From 66e0721f225f4fa6aa93af22bb2c26fbb0f3e9a2 Mon Sep 17 00:00:00 2001 From: Joel Sing Date: Tue, 28 Feb 2017 14:15:38 +0000 Subject: Add an EVP interface that provides concatenated MD5+SHA1 hashes, which are used in various parts of TLS 1.0/1.1. This will allow for code simplification in libssl. The same interface exists in OpenSSL 1.1. ok beck@ deraadt@ inoguchi@ millert@ --- lib/libcrypto/Makefile | 3 +- lib/libcrypto/Symbols.list | 1 + lib/libcrypto/evp/evp.h | 3 +- lib/libcrypto/evp/m_md5_sha1.c | 83 ++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 88 insertions(+), 2 deletions(-) create mode 100644 lib/libcrypto/evp/m_md5_sha1.c (limited to 'lib/libcrypto') diff --git a/lib/libcrypto/Makefile b/lib/libcrypto/Makefile index 3fb904b470f..9ab1e0349dc 100644 --- a/lib/libcrypto/Makefile +++ b/lib/libcrypto/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.14 2017/01/21 09:38:58 beck Exp $ +# $OpenBSD: Makefile,v 1.15 2017/02/28 14:15:37 jsing Exp $ LIB= crypto @@ -158,6 +158,7 @@ SRCS+= e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c SRCS+= e_aes_cbc_hmac_sha1.c e_rc4_hmac_md5.c SRCS+= e_chacha.c evp_aead.c e_chacha20poly1305.c SRCS+= e_gost2814789.c m_gost2814789.c m_gostr341194.c m_streebog.c +SRCS+= m_md5_sha1.c # gost/ SRCS+= gost2814789.c gost89_keywrap.c gost89_params.c gost89imit_ameth.c diff --git a/lib/libcrypto/Symbols.list b/lib/libcrypto/Symbols.list index ae14b1a6071..16dd18f9202 100644 --- a/lib/libcrypto/Symbols.list +++ b/lib/libcrypto/Symbols.list @@ -1505,6 +1505,7 @@ EVP_idea_ecb EVP_idea_ofb EVP_md4 EVP_md5 +EVP_md5_sha1 EVP_md_null EVP_rc2_40_cbc EVP_rc2_64_cbc diff --git a/lib/libcrypto/evp/evp.h b/lib/libcrypto/evp/evp.h index 75798dae8c8..68e1049587c 100644 --- a/lib/libcrypto/evp/evp.h +++ b/lib/libcrypto/evp/evp.h @@ -1,4 +1,4 @@ -/* $OpenBSD: evp.h,v 1.51 2016/05/30 13:42:54 beck Exp $ */ +/* $OpenBSD: evp.h,v 1.52 2017/02/28 14:15:37 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -659,6 +659,7 @@ const EVP_MD *EVP_md4(void); #endif #ifndef OPENSSL_NO_MD5 const EVP_MD *EVP_md5(void); +const EVP_MD *EVP_md5_sha1(void); #endif #ifndef OPENSSL_NO_SHA const EVP_MD *EVP_sha1(void); diff --git a/lib/libcrypto/evp/m_md5_sha1.c b/lib/libcrypto/evp/m_md5_sha1.c new file mode 100644 index 00000000000..272cdee9ddc --- /dev/null +++ b/lib/libcrypto/evp/m_md5_sha1.c @@ -0,0 +1,83 @@ +/* $OpenBSD: m_md5_sha1.c,v 1.1 2017/02/28 14:15:37 jsing Exp $ */ +/* + * Copyright (c) 2017 Joel Sing + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include +#include +#include +#include + +struct md5_sha1_ctx { + MD5_CTX md5; + SHA_CTX sha1; +}; + +static int +md5_sha1_init(EVP_MD_CTX *ctx) +{ + struct md5_sha1_ctx *mdctx = ctx->md_data; + + if (!MD5_Init(&mdctx->md5)) + return 0; + if (!SHA1_Init(&mdctx->sha1)) + return 0; + + return 1; +} + +static int +md5_sha1_update(EVP_MD_CTX *ctx, const void *data, size_t count) +{ + struct md5_sha1_ctx *mdctx = ctx->md_data; + + if (!MD5_Update(&mdctx->md5, data, count)) + return 0; + if (!SHA1_Update(&mdctx->sha1, data, count)) + return 0; + + return 1; +} + +static int +md5_sha1_final(EVP_MD_CTX *ctx, unsigned char *out) +{ + struct md5_sha1_ctx *mdctx = ctx->md_data; + + if (!MD5_Final(out, &mdctx->md5)) + return 0; + if (!SHA1_Final(out + MD5_DIGEST_LENGTH, &mdctx->sha1)) + return 0; + + return 1; +} + +static const EVP_MD md5_sha1_md = { + .type = NID_md5_sha1, + .pkey_type = NID_md5_sha1, + .md_size = MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, + .flags = 0, + .init = md5_sha1_init, + .update = md5_sha1_update, + .final = md5_sha1_final, + .block_size = MD5_CBLOCK, /* MD5_CBLOCK == SHA_CBLOCK */ + .ctx_size = sizeof(EVP_MD *) + sizeof(struct md5_sha1_ctx), +}; + +const EVP_MD * +EVP_md5_sha1(void) +{ + return &md5_sha1_md; +} -- cgit v1.2.3