*) applies to 0.9.6a (/0.9.6b) and 0.9.7
+) applies to 0.9.7 only
+ *) Change all calls to low level digest routines in the library and
+ applications to use EVP. Add missing calls to HMAC_cleanup() and
+ don't assume HMAC_CTX can be copied using memcpy().
+ [Verdon Walker <VWalker@novell.com>, Steve Henson]
+
+) Add the possibility to control engines through control names but with
arbitrary arguments instead of just a string.
Change the key loaders to take a UI_METHOD instead of a callback
#include <openssl/objects.h>
#include <openssl/x509.h>
#include <openssl/rand.h>
-#ifndef OPENSSL_NO_MD5
-#include <openssl/md5.h>
-#endif
#include <openssl/pem.h>
#include <openssl/engine.h>
#include <ctype.h>
# include <openssl/des.h>
#endif
#ifndef NO_MD5CRYPT_1
-# include <openssl/md5.h>
+# include <openssl/evp.h>
#endif
unsigned char buf[MD5_DIGEST_LENGTH];
char *salt_out;
int n, i;
- MD5_CTX md;
+ EVP_MD_CTX md;
size_t passwd_len, salt_len;
passwd_len = strlen(passwd);
salt_len = strlen(salt_out);
assert(salt_len <= 8);
- MD5_Init(&md);
- MD5_Update(&md, passwd, passwd_len);
- MD5_Update(&md, "$", 1);
- MD5_Update(&md, magic, strlen(magic));
- MD5_Update(&md, "$", 1);
- MD5_Update(&md, salt_out, salt_len);
+ EVP_DigestInit(&md,EVP_md5());
+ EVP_DigestUpdate(&md, passwd, passwd_len);
+ EVP_DigestUpdate(&md, "$", 1);
+ EVP_DigestUpdate(&md, magic, strlen(magic));
+ EVP_DigestUpdate(&md, "$", 1);
+ EVP_DigestUpdate(&md, salt_out, salt_len);
{
- MD5_CTX md2;
+ EVP_MD_CTX md2;
- MD5_Init(&md2);
- MD5_Update(&md2, passwd, passwd_len);
- MD5_Update(&md2, salt_out, salt_len);
- MD5_Update(&md2, passwd, passwd_len);
- MD5_Final(buf, &md2);
+ EVP_DigestInit(&md2,EVP_md5());
+ EVP_DigestUpdate(&md2, passwd, passwd_len);
+ EVP_DigestUpdate(&md2, salt_out, salt_len);
+ EVP_DigestUpdate(&md2, passwd, passwd_len);
+ EVP_DigestFinal(&md2, buf, NULL);
}
for (i = passwd_len; i > sizeof buf; i -= sizeof buf)
- MD5_Update(&md, buf, sizeof buf);
- MD5_Update(&md, buf, i);
+ EVP_DigestUpdate(&md, buf, sizeof buf);
+ EVP_DigestUpdate(&md, buf, i);
n = passwd_len;
while (n)
{
- MD5_Update(&md, (n & 1) ? "\0" : passwd, 1);
+ EVP_DigestUpdate(&md, (n & 1) ? "\0" : passwd, 1);
n >>= 1;
}
- MD5_Final(buf, &md);
+ EVP_DigestFinal(&md, buf, NULL);
for (i = 0; i < 1000; i++)
{
- MD5_CTX md2;
+ EVP_MD_CTX md2;
- MD5_Init(&md2);
- MD5_Update(&md2, (i & 1) ? (unsigned char *) passwd : buf,
- (i & 1) ? passwd_len : sizeof buf);
+ EVP_DigestInit(&md2,EVP_md5());
+ EVP_DigestUpdate(&md2, (i & 1) ? (unsigned char *) passwd : buf,
+ (i & 1) ? passwd_len : sizeof buf);
if (i % 3)
- MD5_Update(&md2, salt_out, salt_len);
+ EVP_DigestUpdate(&md2, salt_out, salt_len);
if (i % 7)
- MD5_Update(&md2, passwd, passwd_len);
- MD5_Update(&md2, (i & 1) ? buf : (unsigned char *) passwd,
- (i & 1) ? sizeof buf : passwd_len);
- MD5_Final(buf, &md2);
+ EVP_DigestUpdate(&md2, passwd, passwd_len);
+ EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned char *) passwd,
+ (i & 1) ? sizeof buf : passwd_len);
+ EVP_DigestFinal(&md2, buf, NULL);
}
{
print_message(names[D_MD2],c[D_MD2][j],lengths[j]);
Time_F(START,usertime);
for (count=0,run=1; COND(c[D_MD2][j]); count++)
- MD2(buf,(unsigned long)lengths[j],&(md2[0]));
+ EVP_Digest(buf,(unsigned long)lengths[j],&(md2[0]),NULL,EVP_md2());
d=Time_F(STOP,usertime);
BIO_printf(bio_err,"%ld %s's in %.2fs\n",
count,names[D_MD2],d);
print_message(names[D_MDC2],c[D_MDC2][j],lengths[j]);
Time_F(START,usertime);
for (count=0,run=1; COND(c[D_MDC2][j]); count++)
- MDC2(buf,(unsigned long)lengths[j],&(mdc2[0]));
+ EVP_Digest(buf,(unsigned long)lengths[j],&(mdc2[0]),NULL,EVP_mdc2());
d=Time_F(STOP,usertime);
BIO_printf(bio_err,"%ld %s's in %.2fs\n",
count,names[D_MDC2],d);
print_message(names[D_MD4],c[D_MD4][j],lengths[j]);
Time_F(START,usertime);
for (count=0,run=1; COND(c[D_MD4][j]); count++)
- MD4(&(buf[0]),(unsigned long)lengths[j],&(md4[0]));
+ EVP_Digest(&(buf[0]),(unsigned long)lengths[j],&(md4[0]),NULL,EVP_md4());
d=Time_F(STOP,usertime);
BIO_printf(bio_err,"%ld %s's in %.2fs\n",
count,names[D_MD4],d);
print_message(names[D_MD5],c[D_MD5][j],lengths[j]);
Time_F(START,usertime);
for (count=0,run=1; COND(c[D_MD5][j]); count++)
- MD5(&(buf[0]),(unsigned long)lengths[j],&(md5[0]));
+ EVP_Digest(&(buf[0]),(unsigned long)lengths[j],&(md5[0]),NULL,EVP_md5());
d=Time_F(STOP,usertime);
BIO_printf(bio_err,"%ld %s's in %.2fs\n",
count,names[D_MD5],d);
count,names[D_HMAC],d);
results[D_HMAC][j]=((double)count)/d*lengths[j];
}
+ HMAC_cleanup(&hctx);
}
#endif
#ifndef OPENSSL_NO_SHA
print_message(names[D_SHA1],c[D_SHA1][j],lengths[j]);
Time_F(START,usertime);
for (count=0,run=1; COND(c[D_SHA1][j]); count++)
- SHA1(buf,(unsigned long)lengths[j],&(sha[0]));
+ EVP_Digest(buf,(unsigned long)lengths[j],&(sha[0]),NULL,EVP_sha1());
d=Time_F(STOP,usertime);
BIO_printf(bio_err,"%ld %s's in %.2fs\n",
count,names[D_SHA1],d);
print_message(names[D_RMD160],c[D_RMD160][j],lengths[j]);
Time_F(START,usertime);
for (count=0,run=1; COND(c[D_RMD160][j]); count++)
- RIPEMD160(buf,(unsigned long)lengths[j],&(rmd160[0]));
+ EVP_Digest(buf,(unsigned long)lengths[j],&(rmd160[0]),NULL,EVP_ripemd160());
d=Time_F(STOP,usertime);
BIO_printf(bio_err,"%ld %s's in %.2fs\n",
count,names[D_RMD160],d);
unsigned char *dertmp;
int derlen;
int i;
- SHA_CTX SHA1buf ;
unsigned char SHA1md[SHA_DIGEST_LENGTH];
/* display the hash of the subject as it would appear
goto err;
i2d_X509_NAME(x->cert_info->subject, &dertmp);
- SHA1_Init(&SHA1buf);
- SHA1_Update(&SHA1buf, der, derlen);
- SHA1_Final(SHA1md,&SHA1buf);
+ EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1());
for (i=0; i < SHA_DIGEST_LENGTH; i++)
{
if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) goto err;
if (BIO_printf(bp,"\n Public key OCSP hash: ") <= 0)
goto err;
- SHA1_Init(&SHA1buf);
- SHA1_Update(&SHA1buf, x->cert_info->key->public_key->data,
- x->cert_info->key->public_key->length);
- SHA1_Final(SHA1md,&SHA1buf);
+ EVP_Digest(x->cert_info->key->public_key->data,
+ x->cert_info->key->public_key->length, SHA1md, NULL, EVP_sha1());
for (i=0; i < SHA_DIGEST_LENGTH; i++)
{
if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0)
#ifdef GENUINE_DSA
/* Parameter generation follows the original release of FIPS PUB 186,
* Appendix 2.2 (i.e. use SHA as defined in FIPS PUB 180) */
-#define HASH SHA
+#define HASH EVP_sha()
#else
/* Parameter generation follows the updated Appendix 2.2 for FIPS PUB 186,
* also Appendix 2.2 of FIPS PUB 186-1 (i.e. use SHA as defined in
* FIPS PUB 180-1) */
-#define HASH SHA1
+#define HASH EVP_sha1()
#endif
#ifndef OPENSSL_NO_SHA
#include <stdio.h>
#include <time.h>
#include "cryptlib.h"
-#include <openssl/sha.h>
+#include <openssl/evp.h>
#include <openssl/bn.h>
#include <openssl/dsa.h>
#include <openssl/rand.h>
}
/* step 2 */
- HASH(seed,SHA_DIGEST_LENGTH,md);
- HASH(buf,SHA_DIGEST_LENGTH,buf2);
+ EVP_Digest(seed,SHA_DIGEST_LENGTH,md,NULL,HASH);
+ EVP_Digest(buf,SHA_DIGEST_LENGTH,buf2,NULL,HASH);
for (i=0; i<SHA_DIGEST_LENGTH; i++)
md[i]^=buf2[i];
if (buf[i] != 0) break;
}
- HASH(buf,SHA_DIGEST_LENGTH,md);
+ EVP_Digest(buf,SHA_DIGEST_LENGTH,md,NULL,HASH);
/* step 8 */
if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,r0))
#include <stdio.h>
#include <time.h>
#include "cryptlib.h"
-#include <openssl/sha.h>
#include <openssl/bn.h>
#include <openssl/dsa.h>
#include <openssl/rand.h>
EVP_MD_CTX md;
int blockout; /* output block is ready */
int sigio; /* must process signature */
- char buf[IOBS];
+ unsigned char buf[IOBS];
} BIO_OK_CTX;
static BIO_METHOD methods_ok=
ctx->buf_len+= md->digest->md_size;
EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN));
- md->digest->final(&(ctx->buf[ctx->buf_len]), &(md->md.base[0]));
+ EVP_DigestFinal(md, &(ctx->buf[ctx->buf_len]), NULL);
ctx->buf_len+= md->digest->md_size;
ctx->blockout= 1;
ctx->sigio= 0;
ctx->buf_off+= md->digest->md_size;
EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN));
- md->digest->final(tmp, &(md->md.base[0]));
+ EVP_DigestFinal(md, tmp, NULL);
ret= memcmp(&(ctx->buf[ctx->buf_off]), tmp, md->digest->md_size) == 0;
ctx->buf_off+= md->digest->md_size;
if(ret == 1)
memcpy(ctx->buf, &tl, OK_BLOCK_BLOCK);
tl= swapem(tl);
EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl);
- md->digest->final(&(ctx->buf[ctx->buf_len]), &(md->md.base[0]));
+ EVP_DigestFinal(md, &(ctx->buf[ctx->buf_len]), NULL);
ctx->buf_len+= md->digest->md_size;
ctx->blockout= 1;
}
if (ctx->buf_len < tl+ OK_BLOCK_BLOCK+ md->digest->md_size) return;
EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl);
- md->digest->final(tmp, &(md->md.base[0]));
+ EVP_DigestFinal(md, tmp, NULL);
if(memcmp(&(ctx->buf[tl+ OK_BLOCK_BLOCK]), tmp, md->digest->md_size) == 0)
{
/* there might be parts from next block lurking around ! */
return(0);
}
#else
-#include <openssl/md2.h>
+#include <openssl/evp.h>
#ifdef CHARSET_EBCDIC
#include <openssl/ebcdic.h>
int i,err=0;
char **P,**R;
char *p;
+ unsigned char md[MD2_DIGEST_LENGTH];
P=test;
R=ret;
i=1;
while (*P != NULL)
{
- p=pt(MD2((unsigned char *)*P,(unsigned long)strlen(*P),NULL));
+ EVP_Digest((unsigned char *)*P,(unsigned long)strlen(*P),md,NULL,EVP_md2());
+ p=pt(md);
if (strcmp(p,*R) != 0)
{
printf("error calculating MD2 on '%s'\n",*P);
return(0);
}
#else
-#include <openssl/md4.h>
+#include <openssl/evp.h>
static char *test[]={
"",
int i,err=0;
unsigned char **P,**R;
char *p;
+ unsigned char md[MD4_DIGEST_LENGTH];
P=(unsigned char **)test;
R=(unsigned char **)ret;
i=1;
while (*P != NULL)
{
- p=pt(MD4(&(P[0][0]),(unsigned long)strlen((char *)*P),NULL));
+ EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md4());
+ p=pt(md);
if (strcmp(p,(char *)*R) != 0)
{
printf("error calculating MD4 on '%s'\n",*P);
return(0);
}
#else
-#include <openssl/md5.h>
+#include <openssl/evp.h>
static char *test[]={
"",
int i,err=0;
unsigned char **P,**R;
char *p;
+ unsigned char md[MD5_DIGEST_LENGTH];
P=(unsigned char **)test;
R=(unsigned char **)ret;
i=1;
while (*P != NULL)
{
- p=pt(MD5(&(P[0][0]),(unsigned long)strlen((char *)*P),NULL));
+ EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md5());
+ p=pt(md);
if (strcmp(p,(char *)*R) != 0)
{
printf("error calculating MD5 on '%s'\n",*P);
return(0);
}
#else
-#include <openssl/mdc2.h>
+#include <openssl/evp.h>
#ifdef CHARSET_EBCDIC
#include <openssl/ebcdic.h>
int ret=0;
unsigned char md[MDC2_DIGEST_LENGTH];
int i;
- MDC2_CTX c;
+ EVP_MD_CTX c;
static char *text="Now is the time for all ";
#ifdef CHARSET_EBCDIC
ebcdic2ascii(text,text,strlen(text));
#endif
- MDC2_Init(&c);
- MDC2_Update(&c,(unsigned char *)text,strlen(text));
- MDC2_Final(&(md[0]),&c);
+ EVP_DigestInit(&c,EVP_mdc2());
+ EVP_DigestUpdate(&c,(unsigned char *)text,strlen(text));
+ EVP_DigestFinal(&c,&(md[0]),NULL);
if (memcmp(md,pad1,MDC2_DIGEST_LENGTH) != 0)
{
else
printf("pad1 - ok\n");
- MDC2_Init(&c);
- c.pad_type=2;
- MDC2_Update(&c,(unsigned char *)text,strlen(text));
- MDC2_Final(&(md[0]),&c);
+ EVP_DigestInit(&c,EVP_mdc2());
+ c.md.mdc2.pad_type=2;
+ EVP_DigestUpdate(&c,(unsigned char *)text,strlen(text));
+ EVP_DigestFinal(&c,&(md[0]),NULL);
if (memcmp(md,pad2,MDC2_DIGEST_LENGTH) != 0)
{
HMAC_Update (&hmac, p12->authsafes->d.data->data,
p12->authsafes->d.data->length);
HMAC_Final (&hmac, mac, maclen);
+ HMAC_cleanup (&hmac);
return 1;
}
MD_Update(&m,buf,j);
MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
- MD_Final(local_md,&m);
+ MD_Final(&m,local_md);
md_c[1]++;
buf=(const char *)buf + j;
}
else
MD_Update(&m,&(state[st_idx]),j);
- MD_Final(local_md,&m);
+ MD_Final(&m,local_md);
for (i=0; i<j; i++)
{
MD_Update(&m,local_md,MD_DIGEST_LENGTH);
CRYPTO_w_lock(CRYPTO_LOCK_RAND);
MD_Update(&m,md,MD_DIGEST_LENGTH);
- MD_Final(md,&m);
+ MD_Final(&m,md);
CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
memset(&m,0,sizeof(m));
#endif
#endif
+#include <openssl/evp.h>
+#define MD_CTX EVP_MD_CTX
+#define MD_Update(a,b,c) EVP_DigestUpdate(a,b,c)
+#define MD_Final(a,b) EVP_DigestFinal(a,b,NULL)
#if defined(USE_MD5_RAND)
-#include <openssl/md5.h>
#define MD_DIGEST_LENGTH MD5_DIGEST_LENGTH
-#define MD(a,b,c) MD5(a,b,c)
+#define MD_Init(a) EVP_DigestInit(a,EVP_md5())
+#define MD(a,b,c) EVP_Digest(a,b,c,EVP_md5())
#elif defined(USE_SHA1_RAND)
-#include <openssl/sha.h>
#define MD_DIGEST_LENGTH SHA_DIGEST_LENGTH
-#define MD(a,b,c) SHA1(a,b,c)
+#define MD_Init(a) EVP_DigestInit(a,EVP_sha1())
+#define MD(a,b,c) EVP_Digest(a,b,c,EVP_sha1())
#elif defined(USE_MDC2_RAND)
-#include <openssl/mdc2.h>
#define MD_DIGEST_LENGTH MDC2_DIGEST_LENGTH
-#define MD(a,b,c) MDC2(a,b,c)
+#define MD_Init(a) EVP_DigestInit(a,EVP_mdc2())
+#define MD(a,b,c) EVP_Digest(a,b,c,EVP_mdc2())
#elif defined(USE_MD2_RAND)
-#include <openssl/md2.h>
#define MD_DIGEST_LENGTH MD2_DIGEST_LENGTH
-#define MD(a,b,c) MD2(a,b,c)
-#endif
-#if defined(USE_MD5_RAND)
-#include <openssl/md5.h>
-#define MD_DIGEST_LENGTH MD5_DIGEST_LENGTH
-#define MD_CTX MD5_CTX
-#define MD_Init(a) MD5_Init(a)
-#define MD_Update(a,b,c) MD5_Update(a,b,c)
-#define MD_Final(a,b) MD5_Final(a,b)
-#define MD(a,b,c) MD5(a,b,c)
-#elif defined(USE_SHA1_RAND)
-#include <openssl/sha.h>
-#define MD_DIGEST_LENGTH SHA_DIGEST_LENGTH
-#define MD_CTX SHA_CTX
-#define MD_Init(a) SHA1_Init(a)
-#define MD_Update(a,b,c) SHA1_Update(a,b,c)
-#define MD_Final(a,b) SHA1_Final(a,b)
-#define MD(a,b,c) SHA1(a,b,c)
-#elif defined(USE_MDC2_RAND)
-#include <openssl/mdc2.h>
-#define MD_DIGEST_LENGTH MDC2_DIGEST_LENGTH
-#define MD_CTX MDC2_CTX
-#define MD_Init(a) MDC2_Init(a)
-#define MD_Update(a,b,c) MDC2_Update(a,b,c)
-#define MD_Final(a,b) MDC2_Final(a,b)
-#define MD(a,b,c) MDC2(a,b,c)
-#elif defined(USE_MD2_RAND)
-#include <openssl/md2.h>
-#define MD_DIGEST_LENGTH MD2_DIGEST_LENGTH
-#define MD_CTX MD2_CTX
-#define MD_Init(a) MD2_Init(a)
-#define MD_Update(a,b,c) MD2_Update(a,b,c)
-#define MD_Final(a,b) MD2_Final(a,b)
-#define MD(a,b,c) MD2(a,b,c)
+#define MD_Init(a) EVP_DigestInit(a,EVP_md2())
+#define MD(a,b,c) EVP_Digest(a,b,c,EVP_md2())
#endif
keystr=buf;
}
- MD5((unsigned char *)keystr,(unsigned long)strlen(keystr),md);
+ EVP_Digest((unsigned char *)keystr,(unsigned long)strlen(keystr),md,NULL,EVP_md5());
memset(keystr,0,strlen(keystr));
RC4_set_key(&key,MD5_DIGEST_LENGTH,md);
return(0);
}
#else
-#include <openssl/ripemd.h>
+#include <openssl/evp.h>
#ifdef CHARSET_EBCDIC
#include <openssl/ebcdic.h>
int i,err=0;
unsigned char **P,**R;
char *p;
+ unsigned char md[RIPEMD160_DIGEST_LENGTH];
P=(unsigned char **)test;
R=(unsigned char **)ret;
#ifdef CHARSET_EBCDIC
ebcdic2ascii((char *)*P, (char *)*P, strlen((char *)*P));
#endif
- p=pt(RIPEMD160(&(P[0][0]),(unsigned long)strlen((char *)*P),NULL));
+ EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_ripemd160());
+ p=pt(md);
if (strcmp(p,(char *)*R) != 0)
{
printf("error calculating RIPEMD160 on '%s'\n",*P);
#include "cryptlib.h"
#include <openssl/bn.h>
#include <openssl/rsa.h>
-#include <openssl/sha.h>
+#include <openssl/evp.h>
#include <openssl/rand.h>
int MGF1(unsigned char *mask, long len,
seed = to + 1;
db = to + SHA_DIGEST_LENGTH + 1;
- SHA1(param, plen, db);
+ EVP_Digest((void *)param, plen, db, NULL, EVP_sha1());
memset(db + SHA_DIGEST_LENGTH, 0,
emlen - flen - 2 * SHA_DIGEST_LENGTH - 1);
db[emlen - flen - SHA_DIGEST_LENGTH - 1] = 0x01;
for (i = 0; i < dblen; i++)
db[i] ^= maskeddb[i];
- SHA1(param, plen, phash);
+ EVP_Digest((void *)param, plen, phash, NULL, EVP_sha1());
if (memcmp(db, phash, SHA_DIGEST_LENGTH) != 0)
goto decoding_err;
{
long i, outlen = 0;
unsigned char cnt[4];
- SHA_CTX c;
+ EVP_MD_CTX c;
unsigned char md[SHA_DIGEST_LENGTH];
for (i = 0; outlen < len; i++)
{
cnt[0] = (i >> 24) & 255, cnt[1] = (i >> 16) & 255,
cnt[2] = (i >> 8) & 255, cnt[3] = i & 255;
- SHA1_Init(&c);
- SHA1_Update(&c, seed, seedlen);
- SHA1_Update(&c, cnt, 4);
+ EVP_DigestInit(&c,EVP_sha1());
+ EVP_DigestUpdate(&c, seed, seedlen);
+ EVP_DigestUpdate(&c, cnt, 4);
if (outlen + SHA_DIGEST_LENGTH <= len)
{
- SHA1_Final(mask + outlen, &c);
+ EVP_DigestFinal(&c, mask + outlen, NULL);
outlen += SHA_DIGEST_LENGTH;
}
else
{
- SHA1_Final(md, &c);
+ EVP_DigestFinal(&c, md, NULL);
memcpy(mask + outlen, md, len - outlen);
outlen = len;
}
return(0);
}
#else
-#include <openssl/sha.h>
+#include <openssl/evp.h>
#ifdef CHARSET_EBCDIC
#include <openssl/ebcdic.h>
unsigned char **P,**R;
static unsigned char buf[1000];
char *p,*r;
- SHA_CTX c;
+ EVP_MD_CTX c;
unsigned char md[SHA_DIGEST_LENGTH];
#ifdef CHARSET_EBCDIC
i=1;
while (*P != NULL)
{
- p=pt(SHA1(*P,(unsigned long)strlen((char *)*P),NULL));
+ EVP_Digest(*P,(unsigned long)strlen((char *)*P),md,NULL,EVP_sha1());
+ p=pt(md);
if (strcmp(p,(char *)*R) != 0)
{
printf("error calculating SHA1 on '%s'\n",*P);
#ifdef CHARSET_EBCDIC
ebcdic2ascii(buf, buf, 1000);
#endif /*CHARSET_EBCDIC*/
- SHA1_Init(&c);
+ EVP_DigestInit(&c,EVP_sha1());
for (i=0; i<1000; i++)
- SHA1_Update(&c,buf,1000);
- SHA1_Final(md,&c);
+ EVP_DigestUpdate(&c,buf,1000);
+ EVP_DigestFinal(&c,md,NULL);
p=pt(md);
r=bigret;
return(0);
}
#else
-#include <openssl/sha.h>
+#include <openssl/evp.h>
#ifdef CHARSET_EBCDIC
#include <openssl/ebcdic.h>
unsigned char **P,**R;
static unsigned char buf[1000];
char *p,*r;
- SHA_CTX c;
+ EVP_MD_CTX c;
unsigned char md[SHA_DIGEST_LENGTH];
#ifdef CHARSET_EBCDIC
i=1;
while (*P != NULL)
{
- p=pt(SHA(*P,(unsigned long)strlen((char *)*P),NULL));
+ EVP_Digest(*P,(unsigned long)strlen((char *)*P),md,NULL,EVP_sha());
+ p=pt(md);
if (strcmp(p,(char *)*R) != 0)
{
printf("error calculating SHA on '%s'\n",*P);
#ifdef CHARSET_EBCDIC
ebcdic2ascii(buf, buf, 1000);
#endif /*CHARSET_EBCDIC*/
- SHA_Init(&c);
+ EVP_DigestInit(&c,EVP_sha());
for (i=0; i<1000; i++)
- SHA_Update(&c,buf,1000);
- SHA_Final(md,&c);
+ EVP_DigestUpdate(&c,buf,1000);
+ EVP_DigestFinal(&c,md,NULL);
p=pt(md);
r=bigret;
unsigned long X509_issuer_and_serial_hash(X509 *a)
{
unsigned long ret=0;
- MD5_CTX ctx;
+ EVP_MD_CTX ctx;
unsigned char md[16];
char str[256];
X509_NAME_oneline(a->cert_info->issuer,str,256);
ret=strlen(str);
- MD5_Init(&ctx);
- MD5_Update(&ctx,(unsigned char *)str,ret);
- MD5_Update(&ctx,(unsigned char *)a->cert_info->serialNumber->data,
+ EVP_DigestInit(&ctx,EVP_md5());
+ EVP_DigestUpdate(&ctx,(unsigned char *)str,ret);
+ EVP_DigestUpdate(&ctx,(unsigned char *)a->cert_info->serialNumber->data,
(unsigned long)a->cert_info->serialNumber->length);
- MD5_Final(&(md[0]),&ctx);
+ EVP_DigestFinal(&ctx,&(md[0]),NULL);
ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)|
((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
)&0xffffffffL;
#include <stdio.h>
#include <openssl/rsa.h>
#include <openssl/objects.h>
-#include <openssl/md5.h>
+#include <openssl/evp.h>
static long ssl2_default_timeout(void );
const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT;
void ssl2_generate_key_material(SSL *s)
{
unsigned int i;
- MD5_CTX ctx;
+ EVP_MD_CTX ctx;
unsigned char *km;
unsigned char c='0';
km=s->s2->key_material;
for (i=0; i<s->s2->key_material_length; i+=MD5_DIGEST_LENGTH)
{
- MD5_Init(&ctx);
+ EVP_DigestInit(&ctx,EVP_md5());
- MD5_Update(&ctx,s->session->master_key,s->session->master_key_length);
- MD5_Update(&ctx,&c,1);
+ EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length);
+ EVP_DigestUpdate(&ctx,&c,1);
c++;
- MD5_Update(&ctx,s->s2->challenge,s->s2->challenge_length);
- MD5_Update(&ctx,s->s2->conn_id,s->s2->conn_id_length);
- MD5_Final(km,&ctx);
+ EVP_DigestUpdate(&ctx,s->s2->challenge,s->s2->challenge_length);
+ EVP_DigestUpdate(&ctx,s->s2->conn_id,s->s2->conn_id_length);
+ EVP_DigestFinal(&ctx,km,NULL);
km+=MD5_DIGEST_LENGTH;
}
}
#include <openssl/buffer.h>
#include <openssl/rand.h>
#include <openssl/objects.h>
-#include <openssl/md5.h>
-#include <openssl/sha.h>
#include <openssl/evp.h>
#include "ssl_locl.h"
*/
#include <stdio.h>
-#include <openssl/md5.h>
-#include <openssl/sha.h>
#include <openssl/evp.h>
#include "ssl_locl.h"
static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
{
- MD5_CTX m5;
- SHA_CTX s1;
+ EVP_MD_CTX m5;
+ EVP_MD_CTX s1;
unsigned char buf[16],smd[SHA_DIGEST_LENGTH];
unsigned char c='A';
int i,j,k;
for (j=0; j<k; j++)
buf[j]=c;
c++;
- SHA1_Init( &s1);
- SHA1_Update(&s1,buf,k);
- SHA1_Update(&s1,s->session->master_key,
+ EVP_DigestInit(&s1,EVP_sha1());
+ EVP_DigestUpdate(&s1,buf,k);
+ EVP_DigestUpdate(&s1,s->session->master_key,
s->session->master_key_length);
- SHA1_Update(&s1,s->s3->server_random,SSL3_RANDOM_SIZE);
- SHA1_Update(&s1,s->s3->client_random,SSL3_RANDOM_SIZE);
- SHA1_Final( smd,&s1);
+ EVP_DigestUpdate(&s1,s->s3->server_random,SSL3_RANDOM_SIZE);
+ EVP_DigestUpdate(&s1,s->s3->client_random,SSL3_RANDOM_SIZE);
+ EVP_DigestFinal(&s1,smd,NULL);
- MD5_Init( &m5);
- MD5_Update(&m5,s->session->master_key,
+ EVP_DigestInit(&m5,EVP_md5());
+ EVP_DigestUpdate(&m5,s->session->master_key,
s->session->master_key_length);
- MD5_Update(&m5,smd,SHA_DIGEST_LENGTH);
+ EVP_DigestUpdate(&m5,smd,SHA_DIGEST_LENGTH);
if ((i+MD5_DIGEST_LENGTH) > num)
{
- MD5_Final(smd,&m5);
+ EVP_DigestFinal(&m5,smd,NULL);
memcpy(km,smd,(num-i));
}
else
- MD5_Final(km,&m5);
+ EVP_DigestFinal(&m5,km,NULL);
km+=MD5_DIGEST_LENGTH;
}
const EVP_CIPHER *c;
COMP_METHOD *comp;
const EVP_MD *m;
- MD5_CTX md;
+ EVP_MD_CTX md;
int exp,n,i,j,k,cl;
exp=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
/* In here I set both the read and write key/iv to the
* same value since only the correct one will be used :-).
*/
- MD5_Init(&md);
- MD5_Update(&md,key,j);
- MD5_Update(&md,er1,SSL3_RANDOM_SIZE);
- MD5_Update(&md,er2,SSL3_RANDOM_SIZE);
- MD5_Final(&(exp_key[0]),&md);
+ EVP_DigestInit(&md,EVP_md5());
+ EVP_DigestUpdate(&md,key,j);
+ EVP_DigestUpdate(&md,er1,SSL3_RANDOM_SIZE);
+ EVP_DigestUpdate(&md,er2,SSL3_RANDOM_SIZE);
+ EVP_DigestFinal(&md,&(exp_key[0]),NULL);
key= &(exp_key[0]);
if (k > 0)
{
- MD5_Init(&md);
- MD5_Update(&md,er1,SSL3_RANDOM_SIZE);
- MD5_Update(&md,er2,SSL3_RANDOM_SIZE);
- MD5_Final(&(exp_iv[0]),&md);
+ EVP_DigestInit(&md,EVP_md5());
+ EVP_DigestUpdate(&md,er1,SSL3_RANDOM_SIZE);
+ EVP_DigestUpdate(&md,er2,SSL3_RANDOM_SIZE);
+ EVP_DigestFinal(&md,&(exp_iv[0]),NULL);
iv= &(exp_iv[0]);
}
}
*/
#include <stdio.h>
-#include <openssl/md5.h>
-#include <openssl/sha.h>
#include <openssl/objects.h>
#include "ssl_locl.h"
#include <openssl/buffer.h>
#include <openssl/rand.h>
#include <openssl/objects.h>
-#include <openssl/md5.h>
-#include <openssl/sha.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
#include "ssl_locl.h"
#include <stdio.h>
#include <openssl/comp.h>
-#include <openssl/md5.h>
-#include <openssl/sha.h>
#include <openssl/evp.h>
#include <openssl/hmac.h>
#include "ssl_locl.h"
chunk=EVP_MD_size(md);
HMAC_Init(&ctx,sec,sec_len,md);
+ HMAC_Init(&ctx_tmp,sec,sec_len,md);
HMAC_Update(&ctx,seed,seed_len);
HMAC_Final(&ctx,A1,&A1_len);
for (;;)
{
HMAC_Init(&ctx,NULL,0,NULL); /* re-init */
+ HMAC_Init(&ctx_tmp,NULL,0,NULL); /* re-init */
HMAC_Update(&ctx,A1,A1_len);
- memcpy(&ctx_tmp,&ctx,sizeof(ctx)); /* Copy for A2 */ /* not needed for last one */
+ HMAC_Update(&ctx_tmp,A1,A1_len);
HMAC_Update(&ctx,seed,seed_len);
if (olen > chunk)
HMAC_Update(&hmac,buf,5);
HMAC_Update(&hmac,rec->input,rec->length);
HMAC_Final(&hmac,md,&md_size);
+ HMAC_cleanup(&hmac);
#ifdef TLS_DEBUG
printf("sec=");