1 /* 2 * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <stdio.h> 11 #include "internal/cryptlib.h" 12 #include <openssl/objects.h> 13 #include <openssl/evp.h> 14 #include <openssl/engine.h> 15 #include "crypto/evp.h" 16 #include "evp_local.h" 17 18 19 static void cleanup_old_md_data(EVP_MD_CTX *ctx, int force) 20 { 21 if (ctx->digest != NULL) { 22 if (ctx->digest->cleanup != NULL 23 && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED)) 24 ctx->digest->cleanup(ctx); 25 if (ctx->md_data != NULL && ctx->digest->ctx_size > 0 26 && (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE) 27 || force)) { 28 OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size); 29 ctx->md_data = NULL; 30 } 31 } 32 } 33 34 /* This call frees resources associated with the context */ 35 int EVP_MD_CTX_reset(EVP_MD_CTX *ctx) 36 { 37 if (ctx == NULL) 38 return 1; 39 40 /* 41 * Don't assume ctx->md_data was cleaned in EVP_Digest_Final, because 42 * sometimes only copies of the context are ever finalised. 43 */ 44 cleanup_old_md_data(ctx, 0); 45 46 /* 47 * pctx should be freed by the user of EVP_MD_CTX 48 * if EVP_MD_CTX_FLAG_KEEP_PKEY_CTX is set 49 */ 50 if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX)) 51 EVP_PKEY_CTX_free(ctx->pctx); 52 #ifndef OPENSSL_NO_ENGINE 53 ENGINE_finish(ctx->engine); 54 #endif 55 OPENSSL_cleanse(ctx, sizeof(*ctx)); 56 57 return 1; 58 } 59 60 EVP_MD_CTX *EVP_MD_CTX_new(void) 61 { 62 return OPENSSL_zalloc(sizeof(EVP_MD_CTX)); 63 } 64 65 void EVP_MD_CTX_free(EVP_MD_CTX *ctx) 66 { 67 EVP_MD_CTX_reset(ctx); 68 OPENSSL_free(ctx); 69 } 70 71 int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) 72 { 73 EVP_MD_CTX_reset(ctx); 74 return EVP_DigestInit_ex(ctx, type, NULL); 75 } 76 77 int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) 78 { 79 EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED); 80 #ifndef OPENSSL_NO_ENGINE 81 /* 82 * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so 83 * this context may already have an ENGINE! Try to avoid releasing the 84 * previous handle, re-querying for an ENGINE, and having a 85 * reinitialisation, when it may all be unnecessary. 86 */ 87 if (ctx->engine && ctx->digest && 88 (type == NULL || (type->type == ctx->digest->type))) 89 goto skip_to_init; 90 91 if (type) { 92 /* 93 * Ensure an ENGINE left lying around from last time is cleared (the 94 * previous check attempted to avoid this if the same ENGINE and 95 * EVP_MD could be used). 96 */ 97 ENGINE_finish(ctx->engine); 98 if (impl != NULL) { 99 if (!ENGINE_init(impl)) { 100 EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR); 101 return 0; 102 } 103 } else { 104 /* Ask if an ENGINE is reserved for this job */ 105 impl = ENGINE_get_digest_engine(type->type); 106 } 107 if (impl != NULL) { 108 /* There's an ENGINE for this job ... (apparently) */ 109 const EVP_MD *d = ENGINE_get_digest(impl, type->type); 110 111 if (d == NULL) { 112 EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR); 113 ENGINE_finish(impl); 114 return 0; 115 } 116 /* We'll use the ENGINE's private digest definition */ 117 type = d; 118 /* 119 * Store the ENGINE functional reference so we know 'type' came 120 * from an ENGINE and we need to release it when done. 121 */ 122 ctx->engine = impl; 123 } else 124 ctx->engine = NULL; 125 } else { 126 if (!ctx->digest) { 127 EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_NO_DIGEST_SET); 128 return 0; 129 } 130 type = ctx->digest; 131 } 132 #endif 133 if (ctx->digest != type) { 134 cleanup_old_md_data(ctx, 1); 135 136 ctx->digest = type; 137 if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) { 138 ctx->update = type->update; 139 ctx->md_data = OPENSSL_zalloc(type->ctx_size); 140 if (ctx->md_data == NULL) { 141 EVPerr(EVP_F_EVP_DIGESTINIT_EX, ERR_R_MALLOC_FAILURE); 142 return 0; 143 } 144 } 145 } 146 #ifndef OPENSSL_NO_ENGINE 147 skip_to_init: 148 #endif 149 if (ctx->pctx) { 150 int r; 151 r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG, 152 EVP_PKEY_CTRL_DIGESTINIT, 0, ctx); 153 if (r <= 0 && (r != -2)) 154 return 0; 155 } 156 if (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) 157 return 1; 158 return ctx->digest->init(ctx); 159 } 160 161 int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count) 162 { 163 if (count == 0) 164 return 1; 165 166 return ctx->update(ctx, data, count); 167 } 168 169 /* The caller can assume that this removes any secret data from the context */ 170 int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) 171 { 172 int ret; 173 ret = EVP_DigestFinal_ex(ctx, md, size); 174 EVP_MD_CTX_reset(ctx); 175 return ret; 176 } 177 178 /* The caller can assume that this removes any secret data from the context */ 179 int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) 180 { 181 int ret; 182 183 OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); 184 ret = ctx->digest->final(ctx, md); 185 if (size != NULL) 186 *size = ctx->digest->md_size; 187 if (ctx->digest->cleanup) { 188 ctx->digest->cleanup(ctx); 189 EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED); 190 } 191 OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size); 192 return ret; 193 } 194 195 int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t size) 196 { 197 int ret = 0; 198 199 if (ctx->digest->flags & EVP_MD_FLAG_XOF 200 && size <= INT_MAX 201 && ctx->digest->md_ctrl(ctx, EVP_MD_CTRL_XOF_LEN, (int)size, NULL)) { 202 ret = ctx->digest->final(ctx, md); 203 204 if (ctx->digest->cleanup != NULL) { 205 ctx->digest->cleanup(ctx); 206 EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED); 207 } 208 OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size); 209 } else { 210 EVPerr(EVP_F_EVP_DIGESTFINALXOF, EVP_R_NOT_XOF_OR_INVALID_LENGTH); 211 } 212 213 return ret; 214 } 215 216 int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in) 217 { 218 EVP_MD_CTX_reset(out); 219 return EVP_MD_CTX_copy_ex(out, in); 220 } 221 222 int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) 223 { 224 unsigned char *tmp_buf; 225 if ((in == NULL) || (in->digest == NULL)) { 226 EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, EVP_R_INPUT_NOT_INITIALIZED); 227 return 0; 228 } 229 #ifndef OPENSSL_NO_ENGINE 230 /* Make sure it's safe to copy a digest context using an ENGINE */ 231 if (in->engine && !ENGINE_init(in->engine)) { 232 EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, ERR_R_ENGINE_LIB); 233 return 0; 234 } 235 #endif 236 237 if (out->digest == in->digest) { 238 tmp_buf = out->md_data; 239 EVP_MD_CTX_set_flags(out, EVP_MD_CTX_FLAG_REUSE); 240 } else 241 tmp_buf = NULL; 242 EVP_MD_CTX_reset(out); 243 memcpy(out, in, sizeof(*out)); 244 245 /* copied EVP_MD_CTX should free the copied EVP_PKEY_CTX */ 246 EVP_MD_CTX_clear_flags(out, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX); 247 248 /* Null these variables, since they are getting fixed up 249 * properly below. Anything else may cause a memleak and/or 250 * double free if any of the memory allocations below fail 251 */ 252 out->md_data = NULL; 253 out->pctx = NULL; 254 255 if (in->md_data && out->digest->ctx_size) { 256 if (tmp_buf) 257 out->md_data = tmp_buf; 258 else { 259 out->md_data = OPENSSL_malloc(out->digest->ctx_size); 260 if (out->md_data == NULL) { 261 EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, ERR_R_MALLOC_FAILURE); 262 return 0; 263 } 264 } 265 memcpy(out->md_data, in->md_data, out->digest->ctx_size); 266 } 267 268 out->update = in->update; 269 270 if (in->pctx) { 271 out->pctx = EVP_PKEY_CTX_dup(in->pctx); 272 if (!out->pctx) { 273 EVP_MD_CTX_reset(out); 274 return 0; 275 } 276 } 277 278 if (out->digest->copy) 279 return out->digest->copy(out, in); 280 281 return 1; 282 } 283 284 int EVP_Digest(const void *data, size_t count, 285 unsigned char *md, unsigned int *size, const EVP_MD *type, 286 ENGINE *impl) 287 { 288 EVP_MD_CTX *ctx = EVP_MD_CTX_new(); 289 int ret; 290 291 if (ctx == NULL) 292 return 0; 293 EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_ONESHOT); 294 ret = EVP_DigestInit_ex(ctx, type, impl) 295 && EVP_DigestUpdate(ctx, data, count) 296 && EVP_DigestFinal_ex(ctx, md, size); 297 EVP_MD_CTX_free(ctx); 298 299 return ret; 300 } 301 302 int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2) 303 { 304 if (ctx->digest && ctx->digest->md_ctrl) { 305 int ret = ctx->digest->md_ctrl(ctx, cmd, p1, p2); 306 if (ret <= 0) 307 return 0; 308 return 1; 309 } 310 return 0; 311 } 312