2 * OPENSSL crypto backend implementation
4 * Copyright (C) 2010-2011, Red Hat, Inc. All rights reserved.
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * version 2 as published by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
19 * In addition, as a special exception, the copyright holders give
20 * permission to link the code of portions of this program with the
21 * OpenSSL library under certain conditions as described in each
22 * individual source file, and distribute linked combinations
25 * You must obey the GNU General Public License in all respects
26 * for all of the code used other than OpenSSL.
31 #include <openssl/evp.h>
32 #include <openssl/hmac.h>
33 #include "crypto_backend.h"
35 static int crypto_backend_initialised = 0;
39 const EVP_MD *hash_id;
45 const EVP_MD *hash_id;
49 int crypt_backend_init(struct crypt_device *ctx)
51 if (crypto_backend_initialised)
54 OpenSSL_add_all_digests();
55 log_dbg("OpenSSL crypto backend initialized.");
57 crypto_backend_initialised = 1;
61 uint32_t crypt_backend_flags(void)
67 int crypt_hash_size(const char *name)
69 const EVP_MD *hash_id = EVP_get_digestbyname(name);
74 return EVP_MD_size(hash_id);
77 int crypt_hash_init(struct crypt_hash **ctx, const char *name)
81 h = malloc(sizeof(*h));
85 h->hash_id = EVP_get_digestbyname(name);
91 if (EVP_DigestInit(&h->md, h->hash_id) != 1) {
96 h->hash_len = EVP_MD_size(h->hash_id);
101 static int crypt_hash_restart(struct crypt_hash *ctx)
103 if (EVP_DigestInit(&ctx->md, ctx->hash_id) != 1)
109 int crypt_hash_write(struct crypt_hash *ctx, const char *buffer, size_t length)
111 if (EVP_DigestUpdate(&ctx->md, buffer, length) != 1)
117 int crypt_hash_final(struct crypt_hash *ctx, char *buffer, size_t length)
119 unsigned char tmp[EVP_MAX_MD_SIZE];
120 unsigned int tmp_len = 0;
122 if (length > (size_t)ctx->hash_len)
125 if (EVP_DigestFinal_ex(&ctx->md, tmp, &tmp_len) != 1)
128 memcpy(buffer, tmp, length);
129 memset(tmp, 0, sizeof(tmp));
131 if (tmp_len < length)
134 if (crypt_hash_restart(ctx))
140 int crypt_hash_destroy(struct crypt_hash *ctx)
142 EVP_MD_CTX_cleanup(&ctx->md);
143 memset(ctx, 0, sizeof(*ctx));
149 int crypt_hmac_size(const char *name)
151 return crypt_hash_size(name);
154 int crypt_hmac_init(struct crypt_hmac **ctx, const char *name,
155 const void *buffer, size_t length)
157 struct crypt_hmac *h;
159 h = malloc(sizeof(*h));
163 h->hash_id = EVP_get_digestbyname(name);
169 HMAC_CTX_init(&h->md);
170 HMAC_Init_ex(&h->md, buffer, length, h->hash_id, NULL);
172 h->hash_len = EVP_MD_size(h->hash_id);
177 static void crypt_hmac_restart(struct crypt_hmac *ctx)
179 HMAC_Init_ex(&ctx->md, NULL, 0, ctx->hash_id, NULL);
182 int crypt_hmac_write(struct crypt_hmac *ctx, const char *buffer, size_t length)
184 HMAC_Update(&ctx->md, (const unsigned char *)buffer, length);
188 int crypt_hmac_final(struct crypt_hmac *ctx, char *buffer, size_t length)
190 unsigned char tmp[EVP_MAX_MD_SIZE];
191 unsigned int tmp_len = 0;
193 if (length > (size_t)ctx->hash_len)
196 HMAC_Final(&ctx->md, tmp, &tmp_len);
198 memcpy(buffer, tmp, length);
199 memset(tmp, 0, sizeof(tmp));
201 if (tmp_len < length)
204 crypt_hmac_restart(ctx);
209 int crypt_hmac_destroy(struct crypt_hmac *ctx)
211 HMAC_CTX_cleanup(&ctx->md);
212 memset(ctx, 0, sizeof(*ctx));