Initialize cipher context in KRB5
("D. Russell" <russelld@aol.net>)
Allow HMAC functions to use an alternative ENGINE.
This commit is contained in:
Dr. Stephen Henson
parent
d80f6e0f8c
commit
b74dfe6e8e
@ -1138,7 +1138,7 @@ int MAIN(int argc, char **argv)
|
||||
|
||||
HMAC_CTX_init(&hctx);
|
||||
HMAC_Init_ex(&hctx,(unsigned char *)"This is a key...",
|
||||
16,EVP_md5());
|
||||
16,EVP_md5(), NULL);
|
||||
|
||||
for (j=0; j<SIZE_NUM; j++)
|
||||
{
|
||||
@ -1146,9 +1146,9 @@ int MAIN(int argc, char **argv)
|
||||
Time_F(START);
|
||||
for (count=0,run=1; COND(c[D_HMAC][j]); count++)
|
||||
{
|
||||
HMAC_Init_ex(&hctx,NULL,0,NULL);
|
||||
HMAC_Update(&hctx,buf,lengths[j]);
|
||||
HMAC_Final(&hctx,&(hmac[0]),NULL);
|
||||
HMAC_Init_ex(&hctx,NULL,0,NULL,NULL);
|
||||
HMAC_Update(&hctx,buf,lengths[j]);
|
||||
HMAC_Final(&hctx,&(hmac[0]),NULL);
|
||||
}
|
||||
d=Time_F(STOP);
|
||||
print_result(D_HMAC,j,count,d);
|
||||
|
||||
@ -100,7 +100,7 @@ int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
|
||||
itmp[1] = (unsigned char)((i >> 16) & 0xff);
|
||||
itmp[2] = (unsigned char)((i >> 8) & 0xff);
|
||||
itmp[3] = (unsigned char)(i & 0xff);
|
||||
HMAC_Init_ex(&hctx, pass, passlen, EVP_sha1());
|
||||
HMAC_Init_ex(&hctx, pass, passlen, EVP_sha1(), NULL);
|
||||
HMAC_Update(&hctx, salt, saltlen);
|
||||
HMAC_Update(&hctx, itmp, 4);
|
||||
HMAC_Final(&hctx, digtmp, NULL);
|
||||
|
||||
@ -61,7 +61,7 @@
|
||||
#include <openssl/hmac.h>
|
||||
|
||||
void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
|
||||
const EVP_MD *md)
|
||||
const EVP_MD *md, ENGINE *impl)
|
||||
{
|
||||
int i,j,reset=0;
|
||||
unsigned char pad[HMAC_MAX_MD_CBLOCK];
|
||||
@ -80,7 +80,7 @@ void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
|
||||
j=EVP_MD_block_size(md);
|
||||
if (j < len)
|
||||
{
|
||||
EVP_DigestInit_ex(&ctx->md_ctx,md, NULL);
|
||||
EVP_DigestInit_ex(&ctx->md_ctx,md, impl);
|
||||
EVP_DigestUpdate(&ctx->md_ctx,key,len);
|
||||
EVP_DigestFinal_ex(&(ctx->md_ctx),ctx->key,
|
||||
&ctx->key_length);
|
||||
@ -99,12 +99,12 @@ void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
|
||||
{
|
||||
for (i=0; i<HMAC_MAX_MD_CBLOCK; i++)
|
||||
pad[i]=0x36^ctx->key[i];
|
||||
EVP_DigestInit_ex(&ctx->i_ctx,md, NULL);
|
||||
EVP_DigestInit_ex(&ctx->i_ctx,md, impl);
|
||||
EVP_DigestUpdate(&ctx->i_ctx,pad,EVP_MD_block_size(md));
|
||||
|
||||
for (i=0; i<HMAC_MAX_MD_CBLOCK; i++)
|
||||
pad[i]=0x5c^ctx->key[i];
|
||||
EVP_DigestInit_ex(&ctx->o_ctx,md, NULL);
|
||||
EVP_DigestInit_ex(&ctx->o_ctx,md, impl);
|
||||
EVP_DigestUpdate(&ctx->o_ctx,pad,EVP_MD_block_size(md));
|
||||
}
|
||||
EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->i_ctx);
|
||||
@ -115,7 +115,7 @@ void HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
|
||||
{
|
||||
if(key && md)
|
||||
HMAC_CTX_init(ctx);
|
||||
HMAC_Init_ex(ctx,key,len,md);
|
||||
HMAC_Init_ex(ctx,key,len,md, NULL);
|
||||
}
|
||||
|
||||
void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len)
|
||||
|
||||
@ -91,7 +91,7 @@ void HMAC_CTX_cleanup(HMAC_CTX *ctx);
|
||||
void HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
|
||||
const EVP_MD *md); /* deprecated */
|
||||
void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
|
||||
const EVP_MD *md);
|
||||
const EVP_MD *md, ENGINE *impl);
|
||||
void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
|
||||
void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
|
||||
unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
|
||||
|
||||
@ -87,11 +87,11 @@ int PKCS12_gen_mac (PKCS12 *p12, const char *pass, int passlen,
|
||||
return 0;
|
||||
}
|
||||
HMAC_CTX_init(&hmac);
|
||||
HMAC_Init_ex (&hmac, key, PKCS12_MAC_KEY_LENGTH, md_type);
|
||||
HMAC_Update (&hmac, p12->authsafes->d.data->data,
|
||||
HMAC_Init_ex(&hmac, key, PKCS12_MAC_KEY_LENGTH, md_type, NULL);
|
||||
HMAC_Update(&hmac, p12->authsafes->d.data->data,
|
||||
p12->authsafes->d.data->length);
|
||||
HMAC_Final (&hmac, mac, maclen);
|
||||
HMAC_CTX_cleanup (&hmac);
|
||||
HMAC_Final(&hmac, mac, maclen);
|
||||
HMAC_CTX_cleanup(&hmac);
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
@ -1494,6 +1494,8 @@ static int ssl3_send_client_key_exchange(SSL *s)
|
||||
+ EVP_MAX_IV_LENGTH];
|
||||
int padl, outl = sizeof(epms);
|
||||
|
||||
EVP_CIPHER_CTX_init(&ciph_ctx);
|
||||
|
||||
#ifdef KSSL_DEBUG
|
||||
printf("ssl3_send_client_key_exchange(%lx & %lx)\n",
|
||||
l, SSL_kKRB5);
|
||||
|
||||
@ -1557,6 +1557,8 @@ static int ssl3_get_client_key_exchange(SSL *s)
|
||||
krb5_timestamp authtime = 0;
|
||||
krb5_ticket_times ttimes;
|
||||
|
||||
EVP_CIPHER_CTX_init(&ciph_ctx);
|
||||
|
||||
if (!kssl_ctx) kssl_ctx = kssl_ctx_new();
|
||||
|
||||
n2s(p,i);
|
||||
|
||||
10
ssl/t1_enc.c
10
ssl/t1_enc.c
@ -78,16 +78,16 @@ static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
|
||||
|
||||
HMAC_CTX_init(&ctx);
|
||||
HMAC_CTX_init(&ctx_tmp);
|
||||
HMAC_Init_ex(&ctx,sec,sec_len,md);
|
||||
HMAC_Init_ex(&ctx_tmp,sec,sec_len,md);
|
||||
HMAC_Init_ex(&ctx,sec,sec_len,md, NULL);
|
||||
HMAC_Init_ex(&ctx_tmp,sec,sec_len,md, NULL);
|
||||
HMAC_Update(&ctx,seed,seed_len);
|
||||
HMAC_Final(&ctx,A1,&A1_len);
|
||||
|
||||
n=0;
|
||||
for (;;)
|
||||
{
|
||||
HMAC_Init_ex(&ctx,NULL,0,NULL); /* re-init */
|
||||
HMAC_Init_ex(&ctx_tmp,NULL,0,NULL); /* re-init */
|
||||
HMAC_Init_ex(&ctx,NULL,0,NULL,NULL); /* re-init */
|
||||
HMAC_Init_ex(&ctx_tmp,NULL,0,NULL,NULL); /* re-init */
|
||||
HMAC_Update(&ctx,A1,A1_len);
|
||||
HMAC_Update(&ctx_tmp,A1,A1_len);
|
||||
HMAC_Update(&ctx,seed,seed_len);
|
||||
@ -652,7 +652,7 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
|
||||
|
||||
/* I should fix this up TLS TLS TLS TLS TLS XXXXXXXX */
|
||||
HMAC_CTX_init(&hmac);
|
||||
HMAC_Init_ex(&hmac,mac_sec,EVP_MD_size(hash),hash);
|
||||
HMAC_Init_ex(&hmac,mac_sec,EVP_MD_size(hash),hash,NULL);
|
||||
HMAC_Update(&hmac,seq,8);
|
||||
HMAC_Update(&hmac,buf,5);
|
||||
HMAC_Update(&hmac,rec->input,rec->length);
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user