diff options
Diffstat (limited to 'digest.c')
| -rw-r--r-- | digest.c | 148 |
1 files changed, 148 insertions, 0 deletions
diff --git a/digest.c b/digest.c new file mode 100644 index 000000000..59a8ffe0d --- /dev/null +++ b/digest.c | |||
| @@ -0,0 +1,148 @@ | |||
| 1 | /* $OpenBSD: digest.c,v 1.1 2014/01/09 23:20:00 djm Exp $ */ | ||
| 2 | /* | ||
| 3 | * Copyright (c) 2013 Damien Miller <djm@mindrot.org> | ||
| 4 | * | ||
| 5 | * Permission to use, copy, modify, and distribute this software for any | ||
| 6 | * purpose with or without fee is hereby granted, provided that the above | ||
| 7 | * copyright notice and this permission notice appear in all copies. | ||
| 8 | * | ||
| 9 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | ||
| 10 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | ||
| 11 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | ||
| 12 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | ||
| 13 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
| 14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
| 15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
| 16 | */ | ||
| 17 | |||
| 18 | #include "includes.h" | ||
| 19 | |||
| 20 | #include <sys/types.h> | ||
| 21 | #include <limits.h> | ||
| 22 | #include <stdlib.h> | ||
| 23 | #include <string.h> | ||
| 24 | |||
| 25 | #include <openssl/bn.h> /* for buffer.h */ | ||
| 26 | #include <openssl/ec.h> /* for buffer.h */ | ||
| 27 | #include <openssl/evp.h> | ||
| 28 | |||
| 29 | #include "buffer.h" | ||
| 30 | #include "digest.h" | ||
| 31 | |||
| 32 | struct ssh_digest_ctx { | ||
| 33 | int alg; | ||
| 34 | EVP_MD_CTX mdctx; | ||
| 35 | }; | ||
| 36 | |||
| 37 | struct ssh_digest { | ||
| 38 | int id; | ||
| 39 | const char *name; | ||
| 40 | size_t digest_len; | ||
| 41 | const EVP_MD *(*mdfunc)(void); | ||
| 42 | }; | ||
| 43 | |||
| 44 | /* NB. Indexed directly by algorithm number */ | ||
| 45 | const struct ssh_digest digests[] = { | ||
| 46 | { SSH_DIGEST_MD5, "MD5", 16, EVP_md5 }, | ||
| 47 | { SSH_DIGEST_RIPEMD160, "RIPEMD160", 20, EVP_ripemd160 }, | ||
| 48 | { SSH_DIGEST_SHA1, "SHA1", 20, EVP_sha1 }, | ||
| 49 | #ifdef HAVE_EVP_SHA256 /* XXX replace with local if missing */ | ||
| 50 | { SSH_DIGEST_SHA256, "SHA256", 32, EVP_sha256 }, | ||
| 51 | { SSH_DIGEST_SHA384, "SHA384", 48, EVP_sha384 }, | ||
| 52 | { SSH_DIGEST_SHA512, "SHA512", 64, EVP_sha512 }, | ||
| 53 | #endif | ||
| 54 | { -1, NULL, 0, NULL }, | ||
| 55 | }; | ||
| 56 | |||
| 57 | static const struct ssh_digest * | ||
| 58 | ssh_digest_by_alg(int alg) | ||
| 59 | { | ||
| 60 | if (alg < 0 || alg >= SSH_DIGEST_MAX) | ||
| 61 | return NULL; | ||
| 62 | if (digests[alg].id != alg) /* sanity */ | ||
| 63 | return NULL; | ||
| 64 | return &(digests[alg]); | ||
| 65 | } | ||
| 66 | |||
| 67 | size_t | ||
| 68 | ssh_digest_bytes(int alg) | ||
| 69 | { | ||
| 70 | const struct ssh_digest *digest = ssh_digest_by_alg(alg); | ||
| 71 | |||
| 72 | return digest == NULL ? 0 : digest->digest_len; | ||
| 73 | } | ||
| 74 | |||
| 75 | struct ssh_digest_ctx * | ||
| 76 | ssh_digest_start(int alg) | ||
| 77 | { | ||
| 78 | const struct ssh_digest *digest = ssh_digest_by_alg(alg); | ||
| 79 | struct ssh_digest_ctx *ret; | ||
| 80 | |||
| 81 | if (digest == NULL || ((ret = calloc(1, sizeof(*ret))) == NULL)) | ||
| 82 | return NULL; | ||
| 83 | ret->alg = alg; | ||
| 84 | EVP_MD_CTX_init(&ret->mdctx); | ||
| 85 | if (EVP_DigestInit_ex(&ret->mdctx, digest->mdfunc(), NULL) != 1) { | ||
| 86 | free(ret); | ||
| 87 | return NULL; | ||
| 88 | } | ||
| 89 | return ret; | ||
| 90 | } | ||
| 91 | |||
| 92 | int | ||
| 93 | ssh_digest_update(struct ssh_digest_ctx *ctx, const void *m, size_t mlen) | ||
| 94 | { | ||
| 95 | if (EVP_DigestUpdate(&ctx->mdctx, m, mlen) != 1) | ||
| 96 | return -1; | ||
| 97 | return 0; | ||
| 98 | } | ||
| 99 | |||
| 100 | int | ||
| 101 | ssh_digest_update_buffer(struct ssh_digest_ctx *ctx, const Buffer *b) | ||
| 102 | { | ||
| 103 | return ssh_digest_update(ctx, buffer_ptr(b), buffer_len(b)); | ||
| 104 | } | ||
| 105 | |||
| 106 | int | ||
| 107 | ssh_digest_final(struct ssh_digest_ctx *ctx, u_char *d, size_t dlen) | ||
| 108 | { | ||
| 109 | const struct ssh_digest *digest = ssh_digest_by_alg(ctx->alg); | ||
| 110 | u_int l = dlen; | ||
| 111 | |||
| 112 | if (dlen > UINT_MAX) | ||
| 113 | return -1; | ||
| 114 | if (dlen < digest->digest_len) /* No truncation allowed */ | ||
| 115 | return -1; | ||
| 116 | if (EVP_DigestFinal_ex(&ctx->mdctx, d, &l) != 1) | ||
| 117 | return -1; | ||
| 118 | if (l != digest->digest_len) /* sanity */ | ||
| 119 | return -1; | ||
| 120 | return 0; | ||
| 121 | } | ||
| 122 | |||
| 123 | void | ||
| 124 | ssh_digest_free(struct ssh_digest_ctx *ctx) | ||
| 125 | { | ||
| 126 | EVP_MD_CTX_cleanup(&ctx->mdctx); | ||
| 127 | memset(ctx, 0, sizeof(*ctx)); | ||
| 128 | } | ||
| 129 | |||
| 130 | int | ||
| 131 | ssh_digest_memory(int alg, const void *m, size_t mlen, u_char *d, size_t dlen) | ||
| 132 | { | ||
| 133 | struct ssh_digest_ctx *ctx = ssh_digest_start(alg); | ||
| 134 | |||
| 135 | if (ctx == NULL) | ||
| 136 | return -1; | ||
| 137 | if (ssh_digest_update(ctx, m, mlen) != 0 || | ||
| 138 | ssh_digest_final(ctx, d, dlen) != 0) | ||
| 139 | return -1; | ||
| 140 | ssh_digest_free(ctx); | ||
| 141 | return 0; | ||
| 142 | } | ||
| 143 | |||
| 144 | int | ||
| 145 | ssh_digest_buffer(int alg, const Buffer *b, u_char *d, size_t dlen) | ||
| 146 | { | ||
| 147 | return ssh_digest_memory(alg, buffer_ptr(b), buffer_len(b), d, dlen); | ||
| 148 | } | ||