Browse Source

Move digests to providers

Move digest code into the relevant providers (fips, default, legacy).
The headers are temporarily moved to be internal, and will be moved
into providers after all external references are resolved. The deprecated
digest code can not be removed until EVP_PKEY (signing) is supported by
providers. EVP_MD data can also not yet be cleaned up for the same reasons.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8763)
master
Shane Lontis 4 years ago
parent
commit
d5e5e2ffaf
64 changed files with 1644 additions and 570 deletions
  1. +5
    -5
      crypto/blake2/blake2b_mac.c
  2. +4
    -4
      crypto/blake2/blake2s_mac.c
  3. +1
    -1
      crypto/blake2/build.info
  4. +8
    -19
      crypto/blake2/m_blake2b.c
  5. +8
    -19
      crypto/blake2/m_blake2s.c
  6. +3
    -0
      crypto/core_fetch.c
  7. +110
    -51
      crypto/evp/digest.c
  8. +1
    -0
      crypto/evp/evp_fetch.c
  9. +14
    -98
      crypto/evp/m_md5_sha1.c
  10. +2
    -56
      crypto/evp/m_sha1.c
  11. +25
    -112
      crypto/evp/m_sha3.c
  12. +2
    -0
      crypto/include/internal/evp_int.h
  13. +1
    -0
      crypto/include/internal/sha.h
  14. +1
    -1
      crypto/md5/build.info
  15. +101
    -0
      crypto/md5/md5_sha1.c
  16. +4
    -3
      crypto/sha/build.info
  17. +1
    -1
      crypto/sha/keccak1600.c
  18. +59
    -2
      crypto/sha/sha1dgst.c
  19. +106
    -0
      crypto/sha/sha3.c
  20. +1
    -1
      crypto/sm3/m_sm3.c
  21. +1
    -0
      crypto/sm3/sm3_locl.h
  22. +61
    -4
      doc/man3/EVP_DigestInit.pod
  23. +31
    -26
      include/internal/blake2.h
  24. +37
    -0
      include/internal/md5_sha1.h
  25. +52
    -0
      include/internal/sha3.h
  26. +3
    -4
      include/internal/sm3.h
  27. +7
    -0
      include/openssl/core_names.h
  28. +7
    -3
      include/openssl/core_numbers.h
  29. +4
    -1
      include/openssl/evp.h
  30. +1
    -1
      providers/build.info
  31. +2
    -2
      providers/common/digests/build.info
  32. +44
    -61
      providers/common/digests/sha2.c
  33. +277
    -0
      providers/common/digests/sha3.c
  34. +95
    -0
      providers/common/include/internal/core_mkdigest.h
  35. +25
    -0
      providers/common/include/internal/provider_algs.h
  36. +1
    -0
      providers/default/build.info
  37. +35
    -0
      providers/default/defltprov.c
  38. +40
    -0
      providers/default/digests/blake2.c
  39. +0
    -0
      providers/default/digests/blake2_impl.h
  40. +8
    -8
      providers/default/digests/blake2b.c
  41. +7
    -8
      providers/default/digests/blake2s.c
  42. +17
    -0
      providers/default/digests/build.info
  43. +17
    -0
      providers/default/digests/md5.c
  44. +46
    -0
      providers/default/digests/md5_sha1.c
  45. +75
    -0
      providers/default/digests/null.c
  46. +17
    -0
      providers/default/digests/sm3.c
  47. +13
    -0
      providers/fips/fipsprov.c
  48. +20
    -0
      providers/legacy/digests/build.info
  49. +6
    -51
      providers/legacy/digests/md2.c
  50. +18
    -0
      providers/legacy/digests/md4.c
  51. +37
    -0
      providers/legacy/digests/mdc2.c
  52. +18
    -0
      providers/legacy/digests/ripemd.c
  53. +18
    -0
      providers/legacy/digests/wp.c
  54. +18
    -2
      providers/legacy/legacyprov.c
  55. +27
    -8
      ssl/s3_enc.c
  56. +2
    -0
      ssl/ssl_locl.h
  57. +8
    -6
      ssl/statem/statem_lib.c
  58. +3
    -0
      test/build.info
  59. +27
    -1
      test/evp_test.c
  60. +16
    -6
      test/mdc2test.c
  61. +16
    -2
      test/recipes/05-test_mdc2.t
  62. +3
    -1
      test/recipes/30-test_evp.t
  63. +24
    -1
      test/recipes/30-test_evp_data/evpdigest.txt
  64. +3
    -1
      util/libcrypto.num

+ 5
- 5
crypto/blake2/blake2b_mac.c View File

@ -10,7 +10,7 @@
#ifndef OPENSSL_NO_BLAKE2
# include <openssl/evp.h>
# include "blake2_locl.h"
# include "internal/blake2.h"
# include "internal/cryptlib.h"
# include "internal/evp_int.h"
@ -26,7 +26,7 @@ static EVP_MAC_IMPL *blake2b_mac_new(void)
EVP_MAC_IMPL *macctx = OPENSSL_zalloc(sizeof(*macctx));
if (macctx != NULL) {
blake2b_param_init(&macctx->params);
/* ctx initialization is deferred to BLAKE2b_Init() */
/* ctx initialization is deferred to blake2b_init() */
}
return macctx;
}
@ -53,18 +53,18 @@ static int blake2b_mac_init(EVP_MAC_IMPL *macctx)
return 0;
}
return BLAKE2b_Init_key(&macctx->ctx, &macctx->params, macctx->key);
return blake2b_init_key(&macctx->ctx, &macctx->params, macctx->key);
}
static int blake2b_mac_update(EVP_MAC_IMPL *macctx, const unsigned char *data,
size_t datalen)
{
return BLAKE2b_Update(&macctx->ctx, data, datalen);
return blake2b_update(&macctx->ctx, data, datalen);
}
static int blake2b_mac_final(EVP_MAC_IMPL *macctx, unsigned char *out)
{
return BLAKE2b_Final(out, &macctx->ctx);
return blake2b_final(out, &macctx->ctx);
}
/*


+ 4
- 4
crypto/blake2/blake2s_mac.c View File

@ -10,7 +10,7 @@
#ifndef OPENSSL_NO_BLAKE2
# include <openssl/evp.h>
# include "blake2_locl.h"
# include "internal/blake2.h"
# include "internal/cryptlib.h"
# include "internal/evp_int.h"
@ -53,18 +53,18 @@ static int blake2s_mac_init(EVP_MAC_IMPL *macctx)
return 0;
}
return BLAKE2s_Init_key(&macctx->ctx, &macctx->params, macctx->key);
return blake2s_init_key(&macctx->ctx, &macctx->params, macctx->key);
}
static int blake2s_mac_update(EVP_MAC_IMPL *macctx, const unsigned char *data,
size_t datalen)
{
return BLAKE2s_Update(&macctx->ctx, data, datalen);
return blake2s_update(&macctx->ctx, data, datalen);
}
static int blake2s_mac_final(EVP_MAC_IMPL *macctx, unsigned char *out)
{
return BLAKE2s_Final(out, &macctx->ctx);
return blake2s_final(out, &macctx->ctx);
}
/*


+ 1
- 1
crypto/blake2/build.info View File

@ -1,3 +1,3 @@
LIBS=../../libcrypto
SOURCE[../../libcrypto]=\
blake2b.c blake2s.c blake2b_mac.c blake2s_mac.c m_blake2b.c m_blake2s.c
blake2b_mac.c blake2s_mac.c m_blake2b.c m_blake2s.c

+ 8
- 19
crypto/blake2/m_blake2b.c View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -7,37 +7,26 @@
* https://www.openssl.org/source/license.html
*/
/*
* Derived from the BLAKE2 reference implementation written by Samuel Neves.
* Copyright 2012, Samuel Neves <sneves@dei.uc.pt>
* More information about the BLAKE2 hash function and its implementations
* can be found at https://blake2.net.
*/
#include "internal/cryptlib.h"
#ifndef OPENSSL_NO_BLAKE2
# include <openssl/evp.h>
# include <openssl/objects.h>
# include "blake2_locl.h"
# include <stddef.h>
# include <openssl/obj_mac.h>
# include "internal/evp_int.h"
# include "internal/blake2.h"
static int init(EVP_MD_CTX *ctx)
{
BLAKE2B_PARAM P;
blake2b_param_init(&P);
return BLAKE2b_Init(EVP_MD_CTX_md_data(ctx), &P);
return blake2b512_init(EVP_MD_CTX_md_data(ctx));
}
static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
return BLAKE2b_Update(EVP_MD_CTX_md_data(ctx), data, count);
return blake2b_update(EVP_MD_CTX_md_data(ctx), data, count);
}
static int final(EVP_MD_CTX *ctx, unsigned char *md)
{
return BLAKE2b_Final(md, EVP_MD_CTX_md_data(ctx));
return blake2b_final(md, EVP_MD_CTX_md_data(ctx));
}
static const EVP_MD blake2b_md = {
@ -58,4 +47,4 @@ const EVP_MD *EVP_blake2b512(void)
{
return &blake2b_md;
}
#endif
#endif /* OPENSSL_NO_BLAKE2 */

+ 8
- 19
crypto/blake2/m_blake2s.c View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -7,37 +7,26 @@
* https://www.openssl.org/source/license.html
*/
/*
* Derived from the BLAKE2 reference implementation written by Samuel Neves.
* Copyright 2012, Samuel Neves <sneves@dei.uc.pt>
* More information about the BLAKE2 hash function and its implementations
* can be found at https://blake2.net.
*/
#include "internal/cryptlib.h"
#ifndef OPENSSL_NO_BLAKE2
# include <openssl/evp.h>
# include <openssl/objects.h>
# include "blake2_locl.h"
# include <stddef.h>
# include <openssl/obj_mac.h>
# include "internal/evp_int.h"
# include "internal/blake2.h"
static int init(EVP_MD_CTX *ctx)
{
BLAKE2S_PARAM P;
blake2s_param_init(&P);
return BLAKE2s_Init(EVP_MD_CTX_md_data(ctx), &P);
return blake2s256_init(EVP_MD_CTX_md_data(ctx));
}
static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
return BLAKE2s_Update(EVP_MD_CTX_md_data(ctx), data, count);
return blake2s_update(EVP_MD_CTX_md_data(ctx), data, count);
}
static int final(EVP_MD_CTX *ctx, unsigned char *md)
{
return BLAKE2s_Final(md, EVP_MD_CTX_md_data(ctx));
return blake2s_final(md, EVP_MD_CTX_md_data(ctx));
}
static const EVP_MD blake2s_md = {
@ -58,4 +47,4 @@ const EVP_MD *EVP_blake2s256(void)
{
return &blake2s_md;
}
#endif
#endif /* OPENSSL_NO_BLAKE2 */

+ 3
- 0
crypto/core_fetch.c View File

@ -31,6 +31,9 @@ static int ossl_method_construct_this(OSSL_PROVIDER *provider, void *cbdata)
const OSSL_ALGORITHM *map =
ossl_provider_query_operation(provider, data->operation_id, &no_store);
if (map == NULL)
return 0;
while (map->algorithm_name != NULL) {
const OSSL_ALGORITHM *thismap = map++;
void *method = NULL;


+ 110
- 51
crypto/evp/digest.c View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -8,10 +8,12 @@
*/
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/engine.h>
#include <openssl/params.h>
#include <openssl/core_names.h>
#include "internal/cryptlib.h"
#include "internal/evp_int.h"
#include "internal/provider.h"
#include "evp_locl.h"
@ -149,16 +151,6 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
goto legacy;
}
if (type->prov == NULL) {
switch(type->type) {
case NID_sha256:
case NID_md2:
break;
default:
goto legacy;
}
}
if (ctx->digest != NULL && ctx->digest->ctx_size > 0) {
OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size);
ctx->md_data = NULL;
@ -184,6 +176,11 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
#endif
}
if (ctx->provctx != NULL && ctx->digest != NULL && ctx->digest != type) {
if (ctx->digest->freectx != NULL)
ctx->digest->freectx(ctx->provctx);
ctx->provctx = NULL;
}
ctx->digest = type;
if (ctx->provctx == NULL) {
ctx->provctx = ctx->digest->newctx(ossl_provider_ctx(type->prov));
@ -334,7 +331,6 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *isize)
}
EVP_MD_CTX_reset(ctx);
return ret;
/* TODO(3.0): Remove legacy code below */
@ -354,12 +350,31 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *isize)
int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t size)
{
int ret = 0;
OSSL_PARAM params[2];
size_t i = 0;
if (ctx->digest == NULL || ctx->digest->prov == NULL)
goto legacy;
if (ctx->digest->dfinal == NULL) {
EVPerr(EVP_F_EVP_DIGESTFINALXOF, EVP_R_FINAL_ERROR);
return 0;
}
params[i++] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_XOFLEN,
&size, NULL);
params[i++] = OSSL_PARAM_construct_end();
if (EVP_MD_CTX_set_params(ctx, params) > 0)
ret = ctx->digest->dfinal(ctx->provctx, md, &size, size);
EVP_MD_CTX_reset(ctx);
return ret;
legacy:
if (ctx->digest->flags & EVP_MD_FLAG_XOF
&& size <= INT_MAX
&& ctx->digest->md_ctrl(ctx, EVP_MD_CTRL_XOF_LEN, (int)size, NULL)) {
ret = ctx->digest->final(ctx, md);
if (ctx->digest->cleanup != NULL) {
ctx->digest->cleanup(ctx);
EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
@ -506,16 +521,56 @@ int EVP_Digest(const void *data, size_t count,
return ret;
}
int EVP_MD_CTX_set_params(EVP_MD_CTX *ctx, const OSSL_PARAM params[])
{
if (ctx->digest != NULL && ctx->digest->set_params != NULL)
return ctx->digest->set_params(ctx->provctx, params);
return 0;
}
int EVP_MD_CTX_get_params(EVP_MD_CTX *ctx, const OSSL_PARAM params[])
{
if (ctx->digest != NULL && ctx->digest->get_params != NULL)
return ctx->digest->get_params(ctx->provctx, params);
return 0;
}
#if !OPENSSL_API_3
int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2)
{
if (ctx->digest && ctx->digest->md_ctrl) {
int ret = ctx->digest->md_ctrl(ctx, cmd, p1, p2);
if (ret <= 0)
return 0;
return 1;
if (ctx->digest != NULL) {
OSSL_PARAM params[2];
size_t i, sz, n = 0;
switch (cmd) {
case EVP_MD_CTRL_XOF_LEN:
if (ctx->digest->set_params == NULL)
break;
i = (size_t)p1;
params[n++] = OSSL_PARAM_construct_size_t(
OSSL_DIGEST_PARAM_XOFLEN, &i, &sz);
params[n++] = OSSL_PARAM_construct_end();
return ctx->digest->set_params(ctx->provctx, params) > 0;
case EVP_MD_CTRL_MICALG:
if (ctx->digest->get_params == NULL)
break;
params[n++] = OSSL_PARAM_construct_utf8_string(
OSSL_DIGEST_PARAM_MICALG, p2, p1 ? p1 : 9999,
&sz);
params[n++] = OSSL_PARAM_construct_end();
return ctx->digest->get_params(ctx->provctx, params);
}
/* legacy code */
if (ctx->digest->md_ctrl != NULL) {
int ret = ctx->digest->md_ctrl(ctx, cmd, p1, p2);
if (ret <= 0)
return 0;
return 1;
}
}
return 0;
}
#endif
static void *evp_md_from_dispatch(const OSSL_DISPATCH *fns,
OSSL_PROVIDER *prov)
@ -530,55 +585,59 @@ static void *evp_md_from_dispatch(const OSSL_DISPATCH *fns,
for (; fns->function_id != 0; fns++) {
switch (fns->function_id) {
case OSSL_FUNC_DIGEST_NEWCTX:
if (md->newctx != NULL)
break;
md->newctx = OSSL_get_OP_digest_newctx(fns);
fncnt++;
if (md->newctx == NULL) {
md->newctx = OSSL_get_OP_digest_newctx(fns);
fncnt++;
}
break;
case OSSL_FUNC_DIGEST_INIT:
if (md->dinit != NULL)
break;
md->dinit = OSSL_get_OP_digest_init(fns);
fncnt++;
if (md->dinit == NULL) {
md->dinit = OSSL_get_OP_digest_init(fns);
fncnt++;
}
break;
case OSSL_FUNC_DIGEST_UPDATE:
if (md->dupdate != NULL)
break;
md->dupdate = OSSL_get_OP_digest_update(fns);
fncnt++;
if (md->dupdate == NULL) {
md->dupdate = OSSL_get_OP_digest_update(fns);
fncnt++;
}
break;
case OSSL_FUNC_DIGEST_FINAL:
if (md->dfinal != NULL)
break;
md->dfinal = OSSL_get_OP_digest_final(fns);
fncnt++;
if (md->dfinal == NULL) {
md->dfinal = OSSL_get_OP_digest_final(fns);
fncnt++;
}
break;
case OSSL_FUNC_DIGEST_DIGEST:
if (md->digest != NULL)
break;
md->digest = OSSL_get_OP_digest_digest(fns);
if (md->digest == NULL)
md->digest = OSSL_get_OP_digest_digest(fns);
/* We don't increment fnct for this as it is stand alone */
break;
case OSSL_FUNC_DIGEST_FREECTX:
if (md->freectx != NULL)
break;
md->freectx = OSSL_get_OP_digest_freectx(fns);
fncnt++;
if (md->freectx == NULL) {
md->freectx = OSSL_get_OP_digest_freectx(fns);
fncnt++;
}
break;
case OSSL_FUNC_DIGEST_DUPCTX:
if (md->dupctx != NULL)
break;
md->dupctx = OSSL_get_OP_digest_dupctx(fns);
if (md->dupctx == NULL)
md->dupctx = OSSL_get_OP_digest_dupctx(fns);
break;
case OSSL_FUNC_DIGEST_SIZE:
if (md->size != NULL)
break;
md->size = OSSL_get_OP_digest_size(fns);
if (md->size == NULL)
md->size = OSSL_get_OP_digest_size(fns);
break;
case OSSL_FUNC_DIGEST_BLOCK_SIZE:
if (md->dblock_size != NULL)
break;
md->dblock_size = OSSL_get_OP_digest_block_size(fns);
if (md->dblock_size == NULL)
md->dblock_size = OSSL_get_OP_digest_block_size(fns);
break;
case OSSL_FUNC_DIGEST_SET_PARAMS:
if (md->set_params == NULL)
md->set_params = OSSL_get_OP_digest_set_params(fns);
break;
case OSSL_FUNC_DIGEST_GET_PARAMS:
if (md->get_params == NULL)
md->get_params = OSSL_get_OP_digest_get_params(fns);
break;
}
}


+ 1
- 0
crypto/evp/evp_fetch.c View File

@ -159,6 +159,7 @@ void *evp_generic_fetch(OPENSSL_CTX *libctx, int operation_id,
mcmdata.mcm = &mcm;
mcmdata.libctx = libctx;
mcmdata.name = name;
mcmdata.method_from_dispatch = new_method;
mcmdata.destruct_method = free_method;
mcmdata.refcnt_up_method = upref_method;


+ 14
- 98
crypto/evp/m_md5_sha1.c View File

@ -1,5 +1,5 @@
/*
* Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -7,131 +7,46 @@
* https://www.openssl.org/source/license.html
*/
#if !defined(OPENSSL_NO_MD5)
#ifndef OPENSSL_NO_MD5
# include <string.h>
# include <openssl/evp.h>
# include <openssl/objects.h>
# include <openssl/x509.h>
# include <openssl/md5.h>
# include <openssl/sha.h>
# include "internal/cryptlib.h"
# include <openssl/obj_mac.h>
# include "internal/evp_int.h"
# include <openssl/rsa.h>
struct md5_sha1_ctx {
MD5_CTX md5;
SHA_CTX sha1;
};
# include "internal/md5_sha1.h"
static int init(EVP_MD_CTX *ctx)
{
struct md5_sha1_ctx *mctx = EVP_MD_CTX_md_data(ctx);
if (!MD5_Init(&mctx->md5))
return 0;
return SHA1_Init(&mctx->sha1);
return md5_sha1_init(EVP_MD_CTX_md_data(ctx));
}
static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
struct md5_sha1_ctx *mctx = EVP_MD_CTX_md_data(ctx);
if (!MD5_Update(&mctx->md5, data, count))
return 0;
return SHA1_Update(&mctx->sha1, data, count);
return md5_sha1_update(EVP_MD_CTX_md_data(ctx), data, count);
}
static int final(EVP_MD_CTX *ctx, unsigned char *md)
{
struct md5_sha1_ctx *mctx = EVP_MD_CTX_md_data(ctx);
if (!MD5_Final(md, &mctx->md5))
return 0;
return SHA1_Final(md + MD5_DIGEST_LENGTH, &mctx->sha1);
return md5_sha1_final(md, EVP_MD_CTX_md_data(ctx));
}
static int ctrl(EVP_MD_CTX *ctx, int cmd, int mslen, void *ms)
{
unsigned char padtmp[48];
unsigned char md5tmp[MD5_DIGEST_LENGTH];
unsigned char sha1tmp[SHA_DIGEST_LENGTH];
struct md5_sha1_ctx *mctx;
if (cmd != EVP_CTRL_SSL3_MASTER_SECRET)
return -2;
if (ctx == NULL)
return 0;
mctx = EVP_MD_CTX_md_data(ctx);
/* SSLv3 client auth handling: see RFC-6101 5.6.8 */
if (mslen != 48)
return 0;
/* At this point hash contains all handshake messages, update
* with master secret and pad_1.
*/
if (update(ctx, ms, mslen) <= 0)
return 0;
/* Set padtmp to pad_1 value */
memset(padtmp, 0x36, sizeof(padtmp));
if (!MD5_Update(&mctx->md5, padtmp, sizeof(padtmp)))
return 0;
if (!MD5_Final(md5tmp, &mctx->md5))
return 0;
if (!SHA1_Update(&mctx->sha1, padtmp, 40))
return 0;
if (!SHA1_Final(sha1tmp, &mctx->sha1))
return 0;
/* Reinitialise context */
if (!init(ctx))
return 0;
if (update(ctx, ms, mslen) <= 0)
return 0;
/* Set padtmp to pad_2 value */
memset(padtmp, 0x5c, sizeof(padtmp));
if (!MD5_Update(&mctx->md5, padtmp, sizeof(padtmp)))
return 0;
if (!MD5_Update(&mctx->md5, md5tmp, sizeof(md5tmp)))
return 0;
if (!SHA1_Update(&mctx->sha1, padtmp, 40))
return 0;
if (!SHA1_Update(&mctx->sha1, sha1tmp, sizeof(sha1tmp)))
return 0;
/* Now when ctx is finalised it will return the SSL v3 hash value */
OPENSSL_cleanse(md5tmp, sizeof(md5tmp));
OPENSSL_cleanse(sha1tmp, sizeof(sha1tmp));
return 1;
return md5_sha1_ctrl(EVP_MD_CTX_md_data(ctx), cmd, mslen, ms);
}
static const EVP_MD md5_sha1_md = {
NID_md5_sha1,
NID_md5_sha1,
MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH,
MD5_SHA1_DIGEST_LENGTH,
0,
init,
update,
final,
NULL,
NULL,
MD5_CBLOCK,
sizeof(EVP_MD *) + sizeof(struct md5_sha1_ctx),
MD5_SHA1_CBLOCK,
sizeof(EVP_MD *) + sizeof(MD5_SHA1_CTX),
ctrl
};
@ -139,4 +54,5 @@ const EVP_MD *EVP_md5_sha1(void)
{
return &md5_sha1_md;
}
#endif
#endif /* OPENSSL_NO_MD5 */

+ 2
- 56
crypto/evp/m_sha1.c View File

@ -32,63 +32,9 @@ static int final(EVP_MD_CTX *ctx, unsigned char *md)
return SHA1_Final(md, EVP_MD_CTX_md_data(ctx));
}
static int ctrl(EVP_MD_CTX *ctx, int cmd, int mslen, void *ms)
static int ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2)
{
unsigned char padtmp[40];
unsigned char sha1tmp[SHA_DIGEST_LENGTH];
SHA_CTX *sha1;
if (cmd != EVP_CTRL_SSL3_MASTER_SECRET)
return -2;
if (ctx == NULL)
return 0;
sha1 = EVP_MD_CTX_md_data(ctx);
/* SSLv3 client auth handling: see RFC-6101 5.6.8 */
if (mslen != 48)
return 0;
/* At this point hash contains all handshake messages, update
* with master secret and pad_1.
*/
if (SHA1_Update(sha1, ms, mslen) <= 0)
return 0;
/* Set padtmp to pad_1 value */
memset(padtmp, 0x36, sizeof(padtmp));
if (!SHA1_Update(sha1, padtmp, sizeof(padtmp)))
return 0;
if (!SHA1_Final(sha1tmp, sha1))
return 0;
/* Reinitialise context */
if (!SHA1_Init(sha1))
return 0;
if (SHA1_Update(sha1, ms, mslen) <= 0)
return 0;
/* Set padtmp to pad_2 value */
memset(padtmp, 0x5c, sizeof(padtmp));
if (!SHA1_Update(sha1, padtmp, sizeof(padtmp)))
return 0;
if (!SHA1_Update(sha1, sha1tmp, sizeof(sha1tmp)))
return 0;
/* Now when ctx is finalised it will return the SSL v3 hash value */
OPENSSL_cleanse(sha1tmp, sizeof(sha1tmp));
return 1;
return sha1_ctrl(ctx != NULL ? EVP_MD_CTX_md_data(ctx) : NULL, cmd, p1, p2);
}
static const EVP_MD sha1_md = {


+ 25
- 112
crypto/evp/m_sha3.c View File

@ -13,120 +13,33 @@
#include <openssl/evp.h>
#include <openssl/objects.h>
#include "internal/evp_int.h"
#include "internal/sha3.h"
#include "evp_locl.h"
size_t SHA3_absorb(uint64_t A[5][5], const unsigned char *inp, size_t len,
size_t r);
void SHA3_squeeze(uint64_t A[5][5], unsigned char *out, size_t len, size_t r);
#define KECCAK1600_WIDTH 1600
typedef struct {
uint64_t A[5][5];
size_t block_size; /* cached ctx->digest->block_size */
size_t md_size; /* output length, variable in XOF */
size_t num; /* used bytes in below buffer */
unsigned char buf[KECCAK1600_WIDTH / 8 - 32];
unsigned char pad;
} KECCAK1600_CTX;
static int init(EVP_MD_CTX *evp_ctx, unsigned char pad)
static int init(EVP_MD_CTX *ctx)
{
KECCAK1600_CTX *ctx = evp_ctx->md_data;
size_t bsz = evp_ctx->digest->block_size;
if (bsz <= sizeof(ctx->buf)) {
memset(ctx->A, 0, sizeof(ctx->A));
ctx->num = 0;
ctx->block_size = bsz;
ctx->md_size = evp_ctx->digest->md_size;
ctx->pad = pad;
return 1;
}
return 0;
return sha3_init(EVP_MD_CTX_md_data(ctx), '\x06', ctx->digest->md_size * 8);
}
static int sha3_init(EVP_MD_CTX *evp_ctx)
static int update(EVP_MD_CTX *ctx, const void *_inp, size_t len)
{
return init(evp_ctx, '\x06');
return sha3_update(EVP_MD_CTX_md_data(ctx), _inp, len);
}
static int shake_init(EVP_MD_CTX *evp_ctx)
static int final(EVP_MD_CTX *ctx, unsigned char *md)
{
return init(evp_ctx, '\x1f');
return sha3_final(md, EVP_MD_CTX_md_data(ctx));
}
static int kmac_init(EVP_MD_CTX *evp_ctx)
static int shake_init(EVP_MD_CTX *ctx)
{
return init(evp_ctx, '\x04');
}
static int sha3_update(EVP_MD_CTX *evp_ctx, const void *_inp, size_t len)
{
KECCAK1600_CTX *ctx = evp_ctx->md_data;
const unsigned char *inp = _inp;
size_t bsz = ctx->block_size;
size_t num, rem;
if (len == 0)
return 1;
if ((num = ctx->num) != 0) { /* process intermediate buffer? */
rem = bsz - num;
if (len < rem) {
memcpy(ctx->buf + num, inp, len);
ctx->num += len;
return 1;
}
/*
* We have enough data to fill or overflow the intermediate
* buffer. So we append |rem| bytes and process the block,
* leaving the rest for later processing...
*/
memcpy(ctx->buf + num, inp, rem);
inp += rem, len -= rem;
(void)SHA3_absorb(ctx->A, ctx->buf, bsz, bsz);
ctx->num = 0;
/* ctx->buf is processed, ctx->num is guaranteed to be zero */
}
if (len >= bsz)
rem = SHA3_absorb(ctx->A, inp, len, bsz);
else
rem = len;
if (rem) {
memcpy(ctx->buf, inp + len - rem, rem);
ctx->num = rem;
}
return 1;
return sha3_init(EVP_MD_CTX_md_data(ctx), '\x1f', ctx->digest->md_size * 8);
}
static int sha3_final(EVP_MD_CTX *evp_ctx, unsigned char *md)
static int kmac_init(EVP_MD_CTX *ctx)
{
KECCAK1600_CTX *ctx = evp_ctx->md_data;
size_t bsz = ctx->block_size;
size_t num = ctx->num;
/*
* Pad the data with 10*1. Note that |num| can be |bsz - 1|
* in which case both byte operations below are performed on
* same byte...
*/
memset(ctx->buf + num, 0, bsz - num);
ctx->buf[num] = ctx->pad;
ctx->buf[bsz - 1] |= 0x80;
(void)SHA3_absorb(ctx->A, ctx->buf, bsz, bsz);
SHA3_squeeze(ctx->A, md, ctx->md_size, bsz);
return 1;
return keccak_kmac_init(EVP_MD_CTX_md_data(ctx), '\x04',
ctx->digest->md_size * 8 / 2);
}
static int shake_ctrl(EVP_MD_CTX *evp_ctx, int cmd, int p1, void *p2)
@ -311,9 +224,9 @@ const EVP_MD *EVP_sha3_##bitlen(void) \
NID_RSA_SHA3_##bitlen, \
bitlen / 8, \
EVP_MD_FLAG_DIGALGID_ABSENT, \
sha3_init, \
sha3_update, \
sha3_final, \
init, \
update, \
final, \
NULL, \
NULL, \
(KECCAK1600_WIDTH - bitlen * 2) / 8, \
@ -347,8 +260,8 @@ const EVP_MD *EVP_shake##bitlen(void) \
bitlen / 8, \
EVP_MD_FLAG_XOF, \
shake_init, \
sha3_update, \
sha3_final, \
update, \
final, \
NULL, \
NULL, \
(KECCAK1600_WIDTH - bitlen * 2) / 8, \
@ -370,9 +283,9 @@ const EVP_MD *EVP_sha3_##bitlen(void) \
NID_RSA_SHA3_##bitlen, \
bitlen / 8, \
EVP_MD_FLAG_DIGALGID_ABSENT, \
sha3_init, \
sha3_update, \
sha3_final, \
init, \
update, \
final, \
NULL, \
NULL, \
(KECCAK1600_WIDTH - bitlen * 2) / 8, \
@ -390,8 +303,8 @@ const EVP_MD *EVP_shake##bitlen(void) \
bitlen / 8, \
EVP_MD_FLAG_XOF, \
shake_init, \
sha3_update, \
sha3_final, \
update, \
final, \
NULL, \
NULL, \
(KECCAK1600_WIDTH - bitlen * 2) / 8, \
@ -416,13 +329,13 @@ EVP_MD_SHAKE(256)
const EVP_MD *evp_keccak_kmac##bitlen(void) \
{ \
static const EVP_MD kmac_##bitlen##_md = { \
-1, \
NID_kmac##bitlen, \
0, \
2 * bitlen / 8, \
EVP_MD_FLAG_XOF, \
kmac_init, \
sha3_update, \
sha3_final, \
update, \
final, \
NULL, \
NULL, \
(KECCAK1600_WIDTH - bitlen * 2) / 8, \


+ 2
- 0
crypto/include/internal/evp_int.h View File

@ -207,6 +207,8 @@ struct evp_md_st {
OSSL_OP_digest_dupctx_fn *dupctx;
OSSL_OP_digest_size_fn *size;
OSSL_OP_digest_block_size_fn *dblock_size;
OSSL_OP_digest_set_params_fn *set_params;
OSSL_OP_digest_get_params_fn *get_params;
} /* EVP_MD */ ;


+ 1
- 0
crypto/include/internal/sha.h View File

@ -15,5 +15,6 @@
int sha512_224_init(SHA512_CTX *);
int sha512_256_init(SHA512_CTX *);
int sha1_ctrl(SHA_CTX *ctx, int cmd, int mslen, void *ms);
#endif

+ 1
- 1
crypto/md5/build.info View File

@ -1,6 +1,6 @@
LIBS=../../libcrypto
SOURCE[../../libcrypto]=\
md5_dgst.c md5_one.c {- $target{md5_asm_src} -}
md5_dgst.c md5_one.c md5_sha1.c {- $target{md5_asm_src} -}
GENERATE[md5-586.s]=asm/md5-586.pl \
$(PERLASM_SCHEME) $(LIB_CFLAGS) $(LIB_CPPFLAGS)


+ 101
- 0
crypto/md5/md5_sha1.c View File

@ -0,0 +1,101 @@
/*
* Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <string.h>
#include "internal/md5_sha1.h"
#include <openssl/evp.h>
int md5_sha1_init(MD5_SHA1_CTX *mctx)
{
if (!MD5_Init(&mctx->md5))
return 0;
return SHA1_Init(&mctx->sha1);
}
int md5_sha1_update(MD5_SHA1_CTX *mctx, const void *data, size_t count)
{
if (!MD5_Update(&mctx->md5, data, count))
return 0;
return SHA1_Update(&mctx->sha1, data, count);
}
int md5_sha1_final(unsigned char *md, MD5_SHA1_CTX *mctx)
{
if (!MD5_Final(md, &mctx->md5))
return 0;
return SHA1_Final(md + MD5_DIGEST_LENGTH, &mctx->sha1);
}
int md5_sha1_ctrl(MD5_SHA1_CTX *mctx, int cmd, int mslen, void *ms)
{
unsigned char padtmp[48];
unsigned char md5tmp[MD5_DIGEST_LENGTH];
unsigned char sha1tmp[SHA_DIGEST_LENGTH];
if (cmd != EVP_CTRL_SSL3_MASTER_SECRET)
return -2;
if (mctx == NULL)
return 0;
/* SSLv3 client auth handling: see RFC-6101 5.6.8 */
if (mslen != 48)
return 0;
/* At this point hash contains all handshake messages, update
* with master secret and pad_1.
*/
if (md5_sha1_update(mctx, ms, mslen) <= 0)
return 0;
/* Set padtmp to pad_1 value */
memset(padtmp, 0x36, sizeof(padtmp));
if (!MD5_Update(&mctx->md5, padtmp, sizeof(padtmp)))
return 0;
if (!MD5_Final(md5tmp, &mctx->md5))
return 0;
if (!SHA1_Update(&mctx->sha1, padtmp, 40))
return 0;
if (!SHA1_Final(sha1tmp, &mctx->sha1))
return 0;
/* Reinitialise context */
if (!md5_sha1_init(mctx))
return 0;
if (md5_sha1_update(mctx, ms, mslen) <= 0)
return 0;
/* Set padtmp to pad_2 value */
memset(padtmp, 0x5c, sizeof(padtmp));
if (!MD5_Update(&mctx->md5, padtmp, sizeof(padtmp)))
return 0;
if (!MD5_Update(&mctx->md5, md5tmp, sizeof(md5tmp)))
return 0;
if (!SHA1_Update(&mctx->sha1, padtmp, 40))
return 0;
if (!SHA1_Update(&mctx->sha1, sha1tmp, sizeof(sha1tmp)))
return 0;
/* Now when ctx is finalised it will return the SSL v3 hash value */
OPENSSL_cleanse(md5tmp, sizeof(md5tmp));
OPENSSL_cleanse(sha1tmp, sizeof(sha1tmp));
return 1;
}

+ 4
- 3
crypto/sha/build.info View File

@ -1,9 +1,10 @@
LIBS=../../libcrypto
SOURCE[../../libcrypto]=\
sha1dgst.c sha1_one.c sha256.c sha512.c {- $target{sha1_asm_src} -} \
{- $target{keccak1600_asm_src} -}
sha1dgst.c sha1_one.c sha256.c sha512.c sha3.c \
{- $target{sha1_asm_src} -} {- $target{keccak1600_asm_src} -}
SOURCE[../../providers/fips]= sha256.c
SOURCE[../../providers/fips]= sha1dgst.c sha256.c sha512.c sha3.c \
{- $target{keccak1600_asm_src} -} {- $target{sha1_asm_src} -}
GENERATE[sha1-586.s]=asm/sha1-586.pl \
$(PERLASM_SCHEME) $(LIB_CFLAGS) $(LIB_CPPFLAGS) $(PROCESSOR)


+ 1
- 1
crypto/sha/keccak1600.c View File

@ -1090,7 +1090,7 @@ size_t SHA3_absorb(uint64_t A[5][5], const unsigned char *inp, size_t len,
}
/*
* SHA3_squeeze is called once at the end to generate |out| hash value
* sha3_squeeze is called once at the end to generate |out| hash value
* of |len| bytes.
*/
void SHA3_squeeze(uint64_t A[5][5], unsigned char *out, size_t len, size_t r)


+ 59
- 2
crypto/sha/sha1dgst.c View File

@ -10,8 +10,65 @@
#include <openssl/crypto.h>
#include <openssl/opensslconf.h>
# include <openssl/opensslv.h>
#include <openssl/opensslv.h>
#include <openssl/evp.h>
#include <openssl/sha.h>
/* The implementation is in ../md32_common.h */
# include "sha_locl.h"
#include "sha_locl.h"
#include "internal/sha.h"
int sha1_ctrl(SHA_CTX *sha1, int cmd, int mslen, void *ms)
{
unsigned char padtmp[40];
unsigned char sha1tmp[SHA_DIGEST_LENGTH];
if (cmd != EVP_CTRL_SSL3_MASTER_SECRET)
return -2;
if (sha1 == NULL)
return 0;
/* SSLv3 client auth handling: see RFC-6101 5.6.8 */
if (mslen != 48)
return 0;
/* At this point hash contains all handshake messages, update
* with master secret and pad_1.
*/
if (SHA1_Update(sha1, ms, mslen) <= 0)
return 0;
/* Set padtmp to pad_1 value */
memset(padtmp, 0x36, sizeof(padtmp));
if (!SHA1_Update(sha1, padtmp, sizeof(padtmp)))
return 0;
if (!SHA1_Final(sha1tmp, sha1))
return 0;
/* Reinitialise context */
if (!SHA1_Init(sha1))
return 0;
if (SHA1_Update(sha1, ms, mslen) <= 0)
return 0;
/* Set padtmp to pad_2 value */
memset(padtmp, 0x5c, sizeof(padtmp));
if (!SHA1_Update(sha1, padtmp, sizeof(padtmp)))
return 0;
if (!SHA1_Update(sha1, sha1tmp, sizeof(sha1tmp)))
return 0;
/* Now when ctx is finalised it will return the SSL v3 hash value */
OPENSSL_cleanse(sha1tmp, sizeof(sha1tmp));
return 1;
}

+ 106
- 0
crypto/sha/sha3.c View File

@ -0,0 +1,106 @@
/*
* Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <string.h>
#include "internal/sha3.h"
void SHA3_squeeze(uint64_t A[5][5], unsigned char *out, size_t len, size_t r);
void sha3_reset(KECCAK1600_CTX *ctx)
{
memset(ctx->A, 0, sizeof(ctx->A));
ctx->bufsz = 0;
}
int sha3_init(KECCAK1600_CTX *ctx, unsigned char pad, size_t bitlen)
{
size_t bsz = SHA3_BLOCKSIZE(bitlen);
if (bsz <= sizeof(ctx->buf)) {
sha3_reset(ctx);
ctx->block_size = bsz;
ctx->md_size = bitlen / 8;
ctx->pad = pad;
return 1;
}
return 0;
}
int keccak_kmac_init(KECCAK1600_CTX *ctx, unsigned char pad, size_t bitlen)
{
int ret = sha3_init(ctx, pad, bitlen);
if (ret)
ctx->md_size *= 2;
return ret;
}
int sha3_update(KECCAK1600_CTX *ctx, const void *_inp, size_t len)
{
const unsigned char *inp = _inp;
size_t bsz = ctx->block_size;
size_t num, rem;
if (len == 0)
return 1;
if ((num = ctx->bufsz) != 0) { /* process intermediate buffer? */
rem = bsz - num;
if (len < rem) {
memcpy(ctx->buf + num, inp, len);
ctx->bufsz += len;
return 1;
}
/*
* We have enough data to fill or overflow the intermediate
* buffer. So we append |rem| bytes and process the block,
* leaving the rest for later processing...
*/
memcpy(ctx->buf + num, inp, rem);
inp += rem, len -= rem;
(void)SHA3_absorb(ctx->A, ctx->buf, bsz, bsz);
ctx->bufsz = 0;
/* ctx->buf is processed, ctx->num is guaranteed to be zero */
}
if (len >= bsz)
rem = SHA3_absorb(ctx->A, inp, len, bsz);
else
rem = len;
if (rem) {
memcpy(ctx->buf, inp + len - rem, rem);
ctx->bufsz = rem;
}
return 1;
}
int sha3_final(unsigned char *md, KECCAK1600_CTX *ctx)
{
size_t bsz = ctx->block_size;
size_t num = ctx->bufsz;
/*
* Pad the data with 10*1. Note that |num| can be |bsz - 1|
* in which case both byte operations below are performed on
* same byte...
*/
memset(ctx->buf + num, 0, bsz - num);
ctx->buf[num] = ctx->pad;
ctx->buf[bsz - 1] |= 0x80;
(void)SHA3_absorb(ctx->A, ctx->buf, bsz, bsz);
SHA3_squeeze(ctx->A, md, ctx->md_size, bsz);
return 1;
}

+ 1
- 1
crypto/sm3/m_sm3.c View File

@ -12,8 +12,8 @@
#ifndef OPENSSL_NO_SM3
# include <openssl/evp.h>
# include "internal/evp_int.h"
# include "internal/sm3.h"
# include "internal/evp_int.h"
static int init(EVP_MD_CTX *ctx)
{


+ 1
- 0
crypto/sm3/sm3_locl.h View File

@ -34,6 +34,7 @@
} while (0)
#define HASH_BLOCK_DATA_ORDER sm3_block_data_order
void sm3_block_data_order(SM3_CTX *c, const void *p, size_t num);
void sm3_transform(SM3_CTX *c, const unsigned char *data);
#include "internal/md32_common.h"


+ 61
- 4
doc/man3/EVP_DigestInit.pod View File

@ -3,8 +3,8 @@
=head1 NAME
EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy,
EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags,
EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags,
EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_params, EVP_MD_CTX_get_params,
EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags,
EVP_Digest, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate,
EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal,
EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_flags,
@ -22,6 +22,8 @@ EVP_MD_CTX_pkey_ctx, EVP_MD_CTX_set_pkey_ctx - EVP digest routines
int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
int EVP_MD_CTX_get_params(EVP_MD_CTX *ctx, const OSSL_PARAM params[]);
int EVP_MD_CTX_set_params(EVP_MD_CTX *ctx, const OSSL_PARAM params[]);
void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
@ -88,12 +90,25 @@ Cleans up digest context B<ctx> and frees up the space allocated to it.
=item EVP_MD_CTX_ctrl()
This is a deprecated function. EVP_MD_CTX_set_params() and EVP_MD_CTX_get_params()
is the mechanism that should be used to set and get parameters that are used by
providers.
Performs digest-specific control actions on context B<ctx>. The control command
is indicated in B<cmd> and any additional arguments in B<p1> and B<p2>.
EVP_MD_CTX_ctrl() must be called after EVP_DigestInit_ex(). Other restrictions
may apply depending on the control type and digest implementation.
See L</CONTROLS> below for more information.
=item EVP_MD_CTX_get_params
Retrieves the requested list of B<params> from a MD context B<ctx>.
See L</PARAMS> below for more information.
=item EVP_MD_CTX_set_params
Sets the list of <params> into a MD context B<ctx>.
See L</PARAMS> below for more information.
=item EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()
Sets, clears and tests B<ctx> flags. See L</FLAGS> below for more information.
@ -239,6 +254,38 @@ depends on how the B<EVP_PKEY_CTX> is created.
=back
=head1 PARAMS
See L<OSSL_PARAM(3)> for information about passing parameters.
EVP_MD_CTX_set_params() can be used with the following OSSL_PARAM keys:
=over 4
=item OSSL_PARAM_DIGEST_KEY_XOFLEN <size_t>
Sets the digest length for extendable output functions.
It is used by the SHAKE algorithm.
=item OSSL_PARAM_DIGEST_KEY_PAD_TYPE <int>
Sets the pad type.
It is used by the MDC2 algorithm.
=back
EVP_MD_CTX_get_params() can be used with the following OSSL_PARAM keys:
=over 4
=item OSSL_PARAM_DIGEST_KEY_MICALG <utf8string>.
Gets the digest Message Integrity Check algorithm string. This is used when
creating S/MIME multipart/signed messages, as specified in RFC 3851.
It may be used by external engines or providers.
=back
=head1 CONTROLS
EVP_MD_CTX_ctrl() can be used to send the following standard controls:
@ -307,6 +354,11 @@ success and 0 for failure.
Returns 1 if successful or 0 for failure.
=item EVP_MD_CTX_set_params(),
EVP_MD_CTX_get_params()
Returns 1 if successful or 0 for failure.
=item EVP_MD_CTX_copy_ex()
Returns 1 if successful or 0 for failure.
@ -418,7 +470,9 @@ digest name passed on the command line.
L<EVP_MD_meth_new(3)>,
L<dgst(1)>,
L<evp(7)>
L<evp(7)>,
L<OSSL_PROVIDER(3)>,
L<OSSL_PARAM(3)>
The full list of digest algorithms are provided below.
@ -446,9 +500,12 @@ The EVP_dss1() function was removed in OpenSSL 1.1.0.
The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.
The EVP_MD_CTX_set_params() and EVP_MD_CTX_get_params() functions were
added in 3.0.
=head1 COPYRIGHT
Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy


crypto/blake2/blake2_locl.h → include/internal/blake2.h View File


+ 37
- 0
include/internal/md5_sha1.h View File

@ -0,0 +1,37 @@
/*
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* TODO(3.0) Move this header into provider when dependencies are removed */
#ifndef HEADER_MD5_SHA1_H
# define HEADER_MD5_SHA1_H
# include <openssl/opensslconf.h>
# ifndef OPENSSL_NO_MD5
# include <openssl/e_os2.h>
# include <stddef.h>
# include <openssl/md5.h>
# include <openssl/sha.h>
# define MD5_SHA1_DIGEST_LENGTH (MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH)
# define MD5_SHA1_CBLOCK MD5_CBLOCK
typedef struct md5_sha1_st {
MD5_CTX md5;
SHA_CTX sha1;
} MD5_SHA1_CTX;
int md5_sha1_init(MD5_SHA1_CTX *mctx);
int md5_sha1_update(MD5_SHA1_CTX *mctx, const void *data, size_t count);
int md5_sha1_final(unsigned char *md, MD5_SHA1_CTX *mctx);
int md5_sha1_ctrl(MD5_SHA1_CTX *mctx, int cmd, int mslen, void *ms);
# endif /* OPENSSL_NO_MD5 */
#endif /* HEADER_MD5_SHA1_H */

+ 52
- 0
include/internal/sha3.h View File

@ -0,0 +1,52 @@
/*
* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* TODO(3.0) Move this header into provider when dependencies are removed */
#ifndef HEADER_INTERNAL_SHA3_H
# define HEADER_INTERNAL_SHA3_H
# include <openssl/e_os2.h>
# include <stddef.h>
# define KECCAK1600_WIDTH 1600
# define SHA3_MDSIZE(bitlen) (bitlen / 8)
# define KMAC_MDSIZE(bitlen) 2 * (bitlen / 8)
# define SHA3_BLOCKSIZE(bitlen) (KECCAK1600_WIDTH - bitlen * 2) / 8
typedef struct keccak_st KECCAK1600_CTX;
typedef size_t (sha3_absorb_fn)(void *vctx, const void *inp, size_t len);
typedef int (sha3_final_fn)(unsigned char *md, void *vctx);
typedef struct prov_sha3_meth_st
{
sha3_absorb_fn *absorb;
sha3_final_fn *final;
} PROV_SHA3_METHOD;
struct keccak_st {
uint64_t A[5][5];
size_t block_size; /* cached ctx->digest->block_size */
size_t md_size; /* output length, variable in XOF */
size_t bufsz; /* used bytes in below buffer */
unsigned char buf[KECCAK1600_WIDTH / 8 - 32];
unsigned char pad;
PROV_SHA3_METHOD meth;
};
void sha3_reset(KECCAK1600_CTX *ctx);
int sha3_init(KECCAK1600_CTX *ctx, unsigned char pad, size_t bitlen);
int keccak_kmac_init(KECCAK1600_CTX *ctx, unsigned char pad, size_t bitlen);
int sha3_update(KECCAK1600_CTX *ctx, const void *_inp, size_t len);
int sha3_final(unsigned char *md, KECCAK1600_CTX *ctx);
size_t SHA3_absorb(uint64_t A[5][5], const unsigned char *inp, size_t len,
size_t r);
#endif /* HEADER_INTERNAL_SHA3_H */

crypto/include/internal/sm3.h → include/internal/sm3.h View File


+ 7
- 0
include/openssl/core_names.h View File

@ -40,6 +40,13 @@ extern "C" {
#define OSSL_CIPHER_PARAM_PADDING "padding"
#define OSSL_CIPHER_PARAM_MODE "mode"
/* digest parameters */
#define OSSL_DIGEST_PARAM_XOFLEN "xoflen"
#define OSSL_DIGEST_PARAM_CMD "cmd"
#define OSSL_DIGEST_PARAM_MSG "msg"
#define OSSL_DIGEST_PARAM_PAD_TYPE "pad_type"
#define OSSL_DIGEST_PARAM_MICALG "micalg"
# ifdef __cplusplus
}
# endif


+ 7
- 3
include/openssl/core_