use EVP_MD_CTX_create
This commit is contained in:
Love Hornquist Astrand
@@ -74,35 +74,35 @@ hash_input_chan_bindings (const gss_channel_bindings_t b,
|
|||||||
u_char *p)
|
u_char *p)
|
||||||
{
|
{
|
||||||
u_char num[4];
|
u_char num[4];
|
||||||
EVP_MD_CTX ctx;
|
EVP_MD_CTX *ctx;
|
||||||
|
|
||||||
EVP_MD_CTX_init(&ctx);
|
ctx = EVP_MD_CTX_create();
|
||||||
EVP_DigestInit_ex(&ctx, EVP_md5(), NULL);
|
EVP_DigestInit_ex(ctx, EVP_md5(), NULL);
|
||||||
|
|
||||||
_gsskrb5_encode_om_uint32 (b->initiator_addrtype, num);
|
_gsskrb5_encode_om_uint32 (b->initiator_addrtype, num);
|
||||||
EVP_DigestUpdate(&ctx, num, sizeof(num));
|
EVP_DigestUpdate(ctx, num, sizeof(num));
|
||||||
_gsskrb5_encode_om_uint32 (b->initiator_address.length, num);
|
_gsskrb5_encode_om_uint32 (b->initiator_address.length, num);
|
||||||
EVP_DigestUpdate(&ctx, num, sizeof(num));
|
EVP_DigestUpdate(ctx, num, sizeof(num));
|
||||||
if (b->initiator_address.length)
|
if (b->initiator_address.length)
|
||||||
EVP_DigestUpdate(&ctx,
|
EVP_DigestUpdate(ctx,
|
||||||
b->initiator_address.value,
|
b->initiator_address.value,
|
||||||
b->initiator_address.length);
|
b->initiator_address.length);
|
||||||
_gsskrb5_encode_om_uint32 (b->acceptor_addrtype, num);
|
_gsskrb5_encode_om_uint32 (b->acceptor_addrtype, num);
|
||||||
EVP_DigestUpdate(&ctx, num, sizeof(num));
|
EVP_DigestUpdate(ctx, num, sizeof(num));
|
||||||
_gsskrb5_encode_om_uint32 (b->acceptor_address.length, num);
|
_gsskrb5_encode_om_uint32 (b->acceptor_address.length, num);
|
||||||
EVP_DigestUpdate(&ctx, num, sizeof(num));
|
EVP_DigestUpdate(ctx, num, sizeof(num));
|
||||||
if (b->acceptor_address.length)
|
if (b->acceptor_address.length)
|
||||||
EVP_DigestUpdate(&ctx,
|
EVP_DigestUpdate(ctx,
|
||||||
b->acceptor_address.value,
|
b->acceptor_address.value,
|
||||||
b->acceptor_address.length);
|
b->acceptor_address.length);
|
||||||
_gsskrb5_encode_om_uint32 (b->application_data.length, num);
|
_gsskrb5_encode_om_uint32 (b->application_data.length, num);
|
||||||
EVP_DigestUpdate(&ctx, num, sizeof(num));
|
EVP_DigestUpdate(ctx, num, sizeof(num));
|
||||||
if (b->application_data.length)
|
if (b->application_data.length)
|
||||||
EVP_DigestUpdate(&ctx,
|
EVP_DigestUpdate(ctx,
|
||||||
b->application_data.value,
|
b->application_data.value,
|
||||||
b->application_data.length);
|
b->application_data.length);
|
||||||
EVP_DigestFinal_ex(&ctx, p, NULL);
|
EVP_DigestFinal_ex(ctx, p, NULL);
|
||||||
EVP_MD_CTX_cleanup(&ctx);
|
EVP_MD_CTX_destroy(ctx);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -80,7 +80,7 @@ _gss_ntlm_set_key(struct ntlmv2_key *key, int acceptor, int sealsign,
|
|||||||
unsigned char *data, size_t len)
|
unsigned char *data, size_t len)
|
||||||
{
|
{
|
||||||
unsigned char out[16];
|
unsigned char out[16];
|
||||||
EVP_MD_CTX ctx;
|
EVP_MD_CTX *ctx;
|
||||||
const char *signmagic;
|
const char *signmagic;
|
||||||
const char *sealmagic;
|
const char *sealmagic;
|
||||||
|
|
||||||
@@ -94,19 +94,17 @@ _gss_ntlm_set_key(struct ntlmv2_key *key, int acceptor, int sealsign,
|
|||||||
|
|
||||||
key->seq = 0;
|
key->seq = 0;
|
||||||
|
|
||||||
EVP_MD_CTX_init(&ctx);
|
ctx = EVP_MD_CTX_create();
|
||||||
EVP_DigestInit_ex(&ctx, EVP_md5(), NULL);
|
EVP_DigestInit_ex(ctx, EVP_md5(), NULL);
|
||||||
EVP_DigestUpdate(&ctx, data, len);
|
EVP_DigestUpdate(ctx, data, len);
|
||||||
EVP_DigestUpdate(&ctx, signmagic, strlen(signmagic) + 1);
|
EVP_DigestUpdate(ctx, signmagic, strlen(signmagic) + 1);
|
||||||
EVP_DigestFinal_ex(&ctx, key->signkey, NULL);
|
EVP_DigestFinal_ex(ctx, key->signkey, NULL);
|
||||||
EVP_MD_CTX_cleanup(&ctx);
|
|
||||||
|
|
||||||
EVP_MD_CTX_init(&ctx);
|
EVP_DigestInit_ex(ctx, EVP_md5(), NULL);
|
||||||
EVP_DigestInit_ex(&ctx, EVP_md5(), NULL);
|
EVP_DigestUpdate(ctx, data, len);
|
||||||
EVP_DigestUpdate(&ctx, data, len);
|
EVP_DigestUpdate(ctx, sealmagic, strlen(sealmagic) + 1);
|
||||||
EVP_DigestUpdate(&ctx, sealmagic, strlen(sealmagic) + 1);
|
EVP_DigestFinal_ex(ctx, out, NULL);
|
||||||
EVP_DigestFinal_ex(&ctx, out, NULL);
|
EVP_MD_CTX_destroy(ctx);
|
||||||
EVP_MD_CTX_cleanup(&ctx);
|
|
||||||
|
|
||||||
RC4_set_key(&key->sealkey, 16, out);
|
RC4_set_key(&key->sealkey, 16, out);
|
||||||
if (sealsign)
|
if (sealsign)
|
||||||
|
|||||||
@@ -1193,14 +1193,14 @@ ca_sign(hx509_context context,
|
|||||||
unsigned char hash[SHA_DIGEST_LENGTH];
|
unsigned char hash[SHA_DIGEST_LENGTH];
|
||||||
|
|
||||||
{
|
{
|
||||||
EVP_MD_CTX ctx;
|
EVP_MD_CTX *ctx;
|
||||||
|
|
||||||
EVP_MD_CTX_init(&ctx);
|
ctx = EVP_MD_CTX_create();
|
||||||
EVP_DigestInit_ex(&ctx, EVP_sha1(), NULL);
|
EVP_DigestInit_ex(ctx, EVP_sha1(), NULL);
|
||||||
EVP_DigestUpdate(&ctx, tbs->spki.subjectPublicKey.data,
|
EVP_DigestUpdate(ctx, tbs->spki.subjectPublicKey.data,
|
||||||
tbs->spki.subjectPublicKey.length / 8);
|
tbs->spki.subjectPublicKey.length / 8);
|
||||||
EVP_DigestFinal_ex(&ctx, hash, NULL);
|
EVP_DigestFinal_ex(ctx, hash, NULL);
|
||||||
EVP_MD_CTX_cleanup(&ctx);
|
EVP_MD_CTX_destroy(ctx);
|
||||||
}
|
}
|
||||||
|
|
||||||
si.data = hash;
|
si.data = hash;
|
||||||
|
|||||||
@@ -1141,7 +1141,7 @@ evp_md_create_signature(hx509_context context,
|
|||||||
heim_octet_string *sig)
|
heim_octet_string *sig)
|
||||||
{
|
{
|
||||||
size_t sigsize = EVP_MD_size(sig_alg->evp_md());
|
size_t sigsize = EVP_MD_size(sig_alg->evp_md());
|
||||||
EVP_MD_CTX ctx;
|
EVP_MD_CTX *ctx;
|
||||||
|
|
||||||
memset(sig, 0, sizeof(*sig));
|
memset(sig, 0, sizeof(*sig));
|
||||||
|
|
||||||
@@ -1161,11 +1161,11 @@ evp_md_create_signature(hx509_context context,
|
|||||||
}
|
}
|
||||||
sig->length = sigsize;
|
sig->length = sigsize;
|
||||||
|
|
||||||
EVP_MD_CTX_init(&ctx);
|
ctx = EVP_MD_CTX_create();
|
||||||
EVP_DigestInit_ex(&ctx, sig_alg->evp_md(), NULL);
|
EVP_DigestInit_ex(ctx, sig_alg->evp_md(), NULL);
|
||||||
EVP_DigestUpdate(&ctx, data->data, data->length);
|
EVP_DigestUpdate(ctx, data->data, data->length);
|
||||||
EVP_DigestFinal_ex(&ctx, sig->data, NULL);
|
EVP_DigestFinal_ex(ctx, sig->data, NULL);
|
||||||
EVP_MD_CTX_cleanup(&ctx);
|
EVP_MD_CTX_destroy(ctx);
|
||||||
|
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
@@ -1180,7 +1180,7 @@ evp_md_verify_signature(hx509_context context,
|
|||||||
const heim_octet_string *sig)
|
const heim_octet_string *sig)
|
||||||
{
|
{
|
||||||
unsigned char digest[EVP_MAX_MD_SIZE];
|
unsigned char digest[EVP_MAX_MD_SIZE];
|
||||||
EVP_MD_CTX ctx;
|
EVP_MD_CTX *ctx;
|
||||||
size_t sigsize = EVP_MD_size(sig_alg->evp_md());
|
size_t sigsize = EVP_MD_size(sig_alg->evp_md());
|
||||||
|
|
||||||
if (sig->length != sigsize || sigsize > sizeof(digest)) {
|
if (sig->length != sigsize || sigsize > sizeof(digest)) {
|
||||||
@@ -1189,11 +1189,11 @@ evp_md_verify_signature(hx509_context context,
|
|||||||
return HX509_CRYPTO_SIG_INVALID_FORMAT;
|
return HX509_CRYPTO_SIG_INVALID_FORMAT;
|
||||||
}
|
}
|
||||||
|
|
||||||
EVP_MD_CTX_init(&ctx);
|
ctx = EVP_MD_CTX_create();
|
||||||
EVP_DigestInit_ex(&ctx, sig_alg->evp_md(), NULL);
|
EVP_DigestInit_ex(ctx, sig_alg->evp_md(), NULL);
|
||||||
EVP_DigestUpdate(&ctx, data->data, data->length);
|
EVP_DigestUpdate(ctx, data->data, data->length);
|
||||||
EVP_DigestFinal_ex(&ctx, digest, NULL);
|
EVP_DigestFinal_ex(ctx, digest, NULL);
|
||||||
EVP_MD_CTX_cleanup(&ctx);
|
EVP_MD_CTX_destroy(ctx);
|
||||||
|
|
||||||
if (ct_memcmp(digest, sig->data, sigsize) != 0) {
|
if (ct_memcmp(digest, sig->data, sigsize) != 0) {
|
||||||
hx509_set_error_string(context, 0, HX509_CRYPTO_BAD_SIGNATURE,
|
hx509_set_error_string(context, 0, HX509_CRYPTO_BAD_SIGNATURE,
|
||||||
|
|||||||
@@ -156,9 +156,9 @@ command = {
|
|||||||
type = "string"
|
type = "string"
|
||||||
help = "file containing content"
|
help = "file containing content"
|
||||||
}
|
}
|
||||||
min_args="2"
|
min_args="1"
|
||||||
max_args="2"
|
max_args="2"
|
||||||
argument="in-file out-file"
|
argument="in-file [out-file]"
|
||||||
help = "Verify a file within a SignedData object"
|
help = "Verify a file within a SignedData object"
|
||||||
}
|
}
|
||||||
command = {
|
command = {
|
||||||
|
|||||||
Reference in New Issue
Block a user