[efi-boot-shim.git] / Cryptlib / OpenSSL / crypto / evp / digest.c

/* crypto/evp/digest.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 *
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 *
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 *
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */
/* ====================================================================
 * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
 *
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
 *    openssl-core@openssl.org.
 *
 * 5. Products derived from this software may not be called "OpenSSL"
 *    nor may "OpenSSL" appear in their names without prior written
 *    permission of the OpenSSL Project.
 *
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 * ====================================================================
 *
 * This product includes cryptographic software written by Eric Young
 * (eay@cryptsoft.com).  This product includes software written by Tim
 * Hudson (tjh@cryptsoft.com).
 *
 */

#include <stdio.h>
#include "cryptlib.h"
#include <openssl/objects.h>
#include <openssl/evp.h>
#ifndef OPENSSL_NO_ENGINE
# include <openssl/engine.h>
#endif

#ifdef OPENSSL_FIPS
# include <openssl/fips.h>
# include "evp_locl.h"
#endif

void EVP_MD_CTX_init(EVP_MD_CTX *ctx)
{
    memset(ctx, '\0', sizeof *ctx);
}

EVP_MD_CTX *EVP_MD_CTX_create(void)
{
    EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof *ctx);

    if (ctx)
        EVP_MD_CTX_init(ctx);

    return ctx;
}

int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type)
{
    EVP_MD_CTX_init(ctx);
    return EVP_DigestInit_ex(ctx, type, NULL);
}

int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
{
    EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
#ifdef OPENSSL_FIPS
    /* If FIPS mode switch to approved implementation if possible */
    if (FIPS_mode()) {
        const EVP_MD *fipsmd;
        if (type) {
            fipsmd = evp_get_fips_md(type);
            if (fipsmd)
                type = fipsmd;
        }
    }
#endif
#ifndef OPENSSL_NO_ENGINE
    /*
     * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so
     * this context may already have an ENGINE! Try to avoid releasing the
     * previous handle, re-querying for an ENGINE, and having a
     * reinitialisation, when it may all be unecessary.
     */
    if (ctx->engine && ctx->digest && (!type ||
                                       (type
                                        && (type->type ==
                                            ctx->digest->type))))
        goto skip_to_init;
    if (type) {
        /*
         * Ensure an ENGINE left lying around from last time is cleared (the
         * previous check attempted to avoid this if the same ENGINE and
         * EVP_MD could be used).
         */
        if (ctx->engine)
            ENGINE_finish(ctx->engine);
        if (impl) {
            if (!ENGINE_init(impl)) {
                EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR);
                return 0;
            }
        } else
            /* Ask if an ENGINE is reserved for this job */
            impl = ENGINE_get_digest_engine(type->type);
        if (impl) {
            /* There's an ENGINE for this job ... (apparently) */
            const EVP_MD *d = ENGINE_get_digest(impl, type->type);
            if (!d) {
                /* Same comment from evp_enc.c */
                EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR);
                ENGINE_finish(impl);
                return 0;
            }
            /* We'll use the ENGINE's private digest definition */
            type = d;
            /*
             * Store the ENGINE functional reference so we know 'type' came
             * from an ENGINE and we need to release it when done.
             */
            ctx->engine = impl;
        } else
            ctx->engine = NULL;
    } else {
        if (!ctx->digest) {
            EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_NO_DIGEST_SET);
            return 0;
        }
        type = ctx->digest;
    }
#endif
    if (ctx->digest != type) {
        if (ctx->digest && ctx->digest->ctx_size) {
            OPENSSL_free(ctx->md_data);
            ctx->md_data = NULL;
        }
        ctx->digest = type;
        if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) {
            ctx->update = type->update;
            ctx->md_data = OPENSSL_malloc(type->ctx_size);
            if (ctx->md_data == NULL) {
                EVPerr(EVP_F_EVP_DIGESTINIT_EX, ERR_R_MALLOC_FAILURE);
                return 0;
            }
        }
    }
#ifndef OPENSSL_NO_ENGINE
 skip_to_init:
#endif
    if (ctx->pctx) {
        int r;
        r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG,
                              EVP_PKEY_CTRL_DIGESTINIT, 0, ctx);
        if (r <= 0 && (r != -2))
            return 0;
    }
    if (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT)
        return 1;
#ifdef OPENSSL_FIPS
    if (FIPS_mode()) {
        if (FIPS_digestinit(ctx, type))
            return 1;
        OPENSSL_free(ctx->md_data);
        ctx->md_data = NULL;
        return 0;
    }
#endif
    return ctx->digest->init(ctx);
}

int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
{
#ifdef OPENSSL_FIPS
    return FIPS_digestupdate(ctx, data, count);
#else
    return ctx->update(ctx, data, count);
#endif
}

/* The caller can assume that this removes any secret data from the context */
int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
{
    int ret;
    ret = EVP_DigestFinal_ex(ctx, md, size);
    EVP_MD_CTX_cleanup(ctx);
    return ret;
}

/* The caller can assume that this removes any secret data from the context */
int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
{
#ifdef OPENSSL_FIPS
    return FIPS_digestfinal(ctx, md, size);
#else
    int ret;

    OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
    ret = ctx->digest->final(ctx, md);
    if (size != NULL)
        *size = ctx->digest->md_size;
    if (ctx->digest->cleanup) {
        ctx->digest->cleanup(ctx);
        EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
    }
    memset(ctx->md_data, 0, ctx->digest->ctx_size);
    return ret;
#endif
}

int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
{
    EVP_MD_CTX_init(out);
    return EVP_MD_CTX_copy_ex(out, in);
}

int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
{
    unsigned char *tmp_buf;
    if ((in == NULL) || (in->digest == NULL)) {
        EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, EVP_R_INPUT_NOT_INITIALIZED);
        return 0;
    }
#ifndef OPENSSL_NO_ENGINE
    /* Make sure it's safe to copy a digest context using an ENGINE */
    if (in->engine && !ENGINE_init(in->engine)) {
        EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, ERR_R_ENGINE_LIB);
        return 0;
    }
#endif

    if (out->digest == in->digest) {
        tmp_buf = out->md_data;
        EVP_MD_CTX_set_flags(out, EVP_MD_CTX_FLAG_REUSE);
    } else
        tmp_buf = NULL;
    EVP_MD_CTX_cleanup(out);
    memcpy(out, in, sizeof *out);

    if (in->md_data && out->digest->ctx_size) {
        if (tmp_buf)
            out->md_data = tmp_buf;
        else {
            out->md_data = OPENSSL_malloc(out->digest->ctx_size);
            if (!out->md_data) {
                EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, ERR_R_MALLOC_FAILURE);
                return 0;
            }
        }
        memcpy(out->md_data, in->md_data, out->digest->ctx_size);
    }

    out->update = in->update;

    if (in->pctx) {
        out->pctx = EVP_PKEY_CTX_dup(in->pctx);
        if (!out->pctx) {
            EVP_MD_CTX_cleanup(out);
            return 0;
        }
    }

    if (out->digest->copy)
        return out->digest->copy(out, in);

    return 1;
}

int EVP_Digest(const void *data, size_t count,
               unsigned char *md, unsigned int *size, const EVP_MD *type,
               ENGINE *impl)
{
    EVP_MD_CTX ctx;
    int ret;

    EVP_MD_CTX_init(&ctx);
    EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_ONESHOT);
    ret = EVP_DigestInit_ex(&ctx, type, impl)
        && EVP_DigestUpdate(&ctx, data, count)
        && EVP_DigestFinal_ex(&ctx, md, size);
    EVP_MD_CTX_cleanup(&ctx);

    return ret;
}

void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
{
    if (ctx) {
        EVP_MD_CTX_cleanup(ctx);
        OPENSSL_free(ctx);
    }
}

/* This call frees resources associated with the context */
int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
{
#ifndef OPENSSL_FIPS
    /*
     * Don't assume ctx->md_data was cleaned in EVP_Digest_Final, because
     * sometimes only copies of the context are ever finalised.
     */
    if (ctx->digest && ctx->digest->cleanup
        && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED))
        ctx->digest->cleanup(ctx);
    if (ctx->digest && ctx->digest->ctx_size && ctx->md_data
        && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
        OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size);
        OPENSSL_free(ctx->md_data);
    }
#endif
    if (ctx->pctx)
        EVP_PKEY_CTX_free(ctx->pctx);
#ifndef OPENSSL_NO_ENGINE
    if (ctx->engine)
        /*
         * The EVP_MD we used belongs to an ENGINE, release the functional
         * reference we held for this reason.
         */
        ENGINE_finish(ctx->engine);
#endif
#ifdef OPENSSL_FIPS
    FIPS_md_ctx_cleanup(ctx);
#endif
    memset(ctx, '\0', sizeof *ctx);

    return 1;
}
Commit	Line	Data
3e575651 SL	1	/* crypto/evp/digest.c */
	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
	3	* All rights reserved.
	4	*
	5	* This package is an SSL implementation written
	6	* by Eric Young (eay@cryptsoft.com).
	7	* The implementation was written so as to conform with Netscapes SSL.
d3819813	8	*
3e575651 SL	9	* This library is free for commercial and non-commercial use as long as
	10	* the following conditions are aheared to. The following conditions
	11	* apply to all code found in this distribution, be it the RC4, RSA,
	12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
	13	* included with this distribution is covered by the same copyright terms
	14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
d3819813	15	*
3e575651 SL	16	* Copyright remains Eric Young's, and as such any Copyright notices in
	17	* the code are not to be removed.
	18	* If this package is used in a product, Eric Young should be given attribution
	19	* as the author of the parts of the library used.
	20	* This can be in the form of a textual message at program startup or
	21	* in documentation (online or textual) provided with the package.
d3819813	22	*
3e575651 SL	23	* Redistribution and use in source and binary forms, with or without
	24	* modification, are permitted provided that the following conditions
	25	* are met:
	26	* 1. Redistributions of source code must retain the copyright
	27	* notice, this list of conditions and the following disclaimer.
	28	* 2. Redistributions in binary form must reproduce the above copyright
	29	* notice, this list of conditions and the following disclaimer in the
	30	* documentation and/or other materials provided with the distribution.
	31	* 3. All advertising materials mentioning features or use of this software
	32	* must display the following acknowledgement:
	33	* "This product includes cryptographic software written by
	34	* Eric Young (eay@cryptsoft.com)"
	35	* The word 'cryptographic' can be left out if the rouines from the library
	36	* being used are not cryptographic related :-).
d3819813	37	* 4. If you include any Windows specific code (or a derivative thereof) from
3e575651 SL	38	* the apps directory (application code) you must include an acknowledgement:
3e575651 SL	39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
d3819813	40	*
3e575651 SL	41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
	42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	44	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
	45	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	46	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	47	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	51	* SUCH DAMAGE.
d3819813	52	*
3e575651 SL	53	* The licence and distribution terms for any publically available version or
	54	* derivative of this code cannot be changed. i.e. this code cannot simply be
	55	* copied and put under another distribution licence
	56	* [including the GNU Public Licence.]
	57	*/
	58	/* ====================================================================
	59	* Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
	60	*
	61	* Redistribution and use in source and binary forms, with or without
	62	* modification, are permitted provided that the following conditions
	63	* are met:
	64	*
	65	* 1. Redistributions of source code must retain the above copyright
d3819813	66	* notice, this list of conditions and the following disclaimer.
3e575651 SL	67	*
	68	* 2. Redistributions in binary form must reproduce the above copyright
	69	* notice, this list of conditions and the following disclaimer in
	70	* the documentation and/or other materials provided with the
	71	* distribution.
	72	*
	73	* 3. All advertising materials mentioning features or use of this
	74	* software must display the following acknowledgment:
	75	* "This product includes software developed by the OpenSSL Project
	76	* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
	77	*
	78	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
	79	* endorse or promote products derived from this software without
	80	* prior written permission. For written permission, please contact
	81	* openssl-core@openssl.org.
	82	*
	83	* 5. Products derived from this software may not be called "OpenSSL"
	84	* nor may "OpenSSL" appear in their names without prior written
	85	* permission of the OpenSSL Project.
	86	*
	87	* 6. Redistributions of any form whatsoever must retain the following
	88	* acknowledgment:
	89	* "This product includes software developed by the OpenSSL Project
	90	* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
	91	*
	92	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
	93	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	94	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	95	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
	96	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	97	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	98	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	99	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	100	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
	101	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	102	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
	103	* OF THE POSSIBILITY OF SUCH DAMAGE.
	104	* ====================================================================
	105	*
	106	* This product includes cryptographic software written by Eric Young
	107	* (eay@cryptsoft.com). This product includes software written by Tim
	108	* Hudson (tjh@cryptsoft.com).
	109	*
	110	*/
	111
	112	#include <stdio.h>
	113	#include "cryptlib.h"
	114	#include <openssl/objects.h>
	115	#include <openssl/evp.h>
	116	#ifndef OPENSSL_NO_ENGINE
d3819813 MTL	117	# include <openssl/engine.h>
	118	#endif
	119
	120	#ifdef OPENSSL_FIPS
	121	# include <openssl/fips.h>
	122	# include "evp_locl.h"
3e575651	123	#endif
3e575651 SL	124
3e575651 SL	125	void EVP_MD_CTX_init(EVP_MD_CTX *ctx)
d3819813 MTL	126	{
	127	memset(ctx, '\0', sizeof *ctx);
	128	}
3e575651 SL	129
3e575651 SL	130	EVP_MD_CTX *EVP_MD_CTX_create(void)
d3819813 MTL	131	{
d3819813 MTL	132	EVP_MD_CTX ctx = OPENSSL_malloc(sizeof ctx);
3e575651	133
d3819813 MTL	134	if (ctx)
d3819813 MTL	135	EVP_MD_CTX_init(ctx);
3e575651	136
d3819813 MTL	137	return ctx;
d3819813 MTL	138	}
3e575651 SL	139
3e575651 SL	140	int EVP_DigestInit(EVP_MD_CTX ctx, const EVP_MD type)
d3819813 MTL	141	{
	142	EVP_MD_CTX_init(ctx);
	143	return EVP_DigestInit_ex(ctx, type, NULL);
	144	}
3e575651	145
d3819813 MTL	146	int EVP_DigestInit_ex(EVP_MD_CTX ctx, const EVP_MD type, ENGINE *impl)
	147	{
	148	EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
3e575651	149	#ifdef OPENSSL_FIPS
d3819813 MTL	150	/* If FIPS mode switch to approved implementation if possible */
	151	if (FIPS_mode()) {
	152	const EVP_MD *fipsmd;
	153	if (type) {
	154	fipsmd = evp_get_fips_md(type);
	155	if (fipsmd)
	156	type = fipsmd;
	157	}
	158	}
3e575651	159	#endif
3e575651	160	#ifndef OPENSSL_NO_ENGINE
d3819813 MTL	161	/*
	162	* Whether it's nice or not, "Inits" can be used on "Final"'d contexts so
	163	* this context may already have an ENGINE! Try to avoid releasing the
	164	* previous handle, re-querying for an ENGINE, and having a
	165	* reinitialisation, when it may all be unecessary.
	166	*/
	167	if (ctx->engine && ctx->digest && (!type \|\|
	168	(type
	169	&& (type->type ==
	170	ctx->digest->type))))
	171	goto skip_to_init;
	172	if (type) {
	173	/*
	174	* Ensure an ENGINE left lying around from last time is cleared (the
	175	* previous check attempted to avoid this if the same ENGINE and
	176	* EVP_MD could be used).
	177	*/
	178	if (ctx->engine)
	179	ENGINE_finish(ctx->engine);
	180	if (impl) {
	181	if (!ENGINE_init(impl)) {
	182	EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR);
	183	return 0;
	184	}
	185	} else
	186	/* Ask if an ENGINE is reserved for this job */
	187	impl = ENGINE_get_digest_engine(type->type);
	188	if (impl) {
	189	/* There's an ENGINE for this job ... (apparently) */
	190	const EVP_MD *d = ENGINE_get_digest(impl, type->type);
	191	if (!d) {
	192	/* Same comment from evp_enc.c */
	193	EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR);
	194	ENGINE_finish(impl);
	195	return 0;
	196	}
	197	/* We'll use the ENGINE's private digest definition */
	198	type = d;
	199	/*
	200	* Store the ENGINE functional reference so we know 'type' came
	201	* from an ENGINE and we need to release it when done.
	202	*/
	203	ctx->engine = impl;
	204	} else
	205	ctx->engine = NULL;
	206	} else {
	207	if (!ctx->digest) {
	208	EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_NO_DIGEST_SET);
	209	return 0;
	210	}
	211	type = ctx->digest;
	212	}
3e575651	213	#endif
d3819813	214	if (ctx->digest != type) {
62f0afa2	215	if (ctx->digest && ctx->digest->ctx_size) {
d3819813	216	OPENSSL_free(ctx->md_data);
62f0afa2 MTL	217	ctx->md_data = NULL;
62f0afa2 MTL	218	}
d3819813 MTL	219	ctx->digest = type;
	220	if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) {
	221	ctx->update = type->update;
	222	ctx->md_data = OPENSSL_malloc(type->ctx_size);
	223	if (ctx->md_data == NULL) {
	224	EVPerr(EVP_F_EVP_DIGESTINIT_EX, ERR_R_MALLOC_FAILURE);
	225	return 0;
	226	}
	227	}
	228	}
3e575651	229	#ifndef OPENSSL_NO_ENGINE
d3819813	230	skip_to_init:
3e575651	231	#endif
d3819813 MTL	232	if (ctx->pctx) {
	233	int r;
	234	r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG,
	235	EVP_PKEY_CTRL_DIGESTINIT, 0, ctx);
	236	if (r <= 0 && (r != -2))
	237	return 0;
	238	}
	239	if (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT)
	240	return 1;
3e575651	241	#ifdef OPENSSL_FIPS
d3819813 MTL	242	if (FIPS_mode()) {
	243	if (FIPS_digestinit(ctx, type))
	244	return 1;
	245	OPENSSL_free(ctx->md_data);
	246	ctx->md_data = NULL;
	247	return 0;
	248	}
3e575651	249	#endif
d3819813 MTL	250	return ctx->digest->init(ctx);
d3819813 MTL	251	}
3e575651	252
d3819813 MTL	253	int EVP_DigestUpdate(EVP_MD_CTX ctx, const void data, size_t count)
d3819813 MTL	254	{
3e575651	255	#ifdef OPENSSL_FIPS
d3819813 MTL	256	return FIPS_digestupdate(ctx, data, count);
	257	#else
	258	return ctx->update(ctx, data, count);
3e575651	259	#endif
d3819813	260	}
3e575651 SL	261
	262	/* The caller can assume that this removes any secret data from the context */
	263	int EVP_DigestFinal(EVP_MD_CTX ctx, unsigned char md, unsigned int *size)
d3819813 MTL	264	{
	265	int ret;
	266	ret = EVP_DigestFinal_ex(ctx, md, size);
	267	EVP_MD_CTX_cleanup(ctx);
	268	return ret;
	269	}
3e575651 SL	270
	271	/* The caller can assume that this removes any secret data from the context */
	272	int EVP_DigestFinal_ex(EVP_MD_CTX ctx, unsigned char md, unsigned int *size)
d3819813	273	{
3e575651	274	#ifdef OPENSSL_FIPS
d3819813 MTL	275	return FIPS_digestfinal(ctx, md, size);
	276	#else
	277	int ret;
	278
	279	OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
	280	ret = ctx->digest->final(ctx, md);
	281	if (size != NULL)
	282	*size = ctx->digest->md_size;
	283	if (ctx->digest->cleanup) {
	284	ctx->digest->cleanup(ctx);
	285	EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
	286	}
	287	memset(ctx->md_data, 0, ctx->digest->ctx_size);
	288	return ret;
3e575651	289	#endif
d3819813	290	}
3e575651 SL	291
3e575651 SL	292	int EVP_MD_CTX_copy(EVP_MD_CTX out, const EVP_MD_CTX in)
d3819813 MTL	293	{
	294	EVP_MD_CTX_init(out);
	295	return EVP_MD_CTX_copy_ex(out, in);
	296	}
3e575651 SL	297
3e575651 SL	298	int EVP_MD_CTX_copy_ex(EVP_MD_CTX out, const EVP_MD_CTX in)
d3819813 MTL	299	{
	300	unsigned char *tmp_buf;
	301	if ((in == NULL) \|\| (in->digest == NULL)) {
	302	EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, EVP_R_INPUT_NOT_INITIALIZED);
	303	return 0;
	304	}
3e575651	305	#ifndef OPENSSL_NO_ENGINE
d3819813 MTL	306	/* Make sure it's safe to copy a digest context using an ENGINE */
	307	if (in->engine && !ENGINE_init(in->engine)) {
	308	EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, ERR_R_ENGINE_LIB);
	309	return 0;
	310	}
3e575651 SL	311	#endif
3e575651 SL	312
d3819813 MTL	313	if (out->digest == in->digest) {
	314	tmp_buf = out->md_data;
	315	EVP_MD_CTX_set_flags(out, EVP_MD_CTX_FLAG_REUSE);
	316	} else
	317	tmp_buf = NULL;
	318	EVP_MD_CTX_cleanup(out);
	319	memcpy(out, in, sizeof *out);
	320
	321	if (in->md_data && out->digest->ctx_size) {
	322	if (tmp_buf)
	323	out->md_data = tmp_buf;
	324	else {
	325	out->md_data = OPENSSL_malloc(out->digest->ctx_size);
	326	if (!out->md_data) {
	327	EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, ERR_R_MALLOC_FAILURE);
	328	return 0;
	329	}
	330	}
	331	memcpy(out->md_data, in->md_data, out->digest->ctx_size);
	332	}
	333
	334	out->update = in->update;
	335
	336	if (in->pctx) {
	337	out->pctx = EVP_PKEY_CTX_dup(in->pctx);
	338	if (!out->pctx) {
	339	EVP_MD_CTX_cleanup(out);
	340	return 0;
	341	}
	342	}
	343
	344	if (out->digest->copy)
	345	return out->digest->copy(out, in);
	346
	347	return 1;
	348	}
3e575651 SL	349
3e575651 SL	350	int EVP_Digest(const void *data, size_t count,
d3819813 MTL	351	unsigned char md, unsigned int size, const EVP_MD *type,
	352	ENGINE *impl)
	353	{
	354	EVP_MD_CTX ctx;
	355	int ret;
	356
	357	EVP_MD_CTX_init(&ctx);
	358	EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_ONESHOT);
	359	ret = EVP_DigestInit_ex(&ctx, type, impl)
	360	&& EVP_DigestUpdate(&ctx, data, count)
	361	&& EVP_DigestFinal_ex(&ctx, md, size);
	362	EVP_MD_CTX_cleanup(&ctx);
	363
	364	return ret;
	365	}
3e575651 SL	366
3e575651 SL	367	void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
d3819813 MTL	368	{
	369	if (ctx) {
	370	EVP_MD_CTX_cleanup(ctx);
	371	OPENSSL_free(ctx);
	372	}
	373	}
3e575651 SL	374
	375	/* This call frees resources associated with the context */
	376	int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
d3819813 MTL	377	{
	378	#ifndef OPENSSL_FIPS
	379	/*
	380	* Don't assume ctx->md_data was cleaned in EVP_Digest_Final, because
	381	* sometimes only copies of the context are ever finalised.
	382	*/
	383	if (ctx->digest && ctx->digest->cleanup
	384	&& !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED))
	385	ctx->digest->cleanup(ctx);
	386	if (ctx->digest && ctx->digest->ctx_size && ctx->md_data
	387	&& !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
	388	OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size);
	389	OPENSSL_free(ctx->md_data);
	390	}
	391	#endif
	392	if (ctx->pctx)
	393	EVP_PKEY_CTX_free(ctx->pctx);
3e575651	394	#ifndef OPENSSL_NO_ENGINE
d3819813 MTL	395	if (ctx->engine)
	396	/*
	397	* The EVP_MD we used belongs to an ENGINE, release the functional
	398	* reference we held for this reason.
	399	*/
	400	ENGINE_finish(ctx->engine);
	401	#endif
	402	#ifdef OPENSSL_FIPS
	403	FIPS_md_ctx_cleanup(ctx);
3e575651	404	#endif
d3819813	405	memset(ctx, '\0', sizeof *ctx);
3e575651	406
d3819813 MTL	407	return 1;
d3819813 MTL	408	}