1 /* $OpenBSD: digest-openssl.c,v 1.7 2017/05/08 22:57:38 djm Exp $ */ 2 /* 3 * Copyright (c) 2013 Damien Miller <djm@mindrot.org> 4 * 5 * Permission to use, copy, modify, and distribute this software for any 6 * purpose with or without fee is hereby granted, provided that the above 7 * copyright notice and this permission notice appear in all copies. 8 * 9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 */ 17 18 #include "includes.h" 19 20 #ifdef WITH_OPENSSL 21 22 #include <sys/types.h> 23 #include <limits.h> 24 #include <stdlib.h> 25 #include <string.h> 26 27 #include <openssl/evp.h> 28 29 #include "openbsd-compat/openssl-compat.h" 30 31 #include "sshbuf.h" 32 #include "digest.h" 33 #include "ssherr.h" 34 35 #ifndef HAVE_EVP_RIPEMD160 36 # define EVP_ripemd160 NULL 37 #endif /* HAVE_EVP_RIPEMD160 */ 38 #ifndef HAVE_EVP_SHA256 39 # define EVP_sha256 NULL 40 # define EVP_sha384 NULL 41 # define EVP_sha512 NULL 42 #endif /* HAVE_EVP_SHA256 */ 43 44 struct ssh_digest_ctx { 45 int alg; 46 EVP_MD_CTX mdctx; 47 }; 48 49 struct ssh_digest { 50 int id; 51 const char *name; 52 size_t digest_len; 53 const EVP_MD *(*mdfunc)(void); 54 }; 55 56 /* NB. Indexed directly by algorithm number */ 57 const struct ssh_digest digests[] = { 58 { SSH_DIGEST_MD5, "MD5", 16, EVP_md5 }, 59 { SSH_DIGEST_SHA1, "SHA1", 20, EVP_sha1 }, 60 { SSH_DIGEST_SHA256, "SHA256", 32, EVP_sha256 }, 61 { SSH_DIGEST_SHA384, "SHA384", 48, EVP_sha384 }, 62 { SSH_DIGEST_SHA512, "SHA512", 64, EVP_sha512 }, 63 { -1, NULL, 0, NULL }, 64 }; 65 66 static const struct ssh_digest * 67 ssh_digest_by_alg(int alg) 68 { 69 if (alg < 0 || alg >= SSH_DIGEST_MAX) 70 return NULL; 71 if (digests[alg].id != alg) /* sanity */ 72 return NULL; 73 if (digests[alg].mdfunc == NULL) 74 return NULL; 75 return &(digests[alg]); 76 } 77 78 int 79 ssh_digest_alg_by_name(const char *name) 80 { 81 int alg; 82 83 for (alg = 0; digests[alg].id != -1; alg++) { 84 if (strcasecmp(name, digests[alg].name) == 0) 85 return digests[alg].id; 86 } 87 return -1; 88 } 89 90 const char * 91 ssh_digest_alg_name(int alg) 92 { 93 const struct ssh_digest *digest = ssh_digest_by_alg(alg); 94 95 return digest == NULL ? NULL : digest->name; 96 } 97 98 size_t 99 ssh_digest_bytes(int alg) 100 { 101 const struct ssh_digest *digest = ssh_digest_by_alg(alg); 102 103 return digest == NULL ? 0 : digest->digest_len; 104 } 105 106 size_t 107 ssh_digest_blocksize(struct ssh_digest_ctx *ctx) 108 { 109 return EVP_MD_CTX_block_size(&ctx->mdctx); 110 } 111 112 struct ssh_digest_ctx * 113 ssh_digest_start(int alg) 114 { 115 const struct ssh_digest *digest = ssh_digest_by_alg(alg); 116 struct ssh_digest_ctx *ret; 117 118 if (digest == NULL || ((ret = calloc(1, sizeof(*ret))) == NULL)) 119 return NULL; 120 ret->alg = alg; 121 EVP_MD_CTX_init(&ret->mdctx); 122 if (EVP_DigestInit_ex(&ret->mdctx, digest->mdfunc(), NULL) != 1) { 123 free(ret); 124 return NULL; 125 } 126 return ret; 127 } 128 129 int 130 ssh_digest_copy_state(struct ssh_digest_ctx *from, struct ssh_digest_ctx *to) 131 { 132 if (from->alg != to->alg) 133 return SSH_ERR_INVALID_ARGUMENT; 134 /* we have bcopy-style order while openssl has memcpy-style */ 135 if (!EVP_MD_CTX_copy_ex(&to->mdctx, &from->mdctx)) 136 return SSH_ERR_LIBCRYPTO_ERROR; 137 return 0; 138 } 139 140 int 141 ssh_digest_update(struct ssh_digest_ctx *ctx, const void *m, size_t mlen) 142 { 143 if (EVP_DigestUpdate(&ctx->mdctx, m, mlen) != 1) 144 return SSH_ERR_LIBCRYPTO_ERROR; 145 return 0; 146 } 147 148 int 149 ssh_digest_update_buffer(struct ssh_digest_ctx *ctx, const struct sshbuf *b) 150 { 151 return ssh_digest_update(ctx, sshbuf_ptr(b), sshbuf_len(b)); 152 } 153 154 int 155 ssh_digest_final(struct ssh_digest_ctx *ctx, u_char *d, size_t dlen) 156 { 157 const struct ssh_digest *digest = ssh_digest_by_alg(ctx->alg); 158 u_int l = dlen; 159 160 if (digest == NULL || dlen > UINT_MAX) 161 return SSH_ERR_INVALID_ARGUMENT; 162 if (dlen < digest->digest_len) /* No truncation allowed */ 163 return SSH_ERR_INVALID_ARGUMENT; 164 if (EVP_DigestFinal_ex(&ctx->mdctx, d, &l) != 1) 165 return SSH_ERR_LIBCRYPTO_ERROR; 166 if (l != digest->digest_len) /* sanity */ 167 return SSH_ERR_INTERNAL_ERROR; 168 return 0; 169 } 170 171 void 172 ssh_digest_free(struct ssh_digest_ctx *ctx) 173 { 174 if (ctx != NULL) { 175 EVP_MD_CTX_cleanup(&ctx->mdctx); 176 explicit_bzero(ctx, sizeof(*ctx)); 177 free(ctx); 178 } 179 } 180 181 int 182 ssh_digest_memory(int alg, const void *m, size_t mlen, u_char *d, size_t dlen) 183 { 184 const struct ssh_digest *digest = ssh_digest_by_alg(alg); 185 u_int mdlen; 186 187 if (digest == NULL) 188 return SSH_ERR_INVALID_ARGUMENT; 189 if (dlen > UINT_MAX) 190 return SSH_ERR_INVALID_ARGUMENT; 191 if (dlen < digest->digest_len) 192 return SSH_ERR_INVALID_ARGUMENT; 193 mdlen = dlen; 194 if (!EVP_Digest(m, mlen, d, &mdlen, digest->mdfunc(), NULL)) 195 return SSH_ERR_LIBCRYPTO_ERROR; 196 return 0; 197 } 198 199 int 200 ssh_digest_buffer(int alg, const struct sshbuf *b, u_char *d, size_t dlen) 201 { 202 return ssh_digest_memory(alg, sshbuf_ptr(b), sshbuf_len(b), d, dlen); 203 } 204 #endif /* WITH_OPENSSL */ 205