[331] | 1 | /*
|
---|
| 2 | * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
|
---|
| 3 | *
|
---|
| 4 | * Licensed under the OpenSSL license (the "License"). You may not use
|
---|
| 5 | * this file except in compliance with the License. You can obtain a copy
|
---|
| 6 | * in the file LICENSE in the source distribution or at
|
---|
| 7 | * https://www.openssl.org/source/license.html
|
---|
| 8 | */
|
---|
| 9 |
|
---|
| 10 | #include <stdio.h>
|
---|
| 11 | #include "internal/cryptlib.h"
|
---|
| 12 | #include <openssl/objects.h>
|
---|
| 13 | #include <openssl/evp.h>
|
---|
| 14 | #include <openssl/engine.h>
|
---|
| 15 | #include "internal/evp_int.h"
|
---|
| 16 | #include "evp_locl.h"
|
---|
| 17 |
|
---|
| 18 | /* This call frees resources associated with the context */
|
---|
| 19 | int EVP_MD_CTX_reset(EVP_MD_CTX *ctx)
|
---|
| 20 | {
|
---|
| 21 | if (ctx == NULL)
|
---|
| 22 | return 1;
|
---|
| 23 |
|
---|
| 24 | /*
|
---|
| 25 | * Don't assume ctx->md_data was cleaned in EVP_Digest_Final, because
|
---|
| 26 | * sometimes only copies of the context are ever finalised.
|
---|
| 27 | */
|
---|
| 28 | if (ctx->digest && ctx->digest->cleanup
|
---|
| 29 | && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED))
|
---|
| 30 | ctx->digest->cleanup(ctx);
|
---|
| 31 | if (ctx->digest && ctx->digest->ctx_size && ctx->md_data
|
---|
| 32 | && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
|
---|
| 33 | OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size);
|
---|
| 34 | }
|
---|
| 35 | EVP_PKEY_CTX_free(ctx->pctx);
|
---|
| 36 | #ifndef OPENSSL_NO_ENGINE
|
---|
| 37 | ENGINE_finish(ctx->engine);
|
---|
| 38 | #endif
|
---|
| 39 | OPENSSL_cleanse(ctx, sizeof(*ctx));
|
---|
| 40 |
|
---|
| 41 | return 1;
|
---|
| 42 | }
|
---|
| 43 |
|
---|
| 44 | EVP_MD_CTX *EVP_MD_CTX_new(void)
|
---|
| 45 | {
|
---|
| 46 | return OPENSSL_zalloc(sizeof(EVP_MD_CTX));
|
---|
| 47 | }
|
---|
| 48 |
|
---|
| 49 | void EVP_MD_CTX_free(EVP_MD_CTX *ctx)
|
---|
| 50 | {
|
---|
| 51 | EVP_MD_CTX_reset(ctx);
|
---|
| 52 | OPENSSL_free(ctx);
|
---|
| 53 | }
|
---|
| 54 |
|
---|
| 55 | int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type)
|
---|
| 56 | {
|
---|
| 57 | EVP_MD_CTX_reset(ctx);
|
---|
| 58 | return EVP_DigestInit_ex(ctx, type, NULL);
|
---|
| 59 | }
|
---|
| 60 |
|
---|
| 61 | int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
|
---|
| 62 | {
|
---|
| 63 | EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
|
---|
| 64 | #ifndef OPENSSL_NO_ENGINE
|
---|
| 65 | /*
|
---|
| 66 | * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so
|
---|
| 67 | * this context may already have an ENGINE! Try to avoid releasing the
|
---|
| 68 | * previous handle, re-querying for an ENGINE, and having a
|
---|
| 69 | * reinitialisation, when it may all be unnecessary.
|
---|
| 70 | */
|
---|
| 71 | if (ctx->engine && ctx->digest &&
|
---|
| 72 | (type == NULL || (type->type == ctx->digest->type)))
|
---|
| 73 | goto skip_to_init;
|
---|
| 74 | if (type) {
|
---|
| 75 | /*
|
---|
| 76 | * Ensure an ENGINE left lying around from last time is cleared (the
|
---|
| 77 | * previous check attempted to avoid this if the same ENGINE and
|
---|
| 78 | * EVP_MD could be used).
|
---|
| 79 | */
|
---|
| 80 | ENGINE_finish(ctx->engine);
|
---|
| 81 | if (impl != NULL) {
|
---|
| 82 | if (!ENGINE_init(impl)) {
|
---|
| 83 | EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR);
|
---|
| 84 | return 0;
|
---|
| 85 | }
|
---|
| 86 | } else {
|
---|
| 87 | /* Ask if an ENGINE is reserved for this job */
|
---|
| 88 | impl = ENGINE_get_digest_engine(type->type);
|
---|
| 89 | }
|
---|
| 90 | if (impl != NULL) {
|
---|
| 91 | /* There's an ENGINE for this job ... (apparently) */
|
---|
| 92 | const EVP_MD *d = ENGINE_get_digest(impl, type->type);
|
---|
| 93 |
|
---|
| 94 | if (d == NULL) {
|
---|
| 95 | EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR);
|
---|
| 96 | ENGINE_finish(impl);
|
---|
| 97 | return 0;
|
---|
| 98 | }
|
---|
| 99 | /* We'll use the ENGINE's private digest definition */
|
---|
| 100 | type = d;
|
---|
| 101 | /*
|
---|
| 102 | * Store the ENGINE functional reference so we know 'type' came
|
---|
| 103 | * from an ENGINE and we need to release it when done.
|
---|
| 104 | */
|
---|
| 105 | ctx->engine = impl;
|
---|
| 106 | } else
|
---|
| 107 | ctx->engine = NULL;
|
---|
| 108 | } else {
|
---|
| 109 | if (!ctx->digest) {
|
---|
| 110 | EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_NO_DIGEST_SET);
|
---|
| 111 | return 0;
|
---|
| 112 | }
|
---|
| 113 | type = ctx->digest;
|
---|
| 114 | }
|
---|
| 115 | #endif
|
---|
| 116 | if (ctx->digest != type) {
|
---|
| 117 | if (ctx->digest && ctx->digest->ctx_size) {
|
---|
| 118 | OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size);
|
---|
| 119 | ctx->md_data = NULL;
|
---|
| 120 | }
|
---|
| 121 | ctx->digest = type;
|
---|
| 122 | if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) {
|
---|
| 123 | ctx->update = type->update;
|
---|
| 124 | ctx->md_data = OPENSSL_zalloc(type->ctx_size);
|
---|
| 125 | if (ctx->md_data == NULL) {
|
---|
| 126 | EVPerr(EVP_F_EVP_DIGESTINIT_EX, ERR_R_MALLOC_FAILURE);
|
---|
| 127 | return 0;
|
---|
| 128 | }
|
---|
| 129 | }
|
---|
| 130 | }
|
---|
| 131 | #ifndef OPENSSL_NO_ENGINE
|
---|
| 132 | skip_to_init:
|
---|
| 133 | #endif
|
---|
| 134 | if (ctx->pctx) {
|
---|
| 135 | int r;
|
---|
| 136 | r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG,
|
---|
| 137 | EVP_PKEY_CTRL_DIGESTINIT, 0, ctx);
|
---|
| 138 | if (r <= 0 && (r != -2))
|
---|
| 139 | return 0;
|
---|
| 140 | }
|
---|
| 141 | if (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT)
|
---|
| 142 | return 1;
|
---|
| 143 | return ctx->digest->init(ctx);
|
---|
| 144 | }
|
---|
| 145 |
|
---|
| 146 | int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
|
---|
| 147 | {
|
---|
| 148 | return ctx->update(ctx, data, count);
|
---|
| 149 | }
|
---|
| 150 |
|
---|
| 151 | /* The caller can assume that this removes any secret data from the context */
|
---|
| 152 | int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
|
---|
| 153 | {
|
---|
| 154 | int ret;
|
---|
| 155 | ret = EVP_DigestFinal_ex(ctx, md, size);
|
---|
| 156 | EVP_MD_CTX_reset(ctx);
|
---|
| 157 | return ret;
|
---|
| 158 | }
|
---|
| 159 |
|
---|
| 160 | /* The caller can assume that this removes any secret data from the context */
|
---|
| 161 | int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
|
---|
| 162 | {
|
---|
| 163 | int ret;
|
---|
| 164 |
|
---|
| 165 | OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
|
---|
| 166 | ret = ctx->digest->final(ctx, md);
|
---|
| 167 | if (size != NULL)
|
---|
| 168 | *size = ctx->digest->md_size;
|
---|
| 169 | if (ctx->digest->cleanup) {
|
---|
| 170 | ctx->digest->cleanup(ctx);
|
---|
| 171 | EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
|
---|
| 172 | }
|
---|
| 173 | OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size);
|
---|
| 174 | return ret;
|
---|
| 175 | }
|
---|
| 176 |
|
---|
| 177 | int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
|
---|
| 178 | {
|
---|
| 179 | EVP_MD_CTX_reset(out);
|
---|
| 180 | return EVP_MD_CTX_copy_ex(out, in);
|
---|
| 181 | }
|
---|
| 182 |
|
---|
| 183 | int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
|
---|
| 184 | {
|
---|
| 185 | unsigned char *tmp_buf;
|
---|
| 186 | if ((in == NULL) || (in->digest == NULL)) {
|
---|
| 187 | EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, EVP_R_INPUT_NOT_INITIALIZED);
|
---|
| 188 | return 0;
|
---|
| 189 | }
|
---|
| 190 | #ifndef OPENSSL_NO_ENGINE
|
---|
| 191 | /* Make sure it's safe to copy a digest context using an ENGINE */
|
---|
| 192 | if (in->engine && !ENGINE_init(in->engine)) {
|
---|
| 193 | EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, ERR_R_ENGINE_LIB);
|
---|
| 194 | return 0;
|
---|
| 195 | }
|
---|
| 196 | #endif
|
---|
| 197 |
|
---|
| 198 | if (out->digest == in->digest) {
|
---|
| 199 | tmp_buf = out->md_data;
|
---|
| 200 | EVP_MD_CTX_set_flags(out, EVP_MD_CTX_FLAG_REUSE);
|
---|
| 201 | } else
|
---|
| 202 | tmp_buf = NULL;
|
---|
| 203 | EVP_MD_CTX_reset(out);
|
---|
| 204 | memcpy(out, in, sizeof(*out));
|
---|
| 205 |
|
---|
| 206 | /* Null these variables, since they are getting fixed up
|
---|
| 207 | * properly below. Anything else may cause a memleak and/or
|
---|
| 208 | * double free if any of the memory allocations below fail
|
---|
| 209 | */
|
---|
| 210 | out->md_data = NULL;
|
---|
| 211 | out->pctx = NULL;
|
---|
| 212 |
|
---|
| 213 | if (in->md_data && out->digest->ctx_size) {
|
---|
| 214 | if (tmp_buf)
|
---|
| 215 | out->md_data = tmp_buf;
|
---|
| 216 | else {
|
---|
| 217 | out->md_data = OPENSSL_malloc(out->digest->ctx_size);
|
---|
| 218 | if (out->md_data == NULL) {
|
---|
| 219 | EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, ERR_R_MALLOC_FAILURE);
|
---|
| 220 | return 0;
|
---|
| 221 | }
|
---|
| 222 | }
|
---|
| 223 | memcpy(out->md_data, in->md_data, out->digest->ctx_size);
|
---|
| 224 | }
|
---|
| 225 |
|
---|
| 226 | out->update = in->update;
|
---|
| 227 |
|
---|
| 228 | if (in->pctx) {
|
---|
| 229 | out->pctx = EVP_PKEY_CTX_dup(in->pctx);
|
---|
| 230 | if (!out->pctx) {
|
---|
| 231 | EVP_MD_CTX_reset(out);
|
---|
| 232 | return 0;
|
---|
| 233 | }
|
---|
| 234 | }
|
---|
| 235 |
|
---|
| 236 | if (out->digest->copy)
|
---|
| 237 | return out->digest->copy(out, in);
|
---|
| 238 |
|
---|
| 239 | return 1;
|
---|
| 240 | }
|
---|
| 241 |
|
---|
| 242 | int EVP_Digest(const void *data, size_t count,
|
---|
| 243 | unsigned char *md, unsigned int *size, const EVP_MD *type,
|
---|
| 244 | ENGINE *impl)
|
---|
| 245 | {
|
---|
| 246 | EVP_MD_CTX *ctx = EVP_MD_CTX_new();
|
---|
| 247 | int ret;
|
---|
| 248 |
|
---|
| 249 | if (ctx == NULL)
|
---|
| 250 | return 0;
|
---|
| 251 | EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_ONESHOT);
|
---|
| 252 | ret = EVP_DigestInit_ex(ctx, type, impl)
|
---|
| 253 | && EVP_DigestUpdate(ctx, data, count)
|
---|
| 254 | && EVP_DigestFinal_ex(ctx, md, size);
|
---|
| 255 | EVP_MD_CTX_free(ctx);
|
---|
| 256 |
|
---|
| 257 | return ret;
|
---|
| 258 | }
|
---|
| 259 |
|
---|
| 260 | int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2)
|
---|
| 261 | {
|
---|
| 262 | if (ctx->digest && ctx->digest->md_ctrl) {
|
---|
| 263 | int ret = ctx->digest->md_ctrl(ctx, cmd, p1, p2);
|
---|
| 264 | if (ret <= 0)
|
---|
| 265 | return 0;
|
---|
| 266 | return 1;
|
---|
| 267 | }
|
---|
| 268 | return 0;
|
---|
| 269 | }
|
---|