;
...
...
@@ -293,7 +307,8 @@ static int ok_write(BIO *b, const char *in, int inl)
if
((
ctx
==
NULL
)
||
(
b
->
next_bio
==
NULL
)
||
(
b
->
init
==
0
))
return
(
0
);
if
(
ctx
->
sigio
)
sig_out
(
b
);
if
(
ctx
->
sigio
&&
!
sig_out
(
b
))
return
0
;
do
{
BIO_clear_retry_flags
(
b
);
...
...
@@ -332,7 +347,11 @@ static int ok_write(BIO *b, const char *in, int inl)
if
(
ctx
->
buf_len
>=
OK_BLOCK_SIZE
+
OK_BLOCK_BLOCK
)
{
block_out
(
b
);
if
(
!
block_out
(
b
))
{
BIO_clear_retry_flags
(
b
);
return
0
;
}
}
}
while
(
inl
>
0
);
...
...
@@ -379,7 +398,8 @@ static long ok_ctrl(BIO *b, int cmd, long num, void *ptr)
case
BIO_CTRL_FLUSH
:
/* do a final write */
if
(
ctx
->
blockout
==
0
)
block_out
(
b
);
if
(
!
block_out
(
b
))
return
0
;
while
(
ctx
->
blockout
)
{
...
...
@@ -408,7 +428,8 @@ static long ok_ctrl(BIO *b, int cmd, long num, void *ptr)
break
;
case
BIO_C_SET_MD
:
md
=
ptr
;
EVP_DigestInit_ex
(
&
ctx
->
md
,
md
,
NULL
);
if
(
!
EVP_DigestInit_ex
(
&
ctx
->
md
,
md
,
NULL
))
return
0
;
b
->
init
=
1
;
break
;
case
BIO_C_GET_MD
:
...
...
@@ -455,7 +476,7 @@ static void longswap(void *_ptr, size_t len)
}
}
static
void
sig_out
(
BIO
*
b
)
static
int
sig_out
(
BIO
*
b
)
{
BIO_OK_CTX
*
ctx
;
EVP_MD_CTX
*
md
;
...
...
@@ -463,9 +484,10 @@ static void sig_out(BIO* b)
ctx
=
b
->
ptr
;
md
=&
ctx
->
md
;
if
(
ctx
->
buf_len
+
2
*
md
->
digest
->
md_size
>
OK_BLOCK_SIZE
)
return
;
if
(
ctx
->
buf_len
+
2
*
md
->
digest
->
md_size
>
OK_BLOCK_SIZE
)
return
1
;
EVP_DigestInit_ex
(
md
,
md
->
digest
,
NULL
);
if
(
!
EVP_DigestInit_ex
(
md
,
md
->
digest
,
NULL
))
goto
berr
;
/* FIXME: there's absolutely no guarantee this makes any sense at all,
* particularly now EVP_MD_CTX has been restructured.
*/
...
...
@@ -474,14 +496,20 @@ static void sig_out(BIO* b)
longswap
(
&
(
ctx
->
buf
[
ctx
->
buf_len
]),
md
->
digest
->
md_size
);
ctx
->
buf_len
+=
md
->
digest
->
md_size
;
EVP_DigestUpdate
(
md
,
WELLKNOWN
,
strlen
(
WELLKNOWN
));
EVP_DigestFinal_ex
(
md
,
&
(
ctx
->
buf
[
ctx
->
buf_len
]),
NULL
);
if
(
!
EVP_DigestUpdate
(
md
,
WELLKNOWN
,
strlen
(
WELLKNOWN
)))
goto
berr
;
if
(
!
EVP_DigestFinal_ex
(
md
,
&
(
ctx
->
buf
[
ctx
->
buf_len
]),
NULL
))
goto
berr
;
ctx
->
buf_len
+=
md
->
digest
->
md_size
;
ctx
->
blockout
=
1
;
ctx
->
sigio
=
0
;
return
1
;
berr:
BIO_clear_retry_flags
(
b
);
return
0
;
}
static
void
sig_in
(
BIO
*
b
)
static
int
sig_in
(
BIO
*
b
)
{
BIO_OK_CTX
*
ctx
;
EVP_MD_CTX
*
md
;
...
...
@@ -491,15 +519,18 @@ static void sig_in(BIO* b)
ctx
=
b
->
ptr
;
md
=&
ctx
->
md
;
if
((
int
)(
ctx
->
buf_len
-
ctx
->
buf_off
)
<
2
*
md
->
digest
->
md_size
)
return
;
if
((
int
)(
ctx
->
buf_len
-
ctx
->
buf_off
)
<
2
*
md
->
digest
->
md_size
)
return
1
;
EVP_DigestInit_ex
(
md
,
md
->
digest
,
NULL
);
if
(
!
EVP_DigestInit_ex
(
md
,
md
->
digest
,
NULL
))
goto
berr
;
memcpy
(
md
->
md_data
,
&
(
ctx
->
buf
[
ctx
->
buf_off
]),
md
->
digest
->
md_size
);
longswap
(
md
->
md_data
,
md
->
digest
->
md_size
);
ctx
->
buf_off
+=
md
->
digest
->
md_size
;
EVP_DigestUpdate
(
md
,
WELLKNOWN
,
strlen
(
WELLKNOWN
));
EVP_DigestFinal_ex
(
md
,
tmp
,
NULL
);
if
(
!
EVP_DigestUpdate
(
md
,
WELLKNOWN
,
strlen
(
WELLKNOWN
)))
goto
berr
;
if
(
!
EVP_DigestFinal_ex
(
md
,
tmp
,
NULL
))
goto
berr
;
ret
=
memcmp
(
&
(
ctx
->
buf
[
ctx
->
buf_off
]),
tmp
,
md
->
digest
->
md_size
)
==
0
;
ctx
->
buf_off
+=
md
->
digest
->
md_size
;
if
(
ret
==
1
)
...
...
@@ -516,9 +547,13 @@ static void sig_in(BIO* b)
{
ctx
->
cont
=
0
;
}
return
1
;
berr:
BIO_clear_retry_flags
(
b
);
return
0
;
}
static
void
block_out
(
BIO
*
b
)
static
int
block_out
(
BIO
*
b
)
{
BIO_OK_CTX
*
ctx
;
EVP_MD_CTX
*
md
;
...
...
@@ -532,13 +567,20 @@ static void block_out(BIO* b)
ctx
->
buf
[
1
]
=
(
unsigned
char
)(
tl
>>
16
);
ctx
->
buf
[
2
]
=
(
unsigned
char
)(
tl
>>
8
);
ctx
->
buf
[
3
]
=
(
unsigned
char
)(
tl
);
EVP_DigestUpdate
(
md
,
(
unsigned
char
*
)
&
(
ctx
->
buf
[
OK_BLOCK_BLOCK
]),
tl
);
EVP_DigestFinal_ex
(
md
,
&
(
ctx
->
buf
[
ctx
->
buf_len
]),
NULL
);
if
(
!
EVP_DigestUpdate
(
md
,
(
unsigned
char
*
)
&
(
ctx
->
buf
[
OK_BLOCK_BLOCK
]),
tl
))
goto
berr
;
if
(
!
EVP_DigestFinal_ex
(
md
,
&
(
ctx
->
buf
[
ctx
->
buf_len
]),
NULL
))
goto
berr
;
ctx
->
buf_len
+=
md
->
digest
->
md_size
;
ctx
->
blockout
=
1
;
return
1
;
berr:
BIO_clear_retry_flags
(
b
);
return
0
;
}
static
void
block_in
(
BIO
*
b
)
static
int
block_in
(
BIO
*
b
)
{
BIO_OK_CTX
*
ctx
;
EVP_MD_CTX
*
md
;
...
...
@@ -554,10 +596,13 @@ static void block_in(BIO* b)
tl
|=
ctx
->
buf
[
2
];
tl
<<=
8
;
tl
|=
ctx
->
buf
[
3
];
if
(
ctx
->
buf_len
<
tl
+
OK_BLOCK_BLOCK
+
md
->
digest
->
md_size
)
return
;
if
(
ctx
->
buf_len
<
tl
+
OK_BLOCK_BLOCK
+
md
->
digest
->
md_size
)
return
1
;
EVP_DigestUpdate
(
md
,
(
unsigned
char
*
)
&
(
ctx
->
buf
[
OK_BLOCK_BLOCK
]),
tl
);
EVP_DigestFinal_ex
(
md
,
tmp
,
NULL
);
if
(
!
EVP_DigestUpdate
(
md
,
(
unsigned
char
*
)
&
(
ctx
->
buf
[
OK_BLOCK_BLOCK
]),
tl
))
goto
berr
;
if
(
!
EVP_DigestFinal_ex
(
md
,
tmp
,
NULL
))
goto
berr
;
if
(
memcmp
(
&
(
ctx
->
buf
[
tl
+
OK_BLOCK_BLOCK
]),
tmp
,
md
->
digest
->
md_size
)
==
0
)
{
/* there might be parts from next block lurking around ! */
...
...
@@ -571,5 +616,9 @@ static void block_in(BIO* b)
{
ctx
->
cont
=
0
;
}
return
1
;
berr:
BIO_clear_retry_flags
(
b
);
return
0
;
}
crypto/evp/e_rc2.c
浏览文件 @
b6dcdbfc
...
...
@@ -183,7 +183,8 @@ static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
key_bits
=
rc2_magic_to_meth
((
int
)
num
);
if
(
!
key_bits
)
return
(
-
1
);
if
(
i
>
0
)
EVP_CipherInit_ex
(
c
,
NULL
,
NULL
,
NULL
,
iv
,
-
1
);
if
(
i
>
0
&&
!
EVP_CipherInit_ex
(
c
,
NULL
,
NULL
,
NULL
,
iv
,
-
1
))
return
-
1
;
EVP_CIPHER_CTX_ctrl
(
c
,
EVP_CTRL_SET_RC2_KEY_BITS
,
key_bits
,
NULL
);
EVP_CIPHER_CTX_set_key_length
(
c
,
key_bits
/
8
);
}
...
...
crypto/evp/evp_key.c
浏览文件 @
b6dcdbfc
...
...
@@ -115,7 +115,7 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
unsigned
char
md_buf
[
EVP_MAX_MD_SIZE
];
int
niv
,
nkey
,
addmd
=
0
;
unsigned
int
mds
=
0
,
i
;
int
rv
=
0
;
nkey
=
type
->
key_len
;
niv
=
type
->
iv_len
;
OPENSSL_assert
(
nkey
<=
EVP_MAX_KEY_LENGTH
);
...
...
@@ -129,17 +129,24 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
if
(
!
EVP_DigestInit_ex
(
&
c
,
md
,
NULL
))
return
0
;
if
(
addmd
++
)
EVP_DigestUpdate
(
&
c
,
&
(
md_buf
[
0
]),
mds
);
EVP_DigestUpdate
(
&
c
,
data
,
datal
);
if
(
!
EVP_DigestUpdate
(
&
c
,
&
(
md_buf
[
0
]),
mds
))
goto
err
;
if
(
!
EVP_DigestUpdate
(
&
c
,
data
,
datal
))
goto
err
;
if
(
salt
!=
NULL
)
EVP_DigestUpdate
(
&
c
,
salt
,
PKCS5_SALT_LEN
);
EVP_DigestFinal_ex
(
&
c
,
&
(
md_buf
[
0
]),
&
mds
);
if
(
!
EVP_DigestUpdate
(
&
c
,
salt
,
PKCS5_SALT_LEN
))
goto
err
;
if
(
!
EVP_DigestFinal_ex
(
&
c
,
&
(
md_buf
[
0
]),
&
mds
))
goto
err
;
for
(
i
=
1
;
i
<
(
unsigned
int
)
count
;
i
++
)
{
EVP_DigestInit_ex
(
&
c
,
md
,
NULL
);
EVP_DigestUpdate
(
&
c
,
&
(
md_buf
[
0
]),
mds
);
EVP_DigestFinal_ex
(
&
c
,
&
(
md_buf
[
0
]),
&
mds
);
if
(
!
EVP_DigestInit_ex
(
&
c
,
md
,
NULL
))
goto
err
;
if
(
!
EVP_DigestUpdate
(
&
c
,
&
(
md_buf
[
0
]),
mds
))
goto
err
;
if
(
!
EVP_DigestFinal_ex
(
&
c
,
&
(
md_buf
[
0
]),
&
mds
))
goto
err
;
}
i
=
0
;
if
(
nkey
)
...
...
@@ -168,8 +175,10 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
}
if
((
nkey
==
0
)
&&
(
niv
==
0
))
break
;
}
rv
=
type
->
key_len
;
err:
EVP_MD_CTX_cleanup
(
&
c
);
OPENSSL_cleanse
(
&
(
md_buf
[
0
]),
EVP_MAX_MD_SIZE
);
return
(
type
->
key_len
)
;
return
rv
;
}
crypto/evp/p5_crpt.c
浏览文件 @
b6dcdbfc
...
...
@@ -82,6 +82,8 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
unsigned
char
*
salt
;
const
unsigned
char
*
pbuf
;
int
mdsize
;
int
rv
=
0
;
EVP_MD_CTX_init
(
&
ctx
);
/* Extract useful info from parameter */
if
(
param
==
NULL
||
param
->
type
!=
V_ASN1_SEQUENCE
||
...
...
@@ -104,29 +106,37 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
if
(
!
pass
)
passlen
=
0
;
else
if
(
passlen
==
-
1
)
passlen
=
strlen
(
pass
);
EVP_MD_CTX_init
(
&
ctx
);
EVP_DigestInit_ex
(
&
ctx
,
md
,
NULL
);
EVP_DigestUpdate
(
&
ctx
,
pass
,
passlen
);
EVP_DigestUpdate
(
&
ctx
,
salt
,
saltlen
);
if
(
!
EVP_DigestInit_ex
(
&
ctx
,
md
,
NULL
))
goto
err
;
if
(
!
EVP_DigestUpdate
(
&
ctx
,
pass
,
passlen
))
goto
err
;
if
(
!
EVP_DigestUpdate
(
&
ctx
,
salt
,
saltlen
))
goto
err
;
PBEPARAM_free
(
pbe
);
EVP_DigestFinal_ex
(
&
ctx
,
md_tmp
,
NULL
);
if
(
!
EVP_DigestFinal_ex
(
&
ctx
,
md_tmp
,
NULL
))
goto
err
;
mdsize
=
EVP_MD_size
(
md
);
if
(
mdsize
<
0
)
return
0
;
for
(
i
=
1
;
i
<
iter
;
i
++
)
{
EVP_DigestInit_ex
(
&
ctx
,
md
,
NULL
);
EVP_DigestUpdate
(
&
ctx
,
md_tmp
,
mdsize
);
EVP_DigestFinal_ex
(
&
ctx
,
md_tmp
,
NULL
);
if
(
!
EVP_DigestInit_ex
(
&
ctx
,
md
,
NULL
))
goto
err
;
if
(
!
EVP_DigestUpdate
(
&
ctx
,
md_tmp
,
mdsize
))
goto
err
;
if
(
!
EVP_DigestFinal_ex
(
&
ctx
,
md_tmp
,
NULL
))
goto
err
;
}
EVP_MD_CTX_cleanup
(
&
ctx
);
OPENSSL_assert
(
EVP_CIPHER_key_length
(
cipher
)
<=
(
int
)
sizeof
(
md_tmp
));
memcpy
(
key
,
md_tmp
,
EVP_CIPHER_key_length
(
cipher
));
OPENSSL_assert
(
EVP_CIPHER_iv_length
(
cipher
)
<=
16
);
memcpy
(
iv
,
md_tmp
+
(
16
-
EVP_CIPHER_iv_length
(
cipher
)),
EVP_CIPHER_iv_length
(
cipher
));
EVP_CipherInit_ex
(
cctx
,
cipher
,
NULL
,
key
,
iv
,
en_de
);
if
(
!
EVP_CipherInit_ex
(
cctx
,
cipher
,
NULL
,
key
,
iv
,
en_de
))
goto
err
;
OPENSSL_cleanse
(
md_tmp
,
EVP_MAX_MD_SIZE
);
OPENSSL_cleanse
(
key
,
EVP_MAX_KEY_LENGTH
);
OPENSSL_cleanse
(
iv
,
EVP_MAX_IV_LENGTH
);
return
1
;
rv
=
1
;
err:
return
rv
;
}
crypto/evp/p5_crpt2.c
浏览文件 @
b6dcdbfc
...
...
@@ -110,10 +110,14 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
itmp
[
1
]
=
(
unsigned
char
)((
i
>>
16
)
&
0xff
);
itmp
[
2
]
=
(
unsigned
char
)((
i
>>
8
)
&
0xff
);
itmp
[
3
]
=
(
unsigned
char
)(
i
&
0xff
);
HMAC_Init_ex
(
&
hctx
,
pass
,
passlen
,
digest
,
NULL
);
HMAC_Update
(
&
hctx
,
salt
,
saltlen
);
HMAC_Update
(
&
hctx
,
itmp
,
4
);
HMAC_Final
(
&
hctx
,
digtmp
,
NULL
);
if
(
!
HMAC_Init_ex
(
&
hctx
,
pass
,
passlen
,
digest
,
NULL
)
||
!
HMAC_Update
(
&
hctx
,
salt
,
saltlen
)
||
!
HMAC_Update
(
&
hctx
,
itmp
,
4
)
||
!
HMAC_Final
(
&
hctx
,
digtmp
,
NULL
))
{
HMAC_CTX_cleanup
(
&
hctx
);
return
0
;
}
memcpy
(
p
,
digtmp
,
cplen
);
for
(
j
=
1
;
j
<
iter
;
j
++
)
{
...
...
@@ -211,7 +215,11 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
}
/* Fixup cipher based on AlgorithmIdentifier */
EVP_CipherInit_ex
(
ctx
,
cipher
,
NULL
,
NULL
,
NULL
,
en_de
);
if
(
!
EVP_CipherInit_ex
(
ctx
,
cipher
,
NULL
,
NULL
,
NULL
,
en_de
))
{
EVPerr
(
EVP_F_PKCS5_V2_PBE_KEYIVGEN
,
ERR_R_EVP_LIB
);
goto
err
;
}
if
(
EVP_CIPHER_asn1_to_param
(
ctx
,
pbe2
->
encryption
->
parameter
)
<
0
)
{
EVPerr
(
EVP_F_PKCS5_V2_PBE_KEYIVGEN
,
EVP_R_CIPHER_PARAMETER_ERROR
);
...
...
@@ -278,7 +286,11 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
if
(
!
PKCS5_PBKDF2_HMAC
(
pass
,
passlen
,
salt
,
saltlen
,
iter
,
prfmd
,
keylen
,
key
))
goto
err
;
EVP_CipherInit_ex
(
ctx
,
NULL
,
NULL
,
key
,
NULL
,
en_de
);
if
(
!
EVP_CipherInit_ex
(
ctx
,
NULL
,
NULL
,
key
,
NULL
,
en_de
))
{
EVPerr
(
EVP_F_PKCS5_V2_PBE_KEYIVGEN
,
ERR_R_EVP_LIB
);
goto
err
;
}
OPENSSL_cleanse
(
key
,
keylen
);
PBKDF2PARAM_free
(
kdf
);
return
1
;
...
...
crypto/evp/p_open.c
浏览文件 @
b6dcdbfc
...
...
@@ -115,7 +115,8 @@ int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
int
i
;
i
=
EVP_DecryptFinal_ex
(
ctx
,
out
,
outl
);
EVP_DecryptInit_ex
(
ctx
,
NULL
,
NULL
,
NULL
,
NULL
);
if
(
i
)
i
=
EVP_DecryptInit_ex
(
ctx
,
NULL
,
NULL
,
NULL
,
NULL
);
return
(
i
);
}
#else
/* !OPENSSL_NO_RSA */
...
...
crypto/evp/p_seal.c
浏览文件 @
b6dcdbfc
...
...
@@ -110,6 +110,7 @@ int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
{
int
i
;
i
=
EVP_EncryptFinal_ex
(
ctx
,
out
,
outl
);
EVP_EncryptInit_ex
(
ctx
,
NULL
,
NULL
,
NULL
,
NULL
);
if
(
i
)
i
=
EVP_EncryptInit_ex
(
ctx
,
NULL
,
NULL
,
NULL
,
NULL
);
return
i
;
}
crypto/evp/p_sign.c
浏览文件 @
b6dcdbfc
...
...
@@ -85,8 +85,10 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
*
siglen
=
0
;
EVP_MD_CTX_init
(
&
tmp_ctx
);
EVP_MD_CTX_copy_ex
(
&
tmp_ctx
,
ctx
);
EVP_DigestFinal_ex
(
&
tmp_ctx
,
&
(
m
[
0
]),
&
m_len
);
if
(
!
EVP_MD_CTX_copy_ex
(
&
tmp_ctx
,
ctx
))
goto
err
;
if
(
!
EVP_DigestFinal_ex
(
&
tmp_ctx
,
&
(
m
[
0
]),
&
m_len
))
goto
err
;
EVP_MD_CTX_cleanup
(
&
tmp_ctx
);
if
(
ctx
->
digest
->
flags
&
EVP_MD_FLAG_PKEY_METHOD_SIGNATURE
)
...
...
crypto/evp/p_verify.c
浏览文件 @
b6dcdbfc
...
...
@@ -71,8 +71,10 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
MS_STATIC
EVP_MD_CTX
tmp_ctx
;
EVP_MD_CTX_init
(
&
tmp_ctx
);
EVP_MD_CTX_copy_ex
(
&
tmp_ctx
,
ctx
);
EVP_DigestFinal_ex
(
&
tmp_ctx
,
&
(
m
[
0
]),
&
m_len
);
if
(
!
EVP_MD_CTX_copy_ex
(
&
tmp_ctx
,
ctx
))
goto
err
;
if
(
!
EVP_DigestFinal_ex
(
&
tmp_ctx
,
&
(
m
[
0
]),
&
m_len
))
goto
err
;
EVP_MD_CTX_cleanup
(
&
tmp_ctx
);
if
(
ctx
->
digest
->
flags
&
EVP_MD_FLAG_PKEY_METHOD_SIGNATURE
)
...
...
crypto/hmac/hm_pmeth.c
浏览文件 @
b6dcdbfc
...
...
@@ -100,7 +100,8 @@ static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
dctx
=
dst
->
data
;
dctx
->
md
=
sctx
->
md
;
HMAC_CTX_init
(
&
dctx
->
ctx
);
HMAC_CTX_copy
(
&
dctx
->
ctx
,
&
sctx
->
ctx
);
if
(
!
HMAC_CTX_copy
(
&
dctx
->
ctx
,
&
sctx
->
ctx
))
return
0
;
if
(
sctx
->
ktmp
.
data
)
{
if
(
!
ASN1_OCTET_STRING_set
(
&
dctx
->
ktmp
,
...
...
@@ -141,7 +142,8 @@ static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
static
int
int_update
(
EVP_MD_CTX
*
ctx
,
const
void
*
data
,
size_t
count
)
{
HMAC_PKEY_CTX
*
hctx
=
ctx
->
pctx
->
data
;
HMAC_Update
(
&
hctx
->
ctx
,
data
,
count
);
if
(
!
HMAC_Update
(
&
hctx
->
ctx
,
data
,
count
))
return
0
;
return
1
;
}
...
...
@@ -165,7 +167,8 @@ static int hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
if
(
!
sig
)
return
1
;
HMAC_Final
(
&
hctx
->
ctx
,
sig
,
&
hlen
);
if
(
!
HMAC_Final
(
&
hctx
->
ctx
,
sig
,
&
hlen
))
return
0
;
*
siglen
=
(
size_t
)
hlen
;
return
1
;
}
...
...
@@ -190,8 +193,9 @@ static int pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
case
EVP_PKEY_CTRL_DIGESTINIT
:
key
=
(
ASN1_OCTET_STRING
*
)
ctx
->
pkey
->
pkey
.
ptr
;
HMAC_Init_ex
(
&
hctx
->
ctx
,
key
->
data
,
key
->
length
,
hctx
->
md
,
ctx
->
engine
);
if
(
!
HMAC_Init_ex
(
&
hctx
->
ctx
,
key
->
data
,
key
->
length
,
hctx
->
md
,
ctx
->
engine
))
return
0
;
break
;
default:
...
...
crypto/ocsp/ocsp_lib.c
浏览文件 @
b6dcdbfc
...
...
@@ -124,7 +124,8 @@ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
if
(
!
(
ASN1_OCTET_STRING_set
(
cid
->
issuerNameHash
,
md
,
i
)))
goto
err
;
/* Calculate the issuerKey hash, excluding tag and length */
EVP_Digest
(
issuerKey
->
data
,
issuerKey
->
length
,
md
,
&
i
,
dgst
,
NULL
);
if
(
!
EVP_Digest
(
issuerKey
->
data
,
issuerKey
->
length
,
md
,
&
i
,
dgst
,
NULL
))
goto
err
;
if
(
!
(
ASN1_OCTET_STRING_set
(
cid
->
issuerKeyHash
,
md
,
i
)))
goto
err
;
...
...
crypto/pem/pem.h
浏览文件 @
b6dcdbfc
...
...
@@ -439,13 +439,13 @@ STACK_OF(X509_INFO) * PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
int
PEM_SealInit
(
PEM_ENCODE_SEAL_CTX
*
ctx
,
EVP_CIPHER
*
type
,
EVP_MD
*
md_type
,
unsigned
char
**
ek
,
int
*
ekl
,
unsigned
char
*
iv
,
EVP_PKEY
**
pubk
,
int
npubk
);
void
PEM_SealUpdate
(
PEM_ENCODE_SEAL_CTX
*
ctx
,
unsigned
char
*
out
,
int
*
outl
,
int
PEM_SealUpdate
(
PEM_ENCODE_SEAL_CTX
*
ctx
,
unsigned
char
*
out
,
int
*
outl
,
unsigned
char
*
in
,
int
inl
);
int
PEM_SealFinal
(
PEM_ENCODE_SEAL_CTX
*
ctx
,
unsigned
char
*
sig
,
int
*
sigl
,
unsigned
char
*
out
,
int
*
outl
,
EVP_PKEY
*
priv
);
void
PEM_SignInit
(
EVP_MD_CTX
*
ctx
,
EVP_MD
*
type
);
void
PEM_SignUpdate
(
EVP_MD_CTX
*
ctx
,
unsigned
char
*
d
,
unsigned
int
cnt
);
int
PEM_SignInit
(
EVP_MD_CTX
*
ctx
,
EVP_MD
*
type
);
int
PEM_SignUpdate
(
EVP_MD_CTX
*
ctx
,
unsigned
char
*
d
,
unsigned
int
cnt
);
int
PEM_SignFinal
(
EVP_MD_CTX
*
ctx
,
unsigned
char
*
sigret
,
unsigned
int
*
siglen
,
EVP_PKEY
*
pkey
);
...
...
crypto/pem/pem_lib.c
浏览文件 @
b6dcdbfc
...
...
@@ -394,7 +394,8 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
goto
err
;
/* The 'iv' is used as the iv and as a salt. It is
* NOT taken from the BytesToKey function */
EVP_BytesToKey
(
enc
,
EVP_md5
(),
iv
,
kstr
,
klen
,
1
,
key
,
NULL
);
if
(
!
EVP_BytesToKey
(
enc
,
EVP_md5
(),
iv
,
kstr
,
klen
,
1
,
key
,
NULL
))
goto
err
;
if
(
kstr
==
(
unsigned
char
*
)
buf
)
OPENSSL_cleanse
(
buf
,
PEM_BUFSIZE
);
...
...
@@ -406,12 +407,15 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
/* k=strlen(buf); */
EVP_CIPHER_CTX_init
(
&
ctx
);
EVP_EncryptInit_ex
(
&
ctx
,
enc
,
NULL
,
key
,
iv
);
EVP_EncryptUpdate
(
&
ctx
,
data
,
&
j
,
data
,
i
);
EVP_EncryptFinal_ex
(
&
ctx
,
&
(
data
[
j
]),
&
i
);
ret
=
1
;
if
(
!
EVP_EncryptInit_ex
(
&
ctx
,
enc
,
NULL
,
key
,
iv
)
||
!
EVP_EncryptUpdate
(
&
ctx
,
data
,
&
j
,
data
,
i
)
||
!
EVP_EncryptFinal_ex
(
&
ctx
,
&
(
data
[
j
]),
&
i
))
ret
=
0
;
EVP_CIPHER_CTX_cleanup
(
&
ctx
);
if
(
ret
==
0
)
goto
err
;
i
+=
j
;
ret
=
1
;
}
else
{
...
...
@@ -459,14 +463,17 @@ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
ebcdic2ascii
(
buf
,
buf
,
klen
);
#endif
EVP_BytesToKey
(
cipher
->
cipher
,
EVP_md5
(),
&
(
cipher
->
iv
[
0
]),
(
unsigned
char
*
)
buf
,
klen
,
1
,
key
,
NULL
);
if
(
!
EVP_BytesToKey
(
cipher
->
cipher
,
EVP_md5
(),
&
(
cipher
->
iv
[
0
]),
(
unsigned
char
*
)
buf
,
klen
,
1
,
key
,
NULL
))
return
0
;
j
=
(
int
)
len
;
EVP_CIPHER_CTX_init
(
&
ctx
);
EVP_DecryptInit_ex
(
&
ctx
,
cipher
->
cipher
,
NULL
,
key
,
&
(
cipher
->
iv
[
0
]));
EVP_DecryptUpdate
(
&
ctx
,
data
,
&
i
,
data
,
j
);
o
=
EVP_DecryptFinal_ex
(
&
ctx
,
&
(
data
[
i
]),
&
j
);
o
=
EVP_DecryptInit_ex
(
&
ctx
,
cipher
->
cipher
,
NULL
,
key
,
&
(
cipher
->
iv
[
0
]));
if
(
o
)
o
=
EVP_DecryptUpdate
(
&
ctx
,
data
,
&
i
,
data
,
j
);
if
(
o
)
o
=
EVP_DecryptFinal_ex
(
&
ctx
,
&
(
data
[
i
]),
&
j
);
EVP_CIPHER_CTX_cleanup
(
&
ctx
);
OPENSSL_cleanse
((
char
*
)
buf
,
sizeof
(
buf
));
OPENSSL_cleanse
((
char
*
)
key
,
sizeof
(
key
));
...
...
crypto/pem/pem_seal.c
浏览文件 @
b6dcdbfc
...
...
@@ -96,7 +96,8 @@ int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
EVP_EncodeInit
(
&
ctx
->
encode
);
EVP_MD_CTX_init
(
&
ctx
->
md
);
EVP_SignInit
(
&
ctx
->
md
,
md_type
);
if
(
!
EVP_SignInit
(
&
ctx
->
md
,
md_type
))
goto
err
;
EVP_CIPHER_CTX_init
(
&
ctx
->
cipher
);
ret
=
EVP_SealInit
(
&
ctx
->
cipher
,
type
,
ek
,
ekl
,
iv
,
pubk
,
npubk
);
...
...
@@ -118,14 +119,15 @@ err:
return
(
ret
);
}
void
PEM_SealUpdate
(
PEM_ENCODE_SEAL_CTX
*
ctx
,
unsigned
char
*
out
,
int
*
outl
,
int
PEM_SealUpdate
(
PEM_ENCODE_SEAL_CTX
*
ctx
,
unsigned
char
*
out
,
int
*
outl
,
unsigned
char
*
in
,
int
inl
)
{
unsigned
char
buffer
[
1600
];
int
i
,
j
;
*
outl
=
0
;
EVP_SignUpdate
(
&
ctx
->
md
,
in
,
inl
);
if
(
!
EVP_SignUpdate
(
&
ctx
->
md
,
in
,
inl
))
return
0
;
for
(;;)
{
if
(
inl
<=
0
)
break
;
...
...
@@ -133,13 +135,15 @@ void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
i
=
1200
;
else
i
=
inl
;
EVP_EncryptUpdate
(
&
ctx
->
cipher
,
buffer
,
&
j
,
in
,
i
);
if
(
!
EVP_EncryptUpdate
(
&
ctx
->
cipher
,
buffer
,
&
j
,
in
,
i
))
return
0
;
EVP_EncodeUpdate
(
&
ctx
->
encode
,
out
,
&
j
,
buffer
,
j
);
*
outl
+=
j
;
out
+=
j
;
in
+=
i
;
inl
-=
i
;
}
return
1
;
}
int
PEM_SealFinal
(
PEM_ENCODE_SEAL_CTX
*
ctx
,
unsigned
char
*
sig
,
int
*
sigl
,
...
...
@@ -163,7 +167,8 @@ int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
goto
err
;
}
EVP_EncryptFinal_ex
(
&
ctx
->
cipher
,
s
,(
int
*
)
&
i
);
if
(
!
EVP_EncryptFinal_ex
(
&
ctx
->
cipher
,
s
,(
int
*
)
&
i
))
goto
err
;
EVP_EncodeUpdate
(
&
ctx
->
encode
,
out
,
&
j
,
s
,
i
);
*
outl
=
j
;
out
+=
j
;
...
...
crypto/pem/pem_sign.c
浏览文件 @
b6dcdbfc
...
...
@@ -64,15 +64,15 @@
#include <openssl/x509.h>
#include <openssl/pem.h>
void
PEM_SignInit
(
EVP_MD_CTX
*
ctx
,
EVP_MD
*
type
)
int
PEM_SignInit
(
EVP_MD_CTX
*
ctx
,
EVP_MD
*
type
)
{
EVP_DigestInit_ex
(
ctx
,
type
,
NULL
);
return
EVP_DigestInit_ex
(
ctx
,
type
,
NULL
);
}
void
PEM_SignUpdate
(
EVP_MD_CTX
*
ctx
,
unsigned
char
*
data
,
int
PEM_SignUpdate
(
EVP_MD_CTX
*
ctx
,
unsigned
char
*
data
,
unsigned
int
count
)
{
EVP_DigestUpdate
(
ctx
,
data
,
count
);
return
EVP_DigestUpdate
(
ctx
,
data
,
count
);
}
int
PEM_SignFinal
(
EVP_MD_CTX
*
ctx
,
unsigned
char
*
sigret
,
unsigned
int
*
siglen
,
...
...
crypto/pem/pvkfmt.c
浏览文件 @
b6dcdbfc
...
...
@@ -707,13 +707,16 @@ static int derive_pvk_key(unsigned char *key,
const
unsigned
char
*
pass
,
int
passlen
)
{
EVP_MD_CTX
mctx
;
int
rv
=
1
;
EVP_MD_CTX_init
(
&
mctx
);
EVP_DigestInit_ex
(
&
mctx
,
EVP_sha1
(),
NULL
);
EVP_DigestUpdate
(
&
mctx
,
salt
,
saltlen
);
EVP_DigestUpdate
(
&
mctx
,
pass
,
passlen
);
EVP_DigestFinal_ex
(
&
mctx
,
key
,
NULL
);
if
(
!
EVP_DigestInit_ex
(
&
mctx
,
EVP_sha1
(),
NULL
)
||
!
EVP_DigestUpdate
(
&
mctx
,
salt
,
saltlen
)
||
!
EVP_DigestUpdate
(
&
mctx
,
pass
,
passlen
)
||
!
EVP_DigestFinal_ex
(
&
mctx
,
key
,
NULL
))
rv
=
0
;
EVP_MD_CTX_cleanup
(
&
mctx
);
return
1
;
return
rv
;
}
...
...
@@ -725,11 +728,12 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in,
const
unsigned
char
*
p
=
*
in
;
unsigned
int
magic
;
unsigned
char
*
enctmp
=
NULL
,
*
q
;
EVP_CIPHER_CTX
cctx
;
EVP_CIPHER_CTX_init
(
&
cctx
);
if
(
saltlen
)
{
char
psbuf
[
PEM_BUFSIZE
];
unsigned
char
keybuf
[
20
];
EVP_CIPHER_CTX
cctx
;
int
enctmplen
,
inlen
;
if
(
cb
)
inlen
=
cb
(
psbuf
,
PEM_BUFSIZE
,
0
,
u
);
...
...
@@ -755,37 +759,41 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in,
p
+=
8
;
inlen
=
keylen
-
8
;
q
=
enctmp
+
8
;
EVP_CIPHER_CTX_init
(
&
cctx
);
EVP_DecryptInit_ex
(
&
cctx
,
EVP_rc4
(),
NULL
,
keybuf
,
NULL
);
EVP_DecryptUpdate
(
&
cctx
,
q
,
&
enctmplen
,
p
,
inlen
);
EVP_DecryptFinal_ex
(
&
cctx
,
q
+
enctmplen
,
&
enctmplen
);
if
(
!
EVP_DecryptInit_ex
(
&
cctx
,
EVP_rc4
(),
NULL
,
keybuf
,
NULL
))
goto
err
;
if
(
!
EVP_DecryptUpdate
(
&
cctx
,
q
,
&
enctmplen
,
p
,
inlen
))
goto
err
;
if
(
!
EVP_DecryptFinal_ex
(
&
cctx
,
q
+
enctmplen
,
&
enctmplen
))
goto
err
;
magic
=
read_ledword
((
const
unsigned
char
**
)
&
q
);
if
(
magic
!=
MS_RSA2MAGIC
&&
magic
!=
MS_DSS2MAGIC
)
{
q
=
enctmp
+
8
;
memset
(
keybuf
+
5
,
0
,
11
);
EVP_DecryptInit_ex
(
&
cctx
,
EVP_rc4
(),
NULL
,
keybuf
,
NULL
);
if
(
!
EVP_DecryptInit_ex
(
&
cctx
,
EVP_rc4
(),
NULL
,
keybuf
,
NULL
))
goto
err
;
OPENSSL_cleanse
(
keybuf
,
20
);
EVP_DecryptUpdate
(
&
cctx
,
q
,
&
enctmplen
,
p
,
inlen
);
EVP_DecryptFinal_ex
(
&
cctx
,
q
+
enctmplen
,
&
enctmplen
);
if
(
!
EVP_DecryptUpdate
(
&
cctx
,
q
,
&
enctmplen
,
p
,
inlen
))
goto
err
;
if
(
!
EVP_DecryptFinal_ex
(
&
cctx
,
q
+
enctmplen
,
&
enctmplen
))
goto
err
;
magic
=
read_ledword
((
const
unsigned
char
**
)
&
q
);
if
(
magic
!=
MS_RSA2MAGIC
&&
magic
!=
MS_DSS2MAGIC
)
{
EVP_CIPHER_CTX_cleanup
(
&
cctx
);
PEMerr
(
PEM_F_DO_PVK_BODY
,
PEM_R_BAD_DECRYPT
);
goto
err
;
}
}
else
OPENSSL_cleanse
(
keybuf
,
20
);
EVP_CIPHER_CTX_cleanup
(
&
cctx
);
p
=
enctmp
;
}
ret
=
b2i_PrivateKey
(
&
p
,
keylen
);
err:
EVP_CIPHER_CTX_cleanup
(
&
cctx
);
if
(
enctmp
&&
saltlen
)
OPENSSL_free
(
enctmp
);
return
ret
;
...
...
@@ -839,6 +847,8 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel,
{
int
outlen
=
24
,
noinc
,
pklen
;
unsigned
char
*
p
,
*
salt
=
NULL
;
EVP_CIPHER_CTX
cctx
;
EVP_CIPHER_CTX_init
(
&
cctx
);
if
(
enclevel
)
outlen
+=
PVK_SALTLEN
;
pklen
=
do_i2b
(
NULL
,
pk
,
0
);
...
...
@@ -887,7 +897,6 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel,
{
char
psbuf
[
PEM_BUFSIZE
];
unsigned
char
keybuf
[
20
];
EVP_CIPHER_CTX
cctx
;
int
enctmplen
,
inlen
;
if
(
cb
)
inlen
=
cb
(
psbuf
,
PEM_BUFSIZE
,
1
,
u
);
...
...
@@ -904,16 +913,19 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel,
if
(
enclevel
==
1
)
memset
(
keybuf
+
5
,
0
,
11
);
p
=
salt
+
PVK_SALTLEN
+
8
;
EVP_CIPHER_CTX_init
(
&
cctx
);
EVP_EncryptInit_ex
(
&
cctx
,
EVP_rc4
(),
NULL
,
keybuf
,
NULL
)
;
if
(
!
EVP_EncryptInit_ex
(
&
cctx
,
EVP_rc4
(),
NULL
,
keybuf
,
NULL
))
goto
error
;
OPENSSL_cleanse
(
keybuf
,
20
);
EVP_DecryptUpdate
(
&
cctx
,
p
,
&
enctmplen
,
p
,
pklen
-
8
);
EVP_DecryptFinal_ex
(
&
cctx
,
p
+
enctmplen
,
&
enctmplen
);
EVP_CIPHER_CTX_cleanup
(
&
cctx
);
if
(
!
EVP_DecryptUpdate
(
&
cctx
,
p
,
&
enctmplen
,
p
,
pklen
-
8
))
goto
error
;
if
(
!
EVP_DecryptFinal_ex
(
&
cctx
,
p
+
enctmplen
,
&
enctmplen
))
goto
error
;
}
EVP_CIPHER_CTX_cleanup
(
&
cctx
);
return
outlen
;
error:
EVP_CIPHER_CTX_cleanup
(
&
cctx
);
return
-
1
;
}
...
...
crypto/pkcs12/p12_decr.c
浏览文件 @
b6dcdbfc
...
...
@@ -89,7 +89,15 @@ unsigned char * PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass,
goto
err
;
}
EVP_CipherUpdate
(
&
ctx
,
out
,
&
i
,
in
,
inlen
);
if
(
!
EVP_CipherUpdate
(
&
ctx
,
out
,
&
i
,
in
,
inlen
))
{
OPENSSL_free
(
out
);
out
=
NULL
;
PKCS12err
(
PKCS12_F_PKCS12_PBE_CRYPT
,
ERR_R_EVP_LIB
);
goto
err
;
}
outlen
+=
i
;
outlen
=
i
;
if
(
!
EVP_CipherFinal_ex
(
&
ctx
,
out
+
i
,
&
i
))
{
OPENSSL_free
(
out
);
...
...
crypto/pkcs12/p12_key.c
浏览文件 @
b6dcdbfc
...
...
@@ -153,14 +153,16 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
for
(
i
=
0
;
i
<
Slen
;
i
++
)
*
p
++
=
salt
[
i
%
saltlen
];
for
(
i
=
0
;
i
<
Plen
;
i
++
)
*
p
++
=
pass
[
i
%
passlen
];
for
(;;)
{
EVP_DigestInit_ex
(
&
ctx
,
md_type
,
NULL
);
EVP_DigestUpdate
(
&
ctx
,
D
,
v
);
EVP_DigestUpdate
(
&
ctx
,
I
,
Ilen
);
EVP_DigestFinal_ex
(
&
ctx
,
Ai
,
NULL
);
if
(
!
EVP_DigestInit_ex
(
&
ctx
,
md_type
,
NULL
)
||
!
EVP_DigestUpdate
(
&
ctx
,
D
,
v
)
||
!
EVP_DigestUpdate
(
&
ctx
,
I
,
Ilen
)
||
!
EVP_DigestFinal_ex
(
&
ctx
,
Ai
,
NULL
))
goto
err
;
for
(
j
=
1
;
j
<
iter
;
j
++
)
{
EVP_DigestInit_ex
(
&
ctx
,
md_type
,
NULL
);
EVP_DigestUpdate
(
&
ctx
,
Ai
,
u
);
EVP_DigestFinal_ex
(
&
ctx
,
Ai
,
NULL
);
if
(
!
EVP_DigestInit_ex
(
&
ctx
,
md_type
,
NULL
)
||
!
EVP_DigestUpdate
(
&
ctx
,
Ai
,
u
)
||
!
EVP_DigestFinal_ex
(
&
ctx
,
Ai
,
NULL
))
goto
err
;
}
memcpy
(
out
,
Ai
,
min
(
n
,
u
));
if
(
u
>=
n
)
{
...
...
@@ -201,6 +203,9 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
}
else
BN_bn2bin
(
Ij
,
I
+
j
);
}
}
err:
EVP_MD_CTX_cleanup
(
&
ctx
);
return
0
;
}
#ifdef DEBUG_KEYGEN
void
h__dump
(
unsigned
char
*
p
,
int
len
)
...
...
crypto/pkcs12/p12_mutl.c
浏览文件 @
b6dcdbfc
...
...
@@ -97,10 +97,14 @@ int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
return
0
;
}
HMAC_CTX_init
(
&
hmac
);
HMAC_Init_ex
(
&
hmac
,
key
,
md_size
,
md_type
,
NULL
);
HMAC_Update
(
&
hmac
,
p12
->
authsafes
->
d
.
data
->
data
,
p12
->
authsafes
->
d
.
data
->
length
);
HMAC_Final
(
&
hmac
,
mac
,
maclen
);
if
(
!
HMAC_Init_ex
(
&
hmac
,
key
,
md_size
,
md_type
,
NULL
)
||
!
HMAC_Update
(
&
hmac
,
p12
->
authsafes
->
d
.
data
->
data
,
p12
->
authsafes
->
d
.
data
->
length
)
||
!
HMAC_Final
(
&
hmac
,
mac
,
maclen
))
{
HMAC_CTX_cleanup
(
&
hmac
);
return
0
;
}
HMAC_CTX_cleanup
(
&
hmac
);
return
1
;
}
...
...
crypto/pkcs7/pk7_doit.c
浏览文件 @
b6dcdbfc
...
...
@@ -679,7 +679,11 @@ static int do_pkcs7_signed_attrib(PKCS7_SIGNER_INFO *si, EVP_MD_CTX *mctx)
}
/* Add digest */
EVP_DigestFinal_ex
(
mctx
,
md_data
,
&
md_len
);
if
(
!
EVP_DigestFinal_ex
(
mctx
,
md_data
,
&
md_len
))
{
PKCS7err
(
PKCS7_F_DO_PKCS7_SIGNED_ATTRIB
,
ERR_R_EVP_LIB
);
return
0
;
}
if
(
!
PKCS7_add1_attrib_digest
(
si
,
md_data
,
md_len
))
{
PKCS7err
(
PKCS7_F_DO_PKCS7_SIGNED_ATTRIB
,
ERR_R_MALLOC_FAILURE
);
...
...
@@ -787,7 +791,8 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
/* We now have the EVP_MD_CTX, lets do the
* signing. */
EVP_MD_CTX_copy_ex
(
&
ctx_tmp
,
mdc
);
if
(
!
EVP_MD_CTX_copy_ex
(
&
ctx_tmp
,
mdc
))
goto
err
;
sk
=
si
->
auth_attr
;
...
...
@@ -825,7 +830,8 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
if
(
!
PKCS7_find_digest
(
&
mdc
,
bio
,
OBJ_obj2nid
(
p7
->
d
.
digest
->
md
->
algorithm
)))
goto
err
;
EVP_DigestFinal_ex
(
mdc
,
md_data
,
&
md_len
);
if
(
!
EVP_DigestFinal_ex
(
mdc
,
md_data
,
&
md_len
))
goto
err
;
M_ASN1_OCTET_STRING_set
(
p7
->
d
.
digest
->
digest
,
md_data
,
md_len
);
}
...
...
@@ -1018,7 +1024,8 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
/* mdc is the digest ctx that we want, unless there are attributes,
* in which case the digest is the signed attributes */
EVP_MD_CTX_copy_ex
(
&
mdc_tmp
,
mdc
);
if
(
!
EVP_MD_CTX_copy_ex
(
&
mdc_tmp
,
mdc
))
goto
err
;
sk
=
si
->
auth_attr
;
if
((
sk
!=
NULL
)
&&
(
sk_X509_ATTRIBUTE_num
(
sk
)
!=
0
))
...
...
@@ -1028,7 +1035,8 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
int
alen
;
ASN1_OCTET_STRING
*
message_digest
;
EVP_DigestFinal_ex
(
&
mdc_tmp
,
md_dat
,
&
md_len
);
if
(
!
EVP_DigestFinal_ex
(
&
mdc_tmp
,
md_dat
,
&
md_len
))
goto
err
;
message_digest
=
PKCS7_digest_from_attributes
(
sk
);
if
(
!
message_digest
)
{
...
...
@@ -1053,7 +1061,8 @@ for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n");
goto
err
;
}
EVP_VerifyInit_ex
(
&
mdc_tmp
,
EVP_get_digestbynid
(
md_type
),
NULL
);
if
(
!
EVP_VerifyInit_ex
(
&
mdc_tmp
,
EVP_get_digestbynid
(
md_type
),
NULL
))
goto
err
;
alen
=
ASN1_item_i2d
((
ASN1_VALUE
*
)
sk
,
&
abuf
,
ASN1_ITEM_rptr
(
PKCS7_ATTR_VERIFY
));
...
...
@@ -1063,7 +1072,8 @@ for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n");
ret
=
-
1
;
goto
err
;
}
EVP_VerifyUpdate
(
&
mdc_tmp
,
abuf
,
alen
);
if
(
!
EVP_VerifyUpdate
(
&
mdc_tmp
,
abuf
,
alen
))
goto
err
;
OPENSSL_free
(
abuf
);
}
...
...
crypto/rand/md_rand.c
浏览文件 @
b6dcdbfc
...
...
@@ -155,8 +155,8 @@ int rand_predictable=0;
const
char
RAND_version
[]
=
"RAND"
OPENSSL_VERSION_PTEXT
;
static
void
ssleay_rand_cleanup
(
void
);
static
void
ssleay_rand_seed
(
const
void
*
buf
,
int
num
);
static
void
ssleay_rand_add
(
const
void
*
buf
,
int
num
,
double
add_entropy
);
static
int
ssleay_rand_seed
(
const
void
*
buf
,
int
num
);
static
int
ssleay_rand_add
(
const
void
*
buf
,
int
num
,
double
add_entropy
);
static
int
ssleay_rand_bytes
(
unsigned
char
*
buf
,
int
num
);
static
int
ssleay_rand_pseudo_bytes
(
unsigned
char
*
buf
,
int
num
);
static
int
ssleay_rand_status
(
void
);
...
...
@@ -187,13 +187,14 @@ static void ssleay_rand_cleanup(void)
initialized
=
0
;
}
static
void
ssleay_rand_add
(
const
void
*
buf
,
int
num
,
double
add
)
static
int
ssleay_rand_add
(
const
void
*
buf
,
int
num
,
double
add
)
{
int
i
,
j
,
k
,
st_idx
;
long
md_c
[
2
];
unsigned
char
local_md
[
MD_DIGEST_LENGTH
];
EVP_MD_CTX
m
;
int
do_not_lock
;
int
rv
=
0
;
/*
* (Based on the rand(3) manpage)
...
...
@@ -210,6 +211,7 @@ static void ssleay_rand_add(const void *buf, int num, double add)
* hash function.
*/
EVP_MD_CTX_init
(
&
m
);
/* check if we already have the lock */
if
(
crypto_lock_rand
)
{
...
...
@@ -256,25 +258,30 @@ static void ssleay_rand_add(const void *buf, int num, double add)
if
(
!
do_not_lock
)
CRYPTO_w_unlock
(
CRYPTO_LOCK_RAND
);
EVP_MD_CTX_init
(
&
m
);
for
(
i
=
0
;
i
<
num
;
i
+=
MD_DIGEST_LENGTH
)
{
j
=
(
num
-
i
);
j
=
(
j
>
MD_DIGEST_LENGTH
)
?
MD_DIGEST_LENGTH
:
j
;
MD_Init
(
&
m
);
MD_Update
(
&
m
,
local_md
,
MD_DIGEST_LENGTH
);
if
(
!
MD_Init
(
&
m
))
goto
err
;
if
(
!
MD_Update
(
&
m
,
local_md
,
MD_DIGEST_LENGTH
))
goto
err
;
k
=
(
st_idx
+
j
)
-
STATE_SIZE
;
if
(
k
>
0
)
{
MD_Update
(
&
m
,
&
(
state
[
st_idx
]),
j
-
k
);
MD_Update
(
&
m
,
&
(
state
[
0
]),
k
);
if
(
!
MD_Update
(
&
m
,
&
(
state
[
st_idx
]),
j
-
k
))
goto
err
;
if
(
!
MD_Update
(
&
m
,
&
(
state
[
0
]),
k
))
goto
err
;
}
else
MD_Update
(
&
m
,
&
(
state
[
st_idx
]),
j
);
if
(
!
MD_Update
(
&
m
,
&
(
state
[
st_idx
]),
j
))
goto
err
;
/* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */
MD_Update
(
&
m
,
buf
,
j
);
if
(
!
MD_Update
(
&
m
,
buf
,
j
))
goto
err
;
/* We know that line may cause programs such as
purify and valgrind to complain about use of
uninitialized data. The problem is not, it's
...
...
@@ -282,8 +289,10 @@ static void ssleay_rand_add(const void *buf, int num, double add)
sure you get really bad randomness and thereby
other problems such as very insecure keys. */
MD_Update
(
&
m
,(
unsigned
char
*
)
&
(
md_c
[
0
]),
sizeof
(
md_c
));
MD_Final
(
&
m
,
local_md
);
if
(
!
MD_Update
(
&
m
,(
unsigned
char
*
)
&
(
md_c
[
0
]),
sizeof
(
md_c
)))
goto
err
;
if
(
!
MD_Final
(
&
m
,
local_md
))
goto
err
;
md_c
[
1
]
++
;
buf
=
(
const
char
*
)
buf
+
j
;
...
...
@@ -303,7 +312,6 @@ static void ssleay_rand_add(const void *buf, int num, double add)
st_idx
=
0
;
}
}
EVP_MD_CTX_cleanup
(
&
m
);
if
(
!
do_not_lock
)
CRYPTO_w_lock
(
CRYPTO_LOCK_RAND
);
/* Don't just copy back local_md into md -- this could mean that
...
...
@@ -321,11 +329,15 @@ static void ssleay_rand_add(const void *buf, int num, double add)
#if !defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32)
assert
(
md_c
[
1
]
==
md_count
[
1
]);
#endif
rv
=
1
;
err:
EVP_MD_CTX_cleanup
(
&
m
);
return
rv
;
}
static
void
ssleay_rand_seed
(
const
void
*
buf
,
int
num
)
static
int
ssleay_rand_seed
(
const
void
*
buf
,
int
num
)
{
ssleay_rand_add
(
buf
,
num
,
(
double
)
num
);
return
ssleay_rand_add
(
buf
,
num
,
(
double
)
num
);
}
static
int
ssleay_rand_bytes
(
unsigned
char
*
buf
,
int
num
)
...
...
@@ -464,20 +476,25 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
/* num_ceil -= MD_DIGEST_LENGTH/2 */
j
=
(
num
>=
MD_DIGEST_LENGTH
/
2
)
?
MD_DIGEST_LENGTH
/
2
:
num
;
num
-=
j
;
MD_Init
(
&
m
);
if
(
!
MD_Init
(
&
m
))
goto
err
;
#ifndef GETPID_IS_MEANINGLESS
if
(
curr_pid
)
/* just in the first iteration to save time */
{
MD_Update
(
&
m
,(
unsigned
char
*
)
&
curr_pid
,
sizeof
curr_pid
);
if
(
!
MD_Update
(
&
m
,(
unsigned
char
*
)
&
curr_pid
,
sizeof
curr_pid
))
goto
err
;
curr_pid
=
0
;
}
#endif
MD_Update
(
&
m
,
local_md
,
MD_DIGEST_LENGTH
);
MD_Update
(
&
m
,(
unsigned
char
*
)
&
(
md_c
[
0
]),
sizeof
(
md_c
));
if
(
!
MD_Update
(
&
m
,
local_md
,
MD_DIGEST_LENGTH
))
goto
err
;
if
(
!
MD_Update
(
&
m
,(
unsigned
char
*
)
&
(
md_c
[
0
]),
sizeof
(
md_c
)))
goto
err
;
#ifndef PURIFY
/* purify complains */
/* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */
MD_Update
(
&
m
,
buf
,
j
);
if
(
!
MD_Update
(
&
m
,
buf
,
j
))
goto
err
;
/* We know that line may cause programs such as
purify and valgrind to complain about use of
uninitialized data. */
...
...
@@ -486,12 +503,16 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
k
=
(
st_idx
+
MD_DIGEST_LENGTH
/
2
)
-
st_num
;
if
(
k
>
0
)
{
MD_Update
(
&
m
,
&
(
state
[
st_idx
]),
MD_DIGEST_LENGTH
/
2
-
k
);
MD_Update
(
&
m
,
&
(
state
[
0
]),
k
);
if
(
!
MD_Update
(
&
m
,
&
(
state
[
st_idx
]),
MD_DIGEST_LENGTH
/
2
-
k
))
goto
err
;
if
(
!
MD_Update
(
&
m
,
&
(
state
[
0
]),
k
))
goto
err
;
}
else
MD_Update
(
&
m
,
&
(
state
[
st_idx
]),
MD_DIGEST_LENGTH
/
2
);
MD_Final
(
&
m
,
local_md
);
if
(
!
MD_Update
(
&
m
,
&
(
state
[
st_idx
]),
MD_DIGEST_LENGTH
/
2
))
goto
err
;
if
(
!
MD_Final
(
&
m
,
local_md
))
goto
err
;
for
(
i
=
0
;
i
<
MD_DIGEST_LENGTH
/
2
;
i
++
)
{
...
...
@@ -503,12 +524,16 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
}
}
MD_Init
(
&
m
);
MD_Update
(
&
m
,(
unsigned
char
*
)
&
(
md_c
[
0
]),
sizeof
(
md_c
));
MD_Update
(
&
m
,
local_md
,
MD_DIGEST_LENGTH
);
if
(
!
MD_Init
(
&
m
)
||
!
MD_Update
(
&
m
,(
unsigned
char
*
)
&
(
md_c
[
0
]),
sizeof
(
md_c
))
||
!
MD_Update
(
&
m
,
local_md
,
MD_DIGEST_LENGTH
))
goto
err
;
CRYPTO_w_lock
(
CRYPTO_LOCK_RAND
);
MD_Update
(
&
m
,
md
,
MD_DIGEST_LENGTH
);
MD_Final
(
&
m
,
md
);
if
(
!
MD_Update
(
&
m
,
md
,
MD_DIGEST_LENGTH
)
||
!
MD_Final
(
&
m
,
md
))
{
CRYPTO_w_unlock
(
CRYPTO_LOCK_RAND
);
goto
err
;
}
CRYPTO_w_unlock
(
CRYPTO_LOCK_RAND
);
EVP_MD_CTX_cleanup
(
&
m
);
...
...
@@ -521,6 +546,11 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
"http://www.openssl.org/support/faq.html"
);
return
(
0
);
}
err:
EVP_MD_CTX_cleanup
(
&
m
);
RANDerr
(
RAND_F_SSLEAY_RAND_BYTES
,
ERR_R_EVP_LIB
);
return
0
;
}
/* pseudo-random bytes that are guaranteed to be unique but not
...
...
crypto/rand/rand.h
浏览文件 @
b6dcdbfc
...
...
@@ -80,10 +80,10 @@ extern "C" {
struct
rand_meth_st
{
void
(
*
seed
)(
const
void
*
buf
,
int
num
);
int
(
*
seed
)(
const
void
*
buf
,
int
num
);
int
(
*
bytes
)(
unsigned
char
*
buf
,
int
num
);
void
(
*
cleanup
)(
void
);
void
(
*
add
)(
const
void
*
buf
,
int
num
,
double
entropy
);
int
(
*
add
)(
const
void
*
buf
,
int
num
,
double
entropy
);
int
(
*
pseudorand
)(
unsigned
char
*
buf
,
int
num
);
int
(
*
status
)(
void
);
};
...
...
crypto/rsa/rsa_oaep.c
浏览文件 @
b6dcdbfc
...
...
@@ -56,7 +56,8 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
seed
=
to
+
1
;
db
=
to
+
SHA_DIGEST_LENGTH
+
1
;
EVP_Digest
((
void
*
)
param
,
plen
,
db
,
NULL
,
EVP_sha1
(),
NULL
);
if
(
!
EVP_Digest
((
void
*
)
param
,
plen
,
db
,
NULL
,
EVP_sha1
(),
NULL
))
return
0
;
memset
(
db
+
SHA_DIGEST_LENGTH
,
0
,
emlen
-
flen
-
2
*
SHA_DIGEST_LENGTH
-
1
);
db
[
emlen
-
flen
-
SHA_DIGEST_LENGTH
-
1
]
=
0x01
;
...
...
@@ -145,7 +146,8 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
for
(
i
=
0
;
i
<
dblen
;
i
++
)
db
[
i
]
^=
maskeddb
[
i
];
EVP_Digest
((
void
*
)
param
,
plen
,
phash
,
NULL
,
EVP_sha1
(),
NULL
);
if
(
!
EVP_Digest
((
void
*
)
param
,
plen
,
phash
,
NULL
,
EVP_sha1
(),
NULL
))
return
-
1
;
if
(
memcmp
(
db
,
phash
,
SHA_DIGEST_LENGTH
)
!=
0
||
bad
)
goto
decoding_err
;
...
...
@@ -189,34 +191,40 @@ int PKCS1_MGF1(unsigned char *mask, long len,
EVP_MD_CTX
c
;
unsigned
char
md
[
EVP_MAX_MD_SIZE
];
int
mdlen
;
int
rv
=
-
1
;
EVP_MD_CTX_init
(
&
c
);
mdlen
=
EVP_MD_size
(
dgst
);
if
(
mdlen
<
0
)
return
-
1
;
goto
err
;
for
(
i
=
0
;
outlen
<
len
;
i
++
)
{
cnt
[
0
]
=
(
unsigned
char
)((
i
>>
24
)
&
255
);
cnt
[
1
]
=
(
unsigned
char
)((
i
>>
16
)
&
255
);
cnt
[
2
]
=
(
unsigned
char
)((
i
>>
8
))
&
255
;
cnt
[
3
]
=
(
unsigned
char
)(
i
&
255
);
EVP_DigestInit_ex
(
&
c
,
dgst
,
NULL
);
EVP_DigestUpdate
(
&
c
,
seed
,
seedlen
);
EVP_DigestUpdate
(
&
c
,
cnt
,
4
);
if
(
!
EVP_DigestInit_ex
(
&
c
,
dgst
,
NULL
)
||
!
EVP_DigestUpdate
(
&
c
,
seed
,
seedlen
)
||
!
EVP_DigestUpdate
(
&
c
,
cnt
,
4
))
goto
err
;
if
(
outlen
+
mdlen
<=
len
)
{
EVP_DigestFinal_ex
(
&
c
,
mask
+
outlen
,
NULL
);
if
(
!
EVP_DigestFinal_ex
(
&
c
,
mask
+
outlen
,
NULL
))
goto
err
;
outlen
+=
mdlen
;
}
else
{
EVP_DigestFinal_ex
(
&
c
,
md
,
NULL
);
if
(
!
EVP_DigestFinal_ex
(
&
c
,
md
,
NULL
))
goto
err
;
memcpy
(
mask
+
outlen
,
md
,
len
-
outlen
);
outlen
=
len
;
}
}
rv
=
0
;
err:
EVP_MD_CTX_cleanup
(
&
c
);
return
0
;
return
rv
;
}
static
int
MGF1
(
unsigned
char
*
mask
,
long
len
,
const
unsigned
char
*
seed
,
...
...
crypto/rsa/rsa_pss.c
浏览文件 @
b6dcdbfc
...
...
@@ -80,6 +80,7 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
unsigned
char
*
DB
=
NULL
;
EVP_MD_CTX
ctx
;
unsigned
char
H_
[
EVP_MAX_MD_SIZE
];
EVP_MD_CTX_init
(
&
ctx
);
hLen
=
EVP_MD_size
(
Hash
);
if
(
hLen
<
0
)
...
...
@@ -145,14 +146,17 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
RSAerr
(
RSA_F_RSA_VERIFY_PKCS1_PSS
,
RSA_R_SLEN_CHECK_FAILED
);
goto
err
;
}
EVP_MD_CTX_init
(
&
ctx
);
EVP_DigestInit_ex
(
&
ctx
,
Hash
,
NULL
);
EVP_DigestUpdate
(
&
ctx
,
zeroes
,
sizeof
zeroes
);
EVP_DigestUpdate
(
&
ctx
,
mHash
,
hLen
)
;
if
(
!
EVP_DigestInit_ex
(
&
ctx
,
Hash
,
NULL
)
||
!
EVP_DigestUpdate
(
&
ctx
,
zeroes
,
sizeof
zeroes
)
||
!
EVP_DigestUpdate
(
&
ctx
,
mHash
,
hLen
))
goto
err
;
if
(
maskedDBLen
-
i
)
EVP_DigestUpdate
(
&
ctx
,
DB
+
i
,
maskedDBLen
-
i
);
EVP_DigestFinal
(
&
ctx
,
H_
,
NULL
);
EVP_MD_CTX_cleanup
(
&
ctx
);
{
if
(
!
EVP_DigestUpdate
(
&
ctx
,
DB
+
i
,
maskedDBLen
-
i
))
goto
err
;
}
if
(
!
EVP_DigestFinal
(
&
ctx
,
H_
,
NULL
))
goto
err
;
if
(
memcmp
(
H_
,
H
,
hLen
))
{
RSAerr
(
RSA_F_RSA_VERIFY_PKCS1_PSS
,
RSA_R_BAD_SIGNATURE
);
...
...
@@ -164,6 +168,7 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
err:
if
(
DB
)
OPENSSL_free
(
DB
);
EVP_MD_CTX_cleanup
(
&
ctx
);
return
ret
;
...
...
@@ -228,12 +233,14 @@ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
maskedDBLen
=
emLen
-
hLen
-
1
;
H
=
EM
+
maskedDBLen
;
EVP_MD_CTX_init
(
&
ctx
);
EVP_DigestInit_ex
(
&
ctx
,
Hash
,
NULL
);
EVP_DigestUpdate
(
&
ctx
,
zeroes
,
sizeof
zeroes
);
EVP_DigestUpdate
(
&
ctx
,
mHash
,
hLen
);
if
(
sLen
)
EVP_DigestUpdate
(
&
ctx
,
salt
,
sLen
);
EVP_DigestFinal
(
&
ctx
,
H
,
NULL
);
if
(
!
EVP_DigestInit_ex
(
&
ctx
,
Hash
,
NULL
)
||
!
EVP_DigestUpdate
(
&
ctx
,
zeroes
,
sizeof
zeroes
)
||
!
EVP_DigestUpdate
(
&
ctx
,
mHash
,
hLen
))
goto
err
;
if
(
sLen
&&
!
EVP_DigestUpdate
(
&
ctx
,
salt
,
sLen
))
goto
err
;
if
(
!
EVP_DigestFinal
(
&
ctx
,
H
,
NULL
))
goto
err
;
EVP_MD_CTX_cleanup
(
&
ctx
);
/* Generate dbMask in place then perform XOR on it */
...
...
crypto/ts/ts_rsp_verify.c
浏览文件 @
b6dcdbfc
...
...
@@ -614,12 +614,15 @@ static int TS_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
goto
err
;
}
EVP_DigestInit
(
&
md_ctx
,
md
);
if
(
!
EVP_DigestInit
(
&
md_ctx
,
md
))
goto
err
;
while
((
length
=
BIO_read
(
data
,
buffer
,
sizeof
(
buffer
)))
>
0
)
{
EVP_DigestUpdate
(
&
md_ctx
,
buffer
,
length
);
if
(
!
EVP_DigestUpdate
(
&
md_ctx
,
buffer
,
length
))
goto
err
;
}
EVP_DigestFinal
(
&
md_ctx
,
*
imprint
,
NULL
);
if
(
!
EVP_DigestFinal
(
&
md_ctx
,
*
imprint
,
NULL
))
goto
err
;
return
1
;
err:
...
...
crypto/x509/x509_cmp.c
浏览文件 @
b6dcdbfc
...
...
@@ -87,15 +87,20 @@ unsigned long X509_issuer_and_serial_hash(X509 *a)
EVP_MD_CTX_init
(
&
ctx
);
f
=
X509_NAME_oneline
(
a
->
cert_info
->
issuer
,
NULL
,
0
);
ret
=
strlen
(
f
);
EVP_DigestInit_ex
(
&
ctx
,
EVP_md5
(),
NULL
);
EVP_DigestUpdate
(
&
ctx
,(
unsigned
char
*
)
f
,
ret
);
if
(
!
EVP_DigestInit_ex
(
&
ctx
,
EVP_md5
(),
NULL
))
goto
err
;
if
(
!
EVP_DigestUpdate
(
&
ctx
,(
unsigned
char
*
)
f
,
ret
))
goto
err
;
OPENSSL_free
(
f
);
EVP_DigestUpdate
(
&
ctx
,(
unsigned
char
*
)
a
->
cert_info
->
serialNumber
->
data
,
(
unsigned
long
)
a
->
cert_info
->
serialNumber
->
length
);
EVP_DigestFinal_ex
(
&
ctx
,
&
(
md
[
0
]),
NULL
);
if
(
!
EVP_DigestUpdate
(
&
ctx
,(
unsigned
char
*
)
a
->
cert_info
->
serialNumber
->
data
,
(
unsigned
long
)
a
->
cert_info
->
serialNumber
->
length
))
goto
err
;
if
(
!
EVP_DigestFinal_ex
(
&
ctx
,
&
(
md
[
0
]),
NULL
))
goto
err
;
ret
=
(
((
unsigned
long
)
md
[
0
]
)
|
((
unsigned
long
)
md
[
1
]
<<
8L
)
|
((
unsigned
long
)
md
[
2
]
<<
16L
)
|
((
unsigned
long
)
md
[
3
]
<<
24L
)
)
&
0xffffffffL
;
err:
EVP_MD_CTX_cleanup
(
&
ctx
);
return
(
ret
);
}
...
...
@@ -205,7 +210,9 @@ unsigned long X509_NAME_hash(X509_NAME *x)
/* Make sure X509_NAME structure contains valid cached encoding */
i2d_X509_NAME
(
x
,
NULL
);
EVP_Digest
(
x
->
canon_enc
,
x
->
canon_enclen
,
md
,
NULL
,
EVP_sha1
(),
NULL
);
if
(
!
EVP_Digest
(
x
->
canon_enc
,
x
->
canon_enclen
,
md
,
NULL
,
EVP_sha1
(),
NULL
))
return
0
;
ret
=
(
((
unsigned
long
)
md
[
0
]
)
|
((
unsigned
long
)
md
[
1
]
<<
8L
)
|
((
unsigned
long
)
md
[
2
]
<<
16L
)
|
((
unsigned
long
)
md
[
3
]
<<
24L
)
...
...
@@ -225,7 +232,8 @@ unsigned long X509_NAME_hash_old(X509_NAME *x)
/* Make sure X509_NAME structure contains valid cached encoding */
i2d_X509_NAME
(
x
,
NULL
);
EVP_Digest
(
x
->
bytes
->
data
,
x
->
bytes
->
length
,
md
,
NULL
,
EVP_md5
(),
NULL
);
if
(
!
EVP_Digest
(
x
->
bytes
->
data
,
x
->
bytes
->
length
,
md
,
NULL
,
EVP_md5
(),
NULL
))
return
0
;
ret
=
(
((
unsigned
long
)
md
[
0
]
)
|
((
unsigned
long
)
md
[
1
]
<<
8L
)
|
((
unsigned
long
)
md
[
2
]
<<
16L
)
|
((
unsigned
long
)
md
[
3
]
<<
24L
)
...
...
crypto/x509v3/v3_skey.c
浏览文件 @
b6dcdbfc
...
...
@@ -129,7 +129,8 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,
goto
err
;
}
EVP_Digest
(
pk
->
data
,
pk
->
length
,
pkey_dig
,
&
diglen
,
EVP_sha1
(),
NULL
);
if
(
!
EVP_Digest
(
pk
->
data
,
pk
->
length
,
pkey_dig
,
&
diglen
,
EVP_sha1
(),
NULL
))
goto
err
;
if
(
!
M_ASN1_OCTET_STRING_set
(
oct
,
pkey_dig
,
diglen
))
{
X509V3err
(
X509V3_F_S2I_SKEY_ID
,
ERR_R_MALLOC_FAILURE
);
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录