1 /* 2 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <stdio.h> 11 #include "internal/cryptlib.h" 12 #include <openssl/objects.h> 13 #include <openssl/evp.h> 14 #include <openssl/engine.h> 15 #include "internal/evp_int.h" 16 #include "evp_locl.h" 17 18 /* This call frees resources associated with the context */ 19 int EVP_MD_CTX_reset(EVP_MD_CTX *ctx) 20 { 21 if (ctx == NULL) 22 return 1; 23 24 /* 25 * Don't assume ctx->md_data was cleaned in EVP_Digest_Final, because 26 * sometimes only copies of the context are ever finalised. 27 */ 28 if (ctx->digest && ctx->digest->cleanup 29 && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED)) 30 ctx->digest->cleanup(ctx); 31 if (ctx->digest && ctx->digest->ctx_size && ctx->md_data 32 && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) { 33 OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size); 34 } 35 EVP_PKEY_CTX_free(ctx->pctx); 36 #ifndef OPENSSL_NO_ENGINE 37 ENGINE_finish(ctx->engine); 38 #endif 39 OPENSSL_cleanse(ctx, sizeof(*ctx)); 40 41 return 1; 42 } 43 44 EVP_MD_CTX *EVP_MD_CTX_new(void) 45 { 46 return OPENSSL_zalloc(sizeof(EVP_MD_CTX)); 47 } 48 49 void EVP_MD_CTX_free(EVP_MD_CTX *ctx) 50 { 51 EVP_MD_CTX_reset(ctx); 52 OPENSSL_free(ctx); 53 } 54 55 int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) 56 { 57 EVP_MD_CTX_reset(ctx); 58 return EVP_DigestInit_ex(ctx, type, NULL); 59 } 60 61 int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) 62 { 63 EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED); 64 #ifndef OPENSSL_NO_ENGINE 65 /* 66 * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so 67 * this context may already have an ENGINE! Try to avoid releasing the 68 * previous handle, re-querying for an ENGINE, and having a 69 * reinitialisation, when it may all be unnecessary. 70 */ 71 if (ctx->engine && ctx->digest && 72 (type == NULL || (type->type == ctx->digest->type))) 73 goto skip_to_init; 74 if (type) { 75 /* 76 * Ensure an ENGINE left lying around from last time is cleared (the 77 * previous check attempted to avoid this if the same ENGINE and 78 * EVP_MD could be used). 79 */ 80 ENGINE_finish(ctx->engine); 81 if (impl != NULL) { 82 if (!ENGINE_init(impl)) { 83 EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR); 84 return 0; 85 } 86 } else { 87 /* Ask if an ENGINE is reserved for this job */ 88 impl = ENGINE_get_digest_engine(type->type); 89 } 90 if (impl != NULL) { 91 /* There's an ENGINE for this job ... (apparently) */ 92 const EVP_MD *d = ENGINE_get_digest(impl, type->type); 93 94 if (d == NULL) { 95 EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR); 96 ENGINE_finish(impl); 97 return 0; 98 } 99 /* We'll use the ENGINE's private digest definition */ 100 type = d; 101 /* 102 * Store the ENGINE functional reference so we know 'type' came 103 * from an ENGINE and we need to release it when done. 104 */ 105 ctx->engine = impl; 106 } else 107 ctx->engine = NULL; 108 } else { 109 if (!ctx->digest) { 110 EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_NO_DIGEST_SET); 111 return 0; 112 } 113 type = ctx->digest; 114 } 115 #endif 116 if (ctx->digest != type) { 117 if (ctx->digest && ctx->digest->ctx_size) { 118 OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size); 119 ctx->md_data = NULL; 120 } 121 ctx->digest = type; 122 if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) { 123 ctx->update = type->update; 124 ctx->md_data = OPENSSL_zalloc(type->ctx_size); 125 if (ctx->md_data == NULL) { 126 EVPerr(EVP_F_EVP_DIGESTINIT_EX, ERR_R_MALLOC_FAILURE); 127 return 0; 128 } 129 } 130 } 131 #ifndef OPENSSL_NO_ENGINE 132 skip_to_init: 133 #endif 134 if (ctx->pctx) { 135 int r; 136 r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG, 137 EVP_PKEY_CTRL_DIGESTINIT, 0, ctx); 138 if (r <= 0 && (r != -2)) 139 return 0; 140 } 141 if (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) 142 return 1; 143 return ctx->digest->init(ctx); 144 } 145 146 int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count) 147 { 148 return ctx->update(ctx, data, count); 149 } 150 151 /* The caller can assume that this removes any secret data from the context */ 152 int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) 153 { 154 int ret; 155 ret = EVP_DigestFinal_ex(ctx, md, size); 156 EVP_MD_CTX_reset(ctx); 157 return ret; 158 } 159 160 /* The caller can assume that this removes any secret data from the context */ 161 int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) 162 { 163 int ret; 164 165 OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); 166 ret = ctx->digest->final(ctx, md); 167 if (size != NULL) 168 *size = ctx->digest->md_size; 169 if (ctx->digest->cleanup) { 170 ctx->digest->cleanup(ctx); 171 EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED); 172 } 173 OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size); 174 return ret; 175 } 176 177 int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in) 178 { 179 EVP_MD_CTX_reset(out); 180 return EVP_MD_CTX_copy_ex(out, in); 181 } 182 183 int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) 184 { 185 unsigned char *tmp_buf; 186 if ((in == NULL) || (in->digest == NULL)) { 187 EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, EVP_R_INPUT_NOT_INITIALIZED); 188 return 0; 189 } 190 #ifndef OPENSSL_NO_ENGINE 191 /* Make sure it's safe to copy a digest context using an ENGINE */ 192 if (in->engine && !ENGINE_init(in->engine)) { 193 EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, ERR_R_ENGINE_LIB); 194 return 0; 195 } 196 #endif 197 198 if (out->digest == in->digest) { 199 tmp_buf = out->md_data; 200 EVP_MD_CTX_set_flags(out, EVP_MD_CTX_FLAG_REUSE); 201 } else 202 tmp_buf = NULL; 203 EVP_MD_CTX_reset(out); 204 memcpy(out, in, sizeof(*out)); 205 206 /* Null these variables, since they are getting fixed up 207 * properly below. Anything else may cause a memleak and/or 208 * double free if any of the memory allocations below fail 209 */ 210 out->md_data = NULL; 211 out->pctx = NULL; 212 213 if (in->md_data && out->digest->ctx_size) { 214 if (tmp_buf) 215 out->md_data = tmp_buf; 216 else { 217 out->md_data = OPENSSL_malloc(out->digest->ctx_size); 218 if (out->md_data == NULL) { 219 EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, ERR_R_MALLOC_FAILURE); 220 return 0; 221 } 222 } 223 memcpy(out->md_data, in->md_data, out->digest->ctx_size); 224 } 225 226 out->update = in->update; 227 228 if (in->pctx) { 229 out->pctx = EVP_PKEY_CTX_dup(in->pctx); 230 if (!out->pctx) { 231 EVP_MD_CTX_reset(out); 232 return 0; 233 } 234 } 235 236 if (out->digest->copy) 237 return out->digest->copy(out, in); 238 239 return 1; 240 } 241 242 int EVP_Digest(const void *data, size_t count, 243 unsigned char *md, unsigned int *size, const EVP_MD *type, 244 ENGINE *impl) 245 { 246 EVP_MD_CTX *ctx = EVP_MD_CTX_new(); 247 int ret; 248 249 if (ctx == NULL) 250 return 0; 251 EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_ONESHOT); 252 ret = EVP_DigestInit_ex(ctx, type, impl) 253 && EVP_DigestUpdate(ctx, data, count) 254 && EVP_DigestFinal_ex(ctx, md, size); 255 EVP_MD_CTX_free(ctx); 256 257 return ret; 258 } 259 260 int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2) 261 { 262 if (ctx->digest && ctx->digest->md_ctrl) { 263 int ret = ctx->digest->md_ctrl(ctx, cmd, p1, p2); 264 if (ret <= 0) 265 return 0; 266 return 1; 267 } 268 return 0; 269 } 270