digest-openssl.c revision 323136 
1/* $OpenBSD: digest-openssl.c,v 1.6 2017/03/10 02:59:51 dtucker Exp $ */
2/*
3 * Copyright (c) 2013 Damien Miller <djm@mindrot.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include "includes.h"
19
20#ifdef WITH_OPENSSL
21
22#include <sys/types.h>
23#include <limits.h>
24#include <stdlib.h>
25#include <string.h>
26
27#include <openssl/evp.h>
28
29#include "openbsd-compat/openssl-compat.h"
30
31#include "sshbuf.h"
32#include "digest.h"
33#include "ssherr.h"
34
35#ifndef HAVE_EVP_RIPEMD160
36# define EVP_ripemd160 NULL
37#endif /* HAVE_EVP_RIPEMD160 */
38#ifndef HAVE_EVP_SHA256
39# define EVP_sha256 NULL
40# define EVP_sha384 NULL
41# define EVP_sha512 NULL
42#endif /* HAVE_EVP_SHA256 */
43
44struct ssh_digest_ctx {
45	int alg;
46	EVP_MD_CTX mdctx;
47};
48
49struct ssh_digest {
50	int id;
51	const char *name;
52	size_t digest_len;
53	const EVP_MD *(*mdfunc)(void);
54};
55
56/* NB. Indexed directly by algorithm number */
57const struct ssh_digest digests[] = {
58	{ SSH_DIGEST_MD5,	"MD5",	 	16,	EVP_md5 },
59	{ SSH_DIGEST_RIPEMD160,	"RIPEMD160",	20,	EVP_ripemd160 },
60	{ SSH_DIGEST_SHA1,	"SHA1",	 	20,	EVP_sha1 },
61	{ SSH_DIGEST_SHA256,	"SHA256", 	32,	EVP_sha256 },
62	{ SSH_DIGEST_SHA384,	"SHA384",	48,	EVP_sha384 },
63	{ SSH_DIGEST_SHA512,	"SHA512", 	64,	EVP_sha512 },
64	{ -1,			NULL,		0,	NULL },
65};
66
67static const struct ssh_digest *
68ssh_digest_by_alg(int alg)
69{
70	if (alg < 0 || alg >= SSH_DIGEST_MAX)
71		return NULL;
72	if (digests[alg].id != alg) /* sanity */
73		return NULL;
74	if (digests[alg].mdfunc == NULL)
75		return NULL;
76	return &(digests[alg]);
77}
78
79int
80ssh_digest_alg_by_name(const char *name)
81{
82	int alg;
83
84	for (alg = 0; digests[alg].id != -1; alg++) {
85		if (strcasecmp(name, digests[alg].name) == 0)
86			return digests[alg].id;
87	}
88	return -1;
89}
90
91const char *
92ssh_digest_alg_name(int alg)
93{
94	const struct ssh_digest *digest = ssh_digest_by_alg(alg);
95
96	return digest == NULL ? NULL : digest->name;
97}
98
99size_t
100ssh_digest_bytes(int alg)
101{
102	const struct ssh_digest *digest = ssh_digest_by_alg(alg);
103
104	return digest == NULL ? 0 : digest->digest_len;
105}
106
107size_t
108ssh_digest_blocksize(struct ssh_digest_ctx *ctx)
109{
110	return EVP_MD_CTX_block_size(&ctx->mdctx);
111}
112
113struct ssh_digest_ctx *
114ssh_digest_start(int alg)
115{
116	const struct ssh_digest *digest = ssh_digest_by_alg(alg);
117	struct ssh_digest_ctx *ret;
118
119	if (digest == NULL || ((ret = calloc(1, sizeof(*ret))) == NULL))
120		return NULL;
121	ret->alg = alg;
122	EVP_MD_CTX_init(&ret->mdctx);
123	if (EVP_DigestInit_ex(&ret->mdctx, digest->mdfunc(), NULL) != 1) {
124		free(ret);
125		return NULL;
126	}
127	return ret;
128}
129
130int
131ssh_digest_copy_state(struct ssh_digest_ctx *from, struct ssh_digest_ctx *to)
132{
133	if (from->alg != to->alg)
134		return SSH_ERR_INVALID_ARGUMENT;
135	/* we have bcopy-style order while openssl has memcpy-style */
136	if (!EVP_MD_CTX_copy_ex(&to->mdctx, &from->mdctx))
137		return SSH_ERR_LIBCRYPTO_ERROR;
138	return 0;
139}
140
141int
142ssh_digest_update(struct ssh_digest_ctx *ctx, const void *m, size_t mlen)
143{
144	if (EVP_DigestUpdate(&ctx->mdctx, m, mlen) != 1)
145		return SSH_ERR_LIBCRYPTO_ERROR;
146	return 0;
147}
148
149int
150ssh_digest_update_buffer(struct ssh_digest_ctx *ctx, const struct sshbuf *b)
151{
152	return ssh_digest_update(ctx, sshbuf_ptr(b), sshbuf_len(b));
153}
154
155int
156ssh_digest_final(struct ssh_digest_ctx *ctx, u_char *d, size_t dlen)
157{
158	const struct ssh_digest *digest = ssh_digest_by_alg(ctx->alg);
159	u_int l = dlen;
160
161	if (digest == NULL || dlen > UINT_MAX)
162		return SSH_ERR_INVALID_ARGUMENT;
163	if (dlen < digest->digest_len) /* No truncation allowed */
164		return SSH_ERR_INVALID_ARGUMENT;
165	if (EVP_DigestFinal_ex(&ctx->mdctx, d, &l) != 1)
166		return SSH_ERR_LIBCRYPTO_ERROR;
167	if (l != digest->digest_len) /* sanity */
168		return SSH_ERR_INTERNAL_ERROR;
169	return 0;
170}
171
172void
173ssh_digest_free(struct ssh_digest_ctx *ctx)
174{
175	if (ctx != NULL) {
176		EVP_MD_CTX_cleanup(&ctx->mdctx);
177		explicit_bzero(ctx, sizeof(*ctx));
178		free(ctx);
179	}
180}
181
182int
183ssh_digest_memory(int alg, const void *m, size_t mlen, u_char *d, size_t dlen)
184{
185	const struct ssh_digest *digest = ssh_digest_by_alg(alg);
186	u_int mdlen;
187
188	if (digest == NULL)
189		return SSH_ERR_INVALID_ARGUMENT;
190	if (dlen > UINT_MAX)
191		return SSH_ERR_INVALID_ARGUMENT;
192	if (dlen < digest->digest_len)
193		return SSH_ERR_INVALID_ARGUMENT;
194	mdlen = dlen;
195	if (!EVP_Digest(m, mlen, d, &mdlen, digest->mdfunc(), NULL))
196		return SSH_ERR_LIBCRYPTO_ERROR;
197	return 0;
198}
199
200int
201ssh_digest_buffer(int alg, const struct sshbuf *b, u_char *d, size_t dlen)
202{
203	return ssh_digest_memory(alg, sshbuf_ptr(b), sshbuf_len(b), d, dlen);
204}
205#endif /* WITH_OPENSSL */
206