2 * OPENSSL crypto backend implementation
4 * Copyright (C) 2010-2012, Red Hat, Inc. All rights reserved.
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * version 2 as published by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
19 * In addition, as a special exception, the copyright holders give
20 * permission to link the code of portions of this program with the
21 * OpenSSL library under certain conditions as described in each
22 * individual source file, and distribute linked combinations
25 * You must obey the GNU General Public License in all respects
26 * for all of the code used other than OpenSSL.
31 #include <openssl/evp.h>
32 #include <openssl/hmac.h>
33 #include "crypto_backend.h"
35 static int crypto_backend_initialised = 0;
39 const EVP_MD *hash_id;
45 const EVP_MD *hash_id;
49 int crypt_backend_init(struct crypt_device *ctx)
51 if (crypto_backend_initialised)
54 OpenSSL_add_all_digests();
56 crypto_backend_initialised = 1;
60 uint32_t crypt_backend_flags(void)
65 const char *crypt_backend_version(void)
67 return SSLeay_version(SSLEAY_VERSION);
71 int crypt_hash_size(const char *name)
73 const EVP_MD *hash_id = EVP_get_digestbyname(name);
78 return EVP_MD_size(hash_id);
81 int crypt_hash_init(struct crypt_hash **ctx, const char *name)
85 h = malloc(sizeof(*h));
89 h->hash_id = EVP_get_digestbyname(name);
95 if (EVP_DigestInit(&h->md, h->hash_id) != 1) {
100 h->hash_len = EVP_MD_size(h->hash_id);
105 static int crypt_hash_restart(struct crypt_hash *ctx)
107 if (EVP_DigestInit(&ctx->md, ctx->hash_id) != 1)
113 int crypt_hash_write(struct crypt_hash *ctx, const char *buffer, size_t length)
115 if (EVP_DigestUpdate(&ctx->md, buffer, length) != 1)
121 int crypt_hash_final(struct crypt_hash *ctx, char *buffer, size_t length)
123 unsigned char tmp[EVP_MAX_MD_SIZE];
124 unsigned int tmp_len = 0;
126 if (length > (size_t)ctx->hash_len)
129 if (EVP_DigestFinal_ex(&ctx->md, tmp, &tmp_len) != 1)
132 memcpy(buffer, tmp, length);
133 memset(tmp, 0, sizeof(tmp));
135 if (tmp_len < length)
138 if (crypt_hash_restart(ctx))
144 int crypt_hash_destroy(struct crypt_hash *ctx)
146 EVP_MD_CTX_cleanup(&ctx->md);
147 memset(ctx, 0, sizeof(*ctx));
153 int crypt_hmac_size(const char *name)
155 return crypt_hash_size(name);
158 int crypt_hmac_init(struct crypt_hmac **ctx, const char *name,
159 const void *buffer, size_t length)
161 struct crypt_hmac *h;
163 h = malloc(sizeof(*h));
167 h->hash_id = EVP_get_digestbyname(name);
173 HMAC_CTX_init(&h->md);
174 HMAC_Init_ex(&h->md, buffer, length, h->hash_id, NULL);
176 h->hash_len = EVP_MD_size(h->hash_id);
181 static void crypt_hmac_restart(struct crypt_hmac *ctx)
183 HMAC_Init_ex(&ctx->md, NULL, 0, ctx->hash_id, NULL);
186 int crypt_hmac_write(struct crypt_hmac *ctx, const char *buffer, size_t length)
188 HMAC_Update(&ctx->md, (const unsigned char *)buffer, length);
192 int crypt_hmac_final(struct crypt_hmac *ctx, char *buffer, size_t length)
194 unsigned char tmp[EVP_MAX_MD_SIZE];
195 unsigned int tmp_len = 0;
197 if (length > (size_t)ctx->hash_len)
200 HMAC_Final(&ctx->md, tmp, &tmp_len);
202 memcpy(buffer, tmp, length);
203 memset(tmp, 0, sizeof(tmp));
205 if (tmp_len < length)
208 crypt_hmac_restart(ctx);
213 int crypt_hmac_destroy(struct crypt_hmac *ctx)
215 HMAC_CTX_cleanup(&ctx->md);
216 memset(ctx, 0, sizeof(*ctx));
222 int crypt_backend_fips_rng(char *buffer, size_t length, int quality)