KNF

author: miod <> 2014-06-21 12:00:01 +0000
committer: miod <> 2014-06-21 12:00:01 +0000
commit: 2ef56674b5be6f3ed20a4d2131278e87cf0664d3 (patch)
tree: 4918517133d4c086155d739ea9f19fc7b736b3d9 /src/lib/libcrypto/hmac
parent: ad8d47ad97a6eda202961f498ac1757595f063c3 (diff)
download: openbsd-2ef56674b5be6f3ed20a4d2131278e87cf0664d3.tar.gz
openbsd-2ef56674b5be6f3ed20a4d2131278e87cf0664d3.tar.bz2
openbsd-2ef56674b5be6f3ed20a4d2131278e87cf0664d3.zip
3 files changed, 186 insertions, 178 deletions
diff --git a/src/lib/libcrypto/hmac/hm_ameth.c b/src/lib/libcrypto/hmac/hm_ameth.c
index e3633963fa..ef97918472 100644
--- a/src/lib/libcrypto/hmac/hm_ameth.c
+++ b/src/lib/libcrypto/hmac/hm_ameth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: hm_ameth.c,v 1.4 2014/06/12 15:49:29 deraadt Exp $ */
+/* $OpenBSD: hm_ameth.c,v 1.5 2014/06/21 12:00:01 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2007.
 */
@@ -68,35 +68,35 @@
 * key.
 */
-static int hmac_size(const EVP_PKEY *pkey)
+static int
-        {
+hmac_size(const EVP_PKEY *pkey)
+{
        return EVP_MAX_MD_SIZE;
-        }
+}
-static void hmac_key_free(EVP_PKEY *pkey)
+static void
-        {
+hmac_key_free(EVP_PKEY *pkey)
+{
        ASN1_OCTET_STRING *os = (ASN1_OCTET_STRING *)pkey->pkey.ptr;
-        if (os)
-                {
+        if (os) {
                if (os->data)
                        OPENSSL_cleanse(os->data, os->length);
                ASN1_OCTET_STRING_free(os);
-                }
        }
+}
+static int
-static int hmac_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
+hmac_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
-        {
+{
-        switch (op)
+        switch (op) {
-                {
+        case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
-                case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
                *(int *)arg2 = NID_sha1;
                return 1;
+        default:
-                default:
                return -2;
-                }
        }
+}
 #ifdef HMAC_TEST_PRIVATE_KEY_FORMAT
 /* A bogus private key format for test purposes. This is simply the
@@ -104,42 +104,44 @@ static int hmac_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
 * genpkey utility can be used to "generate" HMAC keys.
 */
-static int old_hmac_decode(EVP_PKEY *pkey,
+static int
-                                        const unsigned char **pder, int derlen)
+old_hmac_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen)
-        {
+{
        ASN1_OCTET_STRING *os;
        os = ASN1_OCTET_STRING_new();
        if (!os || !ASN1_OCTET_STRING_set(os, *pder, derlen))
                return 0;
        EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, os);
        return 1;
-        }
+}
-static int old_hmac_encode(const EVP_PKEY *pkey, unsigned char **pder)
+static int
-        {
+old_hmac_encode(const EVP_PKEY *pkey, unsigned char **pder)
+{
        int inc;
        ASN1_OCTET_STRING *os = (ASN1_OCTET_STRING *)pkey->pkey.ptr;
-        if (pder)
-                {
+        if (pder) {
-                if (!*pder)
+                if (!*pder) {
-                        {
                        *pder = malloc(os->length);
                        inc = 0;
-                        }
+                } else
-                else inc = 1;
+                        inc = 1;
                memcpy(*pder, os->data, os->length);
                if (inc)
                        *pder += os->length;
-                }
+        }
                        
        return os->length;
-        }
+}
 #endif
-const EVP_PKEY_ASN1_METHOD hmac_asn1_meth = {
+const EVP_PKEY_ASN1_METHOD
+hmac_asn1_meth = {
        .pkey_id = EVP_PKEY_HMAC,
        .pkey_base_id = EVP_PKEY_HMAC,
@@ -154,5 +156,4 @@ const EVP_PKEY_ASN1_METHOD hmac_asn1_meth = {
        .old_priv_decode = old_hmac_decode,
        .old_priv_encode = old_hmac_encode
 #endif
-        };
+};
diff --git a/src/lib/libcrypto/hmac/hm_pmeth.c b/src/lib/libcrypto/hmac/hm_pmeth.c
index e7a550b30c..c1ada08a48 100644
--- a/src/lib/libcrypto/hmac/hm_pmeth.c
+++ b/src/lib/libcrypto/hmac/hm_pmeth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: hm_pmeth.c,v 1.4 2014/06/12 15:49:29 deraadt Exp $ */
+/* $OpenBSD: hm_pmeth.c,v 1.5 2014/06/21 12:00:01 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2007.
 */
@@ -66,16 +66,17 @@
 /* HMAC pkey context structure */
-typedef struct
+typedef struct {
-        {
        const EVP_MD *md;       /* MD for HMAC use */
        ASN1_OCTET_STRING ktmp; /* Temp storage for key */
        HMAC_CTX ctx;
-        } HMAC_PKEY_CTX;
+} HMAC_PKEY_CTX;
-static int pkey_hmac_init(EVP_PKEY_CTX *ctx)
+static int
-        {
+pkey_hmac_init(EVP_PKEY_CTX *ctx)
+{
        HMAC_PKEY_CTX *hctx;
        hctx = malloc(sizeof(HMAC_PKEY_CTX));
        if (!hctx)
                return 0;
@@ -90,11 +91,13 @@ static int pkey_hmac_init(EVP_PKEY_CTX *ctx)
        ctx->keygen_info_count = 0;
        return 1;
-        }
+}
-static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+static int
-        {
+pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+{
        HMAC_PKEY_CTX *sctx, *dctx;
        if (!pkey_hmac_init(dst))
                return 0;
        sctx = src->data;
@@ -103,33 +106,35 @@ static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
        HMAC_CTX_init(&dctx->ctx);
        if (!HMAC_CTX_copy(&dctx->ctx, &sctx->ctx))
                return 0;
-        if (sctx->ktmp.data)
+        if (sctx->ktmp.data) {
-                {
+                if (!ASN1_OCTET_STRING_set(&dctx->ktmp, sctx->ktmp.data,
-                if (!ASN1_OCTET_STRING_set(&dctx->ktmp,
+                    sctx->ktmp.length))
-                                        sctx->ktmp.data, sctx->ktmp.length))
                        return 0;
-                }
-        return 1;
        }
+        return 1;
+}
-static void pkey_hmac_cleanup(EVP_PKEY_CTX *ctx)
+static void
-        {
+pkey_hmac_cleanup(EVP_PKEY_CTX *ctx)
+{
        HMAC_PKEY_CTX *hctx = ctx->data;
        HMAC_CTX_cleanup(&hctx->ctx);
-        if (hctx->ktmp.data)
+        if (hctx->ktmp.data) {
-                {
                if (hctx->ktmp.length)
                        OPENSSL_cleanse(hctx->ktmp.data, hctx->ktmp.length);
                free(hctx->ktmp.data);
                hctx->ktmp.data = NULL;
-                }
-        free(hctx);
        }
+        free(hctx);
+}
-static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+static int
-        {
+pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+{
        ASN1_OCTET_STRING *hkey = NULL;
        HMAC_PKEY_CTX *hctx = ctx->data;
        if (!hctx->ktmp.data)
                return 0;
        hkey = ASN1_OCTET_STRING_dup(&hctx->ktmp);
@@ -138,28 +143,33 @@ static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
        EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, hkey);
        
        return 1;
-        }
+}
-static int int_update(EVP_MD_CTX *ctx,const void *data,size_t count)
+static int
-        {
+int_update(EVP_MD_CTX *ctx,const void *data,size_t count)
+{
        HMAC_PKEY_CTX *hctx = ctx->pctx->data;
        if (!HMAC_Update(&hctx->ctx, data, count))
                return 0;
        return 1;
-        }
+}
-static int hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
+static int
-        {
+hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
+{
        HMAC_PKEY_CTX *hctx = ctx->data;
        HMAC_CTX_set_flags(&hctx->ctx, mctx->flags & ~EVP_MD_CTX_FLAG_NO_INIT);
        EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT);
        mctx->update = int_update;
        return 1;
-        }
+}
-static int hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+static int
-                                        EVP_MD_CTX *mctx)
+hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
-        {
+    EVP_MD_CTX *mctx)
+{
        unsigned int hlen;
        HMAC_PKEY_CTX *hctx = ctx->data;
        int l = EVP_MD_CTX_size(mctx);
@@ -174,55 +184,49 @@ static int hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
                return 0;
        *siglen = (size_t)hlen;
        return 1;
-        }
+}
-static int pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
+static int 
-        {
+pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
+{
        HMAC_PKEY_CTX *hctx = ctx->data;
        ASN1_OCTET_STRING *key;
-        switch (type)
-                {
-                case EVP_PKEY_CTRL_SET_MAC_KEY:
+        switch (type) {
+        case EVP_PKEY_CTRL_SET_MAC_KEY:
                if ((!p2 && p1 > 0) || (p1 < -1))
                        return 0;
                if (!ASN1_OCTET_STRING_set(&hctx->ktmp, p2, p1))
                        return 0;
                break;
-                case EVP_PKEY_CTRL_MD:
+        case EVP_PKEY_CTRL_MD:
                hctx->md = p2;
                break;
-                case EVP_PKEY_CTRL_DIGESTINIT:
+        case EVP_PKEY_CTRL_DIGESTINIT:
                key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr;
                if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md,
-                                ctx->engine))
+                    ctx->engine))
                        return 0;
                break;
-                default:
+        default:
                return -2;
-                }
-        return 1;
        }
+        return 1;
+}
-static int pkey_hmac_ctrl_str(EVP_PKEY_CTX *ctx,
+static int
-                        const char *type, const char *value)
+pkey_hmac_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value)
-        {
+{
        if (!value)
-                {
                return 0;
-                }
+        if (!strcmp(type, "key")) {
-        if (!strcmp(type, "key"))
-                {
                void *p = (void *)value;
-                return pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY,
+                return pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, -1, p);
-                                -1, p);
+        }
-                }
+        if (!strcmp(type, "hexkey")) {
-        if (!strcmp(type, "hexkey"))
-                {
                unsigned char *key;
                int r;
                long keylen;
@@ -232,11 +236,12 @@ static int pkey_hmac_ctrl_str(EVP_PKEY_CTX *ctx,
                r = pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key);
                free(key);
                return r;
-                }
-        return -2;
        }
+        return -2;
+}
-const EVP_PKEY_METHOD hmac_pkey_meth = {
+const EVP_PKEY_METHOD
+hmac_pkey_meth = {
        .pkey_id = EVP_PKEY_HMAC,
        .init = pkey_hmac_init,
diff --git a/src/lib/libcrypto/hmac/hmac.c b/src/lib/libcrypto/hmac/hmac.c
index 690715db2c..0c29156d80 100644
--- a/src/lib/libcrypto/hmac/hmac.c
+++ b/src/lib/libcrypto/hmac/hmac.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: hmac.c,v 1.18 2014/06/12 15:49:29 deraadt Exp $ */
+/* $OpenBSD: hmac.c,v 1.19 2014/06/21 12:00:01 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -61,108 +61,107 @@
 #include "cryptlib.h"
 #include <openssl/hmac.h>
-int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
+int
-                  const EVP_MD *md, ENGINE *impl)
+HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md,
-        {
+    ENGINE *impl)
-        int i,j,reset=0;
+{
+        int i, j, reset = 0;
        unsigned char pad[HMAC_MAX_MD_CBLOCK];
-        if (md != NULL)
+        if (md != NULL) {
-                {
+                reset = 1;
-                reset=1;
+                ctx->md = md;
-                ctx->md=md;
+        } else
-                }
+                md = ctx->md;
-        else
-                md=ctx->md;
-        if (key != NULL)
+        if (key != NULL) {
-                {
+                reset = 1;
-                reset=1;
+                j = EVP_MD_block_size(md);
-                j=EVP_MD_block_size(md);
                OPENSSL_assert(j <= (int)sizeof(ctx->key));
-                if (j < len)
+                if (j < len) {
-                        {
+                        if (!EVP_DigestInit_ex(&ctx->md_ctx, md, impl))
-                        if (!EVP_DigestInit_ex(&ctx->md_ctx,md, impl))
                                goto err;
-                        if (!EVP_DigestUpdate(&ctx->md_ctx,key,len))
+                        if (!EVP_DigestUpdate(&ctx->md_ctx, key, len))
                                goto err;
-                        if (!EVP_DigestFinal_ex(&(ctx->md_ctx),ctx->key,
+                        if (!EVP_DigestFinal_ex(&(ctx->md_ctx), ctx->key,
                                &ctx->key_length))
                                goto err;
-                        }
+                } else {
-                else
-                        {
                        OPENSSL_assert(len>=0 && len<=(int)sizeof(ctx->key));
                        memcpy(ctx->key,key,len);
-                        ctx->key_length=len;
+                        ctx->key_length = len;
-                        }
+                }
-                if(ctx->key_length != HMAC_MAX_MD_CBLOCK)
+                if (ctx->key_length != HMAC_MAX_MD_CBLOCK)
                        memset(&ctx->key[ctx->key_length], 0,
-                                HMAC_MAX_MD_CBLOCK - ctx->key_length);
+                            HMAC_MAX_MD_CBLOCK - ctx->key_length);
                }
-        if (reset)      
+        if (reset) {
-                {
+                for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++)
-                for (i=0; i<HMAC_MAX_MD_CBLOCK; i++)
+                        pad[i] = 0x36 ^ ctx->key[i];
-                        pad[i]=0x36^ctx->key[i];
+                if (!EVP_DigestInit_ex(&ctx->i_ctx, md, impl))
-                if (!EVP_DigestInit_ex(&ctx->i_ctx,md, impl))
                        goto err;
-                if (!EVP_DigestUpdate(&ctx->i_ctx,pad,EVP_MD_block_size(md)))
+                if (!EVP_DigestUpdate(&ctx->i_ctx, pad, EVP_MD_block_size(md)))
                        goto err;
-                for (i=0; i<HMAC_MAX_MD_CBLOCK; i++)
+                for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++)
-                        pad[i]=0x5c^ctx->key[i];
+                        pad[i] = 0x5c ^ ctx->key[i];
-                if (!EVP_DigestInit_ex(&ctx->o_ctx,md, impl))
+                if (!EVP_DigestInit_ex(&ctx->o_ctx, md, impl))
                        goto err;
-                if (!EVP_DigestUpdate(&ctx->o_ctx,pad,EVP_MD_block_size(md)))
+                if (!EVP_DigestUpdate(&ctx->o_ctx, pad, EVP_MD_block_size(md)))
-                        goto err;
-                }
-        if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->i_ctx))
                        goto err;
+        }
+        if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->i_ctx))
+                goto err;
        return 1;
-        err:
+err:
        return 0;
-        }
+}
-int HMAC_Init(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md)
+int
-        {
+HMAC_Init(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md)
-        if(key && md)
+{
+        if (key && md)
            HMAC_CTX_init(ctx);
        return HMAC_Init_ex(ctx,key,len,md, NULL);
-        }
+}
-int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len)
+int
-        {
+HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len)
+{
        return EVP_DigestUpdate(&ctx->md_ctx,data,len);
-        }
+}
-int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
+int
-        {
+HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
+{
        unsigned int i;
        unsigned char buf[EVP_MAX_MD_SIZE];
-        if (!EVP_DigestFinal_ex(&ctx->md_ctx,buf,&i))
+        if (!EVP_DigestFinal_ex(&ctx->md_ctx, buf, &i))
                goto err;
-        if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->o_ctx))
+        if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->o_ctx))
                goto err;
-        if (!EVP_DigestUpdate(&ctx->md_ctx,buf,i))
+        if (!EVP_DigestUpdate(&ctx->md_ctx, buf, i))
                goto err;
-        if (!EVP_DigestFinal_ex(&ctx->md_ctx,md,len))
+        if (!EVP_DigestFinal_ex(&ctx->md_ctx, md, len))
                goto err;
        return 1;
-        err:
+err:
        return 0;
-        }
+}
-void HMAC_CTX_init(HMAC_CTX *ctx)
+void
-        {
+HMAC_CTX_init(HMAC_CTX *ctx)
+{
        EVP_MD_CTX_init(&ctx->i_ctx);
        EVP_MD_CTX_init(&ctx->o_ctx);
        EVP_MD_CTX_init(&ctx->md_ctx);
-        }
+}
-int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
+int
-        {
+HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
+{
        if (!EVP_MD_CTX_copy(&dctx->i_ctx, &sctx->i_ctx))
                goto err;
        if (!EVP_MD_CTX_copy(&dctx->o_ctx, &sctx->o_ctx))
@@ -173,42 +172,45 @@ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
        dctx->key_length = sctx->key_length;
        dctx->md = sctx->md;
        return 1;
-        err:
+err:
        return 0;
-        }
+}
-void HMAC_CTX_cleanup(HMAC_CTX *ctx)
+void
-        {
+HMAC_CTX_cleanup(HMAC_CTX *ctx)
+{
        EVP_MD_CTX_cleanup(&ctx->i_ctx);
        EVP_MD_CTX_cleanup(&ctx->o_ctx);
        EVP_MD_CTX_cleanup(&ctx->md_ctx);
-        memset(ctx,0,sizeof *ctx);
+        memset(ctx, 0, sizeof *ctx);
-        }
+}
-unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
+unsigned char *
-                    const unsigned char *d, size_t n, unsigned char *md,
+HMAC(const EVP_MD *evp_md, const void *key, int key_len, const unsigned char *d,
-                    unsigned int *md_len)
+    size_t n, unsigned char *md, unsigned int *md_len)
-        {
+{
        HMAC_CTX c;
        static unsigned char m[EVP_MAX_MD_SIZE];
-        if (md == NULL) md=m;
+        if (md == NULL)
+                md = m;
        HMAC_CTX_init(&c);
-        if (!HMAC_Init(&c,key,key_len,evp_md))
+        if (!HMAC_Init(&c, key, key_len, evp_md))
                goto err;
-        if (!HMAC_Update(&c,d,n))
+        if (!HMAC_Update(&c, d, n))
                goto err;
-        if (!HMAC_Final(&c,md,md_len))
+        if (!HMAC_Final(&c, md, md_len))
                goto err;
        HMAC_CTX_cleanup(&c);
        return md;
-        err:
+err:
        return NULL;
-        }
+}
-void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags)
+void
-        {
+HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags)
+{
        EVP_MD_CTX_set_flags(&ctx->i_ctx, flags);
        EVP_MD_CTX_set_flags(&ctx->o_ctx, flags);
        EVP_MD_CTX_set_flags(&ctx->md_ctx, flags);
-        }
+}
author	miod <>	2014-06-21 12:00:01 +0000
committer	miod <>	2014-06-21 12:00:01 +0000
commit	2ef56674b5be6f3ed20a4d2131278e87cf0664d3 (patch)
tree	4918517133d4c086155d739ea9f19fc7b736b3d9 /src/lib/libcrypto/hmac
parent	ad8d47ad97a6eda202961f498ac1757595f063c3 (diff)
download	openbsd-2ef56674b5be6f3ed20a4d2131278e87cf0664d3.tar.gz openbsd-2ef56674b5be6f3ed20a4d2131278e87cf0664d3.tar.bz2 openbsd-2ef56674b5be6f3ed20a4d2131278e87cf0664d3.zip

diff --git a/src/lib/libcrypto/hmac/hm_ameth.c b/src/lib/libcrypto/hmac/hm_ameth.c index e3633963fa..ef97918472 100644 --- a/src/lib/libcrypto/hmac/hm_ameth.c +++ b/src/lib/libcrypto/hmac/hm_ameth.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: hm_ameth.c,v 1.4 2014/06/12 15:49:29 deraadt Exp $ */	1	/* $OpenBSD: hm_ameth.c,v 1.5 2014/06/21 12:00:01 miod Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 2007.	3	* project 2007.
4	*/	4	*/
@@ -68,35 +68,35 @@
68	* key.	68	* key.
69	*/	69	*/
70		70
71	static int hmac_size(const EVP_PKEY *pkey)	71	static int
72	{	72	hmac_size(const EVP_PKEY *pkey)
		73	{
73	return EVP_MAX_MD_SIZE;	74	return EVP_MAX_MD_SIZE;
74	}	75	}
75		76
76	static void hmac_key_free(EVP_PKEY *pkey)	77	static void
77	{	78	hmac_key_free(EVP_PKEY *pkey)
		79	{
78	ASN1_OCTET_STRING os = (ASN1_OCTET_STRING )pkey->pkey.ptr;	80	ASN1_OCTET_STRING os = (ASN1_OCTET_STRING )pkey->pkey.ptr;
79	if (os)	81
80	{	82	if (os) {
81	if (os->data)	83	if (os->data)
82	OPENSSL_cleanse(os->data, os->length);	84	OPENSSL_cleanse(os->data, os->length);
83	ASN1_OCTET_STRING_free(os);	85	ASN1_OCTET_STRING_free(os);
84	}
85	}	86	}
		87	}
86		88
87		89	static int
88	static int hmac_pkey_ctrl(EVP_PKEY pkey, int op, long arg1, void arg2)	90	hmac_pkey_ctrl(EVP_PKEY pkey, int op, long arg1, void arg2)
89	{	91	{
90	switch (op)	92	switch (op) {
91	{	93	case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
92	case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
93	(int )arg2 = NID_sha1;	94	(int )arg2 = NID_sha1;
94	return 1;	95	return 1;
95		96	default:
96	default:
97	return -2;	97	return -2;
98	}
99	}	98	}
		99	}
100		100
101	#ifdef HMAC_TEST_PRIVATE_KEY_FORMAT	101	#ifdef HMAC_TEST_PRIVATE_KEY_FORMAT
102	/* A bogus private key format for test purposes. This is simply the	102	/* A bogus private key format for test purposes. This is simply the
@@ -104,42 +104,44 @@ static int hmac_pkey_ctrl(EVP_PKEY pkey, int op, long arg1, void arg2)
104	* genpkey utility can be used to "generate" HMAC keys.	104	* genpkey utility can be used to "generate" HMAC keys.
105	*/	105	*/
106		106
107	static int old_hmac_decode(EVP_PKEY *pkey,	107	static int
108	const unsigned char **pder, int derlen)	108	old_hmac_decode(EVP_PKEY pkey, const unsigned char *pder, int derlen)
109	{	109	{
110	ASN1_OCTET_STRING *os;	110	ASN1_OCTET_STRING *os;
		111
111	os = ASN1_OCTET_STRING_new();	112	os = ASN1_OCTET_STRING_new();
112	if (!os \|\| !ASN1_OCTET_STRING_set(os, *pder, derlen))	113	if (!os \|\| !ASN1_OCTET_STRING_set(os, *pder, derlen))
113	return 0;	114	return 0;
114	EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, os);	115	EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, os);
115	return 1;	116	return 1;
116	}	117	}
117		118
118	static int old_hmac_encode(const EVP_PKEY pkey, unsigned char *pder)	119	static int
119	{	120	old_hmac_encode(const EVP_PKEY pkey, unsigned char *pder)
		121	{
120	int inc;	122	int inc;
121	ASN1_OCTET_STRING os = (ASN1_OCTET_STRING )pkey->pkey.ptr;	123	ASN1_OCTET_STRING os = (ASN1_OCTET_STRING )pkey->pkey.ptr;
122	if (pder)	124
123	{	125	if (pder) {
124	if (!*pder)	126	if (!*pder) {
125	{
126	*pder = malloc(os->length);	127	*pder = malloc(os->length);
127	inc = 0;	128	inc = 0;
128	}	129	} else
129	else inc = 1;	130	inc = 1;
130		131
131	memcpy(*pder, os->data, os->length);	132	memcpy(*pder, os->data, os->length);
132		133
133	if (inc)	134	if (inc)
134	*pder += os->length;	135	*pder += os->length;
135	}	136	}
136		137
137	return os->length;	138	return os->length;
138	}	139	}
139		140
140	#endif	141	#endif
141		142
142	const EVP_PKEY_ASN1_METHOD hmac_asn1_meth = {	143	const EVP_PKEY_ASN1_METHOD
		144	hmac_asn1_meth = {
143	.pkey_id = EVP_PKEY_HMAC,	145	.pkey_id = EVP_PKEY_HMAC,
144	.pkey_base_id = EVP_PKEY_HMAC,	146	.pkey_base_id = EVP_PKEY_HMAC,
145		147
@@ -154,5 +156,4 @@ const EVP_PKEY_ASN1_METHOD hmac_asn1_meth = {
154	.old_priv_decode = old_hmac_decode,	156	.old_priv_decode = old_hmac_decode,
155	.old_priv_encode = old_hmac_encode	157	.old_priv_encode = old_hmac_encode
156	#endif	158	#endif
157	};	159	};
158


diff --git a/src/lib/libcrypto/hmac/hm_pmeth.c b/src/lib/libcrypto/hmac/hm_pmeth.c index e7a550b30c..c1ada08a48 100644 --- a/src/lib/libcrypto/hmac/hm_pmeth.c +++ b/src/lib/libcrypto/hmac/hm_pmeth.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: hm_pmeth.c,v 1.4 2014/06/12 15:49:29 deraadt Exp $ */	1	/* $OpenBSD: hm_pmeth.c,v 1.5 2014/06/21 12:00:01 miod Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 2007.	3	* project 2007.
4	*/	4	*/
@@ -66,16 +66,17 @@
66		66
67	/* HMAC pkey context structure */	67	/* HMAC pkey context structure */
68		68
69	typedef struct	69	typedef struct {
70	{
71	const EVP_MD md; / MD for HMAC use */	70	const EVP_MD md; / MD for HMAC use */
72	ASN1_OCTET_STRING ktmp; /* Temp storage for key */	71	ASN1_OCTET_STRING ktmp; /* Temp storage for key */
73	HMAC_CTX ctx;	72	HMAC_CTX ctx;
74	} HMAC_PKEY_CTX;	73	} HMAC_PKEY_CTX;
75		74
76	static int pkey_hmac_init(EVP_PKEY_CTX *ctx)	75	static int
77	{	76	pkey_hmac_init(EVP_PKEY_CTX *ctx)
		77	{
78	HMAC_PKEY_CTX *hctx;	78	HMAC_PKEY_CTX *hctx;
		79
79	hctx = malloc(sizeof(HMAC_PKEY_CTX));	80	hctx = malloc(sizeof(HMAC_PKEY_CTX));
80	if (!hctx)	81	if (!hctx)
81	return 0;	82	return 0;
@@ -90,11 +91,13 @@ static int pkey_hmac_init(EVP_PKEY_CTX *ctx)
90	ctx->keygen_info_count = 0;	91	ctx->keygen_info_count = 0;
91		92
92	return 1;	93	return 1;
93	}	94	}
94		95
95	static int pkey_hmac_copy(EVP_PKEY_CTX dst, EVP_PKEY_CTX src)	96	static int
96	{	97	pkey_hmac_copy(EVP_PKEY_CTX dst, EVP_PKEY_CTX src)
		98	{
97	HMAC_PKEY_CTX sctx, dctx;	99	HMAC_PKEY_CTX sctx, dctx;
		100
98	if (!pkey_hmac_init(dst))	101	if (!pkey_hmac_init(dst))
99	return 0;	102	return 0;
100	sctx = src->data;	103	sctx = src->data;
@@ -103,33 +106,35 @@ static int pkey_hmac_copy(EVP_PKEY_CTX dst, EVP_PKEY_CTX src)
103	HMAC_CTX_init(&dctx->ctx);	106	HMAC_CTX_init(&dctx->ctx);
104	if (!HMAC_CTX_copy(&dctx->ctx, &sctx->ctx))	107	if (!HMAC_CTX_copy(&dctx->ctx, &sctx->ctx))
105	return 0;	108	return 0;
106	if (sctx->ktmp.data)	109	if (sctx->ktmp.data) {
107	{	110	if (!ASN1_OCTET_STRING_set(&dctx->ktmp, sctx->ktmp.data,
108	if (!ASN1_OCTET_STRING_set(&dctx->ktmp,	111	sctx->ktmp.length))
109	sctx->ktmp.data, sctx->ktmp.length))
110	return 0;	112	return 0;
111	}
112	return 1;
113	}	113	}
		114	return 1;
		115	}
114		116
115	static void pkey_hmac_cleanup(EVP_PKEY_CTX *ctx)	117	static void
116	{	118	pkey_hmac_cleanup(EVP_PKEY_CTX *ctx)
		119	{
117	HMAC_PKEY_CTX *hctx = ctx->data;	120	HMAC_PKEY_CTX *hctx = ctx->data;
		121
118	HMAC_CTX_cleanup(&hctx->ctx);	122	HMAC_CTX_cleanup(&hctx->ctx);
119	if (hctx->ktmp.data)	123	if (hctx->ktmp.data) {
120	{
121	if (hctx->ktmp.length)	124	if (hctx->ktmp.length)
122	OPENSSL_cleanse(hctx->ktmp.data, hctx->ktmp.length);	125	OPENSSL_cleanse(hctx->ktmp.data, hctx->ktmp.length);
123	free(hctx->ktmp.data);	126	free(hctx->ktmp.data);
124	hctx->ktmp.data = NULL;	127	hctx->ktmp.data = NULL;
125	}
126	free(hctx);
127	}	128	}
		129	free(hctx);
		130	}
128		131
129	static int pkey_hmac_keygen(EVP_PKEY_CTX ctx, EVP_PKEY pkey)	132	static int
130	{	133	pkey_hmac_keygen(EVP_PKEY_CTX ctx, EVP_PKEY pkey)
		134	{
131	ASN1_OCTET_STRING *hkey = NULL;	135	ASN1_OCTET_STRING *hkey = NULL;
132	HMAC_PKEY_CTX *hctx = ctx->data;	136	HMAC_PKEY_CTX *hctx = ctx->data;
		137
133	if (!hctx->ktmp.data)	138	if (!hctx->ktmp.data)
134	return 0;	139	return 0;
135	hkey = ASN1_OCTET_STRING_dup(&hctx->ktmp);	140	hkey = ASN1_OCTET_STRING_dup(&hctx->ktmp);
@@ -138,28 +143,33 @@ static int pkey_hmac_keygen(EVP_PKEY_CTX ctx, EVP_PKEY pkey)
138	EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, hkey);	143	EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, hkey);
139		144
140	return 1;	145	return 1;
141	}	146	}
142		147
143	static int int_update(EVP_MD_CTX ctx,const void data,size_t count)	148	static int
144	{	149	int_update(EVP_MD_CTX ctx,const void data,size_t count)
		150	{
145	HMAC_PKEY_CTX *hctx = ctx->pctx->data;	151	HMAC_PKEY_CTX *hctx = ctx->pctx->data;
		152
146	if (!HMAC_Update(&hctx->ctx, data, count))	153	if (!HMAC_Update(&hctx->ctx, data, count))
147	return 0;	154	return 0;
148	return 1;	155	return 1;
149	}	156	}
150		157
151	static int hmac_signctx_init(EVP_PKEY_CTX ctx, EVP_MD_CTX mctx)	158	static int
152	{	159	hmac_signctx_init(EVP_PKEY_CTX ctx, EVP_MD_CTX mctx)
		160	{
153	HMAC_PKEY_CTX *hctx = ctx->data;	161	HMAC_PKEY_CTX *hctx = ctx->data;
		162
154	HMAC_CTX_set_flags(&hctx->ctx, mctx->flags & ~EVP_MD_CTX_FLAG_NO_INIT);	163	HMAC_CTX_set_flags(&hctx->ctx, mctx->flags & ~EVP_MD_CTX_FLAG_NO_INIT);
155	EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT);	164	EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT);
156	mctx->update = int_update;	165	mctx->update = int_update;
157	return 1;	166	return 1;
158	}	167	}
159		168
160	static int hmac_signctx(EVP_PKEY_CTX ctx, unsigned char sig, size_t *siglen,	169	static int
161	EVP_MD_CTX *mctx)	170	hmac_signctx(EVP_PKEY_CTX ctx, unsigned char sig, size_t *siglen,
162	{	171	EVP_MD_CTX *mctx)
		172	{
163	unsigned int hlen;	173	unsigned int hlen;
164	HMAC_PKEY_CTX *hctx = ctx->data;	174	HMAC_PKEY_CTX *hctx = ctx->data;
165	int l = EVP_MD_CTX_size(mctx);	175	int l = EVP_MD_CTX_size(mctx);
@@ -174,55 +184,49 @@ static int hmac_signctx(EVP_PKEY_CTX ctx, unsigned char sig, size_t *siglen,
174	return 0;	184	return 0;
175	*siglen = (size_t)hlen;	185	*siglen = (size_t)hlen;
176	return 1;	186	return 1;
177	}	187	}
178		188
179	static int pkey_hmac_ctrl(EVP_PKEY_CTX ctx, int type, int p1, void p2)	189	static int
180	{	190	pkey_hmac_ctrl(EVP_PKEY_CTX ctx, int type, int p1, void p2)
		191	{
181	HMAC_PKEY_CTX *hctx = ctx->data;	192	HMAC_PKEY_CTX *hctx = ctx->data;
182	ASN1_OCTET_STRING *key;	193	ASN1_OCTET_STRING *key;
183	switch (type)
184	{
185		194
186	case EVP_PKEY_CTRL_SET_MAC_KEY:	195	switch (type) {
		196	case EVP_PKEY_CTRL_SET_MAC_KEY:
187	if ((!p2 && p1 > 0) \|\| (p1 < -1))	197	if ((!p2 && p1 > 0) \|\| (p1 < -1))
188	return 0;	198	return 0;
189	if (!ASN1_OCTET_STRING_set(&hctx->ktmp, p2, p1))	199	if (!ASN1_OCTET_STRING_set(&hctx->ktmp, p2, p1))
190	return 0;	200	return 0;
191	break;	201	break;
192		202
193	case EVP_PKEY_CTRL_MD:	203	case EVP_PKEY_CTRL_MD:
194	hctx->md = p2;	204	hctx->md = p2;
195	break;	205	break;
196		206
197	case EVP_PKEY_CTRL_DIGESTINIT:	207	case EVP_PKEY_CTRL_DIGESTINIT:
198	key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr;	208	key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr;
199	if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md,	209	if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md,
200	ctx->engine))	210	ctx->engine))
201	return 0;	211	return 0;
202	break;	212	break;
203		213
204	default:	214	default:
205	return -2;	215	return -2;
206
207	}
208	return 1;
209	}	216	}
		217	return 1;
		218	}
210		219
211	static int pkey_hmac_ctrl_str(EVP_PKEY_CTX *ctx,	220	static int
212	const char type, const char value)	221	pkey_hmac_ctrl_str(EVP_PKEY_CTX ctx, const char type, const char *value)
213	{	222	{
214	if (!value)	223	if (!value)
215	{
216	return 0;	224	return 0;
217	}	225	if (!strcmp(type, "key")) {
218	if (!strcmp(type, "key"))
219	{
220	void p = (void )value;	226	void p = (void )value;
221	return pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY,	227	return pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, -1, p);
222	-1, p);	228	}
223	}	229	if (!strcmp(type, "hexkey")) {
224	if (!strcmp(type, "hexkey"))
225	{
226	unsigned char *key;	230	unsigned char *key;
227	int r;	231	int r;
228	long keylen;	232	long keylen;
@@ -232,11 +236,12 @@ static int pkey_hmac_ctrl_str(EVP_PKEY_CTX *ctx,
232	r = pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key);	236	r = pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key);
233	free(key);	237	free(key);
234	return r;	238	return r;
235	}
236	return -2;
237	}	239	}
		240	return -2;
		241	}
238		242
239	const EVP_PKEY_METHOD hmac_pkey_meth = {	243	const EVP_PKEY_METHOD
		244	hmac_pkey_meth = {
240	.pkey_id = EVP_PKEY_HMAC,	245	.pkey_id = EVP_PKEY_HMAC,
241		246
242	.init = pkey_hmac_init,	247	.init = pkey_hmac_init,


diff --git a/src/lib/libcrypto/hmac/hmac.c b/src/lib/libcrypto/hmac/hmac.c index 690715db2c..0c29156d80 100644 --- a/src/lib/libcrypto/hmac/hmac.c +++ b/src/lib/libcrypto/hmac/hmac.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: hmac.c,v 1.18 2014/06/12 15:49:29 deraadt Exp $ */	1	/* $OpenBSD: hmac.c,v 1.19 2014/06/21 12:00:01 miod Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -61,108 +61,107 @@
61	#include "cryptlib.h"	61	#include "cryptlib.h"
62	#include <openssl/hmac.h>	62	#include <openssl/hmac.h>
63		63
64	int HMAC_Init_ex(HMAC_CTX ctx, const void key, int len,	64	int
65	const EVP_MD md, ENGINE impl)	65	HMAC_Init_ex(HMAC_CTX ctx, const void key, int len, const EVP_MD *md,
66	{	66	ENGINE *impl)
67	int i,j,reset=0;	67	{
		68	int i, j, reset = 0;
68	unsigned char pad[HMAC_MAX_MD_CBLOCK];	69	unsigned char pad[HMAC_MAX_MD_CBLOCK];
69		70
70	if (md != NULL)	71	if (md != NULL) {
71	{	72	reset = 1;
72	reset=1;	73	ctx->md = md;
73	ctx->md=md;	74	} else
74	}	75	md = ctx->md;
75	else
76	md=ctx->md;
77		76
78	if (key != NULL)	77	if (key != NULL) {
79	{	78	reset = 1;
80	reset=1;	79	j = EVP_MD_block_size(md);
81	j=EVP_MD_block_size(md);
82	OPENSSL_assert(j <= (int)sizeof(ctx->key));	80	OPENSSL_assert(j <= (int)sizeof(ctx->key));
83	if (j < len)	81	if (j < len) {
84	{	82	if (!EVP_DigestInit_ex(&ctx->md_ctx, md, impl))
85	if (!EVP_DigestInit_ex(&ctx->md_ctx,md, impl))
86	goto err;	83	goto err;
87	if (!EVP_DigestUpdate(&ctx->md_ctx,key,len))	84	if (!EVP_DigestUpdate(&ctx->md_ctx, key, len))
88	goto err;	85	goto err;
89	if (!EVP_DigestFinal_ex(&(ctx->md_ctx),ctx->key,	86	if (!EVP_DigestFinal_ex(&(ctx->md_ctx), ctx->key,
90	&ctx->key_length))	87	&ctx->key_length))
91	goto err;	88	goto err;
92	}	89	} else {
93	else
94	{
95	OPENSSL_assert(len>=0 && len<=(int)sizeof(ctx->key));	90	OPENSSL_assert(len>=0 && len<=(int)sizeof(ctx->key));
96	memcpy(ctx->key,key,len);	91	memcpy(ctx->key,key,len);
97	ctx->key_length=len;	92	ctx->key_length = len;
98	}	93	}
99	if(ctx->key_length != HMAC_MAX_MD_CBLOCK)	94	if (ctx->key_length != HMAC_MAX_MD_CBLOCK)
100	memset(&ctx->key[ctx->key_length], 0,	95	memset(&ctx->key[ctx->key_length], 0,
101	HMAC_MAX_MD_CBLOCK - ctx->key_length);	96	HMAC_MAX_MD_CBLOCK - ctx->key_length);
102	}	97	}
103		98
104	if (reset)	99	if (reset) {
105	{	100	for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++)
106	for (i=0; i<HMAC_MAX_MD_CBLOCK; i++)	101	pad[i] = 0x36 ^ ctx->key[i];
107	pad[i]=0x36^ctx->key[i];	102	if (!EVP_DigestInit_ex(&ctx->i_ctx, md, impl))
108	if (!EVP_DigestInit_ex(&ctx->i_ctx,md, impl))
109	goto err;	103	goto err;
110	if (!EVP_DigestUpdate(&ctx->i_ctx,pad,EVP_MD_block_size(md)))	104	if (!EVP_DigestUpdate(&ctx->i_ctx, pad, EVP_MD_block_size(md)))
111	goto err;	105	goto err;
112		106
113	for (i=0; i<HMAC_MAX_MD_CBLOCK; i++)	107	for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++)
114	pad[i]=0x5c^ctx->key[i];	108	pad[i] = 0x5c ^ ctx->key[i];
115	if (!EVP_DigestInit_ex(&ctx->o_ctx,md, impl))	109	if (!EVP_DigestInit_ex(&ctx->o_ctx, md, impl))
116	goto err;	110	goto err;
117	if (!EVP_DigestUpdate(&ctx->o_ctx,pad,EVP_MD_block_size(md)))	111	if (!EVP_DigestUpdate(&ctx->o_ctx, pad, EVP_MD_block_size(md)))
118	goto err;
119	}
120	if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->i_ctx))
121	goto err;	112	goto err;
		113	}
		114	if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->i_ctx))
		115	goto err;
122	return 1;	116	return 1;
123	err:	117	err:
124	return 0;	118	return 0;
125	}	119	}
126		120
127	int HMAC_Init(HMAC_CTX ctx, const void key, int len, const EVP_MD *md)	121	int
128	{	122	HMAC_Init(HMAC_CTX ctx, const void key, int len, const EVP_MD *md)
129	if(key && md)	123	{
		124	if (key && md)
130	HMAC_CTX_init(ctx);	125	HMAC_CTX_init(ctx);
131	return HMAC_Init_ex(ctx,key,len,md, NULL);	126	return HMAC_Init_ex(ctx,key,len,md, NULL);
132	}	127	}
133		128
134	int HMAC_Update(HMAC_CTX ctx, const unsigned char data, size_t len)	129	int
135	{	130	HMAC_Update(HMAC_CTX ctx, const unsigned char data, size_t len)
		131	{
136	return EVP_DigestUpdate(&ctx->md_ctx,data,len);	132	return EVP_DigestUpdate(&ctx->md_ctx,data,len);
137	}	133	}
138		134
139	int HMAC_Final(HMAC_CTX ctx, unsigned char md, unsigned int *len)	135	int
140	{	136	HMAC_Final(HMAC_CTX ctx, unsigned char md, unsigned int *len)
		137	{
141	unsigned int i;	138	unsigned int i;
142	unsigned char buf[EVP_MAX_MD_SIZE];	139	unsigned char buf[EVP_MAX_MD_SIZE];
143		140
144	if (!EVP_DigestFinal_ex(&ctx->md_ctx,buf,&i))	141	if (!EVP_DigestFinal_ex(&ctx->md_ctx, buf, &i))
145	goto err;	142	goto err;
146	if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->o_ctx))	143	if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->o_ctx))
147	goto err;	144	goto err;
148	if (!EVP_DigestUpdate(&ctx->md_ctx,buf,i))	145	if (!EVP_DigestUpdate(&ctx->md_ctx, buf, i))
149	goto err;	146	goto err;
150	if (!EVP_DigestFinal_ex(&ctx->md_ctx,md,len))	147	if (!EVP_DigestFinal_ex(&ctx->md_ctx, md, len))
151	goto err;	148	goto err;
152	return 1;	149	return 1;
153	err:	150	err:
154	return 0;	151	return 0;
155	}	152	}
156		153
157	void HMAC_CTX_init(HMAC_CTX *ctx)	154	void
158	{	155	HMAC_CTX_init(HMAC_CTX *ctx)
		156	{
159	EVP_MD_CTX_init(&ctx->i_ctx);	157	EVP_MD_CTX_init(&ctx->i_ctx);
160	EVP_MD_CTX_init(&ctx->o_ctx);	158	EVP_MD_CTX_init(&ctx->o_ctx);
161	EVP_MD_CTX_init(&ctx->md_ctx);	159	EVP_MD_CTX_init(&ctx->md_ctx);
162	}	160	}
163		161
164	int HMAC_CTX_copy(HMAC_CTX dctx, HMAC_CTX sctx)	162	int
165	{	163	HMAC_CTX_copy(HMAC_CTX dctx, HMAC_CTX sctx)
		164	{
166	if (!EVP_MD_CTX_copy(&dctx->i_ctx, &sctx->i_ctx))	165	if (!EVP_MD_CTX_copy(&dctx->i_ctx, &sctx->i_ctx))
167	goto err;	166	goto err;
168	if (!EVP_MD_CTX_copy(&dctx->o_ctx, &sctx->o_ctx))	167	if (!EVP_MD_CTX_copy(&dctx->o_ctx, &sctx->o_ctx))
@@ -173,42 +172,45 @@ int HMAC_CTX_copy(HMAC_CTX dctx, HMAC_CTX sctx)
173	dctx->key_length = sctx->key_length;	172	dctx->key_length = sctx->key_length;
174	dctx->md = sctx->md;	173	dctx->md = sctx->md;
175	return 1;	174	return 1;
176	err:	175	err:
177	return 0;	176	return 0;
178	}	177	}
179		178
180	void HMAC_CTX_cleanup(HMAC_CTX *ctx)	179	void
181	{	180	HMAC_CTX_cleanup(HMAC_CTX *ctx)
		181	{
182	EVP_MD_CTX_cleanup(&ctx->i_ctx);	182	EVP_MD_CTX_cleanup(&ctx->i_ctx);
183	EVP_MD_CTX_cleanup(&ctx->o_ctx);	183	EVP_MD_CTX_cleanup(&ctx->o_ctx);
184	EVP_MD_CTX_cleanup(&ctx->md_ctx);	184	EVP_MD_CTX_cleanup(&ctx->md_ctx);
185	memset(ctx,0,sizeof *ctx);	185	memset(ctx, 0, sizeof *ctx);
186	}	186	}
187		187
188	unsigned char HMAC(const EVP_MD evp_md, const void *key, int key_len,	188	unsigned char *
189	const unsigned char d, size_t n, unsigned char md,	189	HMAC(const EVP_MD evp_md, const void key, int key_len, const unsigned char *d,
190	unsigned int *md_len)	190	size_t n, unsigned char md, unsigned int md_len)
191	{	191	{
192	HMAC_CTX c;	192	HMAC_CTX c;
193	static unsigned char m[EVP_MAX_MD_SIZE];	193	static unsigned char m[EVP_MAX_MD_SIZE];
194		194
195	if (md == NULL) md=m;	195	if (md == NULL)
		196	md = m;
196	HMAC_CTX_init(&c);	197	HMAC_CTX_init(&c);
197	if (!HMAC_Init(&c,key,key_len,evp_md))	198	if (!HMAC_Init(&c, key, key_len, evp_md))
198	goto err;	199	goto err;
199	if (!HMAC_Update(&c,d,n))	200	if (!HMAC_Update(&c, d, n))
200	goto err;	201	goto err;
201	if (!HMAC_Final(&c,md,md_len))	202	if (!HMAC_Final(&c, md, md_len))
202	goto err;	203	goto err;
203	HMAC_CTX_cleanup(&c);	204	HMAC_CTX_cleanup(&c);
204	return md;	205	return md;
205	err:	206	err:
206	return NULL;	207	return NULL;
207	}	208	}
208		209
209	void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags)	210	void
210	{	211	HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags)
		212	{
211	EVP_MD_CTX_set_flags(&ctx->i_ctx, flags);	213	EVP_MD_CTX_set_flags(&ctx->i_ctx, flags);
212	EVP_MD_CTX_set_flags(&ctx->o_ctx, flags);	214	EVP_MD_CTX_set_flags(&ctx->o_ctx, flags);
213	EVP_MD_CTX_set_flags(&ctx->md_ctx, flags);	215	EVP_MD_CTX_set_flags(&ctx->md_ctx, flags);
214	}	216	}